From owner-freebsd-net Sun Mar 17 0:21:29 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.dev.itouchnet.net (devco.net [196.15.188.2]) by hub.freebsd.org (Postfix) with ESMTP id C8B9A37B416 for ; Sun, 17 Mar 2002 00:21:26 -0800 (PST) Received: from nobody by mx1.dev.itouchnet.net with scanned_ok (Exim 3.33 #2) id 16mVz0-000JZH-00 for freebsd-net@freebsd.org; Sun, 17 Mar 2002 10:25:38 +0200 Received: from shell.devco.net ([196.15.188.7]) by mx1.dev.itouchnet.net with esmtp (Exim 3.33 #2) id 16mVyz-000JZ3-00; Sun, 17 Mar 2002 10:25:37 +0200 Received: from bvi by shell.devco.net with local (Exim 3.33 #4) id 16mVyy-0009YG-00; Sun, 17 Mar 2002 10:25:36 +0200 Date: Sun, 17 Mar 2002 10:25:36 +0200 From: Barry Irwin To: "Adam@junik.lv" Cc: freebsd-net@freebsd.org Subject: Re: your mail Message-ID: <20020317102536.S8724@itouchlabs.com> References: <000901c1cd77$ae3b2ac0$d7ceb6d5@junik.lv> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <000901c1cd77$ae3b2ac0$d7ceb6d5@junik.lv>; from adam@junik.lv on Sun, Mar 17, 2002 at 07:50:44AM +0200 X-Checked: This message has been scanned for any virusses and unauthorized attachments. X-iScan-ID: 75219-1016353537-80551@mx1.dev.itouchnet.net version $Name: REL_2_0_2 $ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun 2002-03-17 (07:50), Adam@junik.lv wrote: > > Hi, > I would appreciate it if you could suggest > some soft for traffic monitoring on a > Freebsd 4.5 default router. > > I need to monitor the incoming and outgoing > traffic of all the subnets for which this machine > is the defaultrouter. Hi Have a look at trafd for storing traffic details for later reporting. trafshow provides a nice real-time display. both are in the FreeBSD ports collection. Barry -- Barry Irwin bvi@itouchlabs.com +27214875177 Systems Administrator: Networks And Security Itouch Labs http://www.itouchlabs.com South Africa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Mar 17 2:42:25 2002 Delivered-To: freebsd-net@freebsd.org Received: from ns.mmk.ru (ns1.mmk.ru [195.54.3.19]) by hub.freebsd.org (Postfix) with ESMTP id B614837B405 for ; Sun, 17 Mar 2002 02:42:09 -0800 (PST) Received: from antivirus.mmk.ru (sinful [161.8.100.3]) by ns.mmk.ru (8.11.6/8.11.6) with ESMTP id g2HAfxs78769; Sun, 17 Mar 2002 15:41:59 +0500 (YEKT) Received: from dimasic (localhost [127.0.0.1]) by antivirus.mmk.ru (8.11.6/8.11.6) with SMTP id g2HAeGo29321; Sun, 17 Mar 2002 15:40:18 +0500 (ESK) Message-ID: <001b01c1cda0$264fccf0$02020101@dimasic> From: "Dmitry A. Bondareff" To: "Xawiers" , References: <001501c1cb5b$48dba060$02000b0a@ksaveras> <01fb01c1ccd1$19c0ee30$02020101@dimasic> <001101c1ccf6$215abb60$02000b0a@ksaveras> Subject: Re: Trouble to connect FreeBSD 4.5 to internet Date: Sun, 17 Mar 2002 15:40:22 +0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0018_01C1CDCA.0CF4EB30" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0018_01C1CDCA.0CF4EB30 Content-Type: text/plain; charset="windows-1257" Content-Transfer-Encoding: quoted-printable I thing so: /etc/rc.conf: # This is for external interface ifconfig_ed0=3D"inet 192.168.100.253 netmask 255.255.255.0" # This is for internal interface ifconfig_xl0=3D"inet internalIP netmask 255.255.255.0" # Add default to ISP defaultrouter=3D"192.168.100.254" # Enable your system as Router gateway_enable=3D"YES" # Enable NAT ipnat_enable=3D"YES" ipnat_rules=3D"/etc/ipnat.conf" Then add the rule for NAT /etc/ipnat.conf: map ed0 internalnet/24 -> 195.14.167.39/32 -------------------------------------------------------------------------= ------------- Warning:=20 ISP must add the next in his routing table # route add -host 195.14.167.39 192.168.100.253=20 Or try on your side=20 arp -s 195.14.167.39 MAC pub where MAC is MACaddress of your external ethernet card. -------------------------------------------------------------------------= ------------- Regards, aka Dimasic. ----- Original Message -----=20 From: Xawiers=20 To: Dmitry A. Bondareff ; freebsd-net@FreeBSD.ORG=20 Sent: Saturday, March 16, 2002 7:23 PM Subject: Re: Trouble to connect FreeBSD 4.5 to internet Hello again so how shoult I config that with natd ? Could someone write any examples? =20 -------------------- Xawiers =20 ----- Original Message -----=20 From: Dmitry A. Bondareff=20 To: freebsd-net@FreeBSD.ORG=20 Sent: Saturday, March 16, 2002 10:58 AM Subject: Re: Trouble to connect FreeBSD 4.5 to internet Hmm. It's too strange configuration.=20 The ISP must to do translation to 195.14.167.39 on him box. May be he think that you must do it. Try to using NAT on your box. And netmask wrong too ! Regards, aka Dimasic. ----- Original Message -----=20 From: Xawiers=20 To: freebsd-net@FreeBSD.ORG=20 Sent: Thursday, March 14, 2002 6:22 PM Subject: Trouble to connect FreeBSD 4.5 to internet Hello, I have trouble to connect FreeBSD to internet. Our ISP gave me these datas about network Gateway: 192.168.100.254 My external IP: 195.14.167.39 Netmask: 255.255.255.254 what i did: First I added alias, because I cant see my gateway - no ping = response (not in the same subnet) ifconfig ed0 inet 192.168.100.253 netmask 255.255.255.0 alias And I add default gateway: route add default 192.168.100.254 now my GW responses for ping, but internet - no=20 How I coud resolve this problem. P.S. sorry for my english Best regards Xawiers ------=_NextPart_000_0018_01C1CDCA.0CF4EB30 Content-Type: text/html; charset="windows-1257" Content-Transfer-Encoding: quoted-printable
I thing so:
 
/etc/rc.conf:
# This is for external=20 interface
ifconfig_ed0=3D"inet = 192.168.100.253 netmask=20 255.255.255.0"
# This is for internal=20 interface
ifconfig_xl0=3D"inet internalIP netmask=20 255.255.255.0"
# Add default to ISP
defaultrouter=3D"192.168.100.254"
# Enable your system as = Router
gateway_enable=3D"YES"
# Enable NAT
ipnat_enable=3D"YES"
ipnat_rules=3D"/etc/ipnat.conf"
 
Then add the rule for = NAT
/etc/ipnat.conf:
map ed0=20 internalnet/24 ->=20 195.14.167.39/32
 
----------------------------------------------------------------= ----------------------
Warning: =
ISP must add the next in = his routing=20 table
# route add -host = 195.14.167.39=20 192.168.100.253
 
Or try on your side=20
arp -s = 195.14.167.39 MAC=20 pub
where MAC is = MACaddress of your=20 external ethernet card.
----------------------------------------------------------------= ----------------------
 
Regards,
aka Dimasic.
----- Original Message -----
From:=20 Xawiers =
To: Dmitry A. Bondareff ; freebsd-net@FreeBSD.ORG
Sent: Saturday, March 16, 2002 = 7:23=20 PM
Subject: Re: Trouble to connect = FreeBSD=20 4.5 to internet

Hello again
so how shoult I config that with natd = ?
Could someone write any = examples?
 
--------------------
Xawiers
 
----- Original Message -----
From:=20 Dmitry A. = Bondareff=20
To: freebsd-net@FreeBSD.ORG
Sent: Saturday, March 16, = 2002 10:58=20 AM
Subject: Re: Trouble to = connect FreeBSD=20 4.5 to internet

Hmm.
It's too strange = configuration.=20
The ISP must to do = translation to=20 195.14.167.39 on him box.
May be he think that you must = do=20 it.
Try to using NAT on your=20 box.
 
And netmask wrong too !
 
Regards,
aka Dimasic.
 
 
----- Original Message -----
From:=20 Xawiers
To: freebsd-net@FreeBSD.ORG
Sent: Thursday, March 14, = 2002 6:22=20 PM
Subject: Trouble to connect = FreeBSD=20 4.5 to internet

Hello,
I have trouble to connect FreeBSD to internet.
Our ISP gave me these datas about network
Gateway: 192.168.100.254
My external IP: 195.14.167.39
Netmask: 255.255.255.254
 
what i did:
First I added alias, because I cant see my gateway - no ping = response=20 (not in the same subnet)
 
ifconfig ed0 inet 192.168.100.253 netmask 255.255.255.0 = alias
 
And I add default gateway:
 
route add default 192.168.100.254
 
now my GW responses for ping, but internet - no
How I coud resolve this problem.
 
P.S. sorry for my english
Best regards
=
Xawiers
------=_NextPart_000_0018_01C1CDCA.0CF4EB30-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 11:28:59 2002 Delivered-To: freebsd-net@freebsd.org Received: from rack.purplecat.net (rack.purplecat.net [208.133.44.46]) by hub.freebsd.org (Postfix) with ESMTP id 2764A37B404 for ; Mon, 18 Mar 2002 11:28:42 -0800 (PST) Received: (qmail 8376 invoked from network); 18 Mar 2002 19:28:41 -0000 Received: from unknown (HELO lap) (208.150.26.35) by rack.purplecat.net with SMTP; 18 Mar 2002 19:28:41 -0000 From: "Peter Brezny" To: Subject: icmp 5 Date: Mon, 18 Mar 2002 14:33:34 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Everyone, Where can i find an explanation of the different icmp types. I ran across some standard firewall rulesets that say these types are required: # Allow required ICMP $fwcmd add allow icmp from any to any icmptypes 3,4,11,12 keep-state And now I've got a cisco router that's wanting a response from an icmp type 5. What is type 5 for, and where can i get some more info on the different types in an icmp packet. Well, I just partly answered my question with a quick google search for icmp type http://www.iana.org/assignments/icmp-parameters However, I'm still needing some more info. Why would my router be sending redirect ICMP info to this host? And are the required ICMP types in the firewall rule above really adequate? Here's what's showing up in the system report: > ipfw: 65435 Deny ICMP:5.0 router.ip.address host.ip.adress in via xl0 Where the host has only the following icmp types allowed. # Allow required ICMP $fwcmd add allow icmp from any to any icmptypes 3,4,11,12 keep-state Thanks, Peter Brezny purplecat.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 13: 8:41 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx2.nersc.gov (mx2.nersc.gov [128.55.6.22]) by hub.freebsd.org (Postfix) with ESMTP id D426E37B497 for ; Mon, 18 Mar 2002 13:07:38 -0800 (PST) Received: from gemini.nersc.gov (gemini.nersc.gov [128.55.16.111]) by mx2.nersc.gov (Postfix) with ESMTP id 8ED115924; Mon, 18 Mar 2002 13:07:38 -0800 (PST) Received: from gemini.nersc.gov (localhost [127.0.0.1]) by gemini.nersc.gov (Postfix) with ESMTP id 24C2B3B1AB; Mon, 18 Mar 2002 13:07:38 -0800 (PST) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: "Peter Brezny" Cc: freebsd-net@FreeBSD.ORG Subject: Re: icmp 5 In-Reply-To: Message from "Peter Brezny" of "Mon, 18 Mar 2002 14:33:34 EST." Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_-1981109936P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Mon, 18 Mar 2002 13:07:38 -0800 From: Eli Dart Message-Id: <20020318210738.24C2B3B1AB@gemini.nersc.gov> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --==_Exmh_-1981109936P Content-Type: text/plain; charset=us-ascii less /usr/include/netinet/ip_icmp.h The stuff that I think you want starts around line 135. Looking at a copy of Stevens TCP/IP Illustrated vol. 1 might also help, but I always just read the header file to find out what's what. --eli In reply to "Peter Brezny" : > Hi Everyone, > > Where can i find an explanation of the different icmp types. > > I ran across some standard firewall rulesets that say these types are > required: > # Allow required ICMP > $fwcmd add allow icmp from any to any icmptypes 3,4,11,12 keep-state > > And now I've got a cisco router that's wanting a response from an icmp type > 5. > > What is type 5 for, and where can i get some more info on the different > types in an icmp packet. > > Well, I just partly answered my question with a quick google search for icmp > type > > http://www.iana.org/assignments/icmp-parameters > > > However, I'm still needing some more info. Why would my router be sending > redirect ICMP info to this host? > > And are the required ICMP types in the firewall rule above really adequate? > > Here's what's showing up in the system report: > > ipfw: 65435 Deny ICMP:5.0 router.ip.address host.ip.adress in via xl0 > > Where the host has only the following icmp types allowed. > > # Allow required ICMP > $fwcmd add allow icmp from any to any icmptypes 3,4,11,12 keep-state > > Thanks, > > Peter Brezny > purplecat.net > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message --==_Exmh_-1981109936P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: This is a comment. iD8DBQE8llcaLTFEeF+CsrMRAprpAKDiV+B5ACaCKeKwN8RRs3Apk9pskACfUPvs 7t3ELaDQV2Lw2UwU2DLJud8= =8nVP -----END PGP SIGNATURE----- --==_Exmh_-1981109936P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 14:10:10 2002 Delivered-To: freebsd-net@freebsd.org Received: from web9908.mail.yahoo.com (web9908.mail.yahoo.com [216.136.129.251]) by hub.freebsd.org (Postfix) with SMTP id 6BE9937B402 for ; Mon, 18 Mar 2002 14:10:08 -0800 (PST) Message-ID: <20020318221008.75203.qmail@web9908.mail.yahoo.com> Received: from [216.98.102.225] by web9908.mail.yahoo.com via HTTP; Mon, 18 Mar 2002 14:10:08 PST Date: Mon, 18 Mar 2002 14:10:08 -0800 (PST) From: W Alexander Hagen Subject: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. To: freebsd-net@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-1622885593-1016489408=:74311" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --0-1622885593-1016489408=:74311 Content-Type: text/plain; charset=us-ascii Whats the best way to find the event that forced the machine to hang. It becomes unrepsonsive, requiring a manual reboot. I checked messages and dmesg - nothing. Thanks Alex Hagen --------------------------------- Do You Yahoo!? Yahoo! Sports - live college hoops coverage --0-1622885593-1016489408=:74311 Content-Type: text/html; charset=us-ascii

 Whats the best way to find the event that forced the machine to hang. It becomes unrepsonsive, requiring a manual reboot.

I checked messages and dmesg - nothing.

Thanks Alex Hagen


Do You Yahoo!?
Yahoo! Sports - live college hoops coverage --0-1622885593-1016489408=:74311-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 14:19:35 2002 Delivered-To: freebsd-net@freebsd.org Received: from web9904.mail.yahoo.com (web9904.mail.yahoo.com [216.136.129.247]) by hub.freebsd.org (Postfix) with SMTP id C832937B402 for ; Mon, 18 Mar 2002 14:19:32 -0800 (PST) Message-ID: <20020318221932.43835.qmail@web9904.mail.yahoo.com> Received: from [216.98.102.225] by web9904.mail.yahoo.com via HTTP; Mon, 18 Mar 2002 14:19:32 PST Date: Mon, 18 Mar 2002 14:19:32 -0800 (PST) From: W Alexander Hagen Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. To: W Alexander Hagen , freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-109130750-1016489972=:42389" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --0-109130750-1016489972=:42389 Content-Type: text/plain; charset=us-ascii Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. It seems to be aggravated by large file transfers W Alexander Hagen wrote: Whats the best way to find the event that forced the machine to hang. It becomes unrepsonsive, requiring a manual reboot. I checked messages and dmesg - nothing. Thanks Alex Hagen --------------------------------- Do You Yahoo!? Yahoo! Sports - live college hoops coverage --------------------------------- Do You Yahoo!? Yahoo! Sports - live college hoops coverage --0-109130750-1016489972=:42389 Content-Type: text/html; charset=us-ascii

Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes.

It seems to be aggravated by large file transfers

  W Alexander Hagen <aligzanduh@yahoo.com> wrote:

 Whats the best way to find the event that forced the machine to hang. It becomes unrepsonsive, requiring a manual reboot.

I checked messages and dmesg - nothing.

Thanks Alex Hagen


Do You Yahoo!?
Yahoo! Sports - live college hoops coverage


Do You Yahoo!?
Yahoo! Sports - live college hoops coverage --0-109130750-1016489972=:42389-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 14:36: 8 2002 Delivered-To: freebsd-net@freebsd.org Received: from tao.org.uk (genius.tao.org.uk [212.135.162.51]) by hub.freebsd.org (Postfix) with ESMTP id C9B8037B400 for ; Mon, 18 Mar 2002 14:36:03 -0800 (PST) Received: by tao.org.uk (Postfix, from userid 100) id 5E0AA87; Mon, 18 Mar 2002 22:35:07 +0000 (GMT) Date: Mon, 18 Mar 2002 22:35:07 +0000 From: Josef Karthauser To: W Alexander Hagen Cc: freebsd-net@freebsd.org Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. Message-ID: <20020318223507.GC76731@genius.tao.org.uk> References: <20020318221932.43835.qmail@web9904.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4jXrM3lyYWu4nBt5" Content-Disposition: inline In-Reply-To: <20020318221932.43835.qmail@web9904.mail.yahoo.com> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --4jXrM3lyYWu4nBt5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 18, 2002 at 02:19:32PM -0800, W Alexander Hagen wrote: >=20 > Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. What's REL_ENG 4.3 p28? Have you tried upgrading to the RELENG_4 branch in our cvs repository? We're currently up to RELENG_4_5_0_RELEASE, which was the last release. You look like you're running something based on 4.3. Joe --4jXrM3lyYWu4nBt5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjyWa5oACgkQXVIcjOaxUBbrzQCfbJwL5xQIi3aIb1yIZNHQc2sr QoQAoO0gRI8Dc7cGvSks7kvZxoFz2uGv =1QwM -----END PGP SIGNATURE----- --4jXrM3lyYWu4nBt5-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 14:53:40 2002 Delivered-To: freebsd-net@freebsd.org Received: from web9904.mail.yahoo.com (web9904.mail.yahoo.com [216.136.129.247]) by hub.freebsd.org (Postfix) with SMTP id E442A37B425 for ; Mon, 18 Mar 2002 14:53:13 -0800 (PST) Message-ID: <20020318225313.45861.qmail@web9904.mail.yahoo.com> Received: from [216.98.102.225] by web9904.mail.yahoo.com via HTTP; Mon, 18 Mar 2002 14:53:13 PST Date: Mon, 18 Mar 2002 14:53:13 -0800 (PST) From: W Alexander Hagen Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. To: Josef Karthauser Cc: freebsd-net@freebsd.org In-Reply-To: <20020318223507.GC76731@genius.tao.org.uk> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-369975737-1016491993=:45165" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --0-369975737-1016491993=:45165 Content-Type: text/plain; charset=us-ascii Well and good. p28 is the cvsup revision level. My question is how do I find out what is causing the system to crash. Are there any good articles on this ? should I turn everythinh to max log and verbose output ? can I monitor the system ? And can all this be done in an eight hour period of time ? I like to understand the problem, before upgrading out of it. This is the 28th patch of REL ENG 4.3 after all. It should be very stable. This machine has two four port nic cards. Josef Karthauser wrote: On Mon, Mar 18, 2002 at 02:19:32PM -0800, W Alexander Hagen wrote: > > Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. What's REL_ENG 4.3 p28? Have you tried upgrading to the RELENG_4 branch in our cvs repository? We're currently up to RELENG_4_5_0_RELEASE, which was the last release. You look like you're running something based on 4.3. Joe > ATTACHMENT part 2 application/pgp-signature --------------------------------- Do You Yahoo!? Yahoo! Sports - live college hoops coverage --0-369975737-1016491993=:45165 Content-Type: text/html; charset=us-ascii

Well and good. p28 is the cvsup revision level. My question is how do I find out what is causing the system to crash.

Are there any good articles on this ? should I turn everythinh to max log and verbose output ? can I monitor the system ? And can all this be done in an eight hour period of time ?

I like to understand the problem, before upgrading out of it. This is the 28th patch of REL ENG 4.3 after all. It should be very stable.

This machine has two four port nic cards.

  Josef Karthauser <joe@tao.org.uk> wrote:

On Mon, Mar 18, 2002 at 02:19:32PM -0800, W Alexander Hagen wrote:
>
> Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes.

What's REL_ENG 4.3 p28?

Have you tried upgrading to the RELENG_4 branch in our cvs repository?
We're currently up to RELENG_4_5_0_RELEASE, which was the last release.
You look like you're running something based on 4.3.

