userland calling deprecated sysctl, please rebuild world

johnpoz

I'm on 21.05.1 and not seeing that available

[21.05.1-RELEASE][admin@sg4860.local.lan]/root: sysctl net.inet.tcp.cc.available
net.inet.tcp.cc.available: newreno
[21.05.1-RELEASE][admin@sg4860.local.lan]/root: 

stephenw10

Yup because in order to see that as an option you have to load the module:

[2.5.2-RELEASE][admin@252dev.stevew.lan]/root: kldload cc_htcp
[2.5.2-RELEASE][admin@252dev.stevew.lan]/root: sysctl net.inet.tcp.cc.available
net.inet.tcp.cc.available: newreno, htcp

It's not loaded by default because it's pointless for the vast majority of users.

So OP is loading it via some custom loader variable which begs; what else is being loaded?

Whatever it is it's probably generating that error. Which we've yet to see in context.

Steve

itfsupport

@stephenw10 said in userland calling deprecated sysctl, please rebuild world:

There's no error shown in that log.

You are loading additional modules if you see htcp available. What else are you loading?

Do you have a /boot/loader.conf.local? What's in it?

Steve

[2.5.2-RELEASE][root@vrouter-dc.itf.local]/root: sudo cat /boot/loader.conf.local
aesni_load="YES"
aio_load="YES"
hw.vga.textmode=0
kern.maxproc=100000
kern.panic_reboot_wait_time=30
kern.racct.enable=1
# mem settings
kern.dfldsiz=1099511627776
kern.dflssiz=1099511627776
kern.ipc.maxmbufmem=2034446336
kern.ipc.msgmnb=65536
kern.ipc.msgmni=32000
kern.ipc.semmni=2048
kern.ipc.semmns=32768
kern.ipc.semmnu=32768
kern.ipc.semmsl=256
kern.ipc.semopm=500
kern.ipc.shmmni=2048
kern.ipc.shmseg=2048
kern.maxdsiz=1099511627776
kern.maxssiz=1099511627776
vfs.maxbcachebuf=131072
# net settings
cc_htcp_load="YES"
hw.em.rx_abs_int_delay=1000
hw.em.rx_int_delay=100
hw.em.rxd=4096
hw.em.tx_abs_int_delay=1000
hw.em.tx_int_delay=100
hw.em.txd=4096
net.graph.maxdata=65536
net.graph.maxalloc=65536
net.inet.tcp.hostcache.bucketlimit=100
net.inet.tcp.hostcache.cachelimit=65536
net.inet.tcp.hostcache.hashsize=4096
net.inet.tcp.syncache.bucketlimit=100
net.inet.tcp.syncache.cachelimit=65536
net.inet.tcp.syncache.hashsize=1024
net.inet.tcp.tcbhashsize=65536
net.isr.bindthreads=1
net.isr.defaultqlimit=4096
net.isr.maxthreads=-1
net.link.ifqmaxlen=2048
[2.5.2-RELEASE][root@vrouter-dc.itf.local]/root:

stephenw10

Ok.

Why are you loading those things?

One of those is causing your error.

Steve

itfsupport

@stephenw10
Good day!
What specific parameter from the boot/loader.conf.local confuses you?

itfsupport

@stephenw10 said in userland calling deprecated sysctl, please rebuild world:

Yup because in order to see that as an option you have to load the module:

[2.5.2-RELEASE][admin@252dev.stevew.lan]/root: kldload cc_htcp
[2.5.2-RELEASE][admin@252dev.stevew.lan]/root: sysctl net.inet.tcp.cc.available
net.inet.tcp.cc.available: newreno, htcp

It's not loaded by default because it's pointless for the vast majority of users.

So OP is loading it via some custom loader variable which begs; what else us bring loaded?

Whatever it is it's probably generating that error. Which we've yet to see in context.

