| Issue 203803: | flimflam races with iptables startup | |
| 5 people starred this issue and may be notified of changes. | Back to list |
Sign in to add a comment
|
iptables and flimflam start up roughly the same time. iptables starts by turning off OUTPUT rules which, when the time is right, causes DNS in the portal check to fail with udp send() returning EPERM.
Mar 16, 2013
#1
bugdroid1@chromium.org
Blocking:
chromium-os:20840 chromium-os:20841
Sep 22, 2011
Related: crosbug.com/20323
Sep 22, 2011
(No comment was entered for this change.)
Labels:
Iteration-38
Sep 22, 2011
I don't know that this is related to 20323. We disable flimflam's captive portal check during tests.
Sep 22, 2011
It could be related if: a) this issue happened right after boot b) If the problem behavior was that Chrome got a DNS error right after boot Thoughts?
Sep 22, 2011
Aha, b) might explains 20323. If chrome hit such a DNS error, it would show a friendly error message UI instead of Gaia login and stuck there. Right now, we don't auto retry on such error and make automation timeout.
Sep 23, 2011
(No comment was entered for this change.)
Labels:
iteration-39
Sep 26, 2011
Commit: 5d68e0f78a184b2890202880ea4289cda41b1c01 Email: pstew@chromium.org init: Start flimflam after iptables Also start iptables earlier. flimflam raced with iptables which caused intermittent failure of portal checks and sometimes Chrome's online checks. Looks like there aren't any losers here, given the perf results below. Modify openssh-server to explicitly set it after starting-failsafe since it apparently did so implicitly through iptables before. BUG=chromium-os:20726 TEST=Manual: Ensured athat a system exhibiting this problem reliably: a) Failed due to DNS socket send() failing with -EPERM b) Succeeded if iptables default OUTPUT rule reject was removed c) Succeeded if flimflam was set to start after iptables. Bootperf tests with this CL yield: Without change: (on 20 cycles): time s% dt s% event 2446 13% +2446 13% startup 2735 11% +289 8% startup_done 5535 6% +2800 11% x_started 5630 6% +95 12% chrome_exec 5723 6% +93 13% chrome_main 7127 5% +1404 3% login 7582 52% +455 895% network With change: (on 20 cycles): time s% dt s% event 2303 7% +2303 7% startup 2592 7% +289 7% startup_done 5493 6% +2901 10% x_started 5591 6% +98 12% chrome_exec 5680 6% +89 11% chrome_main 7083 41% +1403 213% network 7100 5% +17 17707% login Change-Id: I8b350bf90d93e2ee164f9edad30fe578649027e8 Reviewed-on: http://gerrit.chromium.org/gerrit/8185 Tested-by: Paul Stewart <pstew@chromium.org> Reviewed-by: Richard Barnette <jrbarnette@chromium.org> Reviewed-by: Scott James Remnant <keybuk@chromium.org> M flimflam.conf M ip6tables.conf M iptables.conf M openssh-server.conf
Sep 26, 2011
Issue 18918 has been merged into this issue.
Cc:
stanl...@chromium.org zelidrag@chromium.org pstew@chromium.org vpala...@chromium.org
Sep 26, 2011
(No comment was entered for this change.)
Blocking:
20840
Sep 26, 2011
(No comment was entered for this change.)
Blocking:
20841
Sep 26, 2011
(No comment was entered for this change.)
Labels:
Mstone-R15 Merge-Requested
Sep 28, 2011
Verified on: Google Chrome 16.0.893.0 (Official Build 102888) Platform 1096.0 (Official Build) dev-channel x86- WebKit 535.5 (@96010) JavaScript V8 3.6.4 Not able to repro the issue. Used repro steps of the issue 18918 . Ethernet state remains online and does not change to Portal. As per Paul R16 Tot contains the changes so marking it as verified for R16
Status:
Verified
Sep 29, 2011
(No comment was entered for this change.)
Owner:
jglasgow@chromium.org
Sep 29, 2011
(No comment was entered for this change.)
Owner:
pstew@chromium.org
Oct 28, 2011
merge approved
Oct 31, 2011
Commit: eec5eae14f04a7d3cdac4ee3e1b2fd1de313a689 Email: pstew@chromium.org init: Start flimflam after iptables Also start iptables earlier. flimflam raced with iptables which caused intermittent failure of portal checks and sometimes Chrome's online checks. Looks like there aren't any losers here, given the perf results below. Modify openssh-server to explicitly set it after starting-failsafe since it apparently did so implicitly through iptables before. BUG=chromium-os:20726 TEST=Manual: Ensured athat a system exhibiting this problem reliably: a) Failed due to DNS socket send() failing with -EPERM b) Succeeded if iptables default OUTPUT rule reject was removed c) Succeeded if flimflam was set to start after iptables. Bootperf tests with this CL yield: Without change: (on 20 cycles): time s% dt s% event 2446 13% +2446 13% startup 2735 11% +289 8% startup_done 5535 6% +2800 11% x_started 5630 6% +95 12% chrome_exec 5723 6% +93 13% chrome_main 7127 5% +1404 3% login 7582 52% +455 895% network With change: (on 20 cycles): time s% dt s% event 2303 7% +2303 7% startup 2592 7% +289 7% startup_done 5493 6% +2901 10% x_started 5591 6% +98 12% chrome_exec 5680 6% +89 11% chrome_main 7083 41% +1403 213% network 7100 5% +17 17707% login Change-Id: I49054561ad8acdc3c1c8c65fcc4b6853f1a33cad Reviewed-on: https://gerrit.chromium.org/gerrit/10872 Reviewed-by: Richard Barnette <jrbarnette@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> M flimflam.conf M ip6tables.conf M iptables.conf M openssh-server.conf
Nov 8, 2011
(No comment was entered for this change.)
Labels:
FixedIn-1094.0.0 FixedIn-1011.117.0
Nov 16, 2011
(No comment was entered for this change.)
Labels:
-Merge-Requested Merge-Merged MergedIn-1011
Jan 20, 2012
(No comment was entered for this change.)
Labels:
FixedInIndex-25 FixedInIndex-3f3_8
Mar 6, 2013
(No comment was entered for this change.)
Labels:
OS-Chrome
Blocking: -chromium-os:20840 -chromium-os:20841 chromium-os:20840 chromium-os:20841
Mar 9, 2013
(No comment was entered for this change.)
Labels:
-Area-Network -Mstone-R15 Cr-OS-Systems-Network M-15
|
||||||||||||
| ► Sign in to add a comment | |||||||||||||