Joe
> ATTACHMENT part 2 application/pgp-signature


Do You Yahoo!?
Yahoo! Sports - live college hoops coverage --0-369975737-1016491993=:45165-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 15: 5:54 2002 Delivered-To: freebsd-net@freebsd.org Received: from tao.org.uk (genius.tao.org.uk [212.135.162.51]) by hub.freebsd.org (Postfix) with ESMTP id 8E26037B419 for ; Mon, 18 Mar 2002 15:05:48 -0800 (PST) Received: by tao.org.uk (Postfix, from userid 100) id 2951090; Mon, 18 Mar 2002 23:04:52 +0000 (GMT) Date: Mon, 18 Mar 2002 23:04:52 +0000 From: Josef Karthauser To: W Alexander Hagen Cc: freebsd-net@freebsd.org Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. Message-ID: <20020318230452.GC83798@genius.tao.org.uk> References: <20020318223507.GC76731@genius.tao.org.uk> <20020318225313.45861.qmail@web9904.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="c3bfwLpm8qysLVxt" Content-Disposition: inline In-Reply-To: <20020318225313.45861.qmail@web9904.mail.yahoo.com> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --c3bfwLpm8qysLVxt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 18, 2002 at 02:53:13PM -0800, W Alexander Hagen wrote: >=20 > Well and good. p28 is the cvsup revision level. My question is how > do I find out what is causing the system to crash. The revision level of what? Every file has it's own revision level, and there isn't a global revision number for the whole system. How are you getting the p28 number? > Are there any good articles on this ? should I turn everythinh to > max log and verbose output ? can I monitor the system ? And can all > this be done in an eight hour period of time ? > I like to understand the problem, before upgrading out of it. This > is the 28th patch of REL ENG 4.3 after all. It should be very stable. 4.3 is two whole major releases ago. You should be running 4.5, which you can get by cvsuping using the tag RELENG_4_5_0_RELEASE, or the tag RELENG_4 if you wish to be at the head of developments on the -stable branch. Joe --c3bfwLpm8qysLVxt Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjyWcpMACgkQXVIcjOaxUBaltQCfWHuEqK5jsgogFp4P5C6jD/7H cgsAn02K/V0KmSKHwPTzWU+NGHEZeplT =FSlJ -----END PGP SIGNATURE----- --c3bfwLpm8qysLVxt-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 15:21: 5 2002 Delivered-To: freebsd-net@freebsd.org Received: from gw.gbch.net (gw.gbch.net [203.143.238.93]) by hub.freebsd.org (Postfix) with SMTP id BADD437B420 for ; Mon, 18 Mar 2002 15:20:50 -0800 (PST) Received: (qmail 23667 invoked by uid 1001); 19 Mar 2002 09:20:48 +1000 X-Posted-By: GJB-Post 2.25 04-Mar-2002 X-Operating-System: FreeBSD 4.2-RELEASE i386 X-Uptime: 68 days, 15:38 X-Location: Brisbane, Australia; 27.49841S 152.98439E X-URL: http://www.gbch.net/gjb.html X-Image-URL: http://www.gbch.net/gjb/gjb-auug048.gif X-GPG-Fingerprint: EBB2 2A92 A79D 1533 AC00 3C46 5D83 B6FB 4B04 B7D6 X-PGP-Public-Keys: http://www.gbch.net/keys.html Message-Id: Date: Tue, 19 Mar 2002 09:20:48 +1000 From: Greg Black To: Josef Karthauser Cc: W Alexander Hagen , freebsd-net@freebsd.org Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. References: <20020318223507.GC76731@genius.tao.org.uk> <20020318225313.45861.qmail@web9904.mail.yahoo.com> <20020318230452.GC83798@genius.tao.org.uk> In-reply-to: <20020318230452.GC83798@genius.tao.org.uk> of Mon, 18 Mar 2002 23:04:52 GMT Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Josef Karthauser wrote: | > I like to understand the problem, before upgrading out of it. This | > is the 28th patch of REL ENG 4.3 after all. It should be very stable. | | 4.3 is two whole major releases ago. You should be running 4.5, which | you can get by cvsuping using the tag RELENG_4_5_0_RELEASE, or the tag | RELENG_4 if you wish to be at the head of developments on the -stable | branch. This is not wise advice. There are lots of circumstances where 4.3 is perfectly fine and can be shown to work while 4.4 and 4.5 are broken. I have had to revert to 4.3 on several machines after attempting unsuccessfully to run 4.4 and 4.5 (and current, for that matter). Greg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 15:57:42 2002 Delivered-To: freebsd-net@freebsd.org Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by hub.freebsd.org (Postfix) with SMTP id B781837B400; Mon, 18 Mar 2002 15:57:31 -0800 (PST) Received: from walton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP id ; 18 Mar 2002 23:57:30 +0000 (GMT) To: Josef Karthauser Cc: W Alexander Hagen , freebsd-net@freebsd.org, jedgar@freebsd.org, Eugene Grosbein , freebsd-stable@freebsd.org Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. In-Reply-To: Your message of "Mon, 18 Mar 2002 23:04:52 GMT." <20020318230452.GC83798@genius.tao.org.uk> Date: Mon, 18 Mar 2002 23:57:30 +0000 From: Ian Dowse Message-ID: <200203182357.aa63120@salmon.maths.tcd.ie> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In message <20020318230452.GC83798@genius.tao.org.uk>, Josef Karthauser writes: >The revision level of what? Every file has it's own revision level, and >there isn't a global revision number for the whole system. How are you >getting the p28 number? He means RELENG_4_3 patch level 28, which is the most recent security patch on that branch (approx 10 days ago). There have been a few reports now (see also kern/35969) of crashes that seem to correspond to the kernel zlib error-handling fix (it is RELENG_4_3 patch 27). Maybe it has some problems? Actually, just looking at the patch, I think it does... The patch moves the position of one of the ZFREE(z, s->sub.trees.blens); lines to after s->sub.decode.codes = c; but s->sub is a union, and s->sub.trees.blens aliases s->sub.decode.codes (on the i386 anyway), so the patch completely changes the behaviour. Could someone seeing crashes since this "fix" try the following patch? Ian Index: /usr/src/sys/net/zlib.c =================================================================== RCS file: /dump/FreeBSD-CVS/src/sys/net/zlib.c,v retrieving revision 1.11 diff -u -r1.11 zlib.c --- /usr/src/sys/net/zlib.c 17 Feb 2002 17:35:18 -0000 1.11 +++ /usr/src/sys/net/zlib.c 18 Mar 2002 23:48:08 -0000 @@ -3951,11 +3951,11 @@ r = Z_MEM_ERROR; LEAVE } + ZFREE(z, s->sub.trees.blens); s->sub.decode.codes = c; s->sub.decode.tl = tl; s->sub.decode.td = td; } - ZFREE(z, s->sub.trees.blens); s->mode = CODES; case CODES: UPDATE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 17:12:10 2002 Delivered-To: freebsd-net@freebsd.org Received: from web9903.mail.yahoo.com (web9903.mail.yahoo.com [216.136.129.246]) by hub.freebsd.org (Postfix) with SMTP id 62B7837B400 for ; Mon, 18 Mar 2002 17:12:05 -0800 (PST) Message-ID: <20020319011205.16224.qmail@web9903.mail.yahoo.com> Received: from [12.234.253.62] by web9903.mail.yahoo.com via HTTP; Mon, 18 Mar 2002 17:12:05 PST Date: Mon, 18 Mar 2002 17:12:05 -0800 (PST) From: W Alexander Hagen Subject: Interesting Validation of FreeBSD 4.3 To: research@docomolabs-usa.com Cc: W Alexander Hagen , freebsd-net@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-1105202560-1016500325=:15120" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --0-1105202560-1016500325=:15120 Content-Type: text/plain; charset=us-ascii Interesting Validation of FreeBSD 4.3 Greg Black wrote: Josef Karthauser wrote: | > I like to understand the problem, before upgrading out of it. This | > is the 28th patch of REL ENG 4.3 after all. It should be very stable. | | 4.3 is two whole major releases ago. You should be running 4.5, which | you can get by cvsuping using the tag RELENG_4_5_0_RELEASE, or the tag | RELENG_4 if you wish to be at the head of developments on the -stable | branch. This is not wise advice. There are lots of circumstances where 4.3 is perfectly fine and can be shown to work while 4.4 and 4.5 are broken. I have had to revert to 4.3 on several machines after attempting unsuccessfully to run 4.4 and 4.5 (and current, for that matter). Greg --------------------------------- Do You Yahoo!? Yahoo! Sports - live college hoops coverage --0-1105202560-1016500325=:15120 Content-Type: text/html; charset=us-ascii

Interesting Validation of FreeBSD 4.3

  Greg Black <gjb@gbch.net> wrote:

Josef Karthauser wrote:

| > I like to understand the problem, before upgrading out of it. This
| > is the 28th patch of REL ENG 4.3 after all. It should be very stable.
|
| 4.3 is two whole major releases ago. You should be running 4.5, which
| you can get by cvsuping using the tag RELENG_4_5_0_RELEASE, or the tag
| RELENG_4 if you wish to be at the head of developments on the -stable
| branch.

This is not wise advice. There are lots of circumstances where
4.3 is perfectly fine and can be shown to work while 4.4 and 4.5
are broken. I have had to revert to 4.3 on several machines
after attempting unsuccessfully to run 4.4 and 4.5 (and current,
for that matter).

Greg


Do You Yahoo!?
Yahoo! Sports - live college hoops coverage --0-1105202560-1016500325=:15120-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 17:36: 5 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc54.attbi.com (rwcrmhc54.attbi.com [216.148.227.87]) by hub.freebsd.org (Postfix) with ESMTP id 9C60A37B416 for ; Mon, 18 Mar 2002 17:36:01 -0800 (PST) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc54.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020319013600.GIET1214.rwcrmhc54.attbi.com@blossom.cjclark.org>; Tue, 19 Mar 2002 01:36:00 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g2J1a0R61418; Mon, 18 Mar 2002 17:36:00 -0800 (PST) (envelope-from cjc) Date: Mon, 18 Mar 2002 17:35:56 -0800 From: "Crist J. Clark" To: Peter Brezny Cc: freebsd-net@FreeBSD.ORG Subject: Re: icmp 5 Message-ID: <20020318173556.D60554@blossom.cjclark.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from pbrezny@purplecat.net on Mon, Mar 18, 2002 at 02:33:34PM -0500 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Mar 18, 2002 at 02:33:34PM -0500, Peter Brezny wrote: > Hi Everyone, > > Where can i find an explanation of the different icmp types. > > I ran across some standard firewall rulesets that say these types are > required: > # Allow required ICMP > $fwcmd add allow icmp from any to any icmptypes 3,4,11,12 keep-state > > And now I've got a cisco router that's wanting a response from an icmp type > 5. > > What is type 5 for, and where can i get some more info on the different > types in an icmp packet. > > Well, I just partly answered my question with a quick google search for icmp > type > > http://www.iana.org/assignments/icmp-parameters > > > However, I'm still needing some more info. Why would my router be sending > redirect ICMP info to this host? Go to the source. RFC 792. > And are the required ICMP types in the firewall rule above really adequate? They are definately not inadequate in the sense that they are not permissive enough. People can do Really Bad Things with redirect messages. > Here's what's showing up in the system report: > > ipfw: 65435 Deny ICMP:5.0 router.ip.address host.ip.adress in via xl0 Run, # tcpdump -nvv -ixl0 'icmp' To see what packets are generating the redirects. You may wish to change your routing accordingly. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 17:47:48 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d181.as29.nwbl0.wi.voyager.net [169.207.73.183]) by hub.freebsd.org (Postfix) with ESMTP id CE39A37B402 for ; Mon, 18 Mar 2002 17:47:37 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2J1jnjJ046343; Tue, 19 Mar 2002 01:45:49 GMT (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2J1jdlW046340; Mon, 18 Mar 2002 19:45:40 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Mon, 18 Mar 2002 19:45:39 -0600 (CST) From: Mike Silbersack To: Greg Black Cc: Josef Karthauser , W Alexander Hagen , Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. In-Reply-To: Message-ID: <20020318194421.Y45592-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 19 Mar 2002, Greg Black wrote: > Josef Karthauser wrote: > > | 4.3 is two whole major releases ago. You should be running 4.5, which > | you can get by cvsuping using the tag RELENG_4_5_0_RELEASE, or the tag > | RELENG_4 if you wish to be at the head of developments on the -stable > | branch. > > This is not wise advice. There are lots of circumstances where > 4.3 is perfectly fine and can be shown to work while 4.4 and 4.5 > are broken. I have had to revert to 4.3 on several machines > after attempting unsuccessfully to run 4.4 and 4.5 (and current, > for that matter). > > Greg Which PRs describe the problems encountered? Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 18: 3:39 2002 Delivered-To: freebsd-net@freebsd.org Received: from gw.gbch.net (gw.gbch.net [203.143.238.93]) by hub.freebsd.org (Postfix) with SMTP id 7986337B416 for ; Mon, 18 Mar 2002 18:03:31 -0800 (PST) Received: (qmail 34856 invoked by uid 1001); 19 Mar 2002 12:03:29 +1000 X-Posted-By: GJB-Post 2.25 04-Mar-2002 X-Operating-System: FreeBSD 4.2-RELEASE i386 X-Uptime: 68 days, 18:21 X-Location: Brisbane, Australia; 27.49841S 152.98439E X-URL: http://www.gbch.net/gjb.html X-Image-URL: http://www.gbch.net/gjb/gjb-auug048.gif X-GPG-Fingerprint: EBB2 2A92 A79D 1533 AC00 3C46 5D83 B6FB 4B04 B7D6 X-PGP-Public-Keys: http://www.gbch.net/keys.html Message-Id: Date: Tue, 19 Mar 2002 12:03:28 +1000 From: Greg Black To: Mike Silbersack Cc: Josef Karthauser , W Alexander Hagen , freebsd-net@freebsd.org Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. References: <20020318194421.Y45592-100000@patrocles.silby.com> In-reply-to: <20020318194421.Y45592-100000@patrocles.silby.com> of Mon, 18 Mar 2002 19:45:39 CST Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Mike Silbersack wrote: | On Tue, 19 Mar 2002, Greg Black wrote: | | > Josef Karthauser wrote: | > | > | 4.3 is two whole major releases ago. You should be running 4.5, which | > | you can get by cvsuping using the tag RELENG_4_5_0_RELEASE, or the tag | > | RELENG_4 if you wish to be at the head of developments on the -stable | > | branch. | > | > This is not wise advice. There are lots of circumstances where | > 4.3 is perfectly fine and can be shown to work while 4.4 and 4.5 | > are broken. I have had to revert to 4.3 on several machines | > after attempting unsuccessfully to run 4.4 and 4.5 (and current, | > for that matter). | | Which PRs describe the problems encountered? I have not submitted a PR yet. I have raised the problems on the FreeBSD mailing lists several times since 4.4-RELEASE and have had some correspondence with Warner Losh and Greg Lehey in vain attempts to establish some basis for working towards a solution. In essence, I have laptops that work fine with PCMCIA cards under 4.3 but which don't recognise them at all under later releases (including 4.4, 4.5 and current as of a few weeks ago). The symptoms, as reported several times, are: * Failure to boot without the following magic in /boot/loader.conf: hw.pcic.intr_path="1" hw.pcic.irq="0" * Boot message that says: pccard: card inserted, slot 0 pcic0: Static bug detected, ignoring hardware. These messages are printed whether or not there is a card in the slot. * As a result of the previous item, naturally the PCMCIA cards don't work when inserted. The same machines, when running 4.3-RELEASE, drive my PCMCIA cards just fine. I have CURRENT on one of these boxes and could CVS update it for further tests if somebody can suggest where to start looking. If it would really help to submit a PR at this point, I suppose I could do that. It seems to me that it would be more useful to learn a bit more first. Greg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 20: 3:59 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d127.as28.nwbl0.wi.voyager.net [169.207.71.193]) by hub.freebsd.org (Postfix) with ESMTP id 7B3E237B404 for ; Mon, 18 Mar 2002 20:03:54 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2J420jJ047125; Tue, 19 Mar 2002 04:02:00 GMT (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2J41fKI047122; Mon, 18 Mar 2002 22:01:49 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Mon, 18 Mar 2002 22:01:41 -0600 (CST) From: Mike Silbersack To: Greg Black Cc: Josef Karthauser , W Alexander Hagen , Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. In-Reply-To: Message-ID: <20020318213817.W45592-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 19 Mar 2002, Greg Black wrote: > Mike Silbersack wrote: > > | Which PRs describe the problems encountered? > > I have not submitted a PR yet. I have raised the problems on > the FreeBSD mailing lists several times since 4.4-RELEASE and > have had some correspondence with Warner Losh and Greg Lehey in > vain attempts to establish some basis for working towards a > solution. > > In essence, I have laptops that work fine with PCMCIA cards > under 4.3 but which don't recognise them at all under later > releases (including 4.4, 4.5 and current as of a few weeks > ago). The symptoms, as reported several times, are: Ah, PCMCIA... I can't help there. :) You weren't very specific in your earlier message, and I (incorrectly) assumed that you were talking about more general problems (which I could work on.) Good luck, I'm sure Warner will get it all working one of these days. He does commit to -current a lot, so there is the possibility that it is already fixed. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 20:11:16 2002 Delivered-To: freebsd-net@freebsd.org Received: from web9906.mail.yahoo.com (web9906.mail.yahoo.com [216.136.129.249]) by hub.freebsd.org (Postfix) with SMTP id A4DBB37B402 for ; Mon, 18 Mar 2002 20:11:11 -0800 (PST) Message-ID: <20020319041111.22283.qmail@web9906.mail.yahoo.com> Received: from [12.234.253.62] by web9906.mail.yahoo.com via HTTP; Mon, 18 Mar 2002 20:11:11 PST Date: Mon, 18 Mar 2002 20:11:11 -0800 (PST) From: W Alexander Hagen Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. To: Mike Silbersack , Greg Black Cc: Josef Karthauser , W Alexander Hagen , freebsd-net@freebsd.org In-Reply-To: <20020318213817.W45592-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-2136194517-1016511071=:19531" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --0-2136194517-1016511071=:19531 Content-Type: text/plain; charset=us-ascii How do I find out how to run the box so it outputs the errant code line when it crashes ? Is there a good faq ? Mike Silbersack wrote: On Tue, 19 Mar 2002, Greg Black wrote: > Mike Silbersack wrote: > > | Which PRs describe the problems encountered? > > I have not submitted a PR yet. I have raised the problems on > the FreeBSD mailing lists several times since 4.4-RELEASE and > have had some correspondence with Warner Losh and Greg Lehey in > vain attempts to establish some basis for working towards a > solution. > > In essence, I have laptops that work fine with PCMCIA cards > under 4.3 but which don't recognise them at all under later > releases (including 4.4, 4.5 and current as of a few weeks > ago). The symptoms, as reported several times, are: Ah, PCMCIA... I can't help there. :) You weren't very specific in your earlier message, and I (incorrectly) assumed that you were talking about more general problems (which I could work on.) Good luck, I'm sure Warner will get it all working one of these days. He does commit to -current a lot, so there is the possibility that it is already fixed. Mike "Silby" Silbersack --------------------------------- Do You Yahoo!? Yahoo! Sports - live college hoops coverage --0-2136194517-1016511071=:19531 Content-Type: text/html; charset=us-ascii

How do I find out how to run the box so it outputs the errant code line when it crashes ? Is there a good faq ?

  Mike Silbersack <silby@silby.com> wrote:


On Tue, 19 Mar 2002, Greg Black wrote:

> Mike Silbersack wrote:
>
> | Which PRs describe the problems encountered?
>
> I have not submitted a PR yet. I have raised the problems on
> the FreeBSD mailing lists several times since 4.4-RELEASE and
> have had some correspondence with Warner Losh and Greg Lehey in
> vain attempts to establish some basis for working towards a
> solution.
>
> In essence, I have laptops that work fine with PCMCIA cards
> under 4.3 but which don't recognise them at all under later
> releases (including 4.4, 4.5 and current as of a few weeks
> ago). The symptoms, as reported several times, are:

Ah, PCMCIA... I can't help there. :)

You weren't very specific in your earlier message, and I (incorrectly)
assumed that you were talking about more general problems (which I could
work on.)

Good luck, I'm sure Warner will get it all working one of these days. He
does commit to -current a lot, so there is the possibility that it is
already fixed.

