From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 02:39:49 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D3732106564A for ; Sun, 19 Jul 2009 02:39:49 +0000 (UTC) (envelope-from webusers@n22.sivit.org) Received: from n22.sivit.org (n22.sivit.org [194.146.224.154]) by mx1.freebsd.org (Postfix) with ESMTP id 596548FC22 for ; Sun, 19 Jul 2009 02:39:49 +0000 (UTC) (envelope-from webusers@n22.sivit.org) Received: from n22.sivit.org (no-mail-server-here.eupencable.com [127.0.0.1]) by n22.sivit.org (8.12.8/8.12.8) with ESMTP id n6ILKr4F023764 for ; Sat, 18 Jul 2009 23:20:53 +0200 Received: (from webusers@localhost) by n22.sivit.org (8.12.8/8.12.8/Submit) id n6ILKreL023762; Sat, 18 Jul 2009 23:20:53 +0200 Date: Sat, 18 Jul 2009 23:20:53 +0200 Message-Id: <200907182120.n6ILKreL023762@n22.sivit.org> To: freebsd-net@freebsd.org ScriptPath: www.eam2.fr/Annonces/Annonces.php From: Bryan James MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit Subject: Order To New Zealand X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: bjsptyltd@gmail.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 02:39:50 -0000 <<< No Message Collected >>> From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 03:50:33 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0C7A4106566C; Sun, 19 Jul 2009 03:50:33 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id D623C8FC18; Sun, 19 Jul 2009 03:50:32 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6J3oWWT058412; Sun, 19 Jul 2009 03:50:32 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6J3oWqd058402; Sun, 19 Jul 2009 03:50:32 GMT (envelope-from linimon) Date: Sun, 19 Jul 2009 03:50:32 GMT Message-Id: <200907190350.n6J3oWqd058402@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/136893: ppp(8) crashing with port 65535 in "nat port" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 03:50:33 -0000 Synopsis: ppp(8) crashing with port 65535 in "nat port" Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Sun Jul 19 03:50:16 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=136893 From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 05:51:08 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AABFC106566C for ; Sun, 19 Jul 2009 05:51:08 +0000 (UTC) (envelope-from espartano.mail@gmail.com) Received: from mail-yx0-f181.google.com (mail-yx0-f181.google.com [209.85.210.181]) by mx1.freebsd.org (Postfix) with ESMTP id 680548FC13 for ; Sun, 19 Jul 2009 05:51:08 +0000 (UTC) (envelope-from espartano.mail@gmail.com) Received: by yxe11 with SMTP id 11so2731956yxe.3 for ; Sat, 18 Jul 2009 22:51:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=Bx15NICSXWKy6niZUY4w/TO/mdG+R7HaenytjtngTHU=; b=AsTuTA/Nado8gmmd7RMJ7rXM0YBLLj8CeFiyaL/c2PYBsrgtnR7l7W+gQh/CMKegSd 1o7AyQgczBp7Pnd9SsYExDLeMcCa2//JK468LdrR81nWMVu+V/l6enc43xVc9ALOaK0F 1PXf71B0qICoKzymSy3iraTrkwyORVDjWfSnM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=kP+gEVWMvTyDe+VajaKVL1dHur4eAZV3guJTKeDC9hRNe8JSfUTv3zfe0oSDzMptp2 /bUqymu6KW3rUx/rvFhBRzeeHkbuhpnbKweBhU2MvQuVmA8w6+a1b7CvzXX02Q+Qsnnu lHQs9FDTIATArFGxQ0JReRva6mPvT8WYCv9u4= MIME-Version: 1.0 Received: by 10.100.46.17 with SMTP id t17mr4279302ant.50.1247980818029; Sat, 18 Jul 2009 22:20:18 -0700 (PDT) Date: Sun, 19 Jul 2009 00:20:18 -0500 Message-ID: From: Espartano To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: OT: where to buy Atheros mini pci-exress? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 05:51:09 -0000 Hi folk, someone know where can I buy an Atheros mini pci-express card ? I want to get one of this card (Atheros mini pci-express card) for my laptop to use with freebsd of course but I can't to find out where or in what web page I could buy one. I will be glad getting any clue. Thanks in advanced. --=20 Un saludo y muchisimas gracias. Atte: Ing. Jorge S=E1nchez Escobedo. Sent from Orizaba, Ver, Mexico From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 07:16:17 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4E66A106566C; Sun, 19 Jul 2009 07:16:17 +0000 (UTC) (envelope-from brian@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 247A48FC19; Sun, 19 Jul 2009 07:16:17 +0000 (UTC) (envelope-from brian@FreeBSD.org) Received: from freefall.freebsd.org (brian@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6J7GHPb026987; Sun, 19 Jul 2009 07:16:17 GMT (envelope-from brian@freefall.freebsd.org) Received: (from brian@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6J7GH4M026981; Sun, 19 Jul 2009 07:16:17 GMT (envelope-from brian) Date: Sun, 19 Jul 2009 07:16:17 GMT Message-Id: <200907190716.n6J7GH4M026981@freefall.freebsd.org> To: brian@FreeBSD.org, freebsd-net@FreeBSD.org, brian@FreeBSD.org From: brian@FreeBSD.org Cc: Subject: Re: kern/136893: ppp(8) crashing with port 65535 in "nat port" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 07:16:17 -0000 Synopsis: ppp(8) crashing with port 65535 in "nat port" Responsible-Changed-From-To: freebsd-net->brian Responsible-Changed-By: brian Responsible-Changed-When: Sun Jul 19 07:15:48 UTC 2009 Responsible-Changed-Why: I'll take a look at this. http://www.freebsd.org/cgi/query-pr.cgi?pr=136893 From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 09:34:57 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 485D9106564A for ; Sun, 19 Jul 2009 09:34:57 +0000 (UTC) (envelope-from ebastan10@yahoo.com) Received: from web33504.mail.mud.yahoo.com (web33504.mail.mud.yahoo.com [68.142.206.153]) by mx1.freebsd.org (Postfix) with SMTP id DDB278FC12 for ; Sun, 19 Jul 2009 09:34:56 +0000 (UTC) (envelope-from ebastan10@yahoo.com) Received: (qmail 24765 invoked by uid 60001); 19 Jul 2009 09:08:14 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1247994494; bh=bY60IVl9s5sUgMEBqaiIU+YHJvJgpxcjYaCtlErNOS8=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=l0IOjJj/hkNcMUZDu32GOUFpPrjkdomT2dC7lfPnIP3bC4TTLuNlJnzefiPgY42Rmp3pdX//UwUqDqhJ1rJp3tzsF53ylgkH8v98MtR4EChVBqP5bkSZeoSI/4+enPVUm28MP8mObrax7YonbJt+3aD+3mgH8vc1PKcVjz3UePw= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=rwrA5kpT1X19tfmFyD6SFmPp7B6aeIfwK08jQf+HlRodMdgZe5otSQRf6apYasOVgGcZaECMuQWCsObXuZZHp/GR3Pr019eYGCQIOTzZptRIGBUg6KCKXIwZcMRnn/SAfnE/wj48lpYRDuD4G3sR3iy1cg8ScuAyRoTczDZnH6Y=; Message-ID: <220163.23742.qm@web33504.mail.mud.yahoo.com> X-YMail-OSG: nn.mBSMVM1mdVbNmxFCLQ89Er0N8NJ_kfMqmv5Mt69CJ16zHuh0wmd5plFbAH6b.xvPgNq8WnLQhtu3eE8d4BeUr0I06xS9CIQwDBx_pgosEVCIErskaS0Z6_jCFp7tq99ldco3N8yjNVrccSLIKnHIVeMCvzBsQmhxgLb.tOiXbUUp_DtpLEiy.OX3.NOcdiqqNLxk96nCmlU7H5WHYUOrTj6NFyZQ8sbfet4uW1kO0Uoda97uaJuZ1ECCH2FB.WvUaZspqvnheUQHLzywcmzMEOoonawuCODt51TVKyWlUdij56Th7gm4C Received: from [84.241.57.180] by web33504.mail.mud.yahoo.com via HTTP; Sun, 19 Jul 2009 02:08:14 PDT X-Mailer: YahooMailClassic/6.0.18 YahooMailWebService/0.7.289.15 Date: Sun, 19 Jul 2009 02:08:14 -0700 (PDT) From: Hooman Fazaeli To: freebsd-net@freebsd.org MIME-Version: 1.0 X-Mailman-Approved-At: Sun, 19 Jul 2009 15:08:53 +0000 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 09:34:57 -0000 Any one knows if there is any near plan to develop drivers for network cards based on broadcom NetXtereme II 57710 10 GbE controller? ----------------------- best regards Hooman Fazaeli From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 16:06:41 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 47E3C106566B for ; Sun, 19 Jul 2009 16:06:41 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63901.mail.re1.yahoo.com (web63901.mail.re1.yahoo.com [69.147.97.116]) by mx1.freebsd.org (Postfix) with SMTP id C6AAF8FC0C for ; Sun, 19 Jul 2009 16:06:40 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 58727 invoked by uid 60001); 19 Jul 2009 16:06:40 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1248019600; bh=mL5ZX1l61VmLE5ucUB/l+rQ5ESZRa+9P/coSGm1m02I=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=lNi4Yni/6KrNZa9vCljte2eTJbiwnp7KolhaMj6DS+nMv8S/3FGHsmQoNaDedJ82/HIkVPo5axRIVHSR82BZzvvDVRnB21I4wB4FmP9FXlapdw0DAPSMChj7qRWxjyNUU3bDJol6DbIS7vJsVdmkNpNHcDTqXv6qaQDaJYhsmoA= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=LOAoIZjNKGrJD7OrWVqg3+9GyFBCJ40KsXe8sI7qFSGxVVXj6UDJ+mkXVN1ymxMqeHG44RMCugOwNcAP6FPGGUw0VscSoTraNu29S8E72NfRRMLxzlgg+itmFT2rrJV4sI5tPCH8pCrV7rBmeGahvtNvQeOky4qCjFeUzRngJDE=; Message-ID: <50667.57004.qm@web63901.mail.re1.yahoo.com> X-YMail-OSG: 3U9oA0cVM1msjsDDLvz7WEzVJMdHCSpA9POFZiXCAMh0tafYtbHXrJJzG4VhUSoWuyVzu3chDkJ0zcFNgrHPJjghrWCmA6qcgkpEswDuHmMFsYFTryXWoL8sxPWn5A7YL43q2AluqZjC8uHzkZA7pYEbufUX4ZRVov.dbLAdYYqI6_IMOC9jtpcn6AwO7EZNZSuP5t8Z3Co2XYt6P0fNVki1CvAUNeppgyAXQBQ76rT0XQc3ib3h.aOnrI2UQCaEAEwrRA7DHXG9Lx1NDfXuK9pcLHHrgEnkmOk9MWC9LuQbi_7R3s3SzwJ93RnyXFWWtbZ9aQG41cUwTWtQSkWIEfP_VaA13O6P146FRvLS Received: from [66.176.162.245] by web63901.mail.re1.yahoo.com via HTTP; Sun, 19 Jul 2009 09:06:40 PDT X-Mailer: YahooMailClassic/5.4.17 YahooMailWebService/0.7.289.15 Date: Sun, 19 Jul 2009 09:06:40 -0700 (PDT) From: Barney Cordoba To: freebsd-net@freebsd.org, Hooman Fazaeli MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Subject: Re: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 16:06:41 -0000 --- On Sun, 7/19/09, Hooman Fazaeli wrote: > From: Hooman Fazaeli > Subject: broadcom 57710 support > To: freebsd-net@freebsd.org > Date: Sunday, July 19, 2009, 5:08 AM > > Any one knows if there is any near plan to develop drivers > for > > network cards based on broadcom NetXtereme II 57710 > > 10 GbE controller? > > ----------------------- > best regards > Hooman Fazaeli Ok, I'll bite. What is so special about this particular part that you simply must use it in your 10GbE server? Barney From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 17:28:13 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 00BFE106564A; Sun, 19 Jul 2009 17:28:13 +0000 (UTC) (envelope-from onemda@gmail.com) Received: from mail-bw0-f208.google.com (mail-bw0-f208.google.com [209.85.218.208]) by mx1.freebsd.org (Postfix) with ESMTP id 49C608FC1A; Sun, 19 Jul 2009 17:28:11 +0000 (UTC) (envelope-from onemda@gmail.com) Received: by bwz4 with SMTP id 4so1410924bwz.43 for ; Sun, 19 Jul 2009 10:28:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=6P1ZVyNcBSMX8Dmh/2Uc5NQQd6rJYwD53Knh5n7ktG0=; b=ryv1P71/2cghmlNIjXvb4K0vb8+8gkEHurV7wAOnDXU+B2nGU1WcoXClcFfJ/qX+Qk vwbUkdMPt/6wegWZWCetGVT1BDHwliTVq3gdKs084OeIp9wGXnLXWglaU0VrEH2bYn86 QxVMQ/gdL/W8sxfLru9WC1CLJA+F1NJpUV0BA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=vaYxCW0kWdj3IdtT15KFzTv7namzJDKzUpoD9lTzg9nHZ3RaTh7rpfokqGaUdNexe9 79m3o+Hn5e3NRwAbQhgU9ITFKcIQoBTYf4AwGrSwCYuUpjDF6eKtsA7Nlon7lQ6YKVnd PnrgTzrcfqBdlJ7U55ume9fUGgmIH5wlcJmug= MIME-Version: 1.0 Received: by 10.204.51.210 with SMTP id e18mr3407490bkg.69.1248024491072; Sun, 19 Jul 2009 10:28:11 -0700 (PDT) In-Reply-To: <3a142e750907150027t106edef5m767dd0319f83bd63@mail.gmail.com> References: <3a142e750906080809i381c4e6amd93da8a135ab9bd3@mail.gmail.com> <1244477453.7794.2.camel@localhost> <3a142e750906081006v6369051dw75c5077e6032101f@mail.gmail.com> <1244656248.1701.53.camel@localhost> <3a142e750906101108v588e33dfsb0cb81f024c65cfb@mail.gmail.com> <1244658479.1701.56.camel@localhost> <3a142e750906101805re85136cif71eeeda2c641451@mail.gmail.com> <1245323702.1754.0.camel@localhost> <3a142e750907040333o3938c06y6369af6fa6976812@mail.gmail.com> <3a142e750907150027t106edef5m767dd0319f83bd63@mail.gmail.com> Date: Sun, 19 Jul 2009 19:28:10 +0200 Message-ID: <3a142e750907191028u15dfd769o26270d48d15ae664@mail.gmail.com> From: "Paul B. Mahol" To: current@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: net@freebsd.org Subject: Re: ndis lor: hal preemption lock X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 17:28:13 -0000 On 7/15/09, Paul B. Mahol wrote: > On 7/4/09, Paul B. Mahol wrote: >> On 6/18/09, Coleman Kane wrote: >>> I've committed this one as r194432. >> >> Ah, that one introduced regression. >> Switching ndisX up before creating vap will cause panic. >> Here is fix: >> >> --- /sys/dev/if_ndis/if_ndis.c 2009-06-28 09:15:54.000000000 +0000 >> +++ if_ndis.c 2009-07-04 10:23:41.000000000 +0000 >> @@ -2292,6 +2292,8 @@ >> ifp = sc->ifp; >> ic = ifp->if_l2com; >> vap = TAILQ_FIRST(&ic->ic_vaps); >> + if (vap == NULL) >> + return; >> >> if (!NDIS_INITIALIZED(sc)) { >> DPRINTF(("%s: NDIS not initialized\n", __func__)); > > Bump! > > Please commit. Beep! kern/136895 -- Paul From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 17:57:40 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EEBFB1065674 for ; Sun, 19 Jul 2009 17:57:40 +0000 (UTC) (envelope-from rpaulo@gmail.com) Received: from mail-ew0-f222.google.com (mail-ew0-f222.google.com [209.85.219.222]) by mx1.freebsd.org (Postfix) with ESMTP id 744EA8FC16 for ; Sun, 19 Jul 2009 17:57:40 +0000 (UTC) (envelope-from rpaulo@gmail.com) Received: by ewy22 with SMTP id 22so209129ewy.43 for ; Sun, 19 Jul 2009 10:57:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:cc:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-mailer; bh=XBToJ69Lcm8ixuO2FGWmyNlYvs4bucGfQ1Xaya8P99Y=; b=mM+UgHeFEAIDjnYeXoSKoBQv7THzsnY6TB8ngu6Ixt3l2kM3YUI+xYViruScjVFzRx Oustrlg6NgOmJr4AjBm1C/o/5BtBhhFXp0HDY2XOBySCg5lZAwfIWUOxsjYiLGQ3npPD UY/Y4uTWjS33AnDemG1F7zmadEyz5LRdJNQjE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=cc:message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-mailer; b=OVaXoRiPazhiUFm7xYdh253g0w6DX5y/6TtWPrO0+4R4FbSsfgJI+dl258ZTI6ZAij E4l3ygOpVLqW1jUs8sMCeBWsKGjNSwp+zkCi7HWh/837zpcTt3y5ppahaZ5m9pDkn8ni xhxXOtQH2LJiSMnJRyVvTEvz6v7ql7qNgmLww= Received: by 10.210.65.2 with SMTP id n2mr2209163eba.22.1248026259037; Sun, 19 Jul 2009 10:57:39 -0700 (PDT) Received: from omega.lan (bl6-145-160.dsl.telepac.pt [82.155.145.160]) by mx.google.com with ESMTPS id 5sm4565380eyh.16.2009.07.19.10.57.38 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sun, 19 Jul 2009 10:57:38 -0700 (PDT) Message-Id: <158A6BB0-3670-4D55-8247-5682B73390B3@gmail.com> From: Rui Paulo To: Espartano In-Reply-To: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Sun, 19 Jul 2009 18:57:37 +0100 References: X-Mailer: Apple Mail (2.935.3) Cc: freebsd-net@freebsd.org Subject: Re: OT: where to buy Atheros mini pci-exress? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 17:57:41 -0000 On 19 Jul 2009, at 06:20, Espartano wrote: > Hi folk, someone know where can I buy an Atheros mini pci-express > card ? > > I want to get one of this card (Atheros mini pci-express card) for my > laptop to use with freebsd of course but I can't to find out where or > in what web page I could buy one. www.netgate.com www.minipci.biz (great for EU people). Regards, -- Rui Paulo From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 20:38:01 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D769F106566C; Sun, 19 Jul 2009 20:38:01 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id ADA478FC14; Sun, 19 Jul 2009 20:38:01 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6JKc1kX084906; Sun, 19 Jul 2009 20:38:01 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6JKc18w084902; Sun, 19 Jul 2009 20:38:01 GMT (envelope-from linimon) Date: Sun, 19 Jul 2009 20:38:01 GMT Message-Id: <200907192038.n6JKc18w084902@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/136911: [netgraph] [panic] system panic on kldload ng_bpf.ko then options NETGRAPH_BPF is built in X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 20:38:02 -0000 Old Synopsis: sytem panic on kldload ng_bpf.ko then options NETGRAPH_BPF is built in New Synopsis: [netgraph] [panic] system panic on kldload ng_bpf.ko then options NETGRAPH_BPF is built in Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Sun Jul 19 20:37:08 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=136911 From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 21:45:58 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ABFB6106564A for ; Sun, 19 Jul 2009 21:45:58 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from shrew.net (shrew.net [206.223.169.85]) by mx1.freebsd.org (Postfix) with ESMTP id 6E8288FC08 for ; Sun, 19 Jul 2009 21:45:58 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from localhost (unknown [206.223.169.82]) by shrew.net (Postfix) with ESMTP id E024A79E29F; Sun, 19 Jul 2009 16:22:02 -0500 (CDT) Received: from shrew.net ([206.223.169.85]) by localhost (mx1.hub.org [206.223.169.82]) (amavisd-new, port 10024) with ESMTP id 88347-03; Sun, 19 Jul 2009 21:22:02 +0000 (UTC) Received: from hole.shrew.net (cpe-66-25-161-129.austin.res.rr.com [66.25.161.129]) by shrew.net (Postfix) with ESMTP id 2762A79E26B; Sun, 19 Jul 2009 16:22:00 -0500 (CDT) Received: from [10.22.200.30] (elon.shrew.net [10.22.200.30]) by hole.shrew.net (8.14.3/8.14.3) with ESMTP id n6JLKJf0080533 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 19 Jul 2009 16:20:20 -0500 (CDT) (envelope-from mgrooms@shrew.net) Message-ID: <4A638E76.2060706@shrew.net> Date: Sun, 19 Jul 2009 16:21:58 -0500 From: Matthew Grooms User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: multipart/mixed; boundary="------------050006090109070805040105" Cc: max@love2party.net Subject: FreeBSD + carp on VMWare ESX X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 21:45:58 -0000 This is a multi-part message in MIME format. --------------050006090109070805040105 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi all, I was having problems running carp on VMWare ESX 4 and did a little investigative work to determine the cause of the problem. There are several posts on the VMWare forums of other users having the same difficulty, so I know its not just me :) In any case, for carp to have a chance of working on ESX you have to enable promiscuous mode on the vSwitch the port group its associated with. But after doing this, carp interfaces immediately go into BACKUP state. If the the net.inet.carp.allow is set to 0, then they immediately move into a MASTER state. Of course this isn't useful if you actually want carp to work. tcpdump output showed multiple copies of the carp packets being bounced back to the host that emitted them. This made me suspect that the host was seeing its own advertisement, evaluating it as being sent by another host and placing its own carp interface into a BACKUP state as a result. To solve this, my first inclination was to add a pf rule to block all inbound carp traffic from itself for a given interface. Unfortunately, that didn't seem to work for some reason. I ended up writing a small kernel patch that basically does the same thing ( IPv4 only ) which does work without any problem that I can see. Unfortunately I don't have much experience with the FreeBSD kernel so I assume that its not safe to walk the interface address list without holding the appropriate lock. Would someone please have a look at this? I really need this to work in a production system. Others would likely be very happy to have this work as well, even if they have to apply a patch. Thanks in advance, -Matthew --------------050006090109070805040105 Content-Type: text/plain; name="ip_carp.c.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="ip_carp.c.diff" Index: ip_carp.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/ip_carp.c,v retrieving revision 1.52.2.3 diff -u -r1.52.2.3 ip_carp.c --- ip_carp.c 9 May 2009 00:35:38 -0000 1.52.2.3 +++ ip_carp.c 19 Jul 2009 20:12:49 -0000 @@ -533,7 +533,9 @@ { struct ip *ip = mtod(m, struct ip *); struct carp_header *ch; - int iplen, len; + struct ifnet *ifp = m->m_pkthdr.rcvif; + struct ifaddr *ifa; + int len, iplen; carpstats.carps_ipackets++; @@ -543,21 +545,39 @@ } /* check if received on a valid carp interface */ - if (m->m_pkthdr.rcvif->if_carp == NULL) { + if (ifp->if_carp == NULL) { carpstats.carps_badif++; CARP_LOG("carp_input: packet received on non-carp " "interface: %s\n", - m->m_pkthdr.rcvif->if_xname); + ifp->if_xname); m_freem(m); return; } + /* + * verify that the source address is not valid + * for the interface it was received on. this + * tends to happen with VMWare ESX vSwitches. + */ + TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { + struct in_addr in; + in.s_addr = ifatoia(ifa)->ia_addr.sin_addr.s_addr; + if (ifa->ifa_addr->sa_family == AF_INET && + in.s_addr == ip->ip_src.s_addr ) { + m_freem(m); + return; + } + } + /* verify that the IP TTL is 255. */ if (ip->ip_ttl != CARP_DFLTTL) { carpstats.carps_badttl++; CARP_LOG("carp_input: received ttl %d != 255i on %s\n", ip->ip_ttl, - m->m_pkthdr.rcvif->if_xname); + ifp->if_xname); m_freem(m); return; } @@ -592,7 +612,7 @@ carpstats.carps_badlen++; CARP_LOG("carp_input: packet too short %d on %s\n", m->m_pkthdr.len, - m->m_pkthdr.rcvif->if_xname); + ifp->if_xname); m_freem(m); return; } @@ -609,7 +629,7 @@ if (carp_cksum(m, len - iplen)) { carpstats.carps_badsum++; CARP_LOG("carp_input: checksum failed on %s\n", - m->m_pkthdr.rcvif->if_xname); + ifp->if_xname); m_freem(m); return; } --------------050006090109070805040105-- From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 22:35:22 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A25E8106566C for ; Sun, 19 Jul 2009 22:35:22 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from sepehrs.com (www.sepehrs.com [213.217.59.98]) by mx1.freebsd.org (Postfix) with ESMTP id CBAED8FC12 for ; Sun, 19 Jul 2009 22:35:21 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from [192.168.1.180] ([192.168.3.1]) by mail (8.14.3/8.14.3) with ESMTP id n6J8Jkjs072832 for ; Sun, 19 Jul 2009 12:49:46 +0430 (IRDT) Message-ID: <4A62D7DD.3040701@sepehrs.com> Date: Sun, 19 Jul 2009 12:52:53 +0430 From: "H.Fazaeli" User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 22:35:22 -0000 Is there any near plan to develop drivers for network cards based on broadcom NetXtereme II 57710 10 GbE controller? -- Best regards. Hooman Fazaeli Sepehr S. T. Co. Ltd. Web: http://www.sepehrs.com Tel: (9821)88975701-2 Fax: (9821)88983352 From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 22:57:09 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 75616106566B for ; Sun, 19 Jul 2009 22:57:09 +0000 (UTC) (envelope-from andrew@modulus.org) Received: from email.octopus.com.au (email.octopus.com.au [122.100.2.232]) by mx1.freebsd.org (Postfix) with ESMTP id 373608FC12 for ; Sun, 19 Jul 2009 22:57:08 +0000 (UTC) (envelope-from andrew@modulus.org) Received: by email.octopus.com.au (Postfix, from userid 1002) id 6D53617E4C; Mon, 20 Jul 2009 08:57:33 +1000 (EST) X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on email.octopus.com.au X-Spam-Level: X-Spam-Status: No, score=-1.4 required=10.0 tests=ALL_TRUSTED autolearn=failed version=3.2.3 Received: from [10.1.50.60] (ppp121-44-41-14.lns10.syd7.internode.on.net [121.44.41.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: admin@email.octopus.com.au) by email.octopus.com.au (Postfix) with ESMTP id 5E183173C9; Mon, 20 Jul 2009 08:57:29 +1000 (EST) Message-ID: <4A63A4B3.6090500@modulus.org> Date: Mon, 20 Jul 2009 08:56:51 +1000 From: Andrew Snow User-Agent: Thunderbird 2.0.0.14 (X11/20080523) MIME-Version: 1.0 To: Matthew Grooms References: <4A638E76.2060706@shrew.net> In-Reply-To: <4A638E76.2060706@shrew.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Net Subject: Re: FreeBSD + carp on VMWare ESX X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 22:57:09 -0000 Matthew Grooms wrote: > I was having problems running carp on VMWare ESX 4 and did a little > investigative work to determine the cause of the problem. If have tested CARP on ESX 3.5u4 successfully with a 32-bit FreeBSD guest with e1000 vNICs. As well as turning on promiscuous mode on the vSwitch, you have to enable "MAC Address changes" and "Forged transmits" as CARP requires these to work properly. Unless this is a vSphere-specific problem I must suspect your configuration as the problem. Do you want to post your CARP config? - Andrew From owner-freebsd-net@FreeBSD.ORG Sun Jul 19 23:25:27 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 30FB2106566B for ; Sun, 19 Jul 2009 23:25:27 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from shrew.net (shrew.net [206.223.169.85]) by mx1.freebsd.org (Postfix) with ESMTP id 03FAF8FC1A for ; Sun, 19 Jul 2009 23:25:26 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from localhost (unknown [206.223.169.82]) by shrew.net (Postfix) with ESMTP id F1FBD79E299; Sun, 19 Jul 2009 18:25:26 -0500 (CDT) Received: from shrew.net ([206.223.169.85]) by localhost (mx1.hub.org [206.223.169.82]) (amavisd-new, port 10024) with ESMTP id 03217-03; Sun, 19 Jul 2009 23:25:26 +0000 (UTC) Received: from hole.shrew.net (cpe-66-25-161-129.austin.res.rr.com [66.25.161.129]) by shrew.net (Postfix) with ESMTP id 1686D79E26B; Sun, 19 Jul 2009 18:25:25 -0500 (CDT) Received: from [10.66.59.117] (166-205-005-039.mobile.mymmode.com [166.205.5.39] (may be forged)) (authenticated bits=0) by hole.shrew.net (8.14.3/8.14.3) with ESMTP id n6JNNcpM080884 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Sun, 19 Jul 2009 18:23:44 -0500 (CDT) (envelope-from mgrooms@shrew.net) References: <4A638E76.2060706@shrew.net> <4A63A4B3.6090500@modulus.org> Message-Id: <3D3254E2-4E45-4C67-84D2-DB05660D768F@shrew.net> From: Matthew Grooms To: Andrew Snow In-Reply-To: <4A63A4B3.6090500@modulus.org> Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Mailer: iPhone Mail (7A341) Mime-Version: 1.0 (iPhone Mail 7A341) Date: Sun, 19 Jul 2009 18:25:03 -0500 Cc: FreeBSD Net Subject: Re: FreeBSD + carp on VMWare ESX X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2009 23:25:27 -0000 The other options you mention are enabled by default. This problem also effects pre vSphere versions but only under certain circumstances. Others claim this is only an issue when NIC teaming is in use. However, I disabled this feature and still experience the problem without the patch applied. I'll be happy to post the config when I'm back in front of the computer. It's not a configuration problem. I'm not new to FreeBSD or carp and have quite a bit of time invested trying to get this to work. Have a look at the vmware forums. A lot of folks have reported the problem in great detail and, as far as I can tell, have yet to get this working. -Matthew On Jul 19, 2009, at 5:56 PM, Andrew Snow wrote: > Matthew Grooms wrote: >> I was having problems running carp on VMWare ESX 4 and did a little >> investigative work to determine the cause of the problem. > > If have tested CARP on ESX 3.5u4 successfully with a 32-bit FreeBSD > guest with e1000 vNICs. > > As well as turning on promiscuous mode on the vSwitch, you have to > enable "MAC Address changes" and "Forged transmits" as CARP requires > these to work properly. > > Unless this is a vSphere-specific problem I must suspect your > configuration as the problem. Do you want to post your CARP config? > > > - Andrew From owner-freebsd-net@FreeBSD.ORG Mon Jul 20 09:30:20 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 68859106566C for ; Mon, 20 Jul 2009 09:30:20 +0000 (UTC) (envelope-from Brian.Jacobs@lodgenet.com) Received: from garbo.lodgenet.com (garbo.lodgenet.com [204.124.121.250]) by mx1.freebsd.org (Postfix) with ESMTP id 257F48FC1A for ; Mon, 20 Jul 2009 09:30:19 +0000 (UTC) (envelope-from Brian.Jacobs@lodgenet.com) Received: from hardy.lodgenet.com (hardy.lodgenet.com [10.16.101.109]) by garbo.lodgenet.com (8.12.11.20060308/8.12.11) with ESMTP id n6K9UIT7026571; Mon, 20 Jul 2009 04:30:18 -0500 Received: from sfcoex02.lodgenet.com (Not Verified[10.16.100.165]) by hardy.lodgenet.com with MailMarshal (v6, 4, 1, 5038) id ; Mon, 20 Jul 2009 04:30:18 -0500 Received: from host.lodgenet.com ([10.1.1.129]) by host.lodgenet.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 20 Jul 2009 04:30:17 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Mon, 20 Jul 2009 05:30:17 -0400 Message-ID: <126E45722B459248997856ECB72DEB7701285DED@host.lodgenet.com> In-Reply-To: <126E45722B459248997856ECB72DEB7701285DC2@host.lodgenet.