From owner-freebsd-net@FreeBSD.ORG Sun Jul 11 00:39:58 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 49DFC16A4CE for ; Sun, 11 Jul 2004 00:39:58 +0000 (GMT) Received: from ls401.htnet.hr (ls401.htnet.hr [195.29.150.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3FA8043D41 for ; Sun, 11 Jul 2004 00:39:57 +0000 (GMT) (envelope-from lycanthrope@post.htnet.hr) Received: from ls401.htnet.hr (localhost.localdomain [127.0.0.1]) by ls401.htnet.hr (0.0.0/8.12.10) with ESMTP id i6B0duTH011593 for ; Sun, 11 Jul 2004 02:39:56 +0200 Received: from jkhahhytncost7 (195-29-120-134.adsl.net.htnet.hr [195.29.120.134]) by ls401.htnet.hr (0.0.0/8.12.10) with SMTP id i6B0dt0W011589 for ; Sun, 11 Jul 2004 02:39:55 +0200 Message-ID: <001d01c466df$34e5c4b0$1205a8c0@jkhahhytncost7> From: "lycanthrope" To: Date: Sun, 11 Jul 2004 02:37:12 +0200 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4922.1500 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4939.300 X-Trace: ls401.htnet.hr 1089506395 608 195.29.120.134 (Sun, 11 Jul 2004 02:39:55 +0200) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: NAT over multiple subnets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Jul 2004 00:39:58 -0000 hello I set up NAT+ipfw on FreeBSD computer which resides on 192.168.2.x LAN, = and has an outgoing ADSL connection. any client on 2.x can access = internet by setting this freebsd box as its gateway. there is another = server on the 2.x network which is used as a link to another LAN, 1.x = subnet. those users can not use NAT on the freebsd box,since their = gateway is a 1.x server,connected to 2.x server. how to enable users = from 1.x network to use NAT on freebsd machine,without altering 1.x or = 2.x servers? note that 1.x clients know how to get to the freebsd = machine (quagga-ripd), but can not alter their gateways to the freebsd = machine,since it has to be the 1.x server. so, how to enable 1.x user to use NAT on freebsd router? sorry for a rather long post, and maybe slight confusion,but I believe = you know what I have, and what I would like to do. thank you for all your help! ps: NAT is not mandatory,some other mean of internet sharing is = acceptable,as long as it is stable and fast on BSD From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 00:22:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EEDDF16A4CE for ; Mon, 12 Jul 2004 00:22:12 +0000 (GMT) Received: from rio.dnsrouter.com (rio.dnsrouter.com [209.51.153.242]) by mx1.FreeBSD.org (Postfix) with ESMTP id A4E3C43D31 for ; Mon, 12 Jul 2004 00:22:12 +0000 (GMT) (envelope-from dloomis@fpceldorado.org) Received: from 66.169.122.41.ts46v-05.otnb1.ftwrth.tx.charter.com ([66.169.122.41] helo=TOSHIBA) by rio.dnsrouter.com with smtp (Exim 4.34) id 1BjoaF-0003WL-IH for freebsd-net@freebsd.org; Sun, 11 Jul 2004 20:22:16 -0400 Message-ID: <000901c467a6$481033f0$fd01a8c0@TOSHIBA> From: To: Date: Sun, 11 Jul 2004 19:22:12 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - rio.dnsrouter.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - fpceldorado.org X-Source: X-Source-Args: X-Source-Dir: Subject: Senao pcmcia cards X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 00:22:13 -0000 I have been trying (quite unsuccessfully) to get my Teletronics/Senao NL-2500CD+ radio cards running on a Soekris net4521 to work under FreeBSD (M0n0wall and WiFiBSD). M0n0 uses ver. 4.9 while WiFi used 5.2-current. I get strong radio signal, but no connections. I have tried just about every setting available, but no joy. I have been told on other lists that the problem is with the firmware version on the cards. I flashed them some time back with firmware v.1.7.4. I have been told that only v. 1.5.6 and earler work with FreeBSD. That sounded rather strange since the same cards work just fine under Linux on the very same hardware. Can there be THAT much difference between the drivers in Freebsd and Linux? If what I have been told is correct, is it possible to re-flash the cards with the earlier firmware version or is that a no-no? I would like to use a Freebsd-based system on my router at the church without having to opt for the newer Atheros-based cards just now (which does work well). Dr. Daniel Loomis First Presbyterian Church El Dorado, AR From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 03:45:49 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5242816A4CE for ; Mon, 12 Jul 2004 03:45:49 +0000 (GMT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id CAF0543D2D for ; Mon, 12 Jul 2004 03:45:48 +0000 (GMT) (envelope-from silby@silby.com) Received: (qmail 82980 invoked from network); 12 Jul 2004 03:45:43 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 12 Jul 2004 03:45:43 -0000 X-pair-Authenticated: 209.68.2.70 Date: Sun, 11 Jul 2004 22:45:41 -0500 (CDT) From: Mike Silbersack To: dloomis@fpceldorado.org In-Reply-To: <000901c467a6$481033f0$fd01a8c0@TOSHIBA> Message-ID: <20040711224405.G2476@odysseus.silby.com> References: <000901c467a6$481033f0$fd01a8c0@TOSHIBA> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed cc: freebsd-net@freebsd.org Subject: Re: Senao pcmcia cards X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 03:45:49 -0000 On Sun, 11 Jul 2004 dloomis@fpceldorado.org wrote: > I have been told on other lists that the problem is with the firmware > version on the cards. I flashed them some time back with firmware v.1.7.4. > I have been told that only v. 1.5.6 and earler work with FreeBSD. That > sounded rather strange since the same cards work just fine under Linux on > the very same hardware. Can there be THAT much difference between the > drivers in Freebsd and Linux? > > If what I have been told is correct, is it possible to re-flash the cards > with the earlier firmware version or is that a no-no? I would like to use a > Freebsd-based system on my router at the church without having to opt for > the newer Atheros-based cards just now (which does work well). > > Dr. Daniel Loomis > First Presbyterian Church > El Dorado, AR I'm using 1.5.6 here without any major issues. I have not tried 1.7.4, but I believe that there are reports of it not getting along with the FreeBSD driver, for whatever reason. If you successfully flashed up to 1.7.4, I believe that you should be able to flash back to 1.5.6 without issue. Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 05:18:41 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2D7D16A4CE for ; Mon, 12 Jul 2004 05:18:40 +0000 (GMT) Received: from web60810.mail.yahoo.com (web60810.mail.yahoo.com [216.155.196.73]) by mx1.FreeBSD.org (Postfix) with SMTP id 7BFF343D31 for ; Mon, 12 Jul 2004 05:18:40 +0000 (GMT) (envelope-from yohanphilip@yahoo.com) Message-ID: <20040712051839.45887.qmail@web60810.mail.yahoo.com> Received: from [61.3.97.14] by web60810.mail.yahoo.com via HTTP; Sun, 11 Jul 2004 22:18:39 PDT Date: Sun, 11 Jul 2004 22:18:39 -0700 (PDT) From: Yohan To: freebsd-net@freebsd.org, clefevre-lists@9online.fr In-Reply-To: <016101c466cf$6ebbc780$7890a8c0@dyndns.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 05:18:41 -0000 sorry for the inconvenience caused, will follow your instructions next time the message exceeds 10 - 15 K. regards Yo --- Cyrille Lefevre wrote: > "Yohan" wrote: > [snip) > > The ppp.log is attached below. i noticed "Jul 11 > > 01:01:05 chennai ppp[182]: tun0: Phase: deflink: > ** > > Too many ECHO LQR packets lost ** " as the reason > for > > disconnect. ppp tries to reestablish the > connection > > but even after that the connection is not restored > as > > i am unable to ping the internet. i have to kill > the > > ppp process and redial using ppp -ddial isp to > restart > > the connection (the bottom part of the ppp.log). > Any > > way i could avoid this ..?? > > > > regards > > > > Yo > > > > ppp.log > > > [snip 125 K of ppp.log !] > > please, next time, cut the similar lines, then > compress (using > bzip2) and uuencode the log file which is about of > 125 K sent > to many people in the mailing list. think to those > how only > have a 56 K connection... not everybody have an xDSL > connection. > > Cyrille Lefevre. > -- > mailto:clefevre-lists@9online.fr > __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 08:24:43 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 90F7D16A4CE for ; Mon, 12 Jul 2004 08:24:43 +0000 (GMT) Received: from mx1.imp.ch (mx1.imp.ch [157.161.9.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 081ED43D39 for ; Mon, 12 Jul 2004 08:24:43 +0000 (GMT) (envelope-from mb@imp.ch) Received: from mx2.imp.ch (mx2o [157.161.9.17]) by mx1.imp.ch (8.12.11/8.12.11) with ESMTP id i6C8OPPj024816 for ; Mon, 12 Jul 2004 10:24:26 +0200 (CEST) (envelope-from mb@imp.ch) Received: from mx2.imp.ch (localhost [127.0.0.1]) by mx2.imp.ch (8.12.11/8.12.11/Submit) with ESMTP id i6C8ONsj031768 for ; Mon, 12 Jul 2004 10:24:24 +0200 (CEST) (envelope-from mb@imp.ch) Received: (from clamav@localhost) by mx2.imp.ch (8.12.11/8.12.11/Submit) id i6C8ONmF031764 for ; Mon, 12 Jul 2004 10:24:23 +0200 (CEST) (envelope-from mb@imp.ch) Received: from cvs.imp.ch (cvs.imp.ch [157.161.4.9]) by ns1.imp.ch (MIMEDefang) with ESMTP id i6C8OJAX057532; Mon, 12 Jul 2004 10:24:23 +0200 (CEST) Date: Mon, 12 Jul 2004 10:24:19 +0200 (CEST) From: Martin Blapp To: net@freebsd.org In-Reply-To: <20040710185759.Q56824@cvs.imp.ch> Message-ID: <20040712102340.R56824@cvs.imp.ch> References: <20040710185759.Q56824@cvs.imp.ch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checksum: 948eab3335ec9fb3b79b9278b3ee7add X-Virus-Status: No X-Spam-Level: X-Spam-Status: No, hits=-4.9 required=4 tests=BAYES_00 X-Scanned-By: MIMEDefang 2.42 cc: pjd@freebsd.org Subject: Re: if_em memleak with IPv6 ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 08:24:43 -0000 Hi all, > After reverting everything back to IPv4, the "No buffer space available" > seems to be gone. > > Maybe this is related to some other problem with this driver, (IPSEC etc). It happened ago this weekend. So it is unrelated to IP_v6 Martin From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 09:55:40 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D903816A4CE for ; Mon, 12 Jul 2004 09:55:40 +0000 (GMT) Received: from web60802.mail.yahoo.com (web60802.mail.yahoo.com [216.155.196.65]) by mx1.FreeBSD.org (Postfix) with SMTP id 8CBA743D1D for ; Mon, 12 Jul 2004 09:55:40 +0000 (GMT) (envelope-from yohanphilip@yahoo.com) Message-ID: <20040712095536.43089.qmail@web60802.mail.yahoo.com> Received: from [61.3.97.19] by web60802.mail.yahoo.com via HTTP; Mon, 12 Jul 2004 02:55:36 PDT Date: Mon, 12 Jul 2004 02:55:36 -0700 (PDT) From: Yohan To: Gleb Smirnoff , freebsd-net@freebsd.org In-Reply-To: <20040710202429.GA99773@cell.sick.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 09:55:41 -0000 gleb, on your advice im trying mpd istead of ppp. i seem to have problems of a different kind with mpd. mpd now connects ONLY after i run ppp .. i think .. else i get the following in the mpd.log mpd.log ------> Jul 12 13:13:10 chennai mpd: mpd: pid 155, version 3.17 (root@chennai.kwickprop.com 03:14 11-Jul-2004) Jul 12 13:13:10 chennai mpd: [bsnl] ppp node is "mpd155-bsnl" Jul 12 13:13:10 chennai mpd: [bsnl] using interface ng0 Jul 12 13:13:10 chennai mpd: [bsnl] IPCP: peer address cannot be zero Jul 12 13:13:10 chennai mpd: [bsnl] IFACE: Open event Jul 12 13:13:10 chennai mpd: [bsnl] IPCP: Open event Jul 12 13:13:10 chennai mpd: [bsnl] IPCP: state change Initial --> Starting Jul 12 13:13:10 chennai mpd: [bsnl] IPCP: LayerStart Jul 12 13:13:10 chennai mpd: [bsnl] bundle: OPEN event in state CLOSED Jul 12 13:13:10 chennai mpd: [bsnl] opening link "bsnl"... Jul 12 13:13:10 chennai mpd: [bsnl] link: OPEN event Jul 12 13:13:10 chennai mpd: [bsnl] LCP: Open event Jul 12 13:13:10 chennai mpd: [bsnl] LCP: state change Initial --> Starting Jul 12 13:13:10 chennai mpd: [bsnl] LCP: LayerStart Jul 12 13:13:10 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:10 chennai mpd: [bsnl] can't connect bypass,link0 and rl1:orphans,mpd155-bsnl: No such file or directory Jul 12 13:13:10 chennai mpd: [bsnl] can't remove hook mpd155-bsnl from node "rl1:orphans": No such file or directory Jul 12 13:13:10 chennai mpd: [bsnl] device is now in state OPENING Jul 12 13:13:10 chennai mpd: [bsnl] device: DOWN event in state OPENING Jul 12 13:13:10 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:10 chennai mpd: [bsnl] link: DOWN event Jul 12 13:13:10 chennai mpd: [bsnl] LCP: Down event Jul 12 13:13:10 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:10 chennai mpd: [bsnl] pausing 4 seconds before open Jul 12 13:13:10 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:14 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:14 chennai mpd: [bsnl] pausing 1 seconds before open Jul 12 13:13:14 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:15 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:15 chennai mpd: [bsnl] can't connect bypass,link0 and rl1:orphans,mpd155-bsnl: No such file or directory Jul 12 13:13:15 chennai mpd: [bsnl] can't remove hook mpd155-bsnl from node "rl1:orphans": No such file or directory Jul 12 13:13:15 chennai mpd: [bsnl] device is now in state OPENING Jul 12 13:13:15 chennai mpd: [bsnl] device: DOWN event in state OPENING Jul 12 13:13:15 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:15 chennai mpd: [bsnl] link: DOWN event Jul 12 13:13:15 chennai mpd: [bsnl] LCP: Down event Jul 12 13:13:15 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:15 chennai mpd: [bsnl] pausing 6 seconds before open Jul 12 13:13:15 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:21 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:21 chennai mpd: [bsnl] can't connect bypass,link0 and rl1:orphans,mpd155-bsnl: No such file or directory Jul 12 13:13:21 chennai mpd: [bsnl] can't remove hook mpd155-bsnl from node "rl1:orphans": No such file or directory Jul 12 13:13:21 chennai mpd: [bsnl] device is now in state OPENING Jul 12 13:13:21 chennai mpd: [bsnl] device: DOWN event in state OPENING Jul 12 13:13:21 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:21 chennai mpd: [bsnl] link: DOWN event Jul 12 13:13:21 chennai mpd: [bsnl] LCP: Down event Jul 12 13:13:21 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:21 chennai mpd: [bsnl] pausing 4 seconds before open Jul 12 13:13:21 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:25 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:25 chennai mpd: [bsnl] pausing 1 seconds before open Jul 12 13:13:25 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:26 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:26 chennai mpd: [bsnl] can't connect bypass,link0 and rl1:orphans,mpd155-bsnl: No such file or directory Jul 12 13:13:26 chennai mpd: [bsnl] can't remove hook mpd155-bsnl from node "rl1:orphans": No such file or directory Jul 12 13:13:26 chennai mpd: [bsnl] device is now in state OPENING Jul 12 13:13:26 chennai mpd: [bsnl] device: DOWN event in state OPENING Jul 12 13:13:26 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:26 chennai mpd: [bsnl] link: DOWN event Jul 12 13:13:26 chennai mpd: [bsnl] LCP: Down event Jul 12 13:13:26 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:26 chennai mpd: [bsnl] pausing 6 seconds before open Jul 12 13:13:26 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:32 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:32 chennai mpd: [bsnl] can't connect bypass,link0 and rl1:orphans,mpd155-bsnl: No such file or directory Jul 12 13:13:32 chennai mpd: [bsnl] can't remove hook mpd155-bsnl from node "rl1:orphans": No such file or directory Jul 12 13:13:32 chennai mpd: [bsnl] device is now in state OPENING Jul 12 13:13:32 chennai mpd: [bsnl] device: DOWN event in state OPENING Jul 12 13:13:32 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:32 chennai mpd: [bsnl] link: DOWN event Jul 12 13:13:32 chennai mpd: [bsnl] LCP: Down event Jul 12 13:13:32 chennai mpd: [bsnl] device: OPEN event in state DOWN Jul 12 13:13:32 chennai mpd: [bsnl] pausing 6 seconds before open Jul 12 13:13:32 chennai mpd: [bsnl] device is now in state DOWN Jul 12 13:13:37 chennai mpd: [bsnl] IPCP: Down event Jul 12 13:13:37 chennai mpd: [bsnl] IFACE: Close event Jul 12 13:13:37 chennai mpd: [bsnl] IPCP: Close event Jul 12 13:13:37 chennai mpd: [bsnl] IPCP: state change Starting --> Initial Jul 12 13:13:37 chennai mpd: [bsnl] IPCP: LayerFinish Jul 12 13:13:37 chennai mpd: mpd: process 155 terminated --- Gleb Smirnoff wrote: > On Sat, Jul 10, 2004 at 01:20:10PM -0700, Yohan > wrote: > Y> The ppp.log is attached below. i noticed "Jul 11 > Y> 01:01:05 chennai ppp[182]: tun0: Phase: deflink: > ** > Y> Too many ECHO LQR packets lost ** " as the reason > for > Y> disconnect. ppp tries to reestablish the > connection > Y> but even after that the connection is not > restored as > Y> i am unable to ping the internet. i have to kill > the > Y> ppp process and redial using ppp -ddial isp to > restart > Y> the connection (the bottom part of the ppp.log). > Any > Y> way i could avoid this ..?? > > Can you try to reproduce the problem with > ports/net/mpd port? > This should limit scope of potential problem. If you > reproduce > it the problem lives in netgraph part of PPPoE. If > you don't > then the problem live in ppp(8). > > -- > Totus tuus, Glebius. > GLEBIUS-RIPN GLEB-RIPE > __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 09:58:53 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E36FA16A4CE for ; Mon, 12 Jul 2004 09:58:53 +0000 (GMT) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D21C43D54 for ; Mon, 12 Jul 2004 09:58:53 +0000 (GMT) (envelope-from glebius@cell.sick.ru) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.9/8.12.8) with ESMTP id i6C9woMO008182 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 12 Jul 2004 13:58:51 +0400 (MSD) (envelope-from glebius@cell.sick.ru) Received: (from glebius@localhost) by cell.sick.ru (8.12.9/8.12.6/Submit) id i6C9wo6F008181; Mon, 12 Jul 2004 13:58:50 +0400 (MSD) Date: Mon, 12 Jul 2004 13:58:50 +0400 From: Gleb Smirnoff To: Yohan Message-ID: <20040712095850.GA8169@cell.sick.ru> Mail-Followup-To: Gleb Smirnoff , Yohan , freebsd-net@freebsd.org References: <20040710202429.GA99773@cell.sick.ru> <20040712095536.43089.qmail@web60802.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20040712095536.43089.qmail@web60802.mail.yahoo.com> User-Agent: Mutt/1.5.6i cc: freebsd-net@freebsd.org Subject: Re: PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 09:58:54 -0000 On Mon, Jul 12, 2004 at 02:55:36AM -0700, Yohan wrote: Y> on your advice im trying mpd istead of ppp. i seem to Y> have problems of a different kind with mpd. mpd now Y> connects ONLY after i run ppp .. i think .. else i get Y> the following in the mpd.log What version of mpd are you using? -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 11:05:07 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E6A0A16A4CE for ; Mon, 12 Jul 2004 11:05:07 +0000 (GMT) Received: from mail.FreeBSD.org.cn (dns3.freebsd.org.cn [61.129.66.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id F1DCC43D46 for ; Mon, 12 Jul 2004 11:05:02 +0000 (GMT) (envelope-from delphij@frontfree.net) Received: (qmail 96827 invoked by uid 0); 12 Jul 2004 11:03:22 -0000 Received: from unknown (HELO beastie.frontfree.net) (218.107.145.7) by mail.FreeBSD.org.cn with AES256-SHA encrypted SMTP; 12 Jul 2004 11:03:22 -0000 Received: from localhost (localhost.frontfree.net [127.0.0.1]) by beastie.frontfree.net (Postfix) with ESMTP id 6DD9311D0A; Mon, 12 Jul 2004 19:04:49 +0800 (CST) Received: from beastie.frontfree.net ([127.0.0.1]) by localhost (beastie.frontfree.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 02866-08; Mon, 12 Jul 2004 19:04:48 +0800 (CST) Received: by beastie.frontfree.net (Postfix, from userid 1001) id 9883E11CFF; Mon, 12 Jul 2004 19:04:44 +0800 (CST) Date: Mon, 12 Jul 2004 19:04:44 +0800 From: Xin LI To: freebsd-sparc@FreeBSD.org, freebsd-current@FreeBSD.org, freebsd-net@FreeBSD.org Message-ID: <20040712110444.GA1157@frontfree.