Mike "Silby" Silbersack


Do You Yahoo!?
Yahoo! Sports - live college hoops coverage --0-2136194517-1016511071=:19531-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 21:30:24 2002 Delivered-To: freebsd-net@freebsd.org Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by hub.freebsd.org (Postfix) with ESMTP id 722BE37B400 for ; Mon, 18 Mar 2002 21:30:17 -0800 (PST) Received: from svzserv.kemerovo.su (kost [213.184.65.82]) by www.svzserv.kemerovo.su (8.11.6/8.11.6) with ESMTP id g2J5UE572693 for ; Tue, 19 Mar 2002 12:30:15 +0700 (KRAT) (envelope-from eugen@svzserv.kemerovo.su) Message-ID: <3C96CCDA.C54342F5@svzserv.kemerovo.su> Date: Tue, 19 Mar 2002 12:30:02 +0700 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.79 [en] (Win95; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: net@freebsd.org Subject: natd and static nat for different subnets Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi! man natd says it's possible to implement static nat with one public address for the set of private hosts. It's very useful. Suppose we have many tens of separated private networks each having its own public address and own gateway. Is is possible to configure natd to do static nat for network masks, not only for sets of hosts? I'd like to say: redirect_address 172.20.2.0/24 123.45.56.78 redirect_address 172.20.2.1 123.45.56.78 so incoming traffic for 123.45.56.78 is translated to 172.20.2.1 and all outgoing traffic from the whole net 172.20.2.0/24 is aliases to appear from 123.45.56.78? It seems natd can't do that now. So how can it be achived without flooding config of natd with all those IPs from all those networks? Eugene Grosbein P.S. Please CC me when replying. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 22:51:47 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc53.attbi.com (rwcrmhc53.attbi.com [204.127.198.39]) by hub.freebsd.org (Postfix) with ESMTP id 47BF437B400 for ; Mon, 18 Mar 2002 22:51:44 -0800 (PST) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc53.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020319065143.GUFL2951.rwcrmhc53.attbi.com@blossom.cjclark.org>; Tue, 19 Mar 2002 06:51:43 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g2J6pf864938; Mon, 18 Mar 2002 22:51:41 -0800 (PST) (envelope-from cjc) Date: Mon, 18 Mar 2002 22:51:41 -0800 From: "Crist J. Clark" To: Eugene Grosbein Cc: net@FreeBSD.ORG Subject: Re: natd and static nat for different subnets Message-ID: <20020318225141.I60554@blossom.cjclark.org> References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3C96CCDA.C54342F5@svzserv.kemerovo.su>; from eugen@svzserv.kemerovo.su on Tue, Mar 19, 2002 at 12:30:02PM +0700 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Mar 19, 2002 at 12:30:02PM +0700, Eugene Grosbein wrote: > Hi! > > man natd says it's possible to implement static nat with one public address > for the set of private hosts. It's very useful. > > Suppose we have many tens of separated private networks each having its own > public address and own gateway. Is is possible to configure natd to do > static nat for network masks, not only for sets of hosts? I'd like to > say: > > redirect_address 172.20.2.0/24 123.45.56.78 > redirect_address 172.20.2.1 123.45.56.78 > > so incoming traffic for 123.45.56.78 is translated to 172.20.2.1 > and all outgoing traffic from the whole net 172.20.2.0/24 is aliases > to appear from 123.45.56.78? > > It seems natd can't do that now. So how can it be achived without > flooding config of natd with all those IPs from all those networks? You can run multiple natd(8)s and control which block each one translates with their firewall divert(4) rules. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 18 23:31:34 2002 Delivered-To: freebsd-net@freebsd.org Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by hub.freebsd.org (Postfix) with ESMTP id 6739637B404; Mon, 18 Mar 2002 23:31:28 -0800 (PST) Received: from svzserv.kemerovo.su (kost [213.184.65.82]) by www.svzserv.kemerovo.su (8.11.6/8.11.6) with ESMTP id g2J7VN580859; Tue, 19 Mar 2002 14:31:23 +0700 (KRAT) (envelope-from eugen@svzserv.kemerovo.su) Message-ID: <3C96E940.95335672@svzserv.kemerovo.su> Date: Tue, 19 Mar 2002 14:31:12 +0700 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.79 [en] (Win95; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: "Crist J. Clark" Cc: net@FreeBSD.ORG Subject: Re: natd and static nat for different subnets References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "Crist J. Clark" wrote: > > Suppose we have many tens of separated private networks each having its own > > public address and own gateway. Is is possible to configure natd to do > > static nat for network masks, not only for sets of hosts? I'd like to > > say: > > > > redirect_address 172.20.2.0/24 123.45.56.78 > > redirect_address 172.20.2.1 123.45.56.78 > > > > so incoming traffic for 123.45.56.78 is translated to 172.20.2.1 > > and all outgoing traffic from the whole net 172.20.2.0/24 is aliases > > to appear from 123.45.56.78? > > > > It seems natd can't do that now. So how can it be achived without > > flooding config of natd with all those IPs from all those networks? > > You can run multiple natd(8)s and control which block each one > translates with their firewall divert(4) rules. I think running tens copies of natd is not wise. Would it be hard to implement this? Is it issue of natd itself or of libalias? Eugene Grosbein To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 0:15:52 2002 Delivered-To: freebsd-net@freebsd.org Received: from migla.ktu.lt (migla.ktu.lt [193.219.160.134]) by hub.freebsd.org (Postfix) with ESMTP id 02F9C37B404 for ; Tue, 19 Mar 2002 00:15:49 -0800 (PST) Received: by migla.ktu.lt (Postfix, from userid 1000) id 3EA8EEC11; Tue, 19 Mar 2002 10:23:34 +0200 (EET) Date: Tue, 19 Mar 2002 10:23:34 +0200 From: Nerijus Bendziunas To: freebsd-net@freebsd.org Subject: problems with games that use udp Message-ID: <20020319102334.A53618@migla.ktu.lt> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org hi, I have problem: LAN<->Server(FreeBSD 4.5 Stable ipnat)<->internet Users want to play games like quake, counter strike, etc( games that use udp). They can make only one conection per server. for example: if someone connects to quake.lt- the others can't connect there. #cat /etc/ipnat.rules map rl0 10.10.0.0/16 -> 193.219.160.134/32 Default firewall rule is allow all. i don't deny any udp traffic. I've searched the web and found that under linux there are kernel modules, like ip_masq_quake. How could i make it under freebsd? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 0:44: 1 2002 Delivered-To: freebsd-net@freebsd.org Received: from sulphur.cix.co.uk (sulphur.cix.co.uk [212.35.225.149]) by hub.freebsd.org (Postfix) with ESMTP id 33CFD37B400 for ; Tue, 19 Mar 2002 00:43:56 -0800 (PST) Received: from LEECH (170.234.35.212.in-addr.arpa.ip-pool.cix.co.uk [212.35.234.170]) by sulphur.cix.co.uk (8.11.3/CIX/8.11.3) with SMTP id g2J8i9L13996; Tue, 19 Mar 2002 08:44:10 GMT X-Envelope-From: owen.grover@ts-associates.com From: "Owen Grover" To: "Greg Black" Cc: Subject: RE: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. Date: Tue, 19 Mar 2002 08:41:33 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm glad someone else has mentioned this as I have had similar PCMCIA problems with my Tosh Tecra 8100 laptop and I've had to revert back to 4.3. Owen -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Greg Black Sent: 19 March 2002 02:03 To: Mike Silbersack Cc: Josef Karthauser; W Alexander Hagen; freebsd-net@FreeBSD.ORG Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. Mike Silbersack wrote: | On Tue, 19 Mar 2002, Greg Black wrote: | | > Josef Karthauser wrote: | > | > | 4.3 is two whole major releases ago. You should be running 4.5, which | > | you can get by cvsuping using the tag RELENG_4_5_0_RELEASE, or the tag | > | RELENG_4 if you wish to be at the head of developments on the -stable | > | branch. | > | > This is not wise advice. There are lots of circumstances where | > 4.3 is perfectly fine and can be shown to work while 4.4 and 4.5 | > are broken. I have had to revert to 4.3 on several machines | > after attempting unsuccessfully to run 4.4 and 4.5 (and current, | > for that matter). | | Which PRs describe the problems encountered? I have not submitted a PR yet. I have raised the problems on the FreeBSD mailing lists several times since 4.4-RELEASE and have had some correspondence with Warner Losh and Greg Lehey in vain attempts to establish some basis for working towards a solution. In essence, I have laptops that work fine with PCMCIA cards under 4.3 but which don't recognise them at all under later releases (including 4.4, 4.5 and current as of a few weeks ago). The symptoms, as reported several times, are: * Failure to boot without the following magic in /boot/loader.conf: hw.pcic.intr_path="1" hw.pcic.irq="0" * Boot message that says: pccard: card inserted, slot 0 pcic0: Static bug detected, ignoring hardware. These messages are printed whether or not there is a card in the slot. * As a result of the previous item, naturally the PCMCIA cards don't work when inserted. The same machines, when running 4.3-RELEASE, drive my PCMCIA cards just fine. I have CURRENT on one of these boxes and could CVS update it for further tests if somebody can suggest where to start looking. If it would really help to submit a PR at this point, I suppose I could do that. It seems to me that it would be more useful to learn a bit more first. Greg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 1:18:26 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by hub.freebsd.org (Postfix) with ESMTP id 8F3ED37B404 for ; Tue, 19 Mar 2002 01:18:23 -0800 (PST) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020319091823.PQMV2626.rwcrmhc51.attbi.com@blossom.cjclark.org>; Tue, 19 Mar 2002 09:18:23 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g2J9IMw65882; Tue, 19 Mar 2002 01:18:22 -0800 (PST) (envelope-from cjc) Date: Tue, 19 Mar 2002 01:18:22 -0800 From: "Crist J. Clark" To: Eugene Grosbein Cc: net@FreeBSD.org Subject: Re: natd and static nat for different subnets Message-ID: <20020319011822.K60554@blossom.cjclark.org> References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> <3C96E940.95335672@svzserv.kemerovo.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3C96E940.95335672@svzserv.kemerovo.su>; from eugen@svzserv.kemerovo.su on Tue, Mar 19, 2002 at 02:31:12PM +0700 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Mar 19, 2002 at 02:31:12PM +0700, Eugene Grosbein wrote: > "Crist J. Clark" wrote: > > > > Suppose we have many tens of separated private networks each having its own > > > public address and own gateway. Is is possible to configure natd to do > > > static nat for network masks, not only for sets of hosts? I'd like to > > > say: > > > > > > redirect_address 172.20.2.0/24 123.45.56.78 > > > redirect_address 172.20.2.1 123.45.56.78 > > > > > > so incoming traffic for 123.45.56.78 is translated to 172.20.2.1 > > > and all outgoing traffic from the whole net 172.20.2.0/24 is aliases > > > to appear from 123.45.56.78? > > > > > > It seems natd can't do that now. So how can it be achived without > > > flooding config of natd with all those IPs from all those networks? > > > > You can run multiple natd(8)s and control which block each one > > translates with their firewall divert(4) rules. > > I think running tens copies of natd is not wise. natd(8)'s memory footprint isn't too big. As long as you have the RAM for it, I don't think running multiple natd(8)'s would be too bad. But I've never run more than two. > Would it be hard to implement this? Probably not too bad. Apparently no stampede for this functionality though. There usually is not a lot to gain by mapping different internal networks to different external addresses except maybe some warm fuzzies. > Is it issue of natd itself or of libalias? I think it's more of a libalias(3) issue. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 1:22:22 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc54.attbi.com (rwcrmhc54.attbi.com [216.148.227.87]) by hub.freebsd.org (Postfix) with ESMTP id 336B237B400 for ; Tue, 19 Mar 2002 01:22:19 -0800 (PST) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc54.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020319092218.SURH1214.rwcrmhc54.attbi.com@blossom.cjclark.org>; Tue, 19 Mar 2002 09:22:18 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g2J9MIv65916; Tue, 19 Mar 2002 01:22:18 -0800 (PST) (envelope-from cjc) Date: Tue, 19 Mar 2002 01:22:18 -0800 From: "Crist J. Clark" To: Nerijus Bendziunas Cc: freebsd-net@FreeBSD.ORG Subject: Re: problems with games that use udp Message-ID: <20020319012218.L60554@blossom.cjclark.org> References: <20020319102334.A53618@migla.ktu.lt> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020319102334.A53618@migla.ktu.lt>; from device@migla.ktu.lt on Tue, Mar 19, 2002 at 10:23:34AM +0200 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Mar 19, 2002 at 10:23:34AM +0200, Nerijus Bendziunas wrote: > hi, > I have problem: > LAN<->Server(FreeBSD 4.5 Stable ipnat)<->internet > Users want to play games like quake, counter strike, etc( games that use udp). > They can make only one conection per server. > for example: > if someone connects to quake.lt- the others can't connect there. > > #cat /etc/ipnat.rules > map rl0 10.10.0.0/16 -> 193.219.160.134/32 > > Default firewall rule is allow all. i don't deny any udp traffic. > > I've searched the web and found that under linux there are kernel modules, like > ip_masq_quake. > > How could i make it under freebsd? If it requires an application layer proxy, and you are using ipnat(8), you can go look for IPFilter resources like, ipfilter@coombs.anu.edu.au. If you want to change to natd(8), you can try to make your own alias_quake.c for src/lib/libalias. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 1:26:47 2002 Delivered-To: freebsd-net@freebsd.org Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by hub.freebsd.org (Postfix) with ESMTP id 4CEFE37B404; Tue, 19 Mar 2002 01:26:38 -0800 (PST) Received: from svzserv.kemerovo.su (kost [213.184.65.82]) by www.svzserv.kemerovo.su (8.11.6/8.11.6) with ESMTP id g2J9QV589345; Tue, 19 Mar 2002 16:26:31 +0700 (KRAT) (envelope-from eugen@svzserv.kemerovo.su) Message-ID: <3C97043B.449715B2@svzserv.kemerovo.su> Date: Tue, 19 Mar 2002 16:26:19 +0700 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.79 [en] (Win95; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: "Crist J. Clark" Cc: net@FreeBSD.org Subject: Re: natd and static nat for different subnets References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> <3C96E940.95335672@svzserv.kemerovo.su> <20020319011822.K60554@blossom.cjclark.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "Crist J. Clark" wrote: > > Would it be hard to implement this? > > Probably not too bad. Apparently no stampede for this functionality > though. There usually is not a lot to gain by mapping different > internal networks to different external addresses except maybe some > warm fuzzies. Consider small-to-medium ISP and consumer's networks with little demand of real IP addresses. > > Is it issue of natd itself or of libalias? > I think it's more of a libalias(3) issue. Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 1:53: 2 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc54.attbi.com (rwcrmhc54.attbi.com [216.148.227.87]) by hub.freebsd.org (Postfix) with ESMTP id 19BBF37B402 for ; Tue, 19 Mar 2002 01:53:00 -0800 (PST) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc54.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020319095259.SZUN1214.rwcrmhc54.attbi.com@blossom.cjclark.org>; Tue, 19 Mar 2002 09:52:59 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g2J9qxN66033; Tue, 19 Mar 2002 01:52:59 -0800 (PST) (envelope-from cjc) Date: Tue, 19 Mar 2002 01:52:59 -0800 From: "Crist J. Clark" To: Eugene Grosbein Cc: net@FreeBSD.org Subject: Re: natd and static nat for different subnets Message-ID: <20020319015259.M60554@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> <3C96E940.95335672@svzserv.kemerovo.su> <20020319011822.K60554@blossom.cjclark.org> <3C97043B.449715B2@svzserv.kemerovo.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3C97043B.449715B2@svzserv.kemerovo.su>; from eugen@svzserv.kemerovo.su on Tue, Mar 19, 2002 at 04:26:19PM +0700 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Mar 19, 2002 at 04:26:19PM +0700, Eugene Grosbein wrote: > "Crist J. Clark" wrote: > > > > Would it be hard to implement this? > > > > Probably not too bad. Apparently no stampede for this functionality > > though. There usually is not a lot to gain by mapping different > > internal networks to different external addresses except maybe some > > warm fuzzies. > > Consider small-to-medium ISP and consumer's networks with little demand > of real IP addresses. OK... I considered them. I don't see what mapping different address blocks to a different address gains you. > > > Is it issue of natd itself or of libalias? > > I think it's more of a libalias(3) issue. > > Thanks. I forgot point out that ipnat(8) will do this as-is if that is an option for you. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 2: 3:10 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d127.as28.nwbl0.wi.voyager.net [169.207.71.193]) by hub.freebsd.org (Postfix) with ESMTP id 406C237B405 for ; Tue, 19 Mar 2002 02:03:06 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2JA1KjJ048411; Tue, 19 Mar 2002 10:01:20 GMT (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2JA0YQ6048408; Tue, 19 Mar 2002 04:00:49 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Tue, 19 Mar 2002 04:00:33 -0600 (CST) From: Mike Silbersack To: W Alexander Hagen Cc: Greg Black , Josef Karthauser , Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. In-Reply-To: <20020319041111.22283.qmail@web9906.mail.yahoo.com> Message-ID: <20020319035747.T48355-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 18 Mar 2002, W Alexander Hagen wrote: > > How do I find out how to run the box so it outputs the errant code line > when it crashes ? Is there a good faq ? Check out: http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug.html Part 16.4, "On-Line Kernel Debugging Using DDB" is what you should probably focus on. Once you compile DDB into the kernel, it should throw you into DDB whenever a system crash occurs. If the system seems to crash, but does not throw you into DDB, you can then try ctrl-alt-esc to manually enter it. In either case, you can then run "trace" to get a backtrace of where the problem occured. From that, we should be able to help you. If you can't even break into DDB whenever your computer crashes, then something is seriously wrong, _probably_ bad hardware of some sort. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 2:33:21 2002 Delivered-To: freebsd-net@freebsd.org Received: from migla.ktu.lt (migla.ktu.lt [193.219.160.134]) by hub.freebsd.org (Postfix) with ESMTP id 12E5C37B400 for ; Tue, 19 Mar 2002 02:33:18 -0800 (PST) Received: by migla.ktu.lt (Postfix, from userid 1000) id 30694EC3F; Tue, 19 Mar 2002 12:40:53 +0200 (EET) Date: Tue, 19 Mar 2002 12:40:53 +0200 From: Nerijus Bendziunas To: freebsd-net@freebsd.org Subject: Re: problems with games that use udp Message-ID: <20020319124053.A58337@migla.ktu.lt> References: <20020319102334.A53618@migla.ktu.lt> <20020319012218.L60554@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020319012218.L60554@blossom.cjclark.org>; from cjc@FreeBSD.ORG on Tue, Mar 19, 2002 at 01:22:18AM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Mar 19, 2002 at 01:22:18AM -0800, Crist J. Clark wrote: > If it requires an application layer proxy, and you are using ipnat(8), > you can go look for IPFilter resources like, > ipfilter@coombs.anu.edu.au. If you want to change to natd(8), you can > try to make your own alias_quake.c for src/lib/libalias. While I was using natd everything seemed to be OK. The problem accured when I was trying to use ipnat (oident works only with ipnat). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 9:37:39 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d123.as29.nwbl0.wi.voyager.net [169.207.73.123]) by hub.freebsd.org (Postfix) with ESMTP id 9F2E837B400 for ; Tue, 19 Mar 2002 09:37:32 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2JHZmjJ049770 for ; Tue, 19 Mar 2002 17:35:48 GMT (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2JHZmTA049767 for ; Tue, 19 Mar 2002 11:35:48 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Tue, 19 Mar 2002 11:35:48 -0600 (CST) From: Mike Silbersack To: freebsd-net@freebsd.org Subject: ephemeral port allocation - time for a change? Message-ID: <20020319111522.H49521-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org By filing PR docs/32041, Mark Blackman has reminded me of an issue that has been nagging me for some time now. As Mark points out, one of the likely problems in the sysadmin mag benchmark run last spring was that the system ran out of ephemeral ports. Unforunately, nobody caught this at the time, and the benchmarkers were unable to explain why freebsd hit a connection limit below that of the other OSes. Right now, we're still using the traditional port range of 1024-5000, which limits us to a little under 4000 distinct outgoing connections. AFAIK, other OSes have started transitioning to the now preferred port range of 49152-65535, which would give us about 4x more breathing room. Looking through the logs for in.h, I can see that peter attempted changing the port range to 20000-30000 about 6 years ago, but reverted the change because of firewall issues. My question is this: Is anyone aware of a reason that using 49152-65535 by default would cause problems today? I quickly looked through netstat -n on freefall, and it appears that many systems are using those ports for ephemeral usage these days. If no problems will be caused, I'd like to go ahead and make the switch so that people running systems with large numbers of outbound connections are less likely to bump into the limit. One other issue relating to this is that ephermal ports are shared across all IPs, meaning that the ephemeral port limit is currently a hard limit on the number of outbound connections that may be made. If one were to rewrite the port allocation code so that the limit applied to each IP individually, many of the problems of running out of ephemeral ports would be mitigated. However, this is not an easy change, and doesn't negate all of the advantages of expanding the usable port range as mentioned above. (For example, even with such code we'd still hit a limit when establishing multiple connections to a single service on a single box, as is probably done when benchmarking.) Thanks, Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 10:51:16 2002 Delivered-To: freebsd-net@freebsd.org Received: from web9902.mail.yahoo.com (web9902.mail.yahoo.com [216.136.129.37]) by hub.freebsd.org (Postfix) with SMTP id C6D9637B402 for ; Tue, 19 Mar 2002 10:51:09 -0800 (PST) Message-ID: <20020319185109.53474.qmail@web9902.mail.yahoo.com> Received: from [216.98.102.225] by web9902.mail.yahoo.com via HTTP; Tue, 19 Mar 2002 10:51:09 PST Date: Tue, 19 Mar 2002 10:51:09 -0800 (PST) From: W Alexander Hagen Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. To: Mike Silbersack Cc: Greg Black , Josef Karthauser , freebsd-net@freebsd.org In-Reply-To: <20020319035747.T48355-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-100745339-1016563869=:48530" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --0-100745339-1016563869=:48530 Content-Type: text/plain; charset=us-ascii The problem only occurs during large file transfers. This box has 10 10/100 cards and is acting as a router. Are there any sysctl parameters that I should look at to optimize operation as a router ? Mike Silbersack wrote: On Mon, 18 Mar 2002, W Alexander Hagen wrote: > > How do I find out how to run the box so it outputs the errant code line > when it crashes ? Is there a good faq ? Check out: http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug.html Part 16.4, "On-Line Kernel Debugging Using DDB" is what you should probably focus on. Once you compile DDB into the kernel, it should throw you into DDB whenever a system crash occurs. If the system seems to crash, but does not throw you into DDB, you can then try ctrl-alt-esc to manually enter it. In either case, you can then run "trace" to get a backtrace of where the problem occured. From that, we should be able to help you. If you can't even break into DDB whenever your computer crashes, then something is seriously wrong, _probably_ bad hardware of some sort. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message --------------------------------- Do You Yahoo!? Yahoo! Sports - live college hoops coverage --0-100745339-1016563869=:48530 Content-Type: text/html; charset=us-ascii

The problem only occurs during large file transfers. This box has 10 10/100 cards and is acting as a router.

Are there any sysctl parameters that I should look at to optimize operation as a router ?

  Mike Silbersack <silby@silby.com> wrote:


On Mon, 18 Mar 2002, W Alexander Hagen wrote:

>
> How do I find out how to run the box so it outputs the errant code line
> when it crashes ? Is there a good faq ?

Check out:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug.html

Part 16.4, "On-Line Kernel Debugging Using DDB" is what you should
probably focus on.

Once you compile DDB into the kernel, it should throw you into DDB
whenever a system crash occurs. If the system seems to crash, but does
not throw you into DDB, you can then try ctrl-alt-esc to manually enter
it. In either case, you can then run "trace" to get a backtrace of where
the problem occured. From that, we should be able to help you.

If you can't even break into DDB whenever your computer crashes, then
something is seriously wrong, _probably_ bad hardware of some sort.