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: GRE tunnel limitations Thread-Index: AcoGNNbm/PBfLtbTSturgrtD+n9ceQAACB1AALm2V9A= References: <126E45722B459248997856ECB72DEB7701285DC0@host.lodgenet.com><4A5F5927.3080904@elischer.org> <126E45722B459248997856ECB72DEB7701285DC2@host.lodgenet.com> From: "Jacobs, Brian" To: "Jacobs, Brian" , "Julian Elischer" , X-OriginalArrivalTime: 20 Jul 2009 09:30:17.0871 (UTC) FILETIME=[B1B601F0:01CA091C] Cc: Subject: RE: GRE tunnel limitations X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2009 09:30:20 -0000 For all interested, I've been doing some implementation work over the weekend. Tonight I did a cutover of 766 GRE tunnels to a RELENG_7 box: [root@yttrium /lso/dev/real]# uname -a FreeBSD yttrium.colo.XXXXXXXXXX.net 7.1-RELEASE FreeBSD 7.1-RELEASE #1: Mon Apr 13 11:37:56 EDT 2009 bjacobs@yttrium.colo. XXXXXXXXXX.net:/usr/obj/usr/src/sys/YTTRIUM i386 [root@yttrium /lso/dev/real]# ifconfig |grep gre |wc -l 766 [root@yttrium /lso/dev/real]# netstat -nr |wc -l=20 1494 [root@yttrium /lso/dev/real]# uptime 5:32AM up 74 days, 11:01, 5 users, load averages: 0.00, 0.26, 0.59 Load average is nothing (hovers between 0 and .20), although there isn't much traversing the tunnels (yet), nor have we implemented IPsec (yet -- next step, have crypto card if needed). Another project commencing shortly will push/pull about 10mb/s aggregate (estimate) across the collective tunnels. Please advise if the group (or any individuals) want performance data from real world usage. /bmj -----Original Message----- From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-net@freebsd.org] On Behalf Of Jacobs, Brian Sent: Thursday, July 16, 2009 12:50 PM To: Julian Elischer Cc: freebsd-net@freebsd.org Subject: RE: GRE tunnel limitations IP unnumbered between the two boxen. I've built some scripts to automatically generate config files, and then other scripts to automagically create the GRE interfaces and inject appropriate routes. GRE numbers are assigned sequentially based on config file lines (and are of no consequence): gre45: flags=3D9051 metric 0 mtu 1476 tunnel inet 10.3.100.39 --> 207.230.84.130 inet 10.3.100.39 --> 10.11.146.129 netmask 0xffffffff=20 gre46: flags=3D9051 metric 0 mtu 1476 tunnel inet 10.3.100.39 --> 12.35.57.131 inet 10.3.100.39 --> 10.10.201.1 netmask 0xffffffff 10.3.100.39 is the primary Ethernet interface address of the local box (terminator). 10.10.201.1 is the inside Ethernet of the remote box. Routing statement for 10.0.0.0/8 live on the remote box, and individual routes live on the concentrator: root@yttrium /root# netstat -nr | grep 10.10.201 10.10.201.0/26 10.10.201.1 UGS 0 2042 gre46 10.10.201.1 10.3.100.39 UH 1 49263 gre46 /bmj -----Original Message----- From: Julian Elischer [mailto:julian@elischer.org]=20 Sent: Thursday, July 16, 2009 12:45 PM To: Jacobs, Brian Cc: freebsd-net@freebsd.org Subject: Re: GRE tunnel limitations Jacobs, Brian wrote: > Does anyone have some realistic data on the number of GRE/ipip tunnels > FreeBSD 7.x can reasonably terminate? Assume no IPsec, just standard > encapsulation. I have an ad-hoc need to terminate about 1,4000 static > GRE tunnels (as Cisco 7206's are backordered until September). J >=20 > =20 >=20 > Thanks in advance! >=20 > =20 >=20 > /bmj >=20 > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" The limitation would be that there is an interface for reach one and=20 the interface 'interface' uses a linked list. it might work but there=20 would probably be scaling issues. I've often thought that what we need is a way to do "bulk encapsulatin=20 interfaces" where there is not an "interface" assigned to each=20 destination. (at least not one that shows up in 'ifconfig'). How will you want to decide which gre interface to use for a given=20 packet? is it just a standard routing decision based on the remote=20 address? _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Mon Jul 20 11:07:00 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EBF731065670 for ; Mon, 20 Jul 2009 11:07:00 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id D8F1A8FC20 for ; Mon, 20 Jul 2009 11:07:00 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6KB70KE002379 for ; Mon, 20 Jul 2009 11:07:00 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6KB70Se002375 for freebsd-net@FreeBSD.org; Mon, 20 Jul 2009 11:07:00 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 20 Jul 2009 11:07:00 GMT Message-Id: <200907201107.n6KB70Se002375@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-net@FreeBSD.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2009 11:07:01 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/136911 net [netgraph] [panic] system panic on kldload ng_bpf.ko t o kern/136876 net [bge] bge will not resume properly after suspend o kern/136836 net [ath] atheros card stops functioning after about 12 ho o kern/136803 net [sctp] [panic] Kernel panic and hanging on using SCTP o kern/136618 net [pf][stf] panic on cloning interface without unit numb o kern/136482 net [age] Attansic L1 Gigabit Ethernet recieves multicasts o kern/136168 net [em] em driver initialization fails on Intel 5000PSL m o kern/135836 net [bce] bce BCM5709 Watchdog after warm boot - ok after o kern/135502 net [periodic] Warning message raised by rtfree function i o kern/135222 net [igb] low speed routing between two igb interfaces o kern/135067 net [patch] [fib] Incorrect KASSERTs in sys/net/route.c o kern/134931 net [route] [fib] Route messages sent to all socket listen o kern/134658 net [bce] bce driver fails on PowerEdge m610 blade. o kern/134583 net [hang] Machine with jail freezes after random amount o o kern/134531 net [route] [panic] kernel crash related to routes/zebra o kern/134401 net [msk] [panic] Kernel Fatal trap 12: page fault while i o kern/134369 net [route] [ip6] IPV6 in Head broken for routing table up o kern/134168 net [ral] ral driver problem on RT2525 2.4GHz transceiver o kern/134157 net [dummynet] dummynet loads cpu for 100% and make a syst o kern/134079 net [em] "em0: Invalid MAC address" in FreeBSD-Current ( 8 o kern/133969 net [dummynet] [panic] Fatal trap 12: page fault while in o kern/133968 net [dummynet] [panic] dummynet kernel panic o kern/133902 net [tun] Killing tun0 iface ssh tunnel causes Panic Strin o kern/133736 net [udp] ip_id not protected ... o kern/133613 net [wpi] [panic] kernel panic in wpi(4) o kern/133595 net [panic] Kernel Panic at pcpu.h:195 o kern/133572 net [ppp] [hang] incoming PPTP connection hangs the system o kern/133490 net [bpf] [panic] 'kmem_map too small' panic on Dell r900 o kern/133328 net [bge] [panic] Kernel panics with Windows7 client o kern/133235 net [netinet] [patch] Process SIOCDLIFADDR command incorre o kern/133218 net [carp] [hang] use of carp(4) causes system to freeze o kern/133204 net [msk] msk driver timeouts o kern/133060 net [ipsec] [pfsync] [panic] Kernel panic with ipsec + pfs o kern/132991 net [bge] if_bge low performance problem f bin/132911 net ip6fw(8): argument type of fill_icmptypes is wrong and o kern/132889 net [ndis] [panic] NDIS kernel crash on load BCM4321 AGN d o kern/132885 net [wlan] 802.1x broken after SVN rev 189592 o conf/132851 net [fib] [patch] allow to setup fib for service running f o kern/132832 net [netinet] [patch] tcp_output() might generate invalid o bin/132798 net [patch] ggatec(8): ggated/ggatec connection slowdown p o kern/132734 net [ifmib] [panic] panic in net/if_mib.c o kern/132722 net [ath] Wifi ath0 associates fine with AP, but DHCP or I o kern/132705 net [libwrap] [patch] libwrap - infinite loop if hosts.all o kern/132672 net [ndis] [panic] ndis with rt2860.sys causes kernel pani o kern/132669 net [xl] 3c905-TX send DUP! in reply on ping (sometime) o kern/132625 net [iwn] iwn drivers don't support setting country o kern/132554 net [ipl] There is no ippool start script/ipfilter magic t o kern/132354 net [nat] Getting some packages to ipnat(8) causes crash o kern/132285 net [carp] alias gives incorrect hash in dmesg o kern/132277 net [crypto] [ipsec] poor performance using cryptodevice f o conf/132179 net [patch] /etc/network.subr: ipv6 rtsol on incorrect wla o kern/132107 net [carp] carp(4) advskew setting ignored when carp IP us o kern/131781 net [ndis] ndis keeps dropping the link o kern/131776 net [wi] driver fails to init o kern/131753 net [altq] [panic] kernel panic in hfsc_dequeue o bin/131567 net [socket] [patch] Update for regression/sockets/unix_cm o kern/131549 net ifconfig(8) can't clear 'monitor' mode on the wireless o kern/131536 net [netinet] [patch] kernel does allow manipulation of su o bin/131365 net route(8): route add changes interpretation of network o kern/131162 net [ath] Atheros driver bugginess and kernel crashes o kern/131153 net [iwi] iwi doesn't see a wireless network f kern/131087 net [ipw] [panic] ipw / iwi - no sent/received packets; iw f kern/130820 net [ndis] wpa_supplicant(8) returns 'no space on device' o kern/130628 net [nfs] NFS / rpc.lockd deadlock on 7.1-R o conf/130555 net [rc.d] [patch] No good way to set ipfilter variables a o kern/130525 net [ndis] [panic] 64 bit ar5008 ndisgen-erated driver cau o kern/130311 net [wlan_xauth] [panic] hostapd restart causing kernel pa o kern/130109 net [ipfw] Can not set fib for packets originated from loc f kern/130059 net [panic] Leaking 50k mbufs/hour o kern/129750 net [ath] Atheros AR5006 exits on "cannot map register spa f kern/129719 net [nfs] [panic] Panic during shutdown, tcp_ctloutput: in o kern/129580 net [ndis] Netgear WG311v3 (ndis) causes kenel trap at boo o kern/129517 net [ipsec] [panic] double fault / stack overflow o kern/129508 net [carp] [panic] Kernel panic with EtherIP (may be relat o kern/129352 net [xl] [patch] xl0 watchdog timeout o kern/129219 net [ppp] Kernel panic when using kernel mode ppp o kern/129197 net [panic] 7.0 IP stack related panic o kern/129135 net [vge] vge driver on a VIA mini-ITX not working o bin/128954 net ifconfig(8) deletes valid routes o kern/128917 net [wpi] [panic] if_wpi and wpa+tkip causing kernel panic o kern/128884 net [msk] if_msk page fault while in kernel mode o kern/128840 net [igb] page fault under load with igb/LRO o bin/128602 net [an] wpa_supplicant(8) crashes with an(4) o kern/128598 net [bluetooth] WARNING: attempt to net_add_domain(bluetoo o kern/128448 net [nfs] 6.4-RC1 Boot Fails if NFS Hostname cannot be res o conf/128334 net [request] use wpa_cli in the "WPA DHCP" situation o bin/128295 net [patch] ifconfig(8) does not print TOE4 or TOE6 capabi o bin/128001 net wpa_supplicant(8), wlan(4), and wi(4) issues o kern/127928 net [tcp] [patch] TCP bandwidth gets squeezed every time t o kern/127834 net [ixgbe] [patch] wrong error counting o kern/127826 net [iwi] iwi0 driver has reduced performance and connecti o kern/127815 net [gif] [patch] if_gif does not set vlan attributes from o kern/127724 net [rtalloc] rtfree: 0xc5a8f870 has 1 refs f bin/127719 net [arp] arp: Segmentation fault (core dumped) s kern/127587 net [bge] [request] if_bge(4) doesn't support BCM576X fami f kern/127528 net [icmp]: icmp socket receives icmp replies not owned by o bin/127192 net routed(8) removes the secondary alias IP of interface f kern/127145 net [wi]: prism (wi) driver crash at bigger traffic o kern/127102 net [wpi] Intel 3945ABG low throughput o kern/127057 net [udp] Unable to send UDP packet via IPv6 socket to IPv o kern/127050 net [carp] ipv6 does not work on carp interfaces [regressi o kern/126945 net [carp] CARP interface destruction with ifconfig destro o kern/126924 net [an] [patch] printf -> device_printf and simplify prob o kern/126895 net [patch] [ral] Add antenna selection (marked as TBD) o kern/126874 net [vlan]: Zebra problem if ifconfig vlanX destroy o bin/126822 net wpa_supplicant(8): WPA PSK does not work in adhoc mode o kern/126714 net [carp] CARP interface renaming makes system no longer o kern/126695 net rtfree messages and network disruption upon use of if_ o kern/126688 net [ixgbe] [patch] 1.4.7 ixgbe driver panic with 4GB and o kern/126475 net [ath] [panic] ath pcmcia card inevitably panics under o kern/126339 net [ipw] ipw driver drops the connection o kern/126214 net [ath] txpower problem with Atheros wifi card o kern/126075 net [inet] [patch] internet control accesses beyond end of o bin/125922 net [patch] Deadlock in arp(8) o kern/125920 net [arp] Kernel Routing Table loses Ethernet Link status o kern/125845 net [netinet] [patch] tcp_lro_rx() should make use of hard o kern/125816 net [carp] [if_bridge] carp stuck in init when using bridg f kern/125502 net [ral] ifconfig ral0 scan produces no output unless in o kern/125258 net [socket] socket's SO_REUSEADDR option does not work o kern/125239 net [gre] kernel crash when using gre o kern/124767 net [iwi] Wireless connection using iwi0 driver (Intel 220 o kern/124753 net [ieee80211] net80211 discards power-save queue packets o kern/124341 net [ral] promiscuous mode for wireless device ral0 looses o kern/124160 net [libc] connect(2) function loops indefinitely o kern/124127 net [msk] watchdog timeout (missed Tx interrupts) -- recov o kern/124021 net [ip6] [panic] page fault in nd6_output() o kern/123968 net [rum] [panic] rum driver causes kernel panic with WPA. p kern/123961 net [vr] [patch] Allow vr interface to handle vlans o kern/123892 net [tap] [patch] No buffer space available o kern/123890 net [ppp] [panic] crash & reboot on work with PPP low-spee o kern/123858 net [stf] [patch] stf not usable behind a NAT o kern/123796 net [ipf] FreeBSD 6.1+VPN+ipnat+ipf: port mapping does not o bin/123633 net ifconfig(8) doesn't set inet and ether address in one f kern/123617 net [tcp] breaking connection when client downloading file o kern/123603 net [tcp] tcp_do_segment and Received duplicate SYN o kern/123559 net [iwi] iwi periodically disassociates/associates [regre o bin/123465 net [ip6] route(8): route add -inet6 -interfac o kern/123463 net [ipsec] [panic] repeatable crash related to ipsec-tool o kern/123429 net [nfe] [hang] "ifconfig nfe up" causes a hard system lo o kern/123347 net [bge] bge1: watchdog timeout -- linkstate changed to D o conf/123330 net [nsswitch.conf] Enabling samba wins in nsswitch.conf c o kern/123256 net [wpi] panic: blockable sleep lock with wpi(4) f kern/123172 net [bce] Watchdog timeout problems with if_bce o kern/123160 net [ip] Panic and reboot at sysctl kern.polling.enable=0 o kern/122989 net [swi] [panic] 6.3 kernel panic in swi1: net o kern/122954 net [lagg] IPv6 EUI64 incorrectly chosen for lagg devices o kern/122928 net [em] interface watchdog timeouts and stops receiving p f kern/122839 net [multicast] FreeBSD 7 multicast routing problem p kern/122794 net [lagg] Kernel panic after brings lagg(8) up if NICs ar o kern/122780 net [lagg] tcpdump on lagg interface during high pps wedge o kern/122772 net [em] em0 taskq panic, tcp reassembly bug causes radix o kern/122743 net [mbuf] [panic] vm_page_unwire: invalid wire count: 0 o kern/122697 net [ath] Atheros card is not well supported o kern/122685 net It is not visible passing packets in tcpdump(1) o kern/122551 net [bge] Broadcom 5715S no carrier on HP BL460c blade usi o kern/122319 net [wi] imposible to enable ad-hoc demo mode with Orinoco o kern/122290 net [netgraph] [panic] Netgraph related "kmem_map too smal f kern/122252 net [ipmi] [bge] IPMI problem with BCM5704 (does not work o kern/122195 net [ed] Alignment problems in if_ed o kern/122058 net [em] [panic] Panic on em1: taskq o kern/122033 net [ral] [lor] Lock order reversal in ral0 at bootup [reg o bin/121895 net [patch] rtsol(8)/rtsold(8) doesn't handle managed netw o kern/121872 net [wpi] driver fails to attach on a fujitsu-siemens s711 s kern/121774 net [swi] [panic] 6.3 kernel panic in swi1: net o kern/121706 net [netinet] [patch] "rtfree: 0xc4383870 has 1 refs" emit o kern/121624 net [em] [regression] Intel em WOL fails after upgrade to o kern/121555 net [panic] Fatal trap 12: current process = 12 (swi1: net o kern/121443 net [gif] [lor] icmp6_input/nd6_lookup o kern/121437 net [vlan] Routing to layer-2 address does not work on VLA o bin/121359 net [patch] ppp(8): fix local stack overflow in ppp o kern/121298 net [em] [panic] Fatal trap 12: page fault while in kernel o kern/121257 net [tcp] TSO + natd -> slow outgoing tcp traffic o kern/121181 net [panic] Fatal trap 3: breakpoint instruction fault whi o kern/121080 net [bge] IPv6 NUD problem on multi address config on bge0 o kern/120966 net [rum] kernel panic with if_rum and WPA encryption p docs/120945 net [patch] ip6(4) man page lacks documentation for TCLASS o kern/120566 net [request]: ifconfig(8) make order of arguments more fr o kern/120304 net [netgraph] [patch] netgraph source assumes 32-bit time o kern/120266 net [udp] [panic] gnugk causes kernel panic when closing U o kern/120232 net [nfe] [patch] Bring in nfe(4) to RELENG_6 o kern/120130 net [carp] [panic] carp causes kernel panics in any conste o bin/120060 net routed(8) deletes link-level routes in the presence of o kern/119945 net [rum] [panic] rum device in hostap mode, cause kernel o kern/119791 net [nfs] UDP NFS mount of aliased IP addresses from a Sol o kern/119617 net [nfs] nfs error on wpa network when reseting/shutdown f kern/119516 net [ip6] [panic] _mtx_lock_sleep: recursed on non-recursi o kern/119432 net [arp] route add -host -iface causes arp e o kern/119225 net [wi] 7.0-RC1 no carrier with Prism 2.5 wifi card [regr a bin/118987 net ifconfig(8): ifconfig -l (address_family) does not wor o sparc/118932 net [panic] 7.0-BETA4/sparc-64 kernel panic in rip_output a kern/118879 net [bge] [patch] bge has checksum problems on the 5703 ch o kern/118727 net [netgraph] [patch] [request] add new ng_pf module a kern/118238 net [bce] [patch] bce driver shows "no carrier" on Intel S s kern/117717 net [panic] Kernel panic with Bittorrent client. o kern/117448 net [carp] 6.2 kernel crash [regression] o kern/117423 net [vlan] Duplicate IP on different interfaces o bin/117339 net [patch] route(8): loading routing management commands o kern/117271 net [tap] OpenVPN TAP uses 99% CPU on releng_6 when if_tap o kern/117043 net [em] Intel PWLA8492MT Dual-Port Network adapter EEPROM o kern/116837 net [tun] [panic] [patch] ifconfig tunX destroy: panic o kern/116747 net [ndis] FreeBSD 7.0-CURRENT crash with Dell TrueMobile o bin/116643 net [patch] [request] fstat(1): add INET/INET6 socket deta o kern/116328 net [bge]: Solid hang with bge interface o kern/116185 net [iwi] if_iwi driver leads system to reboot o kern/115239 net [ipnat] panic with 'kmem_map too small' using ipnat o kern/115019 net [netgraph] ng_ether upper hook packet flow stops on ad o kern/115002 net [wi] if_wi timeout. failed allocation (busy bit). ifco o kern/114915 net [patch] [pcn] pcn (sys/pci/if_pcn.c) ethernet driver f o kern/113895 net [xl] xl0 fails on 6.2-RELEASE but worked fine on 5.5-R o kern/112722 net [ipsec] [udp] IP v4 udp fragmented packet reject o kern/112686 net [patm] patm driver freezes System (FreeBSD 6.2-p4) i38 o kern/112570 net [bge] packet loss with bge driver on BCM5704 chipset o bin/112557 net [patch] ppp(8) lock file should not use symlink name o kern/112528 net [nfs] NFS over TCP under load hangs with "impossible p o kern/111457 net [ral] ral(4) freeze o kern/110140 net [ipw] ipw fails under load o kern/109733 net [bge] bge link state issues [regression] o kern/109470 net [wi] Orinoco Classic Gold PC Card Can't Channel Hop o kern/109308 net [pppd] [panic] Multiple panics kernel ppp suspected [r o kern/109251 net [re] [patch] if_re cardbus card won't attach o bin/108895 net pppd(8): PPPoE dead connections on 6.2 [regression] o kern/108542 net [bce] Huge network latencies with 6.2-RELEASE / STABLE o kern/107944 net [wi] [patch] Forget to unlock mutex-locks o kern/107850 net [bce] bce driver link negotiation is faulty o conf/107035 net [patch] bridge(8): bridge interface given in rc.conf n o kern/106438 net [ipf] ipfilter: keep state does not seem to allow repl o kern/106316 net [dummynet] dummynet with multipass ipfw drops packets o kern/106243 net [nve] double fault panic in if_nve.c on high loads o kern/105945 net Address can disappear from network interface s kern/105943 net Network stack may modify read-only mbuf chain copies o bin/105925 net problems with ifconfig(8) and vlan(4) [regression] o kern/105348 net [ath] ath device stopps TX o kern/104851 net [inet6] [patch] On link routes not configured when usi o kern/104751 net [netgraph] kernel panic, when getting info about my tr o kern/104485 net [bge] Broadcom BCM5704C: Intermittent on newer chip ve o kern/103191 net Unpredictable reboot o kern/103135 net [ipsec] ipsec with ipfw divert (not NAT) encodes a pac o conf/102502 net [netgraph] [patch] ifconfig name does't rename netgrap o kern/102035 net [plip] plip networking disables parallel port printing o kern/101948 net [ipf] [panic] Kernel Panic Trap No 12 Page Fault - cau o kern/100709 net [libc] getaddrinfo(3) should return TTL info o kern/100519 net [netisr] suggestion to fix suboptimal network polling o kern/98978 net [ipf] [patch] ipfilter drops OOW packets under 6.1-Rel o kern/98597 net [inet6] Bug in FreeBSD 6.1 IPv6 link-local DAD procedu o bin/98218 net wpa_supplicant(8) blacklist not working f bin/97392 net ppp(8) hangs instead terminating o kern/97306 net [netgraph] NG_L2TP locks after connection with failed f kern/96268 net [socket] TCP socket performance drops by 3000% if pack o kern/96030 net [bfe] [patch] Install hangs with Broadcomm 440x NIC in o kern/95519 net [ral] ral0 could not map mbuf o kern/95288 net [pppd] [tty] [panic] if_ppp panic in sys/kern/tty_subr o kern/95277 net [netinet] [patch] IP Encapsulation mask_match() return o kern/95267 net packet drops periodically appear s kern/94863 net [bge] [patch] hack to get bge(4) working on IBM e326m o kern/94162 net [bge] 6.x kenel stale with bge(4) o kern/93886 net [ath] Atheros/D-Link DWL-G650 long delay to associate f kern/93378 net [tcp] Slow data transfer in Postfix and Cyrus IMAP (wo o kern/93019 net [ppp] ppp and tunX problems: no traffic after restarti o kern/92880 net [libc] [patch] almost rewritten inet_network(3) functi f kern/92552 net A serious bug in most network drivers from 5.X to 6.X s kern/92279 net [dc] Core faults everytime I reboot, possible NIC issu o kern/92090 net [bge] bge0: watchdog timeout -- resetting o kern/91859 net [ndis] if_ndis does not work with Asus WL-138 s kern/91777 net [ipf] [patch] wrong behaviour with skip rule inside an o kern/91594 net [em] FreeBSD > 5.4 w/ACPI fails to detect Intel Pro/10 o kern/91364 net [ral] [wep] WF-511 RT2500 Card PCI and WEP o kern/91311 net [aue] aue interface hanging o kern/90890 net [vr] Problems with network: vr0: tx shutdown timeout s kern/90086 net [hang] 5.4p8 on supermicro P8SCT hangs during boot if f kern/88082 net [ath] [panic] cts protection for ath0 causes panic o kern/87521 net [ipf] [panic] using ipfilter "auth" keyword leads to k o kern/87506 net [vr] [patch] Fix alias support on vr interfaces s kern/86920 net [ndis] ifconfig: SIOCS80211: Invalid argument [regress o kern/86103 net [ipf] Illegal NAT Traversal in IPFilter o kern/85780 net 'panic: bogus refcnt 0' in routing/ipv6 o bin/85445 net ifconfig(8): deprecated keyword to ifconfig inoperativ o kern/85266 net [xe] [patch] xe(4) driver does not recognise Xircom XE o kern/84202 net [ed] [patch] Holtek HT80232 PCI NIC recognition on Fre o bin/82975 net route change does not parse classfull network as given o kern/82497 net [vge] vge(4) on AMD64 only works when loaded late, not f kern/81644 net [vge] vge(4) does not work properly when loaded as a K s kern/81147 net [net] [patch] em0 reinitialization while adding aliase o kern/80853 net [ed] [patch] add support for Compex RL2000/ISA in PnP o kern/79895 net [ipf] 5.4-RC2 breaks ipfilter NAT when using netgraph f kern/79262 net [dc] Adaptec ANA-6922 not fully supported o bin/79228 net [patch] extend arp(8) to be able to create blackhole r o kern/78090 net [ipf] ipf filtering on bridged packets doesn't work if p kern/77913 net [wi] [patch] Add the APDL-325 WLAN pccard to wi(4) o kern/77341 net [ip6] problems with IPV6 implementation o kern/77273 net [ipf] ipfilter breaks ipv6 statefull filtering on 5.3 s kern/77195 net [ipf] [patch] ipfilter ioctl SIOCGNATL does not match o kern/75873 net Usability problem with non-RFC-compliant IP spoof prot s kern/75407 net [an] an(4): no carrier after short time f kern/73538 net [bge] problem with the Broadcom BCM5788 Gigabit Ethern o kern/71469 net default route to internet magically disappears with mu o kern/70904 net [ipf] ipfilter ipnat problem with h323 proxy support o kern/64556 net [sis] if_sis short cable fix problems with NetGear FA3 s kern/60293 net [patch] FreeBSD arp poison patch o kern/54383 net [nfs] [patch] NFS root configurations without dynamic f i386/45773 net [bge] Softboot causes autoconf failure on Broadcom 570 s bin/41647 net ifconfig(8) doesn't accept lladdr along with inet addr s kern/39937 net ipstealth issue a kern/38554 net [patch] changing interface ipaddress doesn't seem to w o kern/35442 net [sis] [patch] Problem transmitting runts in if_sis dri o kern/34665 net [ipf] [hang] ipfilter rcmd proxy "hangs". o kern/31647 net [libc] socket calls can return undocumented EINVAL o kern/30186 net [libc] getaddrinfo(3) does not handle incorrect servna o kern/27474 net [ipf] [ppp] Interactive use of user PPP and ipfilter c o conf/23063 net [arp] [patch] for static ARP tables in rc.network 309 problems total. From owner-freebsd-net@FreeBSD.ORG Mon Jul 20 11:30:45 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D64F61065672 for ; Mon, 20 Jul 2009 11:30:45 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.9]) by mx1.freebsd.org (Postfix) with ESMTP id 69D0D8FC1F for ; Mon, 20 Jul 2009 11:30:45 +0000 (UTC) (envelope-from max@love2party.net) Received: from vampire.homelinux.org (dslb-088-067-251-189.pools.arcor-ip.net [88.67.251.189]) by mrelayeu.kundenserver.de (node=mrbap0) with ESMTP (Nemesis) id 0MKsym-1MSqsi3KAB-000ZH2; Mon, 20 Jul 2009 13:18:08 +0200 Received: (qmail 61869 invoked from network); 20 Jul 2009 11:18:08 -0000 Received: from kvm.laiers.local (HELO kvm.localnet) (192.168.4.200) by ns1.laiers.local with SMTP; 20 Jul 2009 11:18:08 -0000 From: Max Laier Organization: FreeBSD To: freebsd-net@freebsd.org Date: Mon, 20 Jul 2009 13:18:07 +0200 User-Agent: KMail/1.11.4 (Linux/2.6.30-ARCH; KDE/4.2.4; x86_64; ; ) References: <4A638E76.2060706@shrew.net> <4A63A4B3.6090500@modulus.org> <3D3254E2-4E45-4C67-84D2-DB05660D768F@shrew.net> In-Reply-To: <3D3254E2-4E45-4C67-84D2-DB05660D768F@shrew.net> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200907201318.08122.max@love2party.net> X-Provags-ID: V01U2FsdGVkX1839uvmhkh3hXCcxHN334jcwddK5g05dh1xz86 NcfNqOvVMNLu3qcuMH0bKoqPhO485nAhKgh9nRr/YMgEm7nmBX W+4gY0LlhT/rWVh6UCvQw== Cc: Matthew Grooms , Andrew Snow Subject: Re: FreeBSD + carp on VMWare ESX X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2009 11:30:46 -0000 On Monday 20 July 2009 01:25:03 Matthew Grooms wrote: > The other options you mention are enabled by default. This problem > also effects pre vSphere versions but only under certain > circumstances. Others claim this is only an issue when NIC teaming is > in use. However, I disabled this feature and still experience the > problem without the patch applied. > > I'll be happy to post the config when I'm back in front of the > computer. It's not a configuration problem. I'm not new to FreeBSD or > carp and have quite a bit of time invested trying to get this to work. > > Have a look at the vmware forums. A lot of folks have reported the > problem in great detail and, as far as I can tell, have yet to get > this working. There is clearly something very wrong with how the vswitch works and it's not really FreeBSD's job to work around these issues. The patch you posted is rather intrusive and certainly not something we want in the tree. You should talk to VMWare's support to fix the obvious short-comings in the vswitch design. As for your patch - you want "IF_ADDR_[UN]LOCK(ifp);" around walking the address list. Don't forget to unlock before the return. > -Matthew > > On Jul 19, 2009, at 5:56 PM, Andrew Snow wrote: > > Matthew Grooms wrote: > >> I was having problems running carp on VMWare ESX 4 and did a little > >> investigative work to determine the cause of the problem. > > > > If have tested CARP on ESX 3.5u4 successfully with a 32-bit FreeBSD > > guest with e1000 vNICs. > > > > As well as turning on promiscuous mode on the vSwitch, you have to > > enable "MAC Address changes" and "Forged transmits" as CARP requires > > these to work properly. > > > > Unless this is a vSphere-specific problem I must suspect your > > configuration as the problem. Do you want to post your CARP config? > > > > > > - Andrew > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > !DSPAM:4a63ab81519501271912576! -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News From owner-freebsd-net@FreeBSD.ORG Mon Jul 20 12:57:55 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B3F701065670; Mon, 20 Jul 2009 12:57:55 +0000 (UTC) (envelope-from hlh@restart.be) Received: from tignes.restart.be (tignes.restart.be [IPv6:2001:41d0:2:2d29:0:1::]) by mx1.freebsd.org (Postfix) with ESMTP id 3B1928FC0C; Mon, 20 Jul 2009 12:57:55 +0000 (UTC) (envelope-from hlh@restart.be) Received: from restart.be (avoriaz.tunnel.bel [IPv6:2001:41d0:2:2d29:1:ffff::]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "avoriaz.restart.be", Issuer "CA master" (verified OK)) by tignes.restart.be (Postfix) with ESMTPS id 473166226; Mon, 20 Jul 2009 14:57:54 +0200 (CEST) Received: from morzine.restart.bel (morzine.restart.be [IPv6:2001:41d0:2:2d29:1:2::]) (authenticated bits=0) by restart.be (8.14.3/8.14.3) with ESMTP id n6KCvoKv002737; Mon, 20 Jul 2009 14:57:51 +0200 (CEST) (envelope-from hlh@restart.be) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=restart.be; s=avoriaz; t=1248094673; bh=6wWeVdLGTQEyXNYLsgpZFy3z83xPKbRWkuES/Fb4P5k=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=0AthG3DLvuQSnsNQCajTLrE+JRTgPhE2/zqYyMGxabNcFz9gRtS2OJw5U4w3yJrl+ 5UjaI/0mnrttI0aOSqb9Q== DomainKey-Signature: a=rsa-sha1; s=avoriaz; d=restart.be; c=nofws; q=dns; h=message-id:date:from:organization:user-agent:mime-version:to:cc: subject:references:in-reply-to:content-type: content-transfer-encoding:x-scanned-by; b=mYWlQDiNUjYJVtyroypxxRhg+NZ8vat0P2g7kaF8+L0MYseTa8IzwjDC/R3Jm9JVc cFyJakPi4uen8ic/vCG5A== Message-ID: <4A6469CE.4060907@restart.be> Date: Mon, 20 Jul 2009 14:57:50 +0200 From: Henri Hennebert Organization: RestartSoft User-Agent: Thunderbird 2.0.0.22 (X11/20090717) MIME-Version: 1.0 To: "Li, Qing" References: <4A5734C3.3000806@restart.be> <4A5864DC.1070106@restart.be> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.64 on IPv6:2001:41d0:2:2d29:1:1:: Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org, freebsd-stable@freebsd.org Subject: Re: 8.0-BETA1 - for the record - different paths followed by IPv4 and IPv6 for 'local' connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2009 12:57:56 -0000 Li, Qing wrote: > The patch has been committed, svn revision 195643. > > Thanks, > > -- Qing > Just another case where the route must be created: [root@avoriaz ~]# ifconfig gif0 gif0: flags=8051 metric 0 mtu 1280 tunnel inet 212.239.166.57 --> 94.23.44.41 inet6 fe80::21d:60ff:fead:2ace%gif0 prefixlen 64 scopeid 0x4 inet6 2001:41d0:2:2d29:1:ffff:: --> 2001:41d0:2:2d29:0:ffff:: prefixlen 128 options=1 [root@avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff:: PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: --> 2001:41d0:2:2d29:1:ffff:: ^C --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics --- 4 packets transmitted, 0 packets received, 100.0% packet loss [root@avoriaz ~]# route add -inet6 2001:41d0:2:2d29:1:ffff:: -interface lo0 add host 2001:41d0:2:2d29:1:ffff::: gateway lo0 [root@avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff:: PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: --> 2001:41d0:2:2d29:1:ffff:: 16 bytes from ::1, icmp_seq=0 hlim=64 time=0.531 ms 16 bytes from ::1, icmp_seq=1 hlim=64 time=0.884 ms 16 bytes from ::1, icmp_seq=2 hlim=64 time=0.748 ms ^C --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.531/0.721/0.884/0.145 ms Thanks Henri > > -----Original Message----- > From: Henri Hennebert [mailto:hlh@restart.be] > Sent: Sat 7/11/2009 3:09 AM > To: Li, Qing > Cc: freebsd-stable@freebsd.org; freebsd-net@freebsd.org > Subject: Re: 8.0-BETA1 - for the record - different paths followed by IPv4 and IPv6 for 'local' connections > > Li, Qing wrote: >> Hi, >> >> Please try patch-7-10 in my home directory http://people.freebsd.org/~qingli/ >> and let me know how it works out for you. I thought I had committed the patch >> but turned out I didn't. > > I apply the patch, reset my pf.conf to its previous content and all is > running smoothly. By the way, I discover after my post that my > "solution" was not working for long (many bytes) connections and this is > solved too. > > Many thank for your time > > Henri > > PS please commit as soon as possible > >>> On 8.0-BETA1 there is an assymetry: >>> >>> netstat -rn display >>> >>> 192.168.24.1 link#3 >>> .... >>> no entry for 2001:41d0:2:2d29:1:1:: >>> >> This is by design as part of the new architecture in 8.0, which maintains >> the L2 ARP/ND6 and L3 routing tables separately. >> >> -- Qing >> >> >> >> -----Original Message----- >> From: owner-freebsd-stable@freebsd.org on behalf of Henri Hennebert >> Sent: Fri 7/10/2009 5:32 AM >> To: freebsd-stable@freebsd.org; freebsd-st@freebsd.org >> Subject: 8.0-BETA1 - for the record - different paths followed by IPv4 and IPv6 for 'local' connections >> >> Hello, >> >> After upgrading from 7.2-STABLE to 8.0-BETA1 I encounter a problem when >> connecting with firefox to a local apache server using the global >> unicast IPv6 address of the local machine. pf.conf must be updated! >> >> My configuration: >> >> [root@avoriaz ~]# ifconfig em0 >> >> em0: flags=8843 metric 0 mtu 1500 >> options=19b >> ether 00:1d:60:ad:2a:ce >> inet 192.168.24.1 netmask 0xffffff00 broadcast 192.168.24.255 >> inet6 fe80::21d:60ff:fead:2ace%em0 prefixlen 64 scopeid 0x1 >> inet6 2001:41d0:2:2d29:1:1:: prefixlen 80 >> media: Ethernet 100baseTX (100baseTX ) >> status: active >> >> [root@avoriaz ~]# host www.restart.bel >> www.restart.bel is an alias for avoriaz.restart.bel. >> avoriaz.restart.bel has address 192.168.24.1 >> avoriaz.restart.bel has IPv6 address 2001:41d0:2:2d29:1:1:: >> >> pf.conf: >> >> int_if="em0" >> block in log all >> block out log all >> set skip on lo0 >> antispoof quick for $int_if inet >> # Allow trafic with physical internal network >> pass in quick on $int_if from ($int_if:network) to ($int_if) keep state >> pass out quick on $int_if from ($int_if) to ($int_if:network) keep state >> >> The problem: >> >> [root@avoriaz ~]# telnet -4 www.restart.bel 80 >> Trying 192.168.24.1... >> Connected to avoriaz.restart.bel. >> Escape character is '^]'. >> ^] >> telnet> quit >> Connection closed. >> [root@avoriaz ~]# telnet -6 www.restart.bel 80 >> Trying 2001:41d0:2:2d29:1:1::... >> --->Never connect and get a timeout! >> >> tcpdump and logging in pf show me that >> >> For a IPv4 connection: >> the packet from telnet to apache pass 2 times on lo0 (out and in) >> the answer packet from apache to telnet pass 2 times on lo0 (out and in) >> >> So no problem, there is `set skip on lo0' >> >> For a IPv6 connection: >> The first packet from telnet to apache pass 2 times on lo0 (out and in) >> The answer packet from apache to telnet path on em0 and is rejected >> due to the default flags S/SA. >> >> So I have to change pf.conf and replace the last line: >> pass out quick on $int_if from ($int_if) to ($int_if:network) \ >> keep state flags any >> >> Then all is OK >> >> By the way, on 7.2 >> >> netstat -rn display >> >> 192.168.24.1 00:1d:60:ad:2a:ce >> .... >> 2001:41d0:2:2d29:1:1:: 00:1d:60:ad:2a:ce >> >> >> On 8.0-BETA1 there is an assymetry: >> >> netstat -rn display >> >> 192.168.24.1 link#3 >> .... >> no entry for 2001:41d0:2:2d29:1:1:: >> >> Hope it may help someone >> >> Henri >> >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >> > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Mon Jul 20 15:14:07 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BEE9B106564A for ; Mon, 20 Jul 2009 15:14:07 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outD.internet-mail-service.net (outd.internet-mail-service.net [216.240.47.227]) by mx1.freebsd.org (Postfix) with ESMTP id 9FDAD8FC0A for ; Mon, 20 Jul 2009 15:14:07 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 3B8D3B2E72; Mon, 20 Jul 2009 08:14:07 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id B0E6F2D601B; Mon, 20 Jul 2009 08:14:06 -0700 (PDT) Message-ID: <4A6489BF.50207@elischer.org> Date: Mon, 20 Jul 2009 08:14:07 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: "Jacobs, Brian" References: <126E45722B459248997856ECB72DEB7701285DC0@host.lodgenet.com><4A5F5927.3080904@elischer.org> <126E45722B459248997856ECB72DEB7701285DC2@host.lodgenet.com> <126E45722B459248997856ECB72DEB7701285DED@host.lodgenet.com> In-Reply-To: <126E45722B459248997856ECB72DEB7701285DED@host.lodgenet.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, Philip Paeps Subject: Re: GRE tunnel limitations X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2009 15:14:08 -0000 Jacobs, Brian wrote: > For all interested, I've been doing some implementation work over the > weekend. Tonight I did a cutover of 766 GRE tunnels to a RELENG_7 box: good to know, though load with traffic is more important. talk to Philip Paeps about crypto support.. some crypto offload cards slow down the system.. you need to have a PCI-E one or PCI-X at slowest for it to be worth while on a fast machine. (CC'd) > > [root@yttrium /lso/dev/real]# uname -a > FreeBSD yttrium.colo.XXXXXXXXXX.net 7.1-RELEASE FreeBSD 7.1-RELEASE #1: > Mon Apr 13 11:37:56 EDT 2009 bjacobs@yttrium.colo. > XXXXXXXXXX.net:/usr/obj/usr/src/sys/YTTRIUM i386 > [root@yttrium /lso/dev/real]# ifconfig |grep gre |wc -l > 766 > [root@yttrium /lso/dev/real]# netstat -nr |wc -l > 1494 > [root@yttrium /lso/dev/real]# uptime > 5:32AM up 74 days, 11:01, 5 users, load averages: 0.00, 0.26, 0.59 > > Load average is nothing (hovers between 0 and .20), although there isn't > much traversing the tunnels (yet), nor have we implemented IPsec (yet -- > next step, have crypto card if needed). Another project commencing > shortly will push/pull about 10mb/s aggregate (estimate) across the > collective tunnels. > > Please advise if the group (or any individuals) want performance data > from real world usage. > > /bmj > > > -----Original Message----- > From: owner-freebsd-net@freebsd.org > [mailto:owner-freebsd-net@freebsd.org] On Behalf Of Jacobs, Brian > Sent: Thursday, July 16, 2009 12:50 PM > To: Julian Elischer > Cc: freebsd-net@freebsd.org > Subject: RE: GRE tunnel limitations > > IP unnumbered between the two boxen. I've built some scripts to > automatically generate config files, and then other scripts to > automagically create the GRE interfaces and inject appropriate routes. > > GRE numbers are assigned sequentially based on config file lines (and > are of no consequence): > > gre45: flags=9051 metric 0 mtu > 1476 > tunnel inet 10.3.100.39 --> 207.230.84.130 > inet 10.3.100.39 --> 10.11.146.129 netmask 0xffffffff > gre46: flags=9051 metric 0 mtu > 1476 > tunnel inet 10.3.100.39 --> 12.35.57.131 > inet 10.3.100.39 --> 10.10.201.1 netmask 0xffffffff > > 10.3.100.39 is the primary Ethernet interface address of the local box > (terminator). 10.10.201.1 is the inside Ethernet of the remote box. > > Routing statement for 10.0.0.0/8 live on the remote box, and individual > routes live on the concentrator: > > root@yttrium /root# netstat -nr | grep 10.10.201 > 10.10.201.0/26 10.10.201.1 UGS 0 2042 gre46 > 10.10.201.1 10.3.100.39 UH 1 49263 gre46 > > /bmj > > > -----Original Message----- > From: Julian Elischer [mailto:julian@elischer.org] > Sent: Thursday, July 16, 2009 12:45 PM > To: Jacobs, Brian > Cc: freebsd-net@freebsd.org > Subject: Re: GRE tunnel limitations > > Jacobs, Brian wrote: >> Does anyone have some realistic data on the number of GRE/ipip tunnels >> FreeBSD 7.x can reasonably terminate? Assume no IPsec, just standard >> encapsulation. I have an ad-hoc need to terminate about 1,4000 static >> GRE tunnels (as Cisco 7206's are backordered until September). J >> >> >> >> Thanks in advance! >> >> >> >> /bmj >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > The limitation would be that there is an interface for reach one and > the interface 'interface' uses a linked list. it might work but there > would probably be scaling issues. > > I've often thought that what we need is a way to do "bulk encapsulatin > interfaces" where there is not an "interface" assigned to each > destination. (at least not one that shows up in 'ifconfig'). > > How will you want to decide which gre interface to use for a given > packet? is it just a standard routing decision based on the remote > address? > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Mon Jul 20 18:25:31 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 088711065670 for ; Mon, 20 Jul 2009 18:25:31 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-vw0-f172.google.com (mail-vw0-f172.google.com [209.85.212.172]) by mx1.freebsd.org (Postfix) with ESMTP id A703A8FC0C for ; Mon, 20 Jul 2009 18:25:30 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: by vwj2 with SMTP id 2so2260515vwj.3 for ; Mon, 20 Jul 2009 11:25:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:from:date:x-google-sender-auth:message-id:subject:to:cc :content-type; bh=Ex9FsbQF/HpJBPNei94QOueG97b8URqT8ITgliRcizs=; b=Q3wnTjTe/una+fdmrZ6/U7wpyyXadfoU2OE9AGseEu0pa3NsL+NTbK4RF22BHwaoza TxS4dwdmlsjbjJMB3bHDd++MR7WLgpJFX9KK4UxsZcU2gkkZFLiG7U0GmzhR5Rzqklju C8R6I7ZzMHN3cBOFFY3FbO6Ff7PIOHq0zLM+0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; b=riUe8G7W4yo4gOE0pZIWaurFk2/xyX+f5l9+bPV+sFrwZagfuNgVz8XrtxiVRCPoTh T7DdDy4hB112+c7laIJQiIQyfRoZEK7sIblLLvebk7Goll6cG1ylaFTm1rHE20QeYEqR 0kJvip2nfpddxClxbbGj8UQq4dYBhj1rU9fPE= MIME-Version: 1.0 Sender: ermal.luci@gmail.com Received: by 10.150.133.9 with SMTP id g9mr6018363ybd.337.1248112848113; Mon, 20 Jul 2009 11:00:48 -0700 (PDT) In-Reply-To: <200907201318.08122.max@love2party.net> References: <4A638E76.2060706@shrew.net> <4A63A4B3.6090500@modulus.org> <3D3254E2-4E45-4C67-84D2-DB05660D768F@shrew.net> <200907201318.08122.max@love2party.net> From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= Date: Mon, 20 Jul 2009 20:00:28 +0200 X-Google-Sender-Auth: 8e6ba8ddb5d4a02f Message-ID: <9a542da30907201100l236eff1cyaf04f7ca6b8c1c8e@mail.gmail.com> To: Max Laier Content-Type: multipart/mixed; boundary=000e0cd47e06f3919b046f26eaa8 Cc: freebsd-net@freebsd.org, Matthew Grooms , Andrew Snow Subject: Re: FreeBSD + carp on VMWare ESX X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2009 18:25:31 -0000 --000e0cd47e06f3919b046f26eaa8 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Mon, Jul 20, 2009 at 1:18 PM, Max Laier wrote: > On Monday 20 July 2009 01:25:03 Matthew Grooms wrote: >> The other options you mention are enabled by default. This problem >> also effects pre vSphere versions but only under certain >> circumstances. Others claim this is only an issue when NIC teaming is >> in use. However, I disabled this feature and still experience the >> problem without the patch applied. >> >> I'll be happy to post the config when I'm back in front of the >> computer. It's not a configuration problem. I'm not new to FreeBSD or >> carp and have quite a bit of time invested trying to get this to work. >> >> Have a look at the vmware forums. A lot of folks have reported the >> problem in great detail and, as far as I can tell, have yet to get >> this working. > > There is clearly something very wrong with how the vswitch works and it's= not > really FreeBSD's job to work around these issues. =A0The patch you posted= is > rather intrusive and certainly not something we want in the tree. =A0You = should > talk to VMWare's support to fix the obvious short-comings in the vswitch > design. I think this is a problem that has been there since carp merge. By looking at in_arpinput() in if_ether.c around this comment /* * For a bridge, we want to check the address irrespective * of the receive interface. (This will change slightly * when we have clusters of interfaces). * If the interface does not match, but the recieving interface * is part of carp, we call carp_iamatch to see if this is a * request for the virtual host ip. * XXX: This is really ugly! */ Following the code the check for the bridge case is done for the destination ip(protocol) address and for the source one while for the carp this is done only for the destination ip(protocol) address. Which seems wrong since the same check should apply for carp. This would eliminate a looping back packet. This is prevented as it is now for target ip address but not by source ip address since the check is missing. The following patch against head should fix this IMO. It is untested but seems the right solution for this. Technically this would make code around the 'match' label discard the packe= t. Index: if_ether.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- if_ether.c (revision 195741) +++ if_ether.c (working copy) @@ -522,7 +522,7 @@ } #endif } - LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash) + LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash) { if (((bridged && ia->ia_ifp->if_bridge !=3D NULL) || ia->ia_ifp =3D=3D ifp) && isaddr.s_addr =3D=3D ia->ia_addr.sin_addr.s_addr) { @@ -530,6 +530,17 @@ IN_IFADDR_RUNLOCK(); goto match; } +#ifdef DEV_CARP + if (ifp->if_carp !=3D NULL && + carp_iamatch(ifp->if_carp, ia, &isaddr, &enaddr) && + isaddr.s_addr =3D=3D ia->ia_addr.sin_addr.s_addr) { + carp_match =3D 1; + ifa_ref(&ia->ia_ifa); + IN_IFADDR_RUNLOCK(); + goto match; + } +#endif + } #define BDG_MEMBER_MATCHES_ARP(addr, ifp, ia) \ (ia->ia_ifp->if_bridge =3D=3D ifp->if_softc && \ > > As for your patch - you want "IF_ADDR_[UN]LOCK(ifp);" around walking the > address list. =A0Don't forget to unlock before the return. > >> -Matthew >> >> On Jul 19, 2009, at 5:56 PM, Andrew Snow wrote: >> > Matthew Grooms wrote: >> >> I was having problems running carp on VMWare ESX 4 and did a little >> >> investigative work to determine the cause of the problem. >> > >> > If have tested CARP on ESX 3.5u4 successfully with a 32-bit FreeBSD >> > guest with e1000 vNICs. >> > >> > As well as turning on promiscuous mode on the vSwitch, you have to >> > enable "MAC Address changes" and "Forged transmits" as CARP requires >> > these to work properly. >> > >> > Unless this is a vSphere-specific problem I must suspect your >> > configuration as the problem. =A0Do you want to post your CARP config? >> > >> > >> > - Andrew >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> >> >> !DSPAM:4a63ab81519501271912576! > > -- > /"\ =A0Best regards, =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0| mlaier@= freebsd.org > \ / =A0Max Laier =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0| ICQ= #67774661 > =A0X =A0 http://pf4freebsd.love2party.net/ =A0| mlaier@EFnet > / \ =A0ASCII Ribbon Campaign =A0 =A0 =A0 =A0 =A0 =A0 =A0| Against HTML Ma= il and News > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > --=20 Ermal --000e0cd47e06f3919b046f26eaa8 Content-Type: application/octet-stream; name="if_ether.c.diff" Content-Disposition: attachment; filename="if_ether.c.diff" Content-Transfer-Encoding: base64 X-Attachment-Id: f_fxdhuh9e0 SW5kZXg6IGlmX2V0aGVyLmMKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gaWZfZXRoZXIuYwkocmV2aXNpb24gMTk1 NzQxKQorKysgaWZfZXRoZXIuYwkod29ya2luZyBjb3B5KQpAQCAtNTIyLDcgKzUyMiw3IEBACiAJ CX0KICNlbmRpZgogCX0KLQlMSVNUX0ZPUkVBQ0goaWEsIElOQUREUl9IQVNIKGlzYWRkci5zX2Fk ZHIpLCBpYV9oYXNoKQorCUxJU1RfRk9SRUFDSChpYSwgSU5BRERSX0hBU0goaXNhZGRyLnNfYWRk ciksIGlhX2hhc2gpIHsKIAkJaWYgKCgoYnJpZGdlZCAmJiBpYS0+aWFfaWZwLT5pZl9icmlkZ2Ug IT0gTlVMTCkgfHwKIAkJICAgIGlhLT5pYV9pZnAgPT0gaWZwKSAmJgogCQkgICAgaXNhZGRyLnNf YWRkciA9PSBpYS0+aWFfYWRkci5zaW5fYWRkci5zX2FkZHIpIHsKQEAgLTUzMCw2ICs1MzAsMTcg QEAKIAkJCUlOX0lGQUREUl9SVU5MT0NLKCk7CiAJCQlnb3RvIG1hdGNoOwogCQl9CisjaWZkZWYg REVWX0NBUlAKKyAgICAgICAgICAgICAgICBpZiAoaWZwLT5pZl9jYXJwICE9IE5VTEwgJiYKKyAg ICAgICAgICAgICAgICAgICAgY2FycF9pYW1hdGNoKGlmcC0+aWZfY2FycCwgaWEsICZpc2FkZHIs ICZlbmFkZHIpICYmCisgICAgICAgICAgICAgICAgICAgIGlzYWRkci5zX2FkZHIgPT0gaWEtPmlh X2FkZHIuc2luX2FkZHIuc19hZGRyKSB7CisgICAgICAgICAgICAgICAgICAgICAgICBjYXJwX21h dGNoID0gMTsKKyAgICAgICAgICAgICAgICAgICAgICAgIGlmYV9yZWYoJmlhLT5pYV9pZmEpOwor ICAgICAgICAgICAgICAgICAgICAgICAgSU5fSUZBRERSX1JVTkxPQ0soKTsKKyAgICAgICAgICAg ICAgICAgICAgICAgIGdvdG8gbWF0Y2g7CisgICAgICAgICAgICAgICAgfQorI2VuZGlmCisJfQog CiAjZGVmaW5lIEJER19NRU1CRVJfTUFUQ0hFU19BUlAoYWRkciwgaWZwLCBpYSkJCQkJXAogICAo aWEtPmlhX2lmcC0+aWZfYnJpZGdlID09IGlmcC0+aWZfc29mdGMgJiYJCQkJXAo= --000e0cd47e06f3919b046f26eaa8-- From owner-freebsd-net@FreeBSD.ORG Mon Jul 20 21:50:05 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4788C1065686 for ; Mon, 20 Jul 2009 21:50:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 351578FC14 for ; Mon, 20 Jul 2009 21:50:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6KLo5W5004306 for ; Mon, 20 Jul 2009 21:50:05 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6KLo5ib004305; Mon, 20 Jul 2009 21:50:05 GMT (envelope-from gnats) Date: Mon, 20 Jul 2009 21:50:05 GMT Message-Id: <200907202150.n6KLo5ib004305@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Gonzalo Nemmi Cc: Subject: Re: kern/136876: [bge] bge will not resume properly after suspend X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Gonzalo Nemmi List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2009 21:50:05 -0000 The following reply was made to PR kern/136876; it has been noted by GNATS. From: Gonzalo Nemmi To: bug-followup@freebsd.org, adamk@voicenet.com Cc: Subject: Re: kern/136876: [bge] bge will not resume properly after suspend Date: Mon, 20 Jul 2009 18:22:37 -0300 I can confirm experiencing the same behaviour on my Dell 1318 running FreeBSD 8.0-BETA2 for i386 using the stock kernel and kern.smp.disabled="1" on my device.hints. Hw: Dell 1318, Intel(R) Celeron(R) CPU 560@2.13GHz. bge0@pci0:9:0:0: class=0x020000 card=0x02861028 chip=0x171314e4 rev=0x02 hdr=0x00 vendor = 'Broadcom Corporation' device = 'Broadcom NetLink (TM) Fast Ethernet (BCM5906m)' class = network subclass = ethernet bar [10] = type Memory, range 64, base 0xf69f0000, size 65536, enabled cap 01[48] = powerspec 3 supports D0 D3 current D0 cap 03[50] = VPD cap 09[58] = vendor (length 120) cap 05[e8] = MSI supports 1 message, 64 bit enabled with 1 message cap 10[d0] = PCI-Express 1 endpoint max data 128(128) link x1(x1) kldstat Id Refs Address Size Name 1 28 0xc0400000 cf6c70 kernel 2 1 0xc10f7000 11bc0 if_bge.ko 3 1 0xc1109000 1ac4c snd_hda.ko 4 2 0xc1124000 61f78 sound.ko 5 1 0xc1186000 2af4 coretemp.ko 6 1 0xc1189000 a6d8 i915.ko 7 2 0xc1194000 177d4 drm.ko kldunload if_bge snd_hda Jul 20 17:50:49 gargoyle login: ROOT LOGIN (root) ON ttyv0 Jul 20 17:51:06 gargoyle kernel: brgphy0: detached Jul 20 17:51:06 gargoyle kernel: lock order reversal: Jul 20 17:51:06 gargoyle kernel: 1st 0xc0dba45c kernel linker (kernel linker) @ /usr/src/sys/kern/kern_linker.c:1079 Jul 20 17:51:06 gargoyle kernel: 2nd 0xc0dbbc64 sysctl lock (sysctl lock) @ /usr/src/sys/kern/kern_sysctl.c:257 Jul 20 17:51:06 gargoyle kernel: KDB: stack backtrace: Jul 20 17:51:06 gargoyle kernel: db_trace_self_wrapper(c0c6baf4,e6daba34,c08bc995,c08ad6db,c0c6e989,...) at db_trace_self_wrapper+0x26 Jul 20 17:51:06 gargoyle kernel: kdb_backtrace(c08ad6db,c0c6e989,c452bc88,c4529e10,e6daba90,...) at kdb_backtrace+0x29 Jul 20 17:51:06 gargoyle kernel: _witness_debugger(c0c6e989,c0dbbc64,c0c69667,c4529e10,c0c6956e,...) at _witness_debugger+0x25 Jul 20 17:51:06 gargoyle kernel: witness_checkorder(c0dbbc64,9,c0c6956e,101,0,...) at witness_checkorder+0x839 Jul 20 17:51:06 gargoyle kernel: _sx_xlock(c0dbbc64,0,c0c6956e,101,c4722c00,...) at _sx_xlock+0x85 Jul 20 17:51:06 gargoyle kernel: sysctl_ctx_free(c4722c4c,c4722c00,e6dabb18,c08a3c85,c4722c00,...) at sysctl_ctx_free+0x30 Jul 20 17:51:06 gargoyle kernel: device_sysctl_fini(c4722c00,0,c0d4c848,c472a810,c4ab3400,...) at device_sysctl_fini+0x1a Jul 20 17:51:06 gargoyle kernel: device_detach(c4722c00,c4722b80,e6dabb38,c06bc622,c4722b80,...) at device_detach+0x1f5 Jul 20 17:51:06 gargoyle kernel: bus_generic_detach(c4722b80,c4722b80,e6dabb64,c08a3b1c,c4722b80,...) at bus_generic_detach+0x29 Jul 20 17:51:06 gargoyle kernel: miibus_detach(c4722b80,c45d6060,c0d4ca68,a3c,c0c76f47,...) at miibus_detach+0x12 Jul 20 17:51:06 gargoyle kernel: device_detach(c4722b80,c472b008,e6dabb98,c10ff7ff,c4722300,...) at device_detach+0x8c Jul 20 17:51:06 gargoyle kernel: bus_generic_detach(c4722300,1,c1104b66,aec,c4722300,...) at bus_generic_detach+0x29 Jul 20 17:51:06 gargoyle kernel: bge_detach(c4722300,c4677060,c0d4ca68,a3c,c4526300,...) at bge_detach+0xbf Jul 20 17:51:06 gargoyle kernel: device_detach(c4722300,c086c843,c0dbb570,c1106c20,c456fb80,...) at device_detach+0x8c Jul 20 17:51:06 gargoyle kernel: driver_module_handler(c4526300,1,c1106c20,109,0,...) at driver_module_handler+0x29c Jul 20 17:51:06 gargoyle kernel: module_unload(c4526300,c0c652ef,273,270,c08604b6,...) at module_unload+0x43 Jul 20 17:51:06 gargoyle kernel: linker_file_unload(c4544200,0,c0c652ef,437,c10f7000,...) at linker_file_unload+0x15e Jul 20 17:51:06 gargoyle kernel: kern_kldunload(c4b346c0,2,0,e6dabd2c,c0ba8dd3,...) at kern_kldunload+0xd5 Jul 20 17:51:06 gargoyle kernel: kldunloadf(c4b346c0,e6dabcf8,8,c0c6fa4b,c0d50450,...) at kldunloadf+0x2b Jul 20 17:51:06 gargoyle kernel: syscall(e6dabd38) at syscall+0x2a3 Jul 20 17:51:06 gargoyle kernel: Xint0x80_syscall() at Xint0x80_syscall+0x20 Jul 20 17:51:06 gargoyle kernel: --- syscall (444, FreeBSD ELF32, kldunloadf), eip = 0x280d516b, esp = 0xbfbfe47c, ebp = 0xbfbfecc8 --- Jul 20 17:51:06 gargoyle kernel: miibus0: detached Jul 20 17:51:06 gargoyle kernel: bge0: detached Jul 20 17:51:06 gargoyle kernel: sysctl_unregister_oid: failed to unregister sysctl Jul 20 17:51:06 gargoyle kernel: pcm0: detached Jul 20 17:51:06 gargoyle kernel: hdac0: detached kldoad snd_hda Jul 20 17:52:16 gargoyle kernel: hdac0: mem 0xf6dfc000-0xf6dfffff irq 21 at device 27.0 on pci0 Jul 20 17:52:16 gargoyle kernel: hdac0: HDA Driver Revision: 20090624_0136 Jul 20 17:52:16 gargoyle kernel: hdac0: [ITHREAD] Jul 20 17:52:16 gargoyle kernel: hdac0: HDA Codec #0: Sigmatel STAC9228X Jul 20 17:52:16 gargoyle kernel: bge0: mem 0xf69f0000-0xf69fffff irq 17 at device 0.0 on pci9 Jul 20 17:52:16 gargoyle kernel: miibus0: on bge0 Jul 20 17:52:16 gargoyle kernel: brgphy0: PHY 1 on miibus0 Jul 20 17:52:16 gargoyle kernel: brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Jul 20 17:52:16 gargoyle kernel: bge0: Ethernet address: 00:23:ae:04:ba:ca Jul 20 17:52:16 gargoyle kernel: bge0: [ITHREAD] Jul 20 17:52:16 gargoyle kernel: pcm0: at cad 0 nid 1 on hdac0 Jul 20 17:52:16 gargoyle kernel: bge0: link state changed to DOWN Jul 20 17:52:18 gargoyle kernel: bge0: link state changed to UP acpiconf -s 3 Jul 20 17:53:51 gargoyle acpi: suspend at 20090720 17:53:51 Jul 20 17:53:56 gargoyle kernel: fwohci0: fwohci_pci_suspend Jul 20 17:54:25 gargoyle kernel: bge0: PHY write timed out (phy 1, reg 0, val 32768) Jul 20 17:54:25 gargoyle kernel: bge0: PHY read timed out (phy 1, reg 0, val 0xffffffff) Jul 20 17:54:25 gargoyle kernel: bge0: PHY read timed out (phy 1, reg 24, val 0xffffffff) Jul 20 17:54:25 gargoyle kernel: bge0: PHY read timed out (phy 1, reg 16, val 0xffffffff) Jul 20 17:54:25 gargoyle kernel: bge0: PHY write timed out (phy 1, reg 16, val 0) Jul 20 17:54:25 gargoyle kernel: bge0: PHY read timed out (phy 1, reg 16, val 0xffffffff) Jul 20 17:54:25 gargoyle kernel: bge0: PHY write timed out (phy 1, reg 16, val 0) Jul 20 17:54:25 gargoyle kernel: bge0: PHY write timed out (phy 1, reg 23, val 18) Jul 20 17:54:25 gargoyle kernel: bge0: flow-through queue init failed Jul 20 17:54:25 gargoyle kernel: bge0: initialization failure Jul 20 17:54:25 gargoyle kernel: fwohci0: Phy 1394a available S400, 1 ports. Jul 20 17:54:25 gargoyle kernel: fwohci0: Link S400, max_rec 