[Swan] No buffer space available
Paul Wouters
paul at nohats.ca
Sat Jan 26 03:08:22 UTC 2019
On Fri, 25 Jan 2019, Alan Szlosek wrote:
> We're using Libreswan 3.25 (netkey) on Linux 4.15.0-1020-aws and are seeing the following error pop up in our pluto logs from time to time, sometimes several per hour.
>
> ERROR: recvfrom() failed in netlink_get. Errno 105: No buffer space available
That looks like the kernel ran out of memory perhaps?
> Our CPU usage has stayed below 40%, and memory usage has stayed below 50%.
But you say that's not the case. hmm. odd.
> Is there some value we can tune with sysctl that will affect the buffer associated with these netlink sockets?
You can try something like:
# /etc/sysctl.d/pwouters-highspeed.conf
# increase TCP max buffer size setable using setsockopt()
net.core.rmem_max = 536870912
net.core.wmem_max = 536870912
# increase Linux autotuning TCP buffer limit
net.ipv4.tcp_rmem = 16384 349520 16777216
net.ipv4.tcp_wmem = 16384 349520 16777216
# recommended to increase this for CentOS6 with 10G NICS or higher
net.core.netdev_max_backlog = 250000
# don't cache ssthresh from previous connection
net.ipv4.tcp_no_metrics_save = 1
# If you are using Jumbo Frames, also set this
net.ipv4.tcp_mtu_probing = 1
# recommended for CentOS7/Debian8 hosts
net.core.default_qdisc = fq
> What else should we be considering?
You can try git master or apply this patch which should at least give us
the proper failure code from recvfrom():
https://github.com/libreswan/libreswan/commit/9482cbfd03bee42aa8ad4f0b7a2c3f84d02cf550
Paul
More information about the Swan
mailing list