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Kj7319i9nmIyA2yE" Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-GPG-key-ID/Fingerprint: 0xCAEEB8C0 / 43B8 B703 B8DD 0231 B333 DC28 39FB 93A0 CAEE B8C0 X-GPG-Public-Key: http://www.delphij.net/delphij.asc X-Operating-System: FreeBSD beastie.frontfree.net 5.2-delphij FreeBSD 5.2-delphij #80: Thu Jun 24 17:30:33 CST 2004 delphij@beastie.frontfree.net:/usr/obj/usr/src/sys/BEASTIE i386 X-URL: http://www.delphij.net X-By: delphij@beastie.frontfree.net X-Location: Beijing, China X-Virus-Scanned: by amavisd-new at frontfree.net cc: magiclouds@hotmail.com Subject: Strange networking problem on SPARC64 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 11:05:08 -0000 --Kj7319i9nmIyA2yE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, folks, My friend at Nankai University has a problem with Networking subsystem on FreeBSD/SPARC64. With a heavy FTP load, ipkterr raises rapidly. As I don't have sparc64 based hardware at hand, I send this mail on behalf of him with a hope that someone can give him some hints to figure out what is happening. Please fell free if I have missed some information and I will forward these to him. Hope we have provided useful information :-) fell free to ask us for more if necessary. Upgrading to -CURRENT does not solved the problem. After some experiences we believe that this is not due to a networking hardware/device error. Same hardware works well under other operating system. Here comes some detailed information: /root# uname -a FreeBSD Sun.teda.nankai.edu.cn 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 #2= : Fri Jul 9 16:14:19 CST 2004 root@Sun.teda.nankai.edu.cn:/usr/obj/usr= /src/sys/GENERIC sparc64 /root# cat /var/run/dmesg.bootstray vector interrupt 2029 Copyright (c) 199= 2-2004 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.2.1-RELEASE-p8 #1: Wed Feb 25 13:20:54 CST 2004 root@Sun.teda.nankai.edu.cn:/usr/obj/usr/src/sys/GENERIC Preloaded elf kernel "/boot/kernel/kernel" at 0xc0454000. Timecounter "tick" frequency 400000000 Hz quality 0 real memory =3D 536870= 912 (512 MB) avail memory =3D 509976576 (486 MB) cpu0: Sun Microsystems UltraSparc-II Processor (400.00 MHz CPU) nexus0: nexus0: , type (unknown) (no driver attached) pcib0: on nexus0 pcib0: Psycho, impl 0, version 4, ign 0x7c0, bus B pcib0: [FAST] pcib0: [FAST] pcib0: [FAST] initialializing counter-timer Timecounter "counter-timer" frequency 1000000 Hz quality 0 DVMA map: 0xfc00= 0000 to 0xffffffff pci0: on pcib0 ebus0: revision 0x01 ebus0: mem 0x71000000-0x717fffff,0x70000000-0x70ffffff a= t device 1.0 on pci0 ebus0: addr 0x140072f000-0x140072f003,0x140072c000-0x140072c003,0x1= 40072a000-0x140072a003,0x1400728000-0x1400728003,0x1400726000-0x1400726003 = (no driver attached) ebus0: addr 0x1400724000-0x1400724003 (no driver attached) ebus0: addr 0x1400504000-0x1400504002 (no driver attached) ebus0: addr 0x1400500000-0x1400500007 (no driver attached) sab0: addr 0x1400400000-0x140040007f irq 43 on ebu= s0 sab0: [FAST] sabtty0: on sab0 sabtty1: on sab0 sab1: addr 0x1400200000-0x140020007f irq 35 on ebu= s0 sab1: [FAST] sabtty2: on sab1 sabtty3: on sab1 ebus0: addr 0x14003083f8-0x14003083ff irq 41 (no driver attached) ebus0: addr 0x14003062f8-0x14003062ff irq 33 (no driver attached) ebus0: addr 0x1400700000-0x140070000f,0x1400300398-0x1400300399,0x14= 003043bc-0x14003043cb irq 33 (no driver attached) ebus0: addr 0x1400720000-0x1400720003,0x1400706000-0x140070600f,0= x14003023f0-0x14003023f7 irq 39 (no driver attached) eeprom0: addr 0x1400000000-0x1400001fff on ebus0 eeprom0: model mk48t59 eeprom0: hostid 80e68af0 ebus0: addr 0x1000000000-0x10000fffff,0x1000000000-0x10000fffff= (no driver attached) ebus0: addr 0x1400600000-0x1400600003 irq 37,40 (no drive= r attached) hme0: mem 0x8000-0xffff at device 1.1 on pci0 hme0: Ethernet address: 08:00:20:e6:8a:f0 miibus0: on hme0 nsphy0: on miibus0 nsphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sym0: <875> port 0x400-0x4ff mem 0x12000-0x12fff,0x10000-0x100ff at device = 3.0 on pci0 sym0: No NVRAM, ID 7, Fast-20, SE, parity checking sym1: <875> port 0x800-0x8ff mem 0x16000-0x16fff,0x14000-0x140ff at device = 3.1 on pci0 sym1: No NVRAM, ID 7, Fast-20, SE, parity checking pcib1: on nexus0 pcib1: Psycho, impl 0, version 4, ign 0x7c0, bus A pci1: on pcib1 pci1: at device 1.0 (no driver attached) nexus0: , type system-service-processor (no driver attached) nexus0: , type memory-controller (no driver attached) Timecounters tick= every 10.000 msec Waiting 15 seconds for SCSI devices to settle GEOM: create disk da0 dp=3D0xfffff80000940c68 GEOM: create disk da1 dp=3D0xfffff800007f4068 GEOM: create disk da2 dp=3D0xfffff800007f5068 GEOM: create disk da3 dp=3D0xfffff80000940868 GEOM: create disk da4 dp=3D0xfffff800007f2068 GEOM: create disk da5 dp=3D0xfffff800007abc68 GEOM: create disk cd0 dp=3D0xfffff80000864698 da0 at sym0 bus 0 target 0 lu= n 0 da0: Fixed Direct Access SCSI-3 device da0: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da0: 17274MB (35378533 512 byte sectors: 255H 63S/T 2202C) da1 at sym0 bus 0 target 8 lun 0 da1: Fixed Direct Access SCSI-3 device da1: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da1: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da2 at sym0 bus 0 target 9 lun 0 da2: Fixed Direct Access SCSI-3 device da2: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da2: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da3 at sym0 bus 0 target 10 lun 0 da3: Fixed Direct Access SCSI-3 device da3: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da3: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) cd0 at sym0 bus = 0 target 6 lun 0 cd0: Removable CD-ROM SCSI-2 device cd0: 10.000MB/s transfers (10.000MHz, offset 16) cd0: Attempt to query device size failed: NOT READY, Medium not present da4 at sym0 bus 0 target 11 lun 0 da4: Fixed Direct Access SCSI-3 device da4: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da4: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da5 at sym0 bus 0 target 12 lun 0 da5: Fixed Direct Access SCSI-3 device da5: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da5: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) Mounting root fr= om ufs:/dev/da0a WARNING: / was not properly dismounted WARNING: /tmp was not properly dismounted WARNING: /usr was not properly dismounted WARNING: /var was not properly dismounted /var: superblock summary recomputed hme0: invalid packet size 8422; dropping hme0: invalid packet size 7; dropping hme0: invalid packet size 7; dropping hme0: invalid packet size 7; dropping hme0: invalid packet size 7; dropping hme0: too may errors; not reporting any more Waiting (max 60 seconds) for s= ystem process `vnlru' to stop...stopped Waiting (max 60 seconds) for system= process `bufdaemon' to stop...stopped Waiting (max 60 seconds) for system = process `syncer' to stop...stopped syncing disks, buffers remaining... 1 1 done stray vector interrupt 2029 Copyright (c) 1992-2004 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.2.1-RELEASE-p9 #2: Fri Jul 9 16:14:19 CST 2004 root@Sun.teda.nankai.edu.cn:/usr/obj/usr/src/sys/GENERIC Preloaded elf kernel "/boot/kernel/kernel" at 0xc0454000. Timecounter "tick" frequency 400000000 Hz quality 0 real memory =3D 536870= 912 (512 MB) avail memory =3D 509976576 (486 MB) cpu0: Sun Microsystems UltraSparc-II Processor (400.00 MHz CPU) nexus0: nexus0: , type (unknown) (no driver attached) pcib0: on nexus0 pcib0: Psycho, impl 0, version 4, ign 0x7c0, bus B pcib0: [FAST] pcib0: [FAST] pcib0: [FAST] initialializing counter-timer Timecounter "counter-timer" frequency 1000000 Hz quality 0 DVMA map: 0xfc00= 0000 to 0xffffffff pci0: on pcib0 ebus0: revision 0x01 ebus0: mem 0x71000000-0x717fffff,0x70000000-0x70ffffff a= t device 1.0 on pci0 ebus0: addr 0x140072f000-0x140072f003,0x140072c000-0x140072c003,0x1= 40072a000-0x140072a003,0x1400728000-0x1400728003,0x1400726000-0x1400726003 = (no driver attached) ebus0: addr 0x1400724000-0x1400724003 (no driver attached) ebus0: addr 0x1400504000-0x1400504002 (no driver attached) ebus0: addr 0x1400500000-0x1400500007 (no driver attached) sab0: addr 0x1400400000-0x140040007f irq 43 on ebu= s0 sab0: [FAST] sabtty0: on sab0 sabtty1: on sab0 sab1: addr 0x1400200000-0x140020007f irq 35 on ebu= s0 sab1: [FAST] sabtty2: on sab1 sabtty3: on sab1 ebus0: addr 0x14003083f8-0x14003083ff irq 41 (no driver attached) ebus0: addr 0x14003062f8-0x14003062ff irq 33 (no driver attached) ebus0: addr 0x1400700000-0x140070000f,0x1400300398-0x1400300399,0x14= 003043bc-0x14003043cb irq 33 (no driver attached) ebus0: addr 0x1400720000-0x1400720003,0x1400706000-0x140070600f,0= x14003023f0-0x14003023f7 irq 39 (no driver attached) eeprom0: addr 0x1400000000-0x1400001fff on ebus0 eeprom0: model mk48t59 eeprom0: hostid 80e68af0 ebus0: addr 0x1000000000-0x10000fffff,0x1000000000-0x10000fffff= (no driver attached) ebus0: addr 0x1400600000-0x1400600003 irq 37,40 (no drive= r attached) hme0: mem 0x8000-0xffff at device 1.1 on pci0 hme0: Ethernet address: 08:00:20:e6:8a:f0 miibus0: on hme0 nsphy0: on miibus0 nsphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sym0: <875> port 0x400-0x4ff mem 0x12000-0x12fff,0x10000-0x100ff at device = 3.0 on pci0 sym0: No NVRAM, ID 7, Fast-20, SE, parity checking sym1: <875> port 0x800-0x8ff mem 0x16000-0x16fff,0x14000-0x140ff at device = 3.1 on pci0 sym1: No NVRAM, ID 7, Fast-20, SE, parity checking pcib1: on nexus0 pcib1: Psycho, impl 0, version 4, ign 0x7c0, bus A pci1: on pcib1 pci1: at device 1.0 (no driver attached) nexus0: , type system-service-processor (no driver attached) nexus0: , type memory-controller (no driver attached) Timecounters tick= every 10.000 msec Waiting 15 seconds for SCSI devices to settle GEOM: create disk da0 dp=3D0xfffff800007f3868 GEOM: create disk da1 dp=3D0xfffff80000940868 GEOM: create disk da2 dp=3D0xfffff80000940c68 GEOM: create disk da3 dp=3D0xfffff800007ab068 GEOM: create disk da4 dp=3D0xfffff800007ab468 GEOM: create disk da5 dp=3D0xfffff800008fbc68 GEOM: create disk cd0 dp=3D0xfffff80000864698 da0 at sym0 bus 0 target 0 lu= n 0 da0: Fixed Direct Access SCSI-3 device da0: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da0: 17274MB (35378533 512 byte sectors: 255H 63S/T 2202C) da1 at sym0 bus 0 target 8 lun 0 da1: Fixed Direct Access SCSI-3 device da1: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da1: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da2 at sym0 bus 0 target 9 lun 0 da2: Fixed Direct Access SCSI-3 device da2: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da2: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da3 at sym0 bus 0 target 10 lun 0 da3: Fixed Direct Access SCSI-3 device da3: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da3: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da4 at sym0 bus 0 target 11 lun 0 da4: Fixed Direct Access SCSI-3 device da4: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da4: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da5 at sym0 bus 0 target 12 lun 0 da5: Fixed Direct Access SCSI-3 device da5: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da5: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) cd0 at sym0 bus = 0 target 6 lun 0 cd0: Removable CD-ROM SCSI-2 device cd0: 10.000MB/s transfers (10.000MHz, offset 16) cd0: Attempt to query device size failed: NOT READY, Medium not present Mou= nting root from ufs:/dev/da0a Waiting (max 60 seconds) for system process `= vnlru' to stop...stopped Waiting (max 60 seconds) for system process `bufda= emon' to stop...stopped Waiting (max 60 seconds) for system process `syncer= ' to stop...stopped syncing disks, buffers remaining... 26 26 17 17 done Costray vector interru= pt 2029 pyright (c) 1992-2004 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.2.1-RELEASE-p9 #2: Fri Jul 9 16:14:19 CST 2004 root@Sun.teda.nankai.edu.cn:/usr/obj/usr/src/sys/GENERIC Preloaded elf kernel "/boot/kernel/kernel" at 0xc0454000. Timecounter "tick" frequency 400000000 Hz quality 0 real memory =3D 536870= 912 (512 MB) avail memory =3D 509976576 (486 MB) cpu0: Sun Microsystems UltraSparc-II Processor (400.00 MHz CPU) nexus0: nexus0: , type (unknown) (no driver attached) pcib0: on nexus0 pcib0: Psycho, impl 0, version 4, ign 0x7c0, bus B pcib0: [FAST] pcib0: [FAST] pcib0: [FAST] initialializing counter-timer Timecounter "counter-timer" frequency 1000000 Hz quality 0 DVMA map: 0xfc00= 0000 to 0xffffffff pci0: on pcib0 ebus0: revision 0x01 ebus0: mem 0x71000000-0x717fffff,0x70000000-0x70ffffff a= t device 1.0 on pci0 ebus0: addr 0x140072f000-0x140072f003,0x140072c000-0x140072c003,0x1= 40072a000-0x140072a003,0x1400728000-0x1400728003,0x1400726000-0x1400726003 = (no driver attached) ebus0: addr 0x1400724000-0x1400724003 (no driver attached) ebus0: addr 0x1400504000-0x1400504002 (no driver attached) ebus0: addr 0x1400500000-0x1400500007 (no driver attached) sab0: addr 0x1400400000-0x140040007f irq 43 on ebu= s0 sab0: [FAST] sabtty0: on sab0 sabtty1: on sab0 sab1: addr 0x1400200000-0x140020007f irq 35 on ebu= s0 sab1: [FAST] sabtty2: on sab1 sabtty3: on sab1 ebus0: addr 0x14003083f8-0x14003083ff irq 41 (no driver attached) ebus0: addr 0x14003062f8-0x14003062ff irq 33 (no driver attached) ebus0: addr 0x1400700000-0x140070000f,0x1400300398-0x1400300399,0x14= 003043bc-0x14003043cb irq 33 (no driver attached) ebus0: addr 0x1400720000-0x1400720003,0x1400706000-0x140070600f,0= x14003023f0-0x14003023f7 irq 39 (no driver attached) eeprom0: addr 0x1400000000-0x1400001fff on ebus0 eeprom0: model mk48t59 eeprom0: hostid 80e68af0 ebus0: addr 0x1000000000-0x10000fffff,0x1000000000-0x10000fffff= (no driver attached) ebus0: addr 0x1400600000-0x1400600003 irq 37,40 (no drive= r attached) hme0: mem 0x8000-0xffff at device 1.1 on pci0 hme0: Ethernet address: 08:00:20:e6:8a:f0 miibus0: on hme0 nsphy0: on miibus0 nsphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sym0: <875> port 0x400-0x4ff mem 0x12000-0x12fff,0x10000-0x100ff at device = 3.0 on pci0 sym0: No NVRAM, ID 7, Fast-20, SE, parity checking sym1: <875> port 0x800-0x8ff mem 0x16000-0x16fff,0x14000-0x140ff at device = 3.1 on pci0 sym1: No NVRAM, ID 7, Fast-20, SE, parity checking pcib1: on nexus0 pcib1: Psycho, impl 0, version 4, ign 0x7c0, bus A pci1: on pcib1 pci1: at device 1.0 (no driver attached) nexus0: , type system-service-processor (no driver attached) nexus0: , type memory-controller (no driver attached) Timecounters tick= every 10.000 msec Waiting 15 seconds for SCSI devices to settle GEOM: create disk da0 dp=3D0xfffff800007f3868 GEOM: create disk da1 dp=3D0xfffff80000940868 GEOM: create disk da2 dp=3D0xfffff80000940c68 GEOM: create disk da3 dp=3D0xfffff800007ab068 GEOM: create disk da4 dp=3D0xfffff800007ab468 GEOM: create disk da5 dp=3D0xfffff800008fbc68 gEOM: create disk cd0 dp=3D0xfffff80000864698 da0 at sym0 bus 0 target 0 lu= n 0 da0: Fixed Direct Access SCSI-3 device da0: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da0: 17274MB (35378533 512 byte sectors: 255H 63S/T 2202C) da1 at sym0 bus 0 target 8 lun 0 da1: Fixed Direct Access SCSI-3 device da1: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da1: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da2 at sym0 bus 0 target 9 lun 0 da2: Fixed Direct Access SCSI-3 device da2: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da2: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da3 at sym0 bus 0 target 10 lun 0 da3: Fixed Direct Access SCSI-3 device da3: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da3: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da4 at sym0 bus 0 target 11 lun 0 da4: Fixed Direct Access SCSI-3 device da4: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da4: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) da5 at sym0 bus 0 target 12 lun 0 da5: Fixed Direct Access SCSI-3 device da5: 40.000MB/s transfers (20.000MHz, offset 16, 16bit), Tagged Queueing En= abled da5: 35003MB (71687372 512 byte sectors: 255H 63S/T 4462C) cd0 at sym0 bus = 0 target 6 lun 0 cd0: Removable CD-ROM SCSI-2 device cd0: 10.000MB/s transfers (10.000MHz, offset 16) cd0: Attempt to query device size failed: NOT READY, Medium not present Mou= nting root from ufs:/dev/da0a /root# ifconfig hme0: flags=3D8843 mtu 1500 inet 10.10.99.135 netmask 0xffffff00 broadcast 10.10.99.255 inet6 fe80::a00:20ff:fee6:8af0%hme0 prefixlen 64 scopeid 0x1 ether 08:00:20:e6:8a:f0 media: Ethernet autoselect (100baseTX) status: active lo0: flags=3D8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 /root# pkg_info autoconf-2.53_1 Automatically configure source code on many Un*x platfo= rms automake-1.5,1 GNU Standards-compliant Makefile generator cvsup-without-gui-16.1h General network file distribution system optimized = for CVS expat-1.95.7 XML 1.0 parser written in C ezm3-1.1_2 Easier, more portable Modula-3 distribution for buildin= g CV gettext-0.13.1_1 GNU gettext package gmake-3.80_2 GNU version of 'make' utility help2man-1.33.1 Automatically generating simple manual pages from progr= am o libiconv-1.9.2 A character set conversion library libtool-1.3.5_2 Generic shared library support script (version 1.3) libtool-1.5.6_1 Generic shared library support script (version 1.5) m4-1.4_1 GNU m4 p5-gettext-1.01_4 Message handling functions perl-5.6.1_15 Practical Extraction and Report Language portupgrade-20040701_2 FreeBSD ports/packages administration and management= tool s ruby-1.8.1.2004.05.02 An object-oriented interpreted scripting language ruby18-bdb1-0.2.2 Ruby interface to Berkeley DB revision 1.8x with full f= eatu /usr/local/etc/rc.d# more pure-ftpd.sh #!/bin/sh case "$1" in start) /usr/local/sbin/pure-ftpd -0 -1 -4 -A -B -C 3 -E -f ftp -H -i -k 90= -l puredb:/etc/pureftpd.pdb -r -R -S ,21 -U 022:022 -X -Z ;; stop) [ -r /etc/pure-ftpd.pid ] && \ kill `cat /etc/pure-ftpd.pid` > /dev/null && \ echo -n ' pure-ftp' ;; *) echo "Usage: `basename $0` {start|stop}" >&2 ;; esac exit 0 Cheers, --=20 Xin LI http://www.delphij.net/ See complete headers for GPG key and other information. --Kj7319i9nmIyA2yE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFA8nBMOfuToMruuMARAtXpAJwJRx7vNqMpJuD4erHBVf/iRnklNQCfXEWN tKZ0a4vpjaPxU+Wr9sYElbg= =pi67 -----END PGP SIGNATURE----- --Kj7319i9nmIyA2yE-- From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 15:44:42 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7A2D316A4CE for ; Mon, 12 Jul 2004 15:44:42 +0000 (GMT) Received: from ls413.htnet.hr (ls413.htnet.hr [195.29.150.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4538743D45 for ; Mon, 12 Jul 2004 15:44:41 +0000 (GMT) (envelope-from lycanthrope@post.htnet.hr) Received: from ls413.htnet.hr (localhost.localdomain [127.0.0.1]) by ls413.htnet.hr (0.0.0/8.12.10) with ESMTP id i6CFidmn014276 for ; Mon, 12 Jul 2004 17:44:39 +0200 Received: from jkhahhytncost7 (194-152-215-232.adsl.net.htnet.hr [194.152.215.232]) by ls413.htnet.hr (0.0.0/8.12.10) with SMTP id i6CFido1014272 for ; Mon, 12 Jul 2004 17:44:39 +0200 Message-ID: <001501c46826$ea0f1740$1205a8c0@jkhahhytncost7> From: "lycanthrope" To: Date: Mon, 12 Jul 2004 17:43:01 +0200 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4922.1500 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4939.300 X-Trace: ls413.htnet.hr 1089647079 993 194.152.215.232 (Mon, 12 Jul 2004 17:44:39 +0200) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: QoS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 15:44:42 -0000 hello how to setup QoS on FreeBSD 5.2CURRENT? all I need is to split the = outgoing adsl connection to 5 users on LAN thanks! From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 15:55:02 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 749D416A4CE for ; Mon, 12 Jul 2004 15:55:02 +0000 (GMT) Received: from bells.cs.ucl.ac.uk (bells.cs.ucl.ac.uk [128.16.5.31]) by mx1.FreeBSD.org (Postfix) with SMTP id B858043D5F for ; Mon, 12 Jul 2004 15:55:01 +0000 (GMT) (envelope-from y.huang@cs.ucl.ac.uk) Received: from eucharisto.cs.ucl.ac.uk by bells.cs.ucl.ac.uk with local SMTP id ; Mon, 12 Jul 2004 16:54:39 +0100 Message-ID: <40F2B43C.7060100@cs.ucl.ac.uk> Date: Mon, 12 Jul 2004 16:54:36 +0100 From: Yangcheng HUANG Organization: UCL User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.1) Gecko/20020827 X-Accept-Language: en-us, en, zh-cn MIME-Version: 1.0 To: lycanthrope References: <001501c46826$ea0f1740$1205a8c0@jkhahhytncost7> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net Subject: Re: QoS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: y.huang@cs.ucl.ac.uk List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 15:55:02 -0000 Try Mii-tools. It may work with some nics to allocate bandwidth. > hello > how to setup QoS on FreeBSD 5.2CURRENT? all I need is to split the outgoing adsl connection to 5 users on LAN > > thanks! > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 16:01:34 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0AA7816A4CE for ; Mon, 12 Jul 2004 16:01:34 +0000 (GMT) Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 45C6A43D2F for ; Mon, 12 Jul 2004 16:01:33 +0000 (GMT) (envelope-from rik@cronyx.ru) Received: (from root@localhost) by hanoi.cronyx.ru id i6CFuNbX050902 for freebsd-net@freebsd.org.checked; (8.12.8/vak/2.1) Mon, 12 Jul 2004 19:56:23 +0400 (MSD) (envelope-from rik@cronyx.ru) Received: from cronyx.ru (hi.cronyx.ru [144.206.181.94]) by hanoi.cronyx.ru with ESMTP id i6CFqr7E050476; (8.12.8/vak/2.1) Mon, 12 Jul 2004 19:52:53 +0400 (MSD) (envelope-from rik@cronyx.ru) Message-ID: <40F2B3D0.8090308@cronyx.ru> Date: Mon, 12 Jul 2004 19:52:48 +0400 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6b) Gecko/20031208 X-Accept-Language: en-us, en MIME-Version: 1.0 To: lycanthrope References: <001501c46826$ea0f1740$1205a8c0@jkhahhytncost7> In-Reply-To: <001501c46826$ea0f1740$1205a8c0@jkhahhytncost7> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: QoS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 16:01:34 -0000 Hi, man ipfw I think pipes is what you need. rik lycanthrope wrote: >hello >how to setup QoS on FreeBSD 5.2CURRENT? all I need is to split the outgoing adsl connection to 5 users on LAN > >thanks! >_______________________________________________ >freebsd-net@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-net >To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > > From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 16:02:30 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4826E16A4CE for ; Mon, 12 Jul 2004 16:02:30 +0000 (GMT) Received: from ls413.htnet.hr (ls413.htnet.hr [195.29.150.