2048 bytes. Jul 20 17:54:25 gargoyle kernel: fwohci0: Initiate bus reset Jul 20 17:54:25 gargoyle kernel: fwohci0: fwohci_intr_core: BUS reset Jul 20 17:54:25 gargoyle kernel: fwohci0: fwohci_intr_core: node_id=0x00000000, SelfID Count=1, CYCLEMASTER mode Jul 20 17:54:25 gargoyle kernel: firewire0: 1 nodes, maxhop <= 0 cable IRM irm(0) (me) Jul 20 17:54:25 gargoyle kernel: firewire0: bus manager 0 Jul 20 17:54:25 gargoyle kernel: fwohci0: unrecoverable error Jul 20 17:54:25 gargoyle kernel: wakeup from sleeping state (slept 00:00:29) Jul 20 17:54:25 gargoyle acpi: resumed at 20090720 17:54:25 more info: http://lists.freebsd.org/pipermail/freebsd-current/2009-July/009023.html http://lists.freebsd.org/pipermail/freebsd-current/2009-July/009385.html This problem also affects FreeBSD 7.2-RELEASE: http://forums.freebsd.org/showthread.php?t=3886 From owner-freebsd-net@FreeBSD.ORG Tue Jul 21 01:04:04 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EE309106566B; Tue, 21 Jul 2009 01:04:04 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C37DA8FC1C; Tue, 21 Jul 2009 01:04:04 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6L144HY058813; Tue, 21 Jul 2009 01:04:04 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6L144km058809; Tue, 21 Jul 2009 01:04:04 GMT (envelope-from linimon) Date: Tue, 21 Jul 2009 01:04:04 GMT Message-Id: <200907210104.n6L144km058809@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/136946: [fwohci] fwohci throws an"unrecoverable error" upon resume from suspend X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 01:04:05 -0000 Synopsis: [fwohci] fwohci throws an"unrecoverable error" upon resume from suspend Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Tue Jul 21 01:03:56 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=136946 From owner-freebsd-net@FreeBSD.ORG Tue Jul 21 04:51:32 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 664E4106564A; Tue, 21 Jul 2009 04:51:32 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 3AACD8FC0A; Tue, 21 Jul 2009 04:51:32 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6L4pWRh036985; Tue, 21 Jul 2009 04:51:32 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6L4pW1W036981; Tue, 21 Jul 2009 04:51:32 GMT (envelope-from linimon) Date: Tue, 21 Jul 2009 04:51:32 GMT Message-Id: <200907210451.n6L4pW1W036981@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-net@FreeBSD.org, freebsd-firewire@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/136946: [fwohci] fwohci throws an"unrecoverable error" upon resume from suspend X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 04:51:32 -0000 Synopsis: [fwohci] fwohci throws an"unrecoverable error" upon resume from suspend Responsible-Changed-From-To: freebsd-net->freebsd-firewire Responsible-Changed-By: linimon Responsible-Changed-When: Tue Jul 21 04:51:09 UTC 2009 Responsible-Changed-Why: fix assignment. http://www.freebsd.org/cgi/query-pr.cgi?pr=136946 From owner-freebsd-net@FreeBSD.ORG Tue Jul 21 09:37:56 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 27E12106566B for ; Tue, 21 Jul 2009 09:37:56 +0000 (UTC) (envelope-from learner.study@gmail.com) Received: from mail-px0-f200.google.com (mail-px0-f200.google.com [209.85.216.200]) by mx1.freebsd.org (Postfix) with ESMTP id F30468FC34 for ; Tue, 21 Jul 2009 09:37:55 +0000 (UTC) (envelope-from learner.study@gmail.com) Received: by pxi38 with SMTP id 38so2095640pxi.3 for ; Tue, 21 Jul 2009 02:37:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:cc:content-type; bh=AcwqeVOJRtYkxI74Jve9wbniYPsZaPPlQXgSQPv5DDM=; b=GRWphljhbEV4hSu00rET+QGaiJDF9frfsB+taAL13Nd82PW8V24MNI6rqboJFtPilJ o0I66RXZDvgMIsIPVvUOIHI2CS0xJuTeKUQKbDYDJgepC9c0iXz2LqmcKEz9+4HWh/zR d9YUC+lub4It39TszyjpTSZSoxm0Bk0DPRW/8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=bTlqI+8ubh9ySN1k6AtHYN+MRMw6GQ/9q64IH9k1RjWTyksQ5Tg2H1/kHG3YUjgm0n rD7vtZZj8uX4dod5kd2C60tVcv7Txsgp3S4U8nhT4cFo785AbeuEoALWKPYlzr1aJRZT pKnz/1soN3COAJCsfNHTONNqP6VYGlhMt6dZM= MIME-Version: 1.0 Received: by 10.114.241.5 with SMTP id o5mr7611355wah.174.1248167272448; Tue, 21 Jul 2009 02:07:52 -0700 (PDT) Date: Tue, 21 Jul 2009 02:07:52 -0700 Message-ID: <7efa8a7d0907210207m327a1252nee4a04f5e4ea7a@mail.gmail.com> From: Learner Study To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: learner.study@gmail.com Subject: TCP SACK X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 09:37:56 -0000 Hello experts: Is there is reason why freebsd TCP implementation limits the number of SACK blocks on receiver side to MAX_SACK_BLOCKS whereas the sender side SACK holes are implemented as a linked list? Any issues if someone decides to use receiver side linked list as well (instead of fixed sized array)? Thanks in advance for your suggestions. From owner-freebsd-net@FreeBSD.ORG Tue Jul 21 13:08:26 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 71129106566B for ; Tue, 21 Jul 2009 13:08:26 +0000 (UTC) (envelope-from bra@fsn.hu) Received: from people.fsn.hu (people.fsn.hu [195.228.252.137]) by mx1.freebsd.org (Postfix) with ESMTP id E18668FC1E for ; Tue, 21 Jul 2009 13:08:25 +0000 (UTC) (envelope-from bra@fsn.hu) Message-ID: <4A65B9E1.80208@fsn.hu> Date: Tue, 21 Jul 2009 14:51:45 +0200 From: Attila Nagy User-Agent: Thunderbird 2.0.0.22 (X11/20090608) MIME-Version: 1.0 To: Barney Cordoba References: <50667.57004.qm@web63901.mail.re1.yahoo.com> In-Reply-To: <50667.57004.qm@web63901.mail.re1.yahoo.com> X-Stationery: 0.4.9 X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1 (people.fsn.hu [0.0.0.0]); Tue, 21 Jul 2009 14:51:45 +0200 (CEST) Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org, Hooman Fazaeli Subject: Re: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 13:08:26 -0000 Barney Cordoba wrote: >> Any one knows if there is any near plan to develop drivers >> for >> >> network cards based on broadcom NetXtereme II 57710 >> >> 10 GbE controller? >> >> ----------------------- >> best regards >> Hooman Fazaeli >> > > Ok, I'll bite. What is so special about this particular part that you > simply must use it in your 10GbE server? > > A possible cause -at least for me- is that HP switched from the Gigabit Broadcoms for these 10GE versions. So newer machines (for example the HP BL460c G6) come with Broadcom 57711 instead of the 57xx ones (supported by bge and bce). FreeBSD ran very well on HP machines, it would be good if this could continue. From owner-freebsd-net@FreeBSD.ORG Tue Jul 21 14:49:08 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A4521106567C for ; Tue, 21 Jul 2009 14:49:08 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63905.mail.re1.yahoo.com (web63905.mail.re1.yahoo.com [69.147.97.120]) by mx1.freebsd.org (Postfix) with SMTP id 4E1298FC14 for ; Tue, 21 Jul 2009 14:49:08 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 92286 invoked by uid 60001); 21 Jul 2009 14:49:07 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1248187747; bh=x0PUKUSG+Qm5AdT49BB2DUQ0gjXzALaa7JDMRbWWDvg=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding; b=JdT+EXHnfR1p4Zx3bl7ED5asCdygTU1ywvh3dT5MbEeSfHep6S0bmClrYK/mZhW4jq0kJiw6jjn1qV9gJZxXCF7i0WsvSb225EojFA6qL7idHZcUGadF3V5yj9qGU+yYdjXH8vP/cVmXmc8ti/buyA6q78SmSVHQFi3kTzjVNT0= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding; b=LHEUtyJz3ovOZWHgT4JPkR5K8ghMMXoe1Dm+Wkce8mEufaoRbI+iVpwXM00YbNACJs8I3Gp0ViflpZOERvG9dLixyOQVzivm3r6NAzYeaNcuYhBUX+IDhdcbpWJgs9RIlgzHE1+oSON47PxxRpLGUgtK17fzTlBCVqQCxA2awbU=; Message-ID: <634188.92246.qm@web63905.mail.re1.yahoo.com> X-YMail-OSG: nNG2J.kVM1l0ScEq2Hsli78QP8xKmXRmHSMBgCmFXyZU0BWWgAU- Received: from [66.176.162.245] by web63905.mail.re1.yahoo.com via HTTP; Tue, 21 Jul 2009 07:49:07 PDT X-Mailer: YahooMailClassic/5.4.17 YahooMailWebService/0.7.289.15 Date: Tue, 21 Jul 2009 07:49:07 -0700 (PDT) From: Barney Cordoba To: Attila Nagy MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-net@freebsd.org, Hooman Fazaeli Subject: Re: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 14:49:09 -0000 =0A=0A--- On Tue, 7/21/09, Attila Nagy wrote:=0A=0A> From: Att= ila Nagy =0A> Subject: Re: broadcom 57710 support=0A> To: "Barn= ey Cordoba" =0A> Cc: freebsd-net@freebsd.org, "Ho= oman Fazaeli" =0A> Date: Tuesday, July 21, 2009, 8:51 = AM=0A> Barney Cordoba wrote:=0A> >> Any one knows if there is any near plan= to develop=0A> drivers=0A> >> for=0A> >> =0A> >> network cards based on br= oadcom NetXtereme II=0A> 57710=0A> >> =0A> >> 10 GbE controller?=0A> >> =0A= > >> -----------------------=0A> >> best regards=0A> >> Hooman Fazaeli=0A> = >>=A0 =A0=A0=A0=0A> > =0A> > Ok, I'll bite. What is so special about this= =0A> particular part that you simply must use it in your 10GbE=0A> server?= =0A> > =0A> >=A0=A0=A0=0A> A possible cause -at least for me- is that HP sw= itched from=0A> the Gigabit Broadcoms for these 10GE versions. So newer=0A>= machines (for example the HP BL460c G6) come with Broadcom=0A> 57711 inste= ad of the 57xx ones (supported by bge and bce).=0A> =0A=0AI wouldn't use a = "new" server that doesn't support Nehelam. You're better=0Aoff getting a 1U= server that has exactly what you want in it, rather than=0Ahaving to hope = that whoever happens to write a driver for this new part=0Adoes a good job.= Even then you're stuck with last year's CPU model, =0Aguaranteeing 20% les= s performance. =0A=0ABarney=0A=0A=0A From owner-freebsd-net@FreeBSD.ORG Tue Jul 21 16:41:45 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 34BFF106564A for ; Tue, 21 Jul 2009 16:41:45 +0000 (UTC) (envelope-from davidch@broadcom.com) Received: from mms1.broadcom.com (mms1.broadcom.com [216.31.210.17]) by mx1.freebsd.org (Postfix) with ESMTP id 138158FC13 for ; Tue, 21 Jul 2009 16:41:44 +0000 (UTC) (envelope-from davidch@broadcom.com) Received: from [10.9.200.133] by mms1.broadcom.com with ESMTP (Broadcom SMTP Relay (Email Firewall v6.3.2)); Tue, 21 Jul 2009 09:27:07 -0700 X-Server-Uuid: 02CED230-5797-4B57-9875-D5D2FEE4708A Received: from IRVEXCHCCR01.corp.ad.broadcom.com ([10.252.49.30]) by IRVEXCHHUB02.corp.ad.broadcom.com ([10.9.200.133]) with mapi; Tue, 21 Jul 2009 09:28:32 -0700 From: "David Christensen" To: "H.Fazaeli" , "freebsd-net@freebsd.org" Date: Tue, 21 Jul 2009 09:27:06 -0700 Thread-Topic: broadcom 57710 support Thread-Index: AcoH+BOrRG3e37bqSMmSZ0hohiM96gCJo7bg Message-ID: <5D267A3F22FD854F8F48B3D2B523819339EC15C6D5@IRVEXCHCCR01.corp.ad.broadcom.com> References: <4A5C3EE6.7010704@sepehrs.com> In-Reply-To: <4A5C3EE6.7010704@sepehrs.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US MIME-Version: 1.0 X-WSS-ID: 667B33D10EG46902406-01-01 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Cc: Subject: RE: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 16:41:45 -0000 > Is there any near plan to develop drivers for network cards=20 > based on broadcom NetXtereme II 57710 10 GbE controller? I have written a driver to support the 57710/57711/57711E parts, bxe(9), but I haven't released it as I haven't been able to get much testing mileage on it. The biggest challenge is the wide array of PHYs used in the 10GbE space which makes testing a complex issue (I think we have 7 or 8 PHYs today which various customers use). =20 If there are some developers who are interested in getting a version of the driver and helping work out some of the bugs please contact me directly. Ideally I'd like to have this driver ready for 8.1. Dave= From owner-freebsd-net@FreeBSD.ORG Tue Jul 21 19:06:39 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6CE46106566B; Tue, 21 Jul 2009 19:06:39 +0000 (UTC) (envelope-from qingli@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 445788FC14; Tue, 21 Jul 2009 19:06:39 +0000 (UTC) (envelope-from qingli@FreeBSD.org) Received: from freefall.freebsd.org (qingli@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6LJ6d2Q035928; Tue, 21 Jul 2009 19:06:39 GMT (envelope-from qingli@freefall.freebsd.org) Received: (from qingli@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6LJ6dvu035927; Tue, 21 Jul 2009 19:06:39 GMT (envelope-from qingli) Date: Tue, 21 Jul 2009 19:06:39 GMT From: Qing Li Message-Id: <200907211906.n6LJ6dvu035927@freefall.freebsd.org> To: current@freebsd.org Cc: net@freebsd.org Subject: useloopback sysctl vars X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 19:06:39 -0000 Hi, Does anyone set either of the following systl variables to 0? net.link.ether.inet.useloopback net.inet6.icmp6.nd6_useloopback If so, would you mind letting me know your reasons? Thanks, -- Qing From owner-freebsd-net@FreeBSD.ORG Tue Jul 21 19:47:14 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D45C106566C for ; Tue, 21 Jul 2009 19:47:14 +0000 (UTC) (envelope-from bra@fsn.hu) Received: from people.fsn.hu (people.fsn.hu [195.228.252.137]) by mx1.freebsd.org (Postfix) with ESMTP id E72168FC14 for ; Tue, 21 Jul 2009 19:47:13 +0000 (UTC) (envelope-from bra@fsn.hu) Message-ID: <4A661B3E.1060007@fsn.hu> Date: Tue, 21 Jul 2009 21:47:10 +0200 From: Attila Nagy User-Agent: Thunderbird 2.0.0.22 (X11/20090608) MIME-Version: 1.0 To: Barney Cordoba References: <634188.92246.qm@web63905.mail.re1.yahoo.com> In-Reply-To: <634188.92246.qm@web63905.mail.re1.yahoo.com> X-Stationery: 0.4.9 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1 (people.fsn.hu [0.0.0.0]); Tue, 21 Jul 2009 21:47:12 +0200 (CEST) Cc: freebsd-net@freebsd.org, Hooman Fazaeli Subject: Re: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 19:47:14 -0000 Barney Cordoba wrote: >> A possible cause -at least for me- is that HP switched from >> the Gigabit Broadcoms for these 10GE versions. So newer >> machines (for example the HP BL460c G6) come with Broadcom >> 57711 instead of the 57xx ones (supported by bge and bce). >> >> > > I wouldn't use a "new" server that doesn't support Nehelam. You're better > off getting a 1U server that has exactly what you want in it, rather than > having to hope that whoever happens to write a driver for this new part > does a good job. Even then you're stuck with last year's CPU model, > guaranteeing 20% less performance. > The BL460c G6 supports Nehalem (Intel 55xx), and 1U server instead of a blade is all what I want. From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 03:42:40 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 78D641065674 for ; Wed, 22 Jul 2009 03:42:40 +0000 (UTC) (envelope-from rascal1981@gmail.com) Received: from mail-qy0-f191.google.com (mail-qy0-f191.google.com [209.85.221.191]) by mx1.freebsd.org (Postfix) with ESMTP id 2BAFE8FC08 for ; Wed, 22 Jul 2009 03:42:39 +0000 (UTC) (envelope-from rascal1981@gmail.com) Received: by qyk29 with SMTP id 29so485546qyk.3 for ; Tue, 21 Jul 2009 20:42:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=4Jr4vO4RjZmmUUZyT2+V/cIKFSYGIadeUap7VS6Uk1Y=; b=EEq+ttxSA2sgq1l3+Kx4F15805XJU+a2EleSG+aE3bkEaw+RpnKFCXjs6LzVb/X96Q JwYlZ+UCLwMURvCaERFjY1D7w1LOvKZqNRuLfnw6+mFkDuO3Aq9dJb2x55MOaok7Wt8D RD5MjC6/u96gMdrWw6wp/f9aWxCkxFSEp+e9k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=pdvGyOOlYPo49ECT2zZJy/g8IWZJSDqSYQDJAZwNPZpx/jvPLxAA2a24a9ndekA+t9 Me/kLV3L+DEMRBJSkmhnhZLs6wKqCSFILhTpB8kbBg9guSmfdW+aTDtaMQ9rDTOQ5ZgP 5rqfkvDLRKq1vTbwugqrNw9oX/x6H5GP3akvU= MIME-Version: 1.0 Received: by 10.220.100.194 with SMTP id z2mr316163vcn.38.1248234159089; Tue, 21 Jul 2009 20:42:39 -0700 (PDT) In-Reply-To: <20090717062218.GL6896@verio.net> References: <3228ef7c0907130809n29566514xb2c1f522e1da8a3f@mail.gmail.com> <20090714134131.GA23925@traktor.dnepro.net> <3228ef7c0907140918i5d90dc44q995a4210f2767f9a@mail.gmail.com> <20090715001514.GU6896@verio.net> <3228ef7c0907141843s30df148eu2c6c64acd7748029@mail.gmail.com> <20090715021251.GV6896@verio.net> <3228ef7c0907142001y650892b3w696576647086ba38@mail.gmail.com> <20090717062218.GL6896@verio.net> Date: Tue, 21 Jul 2009 23:42:39 -0400 Message-ID: <3228ef7c0907212042vcc77f7cx1e73fc48ae9e8628@mail.gmail.com> From: rascal To: rascal , freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: question regarding IPSEC Setup X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 03:42:40 -0000 Sorry for the delay on replying to this but I have been horribly swamped with a handful of other fires. I am coming back to this tomorrow and with a fresh cisco device! So I am hoping to have an update for you all tomorrow or the next day. Thanks again David for the fresh cisco example; I can already see at least to points of issue that I have made! I'll get back to you all soon and thanks again! On Fri, Jul 17, 2009 at 2:22 AM, David DeSimone wrote: > rascal wrote: > > > > If I could ask one more favor; what does your cisco config look like > > that would match one of these? I have got mine configed based on > > someone else's tunnel specs and while I am sure they are comparable I > > wanted to make sure I wasn't missing anything. > > Here's an example config that I sanitized from one of our Cisco routers; > I think it should work, but it's only an example. At some point you > have to adapt these configs to your own situation. :) > > crypto isakmp policy 1 > encr aes > authentication pre-share > group 2 > > crypto isakmp key SecretKey!! address 11.22.33.44 > > crypto ipsec transform-set AES-SHA1 esp-aes esp-sha-hmac > > crypto map IPSEC local-address GigabitEthernet0/1 > > crypto map IPSEC 1 ipsec-isakmp > set peer 11.22.33.44 > set transform-set AES-SHA1 > match address remote-site > > interface GigabitEthernet0/1 > ip address 55.66.77.88 255.255.255.224 > crypto map IPSEC > > ip access-list extended remote-site > permit ip 10.20.50.60 0.0.0.255 10.10.30.40 0.0.0.255 > permit ip 10.20.50.60 0.0.0.255 10.10.30.50 0.0.0.255 > permit ip 10.20.50.70 0.0.0.255 10.10.30.40 0.0.0.255 > permit ip 10.20.50.70 0.0.0.255 10.10.30.50 0.0.0.255 > > -- > David DeSimone == Network Admin == fox@verio.net > "I don't like spinach, and I'm glad I don't, because if I > liked it I'd eat it, and I just hate it." -- Clarence Darrow > > > This email message is intended for the use of the person to whom it has > been sent, and may contain information that is confidential or legally > protected. If you are not the intended recipient or have received this > message in error, you are not authorized to copy, distribute, or otherwise > use this message or its attachments. Please notify the sender immediately by > return e-mail and permanently delete this message and any attachments. > Verio, Inc. makes no warranty that this email is error or virus free. Thank > you. > From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 06:32:29 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 782B8106564A; Wed, 22 Jul 2009 06:32:29 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.delphij.net (delphij-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:2c9::2]) by mx1.freebsd.org (Postfix) with ESMTP id 043CC8FC17; Wed, 22 Jul 2009 06:32:28 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.geekcn.org (tarsier.geekcn.org [211.166.10.233]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tarsier.delphij.net (Postfix) with ESMTPS id CA6175C027; Wed, 22 Jul 2009 14:32:26 +0800 (CST) Received: from localhost (tarsier.geekcn.org [211.166.10.233]) by tarsier.geekcn.org (Postfix) with ESMTP id 87EBA55CD8B2; Wed, 22 Jul 2009 14:32:21 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([211.166.10.233]) by localhost (mail.geekcn.org [211.166.10.233]) (amavisd-new, port 10024) with ESMTP id yOyOr6iLFMQV; Wed, 22 Jul 2009 14:31:27 +0800 (CST) Received: from charlie.delphij.net (c-67-188-2-183.hsd1.ca.comcast.net [67.188.2.183]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTPSA id 7E14155CD8AE; Wed, 22 Jul 2009 14:31:21 +0800 (CST) DomainKey-Signature: a=rsa-sha1; s=default; d=delphij.net; c=nofws; q=dns; h=message-id:date:from:reply-to:organization:user-agent: mime-version:to:cc:subject:x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=E8mioTCYYiUrO8y/9LQJwgsFMwT+Dj2mNb7anJ/gIVvdLgMMpwO+x0PSM2qeXfS6E xjmBb5EfTsE7fiIp3SDjA== Message-ID: <4A66B227.6010706@delphij.net> Date: Tue, 21 Jul 2009 23:31:03 -0700 From: Xin LI Organization: The FreeBSD Project User-Agent: Thunderbird 2.0.0.22 (X11/20090701) MIME-Version: 1.0 To: freebsd-net@freebsd.org, FreeBSD Current X-Enigmail-Version: 0.95.7 OpenPGP: id=18EDEBA0; url=http://www.delphij.net/delphij.asc Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" Subject: LOR: PFil hook read/write mutex vs if_bridge X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 06:32:30 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Looks like a new one, anybody care about it? (maybe harmless though. I haven't get a chance to exercise it further) lock order reversal: 1st 0xffffffff809ee9c8 PFil hook read/write mutex (PFil hook read/write mutex) @ /usr/src/sys/net/pfil.c:74 2nd 0xffffff0003326418 if_bridge (if_bridge) @ /usr/src/sys/net/if_bridge.c:1848 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2a _witness_debugger() at _witness_debugger+0x2e witness_checkorder() at witness_checkorder+0x81e _mtx_lock_flags() at _mtx_lock_flags+0x78 bridge_output() at bridge_output+0x67 ether_output() at ether_output+0x558 pf_route() at pf_route+0x5ec pf_test() at pf_test+0x7c4 pf_check_in() at pf_check_in+0x39 pfil_run_hooks() at pfil_run_hooks+0xcf ip_input() at ip_input+0x2eb netisr_dispatch_src() at netisr_dispatch_src+0xb8 ether_demux() at ether_demux+0x17d ether_input() at ether_input+0x18e em_rxeof() at em_rxeof+0x254 em_handle_rxtx() at em_handle_rxtx+0x4b taskqueue_run() at taskqueue_run+0x96 taskqueue_thread_loop() at taskqueue_thread_loop+0x3f fork_exit() at fork_exit+0x12a fork_trampoline() at fork_trampoline+0xe - --- trap 0, rip = 0, rsp = 0xffffff80000a6d30, rbp = 0 --- - -- Xin LI http://www.delphij.net/ FreeBSD - The Power to Serve! -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) iEYEARECAAYFAkpmsicACgkQi+vbBBjt66DkhwCgojNp7zSLd/TNGrNg0rzVMpQ4 /XgAmwdOggz33OT8kBNjClVjz8R56Uy8 =7PU5 -----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 08:18:52 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DDAC9106566B for ; Wed, 22 Jul 2009 08:18:52 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from mail.digiware.nl (mail.ip6.digiware.nl [IPv6:2001:4cb8:1:106::2]) by mx1.freebsd.org (Postfix) with ESMTP id 7B4B58FC08 for ; Wed, 22 Jul 2009 08:18:52 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from localhost (localhost.digiware.nl [127.0.0.1]) by mail.digiware.nl (Postfix) with ESMTP id 00FCF153436 for ; Wed, 22 Jul 2009 10:18:51 +0200 (CEST) X-Virus-Scanned: amavisd-new at digiware.nl Received: from mail.digiware.nl ([127.0.0.1]) by localhost (rack1.digiware.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f+AsjkiOIKkJ; Wed, 22 Jul 2009 10:18:48 +0200 (CEST) Received: from [192.168.10.67] (opteron [192.168.10.67]) by mail.digiware.nl (Postfix) with ESMTP id C5447153435 for ; Wed, 22 Jul 2009 10:18:48 +0200 (CEST) Message-ID: <4A66CBE2.6050606@digiware.nl> Date: Wed, 22 Jul 2009 10:20:50 +0200 From: Willem Jan Withagen Organization: Digiware User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: IPv6 and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 08:18:53 -0000 Hi, Running 7.2 I tried to insert this into my IPFW rules # ipfw add allow udp from any to 2001:xxx:3::113,2001:xxxx:3::116 \ dst-port 10001-10100 keep-state ipfw: bad netmask ``xxxx:3::113'' also: # ipfw add allow udp from any to trixbox.ip6 dst-port 10001-10100 keep-state ipfw: hostname ``trixbox.ip6'' unknown Exit 68 # host trixbox.ip6 trixbox.ip6.digiware.nl has IPv6 address 2001:4cb8:3::116 So it looks like what is in the manual is overly optimistic: ---- addr6-list: ip6-addr[,addr6-list] ip6-addr: A host or subnet specified one of the following ways: numeric-ip | hostname Matches a single IPv6 address as allowed by inet_pton(3) or a hostname. Hostnames are resolved at the time the rule is added to the firewall list. addr/masklen Matches all IPv6 addresses with base addr (specified as allowed by inet_pton or a hostname) and mask width of masklen bits. No support for sets of IPv6 addresses is provided because IPv6 addresses are typically random past the initial prefix. ---- Anybody else ran into this? Or should I file this as a PR. --WjW From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 09:11:26 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 60F6B106566B for ; Wed, 22 Jul 2009 09:11:26 +0000 (UTC) (envelope-from lstewart@freebsd.org) Received: from lauren.room52.net (lauren.room52.net [210.50.193.198]) by mx1.freebsd.org (Postfix) with ESMTP id E8AB18FC17 for ; Wed, 22 Jul 2009 09:11:25 +0000 (UTC) (envelope-from lstewart@freebsd.org) Received: from lstewart-laptop.caia.swin.edu.au (host86-144-70-159.range86-144.btcentralplus.com [86.144.70.159]) (authenticated bits=0) by lauren.room52.net (8.14.3/8.14.3) with ESMTP id n6M9BDEm013073 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 22 Jul 2009 19:11:16 +1000 (EST) (envelope-from lstewart@freebsd.org) Message-ID: <4A66D799.5050307@freebsd.org> Date: Wed, 22 Jul 2009 10:10:49 +0100 From: Lawrence Stewart User-Agent: Thunderbird 2.0.0.22 (X11/20090626) MIME-Version: 1.0 To: Learner Study References: <7efa8a7d0907210207m327a1252nee4a04f5e4ea7a@mail.gmail.com> In-Reply-To: <7efa8a7d0907210207m327a1252nee4a04f5e4ea7a@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.1 required=5.0 tests=BAYES_00,RCVD_IN_PBL, RCVD_IN_SORBS_DUL, RDNS_DYNAMIC, SPF_SOFTFAIL autolearn=disabled version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on lauren.room52.net Cc: freebsd-net@freebsd.org Subject: Re: TCP SACK X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 09:11:26 -0000 Learner Study wrote: > Hello experts: > > Is there is reason why freebsd TCP implementation limits the number of SACK > blocks on receiver side to MAX_SACK_BLOCKS whereas the sender side SACK > holes are implemented as a linked list? > > Any issues if someone decides to use receiver side linked list as well > (instead of fixed sized array)? I'm not intimately familiar with the SACK code, so with that disclaimer in hand... For starters, there is a limit imposed by the TCP option space on the number of SACK blocks you can squeeze into a single TCP header (max 4, typically fewer when other common options are in use). MAX_SACK_BLKS is defined as 6, so we actually are able to store an extra 2 blocks receiver side than we can send in any given ACK. Given that constraint, I see no reason to store more blocks at the receiver. As holes get filled, we recompute the sack blocks anyway so I don't think (conceptually at least) we're losing any important information. I am aware though that the implementation is sub-optimal in other areas (a few of which I'm trying to fix). That said, I see no issues with switching to a linked list. You'd need to do some replumbing around the place and you will increase memory consumption for I suspect will be no real gain. If you decide to proceed and can measure improvements as a result of your changes, I'd be interested to look at your patch(es). I just suspect it will be a relatively fruitless endeavor. Cheers, Lawrence From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 10:00:31 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B6CAC106566C; Wed, 22 Jul 2009 10:00:31 +0000 (UTC) (envelope-from raffaele.delorenzo@libero.it) Received: from cp-out3.libero.it (cp-out3.libero.it [212.52.84.103]) by mx1.freebsd.org (Postfix) with ESMTP id 4E5A08FC1A; Wed, 22 Jul 2009 10:00:30 +0000 (UTC) (envelope-from raffaele.delorenzo@libero.it) Received: from wmail6.libero.it (172.31.0.149) by cp-out3.libero.it (8.5.107) id 4A5F45D500449916; Wed, 22 Jul 2009 11:48:39 +0200 Message-ID: <3164304.442981248256119643.JavaMail.defaultUser@defaultHost> Date: Wed, 22 Jul 2009 11:48:39 +0200 (CEST) From: "raffaele.delorenzo@libero.it" To: , , freebsd-ipfw@freebsd.org MIME-Version: 1.0 Content-Type: text/plain;charset="UTF-8" Content-Transfer-Encoding: 7bit X-SenderIP: 213.182.95.50 Cc: rizzo@icir.org Subject: R: IPv6 and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "raffaele.delorenzo@libero.it" List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 10:00:32 -0000 Hi all, You has found a parser bug. When the protocol is "ipv6" and you are a comma separated ipv6 addresses, the parser work fine because the "add_srcip6" function is called and recognize all addresses. When the protocol is "!