Steve

This information on tuning FreeBSD hosts connected at speeds of 1Gbps or higher.
FreeBSD supports TCP autotuning and advanced congestion control algorithms in all currently-supported releases. You can check which are available in the running kernel using:

sysctl net.inet.tcp.cc.available
To make additional algorithms available in the kernel, the appropriate module must be loaded. The congestion control modules are in /boot/kernel and begin with cc_ - they can be listed with the following command:

ls /boot/kernel/cc_* | grep -v symbols
To load a particular congestion control algorithm (for example htcp) you can use:

kldload cc_htcp
and you will then be able to set the congestion control algorithm using this:

sysctl net.inet.tcp.cc.algorithm=htcp

Enabling congestion control algorithms at boot time

Depending how your kernel is built, you may not have the algorithm you want available by default at boot time, and will need to load the driver during the boot process. To to this add the following to /boot/loader.conf:

cc_htcp_load="YES"
The htcp algorithm will then be loaded at boot time, and will be enabled when sysctl.conf is processed at boot time and the net.inet.tcp.cc.algorithm=htcp variable is set.

stephenw10

Right but a firewall/router is not a host. Almost all traffic passes through it and those TCP tunables apply to traffic terminated on the system.

Why have you added them? Were you seeing a problem? Did it help?

One of those is causing the error you are seeing. So if you want to not see it you need to stop applying that tunable.

Steve

provels

"Userland calling deprecated sysctl, please rebuild world"

~ An anthem for Modern Man

itfsupport

@stephenw10
Hello!
Now i delete all settings from boot/loader.conf.local
and i still have this error

itfsupport

Now i reset boot.loader.conf.local and syscl.conf to default and i have error

userland calling deprecated sysctl, please rebuild world

stephenw10

You still have not shown us the log containing this error for context so we can only guess what is calling it. You must have something custom on that box.
To confirm you have removed the custom sysctls from Sys > Adv > System tunables?
sysctl.conf will just get rebuilt at boot.

Steve

itfsupport

@stephenw10
sysctl.conf recovered after reboot
only this settings
kern.ipc.shmall=2097152
kern.ipc.shmmax=2147483648
kern.ipc.semmsl=250

itfsupport

@stephenw10
I don't really understand how to show you an error
There is a journal entry

Sep 26 23:17:21 pfSenseIllanM syslogd: kernel boot file is /boot/kernel/kernel
Sep 26 23:17:22 pfSenseIllanM nginx: 2021/09/26 23:17:22 [error] 71259#100112: send() failed (54: Connection reset by peer)
Sep 26 23:17:45 pfSenseIllanM kernel: userland calling deprecated sysctl, please rebuild world
Sep 26 23:17:45 pfSenseIllanM kernel: userland calling deprecated sysctl, please rebuild world
Sep 26 23:18:48 pfSenseIllanM kernel: userland calling deprecated sysctl, please rebuild world
Sep 26 23:18:48 pfSenseIllanM kernel: userland calling deprecated sysctl, please rebuild world
Sep 26 23:19:50 pfSenseIllanM kernel: userland calling deprecated sysctl, please rebuild world
Sep 26 23:19:50 pfSenseIllanM kernel: userland calling deprecated sysctl, please rebuild world

stephenw10

Ok, so it occurs multiple times and not just at boot? Some minutes apart?

Does it log that continually?

That's not a sysctl that is applied at boot then. You have something else on that system actively setting something that's no longer valid. Do you have something else running there? Some other custom script or manually added package?

Steve

itfsupport

@stephenw10 said in userland calling deprecated sysctl, please rebuild world:

Ok, so it occurs multiple times and not just at boot? Some minutes apart?

Does it log that continually?

That's not a sysctl that is applied at boot then. You have something else on that system actively setting something that's no longer valid. Do you have something else running there? Some other custom script or manually added package?

Steve

Good day!
After a long search for the error found the following.
The problem appears when enable an additional parameter in the Zabbix agent settings

EnableRemoteCommands=1

stephenw10

Nice find.