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id A860543D31 for ; Mon, 12 Jul 2004 16:02:29 +0000 (GMT) (envelope-from lycanthrope@post.htnet.hr) Received: from ls413.htnet.hr (localhost.localdomain [127.0.0.1]) by ls413.htnet.hr (0.0.0/8.12.10) with ESMTP id i6CG2Smn022404 for ; Mon, 12 Jul 2004 18:02:28 +0200 Received: from jkhahhytncost7 (194-152-215-232.adsl.net.htnet.hr [194.152.215.232]) by ls413.htnet.hr (0.0.0/8.12.10) with SMTP id i6CG2So1022402; Mon, 12 Jul 2004 18:02:28 +0200 Message-ID: <002801c46829$6748d230$1205a8c0@jkhahhytncost7> From: "lycanthrope" To: "lycanthrope" , References: <001501c46826$ea0f1740$1205a8c0@jkhahhytncost7> Date: Mon, 12 Jul 2004 18:00:50 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4922.1500 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4939.300 X-Trace: ls413.htnet.hr 1089648148 993 194.152.215.232 (Mon, 12 Jul 2004 18:02:28 +0200) Subject: Re: QoS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 16:02:30 -0000 ----- Original Message ----- From: "lycanthrope" To: Sent: Monday, July 12, 2004 5:43 PM Subject: QoS > hello > how to setup QoS on FreeBSD 5.2CURRENT? all I need is to split the outgoing adsl connection to 5 users on LAN I forgot some details. I want i to be dynamic. that is, 1 user, 100% usage, 2 users 50-50 etc. I see that ipfw2 has RED included,and that RED can do this, but I really can't seem to make it work I tried: ipfw add pipe 1 ip from any to 192.168.2.0/24 ipfw add queue 1 ip from any to 192.168.2.0/24 ipfw queue 1 config weight 5 pipe 1 mask dst-ip 0x000000ff ipfw pipe1 config bw 360Kbit/s ipfw add pipe 2 ip from 192.168.2.0/24 to any ipfw add queue 2 ip from 192.168.2.0/24 to any ipfw queue 2 config weight 4 pipe 2 mask dst-ip 0x000000ff ipfw pipe 2 config bw 360Kbit/s full speed of adsl is 384Kbit. what am I missing/doing wrong? AFAIK what I did should split connection dinamically for any 2.x user connecting to net? or? thanks! From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 20:00:06 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7F75716A4CE for ; Mon, 12 Jul 2004 20:00:06 +0000 (GMT) Received: from mxsf21.cluster1.charter.net (mxsf21.cluster1.charter.net [209.225.28.221]) by mx1.FreeBSD.org (Postfix) with ESMTP id F41C843D1F for ; Mon, 12 Jul 2004 20:00:05 +0000 (GMT) (envelope-from archie@dellroad.org) Received: from mxip10.cluster1.charter.net (mxip10a.cluster1.charter.net [209.225.28.140])i6CK2WL9012068 for ; Mon, 12 Jul 2004 16:02:33 -0400 Received: from cable-24-196-25-11.mtv.al.charter.com (HELO InterJet.dellroad.org) (24.196.25.11) by mxip10.cluster1.charter.net with ESMTP; 12 Jul 2004 16:00:04 -0400 X-Ironport-AV: i="3.81R,161,1083556800"; d="scan'208"; a="113108523:sNHT813513654" Received: from arch20m.dellroad.org ([10.104.180.64]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id OAA36423 for ; Mon, 12 Jul 2004 14:56:35 -0500 (CDT) Received: from arch20m.dellroad.org (localhost [127.0.0.1]) by arch20m.dellroad.org (8.12.9p2/8.12.9) with ESMTP id i6CJuX0a002133 for ; Mon, 12 Jul 2004 14:56:33 -0500 (CDT) (envelope-from archie@arch20m.dellroad.org) Received: (from archie@localhost) by arch20m.dellroad.org (8.12.9p2/8.12.9/Submit) id i6CJuXaH002132 for freebsd-net@FreeBSD.ORG; Mon, 12 Jul 2004 14:56:33 -0500 (CDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200407121956.i6CJuXaH002132@arch20m.dellroad.org> In-Reply-To: <200406032137.i53LbYPa012978@arch20m.dellroad.org> To: freebsd-net@freebsd.org Date: Mon, 12 Jul 2004 14:56:33 -0500 (CDT) X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Subject: Re: L2TP library now available X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 20:00:06 -0000 Archie Cobbs wrote: > For those interested in an L2TP implementation... good news & bad news :-) > > The good news is that the "libpdel" library (port devel/libpdel) > now includes a PPP library with L2TP server support. MANY THANKS > to Vernier Networks, Inc. for agreeing to open source this code. > This is a netgraph based PPP library. > > The bad news is that this code is a library, not a server, so you > can't use it as an L2TP server yet. However, it is written to do > everything except for the "policy decisions" (i.e., all of the hard > work) and there is a simple proof-of-concept test L2TP server program > for one remote client that can serve as sample code. > > The next step (if folks are interested) is to use this code as the > basis for writing a working L2TP server. Hopefully others will be > able to contribute since I'm too busy to do it all myself. Update on this.. there is now a simple L2TP server implementation based on this code checked in as port "net/sl2tps". Any feedback appreciated. -Archie __________________________________________________________________________ Archie Cobbs * CTO, Awarix * http://www.awarix.com From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 21:32:19 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C258A16A4DC for ; Mon, 12 Jul 2004 21:32:19 +0000 (GMT) Received: from fever.boogie.com (cpe-66-87-52-132.co.sprintbbd.net [66.87.52.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5365C43D2D for ; Mon, 12 Jul 2004 21:32:19 +0000 (GMT) (envelope-from durian@boogie.com) Received: from man.boogie.com (man.boogie.com [192.168.1.3]) by fever.boogie.com (8.12.11/8.12.11) with ESMTP id i6CLWIeG000847 for ; Mon, 12 Jul 2004 15:32:18 -0600 (MDT) (envelope-from durian@boogie.com) From: Mike Durian To: freebsd-net@freebsd.org Date: Mon, 12 Jul 2004 15:32:18 -0600 User-Agent: KMail/1.6.2 References: <200406091423.31355.durian@boogie.com> In-Reply-To: <200406091423.31355.durian@boogie.com> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200407121532.18503.durian@boogie.com> Subject: Re: Racoon breakage with recent kernel X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 21:32:19 -0000 On Wednesday 09 June 2004 02:23 pm, Mike Durian wrote: > Sometime between Feb 9 and June 9 something changed in the kernel > that causes racoon to fail. I'm afraid I don't have a verbatim > error message handy, but my notes (from running racoon with debugging > enabled, in the foreground) say the error was in pk_sendupdate > and the errno was, ENOBUFS. > > I believe this message is reporting the same problem I'm seeing: > > http://groups.google.com/groups?q=racoon+%22No+buffer+space+available%22&hl >=en&lr=&ie=UTF-8&selm=20040606025301.GB41345%40mehnert.org&rnum=1 > > Does anybody know what is going on? This is just a follow-up to say the problem still exists in a -current system I built from source yesterday (7/11/04). Does anyone know what's going on? And to clarify, the URL listed above does show the same problem I'm seeing. Thanks, mike From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 23:06:46 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D57C016A4CE for ; Mon, 12 Jul 2004 23:06:46 +0000 (GMT) Received: from ls413.htnet.hr (ls413.htnet.hr [195.29.150.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id CB09543D58 for ; Mon, 12 Jul 2004 23:06:45 +0000 (GMT) (envelope-from lycanthrope@post.htnet.hr) Received: from ls413.htnet.hr (localhost.localdomain [127.0.0.1]) by ls413.htnet.hr (0.0.0/8.12.10) with ESMTP id i6CN6imp025349 for ; Tue, 13 Jul 2004 01:06:44 +0200 Received: from jkhahhytncost7 (194-152-215-232.adsl.net.htnet.hr [194.152.215.232]) by ls413.htnet.hr (0.0.0/8.12.10) with SMTP id i6CN6ho1025345; Tue, 13 Jul 2004 01:06:43 +0200 Message-ID: <000d01c46864$ac9a7b00$1205a8c0@jkhahhytncost7> From: "lycanthrope" To: "Roman Kurakin" References: <001501c46826$ea0f1740$1205a8c0@jkhahhytncost7> <40F2B3D0.8090308@cronyx.ru> Date: Tue, 13 Jul 2004 01:05:06 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4922.1500 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4939.300 X-Trace: ls413.htnet.hr 1089673604 993 194.152.215.232 (Tue, 13 Jul 2004 01:06:44 +0200) cc: freebsd-net@freebsd.org Subject: Re: QoS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 23:06:46 -0000 hello I made use of pipes,dummynet and queues. now,I would like someone to tell me how to improve my rules: I want priority like this: news&smtp, http, the rest can you tell me whether this rules are ok? what to improve, change? thank you! RULES: #ADSL is max 384/64 ipfw pipe 1 config bw 350kbits/s ipfw pipe 2 config bw 60kbits/s #news ipfw queue 1 config pipe 1 weight 15 #smtp ipfw queue 2 config pipe 1 weight 15 #http ipfw queue 3 config pipe 1 weight 8 #the rest ipfw queue 4 config pipe 1 weight 3 #OUTGOING traffic ipfw queue 5 config pipe 2 weight 15 ipfw queue 6 config pipe 2 weight 7 #outgoing ipfw add 10 queue 5 icmp from 192.168.2.0/24 to any out xmit via tun0 ipfw add 20 queue 6 ip from 192.168.2.0/24 to any out xmit via tun0 ipfw add 30 queue 5 icmp from 192.168.5.18/32 to any out xmit via tun0 ipfw add 40 queue 6 ip from 192.168.5.18/32 to any out xmit via tun0 #incoming to 2.0 subnet (one NIC) ipfw add 100 queue 1 ip from any to 192.168.2.0/24 119 in via tun0 ipfw add 110 queue 2 ip from any to 192.168.2.0/24 25 in via tun0 ipfw add 120 queue 3 ip from any to 192.168.2.0/24 80 in via tun0 ipfw add 130 queue 4 ip from any to 192.168.2.0/24 in via tun0 #incoming to only one machine on another subnet (other NIC) ipfw add 200 queue 1 ip from any to 192.168.5.18/32 119 in via tun0 ipfw add 210 queue 2 ip from any to 192.168.5.18/32 25 in via tun0 ipfw add 220 queue 3 ip from any to 192.168.5.18/32 80 in via tun0 ipfw add 230 queue 4 ip from any to 192.168.5.18/32 in via tun0 ----- Original Message ----- From: "Roman Kurakin" To: "lycanthrope" Cc: Sent: Monday, July 12, 2004 5:52 PM Subject: Re: QoS > Hi, > > man ipfw > I think pipes is what you need. From owner-freebsd-net@FreeBSD.ORG Mon Jul 12 23:47:54 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC1CC16A4CE for ; Mon, 12 Jul 2004 23:47:54 +0000 (GMT) Received: from web52505.mail.yahoo.com (web52505.mail.yahoo.com [206.190.39.126]) by mx1.FreeBSD.org (Postfix) with SMTP id 6B61E43D3F for ; Mon, 12 Jul 2004 23:47:54 +0000 (GMT) (envelope-from freebsder51@yahoo.com) Message-ID: <20040712234753.86645.qmail@web52505.mail.yahoo.com> Received: from [67.69.63.82] by web52505.mail.yahoo.com via HTTP; Mon, 12 Jul 2004 16:47:53 PDT Date: Mon, 12 Jul 2004 16:47:53 -0700 (PDT) From: freebsder To: freebsd-questions@freebsd.org, freebsd-newbies@freebsd.org, freebsd-net@freebsd.org, freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Freebsd 5.1 <-> Win XP Networking problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2004 23:47:54 -0000 I have a Freebsd 5.1 box connected to the internet. It works. But I am now trying to network two other Win XP machines as per the following network hierarchy: <><><> Setup <><><> ISP-> DSL Modem -> FreeBSD box : 1) "vr0" 192.168.0.1 [Gateway machine address] 2) "ed0" 192.168.0.3 [Internal Network address] connects to:-> 4- port HUB -> 1)WinXP machine #1 192.168.0.2 2)Freebsd Box 192.168.0.3 3)WinXP machine #2 192.168.0.4 <><><> Problem: <><><> I cannot communicate to the Internet from WinXP #2 (Have not tried to config WinXP #1 yet). <><><> Browser Config <><><> IE Brower Settings for WinXP #2 {Tools>Internet Options>Connections>) -I set the browser so that it never dials a connection because it is suppose to be networked right? - in the LAN Settings option, I set the Proxyserver option with the address of the gateway of 192.168.0.1 with Port 80 <><><> Dialouge <><><> >From Freebsd Machine # ping 192.168.0.4 PING 192.168.0.4 (192.168.0.4): 56 data bytes ping: sendto: Host is down ping: sendto: Host is down -at one point I was able to ping the freebsd machine from WinXP #2 but then for some reason, I made a change and cannot ping anymore... <><><> RC.CONF <><><> My rc.conf file looks like this: font8x14="NO" font8x16="swiss-8x16" font8x8="swiss-8x8" inetd_enable="YES" linux_enable="YES" moused_enable="YES" moused_port="/dev/psm0" moused_type="auto" nfs_client_enable="YES" nfs_server_enable="YES" rpcbind_enable="YES" saver="rain" scrnmap="NO" usbd_enable="YES" ifconfig_vr0="DHCP" ifconfig_ed0="DHCP" ##initialise NIC network_interfaces="vr0 ed0 lo0 tun0" ifconfig tun0 ifconfig vr0= "media 10baseT/UTP up" ifconfig_ed0="inet 192.168.0.3 netmask 255.255.0.0" ifconfig_vr0="inet 192.168.0.1 netmask 255.255.0.0" hostname="myserver" ##User ppp configuration ppp_enable="YES" ppp_mode="ddial" ppp_nat="NO" ppp_profile="bellnet" #ppp_user="root" ## Firewall gateway_enable="YES" firewall_enable="YES" firewall_type="OPEN" #firewall_quiet="NO" firewall_script="/etc/rc/firewall" natd_enable="YES" natd_interface="vr0" natd_flags="redirect_port tcp 192.168.0.3:80 80" rpc_statd_enable="YES" tcp_extensions="YES" ## Mail sendmail_enable="YES" <><><><><><><> HELP! Thanks in advance. __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 06:55:08 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8749516A50C for ; Tue, 13 Jul 2004 06:55:08 +0000 (GMT) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id C712D43D3F for ; Tue, 13 Jul 2004 06:55:07 +0000 (GMT) (envelope-from glebius@cell.sick.ru) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.9/8.12.8) with ESMTP id i6D6t4MO013731 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Jul 2004 10:55:05 +0400 (MSD) (envelope-from glebius@cell.sick.ru) Received: (from glebius@localhost) by cell.sick.ru (8.12.9/8.12.6/Submit) id i6D6t06m013722; Tue, 13 Jul 2004 10:55:00 +0400 (MSD) Date: Tue, 13 Jul 2004 10:54:59 +0400 From: Gleb Smirnoff To: Yohan Message-ID: <20040713065459.GA13540@cell.sick.ru> Mail-Followup-To: Gleb Smirnoff , Yohan , freebsd-net@freebsd.org References: <20040710202429.GA99773@cell.sick.ru> <20040712095536.43089.qmail@web60802.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20040712095536.43089.qmail@web60802.mail.yahoo.com> User-Agent: Mutt/1.5.6i cc: freebsd-net@freebsd.org Subject: Re: PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 06:55:08 -0000 On Mon, Jul 12, 2004 at 02:55:36AM -0700, Yohan wrote: Y> gleb, Y> Y> on your advice im trying mpd istead of ppp. i seem to Y> have problems of a different kind with mpd. mpd now Y> connects ONLY after i run ppp .. i think .. else i get Y> the following in the mpd.log Please check that ng_ether.ko/ng_pppoe.ko are loaded before you start mpd. You can check this with kldstat. ppp(8) loads them automatically. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 07:57:10 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CAEA416A4CE for ; Tue, 13 Jul 2004 07:57:10 +0000 (GMT) Received: from mail.geek.sh (decoder.geek.sh [196.36.198.81]) by mx1.FreeBSD.org (Postfix) with ESMTP id 30B7B43D1F for ; Tue, 13 Jul 2004 07:57:10 +0000 (GMT) (envelope-from aragon@geek.sh) Received: by mail.geek.sh (Postfix, from userid 1000) id 931C924D13; Tue, 13 Jul 2004 09:57:07 +0200 (SAST) Date: Tue, 13 Jul 2004 09:57:07 +0200 From: Aragon Gouveia To: freebsd-net@freebsd.org Message-ID: <20040713075707.GA5691@phat.za.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i X-Operating-System: FreeBSD 4.8-RELEASE-p1 i386 Subject: mpd PPTP dropped packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 07:57:10 -0000 Hi, I'm having a wierd problem I can't seem to narrow down. I've tried posting to the mpd-users list, but didn't receive a response. Am hoping someone here can help me out. Here's a quick pic of my connectivity layout: Notebook <- ADSL -> VPN server <- Ethernet -> FTP server The notebook is running FreeBSD 5.2.1-RELEASE-p5. The VPN server FreeBSD 4.10-RELEASE. The FTP server FreeBSD 4.7-RELEASE. The notebook is establishing a PPTP link to the VPN server over the ADSL link. Both machines are running mpd 3.18. Here's my config from the notebook: [mpd.conf] home: new home home set iface disable on-demand set iface idle 0 set link no afccomp protocomp set link no pap chap set link accept chap set link keep-alive 10 75 set link mtu 1400 set link mru 1400 set bundle no multilink set ipcp no vjcomp open [mpd.links] home: set link type pptp set pptp peer 196.x.y.z set pptp enable originate outcall The problem I'm having is that (seemingly) random packets are being dropped by the VPN server when performing an FTP download from the FTP server to the notebook. I know this from collecting netstat -s figures off all three machines. According to netstat -s on the VPN server: 624 packets not forwardable And the FTP server: 836 data packets (962621 bytes) retransmitted The packetloss is severe enough to cut throughput in half. At first I thought it was an MTU problem, but now I've found this doesnt seem to be the case. I've installed hping on the FTP server and have tried generating TCP packets with a data size of 1360 (total packet size of 1400) and DF set (the ftp-data packets also have DF set by the way). These packets reach the notebook without problems. When I generate a packet with a data payload of 1361 bytes and DF set, it is dropped and the VPN server emits an ICMP "Fragmentation needed but DF set" back to the FTP server. I've tcpdumped an FTP download as well. My notebook negotiates an MSS of 1360 as it should, and the FTP server complies as it should, but packets are dropped (by the VPN server I presume from netstat -s's output). What's more is that the FTP server receives no ICMP "Fragmentation needed but DF set" from the VPN server, and DF is being set. I'm pretty sure this problem is not an MTU issue. I've taken it one step further and reduced the mtu of ng0 on my notebook after pptp has negotiated and connected. When I run a download again, MSS has been reduced accordingly (and hence total packet size is waaaay below interface MTU on VPN server), but packets are still dropped. I'm stumped. I don't know what else to look at. Can anyone help me please? Thanks, Aragon From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 09:16:39 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C204B16A4CF; Tue, 13 Jul 2004 09:16:39 +0000 (GMT) Received: from FLA1Aac193.oit.mesh.ad.jp (FLA1Aac193.oit.mesh.ad.jp [218.227.156.193]) by mx1.FreeBSD.org (Postfix) with SMTP id 8D29D43D1F; Tue, 13 Jul 2004 09:16:37 +0000 (GMT) (envelope-from RhodaBallarduv@securiton.ch) X-Message-Info: QsYM355bG3FLKlkYT8ToNL758M98PV734h84W Received: from (ude1arabesque@localhost) e89Y6xso78284; Tue, 13 Jul 2004 02:16:37 -0800 X-Authentication-Warning: v53-hiss29.pej3oalv.letsdanceshop.de: vsf783clarity RhodaBallarduv@securiton.ch pcTF9jCzvKki From: "Bell Lakisha" To: net@freebsd.org Date: Tue, 13 Jul 2004 02:16:37 -0800 Message-Id: Content-Transfer-Encoding: 7Bit MIME-Version: 1.0 Content-Type: text/plain; Charset="windows-1252" X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Josefina X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 09:16:39 -0000 Net hodgkin runty verna area carmine disciple ambuscade dunlop banal barberry sportsman length beck [1]Males Flatter Females, Find Out More Here thesis act inviable o'sullivan urea outrageous calvary hey lesson barrette knox cognition boeing buyer swordtail armenia declination pivot schoolmaster debilitate bolo baseline employed masonite impervious unidimensional ultimatum cameroun deposition stage craft convolute box cabaret scapegoat bethlehem getty duncan wonderland secant individualism cram luger cowmen armageddon igor haas twain gryphon synopses creekside palladium aluminate catkin canny soffit copolymer efferent beg countermen carolina sc liberal anticipatory argonne andrew spree duel transposable presidential episcopate murre monitor droopy manservant foolish knuckle wallet wartime maltreat antedate permitting regretful samson gild ostracod adonis inviolable noetherian brunhilde approve infinitive coulter insistent hoe doleful objectify chrysolite limp scrumptious duckling highroad fetch e'er militia opaque amuse obstinate purse brought simplicity skindive armament doorstep hoop hyperb olic velocity spout twa dissonant compel inveigh deferred dowry submersible thornton bainite ruckus troposphere swirly bygone cain saloon decedent inversion alumnae wide from beep balky margo marshmallow emblem chartres splay frances abet whatsoever dewey boathouse abstract abominate century saucy brace skiff echelon cheer ky coefficient remember phenolic chlordane diagram avocet donkey ain't beardsley bugaboo jupiter heroin octopus edge dissuade dysentery b breathy craftsmen placenta caption impractical rosenthal voyage cutthroat satin goldwater banish registry plebian athlete carryover dredge freckle invisible occur particle bolshevik amatory missy basel distinguish sanhedrin penates admitted dnieper angelina kaskaskia bedside crucible vomit charge sofia guiana arsenal pipette composition thornton clown jewish numerate colon vie correspond pest platypus brighton pulp rachmaninoff galloway bewilder eire terse airway imaginary wilful stasis conspirator alva coagulate irrawad dy chronography alpheratz greenberg soma bookmobile garvey ampex arrange beatific ptolemy highhanded retrofitting turquoise domineer cyanamid germanic blackman directorial controversy leavenworth cowpunch sanctimonious wanton debit cube donate impartation baroque cunning bethlehem scrape stew fantasist beowulf your dosage gimbel diane allergy lang agreeing fluoresce abuse sputter efflorescent toast grainy condominium fifth complaisant meanwhile startup hieronymus bella o'er dorado ecstasy galvanism asunder destabilize serenade bremen grady hoagland petersburg star veneer cecropia egotist bat cement spud tattletale hillman caloric lacquer cried chicanery shepard alumna myself compress References 1. http://Syg.nice09r.com/index.php?a=500 From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 10:32:52 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF9CC16A4CE for ; Tue, 13 Jul 2004 10:32:52 +0000 (GMT) Received: from mx3.mra.co.id (mx3.mra.co.id [202.138.254.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C41943D2D for ; Tue, 13 Jul 2004 10:31:16 +0000 (GMT) (envelope-from reza@mra.co.id) Received: from localhost (unknown [127.0.0.1]) by mx3.mra.co.id (Postfix) with ESMTP id 65F272E0ED for ; Tue, 13 Jul 2004 11:30:43 +0700 (WIT) Received: from mx3.mra.co.id ([127.0.0.1]) by localhost (mx3.mra.co.id [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 73396-03 for ; Tue, 13 Jul 2004 11:29:28 +0700 (WIT) Received: from mail.mra.co.id (unknown [172.16.0.25]) by mx3.mra.co.id (Postfix) with ESMTP id 4FE032E090 for ; Tue, 13 Jul 2004 11:26:17 +0700 (WIT) content-class: urn:content-classes:message MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.0.5762.3 Date: Tue, 13 Jul 2004 11:06:44 +0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: natd and ipfw Thread-Index: AcRojwD5FRbqkeN5QE2qc5UpKhOXGw== From: "Mohammad Reza" To: X-Virus-Scanned: by amavisd-new at mra.co.id Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: natd and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 10:32:52 -0000 Dear Lists. =20 I have one question, can nat daemon work with ipfw stateful configuration with check state and setup keep-state. Enlight me please.. =20 Regards reza From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 10:39:51 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5CAEE16A4CE for ; Tue, 13 Jul 2004 10:39:51 +0000 (GMT) Received: from web60805.mail.yahoo.com (web60805.mail.yahoo.com [216.155.196.68]) by mx1.FreeBSD.org (Postfix) with SMTP id E1C0F43D3F for ; Tue, 13 Jul 2004 10:39:50 +0000 (GMT) (envelope-from yohanphilip@yahoo.com) Message-ID: <20040713103950.80590.qmail@web60805.mail.yahoo.com> Received: from [61.3.97.21] by web60805.mail.yahoo.com via HTTP; Tue, 13 Jul 2004 03:39:50 PDT Date: Tue, 13 Jul 2004 03:39:50 -0700 (PDT) From: Yohan To: Gleb Smirnoff , freebsd-net@freebsd.org In-Reply-To: <20040713065459.GA13540@cell.sick.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 10:39:51 -0000 gleb .. both are loaded at boot ... here is the kldstat output .. ng_ppp.ko is shown bcos im using ppp to connect as mpd isnt working. ive done mpd by the book .. but i still get the output i sent you last time .. also could you give me a pointer as to how i could get natd working with mpd ... regards Yo Id Refs Address Size Name 1 10 0xc0100000 30db84 kernel 2 1 0xc1f45000 15000 linux.ko 3 1 0xc1fcf000 3000 ng_socket.ko 4 7 0xc1fd3000 9000 netgraph.ko 5 1 0xc1fe1000 3000 ng_iface.ko 6 1 0xc1fe4000 6000 ng_ppp.ko 7 1 0xc1fed000 4000 ng_bpf.ko 8 1 0xc1ff1000 4000 ng_vjc.ko 9 1 0xc1ff9000 3000 ng_ether.ko 10 1 0xc1ffe000 5000 ng_pppoe.ko --- Gleb Smirnoff wrote: > On Mon, Jul 12, 2004 at 02:55:36AM -0700, Yohan > wrote: > Y> gleb, > Y> > Y> on your advice im trying mpd istead of ppp. i > seem to > Y> have problems of a different kind with mpd. mpd > now > Y> connects ONLY after i run ppp .. i think .. else > i get > Y> the following in the mpd.log > > Please check that ng_ether.ko/ng_pppoe.ko are loaded > before > you start mpd. You can check this with kldstat. > ppp(8) loads > them automatically. > > -- > Totus tuus, Glebius. > GLEBIUS-RIPN GLEB-RIPE > __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 10:44:05 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E5FE216A4CE for ; Tue, 13 Jul 2004 10:44:05 +0000 (GMT) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3160343D39 for ; Tue, 13 Jul 2004 10:44:05 +0000 (GMT) (envelope-from glebius@cell.sick.ru) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.9/8.12.8) with ESMTP id i6DAi3MO059091 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Jul 2004 14:44:03 +0400 (MSD) (envelope-from glebius@cell.sick.ru) Received: (from glebius@localhost) by cell.sick.ru (8.12.11/8.12.11/Submit) id i6DAi3BA059090; Tue, 13 Jul 2004 14:44:03 +0400 (MSD) (envelope-from glebius@cell.sick.ru) Date: Tue, 13 Jul 2004 14:44:02 +0400 From: Gleb Smirnoff To: Yohan Message-ID: <20040713104402.GC52150@cell.sick.ru> Mail-Followup-To: Gleb Smirnoff , Yohan , freebsd-net@freebsd.org References: <20040713065459.GA13540@cell.sick.ru> <20040713103950.80590.qmail@web60805.