Mike "Silby" Silbersack


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message


Do You Yahoo!?
Yahoo! Sports - live college hoops coverage --0-100745339-1016563869=:48530-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 11:29: 0 2002 Delivered-To: freebsd-net@freebsd.org Received: from tao.org.uk (genius.tao.org.uk [212.135.162.51]) by hub.freebsd.org (Postfix) with ESMTP id DA8FA37B400 for ; Tue, 19 Mar 2002 11:28:54 -0800 (PST) Received: by tao.org.uk (Postfix, from userid 100) id A2E723F3; Tue, 19 Mar 2002 19:27:53 +0000 (GMT) Date: Tue, 19 Mar 2002 19:27:53 +0000 From: Josef Karthauser To: W Alexander Hagen Cc: Mike Silbersack , Greg Black , freebsd-net@freebsd.org Subject: Re: Freebsd REL_ENG 4.3 p28 freezes every 30 minutes. Message-ID: <20020319192753.GE4989@genius.tao.org.uk> References: <20020319035747.T48355-100000@patrocles.silby.com> <20020319185109.53474.qmail@web9902.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="7CZp05NP8/gJM8Cl" Content-Disposition: inline In-Reply-To: <20020319185109.53474.qmail@web9902.mail.yahoo.com> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --7CZp05NP8/gJM8Cl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Mar 19, 2002 at 10:51:09AM -0800, W Alexander Hagen wrote: >=20 > The problem only occurs during large file transfers. This box has 10 10/= 100 cards and is acting as a router. > Are there any sysctl parameters that I should look at to optimize operati= on as a router ? Optimization or not the machine shouldn't be crashing. Please follow the advice below so that you can catch some debug info when it next happens. Joe > Mike Silbersack wrote:=20 > On Mon, 18 Mar 2002, W Alexander Hagen wrote: >=20 > > > > How do I find out how to run the box so it outputs the errant code line > > when it crashes ? Is there a good faq ? >=20 > Check out: >=20 > http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kern= eldebug.html >=20 > Part 16.4, "On-Line Kernel Debugging Using DDB" is what you should > probably focus on. >=20 > Once you compile DDB into the kernel, it should throw you into DDB > whenever a system crash occurs. If the system seems to crash, but does > not throw you into DDB, you can then try ctrl-alt-esc to manually enter > it. In either case, you can then run "trace" to get a backtrace of where > the problem occured. From that, we should be able to help you. >=20 > If you can't even break into DDB whenever your computer crashes, then > something is seriously wrong, _probably_ bad hardware of some sort. >=20 > Mike "Silby" Silbersack --7CZp05NP8/gJM8Cl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjyXkTkACgkQXVIcjOaxUBYx6gCcDGPL2wI4OyXDo2w23J/Cq3SC 1qcAn2916LvUws5MRLg3GcP0ypixPNZa =KPDm -----END PGP SIGNATURE----- --7CZp05NP8/gJM8Cl-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 12: 2: 5 2002 Delivered-To: freebsd-net@freebsd.org Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.86]) by hub.freebsd.org (Postfix) with ESMTP id 29E3437B402 for ; Tue, 19 Mar 2002 12:01:02 -0800 (PST) Received: from smtp-relay01.mac.com (server-source-si02 [10.13.10.6]) by smtpout.mac.com (8.12.1/8.10.2/1.0) with ESMTP id g2JK11JZ021286 for ; Tue, 19 Mar 2002 12:01:01 -0800 (PST) Received: from asmtp02.mac.com ([10.13.10.66]) by smtp-relay01.mac.com (Netscape Messaging Server 4.15 relay01 Jun 21 2001 23:53:48) with ESMTP id GT8KXO00.FLF for ; Tue, 19 Mar 2002 12:01:00 -0800 Received: from grinch ([12.234.224.67]) by asmtp02.mac.com (Netscape Messaging Server 4.15 asmtp02 Jun 21 2001 23:53:48) with ESMTP id GT8KXN00.HDS for ; Tue, 19 Mar 2002 12:00:59 -0800 Date: Tue, 19 Mar 2002 12:00:58 -0800 Subject: Re: ephemeral port allocation - time for a change? Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v475) From: "Justin C. Walker" To: freebsd-net@FreeBSD.ORG Content-Transfer-Encoding: 7bit In-Reply-To: <20020319111522.H49521-100000@patrocles.silby.com> Message-Id: <07F5F059-3B74-11D6-AD54-00306544D642@mac.com> X-Mailer: Apple Mail (2.475) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tuesday, March 19, 2002, at 09:35 AM, Mike Silbersack wrote: > > By filing PR docs/32041, Mark Blackman has reminded me of an issue that > has been nagging me for some time now. As Mark points out, one of the > likely problems in the sysadmin mag benchmark run last spring was that > the > system ran out of ephemeral ports. Unforunately, nobody caught this at > the time, and the benchmarkers were unable to explain why freebsd hit a > connection limit below that of the other OSes. > > Right now, we're still using the traditional port range of 1024-5000, > which limits us to a little under 4000 distinct outgoing connections. > AFAIK, other OSes have started transitioning to the now preferred port > range of 49152-65535, which would give us about 4x more breathing room. > > Looking through the logs for in.h, I can see that peter attempted > changing the port range to 20000-30000 about 6 years ago, but reverted > the > change because of firewall issues. > > My question is this: Is anyone aware of a reason that using 49152-65535 > by default would cause problems today? FWIW, Mac OS X/Darwin has been shipping with this (high) range as the default since "1.0". Hasn't caused any problems that I know of (or, at least, that anyone's been able to pin on the change :-]). Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | It's not whether you win or lose... | It's whether *I* win or lose. *--------------------------------------*-------------------------------* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 15:41:23 2002 Delivered-To: freebsd-net@freebsd.org Received: from avengers.ivision.co.uk (avengers.ivision.co.uk [212.25.225.7]) by hub.freebsd.org (Postfix) with ESMTP id 8692A37B41B for ; Tue, 19 Mar 2002 15:41:00 -0800 (PST) Received: from [212.25.225.7] (helo=avengers) by avengers.ivision.co.uk with esmtp (Exim 3.33 #1) id 16nTDu-0004jO-00; Tue, 19 Mar 2002 23:40:58 +0000 Date: Tue, 19 Mar 2002 23:40:58 +0000 (GMT) From: Jasper Wallace To: Mike Silbersack Cc: Subject: Re: ephemeral port allocation - time for a change? In-Reply-To: <20020319111522.H49521-100000@patrocles.silby.com> Message-ID: X-NCC-RegID: uk.instant-web MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 19 Mar 2002, Mike Silbersack wrote: > > My question is this: Is anyone aware of a reason that using 49152-65535 > by default would cause problems today? NetBSD has moved to the new range: jasper@jellycat:~/[0]> sysctl -a | grep port net.inet.ip.anonportmin = 49152 net.inet.ip.anonportmax = 65535 I'm not aware of any problems. -- Internet Vision Internet Consultancy Tel: 020 7589 4500 60 Albert Court & Web development Fax: 020 7589 4522 Prince Consort Road vision@ivision.co.uk London SW7 2BE http://www.ivision.co.uk/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 21:44:53 2002 Delivered-To: freebsd-net@freebsd.org Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by hub.freebsd.org (Postfix) with ESMTP id 07D1337B416 for ; Tue, 19 Mar 2002 21:44:49 -0800 (PST) Received: from svzserv.kemerovo.su (kost [213.184.65.82]) by www.svzserv.kemerovo.su (8.11.6/8.11.6) with ESMTP id g2K5id564043; Wed, 20 Mar 2002 12:44:39 +0700 (KRAT) (envelope-from eugen@svzserv.kemerovo.su) Message-ID: <3C9821BA.F44DE2E0@svzserv.kemerovo.su> Date: Wed, 20 Mar 2002 12:44:26 +0700 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.79 [en] (Win95; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: cjclark@alum.mit.edu Cc: net@FreeBSD.org Subject: Re: natd and static nat for different subnets References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> <3C96E940.95335672@svzserv.kemerovo.su> <20020319011822.K60554@blossom.cjclark.org> <3C97043B.449715B2@svzserv.kemerovo.su> <20020319015259.M60554@blossom.cjclark.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I forgot point out that ipnat(8) will do this as-is if that is an > option for you. Hmm, I've read man ipnat and still not sure how can I achieve a combination of redirection ip<->ip and map net<->ip. Eugene To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 22:10:31 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by hub.freebsd.org (Postfix) with ESMTP id 80F7237B400 for ; Tue, 19 Mar 2002 22:10:28 -0800 (PST) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc52.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020320061025.LQGT1147.rwcrmhc52.attbi.com@blossom.cjclark.org>; Wed, 20 Mar 2002 06:10:25 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g2K6AKA69528; Tue, 19 Mar 2002 22:10:20 -0800 (PST) (envelope-from cjc) Date: Tue, 19 Mar 2002 22:10:20 -0800 From: "Crist J. Clark" To: Eugene Grosbein Cc: net@FreeBSD.org Subject: Re: natd and static nat for different subnets Message-ID: <20020319221020.G67739@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> <3C96E940.95335672@svzserv.kemerovo.su> <20020319011822.K60554@blossom.cjclark.org> <3C97043B.449715B2@svzserv.kemerovo.su> <20020319015259.M60554@blossom.cjclark.org> <3C9821BA.F44DE2E0@svzserv.kemerovo.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3C9821BA.F44DE2E0@svzserv.kemerovo.su>; from eugen@svzserv.kemerovo.su on Wed, Mar 20, 2002 at 12:44:26PM +0700 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Mar 20, 2002 at 12:44:26PM +0700, Eugene Grosbein wrote: > > I forgot point out that ipnat(8) will do this as-is if that is an > > option for you. > > Hmm, I've read man ipnat and still not sure how can I achieve > a combination of redirection ip<->ip and map net<->ip. Why not? map if0 192.168.100.0/24 -> 192.0.2.10/32 portmap tcp/udp auto map if0 192.168.100.0/24 -> 192.0.2.10/32 bimap if0 192.168.100.1/32 -> 192.0.2.10/32 map if0 172.16.0.0/16 -> 192.0.2.12/32 portmap tcp/udp auto map if0 172.16.0.0/16 -> 192.0.2.12/32 bimap if0 172.16.0.1/32 -> 192.0.2.12/32 All of the outgoing from the 192.168.100.0/24 block gets translated to 192.0.2.10. All of the incoming to 192.0.2.10 not associated with an existing connection gets passed to 192.168.100.1. The same thing goes for the 172.16.0.0/16 block except it gets translated to 192.0.2.12. Isn't that what you wanted? -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 22:27: 0 2002 Delivered-To: freebsd-net@freebsd.org Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by hub.freebsd.org (Postfix) with ESMTP id D297A37B405 for ; Tue, 19 Mar 2002 22:26:53 -0800 (PST) Received: from svzserv.kemerovo.su (kost [213.184.65.82]) by www.svzserv.kemerovo.su (8.11.6/8.11.6) with ESMTP id g2K6Ql566656; Wed, 20 Mar 2002 13:26:47 +0700 (KRAT) (envelope-from eugen@svzserv.kemerovo.su) Message-ID: <3C982B9A.7A8455A1@svzserv.kemerovo.su> Date: Wed, 20 Mar 2002 13:26:34 +0700 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.79 [en] (Win95; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: cjclark@alum.mit.edu Cc: net@FreeBSD.org Subject: Re: natd and static nat for different subnets References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> <3C96E940.95335672@svzserv.kemerovo.su> <20020319011822.K60554@blossom.cjclark.org> <3C97043B.449715B2@svzserv.kemerovo.su> <20020319015259.M60554@blossom.cjclark.org> <3C9821BA.F44DE2E0@svzserv.kemerovo.su> <20020319221020.G67739@blossom.cjclark.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "Crist J. Clark" wrote: > > On Wed, Mar 20, 2002 at 12:44:26PM +0700, Eugene Grosbein wrote: > > > I forgot point out that ipnat(8) will do this as-is if that is an > > > option for you. > > > > Hmm, I've read man ipnat and still not sure how can I achieve > > a combination of redirection ip<->ip and map net<->ip. > > Why not? > > map if0 192.168.100.0/24 -> 192.0.2.10/32 portmap tcp/udp auto > map if0 192.168.100.0/24 -> 192.0.2.10/32 > bimap if0 192.168.100.1/32 -> 192.0.2.10/32 > map if0 172.16.0.0/16 -> 192.0.2.12/32 portmap tcp/udp auto > map if0 172.16.0.0/16 -> 192.0.2.12/32 > bimap if0 172.16.0.1/32 -> 192.0.2.12/32 > > All of the outgoing from the 192.168.100.0/24 block gets translated to > 192.0.2.10. All of the incoming to 192.0.2.10 not associated with an > existing connection gets passed to 192.168.100.1. The same thing goes > for the 172.16.0.0/16 block except it gets translated to > 192.0.2.12. Isn't that what you wanted? Yes, thank you. One more: now I run a kernel built with IPFIREWALL and IPDIVERT, the system is 3.5-STABLE yet. Can I just add IPFILTER and not touch my configuration (e.g. do not setup ipf and ipnat rules)? Can I switch from natd to ipnat on-the-fly then? Eugene To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 23: 3:27 2002 Delivered-To: freebsd-net@freebsd.org Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by hub.freebsd.org (Postfix) with ESMTP id BB0CC37B400 for ; Tue, 19 Mar 2002 23:03:23 -0800 (PST) Received: from svzserv.kemerovo.su (kost [213.184.65.82]) by www.svzserv.kemerovo.su (8.11.6/8.11.6) with ESMTP id g2K72w568937; Wed, 20 Mar 2002 14:03:00 +0700 (KRAT) (envelope-from eugen@svzserv.kemerovo.su) Message-ID: <3C983415.F9F3F91C@svzserv.kemerovo.su> Date: Wed, 20 Mar 2002 14:02:45 +0700 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.79 [en] (Win95; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: cjclark@alum.mit.edu Cc: net@FreeBSD.org Subject: Re: natd and static nat for different subnets References: <3C96CCDA.C54342F5@svzserv.kemerovo.su> <20020318225141.I60554@blossom.cjclark.org> <3C96E940.95335672@svzserv.kemerovo.su> <20020319011822.K60554@blossom.cjclark.org> <3C97043B.449715B2@svzserv.kemerovo.su> <20020319015259.M60554@blossom.cjclark.org> <3C9821BA.F44DE2E0@svzserv.kemerovo.su> <20020319221020.G67739@blossom.cjclark.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "Crist J. Clark" wrote: > Why not? > > map if0 192.168.100.0/24 -> 192.0.2.10/32 portmap tcp/udp auto > map if0 192.168.100.0/24 -> 192.0.2.10/32 > bimap if0 192.168.100.1/32 -> 192.0.2.10/32 > map if0 172.16.0.0/16 -> 192.0.2.12/32 portmap tcp/udp auto > map if0 172.16.0.0/16 -> 192.0.2.12/32 > bimap if0 172.16.0.1/32 -> 192.0.2.12/32 > > All of the outgoing from the 192.168.100.0/24 block gets translated to > 192.0.2.10. All of the incoming to 192.0.2.10 not associated with an > existing connection gets passed to 192.168.100.1. The same thing goes > for the 172.16.0.0/16 block except it gets translated to > 192.0.2.12. Isn't that what you wanted? Oh, now I see that ipnat coming with 3.5-STABLE does not support 'bimap' and 'auto'. Bad luck. However, thank you for pointing me to the right direction. I'll switch to 4.5-STABLE and try ipnat then. Eugene To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Mar 19 23:57: 6 2002 Delivered-To: freebsd-net@freebsd.org Received: from spf1.hq.outblaze.com (202-77-223-26.outblaze.com [202.77.223.26]) by hub.freebsd.org (Postfix) with ESMTP id 2D64237B400 for ; Tue, 19 Mar 2002 23:57:05 -0800 (PST) Received: from yusufg.portal2.com (202-77-223-2.outblaze.com [202.77.223.2]) by spf1.hq.outblaze.com (Postfix) with SMTP id EF1D526B85 for ; Wed, 20 Mar 2002 07:56:22 +0000 (GMT) Received: (qmail 27312 invoked by uid 500); 20 Mar 2002 07:56:58 -0000 Date: Wed, 20 Mar 2002 15:56:58 +0800 From: Yusuf Goolamabbas To: freebsd-net@freebsd.org Subject: Is there any mechanism/patch to limit total number of connections/IP Message-ID: <20020320075658.GA27302@outblaze.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.25i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, In the Linux netfilter world, there exists a kernel/netfilter patch called iplimit which does what the subject mention Is there anything similar in freebsd or can this be emulated via ipfw in any form http://www.netfilter.org/documentation/HOWTO/netfilter-extensions-HOWTO.html#toc3.3 Regards, Yusuf -- Yusuf Goolamabbas yusufg@outblaze.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 0: 1:18 2002 Delivered-To: freebsd-net@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id E2C5F37B477 for ; Wed, 20 Mar 2002 00:00:36 -0800 (PST) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g2K80UB42235; Wed, 20 Mar 2002 00:00:30 -0800 (PST) (envelope-from rizzo) Date: Wed, 20 Mar 2002 00:00:30 -0800 From: Luigi Rizzo To: Yusuf Goolamabbas Cc: freebsd-net@FreeBSD.ORG Subject: Re: Is there any mechanism/patch to limit total number of connections/IP Message-ID: <20020320000030.A42197@iguana.icir.org> References: <20020320075658.GA27302@outblaze.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020320075658.GA27302@outblaze.com> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Mar 20, 2002 at 03:56:58PM +0800, Yusuf Goolamabbas wrote: > Hi, In the Linux netfilter world, there exists a kernel/netfilter > patch called iplimit which does what the subject mention > > Is there anything similar in freebsd or can this be emulated via ipfw > in any form of course :) there is a "limit" option in ipfw which does this. Check the manpage in a recent FreeBSD (4.5) Having implemented it, I still believe that it makes a lot more sense to limit bandwidth using dummynet pipes rather than number of connections (which can be widely different in resource usage). cheers luigi > > http://www.netfilter.org/documentation/HOWTO/netfilter-extensions-HOWTO.html#toc3.3 > > Regards, Yusuf > > -- > Yusuf Goolamabbas > yusufg@outblaze.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 4:48:21 2002 Delivered-To: freebsd-net@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 6739537B416; Wed, 20 Mar 2002 04:48:17 -0800 (PST) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16nfZ4-000FRh-00; Wed, 20 Mar 2002 14:51:38 +0200 From: Sheldon Hearn To: dan@FreeBSD.org Cc: freebsd-net@FreeBSD.org Subject: Plans to MFC icmplim_output sysctl? Date: Wed, 20 Mar 2002 14:51:38 +0200 Message-ID: <59376.1016628698@axl.seasidesoftware.co.za> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Dan, Do you plan to MFC the icmplim_output sysctl work you did in ip_icmp.c mid-2000? Seems quite useful for firewall-class systems running 4.5-STABLE. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 6: 3:58 2002 Delivered-To: freebsd-net@freebsd.org Received: from web20006.mail.yahoo.com (web20006.mail.yahoo.com [216.136.225.69]) by hub.freebsd.org (Postfix) with SMTP id 8C4F537B404 for ; Wed, 20 Mar 2002 06:03:55 -0800 (PST) Message-ID: <20020320140353.19403.qmail@web20006.mail.yahoo.com> Received: from [61.223.2.150] by web20006.mail.yahoo.com via HTTP; Wed, 20 Mar 2002 06:03:53 PST Date: Wed, 20 Mar 2002 06:03:53 -0800 (PST) From: Vincent Chen Subject: IPSec for roaming user? To: net@FreeBSD.ORG MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dear all, I am trying to figure out how to let roaming users access internal resource via freebsd as IPsec gateway. Because they have dynamic IPs. How can I write security policy to deal with this? Is there any IPsec client for windows platform available? Is it ok to let ESP packet coming in and out from anywhere? BTW: I am using pre-shared key for IKE. I have my CA certificate generated by openssl installed on windows 2000. This CA certificate works fine for https and s/mime. When I tried to use certificate to authenticate IPSec client, windows 2000 ask me to choose a trusted CA but my CA didn't appear in the list. Is there any special requirement to generate certificate for IPsec? Thanks for your help, Vincent Chen __________________________________________________ Do You Yahoo!? Yahoo! Sports - live college hoops coverage http://sports.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 8:10:35 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d80.as14.nwbl0.wi.voyager.net [169.207.134.80]) by hub.freebsd.org (Postfix) with ESMTP id CB6C137B419; Wed, 20 Mar 2002 08:08:39 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2KG61jJ054273; Wed, 20 Mar 2002 16:06:01 GMT (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2KG4sT0054267; Wed, 20 Mar 2002 10:06:01 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Wed, 20 Mar 2002 10:04:54 -0600 (CST) From: Mike Silbersack To: Dmitry Koltsov Cc: freebsd-net@FreeBSD.ORG, Subject: Re: ADD TO(NEW Info): Apache/TCP stack issues In-Reply-To: <20020313164434.D28A16B349@mail2.hostonfly.net> Message-ID: <20020320100234.C54069-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 13 Mar 2002, Dmitry Koltsov wrote: > Hello, > > I'm running on 4.4-stable. > > Seems like my problem is (connection refused) caused by listen queue. > > I have 1-10 requsts in apache listen queue (port 80), queue len is 511 > connections and have counter "listen queue overflows" growing in the same time (!) > > Current listen queue sizes (qlen/incqlen/maxqlen) > Listen Local Address > 11/11/511 216.65.107.31.80 > > How it may be? Is there solution? As I said before, the listen queue has been mostly replaced by the syn cache in 4.5. Therefore, it is very unlikely that anyone is going to go back and work on it. If you are concerned about listen queue overflows, upgrade to 4.5. > Also I have tested queue with simple program (socket(), bind(), listen(sock,128), do nothing in the loop) > and received this amazing stats: > > Current listen queue sizes (qlen/incqlen/maxqlen) > Listen Local Address > 193/0/128 216.65.107.31.81 (queue len >> queue maxlen) !!! That's entirely expected, and the reason why is visible in the source. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 11:36: 6 2002 Delivered-To: freebsd-net@freebsd.org Received: from mail.chesapeake.net (chesapeake.net [205.130.220.14]) by hub.freebsd.org (Postfix) with ESMTP id 38F5437B404 for ; Wed, 20 Mar 2002 11:36:00 -0800 (PST) Received: from localhost (jroberson@localhost) by mail.chesapeake.net (8.11.6/8.11.6) with ESMTP id g2KJZxQ16895 for ; Wed, 20 Mar 2002 14:35:59 -0500 (EST) (envelope-from jroberson@chesapeake.net) Date: Wed, 20 Mar 2002 14:35:59 -0500 (EST) From: Jeff Roberson To: net@freebsd.org Subject: Getting rid of maxsockets. Message-ID: <20020320143354.Y41335-100000@mail.chesapeake.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Would anyone be upset if I got rid of maxsockets and consequently the limits on the *pcb zones? This was previously used so that the zone allocator could allocate items at interrupt time. Now you can just supply M_NOWAIT/WAITOK and get the desired effect without a hard limit. Jeff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 11:41:13 2002 Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by hub.freebsd.org (Postfix) with ESMTP id 799B037B400 for ; Wed, 20 Mar 2002 11:41:11 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1192) id 4FF5EAE163; Wed, 20 Mar 2002 11:41:11 -0800 (PST) Date: Wed, 20 Mar 2002 11:41:11 -0800 From: Alfred Perlstein To: Jeff Roberson Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. Message-ID: <20020320194111.GK455@elvis.mu.org> References: <20020320143354.Y41335-100000@mail.chesapeake.