From owner-freebsd-net@FreeBSD.ORG Sun May 30 01:42:38 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E3BE216A4CE for ; Sun, 30 May 2004 01:42:38 -0700 (PDT) Received: from ns2.alphaque.com (ns2.alphaque.com [202.75.47.153]) by mx1.FreeBSD.org (Postfix) with SMTP id 6C02343D5D for ; Sun, 30 May 2004 01:42:37 -0700 (PDT) (envelope-from dinesh@alphaque.com) Received: (qmail 6233 invoked by uid 0); 30 May 2004 08:42:33 -0000 Received: from lucifer.net-gw.com (HELO prophet.alphaque.com) (202.75.47.153) by lucifer.net-gw.com with SMTP; 30 May 2004 08:42:33 -0000 Received: from localhost (localhost.alphaque.com [127.0.0.1]) by prophet.alphaque.com (8.12.10/8.12.9) with ESMTP id i4U8g7A0070152 for ; Sun, 30 May 2004 16:42:07 +0800 (MYT) (envelope-from dinesh@alphaque.com) Date: Sun, 30 May 2004 16:42:07 +0800 (MYT) From: Dinesh Nair To: freebsd-net@freebsd.org Message-ID: <20040530163954.G66030-100000@prophet.alphaque.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: PR kern/61300 and PR docs/61301 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2004 08:42:39 -0000 folks, sometime back i submitted the PRs above with patches to the aue(4) driver to support homePNA functionality. is this being taken into the 4-STABLE codebase, as the state is still marked open on them ? Regards, /\_/\ "All dogs go to heaven." dinesh@alphaque.com (0 0) http://www.alphaque.com/ +==========================----oOO--(_)--OOo----==========================+ | for a in past present future; do | | for b in clients employers associates relatives neighbours pets; do | | echo "The opinions here in no way reflect the opinions of my $a $b." | | done; done | +=========================================================================+ From owner-freebsd-net@FreeBSD.ORG Sun May 30 03:07:45 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A91216A4CE for ; Sun, 30 May 2004 03:07:45 -0700 (PDT) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9651F43D1F for ; Sun, 30 May 2004 03:07:43 -0700 (PDT) (envelope-from glebius@cell.sick.ru) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.9/8.12.8) with ESMTP id i4UA7dvw058693 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 30 May 2004 14:07:40 +0400 (MSD) (envelope-from glebius@cell.sick.ru) Received: (from glebius@localhost) by cell.sick.ru (8.12.9/8.12.6/Submit) id i4UA7dU9058692 for freebsd-net@freebsd.org; Sun, 30 May 2004 14:07:39 +0400 (MSD) Date: Sun, 30 May 2004 14:07:39 +0400 From: Gleb Smirnoff To: freebsd-net@freebsd.org Message-ID: <20040530100739.GA58477@cell.sick.ru> Mail-Followup-To: Gleb Smirnoff , freebsd-net@freebsd.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="C7zPtVaVf+AK4Oqc" Content-Disposition: inline User-Agent: Mutt/1.5.6i Subject: incorrect connect() behavior X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2004 10:07:45 -0000 --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Dear networkers, there is a problem in connect() syscall, which can be reproduced on a box running without default route. According to POSIX, connect() must return if ENETUNREACH, if a route to destination was not found. http://www.opengroup.org/onlinepubs/000095399/functions/connect.html In case of SOCK_STREAM it works this way. But in case of SOCK_DGRAM connect() does not return error. And it picks up first available local IP address for local side of socket. In some cases this address may appear to be 127.0.0.1. Later, when a route to destination shows up, datagrams will fail to send, since 127.0.0.1 can not appear on wire. Affected installations are: - BGP routers without default route - localnet routers running some IGP Affected applications are: - ntpd. ntpd starts before routing daemon have established all adjacencies, connect() binds to 127.0.0.1. Later when routing show up, ntpd fails to send dgrams to server. - net-snmpd. It is difficult to reproduce, but after some route flapping snmpd hangs, and does not respond to requests. This can be workarounded with a static route to source of queries. - ng_ksocket. If node is of type inet/dgram/udp and a connect message is sent to it, it does not return an error. Later it fails to send packets with EPERM. Here is attached a test case for this problem no-route-test.c. To test, one needs to delete default route, compile no-route-test and run it. If connect() picks up non-localhost address, then you are lucky :), some of your interfaces was ifconfiged before lo0. To reproduce problem with 100 % guarantee, one needs to have lo0 first one in list ${network_interfaces} var in /etc/rc.conf. Then you should add default route, and look into what is typed by no-route-test, which was started before this route was added. I have written two patches to deal with this problem. The first one clings to POSIX behavior - it returns ENETUNREACH. I have tested ntpd with it - it works well. But there is no guarantee that anything else would be broken. The second patch is a POLA-patch, it makes connect() to take first non-localhost address for local side of socket. Code was obtained directly from NetBSD. This patch is considered not to break anything. Both patches are attached. I'd be happy if one of commiters fixes this problem. I'm really tired of routers with lost time synchronisation. Thanks in advance. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=koi8-r Content-Disposition: attachment; filename="no-route-test.c" #include #include #include #include #define SOMEHOST "10.0.0.1" #define MSG "test" int main() { int s, rtn; struct sockaddr_in saddr; int saddrlen = sizeof(saddr); saddr.sin_family = AF_INET; saddr.sin_addr.s_addr = inet_addr(SOMEHOST); saddr.sin_port = htons(2000); s = socket(AF_INET, SOCK_DGRAM, 0); if (s < 0) { printf("Error from socket()\n"); return -1; } rtn = connect(s, (struct sockaddr *)&saddr, sizeof(saddr)); if (rtn < 0) { printf("Error from connect(): %s\n", strerror(errno)); return -1; } rtn = getsockname(s, (struct sockaddr *)&saddr, &saddrlen); if (rtn < 0) { printf("Error from getsockname(): %s\n", strerror(errno)); return -1; } printf("Addr is %s\n", inet_ntoa(saddr.sin_addr)); for (;;) { rtn = send(s, (void *)MSG, strlen(MSG), 0); if (rtn != strlen(MSG)) printf("Error from send(): %s\n", strerror(errno)); sleep(1); } close(s); } --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=koi8-r Content-Disposition: attachment; filename="in_pcb.c.connect.POLA.diff" Index: in_pcb.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v retrieving revision 1.147 diff -u -r1.147 in_pcb.c --- in_pcb.c 20 May 2004 06:35:02 -0000 1.147 +++ in_pcb.c 29 May 2004 21:58:55 -0000 @@ -611,8 +611,13 @@ ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sa))); if (ia == 0) ia = ifatoia(ifa_ifwithnet(sintosa(&sa))); - if (ia == 0) - ia = TAILQ_FIRST(&in_ifaddrhead); + if (ia == 0) { + /* Find 1st non-loopback AF_INET address */ + TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) { + if (!(ia->ia_ifp->if_flags & IFF_LOOPBACK)) + break; + } + } if (ia == 0) return (EADDRNOTAVAIL); } --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=koi8-r Content-Disposition: attachment; filename="in_pcb.c.connect.POSIX.diff" Index: in_pcb.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v retrieving revision 1.147 diff -u -r1.147 in_pcb.c --- in_pcb.c 20 May 2004 06:35:02 -0000 1.147 +++ in_pcb.c 29 May 2004 21:12:40 -0000 @@ -612,9 +612,7 @@ if (ia == 0) ia = ifatoia(ifa_ifwithnet(sintosa(&sa))); if (ia == 0) - ia = TAILQ_FIRST(&in_ifaddrhead); - if (ia == 0) - return (EADDRNOTAVAIL); + return (ENETUNREACH); } /* * If the destination address is multicast and an outgoing --C7zPtVaVf+AK4Oqc-- From owner-freebsd-net@FreeBSD.ORG Sun May 30 10:46:30 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 78BE716A4CF for ; Sun, 30 May 2004 10:46:30 -0700 (PDT) Received: from mta4.rcsntx.swbell.net (mta4.rcsntx.swbell.net [151.164.30.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 044E743D31 for ; Sun, 30 May 2004 10:46:30 -0700 (PDT) (envelope-from mbsd@pacbell.net) Received: from sotec.home (adsl-64-166-23-201.dsl.snfc21.pacbell.net [64.166.23.201])i4UHkSwt018374; Sun, 30 May 2004 12:46:29 -0500 (CDT) Date: Sun, 30 May 2004 10:46:28 -0700 (PDT) From: =?ISO-8859-1?Q?Mikko_Ty=F6l=E4j=E4rvi?