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20040713103950.80590.qmail@web60805.mail.yahoo.com> User-Agent: Mutt/1.5.6i cc: freebsd-net@freebsd.org Subject: Re: PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 10:44:06 -0000 On Tue, Jul 13, 2004 at 03:39:50AM -0700, Yohan wrote: Y> ive done mpd by the book .. but i still get the output Y> i sent you last time .. also could you give me a Y> pointer as to how i could get natd working with mpd natd on ngX interface works just as on any other kinf of interface. Take a look at /etc/rc.firewall. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 11:54:43 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0D1B716A4CE for ; Tue, 13 Jul 2004 11:54:43 +0000 (GMT) Received: from ls413.htnet.hr (ls413.htnet.hr [195.29.150.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id C647E43D3F for ; Tue, 13 Jul 2004 11:54:41 +0000 (GMT) (envelope-from lycanthrope@post.htnet.hr) Received: from ls413.htnet.hr (localhost.localdomain [127.0.0.1]) by ls413.htnet.hr (0.0.0/8.12.10) with ESMTP id i6DBsemn008003 for ; Tue, 13 Jul 2004 13:54:40 +0200 Received: from jkhahhytncost7 (194-152-215-232.adsl.net.htnet.hr [194.152.215.232]) by ls413.htnet.hr (0.0.0/8.12.10) with SMTP id i6DBsao1007957; Tue, 13 Jul 2004 13:54:38 +0200 Message-ID: <000f01c468cf$ce38bb80$1205a8c0@jkhahhytncost7> From: "lycanthrope" To: "Mohammad Reza" , References: Date: Tue, 13 Jul 2004 13:51:56 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4922.1500 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4939.300 X-Trace: ls413.htnet.hr 1089719680 993 194.152.215.232 (Tue, 13 Jul 2004 13:54:40 +0200) Subject: Re: natd and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 11:54:43 -0000 ----- Original Message ----- From: "Mohammad Reza" To: Sent: Tuesday, July 13, 2004 6:06 AM Subject: natd and ipfw > Dear Lists. > > I have one question, can nat daemon work with ipfw stateful > configuration with check state and setup keep-state. > Enlight me please.. hello I have NAT and ipfw set up on my machine, and using several ipfw rules,and it works perfectly. From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 15:55:48 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DD84516A4CE; Tue, 13 Jul 2004 15:55:48 +0000 (GMT) Received: from corbulon.video-collage.com (corbulon.video-collage.com [64.35.99.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id 514F143D58; Tue, 13 Jul 2004 15:55:48 +0000 (GMT) (envelope-from mi+mx@aldan.algebra.com) Received: from 250-217.customer.cloud9.net (195-11.customer.cloud9.net [168.100.195.11])i6DFtk79001655 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 13 Jul 2004 11:55:47 -0400 (EDT) (envelope-from mi+mx@aldan.algebra.com) Received: from localhost (mteterin@localhost [127.0.0.1]) i6DFtb5O015148; Tue, 13 Jul 2004 11:55:37 -0400 (EDT) (envelope-from mi+mx@aldan.algebra.com) From: Mikhail Teterin Organization: Virtual Estates, Inc. To: questions@FreeBSD.org Date: Tue, 13 Jul 2004 11:55:36 -0400 User-Agent: KMail/1.6.2 MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <200407131155.36985@misha-mx.virtual-estates.net> X-Virus-Scanned: clamd / ClamAV version devel-20040615, clamav-milter version 0.73a on corbulon.video-collage.com X-Virus-Status: Clean X-Scanned-By: MIMEDefang 2.43 cc: net@FreeBSD.org Subject: allowing LAN the direct access to outside DNS with ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 15:55:49 -0000 Hello! I'm using the `simple' template in /etc/rc.firewall to allow LAN to access the Internet from behind the firewall (FreeBSD-stable). There is a rule there: # Allow DNS queries out in the world ${fwcmd} add pass udp from any to any 53 keep-state and, indeed, the firewall machine itself has no problems accessing the outside name servers. However, when the LAN-machine(s) try it, the queries time out, while the firewall machine logs the following: ipfw: 3400 Deny UDP name.ser.ver.ip:53 192.168.1.3:1332 in via de0 All HOWTOs out there imply running a local nameserver on the firewall machine. Is there a way to go without that, but also without opening the firewall up to _all_ UDP packets, which happen to originate from port 53? What's the meaning of the "keep-state" clause in the rule above? I thought, it "magically" allows DNS-responses to come back only, but that does not work... Thank you! -mi From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 16:07:31 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11BDB16A4CE; Tue, 13 Jul 2004 16:07:31 +0000 (GMT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7EE5B43D41; Tue, 13 Jul 2004 16:07:30 +0000 (GMT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.12.11/8.12.11) with ESMTP id i6DG7LwE066224; Tue, 13 Jul 2004 12:07:21 -0400 (EDT) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.12.11/8.12.11/Submit) id i6DG7LtO066223; Tue, 13 Jul 2004 12:07:21 -0400 (EDT) (envelope-from barney) Date: Tue, 13 Jul 2004 12:07:21 -0400 From: Barney Wolff To: Mikhail Teterin Message-ID: <20040713160721.GA64946@pit.databus.com> References: <200407131155.36985@misha-mx.virtual-estates.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200407131155.36985@misha-mx.virtual-estates.net> User-Agent: Mutt/1.5.6i X-Scanned-By: MIMEDefang 2.43 cc: questions@freebsd.org cc: net@freebsd.org Subject: Re: allowing LAN the direct access to outside DNS with ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 16:07:31 -0000 On Tue, Jul 13, 2004 at 11:55:36AM -0400, Mikhail Teterin wrote: > > I'm using the `simple' template in /etc/rc.firewall to allow LAN to access > the Internet from behind the firewall (FreeBSD-stable). > > There is a rule there: > # Allow DNS queries out in the world > ${fwcmd} add pass udp from any to any 53 keep-state > > and, indeed, the firewall machine itself has no problems accessing the outside > name servers. > > However, when the LAN-machine(s) try it, the queries time out, while the > firewall machine logs the following: > > ipfw: 3400 Deny UDP name.ser.ver.ip:53 192.168.1.3:1332 in via de0 > > All HOWTOs out there imply running a local nameserver on the firewall > machine. Is there a way to go without that, but also without opening the > firewall up to _all_ UDP packets, which happen to originate from port > 53? > > What's the meaning of the "keep-state" clause in the rule above? I > thought, it "magically" allows DNS-responses to come back only, but that > does not work... Do ipfw show and see if the keep-state rule is ever triggering - perhaps some rule before it is already allowing the outgoing packets. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. From owner-freebsd-net@FreeBSD.ORG Tue Jul 13 16:29:10 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A9A4C16A4CE for ; Tue, 13 Jul 2004 16:29:10 +0000 (GMT) Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id E093043D1D for ; Tue, 13 Jul 2004 16:29:09 +0000 (GMT) (envelope-from rik@cronyx.ru) Received: (from root@localhost) by hanoi.cronyx.ru id i6DGQ6gW055138 for net@freebsd.org.checked; (8.12.8/vak/2.1) Tue, 13 Jul 2004 20:26:06 +0400 (MSD) (envelope-from rik@cronyx.ru) Received: from cronyx.ru (hi.cronyx.ru [144.206.181.94]) by hanoi.cronyx.ru with ESMTP id i6DGNjSt055037; (8.12.8/vak/2.1) Tue, 13 Jul 2004 20:23:46 +0400 (MSD) (envelope-from rik@cronyx.ru) Message-ID: <40F40C8E.8000904@cronyx.ru> Date: Tue, 13 Jul 2004 20:23:42 +0400 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6b) Gecko/20031208 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Mikhail Teterin , barney@databus.com References: <200407131155.36985@misha-mx.virtual-estates.net> <20040713160721.GA64946@pit.databus.com> In-Reply-To: <20040713160721.GA64946@pit.databus.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: questions@freebsd.org cc: net@freebsd.org Subject: Re: allowing LAN the direct access to outside DNS with ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jul 2004 16:29:10 -0000 Barney Wolff wrote: >On Tue, Jul 13, 2004 at 11:55:36AM -0400, Mikhail Teterin wrote: > > >>I'm using the `simple' template in /etc/rc.firewall to allow LAN to access >>the Internet from behind the firewall (FreeBSD-stable). >> >>There is a rule there: >> # Allow DNS queries out in the world >> ${fwcmd} add pass udp from any to any 53 keep-state >> >> Probably this should be a bit safer: ${fwcmd} add pass udp from ${inet} to any 53 keep-state out via de0 >>and, indeed, the firewall machine itself has no problems accessing the outside >>name servers. >> >>However, when the LAN-machine(s) try it, the queries time out, while the >>firewall machine logs the following: >> >> ipfw: 3400 Deny UDP name.ser.ver.ip:53 192.168.1.3:1332 in via de0 >> >> All routers/servers from Internet does not work with 192.168 like networks since any body can use such addresses, so this could be you problem. >>All HOWTOs out there imply running a local nameserver on the firewall >>machine. Is there a way to go without that, but also without opening the >>firewall up to _all_ UDP packets, which happen to originate from port >>53? >> >>What's the meaning of the "keep-state" clause in the rule above? I >>thought, it "magically" allows DNS-responses to come back only, but that >>does not work... >> >> > >Do ipfw show and see if the keep-state rule is ever triggering - perhaps >some rule before it is already allowing the outgoing packets. > > As I understand this, keep-state wouldn't allow any connection to you from port 53, till you send any UDP packet to that machine for port 53. rik From owner-freebsd-net@FreeBSD.ORG Wed Jul 14 12:24:52 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1C30016A4CE for ; Wed, 14 Jul 2004 12:24:52 +0000 (GMT) Received: from mx3.mra.co.id (mx3.mra.co.id [202.138.254.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id F3B4043D39 for ; Wed, 14 Jul 2004 12:21:20 +0000 (GMT) (envelope-from reza@mra.co.id) Received: from localhost (unknown [127.0.0.1]) by mx3.mra.co.id (Postfix) with ESMTP id B56FB2E0BF for ; Wed, 14 Jul 2004 11:59:58 +0700 (WIT) Received: from mx3.mra.co.id ([127.0.0.1]) by localhost (mx3.mra.co.id [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 99286-27 for ; Wed, 14 Jul 2004 11:58:43 +0700 (WIT) Received: from mail.mra.co.id (unknown [172.16.0.25]) by mx3.mra.co.id (Postfix) with ESMTP id 3A0B12E0DE for ; Wed, 14 Jul 2004 11:58:27 +0700 (WIT) content-class: urn:content-classes:message MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.0.5762.3 Date: Wed, 14 Jul 2004 11:38:52 +0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: ipfw and log server Thread-Index: AcRpXKuV7ekKeyvZSvGVsjugyRcdFg== From: "Mohammad Reza" To: X-Virus-Scanned: by amavisd-new at mra.co.id Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: ipfw and log server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2004 12:24:52 -0000 Dear Lists =20 I have trouble with my ipfw rules. My firewall server is logging server form my several mail gateway (syslogd) I want my ipfw rules to be default to deny, I add this rules before deny everything else=20 ${fwcmd} add pass udp from {mail_gateway} to me 514 in via ${iif} keep-state but I cant no longer see my logging to firewall. =20 Please help me =20 Regards reza =20 From owner-freebsd-net@FreeBSD.ORG Wed Jul 14 12:40:40 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4CF0316A4CE for ; Wed, 14 Jul 2004 12:40:40 +0000 (GMT) Received: from haggis.it.ca (haggis.it.ca [216.126.86.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id E658E43D1D for ; Wed, 14 Jul 2004 12:40:39 +0000 (GMT) (envelope-from paul@haggis.it.ca) Received: from haggis.it.ca (paul@localhost [127.0.0.1]) by haggis.it.ca (8.12.11/8.12.11) with ESMTP id i6ECecqS066007; Wed, 14 Jul 2004 08:40:38 -0400 (EDT) (envelope-from paul@haggis.it.ca) Received: (from paul@localhost) by haggis.it.ca (8.12.11/8.12.6/Submit) id i6ECecLf066006; Wed, 14 Jul 2004 08:40:38 -0400 (EDT) (envelope-from paul) Date: Wed, 14 Jul 2004 08:40:38 -0400 From: Paul Chvostek To: Mohammad Reza Message-ID: <20040714124038.GA62342@it.ca> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i cc: freebsd-net@freebsd.org Subject: Re: ipfw and log server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-net@freebsd.org List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2004 12:40:40 -0000 On Wed, Jul 14, 2004 at 11:38:52AM +0700, Mohammad Reza wrote: > > I have trouble with my ipfw rules. My firewall server is logging server > form my several mail gateway (syslogd) > I want my ipfw rules to be default to deny, > I add this rules before deny everything else > ${fwcmd} add pass udp from {mail_gateway} to me 514 in via ${iif} > keep-state > but I cant no longer see my logging to firewall. I'll assume the missing '$' before '{mail_gateway}', is just a cut-and-paste error. ;) Try adding a "log" directive to the deny rules that follow this allow rule. Alternately, add an explicit set of logging rules to identify the traffic that's being missed by your allow rule. For example: ${fwcmd} add pass udp from ${mail_gateway} to me 514 in via ${iif} ${fwcmd} add count log udp from ${mail_gateway} to any 514 Then check your /var/log/security. -- Paul Chvostek Operations / Abuse / Whatever it.canada, hosting and development http://www.it.ca/ From owner-freebsd-net@FreeBSD.ORG Wed Jul 14 16:36:04 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1955A16A4CE for ; Wed, 14 Jul 2004 16:36:04 +0000 (GMT) Received: from CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com (CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com [69.193.41.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id EECAF43D2D for ; Wed, 14 Jul 2004 16:35:43 +0000 (GMT) (envelope-from mikej@rogers.com) Received: from localhost (localhost [127.0.0.1]) with ESMTP id 769CA2954C4 for ; Wed, 14 Jul 2004 12:35:41 -0400 (EDT) Received: from CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com ([127.0.0.1])10024) with ESMTP id 43308-06 for ; Wed, 14 Jul 2004 12:35:39 -0400 (EDT) Received: from 69.193.41.53 (localhost [127.0.0.1]) with ESMTP id 2131729548C for ; Wed, 14 Jul 2004 12:35:39 -0400 (EDT) Received: from 66.11.183.182 (SquirrelMail authenticated user mikej); by 69.193.41.53 with HTTP; Wed, 14 Jul 2004 12:35:39 -0400 (EDT) Message-ID: <62362.66.11.183.182.1089822939.squirrel@66.11.183.182> Date: Wed, 14 Jul 2004 12:35:39 -0400 (EDT) From: "Mike Jakubik" To: freebsd-net@freebsd.org User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new at fbsd.wettoast.net Subject: PPTP VPN using MPD behind NAT help needed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2004 16:36:04 -0000 Hello, I am attempting to setup a PPTP VPN server using MPD on a FreeBSD 5.2-C box, which is behind a DSL router. Unfortunately it does not seem to work for everyone trying to connect to the server, and i cant figure out what the problem is. It works for some clients, and it does not for others (It just sits on 'Verifying username and password' under XP) All the clients are using Windows XP, all of them are behind some sort of NAT firewall, which is setup to allow all outgoing traffic. I can establish a PPTP connection locally just fine, and one of our clients can too, but the rest do not work. Here is my network layout: (192.168.138.50) (192.168.138.1) () VPN server > DLink DSL router > Internet Typical client setup: Internet < Generic NAT/Firewall < Windows XP PC The DLink router has PPTP passthrough enabled, and incoming PPTP connections are forwarded to 192.168.138.50. MPD version 3.18 Here is mpd.conf: --- default: load pptp0 load pptp1 load pptp2 pptp0: new -i ng0 pptp0 pptp0 set ipcp ranges 192.168.138.50/32 192.168.138.200/32 load standard pptp1: new -i ng1 pptp1 pptp1 set ipcp ranges 192.168.138.50/32 192.168.138.201/32 load standard pptp2: new -i ng2 pptp2 pptp2 set ipcp ranges 192.168.138.50/32 192.168.138.202/32 load standard standard: set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix set bundle enable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link mtu 1460 set link keep-alive 10 60 set ipcp yes vjcomp set ipcp dns 192.168.1.1 set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless --- Here is mpd.links: --- pptp0: set link type pptp set pptp self 192.168.138.50 set pptp enable incoming set pptp disable originate pptp1: set link type pptp set pptp self 192.168.138.50 set pptp enable incoming set pptp disable originate pptp2: set link type pptp set pptp self 192.168.138.50 set pptp enable incoming set pptp disable originate --- Here is mpd.secrets: --- mike "secret" --- And here is the log from an unsucessful attempt: --- Jul 14 12:04:37 fbsd mpd: mpd: pid 59486, version 3.18 (root@fbsd.afirma.ca 16:17 13-Jul-2004) Jul 14 12:04:37 fbsd mpd: [pptp0] ppp node is "mpd59486-pptp0" Jul 14 12:04:37 fbsd mpd: mpd: local IP address for PPTP is 192.168.138.50 Jul 14 12:04:37 fbsd mpd: [pptp0] using interface ng0 Jul 14 12:04:37 fbsd mpd: [pptp1] ppp node is "mpd59486-pptp1" Jul 14 12:04:37 fbsd mpd: [pptp1] using interface ng1 Jul 14 12:04:37 fbsd mpd: [pptp2] ppp node is "mpd59486-pptp2" Jul 14 12:04:37 fbsd mpd: [pptp2] using interface ng2 Jul 14 12:04:50 fbsd mpd: mpd: PPTP connection from 69.193.41.53:3104 Jul 14 12:04:50 fbsd mpd: pptp0: attached to connection with 69.193.41.53:3104 Jul 14 12:04:50 fbsd mpd: [pptp0] IFACE: Open event Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: Open event Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: state change Initial --> Starting Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: LayerStart Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: Open event Jul 14 12:04:50 fbsd mpd: [pptp0] bundle: OPEN event in state CLOSED Jul 14 12:04:50 fbsd mpd: [pptp0] opening link "pptp0"... Jul 14 12:04:50 fbsd mpd: [pptp0] link: OPEN event Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: Open event Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: state change Initial --> Starting Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: LayerStart Jul 14 12:04:50 fbsd mpd: [pptp0] device: OPEN event in state DOWN Jul 14 12:04:50 fbsd mpd: [pptp0] attaching to peer's outgoing call Jul 14 12:04:50 fbsd mpd: [pptp0] device is now in state OPENING Jul 14 12:04:50 fbsd mpd: [pptp0] device: UP event in state OPENING Jul 14 12:04:50 fbsd mpd: [pptp0] device is now in state UP Jul 14 12:04:50 fbsd mpd: [pptp0] link: UP event Jul 14 12:04:50 fbsd mpd: [pptp0] link: origination is remote Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: Up event Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: state change Starting --> Req-Sent Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: phase shift DEAD --> ESTABLISH Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: SendConfigReq #1 Jul 14 12:04:50 fbsd mpd: ACFCOMP Jul 14 12:04:50 fbsd mpd: PROTOCOMP Jul 14 12:04:50 fbsd mpd: MRU 1500 Jul 14 12:04:50 fbsd mpd: MAGICNUM f822715a Jul 14 12:04:50 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:04:50 fbsd mpd: MP MRRU 1600 Jul 14 12:04:50 fbsd mpd: MP SHORTSEQ Jul 14 12:04:50 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:04:50 fbsd mpd: pptp0-0: ignoring SetLinkInfo Jul 14 12:04:52 fbsd mpd: [pptp0] LCP: SendConfigReq #2 Jul 14 12:04:52 fbsd mpd: ACFCOMP Jul 14 12:04:52 fbsd mpd: PROTOCOMP Jul 14 12:04:52 fbsd mpd: MRU 1500 Jul 14 12:04:52 fbsd mpd: MAGICNUM f822715a Jul 14 12:04:52 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:04:52 fbsd mpd: MP MRRU 1600 Jul 14 12:04:52 fbsd mpd: MP SHORTSEQ Jul 14 12:04:52 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:04:54 fbsd mpd: [pptp0] LCP: SendConfigReq #3 Jul 14 12:04:54 fbsd mpd: ACFCOMP Jul 14 12:04:54 fbsd mpd: PROTOCOMP Jul 14 12:04:54 fbsd mpd: MRU 1500 Jul 14 12:04:54 fbsd mpd: MAGICNUM f822715a Jul 14 12:04:54 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:04:54 fbsd mpd: MP MRRU 1600 Jul 14 12:04:54 fbsd mpd: MP SHORTSEQ Jul 14 12:04:54 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:04:56 fbsd mpd: [pptp0] LCP: SendConfigReq #4 Jul 14 12:04:56 fbsd mpd: ACFCOMP Jul 14 12:04:56 fbsd mpd: PROTOCOMP Jul 14 12:04:56 fbsd mpd: MRU 1500 Jul 14 12:04:56 fbsd mpd: MAGICNUM f822715a Jul 14 12:04:56 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:04:56 fbsd mpd: MP MRRU 1600 Jul 14 12:04:56 fbsd mpd: MP SHORTSEQ Jul 14 12:04:56 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:04:58 fbsd mpd: [pptp0] LCP: SendConfigReq #5 Jul 14 12:04:58 fbsd mpd: ACFCOMP Jul 14 12:04:58 fbsd mpd: PROTOCOMP Jul 14 12:04:58 fbsd mpd: MRU 1500 Jul 14 12:04:58 fbsd mpd: MAGICNUM f822715a Jul 14 12:04:58 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:04:58 fbsd mpd: MP MRRU 1600 Jul 14 12:04:58 fbsd mpd: MP SHORTSEQ Jul 14 12:04:58 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:05:00 fbsd mpd: [pptp0] LCP: SendConfigReq #6 Jul 14 12:05:00 fbsd mpd: ACFCOMP Jul 14 12:05:00 fbsd mpd: PROTOCOMP Jul 14 12:05:00 fbsd mpd: MRU 1500 Jul 14 12:05:00 fbsd mpd: MAGICNUM f822715a Jul 14 12:05:00 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:05:00 fbsd mpd: MP MRRU 1600 Jul 14 12:05:00 fbsd mpd: MP SHORTSEQ Jul 14 12:05:00 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:05:02 fbsd mpd: [pptp0] LCP: SendConfigReq #7 Jul 14 12:05:02 fbsd mpd: ACFCOMP Jul 14 12:05:02 fbsd mpd: PROTOCOMP Jul 14 12:05:02 fbsd mpd: MRU 1500 Jul 14 12:05:02 fbsd mpd: MAGICNUM f822715a Jul 14 12:05:02 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:05:02 fbsd mpd: MP MRRU 1600 Jul 14 12:05:02 fbsd mpd: MP SHORTSEQ Jul 14 12:05:02 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:05:04 fbsd