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020320143354.Y41335-100000@mail.chesapeake.net> User-Agent: Mutt/1.3.27i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Jeff Roberson [020320 11:36] wrote: > Would anyone be upset if I got rid of maxsockets and consequently the > limits on the *pcb zones? This was previously used so that the zone > allocator could allocate items at interrupt time. Now you can just supply > M_NOWAIT/WAITOK and get the desired effect without a hard limit. That depends on what this implies. :) Does it mean that when giving M_NOWAIT there's a chance it may fail more often than the old zone allocator? Meaning does M_NOWAIT mean "only allocate from cache" or do you do close to the same thing that the zone allocator does except in a more flexible manner? Sorry if the question is niave, I'm not extremely familiar with the previous and current code. -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' Tax deductible donations for FreeBSD: http://www.freebsdfoundation.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 11:57:45 2002 Delivered-To: freebsd-net@freebsd.org Received: from studsboll.d2g.com (a63.flamman.student.liu.se [130.236.218.63]) by hub.freebsd.org (Postfix) with ESMTP id E1B1C37B404 for ; Wed, 20 Mar 2002 11:57:36 -0800 (PST) Received: from studsboll.realworld.nu (localhost [127.0.0.1]) by studsboll.d2g.com (8.11.6/8.11.6) with SMTP id g2KJvZS06898 for ; Wed, 20 Mar 2002 20:57:35 +0100 (CET) (envelope-from doktorn@realworld.nu) Date: Wed, 20 Mar 2002 20:57:35 +0100 From: Rickard Borgmäster To: freebsd-net@freebsd.org Subject: IPSec tunnel FreeBSD<->OpenBSD using isakmp Message-Id: <20020320205735.0851b080.doktorn@realworld.nu> X-Mailer: Sylpheed version 0.7.2 (GTK+ 1.2.10; i386-portbld-freebsd4.5) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dunno if this belongs to net or security but... I've established a tunnel between my home FreeBSD host and a corporate OpenBSD firewall. This works just fine. Well, works, but not good enough. Specs: home: FreeBSD 4.5 IPF pub-ip: 130.236.218.63 priv-net: 192.168.2.0/24 office: OpenBSD 3.0-stable PF pub-ip: 213.88.128.16 priv-net: 10.0.0.0/24 I think I have this somewhat going. If I launch isakmpd at both ends, I can see this at OpenBSD box: # netstat -rn [...] Port Destination Port Proto SA(Address/Proto/Type/Direction) 192.168.2/24 0 10.0.0/24 0 0 130.236.218.63/50/use/in 10.0.0/24 0 192.168.2/24 0 0 130.236.218.63/50/require/out However, on the FreeBSD side, netstat -rn won't show anything about 10.0.0.0/24. Maybe Encap routes won't show in the ordinary routing table on FreeBSD? Well, anyways, this works just fine. From 192.168.2.0/24 I can ping to 10.0.0.0/24 and vice versa. Both the private networks can communicate just fine. However, there is one thing that won't work. Prooly this is a by-design thing, but I still want it to work =) From either the OpenBSD or FreeBSD box, I am unable to reach the private net behind the other IPSec node. Ie, from FreeBSD box, I cannot reach 10.0.0.0/24. And from OpenBSD box, I cannot reach 192.168.2.0/24. How come? -- Rickard .--. .--. .----------------------------------------. | | | | .-. | Rickard Borgmäster | | | | |/ / | doktorn@sub.nu | .-^ | .--. | < | http://doktorn.sub.nu/ | ( o | ( () ) | |\ \ `----------------------------------------' `-----' `--' `--' `--' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 12:20:40 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d80.as14.nwbl0.wi.voyager.net [169.207.134.80]) by hub.freebsd.org (Postfix) with ESMTP id A0A3A37B41A for ; Wed, 20 Mar 2002 12:20:17 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2KKIYjJ055199; Wed, 20 Mar 2002 20:18:34 GMT (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2KKIW7J055196; Wed, 20 Mar 2002 14:18:33 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Wed, 20 Mar 2002 14:18:31 -0600 (CST) From: Mike Silbersack To: Jeff Roberson Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020320143354.Y41335-100000@mail.chesapeake.net> Message-ID: <20020320141306.K54496-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002, Jeff Roberson wrote: > Would anyone be upset if I got rid of maxsockets and consequently the > limits on the *pcb zones? This was previously used so that the zone > allocator could allocate items at interrupt time. Now you can just supply > M_NOWAIT/WAITOK and get the desired effect without a hard limit. > > Jeff We still need to cap the number of sockets somehow, as it would be bad for sockets to consume all memory. If you want to move the socket limit to someplace where it can be modified via a sysctl, that'd be great. As you're going through and UMAing everything, I think it'd be best if you kept the limits the same for now. Once everything's UMA'd, then we can develop new sizing parameters. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 12:24:43 2002 Delivered-To: freebsd-net@freebsd.org Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by hub.freebsd.org (Postfix) with ESMTP id 4AECF37B404 for ; Wed, 20 Mar 2002 12:24:37 -0800 (PST) Received: from isi.edu (5gbkb25qboxt40mz@hbo.isi.edu [128.9.160.75]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id g2KKL8008219; Wed, 20 Mar 2002 12:21:08 -0800 (PST) Message-ID: <3C98EF33.6090207@isi.edu> Date: Wed, 20 Mar 2002 12:21:07 -0800 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.9) Gecko/20020315 X-Accept-Language: en-us, de-de MIME-Version: 1.0 To: =?ISO-8859-1?Q?Rickard_Borgm=E4ster?= Cc: freebsd-net@freebsd.org Subject: Re: IPSec tunnel FreeBSD<->OpenBSD using isakmp References: <20020320205735.0851b080.doktorn@realworld.nu> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms010401040104070209000502" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------ms010401040104070209000502 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Rickard Borgmäster wrote: > I've established a tunnel between my home FreeBSD host and a corporate > OpenBSD firewall. IPsec tunnel I assume? > I can see this at OpenBSD box: > # netstat -rn > [...] > Port Destination Port Proto SA(Address/Proto/Type/Direction) > 192.168.2/24 0 10.0.0/24 0 0 > 130.236.218.63/50/use/in 10.0.0/24 0 192.168.2/24 0 > 0 130.236.218.63/50/require/out > > However, on the FreeBSD side, netstat -rn won't show anything about > 10.0.0.0/24. Maybe Encap routes won't show in the ordinary routing table > on FreeBSD? It looks like the OpenBSD IPsec implementation integrates IPsec tunnel mode SAs with the routing table (good!) FreeBSD's KAME doesn't (yet; more recent KAME SNAPs have "device sec" which looks promising). > From either the OpenBSD or FreeBSD box, I am unable to reach the private > net behind the other IPSec node. Ie, from FreeBSD box, I cannot reach > 10.0.0.0/24. And from OpenBSD box, I cannot reach 192.168.2.0/24. I bet your boxes pick the wrong source address when you generate packets on them to go to the other net, because you don't have any interfaces configured on these nets (IPsec SAs aren't interfaces, at least on FreeBSD). Try tcpdumping and tell me what you get. Lars -- Lars Eggert Information Sciences Institute http://www.isi.edu/larse/ University of Southern California --------------ms010401040104070209000502 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIInzCC ArUwggIeoAMCAQICAwWBRzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNV BAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUx HTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVl bWFpbCBSU0EgMjAwMC44LjMwMB4XDTAxMDgyNDE2NDAwMFoXDTAyMDgyNDE2NDAwMFowVDEP MA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYDVQQDEwtMYXJzIEVnZ2VydDEc MBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA0AvLBsD78nxcUHeHkaMgl3b4qYPnfgbf8Lh+HQP8RgGMRG/Yb+vTpkGezlwt9pkJxiD1 1uZDy4CNNJUu3gKxKSb+zRV70O+lkwwftuHoLHoH4xwo3LcQ2LGDpd+I95tUN4dfJ3TmeEcU SF50dC/SuUI4w8AlhXQ8IxrhgdayTpECAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIB BAQTTDJ1TXlmZkJOVWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1Ud EwEB/wQCMAAwDQYJKoZIhvcNAQECBQADgYEAheZhn0pQA8zI7U2K1ZIAl11j0a1DKxnp3GtT vOUrGRB3WvYxidvdZ1kizhEsWeXU81TkNDH0DaRqtOEeu6Q2OhB+jeKEqY7IDAJE4/fI0e+d 6PnG1hd+vEvYmsKHkmzBhPc94XUOKNWO+qVNP2NGyNI3QIDy5wX4fdcOo1S34r4wggK1MIIC HqADAgECAgMFgUcwDQYJKoZIhvcNAQECBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxX ZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYD VQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMDAeFw0wMTA4MjQxNjQwMDBaFw0wMjA4MjQxNjQwMDBaMFQxDzANBgNV BAQTBkVnZ2VydDENMAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkq hkiG9w0BCQEWDWxhcnNlQGlzaS5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAL ywbA+/J8XFB3h5GjIJd2+KmD534G3/C4fh0D/EYBjERv2G/r06ZBns5cLfaZCcYg9dbmQ8uA jTSVLt4CsSkm/s0Ve9DvpZMMH7bh6Cx6B+McKNy3ENixg6XfiPebVDeHXyd05nhHFEhedHQv 0rlCOMPAJYV0PCMa4YHWsk6RAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIBADAaMBgCAQQEE0wy dU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVkdTAMBgNVHRMBAf8E AjAAMA0GCSqGSIb3DQEBAgUAA4GBAIXmYZ9KUAPMyO1NitWSAJddY9GtQysZ6dxrU7zlKxkQ d1r2MYnb3WdZIs4RLFnl1PNU5DQx9A2karThHrukNjoQfo3ihKmOyAwCROP3yNHvnej5xtYX frxL2JrCh5JswYT3PeF1DijVjvqlTT9jRsjSN0CA8ucF+H3XDqNUt+K+MIIDKTCCApKgAwIB AgIBDDANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEo MCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhh d3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVl bWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTAyMDgyOTIzNTk1OVowgZIxCzAJ BgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UE AxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOB jQAwgYkCgYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/ +TRxoKNtmPHDT6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENC UFGHgzzwObSbVIoTh/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwx GjAYBgNVBAMTEVByaXZhdGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0P BAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBAHMbbyZli/8VNEtZYortRL5Jx+gNu4+5DWomKmKE H7iHY3QcbbfPGlORS+HN5jjZ7VD0Omw0kqzmkpxuwSMBwgmn70uuct0GZ/VQby5YuLYLwVBX tewc1+8XttWIm7eiiBrtOVs5fTT8tpYYJU1q9J3Fw5EvqZa4BTxS/N3pYgNIMYICpjCCAqIC AQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT CUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2 aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDBYFHMAkG BSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X DTAyMDMyMDIwMjEwN1owIwYJKoZIhvcNAQkEMRYEFJ7/C1pTn46AEJCVCgDJ8BzzAgiFMFIG CSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0BCRACCzGBnaCBmjCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMFgUcwDQYJKoZIhvcNAQEB BQAEgYCTGXttBJP5am0u767HkC9pt5MN6FDWuZ/QhQdDtfl5of5WycOn9AXeE0Dx+PeXlA/5 Y58XYEqkGNqeeY7MLKWSCkmJi1pvXL3gwV+jx10OufGvBK3tocxdoKWCU/pu9+xBa9mtxCYk bAKKmfPg0amO2XT1qR/dQl+PPLPtb4v9NgAAAAAAAA== --------------ms010401040104070209000502-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 12:26:50 2002 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 4931237B416 for ; Wed, 20 Mar 2002 12:26:45 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.11.4/8.11.6) id g2KKQch60289; Wed, 20 Mar 2002 15:26:38 -0500 (EST) (envelope-from wollman) Date: Wed, 20 Mar 2002 15:26:38 -0500 (EST) From: Garrett Wollman Message-Id: <200203202026.g2KKQch60289@khavrinen.lcs.mit.edu> To: Mike Silbersack Cc: net@FreeBSD.ORG Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020320141306.K54496-100000@patrocles.silby.com> References: <20020320143354.Y41335-100000@mail.chesapeake.net> <20020320141306.K54496-100000@patrocles.silby.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > We still need to cap the number of sockets somehow, as it would be bad for > sockets to consume all memory. There's already a cap: maxfiles. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 12:29:14 2002 Delivered-To: freebsd-net@freebsd.org Received: from mail.chesapeake.net (chesapeake.net [205.130.220.14]) by hub.freebsd.org (Postfix) with ESMTP id 196F737B400 for ; Wed, 20 Mar 2002 12:29:08 -0800 (PST) Received: from localhost (jroberson@localhost) by mail.chesapeake.net (8.11.6/8.11.6) with ESMTP id g2KKT6b35515; Wed, 20 Mar 2002 15:29:06 -0500 (EST) (envelope-from jroberson@chesapeake.net) Date: Wed, 20 Mar 2002 15:29:06 -0500 (EST) From: Jeff Roberson To: Alfred Perlstein Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020320194111.GK455@elvis.mu.org> Message-ID: <20020320152654.J41335-100000@mail.chesapeake.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002, Alfred Perlstein wrote: > > That depends on what this implies. :) > > Does it mean that when giving M_NOWAIT there's a chance it may fail > more often than the old zone allocator? Meaning does M_NOWAIT mean > "only allocate from cache" or do you do close to the same thing that > the zone allocator does except in a more flexible manner? > > Sorry if the question is niave, I'm not extremely familiar with the > previous and current code. > Currently it means, if I can't get KVA or a page to back it, return NULL. It just stops operations that would REALLY block. The old code reserved the KVA up front and just found a page at interrupt time. Jeff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 12:37:10 2002 Delivered-To: freebsd-net@freebsd.org Received: from mail.chesapeake.net (chesapeake.net [205.130.220.14]) by hub.freebsd.org (Postfix) with ESMTP id 1842A37B417 for ; Wed, 20 Mar 2002 12:36:31 -0800 (PST) Received: from localhost (jroberson@localhost) by mail.chesapeake.net (8.11.6/8.11.6) with ESMTP id g2KKaPj37893; Wed, 20 Mar 2002 15:36:25 -0500 (EST) (envelope-from jroberson@chesapeake.net) Date: Wed, 20 Mar 2002 15:36:25 -0500 (EST) From: Jeff Roberson To: Mike Silbersack Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020320141306.K54496-100000@patrocles.silby.com> Message-ID: <20020320152915.Q41335-100000@mail.chesapeake.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002, Mike Silbersack wrote: > > We still need to cap the number of sockets somehow, as it would be bad for > sockets to consume all memory. If you want to move the socket limit to > someplace where it can be modified via a sysctl, that'd be great. As > you're going through and UMAing everything, I think it'd be best if you > kept the limits the same for now. > I have kept the current limits in place, but I think that it's somewhat ugly to have this policy enforced in the allocator where it is hard to adjust with a sysctl. Perhaps maxsockets could stay but become run time adjustable. Is there any case where we will have lots of pcbs w/o sockets? If so, all of the limits checking can be done in the socket code and the pcb code can completely forget about it. > > Once everything's UMA'd, then we can develop new sizing parameters. Everything has been UMA'd other than MD code, so I'm working on making the system take advantage of it. > > Mike "Silby" Silbersack > Thanks! Jeff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 13: 2:47 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d80.as14.nwbl0.wi.voyager.net [169.207.134.80]) by hub.freebsd.org (Postfix) with ESMTP id B203037B416 for ; Wed, 20 Mar 2002 13:02:39 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2KL12jJ055388; Wed, 20 Mar 2002 21:01:02 GMT (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2KL115n055385; Wed, 20 Mar 2002 15:01:02 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Wed, 20 Mar 2002 15:01:01 -0600 (CST) From: Mike Silbersack To: Garrett Wollman Cc: net@FreeBSD.ORG Subject: Re: Getting rid of maxsockets. In-Reply-To: <200203202026.g2KKQch60289@khavrinen.lcs.mit.edu> Message-ID: <20020320145723.X55299-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002, Garrett Wollman wrote: > < said: > > > We still need to cap the number of sockets somehow, as it would be bad for > > sockets to consume all memory. > > There's already a cap: maxfiles. > > -GAWollman That would end up being a reduction below the current value; right now sockets > maxfiles with large maxuser values. Whether or not this is a necessary differential, I'm not sure. (With TIME_WAIT and FIN_WAIT_2 sockets, I believe that maxsockets should exceed maxfiles.) Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 13: 2:53 2002 Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by hub.freebsd.org (Postfix) with ESMTP id 6DF6237B419 for ; Wed, 20 Mar 2002 13:02:46 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1192) id 1CE16AE147; Wed, 20 Mar 2002 13:02:46 -0800 (PST) Date: Wed, 20 Mar 2002 13:02:46 -0800 From: Alfred Perlstein To: Jeff Roberson Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. Message-ID: <20020320210246.GN455@elvis.mu.org> References: <20020320194111.GK455@elvis.mu.org> <20020320152654.J41335-100000@mail.chesapeake.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020320152654.J41335-100000@mail.chesapeake.net> User-Agent: Mutt/1.3.27i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Jeff Roberson [020320 12:29] wrote: > > > On Wed, 20 Mar 2002, Alfred Perlstein wrote: > > > > > That depends on what this implies. :) > > > > Does it mean that when giving M_NOWAIT there's a chance it may fail > > more often than the old zone allocator? Meaning does M_NOWAIT mean > > "only allocate from cache" or do you do close to the same thing that > > the zone allocator does except in a more flexible manner? > > > > Sorry if the question is niave, I'm not extremely familiar with the > > previous and current code. > > > > Currently it means, if I can't get KVA or a page to back it, return NULL. > It just stops operations that would REALLY block. The old code reserved > the KVA up front and just found a page at interrupt time. Bottom line, will the semantics change? What it sounds like is that if things aren't "just right" (which may be the majority of times) we may fail earlier than the old code would, is this true? Basically, what changes semantically because of your change? -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' Tax deductible donations for FreeBSD: http://www.freebsdfoundation.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 13: 8:49 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d80.as14.nwbl0.wi.voyager.net [169.207.134.80]) by hub.freebsd.org (Postfix) with ESMTP id 7086137B400 for ; Wed, 20 Mar 2002 13:08:43 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2KL75jJ055416; Wed, 20 Mar 2002 21:07:05 GMT (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2KL758D055413; Wed, 20 Mar 2002 15:07:05 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Wed, 20 Mar 2002 15:07:05 -0600 (CST) From: Mike Silbersack To: Jeff Roberson Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020320152915.Q41335-100000@mail.chesapeake.net> Message-ID: <20020320150144.G55299-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002, Jeff Roberson wrote: > I have kept the current limits in place, but I think that it's somewhat > ugly to have this policy enforced in the allocator where it is hard to > adjust with a sysctl. Perhaps maxsockets could stay but become run time > adjustable. > > Is there any case where we will have lots of pcbs w/o sockets? If so, all > of the limits checking can be done in the socket code and the pcb code can > completely forget about it. I believe that the various pcb structures are tightly coupled to sockets, so checking only in the socket code should be safe. That would be a good change. > > Once everything's UMA'd, then we can develop new sizing parameters. > > Everything has been UMA'd other than MD code, so I'm working on making the > system take advantage of it. Ah, neat. I haven't cvsup'd in the last two weeks, so I have yet to play around with UMA. I was going to ask some more questions here, but it's probably best that I actually look at the code first. :) Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 13:12:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from mail.chesapeake.net (chesapeake.net [205.130.220.14]) by hub.freebsd.org (Postfix) with ESMTP id B843537B41D for ; Wed, 20 Mar 2002 13:12:28 -0800 (PST) Received: from localhost (jroberson@localhost) by mail.chesapeake.net (8.11.6/8.11.6) with ESMTP id g2KLCRt49767; Wed, 20 Mar 2002 16:12:27 -0500 (EST) (envelope-from jroberson@chesapeake.net) Date: Wed, 20 Mar 2002 16:12:27 -0500 (EST) From: Jeff Roberson To: Alfred Perlstein Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020320210246.GN455@elvis.mu.org> Message-ID: <20020320160904.W41335-100000@mail.chesapeake.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002, Alfred Perlstein wrote: > > > > Currently it means, if I can't get KVA or a page to back it, return NULL. > > It just stops operations that would REALLY block. The old code reserved > > the KVA up front and just found a page at interrupt time. > > Bottom line, will the semantics change? > > What it sounds like is that if things aren't "just right" (which may > be the majority of times) we may fail earlier than the old code would, > is this true? > > Basically, what changes semantically because of your change? > The short answer is, no we won't fail any earlier. The reason the KVA was reserved before was so that you wouldn't have to grab a lock at interrupt time to do allocations. Now we can grab locks, we just can't msleep. This makes things a lot simpler. Jeff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 14:18:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from studsboll.d2g.com (a63.flamman.student.liu.se [130.236.218.63]) by hub.freebsd.org (Postfix) with ESMTP id 54B6837B419 for ; Wed, 20 Mar 2002 14:18:13 -0800 (PST) Received: from studsboll.realworld.nu (localhost [127.0.0.1]) by studsboll.d2g.com (8.11.6/8.11.6) with SMTP id g2KMI2S07613; Wed, 20 Mar 2002 23:18:02 +0100 (CET) (envelope-from doktorn@realworld.nu) Date: Wed, 20 Mar 2002 23:18:02 +0100 From: Rickard Borgmäster To: Lars Eggert Cc: freebsd-net@freebsd.org Subject: Re: IPSec tunnel FreeBSD<->OpenBSD using isakmp Message-Id: <20020320231802.222a8dd2.doktorn@realworld.nu> In-Reply-To: <3C98EF33.6090207@isi.edu> References: <20020320205735.0851b080.doktorn@realworld.nu> <3C98EF33.6090207@isi.edu> X-Mailer: Sylpheed version 0.7.2 (GTK+ 1.2.10; i386-portbld-freebsd4.5) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002 12:21:07 -0800 Lars Eggert hit the keyboard and punched: > > I can see this at OpenBSD box: > > # netstat -rn > > [...] > > Port Destination Port Proto SA(Address/Proto/Type/Direction) > > 192.168.2/24 0 10.0.0/24 0 0 > > 130.236.218.63/50/use/in 10.0.0/24 0 192.168.2/24 > 0 > > 0 130.236.218.63/50/require/out > > > > However, on the FreeBSD side, netstat -rn won't show anything about > > 10.0.0.0/24. Maybe Encap routes won't show in the ordinary routing > > table on FreeBSD? > > It looks like the OpenBSD IPsec implementation integrates IPsec tunnel > mode SAs with the routing table (good!) FreeBSD's KAME doesn't (yet; > more recent KAME SNAPs have "device sec" which looks promising). KAME? Is KAME something I need? The only thing I've added is options IPSEC options IPSEC_ESP to my kernel and installed the isakmpd port. Then, of course, set up the /etc/isakmpd/isakmpd.conf file. > > From either the OpenBSD or FreeBSD box, I am unable to reach the > > private net behind the other IPSec node. Ie, from FreeBSD box, I > > cannot reach 10.0.0.0/24. And from OpenBSD box, I cannot reach > > 192.168.2.0/24. > > I bet your boxes pick the wrong source address when you generate packets > on them to go to the other net, because you don't have any interfaces > configured on these nets (IPsec SAs aren't interfaces, at least on > FreeBSD). Try tcpdumping and tell me what you get. Not sure I get your point here. Why do I don't have any interface on these nets? Do you mean that on the FreeBSD box with: pub-ip: 130.236.218.63 priv-net: 192.168.2.0/24 ...that I miss an interface with 10.0.0.x address here? I think I'm lost here... :-/ Well, tcpdump on the OpenBSD box, while pinging 10.0.0.1 from FBSD, gives nothing. No packets received. tcpdumping output on FBSD while pinging 10.0.0.1: tcpdump: listening on xl0 23:08:31.194401 0:1:2:fa:aa:76 0:0:c:7:ac:29 0800 98: 130.236.218.63 > 10.0.0.1: icmp: echo request I also get a message (from where I don't know...) like this: PING 10.0.0.1 (10.0.0.1): 56 data bytes 36 bytes from linkoping-2-FE1-0-0.sunet.se (130.242.201.73): Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 5400 cf42 0 0000 3d 01 473a 130.236.218.63 10.0.0.1 This indicates that when I ping 10.0.0.1, packets go out the "normal" way instead of taking the path tru the tunnel. Almost same thing on OpenBSD: tcpdump: listening on xl1 23:13:17.016763 0:10:4b:cf:1f:e0 0:c0:7b:a3:71:b6 0800 98: 213.88.128.173 > 192.168.2.17: icmp: echo request 23:13:18.023316 0:10:4b:cf:1f:e0 > 0:c0:7b:a3:71:b6 0800 98: 213.88.128.173 > 192.168.2.17: icmp: echo > request 23:13:18.031981 0:c0:7b:a3:71:b6 0:10:4b:cf:1f:e0 0800 70: > 62.95.60.2 > 213.88.128.173: icmp: host 192.168.2.17 unreachable I hope I got the tcpdump stuff that interests you. I didn't really figure what else to tcpdump on :-) Thing is, that both machines works just fine as IPSec peers, but not "nodes" or what to call it. The passing the ESP packets just fine, and connects their private/nat:ed networks to eachother. So the *BSD serves their clients just fine, but cannot use the tunnel themselves... -- Rickard .