=ipv6" (like TCP,UDP,ICMP6) the "add_src" fuction is called and it cause troubles because the "inet_pton()" fails and erroneously is called the "add_srcip" function (see the code below). (from "ipfw2.c") add_src(ipfw_insn *cmd, char *av, u_char proto) { struct in6_addr a; char *host, *ch; ipfw_insn *ret = NULL; if ((host = strdup(av)) == NULL) return NULL; if ((ch = strrchr (host, '/')) != NULL) *ch = '\0'; if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 || inet_pton(AF_INET6, host, &a)) ret = add_srcip6(cmd, av); /* XXX: should check for IPv4, not !IPv6 */ if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 || !inet_pton(AF_INET6, host, &a))) ret = add_srcip(cmd, av); if (ret == NULL && strcmp(av, "any") != 0) ret = cmd; free(host); return ret; } I think that possibles solutions are the follows: 1) Create a new protocols types UPD6,TCP6 only for IPv6 rules to avoid parser confusions, and check about this protocol inside the "add_src" fuction (easy to implement). 2) Check the comma separated ip/ipv6 addresses inside the "add_src" function (a little too hard to implement). I appreciate suggestions from the community experts about this problem. Ciao Raffaele >----Messaggio originale---- >Da: wjw@digiware.nl >Data: 22/07/2009 10.20 >A: >Ogg: IPv6 and ipfw > >Hi, > >Running 7.2 I tried to insert this into my IPFW rules > ># ipfw add allow udp from any to 2001:xxx:3:: 113,2001:xxxx:3::116 \ > dst-port 10001-10100 keep-state >ipfw: bad netmask ``xxxx:3::113'' > >also: ># ipfw add allow udp from any to trixbox.ip6 dst-port 10001-10100 keep-state >ipfw: hostname ``trixbox.ip6'' unknown >Exit 68 ># host trixbox.ip6 >trixbox.ip6.digiware.nl has IPv6 address 2001:4cb8:3::116 > >So it looks like what is in the manual is overly optimistic: >---- > addr6-list: ip6-addr[,addr6-list] > > ip6-addr: > A host or subnet specified one of the following ways: > > numeric-ip | hostname > Matches a single IPv6 address as allowed by inet_pton(3) > or a hostname. Hostnames are resolved at the time the > rule is added to the firewall list. > > addr/masklen > Matches all IPv6 addresses with base addr (specified as > allowed by inet_pton or a hostname) and mask width of > masklen bits. > > No support for sets of IPv6 addresses is provided because IPv6 > addresses are typically random past the initial prefix. >---- > >Anybody else ran into this? >Or should I file this as a PR. > >--WjW >_______________________________________________ >freebsd-net@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-net >To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 10:17:20 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8F84A106564A for ; Wed, 22 Jul 2009 10:17:20 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from mail.giulioferro.it (mail.giulioferro.it [85.18.102.52]) by mx1.freebsd.org (Postfix) with ESMTP id 4C66E8FC1F for ; Wed, 22 Jul 2009 10:17:19 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from localhost (localhost [127.0.0.1]) by mail.giulioferro.it (Postfix) with ESMTP id 1E26333D0B for ; Wed, 22 Jul 2009 12:05:15 +0200 (CEST) X-Virus-Scanned: amavisd-new at giulioferro.it Received: from mail.giulioferro.it ([127.0.0.1]) by localhost (aurynwork1sv1.giulioferro.it [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0R2LXVgmfSmN for ; Wed, 22 Jul 2009 12:05:12 +0200 (CEST) Received: from aurynmob2.giulioferro.it (localhost [127.0.0.1]) (Authenticated sender: gferro@giulioferro.it) by mail.giulioferro.it (Postfix) with ESMTP id 69B4C33D0A for ; Wed, 22 Jul 2009 12:05:12 +0200 (CEST) Message-ID: <4A66E39A.8000201@zirakzigil.org> Date: Wed, 22 Jul 2009 12:02:02 +0200 From: Giulio Ferro User-Agent: Thunderbird 2.0.0.21 (X11/20090323) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: multicast and multiple nics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 10:17:20 -0000 This is something that's really been puzzling me lately... Freebsd 8 beta amd64 recently updated The box has 2 nics: (internet inteface) em0 : 192.168.1.1, netmask 255.255.255.0 (lan interface) re0 : 192.168.2.1 netmask 255.255.255.0 (lan interface) 192.168.2.2 netmask 255.255.255.255 (alias 0) 192.168.2.3 netmask 255.255.255.255 (alias 1) I want to run ushare (/usr/ports/ushare). This program sends multicast packets to multicast address 239.255.255.250 The packets should go to the lan, so I add the route: route add 224/4 -iface re0 In order to do the test I switch off the firewall (/etc/rc.d/pf stop) I start the service, but no packets can be seen leaving the interface re0 with tcpdump. Even If I ping a multicast address directly I can see no packets at all: ping -I 192.168.2.1 239.255.255.250 I can't really understand why this doesn't work. I've also tried to enable multicast routing (mrouted), just defining the interfaces I want to use in /etc/mrouted.conf, but no luck. I'm not even sure if mrouted should be needed in this setup, anyway... Can someone point me what I'm doing wrong? Thanks. From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 10:47:48 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1005F106564A for ; Wed, 22 Jul 2009 10:47:48 +0000 (UTC) (envelope-from iprebeg@freebsd.org) Received: from maja.zesoi.fer.hr (maja.zesoi.fer.hr [161.53.64.3]) by mx1.freebsd.org (Postfix) with ESMTP id 99BAD8FC1D for ; Wed, 22 Jul 2009 10:47:47 +0000 (UTC) (envelope-from iprebeg@freebsd.org) Received: from localhost (localhost [127.0.0.1]) by maja.zesoi.fer.hr (Postfix) with ESMTP id 6E9FC42F7E; Wed, 22 Jul 2009 12:47:43 +0200 (CEST) Received: from maja.zesoi.fer.hr ([127.0.0.1]) by localhost (maja.zesoi.fer.hr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7U93C2SccaOc; Wed, 22 Jul 2009 12:47:37 +0200 (CEST) Received: from valeria.zesoi.fer.hr (valeria.zesoi.fer.hr [161.53.64.29]) by maja.zesoi.fer.hr (Postfix) with ESMTP id 4ABFD42F7D; Wed, 22 Jul 2009 12:47:18 +0200 (CEST) Date: Wed, 22 Jul 2009 12:40:59 +0200 From: iprebeg@freebsd.org To: Giulio Ferro Message-ID: <20090722104059.GA682@valeria.zesoi.fer.hr> References: <4A66E39A.8000201@zirakzigil.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4A66E39A.8000201@zirakzigil.org> User-Agent: Mutt/1.5.16 (2007-06-09) Cc: freebsd-net@freebsd.org Subject: Re: multicast and multiple nics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 10:47:48 -0000 On Wed, Jul 22, 2009 at 12:02:02PM +0200, Giulio Ferro wrote: > This is something that's really been puzzling me lately... > > Freebsd 8 beta amd64 recently updated > > The box has 2 nics: > (internet inteface) > em0 : 192.168.1.1, netmask 255.255.255.0 > > (lan interface) > re0 : 192.168.2.1 netmask 255.255.255.0 (lan interface) > 192.168.2.2 netmask 255.255.255.255 (alias 0) > 192.168.2.3 netmask 255.255.255.255 (alias 1) > > I want to run ushare (/usr/ports/ushare). This program sends > multicast packets to multicast address 239.255.255.250 > > The packets should go to the lan, so I add the route: > route add 224/4 -iface re0 > > In order to do the test I switch off the firewall (/etc/rc.d/pf stop) > > I start the service, but no packets can be seen leaving the interface re0 > with tcpdump. Can you try to sniff with other machine in that lan? > > Even If I ping a multicast address directly I can see no packets at all: > > ping -I 192.168.2.1 239.255.255.250 Please, try to use mcastread like this mcastread -v4 -s 192.168.2.1 re0 239.255.255.250 1337 or mcastsend like this mcastsend -i re0 239.255.255.250 1337 to check is there any mcast traffic. ( IGMP packets generated by mcastread are mcasted to 224.0.0.22 ). There is also quite a bug already mentioned here. Something is preventing proper setting of destionation MAC. It is seen as DMAC stays unicast-like. > > I can't really understand why this doesn't work. I've also tried to enable > multicast routing (mrouted), just defining the interfaces I want to use > in /etc/mrouted.conf, but no luck. I'm not even sure if mrouted should be > needed in this setup, anyway... You don't need mrouted, AFAIK. It is needed only when you want deploy mcast session in WAN. > > Can someone point me what I'm doing wrong? > > Thanks. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 12:03:07 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DA8B01065680 for ; Wed, 22 Jul 2009 12:03:07 +0000 (UTC) (envelope-from fb-net@psconsult.nl) Received: from mx1.psconsult.nl (psc11.adsl.iaf.nl [80.89.238.138]) by mx1.freebsd.org (Postfix) with ESMTP id 6BAF88FC1E for ; Wed, 22 Jul 2009 12:03:07 +0000 (UTC) (envelope-from fb-net@psconsult.nl) Received: from mx1.psconsult.nl (localhost [80.89.238.138]) by mx1.psconsult.nl (8.14.2/8.14.2) with ESMTP id n6MBdvWo002906 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 22 Jul 2009 13:40:02 +0200 (CEST) (envelope-from fb-net@psconsult.nl) Received: (from paul@localhost) by mx1.psconsult.nl (8.14.2/8.14.2/Submit) id n6MBduEr002905 for freebsd-net@freebsd.org; Wed, 22 Jul 2009 13:39:56 +0200 (CEST) (envelope-from fb-net@psconsult.nl) Date: Wed, 22 Jul 2009 13:39:56 +0200 From: Paul Schenkeveld To: freebsd-net@freebsd.org Message-ID: <20090722113956.GA1870@psconsult.nl> Mail-Followup-To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.17 (2007-11-01) Subject: Bridging wlan to gif? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 12:03:12 -0000 Hi, I'm trying to bridge a wlan interface to a gif tunnel on 8.0-BETA2. Running tcpdump on wlan0 I see DHCP packets coming in as IP packets, on gif0 however tcpdump shows ethernet headers prepended. Needless to say things do not work as expected. What I try to accomplish is the following: +------+ +--------------+ +-------+ | | .... |ath0 bge0|-----|Router | Gateway | | |wlan0 gif0| +-------+ +----------+ | | | \ / | | | gif0 | | | | bridge0 | Internet | \ | | | | | | | bridge0 | +------+ +--------------+ +-------+ | \ | Wifi Access point |Router |----|fxp0 fxp1|---- LAN X client 8.0-BETA2 +-------+ +----------+ - The Wifi client must be part of LAN X and receive a DHCP address from a DHCP server (not shown) on LAN X - On the access point wlan0 and gif0 are bridged together - On the gateway fxp1 and gif0 are bridged together - Gif0 on the access point and gif0 on the gateway communicate correctly when given IP addresses Regards, Paul Schenkeveld From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 15:11:00 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 22886106566B; Wed, 22 Jul 2009 15:11:00 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from mail.digiware.nl (mail.ip6.digiware.nl [IPv6:2001:4cb8:1:106::2]) by mx1.freebsd.org (Postfix) with ESMTP id 9D9EA8FC20; Wed, 22 Jul 2009 15:10:59 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from localhost (localhost.digiware.nl [127.0.0.1]) by mail.digiware.nl (Postfix) with ESMTP id 1C619153435; Wed, 22 Jul 2009 17:10:58 +0200 (CEST) X-Virus-Scanned: amavisd-new at digiware.nl Received: from mail.digiware.nl ([127.0.0.1]) by localhost (rack1.digiware.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tVqvVOexAWIL; Wed, 22 Jul 2009 17:10:55 +0200 (CEST) Received: from [192.168.10.67] (opteron [192.168.10.67]) by mail.digiware.nl (Postfix) with ESMTP id 9E167153436; Wed, 22 Jul 2009 17:10:55 +0200 (CEST) Message-ID: <4A672C79.3000006@digiware.nl> Date: Wed, 22 Jul 2009 17:12:57 +0200 From: Willem Jan Withagen Organization: Digiware User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: "raffaele.delorenzo@libero.it" References: <3164304.442981248256119643.JavaMail.defaultUser@defaultHost> In-Reply-To: <3164304.442981248256119643.JavaMail.defaultUser@defaultHost> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org, rizzo@icir.org, net@freebsd.org Subject: Re: R: IPv6 and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 15:11:00 -0000 Reply below, and an also reorganised the yours... raffaele.delorenzo@libero.it wrote: >> Hi, >> >> Running 7.2 I tried to insert > this into my IPFW rules >> # ipfw add allow udp from any to 2001:xxx:3:: > 113,2001:xxxx:3::116 \ >> dst-port 10001-10100 keep-state >> ipfw: bad netmask > ``xxxx:3::113'' >> also: >> # ipfw add allow udp from any to trixbox.ip6 dst-port > 10001-10100 keep-state >> ipfw: hostname ``trixbox.ip6'' unknown >> Exit 68 >> # host > trixbox.ip6 >> trixbox.ip6.digiware.nl has IPv6 address 2001:4cb8:3::116 >> >> So it > looks like what is in the manual is overly optimistic: >> ---- >> addr6-list: > ip6-addr[,addr6-list] >> ip6-addr: >> A host or subnet > specified one of the following ways: >> numeric-ip | hostname > >> Matches a single IPv6 address as allowed by inet_pton(3) > >> or a hostname. Hostnames are resolved at the time the > >> rule is added to the firewall list. >> >> > addr/masklen >> Matches all IPv6 addresses with base addr > (specified as >> allowed by inet_pton or a hostname) and > mask width of >> masklen bits. >> >> No support > for sets of IPv6 addresses is provided because IPv6 >> addresses > are typically random past the initial prefix. >> ---- >> >> Anybody else ran into > this? >> Or should I file this as a PR. > Hi all, > You has found a parser bug. > When the protocol is "ipv6" and you are a > comma separated ipv6 addresses, the parser work fine because the "add_srcip6" > function is called and recognize all addresses. > When the protocol is "!=ipv6" > (like TCP,UDP,ICMP6) the "add_src" fuction is called and it cause troubles > because the "inet_pton()" fails and erroneously is called the "add_srcip" > function (see the code below). > > (from "ipfw2.c") > add_src(ipfw_insn *cmd, char > *av, u_char proto) > { > struct in6_addr a; > char *host, *ch; > ipfw_insn *ret = > NULL; > > if ((host = strdup(av)) == NULL) > return NULL; > if ((ch = strrchr > (host, '/')) != NULL) > *ch = '\0'; > > if (proto == IPPROTO_IPV6 || strcmp(av, > "me6") == 0 || > inet_pton(AF_INET6, host, &a)) > ret = add_srcip6(cmd, av); > > /* XXX: should check for IPv4, not !IPv6 */ > if (ret == NULL && (proto == > IPPROTO_IP || strcmp(av, "me") == 0 || > !inet_pton(AF_INET6, host, &a))) > > ret = add_srcip(cmd, av); > if (ret == NULL && strcmp(av, "any") != 0) > ret = > cmd; > > free(host); > return ret; > } > > I think that possibles solutions are the > follows: > > 1) Create a new protocols types UPD6,TCP6 only for IPv6 rules to > avoid parser confusions, and check about this protocol inside the "add_src" > fuction (easy to implement). > 2) Check the comma separated ip/ipv6 addresses > inside the "add_src" function (a little too hard to implement). > > I appreciate > suggestions from the community experts about this problem. I would prefer not to make seperate tcp6 and udp6 items, since what i would like to do is things like: hostlist="a.b.c.d,A:B:C:D::F" and then in the firewall something like ipfw add allow tcp from any to ${hostlist} dst-port 80 setup and if tcp now goes into tcp and tcp6 I need to double my rules etc. Which raises one other point: using a FQDN with more A and AAAA records also just inserts the first reply in the list. Now I don't use FQDN since most of the time in the Firewall DNS is not quite up yet. --WjW From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 16:33:56 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D9828106564A for ; Wed, 22 Jul 2009 16:33:56 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outW.internet-mail-service.net (outw.internet-mail-service.net [216.240.47.246]) by mx1.freebsd.org (Postfix) with ESMTP id C030A8FC08 for ; Wed, 22 Jul 2009 16:33:56 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 93A68B3F80 for ; Wed, 22 Jul 2009 09:33:56 -0700 (PDT) X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 17D702D6004 for ; Wed, 22 Jul 2009 09:33:56 -0700 (PDT) Message-ID: <4A673F75.8070003@elischer.org> Date: Wed, 22 Jul 2009 09:33:57 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: freebsd-net@freebsd.org References: <20090722113956.GA1870@psconsult.nl> In-Reply-To: <20090722113956.GA1870@psconsult.nl> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Bridging wlan to gif? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 16:33:57 -0000 Paul Schenkeveld wrote: > Hi, > > I'm trying to bridge a wlan interface to a gif tunnel on 8.0-BETA2. > Running tcpdump on wlan0 I see DHCP packets coming in as IP packets, > on gif0 however tcpdump shows ethernet headers prepended. Needless > to say things do not work as expected. > > What I try to accomplish is the following: > > +------+ +--------------+ +-------+ > | | .... |ath0 bge0|-----|Router | Gateway > | | |wlan0 gif0| +-------+ +----------+ > | | | \ / | | | gif0 | > | | | bridge0 | Internet | \ | > | | | | | | bridge0 | > +------+ +--------------+ +-------+ | \ | > Wifi Access point |Router |----|fxp0 fxp1|---- LAN X > client 8.0-BETA2 +-------+ +----------+ > nice diagram.... you can't bridge gif as it doesn't have a MAC header if yo want to bridge the wifi net and LAN X then tha tis another matter and you can probably do that., but you are goin gto have to use a different way to do it.. Might I suggest a netgraph bridge, where the tunnel is implemented as a tcp or UDP socket layer (optionally with ipsec). use a netgraph bridge node on each side, and connect them using ksocket nodes which are linked to each other. you might also find that you can use mpd as a good link between them. I've done this in the past but do not have working examples in front of me. > - The Wifi client must be part of LAN X and receive a DHCP address from > a DHCP server (not shown) on LAN X > - On the access point wlan0 and gif0 are bridged together > - On the gateway fxp1 and gif0 are bridged together > - Gif0 on the access point and gif0 on the gateway communicate correctly > when given IP addresses > > Regards, > > Paul Schenkeveld > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 18:47:57 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2B3B01065670; Wed, 22 Jul 2009 18:47:57 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 012A48FC14; Wed, 22 Jul 2009 18:47:57 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (gavin@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6MIlumP027732; Wed, 22 Jul 2009 18:47:56 GMT (envelope-from gavin@freefall.freebsd.org) Received: (from gavin@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6MIlut9027728; Wed, 22 Jul 2009 18:47:56 GMT (envelope-from gavin) Date: Wed, 22 Jul 2009 18:47:56 GMT Message-Id: <200907221847.n6MIlut9027728@freefall.freebsd.org> To: gavin@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: gavin@FreeBSD.org Cc: Subject: Re: bin/136994: [patch] ifconfig(8) print carp mac address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 18:47:57 -0000 Old Synopsis: [patch] ifconfig: print carp mac address New Synopsis: [patch] ifconfig(8) print carp mac address Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: gavin Responsible-Changed-When: Wed Jul 22 18:45:25 UTC 2009 Responsible-Changed-Why: Over to maintainer(s) http://www.freebsd.org/cgi/query-pr.cgi?pr=136994 From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 22:35:02 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2758D1065670 for ; Wed, 22 Jul 2009 22:35:02 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from sepehrs.com (www.sepehrs.com [213.217.59.98]) by mx1.freebsd.org (Postfix) with ESMTP id 563C78FC18 for ; Wed, 22 Jul 2009 22:35:00 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from [192.168.4.180] ([192.168.3.1]) by mail (8.14.3/8.14.3) with ESMTP id n6L6Yg46020758; Tue, 21 Jul 2009 11:04:42 +0430 (IRDT) Message-ID: <4A656239.2090803@sepehrs.com> Date: Tue, 21 Jul 2009 11:07:45 +0430 From: "H.Fazaeli" User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: "Wojciech A. Koszek" , freebsd-net@FreeBSD.org References: <4A62D7DD.3040701@sepehrs.com> <20090720050153.GP1166@FreeBSD.org> In-Reply-To: <20090720050153.GP1166@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 22:35:02 -0000 Wojciech A. Koszek wrote: > On Sun, Jul 19, 2009 at 12:52:53PM +0430, H.Fazaeli wrote: > >> Is there any near plan to develop drivers for >> network cards based on broadcom NetXtereme II 57710 >> 10 GbE controller? >> > > Do you plan to help somehow with driver development? > > No. I just plan to use them on IBM blade servers. > In order to develop this driver someone would probably have an > easy access to those cards. Are they packaged in PCIe format as > well, or they only have the blade version? > > Thanks, > Both blade and usual PC form factors are available. See http://www.redbooks.ibm.com/technotes/tips0688.pdf and http://www.broadcom.com/products/Enterprise-Networking/10-Gigabit-Ethernet-Controllers/BCM57710 -- Best regards. Hooman Fazaeli From owner-freebsd-net@FreeBSD.ORG Wed Jul 22 22:35:03 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CC40F106564A for ; Wed, 22 Jul 2009 22:35:03 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from sepehrs.com (www.sepehrs.com [213.217.59.98]) by mx1.freebsd.org (Postfix) with ESMTP id 1B65D8FC0A for ; Wed, 22 Jul 2009 22:35:02 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from [192.168.4.180] ([192.168.3.1]) by mail (8.14.3/8.14.3) with ESMTP id n6L6SNme020608; Tue, 21 Jul 2009 10:58:23 +0430 (IRDT) Message-ID: <4A6560BE.9090608@sepehrs.com> Date: Tue, 21 Jul 2009 11:01:26 +0430 From: "H.Fazaeli" User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: Barney Cordoba References: <50667.57004.qm@web63901.mail.re1.yahoo.com> In-Reply-To: <50667.57004.qm@web63901.mail.re1.yahoo.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@FreeBSD.org Subject: Re: broadcom 57710 support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2009 22:35:04 -0000 Nothing actually special. They are one of few 10GbE expansion cards supported on IBM blade servers. See http://www.redbooks.ibm.com/technotes/tips0688.pdf Barney Cordoba wrote: > > --- On Sun, 7/19/09, Hooman Fazaeli wrote: > > >> From: Hooman Fazaeli >> Subject: broadcom 57710 support >> To: freebsd-net@freebsd.org >> Date: Sunday, July 19, 2009, 5:08 AM >> >> Any one knows if there is any near plan to develop drivers >> for >> >> network cards based on broadcom NetXtereme II 57710 >> >> 10 GbE controller? >> >> ----------------------- >> best regards >> Hooman Fazaeli >> > > Ok, I'll bite. What is so special about this particular part that you > simply must use it in your 10GbE server? > > Barney > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > -- Best regards. Hooman Fazaeli From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 01:03:18 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 072C41065672; Thu, 23 Jul 2009 01:03:18 +0000 (UTC) (envelope-from qing.li@bluecoat.com) Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by mx1.freebsd.org (Postfix) with ESMTP id D9A5E8FC13; Thu, 23 Jul 2009 01:03:17 +0000 (UTC) (envelope-from qing.li@bluecoat.com) Received: from bcs-mail03.internal.cacheflow.com ([10.2.2.95]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id n6N13HK1016131; Wed, 22 Jul 2009 18:03:17 -0700 (PDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Wed, 22 Jul 2009 18:02:20 -0700 Message-ID: In-Reply-To: <4A6469CE.4060907@restart.be> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: 8.0-BETA1 - for the record - different paths followed by IPv4 and IPv6 for 'local' connections Thread-Index: AcoJObSWT5TAEZHBQUSzJcSfFLGE8QB9xV6w References: <4A5734C3.3000806@restart.be> <4A5864DC.1070106@restart.be> <4A6469CE.4060907@restart.be> From: "Li, Qing" To: "Henri Hennebert" Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org, freebsd-stable@freebsd.org Subject: RE: 8.0-BETA1 - for the record - different paths followed by IPv4 and IPv6 for 'local' connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 01:03:18 -0000 > > > Just another case where the route must be created: >=20 That's probably because I explicitly disabled such route installation for PPP link type. Please apply patch http://people.freebsd.org/~qingli/patch and let me know if that solves your problem. Thanks, -- Qing > [root@avoriaz ~]# ifconfig gif0 > gif0: flags=3D8051 metric 0 mtu 1280 > tunnel inet 212.239.166.57 --> 94.23.44.41 > inet6 fe80::21d:60ff:fead:2ace%gif0 prefixlen 64 scopeid 0x4 > inet6 2001:41d0:2:2d29:1:ffff:: --> 2001:41d0:2:2d29:0:ffff:: > prefixlen > 128 > options=3D1 >=20 > [root@avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff:: > PING6(56=3D40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: --> > 2001:41d0:2:2d29:1:ffff:: > ^C > --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics --- > 4 packets transmitted, 0 packets received, 100.0% packet loss >=20 > [root@avoriaz ~]# route add -inet6 2001:41d0:2:2d29:1:ffff:: -interface > lo0 > add host 2001:41d0:2:2d29:1:ffff::: gateway lo0 >=20 > [root@avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff:: > PING6(56=3D40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: --> > 2001:41d0:2:2d29:1:ffff:: > 16 bytes from ::1, icmp_seq=3D0 hlim=3D64 time=3D0.531 ms > 16 bytes from ::1, icmp_seq=3D1 hlim=3D64 time=3D0.884 ms > 16 bytes from ::1, icmp_seq=3D2 hlim=3D64 time=3D0.748 ms > ^C > --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics --- > 3 packets transmitted, 3 packets received, 0.0% packet loss > round-trip min/avg/max/std-dev =3D 0.531/0.721/0.884/0.145 ms >=20 > Thanks >=20 > Henri > > > > -----Original Message----- > > From: Henri Hennebert [mailto:hlh@restart.be] > > Sent: Sat 7/11/2009 3:09 AM > > To: Li, Qing > > Cc: freebsd-stable@freebsd.org; freebsd-net@freebsd.org > > Subject: Re: 8.0-BETA1 - for the record - different paths followed by > IPv4 and IPv6 for 'local' connections > > > > Li, Qing wrote: > >> Hi, > >> > >> Please try patch-7-10 in my home directory > http://people.freebsd.org/~qingli/ > >> and let me know how it works out for you. I thought I had committed > the patch > >> but turned out I didn't. > > > > I apply the patch, reset my pf.conf to its previous content and all > is > > running smoothly. By the way, I discover after my post that my > > "solution" was not working for long (many bytes) connections and this > is > > solved too. > > > > Many thank for your time > > > > Henri > > > > PS please commit as soon as possible > > > >>> On 8.0-BETA1 there is an assymetry: > >>> > >>> netstat -rn display > >>> > >>> 192.168.24.1 link#3 > >>> .... > >>> no entry for 2001:41d0:2:2d29:1:1:: > >>> > >> This is by design as part of the new architecture in 8.0, which > maintains > >> the L2 ARP/ND6 and L3 routing tables separately. > >> > >> -- Qing > >> > >> > >> > >> -----Original Message----- > >> From: owner-freebsd-stable@freebsd.org on behalf of Henri Hennebert > >> Sent: Fri 7/10/2009 5:32 AM > >> To: freebsd-stable@freebsd.org; freebsd-st@freebsd.org > >> Subject: 8.0-BETA1 - for the record - different paths followed by > IPv4 and IPv6 for 'local' connections > >> > >> Hello, > >> > >> After upgrading from 7.2-STABLE to 8.0-BETA1 I encounter a problem > when > >> connecting with firefox to a local apache server using the global > >> unicast IPv6 address of the local machine. pf.conf must be updated! > >> > >> My configuration: > >> > >> [root@avoriaz ~]# ifconfig em0 > >> > >> em0: flags=3D8843 metric 0 mtu > 1500 > >> > options=3D19b 4> > >> ether 00:1d:60:ad:2a:ce > >> inet 192.168.24.1 netmask 0xffffff00 broadcast 192.168.24.255 > >> inet6 fe80::21d:60ff:fead:2ace%em0 prefixlen 64 scopeid 0x1 > >> inet6 2001:41d0:2:2d29:1:1:: prefixlen 80 > >> media: Ethernet 100baseTX (100baseTX ) > >> status: active > >> > >> [root@avoriaz ~]# host www.restart.bel > >> www.restart.bel is an alias for avoriaz.restart.bel. > >> avoriaz.restart.bel has address 192.168.24.1 > >> avoriaz.restart.bel has IPv6 address 2001:41d0:2:2d29:1:1:: > >> > >> pf.conf: > >> > >> int_if=3D"em0" > >> block in log all > >> block out log all > >> set skip on lo0 > >> antispoof quick for $int_if inet > >> # Allow trafic with physical internal network > >> pass in quick on $int_if from ($int_if:network) to ($int_if) keep > state > >> pass out quick