mpd: [pptp0] LCP: SendConfigReq #8 Jul 14 12:05:04 fbsd mpd: ACFCOMP Jul 14 12:05:04 fbsd mpd: PROTOCOMP Jul 14 12:05:04 fbsd mpd: MRU 1500 Jul 14 12:05:04 fbsd mpd: MAGICNUM f822715a Jul 14 12:05:04 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:05:04 fbsd mpd: MP MRRU 1600 Jul 14 12:05:04 fbsd mpd: MP SHORTSEQ Jul 14 12:05:04 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:05:06 fbsd mpd: [pptp0] LCP: SendConfigReq #9 Jul 14 12:05:06 fbsd mpd: ACFCOMP Jul 14 12:05:06 fbsd mpd: PROTOCOMP Jul 14 12:05:06 fbsd mpd: MRU 1500 Jul 14 12:05:06 fbsd mpd: MAGICNUM f822715a Jul 14 12:05:06 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:05:06 fbsd mpd: MP MRRU 1600 Jul 14 12:05:06 fbsd mpd: MP SHORTSEQ Jul 14 12:05:06 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:05:08 fbsd mpd: [pptp0] LCP: SendConfigReq #10 Jul 14 12:05:08 fbsd mpd: ACFCOMP Jul 14 12:05:08 fbsd mpd: PROTOCOMP Jul 14 12:05:08 fbsd mpd: MRU 1500 Jul 14 12:05:08 fbsd mpd: MAGICNUM f822715a Jul 14 12:05:08 fbsd mpd: AUTHPROTO CHAP MSOFTv2 Jul 14 12:05:08 fbsd mpd: MP MRRU 1600 Jul 14 12:05:08 fbsd mpd: MP SHORTSEQ Jul 14 12:05:08 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Req-Sent --> Stopped Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: LayerFinish Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: parameter negotiation failed Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: LayerFinish Jul 14 12:05:10 fbsd mpd: [pptp0] device: CLOSE event in state UP Jul 14 12:05:10 fbsd mpd: pptp0-0: clearing call Jul 14 12:05:10 fbsd mpd: pptp0-0: killing channel Jul 14 12:05:10 fbsd mpd: [pptp0] PPTP call terminated Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: Close event Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: state change Starting --> Initial Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: LayerFinish Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event Jul 14 12:05:10 fbsd mpd: pptp0: closing connection with 69.193.41.53:3104 Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state CLOSING Jul 14 12:05:10 fbsd mpd: [pptp0] bundle: CLOSE event in state OPENED Jul 14 12:05:10 fbsd mpd: [pptp0] closing link "pptp0"... Jul 14 12:05:10 fbsd mpd: [pptp0] device: CLOSE event in state CLOSING Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state CLOSING Jul 14 12:05:10 fbsd mpd: [pptp0] link: CLOSE event Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Close event Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Stopped --> Closed Jul 14 12:05:10 fbsd mpd: [pptp0] device: DOWN event in state CLOSING Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state DOWN Jul 14 12:05:10 fbsd mpd: [pptp0] link: DOWN event Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Down event Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Closed --> Initial Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: phase shift ESTABLISH --> DEAD Jul 14 12:05:10 fbsd mpd: [pptp0] device: DOWN event in state DOWN Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state DOWN Jul 14 12:05:10 fbsd mpd: [pptp0] link: DOWN event Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Down event Jul 14 12:05:10 fbsd mpd: pptp0: killing connection with 69.193.41.53:3104 --- Any help would be greatly appreciated. Thanks. From owner-freebsd-net@FreeBSD.ORG Wed Jul 14 18:53:02 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2D87316A4CE for ; Wed, 14 Jul 2004 18:53:02 +0000 (GMT) Received: from beagle2.mehnert.org (beagle2.mehnert.org [212.42.235.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 63A7643D2D for ; Wed, 14 Jul 2004 18:53:01 +0000 (GMT) (envelope-from hannes@mehnert.org) Received: from localhost (port-195-158-171-122.dynamic.qsc.de [195.158.171.122]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "Hannes Mehnert", Issuer "mehnert root CA" (verified OK)) by beagle2.mehnert.org (Postfix) with ESMTP id EB14295886; Wed, 14 Jul 2004 20:52:58 +0200 (CEST) Date: Wed, 14 Jul 2004 20:52:48 +0200 From: Hannes Mehnert To: Mike Durian Message-ID: <20040714185248.GC70193@mehnert.org> References: <200406091423.31355.durian@boogie.com> <200407121532.18503.durian@boogie.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200407121532.18503.durian@boogie.com> User-Agent: Mutt/1.4.2.1i cc: freebsd-net@freebsd.org Subject: Re: Racoon breakage with recent kernel X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2004 18:53:02 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, On Mon, Jul 12, 2004 at 03:32:18PM -0600, Mike Durian wrote: > This is just a follow-up to say the problem still exists in a -current > system I built from source yesterday (7/11/04). Does anyone know > what's going on? > > And to clarify, the URL listed above does show the same problem I'm > seeing. A workaround is setting MSIZE to 320 in your kernel config: options MSIZE=320 Best Regards, Hannes Mehnert -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFA9YD9RcuNlziBjRwRAooWAKCzecur6cnhqPmeUst1uWcvZ6mW9gCggIqZ EkHDsz//6TTDyIFgDQyVyIw= =ZDYd -----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Wed Jul 14 21:49:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ADF4F16A4CE for ; Wed, 14 Jul 2004 21:49:12 +0000 (GMT) Received: from b.mail.sonic.net (b.mail.sonic.net [64.142.19.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 612E243D3F for ; Wed, 14 Jul 2004 21:49:12 +0000 (GMT) (envelope-from bmah@tomcat.kitchenlab.org) Received: from tomcat.kitchenlab.org (adsl-64-142-31-107.sonic.net [64.142.31.107]) by b.mail.sonic.net (8.12.11/8.12.11) with ESMTP id i6ELmZKj010452 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Wed, 14 Jul 2004 14:48:36 -0700 Received: from tomcat.kitchenlab.org (localhost.kitchenlab.org [127.0.0.1]) i6ELmZhk068532; Wed, 14 Jul 2004 14:48:35 -0700 (PDT) (envelope-from bmah@tomcat.kitchenlab.org) Received: (from bmah@localhost) by tomcat.kitchenlab.org (8.12.11/8.12.11/Submit) id i6ELmYud068531; Wed, 14 Jul 2004 14:48:34 -0700 (PDT) (envelope-from bmah) Date: Wed, 14 Jul 2004 14:48:34 -0700 From: "Bruce A. Mah" To: staticblackz Message-ID: <20040714214834.GA68506@tomcat.kitchenlab.org> References: <000801c46561$78e652d0$7000a8c0@staticblackzt1> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="azLHFNyN32YCQGCU" Content-Disposition: inline In-Reply-To: <000801c46561$78e652d0$7000a8c0@staticblackzt1> User-Agent: Mutt/1.4.2.1i X-Image-Url: http://www.employees.org/~bmah/Images/bmah-cisco-small.gif X-url: http://www.employees.org/~bmah/ cc: freebsd-net@freebsd.org Subject: Re: FreeBSD and Hotspots X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2004 21:49:12 -0000 --azLHFNyN32YCQGCU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline [Please wrap your lines to some reasonable line length...thanks.] If memory serves me right, staticblackz wrote: > I am trying to build a hotspot for freebsd I was wondering how > something like this would be made, is there already one out there I > can use. I would need it to redirect users to some web page ran off > apache that can send their logon info to the radius server also > making it so they can't browse the net until they were authenticated > with the radius server. Recent beta versions of m0n0wall (a FreeBSD-based firewall) have captive portal support. I haven't tried this feature personally, but I'm pretty sure there's RADIUS support. http://www.m0n0.ch/wall/ > My other problem is I am trying to set an > orinoco pcmcia card to ap-mode and it won't work it gives me the > error..."ifconfig: SIOCSIFMEDIA (mediaopt): Device not configured" I > have tried many different ways to make this card work and it won't, > I use the command " ifconfig wi0 inet 192.168.0.1 netmask 0xfffffff0 > ssid my_net channel 11 media DS/11Mbps mediaopt hostap up". If I > switch the device to ath1 for my atheros card ti works fine..I > REALLY need help with these 2 problems As another poster pointed out, I don't think the Hermes-based cards can do hostap mode. The Prism- and Atheros-based cards can. See the wi(4) and ath(4) manual pages for more details. Bruce. --azLHFNyN32YCQGCU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFA9aoy2MoxcVugUsMRAqUXAJ0eYsQbz0SjoNhqwsDcO7YMlQVJkACePtn6 Ht8C/dFaiZBSNWvALgq2LV8= =cOw9 -----END PGP SIGNATURE----- --azLHFNyN32YCQGCU-- From owner-freebsd-net@FreeBSD.ORG Wed Jul 14 23:57:41 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0B54D16A4CE for ; Wed, 14 Jul 2004 23:57:41 +0000 (GMT) Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.198.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id D28FE43D2D for ; Wed, 14 Jul 2004 23:57:40 +0000 (GMT) (envelope-from garycor@comcast.net) Received: from [10.56.78.111] (pcp09118143pcs.union01.nj.comcast.net[69.142.234.88]) by comcast.net (rwcrmhc13) with ESMTP id <20040714235740015003l9pce> (Authid: garycor); Wed, 14 Jul 2004 23:57:40 +0000 Message-ID: <40F5C880.3090206@comcast.net> Date: Wed, 14 Jul 2004 19:57:52 -0400 From: Gary Corcoran User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: DHCP server over PPPoE server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2004 23:57:41 -0000 Yesterday, I installed mpd 3.18 and managed to get it working as a PPPoE server on my local LAN, to test my client. Today, I'm trying to get DHCP over PPPoE working, and not having much success. I shutdown my regular DHCP server over the em0 ethernet interface, and tried starting up dhcpd to use the ng0 interface that gets created by mpd. It complains a little about em0 and ng0 using the same subnet, but starts up and sits there, in debug mode (so I can see all messages on the console). My client starts up, successfully negotiates PPPoE and PPP and the link comes up, then I start dhcpd on ng0 (if I try to start it before the PPPoE link comes up, it complains there is no ng0, even though it shows up in ifconfig) and I can see my client sending out DHCP INFORM messages, encapsulated in PPPoE, but I get *nothing* printed from the DHCP server, as if it has not seen the DHCP messages at all. Should dhcpd be using a different interface than ng0 ? Does anyone have any suggestions? Thanks, Gary From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 01:38:46 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76E0816A4CE for ; Thu, 15 Jul 2004 01:38:46 +0000 (GMT) Received: from cow.home.mshindo.net (usen-221x245x168x210.ap-US01.usen.ad.jp [221.245.168.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0797F43D1D for ; Thu, 15 Jul 2004 01:38:40 +0000 (GMT) (envelope-from mshindo@mshindo.net) Received: from localhost (usen-221x245x168x210.ap-US01.usen.ad.jp [221.245.168.210]) by cow.home.mshindo.net (8.12.6/8.12.6) with ESMTP id i6F1gOw9052618; Thu, 15 Jul 2004 10:42:24 +0900 (JST) (envelope-from mshindo@mshindo.net) Date: Thu, 15 Jul 2004 10:38:34 +0900 (JST) Message-Id: <20040715.103834.59465255.mshindo@mshindo.net> To: mikej@rogers.com From: Motonori Shindo In-Reply-To: <62362.66.11.183.182.1089822939.squirrel@66.11.183.182> References: <62362.66.11.183.182.1089822939.squirrel@66.11.183.182> X-Mailer: Mew version 4.0.65 on Emacs 21.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: PPTP VPN using MPD behind NAT help needed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 01:38:46 -0000 Mike, This seems like a DSL router's problem. Because PPTP encapsulates PPP using GRE, which is neither TCP nor UDP, routers sometimes can not NAT PPTP traffic. Some router conqurs this problem by simply "passing through" GRE packets (and hence this feature is sometimes called "VPN Pass Through") assuming there is only one PPTP client behind NAT. What you are seeing is most likely this case. There are, however, routers with more intelligence in this regard, which is capable of handling GRE over NAT with many clients. 'natd' included in FreeBSD is one of such "smart" NAT implementation. Regards, From: "Mike Jakubik" Subject: PPTP VPN using MPD behind NAT help needed Date: Wed, 14 Jul 2004 12:35:39 -0400 (EDT) > Hello, > > I am attempting to setup a PPTP VPN server using MPD on a FreeBSD 5.2-C > box, which is behind a DSL router. Unfortunately it does not seem to work > for everyone trying to connect to the server, and i cant figure out what > the problem is. It works for some clients, and it does not for others (It > just sits on 'Verifying username and password' under XP) All the clients > are using Windows XP, all of them are behind some sort of NAT firewall, > which is setup to allow all outgoing traffic. I can establish a PPTP > connection locally just fine, and one of our clients can too, but the rest > do not work. > > Here is my network layout: > > (192.168.138.50) (192.168.138.1) () > VPN server > DLink DSL router > Internet > > Typical client setup: > > Internet < Generic NAT/Firewall < Windows XP PC > > The DLink router has PPTP passthrough enabled, and incoming PPTP > connections are forwarded to 192.168.138.50. > > MPD version 3.18 > > Here is mpd.conf: > > --- > default: > load pptp0 > load pptp1 > load pptp2 > > pptp0: > new -i ng0 pptp0 pptp0 > set ipcp ranges 192.168.138.50/32 192.168.138.200/32 > load standard > > pptp1: > new -i ng1 pptp1 pptp1 > set ipcp ranges 192.168.138.50/32 192.168.138.201/32 > load standard > > pptp2: > new -i ng2 pptp2 pptp2 > set ipcp ranges 192.168.138.50/32 192.168.138.202/32 > load standard > > standard: > set iface disable on-demand > set iface enable proxy-arp > set iface idle 1800 > set iface enable tcpmssfix > set bundle enable multilink > set link yes acfcomp protocomp > set link no pap chap > set link enable chap > set link mtu 1460 > set link keep-alive 10 60 > set ipcp yes vjcomp > set ipcp dns 192.168.1.1 > set bundle enable compression > set ccp yes mppc > set ccp yes mpp-e40 > set ccp yes mpp-e128 > set ccp yes mpp-stateless > --- > > Here is mpd.links: > > --- > pptp0: > set link type pptp > set pptp self 192.168.138.50 > set pptp enable incoming > set pptp disable originate > > pptp1: > set link type pptp > set pptp self 192.168.138.50 > set pptp enable incoming > set pptp disable originate > > pptp2: > set link type pptp > set pptp self 192.168.138.50 > set pptp enable incoming > set pptp disable originate > --- > > Here is mpd.secrets: > > --- > mike "secret" > --- > > > And here is the log from an unsucessful attempt: > > --- > Jul 14 12:04:37 fbsd mpd: mpd: pid 59486, version 3.18 > (root@fbsd.afirma.ca 16:17 13-Jul-2004) > Jul 14 12:04:37 fbsd mpd: [pptp0] ppp node is "mpd59486-pptp0" > Jul 14 12:04:37 fbsd mpd: mpd: local IP address for PPTP is 192.168.138.50 > Jul 14 12:04:37 fbsd mpd: [pptp0] using interface ng0 > Jul 14 12:04:37 fbsd mpd: [pptp1] ppp node is "mpd59486-pptp1" > Jul 14 12:04:37 fbsd mpd: [pptp1] using interface ng1 > Jul 14 12:04:37 fbsd mpd: [pptp2] ppp node is "mpd59486-pptp2" > Jul 14 12:04:37 fbsd mpd: [pptp2] using interface ng2 > Jul 14 12:04:50 fbsd mpd: mpd: PPTP connection from 69.193.41.53:3104 > Jul 14 12:04:50 fbsd mpd: pptp0: attached to connection with > 69.193.41.53:3104 > Jul 14 12:04:50 fbsd mpd: [pptp0] IFACE: Open event > Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: Open event > Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: state change Initial --> Starting > Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: LayerStart > Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: Open event > Jul 14 12:04:50 fbsd mpd: [pptp0] bundle: OPEN event in state CLOSED > Jul 14 12:04:50 fbsd mpd: [pptp0] opening link "pptp0"... > Jul 14 12:04:50 fbsd mpd: [pptp0] link: OPEN event > Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: Open event > Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: state change Initial --> Starting > Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: LayerStart > Jul 14 12:04:50 fbsd mpd: [pptp0] device: OPEN event in state DOWN > Jul 14 12:04:50 fbsd mpd: [pptp0] attaching to peer's outgoing call > Jul 14 12:04:50 fbsd mpd: [pptp0] device is now in state OPENING > Jul 14 12:04:50 fbsd mpd: [pptp0] device: UP event in state OPENING > Jul 14 12:04:50 fbsd mpd: [pptp0] device is now in state UP > Jul 14 12:04:50 fbsd mpd: [pptp0] link: UP event > Jul 14 12:04:50 fbsd mpd: [pptp0] link: origination is remote > Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: Up event > Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: state change Starting --> Req-Sent > Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: phase shift DEAD --> ESTABLISH > Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: SendConfigReq #1 > Jul 14 12:04:50 fbsd mpd: ACFCOMP > Jul 14 12:04:50 fbsd mpd: PROTOCOMP > Jul 14 12:04:50 fbsd mpd: MRU 1500 > Jul 14 12:04:50 fbsd mpd: MAGICNUM f822715a > Jul 14 12:04:50 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:04:50 fbsd mpd: MP MRRU 1600 > Jul 14 12:04:50 fbsd mpd: MP SHORTSEQ > Jul 14 12:04:50 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:04:50 fbsd mpd: pptp0-0: ignoring SetLinkInfo > Jul 14 12:04:52 fbsd mpd: [pptp0] LCP: SendConfigReq #2 > Jul 14 12:04:52 fbsd mpd: ACFCOMP > Jul 14 12:04:52 fbsd mpd: PROTOCOMP > Jul 14 12:04:52 fbsd mpd: MRU 1500 > Jul 14 12:04:52 fbsd mpd: MAGICNUM f822715a > Jul 14 12:04:52 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:04:52 fbsd mpd: MP MRRU 1600 > Jul 14 12:04:52 fbsd mpd: MP SHORTSEQ > Jul 14 12:04:52 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:04:54 fbsd mpd: [pptp0] LCP: SendConfigReq #3 > Jul 14 12:04:54 fbsd mpd: ACFCOMP > Jul 14 12:04:54 fbsd mpd: PROTOCOMP > Jul 14 12:04:54 fbsd mpd: MRU 1500 > Jul 14 12:04:54 fbsd mpd: MAGICNUM f822715a > Jul 14 12:04:54 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:04:54 fbsd mpd: MP MRRU 1600 > Jul 14 12:04:54 fbsd mpd: MP SHORTSEQ > Jul 14 12:04:54 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:04:56 fbsd mpd: [pptp0] LCP: SendConfigReq #4 > Jul 14 12:04:56 fbsd mpd: ACFCOMP > Jul 14 12:04:56 fbsd mpd: PROTOCOMP > Jul 14 12:04:56 fbsd mpd: MRU 1500 > Jul 14 12:04:56 fbsd mpd: MAGICNUM f822715a > Jul 14 12:04:56 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:04:56 fbsd mpd: MP MRRU 1600 > Jul 14 12:04:56 fbsd mpd: MP SHORTSEQ > Jul 14 12:04:56 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:04:58 fbsd mpd: [pptp0] LCP: SendConfigReq #5 > Jul 14 12:04:58 fbsd mpd: ACFCOMP > Jul 14 12:04:58 fbsd mpd: PROTOCOMP > Jul 14 12:04:58 fbsd mpd: MRU 1500 > Jul 14 12:04:58 fbsd mpd: MAGICNUM f822715a > Jul 14 12:04:58 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:04:58 fbsd mpd: MP MRRU 1600 > Jul 14 12:04:58 fbsd mpd: MP SHORTSEQ > Jul 14 12:04:58 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:05:00 fbsd mpd: [pptp0] LCP: SendConfigReq #6 > Jul 14 12:05:00 fbsd mpd: ACFCOMP > Jul 14 12:05:00 fbsd mpd: PROTOCOMP > Jul 14 12:05:00 fbsd mpd: MRU 1500 > Jul 14 12:05:00 fbsd mpd: MAGICNUM f822715a > Jul 14 12:05:00 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:05:00 fbsd mpd: MP MRRU 1600 > Jul 14 12:05:00 fbsd mpd: MP SHORTSEQ > Jul 14 12:05:00 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:05:02 fbsd mpd: [pptp0] LCP: SendConfigReq #7 > Jul 14 12:05:02 fbsd mpd: ACFCOMP > Jul 14 12:05:02 fbsd mpd: PROTOCOMP > Jul 14 12:05:02 fbsd mpd: MRU 1500 > Jul 14 12:05:02 fbsd mpd: MAGICNUM f822715a > Jul 14 12:05:02 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:05:02 fbsd mpd: MP MRRU 1600 > Jul 14 12:05:02 fbsd mpd: MP SHORTSEQ > Jul 14 12:05:02 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:05:04 fbsd mpd: [pptp0] LCP: SendConfigReq #8 > Jul 14 12:05:04 fbsd mpd: ACFCOMP > Jul 14 12:05:04 fbsd mpd: PROTOCOMP > Jul 14 12:05:04 fbsd mpd: MRU 1500 > Jul 14 12:05:04 fbsd mpd: MAGICNUM f822715a > Jul 14 12:05:04 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:05:04 fbsd mpd: MP MRRU 1600 > Jul 14 12:05:04 fbsd mpd: MP SHORTSEQ > Jul 14 12:05:04 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:05:06 fbsd mpd: [pptp0] LCP: SendConfigReq #9 > Jul 14 12:05:06 fbsd mpd: ACFCOMP > Jul 14 12:05:06 fbsd mpd: PROTOCOMP > Jul 14 12:05:06 fbsd mpd: MRU 1500 > Jul 14 12:05:06 fbsd mpd: MAGICNUM f822715a > Jul 14 12:05:06 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:05:06 fbsd mpd: MP MRRU 1600 > Jul 14 12:05:06 fbsd mpd: MP SHORTSEQ > Jul 14 12:05:06 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:05:08 fbsd mpd: [pptp0] LCP: SendConfigReq #10 > Jul 14 12:05:08 fbsd mpd: ACFCOMP > Jul 14 12:05:08 fbsd mpd: PROTOCOMP > Jul 14 12:05:08 fbsd mpd: MRU 1500 > Jul 14 12:05:08 fbsd mpd: MAGICNUM f822715a > Jul 14 12:05:08 fbsd mpd: AUTHPROTO CHAP MSOFTv2 > Jul 14 12:05:08 fbsd mpd: MP MRRU 1600 > Jul 14 12:05:08 fbsd mpd: MP SHORTSEQ > Jul 14 12:05:08 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Req-Sent --> Stopped > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: LayerFinish > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: parameter negotiation failed > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: LayerFinish > Jul 14 12:05:10 fbsd mpd: [pptp0] device: CLOSE event in state UP > Jul 14 12:05:10 fbsd mpd: pptp0-0: clearing call > Jul 14 12:05:10 fbsd mpd: pptp0-0: killing channel > Jul 14 12:05:10 fbsd mpd: [pptp0] PPTP call terminated > Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event > Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: Close event > Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: state change Starting --> Initial > Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: LayerFinish > Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event > Jul 14 12:05:10 fbsd mpd: pptp0: closing connection with 69.193.41.53:3104 > Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event > Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state CLOSING > Jul 14 12:05:10 fbsd mpd: [pptp0] bundle: CLOSE event in state OPENED > Jul 14 12:05:10 fbsd mpd: [pptp0] closing link "pptp0"... > Jul 14 12:05:10 fbsd mpd: [pptp0] device: CLOSE event in state CLOSING > Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state CLOSING > Jul 14 12:05:10 fbsd mpd: [pptp0] link: CLOSE event > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Close event > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Stopped --> Closed > Jul 14 12:05:10 fbsd mpd: [pptp0] device: DOWN event in state CLOSING > Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state DOWN > Jul 14 12:05:10 fbsd mpd: [pptp0] link: DOWN event > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Down event > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Closed --> Initial > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: phase shift ESTABLISH --> DEAD > Jul 14 12:05:10 fbsd mpd: [pptp0] device: DOWN event in state DOWN > Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state DOWN > Jul 14 12:05:10 fbsd mpd: [pptp0] link: DOWN event > Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Down event > Jul 14 12:05:10 fbsd mpd: pptp0: killing connection with 69.193.41.53:3104 > --- > > Any help would be greatly appreciated. > > Thanks. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 02:15:54 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7230916A4CE for ; Thu, 15 Jul 2004 02:15:54 +0000 (GMT) Received: from CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com (CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com [69.193.41.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42E7B43D48 for ; Thu, 15 Jul 2004 02:15:54 +0000 (GMT) (envelope-from mikej@rogers.com) Received: from localhost (localhost [127.0.0.1]) with ESMTP id EF9952954C4; Wed, 14 Jul 2004 22:15:50 -0400 (EDT) Received: from CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com ([127.0.0.1])10024) with ESMTP id 45942-09; Wed, 14 Jul 2004 22:15:49 -0400 (EDT) Received: from 192.168.0.1 (localhost [127.0.0.1]) with ESMTP id 3E97C2954C3; Wed, 14 Jul 2004 22:15:49 -0400 (EDT) Received: from 192.168.0.200 (SquirrelMail authenticated user mikej); by 192.168.0.1 with HTTP; Wed, 14 Jul 2004 22:15:49 -0400 (EDT) Message-ID: <3545.192.168.0.200.1089857749.squirrel@192.168.0.200> In-Reply-To: <20040715.103834.59465255.mshindo@mshindo.net> References: <62362.66.11.183.182.1089822939.squirrel@66.11.183.182> <20040715.103834.59465255.mshindo@mshindo.net> Date: Wed, 14 Jul 2004 22:15:49 -0400 (EDT) From: "Mike Jakubik" To: "Motonori Shindo" User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new at fbsd.wettoast.net cc: freebsd-net@freebsd.org Subject: Re: PPTP VPN using MPD behind NAT help needed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 02:15:54 -0000 Motonori Shindo said: > Mike, > > This seems like a DSL router's problem. Because PPTP encapsulates PPP > using GRE, which is neither TCP nor UDP, routers sometimes can not NAT > PPTP traffic. Some router conqurs this problem by simply "passing > through" GRE packets (and hence this feature is sometimes called "VPN > Pass Through") assuming there is only one PPTP client behind NAT. What > you are seeing is most likely this case. > > There are, however, routers with more intelligence in this regard, > which is capable of handling GRE over NAT with many clients. 'natd' > included in FreeBSD is one of such "smart" NAT implementation. > > Regards, Thanks, but what has me concerned is that fact that one client can connect just fine. I belive they are using a watchguard firebox as their firewall. Aother strange thing is that we have had a Windows 2003 server behind this Dlink router, and VPN worked with the Windows server. This is what led me to belive that it may be something else. From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 03:37:02 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2717316A4CE for ; Thu, 15 Jul 2004 03:37:02 +0000 (GMT) Received: from CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com (CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com [69.193.41.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id ECF3A43D41 for ; Thu, 15 Jul 2004 03:37:01 +0000 (GMT) (envelope-from mikej@rogers.com) Received: from localhost (localhost [127.0.0.1]) with ESMTP id BC7562954C4; Wed, 14 Jul 2004 23:36:58 -0400 (EDT) Received: from CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com ([127.0.0.1])10024) with ESMTP id 46702-05; Wed, 14 Jul 2004 23:36:57 -0400 (EDT) Received: from 192.168.0.1 (localhost [127.0.0.1]) with ESMTP id 31B252954C3; Wed, 14 Jul 2004 23:36:57 -0400 (EDT) Received: from 192.168.0.200 (SquirrelMail authenticated user mikej); by 192.168.0.1 with HTTP; Wed, 14 Jul 2004 23:36:57 -0400 (EDT) Message-ID: <3665.192.168.0.200.1089862617.squirrel@192.168.0.200> In-Reply-To: <20040715.113844.39154001.mshindo@mshindo.net> References: <62362.66.11.183.182.1089822939.squirrel@66.11.183.182> <20040715.103834.59465255.mshindo@mshindo.net> <3545.192.168.0.200.1089857749.squirrel@192.168.0.200> <20040715.113844.39154001.mshindo@mshindo.net> Date: Wed, 14 Jul 2004 23:36:57 -0400 (EDT) From: "Mike Jakubik" To: "Motonori Shindo" User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new at fbsd.wettoast.net cc: freebsd-net@freebsd.org Subject: Re: PPTP VPN using MPD behind NAT help needed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 03:37:02 -0000 Motonori Shindo said: >> > This seems like a DSL router's problem. Because PPTP encapsulates PPP >> > using GRE, which is neither TCP nor UDP, routers sometimes can not NAT >> > PPTP traffic. Some router conqurs this problem by simply "passing >> > through" GRE packets (and hence this feature is sometimes called "VPN >> > Pass Through") assuming there is only one PPTP client behind NAT. What >> > you are seeing is most likely this case. >> > >> > There are, however, routers with more intelligence in this regard, >> > which is capable of handling GRE over NAT with many clients. 'natd' >> > included in FreeBSD is one of such "smart" NAT implementation. >> >> Thanks, but what has me concerned is that fact that one client can >> connect >> just fine. I belive they are using a watchguard firebox as their >> firewall. > > "One client works just fine but not two or more clients > simultaneously" is a typical symptom you'll see when NAT device does > simple "VPN Pass Through". I never said simultaneously, i mean that only one of them can connect. They are not all connecting at once. >> Aother strange thing is that we have had a Windows 2003 server behind >> this >> Dlink router, and VPN worked with the Windows server. This is what led >> me >> to belive that it may be something else. > > Do you mean you used Windows 2003 Server as a PPTP server or a PPTP > client? If you used it as a PPTP client, did it always work OK with > other PPTP clients simultaneously through that DLink router? > > Regards, Yes, as a PPTP server. Also, we have no problems establishing more than one outgoing PPTP connection via this router. Thanks. From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 03:45:22 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4FD5016A4CE for ; Thu, 15 Jul 2004 03:45:22 +0000 (GMT) Received: from cow.home.mshindo.net (usen-221x245x168x210.ap-US01.usen.ad.jp [221.245.168.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id B6E8443D1F for ; Thu, 15 Jul 2004 03:45:15 +0000 (GMT) (envelope-from mshindo@mshindo.net) Received: from localhost (usen-221x245x168x210.ap-US01.usen.ad.jp [221.245.168.210]) by cow.home.mshindo.net (8.12.6/8.12.6) with ESMTP id i6F2gVw9052822; Thu, 15 Jul 2004 11:42:31 +0900 (JST) (envelope-from mshindo@mshindo.net) Date: Thu, 15 Jul 2004 11:38:44 +0900 (JST) Message-Id: <20040715.113844.39154001.mshindo@mshindo.net> To: mikej@rogers.com From: Motonori Shindo In-Reply-To: <3545.192.168.0.200.1089857749.squirrel@192.168.0.200> References: <62362.66.11.183.182.1089822939.squirrel@66.11.183.182> <20040715.103834.59465255.mshindo@mshindo.net> <3545.192.168.0.200.1089857749.squirrel@192.168.0.200> X-Mailer: Mew version 4.0.65 on Emacs 21.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: PPTP VPN using MPD behind NAT help needed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 03:45:22 -0000 Mike, From: "Mike Jakubik" Subject: Re: PPTP VPN using MPD behind NAT help needed Date: Wed, 14 Jul 2004 22:15:49 -0400 (EDT) > > This seems like a DSL router's problem. Because PPTP encapsulates PPP > > using GRE, which is neither TCP nor UDP, routers sometimes can not NAT > > PPTP traffic. Some router conqurs this problem by simply "passing > > through" GRE packets (and hence this feature is sometimes called "VPN > > Pass Through") assuming there is only one PPTP client behind NAT. What > > you are seeing is most likely this case. > > > > There are, however, routers with more intelligence in this regard, > > which is capable of handling GRE over NAT with many clients. 'natd' > > included in FreeBSD is one of such "smart" NAT implementation. > > Thanks, but what has me concerned is that fact that one client can connect > just fine. I belive they are using a watchguard firebox as their firewall. "One client works just fine but not two or more clients simultaneously" is a typical symptom you'll see when NAT device does simple "VPN Pass Through". > Aother strange thing is that we have had a Windows 2003 server behind this > Dlink router, and VPN worked with the Windows server. This is what led me > to belive that it may be something else. Do you mean you used Windows 2003 Server as a PPTP server or a PPTP client? If you used it as a PPTP client, did it always work OK with other PPTP clients simultaneously through that DLink router? Regards, From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 03:58:18 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F29EC16A4D0 for ; Thu, 15 Jul 2004 03:58:17 +0000 (GMT) Received: from ns2.alphaque.com (ns2.alphaque.com [202.75.47.153]) by mx1.FreeBSD.org (Postfix) with SMTP id 9B38C43D3F for ; Thu, 15 Jul 2004 03:58:16 +0000 (GMT) (envelope-from dinesh@alphaque.com) Received: (qmail 36794 invoked by uid 0); 15 Jul 2004 03:58:14 -0000 Received: from lucifer.net-gw.com (HELO prophet.alphaque.com) (202.75.47.153) by lucifer.net-gw.com with SMTP; 15 Jul 2004 03:58:14 -0000 Received: from localhost (localhost.alphaque.com [127.0.0.1]) by prophet.alphaque.com (8.12.11/8.12.9) with ESMTP id i6F3sfSi028790; Thu, 15 Jul 2004 11:54:41 +0800 (MYT) (envelope-from dinesh@alphaque.com) Date: Thu, 15 Jul 2004 11:54:41 +0800 (MYT) From: Dinesh Nair To: "Bruce A. Mah" In-Reply-To: <20040714214834.GA68506@tomcat.kitchenlab.org> Message-ID: <20040715115251.K364-100000@prophet.alphaque.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: staticblackz Subject: Re: FreeBSD and Hotspots X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 03:58:18 -0000 On Wed, 14 Jul 2004, Bruce A. Mah wrote: > If memory serves me right, staticblackz wrote: > > > I am trying to build a hotspot for freebsd I was wondering how > > something like this would be made, is there already one out there I > > can use. I would need it to redirect users to some web page ran off > > apache that can send their logon info to the radius server also > > making it so they can't browse the net until they were authenticated > > with the radius server. > > Recent beta versions of m0n0wall (a FreeBSD-based firewall) have > captive portal support. I haven't tried this feature personally, but > I'm pretty sure there's RADIUS support. there is RADIUS authentication support in m0n0wall's captive portal. RADIUS accounting will soon be added in, when i've completed testing of that module. m0n0wall's captive portal also handles pass-through MAC addresses and IP address, i.e. clients which can pass through the captive portal without authenticating. Regards, /\_/\ "All dogs go to heaven." dinesh@alphaque.com (0 0) http://www.alphaque.com/ +==========================----oOO--(_)--OOo----==========================+ | for a in past present future; do | | for b in clients employers associates relatives neighbours pets; do | | echo "The opinions here in no way reflect the opinions of my $a $b." | | done; done | +=========================================================================+ From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 05:12:34 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E5AA716A4CE for ; Thu, 15 Jul 2004 05:12:34 +0000 (GMT) Received: from cow.home.mshindo.net (usen-221x245x168x210.ap-US01.usen.ad.jp [221.245.168.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC65443D1D for ; Thu, 15 Jul 2004 05:12:33 +0000 (GMT) (envelope-from mshindo@mshindo.net) Received: from localhost (usen-221x245x168x210.ap-US01.usen.ad.jp [221.245.168.210]) by cow.home.mshindo.net (8.12.6/8.12.6) with ESMTP id i6F5GIw9053323; Thu, 15 Jul 2004 14:16:19 +0900 (JST) (envelope-from mshindo@mshindo.net) Date: Thu, 15 Jul 2004 14:12:30 +0900 (JST) Message-Id: <20040715.141230.18312145.mshindo@mshindo.net> To: mikej@rogers.com From: Motonori Shindo In-Reply-To: <3665.192.168.0.200.1089862617.squirrel@192.168.0.200> References: <3545.192.168.0.200.1089857749.squirrel@192.168.0.200> <20040715.113844.39154001.mshindo@mshindo.net> <3665.192.168.0.200.1089862617.squirrel@192.168.0.200> X-Mailer: Mew version 4.0.65 on Emacs 21.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: PPTP VPN using MPD behind NAT help needed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 05:12:35 -0000 Mike, I apology. I should have read your description more carefully. Looks like mpd is trying to send an ConfReq but it either didn't get delivered to the peer, or, ConfAck as a response to the ConfReq didn't come back for some reason. This may be a timing issue which party initiates LCP ConfReq first. I guess one particular side may have to initiate ConfReq first so that NAT works OK. Mpd log for successful case and tcpdump capture (for both successful and unsuccessful case) on the machine mpd is running may help for further investigation. Regards, From: "Mike Jakubik" Subject: Re: PPTP VPN using MPD behind NAT help needed Date: Wed, 14 Jul 2004 23:36:57 -0400 (EDT) > Motonori Shindo said: > > >> > This seems like a DSL router's problem. Because PPTP encapsulates PPP > >> > using GRE, which is neither TCP nor UDP, routers sometimes can not NAT > >> > PPTP traffic. Some router conqurs this problem by simply "passing > >> > through" GRE packets (and hence this feature is sometimes called "VPN > >> > Pass Through") assuming there is only one PPTP client behind NAT. What > >> > you are seeing is most likely this case. > >> > > >> > There are, however, routers with more intelligence in this regard, > >> > which is capable of handling GRE over NAT with many clients. 'natd' > >> > included in FreeBSD is one of such "smart" NAT implementation. > >> > >> Thanks, but what has me concerned is that fact that one client can > >> connect > >> just fine. I belive they are using a watchguard firebox as their > >> firewall. > > > > "One client works just fine but not two or more clients > > simultaneously" is a typical symptom you'll see when NAT device does > > simple "VPN Pass Through". > > I never said simultaneously, i mean that only one of them can connect. > They are not all connecting at once. > > > >> Aother strange thing is that we have had a Windows 2003 server behind > >> this > >> Dlink router, and VPN worked with the Windows server. This is what led > >> me > >> to belive that it may be something else. > > > > Do you mean you used Windows 2003 Server as a PPTP server or a PPTP > > client? If you used it as a PPTP client, did it always work OK with > > other PPTP clients simultaneously through that DLink router? > > > > Regards, > > Yes, as a PPTP server. Also, we have no problems establishing more than > one outgoing PPTP connection via this router. From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 08:52:25 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69E9C16A4CE for ; Thu, 15 Jul 2004 08:52:25 +0000 (GMT) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC56343D46 for ; Thu, 15 Jul 2004 08:52:24 +0000 (GMT) (envelope-from glebius@freebsd.org) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.11/8.12.8) with ESMTP id i6F8qKs0017415 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Jul 2004 12:52:21 +0400 (MSD) (envelope-from glebius@freebsd.org) Received: (from glebius@localhost) by cell.sick.ru (8.12.11/8.12.11/Submit) id i6F8qKYw017414; Thu, 15 Jul 2004 12:52:20 +0400 (MSD) (envelope-from glebius@freebsd.org) X-Authentication-Warning: cell.sick.ru: glebius set sender to glebius@freebsd.org using -f Date: Thu, 15 Jul 2004 12:52:19 +0400 From: Gleb Smirnoff To: Gary Corcoran Message-ID: <20040715085219.GA17358@cell.sick.ru> Mail-Followup-To: Gleb Smirnoff , Gary Corcoran , freebsd-net@freebsd.org References: <40F5C880.3090206@comcast.net> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <40F5C880.3090206@comcast.net> User-Agent: Mutt/1.5.6i cc: freebsd-net@freebsd.org Subject: Re: DHCP server over PPPoE server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 08:52:25 -0000 On Wed, Jul 14, 2004 at 07:57:52PM -0400, Gary Corcoran wrote: G> I shutdown my regular DHCP server over the em0 ethernet interface, G> and tried starting up dhcpd to use the ng0 interface that gets G> created by mpd. It complains a little about em0 and ng0 using G> the same subnet, but starts up and sits there, in debug mode G> (so I can see all messages on the console). DHCP protocol is designed for broadcast networks, not for PPP. It will not work on ppp interface. If you want your server to assing address to its clients, you should use LCP. To configure the latter read mpd docs. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 15:53:07 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF4B816A4CE; Thu, 15 Jul 2004 15:53:07 +0000 (GMT) Received: from sccrmhc13.comcast.net (sccrmhc13.comcast.net [204.127.202.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8665443D45; Thu, 15 Jul 2004 15:53:07 +0000 (GMT) (envelope-from garycor@comcast.net) Received: from [10.56.78.111] (pcp09118143pcs.union01.nj.comcast.net[69.142.234.88]) by comcast.net (sccrmhc13) with ESMTP id <2004071515530601600bicdte> (Authid: garycor); Thu, 15 Jul 2004 15:53:07 +0000 Message-ID: <40F6A878.9090407@comcast.net> Date: Thu, 15 Jul 2004 11:53:28 -0400 From: Gary Corcoran User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Gleb Smirnoff References: <40F5C880.3090206@comcast.net> <20040715085219.GA17358@cell.sick.ru> In-Reply-To: <20040715085219.GA17358@cell.sick.ru> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: DHCP server over PPPoE server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 15:53:08 -0000 Gleb Smirnoff wrote: > On Wed, Jul 14, 2004 at 07:57:52PM -0400, Gary Corcoran wrote: > G> I shutdown my regular DHCP server over the em0 ethernet interface, > G> and tried starting up dhcpd to use the ng0 interface that gets > G> created by mpd. It complains a little about em0 and ng0 using > G> the same subnet, but starts up and sits there, in debug mode > G> (so I can see all messages on the console). > > DHCP protocol is designed for broadcast networks, not for PPP. It > will not work on ppp interface. If you want your server to assing > address to its clients, you should use LCP. To configure the latter > read mpd docs. Thanks for the reply - but I'm trying to do something a little bit advanced, that I thought some of you might have already known about... Yes, I am having PPPoE/PPP assign the IP address to my client. The problem is that I need more - specifically vendor-specific configuration parameters, that can be obtained via DHCP. That's why I need to run DHCP over PPPoE. My research indicates that rather than doing the usual DHCP DISCOVER to start things off, I should be able to send a DHCP INFORM message, which includes my already-assigned IP address. The DHCP server should see this, it then MUST NOT (according to the RFC) lookup the address in its lease database, but it then should respond, sending the all the configuration parameters *except* an IP address, back to the IP address that was included in the message. Thus my desire to get dhcpd running with mpd pppoe... Any suggestions? Thanks, Gary From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 16:00:05 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B0B016A4CE for ; Thu, 15 Jul 2004 16:00:05 +0000 (GMT) Received: from mxsf11.cluster1.charter.net (mxsf11.cluster1.charter.net [209.225.28.211]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA28E43D46 for ; Thu, 15 Jul 2004 16:00:04 +0000 (GMT) (envelope-from archie@dellroad.org) Received: from mxip10.cluster1.charter.net (mxip10a.cluster1.charter.net [209.225.28.140])i6FG4pat011509 for ; Thu, 15 Jul 2004 12:04:51 -0400 Received: from cable-24-196-25-11.mtv.al.charter.com (HELO InterJet.dellroad.org) (24.196.25.11) by mxip10.cluster1.charter.net with ESMTP; 15 Jul 2004 12:00:03 -0400 X-Ironport-AV: i="3.81R,170,1083556800"; d="scan'208"; a="119313554:sNHT13025244" Received: from arch20m.dellroad.org ([10.104.180.64]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id KAA75879; Thu, 15 Jul 2004 10:54:27 -0500 (CDT) Received: from arch20m.dellroad.org (localhost [127.0.0.1]) i6FFsN5B000970; Thu, 15 Jul 2004 10:54:24 -0500 (CDT) (envelope-from archie@arch20m.dellroad.org) Received: (from archie@localhost) by arch20m.dellroad.org (8.12.9p2/8.12.9/Submit) id i6FFsNxA000969; Thu, 15 Jul 2004 10:54:23 -0500 (CDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200407151554.i6FFsNxA000969@arch20m.dellroad.org> In-Reply-To: <20040713075707.GA5691@phat.za.net> To: Aragon Gouveia Date: Thu, 15 Jul 2004 10:54:23 -0500 (CDT) X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: mpd PPTP dropped packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 16:00:05 -0000 Aragon Gouveia wrote: > I'm having a wierd problem I can't seem to narrow down. I've tried posting > to the mpd-users list, but didn't receive a response. Am hoping someone here > can help me out. > > Here's a quick pic of my connectivity layout: > > Notebook <- ADSL -> VPN server <- Ethernet -> FTP server > > The notebook is running FreeBSD 5.2.1-RELEASE-p5. The VPN server FreeBSD > 4.10-RELEASE. The FTP server FreeBSD 4.7-RELEASE. Try applying these patches to the 4.10 machine and rebuilding mpd... http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netgraph/ng_pptpgre.c.diff?r1=1.2.2.14&r2=1.2.2.15 http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netgraph/ng_pptpgre.h.diff?r1=1.1.4.4&r2=1.1.4.5 Don't know if that's the problem or not but worth a shot. -Archie __________________________________________________________________________ Archie Cobbs * CTO, Awarix * http://www.awarix.com From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 17:29:33 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0940116A4CE; Thu, 15 Jul 2004 17:29:33 +0000 (GMT) Received: from a.mail.sonic.net (a.mail.sonic.net [64.142.16.245]) by mx1.FreeBSD.org (Postfix) with ESMTP id EEA8E43D4C; Thu, 15 Jul 2004 17:29:32 +0000 (GMT) (envelope-from bmah@freebsd.org) Received: from tomcat.kitchenlab.org (adsl-64-142-31-107.sonic.net [64.142.31.107]) by a.mail.sonic.net (8.12.11/8.12.11) with ESMTP id i6FHSr9M031150 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 15 Jul 2004 10:28:54 -0700 Received: from tomcat.kitchenlab.org (localhost.kitchenlab.org [127.0.0.1]) i6FHSr6Q072914; Thu, 15 Jul 2004 10:28:53 -0700 (PDT) (envelope-from bmah@freebsd.org) Received: (from bmah@localhost) by tomcat.kitchenlab.org (8.12.11/8.12.11/Submit) id i6FHSqot072913; Thu, 15 Jul 2004 10:28:52 -0700 (PDT) (envelope-from bmah@freebsd.org) X-Authentication-Warning: tomcat.kitchenlab.org: bmah set sender to bmah@freebsd.org using -f From: "Bruce A. Mah" To: Dinesh Nair In-Reply-To: <20040715115251.K364-100000@prophet.alphaque.com> References: <20040715115251.K364-100000@prophet.alphaque.