--. .--. .----------------------------------------. | | | | .-. | Rickard Borgmäster | | | | |/ / | doktorn@sub.nu | .-^ | .--. | < | http://doktorn.sub.nu/ | ( o | ( () ) | |\ \ `----------------------------------------' `-----' `--' `--' `--' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 14:33:51 2002 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 2CC0D37B400 for ; Wed, 20 Mar 2002 14:33:45 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.11.4/8.11.6) id g2KMXcC61425; Wed, 20 Mar 2002 17:33:38 -0500 (EST) (envelope-from wollman) Date: Wed, 20 Mar 2002 17:33:38 -0500 (EST) From: Garrett Wollman Message-Id: <200203202233.g2KMXcC61425@khavrinen.lcs.mit.edu> To: Mike Silbersack Cc: net@FreeBSD.ORG Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020320145723.X55299-100000@patrocles.silby.com> References: <200203202026.g2KKQch60289@khavrinen.lcs.mit.edu> <20020320145723.X55299-100000@patrocles.silby.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > That would end up being a reduction below the current value; right now > sockets > maxfiles with large maxuser values. Whether or not this is a > necessary differential, I'm not sure. (With TIME_WAIT and FIN_WAIT_2 > sockets, I believe that maxsockets should exceed maxfiles.) My point was that it's not necessary to enforce a limit on sockets, specifically, because maxfiles (and user resource limits) will keep users from opening too many sockets. We should probably look to templating closed TCP connections, since they don't actually need a socket at all (or most of the PCB). -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 14:47:57 2002 Delivered-To: freebsd-net@freebsd.org Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by hub.freebsd.org (Postfix) with ESMTP id 93B9D37B41A for ; Wed, 20 Mar 2002 14:47:27 -0800 (PST) Received: from isi.edu (904816uigp0bbwwo@hbo.isi.edu [128.9.160.75]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id g2KMi6014576; Wed, 20 Mar 2002 14:44:06 -0800 (PST) Message-ID: <3C9910B6.2090005@isi.edu> Date: Wed, 20 Mar 2002 14:44:06 -0800 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.9) Gecko/20020315 X-Accept-Language: en-us, de-de MIME-Version: 1.0 To: =?ISO-8859-1?Q?Rickard_Borgm=E4ster?= Cc: freebsd-net@freebsd.org Subject: Re: IPSec tunnel FreeBSD<->OpenBSD using isakmp References: <20020320205735.0851b080.doktorn@realworld.nu> <3C98EF33.6090207@isi.edu> <20020320231802.222a8dd2.doktorn@realworld.nu> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms010805040700090403020708" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------ms010805040700090403020708 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Rickard Borgmäster wrote: >>It looks like the OpenBSD IPsec implementation integrates IPsec tunnel >>mode SAs with the routing table (good!) FreeBSD's KAME doesn't (yet; >>more recent KAME SNAPs have "device sec" which looks promising). > > > KAME? Is KAME something I need? The only thing I've added is > options IPSEC > options IPSEC_ESP > to my kernel and installed the isakmpd port. Then, of course, set up the > /etc/isakmpd/isakmpd.conf file. No, there is an (older) KAME included in FreeBSD; however that one doesn't yet represent SAs in the routing table as interfaces. >>I bet your boxes pick the wrong source address when you generate packets >>on them to go to the other net, because you don't have any interfaces >>configured on these nets (IPsec SAs aren't interfaces, at least on >>FreeBSD). Try tcpdumping and tell me what you get. > > > Not sure I get your point here. Why do I don't have any interface on > these nets? Do you mean that on the FreeBSD box with: > pub-ip: 130.236.218.63 > priv-net: 192.168.2.0/24 > > ...that I miss an interface with 10.0.0.x address here? Sorry for being unclear: You miss a route entry (on the FreeBSD box, e.g.) that tells it to forward 10/24 to the OpenBSD box. You can't have such a route, because the SA that connects the two isn't represented in the routing table (it's a packet filter). > Well, tcpdump on the OpenBSD box, while pinging 10.0.0.1 from FBSD, > gives nothing. No packets received. tcpdumping output on FBSD while > pinging 10.0.0.1: > tcpdump: listening on xl0 > 23:08:31.194401 0:1:2:fa:aa:76 0:0:c:7:ac:29 0800 98: 130.236.218.63 > > 10.0.0.1: icmp: echo request It sends a packet 130.236.218.63->10.0.0.1, which isn't matched by the SAs (I assume, what do they say?) Note that the source here is your PHYSICAL IP address, and the destination is in the VIRTUAL network. This is why things break - your SAs don't match that. Thus, default route is used and the packet goes off into the Internet. Eventually, you get an "ICMP Host Unreachable" from this guy: > I also get a message (from where I don't know...) like this: > PING 10.0.0.1 (10.0.0.1): 56 data bytes > 36 bytes from linkoping-2-FE1-0-0.sunet.se (130.242.201.73): Destination > Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src > Dst 4 5 00 5400 cf42 0 0000 3d 01 473a 130.236.218.63 10.0.0.1 > Thing is, that both machines works just fine as IPSec peers, but not > "nodes" or what to call it. The passing the ESP packets just fine, and > connects their private/nat:ed networks to eachother. So the *BSD serves > their clients just fine, but cannot use the tunnel themselves... Yes, the problem only occurs with packet originating on the security gateways, because transit packets have the correct source addresses (check with tcpdump if you like). Only stuff originating on the gateways has this problem. Lars -- Lars Eggert Information Sciences Institute http://www.isi.edu/larse/ University of Southern California --------------ms010805040700090403020708 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIInzCC ArUwggIeoAMCAQICAwWBRzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNV BAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUx HTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVl bWFpbCBSU0EgMjAwMC44LjMwMB4XDTAxMDgyNDE2NDAwMFoXDTAyMDgyNDE2NDAwMFowVDEP MA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYDVQQDEwtMYXJzIEVnZ2VydDEc MBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA0AvLBsD78nxcUHeHkaMgl3b4qYPnfgbf8Lh+HQP8RgGMRG/Yb+vTpkGezlwt9pkJxiD1 1uZDy4CNNJUu3gKxKSb+zRV70O+lkwwftuHoLHoH4xwo3LcQ2LGDpd+I95tUN4dfJ3TmeEcU SF50dC/SuUI4w8AlhXQ8IxrhgdayTpECAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIB BAQTTDJ1TXlmZkJOVWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1Ud EwEB/wQCMAAwDQYJKoZIhvcNAQECBQADgYEAheZhn0pQA8zI7U2K1ZIAl11j0a1DKxnp3GtT vOUrGRB3WvYxidvdZ1kizhEsWeXU81TkNDH0DaRqtOEeu6Q2OhB+jeKEqY7IDAJE4/fI0e+d 6PnG1hd+vEvYmsKHkmzBhPc94XUOKNWO+qVNP2NGyNI3QIDy5wX4fdcOo1S34r4wggK1MIIC HqADAgECAgMFgUcwDQYJKoZIhvcNAQECBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxX ZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYD VQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMDAeFw0wMTA4MjQxNjQwMDBaFw0wMjA4MjQxNjQwMDBaMFQxDzANBgNV BAQTBkVnZ2VydDENMAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkq hkiG9w0BCQEWDWxhcnNlQGlzaS5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAL ywbA+/J8XFB3h5GjIJd2+KmD534G3/C4fh0D/EYBjERv2G/r06ZBns5cLfaZCcYg9dbmQ8uA jTSVLt4CsSkm/s0Ve9DvpZMMH7bh6Cx6B+McKNy3ENixg6XfiPebVDeHXyd05nhHFEhedHQv 0rlCOMPAJYV0PCMa4YHWsk6RAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIBADAaMBgCAQQEE0wy dU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVkdTAMBgNVHRMBAf8E AjAAMA0GCSqGSIb3DQEBAgUAA4GBAIXmYZ9KUAPMyO1NitWSAJddY9GtQysZ6dxrU7zlKxkQ d1r2MYnb3WdZIs4RLFnl1PNU5DQx9A2karThHrukNjoQfo3ihKmOyAwCROP3yNHvnej5xtYX frxL2JrCh5JswYT3PeF1DijVjvqlTT9jRsjSN0CA8ucF+H3XDqNUt+K+MIIDKTCCApKgAwIB AgIBDDANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEo MCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhh d3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVl bWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTAyMDgyOTIzNTk1OVowgZIxCzAJ BgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UE AxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOB jQAwgYkCgYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/ +TRxoKNtmPHDT6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENC UFGHgzzwObSbVIoTh/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwx GjAYBgNVBAMTEVByaXZhdGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0P BAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBAHMbbyZli/8VNEtZYortRL5Jx+gNu4+5DWomKmKE H7iHY3QcbbfPGlORS+HN5jjZ7VD0Omw0kqzmkpxuwSMBwgmn70uuct0GZ/VQby5YuLYLwVBX tewc1+8XttWIm7eiiBrtOVs5fTT8tpYYJU1q9J3Fw5EvqZa4BTxS/N3pYgNIMYICpjCCAqIC AQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT CUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2 aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDBYFHMAkG BSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X DTAyMDMyMDIyNDQwNlowIwYJKoZIhvcNAQkEMRYEFApAdHOn5Idr38yGEviOyRFmEqZTMFIG CSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0BCRACCzGBnaCBmjCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMFgUcwDQYJKoZIhvcNAQEB BQAEgYAkGXlxFIEMH2nDGbKlKJnBeIjxrMogg6icuKFQk6Ge/D+usmBUPNDISkfjO4Gtc8c+ mnr1vO79CRO1++MUyYgDbu6VC7De2Ehix/tXEA0J0FatQAf2y7DL4lA9QMNzMkEBWtTCtA6Y aOyFnlACMjf2KvKP2BzckFlev63tqmNg4gAAAAAAAA== --------------ms010805040700090403020708-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 16:45:49 2002 Delivered-To: freebsd-net@freebsd.org Received: from studsboll.d2g.com (a63.flamman.student.liu.se [130.236.218.63]) by hub.freebsd.org (Postfix) with ESMTP id 884B837B400 for ; Wed, 20 Mar 2002 16:45:44 -0800 (PST) Received: from studsboll.realworld.nu (localhost [127.0.0.1]) by studsboll.d2g.com (8.11.6/8.11.6) with SMTP id g2L0jPS14556; Thu, 21 Mar 2002 01:45:25 +0100 (CET) (envelope-from doktorn@realworld.nu) Date: Thu, 21 Mar 2002 01:45:24 +0100 From: Rickard Borgmäster To: Lars Eggert Cc: freebsd-net@freebsd.org Subject: Re: IPSec tunnel FreeBSD<->OpenBSD using isakmp Message-Id: <20020321014524.667eab66.doktorn@realworld.nu> In-Reply-To: <3C9910B6.2090005@isi.edu> References: <20020320205735.0851b080.doktorn@realworld.nu> <3C98EF33.6090207@isi.edu> <20020320231802.222a8dd2.doktorn@realworld.nu> <3C9910B6.2090005@isi.edu> X-Mailer: Sylpheed version 0.7.2 (GTK+ 1.2.10; i386-portbld-freebsd4.5) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002 14:44:06 -0800 Lars Eggert hit the keyboard and punched: > No, there is an (older) KAME included in FreeBSD; however that one > doesn't yet represent SAs in the routing table as interfaces. I still do not understand wether I need KAME or not? What would it gain to install KAME? > Sorry for being unclear: You miss a route entry (on the FreeBSD box, > e.g.) that tells it to forward 10/24 to the OpenBSD box. You can't have > such a route, because the SA that connects the two isn't represented in > the routing table (it's a packet filter). One thing that pops up in my head is, "what if I had an interface in the 10.0.0.0/24 net?". Therefore, I am right now recompiling my kernel to include 2 loopback interfaces. Then I will set a 10.0.0.x address to it and we'll se what happens =) What do you think? -- Rickard .--. .--. .----------------------------------------. | | | | .-. | Rickard Borgmäster | | | | |/ / | doktorn@sub.nu | .-^ | .--. | < | http://doktorn.sub.nu/ | ( o | ( () ) | |\ \ `----------------------------------------' `-----' `--' `--' `--' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Mar 20 22:40:29 2002 Delivered-To: freebsd-net@freebsd.org Received: from claven.cs.wisc.edu (claven.cs.wisc.edu [128.105.6.18]) by hub.freebsd.org (Postfix) with ESMTP id C9BAF37B420 for ; Wed, 20 Mar 2002 22:40:13 -0800 (PST) Received: from tux19.cs.wisc.edu (tux19.cs.wisc.edu [128.105.111.119]) by claven.cs.wisc.edu (8.9.2/8.9.2) with ESMTP id AAA11536 for ; Thu, 21 Mar 2002 00:40:13 -0600 (CST) Received: from localhost (haryadi@localhost) by tux19.cs.wisc.edu (8.9.2/8.9.2) with ESMTP id AAA06665 for ; Thu, 21 Mar 2002 00:40:13 -0600 (CST) X-Authentication-Warning: tux19.cs.wisc.edu: haryadi owned process doing -bs Date: Thu, 21 Mar 2002 00:40:12 -0600 (CST) From: Haryadi Gunawi To: net@freebsd.org Subject: Re: incorrect checksums with xl? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Can someone help me point the source code where "the TCP/IP stack knows that the NIC is going to insert the checksums"? Is there anyway to disable checksum in the hardware so that the checksum will be done in software or to force the TCP/IP stack do the checksumming? My current project is to measure the TCP/IP processing overhead, I want to measure the performance with checksumming in the software. I use FreeBSD 4.4. thanks in advance Haryadi ps: I am not in the milis, so can you please cc me. > You are running tcpdump on the system that's sending the "bad" > packets, right? It makes perfect sense. The TCP/IP stack knows > that the NIC is going to insert the checksums, so it doesn't bother > calculating them itself. So BPF is handed packets in mbufs without > any checksums. On the way out to the wire, the NIC hardware/firmware > adds the checksums, but they don't show up in the mbufs that are being > sent to BPF. If you run tcpdump on the receiving system instead, > you'll find that the checksums seen there are valid. > The same thing happens in the bge driver, because it also offloads > checksum generation to the NIC. > John To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 1: 7: 0 2002 Delivered-To: freebsd-net@freebsd.org Received: from hotmail.com (f257.law7.hotmail.com [216.33.236.135]) by hub.freebsd.org (Postfix) with ESMTP id C818337B426; Thu, 21 Mar 2002 01:06:38 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 21 Mar 2002 01:06:38 -0800 Received: from 216.251.50.73 by lw7fd.law7.hotmail.msn.com with HTTP; Thu, 21 Mar 2002 09:06:37 GMT X-Originating-IP: [216.251.50.73] From: "sakib mondal" Date: Thu, 21 Mar 2002 09:06:37 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 21 Mar 2002 09:06:38.0772 (UTC) FILETIME=[B59E2F40:01C1D0B7] To: undisclosed-recipients:; Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, My applogoies if you have received multiple copies of this message. I am looking for a solution/help in porting a freebsd networking application written at tcp and ip-level (involves mbuf, socketbuf structures and associated routines) to linux platform. I am not able to trace any good source of help on this. I shall appreciate any pointers/help in this regard. TIA. Sakib _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 2:25:35 2002 Delivered-To: freebsd-net@freebsd.org Received: from claven.cs.wisc.edu (claven.cs.wisc.edu [128.105.6.18]) by hub.freebsd.org (Postfix) with ESMTP id 9A94237B400 for ; Thu, 21 Mar 2002 02:25:29 -0800 (PST) Received: from tux12.cs.wisc.edu (tux12.cs.wisc.edu [128.105.111.112]) by claven.cs.wisc.edu (8.9.2/8.9.2) with ESMTP id EAA30962 for ; Thu, 21 Mar 2002 04:25:28 -0600 (CST) Received: from localhost (haryadi@localhost) by tux12.cs.wisc.edu (8.9.2/8.9.2) with ESMTP id EAA06417 for ; Thu, 21 Mar 2002 04:25:28 -0600 (CST) X-Authentication-Warning: tux12.cs.wisc.edu: haryadi owned process doing -bs Date: Thu, 21 Mar 2002 04:25:28 -0600 (CST) From: Haryadi Gunawi To: net@freebsd.org Subject: bug in xl_intr (an 'xl' interrupt function)? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I have FreeBSD 4.4, and I wrote simple TCP and UDP progras bacically the client sends some bytes and the server echo the messages. I use Ethernet which MTU is around 1400++ (I forget exactly), and the NIC is "3Com Fast EtherLink XC PCI3Com Fast EtherLink XC PCI". Using sample based profiling system I can obtain the timing distribution for "xl_intr" function (in src/sys/pci/if_xl.c): Bytes %-tcp %-udp 0200 0.01 0.01 1000 0.02 0.01 1200 0.01 0.01 1400 0.03 0.01 1450 18.12 0.01 <---- 1500 21.78 0.01 1600 19.07 0.01 3000 16.06 0.01 What the table means is that (for the 1st row), If I ran the program using TCP, when sending and receiving 200 bytes messages, the xl_intr routine only spend 0.01 % of the Overhead Processing Time (not include the transmission time). --> Now the weird result (for TCP) is that after it hits the MTU (1400+), the xl_intr suddenly jumps SPENDING MORE THAN 15% of the overhead processing time. I don't know whether this is the correct result or not. But it seems a bug to me. I don't think a device protocol should spend that much time. The long time spent is not in other functions called from xl_intr, but in the body of the xl_intr itself. Can anyone help me find out what's going on here? or if this is too details, can someone please tell me where I can find the 'xl' functions documentation (very detail one, the structure, implementation, etc ...). Thank you very much for your time appreciate it Haryadi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 11:22: 4 2002 Delivered-To: freebsd-net@freebsd.org Received: from rerun.avayactc.com (rerun.avayactc.com [199.93.237.2]) by hub.freebsd.org (Postfix) with ESMTP id 0CA3337B404 for ; Thu, 21 Mar 2002 11:22:02 -0800 (PST) Received: by rerun.avayactc.com with Internet Mail Service (5.5.2653.19) id ; Thu, 21 Mar 2002 14:21:13 -0500 Message-ID: <3A6D367EA1EFD4118C9B00A0C9DD99D70655B7@rerun.avayactc.com> From: "Cambria, Mike" To: "'freebsd-net@freebsd.org'" Subject: Unnumbered IP Interface Date: Thu, 21 Mar 2002 14:21:05 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Can an unnumbered IP interface be configured on FreeBSD (4.5-Stable)? Will Zebra and/or GateD (or RouteD) handle it properly? Thanks, MikeC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 12:54:35 2002 Delivered-To: freebsd-net@freebsd.org Received: from ady.warpnet.ro (ady.warpnet.ro [217.156.25.2]) by hub.freebsd.org (Postfix) with ESMTP id 221AC37B404; Thu, 21 Mar 2002 12:54:29 -0800 (PST) Received: from localhost (ady@localhost) by ady.warpnet.ro (8.9.3/8.9.3) with ESMTP id WAA50257; Thu, 21 Mar 2002 22:54:26 +0200 (EET) (envelope-from ady@freebsd.ady.ro) Date: Thu, 21 Mar 2002 22:54:26 +0200 (EET) From: Adrian Penisoara X-Sender: ady@ady.warpnet.ro To: freebsd-arch@freebsd.org, freebsd-net@freebsd.org Subject: Help needed: ALTQ integration into FreeBSD Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Having the prerequisite agreement of the FreeBSD core team I'm delighted to announce my intention of putting the basis of a "ALTQ framework integration into FreeBSD" project. The current set target is "porting" the sources of the ALTQ project (ALTQ 3.1 is available for the 4.5-RELEASE branch) to FreeBSD-current. This is certainly not a easy nor simple task and I surely don't have all the skills needed right now, so I'm going to need help. I'm looking for a mentor (or more) with FreeBSD core networking knowledge and, if possible, with commit privileges to the right spots. If you know such a person or if you are one please contact me. Also, anybody interested to discuss, contribute or help in any other way is very welcomed to contact me. Reference: ALTQ project home http://www.csl.sony.co.jp/person/kjc/kjc/software.html Thank you very much, Adrian Penisoara Ady (@freebsd.ady.ro) _______________________________________________________________________ | Programming in BASIC causes brain damage. | | (Edsger Wybe Dijkstra) | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 13:20:10 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by hub.freebsd.org (Postfix) with ESMTP id 3C3D737B404 for ; Thu, 21 Mar 2002 13:20:06 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020321212005.GHKM2626.rwcrmhc51.attbi.com@InterJet.elischer.org>; Thu, 21 Mar 2002 21:20:05 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id NAA17779; Thu, 21 Mar 2002 13:04:45 -0800 (PST) Date: Thu, 21 Mar 2002 13:04:44 -0800 (PST) From: Julian Elischer To: "Cambria, Mike" Cc: "'freebsd-net@freebsd.org'" Subject: Re: Unnumbered IP Interface In-Reply-To: <3A6D367EA1EFD4118C9B00A0C9DD99D70655B7@rerun.avayactc.