on $int_if from ($int_if) to ($int_if:network) keep > state > >> > >> The problem: > >> > >> [root@avoriaz ~]# telnet -4 www.restart.bel 80 > >> Trying 192.168.24.1... > >> Connected to avoriaz.restart.bel. > >> Escape character is '^]'. > >> ^] > >> telnet> quit > >> Connection closed. > >> [root@avoriaz ~]# telnet -6 www.restart.bel 80 > >> Trying 2001:41d0:2:2d29:1:1::... > >> --->Never connect and get a timeout! > >> > >> tcpdump and logging in pf show me that > >> > >> For a IPv4 connection: > >> the packet from telnet to apache pass 2 times on lo0 (out and in) > >> the answer packet from apache to telnet pass 2 times on lo0 (out and > in) > >> > >> So no problem, there is `set skip on lo0' > >> > >> For a IPv6 connection: > >> The first packet from telnet to apache pass 2 times on lo0 (out and > in) > >> The answer packet from apache to telnet path on em0 and is rejected > >> due to the default flags S/SA. > >> > >> So I have to change pf.conf and replace the last line: > >> pass out quick on $int_if from ($int_if) to ($int_if:network) \ > >> keep state flags any > >> > >> Then all is OK > >> > >> By the way, on 7.2 > >> > >> netstat -rn display > >> > >> 192.168.24.1 00:1d:60:ad:2a:ce > >> .... > >> 2001:41d0:2:2d29:1:1:: 00:1d:60:ad:2a:ce > >> > >> > >> On 8.0-BETA1 there is an assymetry: > >> > >> netstat -rn display > >> > >> 192.168.24.1 link#3 > >> .... > >> no entry for 2001:41d0:2:2d29:1:1:: > >> > >> Hope it may help someone > >> > >> Henri > >> > >> _______________________________________________ > >> freebsd-stable@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable > >> To unsubscribe, send any mail to "freebsd-stable- > unsubscribe@freebsd.org" > >> > > > > > > _______________________________________________ > > freebsd-stable@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > > To unsubscribe, send any mail to "freebsd-stable- > unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 10:01:16 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDF41106566B; Thu, 23 Jul 2009 10:01:16 +0000 (UTC) (envelope-from hlh@restart.be) Received: from tignes.restart.be (tignes.restart.be [IPv6:2001:41d0:2:2d29:0:1::]) by mx1.freebsd.org (Postfix) with ESMTP id 74D2E8FC13; Thu, 23 Jul 2009 10:01:16 +0000 (UTC) (envelope-from hlh@restart.be) Received: from restart.be (avoriaz.tunnel.bel [IPv6:2001:41d0:2:2d29:1:ffff::]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "avoriaz.restart.be", Issuer "CA master" (verified OK)) by tignes.restart.be (Postfix) with ESMTPS id A12E965A6; Thu, 23 Jul 2009 12:01:15 +0200 (CEST) Received: from morzine.restart.bel (morzine.restart.be [IPv6:2001:41d0:2:2d29:1:2::]) (authenticated bits=0) by restart.be (8.14.3/8.14.3) with ESMTP id n6NA1BgY031894; Thu, 23 Jul 2009 12:01:12 +0200 (CEST) (envelope-from hlh@restart.be) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=restart.be; s=avoriaz; t=1248343275; bh=Gg/FZaDVotr6VdFb+7Y22mkZx8XtuyNR5dTHyHRSmU4=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=P/1G/u97WmGC71km9borv1mZ7WDySws9m3vm6NwYKXhev3RpDId/FBg1NyaaSSPun 4kHrjF/lpz98Ay1DObAuA== DomainKey-Signature: a=rsa-sha1; s=avoriaz; d=restart.be; c=nofws; q=dns; h=message-id:date:from:organization:user-agent:mime-version:to:cc: subject:references:in-reply-to:content-type: content-transfer-encoding:x-scanned-by; b=oZ/oIs2aXaMOQMW2VwYYak9hanjVAie+quJSmXOMis802/cBV2rJ4rWwLy3Mejzbd 9XvYnHHvMlJg7tjjXXCDQ== Message-ID: <4A6834E7.60704@restart.be> Date: Thu, 23 Jul 2009 12:01:11 +0200 From: Henri Hennebert Organization: RestartSoft User-Agent: Thunderbird 2.0.0.22 (X11/20090717) MIME-Version: 1.0 To: "Li, Qing" References: <4A5734C3.3000806@restart.be> <4A5864DC.1070106@restart.be> <4A6469CE.4060907@restart.be> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.64 on IPv6:2001:41d0:2:2d29:1:1:: Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org, freebsd-stable@freebsd.org Subject: [SOLVED] 8.0-BETA1 - for the record - different paths followed by IPv4 and IPv6 for 'local' connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 10:01:17 -0000 Li, Qing wrote: >> Just another case where the route must be created: >> > > That's probably because I explicitly disabled such > route installation for PPP link type. > > Please apply patch http://people.freebsd.org/~qingli/patch and > let me know if that solves your problem. The problem is solved. Thanks a lot. Henri PS. the ipv4 ping was working fine before (and after) your patch, so I don't see why you have to patch in.c > > Thanks, > > -- Qing > > > >> [root@avoriaz ~]# ifconfig gif0 >> gif0: flags=8051 metric 0 mtu 1280 >> tunnel inet 212.239.166.57 --> 94.23.44.41 >> inet6 fe80::21d:60ff:fead:2ace%gif0 prefixlen 64 scopeid 0x4 >> inet6 2001:41d0:2:2d29:1:ffff:: --> 2001:41d0:2:2d29:0:ffff:: >> prefixlen >> 128 >> options=1 >> >> [root@avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff:: >> PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: --> >> 2001:41d0:2:2d29:1:ffff:: >> ^C >> --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics --- >> 4 packets transmitted, 0 packets received, 100.0% packet loss >> >> [root@avoriaz ~]# route add -inet6 2001:41d0:2:2d29:1:ffff:: > -interface >> lo0 >> add host 2001:41d0:2:2d29:1:ffff::: gateway lo0 >> >> [root@avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff:: >> PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: --> >> 2001:41d0:2:2d29:1:ffff:: >> 16 bytes from ::1, icmp_seq=0 hlim=64 time=0.531 ms >> 16 bytes from ::1, icmp_seq=1 hlim=64 time=0.884 ms >> 16 bytes from ::1, icmp_seq=2 hlim=64 time=0.748 ms >> ^C >> --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics --- >> 3 packets transmitted, 3 packets received, 0.0% packet loss >> round-trip min/avg/max/std-dev = 0.531/0.721/0.884/0.145 ms >> >> Thanks >> >> Henri >>> -----Original Message----- >>> From: Henri Hennebert [mailto:hlh@restart.be] >>> Sent: Sat 7/11/2009 3:09 AM >>> To: Li, Qing >>> Cc: freebsd-stable@freebsd.org; freebsd-net@freebsd.org >>> Subject: Re: 8.0-BETA1 - for the record - different paths followed > by >> IPv4 and IPv6 for 'local' connections >>> Li, Qing wrote: >>>> Hi, >>>> >>>> Please try patch-7-10 in my home directory >> http://people.freebsd.org/~qingli/ >>>> and let me know how it works out for you. I thought I had committed >> the patch >>>> but turned out I didn't. >>> I apply the patch, reset my pf.conf to its previous content and all >> is >>> running smoothly. By the way, I discover after my post that my >>> "solution" was not working for long (many bytes) connections and > this >> is >>> solved too. >>> >>> Many thank for your time >>> >>> Henri >>> >>> PS please commit as soon as possible >>> >>>>> On 8.0-BETA1 there is an assymetry: >>>>> >>>>> netstat -rn display >>>>> >>>>> 192.168.24.1 link#3 >>>>> .... >>>>> no entry for 2001:41d0:2:2d29:1:1:: >>>>> >>>> This is by design as part of the new architecture in 8.0, which >> maintains >>>> the L2 ARP/ND6 and L3 routing tables separately. >>>> >>>> -- Qing >>>> >>>> >>>> >>>> -----Original Message----- >>>> From: owner-freebsd-stable@freebsd.org on behalf of Henri Hennebert >>>> Sent: Fri 7/10/2009 5:32 AM >>>> To: freebsd-stable@freebsd.org; freebsd-st@freebsd.org >>>> Subject: 8.0-BETA1 - for the record - different paths followed by >> IPv4 and IPv6 for 'local' connections >>>> Hello, >>>> >>>> After upgrading from 7.2-STABLE to 8.0-BETA1 I encounter a problem >> when >>>> connecting with firefox to a local apache server using the global >>>> unicast IPv6 address of the local machine. pf.conf must be updated! >>>> >>>> My configuration: >>>> >>>> [root@avoriaz ~]# ifconfig em0 >>>> >>>> em0: flags=8843 metric 0 > mtu >> 1500 > options=19b> 4> >>>> ether 00:1d:60:ad:2a:ce >>>> inet 192.168.24.1 netmask 0xffffff00 broadcast 192.168.24.255 >>>> inet6 fe80::21d:60ff:fead:2ace%em0 prefixlen 64 scopeid 0x1 >>>> inet6 2001:41d0:2:2d29:1:1:: prefixlen 80 >>>> media: Ethernet 100baseTX (100baseTX ) >>>> status: active >>>> >>>> [root@avoriaz ~]# host www.restart.bel >>>> www.restart.bel is an alias for avoriaz.restart.bel. >>>> avoriaz.restart.bel has address 192.168.24.1 >>>> avoriaz.restart.bel has IPv6 address 2001:41d0:2:2d29:1:1:: >>>> >>>> pf.conf: >>>> >>>> int_if="em0" >>>> block in log all >>>> block out log all >>>> set skip on lo0 >>>> antispoof quick for $int_if inet >>>> # Allow trafic with physical internal network >>>> pass in quick on $int_if from ($int_if:network) to ($int_if) keep >> state >>>> pass out quick on $int_if from ($int_if) to ($int_if:network) keep >> state >>>> The problem: >>>> >>>> [root@avoriaz ~]# telnet -4 www.restart.bel 80 >>>> Trying 192.168.24.1... >>>> Connected to avoriaz.restart.bel. >>>> Escape character is '^]'. >>>> ^] >>>> telnet> quit >>>> Connection closed. >>>> [root@avoriaz ~]# telnet -6 www.restart.bel 80 >>>> Trying 2001:41d0:2:2d29:1:1::... >>>> --->Never connect and get a timeout! >>>> >>>> tcpdump and logging in pf show me that >>>> >>>> For a IPv4 connection: >>>> the packet from telnet to apache pass 2 times on lo0 (out and in) >>>> the answer packet from apache to telnet pass 2 times on lo0 (out > and >> in) >>>> So no problem, there is `set skip on lo0' >>>> >>>> For a IPv6 connection: >>>> The first packet from telnet to apache pass 2 times on lo0 (out and >> in) >>>> The answer packet from apache to telnet path on em0 and is > rejected >>>> due to the default flags S/SA. >>>> >>>> So I have to change pf.conf and replace the last line: >>>> pass out quick on $int_if from ($int_if) to ($int_if:network) \ >>>> keep state flags any >>>> >>>> Then all is OK >>>> >>>> By the way, on 7.2 >>>> >>>> netstat -rn display >>>> >>>> 192.168.24.1 00:1d:60:ad:2a:ce >>>> .... >>>> 2001:41d0:2:2d29:1:1:: 00:1d:60:ad:2a:ce >>>> >>>> >>>> On 8.0-BETA1 there is an assymetry: >>>> >>>> netstat -rn display >>>> >>>> 192.168.24.1 link#3 >>>> .... >>>> no entry for 2001:41d0:2:2d29:1:1:: >>>> >>>> Hope it may help someone >>>> >>>> Henri >>>> >>>> _______________________________________________ >>>> freebsd-stable@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>>> To unsubscribe, send any mail to "freebsd-stable- >> unsubscribe@freebsd.org" >>> >>> _______________________________________________ >>> freebsd-stable@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>> To unsubscribe, send any mail to "freebsd-stable- >> unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 10:47:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5834E106566C for ; Thu, 23 Jul 2009 10:47:13 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from mail.giulioferro.it (mail.giulioferro.it [85.18.102.52]) by mx1.freebsd.org (Postfix) with ESMTP id 117ED8FC08 for ; Thu, 23 Jul 2009 10:47:13 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from localhost (localhost [127.0.0.1]) by mail.giulioferro.it (Postfix) with ESMTP id 9D16933CF9; Thu, 23 Jul 2009 12:50:15 +0200 (CEST) X-Virus-Scanned: amavisd-new at giulioferro.it Received: from mail.giulioferro.it ([127.0.0.1]) by localhost (aurynwork1sv1.giulioferro.it [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UvDtHrVZukyQ; Thu, 23 Jul 2009 12:50:13 +0200 (CEST) Received: from aurynmob2.giulioferro.it (localhost [127.0.0.1]) (Authenticated sender: gferro@giulioferro.it) by mail.giulioferro.it (Postfix) with ESMTP id 0112533CE7; Thu, 23 Jul 2009 12:50:13 +0200 (CEST) Message-ID: <4A683FA5.3000406@zirakzigil.org> Date: Thu, 23 Jul 2009 12:47:01 +0200 From: Giulio Ferro User-Agent: Thunderbird 2.0.0.21 (X11/20090323) MIME-Version: 1.0 To: iprebeg@freebsd.org References: <4A66E39A.8000201@zirakzigil.org> <20090722104059.GA682@valeria.zesoi.fer.hr> In-Reply-To: <20090722104059.GA682@valeria.zesoi.fer.hr> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: multicast and multiple nics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 10:47:13 -0000 Thanks for the reply. iprebeg@freebsd.org wrote: >> I want to run ushare (/usr/ports/ushare). This program sends >> multicast packets to multicast address 239.255.255.250 >> >> The packets should go to the lan, so I add the route: >> route add 224/4 -iface re0 >> >> In order to do the test I switch off the firewall (/etc/rc.d/pf stop) >> >> I start the service, but no packets can be seen leaving the interface re0 >> with tcpdump. >> > > Can you try to sniff with other machine in that lan? > Yes. Other machines can multicast without problem but nothing multicast shows originating from the freebsd box. > >> Even If I ping a multicast address directly I can see no packets at all: >> >> ping -I 192.168.2.1 239.255.255.250 >> I forgot mentioning that I can run this command from my linux box and tcpdump from the same machine show the packets going to and fro. > > Please, try to use mcastread like this > > mcastread -v4 -s 192.168.2.1 re0 239.255.255.250 1337 > mcastread -v4 -s 192.168.2.1 re0 239.255.255.250 1337 mcastread: trying 239.255.255.250 mcastread: using (S,G)=(192.168.2.1,239.255.255.250) And stays there.. > or mcastsend like this > > mcastsend -i re0 239.255.255.250 1337 > This results in an error: mcastsend: setsockopt(IP_MULTICAST_IF): Can't assign requested address Is there something else I can try? Thanks again... From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 13:07:41 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3928F1065675 for ; Thu, 23 Jul 2009 13:07:41 +0000 (UTC) (envelope-from iprebeg@freebsd.org) Received: from maja.zesoi.fer.hr (maja.zesoi.fer.hr [161.53.64.3]) by mx1.freebsd.org (Postfix) with ESMTP id BDF5A8FC29 for ; Thu, 23 Jul 2009 13:07:40 +0000 (UTC) (envelope-from iprebeg@freebsd.org) Received: from localhost (localhost [127.0.0.1]) by maja.zesoi.fer.hr (Postfix) with ESMTP id 75A5742F7E; Thu, 23 Jul 2009 15:07:36 +0200 (CEST) Received: from maja.zesoi.fer.hr ([127.0.0.1]) by localhost (maja.zesoi.fer.hr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rIUke+Z2a-xj; Thu, 23 Jul 2009 15:07:30 +0200 (CEST) Received: from valeria.zesoi.fer.hr (valeria.zesoi.fer.hr [161.53.64.29]) by maja.zesoi.fer.hr (Postfix) with ESMTP id 177BA42FCF; Thu, 23 Jul 2009 15:07:16 +0200 (CEST) Date: Thu, 23 Jul 2009 15:01:03 +0200 From: iprebeg@freebsd.org To: Giulio Ferro Message-ID: <20090723130103.GA2938@valeria.zesoi.fer.hr> References: <4A66E39A.8000201@zirakzigil.org> <20090722104059.GA682@valeria.zesoi.fer.hr> <4A683FA5.3000406@zirakzigil.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4A683FA5.3000406@zirakzigil.org> User-Agent: Mutt/1.5.16 (2007-06-09) Cc: freebsd-net@freebsd.org Subject: Re: multicast and multiple nics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 13:07:41 -0000 On Thu, Jul 23, 2009 at 12:47:01PM +0200, Giulio Ferro wrote: > Thanks for the reply. > > iprebeg@freebsd.org wrote: >>> I want to run ushare (/usr/ports/ushare). This program sends >>> multicast packets to multicast address 239.255.255.250 >>> >>> The packets should go to the lan, so I add the route: >>> route add 224/4 -iface re0 >>> >>> In order to do the test I switch off the firewall (/etc/rc.d/pf stop) >>> >>> I start the service, but no packets can be seen leaving the interface re0 >>> with tcpdump. >>> >> >> Can you try to sniff with other machine in that lan? >> > > Yes. Other machines can multicast without problem but nothing > multicast shows originating from the freebsd box. >> >>> Even If I ping a multicast address directly I can see no packets at all: >>> >>> ping -I 192.168.2.1 239.255.255.250 >>> > I forgot mentioning that I can run this command from my linux box > and tcpdump from the same machine show the packets going to and fro. > >> >> Please, try to use mcastread like this >> >> mcastread -v4 -s 192.168.2.1 re0 239.255.255.250 1337 >> > mcastread -v4 -s 192.168.2.1 re0 239.255.255.250 1337 > mcastread: trying 239.255.255.250 > mcastread: using (S,G)=(192.168.2.1,239.255.255.250) > > And stays there.. It is ok for mcastread to stay like this, but in normal situation, you should see two IGMPv3 reports leaving re0. Maybe it is related to re driver. Can you try the same on adapter that uses different driver? > >> or mcastsend like this >> >> mcastsend -i re0 239.255.255.250 1337 >> > This results in an error: > mcastsend: setsockopt(IP_MULTICAST_IF): Can't assign requested address > > You can use it without "-i re0" part and maybe experiment with and without routes. > Is there something else I can try? > > Thanks again... You're most welcome. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 15:27:51 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4BD0F106568E for ; Thu, 23 Jul 2009 15:27:51 +0000 (UTC) (envelope-from lucian@lastdot.org) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.158]) by mx1.freebsd.org (Postfix) with ESMTP id E1DAA8FC1A for ; Thu, 23 Jul 2009 15:27:50 +0000 (UTC) (envelope-from lucian@lastdot.org) Received: by fg-out-1718.google.com with SMTP id l26so1182657fgb.12 for ; Thu, 23 Jul 2009 08:27:50 -0700 (PDT) MIME-Version: 1.0 Received: by 10.86.30.17 with SMTP id d17mr1988214fgd.30.1248361074769; Thu, 23 Jul 2009 07:57:54 -0700 (PDT) Date: Thu, 23 Jul 2009 15:57:54 +0100 Message-ID: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> From: "Lucian@lastdot.org" To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 15:27:51 -0000 Hi guys, I need to change the default source address on a freebsd server. My situation is somehow similar to this (http://marc.info/?l=freebsd-questions&m=122535960804508&w=2). In linux i can easily do it like: ip ro replace default via 10.10.10.1 src a.b.c.d (where a.b.c.d is em0 alias). Any ideas? From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 16:04:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE8E81065673 for ; Thu, 23 Jul 2009 16:04:13 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outE.internet-mail-service.net (oute.internet-mail-service.net [216.240.47.228]) by mx1.freebsd.org (Postfix) with ESMTP id B69368FC19 for ; Thu, 23 Jul 2009 16:04:13 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 9F12BB98A9; Thu, 23 Jul 2009 09:04:49 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 670DF2D6018; Thu, 23 Jul 2009 09:04:13 -0700 (PDT) Message-ID: <4A6889FF.2020703@elischer.org> Date: Thu, 23 Jul 2009 09:04:15 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: "Lucian@lastdot.org" References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> In-Reply-To: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 16:04:14 -0000 Lucian@lastdot.org wrote: > Hi guys, > > I need to change the default source address on a freebsd server. > My situation is somehow similar to this > (http://marc.info/?l=freebsd-questions&m=122535960804508&w=2). > In linux i can easily do it like: > > ip ro replace default via 10.10.10.1 src a.b.c.d (where a.b.c.d is em0 alias). > > Any ideas? > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" The source address used in most cases is the address of the interface through which the packet will be exiting the system. you MAY be able to do something with natd but anything you do there would have limitations. A diagram of your problem would help.. I had trouble visualizing what is happening now and what you want to happen. From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 16:27:19 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BDDFC106566B for ; Thu, 23 Jul 2009 16:27:19 +0000 (UTC) (envelope-from psteele@webmail.maxiscale.com) Received: from k2smtpout06-01.prod.mesa1.secureserver.net (k2smtpout06-01.prod.mesa1.secureserver.net [64.202.189.102]) by mx1.freebsd.org (Postfix) with SMTP id 8E7DA8FC08 for ; Thu, 23 Jul 2009 16:27:19 +0000 (UTC) (envelope-from psteele@webmail.maxiscale.com) Received: (qmail 25120 invoked from network); 23 Jul 2009 15:58:11 -0000 Received: from unknown (HELO owa.webmail.maxiscale.com) (72.167.52.135) by k2smtpout06-01.prod.mesa1.secureserver.net (64.202.189.102) with ESMTP; 23 Jul 2009 15:58:11 -0000 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/related; boundary="----_=_NextPart_001_01CA0BAF.0AE74E16"; type="multipart/alternative" Date: Thu, 23 Jul 2009 08:58:07 -0700 Message-ID: X-MS-Has-Attach: yes X-MS-TNEF-Correlator: Thread-Topic: nfe taskq performance issues Thread-Index: AcoLrl6qpviDJaoaRFaDGMkojP3VIQ== From: "Peter Steele" To: X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: nfe taskq performance issues X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 16:27:20 -0000 This is a multi-part message in MIME format. ------_=_NextPart_001_01CA0BAF.0AE74E16 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable We've been hitting serious nfe taskq performance issues during stress tests and in doing some research on the problem we came across this old email: =20 From: Ivan Voras Date: April 28, 2009 3:53:14 AM PDT To: freebsd-threads@freebsd.org Cc: freebsd-net@freebsd.org, freebsd-performance@freebsd.org Subject: Re: FreeBSD 7.1 taskq em performance > > I have been hitting some barrier with FreeBSD 7.1 network performance. I > have written an application which contains two kernel threads that takes > mbufs directly from a network interface and forwards to another network > interface. This idea is to simulate different network environment. > > I have been using FreeBSD 6.4 amd64 and tested with an Ixia box > (specialised hardware firing very high packet rate). The PC was a Core2 2.6 > GHz with dual ports Intel PCIE Gigabit network card. It can manage up to 1.2 > million pps. > > I have a higher spec PC with FreeBSD 7.1 amd64 and Quadcore 2.3 GHz and > PCIE Gigabit network card. The performance can only achieve up to 600k pps. > I notice the 'taskq em0' and 'taskq em1' is solid 100% CPU but it is not in > FreeBSD 6.4.=20 =20 In our case we are running FreeBSD 7.0, but we are seeing our boxes experience serious thread starvation issues as the nfe0 cpu percentage climbs steadily while cpu idle time drops at times to 0 percent. This email thread mentioned a patch for the em driver here: =20 http://people.yandex-team.ru/~wawa/=20 =20 =20 Does anyone know if this patch will work with the nfe driver? =20 ------_=_NextPart_001_01CA0BAF.0AE74E16-- From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 18:54:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 68DA9106566C for ; Thu, 23 Jul 2009 18:54:13 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com [66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id 3D1518FC13 for ; Thu, 23 Jul 2009 18:54:13 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 6381E3ACFB4; Thu, 23 Jul 2009 14:54:12 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Thu, 23 Jul 2009 14:54:12 -0400 X-Sasl-enc: qV72+YNbDoTbj7xSsX6dBCDvprM85JLfJEuhxobSfISf 1248375252 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id D0162B60E; Thu, 23 Jul 2009 14:54:11 -0400 (EDT) Message-ID: <4A68B1D2.5080201@incunabulum.net> Date: Thu, 23 Jul 2009 19:54:10 +0100 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: "Lucian@lastdot.org" References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> In-Reply-To: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 18:54:13 -0000 Lucian@lastdot.org wrote: > Hi guys, > > I need to change the default source address on a freebsd server. > My situation is somehow similar to this > (http://marc.info/?l=freebsd-questions&m=122535960804508&w=2). > In linux i can easily do it like: > > ip ro replace default via 10.10.10.1 src a.b.c.d (where a.b.c.d is em0 alias). > There is preliminary source address policy/selection support in the network stack, from KAME, however it is not currently fully implemented for IPv4. Most users just bind their daemons to different interface addresses. As Julian points out, you could use a packet filter (e.g. PF, IPFW) to change the source address for your traffic, but I suspect you want a socket-layer solution. If your applications can't be told to use different interface addresses, then this is the quickest way to achieve what you want. However, volunteers to finish the source address selection support, are more than welcome. thanks, BMS From owner-freebsd-net@FreeBSD.ORG Thu Jul 23 20:42:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 736291065686 for ; Thu, 23 Jul 2009 20:42:13 +0000 (UTC) (envelope-from if@xip.at) Received: from chile.gbit.at (ns1.xip.at [193.239.188.99]) by mx1.freebsd.org (Postfix) with ESMTP id AD7BA8FC1F for ; Thu, 23 Jul 2009 20:42:11 +0000 (UTC) (envelope-from if@xip.at) Received: (qmail 30177 invoked from network); 23 Jul 2009 22:15:30 +0200 Received: from unknown (HELO filebunker.xip.at) (86.59.10.180) by chile.gbit.at with (DHE-RSA-AES256-SHA encrypted) SMTP; 23 Jul 2009 22:15:30 +0200 Date: Thu, 23 Jul 2009 22:15:25 +0200 (CEST) From: Ingo Flaschberger To: freebsd-net@freebsd.org Message-ID: User-Agent: Alpine 1.10 (LFD 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII Cc: vanhu@FreeBSD.org Subject: natt (again) in 7.2 stable and a forticlient X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jul 2009 20:42:13 -0000 Dear Yvan, I have tried to get natt at freebsd 7.2 stable with your patch http://people.freebsd.org/~vanhu/NAT-T/patch-natt-7.2-2009-05-12.diff and ipsec-tools 0.7.2 and 0.8-alpha20090525+natt running, but have no success. negotiation works, but traffic from forticlient gives esp_input_cb: authentication hash mismatch for packet in SA x.x.x.x/009320d9 error. Also there is no traffic seen incoming at the forticlient, but leaves the freebsd-box. I have tried to figure out changes at freebsd 8.0 and the patchset http://people.freebsd.org/~bz/20090523-04-natt.diff, but that is at some places new code. Do you have any idea what breaks? Will it work at 8.0? and does it make sense to go with 8.0? (have seen some other ipsec patches from you that address stability) Kind regards, Ingo Flaschberger From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 01:17:52 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CA2431065673 for ; Fri, 24 Jul 2009 01:17:52 +0000 (UTC) (envelope-from bob@veznat.com) Received: from mail.ttora.com (mail.ttora.com [208.75.243.236]) by mx1.freebsd.org (Postfix) with ESMTP id 8C0738FC21 for ; Fri, 24 Jul 2009 01:17:52 +0000 (UTC) (envelope-from bob@veznat.com) DomainKey-Signature: s=two; d=veznat.com; c=nofws; q=dns; h=X-MID:X-IronPort-AV:X-IronPort-AV:Received:User-Agent: Date:Subject:From:To:Message-ID:Thread-Topic:Thread-Index: Mime-version:Content-type:Content-transfer-encoding; b=EauEGnMlEDHHekQqyZTfDE5aKToxXdN4086m4c8nGkXmbbhgv24zqdp0 AVtN9TJ5k3SrhLXJOInY/kkroXVWFFFHbbKhjEbLl1HAMn4G2yTmae1Cj KJ51/tweqyzjfgh6bg2ueDmKxi1DGI/AbCYRwQNmzPWZAq6L+w926uPNA 0=; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=veznat.com; i=bob@veznat.com; q=dns/txt; s=one; t=1248398272; x=1279934272; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Bob=20Van=20Zant=20|Subject:=20I Pv6=20traffic=20between=20two=20hosts=20not=20flowing |Date:=20Thu,=2023=20Jul=202009=2017:48:57=20-0700 |Message-ID:=20|To:=20|Mime-version:=201.0 |Content-transfer-encoding:=207bit; bh=SUikLw3/R3V072drfIjjmkAyq8Dt2R6u/gzC3FTnD+s=; b=fX/w84AA5ixe2rEsa3tTF/+AjQ+hMkaCTORsY1t3OKyxQCXPoB4IiJoQ yhc+VcXa+W1/j8MFGpi3ULk8wQk9PpeitIg9CGb8tlzwuGAW2rmhOWj8q bg+BWI/nAopY+agWLwh+AR7t+pMFuT0GCL9uXvQqbivmQPp8WmB41rEU0 M=; X-MID: 1902940 X-IronPort-AV: E=McAfee;i="5300,2777,5686"; a="1902940" X-IronPort-AV: E=Sophos;i="4.43,259,1246863600"; d="scan'208";a="1902940" Received: from nat.ironport.com (HELO [173.37.10.6]) ([63.251.108.100]) by mail.ttora.com with ESMTP/TLS/DES-CBC3-SHA; 23 Jul 2009 17:48:58 -0700 User-Agent: Microsoft-Entourage/12.12.0.080729 Date: Thu, 23 Jul 2009 17:48:57 -0700 From: Bob Van Zant To: Message-ID: Thread-Topic: IPv6 traffic between two hosts not flowing Thread-Index: AcoL+IaCeBnvenUg6U2lUml8wYlcfg== Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: IPv6 traffic between two hosts not flowing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 01:17:53 -0000 I have 2 FreeBSD machines each with 3 ethernet interfaces each with an IPv6 address. Here's a table showing how the two machines are connected. To try to blame the switch or its configuration I have tried directly connecting the machines. The