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-EJ6vUKoIM3egUFNXe2I1" Message-Id: <1089912531.71725.61.camel@tomcat.kitchenlab.org> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Thu, 15 Jul 2004 10:28:52 -0700 cc: freebsd-net@freebsd.org cc: staticblackz cc: "Bruce A. Mah" Subject: Re: FreeBSD and Hotspots X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 17:29:33 -0000 --=-EJ6vUKoIM3egUFNXe2I1 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2004-07-14 at 20:54, Dinesh Nair wrote: > On Wed, 14 Jul 2004, Bruce A. Mah wrote: >=20 > > If memory serves me right, staticblackz wrote: > > > > > I am trying to build a hotspot for freebsd I was wondering how > > > something like this would be made, is there already one out there I > > > can use. I would need it to redirect users to some web page ran off > > > apache that can send their logon info to the radius server also > > > making it so they can't browse the net until they were authenticated > > > with the radius server. > > > > Recent beta versions of m0n0wall (a FreeBSD-based firewall) have > > captive portal support. I haven't tried this feature personally, but > > I'm pretty sure there's RADIUS support. >=20 > there is RADIUS authentication support in m0n0wall's captive portal. > RADIUS accounting will soon be added in, when i've completed testing of > that module. m0n0wall's captive portal also handles pass-through MAC > addresses and IP address, i.e. clients which can pass through the captive > portal without authenticating. Thanks, Dinesh. That sounds very nice...I'll have to check out one of the betas. Hmmm...looks like it's time to go buy another Soekris box... :-) Bruce. --=-EJ6vUKoIM3egUFNXe2I1 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBA9r7T2MoxcVugUsMRAs4aAJ9qhMYTJzweFuAfca9iPnMuowAYLQCg6JLX d1e6OJNAegthlsTQqnJZIXU= =mRfK -----END PGP SIGNATURE----- --=-EJ6vUKoIM3egUFNXe2I1-- From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 19:28:44 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9C69316A4CE for ; Thu, 15 Jul 2004 19:28:44 +0000 (GMT) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id E1E3E43D1D for ; Thu, 15 Jul 2004 19:28:43 +0000 (GMT) (envelope-from glebius@freebsd.org) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.11/8.12.8) with ESMTP id i6FJScnJ021381 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Jul 2004 23:28:39 +0400 (MSD) (envelope-from glebius@freebsd.org) Received: (from glebius@localhost) by cell.sick.ru (8.12.11/8.12.11/Submit) id i6FJSc2g021380; Thu, 15 Jul 2004 23:28:38 +0400 (MSD) (envelope-from glebius@freebsd.org) X-Authentication-Warning: cell.sick.ru: glebius set sender to glebius@freebsd.org using -f Date: Thu, 15 Jul 2004 23:28:37 +0400 From: Gleb Smirnoff To: Gary Corcoran Message-ID: <20040715192837.GB21326@cell.sick.ru> Mail-Followup-To: Gleb Smirnoff , Gary Corcoran , freebsd-net@freebsd.org References: <40F5C880.3090206@comcast.net> <20040715085219.GA17358@cell.sick.ru> <40F6A878.9090407@comcast.net> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <40F6A878.9090407@comcast.net> User-Agent: Mutt/1.5.6i cc: freebsd-net@freebsd.org Subject: Re: DHCP server over PPPoE server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 19:28:44 -0000 On Thu, Jul 15, 2004 at 11:53:28AM -0400, Gary Corcoran wrote: G> My research indicates that rather than doing the usual DHCP DISCOVER to G> start things off, I should be able to send a DHCP INFORM message, G> which includes my already-assigned IP address. The DHCP server should G> see this, it then MUST NOT (according to the RFC) lookup the address G> in its lease database, but it then should respond, sending the all the G> configuration parameters *except* an IP address, back to the IP address G> that was included in the message. G> G> Thus my desire to get dhcpd running with mpd pppoe... G> Any suggestions? Well if you even make your DHCP server send packets to already configured IP address, I'm afraid the client side will just ignore them. What operating system is on client side? -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 19:34:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76B7A16A4CE; Thu, 15 Jul 2004 19:34:12 +0000 (GMT) Received: from sccrmhc11.comcast.net (sccrmhc11.comcast.net [204.127.202.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0868F43D48; Thu, 15 Jul 2004 19:34:12 +0000 (GMT) (envelope-from garycor@comcast.net) Received: from [10.56.78.111] (pcp09118143pcs.union01.nj.comcast.net[69.142.234.88]) by comcast.net (sccrmhc11) with ESMTP id <2004071519341101100t5jm3e> (Authid: garycor); Thu, 15 Jul 2004 19:34:11 +0000 Message-ID: <40F6DC4A.5040109@comcast.net> Date: Thu, 15 Jul 2004 15:34:34 -0400 From: Gary Corcoran User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Gleb Smirnoff References: <40F5C880.3090206@comcast.net> <20040715085219.GA17358@cell.sick.ru> <40F6A878.9090407@comcast.net> <20040715192837.GB21326@cell.sick.ru> In-Reply-To: <20040715192837.GB21326@cell.sick.ru> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: DHCP server over PPPoE server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 19:34:12 -0000 Gleb Smirnoff wrote: > On Thu, Jul 15, 2004 at 11:53:28AM -0400, Gary Corcoran wrote: > G> My research indicates that rather than doing the usual DHCP DISCOVER to > G> start things off, I should be able to send a DHCP INFORM message, > G> which includes my already-assigned IP address. The DHCP server should > G> see this, it then MUST NOT (according to the RFC) lookup the address > G> in its lease database, but it then should respond, sending the all the > G> configuration parameters *except* an IP address, back to the IP address > G> that was included in the message. > G> > G> Thus my desire to get dhcpd running with mpd pppoe... > G> Any suggestions? > > Well if you even make your DHCP server send packets to already > configured IP address, I'm afraid the client side will just ignore them. > > What operating system is on client side? VxWorks. Gary From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 19:57:52 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0DD0B16A4CE for ; Thu, 15 Jul 2004 19:57:52 +0000 (GMT) Received: from mproxy.gmail.com (rproxy.gmail.com [64.233.170.206]) by mx1.FreeBSD.org (Postfix) with SMTP id AEF9A43D1F for ; Thu, 15 Jul 2004 19:57:51 +0000 (GMT) (envelope-from staticblackz@gmail.com) Received: by mproxy.gmail.com with SMTP id d19so614665rnf for ; Thu, 15 Jul 2004 12:57:51 -0700 (PDT) Received: by 10.38.9.24 with SMTP id 24mr173130rni; Thu, 15 Jul 2004 12:57:51 -0700 (PDT) Message-ID: Date: Thu, 15 Jul 2004 12:57:50 -0700 From: Staticblackz To: freebsd-net@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Routing Wireless cards to the internet X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 19:57:52 -0000 Ok I have a setup I have an ethernet port connected to or network and then to the internet and I have 2 atheros card pluged in with hostap mode on so they are access points I need to route those interfaces and the ip subnet behind each one to the internet each interface has a /26 bit ( 64 ip ) block and the first availble ip assigned to it assigned to the card I need to route those to the internet....I tried with zebra and ospf but had no luck....I really need some help here -Thank you From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 20:02:29 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E67F16A4CE for ; Thu, 15 Jul 2004 20:02:29 +0000 (GMT) Received: from out005.verizon.net (out005pub.verizon.net [206.46.170.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id CA63443D1D for ; Thu, 15 Jul 2004 20:02:28 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from [192.168.1.3] ([68.161.84.3]) by out005.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20040715200228.FPMJ3910.out005.verizon.net@[192.168.1.3]>; Thu, 15 Jul 2004 15:02:28 -0500 Message-ID: <40F6E2CC.50104@mac.com> Date: Thu, 15 Jul 2004 16:02:20 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.1) Gecko/20040707 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Staticblackz References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out005.verizon.net from [68.161.84.3] at Thu, 15 Jul 2004 15:02:27 -0500 cc: freebsd-net@freebsd.org Subject: Re: Routing Wireless cards to the internet X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 20:02:29 -0000 Staticblackz wrote: > Ok I have a setup I have an ethernet port connected to or network and > then to the internet and I have 2 atheros card pluged in with hostap > mode on so they are access points I need to route those interfaces and > the ip subnet behind each one to the internet each interface has a /26 > bit ( 64 ip ) block and the first availble ip assigned to it assigned > to the card I need to route those to the internet....I tried with > zebra and ospf but had no luck....I really need some help here Have you enabled "sysctl net.inet.ip.forwarding"? Does your upstream network connection know about the IP blocks you are setting up and have made provisions to route the traffic for them, or should you also consider using NAT? -- -Chuck From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 20:06:13 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1086616A4CE; Thu, 15 Jul 2004 20:06:13 +0000 (GMT) Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.198.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id C339943D1D; Thu, 15 Jul 2004 20:06:12 +0000 (GMT) (envelope-from garycor@comcast.net) Received: from [10.56.78.111] (pcp09118143pcs.union01.nj.comcast.net[69.142.234.88]) by comcast.net (rwcrmhc13) with ESMTP id <20040715200611015003mo6re> (Authid: garycor); Thu, 15 Jul 2004 20:06:12 +0000 Message-ID: <40F6E3CB.1020409@comcast.net> Date: Thu, 15 Jul 2004 16:06:35 -0400 From: Gary Corcoran User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Gleb Smirnoff References: <40F5C880.3090206@comcast.net> <20040715085219.GA17358@cell.sick.ru> <40F6A878.9090407@comcast.net> <20040715192837.GB21326@cell.sick.ru> In-Reply-To: <20040715192837.GB21326@cell.sick.ru> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: DHCP server over PPPoE server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 20:06:13 -0000 Gleb Smirnoff wrote: > On Thu, Jul 15, 2004 at 11:53:28AM -0400, Gary Corcoran wrote: > G> My research indicates that rather than doing the usual DHCP DISCOVER to > G> start things off, I should be able to send a DHCP INFORM message, > G> which includes my already-assigned IP address. The DHCP server should > G> see this, it then MUST NOT (according to the RFC) lookup the address > G> in its lease database, but it then should respond, sending the all the > G> configuration parameters *except* an IP address, back to the IP address > G> that was included in the message. > G> > G> Thus my desire to get dhcpd running with mpd pppoe... > G> Any suggestions? > > Well if you even make your DHCP server send packets to already > configured IP address, I'm afraid the client side will just ignore them. Actually, since I figured out how to get the DHCP client to send the request over PPPoE, by telling it to use the PPP device instead of the ethernet device, I think it will work, if I can get the server to send the response back over PPPoE. > What operating system is on client side? Again, it's VxWorks... Gary From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 20:07:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 59ABF16A4CE; Thu, 15 Jul 2004 20:07:12 +0000 (GMT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id EAD8543D3F; Thu, 15 Jul 2004 20:07:11 +0000 (GMT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.12.11/8.12.11) with ESMTP id i6FK7AGY090949; Thu, 15 Jul 2004 16:07:10 -0400 (EDT) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.12.11/8.12.11/Submit) id i6FK7AQl090948; Thu, 15 Jul 2004 16:07:10 -0400 (EDT) (envelope-from barney) Date: Thu, 15 Jul 2004 16:07:10 -0400 From: Barney Wolff To: Gleb Smirnoff , Gary Corcoran , freebsd-net@freebsd.org Message-ID: <20040715200710.GA90594@pit.databus.com> References: <40F5C880.3090206@comcast.net> <20040715085219.GA17358@cell.sick.ru> <40F6A878.9090407@comcast.net> <20040715192837.GB21326@cell.sick.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040715192837.GB21326@cell.sick.ru> User-Agent: Mutt/1.5.6i X-Scanned-By: MIMEDefang 2.43 Subject: Re: DHCP server over PPPoE server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 20:07:12 -0000 On Thu, Jul 15, 2004 at 11:28:37PM +0400, Gleb Smirnoff wrote: > On Thu, Jul 15, 2004 at 11:53:28AM -0400, Gary Corcoran wrote: > G> My research indicates that rather than doing the usual DHCP DISCOVER to > G> start things off, I should be able to send a DHCP INFORM message, > G> which includes my already-assigned IP address. The DHCP server should > G> see this, it then MUST NOT (according to the RFC) lookup the address > G> in its lease database, but it then should respond, sending the all the > G> configuration parameters *except* an IP address, back to the IP address > G> that was included in the message. > G> > G> Thus my desire to get dhcpd running with mpd pppoe... > G> Any suggestions? > > Well if you even make your DHCP server send packets to already > configured IP address, I'm afraid the client side will just ignore them. DHCP is not restricted to broadcast networks. In fact, the ietf-ppp(ext) working group is quite adamant that DHCP be used to get configuration data rather than adding new attributes to LCP/IPCP. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 20:38:44 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC0F016A4CE; Thu, 15 Jul 2004 20:38:44 +0000 (GMT) Received: from rwcrmhc12.comcast.net (rwcrmhc12.comcast.net [216.148.227.85]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C64B43D2F; Thu, 15 Jul 2004 20:38:44 +0000 (GMT) (envelope-from ebay01@chatusa.com) Received: from staticblackzt1 (c-67-171-255-237.client.comcast.net[67.171.255.237]) by comcast.net (rwcrmhc12) with SMTP id <20040715203843014003f8sre>; Thu, 15 Jul 2004 20:38:43 +0000 Message-ID: <004b01c46aab$b5754590$7000a8c0@staticblackzt1> From: "staticblackz" To: "Bruce A. Mah" , "Dinesh Nair" References: <20040715115251.K364-100000@prophet.alphaque.com> <1089912531.71725.61.camel@tomcat.kitchenlab.org> Date: Thu, 15 Jul 2004 13:38:37 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 cc: freebsd-net@freebsd.org Subject: Re: FreeBSD and Hotspots X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 20:38:44 -0000 I would have no problem using m0n0wall but I need to be able to have ssh access to compile othe rprograms needed I am using it on a comouter...is there any way to port the captive portal to another freebsd box or to rebuild m0n0wall to be just like FreeBSD? ----- Original Message ----- From: "Bruce A. Mah" To: "Dinesh Nair" Cc: "staticblackz" ; ; "Bruce A. Mah" Sent: Thursday, July 15, 2004 10:28 AM Subject: Re: FreeBSD and Hotspots From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 23:13:13 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D0C5A16A4CE for ; Thu, 15 Jul 2004 23:13:13 +0000 (GMT) Received: from a.mail.sonic.net (a.mail.sonic.net [64.142.16.245]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC81D43D2F for ; Thu, 15 Jul 2004 23:13:13 +0000 (GMT) (envelope-from bmah@freebsd.org) Received: from tomcat.kitchenlab.org (adsl-64-142-31-107.sonic.net [64.142.31.107]) by a.mail.sonic.net (8.12.11/8.12.11) with ESMTP id i6FNCecv010901 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 15 Jul 2004 16:12:40 -0700 Received: from tomcat.kitchenlab.org (localhost.kitchenlab.org [127.0.0.1]) i6FNCekm064710; Thu, 15 Jul 2004 16:12:40 -0700 (PDT) (envelope-from bmah@freebsd.org) Received: (from bmah@localhost) by tomcat.kitchenlab.org (8.12.11/8.12.11/Submit) id i6FNCdOQ064709; Thu, 15 Jul 2004 16:12:39 -0700 (PDT) (envelope-from bmah@freebsd.org) X-Authentication-Warning: tomcat.kitchenlab.org: bmah set sender to bmah@freebsd.org using -f From: "Bruce A. Mah" To: staticblackz In-Reply-To: <004b01c46aab$b5754590$7000a8c0@staticblackzt1> References: <20040715115251.K364-100000@prophet.alphaque.com> <1089912531.71725.61.camel@tomcat.kitchenlab.org> <004b01c46aab$b5754590$7000a8c0@staticblackzt1> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-3UZVUueHeyIcAs3cK2Ui" Message-Id: <1089933159.71725.185.camel@tomcat.kitchenlab.org> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Thu, 15 Jul 2004 16:12:39 -0700 cc: Dinesh Nair cc: freebsd-net@freebsd.org Subject: Re: FreeBSD and Hotspots X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 23:13:13 -0000 --=-3UZVUueHeyIcAs3cK2Ui Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, 2004-07-15 at 13:38, staticblackz wrote: > I would have no problem using m0n0wall but I need to be able to have ssh > access to compile othe rprograms needed I am using it on a comouter There is no SSH server on a m0n0wall system. Nor are there compilers.=20 It's been deliberately stripped down to be a firewall. > ...is > there any way to port the captive portal to another freebsd box or to > rebuild m0n0wall to be just like FreeBSD? "It's just software." Dinesh could probably comment on this since he wrote it but I'm sure that it's possible. If you put the words "captive portal freebsd" into your favorite search engine you'll find lots of information, including quite a few implementations. Google is your friend. :-) Bruce. --=-3UZVUueHeyIcAs3cK2Ui Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBA9w9n2MoxcVugUsMRAvVvAJ0ajiho4ekeU7mTjGdQDhre6FjsYgCdFeyz b1ypMaHkI/N0laqa8IihJSg= =tvH2 -----END PGP SIGNATURE----- --=-3UZVUueHeyIcAs3cK2Ui-- From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 23:13:38 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D35C416A4E1 for ; Thu, 15 Jul 2004 23:13:38 +0000 (GMT) Received: from mproxy.gmail.com (rproxy.gmail.com [64.233.170.193]) by mx1.FreeBSD.org (Postfix) with SMTP id 8064A43D53 for ; Thu, 15 Jul 2004 23:13:38 +0000 (GMT) (envelope-from staticblackz@gmail.com) Received: by mproxy.gmail.com with SMTP id d19so628725rnf for ; Thu, 15 Jul 2004 16:13:38 -0700 (PDT) Received: by 10.38.207.42 with SMTP id e42mr210420rng; Thu, 15 Jul 2004 16:13:38 -0700 (PDT) Message-ID: Date: Thu, 15 Jul 2004 16:13:38 -0700 From: Staticblackz To: Chuck Swiger In-Reply-To: <40F6E2CC.50104@mac.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <40F6E2CC.50104@mac.com> cc: freebsd-net@freebsd.org Subject: Re: Routing Wireless cards to the internet X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 23:13:39 -0000 I control the upstream network, it is also running ospf so basically I need a sample configuration or something along those lines for zebra or some other ospfd daemon. On Thu, 15 Jul 2004 16:02:20 -0400, Chuck Swiger wrote: > > > Staticblackz wrote: > > Ok I have a setup I have an ethernet port connected to or network and > > then to the internet and I have 2 atheros card pluged in with hostap > > mode on so they are access points I need to route those interfaces and > > the ip subnet behind each one to the internet each interface has a /26 > > bit ( 64 ip ) block and the first availble ip assigned to it assigned > > to the card I need to route those to the internet....I tried with > > zebra and ospf but had no luck....I really need some help here > > Have you enabled "sysctl net.inet.ip.forwarding"? > > Does your upstream network connection know about the IP blocks you are setting > up and have made provisions to route the traffic for them, or should you also > consider using NAT? > > -- > -Chuck > > From owner-freebsd-net@FreeBSD.ORG Fri Jul 16 00:09:34 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CDEBC16A4CE for ; Fri, 16 Jul 2004 00:09:34 +0000 (GMT) Received: from smtp1.adl2.internode.on.net (smtp1.adl2.internode.on.net [203.16.214.181]) by mx1.FreeBSD.org (Postfix) with ESMTP id 374CC43D5D for ; Fri, 16 Jul 2004 00:09:34 +0000 (GMT) (envelope-from joshua@fuckmicrosoft.com) Received: from mail.internode.on.net (ppp235-177.lns1.bne3.internode.on.net [203.122.235.177])i6G09W4Y014224 for ; Fri, 16 Jul 2004 09:39:32 +0930 (CST) Date: Fri, 16 Jul 2004 10:09:35 +1000 To: freebsd-net@freebsd.org From: josh Content-Type: text/plain; format=flowed; delsp=yes; charset=utf-8 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID: User-Agent: Opera M2/7.50 (Win32, build 3778) Subject: Large delays (2 minute) with dummynet X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jul 2004 00:09:34 -0000 I hope this is the right list to post to. I'd like to delay a shoutcast stream by around 2 minutes. This shoutcast server is used to broadcast commentary on live games and the delay is needed so teams can't gain an advantage by hearing the commentary to learn where/what the other team is doing. I've checked the shoutcast forums and it seems there's nothing I can do to the shoutcast daemon to get this delay. Shoutcast listens on tcp/8001 for an input stream, and tcp/8000 for listeners to connect to. With 100 streams each using 48kbps, how practical is it to put them all through a dummynet pipe with a delay of 120000ms? I figure that'll require 100 * 48 / 8 * 120 / 1024 = 70MB of buffering in dummynet. That's heaps! Is that possible? Is that using mbufs? What would have to be tweaked up? I guess it'd be better if I could just add the 2mins of delay to the input stream so the delay buffer is smaller and fixed, but I don't know how the shoutcast protocol would like that or how the different TCP implementations would like it. Would ACKs be coming back to the shoutcaster 2 minutes late? Ideally it'd be best to have all this buffering happen intelligently in userland, but I can't find anything to do that. Am I barking up the wrong tree by looking at dummynet? Cheers, Josh From owner-freebsd-net@FreeBSD.ORG Fri Jul 16 02:58:06 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3546416A4CE for ; Fri, 16 Jul 2004 02:58:06 +0000 (GMT) Received: from smtp.netli.com (ip2-pal-focal.netli.com [66.243.52.