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Unnumbered interfaces are not supported officially, but it may still work.. A while ago it was possible to use 'route' to add a rout eto a p2p interface by name and not assign it any addresses. thus packets would still be passed across the link without it having any addresses. (this is great for not wasting adresses) I do not know it this still works, asd I have not tested it for a long time (several years) from memory the 'route' man page still specifies how to do the route end of thing. you might try it and get back to us to let us know it it still works. (it has to be a point-2-point interface, e.g. a sync serial card) On Thu, 21 Mar 2002, Cambria, Mike wrote: > > Hi, > > Can an unnumbered IP interface be configured on FreeBSD (4.5-Stable)? > > Will Zebra and/or GateD (or RouteD) handle it properly? > > Thanks, > MikeC > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 13:37: 6 2002 Delivered-To: freebsd-net@freebsd.org Received: from rerun.avayactc.com (rerun.avayactc.com [199.93.237.2]) by hub.freebsd.org (Postfix) with ESMTP id 5265937B417 for ; Thu, 21 Mar 2002 13:36:56 -0800 (PST) Received: by rerun.avayactc.com with Internet Mail Service (5.5.2653.19) id ; Thu, 21 Mar 2002 16:36:07 -0500 Message-ID: <3A6D367EA1EFD4118C9B00A0C9DD99D70655B9@rerun.avayactc.com> From: "Cambria, Mike" To: "'freebsd-net@freebsd.org'" Cc: 'Julian Elischer' Subject: RE: Unnumbered IP Interface Date: Thu, 21 Mar 2002 16:35:58 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thanks. I'll check out route man page. I am running synchronous serial PCI cards. I have one FreeBSD 4.5-Stable machine routing Ethernet, PPP and Wireless just to see if it would all play together. I'm running a few LMC (now SBE) HSSI and T1/E1 cards in various FreeBSD boxes. One of the devices I need to test against (and work with in the field) doesn't seem to let me configure an IP address for both ends via "ifconfig". For example: ifconfig lmc0 10.1.1.1 10.1.1.2 netmask 255.255.255.255 works just fine FreeBSD to FreeBSD. No such command exists on this one box I need to deal with. I configure a subnet (e.g. Ethernet) or unnumbered p2p, that's it as far as I can tell. The manual for this device does claim to support unnumbered, so I want to try that on our side if possible. If that works, the next trick is to find an OSPF that can deal with it. Thanks again, MikeC -----Original Message----- From: Julian Elischer [mailto:julian@elischer.org] Sent: Thursday, March 21, 2002 4:05 PM To: Cambria, Mike Cc: 'freebsd-net@freebsd.org' Subject: Re: Unnumbered IP Interface Unnumbered interfaces are not supported officially, but it may still work.. A while ago it was possible to use 'route' to add a rout eto a p2p interface by name and not assign it any addresses. thus packets would still be passed across the link without it having any addresses. (this is great for not wasting adresses) I do not know it this still works, asd I have not tested it for a long time (several years) from memory the 'route' man page still specifies how to do the route end of thing. you might try it and get back to us to let us know it it still works. (it has to be a point-2-point interface, e.g. a sync serial card) On Thu, 21 Mar 2002, Cambria, Mike wrote: > > Hi, > > Can an unnumbered IP interface be configured on FreeBSD (4.5-Stable)? > > Will Zebra and/or GateD (or RouteD) handle it properly? > > Thanks, > MikeC > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 15: 6:25 2002 Delivered-To: freebsd-net@freebsd.org Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by hub.freebsd.org (Postfix) with SMTP id 4EAAF37B41B for ; Thu, 21 Mar 2002 15:06:14 -0800 (PST) Received: (qmail 93729 invoked from network); 21 Mar 2002 23:04:08 -0000 Received: from unknown (HELO pipeline.ch) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 21 Mar 2002 23:04:08 -0000 Message-ID: <3C9A672C.F4A489AB@pipeline.ch> Date: Fri, 22 Mar 2002 00:05:16 +0100 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Adrian Penisoara Cc: freebsd-arch@freebsd.org, freebsd-net@freebsd.org, jeker@n-r-g.com Subject: Re: Help needed: ALTQ integration into FreeBSD References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Adrian Penisoara wrote: > > Hi, > > Having the prerequisite agreement of the FreeBSD core team I'm > delighted to announce my intention of putting the basis of a "ALTQ > framework integration into FreeBSD" project. Does this mean the core team has approved the integration of ALTQ into FreeBSD-current? > The current set target is "porting" the sources of the ALTQ project > (ALTQ 3.1 is available for the 4.5-RELEASE branch) to FreeBSD-current. > This is certainly not a easy nor simple task and I surely don't have all > the skills needed right now, so I'm going to need help. I'm looking for > a mentor (or more) with FreeBSD core networking knowledge and, if > possible, with commit privileges to the right spots. If you know such a > person or if you are one please contact me. Myself and a collegue of mine are starting to work on a couple of FreeBSD networking related projects from next month on. ALTQ is one of the things on our plate but I think we would have got to it not before summer. We want to overhaul a couple of things in the *BSD networking stack (IP but not TCP/UDP) which are out of date in these days. Part of that is to address many issues Garret Wollman has identified in an email on -net many moons ago. Some things that will be addressed are for example the routing table (old and fat structure, policy routing), IPIP tunneling abstractions (GRE etc.) and some more things. The plan is to first research and identify all issues with the currect networking stack in FreeBSD (1 month). Then to research and identify possible new structures/framworks and to publish a research paper with our findings and recommendations (1-2 month). From then on discussion and implementation will begin. This work is funded by my company (Internet Business Solutions AG) because we want to use a FreeBSD kernel in our high-performance and special purpose routing device by Winter 2002. My goal is to submit as much code as possible of the non-special stuff into FreeBSD (as I've done in the past with RADIUS for Brian's ppp and some Netgraph stuff and the OLDCARD in -stable last year (I organized funding for Brian, Julian and Warner to work on it)). -- Andre > Also, anybody interested to discuss, contribute or help in any other > way is very welcomed to contact me. > > Reference: > > ALTQ project home > http://www.csl.sony.co.jp/person/kjc/kjc/software.html > > Thank you very much, > Adrian Penisoara > Ady (@freebsd.ady.ro) > _______________________________________________________________________ > | Programming in BASIC causes brain damage. | > | (Edsger Wybe Dijkstra) | > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-arch" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 15:11: 1 2002 Delivered-To: freebsd-net@freebsd.org Received: from swan.prod.itd.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123]) by hub.freebsd.org (Postfix) with ESMTP id AB28537B419; Thu, 21 Mar 2002 15:10:56 -0800 (PST) Received: from pool0042.cvx21-bradley.dialup.earthlink.net ([209.179.192.42] helo=mindspring.com) by swan.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16oBhr-0004w9-00; Thu, 21 Mar 2002 15:10:52 -0800 Message-ID: <3C9A6867.1C38EF1E@mindspring.com> Date: Thu, 21 Mar 2002 15:10:31 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Adrian Penisoara Cc: freebsd-arch@freebsd.org, freebsd-net@freebsd.org Subject: Re: Help needed: ALTQ integration into FreeBSD References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Julian did some nice QOS work at Whistle that he always shushes me when I mention it. You should beat him over the head for it. It's not necessarily miscible with AltQ, but it had the effect of controlling the amount of buffer space taken on the remote end of a slow link, so that a single transfer over an impedence mismatched link didn't stop all the other traffic, regardless of the QOS settings. From what I remember, AltQ had this problem, and no reasonable way to resolve it. -- Terry Adrian Penisoara wrote: > > Hi, > > Having the prerequisite agreement of the FreeBSD core team I'm > delighted to announce my intention of putting the basis of a "ALTQ > framework integration into FreeBSD" project. > > The current set target is "porting" the sources of the ALTQ project > (ALTQ 3.1 is available for the 4.5-RELEASE branch) to FreeBSD-current. > This is certainly not a easy nor simple task and I surely don't have all > the skills needed right now, so I'm going to need help. I'm looking for > a mentor (or more) with FreeBSD core networking knowledge and, if > possible, with commit privileges to the right spots. If you know such a > person or if you are one please contact me. > > Also, anybody interested to discuss, contribute or help in any other > way is very welcomed to contact me. > > Reference: > > ALTQ project home > http://www.csl.sony.co.jp/person/kjc/kjc/software.html > > Thank you very much, > Adrian Penisoara > Ady (@freebsd.ady.ro) > _______________________________________________________________________ > | Programming in BASIC causes brain damage. | > | (Edsger Wybe Dijkstra) | > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-arch" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 15:45:12 2002 Delivered-To: freebsd-net@freebsd.org Received: from harrier.prod.itd.earthlink.net (harrier.mail.pas.earthlink.net [207.217.120.12]) by hub.freebsd.org (Postfix) with ESMTP id 6F0D637B400; Thu, 21 Mar 2002 15:44:55 -0800 (PST) Received: from pool0042.cvx21-bradley.dialup.earthlink.net ([209.179.192.42] helo=mindspring.com) by harrier.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16oCEd-0000UD-00; Thu, 21 Mar 2002 15:44:44 -0800 Message-ID: <3C9A7056.84A401EF@mindspring.com> Date: Thu, 21 Mar 2002 15:44:22 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Andre Oppermann Cc: Adrian Penisoara , freebsd-arch@freebsd.org, freebsd-net@freebsd.org, jeker@n-r-g.com Subject: Re: Help needed: ALTQ integration into FreeBSD References: <3C9A672C.F4A489AB@pipeline.ch> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Andre Oppermann wrote: > The plan is to first research and identify all issues with the currect > networking stack in FreeBSD (1 month). Here are some that I think need to be addressed. o Can't make more that 64k outbound connections, without heroic measures, even with multiple IP addresses. o Exponential slowdown because of in_pcblookup_hash, at some "cliff" equalt to the number of buckets (should use a btree or some other scalable structure) o TCP/IP timers go into timeout wheel out of expiration order, so expiration has to traverse entire list; as most expire before they are e3ver called, this is all dead weight. Should use a per interval list for some small number of granular intervals; adding adds to the end of the list, so expiration can limit traversal to the first entry where the timeout is not expired, and not examine the rest of the outstanding timers. o Jon Lemon's patches don't deal with receiver livelock in the case that the livelock occurs higher in the stack (e.g. in the accept of connections). LRP, per Peter Druschel @ Rice University, is a better approach, overall. o Luigi Rizzo's patches only deal with fixed interval scheduling when polling is on, and so degrade radically with load outside the prediction parameters (e.g. NFS processing vs. packet forwarding vs. user space app.). Using queue depth to user space, and weighted fair share is a better scheduling policy that assures better performance, per Jeff Mogul, DEC Western Research Laboratories. o Fast retransmit (ala TCP Reno) has a number of problems during Fast Recovery that lead to "yoyo mode" (peristaltic congestion). Rate Halving, per Hoe @ Pittsburg Supercomputing Center at Carnegie Mellon is a better approach. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 16:43:38 2002 Delivered-To: freebsd-net@freebsd.org Received: from castle.jp.FreeBSD.org (castle.jp.FreeBSD.org [210.226.20.15]) by hub.freebsd.org (Postfix) with ESMTP id 9B30937B417; Thu, 21 Mar 2002 16:43:34 -0800 (PST) Received: from localhost (localhost [::1]) by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet6 id g2M0hJc17846; Fri, 22 Mar 2002 09:43:19 +0900 (JST) (envelope-from matusita@jp.FreeBSD.org) Cc: arch@FreeBSD.org, net@FreeBSD.org In-Reply-To: References: X-User-Agent: Mew/1.94.2 XEmacs/21.5 (bamboo) X-FaceAnim: (-O_O-)(O_O- )(_O- )(O- )(- -)( -O)( -O_)( -O_O)(-O_O-) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Dispatcher: imput version 20000228(IM140) Lines: 17 From: Makoto Matsushita To: ady@freebsd.ady.ro Subject: Re: Help needed: ALTQ integration into FreeBSD Date: Fri, 22 Mar 2002 09:43:10 +0900 Message-Id: <20020322094310E.matusita@jp.FreeBSD.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ady> Having the prerequisite agreement of the FreeBSD core team I'm ady> delighted to announce my intention of putting the basis of a "ALTQ ady> framework integration into FreeBSD" project. Have you ever contact to Cho-san, the author of ALTQ? He is also a FreeBSD committer (kjc@FreeBSD.org), and may willing to help you if he have enough time to do. ALTQ implementation is already integrated into KAME; maybe KAME guys can help you. I've heard a few days ago that a new FreeBSD committer, suz (from KAME team itself), is approved by core, but his account on freefall is *not* created (I dunno why but it's true) so he can't do his work (sigh). -- - Makoto `MAR' Matsushita To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 18:11:16 2002 Delivered-To: freebsd-net@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id CFD3037B404; Thu, 21 Mar 2002 18:11:11 -0800 (PST) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.6) with SMTP id g2M2B2k35778; Thu, 21 Mar 2002 21:11:02 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Thu, 21 Mar 2002 21:11:02 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Andre Oppermann Cc: Adrian Penisoara , freebsd-arch@freebsd.org, freebsd-net@freebsd.org, jeker@n-r-g.com Subject: Re: Help needed: ALTQ integration into FreeBSD In-Reply-To: <3C9A672C.F4A489AB@pipeline.ch> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 22 Mar 2002, Andre Oppermann wrote: > > Having the prerequisite agreement of the FreeBSD core team I'm > > delighted to announce my intention of putting the basis of a "ALTQ > > framework integration into FreeBSD" project. > > Does this mean the core team has approved the integration of ALTQ into > FreeBSD-current? The core team has neither approved nor rejected anything. However, there were a number of us who said "Yeah, we've been hoping someone would make this happen". Obviously, any final integration decision would be based on having a much better idea about the positive and negative aspects of the work. One of the recommendations we made was that this work definitely be done on 5.0-CURRENT, and take the fine-grained SMP work into account. The other recommendation we made was that this be done in careful coordination with others working on it: there's a lot of interest in ALTQ, and existing porting work. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 18:56: 0 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d135.as15.nwbl0.wi.voyager.net [169.207.136.73]) by hub.freebsd.org (Postfix) with ESMTP id 8685337B417 for ; Thu, 21 Mar 2002 18:55:56 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2M8s25d003988; Fri, 22 Mar 2002 02:54:02 -0600 (CST) (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2M8s03Q003985; Fri, 22 Mar 2002 02:54:01 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Fri, 22 Mar 2002 02:54:00 -0600 (CST) From: Mike Silbersack To: Garrett Wollman Cc: net@FreeBSD.ORG Subject: Re: Getting rid of maxsockets. In-Reply-To: <200203202233.g2KMXcC61425@khavrinen.lcs.mit.edu> Message-ID: <20020322025040.C3059-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002, Garrett Wollman wrote: > < said: > > > That would end up being a reduction below the current value; right now > > sockets > maxfiles with large maxuser values. Whether or not this is a > > necessary differential, I'm not sure. (With TIME_WAIT and FIN_WAIT_2 > > sockets, I believe that maxsockets should exceed maxfiles.) > > My point was that it's not necessary to enforce a limit on sockets, > specifically, because maxfiles (and user resource limits) will keep > users from opening too many sockets. We should probably look to > templating closed TCP connections, since they don't actually need a > socket at all (or most of the PCB). > > -GAWollman A TIME_WAIT cache or similar would be great, I agree. In that case, I'd think that you would want fewer sockets than files so that apps would always have free files available, even once sockets were depleted. In short, I think that it's advantageous having seperate limits, given that doing so is easy. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 19: 1: 4 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d135.as15.nwbl0.wi.voyager.net [169.207.136.73]) by hub.freebsd.org (Postfix) with ESMTP id CBF2B37B404 for ; Thu, 21 Mar 2002 19:00:59 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2M8x55d004037; Fri, 22 Mar 2002 02:59:05 -0600 (CST) (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2M8x4ln004034; Fri, 22 Mar 2002 02:59:05 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Fri, 22 Mar 2002 02:59:04 -0600 (CST) From: Mike Silbersack To: Jeff Roberson Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020320152915.Q41335-100000@mail.chesapeake.net> Message-ID: <20020322025429.K3059-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 20 Mar 2002, Jeff Roberson wrote: > > > > Once everything's UMA'd, then we can develop new sizing parameters. > > Everything has been UMA'd other than MD code, so I'm working on making the > system take advantage of it. > > Thanks! > Jeff I've looked over vmstat -z with a UMA kernel, it's really nice to know that everything is coexisting together now. There's one big target, though: mbufs. I know that Bosko put a lot of work into his new mbuf allocator, but if you could find a way to merge mbufs into the slab allocator the benefits would be huge. Have you discussed doing this with Bosko yet? Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 19:26:40 2002 Delivered-To: freebsd-net@freebsd.org Received: from angelica.unixdaemons.com (angelica.unixdaemons.com [209.148.64.135]) by hub.freebsd.org (Postfix) with ESMTP id C8B6F37B42B for ; Thu, 21 Mar 2002 19:26:11 -0800 (PST) Received: from angelica.unixdaemons.com (bmilekic@localhost.unixdaemons.com [127.0.0.1]) by angelica.unixdaemons.com (8.12.2/8.12.1) with ESMTP id g2M3QCJX087890; Thu, 21 Mar 2002 22:26:12 -0500 (EST) X-Authentication-Warning: angelica.unixdaemons.com: Host bmilekic@localhost.unixdaemons.com [127.0.0.1] claimed to be angelica.unixdaemons.com Received: (from bmilekic@localhost) by angelica.unixdaemons.com (8.12.2/8.12.1/Submit) id g2M3QBre087888; Thu, 21 Mar 2002 22:26:11 -0500 (EST) (envelope-from bmilekic) Date: Thu, 21 Mar 2002 22:26:11 -0500 From: Bosko Milekic To: Mike Silbersack Cc: Jeff Roberson , net@FreeBSD.ORG Subject: Re: Getting rid of maxsockets. Message-ID: <20020321222611.A87587@unixdaemons.com> References: <20020320152915.Q41335-100000@mail.chesapeake.net> <20020322025429.K3059-100000@patrocles.silby.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020322025429.K3059-100000@patrocles.silby.com>; from silby@silby.com on Fri, Mar 22, 2002 at 02:59:04AM -0600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Mar 22, 2002 at 02:59:04AM -0600, Mike Silbersack wrote: > I've looked over vmstat -z with a UMA kernel, it's really nice to know > that everything is coexisting together now. > > There's one big target, though: mbufs. I know that Bosko put a lot of > work into his new mbuf allocator, but if you could find a way to merge > mbufs into the slab allocator the benefits would be huge. Have you > discussed doing this with Bosko yet? > > Mike "Silby" Silbersack As I have previously mentionned, mb_alloc *is* a slab-like allocator but I am prepared to remove large chunks of it and instead glue-into UMA if this can be done in a relatively clean and elegant manner which, after looking at UMA, I've decided that it probably can. -- Bosko Milekic bmilekic@unixdaemons.com bmilekic@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 20:36: 6 2002 Delivered-To: freebsd-net@freebsd.org Received: from mail.chesapeake.net (chesapeake.net [205.130.220.14]) by hub.freebsd.org (Postfix) with ESMTP id 6021037B417 for ; Thu, 21 Mar 2002 20:36:03 -0800 (PST) Received: from localhost (jroberson@localhost) by mail.chesapeake.net (8.11.6/8.11.6) with ESMTP id g2M4Zq555402; Thu, 21 Mar 2002 23:35:52 -0500 (EST) (envelope-from jroberson@chesapeake.net) Date: Thu, 21 Mar 2002 23:35:52 -0500 (EST) From: Jeff Roberson To: Mike Silbersack Cc: net@freebsd.org Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020322025429.K3059-100000@patrocles.silby.com> Message-ID: <20020321233416.B41335-100000@mail.chesapeake.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 22 Mar 2002, Mike Silbersack wrote: > There's one big target, though: mbufs. I know that Bosko put a lot of > work into his new mbuf allocator, but if you could find a way to merge > mbufs into the slab allocator the benefits would be huge. Have you > discussed doing this with Bosko yet? > > Mike "Silby" Silbersack > We have talked about it quite a bit. I'd love to remove the hard limit on mbufs. I may do this soon, but I have other uma related work that will probably come before it. Jeff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 20:44:54 2002 Delivered-To: freebsd-net@freebsd.org Received: from angelica.unixdaemons.com (angelica.unixdaemons.com [209.148.64.135]) by hub.freebsd.org (Postfix) with ESMTP id 0481237B400 for ; Thu, 21 Mar 2002 20:44:49 -0800 (PST) Received: from angelica.unixdaemons.com (bmilekic@localhost.unixdaemons.com [127.0.0.1]) by angelica.unixdaemons.com (8.12.2/8.12.1) with ESMTP id g2M4isJX097070; Thu, 21 Mar 2002 23:44:54 -0500 (EST) X-Authentication-Warning: angelica.unixdaemons.com: Host bmilekic@localhost.unixdaemons.com [127.0.0.1] claimed to be angelica.unixdaemons.com Received: (from bmilekic@localhost) by angelica.unixdaemons.com (8.12.2/8.12.1/Submit) id g2M4irgY097069; Thu, 21 Mar 2002 23:44:53 -0500 (EST) (envelope-from bmilekic) Date: Thu, 21 Mar 2002 23:44:53 -0500 From: Bosko Milekic To: Jeff Roberson Cc: Mike Silbersack , net@FreeBSD.ORG Subject: Re: Getting rid of maxsockets. Message-ID: <20020321234453.A96524@unixdaemons.com> References: <20020322025429.K3059-100000@patrocles.silby.com> <20020321233416.B41335-100000@mail.chesapeake.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020321233416.B41335-100000@mail.chesapeake.net>; from jroberson@chesapeake.net on Thu, Mar 21, 2002 at 11:35:52PM -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Mar 21, 2002 at 11:35:52PM -0500, Jeff Roberson wrote: > On Fri, 22 Mar 2002, Mike Silbersack wrote: > > > There's one big target, though: mbufs. I know that Bosko put a lot of > > work into his new mbuf allocator, but if you could find a way to merge > > mbufs into the slab allocator the benefits would be huge. Have you > > discussed doing this with Bosko yet? > > > > Mike "Silby" Silbersack > > > > We have talked about it quite a bit. I'd love to remove the hard limit on > mbufs. I may do this soon, but I have other uma related work that will > probably come before it. I'm not so sure I like this idea. What would be better (and perhaps what you meant) is: "be able to expand the size of the mbuf allocation `pool' at runtime." In any case, we should not jump to quick conclusions with all data structures right away. Instead, I propose that we first glue-in mbuf allocations to UMA (not too difficult, given that UMA provides an allocation routine stub). If this is done properly [without macro-performance loss] then it should be rather trivial to bring in new functionality. > Jeff -- Bosko Milekic bmilekic@unixdaemons.com bmilekic@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 21:21:14 2002 Delivered-To: freebsd-net@freebsd.org Received: from patrocles.silby.com (d135.as15.nwbl0.wi.voyager.net [169.207.136.73]) by hub.freebsd.org (Postfix) with ESMTP id 614D737B404 for ; Thu, 21 Mar 2002 21:21:10 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2MBIwt2000792; Fri, 22 Mar 2002 05:18:58 -0600 (CST) (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2MBIpcl000789; Fri, 22 Mar 2002 05:18:53 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Fri, 22 Mar 2002 05:18:51 -0600 (CST) From: Mike Silbersack To: Bosko Milekic Cc: Jeff Roberson , Subject: Re: Getting rid of maxsockets. In-Reply-To: <20020321234453.A96524@unixdaemons.com> Message-ID: <20020322051526.W370-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 21 Mar 2002, Bosko Milekic wrote: > On Thu, Mar 21, 2002 at 11:35:52PM -0500, Jeff Roberson wrote: > > > > We have talked about it quite a bit. I'd love to remove the hard limit on > > mbufs. I may do this soon, but I have other uma related work that will > > probably come before it. > > I'm not so sure I like this idea. What would be better (and perhaps > what you meant) is: "be able to expand the size of the mbuf allocation > `pool' at runtime." In any case, we should not jump to quick > conclusions with all data structures right away. Instead, I propose > that we first glue-in mbuf allocations to UMA (not too difficult, given > that UMA provides an allocation routine stub). If this is done properly > [without macro-performance loss] then it should be rather trivial to > bring in new functionality. > > -- > Bosko Milekic Expanding is good, contracting is better. :) Whatever rate you want to do the switchover at would be best; I don't see any urgent need to rush the work. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 22: 8: 3 2002 Delivered-To: freebsd-net@freebsd.org Received: from gull.prod.itd.earthlink.net (gull.mail.pas.earthlink.net [207.217.120.84]) by hub.freebsd.org (Postfix) with ESMTP id EBB7F37B400; Thu, 21 Mar 2002 22:07:54 -0800 (PST) Received: from pool0183.cvx40-bradley.dialup.earthlink.net ([216.244.42.183] helo=mindspring.com) by gull.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16oID9-0004Zq-00; Thu, 21 Mar 2002 22:07:36 -0800 Message-ID: <3C9ACA14.551C554A@mindspring.com> Date: Thu, 21 Mar 2002 22:07:16 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Makoto Matsushita Cc: ady@freebsd.ady.ro, arch@FreeBSD.org, net@FreeBSD.org Subject: Re: Help needed: ALTQ integration into FreeBSD References: <20020322094310E.matusita@jp.FreeBSD.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Makoto Matsushita wrote: > Have you ever contact to Cho-san, the author of ALTQ? He is also a > FreeBSD committer (kjc@FreeBSD.org), and may willing to help you if he > have enough time to do. > > ALTQ implementation is already integrated into KAME; maybe KAME guys > can help you. I've heard a few days ago that a new FreeBSD committer, > suz (from KAME team itself), is approved by core, but his account on > freefall is *not* created (I dunno why but it's true) so he can't do > his work (sigh). Personally, I'm a little "gun shy" about KAME integration right now. The IPv4 IPSEC code has this nasty habit of reserving space for the IPSEC for non-IPSEC connections. This drops the maximum number of connections supportable by a given amount of RAM by a factor of 4 or more. I understand the need to alloc memory for the stuff when the connection is actually an IPSEC connection, but as it is, not using IPSEC, and just having the crap in your kernel has the bad effect on the maximum number of connections. I would really hate to see something else come in that was not conditionalized on it actually being used. 8-(. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 22:15: 8 2002 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id EA6ED37B400 for ; Thu, 21 Mar 2002 22:15:02 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id WAA13065; Thu, 21 Mar 2002 22:12:57 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id g2M6Cn916951; Thu, 21 Mar 2002 22:12:49 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200203220612.g2M6Cn916951@arch20m.dellroad.org> Subject: Re: IPSec for roaming user? In-Reply-To: <20020320140353.19403.qmail@web20006.mail.yahoo.com> "from Vincent Chen at Mar 20, 2002 06:03:53 am" To: Vincent Chen Date: Thu, 21 Mar 2002 22:12:49 -0800 (PST) Cc: net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL88 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Vincent Chen writes: > I am trying to figure out how to let roaming users > access internal resource via freebsd as IPsec gateway. > Because they have dynamic IPs. How can I write > security policy to deal with this? Is there any IPsec > client for windows platform available? It depends on the client. racoon supports accepting connections from arbitrary IP addresses. On Win2k you can use the built-in client if you go through the complex configuration required. Even so, you have to reconfigure everytime your IP address changes. Better yet, buy a commercial IPSec client such as Netscreen. > it ok to let ESP packet coming in and out from anywhere? Yes. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 22:30:12 2002 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id C5C8B37B419 for ; Thu, 21 Mar 2002 22:30:02 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id WAA13131; Thu, 21 Mar 2002 22:23:24 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id g2M6NG716985; Thu, 21 Mar 2002 22:23:16 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200203220623.g2M6NG716985@arch20m.dellroad.org> Subject: Re: incorrect checksums with xl? In-Reply-To: "from Haryadi Gunawi at Mar 21, 2002 00:40:12 am" To: Haryadi Gunawi Date: Thu, 21 Mar 2002 22:23:16 -0800 (PST) Cc: net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL88 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Haryadi Gunawi writes: > Can someone help me point the source code where "the TCP/IP stack knows > that the NIC is going to insert the checksums"? Grep for "ifp->if_hwassist" and "CSUM_" in /sys/netinet/*.c. > Is there anyway to disable checksum in the hardware so that > the checksum will be done in software or > to force the TCP/IP stack do the checksumming? Set ifp->if_hwassist to zero at attach time. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 22:30:17 2002 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id ED5FF37B41B for ; Thu, 21 Mar 2002 22:30:11 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id WAA13118; Thu, 21 Mar 2002 22:18:55 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id g2M6Ikb16963; Thu, 21 Mar 2002 22:18:46 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200203220618.g2M6Ikb16963@arch20m.dellroad.org> Subject: Re: Unnumbered IP Interface In-Reply-To: "from Julian Elischer at Mar 21, 2002 01:04:44 pm" To: Julian Elischer Date: Thu, 21 Mar 2002 22:18:46 -0800 (PST) Cc: "Cambria, Mike" , "'freebsd-net@freebsd.org'" X-Mailer: ELM [version 2.4ME+ PL88 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Julian Elischer writes: > A while ago it was possible to use 'route' to add a rout eto a p2p > interface by name and not assign it any addresses. Yes, this still works.. e.g., "route add 1.2.3.4 -iface ng0". The interface has to be marked 'UP' of course. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Mar 21 22:53:36 2002 Delivered-To: freebsd-net@freebsd.org Received: from picollo.kjc.jp (picollo.ietf53.cw.net [166.63.183.8]) by hub.freebsd.org (Postfix) with ESMTP id E5D9837B41A; Thu, 21 Mar 2002 22:53:31 -0800 (PST) Received: from localhost (kjc@localhost [IPv6:::1]) by picollo.kjc.jp (8.12.2/8.11.3) with ESMTP id g2M5pvkO031624; Fri, 22 Mar 2002 14:52:15 +0900 (JST) Date: Fri, 22 Mar 2002 14:51:46 +0900 (JST) Message-Id: <20020322.145146.41658192.kjc@csl.sony.co.jp> To: matusita@jp.FreeBSD.org Cc: ady@freebsd.ady.ro, arch@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: Help needed: ALTQ integration into FreeBSD From: Kenjiro Cho In-Reply-To: <20020322094310E.matusita@jp.FreeBSD.org> References: <20020322094310E.matusita@jp.FreeBSD.org> X-Mailer: Mew version 2.2 on Emacs 21.1 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > ady> Having the prerequisite agreement of the FreeBSD core team I'm > ady> delighted to announce my intention of putting the basis of a "ALTQ > ady> framework integration into FreeBSD" project. > > Have you ever contact to Cho-san, the author of ALTQ? He is also a > FreeBSD committer (kjc@FreeBSD.org), and may willing to help you if he > have enough time to do. I'm now at IETF and leaving Minneapolis tomorrow morning. I'll talk to Ady when I get back. (yes, I do have an idea on how to integrate fine-grained locking into ALTQ.) -Kenjiro To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 6: 2:31 2002 Delivered-To: freebsd-net@freebsd.org Received: from uven.ru (uven.ru [62.76.35.162]) by hub.freebsd.org (Postfix) with SMTP id 04B8A37B400 for ; Fri, 22 Mar 2002 06:02:28 -0800 (PST) Received: (qmail 28677 invoked from network); 22 Mar 2002 14:04:33 -0000 Received: from sv.ulsu.ru (root@62.76.32.162) by uven.ru with SMTP; 22 Mar 2002 14:04:33 -0000 Received: (from rsa@localhost) by sv.ulsu.ru (8.11.6/8.11.6) id g2ME2Nn01352 for freebsd-net@freebsd.org; Fri, 22 Mar 2002 17:02:23 +0300 (MSK) (envelope-from rsa) Date: Fri, 22 Mar 2002 17:02:23 +0300 (MSK) From: Ruslan Ahmyatzanov Message-Id: <200203221402.g2ME2Nn01352@sv.ulsu.ru> To: freebsd-net@freebsd.org Subject: traffic measure for certain IP range Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, Is there any tools, that i can use for measure traffic, sorted by certain IP range. Ex. first_iprange 10.0.0.1-10.0.0.5/32 10.0.0.8/32 10.0.0.12-10.0.0.16 second_iprange 10.0.0.6/32 10.0.0.10-10.0.0.11/32 third_iprange 10.0.0.7/32 10.0.0.9/32 I think that i could use some program based on BPF/pcap library, but i can't find such a filter that can do it. wbr, rsa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 6: 6:41 2002 Delivered-To: freebsd-net@freebsd.org Received: from relay-1.vistcom.ru (relay-1.vistcom.ru [217.23.84.1]) by hub.freebsd.org (Postfix) with ESMTP id 7C4EF37B419 for ; Fri, 22 Mar 2002 06:06:37 -0800 (PST) Received: from paul (llp-15.vistcom.ru [217.23.84.70]) by relay-1.vistcom.ru (Postfix) with SMTP id 5609EBA10; Fri, 22 Mar 2002 17:06:35 +0300 (MSK) Message-ID: <018601c1d1aa$f0f41ca0$1801a8c0@VIST> From: "Paul Smirnoff" To: "Ruslan Ahmyatzanov" Cc: References: <200203221402.g2ME2Nn01352@sv.ulsu.ru> Subject: Re: traffic measure for certain IP range Date: Fri, 22 Mar 2002 17:07:45 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, You can try to use "trafd". > Is there any tools, that i can use for measure traffic, sorted by > certain IP range. Ex. > first_iprange 10.0.0.1-10.0.0.5/32 10.0.0.8/32 10.0.0.12-10.0.0.16 > second_iprange 10.0.0.6/32 10.0.0.10-10.0.0.11/32 > third_iprange 10.0.0.7/32 10.0.0.9/32 > I think that i could use some program based on BPF/pcap library, but > i can't find such a filter that can do it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 6:46:26 2002 Delivered-To: freebsd-net@freebsd.org Received: from ws1-9.us4.outblaze.com (205-158-62-37.outblaze.com [205.158.62.37]) by hub.freebsd.org (Postfix) with SMTP id 6293237B404 for ; Fri, 22 Mar 2002 06:46:16 -0800 (PST) Received: (qmail 35866 invoked by uid 1001); 22 Mar 2002 14:45:45 -0000 Message-ID: <20020322144545.35863.qmail@mail.com> Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit MIME-Version: 1.0 X-Mailer: MIME-tools 5.41 (Entity 5.404) Received: from [211.167.254.65] by ws1-9.us4.outblaze.com with http for backend@mail.com; Fri, 22 Mar 2002 09:45:45 -0500 From: "Haiwei Chan" To: freebsd-net@freebsd.org Date: Fri, 22 Mar 2002 09:45:45 -0500 Subject: error handling in in_ifinit() X-Originating-Ip: 211.167.254.65 X-Originating-Server: ws1-9.us4.outblaze.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In the newest 4-stable kernel whose source codes are synchronized by cvsup, it would fail if trying to add an alias address whose network and netmask are the same as the orignal one on that network interface: # uname -a FreeBSD intra.example.com 4.5-STABLE FreeBSD 4.5-STABLE #5: Fri Mar 22 13:45:41 CST 2002 root@intra.example.com:/usr/src/sys/compile/SERVER i386 # ifconfig xl0 inet 192.168.1.100 netmask 0xffffff00 # ifconfig xl0 inet 192.168.1.101 netmask 0xffffff00 alias ifconfig: ioctl (SIOCDIFADDR): File exists But it worked for 4.4-Release (I'd tested): #uname -a FreeBSD bsd.example.com 4.4-RELEASE FreeBSD 4.4-RELEASE # 17: Fri Mar 22 12:09:36 CST 2002 root@bsd.example.com:/usr/src/sys/compile/SERVER i386 # ifconfig xl0 inet 192.168.1.100 netmask 0xffffff00 # ifconfig xl0 inet 192.168.1.101 netmask 0xffffff00 alias # ifconfig xl0 xl0: flags=8843 mtu 1500 options=3 inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::201:2ff:fe80:2a8b%xl0 prefixlen 64 scopeid 0x2 inet 192.168.1.101 netmask 0xffffff00 broadcast 255.255.255.0 ether 00:01:02:80:2a:8b media: Ethernet autoselect (100baseTX ) status: active Below is a workground patch: [root@www /sys/netinet]# diff -u in.c.orig in.c --- in.c.orig Fri Mar 22 13:16:07 2002 +++ in.c Fri Mar 22 13:16:41 2002 @@ -737,7 +737,8 @@ * interface, because the bootp code wants to set a 0.0.0.0/0 * address on all interfaces. Disable the check when bootp is used. */ - if (error != 0 && ia->ia_dstaddr.sin_family == AF_INET) { + if (error != 0 && error != EEXIST && + ia->ia_dstaddr.sin_family == AF_INET) { ia->ia_addr = oldaddr; return (error); } Should it be done so? -- _______________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup Win the Ultimate Hawaiian Experience from Travelocity. http://ad.doubleclick.net/clk;4018363;6991039;n?http://svc.travelocity.com/promos/winhawaii/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 7:10:26 2002 Delivered-To: freebsd-net@freebsd.org Received: from star.rila.bg (star.rila.bg [194.141.1.32]) by hub.freebsd.org (Postfix) with ESMTP id 9B4D837B41B for ; Fri, 22 Mar 2002 07:10:22 -0800 (PST) Received: from star.rila.bg (vlady@localhost [127.0.0.1]) by star.rila.bg (8.11.6/8.11.4) with SMTP id g2MFAD918314; Fri, 22 Mar 2002 17:10:13 +0200 (EET) (envelope-from vladimirt@rila.bg) Date: Fri, 22 Mar 2002 17:10:13 +0200 From: Vladimir Terziev To: "Paul Smirnoff" Cc: freebsd-net@freebsd.org Subject: Re: traffic measure for certain IP range Message-Id: <20020322171013.571fd5f3.vladimirt@rila.bg> In-Reply-To: <018601c1d1aa$f0f41ca0$1801a8c0@VIST> References: <200203221402.g2ME2Nn01352@sv.ulsu.ru> <018601c1d1aa$f0f41ca0$1801a8c0@VIST> X-Mailer: Sylpheed version 0.7.4 (GTK+ 1.2.7; i386-unknown-freebsd4.5) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org You can try to use "ipa" also. On Fri, 22 Mar 2002 17:07:45 +0300 "Paul Smirnoff" wrote: > Hello, > > You can try to use "trafd". > > > > Is there any tools, that i can use for measure traffic, sorted by > > certain IP range. Ex. > > first_iprange 10.0.0.1-10.0.0.5/32 10.0.0.8/32 10.0.0.12-10.0.0.16 > > second_iprange 10.0.0.6/32 10.0.0.10-10.0.0.11/32 > > third_iprange 10.0.0.7/32 10.0.0.9/32 > > I think that i could use some program based on BPF/pcap library, but > > i can't find such a filter that can do it. > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 11:40:27 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by hub.freebsd.org (Postfix) with ESMTP id B504837B41B for ; Fri, 22 Mar 2002 11:40:22 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020322194022.PZLN2626.rwcrmhc51.attbi.com@InterJet.elischer.org>; Fri, 22 Mar 2002 19:40:22 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id LAA22590; Fri, 22 Mar 2002 11:37:20 -0800 (PST) Date: Fri, 22 Mar 2002 11:37:19 -0800 (PST) From: Julian Elischer To: Ruslan Ahmyatzanov Cc: freebsd-net@freebsd.org Subject: Re: traffic measure for certain IP range In-Reply-To: <200203221402.g2ME2Nn01352@sv.ulsu.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ipfw counters? On Fri, 22 Mar 2002, Ruslan Ahmyatzanov wrote: > Hello, > Is there any tools, that i can use for measure traffic, sorted by > certain IP range. Ex. > first_iprange 10.0.0.1-10.0.0.5/32 10.0.0.8/32 10.0.0.12-10.0.0.16 > second_iprange 10.0.0.6/32 10.0.0.10-10.0.0.11/32 > third_iprange 10.0.0.7/32 10.0.0.9/32 > I think that i could use some program based on BPF/pcap library, but > i can't find such a filter that can do it. > > wbr, rsa > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 14:33:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by hub.freebsd.org (Postfix) with ESMTP id 6FD5F37B417 for ; Fri, 22 Mar 2002 14:33:29 -0800 (PST) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020322223329.VADA2626.rwcrmhc51.attbi.com@blossom.cjclark.org>; Fri, 22 Mar 2002 22:33:29 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g2MMXSf41284; Fri, 22 Mar 2002 14:33:28 -0800 (PST) (envelope-from cjc) Date: Fri, 22 Mar 2002 14:33:28 -0800 From: "Crist J. Clark" To: Haiwei Chan Cc: freebsd-net@FreeBSD.ORG Subject: Re: error handling in in_ifinit() Message-ID: <20020322143328.A41186@blossom.cjclark.org> References: <20020322144545.35863.qmail@mail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020322144545.35863.qmail@mail.com>; from backend@mail.com on Fri, Mar 22, 2002 at 09:45:45AM -0500 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Mar 22, 2002 at 09:45:45AM -0500, Haiwei Chan wrote: > > In the newest 4-stable kernel whose source codes are synchronized by cvsup, > it would fail if trying to add an alias address whose network and netmask > are the same as the orignal one on that network interface: [snip] > Should it be done so? No. It now correctly flags the error. Thanks for tracking down the code that did it. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 15:10: 7 2002 Delivered-To: freebsd-net@freebsd.org Received: from ady.warpnet.ro (ady.warpnet.ro [217.156.25.2]) by hub.freebsd.org (Postfix) with ESMTP id 5238237B400; Fri, 22 Mar 2002 15:09:57 -0800 (PST) Received: from localhost (ady@localhost) by ady.warpnet.ro (8.9.3/8.9.3) with ESMTP id BAA31650; Sat, 23 Mar 2002 01:09:55 +0200 (EET) (envelope-from ady@freebsd.ady.ro) Date: Sat, 23 Mar 2002 01:09:55 +0200 (EET) From: Adrian Penisoara X-Sender: ady@ady.warpnet.ro To: freebsd-arch@freebsd.org, freebsd-net@freebsd.org Subject: Re: Help needed: ALTQ integration into FreeBSD In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Thank you all for your replies. I will keep track of all the mentioned issues. In the mean time I will be waiting for Mr. Kenjiro Cho to return and have a chat with him. I will keep you posted with my/our progress. Thanks! Ady (@freebsd.ady.ro) _______________________________________________________________________ | Programming in BASIC causes brain damage. | | (Edsger Wybe Dijkstra) | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 17:19:46 2002 Delivered-To: freebsd-net@freebsd.org Received: from verniernetworks.com (dns.verniernetworks.com [65.192.41.225]) by hub.freebsd.org (Postfix) with ESMTP id 2D98B37B400 for ; Fri, 22 Mar 2002 17:19:43 -0800 (PST) Received: from getafix.verniernetworks.com (getafix.verniernetworks.com [192.168.10.172]) by verniernetworks.com (8.11.6/8.11.0) with ESMTP id g2N1J7q17555; Fri, 22 Mar 2002 17:19:07 -0800 (PST) (envelope-from dinesh@getafix.verniernetworks.com) Received: from localhost (dinesh@localhost) by getafix.verniernetworks.com (8.11.6/8.11.6) with ESMTP id g2N1VUd60166; Fri, 22 Mar 2002 17:31:30 -0800 (PST) (envelope-from dinesh@getafix.verniernetworks.com) Date: Fri, 22 Mar 2002 17:31:30 -0800 (PST) From: Dinesh Nambisan To: freebsd-net@freebsd.org Cc: julian@elischer.org Subject: Socket buffer size limitation Message-ID: <20020322172352.R60156-100000@getafix.verniernetworks.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I have a situation where I'm trying to set the send and receive buffer sizes on a socket to large values like 1 MB or so (dont ask why :-), simple reason being we need it); and setsockopt for setting the buffer sizes seems to fail with ENOBUFS. On looking at the code in uipc_socket.c where it handles the SO_SNDBUF & SO_RCVBUF options, and the code in uipc_socket2.c where it actually tries to reserve space (in sbreserve function_, the issue seems to be a limit imposed by the code to approx 227K or so [ sb_max(=256) * MCLBYTES / (MSIZE + MCLBYTES) ; which works out to approx 227 K on my platform] Was wondering if anyone could explain as to why this limit is there ? Thanks in advance, Dinesh Nambisan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Mar 22 18:53:59 2002 Delivered-To: freebsd-net@freebsd.org Received: from wall.polstra.com (wall-gw.polstra.com [206.213.73.130]) by hub.freebsd.org (Postfix) with ESMTP id BE6C637B404 for ; Fri, 22 Mar 2002 18:53:55 -0800 (PST) Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13]) by wall.polstra.com (8.11.3/8.11.3) with ESMTP id g2N2rro30056; Fri, 22 Mar 2002 18:53:53 -0800 (PST) (envelope-from jdp@wall.polstra.com) Received: (from jdp@localhost) by vashon.polstra.com (8.11.6/8.11.0) id g2N2rqj07849; Fri, 22 Mar 2002 18:53:52 -0800 (PST) (envelope-from jdp) Date: Fri, 22 Mar 2002 18:53:52 -0800 (PST) Message-Id: <200203230253.g2N2rqj07849@vashon.polstra.com> To: net@freebsd.org From: John Polstra Cc: dinesh@verniernetworks.com Subject: Re: Socket buffer size limitation In-Reply-To: <20020322172352.R60156-100000@getafix.verniernetworks.com> References: <20020322172352.R60156-100000@getafix.verniernetworks.com> Organization: Polstra & Co., Seattle, WA Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article <20020322172352.R60156-100000@getafix.verniernetworks.com>, Dinesh Nambisan wrote: > Hello, > I have a situation where I'm trying to set the send and receive buffer > sizes on a socket to large values like 1 MB or so (dont ask why :-), > simple reason being we need it); and setsockopt for setting the buffer > sizes seems to fail with ENOBUFS. On looking at the code in uipc_socket.c > where it handles the SO_SNDBUF & SO_RCVBUF options, and the code in > uipc_socket2.c where it actually tries to reserve space (in sbreserve > function_, the issue seems to be a limit imposed by the code to > approx 227K or so [ sb_max(=256) * MCLBYTES / (MSIZE + MCLBYTES) ; which > works out to approx 227 K on my platform] > Was wondering if anyone could explain as to why this limit is there ? It's probably there to prevent a hostile or broken process from consuming all of the mbufs and/or mbuf clusters. You can change the limit via the sysctl variable "kern.ipc.maxsockbuf". John -- John Polstra John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Mar 23 9:44:43 2002 Delivered-To: freebsd-net@freebsd.org Received: from smtp016.mail.yahoo.com (smtp016.mail.yahoo.com [216.136.174.113]) by hub.freebsd.org (Postfix) with SMTP id 6E7E337B41A for ; Sat, 23 Mar 2002 09:44:40 -0800 (PST) Received: from nddoru (AUTH login) at 101dial16.xnet.ro (HELO pii) (nddoru@213.233.101.16) by smtp.mail.vip.sc5.yahoo.com with SMTP; 23 Mar 2002 17:44:35 -0000 Message-ID: <01ea01c2e2a8$3c73cb80$0f00a8c0@pii> From: "NASTASA Dorel" To: References: <20020318221932.43835.qmail@web9904.mail.yahoo.com> Subject: Date: Tue, 4 Mar 2003 15:46:00 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org usubscribe freebsd-net _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Mar 23 9:46:59 2002 Delivered-To: freebsd-net@freebsd.org Received: from smtp014.mail.yahoo.com (smtp014.mail.yahoo.com [216.136.173.58]) by hub.freebsd.org (Postfix) with SMTP id 37AEE37B400 for ; Sat, 23 Mar 2002 09:46:57 -0800 (PST) Received: from nddoru (AUTH login) at 101dial16.xnet.ro (HELO pii) (nddoru@213.233.101.16) by smtp.mail.vip.sc5.yahoo.com with SMTP; 23 Mar 2002 17:46:40 -0000 Message-ID: <01f401c2e2a8$8679af60$0f00a8c0@pii> From: "NASTASA Dorel" To: Subject: unsubscribe freebsd-net Date: Tue, 4 Mar 2003 15:48:01 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2615.200 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org unsubscribe freebsd-net _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message