results were the same. 6.3 4948 6.2 --- ---- --- fxp0 em2 fc00:dada::47 fc00:dada::2 bge0 em0 fc00:dada:1::47 fc00:dada:1::2 bge1 em1 fc00:dada:2::47 fc00:dada:2::2 Traffic from fxp0 to em2 works fine. bge0 to em0 and bge1 to em1 doesn't work as I'll explain below and is the reason I'm writing to the list. This host is able to communicate with it's IPv6 neighbor over the fxp0 interface, however, neither of the bge interfaces are able to communicate with their peers. ndp(8) output on the 6.3 machine (with bge interfaces) seems to highlight something weird. In addition to the errors occurring, the Netif column for fc00:dada:1::47 shows fxp0. ifconfig shows that address on bge0. The same is true for fc00:dada:2::47; in ndp it shows up on fxp0 but ifconfig thinks it's on bge1 (it should be). The linklayer address being "(incomplete)" also seems weird given that this is a normal ethernet interface on the local machine. $ ndp -an Neighbor Linklayer Address Netif Expire S Flags fc00:dada::2 0:e:c:b4:13:8f fxp0 22h38m10s S R fc00:dada::47 0:2:b3:e7:4a:56 fxp0 permanent R ndp: ioctl(SIOCGNBRINFO_IN6): Invalid argument ndp: failed to get neighbor information fc00:dada:1::47 (incomplete) fxp0 ndp: ioctl(SIOCGNBRINFO_IN6): Invalid argument ndp: failed to get neighbor information fc00:dada:2::47 (incomplete) fxp0 fe80::20d:56ff:fe70:a9ae%bge0 0:d:56:70:a9:ae bge0 permanent R fe80::20d:56ff:fe70:a9af%bge1 0:d:56:70:a9:af bge1 permanent R fe80::202:b3ff:fee7:4a56%fxp0 0:2:b3:e7:4a:56 fxp0 permanent R Output from ifmcstat looks correct to me (mostly the same as fxp0 but with the appropriate addresses different). I did find this message in the logfile at least once: nd6_storelladdr: sdl_alen == 0 If I do a ping6 in between the two hosts and then run tcpdump on either of the bge interfaces I can see neighbor discovery traffic going back and forth. If the ping is from the bge interface to the corresponding em interface then all I ever see is the NDP traffic. If the ping is from the em interface to the corresponding bge interface then I see a normal solicitation and advertisement followed by ICMP echo requests (there are never any replies). The 6.2 machine's ndp cache looks correct. The 6.3 machine's ndp cache is the one pasted above. I feel like I'm just rambling here and not necessarily putting together a sane question. If this is making sense to anyone and it isn't immediately obvious what's going on please ask me some follow up questions. In addition to all of this, after what appears to be about an hour of sending ping packets that go nowhere and pulling interfaces in and out of promiscuous mode (tcpdump) the system appears to deadlock. I don't have any proof that it's deadlock other than a completely unresponsive box that needs to have the power cable removed. It's happened twice so far this afternoon. Thanks for reading this far, Bob From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 04:32:26 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 514C3106566B for ; Fri, 24 Jul 2009 04:32:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outA.internet-mail-service.net (outa.internet-mail-service.net [216.240.47.224]) by mx1.freebsd.org (Postfix) with ESMTP id 36BC98FC0C for ; Fri, 24 Jul 2009 04:32:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 5798EADA67; Thu, 23 Jul 2009 21:32:25 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id D41592D6017; Thu, 23 Jul 2009 21:32:24 -0700 (PDT) Message-ID: <4A69395B.4020604@elischer.org> Date: Thu, 23 Jul 2009 21:32:27 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Bob Van Zant References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: IPv6 traffic between two hosts not flowing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 04:32:26 -0000 Bob Van Zant wrote: > I have 2 FreeBSD machines each with 3 ethernet interfaces each with an IPv6 > address. > > Here's a table showing how the two machines are connected. To try to blame > the switch or its configuration I have tried directly connecting the > machines. The results were the same. > > 6.3 4948 6.2 > --- ---- --- > fxp0 em2 > fc00:dada::47 fc00:dada::2 > > bge0 em0 > fc00:dada:1::47 fc00:dada:1::2 > > bge1 em1 > fc00:dada:2::47 fc00:dada:2::2 > > Traffic from fxp0 to em2 works fine. > bge0 to em0 and bge1 to em1 doesn't work as I'll explain below and is the > reason I'm writing to the list. > > > This host is able to communicate with it's IPv6 neighbor over the fxp0 > interface, however, neither of the bge interfaces are able to communicate > with their peers. > > ndp(8) output on the 6.3 machine (with bge interfaces) seems to highlight > something weird. In addition to the errors occurring, the Netif column for > fc00:dada:1::47 shows fxp0. ifconfig shows that address on bge0. The same is > true for fc00:dada:2::47; in ndp it shows up on fxp0 but ifconfig thinks > it's on bge1 (it should be). The linklayer address being "(incomplete)" also > seems weird given that this is a normal ethernet interface on the local > machine. I'm going to guess that if the other connections were disconnected, the 2nd and 3rd pairs would work. I'm also guessing that if you closely look at the data between the 2nd and 3rd pairs you will somewhere see the addresses of the first pair in there. FreeBSD has often suffered when trying to run connections in parallel, even in IPV4. I believe this has been fixed in 8.x to some extent.. > > > $ ndp -an > Neighbor Linklayer Address Netif Expire S > Flags > fc00:dada::2 0:e:c:b4:13:8f fxp0 22h38m10s S R > fc00:dada::47 0:2:b3:e7:4a:56 fxp0 permanent R > ndp: ioctl(SIOCGNBRINFO_IN6): Invalid argument > ndp: failed to get neighbor information > fc00:dada:1::47 (incomplete) fxp0 > ndp: ioctl(SIOCGNBRINFO_IN6): Invalid argument > ndp: failed to get neighbor information > fc00:dada:2::47 (incomplete) fxp0 > fe80::20d:56ff:fe70:a9ae%bge0 0:d:56:70:a9:ae bge0 permanent R > fe80::20d:56ff:fe70:a9af%bge1 0:d:56:70:a9:af bge1 permanent R > fe80::202:b3ff:fee7:4a56%fxp0 0:2:b3:e7:4a:56 fxp0 permanent R > > > Output from ifmcstat looks correct to me (mostly the same as fxp0 but with > the appropriate addresses different). > > I did find this message in the logfile at least once: > > nd6_storelladdr: sdl_alen == 0 > > > If I do a ping6 in between the two hosts and then run tcpdump on either of > the bge interfaces I can see neighbor discovery traffic going back and > forth. but not correct probably or it would be stored in the Link Level tables. > > If the ping is from the bge interface to the corresponding em interface then > all I ever see is the NDP traffic. > > If the ping is from the em interface to the corresponding bge interface then > I see a normal solicitation and advertisement followed by ICMP echo requests > (there are never any replies). The 6.2 machine's ndp cache looks correct. > The 6.3 machine's ndp cache is the one pasted above. > > > I feel like I'm just rambling here and not necessarily putting together a > sane question. If this is making sense to anyone and it isn't immediately > obvious what's going on please ask me some follow up questions. > > In addition to all of this, after what appears to be about an hour of > sending ping packets that go nowhere and pulling interfaces in and out of > promiscuous mode (tcpdump) the system appears to deadlock. I don't have any > proof that it's deadlock other than a completely unresponsive box that needs > to have the power cable removed. It's happened twice so far this afternoon. > > Thanks for reading this far, if you had an 8.x image, you might try it there.. and a 6.2<->6.2 and 6.3<->6.3 boot as well probably the person you want to actually speak with is Qing Li > > Bob > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 04:42:07 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0312C1065670 for ; Fri, 24 Jul 2009 04:42:07 +0000 (UTC) (envelope-from jamie.ostrowski@gmail.com) Received: from mail-fx0-f218.google.com (mail-fx0-f218.google.com [209.85.220.218]) by mx1.freebsd.org (Postfix) with ESMTP id 7A9EF8FC1C for ; Fri, 24 Jul 2009 04:42:06 +0000 (UTC) (envelope-from jamie.ostrowski@gmail.com) Received: by fxm18 with SMTP id 18so1200313fxm.43 for ; Thu, 23 Jul 2009 21:42:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=/XFtLGrEzyevgM8UXvewG6iBdeX8TLIZNuLIcdgBd3s=; b=JCvstxn9Y/2b4oLN/EPvPfnuv1hwWs+ht573vrmo3LFjPoFAOT2C4vqAgoaZ5Y0Mlu rdn28WLBW4mdNfos1mnV4TcMle2A8x0LKa9Ob77yG0VHxFMXj40+HGt4LC17KkJlC7JU RfNQJybMe7CE+hNdLh30XEUPIkYJ1wI8ROe5c= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=ot1+XBlM9FyJLjdpfxfcYD80Vax0CQOTi/kp92GOMCVo/hKD0lNaRKY5mVQtJYQoEp +N0LOYqW4NzH0ZKNMxcKzASgETmZ5IQFkUwOIVACP+6bmZTqKBlHpKo595mMUNQGUJL+ V2bfLz/pCHt86czHU7M/itRnBalepewo0jjHI= MIME-Version: 1.0 Received: by 10.204.119.71 with SMTP id y7mr2786609bkq.16.1248408883922; Thu, 23 Jul 2009 21:14:43 -0700 (PDT) In-Reply-To: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> Date: Thu, 23 Jul 2009 23:14:43 -0500 Message-ID: <29ae62fc0907232114r2afb9dc8y966a22db6d3236bc@mail.gmail.com> From: Jamie Ostrowski To: "Lucian@lastdot.org" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 04:42:07 -0000 On Thu, Jul 23, 2009 at 9:57 AM, Lucian@lastdot.org wrote: > Hi guys, > > I need to change the default source address on a freebsd server. > My situation is somehow similar to this > (http://marc.info/?l=freebsd-questions&m=122535960804508&w=2). > In linux i can easily do it like: > > ip ro replace default via 10.10.10.1 src a.b.c.d (where a.b.c.d is em0 > alias). > > Any ideas? > There may technically be a way to do this. If you set your default route to the gateway of your secondary network assigned to your card, it will actually change the source ip of your packets to be coming from the machine. For example, let's say I've got my nic configured like this: fxp1: 172.16.1.5 netmask 255.255.255.0 fxp1_alias0: 192.168.0.2 255.255.255.0 If I do: route delete default route add default 192.168.0.1 The machine will send all the packets bound for any default address out the interface 192.168.0.2 to 192.168.0.1, and it will show up on the other end of the connection coming from that address, rather than 172.16.1.5. Of course, that will only work if, in your case, your secondary ip address you want to use is on a different subnet than your primary on the machine. Since you didn't specify, I'm making that assumption. Depending on your application, your mileage will vary. - Jamie > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 04:51:45 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A5E731065676 for ; Fri, 24 Jul 2009 04:51:45 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outP.internet-mail-service.net (outp.internet-mail-service.net [216.240.47.239]) by mx1.freebsd.org (Postfix) with ESMTP id 88A828FC1A for ; Fri, 24 Jul 2009 04:51:45 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 24D2DADA67; Thu, 23 Jul 2009 21:51:45 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id CF09A2D6006; Thu, 23 Jul 2009 21:51:44 -0700 (PDT) Message-ID: <4A693DE2.3050905@elischer.org> Date: Thu, 23 Jul 2009 21:51:46 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Jamie Ostrowski References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> <29ae62fc0907232114r2afb9dc8y966a22db6d3236bc@mail.gmail.com> In-Reply-To: <29ae62fc0907232114r2afb9dc8y966a22db6d3236bc@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, "Lucian@lastdot.org" Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 04:51:45 -0000 Jamie Ostrowski wrote: > On Thu, Jul 23, 2009 at 9:57 AM, Lucian@lastdot.org wrote: > >> Hi guys, >> >> I need to change the default source address on a freebsd server. >> My situation is somehow similar to this >> (http://marc.info/?l=freebsd-questions&m=122535960804508&w=2). >> In linux i can easily do it like: >> >> ip ro replace default via 10.10.10.1 src a.b.c.d (where a.b.c.d is em0 >> alias). >> >> Any ideas? >> > > > There may technically be a way to do this. If you set your default route > to the gateway of your secondary network assigned to your card, it will > actually change the source ip of your packets to be coming from the machine. > > > For example, let's say I've got my nic configured like this: > > fxp1: 172.16.1.5 netmask 255.255.255.0 > fxp1_alias0: 192.168.0.2 255.255.255.0 > > If I do: > > route delete default > route add default 192.168.0.1 > > The machine will send all the packets bound for any default address out > the interface 192.168.0.2 to 192.168.0.1, and it will show up on the other > end of the connection coming from that address, rather than 172.16.1.5. > > Of course, that will only work if, in your case, your secondary ip address > you want to use is on a different subnet than your primary on the machine. > Since you didn't specify, I'm making that assumption. > > Depending on your application, your mileage will vary. you could set up 2 routing tables and assign different apps to use different tables. > > > - Jamie > > > > > > > > > > > >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 08:29:18 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0C2C0106564A for ; Fri, 24 Jul 2009 08:29:18 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: from smtp.zeninc.net (smtp.zeninc.net [80.67.176.25]) by mx1.freebsd.org (Postfix) with ESMTP id B846C8FC18 for ; Fri, 24 Jul 2009 08:29:17 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: from astro.zen.inc (astro.zen.inc [192.168.1.239]) by smtp.zeninc.net (smtpd) with ESMTP id 0D3472798B8; Fri, 24 Jul 2009 10:29:16 +0200 (CEST) Received: by astro.zen.inc (Postfix, from userid 1000) id 0748B1702F; Fri, 24 Jul 2009 10:29:15 +0200 (CEST) Date: Fri, 24 Jul 2009 10:29:15 +0200 From: VANHULLEBUS Yvan To: Ingo Flaschberger Message-ID: <20090724082915.GA93467@zeninc.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: All mail clients suck. This one just sucks less. Cc: freebsd-net@freebsd.org Subject: Re: natt (again) in 7.2 stable and a forticlient X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 08:29:18 -0000 On Thu, Jul 23, 2009 at 10:15:25PM +0200, Ingo Flaschberger wrote: > Dear Yvan, Hi. > I have tried to get natt at freebsd 7.2 stable with your patch > http://people.freebsd.org/~vanhu/NAT-T/patch-natt-7.2-2009-05-12.diff > and ipsec-tools 0.7.2 and 0.8-alpha20090525+natt running, > but have no success. http://people.freebsd.org/~vanhu/NAT-T/patch-natt-7.2-2009-05-12.diff will work with ipsec-tools 0.7.2 but NOT with 0.8-alpha20090525+natt. > negotiation works, but traffic from forticlient gives > esp_input_cb: authentication hash mismatch for packet in SA x.x.x.x/009320d9 > error. Strange.... does this work with the same forticlient but without NAT-T ? > Also there is no traffic seen incoming at the forticlient, but leaves the > freebsd-box. Are you sure you don't have "something strange" on your network ? For example an old an ugly "IKE proxy" which would tries to "fix" traffic coming through UDP 500 ? Can you check what version of NAT-T is used by your forticlient ? By default, ipsec-tools will announce support for RFC and drafts 00/01 (we'll have to change that to only announce RFC by default). If forticlient announces/choices drafts 00/01, and if there is some kind of IKE proxy on the way, it will probably just won't work (and may explain authentication hashs mismatches....). > I have tried to figure out changes at freebsd 8.0 and the patchset > http://people.freebsd.org/~bz/20090523-04-natt.diff, but that is at some > places new code. Thare are some changes, but basically, the code does the same thing (but it does it in a cleaner way :-) ). > Do you have any idea what breaks? > Will it work at 8.0? and does it make sense to go with 8.0? > (have seen some other ipsec patches from you that address stability) You can also try 8.0 with a recent ipsec-tools HEAD, but I guess you'll have the same result. Yvan. From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 09:02:55 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CC987106566C for ; Fri, 24 Jul 2009 09:02:55 +0000 (UTC) (envelope-from lapo@lapo.it) Received: from andxor.it (relay.andxor.it [195.223.2.3]) by mx1.freebsd.org (Postfix) with SMTP id 1B7A38FC0A for ; Fri, 24 Jul 2009 09:02:54 +0000 (UTC) (envelope-from lapo@lapo.it) Received: (qmail 68386 invoked from network); 24 Jul 2009 08:36:14 -0000 Received: from unknown (HELO lapo.andxor.it) (192.168.2.22) by andxor.it with SMTP; 24 Jul 2009 08:36:14 -0000 Message-ID: <4A69727E.2010206@lapo.it> Date: Fri, 24 Jul 2009 10:36:14 +0200 From: Lapo Luchini User-Agent: Thunderbird 2.0.0.22 (X11/20090722) MIME-Version: 1.0 To: freebsd-net@freebsd.org References: In-Reply-To: X-Enigmail-Version: 0.96.0 OpenPGP: id=C8F252FB Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: rea-fbsd@codelabs.ru Subject: error creating stf1 [Was: using 6to4 on two different IPv4 addresses] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 09:02:56 -0000 Lapo Luchini wrote: > % sudo ifconfig stf1 create > ifconfig: SIOCIFCREATE: Invalid argument > > I guess the kernel is hardwired to support only one stf interface? > > "man stf" states: > Each stf interface is created at runtime using interface cloning. > This is most easily done with the ifconfig(8) create command or > using the cloned_interfaces variable in rc.conf(5). I think this is either a bug or a documentation bug: if it's supposed to be able to create only one interface, then "Each stf interface is created" should probably be changed to something like "The one and only stf interface is created" ... else "ifconfig create" should work as stated. Mhh, Eygene Ryabinkin in message http://lists.freebsd.org/pipermail/freebsd-net/2009-July/022456.html states that "stf(4) is essentially a singleton interface", in that case I guess it's the man that should be patched (to remove that "each") and maybe support for aliases should be added. -- Lapo Luchini - http://lapo.it/ From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 11:37:17 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DD2BC1065673 for ; Fri, 24 Jul 2009 11:37:17 +0000 (UTC) (envelope-from vova@sw.ru) Received: from relay.sw.ru (mailhub.sw.ru [195.214.232.25]) by mx1.freebsd.org (Postfix) with ESMTP id 4ACF28FC1C for ; Fri, 24 Jul 2009 11:37:17 +0000 (UTC) (envelope-from vova@sw.ru) Received: from vbook.fbsd.ru ([10.30.1.111]) (authenticated bits=0) by relay.sw.ru (8.13.4/8.13.4) with ESMTP id n6OB8QBH015075 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 24 Jul 2009 15:08:28 +0400 (MSD) Received: from vova by vbook.fbsd.ru with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1MUIdW-0000Vn-Mf; Fri, 24 Jul 2009 15:08:26 +0400 From: Vladimir Grebenschikov To: Julian Elischer In-Reply-To: <4A693DE2.3050905@elischer.org> References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> <29ae62fc0907232114r2afb9dc8y966a22db6d3236bc@mail.gmail.com> <4A693DE2.3050905@elischer.org> Content-Type: text/plain Content-Transfer-Encoding: 7bit Date: Fri, 24 Jul 2009 15:08:26 +0400 Message-Id: <1248433706.1678.13.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.26.3 FreeBSD GNOME Team Port Sender: Vladimir Grebenschikov Cc: freebsd-net@freebsd.org, Jamie Ostrowski , "Lucian@lastdot.org" Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: vova@fbsd.ru List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 11:37:18 -0000 Hi > you could set up 2 routing tables and assign different apps to use > different tables Is it possible to select routing table by ipfw setfib X ? someting like: ipfw add setfib 1 ip from a.b.c.d to any out xmit em0 setfib 1 route add default 10.10.10.1 PS: you may need to compile kernel with options ROUTETABLES=2 PPS: why there is not sysctl way to specify number of routing tables ? -- Vladimir B. Grebenschikov vova@fbsd.ru From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 12:06:16 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 046BF10656C3 for ; Fri, 24 Jul 2009 12:06:15 +0000 (UTC) (envelope-from if@xip.at) Received: from chile.gbit.at (ns1.xip.at [193.239.188.99]) by mx1.freebsd.org (Postfix) with ESMTP id 411308FC25 for ; Fri, 24 Jul 2009 12:06:14 +0000 (UTC) (envelope-from if@xip.at) Received: (qmail 15949 invoked from network); 24 Jul 2009 14:06:12 +0200 Received: from unknown (HELO filebunker.xip.at) (86.59.10.180) by chile.gbit.at with (DHE-RSA-AES256-SHA encrypted) SMTP; 24 Jul 2009 14:06:12 +0200 Date: Fri, 24 Jul 2009 14:06:11 +0200 (CEST) From: Ingo Flaschberger To: VANHULLEBUS Yvan In-Reply-To: <20090724082915.GA93467@zeninc.net> Message-ID: References: <20090724082915.GA93467@zeninc.net> User-Agent: Alpine 1.10 (LFD 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: natt (again) in 7.2 stable and a forticlient X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 12:06:20 -0000 Dear Yvan, >> I have tried to get natt at freebsd 7.2 stable with your patch >> http://people.freebsd.org/~vanhu/NAT-T/patch-natt-7.2-2009-05-12.diff >> and ipsec-tools 0.7.2 and 0.8-alpha20090525+natt running, >> but have no success. > > http://people.freebsd.org/~vanhu/NAT-T/patch-natt-7.2-2009-05-12.diff > will work with ipsec-tools 0.7.2 but NOT with 0.8-alpha20090525+natt. seems to work with both versions. >> negotiation works, but traffic from forticlient gives >> esp_input_cb: authentication hash mismatch for packet in SA x.x.x.x/009320d9 >> error. > > Strange.... does this work with the same forticlient but without NAT-T ? yes. >> Also there is no traffic seen incoming at the forticlient, but leaves the >> freebsd-box. > > Are you sure you don't have "something strange" on your network ? > For example an old an ugly "IKE proxy" which would tries to "fix" > traffic coming through UDP 500 ? > > Can you check what version of NAT-T is used by your forticlient ? "draft" If I use rfc-version of http://shrew.net/ ipsec-client (2.1.5-rc-2) nat-t works. > By default, ipsec-tools will announce support for RFC and drafts 00/01 > (we'll have to change that to only announce RFC by default). I will try that. > If forticlient announces/choices drafts 00/01, and if there is some > kind of IKE proxy on the way, it will probably just won't work (and > may explain authentication hashs mismatches....). I have tried that behind 2 different nat-gw (freebsd and linux) and there was definitley no ike proxy. .. If i use draft-version with http://shrew.net/ ipsec-client, I see valid incomming packets (icmp-pings), but ipsec-client tells that the icmp-ping return packets have a unknown phase1 sa. Kind regards, Ingo Flaschberger From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 13:23:28 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8BAF1106566B for ; Fri, 24 Jul 2009 13:23:28 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outD.internet-mail-service.net (outd.internet-mail-service.net [216.240.47.227]) by mx1.freebsd.org (Postfix) with ESMTP id 6F5478FC0A for ; Fri, 24 Jul 2009 13:23:28 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id EB75BC482; Fri, 24 Jul 2009 06:23:27 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 31F562D6015; Fri, 24 Jul 2009 06:23:27 -0700 (PDT) Message-ID: <4A69B5D1.3070807@elischer.org> Date: Fri, 24 Jul 2009 06:23:29 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: vova@fbsd.ru References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> <29ae62fc0907232114r2afb9dc8y966a22db6d3236bc@mail.gmail.com> <4A693DE2.3050905@elischer.org> <1248433706.1678.13.camel@localhost> In-Reply-To: <1248433706.1678.13.camel@localhost> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, Jamie Ostrowski , "Lucian@lastdot.org" Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 13:23:28 -0000 Vladimir Grebenschikov wrote: > Hi > > >> you could set up 2 routing tables and assign different apps to use >> different tables > > Is it possible to select routing table by ipfw setfib X ? > > someting like: > > ipfw add setfib 1 ip from a.b.c.d to any out xmit em0 > setfib 1 route add default 10.10.10.1 > > > PS: > you may need to compile kernel with > options ROUTETABLES=2 yes > > PPS: > why there is not sysctl way to specify number of routing tables ? There is, kind of. originally there had to be a compiled in table and you had to specif the maximum you would allow (up to 16), and the sysctl would reduce that maximum. (that may have changed as I see it's read-only now for me) That may change in the future but the hours in the day are still <= 24 > From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 13:27:50 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 547B6106564A for ; Fri, 24 Jul 2009 13:27:50 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outE.internet-mail-service.net (oute.internet-mail-service.net [216.240.47.228]) by mx1.freebsd.org (Postfix) with ESMTP id 382AE8FC13 for ; Fri, 24 Jul 2009 13:27:50 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id BC201D4E0; Fri, 24 Jul 2009 06:27:49 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 324C32D6018; Fri, 24 Jul 2009 06:27:49 -0700 (PDT) Message-ID: <4A69B6D7.3080501@elischer.org> Date: Fri, 24 Jul 2009 06:27:51 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: vova@fbsd.ru References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> <29ae62fc0907232114r2afb9dc8y966a22db6d3236bc@mail.gmail.com> <4A693DE2.3050905@elischer.org> <1248433706.1678.13.camel@localhost> In-Reply-To: <1248433706.1678.13.camel@localhost> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, Jamie Ostrowski , "Lucian@lastdot.org" Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 13:27:50 -0000 Vladimir Grebenschikov wrote: > Hi > > >> you could set up 2 routing tables and assign different apps to use >> different tables > > Is it possible to select routing table by ipfw setfib X ? > > someting like: > > ipfw add setfib 1 ip from a.b.c.d to any out xmit em0 > setfib 1 route add default 10.10.10.1 no that wouldn't work for 2 reasons. 1/ for local sockets, the routing decision is made already before it gets to the firewall 2/ for non-ocal packets (from another machine that you are routing) the packet needs to b etested on the recv (in) side of things but by then the sending machine has aready decided on a local address too. The only way to do this would be to do: setfib -1 my_aplication so that the sockets were created looking at fib 1 or: setfib -1 /bin/sh so that all children used fib 1 > > > PS: > you may need to compile kernel with > options ROUTETABLES=2 > > PPS: > why there is not sysctl way to specify number of routing tables ? > From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 13:28:30 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 624F410657BD for ; Fri, 24 Jul 2009 13:28:30 +0000 (UTC) (envelope-from Brian.Jacobs@lodgenet.com) Received: from garbo.lodgenet.com (garbo.lodgenet.com [204.124.121.250]) by mx1.freebsd.org (Postfix) with ESMTP id 20ABB8FC19 for ; Fri, 24 Jul 2009 13:28:29 +0000 (UTC) (envelope-from Brian.Jacobs@lodgenet.com) Received: from hardy.lodgenet.com (hardy.lodgenet.com [10.16.101.109]) by garbo.lodgenet.com (8.12.11.20060308/8.12.11) with ESMTP id n6ODST3N003598 for ; Fri, 24 Jul 2009 08:28:29 -0500 Received: from sfcoex03.lodgenet.com (Not Verified[10.16.100.166]) by hardy.lodgenet.com with MailMarshal (v6, 4, 1, 5038) id ; Fri, 24 Jul 2009 08:28:29 -0500 Received: from host.lodgenet.com ([10.1.1.129]) by host.lodgenet.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 24 Jul 2009 08:28:29 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Fri, 24 Jul 2009 09:28:28 -0400 Message-ID: <126E45722B459248997856ECB72DEB7701285E3A@host.lodgenet.