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id E861343D49 for ; Fri, 16 Jul 2004 02:58:05 +0000 (GMT) (envelope-from vlm@netli.com) Received: (qmail 9969 invoked by uid 84); 16 Jul 2004 02:58:05 -0000 Received: from vlm@netli.com by l3-1 with qmail-scanner-0.96 (uvscan: v4.1.40/v4121. . Clean. Processed in 0.18507 secs); 16 Jul 2004 02:58:05 -0000 Received: from unknown (HELO ?172.17.1.12?) (172.17.1.12) by mx01-pal-lan.netli.lan with SMTP; 16 Jul 2004 02:58:05 -0000 Message-ID: <40F74447.9080306@netli.com> Date: Thu, 15 Jul 2004 19:58:15 -0700 From: Lev Walkin Organization: Netli, Inc. User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7) Gecko/20040630 X-Accept-Language: ru, en-us, en MIME-Version: 1.0 To: josh References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Large delays (2 minute) with dummynet X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jul 2004 02:58:06 -0000 josh wrote: > I hope this is the right list to post to. > > I'd like to delay a shoutcast stream by around 2 minutes. This > shoutcast server is used to broadcast commentary on live games and > the delay is needed so teams can't gain an advantage by hearing the > commentary to learn where/what the other team is doing. I've > checked the shoutcast forums and it seems there's nothing I can do > to the shoutcast daemon to get this delay. Shoutcast listens on > tcp/8001 for an input stream, and tcp/8000 for listeners to connect > to. > > With 100 streams each using 48kbps, how practical is it to put them > all through a dummynet pipe with a delay of 120000ms? I figure > that'll require 100 * 48 / 8 * 120 / 1024 = 70MB of buffering in > dummynet. That's heaps! Is that possible? Is that using mbufs? > What would have to be tweaked up? > > I guess it'd be better if I could just add the 2mins of delay to > the input stream so the delay buffer is smaller and fixed, but I > don't know how the shoutcast protocol would like that or how the > different TCP implementations would like it. Would ACKs be coming > back to the shoutcaster 2 minutes late? > > Ideally it'd be best to have all this buffering happen intelligently > in userland, but I can't find anything to do that. Am I barking up > the wrong tree by looking at dummynet? Yes, you most certainly are. The problem with TCP is that using the standard window sizes (~32-64k) on the client side and the RTT of two minutes, the transfer speed will naturally be, literally, couple of hundred bytes per second. You'll not be able to squeeze 48kbps into this pipe. Moreover, as the reaction time is slow, there will be various timeout-related glitches, stopping the transfer periodically and restarting it minutes later. The network-related delays can offer you no more than several seconds delay. The best approach is, indeed, a buffering application-level daemon. -- Lev Walkin vlm@netli.com From owner-freebsd-net@FreeBSD.ORG Fri Jul 16 07:22:40 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA32316A4D1 for ; Fri, 16 Jul 2004 07:22:40 +0000 (GMT) Received: from ns2.alphaque.com (ns2.alphaque.com [202.75.47.153]) by mx1.FreeBSD.org (Postfix) with SMTP id 8A14F43D1D for ; Fri, 16 Jul 2004 07:22:37 +0000 (GMT) (envelope-from dinesh@alphaque.com) Received: (qmail 75073 invoked by uid 0); 16 Jul 2004 07:22:33 -0000 Received: from lucifer.net-gw.com (HELO prophet.alphaque.com) (202.75.47.153) by lucifer.net-gw.com with SMTP; 16 Jul 2004 07:22:33 -0000 Received: from localhost (localhost.alphaque.com [127.0.0.1]) by prophet.alphaque.com (8.12.11/8.12.9) with ESMTP id i6G78a9w011768; Fri, 16 Jul 2004 15:08:36 +0800 (MYT) (envelope-from dinesh@alphaque.com) Date: Fri, 16 Jul 2004 15:08:36 +0800 (MYT) From: Dinesh Nair To: staticblackz In-Reply-To: <004b01c46aab$b5754590$7000a8c0@staticblackzt1> Message-ID: <20040716150417.T531-100000@prophet.alphaque.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: "Bruce A. Mah" cc: freebsd-net@freebsd.org Subject: Re: FreeBSD and Hotspots X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jul 2004 07:22:41 -0000 On Thu, 15 Jul 2004, staticblackz wrote: > I would have no problem using m0n0wall but I need to be able to have ssh > access to compile othe rprograms needed I am using it on a comouter...is > there any way to port the captive portal to another freebsd box or to > rebuild m0n0wall to be just like FreeBSD? m0n0wall is built as a firewall/router, and thus with security in mind, chooses to not put in utilities which are not strictly necessary. m0n0wall is derived/based on FreeBSD 4.10 for the current m0n0wall images. recent developments has had someone developing ssh functionality for m0n0wall, which you can find by searching the m0n0wall mailing lists at http://m0n0.ch/wall/list/ and http://m0n0.ch/wall/list-dev/ alernatively, you could pull down the m0n0wall images, and then using that add in more services/utilities which you require and then regenerate your own custom m0n0wall images. if m0n0wall is too restrictive for you, you may want consider using either m0n0BSD or building a PicoBSD image from /usr/src/release/picobsd/ Regards, /\_/\ "All dogs go to heaven." dinesh@alphaque.com (0 0) http://www.alphaque.com/ +==========================----oOO--(_)--OOo----==========================+ | for a in past present future; do | | for b in clients employers associates relatives neighbours pets; do | | echo "The opinions here in no way reflect the opinions of my $a $b." | | done; done | +=========================================================================+ From owner-freebsd-net@FreeBSD.ORG Fri Jul 16 09:01:31 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AF75216A4CE for ; Fri, 16 Jul 2004 09:01:31 +0000 (GMT) Received: from mail.geek.sh (decoder.geek.sh [196.36.198.81]) by mx1.FreeBSD.org (Postfix) with ESMTP id 092CE43D4C for ; Fri, 16 Jul 2004 09:01:31 +0000 (GMT) (envelope-from aragon@geek.sh) Received: by mail.geek.sh (Postfix, from userid 1000) id 4D19A24D13; Fri, 16 Jul 2004 11:01:28 +0200 (SAST) Date: Fri, 16 Jul 2004 11:01:28 +0200 From: Aragon Gouveia To: freebsd-net@freebsd.org Message-ID: <20040716090128.GB81762@phat.za.net> References: <20040713075707.GA5691@phat.za.net> <200407151554.i6FFsNxA000969@arch20m.dellroad.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200407151554.i6FFsNxA000969@arch20m.dellroad.org> User-Agent: Mutt/1.4i X-Operating-System: FreeBSD 4.8-RELEASE-p1 i386 Subject: Re: mpd PPTP dropped packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jul 2004 09:01:31 -0000 Hey Archie, | By Archie Cobbs | [ 2004-07-15 18:00 +0200 ] > Try applying these patches to the 4.10 machine and rebuilding mpd... > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netgraph/ng_pptpgre.c.diff?r1=1.2.2.14&r2=1.2.2.15 > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netgraph/ng_pptpgre.h.diff?r1=1.1.4.4&r2=1.1.4.5 > > Don't know if that's the problem or not but worth a shot. I applied them. It hasn't improved things though. Just want to make sure I did it right: 1. Apply patches to source. 2. cd /usr/src/sys/modules/netgraph ; make all 3. Unload existing ng_pptpgre, copy new module over, load new module. 4. Copy patched ng_pptpgre.h into /usr/include. 5. Recompile mpd. Should I try do the same on the 5.2.1 machine? Is there anything I can do to give you more information? Thanks, Aragon From owner-freebsd-net@FreeBSD.ORG Fri Jul 16 17:11:58 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ECA9D16A4CE for ; Fri, 16 Jul 2004 17:11:58 +0000 (GMT) Received: from mail.zvezda.number.ru (inet.zvezda.number.ru [213.247.132.145]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5111843D3F for ; Fri, 16 Jul 2004 17:11:58 +0000 (GMT) (envelope-from blacksir@number.ru) Received: from [213.247.175.19] (helo=blacksir) by mail.zvezda.number.ru with smtp (Exim) id 1BlWFg-000BiH-Cg for ; Fri, 16 Jul 2004 21:12:04 +0400 From: "Alexander Vasenin aka BlackSir" To: Date: Fri, 16 Jul 2004 21:11:56 +0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: base64 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Importance: Normal Subject: strange MACs in tcpdump output X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jul 2004 17:11:59 -0000 V2hhdCBpcyB0aGUgc3RyYW5nZSBNQUNzIGluIGJyYWNlcyBpbiB0aGUgZm9sbG93aW5nIG91dHB1 dCwgYW5kIHdoeSBvbiBzb21lIGxpbmVzIGl0IGV4aXN0IHdoaWxlIG9uIG90aGVycyAtIGlzIG5v dC4gSSd2ZSBjaGVja2VkIHRjcGR1bXAoOCkgYW5kIGFycCg0KSBhbmQgZm91bmQgbm90aGluZyBh Ym91dCB0aGlzLi4uDQoNCltyb290QCpdIHRjcGR1bXAgLWVudnZ2aSBmeHAyIGFycCBhbmQgbm90 IGV0aGVyIGhvc3QgMDo2MDpiMDozYzo5Mjo4Ng0KdGNwZHVtcDogbGlzdGVuaW5nIG9uIGZ4cDIN CjE5OjUzOjM4LjcyNzA1OCAwOjU6NWQ6MjU6Y2U6M2UgZmY6ZmY6ZmY6ZmY6ZmY6ZmYgMDgwNiA2 MDogYXJwIHdoby1oYXMgMTkyLjE2OC4yNTQuMSAoZmU6MTowOjA6Y2M6ODgpIHRlbGwgMTkyLjE2 OC4yNTQuMjUzDQogICAgICAgICAgICAgICAgICBeXl5zb3VyY2UgICAgICAgICBeXl50YXJnZXQg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBeXl4/Pz8NClJlYWwg TUFDIG9mIDE5Mi4xNjguMjU0LjEgaXMgMDo2MDpiMDozYzo5Mjo4Ng0KDQoxOTo1NDowMS41NDQy MTggMDoyMDplZDo4NTo2YTo1YyBmZjpmZjpmZjpmZjpmZjpmZiAwODA2IDYwOiBhcnAgd2hvLWhh cyAxOTIuMTY4LjE5OC4xIHRlbGwgMTkyLjE2OC4xOTguMjUNCg0KMTk6NTQ6MDIuMTgxMzQzIDA6 ZDA6Yjc6YTk6YTQ6M2EgZmY6ZmY6ZmY6ZmY6ZmY6ZmYgMDgwNiA2MDogYXJwIHdoby1oYXMgMTky LjE2OC4xOTguMSB0ZWxsIDE5Mi4xNjguMTk4LjExDQoNCjE5OjU0OjE4LjUwMzQ1MyAwOmMwOjQ5 OmNjOmMxOjIgZmY6ZmY6ZmY6ZmY6ZmY6ZmYgMDgwNiA2MDogYXJwIHdoby1oYXMgMTkyLjE2OC4y MDguNjUgKDA6NjA6YjA6M2M6OTI6ODYpIHRlbGwgMTkyLjE2OC4yMDguNzUNClJlYWwgTUFDIG9m IDE5Mi4xNjguMjA4LjY1IGlzIDA6NjA6YjA6M2M6OTI6ODYNCg0KMjA6MTA6MjUuMTIxOTg2IDA6 NTo1ZDplZDo2ZDo2OCBmZjpmZjpmZjpmZjpmZjpmZiAwODA2IDYwOiBhcnAgd2hvLWhhcyAxOTIu MTY4LjI1NC4xICg1ZDplZDo2ZDo2ODpjMDphOCkgdGVsbCAxOTIuMTY4LjI1NC4yNTINCiAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIF5eXj8/Pw0KV2hhdCBpcyBpdD8gTUFDIGluIGJyYWNl cyBpcyBsaWtlIHNyYyBNQUMgJ3NoaWZ0ZWQnIGJ5IDE2Yml0cz8/Pw0KDQpBbGV4YW5kZXIgVmFz ZW5pbiBha2EgQmxhY2tTaXI= From owner-freebsd-net@FreeBSD.ORG Fri Jul 16 23:43:32 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3BD6B16A4CE for ; Fri, 16 Jul 2004 23:43:32 +0000 (GMT) Received: from cow.home.mshindo.net (usen-221x245x168x210.ap-US01.usen.ad.jp [221.245.168.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01AB743D1F for ; Fri, 16 Jul 2004 23:43:26 +0000 (GMT) (envelope-from mshindo@mshindo.net) Received: from localhost (usen-221x245x168x211.ap-US01.usen.ad.jp [221.245.168.211]) by cow.home.mshindo.net (8.12.6/8.12.6) with ESMTP id i6GNlSw9066446; Sat, 17 Jul 2004 08:47:29 +0900 (JST) (envelope-from mshindo@mshindo.net) Date: Sat, 17 Jul 2004 08:43:23 +0900 (JST) Message-Id: <20040717.084323.35011909.mshindo@mshindo.net> To: blacksir@number.ru From: Motonori Shindo In-Reply-To: References: X-Mailer: Mew version 4.0.65 on Emacs 21.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: strange MACs in tcpdump output X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jul 2004 23:43:32 -0000 Alexander, Most implementations fill target hardware address (which I will refer to as 'THA' hereafter) with zero in ARP Request, so tcpdump omits to print it out in that case. If THA is not filled with zero, tcpdump prints it out with braces as you just saw. I don't know what OS of what version you are seeing this with, but it may be FreeBSD 5.0. If my memory serves me right, FreeBSD 5.0 didn't explicitly fill the THA with zero, so what will be seen in THA field is dependent on memory at that time. In theory, THA doesn't matter in ARP Request, but there are some implementations that do care about it (i.e. it doesn't respond to ARP Request if THA is not all-zero). FreeBSD 5.1 fixed this problem and now fills THA with all-zero in ARP Request. Regards, From: "Alexander Vasenin aka BlackSir" Subject: strange MACs in tcpdump output Date: Fri, 16 Jul 2004 21:11:56 +0400 > What is the strange MACs in braces in the following output, and why on some lines it exist while on others - is not. I've checked tcpdump(8) and arp(4) and found nothing about this... > > [root@*] tcpdump -envvvi fxp2 arp and not ether host 0:60:b0:3c:92:86 > tcpdump: listening on fxp2 > 19:53:38.727058 0:5:5d:25:ce:3e ff:ff:ff:ff:ff:ff 0806 60: arp who-has 192.168.254.1 (fe:1:0:0:cc:88) tell 192.168.254.253 > ^^^source ^^^target ^^^??? > Real MAC of 192.168.254.1 is 0:60:b0:3c:92:86 > > 19:54:01.544218 0:20:ed:85:6a:5c ff:ff:ff:ff:ff:ff 0806 60: arp who-has 192.168.198.1 tell 192.168.198.25 > > 19:54:02.181343 0:d0:b7:a9:a4:3a ff:ff:ff:ff:ff:ff 0806 60: arp who-has 192.168.198.1 tell 192.168.198.11 > > 19:54:18.503453 0:c0:49:cc:c1:2 ff:ff:ff:ff:ff:ff 0806 60: arp who-has 192.168.208.65 (0:60:b0:3c:92:86) tell 192.168.208.75 > Real MAC of 192.168.208.65 is 0:60:b0:3c:92:86 > > 20:10:25.121986 0:5:5d:ed:6d:68 ff:ff:ff:ff:ff:ff 0806 60: arp who-has 192.168.254.1 (5d:ed:6d:68:c0:a8) tell 192.168.254.252 > ^^^??? > What is it? MAC in braces is like src MAC 'shifted' by 16bits??? > > Alexander Vasenin aka BlackSir From owner-freebsd-net@FreeBSD.ORG Sat Jul 17 12:07:30 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 562F816A4CE for ; Sat, 17 Jul 2004 12:07:30 +0000 (GMT) Received: from us.svf.stuba.sk (us.svf.stuba.sk [147.175.16.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEA6143D45 for ; Sat, 17 Jul 2004 12:07:29 +0000 (GMT) (envelope-from md@us.svf.stuba.sk) Received: from us.svf.stuba.sk (localhost [127.0.0.1]) by us.svf.stuba.sk (8.12.11/8.12.11) with ESMTP id i6HC7PH1066590; Sat, 17 Jul 2004 14:07:26 +0200 (CEST) (envelope-from md@us.svf.stuba.sk) Received: (from md@localhost) by us.svf.stuba.sk (8.12.11/8.12.11/Submit) id i6HC7KNj066589; Sat, 17 Jul 2004 14:07:20 +0200 (CEST) (envelope-from md) Date: Sat, 17 Jul 2004 14:07:20 +0200 From: Marian Durkovic To: freebsd-net@freebsd.org Message-ID: <20040717120720.GA65909@us.svf.stuba.sk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on us.svf.stuba.sk Subject: Driver bge - broken jumbo frame support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jul 2004 12:07:30 -0000 Hi all, seems the jumbo frame support in bge driver for FreeBSD 4.10 is broken. With MTU set to 9000 bytes, the following happens (ping from other machine towards box with BCM5702): ping -s 8970 ... works fine (this generates packets 8998 bytes long) ping -s 8974 ... works fine (this generates 2 fragments: 8192 + 790 bytes) however ping -s 8972 generates packets 9000 bytes long - this freezes the card completely (watchdog timeout restarts it). This means, that the driver is not able to receive full sized jumbo packet (9000 bytes long), only packet 2 bytes shorter (8998 bytes long). The problem is present in the RX path, since the bge driver is able to send out 9000 bytes long packet and receive reply fragments without problem. Here's the dmesg output: bge0: mem 0xf9800000-0xf980ffff irq 10 at device 9.0 on pci0 .... bge0: watchdog timeout -- resetting bge0: gigabit link up Thanks in advance for any help. -------------------------------------------------------------------------- ---- ---- ---- Marian Durkovic network manager ---- ---- ---- ---- Slovak Technical University Tel: +421 2 524 51 301 ---- ---- Computer Centre, Nam. Slobody 17 Fax: +421 2 524 94 351 ---- ---- 812 43 Bratislava, Slovak Republic E-mail/sip: md@bts.sk ---- ---- ---- -------------------------------------------------------------------------- From owner-freebsd-net@FreeBSD.ORG Sat Jul 17 18:51:24 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C00716A4CE for ; Sat, 17 Jul 2004 18:51:24 +0000 (GMT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id E1DA243D1F for ; Sat, 17 Jul 2004 18:51:23 +0000 (GMT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2657.72) id ; Sat, 17 Jul 2004 14:51:23 -0400 Message-ID: From: Don Bowman To: "'net@freebsd.org'" Date: Sat, 17 Jul 2004 14:51:21 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain; charset="iso-8859-1" Subject: Question on SOCK_RAW, implement a bpf->other host tee X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jul 2004 18:51:24 -0000 I'm trying to implement a 'tee' which reads from bpf, and sends matching packets to another layer-2 adjacent host. I'm doing this with SOCK_RAW to try and write the packet back out. The 'sendto' passes, but i don't see a packet anywhere. Am i correct that i can hand an arbitrarily crafted IP packet into sendto, and the stack will write the ethernet header on, pick an interface, etc, based on the address in the sendto? I have swapped the ip_len, ip_off fields. The program I have is below. This is on 4.7. The handler gets called, the packet there looks correct, no error on any system call, yet no output :( Suggestions? /* * Copyright 2004 Sandvine Incorporated. All rights reserved */ #include #include #include #include #include #include #include #include void usage(const char *name) { fprintf(stderr, "Usage: %s [-I input_interface] [-O output_interface] [-i output_ip(arp for mac)] [-v]\n", name); exit(1); } typedef struct { int s; struct in_addr output_ip; } context; static int verbose; static void handler(unsigned char *ct, const struct pcap_pkthdr *hdr, const unsigned char *pkt) { struct ip *ip = (struct ip *)(pkt + 14); context *ctxt = (context *)ct; struct sockaddr_in to; memset(&to,0,sizeof(to)); to.sin_family = AF_INET; to.sin_addr = ctxt->output_ip; if (verbose) { fprintf(stderr, "Send %d byte packet\n", hdr->len); } ip->ip_len = htons(ip->ip_len); ip->ip_off = htons(ip->ip_off); if (sendto(ctxt->s, ip, hdr->len-14, 0, (struct sockaddr *)&to, sizeof(to)) != (hdr->len-14) ) { err(1, "sendto"); } } static int doit(const char *input_interface, const char *output_interface, struct in_addr output_ip) { char errbuf[PCAP_ERRBUF_SIZE]; pcap_t *in_d, *out_d; context ctxt; int on = 1; struct bpf_program fp; in_d = pcap_open_live((char *)input_interface, 1600, 1, 20, errbuf); if (in_d == 0) { errx(1, "open of %s failed: %s", input_interface, errbuf); } ctxt.output_ip.s_addr = htonl(output_ip.s_addr); ctxt.s = socket(PF_INET, SOCK_RAW, IPPROTO_RAW); if (ctxt.s < 0) errx(1, "can't open raw socket"); if (setsockopt(ctxt.s, IPPROTO_IP, IP_HDRINCL, (char *)&on, sizeof(on)) < 0) { err(1,"setsockopt"); } memset(&fp,0,sizeof(fp)); if (pcap_compile(in_d, &fp, "ip", 0, 0xfffffff0) < 0) { errx(1, "failed to compile: %s",pcap_geterr(in_d)); } if (pcap_setfilter(in_d, &fp) < 0) { errx(1, "failed to set filter"); } pcap_loop(in_d, -1, handler, (unsigned char *)&ctxt); } int main(int argc, char *argv[]) { int ch; char *input_interface = "ipfw0"; char *output_interface = "em2"; struct in_addr output_ip; output_ip.s_addr = 0; while ((ch = getopt(argc, argv, "I:O:i:vh?")) != -1) { switch (ch) { case 'I': input_interface = optarg; break; case 'O': output_interface = optarg; break; case 'i': if (inet_aton(optarg,&output_ip) < 0) { errx(1, "unknown ip %s", optarg); } break; case 'v': verbose = 1; break; case 'h': case '?': default: usage(argv[0]); } } if (verbose) fprintf(stderr, "%s->%s(%s)\n", input_interface,output_interface,inet_ntoa(output_ip)); return doit(input_interface,output_interface,output_ip); } From owner-freebsd-net@FreeBSD.ORG Sat Jul 17 19:00:37 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1D79816A4CE for ; Sat, 17 Jul 2004 19:00:37 +0000 (GMT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id A24A243D46 for ; Sat, 17 Jul 2004 19:00:36 +0000 (GMT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2657.72) id ; Sat, 17 Jul 2004 15:00:27 -0400 Message-ID: From: Don Bowman To: Don Bowman , "'net@freebsd.org'" Date: Sat, 17 Jul 2004 15:00:25 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain; charset="iso-8859-1" Subject: RE: Question on SOCK_RAW, implement a bpf->other host tee X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jul 2004 19:00:37 -0000 From: Don Bowman [mailto:don@sandvine.com] > I'm trying to implement a 'tee' which reads > from bpf, and sends matching packets to > another layer-2 adjacent host. > Sorry to follow up my own post, but... More specifically, it appears the packet does try and transmit, but the destination MAC is (uninitialised?) somewhat random, different on each packet, not legal. I can capture it on the correct output interface with tcpdump. The interface type is xl. Shouldn't the stack ARP for the destination in my 'sendto', and fill in the ether header? The ether-source is filled in, presumably by the driver. From owner-freebsd-net@FreeBSD.ORG Sat Jul 17 19:44:43 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E471A16A4CE for ; Sat, 17 Jul 2004 19:44:43 +0000 (GMT) Received: from out002.verizon.net (out002pub.verizon.net [206.46.170.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7378743D2D for ; Sat, 17 Jul 2004 19:44:43 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from [192.168.1.3] ([68.161.84.3]) by out002.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20040717194442.CZLK9273.out002.verizon.net@[192.168.1.3]>; Sat, 17 Jul 2004 14:44:42 -0500 Message-ID: <40F9817B.2070905@mac.com> Date: Sat, 17 Jul 2004 15:43:55 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.1) Gecko/20040707 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Don Bowman References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out002.verizon.net from [68.161.84.3] at Sat, 17 Jul 2004 14:44:42 -0500 cc: "'net@freebsd.org'" Subject: Re: Question on SOCK_RAW, implement a bpf->other host tee X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jul 2004 19:44:44 -0000 Don Bowman wrote: [ ... ] > Shouldn't the stack ARP for the destination > in my 'sendto', and fill in the ether header? By using SOCK_RAW, you are bypassing the IP layer (or PF_INET, whatever you wish to call it), which I think means that you are also bypassing the ARP lookup code which normally would do so. > The ether-source is filled in, presumably by > the driver. Yes, and probably recomputing the frame-level checksum, but that's about it. When using raw sockets, one should try to pass in a packet that is completely filled in. I've found using libnet (in ports as net/libnet) is a pretty reasonable way of constructing packets, if need be: you build a packet one ISO layer at a time, and it will fill in the things not being handled when using SOCK_RAW. Oh, if it's easier to swap sender and dest addresses within an existing packet, say for ICMP ECHO_REQUEST :-), by all means do so. Still, libnet and libpcap play nicely together. Is the problem that you don't know or have the MAC addr of the destination handy? -- -Chuck