= X-X-Sender: mikko@sotec.home To: Thong Tran In-Reply-To: <20040528195736.916.qmail@web80601.mail.yahoo.com> Message-ID: <20040530104316.U56189@sotec.home> References: <20040528195736.916.qmail@web80601.mail.yahoo.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: net@freebsd.org Subject: Re: How do I configure ProFTPd to support resuming broken downloads. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2004 17:46:30 -0000 On Fri, 28 May 2004, Thong Tran wrote: > I found the post on the link below > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=45017+0+archive/2002/freebsd-net/20020106.freebsd-net > > I have the same problem running Linux Fedora core 1 > with proftpd, I can upload/download overwrite, but > cannot resume. I can't find any document to configure > it to resume. Can you help. Have you tried reading the documentation? $.02, /Mikko From owner-freebsd-net@FreeBSD.ORG Mon May 31 11:02:11 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 93EFB16A4CE for ; Mon, 31 May 2004 11:02:11 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E70B43D49 for ; Mon, 31 May 2004 11:02:11 -0700 (PDT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.11/8.12.11) with ESMTP id i4VI1l2i022715 for ; Mon, 31 May 2004 11:01:47 -0700 (PDT) (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i4VI1kuF022709 for freebsd-net@freebsd.org; Mon, 31 May 2004 11:01:46 -0700 (PDT) (envelope-from owner-bugmaster@freebsd.org) Date: Mon, 31 May 2004 11:01:46 -0700 (PDT) Message-Id: <200405311801.i4VI1kuF022709@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Subject: Current problem reports assigned to you X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 May 2004 18:02:11 -0000 Current FreeBSD problem reports Critical problems Serious problems Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2003/07/11] kern/54383 net NFS root configurations without dynamic p 1 problem total. From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 02:47:33 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF36516A4D0 for ; Tue, 1 Jun 2004 02:47:33 -0700 (PDT) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACD3543D54 for ; Tue, 1 Jun 2004 02:47:31 -0700 (PDT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by smtp.atlantis.dp.ua (8.12.6p2/8.12.6) with ESMTP id i519lEAb083851 for ; Tue, 1 Jun 2004 12:47:14 +0300 (EEST) (envelope-from dmitry@atlantis.dp.ua) Date: Tue, 1 Jun 2004 12:47:14 +0300 (EEST) From: Dmitry Pryanishnikov To: freebsd-net@freebsd.org Message-ID: <20040601120238.B44353@atlantis.atlantis.dp.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 09:47:33 -0000 Hello! I've tried to install 4.10-RELEASE via FTP several times, but every time (earlier or later) FTP transfers were aborted with code "425 Failed to establish connection.", and FTP site selection menu popped up again. My FTP server is vsftpd-1.2.2 server built from fresh ports on 4.7-RELEASE system. First rule of firewall allows all traffic to and from my test machine on which I'm trying to install 4.10-RELEASE. Finally I have found what happens. Sometimes FTP client opens the same port for data which was used several seconds ago, and passes it to the server via PORT command. On client's side, this port is already free, but on server side it's steel in TIME_WAIT state. So server tries to open connection server.20 -> client.PORT and apparently gets an error indication from kernel because address is still in use. The main question is: how to prevent this situation? Of course, as a workaround I can set net.inet.ip.portrange.randomized to zero, but what's the real solution? Is it FTP-client or FTP-server that should take care of the previous DATA port usage? Or even network stack behaviour should be further modified to avoid this collision? Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 02:57:00 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A3E0616A4CE; Tue, 1 Jun 2004 02:57:00 -0700 (PDT) Received: from webmail.tiscali.de (relay1.tiscali.de [62.26.116.129]) by mx1.FreeBSD.org (Postfix) with ESMTP id C918843D55; Tue, 1 Jun 2004 02:56:59 -0700 (PDT) (envelope-from walter@pelissero.de) Received: from daemon.home.loc (62.246.18.199) by webmail.tiscali.de (6.7.019) id 40A27046007959F9; Tue, 1 Jun 2004 11:56:59 +0200 Received: from hyde.home.loc (hyde.home.loc [10.0.0.2]) by daemon.home.loc (8.12.11/8.12.8) with ESMTP id i519uk0l000516; Tue, 1 Jun 2004 11:56:46 +0200 (CEST) (envelope-from wcp@hyde.home.loc) Received: from hyde.home.loc (localhost [127.0.0.1]) by hyde.home.loc (8.12.10/8.12.8) with ESMTP id i519vGqJ008972; Tue, 1 Jun 2004 11:57:16 +0200 (CEST) (envelope-from wcp@hyde.home.loc) Received: (from wcp@localhost) by hyde.home.loc (8.12.10/8.12.6/Submit) id i519vFDY008969; Tue, 1 Jun 2004 11:57:16 +0200 (CEST) (envelope-from wcp) From: "Walter C. Pelissero" MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16572.21243.909609.168847@hyde.home.loc> Date: Tue, 1 Jun 2004 11:57:15 +0200 To: freebsd-net@freebsd.org, freebsd-questions@freebsd.org In-Reply-To: <20040514141833.13116eef@daemon.cmotd.com> References: <16548.42814.515842.247302@hyde.home.loc> <20040514130804.H66551@gwdu60.gwdg.de> <20040514141833.13116eef@daemon.cmotd.com> X-Mailer: VM 7.16 under Emacs 21.3.50.1 X-Attribution: WP X-For-Spammers: blacklistme@pelissero.de Subject: Re: Dlink DSL router doesn't like FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: walter@pelissero.de List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 09:57:00 -0000 Just to update you on the D-Link 504T problem. After some weeks and a relocation I've been able to dig further in it and come to the conclusion that the 504T (mind the 'T') is buggy. Both the D-Link European help desk and the following page confirmed what I suspected: http://www.broadbandreports.com/forum/remark,10278563~mode=flat So, unless D-Link comes out with a new firmware you'd better steer clear from this DSL router. I'll return mine as soon as possible. Cheers, -- walter pelissero http://www.pelissero.de From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 07:10:48 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6EF1016A4CF for ; Tue, 1 Jun 2004 07:10:48 -0700 (PDT) Received: from mail-in-02.arcor-online.net (mail-in-02.arcor-online.net [151.189.21.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E0B043D55 for ; Tue, 1 Jun 2004 07:10:47 -0700 (PDT) (envelope-from mailnull@mips.inka.de) Received: from kemoauc.mips.inka.de (dsl-082-082-076-125.arcor-ip.net [82.82.76.125]) by mail-in-02.arcor-online.net (Postfix) with ESMTP id 78BABBB8AEE for ; Tue, 1 Jun 2004 16:10:46 +0200 (CEST) Received: from kemoauc.mips.inka.de (localhost [127.0.0.1]) by kemoauc.mips.inka.de (8.12.11/8.12.10) with ESMTP id i51EAjZh013212 for ; Tue, 1 Jun 2004 16:10:45 +0200 (CEST) (envelope-from mailnull@kemoauc.mips.inka.de) Received: (from mailnull@localhost) by kemoauc.mips.inka.de (8.12.11/8.12.11/Submit) id i51EAjh6013211 for freebsd-net@freebsd.org; Tue, 1 Jun 2004 16:10:45 +0200 (CEST) (envelope-from mailnull) From: naddy@mips.inka.de (Christian Weisgerber) Date: Tue, 1 Jun 2004 14:10:44 +0000 (UTC) Message-ID: Originator: naddy@mips.inka.de (Christian Weisgerber) To: freebsd-net@freebsd.org Subject: udav(4) vs. multicast X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 14:10:48 -0000 Anybody here who uses a udav(4) device and can check that the multicast filter works properly? On NetBSD, were the driver was ported from, the multicast hash filter is programmed with a little-endian ethernet CRC. On FreeBSD, with a big-endian one. Which is it? (Cc'ed to the original submitter of the driver.) -- Christian "naddy" Weisgerber naddy@mips.inka.de From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 08:33:25 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 603EE16A4CE for ; Tue, 1 Jun 2004 08:33:25 -0700 (PDT) Received: from nabechan.org (ns3.nabechan.org [219.166.183.91]) by mx1.FreeBSD.org (Postfix) with ESMTP id 072BA43D54 for ; Tue, 1 Jun 2004 08:33:25 -0700 (PDT) (envelope-from nabe@nabechan.org) Received: from localhost (localhost [IPv6:::1]) by nabechan.org (8.12.10/8.12.10) with ESMTP id i51FXMVB009010; Wed, 2 Jun 2004 00:33:22 +0900 (JST) (envelope-from nabe@nabechan.org) Date: Wed, 02 Jun 2004 00:33:22 +0900 Message-ID: <87d64j8f99.wl@nabechan.org> From: Shingo WATANABE / =?ISO-2022-JP?B?GyRCRU9KVRsoQiAbJEI/LThjGyhC?