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: L2TPv3 ? Thread-Index: AcoMYqEiwTeSttFBRwiylM6yH0pZaA== From: "Jacobs, Brian" To: X-OriginalArrivalTime: 24 Jul 2009 13:28:29.0310 (UTC) FILETIME=[A1B989E0:01CA0C62] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: L2TPv3 ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 13:28:30 -0000 Anyone know of plans or status for implementation of L2TPv3 in FreeBSD? Support for it would solve a lot of interoperability heartache with Cisco devices... =20 Thanks! =20 /bmj From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 13:40:51 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5C983106564A for ; Fri, 24 Jul 2009 13:40:51 +0000 (UTC) (envelope-from vova@sw.ru) Received: from relay.sw.ru (mailhub.sw.ru [195.214.232.25]) by mx1.freebsd.org (Postfix) with ESMTP id CC0608FC13 for ; Fri, 24 Jul 2009 13:40:50 +0000 (UTC) (envelope-from vova@sw.ru) Received: from vbook.fbsd.ru ([10.30.1.111]) (authenticated bits=0) by relay.sw.ru (8.13.4/8.13.4) with ESMTP id n6ODehiZ011679 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 24 Jul 2009 17:40:44 +0400 (MSD) Received: from vova by vbook.fbsd.ru with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1MUL0t-0000pT-O3; Fri, 24 Jul 2009 17:40:43 +0400 From: Vladimir Grebenschikov To: Julian Elischer In-Reply-To: <4A69B6D7.3080501@elischer.org> References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com> <29ae62fc0907232114r2afb9dc8y966a22db6d3236bc@mail.gmail.com> <4A693DE2.3050905@elischer.org> <1248433706.1678.13.camel@localhost> <4A69B6D7.3080501@elischer.org> Content-Type: text/plain Content-Transfer-Encoding: 7bit Date: Fri, 24 Jul 2009 17:40:43 +0400 Message-Id: <1248442843.1678.36.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.26.3 FreeBSD GNOME Team Port Sender: Vladimir Grebenschikov Cc: freebsd-net@freebsd.org, Jamie Ostrowski , "Lucian@lastdot.org" Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: vova@fbsd.ru List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 13:40:51 -0000 > >> you could set up 2 routing tables and assign different apps to use > >> different tables > > > > Is it possible to select routing table by ipfw setfib X ? > > > > someting like: > > > > ipfw add setfib 1 ip from a.b.c.d to any out xmit em0 > > setfib 1 route add default 10.10.10.1 > > no that wouldn't work for 2 reasons. > 1/ for local sockets, the routing decision is made already before it > gets to the firewall > 2/ for non-ocal packets (from another machine that you are routing) > the packet needs to be tested on the recv (in) side of things > but by then the sending machine has aready decided on a local address too. Not nice. I have a dream, that fbsd now capable to do real multi-fib routing :( What about ipfw fwd ? That was working years ago for me, but of course, requires to put all custom routing entries into ipfw rules. What about binding of FIBs to local addresses or/and interfaces ? Such way that kernel will decide what fib to use examining local IP address of package ? -- Vladimir B. Grebenschikov vova@fbsd.ru From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 14:10:43 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ECD44106566C for ; Fri, 24 Jul 2009 14:10:43 +0000 (UTC) (envelope-from if@xip.at) Received: from chile.gbit.at (ns1.xip.at [193.239.188.99]) by mx1.freebsd.org (Postfix) with ESMTP id 218768FC26 for ; Fri, 24 Jul 2009 14:10:42 +0000 (UTC) (envelope-from if@xip.at) Received: (qmail 11895 invoked from network); 24 Jul 2009 16:10:41 +0200 Received: from unknown (HELO filebunker.xip.at) (86.59.10.180) by chile.gbit.at with (DHE-RSA-AES256-SHA encrypted) SMTP; 24 Jul 2009 16:10:41 +0200 Date: Fri, 24 Jul 2009 16:10:40 +0200 (CEST) From: Ingo Flaschberger To: freebsd-net@freebsd.org In-Reply-To: <20090724082915.GA93467@zeninc.net> Message-ID: References: <20090724082915.GA93467@zeninc.net> User-Agent: Alpine 1.10 (LFD 962 2008-03-14) MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="657920-151870570-1248444641=:1395" Subject: Re: natt (again) in 7.2 stable and a forticlient X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 14:10:44 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --657920-151870570-1248444641=:1395 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Hi, attached a patch for ports-security-ipsec-tools Makefile to disable to offer NATT-IKE-ENCAP. Kind regardsm Ingo Flaschberger --657920-151870570-1248444641=:1395 Content-Type: TEXT/PLAIN; charset=US-ASCII; name=patch_natt_udpencap.diff Content-Transfer-Encoding: BASE64 Content-ID: Content-Description: Content-Disposition: attachment; filename=patch_natt_udpencap.diff LS0tIE1ha2VmaWxlX29yZyAgICAgICAgMjAwOS0wNy0yNCAxNTowMToxMS4w MDAwMDAwMDAgKzAyMDANCisrKyBNYWtlZmlsZSAgICAyMDA5LTA3LTI0IDE2 OjA3OjMyLjAwMDAwMDAwMCArMDIwMA0KQEAgLTQxLDYgKzQxLDcgQEANCiAg ICAgICAgICAgICAgICBEUEQgICAgICAgICAgICAgImVuYWJsZSBEZWFkIFBl ZXIgRGV0ZWN0aW9uIiBvbiBcDQogICAgICAgICAgICAgICAgTkFUVCAgICAg ICAgICAgICJlbmFibGUgTkFULVRyYXZlcnNhbCAoa2VybmVsLXBhdGNoIHJl cXVpcmVkKSIgb24gXA0KICAgICAgICAgICAgICAgIE5BVFRGICAgICAgICAg ICAicmVxdWlyZSBOQVQtVHJhdmVyc2FsIChmYWlsIHdpdGhvdXQga2VybmVs LXBhdGNoKSIgb2ZmIFwNCisgICAgICAgICAgICAgICBOQVROT05JS0UgICAg ICAgIm9mZmVyIE5BVC1UcmF2ZXJzYWwgVURQIGVuY2Fwc3VsYXRpb24gb25s eSIgb2ZmIFwNCiAgICAgICAgICAgICAgICBGUkFHICAgICAgICAgICAgImVu YWJsZSBJS0UgZnJhZ21lbnRhdGlvbiBwYXlsb2FkIHN1cHBvcnQiIG9uIFwN CiAgICAgICAgICAgICAgICBIWUJSSUQgICAgICAgICAgImVuYWJsZSBIeWJy aWQsIFhhdXRoIGFuZCBNb2RlLWNmZyBzdXBwb3J0IiBvbiBcDQogICAgICAg ICAgICAgICAgUEFNICAgICAgICAgICAgICJlbmFibGUgUEFNIGF1dGhlbnRp Y2F0aW9uIChYYXV0aCBzZXJ2ZXIpIiBvZmYgXA0KQEAgLTk5LDYgKzEwMCwx MCBAQA0KIENPTkZJR1VSRV9BUkdTKz0gICAgICAgLS1kaXNhYmxlLW5hdHQN CiAuZW5kaWYNCiANCisuaWZkZWYoTkFUTk9OSUtFKQ0KK0NPTkZJR1VSRV9B UkdTKz0gICAgICAgLS1lbmFibGUtbmF0dC12ZXJzaW9ucz0yLDMsNCw1LDYs NSw3LDgsUkZDDQorLmVuZGlmDQorDQogLmlmZGVmKFdJVEhfRlJBRykNCiBD T05GSUdVUkVfQVJHUys9ICAgICAgIC0tZW5hYmxlLWZyYWcNCiAuZWxzZQ0K --657920-151870570-1248444641=:1395-- From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 16:10:46 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 446DE1065673 for ; Fri, 24 Jul 2009 16:10:46 +0000 (UTC) (envelope-from if@xip.at) Received: from chile.gbit.at (ns1.xip.at [193.239.188.99]) by mx1.freebsd.org (Postfix) with ESMTP id 8EBEB8FC0A for ; Fri, 24 Jul 2009 16:10:44 +0000 (UTC) (envelope-from if@xip.at) Received: (qmail 11793 invoked from network); 24 Jul 2009 18:10:43 +0200 Received: from unknown (HELO filebunker.xip.at) (86.59.10.180) by chile.gbit.at with (DHE-RSA-AES256-SHA encrypted) SMTP; 24 Jul 2009 18:10:43 +0200 Date: Fri, 24 Jul 2009 18:10:42 +0200 (CEST) From: Ingo Flaschberger To: freebsd-net@freebsd.org In-Reply-To: Message-ID: References: <20090724082915.GA93467@zeninc.net> User-Agent: Alpine 1.10 (LFD 962 2008-03-14) MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="657920-1148653615-1248451843=:1395" Subject: Re: natt (again) in 7.2 stable and a forticlient X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 16:10:46 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --657920-1148653615-1248451843=:1395 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Hi, > attached a patch for ports-security-ipsec-tools Makefile > to disable to offer NATT-IKE-ENCAP. aii.. bug in the batch, sorry. attached new patch. Kind regards, Ingo Flaschberger --657920-1148653615-1248451843=:1395 Content-Type: TEXT/PLAIN; charset=US-ASCII; name=patch_natt_udpencap.diff Content-Transfer-Encoding: BASE64 Content-ID: Content-Description: Content-Disposition: attachment; filename=patch_natt_udpencap.diff LS0tIE1ha2VmaWxlX29yZyAgICAgICAgMjAwOS0wNy0yNCAxNTowMToxMS4w MDAwMDAwMDAgKzAyMDANCisrKyBNYWtlZmlsZSAgICAyMDA5LTA3LTI0IDE3 OjQ3OjI2LjAwMDAwMDAwMCArMDIwMA0KQEAgLTQxLDYgKzQxLDcgQEANCiAg ICAgICAgICAgICAgICBEUEQgICAgICAgICAgICAgImVuYWJsZSBEZWFkIFBl ZXIgRGV0ZWN0aW9uIiBvbiBcDQogICAgICAgICAgICAgICAgTkFUVCAgICAg ICAgICAgICJlbmFibGUgTkFULVRyYXZlcnNhbCAoa2VybmVsLXBhdGNoIHJl cXVpcmVkKSIgb24gXA0KICAgICAgICAgICAgICAgIE5BVFRGICAgICAgICAg ICAicmVxdWlyZSBOQVQtVHJhdmVyc2FsIChmYWlsIHdpdGhvdXQga2VybmVs LXBhdGNoKSIgb2ZmIFwNCisgICAgICAgICAgICAgICBOQVROT05JS0UgICAg ICAgIm9mZmVyIE5BVC1UcmF2ZXJzYWwgVURQIGVuY2Fwc3VsYXRpb24gb25s eSIgb2ZmIFwNCiAgICAgICAgICAgICAgICBGUkFHICAgICAgICAgICAgImVu YWJsZSBJS0UgZnJhZ21lbnRhdGlvbiBwYXlsb2FkIHN1cHBvcnQiIG9uIFwN CiAgICAgICAgICAgICAgICBIWUJSSUQgICAgICAgICAgImVuYWJsZSBIeWJy aWQsIFhhdXRoIGFuZCBNb2RlLWNmZyBzdXBwb3J0IiBvbiBcDQogICAgICAg ICAgICAgICAgUEFNICAgICAgICAgICAgICJlbmFibGUgUEFNIGF1dGhlbnRp Y2F0aW9uIChYYXV0aCBzZXJ2ZXIpIiBvZmYgXA0KQEAgLTk5LDYgKzEwMCwx MCBAQA0KIENPTkZJR1VSRV9BUkdTKz0gICAgICAgLS1kaXNhYmxlLW5hdHQN CiAuZW5kaWYNCiANCisuaWZkZWYoV0lUSF9OQVROT05JS0UpDQorQ09ORklH VVJFX0FSR1MrPSAgICAgICAtLWVuYWJsZS1uYXR0LXZlcnNpb25zPTIsMyw0 LDUsNiw1LDcsOCxSRkMNCisuZW5kaWYNCisNCiAuaWZkZWYoV0lUSF9GUkFH KQ0KIENPTkZJR1VSRV9BUkdTKz0gICAgICAgLS1lbmFibGUtZnJhZw0KIC5l bHNlDQo= --657920-1148653615-1248451843=:1395-- From owner-freebsd-net@FreeBSD.ORG Fri Jul 24 21:10:57 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6642A10656E7 for ; Fri, 24 Jul 2009 21:10:57 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63902.mail.re1.yahoo.com (web63902.mail.re1.yahoo.com [69.147.97.117]) by mx1.freebsd.org (Postfix) with SMTP id 203F78FC0A for ; Fri, 24 Jul 2009 21:10:57 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 58504 invoked by uid 60001); 24 Jul 2009 21:10:56 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1248469856; bh=h67Y9kDlDiqY73BZ7p54VxX0lMKh3IoJKSJUmhLau0E=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=yxw2TFTzmN4eJdp29ONVytm0EF/rOdTFeatqlEA9hc3Gf8Ouw6dntDjlzSVNylsUaW7nXHSTyoaknUSH3LbkUuljwSqcucYDMYa3G9ZNY5c4UWZcITJjI0NCFrI5V39gDAg1GIcj9/QUBVDKyrCSRJ1j6j210m0czv69u+vnWPI= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=YoG4rAtS82Rsc2vXDyWM5aNVv7FbpaL1zpnlroEUUx3ydiUX9hx/4O5T6gbM0bhagFbcA9ty5GyNJKzUckyJTvDuWlP/Veqeq/TTuBJIcM+s/LO1UJi5rjP7Dke3U3zvdXGBqer6ETrx1qC3yuNGgidiCbKM8gzp646YLFXTebw=; Message-ID: <624694.56110.qm@web63902.mail.re1.yahoo.com> X-YMail-OSG: KwVNkjcVM1mJnV6rmnH_BDA4WPlfBnMHg7itM.w2VZQ712teh2IcHx1jHEfGcRaoS6UQpJeX58gZblcxW6x548K.E9.jN9VcyrUH4nat9FvDL3f5R6utG6LYb26V29Kpopq1TTaDYpn_UYcSlP4eb3AmoLFwebOv3vsAWCGcs16VCAS5IhZ7lHrTZ7YGglidRD2oMrjZeDGhYGx72os94owVYLdxbvYZpRgucggBGn3RVlVoGeibGjJB672wRcGaDGFx67IAnFW9zZ.g2IMmqj5KErQuOvOiaN2xCQldBE6nQFX26cY3EgtnPw-- Received: from [66.176.162.245] by web63902.mail.re1.yahoo.com via HTTP; Fri, 24 Jul 2009 14:10:56 PDT X-Mailer: YahooMailClassic/5.4.17 YahooMailWebService/0.7.289.15 Date: Fri, 24 Jul 2009 14:10:56 -0700 (PDT) From: Barney Cordoba To: freebsd-net@FreeBSD.org, Peter Steele MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Subject: Re: nfe taskq performance issues X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jul 2009 21:10:57 -0000 --- On Thu, 7/23/09, Peter Steele wrote: > From: Peter Steele > Subject: nfe taskq performance issues > To: freebsd-net@FreeBSD.org > Date: Thursday, July 23, 2009, 11:58 AM > We've been hitting serious nfe taskq > performance issues during stress > tests and in doing some research on the problem we came > across this old > email: > > > > From: Ivan Voras > Date: April 28, 2009 3:53:14 AM PDT > To: freebsd-threads@freebsd.org > Cc: freebsd-net@freebsd.org, > freebsd-performance@freebsd.org > Subject: Re: FreeBSD 7.1 taskq em performance > > > > I have been hitting some barrier with FreeBSD 7.1 > network performance. > I > > have written an application which contains two kernel > threads that > takes > > mbufs directly from a network interface and forwards > to another > network > > interface. This idea is to simulate different network > environment. > > > > I have been using FreeBSD 6.4 amd64 and tested with an > Ixia box > > (specialised hardware firing very high packet rate). > The PC was a > Core2 2.6 > > GHz with dual ports Intel PCIE Gigabit network card. > It can manage up > to 1.2 > > million pps. > > > > I have a higher spec PC with FreeBSD 7.1 amd64 and > Quadcore 2.3 GHz > and > > PCIE Gigabit network card. The performance can only > achieve up to 600k > pps. > > I notice the 'taskq em0' and 'taskq em1' is solid 100% > CPU but it is > not in > > FreeBSD 6.4. > > > > In our case we are running FreeBSD 7.0, but we are seeing > our boxes > experience serious thread starvation issues as the nfe0 cpu > percentage > climbs steadily while cpu idle time drops at times to 0 > percent. This > email thread mentioned a patch for the em driver here: > > > > http://people.yandex-team.ru/~wawa/ > It means you're using your CPU up processing packets. There are any number of reasons for it; lock contention, poor general design, network stack contention. I'm not sure why you'd want to use a 64 bit build for a network application, but you'll have to track down the source by profiling or running focused tests to isolate your bottlenecks. Barney From owner-freebsd-net@FreeBSD.ORG Sat Jul 25 01:08:50 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D8141065674; Sat, 25 Jul 2009 01:08:50 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 02EB58FC12; Sat, 25 Jul 2009 01:08:50 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6P18nIR018817; Sat, 25 Jul 2009 01:08:49 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6P18nfB018813; Sat, 25 Jul 2009 01:08:49 GMT (envelope-from linimon) Date: Sat, 25 Jul 2009 01:08:49 GMT Message-Id: <200907250108.n6P18nfB018813@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/137089: [lagg] lagg falsely triggers IPv6 duplicate address detection X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 01:08:50 -0000 Old Synopsis: lagg falsely triggers IPv6 duplicate address detection New Synopsis: [lagg] lagg falsely triggers IPv6 duplicate address detection Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Sat Jul 25 01:08:36 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=137089 From owner-freebsd-net@FreeBSD.ORG Sat Jul 25 01:27:59 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F1B531065674; Sat, 25 Jul 2009 01:27:59 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C83658FC15; Sat, 25 Jul 2009 01:27:59 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6P1Rx9L034086; Sat, 25 Jul 2009 01:27:59 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6P1RxUo034082; Sat, 25 Jul 2009 01:27:59 GMT (envelope-from linimon) Date: Sat, 25 Jul 2009 01:27:59 GMT Message-Id: <200907250127.n6P1RxUo034082@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/136943: [wpi] [lor] wpi0_com_lock / wpi0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 01:28:00 -0000 Old Synopsis: [lor] wpi0_com_lock / wpi0 New Synopsis: [wpi] [lor] wpi0_com_lock / wpi0 Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Sat Jul 25 01:27:46 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=136943 From owner-freebsd-net@FreeBSD.ORG Sat Jul 25 01:31:07 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4665410656FF; Sat, 25 Jul 2009 01:31:07 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 198328FC32; Sat, 25 Jul 2009 01:31:07 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6P1V68u042351; Sat, 25 Jul 2009 01:31:06 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6P1V6OX042347; Sat, 25 Jul 2009 01:31:06 GMT (envelope-from linimon) Date: Sat, 25 Jul 2009 01:31:06 GMT Message-Id: <200907250131.n6P1V6OX042347@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/137036: [ipsec] fastforwarding breaks ipsec X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 01:31:12 -0000 Old Synopsis: fastforwarding breaks ipsec New Synopsis: [ipsec] fastforwarding breaks ipsec Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Sat Jul 25 01:30:44 UTC 2009 Responsible-Changed-Why: Apparently this is documented behavior. http://www.freebsd.org/cgi/query-pr.cgi?pr=137036 From owner-freebsd-net@FreeBSD.ORG Sat Jul 25 13:10:52 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 07841106566B for ; Sat, 25 Jul 2009 13:10:52 +0000 (UTC) (envelope-from iprebeg@freebsd.org) Received: from maja.zesoi.fer.hr (maja.zesoi.fer.hr [161.53.64.3]) by mx1.freebsd.org (Postfix) with ESMTP id BBE0B8FC1D for ; Sat, 25 Jul 2009 13:10:51 +0000 (UTC) (envelope-from iprebeg@freebsd.org) Received: from localhost (localhost [127.0.0.1]) by maja.zesoi.fer.hr (Postfix) with ESMTP id A562B42F7D for ; Sat, 25 Jul 2009 15:10:47 +0200 (CEST) Received: from maja.zesoi.fer.hr ([127.0.0.1]) by localhost (maja.zesoi.fer.hr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m-0u1on0+z8V for ; Sat, 25 Jul 2009 15:10:41 +0200 (CEST) Received: from valeria.zesoi.fer.hr (valeria.zesoi.fer.hr [161.53.64.29]) by maja.zesoi.fer.hr (Postfix) with ESMTP id 102CD42F7A for ; Sat, 25 Jul 2009 15:10:25 +0200 (CEST) Date: Sat, 25 Jul 2009 15:04:24 +0200 From: iprebeg@freebsd.org To: freebsd-net@freebsd.org Message-ID: <20090725130424.GA24589@valeria.zesoi.fer.hr> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.16 (2007-06-09) Subject: Wrong multicast destination IP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 13:10:52 -0000 In recent current kernel, it appears that IGMPv2 reports (not IGMPv3) are sent to wrong multicast address. I'm trying to setup mcast routing in this way: .--. .--. .--. |c1|-10.0.1.2---10.0.1.1-|mr|-10.0.2.1---10.0.2.2-|c2| '--' em0 em0 '--' em2 em0 '--' (em1 is used for SSH access) mrouted is started on mr with configuration containing only one line: >phyint em1 disable and route is created: >route add 224/24 -iface em0 Machine c1 issues command >mcastread -v4 -s 10.0.2.2 em0 235.0.0.1 1337 and machine c2 has route >route add 224/24 -iface em0 and issuse command >mcastsend 235.0.0.1 1337 mr uses p4 kernel dating 24th of June and cX's use BETA2. So, I have two problems. 1) No packets are forwarded. I hope that reason is problem stated in 2). Anyway, I'd be happy if someone can confirm that I'm doing everything right. It would be also cool if someone could post XORP configuration that I can use for this configuration. I can see UDP packets reach em2 iface on mr. 2) Even all machines support IGMPv3, after I start mrouted, network converges to IGMPv2. What I see in tcpdump is that DIP of IGMPv2 packets isn't in IGMP-CONTROL range (224.0.0.X), but it is set to IP of group that it tries to join ( 235.0.0.1 in this case ). This is not cast with IGMP leave or IGMPv3 reports which are generated by same commands after I kill mrouted and network again converges to IGMPv3. TIA iprebeg From owner-freebsd-net@FreeBSD.ORG Sat Jul 25 13:30:55 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DCCAE1065672 for ; Sat, 25 Jul 2009 13:30:55 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: from smtp.zeninc.net (smtp.zeninc.net [80.67.176.25]) by mx1.freebsd.org (Postfix) with ESMTP id 951028FC19 for ; Sat, 25 Jul 2009 13:30:55 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: from albator.zen.inc (albator.zen.inc [192.168.1.5]) by smtp.zeninc.net (smtpd) with ESMTP id 7590A2798B8; Sat, 25 Jul 2009 15:30:54 +0200 (CEST) Received: by albator.zen.inc (Postfix, from userid 1000) id AA110731C5; Sat, 25 Jul 2009 15:30:53 +0200 (CEST) Date: Sat, 25 Jul 2009 15:30:53 +0200 From: VANHULLEBUS Yvan To: Ingo Flaschberger Message-ID: <20090725133053.GA3042@zeninc.net> References: <20090724082915.GA93467@zeninc.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: All mail clients suck. This one just sucks less. Cc: freebsd-net@freebsd.org Subject: Re: natt (again) in 7.2 stable and a forticlient X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 13:30:56 -0000 On Fri, Jul 24, 2009 at 06:10:42PM +0200, Ingo Flaschberger wrote: > Hi, > >> attached a patch for ports-security-ipsec-tools Makefile >> to disable to offer NATT-IKE-ENCAP. > > aii.. bug in the batch, sorry. > > attached new patch. Drafts 05+ should NOT be used, as they use IANA numbers which have been assigned to other RFCs. The cleaner change will probably be to enable only RFC support by default directly in ipsec-tools (for 0.8.0 release), and perhaps to add some optiond to enable a specific list of drafts to support in FreeBSD's patch. Yvan. From owner-freebsd-net@FreeBSD.ORG Sat Jul 25 14:18:09 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4B8BB1065674 for ; Sat, 25 Jul 2009 14:18:09 +0000 (UTC) (envelope-from iprebeg@freebsd.org) Received: from maja.zesoi.fer.hr (maja.zesoi.fer.hr [161.53.64.3]) by mx1.freebsd.org (Postfix) with ESMTP id D2BD08FC22 for ; Sat, 25 Jul 2009 14:18:08 +0000 (UTC) (envelope-from iprebeg@freebsd.org) Received: from localhost (localhost [127.0.0.1]) by maja.zesoi.fer.hr (Postfix) with ESMTP id 90F3942F7A for ; Sat, 25 Jul 2009 16:18:04 +0200 (CEST) Received: from maja.zesoi.fer.hr ([127.0.0.1]) by localhost (maja.zesoi.fer.hr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qpG7vB+LF1Cb for ; Sat, 25 Jul 2009 16:17:58 +0200 (CEST) Received: from valeria.zesoi.fer.hr (valeria.zesoi.fer.hr [161.53.64.29]) by maja.zesoi.fer.hr (Postfix) with ESMTP id 7772142F7E for ; Sat, 25 Jul 2009 16:17:38 +0200 (CEST) Date: Sat, 25 Jul 2009 16:11:38 +0200 From: iprebeg@freebsd.org To: freebsd-net@freebsd.org Message-ID: <20090725141138.GA3370@valeria.zesoi.fer.hr> References: <20090725130424.GA24589@valeria.zesoi.fer.hr> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090725130424.GA24589@valeria.zesoi.fer.hr> User-Agent: Mutt/1.5.16 (2007-06-09) Subject: Re: Wrong multicast destination IP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 14:18:09 -0000 On Sat, Jul 25, 2009 at 03:04:24PM +0200, iprebeg@freebsd.org wrote: > > In recent current kernel, it appears that IGMPv2 reports (not IGMPv3) > are sent to wrong multicast address. I'm trying to setup mcast routing > in this way: > > .--. .--. .--. > |c1|-10.0.1.2---10.0.1.1-|mr|-10.0.2.1---10.0.2.2-|c2| > '--' em0 em0 '--' em2 em0 '--' > > (em1 is used for SSH access) > > mrouted is started on mr with configuration containing only one line: > > >phyint em1 disable > > and route is created: > > >route add 224/24 -iface em0 > > Machine c1 issues command > > >mcastread -v4 -s 10.0.2.2 em0 235.0.0.1 1337 > > and machine c2 has route > > >route add 224/24 -iface em0 > > and issuse command > > >mcastsend 235.0.0.1 1337 > > mr uses p4 kernel dating 24th of June and cX's use BETA2. > > So, I have two problems. > > 1) No packets are forwarded. I hope that reason is problem stated in 2). > Anyway, I'd be happy if someone can confirm that I'm doing everything > right. It would be also cool if someone could post XORP configuration > that I can use for this configuration. I can see UDP packets reach em2 > iface on mr. > > 2) Even all machines support IGMPv3, after I start mrouted, network > converges to IGMPv2. What I see in tcpdump is that DIP of IGMPv2 > packets isn't in IGMP-CONTROL range (224.0.0.X), but it is set to IP > of group that it tries to join ( 235.0.0.1 in this case ). This is > not cast with IGMP leave or IGMPv3 reports which are generated by > same commands after I kill mrouted and network again converges to > IGMPv3 Please, IGNORE part about improper dest addr, I realized difference with IGMPv3 and IGMPv{1,2} reports destionation IP. I still need some help with setting up mcast routing... > > TIA > > iprebeg > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sat Jul 25 15:31:32 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D39B5106564A for ; Sat, 25 Jul 2009 15:31:32 +0000 (UTC) (envelope-from lists.br@gmail.com) Received: from mail-qy0-f191.google.com (mail-qy0-f191.google.com [209.85.221.191]) by mx1.freebsd.org (Postfix) with ESMTP id 819278FC1A for ; Sat, 25 Jul 2009 15:31:32 +0000 (UTC) (envelope-from lists.br@gmail.com) Received: by qyk29 with SMTP id 29so2875933qyk.3 for ; Sat, 25 Jul 2009 08:31:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:from:to:cc :references:subject:date:mime-version:content-type :content-transfer-encoding:x-priority:x-msmail-priority:x-mailer :x-mimeole; bh=T75hxhisxyTO3lc2aPzbHD214rCryGVRq+qytYAZVLs=; b=BfOGCCnMhUG1r+YBFHWG7TEA+xRO61n9iTz9mgu+A2LIUDUGDchE4qIikPDsWeOWWR WuS0IAzNTG4Cj3IgBRgv9hu+9l50aNOjcI7vALLKZpWfnjwL0r0xCIrq1DltjZmz+sTL GURzIC2gXP4nnmLq/C9q5Ku27g1ERwFxOZmSE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:from:to:cc:references:subject:date:mime-version :content-type:content-transfer-encoding:x-priority:x-msmail-priority :x-mailer:x-mimeole; b=Ds6nJWWSOFckoEcBDG396OhG45pxXUX0ZcREWfcB4DpSmkYEny6fe6B/ZQC2Tn1w83 EB9ZKtc3AiFwBMXWM5I5UspM6p3UVq+a3q1sv24c8yGKjKWq7Mme5eJKM1Y2C9xdQUOx I2tl7fn1zYPCgsVCBA1NXggYrqZIVWxwaEwHk= Received: by 10.224.45.137 with SMTP id e9mr4411937qaf.216.1248534555854; Sat, 25 Jul 2009 08:09:15 -0700 (PDT) Received: from adnote989 (201-42-152-161.dsl.telesp.net.br [201.42.152.161]) by mx.google.com with ESMTPS id 2sm6934628qwi.43.2009.07.25.08.09.12 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sat, 25 Jul 2009 08:09:14 -0700 (PDT) Message-ID: <8222942B09F94943A7B9314F1D7833E4@adnote989> From: "Luiz Otavio O Souza" To: , "Julian Elischer" References: <5a3c8f450907230757j21191a11n6cae4699ec8a76e1@mail.gmail.com><29ae62fc0907232114r2afb9dc8y966a22db6d3236bc@mail.gmail.com><4A693DE2.3050905@elischer.org> <1248433706.1678.13.camel@localhost><4A69B6D7.3080501@elischer.org> <1248442843.1678.36.camel@localhost> Date: Sat, 25 Jul 2009 12:09:08 -0300 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5512 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 Cc: freebsd-net@freebsd.org, Jamie Ostrowski , "Lucian@lastdot.org" Subject: Re: How to change default source address? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 15:31:33 -0000 > >> >> you could set up 2 routing tables and assign different apps to use >> >> different tables >> > >> > Is it possible to select routing table by ipfw setfib X ? >> > >> > someting like: >> > >> > ipfw add setfib 1 ip from a.b.c.d to any out xmit em0 >> > setfib 1 route add default 10.10.10.1 >> >> no that wouldn't work for 2 reasons. >> 1/ for local sockets, the routing decision is made already before it >> gets to the firewall >> 2/ for non-ocal packets (from another machine that you are routing) >> the packet needs to be tested on the recv (in) side of things >> but by then the sending machine has aready decided on a local address >> too. > > Not nice. I have a dream, that fbsd now capable to do real multi-fib > routing :( > > What about ipfw fwd ? That was working years ago for me, but of course, > requires to put all custom routing entries into ipfw rules. > > What about binding of FIBs to local addresses or/and interfaces ? > Such way that kernel will decide what fib to use examining local IP > address of package ? > > -- > Vladimir B. Grebenschikov > vova@fbsd.ru The actual routing code doesn't receive any information about the source address (the route is found using exclusively the destination address), so right now the kernel cannot select the fib by looking at the source address (local address). There is an kernel option called RADIX_MPATH wich changes the routing code substancially (and looks like - from an untrained eye - it uses the local/source address to select the correct route). Unfornately my test hardware dies and i cannot look at this (right now) to tell you how this will work in the "real world", but if you can, you should try it. Luiz From owner-freebsd-net@FreeBSD.ORG Sat Jul 25 19:42:09 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CB8541065672; Sat, 25 Jul 2009 19:42:09 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A12208FC12; Sat, 25 Jul 2009 19:42:09 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (bz@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6PJg9WG031683; Sat, 25 Jul 2009 19:42:09 GMT (envelope-from bz@freefall.freebsd.org) Received: (from bz@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6PJg8Qq031679; Sat, 25 Jul 2009 19:42:08 GMT (envelope-from bz) Date: Sat, 25 Jul 2009 19:42:08 GMT Message-Id: <200907251942.n6PJg8Qq031679@freefall.freebsd.org> To: if@xip.at, bz@FreeBSD.org, freebsd-net@FreeBSD.org, bz@FreeBSD.org From: bz@FreeBSD.org Cc: Subject: Re: kern/137036: [ipsec] fastforwarding breaks ipsec X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2009 19:42:10 -0000 Synopsis: [ipsec] fastforwarding breaks ipsec State-Changed-From-To: open->closed State-Changed-By: bz State-Changed-When: Sat Jul 25 19:41:06 UTC 2009 State-Changed-Why: Works as expected. I admit that inet(4) is probably not the best place to look for the description butat least it's there. Responsible-Changed-From-To: freebsd-net->bz Responsible-Changed-By: bz Responsible-Changed-When: Sat Jul 25 19:41:06 UTC 2009 Responsible-Changed-Why: Take in case of follow-ups. http://www.freebsd.org/cgi/query-pr.cgi?pr=137036