= To: naddy@mips.inka.de In-Reply-To: References: User-Agent: Wanderlust/2.11.24 (Wonderwall) XEmacs/21.4 (Security Through Obscurity) Organization: nabechan.org X-Callsign: JG8OOM/1 X-OS: NetBSD 2.0E X-ICQ-UIN: 30482441 X-Weather: =?ISO-2022-JP?B?GyRCOiNGfCROQFA8bTZ1Q044ZTtWQ09KfSRPRl44ZUAyGyhC?= =?ISO-2022-JP?B?GyRCJEckORsoQg==?= MIME-Version: 1.0 (generated by WEMIKO 1.14.1 - =?ISO-2022-JP?B?Ig==?= =?ISO-2022-JP?B?GyRCNl9KXExTQ24bKEIi?=) Content-Type: text/plain; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: udav(4) vs. multicast X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 15:33:25 -0000 Hello, I'm original author of udav(4) on NetBSD. At Tue, 1 Jun 2004 14:10:44 +0000 (UTC), naddy@mips.inka.de (Christian Weisgerber) wrote: > > Anybody here who uses a udav(4) device and can check that the multicast > filter works properly? > > On NetBSD, were the driver was ported from, the multicast hash > filter is programmed with a little-endian ethernet CRC. On FreeBSD, > with a big-endian one. Which is it? I know the udav(4) was ported to FreeBSD, but I don't know why programming with big-endian CRC on FreeBSD. When I wrote this driver on NetBSD, it worked well with little-endian CRC. --- Shingo WATANABE From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 10:05:40 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 73F8016A4CF for ; Tue, 1 Jun 2004 10:05:40 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id DE94E43D46 for ; Tue, 1 Jun 2004 10:05:39 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 79811 invoked from network); 1 Jun 2004 17:05:38 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 1 Jun 2004 17:05:38 -0000 X-pair-Authenticated: 209.68.2.70 Date: Tue, 1 Jun 2004 12:05:35 -0500 (CDT) From: Mike Silbersack To: Dmitry Pryanishnikov In-Reply-To: <20040601120238.B44353@atlantis.atlantis.dp.ua> Message-ID: <20040601120412.B63021@odysseus.silby.com> References: <20040601120238.B44353@atlantis.atlantis.dp.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 17:05:40 -0000 On Tue, 1 Jun 2004, Dmitry Pryanishnikov wrote: > The main question is: how to prevent this situation? Of course, as a > workaround I can set net.inet.ip.portrange.randomized to zero, but what's > the real solution? Is it FTP-client or FTP-server that should take care of > the previous DATA port usage? Or even network stack behaviour should be > further modified to avoid this collision? > > Sincerely, Dmitry > -- > Atlantis ISP, System Administrator > e-mail: dmitry@atlantis.dp.ua > nic-hdl: LYNX-RIPE Sounds like something that should be dealt with on the server's end. Some of the changes we've made in 5.x might fix the problem, but I don't think anyone has looked into that specific case. A simpler solution might be to use passive mode. I think that you can set that somewhere in the install options. Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 13:42:39 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5068616A4CE for ; Tue, 1 Jun 2004 13:42:39 -0700 (PDT) Received: from mail-in-01.arcor-online.net (mail-in-01.arcor-online.net [151.189.21.41]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8D4CC43D2F for ; Tue, 1 Jun 2004 13:42:38 -0700 (PDT) (envelope-from naddy@mips.inka.de) Received: from kemoauc.mips.inka.de (dsl-082-082-076-125.arcor-ip.net [82.82.76.125]) by mail-in-01.arcor-online.net (Postfix) with ESMTP id 0C033BFDD81; Tue, 1 Jun 2004 22:42:37 +0200 (CEST) Received: from kemoauc.mips.inka.de (localhost [127.0.0.1]) i51KgabK037882; Tue, 1 Jun 2004 22:42:36 +0200 (CEST) (envelope-from naddy@kemoauc.mips.inka.de) Received: (from naddy@localhost) by kemoauc.mips.inka.de (8.12.11/8.12.11/Submit) id i51KgZhY037881; Tue, 1 Jun 2004 22:42:35 +0200 (CEST) (envelope-from naddy) Date: Tue, 1 Jun 2004 22:42:35 +0200 From: Christian Weisgerber To: Shingo WATANABE / ?$BEOJU ?$B?-8c Message-ID: <20040601204235.GC33989@kemoauc.mips.inka.de> References: <87d64j8f99.wl@nabechan.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87d64j8f99.wl@nabechan.org> User-Agent: Mutt/1.4.2.1i cc: freebsd-net@FreeBSD.org Subject: Re: udav(4) vs. multicast X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 20:42:39 -0000 Shingo WATANABE: > I know the udav(4) was ported to FreeBSD, but I don't know why > programming with big-endian CRC on FreeBSD. Most likely it's just an error that was introduced when the driver was ported. > When I wrote this driver on NetBSD, it worked well with little-endian > CRC. Well, many people never use multicast at all, so bugs can go unnoticed there for a long time. -- Christian "naddy" Weisgerber naddy@mips.inka.de From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 13:44:59 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 48F0C16A4CE for ; Tue, 1 Jun 2004 13:44:59 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 85EF043D1F for ; Tue, 1 Jun 2004 13:44:58 -0700 (PDT) (envelope-from andre@freebsd.org) Received: (qmail 95485 invoked from network); 1 Jun 2004 20:44:57 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 1 Jun 2004 20:44:57 -0000 Message-ID: <40BCEACA.8918878F@freebsd.org> Date: Tue, 01 Jun 2004 22:44:58 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Mike Silbersack References: <20040601120238.B44353@atlantis.atlantis.dp.ua> <20040601120412.B63021@odysseus.silby.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: Dmitry Pryanishnikov cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 20:44:59 -0000 Mike Silbersack wrote: > > On Tue, 1 Jun 2004, Dmitry Pryanishnikov wrote: > > > The main question is: how to prevent this situation? Of course, as a > > workaround I can set net.inet.ip.portrange.randomized to zero, but what's > > the real solution? Is it FTP-client or FTP-server that should take care of > > the previous DATA port usage? Or even network stack behaviour should be > > further modified to avoid this collision? > > > > Sincerely, Dmitry > > -- > > Atlantis ISP, System Administrator > > e-mail: dmitry@atlantis.dp.ua > > nic-hdl: LYNX-RIPE > > Sounds like something that should be dealt with on the server's end. Some > of the changes we've made in 5.x might fix the problem, but I don't think > anyone has looked into that specific case. A port should not be reused this fast. Maybe the randomness isn't so random after all and choses the same port over again and again? > A simpler solution might be to use passive mode. I think that you can set > that somewhere in the install options. Unless he does a full cycle of all available ports there shouldn't be a collision. -- Andre From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 16:12:22 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5117316A4D1 for ; Tue, 1 Jun 2004 16:12:22 -0700 (PDT) Received: from mtaw4.prodigy.net (mtaw4.prodigy.net [64.164.98.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01B9C43D5E for ; Tue, 1 Jun 2004 16:12:22 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (2acd0ca818ef5c01d4c3684f36793205@adsl-67-115-73-128.dsl.lsan03.pacbell.net [67.115.73.128]) by mtaw4.prodigy.net (8.12.10/8.12.10) with ESMTP id i51NCDfY019185; Tue, 1 Jun 2004 16:12:14 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 7196052364; Tue, 1 Jun 2004 16:12:13 -0700 (PDT) Date: Tue, 1 Jun 2004 16:12:13 -0700 From: Kris Kennaway To: Mike Silbersack Message-ID: <20040601231213.GA3894@xor.obsecurity.org> References: <20040601120238.B44353@atlantis.atlantis.dp.ua> <20040601120412.B63021@odysseus.silby.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="bp/iNruPH9dso1Pn" Content-Disposition: inline In-Reply-To: <20040601120412.B63021@odysseus.silby.com> User-Agent: Mutt/1.4.2.1i cc: Dmitry Pryanishnikov cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 23:12:22 -0000 --bp/iNruPH9dso1Pn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 01, 2004 at 12:05:35PM -0500, Mike Silbersack wrote: >=20 > On Tue, 1 Jun 2004, Dmitry Pryanishnikov wrote: >=20 > > The main question is: how to prevent this situation? Of course, as a > > workaround I can set net.inet.ip.portrange.randomized to zero, but what= 's > > the real solution? Is it FTP-client or FTP-server that should take care= of > > the previous DATA port usage? Or even network stack behaviour should be > > further modified to avoid this collision? > > > > Sincerely, Dmitry > > -- > > Atlantis ISP, System Administrator > > e-mail: dmitry@atlantis.dp.ua > > nic-hdl: LYNX-RIPE >=20 > Sounds like something that should be dealt with on the server's end. Some > of the changes we've made in 5.x might fix the problem, but I don't think > anyone has looked into that specific case. Is this also the cause of the mysql server connection failures reported on freebsd-stable@? Kris --bp/iNruPH9dso1Pn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAvQ1NWry0BWjoQKURAtggAKCUpLp0V3uhqGflI0KIXS3ag5qTJACePwJc G3NeXTPPcR6Qf4eXvpqAuVM= =D6zy -----END PGP SIGNATURE----- --bp/iNruPH9dso1Pn-- From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 17:03:42 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8AD9B16A4CE for ; Tue, 1 Jun 2004 17:03:42 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id D699143D58 for ; Tue, 1 Jun 2004 17:03:41 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 69352 invoked from network); 2 Jun 2004 00:03:28 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 2 Jun 2004 00:03:28 -0000 X-pair-Authenticated: 209.68.2.70 Date: Tue, 1 Jun 2004 19:03:27 -0500 (CDT) From: Mike Silbersack To: Kris Kennaway In-Reply-To: <20040601231213.GA3894@xor.obsecurity.org> Message-ID: <20040601185912.I83544@odysseus.silby.com> References: <20040601120238.B44353@atlantis.atlantis.dp.ua> <20040601231213.GA3894@xor.obsecurity.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Dmitry Pryanishnikov cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 00:03:42 -0000 On Tue, 1 Jun 2004, Kris Kennaway wrote: > On Tue, Jun 01, 2004 at 12:05:35PM -0500, Mike Silbersack wrote: > > Sounds like something that should be dealt with on the server's end. Some > > of the changes we've made in 5.x might fix the problem, but I don't think > > anyone has looked into that specific case. > > Is this also the cause of the mysql server connection failures > reported on freebsd-stable@? > > Kris Yes, it is possible that random ephemeral port allocation could cause the MySQL problems, if the connection rate is extremely high. If it's happening, it would show up in the form of sockets stuck in the SYN_SENT state. If one of the people reporting problems can verify it, I could backport the changes I made to handle this edgecase in 5.x. Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 17:07:37 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E99D616A4CE for ; Tue, 1 Jun 2004 17:07:37 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 7D85F43D48 for ; Tue, 1 Jun 2004 17:07:37 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 71999 invoked from network); 2 Jun 2004 00:07:36 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 2 Jun 2004 00:07:36 -0000 X-pair-Authenticated: 209.68.2.70 Date: Tue, 1 Jun 2004 19:07:35 -0500 (CDT) From: Mike Silbersack To: Andre Oppermann In-Reply-To: <40BCEACA.8918878F@freebsd.org> Message-ID: <20040601190334.P83544@odysseus.silby.com> References: <20040601120238.B44353@atlantis.atlantis.dp.ua> <20040601120412.B63021@odysseus.silby.com> <40BCEACA.8918878F@freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Dmitry Pryanishnikov cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 00:07:38 -0000 On Tue, 1 Jun 2004, Andre Oppermann wrote: > A port should not be reused this fast. Maybe the randomness isn't > so random after all and choses the same port over again and again? We use arc4random, so I don't think that's likely, but it is possible. > > A simpler solution might be to use passive mode. I think that you can set > > that somewhere in the install options. > > Unless he does a full cycle of all available ports there shouldn't be > a collision. > > -- > Andre Since we're using random allocation, faster reuses are certainly possible. Something fishy must be going on here, because sysinstall doesn't make too many ftp connections, does it? Port recycling issues should only be showing up in applications which make thousands of connections per minute. Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Tue Jun 1 17:15:14 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C3E316A4CE for ; Tue, 1 Jun 2004 17:15:14 -0700 (PDT) Received: from mtaw4.prodigy.net (mtaw4.prodigy.net [64.164.98.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18E8743D31 for ; Tue, 1 Jun 2004 17:15:14 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (15d9054e0b8c60845bbe8077022118cc@adsl-67-115-73-128.dsl.lsan03.pacbell.net [67.115.73.128]) by mtaw4.prodigy.net (8.12.10/8.12.10) with ESMTP id i520F8fY022478; Tue, 1 Jun 2004 17:15:08 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id D199F52364; Tue, 1 Jun 2004 17:15:07 -0700 (PDT) Date: Tue, 1 Jun 2004 17:15:07 -0700 From: Kris Kennaway To: Mike Silbersack Message-ID: <20040602001507.GA7701@xor.obsecurity.org> References: <20040601120238.B44353@atlantis.atlantis.dp.ua> <20040601120412.B63021@odysseus.silby.com> <20040601231213.GA3894@xor.obsecurity.org> <20040601185912.I83544@odysseus.silby.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="LZvS9be/3tNcYl/X" Content-Disposition: inline In-Reply-To: <20040601185912.I83544@odysseus.silby.com> User-Agent: Mutt/1.4.2.1i cc: Dmitry Pryanishnikov cc: freebsd-net@freebsd.org cc: Kris Kennaway Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 00:15:14 -0000 --LZvS9be/3tNcYl/X Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 01, 2004 at 07:03:27PM -0500, Mike Silbersack wrote: >=20 > On Tue, 1 Jun 2004, Kris Kennaway wrote: >=20 > > On Tue, Jun 01, 2004 at 12:05:35PM -0500, Mike Silbersack wrote: > > > Sounds like something that should be dealt with on the server's end. = Some > > > of the changes we've made in 5.x might fix the problem, but I don't t= hink > > > anyone has looked into that specific case. > > > > Is this also the cause of the mysql server connection failures > > reported on freebsd-stable@? > > > > Kris >=20 > Yes, it is possible that random ephemeral port allocation could cause the > MySQL problems, if the connection rate is extremely high. If it's > happening, it would show up in the form of sockets stuck in the SYN_SENT > state. If one of the people reporting problems can verify it, I could > backport the changes I made to handle this edgecase in 5.x. I suggest posting to stable@ Kris --LZvS9be/3tNcYl/X Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD4DBQFAvRwLWry0BWjoQKURApoqAJjgpj8bpSSFh1PbwE1Aw1LJVpp8AJ4nc1gO p4bYY6kmLB3GGJdViu9xcQ== =V6cq -----END PGP SIGNATURE----- --LZvS9be/3tNcYl/X-- From owner-freebsd-net@FreeBSD.ORG Wed Jun 2 02:54:00 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4C77C16A4CF for ; Wed, 2 Jun 2004 02:54:00 -0700 (PDT) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4F63943D58 for ; Wed, 2 Jun 2004 02:53:58 -0700 (PDT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by smtp.atlantis.dp.ua (8.12.6p2/8.12.6) with ESMTP id i529rnEw053736 for ; Wed, 2 Jun 2004 12:53:49 +0300 (EEST) (envelope-from dmitry@atlantis.dp.ua) Date: Wed, 2 Jun 2004 12:53:49 +0300 (EEST) From: Dmitry Pryanishnikov To: freebsd-net@freebsd.org Message-ID: <20040602093940.N99493@atlantis.atlantis.dp.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 09:54:00 -0000 Hello! > Date: Tue, 1 Jun 2004 19:07:35 -0500 (CDT) > From: Mike Silbersack > > On Tue, 1 Jun 2004, Andre Oppermann wrote: > >> A port should not be reused this fast. Maybe the randomness isn't >> so random after all and choses the same port over again and again? > >We use arc4random, so I don't think that's likely, but it is possible. OK, I would like to provide some statistics based on FTP server log. In the following table, first column is the total number of PORT commands per FTP session, second is the number of PORT commands between the first and second occurence of reused port (which is the cause of "425" error), third column is the interval between those occurences in secons: Total # of PORT comm. Interval, # of PORT Interval, sec 558 35 50 336 50 20 165 160 55 So, it doesn't seem to me that random number generator works badly, but any randomness doesn't _guarantee_ that port number won't repeat within 2*MSL seconds, does it? Also I have heard of algorithms (but can't recollect now) that actually guarantee non-repeatness of the large portion (up to the interval range) of pseudo-random sequence. If we had such an algorihm for random port allocation, we won't get reused ports so often (by default, portrange.hilast=65535 and portrange.hifirst=49152, so theoretically we would have 16383 non-repeated port numbers before the first repeat). > > A simpler solution might be to use passive mode. I think that you can set > > that somewhere in the install options. I'm looking at "Options" menu right now, but I don't see such an option - just "FTP username", no more. > Something fishy must be going on here, because sysinstall doesn't make too > many ftp connections, does it? Port recycling issues should only be > showing up in applications which make thousands of connections per minute. It all depends on definition of "too" ;) Actually, sysinstall has to transfer 154 chunks of data just to install 4.10's base; if you want sources, add another 316 chunks. But actually my concern is not about sysinstall, but about real-life everyday usage of 4.10+ based clients and servers. Will revision 1.147 of sys/netinet/in_pcb.c solve this problem on server's side (by letting server to open this server.20->client.PORT TCP session despite having another server.20->client.PORT session in TIME_WAIT)? If so, it seems like a real solution for this problem, and I'll wait for it's MFC. P.S. I don't think that net.inet.ip.portrange.randomized=1 hurts local MySQL connections, since MySQL AFAIK doesn't use TCP during localhost connection at all; it uses socket instead. Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE From owner-freebsd-net@FreeBSD.ORG Wed Jun 2 03:41:56 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 197F016A4CE for ; Wed, 2 Jun 2004 03:41:56 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 510C243D45 for ; Wed, 2 Jun 2004 03:41:55 -0700 (PDT) (envelope-from andre@freebsd.org) Received: (qmail 93589 invoked from network); 2 Jun 2004 10:41:51 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 2 Jun 2004 10:41:51 -0000 Message-ID: <40BDAEEF.2AECC3F0@freebsd.org> Date: Wed, 02 Jun 2004 12:41:51 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Dmitry Pryanishnikov References: <20040602093940.N99493@atlantis.atlantis.dp.ua> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 10:41:56 -0000 Dmitry Pryanishnikov wrote: > > Hello! > > > Date: Tue, 1 Jun 2004 19:07:35 -0500 (CDT) > > From: Mike Silbersack > > > > On Tue, 1 Jun 2004, Andre Oppermann wrote: > > > >> A port should not be reused this fast. Maybe the randomness isn't > >> so random after all and choses the same port over again and again? > > > >We use arc4random, so I don't think that's likely, but it is possible. > > OK, I would like to provide some statistics based on FTP server log. > In the following table, first column is the total number of PORT commands > per FTP session, second is the number of PORT commands between the first and > second occurence of reused port (which is the cause of "425" error), third > column is the interval between those occurences in secons: > > Total # of PORT comm. Interval, # of PORT Interval, sec > > 558 35 50 > 336 50 20 > 165 160 55 > > So, it doesn't seem to me that random number generator works badly, but any > randomness doesn't _guarantee_ that port number won't repeat within 2*MSL > seconds, does it? Also I have heard of algorithms (but can't recollect now) > that actually guarantee non-repeatness of the large portion (up > to the interval range) of pseudo-random sequence. If we had such an algorihm > for random port allocation, we won't get reused ports so often (by default, > portrange.hilast=65535 and portrange.hifirst=49152, so theoretically we would > have 16383 non-repeated port numbers before the first repeat). The random generator indeed works badly. If it was truely random it should generate a collision only every (1/range) on average. Maybe the arc4random function reuses the same or small number of initial vectors all over again leading to the same small set of 'randomized' ports. -- Andre From owner-freebsd-net@FreeBSD.ORG Wed Jun 2 08:11:04 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F162316A4CE; Wed, 2 Jun 2004 08:11:04 -0700 (PDT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6F6AB43D4C; Wed, 2 Jun 2004 08:11:04 -0700 (PDT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.12.11/8.12.11) with ESMTP id i52FAvYA040516; Wed, 2 Jun 2004 11:10:57 -0400 (EDT) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.12.11/8.12.11/Submit) id i52FAvW3040515; Wed, 2 Jun 2004 11:10:57 -0400 (EDT) (envelope-from barney) Date: Wed, 2 Jun 2004 11:10:57 -0400 From: Barney Wolff To: Andre Oppermann Message-ID: <20040602151057.GA39564@pit.databus.com> References: <20040602093940.N99493@atlantis.atlantis.dp.ua> <40BDAEEF.2AECC3F0@freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40BDAEEF.2AECC3F0@freebsd.org> User-Agent: Mutt/1.5.6i X-Scanned-By: MIMEDefang 2.43 cc: Dmitry Pryanishnikov cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 15:11:05 -0000 On Wed, Jun 02, 2004 at 12:41:51PM +0200, Andre Oppermann wrote: > > have 16383 non-repeated port numbers before the first repeat). > > The random generator indeed works badly. If it was truely random it > should generate a collision only every (1/range) on average. Maybe > the arc4random function reuses the same or small number of initial vectors > all over again leading to the same small set of 'randomized' ports. I believe you're seeing the birthday paradox at work, and the expected number before collision is sqrt(N), not N. Is the problem that the two systems have different ideas of MSL? -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. From owner-freebsd-net@FreeBSD.ORG Wed Jun 2 08:12:26 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E04FA16A4CE for ; Wed, 2 Jun 2004 08:12:26 -0700 (PDT) Received: from Shenton.org (23.ebbed1.client.atlantech.net [209.190.235.35]) by mx1.FreeBSD.org (Postfix) with SMTP id 20ED643D5F for ; Wed, 2 Jun 2004 08:12:26 -0700 (PDT) (envelope-from chris@Shenton.Org) Received: (qmail 44842 invoked by uid 1001); 2 Jun 2004 15:12:24 -0000 To: freebsd-hardware@freebsd.org From: Chris Shenton Date: Wed, 02 Jun 2004 11:12:24 -0400 Message-ID: <86u0xukn8n.fsf@PECTOPAH.shenton.org> User-Agent: Gnus/5.110003 (No Gnus v0.3) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-net@freebsd.org Subject: 5.2.1-R Support for 802.11b USB stick? usbd sees it as ugen0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 15:12:27 -0000 I've got an olde thinkpad and picked up a "Syntax USB-400" 802.11b interface on a USB stick (heck, it's free after rebate): http://www.freeafterrebate.info/article.php?story=20040301213230483 When I plug it in, usbd sees it as a generic device: ugen0: vendor 0x0967 product 0x0204, rev 1.10/1.32, addr 2 This appears to be a prism2 chipset, judging by code found while googling the hex numbers above -- from linux-wan-ng. I cut and paste dev/attach/detach lines from elsewhere /etc/usbd.conf which handle USB ethernet devices: device "USB 802.11b" vendor 0x0967 product 0x0204 devname "[ackr]ue[0-9]+" attach "/etc/pccard_ether ${DEVNAME} start" detach "/etc/pccard_ether ${DEVNAME} stop" Stop and restart usbd, insert the dongle. It reports the same message as before, as if it's not finding a match on the vendor/product? The power(?) indictor on the dongle never lights. If I reboot the machine with the dongle inserted, the light does come on, but the usbd still doesn't see the dongle as a network device. Any pointers? Thanks. From owner-freebsd-net@FreeBSD.ORG Wed Jun 2 09:28:53 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 112D416A4CE; Wed, 2 Jun 2004 09:28:53 -0700 (PDT) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F04643D41; Wed, 2 Jun 2004 09:28:51 -0700 (PDT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by smtp.atlantis.dp.ua (8.12.6p2/8.12.6) with ESMTP id i52GScEw065803; Wed, 2 Jun 2004 19:28:38 +0300 (EEST) (envelope-from dmitry@atlantis.dp.ua) Date: Wed, 2 Jun 2004 19:28:38 +0300 (EEST) From: Dmitry Pryanishnikov To: Barney Wolff In-Reply-To: <20040602151057.GA39564@pit.databus.com> Message-ID: <20040602185254.C39863@atlantis.atlantis.dp.ua> References: <20040602093940.N99493@atlantis.atlantis.dp.ua> <40BDAEEF.2AECC3F0@freebsd.org> <20040602151057.GA39564@pit.databus.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: Andre Oppermann Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 16:28:53 -0000 Hello! On Wed, 2 Jun 2004, Barney Wolff wrote: > Is the problem that the two systems have different ideas of MSL? I haven't changed default net.inet.tcp.msl: 30000 on server. Note that on client side, connection never goes to TIME WAIT, because during active FTP server side closes data connection (see RFC793, figure 6), so it goes down-left on diagram from ESTAB state through TIME WAIT state; but client side receives this first FIN and goes down-right on diagram through CLOSE WAIT and LAST-ACK states. So MSL on client side is actually N/A in this case. We have asymmetry here: client has already forgot about previous usage of data port, but server must remember about it during 2*MSL according to RFC793. Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE From owner-freebsd-net@FreeBSD.ORG Wed Jun 2 21:27:29 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3664E16A4CF for ; Wed, 2 Jun 2004 21:27:29 -0700 (PDT) Received: from gw.catspoiler.org (217-ip-163.nccn.net [209.79.217.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id AD01E43D46 for ; Wed, 2 Jun 2004 21:27:28 -0700 (PDT) (envelope-from truckman@FreeBSD.org) Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2]) by gw.catspoiler.org (8.12.11/8.12.11) with ESMTP id i534RAdh003365; Wed, 2 Jun 2004 21:27:18 -0700 (PDT) (envelope-from truckman@FreeBSD.org) Message-Id: <200406030427.i534RAdh003365@gw.catspoiler.org> Date: Wed, 2 Jun 2004 21:27:10 -0700 (PDT) From: Don Lewis To: dmitry@atlantis.dp.ua In-Reply-To: <20040602093940.N99493@atlantis.atlantis.dp.ua> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii cc: freebsd-net@FreeBSD.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2004 04:27:29 -0000 On 2 Jun, Dmitry Pryanishnikov wrote: > > Hello! > >> Date: Tue, 1 Jun 2004 19:07:35 -0500 (CDT) >> From: Mike Silbersack >> >> On Tue, 1 Jun 2004, Andre Oppermann wrote: >> >>> A port should not be reused this fast. Maybe the randomness isn't >>> so random after all and choses the same port over again and again? >> >>We use arc4random, so I don't think that's likely, but it is possible. > > OK, I would like to provide some statistics based on FTP server log. > In the following table, first column is the total number of PORT commands > per FTP session, second is the number of PORT commands between the first and > second occurence of reused port (which is the cause of "425" error), third > column is the interval between those occurences in secons: > > Total # of PORT comm. Interval, # of PORT Interval, sec > > 558 35 50 > 336 50 20 > 165 160 55 > > So, it doesn't seem to me that random number generator works badly, but any > randomness doesn't _guarantee_ that port number won't repeat within 2*MSL > seconds, does it? Also I have heard of algorithms (but can't recollect now) > that actually guarantee non-repeatness of the large portion (up > to the interval range) of pseudo-random sequence. If we had such an algorihm > for random port allocation, we won't get reused ports so often (by default, > portrange.hilast=65535 and portrange.hifirst=49152, so theoretically we would > have 16383 non-repeated port numbers before the first repeat). Randomizing DNS query IDs without repeating any particular ID too quickly is a similar problem. I contributed some code to for this to BIND version 8 a number of years ago. See the nsid stuff in /usr/src/contrib/bind/bin/named/ns_main.c. There are some comments preceeding the code that explain the background and how it is supposed to work. Something like this might be suitable for port number allocation, though the potentially long time that a given port number might be in use would complicate things. From owner-freebsd-net@FreeBSD.ORG Wed Jun 2 21:59:28 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A8CB916A4CF for ; Wed, 2 Jun 2004 21:59:28 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 16E7843D58 for ; Wed, 2 Jun 2004 21:59:28 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 98165 invoked from network); 3 Jun 2004 04:59:22 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 3 Jun 2004 04:59:22 -0000 X-pair-Authenticated: 209.68.2.70 Date: Wed, 2 Jun 2004 23:59:21 -0500 (CDT) From: Mike Silbersack To: Andre Oppermann In-Reply-To: <40BDAEEF.2AECC3F0@freebsd.org> Message-ID: <20040602061131.O35216@odysseus.silby.com> References: <20040602093940.N99493@atlantis.atlantis.dp.ua> <40BDAEEF.2AECC3F0@freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Dmitry Pryanishnikov cc: freebsd-net@freebsd.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2004 04:59:28 -0000 On Wed, 2 Jun 2004, Andre Oppermann wrote: > The random generator indeed works badly. If it was truely random it > should generate a collision only every (1/range) on average. Maybe > the arc4random function reuses the same or small number of initial vectors > all over again leading to the same small set of 'randomized' ports. > > -- > Andre Or it's being seeded poorly by 4.x's inferior random number generator? (I don't know if it could be THAT bad.) It looks like we're really bumping into two things: 1. The need for something more suited to this purpose than arc4random (I'll have to check out Don's code in BIND.) 2. General port recycling issues. It sounds like sequential port allocation was masking problems of type #2 in the past. Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Thu Jun 3 00:20:18 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F05516A4D0 for ; Thu, 3 Jun 2004 00:20:18 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 5AD5C43D2D for ; Thu, 3 Jun 2004 00:20:17 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 34376 invoked from network); 3 Jun 2004 07:19:51 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 3 Jun 2004 07:19:51 -0000 X-pair-Authenticated: 209.68.2.70 Date: Thu, 3 Jun 2004 02:19:43 -0500 (CDT) From: Mike Silbersack To: Don Lewis In-Reply-To: <200406030427.i534RAdh003365@gw.catspoiler.org> Message-ID: <20040603021629.S70117@odysseus.silby.com> References: <200406030427.i534RAdh003365@gw.catspoiler.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: dmitry@atlantis.dp.ua cc: freebsd-net@FreeBSD.org Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2004 07:20:18 -0000 On Wed, 2 Jun 2004, Don Lewis wrote: > Randomizing DNS query IDs without repeating any particular ID too > quickly is a similar problem. I contributed some code to for this to > BIND version 8 a number of years ago. See the nsid stuff in > /usr/src/contrib/bind/bin/named/ns_main.c. There are some comments > preceeding the code that explain the background and how it is supposed > to work. Something like this might be suitable for port number > allocation, though the potentially long time that a given port number > might be in use would complicate things. I just thought more about the issue at hand, and I think that changing the randomization algorithm is probably not worth the effort. Instead, we'll have to fix the server-side TIME_WAIT problem Dmitry is experiencing. The simple reason is that any other OS which uses randomized ephemeral ports will tickle the exact same port recycling problem, so reverting our client behavior isn't a long-term solution. I'm still too swamped to poke at the problem. Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Thu Jun 3 11:22:43 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C8F4B16A4CE for ; Thu, 3 Jun 2004 11:22:43 -0700 (PDT) Received: from tomba.cskk-sv.co.jp (usen-221x245x15x82.ap-US01.usen.ad.jp [221.245.15.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id EF8AE43D62 for ; Thu, 3 Jun 2004 11:22:42 -0700 (PDT) (envelope-from hashiz@tomba.cskk-sv.co.jp) Received: from localhost (localhost.cskk-sv.co.jp [IPv6:::1]) by tomba.cskk-sv.co.jp (8.12.11/8.12.11) with ESMTP id i53IMff2002427 for ; Fri, 4 Jun 2004 03:22:41 +0900 (JST) (envelope-from hashiz@tomba.cskk-sv.co.jp) Date: Fri, 04 Jun 2004 03:22:41 +0900 (JST) Message-Id: <20040604.032241.205299187.hashiz@tomba.cskk-sv.co.jp> To: freebsd-net@FreeBSD.org From: HASHI Hiroaki In-Replay-To: <20040601204235.GC33989@kemoauc.mips.inka.de> X-Mailer: Mew version 4.0.65 on Emacs 21.3.50 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re: udav(4) vs. multicast X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2004 18:22:43 -0000 > Shingo WATANABE: > > > I know the udav(4) was ported to FreeBSD, but I don't know why > > programming with big-endian CRC on FreeBSD. > > Most likely it's just an error that was introduced when the driver > was ported. > > > When I wrote this driver on NetBSD, it worked well with little-endian > > CRC. I change CRC calcurate code to little-endian. Then, I was able to receive a multicast packets. I will send PR later. > Well, many people never use multicast at all, so bugs can go unnoticed > there for a long time. Probably, nobody use this driver. :-) # promiscuous mode dose not work. -- HASHI, Hiroaki From owner-freebsd-net@FreeBSD.ORG Thu Jun 3 18:40:45 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D0FE716A4CE for ; Thu, 3 Jun 2004 18:40:45 -0700 (PDT) Received: from mxsf10.cluster1.charter.net (mxsf10.cluster1.charter.net [209.225.28.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 630FB43D2F for ; Thu, 3 Jun 2004 18:40:45 -0700 (PDT) (envelope-from archie@dellroad.org) Received: from InterJet.dellroad.org (cable-24-196-25-11.mtv.al.charter.com [24.196.25.11])i541F3t5058719; Thu, 3 Jun 2004 21:15:05 -0400 (EDT) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.2.2.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id UAA56675; Thu, 3 Jun 2004 20:05:16 -0500 (CDT) Received: from arch20m.dellroad.org (localhost [127.0.0.1]) i53LbY2o012979; Thu, 3 Jun 2004 16:37:34 -0500 (CDT) (envelope-from archie@arch20m.dellroad.org) Received: (from archie@localhost) by arch20m.dellroad.org (8.12.9p2/8.12.9/Submit) id i53LbYPa012978; Thu, 3 Jun 2004 16:37:34 -0500 (CDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200406032137.i53LbYPa012978@arch20m.dellroad.org> To: mpd-users@lists.sourceforge.net, freebsd-net@freebsd.org Date: Thu, 3 Jun 2004 16:37:34 -0500 (CDT) X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Subject: L2TP library now available X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jun 2004 01:40:45 -0000 For those interested in an L2TP implementation... good news & bad news :-) The good news is that the "libpdel" library (port devel/libpdel) now includes a PPP library with L2TP server support. MANY THANKS to Vernier Networks, Inc. for agreeing to open source this code. This is a netgraph based PPP library. The bad news is that this code is a library, not a server, so you can't use it as an L2TP server yet. However, it is written to do everything except for the "policy decisions" (i.e., all of the hard work) and there is a simple proof-of-concept test L2TP server program for one remote client that can serve as sample code. The next step (if folks are interested) is to use this code as the basis for writing a working L2TP server. Hopefully others will be able to contribute since I'm too busy to do it all myself. If you're interested in this project, please join the MPD mailing list (mpd-users@lists.sourceforge.net) where we can continue discussion. Thanks, -Archie __________________________________________________________________________ Archie Cobbs * CTO, Awarix * http://www.awarix.com From owner-freebsd-net@FreeBSD.ORG Fri Jun 4 07:38:47 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E09716A4CE; Fri, 4 Jun 2004 07:38:47 -0700 (PDT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id E58DC43D48; Fri, 4 Jun 2004 07:38:44 -0700 (PDT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.12.11/8.12.11) with ESMTP id i54Eccxo080957; Fri, 4 Jun 2004 10:38:38 -0400 (EDT) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.12.11/8.12.11/Submit) id i54EcbJ1080956; Fri, 4 Jun 2004 10:38:37 -0400 (EDT) (envelope-from barney) Date: Fri, 4 Jun 2004 10:38:37 -0400 From: Barney Wolff To: Mike Silbersack Message-ID: <20040604143837.GA80811@pit.databus.com> References: <200406030427.i534RAdh003365@gw.catspoiler.org> <20040603021629.S70117@odysseus.silby.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040603021629.S70117@odysseus.silby.com> User-Agent: Mutt/1.5.6i X-Scanned-By: MIMEDefang 2.43 cc: dmitry@atlantis.dp.ua cc: freebsd-net@freebsd.org cc: Don Lewis Subject: Re: net.inet.ip.portrange.randomized=1 hurts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jun 2004 14:38:47 -0000 On Thu, Jun 03, 2004 at 02:19:43AM -0500, Mike Silbersack wrote: > > On Wed, 2 Jun 2004, Don Lewis wrote: > > > Randomizing DNS query IDs without repeating any particular ID too > > quickly is a similar problem. I contributed some code to for this to > > BIND version 8 a number of years ago. See the nsid stuff in > > /usr/src/contrib/bind/bin/named/ns_main.c. There are some comments > > preceeding the code that explain the background and how it is supposed > > to work. Something like this might be suitable for port number > > allocation, though the potentially long time that a given port number > > might be in use would complicate things. > > I just thought more about the issue at hand, and I think that changing the > randomization algorithm is probably not worth the effort. Instead, we'll > have to fix the server-side TIME_WAIT problem Dmitry is experiencing. > The simple reason is that any other OS which uses randomized ephemeral > ports will tickle the exact same port recycling problem, so reverting our > client behavior isn't a long-term solution. The randomization algorithm is definitely wrong, and will need to be fixed. What's needed, as pointed out above, is a random *shuffle* not simply a random choice. The random choice as the code does now encounters the birthday paradox, resulting in re-use of a port number in sqrt(N) picks, meaning on average the re-use interval is 128, given the default 16384 range. That's far too short. The justified response to user complaints is "send patches" and I'm willing to try, if no-one else is working on it. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. From owner-freebsd-net@FreeBSD.ORG Sat Jun 5 00:24:28 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E79E16A4CE for ; Sat, 5 Jun 2004 00:24:28 -0700 (PDT) Received: from mailsmtp01.sjc02.opsource.net (mailsmtp01.sjc02.opsource.net [209.34.95.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 328CD43D2F for ; Sat, 5 Jun 2004 00:24:28 -0700 (PDT) (envelope-from victor@opsource.net) Received: from [192.168.1.100] (dsl027-177-056.sfo1.dsl.speakeasy.net [216.27.177.56]) (authenticated bits=0)i557ND2I021536 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 5 Jun 2004 00:23:13 -0700 From: Victor Gregorio To: freebsd-net@freebsd.org Content-Type: text/plain Message-Id: <1086420241.652.41.camel@localhost> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Sat, 05 Jun 2004 00:24:01 -0700 Content-Transfer-Encoding: 7bit X-Virus-Scanned-By: ClamAV Subject: IPSEC_ESP and if_tun failed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2004 07:24:28 -0000 Hello. I originally posted this to freebsd-questions. I then learned about this list and thought my topic was appropriate. I am running into a problem with using vpnc and isakmpd on the same system (not at the same time) on a FreeBSD 5.2.1-RELEASE-p8 system. With IPSEC enabled in the kernel, vpnc worked fine. Then, I had to include IPSEC_ESP so that isakmpd would work. Now, vpnc is broken. I compiled in IPSEC_DEBUG and did a $ sudo sysctl debug.if_tun_debug=1 to get some verbose logging. This is what happens... - I start vpnc as root - The client connects - vpnc authenticates properly - IP address is assigned to tun0 - The IPSec connection breaks - vpnc errors out with: socket(SOCK_RAW): Protocol not supported - ifconfig still shows the device tun0 with the assigned IP /var/log/messages shows this: kernel: tun0: open kernel: module_register: module if_tun already exists! kernel: Module if_tun failed to register: 17 kernel: can't re-use a leaf (if_tun_debug)! kernel: tun0: mtu set kernel: tun0: tuninit kernel: tun0: address set, error=0 kernel: tun0: tunoutput kernel: tun0: tunoutput kernel: tun0: tuninit kernel: tun0: address set, error=0 kernel: tun0: closed kernel: tun0: tunoutput kernel: tun0: not ready 032 kernel: tun0: tunoutput kernel: tun0: not ready 032 I have been trying to turn off ESP support using sysctl. OpenBSD has an OID called net.inet.esp.enable. This OID is not listed in sysctl -a. Any advice is appreciated. -Victor From owner-freebsd-net@FreeBSD.ORG Sat Jun 5 01:44:10 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 689CC16A4CE for ; Sat, 5 Jun 2004 01:44:10 -0700 (PDT) Received: from volt.iem.pw.edu.pl (volt.iem.pw.edu.pl [194.29.146.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id C4EE943D2D for ; Sat, 5 Jun 2004 01:44:09 -0700 (PDT) (envelope-from brudnya@volt.iem.pw.edu.pl) Received: from volt.iem.pw.edu.pl (brudnya@localhost [127.0.0.1]) by volt.iem.pw.edu.pl (8.12.11/8.12.9) with ESMTP id i558hUQ0037018 for ; Sat, 5 Jun 2004 10:43:30 +0200 (CEST) (envelope-from brudnya@volt.iem.pw.edu.pl) Received: from localhost (brudnya@localhost)i558hU0f037015 for ; Sat, 5 Jun 2004 10:43:30 +0200 (CEST) (envelope-from brudnya@volt.iem.pw.edu.pl) Date: Sat, 5 Jun 2004 10:43:30 +0200 (CEST) From: Adam Brudny To: Message-ID: <20040605104220.P36977-100000@volt.iem.pw.edu.pl> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Probelm setting socket options? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2004 08:44:10 -0000 Hi guys! I'm a quite newbe in sock API so please be patient :) I've seen quite a lot of log entries in my smbd.log file like that: Apr 29 00:42:09 host smbd[45372]: Failed to set socket option TCP_NODELAY (Error Connection reset by peer) I've tried to track it with truss (result below). My question is - does the setsockopt() fails BECAUSE the socket is not connected anymore (client closed it before setting the option) or the connection fails, and the client disconnects BECAUSE TCP_NODELAY option couldn't have been set properly ??? How to know that? ajb # truss -f -p PID 1654: fork() = 83030 (0x14456) 83030: close(18) = 0 (0x0) 83030: close(19) = 0 (0x0) 83030: close(0) = 0 (0x0) 83030: close(1) = 0 (0x0) 83030: open("/dev/null",0x2,00) = 0 (0x0) 83030: open("/dev/null",0x2,00) = 1 (0x1) 83030: setsockopt(0x17,0xffff,0x8,0xbfbfd99c,0x4) = 0 (0x0) 83030: setsockopt(0x17,0x6,0x1,0xbfbfd99c,0x4) ERR#54 'Connection reset by peer' 83030: gettimeofday(0xbfbfc428,0x0) = 0 (0x0) 83030: getpid() = 83030 (0x14456) 83030: sendto(0x5,0xbfbfc8c0,0,0x0,NULL,0x0) = 106 (0x6a) 83030: geteuid() = 0 (0x0) 83030: fstat(22,0xbfbfd0a0) = 0 (0x0) 83030: getpeername(0x17,0xbfbfdaa0,0xbfbfda9c) ERR#57 'Socket is not connected' ... .... From owner-freebsd-net@FreeBSD.ORG Sat Jun 5 06:29:01 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A2FB716A4CE for ; Sat, 5 Jun 2004 06:29:01 -0700 (PDT) Received: from rackman.netvulture.com (adsl-63-197-17-60.dsl.snfc21.pacbell.net [63.197.17.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 30C8043D46 for ; Sat, 5 Jun 2004 06:28:57 -0700 (PDT) (envelope-from vulture@netvulture.com) Received: from netvulture.com (bigv [192.168.2.130])i55DRnGV053303; Sat, 5 Jun 2004 06:27:50 -0700 (PDT) Message-ID: <40C1CAA1.5080000@netvulture.com> Date: Sat, 05 Jun 2004 06:29:05 -0700 From: Jonathan Feally User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Victor Gregorio References: <1086420241.652.41.camel@localhost> In-Reply-To: <1086420241.652.41.camel@localhost> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-MailScanner-Information: Please contact your system administrator for more information X-MailScanner: Found to be clean X-MailScanner-SpamCheck: not spam, SpamAssassin (score=-4.9, required 3, BAYES_00 -4.90) cc: freebsd-net@freebsd.org Subject: Re: IPSEC_ESP and if_tun failed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2004 13:29:01 -0000 Your problem lies in that vpnc is opening a raw socket to get it's ESP packets. However when you enable esp in the kernel, the kernel already is taking those packets, so you get the SOCK_RAW error as vpnc cannot get ESP packets because the kernel is handling them. I do not know if options FAST_IPSEC will solve your problem. Victor Gregorio wrote: >Hello. I originally posted this to freebsd-questions. I then learned >about this list and thought my topic was appropriate. > >I am running into a problem with using vpnc and isakmpd on the same >system (not at the same time) on a FreeBSD 5.2.1-RELEASE-p8 system. > >With IPSEC enabled in the kernel, vpnc worked fine. Then, I had to >include IPSEC_ESP so that isakmpd would work. Now, vpnc is broken. > >I compiled in IPSEC_DEBUG and did a $ sudo sysctl debug.if_tun_debug=1 >to get some verbose logging. This is what happens... > >- I start vpnc as root >- The client connects >- vpnc authenticates properly >- IP address is assigned to tun0 >- The IPSec connection breaks >- vpnc errors out with: socket(SOCK_RAW): Protocol not supported >- ifconfig still shows the device tun0 with the assigned IP > >/var/log/messages shows this: >kernel: tun0: open >kernel: module_register: module if_tun already exists! >kernel: Module if_tun failed to register: 17 >kernel: can't re-use a leaf (if_tun_debug)! >kernel: tun0: mtu set >kernel: tun0: tuninit >kernel: tun0: address set, error=0 >kernel: tun0: tunoutput >kernel: tun0: tunoutput >kernel: tun0: tuninit >kernel: tun0: address set, error=0 >kernel: tun0: closed >kernel: tun0: tunoutput >kernel: tun0: not ready 032 >kernel: tun0: tunoutput >kernel: tun0: not ready 032 > >I have been trying to turn off ESP support using sysctl. OpenBSD has an >OID called net.inet.esp.enable. This OID is not listed in sysctl -a. > >Any advice is appreciated. > >-Victor > > >_______________________________________________ >freebsd-net@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-net >To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > From owner-freebsd-net@FreeBSD.ORG Sat Jun 5 08:00:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2D0FA16A4CE for ; Sat, 5 Jun 2004 08:00:12 -0700 (PDT) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42DDA43D39 for ; Sat, 5 Jun 2004 08:00:11 -0700 (PDT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id E9CB01FFDC1; Sat, 5 Jun 2004 17:00:08 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id F12D31FF931; Sat, 5 Jun 2004 17:00:06 +0200 (CEST) Received: by mail.int.zabbadoz.net (Postfix, from userid 1060) id B4A4C154E5; Sat, 5 Jun 2004 14:54:25 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.int.zabbadoz.net (Postfix) with ESMTP id AAB1415329; Sat, 5 Jun 2004 14:54:26 +0000 (UTC) Date: Sat, 5 Jun 2004 14:54:26 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net To: Jonathan Feally In-Reply-To: <40C1CAA1.5080000@netvulture.com> Message-ID: References: <1086420241.652.41.camel@localhost> <40C1CAA1.5080000@netvulture.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de cc: freebsd-net@freebsd.org cc: Victor Gregorio Subject: Re: IPSEC_ESP and if_tun failed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jun 2004 15:00:12 -0000 On Sat, 5 Jun 2004, Jonathan Feally wrote: > Your problem lies in that vpnc is opening a raw socket to get it's ESP > packets. However when you enable esp in the kernel, the kernel already > is taking those packets, so you get the SOCK_RAW error as vpnc cannot > get ESP packets because the kernel is handling them. > I do not know if options FAST_IPSEC will solve your problem. won't -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT