From owner-freebsd-net@FreeBSD.ORG Sun Aug 8 15:07:25 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6C47A16A4CE; Sun, 8 Aug 2004 15:07:25 +0000 (GMT) Received: from grosbein.pp.ru (grgw.svzserv.kemerovo.su [213.184.64.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79A2543D54; Sun, 8 Aug 2004 15:07:24 +0000 (GMT) (envelope-from eugen@grosbein.pp.ru) Received: from grosbein.pp.ru (eugen@localhost [127.0.0.1]) by grosbein.pp.ru (8.12.11/8.12.11) with ESMTP id i78F7NNS009822; Sun, 8 Aug 2004 23:07:23 +0800 (KRAST) (envelope-from eugen@grosbein.pp.ru) Received: (from eugen@localhost) by grosbein.pp.ru (8.12.11/8.12.11/Submit) id i78F7NaX009821; Sun, 8 Aug 2004 23:07:23 +0800 (KRAST) (envelope-from eugen) Date: Sun, 8 Aug 2004 23:07:23 +0800 From: Eugene Grosbein To: bug-followup@freebsd.org Message-ID: <20040808150723.GA9791@grosbein.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i cc: net@freebsd.org Subject: Re: conf/48881: [PATCH] The influence of /etc/start_ifname on /etc/rc.firewall is obscure and harmfull X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Aug 2004 15:07:25 -0000 Hi! Could somebody take a look at this PR? It waits for 17 months. Eugene From owner-freebsd-net@FreeBSD.ORG Sun Aug 8 17:00:53 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B915916A4CE for ; Sun, 8 Aug 2004 17:00:53 +0000 (GMT) Received: from smtp3b.sentex.ca (smtp3b.sentex.ca [205.211.164.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 59AEE43D3F for ; Sun, 8 Aug 2004 17:00:53 +0000 (GMT) (envelope-from mike@sentex.net) Received: from BLUELAPIS.sentex.ca (cage.simianscience.com [64.7.134.1]) by smtp3b.sentex.ca (8.12.11/8.12.11) with SMTP id i78H0bPW001929; Sun, 8 Aug 2004 13:00:37 -0400 (EDT) (envelope-from mike@sentex.net) From: Mike Tancsa To: Julian Elischer Date: Sun, 08 Aug 2004 13:01:00 -0400 Message-ID: <2vmch0phgtf3028ie4447h2hruq7vdi7ac@4ax.com> References: <200407240247.i6O2lQfJ007370@dungeon.home> <200407250144.i6P1iCPx005756@dungeon.home> <41032C09.506@elischer.org> <0pfbg01araih3qekvbse5afdshf2tjf2qr@4ax.com> <4105D6A9.5020600@elischer.org> In-Reply-To: <4105D6A9.5020600@elischer.org> X-Mailer: Forte Agent 1.93/32.576 English (American) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable cc: freebsd-net@freebsd.org Subject: Re: PPPoE problem: "Too many LQR packets lost" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Aug 2004 17:00:53 -0000 On Mon, 26 Jul 2004 21:14:33 -0700, in sentex.lists.freebsd.net you wrote: >Mike Tancsa wrote: > >>On Sat, 24 Jul 2004 20:42:01 -0700, in sentex.lists.freebsd.net you >>wrote: >> =20 >> >>>>>Seriously though, mine was a very ugly hack to >>>>>get things working again for me. Most of the DSL aggregators here >>>>>are Juniper ERXes which do not play nice with FreeBSD's PPPoE. >>>>> >>>>> =20 >>>>> >>>any thoughts as to why? >>> >>>FreeBSD's pppoe is going through a little development at the moment.. >>>Now would be a good time to get it fixed.. >>Hi, >>Simple LCP echos work just fine, but when using LQR things "break". >>There are debug logs posted in the archives when I first figured out >>what was broken. If you need another copy I am happy to post again. >> > >certainly it would be useful. rather than taking potsots at the archive=20 >hoping to catch it.. > >pppoe is tricky because the responsibility for errors os split between=20 >the pppoe module > and the ppp module.. Just to followup for the archives sake, the latest LQR changes do not fix the ppp/PPPoE problem with respect to the issue below. I have a full TCPDUMP as well as ppp debug logs that illustrate the problem for anyone interested.=20 ---Mike From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 07:41:21 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4532316A4CE for ; Mon, 9 Aug 2004 07:41:21 +0000 (GMT) Received: from mx3.mra.co.id (mx3.mra.co.id [202.138.254.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6A47243D1F for ; Mon, 9 Aug 2004 07:41:19 +0000 (GMT) (envelope-from reza@mra.co.id) Received: from localhost (localhost.mra.co.id [127.0.0.1]) by mx3.mra.co.id (Postfix) with ESMTP id 2C96C2E0EF for ; Mon, 9 Aug 2004 14:31:19 +0700 (WIT) Received: from mx3.mra.co.id ([127.0.0.1]) by localhost (mx3.mra.co.id [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 63016-22 for ; Mon, 9 Aug 2004 14:31:19 +0700 (WIT) Received: from mail.mra.co.id (unknown [172.16.0.25]) by mx3.mra.co.id (Postfix) with ESMTP id D91B72E0EE for ; Mon, 9 Aug 2004 14:31:18 +0700 (WIT) Received: from mra.co.id ([172.16.0.228]) by mail.mra.co.id with Microsoft SMTPSVC(5.0.2195.3779); Mon, 9 Aug 2004 14:04:40 +0700 Message-ID: <411722A1.1020108@mra.co.id> Date: Mon, 09 Aug 2004 14:07:13 +0700 From: Muhammad Reza User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040429 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 09 Aug 2004 07:04:40.0031 (UTC) FILETIME=[2384EEF0:01C47DDF] X-Virus-Scanned: by amavisd-new at mra.co.id Subject: pf and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 07:41:21 -0000 Dear Lists, can pf rule work together with ipfw rules ? i need pf rule to do some outgoing load balance, but still need ipfw to do some basic packet filtering, cause i have difficulty to set pf rules default to block if it's apply with load balancing rules. please enlight me.. regards reza From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 08:04:56 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8344D16A4CE for ; Mon, 9 Aug 2004 08:04:56 +0000 (GMT) Received: from adsl-136-23.38-151.net24.it (adsl-136-23.38-151.net24.it [151.38.23.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0401A43D4C for ; Mon, 9 Aug 2004 08:04:56 +0000 (GMT) (envelope-from enrico.sirola@statpro.com) Received: from sirola02 (unknown [192.168.1.2]) by adsl-136-23.38-151.net24.it (Postfix) with ESMTP id A966F61B7; Mon, 9 Aug 2004 10:06:36 +0200 (CEST) To: freebsd-net@freebsd.org From: sirola@fisica.unige.it Date: Mon, 09 Aug 2004 10:05:20 +0200 Message-ID: <878ycoag8v.fsf@statpro.com> User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: retransmissions with bge driver? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: sirola@fisica.unige.it List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 08:04:56 -0000 Hello, I'm going to set up a server with FreeBSD 4.10. While testing the network performance, I see a lot of tcp retransmissions on both the network cards this server have. These are identified as BCM5704C and using the bge driver. Actually, the network cards are configured as 100baseTX (no autoselection) and i get a 5% of retransmissions. Modifying the tcp kernel configuration as follows raises the maximum transfer rates a bit, from 70KBytes/s to 150KBytes/s which are nevertheless poor performances. The relevant parts of my net.inet.tcp are as follows: net.inet.tcp.inflight_enable: 1 net.inet.tcp.sendspace: 65535 net.inet.tcp.recvspace: 65535 net.inet.tcp.rexmit_min: 20 net.inet.tcp.rexmit_slop: 200 kern.ipc.nmbclusters: 32768 By the way, no errors/collisions are reported with netstat -in... netstat -s shows tcp: 3283167 packets sent 1934388 data packets (438813217 bytes) 20514 data packets (28327158 bytes) retransmitted 2095620 packets received 1786464 acks (for 438791442 bytes) 22570 duplicate acks what could be the reason of all these retransmissions? Bad cabling? A poor switch? Thanks in advance for your help, enrico P.S. If I'm writing to the wrong list, please let me know it -- Enrico Sirola From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 11:01:53 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E8A6716A4F9 for ; Mon, 9 Aug 2004 11:01:53 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id CAE1443D31 for ; Mon, 9 Aug 2004 11:01:53 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.11/8.12.11) with ESMTP id i79B1rru077760 for ; Mon, 9 Aug 2004 11:01:53 GMT (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i79B1r1c077754 for freebsd-net@freebsd.org; Mon, 9 Aug 2004 11:01:53 GMT (envelope-from owner-bugmaster@freebsd.org) Date: Mon, 9 Aug 2004 11:01:53 GMT Message-Id: <200408091101.i79B1r1c077754@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Subject: Current problem reports assigned to you X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 11:01:54 -0000 Current FreeBSD problem reports Critical problems Serious problems Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [1999/11/26] kern/15095 net TCP's advertised window is not scaled imm o [2001/02/08] kern/24959 net proper TCP_NOPUSH/TCP_CORK compatibility o [2003/07/11] kern/54383 net NFS root configurations without dynamic p 3 problems total. From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 13:33:26 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5CB2816A4D0 for ; Mon, 9 Aug 2004 13:33:26 +0000 (GMT) Received: from mail.star-sw.com (mail.star-sw.com [217.195.82.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6593C43D54 for ; Mon, 9 Aug 2004 13:33:23 +0000 (GMT) (envelope-from nkritsky@star-sw.com) Received: from ARGON.star-sw.com (argon.star-sw.com [217.195.82.10]) by mail.star-sw.com (8.12.11/8.12.11) with ESMTP id i79DXKgJ099508; Mon, 9 Aug 2004 17:33:20 +0400 (MSD) Received: from ibmka.star-sw.com ([192.168.32.130]) by ARGON.star-sw.com with Microsoft SMTPSVC(5.0.2195.5329); Mon, 9 Aug 2004 17:33:20 +0400 Date: Mon, 9 Aug 2004 17:33:20 +0400 From: "Nickolay A. Kritsky" X-Mailer: The Bat! (v1.49) Personal X-Priority: 3 (Normal) Message-ID: <138135672671.20040809173320@star-sw.com> To: Muhammad Reza In-reply-To: <411722A1.1020108@mra.co.id> References: <411722A1.1020108@mra.co.id> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 09 Aug 2004 13:33:20.0846 (UTC) FILETIME=[6FCEE6E0:01C47E15] cc: freebsd-net@freebsd.org Subject: Re: pf and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Nickolay A. Kritsky" List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 13:33:26 -0000 Hello Muhammad, It was discussed recently on this list. Please search for the thread w/ subject 'packet order, ipf or ipfw'. Monday, August 09, 2004, 11:07:13 AM, Muhammad Reza wrote: MR> Dear Lists, MR> can pf rule work together with ipfw rules ? MR> i need pf rule to do some outgoing load balance, but still need ipfw to MR> do some basic packet filtering, cause i have difficulty to set pf rules MR> default to block if it's apply with load balancing rules. MR> please enlight me.. -- Best regards, ; Nickolay A. Kritsky ; SysAdmin STAR Software LLC ; mailto:nkritsky@star-sw.com From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 13:36:26 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA0F916A4CE for ; Mon, 9 Aug 2004 13:36:26 +0000 (GMT) Received: from mail.star-sw.com (mail.star-sw.com [217.195.82.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 243E043D4C for ; Mon, 9 Aug 2004 13:36:26 +0000 (GMT) (envelope-from nkritsky@star-sw.com) Received: from ARGON.star-sw.com (argon.star-sw.com [217.195.82.10]) by mail.star-sw.com (8.12.11/8.12.11) with ESMTP id i79DZjMv002745; Mon, 9 Aug 2004 17:35:45 +0400 (MSD) Received: from ibmka.star-sw.com ([192.168.32.130]) by ARGON.star-sw.com with Microsoft SMTPSVC(5.0.2195.5329); Mon, 9 Aug 2004 17:35:45 +0400 Date: Mon, 9 Aug 2004 17:35:45 +0400 From: "Nickolay A. Kritsky" X-Mailer: The Bat! (v1.49) Personal X-Priority: 3 (Normal) Message-ID: <78135817453.20040809173545@star-sw.com> To: sirola@fisica.unige.it In-reply-To: <878ycoag8v.fsf@statpro.com> References: <878ycoag8v.fsf@statpro.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 09 Aug 2004 13:35:45.0628 (UTC) FILETIME=[C61AE1C0:01C47E15] cc: freebsd-net@freebsd.org Subject: Re: retransmissions with bge driver? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Nickolay A. Kritsky" List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 13:36:27 -0000 Hello sirola, Try to switch one of the NICs to half-duplex mode. This should do the trick. Monday, August 09, 2004, 12:05:20 PM, sirola@fisica.unige.it wrote: sfui> Hello, sfui> I'm going to set up a server with FreeBSD 4.10. While testing the sfui> network performance, I see a lot of tcp retransmissions on both the sfui> network cards this server have. These are identified as BCM5704C and sfui> using the bge driver. Actually, the network cards are configured as sfui> 100baseTX (no autoselection) and i get a 5% of sfui> retransmissions. Modifying the tcp kernel configuration as follows sfui> raises the maximum transfer rates a bit, from 70KBytes/s to sfui> 150KBytes/s which are nevertheless poor performances. The relevant sfui> parts of my net.inet.tcp are as follows: sfui> net.inet.tcp.inflight_enable: 1 sfui> net.inet.tcp.sendspace: 65535 sfui> net.inet.tcp.recvspace: 65535 sfui> net.inet.tcp.rexmit_min: 20 sfui> net.inet.tcp.rexmit_slop: 200 sfui> kern.ipc.nmbclusters: 32768 sfui> By the way, no errors/collisions are reported with netstat -in... sfui> netstat -s shows sfui> tcp: sfui> 3283167 packets sent sfui> 1934388 data packets (438813217 bytes) sfui> 20514 data packets (28327158 bytes) retransmitted sfui> 2095620 packets received sfui> 1786464 acks (for 438791442 bytes) sfui> 22570 duplicate acks sfui> what could be the reason of all these retransmissions? Bad cabling? A sfui> poor switch? sfui> Thanks in advance for your help, sfui> enrico sfui> P.S. sfui> If I'm writing to the wrong list, please let me know it -- Best regards, ; Nickolay A. Kritsky ; SysAdmin STAR Software LLC ; mailto:nkritsky@star-sw.com From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 15:16:10 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 27ED216A4CE for ; Mon, 9 Aug 2004 15:16:10 +0000 (GMT) Received: from adsl-136-23.38-151.net24.it (adsl-136-23.38-151.net24.it [151.38.23.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id B9BAD43D58 for ; Mon, 9 Aug 2004 15:16:09 +0000 (GMT) (envelope-from enrico.sirola@statpro.com) Received: from sirola02 (unknown [192.168.1.2]) by adsl-136-23.38-151.net24.it (Postfix) with ESMTP id 7979161B7; Mon, 9 Aug 2004 17:17:50 +0200 (CEST) To: "Nickolay A. Kritsky" References: <878ycoag8v.fsf@statpro.com> <78135817453.20040809173545@star-sw.com> Organization: StatPro Italia S.r.l. From: sirola@fisica.unige.it Date: Mon, 09 Aug 2004 17:16:33 +0200 In-Reply-To: <78135817453.20040809173545@star-sw.com> (Nickolay A. Kritsky's message of "Mon, 9 Aug 2004 17:35:45 +0400") Message-ID: <87llgo1gvi.fsf@statpro.com> User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-net@freebsd.org cc: sirola@fisica.unige.it Subject: Re: retransmissions with bge driver? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: sirola@fisica.unige.it List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 15:16:10 -0000 Hi Nickolay, >>>>> "Nickolay" == Nickolay A Kritsky writes: Nickolay> Hello sirola, Try to switch one of the NICs to Nickolay> half-duplex mode. This should do the trick. thanks for the tip, it works now. What could be the reason for the NIC working in half-duplex mode? Thanks again, e. -- Enrico Sirola From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 16:08:02 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 94BDA16A4CE for ; Mon, 9 Aug 2004 16:08:02 +0000 (GMT) Received: from mail.star-sw.com (mail.star-sw.com [217.195.82.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8B8A43D3F for ; Mon, 9 Aug 2004 16:08:01 +0000 (GMT) (envelope-from nkritsky@star-sw.com) Received: from ARGON.star-sw.com (argon.star-sw.com [217.195.82.10]) by mail.star-sw.com (8.12.11/8.12.11) with ESMTP id i79G7x0u002353; Mon, 9 Aug 2004 20:07:59 +0400 (MSD) Received: from ibmka.star-sw.com ([192.168.32.130]) by ARGON.star-sw.com with Microsoft SMTPSVC(5.0.2195.5329); Mon, 9 Aug 2004 20:07:59 +0400 Date: Mon, 9 Aug 2004 20:07:59 +0400 From: "Nickolay A. Kritsky" X-Mailer: The Bat! (v1.49) Personal X-Priority: 3 (Normal) Message-ID: <128144951281.20040809200759@star-sw.com> To: sirola@fisica.unige.it In-reply-To: <87llgo1gvi.fsf@statpro.com> References: <878ycoag8v.fsf@statpro.com> <78135817453.20040809173545@star-sw.com> <87llgo1gvi.fsf@statpro.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 09 Aug 2004 16:07:59.0390 (UTC) FILETIME=[0A405BE0:01C47E2B] cc: freebsd-net@freebsd.org Subject: Re[2]: retransmissions with bge driver? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Nickolay A. Kritsky" List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 16:08:02 -0000 Hello sirola, Monday, August 09, 2004, 7:16:33 PM, sirola@fisica.unige.it wrote: sfui> Hi Nickolay, sfui> thanks for the tip, it works now. What could be the reason for the NIC sfui> working in half-duplex mode? Well, in short it looks like mbufs in the switch are getting filled too fast, what results in random packet drops. Another thing that can help is, perhaps, `flow-control' feature on the switch. But it is more complicated, and so, from technical POV is less preferrable. -- Best regards, ; Nickolay A. Kritsky ; SysAdmin STAR Software LLC ; mailto:nkritsky@star-sw.com From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 16:39:02 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4848016A4CE; Mon, 9 Aug 2004 16:39:02 +0000 (GMT) Received: from shellma.zin.lublin.pl (shellma.zin.lublin.pl [212.182.126.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id CBB3243D60; Mon, 9 Aug 2004 16:39:01 +0000 (GMT) (envelope-from pawmal-posting@freebsd.lublin.pl) Received: by shellma.zin.lublin.pl (Postfix, from userid 1018) id 8FC74347BA8; Mon, 9 Aug 2004 18:37:39 +0200 (CEST) Date: Mon, 9 Aug 2004 18:37:39 +0200 From: Pawel Malachowski To: darrenr@freebsd.org Message-ID: <20040809163739.GA95408@shellma.zin.lublin.pl> References: <20040805225408.GA70729@shellma.zin.lublin.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20040805225408.GA70729@shellma.zin.lublin.pl> User-Agent: Mutt/1.4.2i cc: freebsd-net@freebsd.org Subject: Re: ipfilter/ipnat 3.4.35 and udp-traceroute problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 16:39:02 -0000 On Fri, Aug 06, 2004 at 12:54:08AM +0200, Pawel Malachowski wrote: > I can see weird behavior of this command: > traceroute -s privateIP -P UDP dst > Outgoing UDP packets are translated, ICMP time-exceded message comes back, > but traceroute shows '* * *'. ;) v3.4.35 import breaks things on my RELENG_4 box. FYI: With this ruleset, UDP-traceroute doesn't work (ICMP- works): map fxp0 172.27.201.1/24 -> public/32 proxy port ftp ftp/tcp map fxp0 172.27.201.1/24 -> public/32 portmap tcp/udp auto map fxp0 172.27.201.1/24 -> public/32 % traceroute -s 172.27.201.1 -P udp www.yahoo.com traceroute to www.yahoo.akadns.net (216.109.118.74) from 172.27.201.1, 64 hops max, 44 byte packets 1 * * * 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * *^C % traceroute -s 172.27.201.1 -P icmp www.yahoo.com traceroute to www.yahoo.akadns.net (216.109.118.79) from 172.27.201.1, 64 hops max, 64 byte packets [...] 5 do-war-tr4.tptransit.pl (195.149.232.141) 43.909 ms 36.962 ms 28.713 ms 6 war-b1-pos14-0.telia.net (213.248.79.13) 32.929 ms 45.965 ms 45.940 ms 7 hbg-bb2-pos3-2-0.telia.net (213.248.65.33) 41.702 ms 37.646 ms 47.247 ms 8 kbn-bb2-pos1-2-0.telia.net (213.248.65.126) 45.860 ms 51.259 ms 36.435 ms 9 nyk-bb2-pos5-0-0.telia.net (213.248.64.34) 138.898 ms 136.887 ms^C % ipnat -s mapped in 246213324 out 246453277 added 6502341 expired 6484448 no memory 0 bad nat 530817 inuse 6210 rules 51 wilds 0 After switching map from /24 to /32, it works just fine: map fxp0 172.27.201.1/32 -> public/32 proxy port ftp ftp/tcp map fxp0 172.27.201.1/32 -> public/32 portmap tcp/udp auto map fxp0 172.27.201.1/32 -> public/32 % traceroute -s 172.27.201.1 -P udp www.yahoo.com traceroute to www.yahoo.akadns.net (216.109.117.110) from 172.27.201.1, 64 hops max, 44 byte packets [...] 5 do-war-tr4.tptransit.pl (195.149.232.141) 27.782 ms 55.108 ms 26.856 ms 6 war-b1-pos14-0.telia.net (213.248.79.13) 21.830 ms 34.968 ms 20.804 ms 7 hbg-bb1-pos1-2-0.telia.net (213.248.64.201) 51.748 ms 82.144 ms 74.826 ms 8 kbn-bb1-pos1-2-0.telia.net (213.248.65.145) 108.766 ms 129.979 ms 77.827 ms 9 nyk-bb1-pos0-1-0.telia.net (213.248.64.22) 206.748 ms 125.975 ms 125.788 ms ^C > Another interesting thing: > % ipf -V > ipf: IP Filter: v3.4.31 (336) <= > Kernel: IP Filter: v3.4.35 > [...] > % grep -i ver /usr/src/contrib/ipfilter/ipl.h > #define IPL_VERSION "IP Filter: v3.4.31" > > Newer ipl.h sits happily in vendor branch. regards, -- Paweł Małachowski From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 16:42:47 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D4E516A4D0 for ; Mon, 9 Aug 2004 16:42:47 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.190]) by mx1.FreeBSD.org (Postfix) with ESMTP id 410B243D31 for ; Mon, 9 Aug 2004 16:42:47 +0000 (GMT) (envelope-from max@love2party.net) Received: from [212.227.126.155] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BuDET-0001Zx-00; Mon, 09 Aug 2004 18:42:45 +0200 Received: from [217.227.146.85] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1BuDES-0007ei-00; Mon, 09 Aug 2004 18:42:44 +0200 From: Max Laier To: freebsd-net@freebsd.org Date: Mon, 9 Aug 2004 18:40:46 +0200 User-Agent: KMail/1.6.2 References: <411722A1.1020108@mra.co.id> In-Reply-To: <411722A1.1020108@mra.co.id> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_Vk6FB2BS8tKqjix"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200408091840.53308.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:61c499deaeeba3ba5be80f48ecc83056 cc: Muhammad Reza Subject: Re: pf and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 16:42:47 -0000 --Boundary-02=_Vk6FB2BS8tKqjix Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Monday 09 August 2004 09:07, Muhammad Reza wrote: > Dear Lists, > > can pf rule work together with ipfw rules ? > i need pf rule to do some outgoing load balance, but still need ipfw to > do some basic packet filtering, cause i have difficulty to set pf rules > default to block if it's apply with load balancing rules. > please enlight me.. While it is possible to use pf and ipfw in conjunction, it is certainly=20 preferable to settle for either one on its own. It should not be too much o= f=20 a problem to get pf to do what you want/need. If you have more specific=20 questions you can post to pf4freebsd@freelists.org =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --Boundary-02=_Vk6FB2BS8tKqjix Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (FreeBSD) iD8DBQBBF6kVXyyEoT62BG0RAub7AJ9k33v+UUYwZLVX1p1xCmkz2ql/RwCffkAj Wleq1V0CeF7IyKWuXBJGipk= =nn7H -----END PGP SIGNATURE----- --Boundary-02=_Vk6FB2BS8tKqjix-- From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 17:20:41 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7BB2F16A4CE for ; Mon, 9 Aug 2004 17:20:41 +0000 (GMT) Received: from mx1.nersc.gov (mx1.nersc.gov [128.55.6.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BEAA43D45 for ; Mon, 9 Aug 2004 17:20:39 +0000 (GMT) (envelope-from dart@nersc.gov) Received: by mx1.nersc.gov (Postfix, from userid 4002) id 1664F1F5A0; Mon, 9 Aug 2004 10:20:39 -0700 (PDT) Received: from mx1.nersc.gov (localhost [127.0.0.1]) by localhost.nersc.gov (Postfix) with ESMTP id 90DBE1F5D7; Mon, 9 Aug 2004 10:20:33 -0700 (PDT) Received: from gemini.nersc.gov (gemini.nersc.gov [128.55.16.111]) by mx1.nersc.gov (Postfix) with ESMTP id 584821F5A0; Mon, 9 Aug 2004 10:20:33 -0700 (PDT) Received: from gemini.nersc.gov (localhost [127.0.0.1]) by gemini.nersc.gov (Postfix) with ESMTP id 3B904F987; Mon, 9 Aug 2004 10:20:33 -0700 (PDT) X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4 To: sirola@fisica.unige.it In-Reply-To: Message from sirola@fisica.unige.it of "Mon, 09 Aug 2004 17:16:33 +0200." <87llgo1gvi.fsf@statpro.com> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_959901167P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Mon, 09 Aug 2004 10:20:33 -0700 From: Eli Dart Message-Id: <20040809172033.3B904F987@gemini.nersc.gov> X-Spam-Level: X-Spam-Status: No, hits=-4.8 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.60 X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on mx1.nersc.gov cc: freebsd-net@freebsd.org cc: "Nickolay A. Kritsky" Subject: Re: retransmissions with bge driver? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 17:20:41 -0000 --==_Exmh_959901167P Content-Type: text/plain; charset=us-ascii In reply to sirola@fisica.unige.it : > > Hi Nickolay, > > >>>>> "Nickolay" == Nickolay A Kritsky writes: > > Nickolay> Hello sirola, Try to switch one of the NICs to > Nickolay> half-duplex mode. This should do the trick. > > thanks for the tip, it works now. What could be the reason for the NIC > working in half-duplex mode? This looks to me like a textbook duplex-mismatch situation. I expect that if you had configured the switch port for full-duplex mode it would have worked just as well if not better. Without knowing what switch you're using it's difficult to say. I have seen a huge number of problems with duplex mismatches over the years. Every vendor has problems, and they are all different problems. In short, if you want to be sure things will work, manually set both the switch and the host to the same speed and duplex settings. After you've done that, test it to make sure. When someone says they can only get 50k to 80k through a FastE, duplex mismatch is the first place I look. In my opinion, duplex negotiation should be taken out and shot.... --eli > Thanks again, > e. > > > -- > Enrico Sirola > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > --==_Exmh_959901167P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) Comment: Exmh version 2.5 07/13/2001 iD8DBQFBF7JhLTFEeF+CsrMRAvHVAJ43Mv0DO310zgN1qoOKcSWsYyxBegCfeYI8 KuqrN6kAEGWOnArtKC1jizA= =hVJF -----END PGP SIGNATURE----- --==_Exmh_959901167P-- From owner-freebsd-net@FreeBSD.ORG Mon Aug 9 21:36:45 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 411A416A4D1 for ; Mon, 9 Aug 2004 21:36:45 +0000 (GMT) Received: from mproxy.gmail.com (mproxy.gmail.com [216.239.56.243]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2645F43D1F for ; Mon, 9 Aug 2004 21:36:45 +0000 (GMT) (envelope-from galaxy.ranger@gmail.com) Received: by mproxy.gmail.com with SMTP id x71so28368cwb for ; Mon, 09 Aug 2004 14:36:41 -0700 (PDT) Received: by 10.11.100.8 with SMTP id x8mr75422cwb; Mon, 09 Aug 2004 14:36:40 -0700 (PDT) Message-ID: <4a1299a4040809143632033f90@mail.gmail.com> Date: Mon, 9 Aug 2004 14:36:40 -0700 From: Fargo Holiday To: freebsd-net@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Dummynet and limiting packets/upstream useage X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Aug 2004 21:36:45 -0000 Hello everyone, I'm still sort of new to FreeBSD, and totally new to any sort of advanced networking, so bear with me please. Here's the situation: Everything was running off of a D-Link 614 wireless router, but it was getting crushed despite very little actual bandwidth being used. My buddy and I set up the FreeBSD machine (5.2) as to act as a router, to serve the two cabled machines and D-Link. This has improved the overall responsiveness of the internet connection, but something about the D-Link is still slowing everything down. I disable the wireless and ping times drop from around 400-800ms to between 10 and 40ms. We're using WEP and MAC filtering, and use NetStumbler to check for parasites, so I don't believe it is unknown machines dragging me down. The one thing I can think of is that the two laptops used here, both are using Bit Torrent and Shareaza, and may be eating up the upstream bandwidth and/or generating some massive quantity of packets. With that in mind I've been looking into dummynet for some traffic control. I set it up and it seems to be functioning ok, but it dosen't seem to be helping. Here are my ipfw statements: ipfw add pipe 1 ip from 10.0.0.8 to any ipfw pipe 1 config bw 80Kbit/s queue 20pps delay 150ms ipfw add pipe 2 ip from any to 10.0.0.8 ipfw pipe 2 config bw 180Kbit/s queue 20pps delay 150ms ipfw add deny icmp from 10.0.0.8 to any ipfw add deny icmp from 192.168.0.0/24 to any I'm not sure if the pps is valid, but I've tried using the queue number plain and denoting Kb, so I thought I'd give packets per second a shot. The wired network is the 10.x range, while the wireless clients are under the 192 net, with 10.0.0.8 being the D-Link "WAN" interface. So far, only the icmp rule has helped, and the effect is so marginal that it could very well be some other factor. I tossed in the 192 rule while I was tired, I don't think the BSD router has any awareness of the D-Link's internal ip scheme, so correct me if I'm wrong. Any thoughts on what else I can try? Am I using the right tool for the job? Thanks in advance, Fargo From owner-freebsd-net@FreeBSD.ORG Tue Aug 10 00:29:56 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9FBD916A4CE for ; Tue, 10 Aug 2004 00:29:56 +0000 (GMT) Received: from mail.tinkerbox.org (adsl-64-168-139-138.dsl.snfc21.pacbell.net [64.168.139.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E1DD43D41 for ; Tue, 10 Aug 2004 00:29:56 +0000 (GMT) (envelope-from bruno@tinkerbox.org) Received: from localhost (unknown [127.0.0.1]) by mail.tinkerbox.org (Postfix) with ESMTP id DB32A1AE8 for ; Tue, 10 Aug 2004 00:29:55 +0000 (GMT) Received: from mail.tinkerbox.org ([127.0.0.1]) by localhost (router.bschwand.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 64260-06 for ; Mon, 9 Aug 2004 17:29:45 -0700 (PDT) Received: from duron (unknown [192.168.137.4]) by mail.tinkerbox.org (Postfix) with ESMTP id 89E151AE6 for ; Mon, 9 Aug 2004 17:29:45 -0700 (PDT) Date: Mon, 9 Aug 2004 17:29:45 -0700 (PDT) From: bruno schwander X-X-Sender: bruno@duron.bschwand.net To: freebsd-net@freebsd.org Message-ID: <20040809172300.Q337@duron.bschwand.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by amavisd-new at tinkerbox.org Subject: hardware loopback test with plug X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2004 00:29:56 -0000 Hi, I am trying to configure FBSD 4.8 to do an ethernet loopback test. I want to be able to sent packets over the ethernet interface, and a device hooked up to the ethernet port (at the very minimum, an RJ-45 loopback plug, i.e. with pins 1 & 3 and 2 & 6 connected together) This is to test a type of network transmitter. There exist a description of a test setup done using Linux here http://ronja.twibright.com/tetrapolis/testing.php, but applying the same principles does not seem to work on FBSD. Essentially, I would like to be able to ping the interface, and if the loopback plug is hooked up, then tcpdump should show the packets received, otherwise, nothing should be seen. Anybody knows how to do that ? I have been manipulationg arp tables and routes to no end, I do not see how to make this work. Any help appreciated bruno From owner-freebsd-net@FreeBSD.ORG Tue Aug 10 03:31:31 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D566416A4CE for ; Tue, 10 Aug 2004 03:31:31 +0000 (GMT) Received: from spooky.eis.net.au (spooky.eis.net.au [203.12.171.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 17F0343D67 for ; Tue, 10 Aug 2004 03:31:31 +0000 (GMT) (envelope-from ernie@spooky.eis.net.au) Received: (from ernie@localhost) by spooky.eis.net.au (8.12.11/8.12.11) id i7A3VQjF034734 for freebsd-net@freebsd.org; Tue, 10 Aug 2004 13:31:26 +1000 (EST) (envelope-from ernie) From: User Ernie Message-Id: <200408100331.i7A3VQjF034734@spooky.eis.net.au> To: freebsd-net@freebsd.org Date: Tue, 10 Aug 2004 13:31:26 +1000 (EST) X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Subject: IPv6 wireless stumbler X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2004 03:31:31 -0000 I am trying to find out if there are any IPv6 community access wireless nodes in my area the I can become a client for. There are dozens of AP's that come up with a scan using kismet but I don't know how to tell if they are issuing IPv6 addresses. Can anyone suggest a method? - Ernie. From owner-freebsd-net@FreeBSD.ORG Tue Aug 10 13:09:06 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE21616A4CE for ; Tue, 10 Aug 2004 13:09:06 +0000 (GMT) Received: from mx3.mra.co.id (mx3.mra.co.id [202.138.254.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2E31643D39 for ; Tue, 10 Aug 2004 13:08:38 +0000 (GMT) (envelope-from reza@mra.co.id) Received: from localhost (localhost.mra.co.id [127.0.0.1]) by mx3.mra.co.id (Postfix) with ESMTP id C0ADE2E4E3 for ; Tue, 10 Aug 2004 20:08:35 +0700 (WIT) Received: from mx3.mra.co.id ([127.0.0.1]) by localhost (mx3.mra.co.id [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 98524-19 for ; Tue, 10 Aug 2004 20:08:35 +0700 (WIT) Received: from mail.mra.co.id (unknown [172.16.0.25]) by mx3.mra.co.id (Postfix) with ESMTP id B56882E4AB for ; Tue, 10 Aug 2004 20:08:34 +0700 (WIT) Received: from mra.co.id ([172.16.0.228]) by mail.mra.co.id with Microsoft SMTPSVC(5.0.2195.3779); Tue, 10 Aug 2004 19:41:55 +0700 Message-ID: <4118C330.8090609@mra.co.id> Date: Tue, 10 Aug 2004 19:44:32 +0700 From: Muhammad Reza User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040429 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Max Laier References: <411722A1.1020108@mra.co.id> <200408091840.53308.max@love2party.net> In-Reply-To: <200408091840.53308.max@love2party.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 10 Aug 2004 12:41:55.0096 (UTC) FILETIME=[6AF89180:01C47ED7] X-Virus-Scanned: by amavisd-new at mra.co.id cc: freebsd-net@freebsd.org cc: pf4freebsd@freelists.org Subject: Re: pf and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2004 13:09:06 -0000 Max Laier wrote: >On Monday 09 August 2004 09:07, Muhammad Reza wrote: > > >>Dear Lists, >> >>can pf rule work together with ipfw rules ? >>i need pf rule to do some outgoing load balance, but still need ipfw to >>do some basic packet filtering, cause i have difficulty to set pf rules >>default to block if it's apply with load balancing rules. >>please enlight me.. >> >> > >While it is possible to use pf and ipfw in conjunction, it is certainly >preferable to settle for either one on its own. It should not be too much of >a problem to get pf to do what you want/need. If you have more specific >questions you can post to pf4freebsd@freelists.org > > > dear lists thank for the great repsonse, i'm new with pf , I have problem make pf redirect rule forwarding from net to my dmz internal server, Maybe the problem is, because i have load balancing outgoing connection rule, that must have no default gateway. If I apply default gateway, redirect rule work good, but no load balancing at all. this is my rules; #macros lan_net = "172.16.0.0/16" dmz_net = "10.10.10.0/24" int_if = "xl0" dmz_if = "rl3" ext_if1 = "rl0" ext_if2 = "rl1" ext_if = "{" $ext_if1 $ext_if2 "}" gw1 = "202.xxx.254.3" gw2 = "202.xxx.255.170" ext_gw1 = "202.xxx.254.1" ext_gw2 = "202.xxx.255.169" server_dmz = "10.10.10.2/32" server_ext = "202.xxx.254.4/32" priv_nets = "{127.0.0.1/8 10.0.0.0/8 192.168.0.0/16 172.16.0.0/12}" # scrub incoming packets scrub in all # nat outgoing connections on each internet interface nat on $ext_if1 from $lan_net to any -> $gw1 nat on $ext_if2 from $lan_net to any -> $gw2 nat on $ext_if1 from $dmz_net to any -> $gw1 nat on $ext_if2 from $dmz_net to any -> $gw2 # smtp access from outside rdr on $ext_if proto tcp from any to $server_ext port smtp -> $server_dmz port smtp # default to deny block log all # pass traffic on the loopback interface in either direction pass quick on lo0 all # no RFC1819 block drop in quick on $ext_if from $priv_nets to any block drop out quick on $ext_if from any to $priv_nets # beastie pass in on $int_if proto tcp from 172.16.0.228 to any port 22 keep state # load balancing rules pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin proto tcp from $lan_net to any flags S/SA modulate statpass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin proto { udp, icmp } from $lan_net to any keep state pass in on $dmz_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin proto tcp from $dmz_net to any flags S/SA modulate statpass in on $dmz_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin proto { udp, icmp } from $dmz_net to any keep state # general pass out pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state pass out on $ext_if1 proto { udp, icmp } from any to any keep state pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state pass out on $ext_if2 proto { udp, icmp } from any to any keep state pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any please help me, regards reza From owner-freebsd-net@FreeBSD.ORG Tue Aug 10 20:37:30 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 13A2116A4CE; Tue, 10 Aug 2004 20:37:30 +0000 (GMT) Received: from ganymede.hub.org (u46n208.hfx.eastlink.ca [24.222.46.208]) by mx1.FreeBSD.org (Postfix) with ESMTP id 02BDE43D46; Tue, 10 Aug 2004 20:37:29 +0000 (GMT) (envelope-from scrappy@hub.org) Received: by ganymede.hub.org (Postfix, from userid 1000) id 1E1083A733; Tue, 10 Aug 2004 17:37:29 -0300 (ADT) Received: from localhost (localhost [127.0.0.1]) by ganymede.hub.org (Postfix) with ESMTP id 0976B3A70D; Tue, 10 Aug 2004 17:37:29 -0300 (ADT) Date: Tue, 10 Aug 2004 17:37:28 -0300 (ADT) From: "Marc G. Fournier" To: freebsd-stable@freebsd.org Message-ID: <20040810173211.V776@ganymede.hub.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed cc: freebsd-net@freebsd.org Subject: em driver worse then fxp driver ... why? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2004 20:37:30 -0000 I have 5 servers sitting on a Linksys 10/100 switch ... 4 of the 5 are running fxp0 ethernet, while the 5th is running em ... and the 5th performs atrociously: neptune# netstat -ni | head Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll em0 1500 00:07:e9:05:1b:2e 36915965 10306 28888840 1 10858513 I've tried in bth half and full duplex mode .. full duplex, Ierrs climbs, half-duplex, Collisions climb ... the fxp devices are all running at full-duplex, and perform quite well: pluto# netstat -ni | head Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll fxp0 1500 00:03:47:bd:67:66 105856025 0 97330263 2 0 jupiter# netstat -ni | head Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll fxp0 1500 00:03:47:30:a7:1b 28832141 0 29437148 0 0 mars# netstat -ni | head Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll fxp0 1500 00:e0:81:21:d7:f6 34195201 0 29871571 0 0 venus# netstat -ni | head Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll fxp0 1500 00:e0:81:29:56:5b 95579278 1 87014732 1 0 Originally, it was explained that unmanaged switches tended to be problematic, but I'd expect some sort of uniformity in problems, but 'just the server with the em device' ... So, is there a bug in the em device driver that doesn't exist on the fxp0 devices? ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664 From owner-freebsd-net@FreeBSD.ORG Tue Aug 10 21:07:57 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB28716A4CE; Tue, 10 Aug 2004 21:07:57 +0000 (GMT) Received: from avscan1.sentex.ca (avscan1.sentex.ca [199.212.134.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 891D743D1F; Tue, 10 Aug 2004 21:07:57 +0000 (GMT) (envelope-from mike@sentex.net) Received: from localhost (localhost.sentex.ca [127.0.0.1]) by avscan1.sentex.ca (8.12.11/8.12.11) with ESMTP id i7AL7u1p016729; Tue, 10 Aug 2004 17:07:56 -0400 (EDT) (envelope-from mike@sentex.net) Received: from avscan1.sentex.ca ([127.0.0.1]) by localhost (avscan1.sentex.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 16573-02; Tue, 10 Aug 2004 17:07:56 -0400 (EDT) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by avscan1.sentex.ca (8.12.11/8.12.11) with ESMTP id i7AL7uC4016719; Tue, 10 Aug 2004 17:07:56 -0400 (EDT) (envelope-from mike@sentex.net) Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.12.11/8.12.11) with ESMTP id i7AL7o7R074880; Tue, 10 Aug 2004 17:07:50 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <6.1.2.0.0.20040810170223.10436e60@64.7.153.2> X-Sender: mdtpop@64.7.153.2 (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Tue, 10 Aug 2004 17:11:53 -0400 To: "Marc G. Fournier" , freebsd-stable@freebsd.org From: Mike Tancsa In-Reply-To: <20040810173211.V776@ganymede.hub.org> References: <20040810173211.V776@ganymede.hub.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by amavisd-new X-Virus-Scanned: by amavisd-new at avscan1b cc: freebsd-net@freebsd.org Subject: Re: em driver worse then fxp driver ... why? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2004 21:07:57 -0000 At 04:37 PM 10/08/2004, Marc G. Fournier wrote: >I have 5 servers sitting on a Linksys 10/100 switch ... 4 of the 5 are >running fxp0 ethernet, while the 5th is running em ... and the 5th >performs atrociously: > >neptune# netstat -ni | head >Name Mtu Network Address Ipkts Ierrs Opkts >Oerrs Coll >em0 1500 00:07:e9:05:1b:2e 36915965 10306 28888840 1 >10858513 > >I've tried in bth half and full duplex mode .. full duplex, Ierrs climbs, >half-duplex, Collisions climb ... if its unmanaged, autoneg is all that will work. Try that and see if the errors climb. If you are still seeing errors check the cables. There are occasionally incompatibilities between certain NICs and switches, but thats pretty rare see /usr/src/sys/dev/em/README ---Mike From owner-freebsd-net@FreeBSD.ORG Tue Aug 10 21:09:38 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 201F816A4CE for ; Tue, 10 Aug 2004 21:09:38 +0000 (GMT) Received: from mx1.nersc.gov (mx1.nersc.gov [128.55.6.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id E72F943D46 for ; Tue, 10 Aug 2004 21:09:37 +0000 (GMT) (envelope-from dart@nersc.gov) Received: by mx1.nersc.gov (Postfix, from userid 4002) id C53F51F5ED; Tue, 10 Aug 2004 14:09:37 -0700 (PDT) Received: from mx1.nersc.gov (localhost [127.0.0.1]) by localhost.nersc.gov (Postfix) with ESMTP id 662041F5EE; Tue, 10 Aug 2004 14:09:33 -0700 (PDT) Received: from gemini.nersc.gov (gemini.nersc.gov [128.55.16.111]) by mx1.nersc.gov (Postfix) with ESMTP id 2F64B1F5ED; Tue, 10 Aug 2004 14:09:33 -0700 (PDT) Received: from gemini.nersc.gov (localhost [127.0.0.1]) by gemini.nersc.gov (Postfix) with ESMTP id 20C01F987; Tue, 10 Aug 2004 14:09:33 -0700 (PDT) X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4 To: "Marc G. Fournier" In-Reply-To: Message from "Marc G. Fournier" <20040810173211.V776@ganymede.hub.org> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_-1252978169P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Tue, 10 Aug 2004 14:09:33 -0700 From: Eli Dart Message-Id: <20040810210933.20C01F987@gemini.nersc.gov> X-Spam-Level: X-Spam-Status: No, hits=-4.8 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.60 X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on mx1.nersc.gov cc: freebsd-net@freebsd.org Subject: Re: em driver worse then fxp driver ... why? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2004 21:09:38 -0000 --==_Exmh_-1252978169P Content-Type: text/plain; charset=us-ascii In reply to "Marc G. Fournier" : > > I have 5 servers sitting on a Linksys 10/100 switch ... 4 of the 5 are > running fxp0 ethernet, while the 5th is running em ... and the 5th > performs atrociously: > > neptune# netstat -ni | head > Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Co ll > em0 1500 00:07:e9:05:1b:2e 36915965 10306 28888840 1 10858 513 > > I've tried in bth half and full duplex mode .. full duplex, Ierrs climbs, hal f-duplex, Collisions climb ... I would expect collisions on a half-duplex link -- this is not necessarily a Bad Thing. It could be that the unmanaged switch is unable to talk full-duplex to the em interface for some reason..... Do you have throughput numbers for the two configs (half-duplex em, full-duplex em, and full-duplex fxp)? --eli > > the fxp devices are all running at full-duplex, and perform quite well: > > pluto# netstat -ni | head > Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Co ll > fxp0 1500 00:03:47:bd:67:66 105856025 0 97330263 2 0 > jupiter# netstat -ni | head > Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Co ll > fxp0 1500 00:03:47:30:a7:1b 28832141 0 29437148 0 0 > mars# netstat -ni | head > Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Co ll > fxp0 1500 00:e0:81:21:d7:f6 34195201 0 29871571 0 0 > venus# netstat -ni | head > Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Co ll > fxp0 1500 00:e0:81:29:56:5b 95579278 1 87014732 1 0 > > Originally, it was explained that unmanaged switches tended to be > problematic, but I'd expect some sort of uniformity in problems, but 'just > the server with the em device' ... > > So, is there a bug in the em device driver that doesn't exist on the fxp0 > devices? > > > ---- > Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) > Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664 > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > --==_Exmh_-1252978169P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) Comment: Exmh version 2.5 07/13/2001 iD8DBQFBGTmNLTFEeF+CsrMRAtM6AJ48LRdUe9eVDspUICCA+zGxFx6B2QCg1ln8 DoWI5I2KPpCcn+q4pRboJXQ= =hF6U -----END PGP SIGNATURE----- --==_Exmh_-1252978169P-- From owner-freebsd-net@FreeBSD.ORG Tue Aug 10 21:13:22 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 62E8A16A4CE for ; Tue, 10 Aug 2004 21:13:22 +0000 (GMT) Received: from exch2.verniernetworks.com (dns.verniernetworks.com [65.200.185.165]) by mx1.FreeBSD.org (Postfix) with ESMTP id 087CA43D49 for ; Tue, 10 Aug 2004 21:13:22 +0000 (GMT) (envelope-from ddhokte@verniernetworks.com) X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Tue, 10 Aug 2004 14:13:12 -0700 Message-ID: <085485A8ADCB4B49874A54D6185A21FD3B75BC@exch2.verniernetworks.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: IPv6 wireless stumbler Thread-Index: AcR+io/hpAB+pa6sRF28kiesif9sDAAj1LTg From: "Deepti Dhokte" To: "User Ernie" cc: freebsd-net@freebsd.org Subject: RE: IPv6 wireless stumbler X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2004 21:13:22 -0000 AP is a L2 device, so the upstream IPv6 L-3switch/router to which AP connects to, If configured to do prefix advertisements, and your client if properly configured to use IPv6 stack, client can auto-configure global unicast IPv6 addresses. Technically your client might have already configured fe80:: based link-local address, for all the active interfaces when you install IPv6 stack, if the site allows link local addresses to be used to access IPv6 internet, you are all set. But that is not a normal scenario. In short:=20 associate to an AP, and find out if the ipv4 (if DHCP is enabled on that interface) and global Unicast IPv6 addresses (if stack is already in place) are getting configured on your client. If yes, try to visit www.kame.net if you see moving turtle You are connected on IPv6 :-) Hopefully you are dealing with fewer AP's around. Another try would be: Check packet dumps. When you associate to an AP and the packet trace displays IPv6 prefix advertisements, that AP is probably associated to IPv6 network as well. Check, if your client might have configured the address with given prefix; (since you are able to see these prefix advertisements in the packet dumps, started on the wireless card that is associating with different APs, it is likely that client if has IPv6 stack could have already auto-configured IPv6 address.). (Prefix advertisements are ICMP6 type Neighbor solicitation messages on top of IPv6 protocol. Packet sniffers such as Ethereal can parse these messages and provide useful Differentiation at very detail level) I hope it helps. If anyone knows better methods, I am eager to know.=20 -Deepti -----Original Message----- From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-net@freebsd.org] On Behalf Of User Ernie Sent: Monday, August 09, 2004 8:31 PM To: freebsd-net@freebsd.org Subject: IPv6 wireless stumbler I am trying to find out if there are any IPv6 community access wireless nodes in my area the I can become a client for. There are dozens of AP's that come up with a scan using kismet but I don't know how to tell if=20 they are issuing IPv6 addresses. Can anyone suggest a method? - Ernie. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Tue Aug 10 21:41:56 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8A31716A4CE for ; Tue, 10 Aug 2004 21:41:56 +0000 (GMT) Received: from smtpout.mac.com (smtpout.mac.com [17.250.248.89]) by mx1.FreeBSD.org (Postfix) with ESMTP id 323B143D49 for ; Tue, 10 Aug 2004 21:41:55 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from mac.com (smtpin01-en2 [10.13.10.146]) by smtpout.mac.com (Xserve/MantshX 2.0) with ESMTP id i7ALfs2G006283; Tue, 10 Aug 2004 14:41:54 -0700 (PDT) Received: from [10.1.1.245] (nfw2.codefab.com [199.103.21.225] (may be forged)) (authenticated bits=0)i7ALfafs028326; Tue, 10 Aug 2004 14:41:39 -0700 (PDT) In-Reply-To: <20040810173211.V776@ganymede.hub.org> References: <20040810173211.V776@ganymede.hub.org> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <0D70424D-EB16-11D8-BAD8-003065ABFD92@mac.com> Content-Transfer-Encoding: 7bit From: Charles Swiger Date: Tue, 10 Aug 2004 17:41:35 -0400 To: "Marc G. Fournier" X-Mailer: Apple Mail (2.619) cc: freebsd-net@freebsd.org Subject: Re: em driver worse then fxp driver ... why? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Aug 2004 21:41:56 -0000 [ ...crossposting between stable and freebsd-net trimmed... ] On Aug 10, 2004, at 4:37 PM, Marc G. Fournier wrote: > I've tried in bth half and full duplex mode .. full duplex, Ierrs > climbs, half-duplex, Collisions climb ... You should expect to see some collisions (1% or so) when working in half-duplex mode: that's the nature of the beast. Is your Linksys switch managed or unmanaged? If you can set both it and the em to manually configured 100/FD, that would be worth trying. I'd also try swapping a cable plugged into a working fxp box with the machine using the em, and see whether the problems follow, or whether the fxp system starts having issues. A bad cable or a flaky port on the switch could also be causing your problems, but ethernet autonegotiation failing seems to be more likely given the description. -- -Chuck From owner-freebsd-net@FreeBSD.ORG Wed Aug 11 00:47:18 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 145F816A4CE for ; Wed, 11 Aug 2004 00:47:18 +0000 (GMT) Received: from ganymede.hub.org (u46n208.hfx.eastlink.ca [24.222.46.208]) by mx1.FreeBSD.org (Postfix) with ESMTP id DCD3943D1F for ; Wed, 11 Aug 2004 00:47:17 +0000 (GMT) (envelope-from scrappy@hub.org) Received: by ganymede.hub.org (Postfix, from userid 1000) id D19FF358B1; Tue, 10 Aug 2004 21:47:18 -0300 (ADT) Received: from localhost (localhost [127.0.0.1]) by ganymede.hub.org (Postfix) with ESMTP id CDE0C348A1; Tue, 10 Aug 2004 21:47:18 -0300 (ADT) Date: Tue, 10 Aug 2004 21:47:18 -0300 (ADT) From: "Marc G. Fournier" To: Charles Swiger In-Reply-To: <0D70424D-EB16-11D8-BAD8-003065ABFD92@mac.com> Message-ID: <20040810214143.C62519@ganymede.hub.org> References: <20040810173211.V776@ganymede.hub.org> <0D70424D-EB16-11D8-BAD8-003065ABFD92@mac.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed cc: freebsd-net@freebsd.org Subject: Re: em driver worse then fxp driver ... why? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Aug 2004 00:47:18 -0000 'k, did someone fix something with the em driver? :( Figuring it couldn't hurt to try auto-neg once more, and so far, 0 Ierrs :( So either someone fixed the em problem, or the em problem was transient ... but it was originally the default (autoselect), and I only moved it to a hard coded *after* playing with all three *sigh* Thanks ... On Tue, 10 Aug 2004, Charles Swiger wrote: > [ ...crossposting between stable and freebsd-net trimmed... ] > > On Aug 10, 2004, at 4:37 PM, Marc G. Fournier wrote: >> I've tried in bth half and full duplex mode .. full duplex, Ierrs climbs, >> half-duplex, Collisions climb ... > > You should expect to see some collisions (1% or so) when working in > half-duplex mode: that's the nature of the beast. > > Is your Linksys switch managed or unmanaged? If you can set both it and the > em to manually configured 100/FD, that would be worth trying. I'd also try > swapping a cable plugged into a working fxp box with the machine using the > em, and see whether the problems follow, or whether the fxp system starts > having issues. A bad cable or a flaky port on the switch could also be > causing your problems, but ethernet autonegotiation failing seems to be more > likely given the description. > > -- > -Chuck > > ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664 From owner-freebsd-net@FreeBSD.ORG Wed Aug 11 06:13:55 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE68216A4CE for ; Wed, 11 Aug 2004 06:13:55 +0000 (GMT) Received: from smtp4.wlink.com.np (smtp4.wlink.com.np [202.79.32.87]) by mx1.FreeBSD.org (Postfix) with SMTP id C00B943D55 for ; Wed, 11 Aug 2004 06:13:51 +0000 (GMT) (envelope-from bikrant_ml@wlink.com.np) Received: (qmail 1644 invoked from network); 11 Aug 2004 06:13:48 -0000 Received: from unknown (HELO qmail-scanner.wlink.com.np) (202.79.32.74) by 0 with SMTP; 11 Aug 2004 06:13:48 -0000 Received: (qmail 19409 invoked by uid 1008); 11 Aug 2004 06:13:48 -0000 Received: from bikrant_ml@wlink.com.np by qmail-scanner.wlink.com.np by uid 1002 with qmail-scanner-1.20 (clamscan: 0.60. Clear:RC:1(202.79.32.76):. Processed in 0.015274 secs); 11 Aug 2004 06:13:48 -0000 Received: from smtp1.wlink.com.np (202.79.32.76) by qmail-scanner.wlink.com.np with SMTP; 11 Aug 2004 06:13:48 -0000 Received: (qmail 24464 invoked by uid 508); 11 Aug 2004 06:13:48 -0000 Received: from [202.79.36.168] (HELO bikrant.org.np) by smtp1.wlink.com.np (qmail-smtpd) with SMTP; 11 Aug 2004 06:13:46 -0000 (Wed, 11 Aug 2004 11:58:46 +0545) From: Bikrant Neupane To: freebsd-net@freebsd.org Date: Wed, 11 Aug 2004 11:58:43 +0545 User-Agent: KMail/1.6.1 MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <200408111158.43933.bikrant_ml@wlink.com.np> X-Spam-Check-By: smtp1.wlink.com.np Spam: No ; -4.9 / 5.0 X-Spam-Status: No, hits=-4.9 required=5.0 Subject: Changing TOS value X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Aug 2004 06:13:55 -0000 Hi, I am using freebsd 4.9 as a bandwidth manager. I would like to set IP TOS field to some desired value or is it possible to completely ignore the TOS value? I have observed that using different value of TOS affects fairness in b/w allocation in a pipe. So for that specific reason I would like to change the TOS of all IP pkts before it gets into the pipe. I think this is very common problem however I didn't find any useful information in google either. thanks, Bikrant From owner-freebsd-net@FreeBSD.ORG Wed Aug 11 07:20:23 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A7AF16A4CE; Wed, 11 Aug 2004 07:20:23 +0000 (GMT) Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by mx1.FreeBSD.org (Postfix) with SMTP id 6958943D1F; Wed, 11 Aug 2004 07:20:22 +0000 (GMT) (envelope-from dwmalone@maths.tcd.ie) Received: from walton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP id ; 11 Aug 2004 08:20:17 +0100 (BST) Date: Wed, 11 Aug 2004 08:20:15 +0100 From: David Malone To: "Marc G. Fournier" Message-ID: <20040811072015.GA53823@walton.maths.tcd.ie> References: <20040810173211.V776@ganymede.hub.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040810173211.V776@ganymede.hub.org> User-Agent: Mutt/1.5.3i Sender: dwmalone@maths.tcd.ie cc: freebsd-net@freebsd.org cc: freebsd-stable@freebsd.org Subject: Re: em driver worse then fxp driver ... why? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Aug 2004 07:20:23 -0000 On Tue, Aug 10, 2004 at 05:37:28PM -0300, Marc G. Fournier wrote: > So, is there a bug in the em device driver that doesn't exist on the fxp0 > devices? I have a bundle of machines with em cards that had problems talking to dumb 10Mbps switches. They work fine with a different 10/100 dumb switch. I hadn't associated the problem with the em cards, as almost all the machines had em cards, so I'd just assumed the 10Mbps switch was sick. I'd tried most combinations of autoneg, or hard wiring the duplex and it didn't help. David. From owner-freebsd-net@FreeBSD.ORG Wed Aug 11 18:54:23 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2985216A4CE for ; Wed, 11 Aug 2004 18:54:23 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.183]) by mx1.FreeBSD.org (Postfix) with ESMTP id BE6D343D53 for ; Wed, 11 Aug 2004 18:54:22 +0000 (GMT) (envelope-from max@love2party.net) Received: from [212.227.126.209] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BuyEv-0006aK-00; Wed, 11 Aug 2004 20:54:21 +0200 Received: from [217.227.155.1] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1BuyEu-00058T-00; Wed, 11 Aug 2004 20:54:20 +0200 From: Max Laier To: pf4freebsd@freelists.org, freebsd-net@freebsd.org Date: Wed, 11 Aug 2004 20:52:21 +0200 User-Agent: KMail/1.6.2 MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_srmGBa6cWTipuCt"; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <200408112052.28846.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:61c499deaeeba3ba5be80f48ecc83056 Subject: Updated CARP patchset X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Aug 2004 18:54:23 -0000 --Boundary-02=_srmGBa6cWTipuCt Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline =46or those interested: http://people.freebsd.org/~mlaier/CARP/ is an updated version of what was on pf4freebsd for a while. This finally=20 fixes the IPv4 local reachability issue, but still has some nits left. It i= s=20 fully useable and I have it peering with OpenBSD w/o problems using both IP= v4=20 and IPv6. I really need some broader exposure and test-reports now to identify remain= ing=20 issues. Thanks =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --Boundary-02=_srmGBa6cWTipuCt Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (FreeBSD) iD8DBQBBGmrsXyyEoT62BG0RAiyEAJ95Ct55OqBWBze70uEjaWHBnfS5WgCbB5lO WSelY3rT8Irsxt63Y/QvTaM= =Fc4e -----END PGP SIGNATURE----- --Boundary-02=_srmGBa6cWTipuCt-- From owner-freebsd-net@FreeBSD.ORG Thu Aug 12 04:08:03 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C15716A4CE for ; Thu, 12 Aug 2004 04:08:03 +0000 (GMT) Received: from arginine.spc.org (arginine.spc.org [195.206.69.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6D56543D54 for ; Thu, 12 Aug 2004 04:08:02 +0000 (GMT) (envelope-from bms@spc.org) Received: from localhost (localhost [127.0.0.1]) by arginine.spc.org (Postfix) with ESMTP id 847FF651FA; Thu, 12 Aug 2004 05:08:00 +0100 (BST) Received: from arginine.spc.org ([127.0.0.1]) by localhost (arginine.spc.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 03149-01-2; Thu, 12 Aug 2004 05:07:59 +0100 (BST) Received: from empiric.dek.spc.org (adsl-67-124-244-51.dsl.snfc21.pacbell.net [67.124.244.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by arginine.spc.org (Postfix) with ESMTP id 036EB651F4; Thu, 12 Aug 2004 05:07:59 +0100 (BST) Received: by empiric.dek.spc.org (Postfix, from userid 1001) id D883862B7; Wed, 11 Aug 2004 21:07:45 -0700 (PDT) Date: Wed, 11 Aug 2004 21:07:45 -0700 From: Bruce M Simpson To: Nathan K Message-ID: <20040812040745.GA781@empiric.icir.org> Mail-Followup-To: Nathan K , xorp-users@xorp.org, freebsd-net@FreeBSD.org References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="82I3+IH0IqGh5yIs" Content-Disposition: inline In-Reply-To: cc: xorp-users@xorp.org cc: freebsd-net@FreeBSD.org Subject: Re: [Xorp-users] MD5 Support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Aug 2004 04:08:03 -0000 --82I3+IH0IqGh5yIs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable [Crossposted to freebsd-net by way of FAQ material] On Wed, Aug 11, 2004 at 01:05:32PM -0400, Nathan K wrote: > Are there plans (or work in progress) to support TCP MD5 connectivity=20 > between BGP Peer Routers? This is likely to be an FAQ, so please consider this message authoritative FAQ material for the time being. I committed preliminary support for this to XORP over the past week. This is more or less a direct port of the work I did on Quagga. Currently there are some restrictions. 1) All the XORP support does is enable and disable the use of the TCP_MD5SIG socket option for BGP *active opens*, that is, outgoing peer connections. This socket option is 'de facto' standardized across the open source BSD= s. The password argument is effectively ignored, just as for the Quagga support. This will not be the case in future, hopefully (see below). 2) You will need to set up a security association containing the key for the TCP-MD5 session via the use of the setkey(8) command on FreeBSD. The means for doing this will vary across BSDs; I believe ipsecadm(8) is appropriate for OpenBSD, whereas setkey(8) will work on NetBSD. On FreeBSD, there is an example in the setkey(8) man page. Future Directions for XORP -------------------------- What I'd like to do in future is introduce PF_KEY support to XORP, probably as an extension of the infrastructure which the FEA module provides. The reasons for this are twofold. One, it will allow XORP to control TCP-MD5 security associations directly. Two, it will provide us with the infrastructure needed to control things like IPSEC associations in future if we chose to introduce this functionality into XORP. As PF_KEY is somewhat standardized (RFC 2367 Informational) and well documented (UNIX Network Programming Vol1 2e Fenner et al) this is a portable way of achieving this across the BSDs. Linux (FreeS/WAN et cetera) may be another story. Future Directions for TCP-MD5 ----------------------------- Recently, itojun considerably expanded on my work, in the NetBSD tree. I have a crossport of this further work to the FreeBSD tree which is almost complete but needs further testing. This adds support for KAME IPSEC as well as FAST_IPSEC, and TCP over IPv6, and the input verification path. This work will not be merged into FreeBSD until after the 5.3 branch. There are a few issues with the current state of this work in that it's impossible to conduct non-TCP-MD5 and TCP-MD5 protected sessions over the same TCP socket in LISTEN state without effectively denying non-TCPMD5 connections. This is the reason for the unavailability of TCP-MD5 with regards to BGP passive opens at this time. I have a fork of my original code which attempts to address this by placing policies into the SPD, rather than relying on a TCP protocol-level socket option. itojun's further hacking makes the SPD method easier to implement. The SPD fork of my patch set is unstable. The reason for this is that SPI granularity is impossible with TCP, as it has no notion of an SPI field, which is specific to IPSEC AH/ESP. This would however require that applications such as Quagga and XORP speak fluent PF_KEY in the BSD dialect. Regards, BMS --82I3+IH0IqGh5yIs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Comment: '' iD8DBQFBGu0QueUpAYYNtTsRArjiAJ0SHCP7LDBUonHWDO+XfPNfQsEUWgCgnJPM xmLRquk0wbsJWltBMnn8RvY= =EnyM -----END PGP SIGNATURE----- --82I3+IH0IqGh5yIs-- From owner-freebsd-net@FreeBSD.ORG Thu Aug 12 13:10:41 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DF6116A4CE; Thu, 12 Aug 2004 13:10:41 +0000 (GMT) Received: from tigra.ip.net.ua (tigra.ip.net.ua [82.193.96.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id B573343D45; Thu, 12 Aug 2004 13:10:40 +0000 (GMT) (envelope-from ru@ip.net.ua) Received: from heffalump.ip.net.ua (heffalump.ip.net.ua [82.193.96.213]) by tigra.ip.net.ua (8.12.11/8.12.11) with ESMTP id i7CDAZQA017517 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 12 Aug 2004 16:10:36 +0300 (EEST) (envelope-from ru@ip.net.ua) Received: (from ru@localhost) by heffalump.ip.net.ua (8.12.11/8.12.11) id i7CDAcm3024911; Thu, 12 Aug 2004 16:10:38 +0300 (EEST) (envelope-from ru) Date: Thu, 12 Aug 2004 16:09:17 +0300 From: Ruslan Ermilov To: Chris Stenton Message-ID: <20040812130917.GC24142@ip.net.ua> Mail-Followup-To: net@FreeBSD.org References: <1092311458.13121.6.camel@hawk.gnome.co.uk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5G06lTa6Jq83wMTw" Content-Disposition: inline In-Reply-To: <1092311458.13121.6.camel@hawk.gnome.co.uk> User-Agent: Mutt/1.5.6i X-Virus-Scanned: by amavisd-new cc: FreeBSD Current cc: net@freebsd.org Subject: Re: bad tcp cksum on outgoing packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Aug 2004 13:10:41 -0000 --5G06lTa6Jq83wMTw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable [Cc: freebsd-net] On Thu, Aug 12, 2004 at 12:50:58PM +0100, Chris Stenton wrote: > I have just been doing some debugging on my 5.2.1 box and noticed that > outgoing tcp packets on the box are coming up with bad checksums on > tcpdump. I am using the nge interface. >=20 > Here is a sample output. >=20 > 12:44:29.458021 0:4:e2:10:60:83 0:c:6e:4e:a0:cc ip 82: > hawk.gnome.co.uk.ssh > kite.gnome.co.uk.2167: P [bad tcp cksum 9420!] > 2071:2099(28) ack 753 win 65535 (DF) [tos 0x10] (ttl 64, id 35623, len > 68, bad cksum 0!) >=20 > 12:44:29.642088 0:c:6e:4e:a0:cc 0:4:e2:10:60:83 ip 60: > kite.gnome.co.uk.2167 > hawk.gnome.co.uk.ssh: . [tcp sum ok] 753:753(0) > ack 2099 win 64956 (DF) (ttl 128, id 44852, len 40) >=20 >=20 > Any ideas whats going on as the packet does not seem to be resent? >=20 You don't have hardware checksums enabled, do you? I barely recall they are incompatible with bpf(4). Cheers, --=20 Ruslan Ermilov ru@FreeBSD.org FreeBSD committer --5G06lTa6Jq83wMTw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFBG2v9qRfpzJluFF4RArWxAKCYaNQSzY4GbX34pTfuYrx/sRIJ1wCfRRHJ 81zCPUKuIGlwNtRYrAdIJGI= =4GvF -----END PGP SIGNATURE----- --5G06lTa6Jq83wMTw-- From owner-freebsd-net@FreeBSD.ORG Thu Aug 12 14:45:51 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 20F1A16A4CF; Thu, 12 Aug 2004 14:45:51 +0000 (GMT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id C586B43D31; Thu, 12 Aug 2004 14:45:50 +0000 (GMT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.11/8.12.11) with ESMTP id i7CEiCQL055720; Thu, 12 Aug 2004 10:44:12 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)i7CEiCCN055717; Thu, 12 Aug 2004 10:44:12 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Thu, 12 Aug 2004 10:44:12 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Ruslan Ermilov In-Reply-To: <20040812130917.GC24142@ip.net.ua> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: net@freebsd.org cc: Chris Stenton cc: FreeBSD Current Subject: Re: bad tcp cksum on outgoing packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Aug 2004 14:45:51 -0000 On Thu, 12 Aug 2004, Ruslan Ermilov wrote: > On Thu, Aug 12, 2004 at 12:50:58PM +0100, Chris Stenton wrote: > > I have just been doing some debugging on my 5.2.1 box and noticed that > > outgoing tcp packets on the box are coming up with bad checksums on > > tcpdump. I am using the nge interface. > > > > Here is a sample output. > > > > 12:44:29.458021 0:4:e2:10:60:83 0:c:6e:4e:a0:cc ip 82: > > hawk.gnome.co.uk.ssh > kite.gnome.co.uk.2167: P [bad tcp cksum 9420!] > > 2071:2099(28) ack 753 win 65535 (DF) [tos 0x10] (ttl 64, id 35623, len > > 68, bad cksum 0!) > > > > 12:44:29.642088 0:c:6e:4e:a0:cc 0:4:e2:10:60:83 ip 60: > > kite.gnome.co.uk.2167 > hawk.gnome.co.uk.ssh: . [tcp sum ok] 753:753(0) > > ack 2099 win 64956 (DF) (ttl 128, id 44852, len 40) > > > > > > Any ideas whats going on as the packet does not seem to be resent? > > > You don't have hardware checksums enabled, do you? I barely > recall they are incompatible with bpf(4). They're not incompatible per se, but if you're sniffing outgoing packets and the network interface is calculating the checksum on send, BPF will see a version of the packet before the checksum is calculated. If tcpdump later attempts to verify the checksum, it still won't be calculated in the copy it sees, and will whine. It was unclear to me in the above e-mail if this was a tcpdump of packets on the wire (say, the receiver), or on the sender before they hit the wire. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Principal Research Scientist, McAfee Research From owner-freebsd-net@FreeBSD.ORG Thu Aug 12 14:48:34 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E057216A4CE; Thu, 12 Aug 2004 14:48:34 +0000 (GMT) Received: from tigra.ip.net.ua (tigra.ip.net.ua [82.193.96.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1EB1743D2F; Thu, 12 Aug 2004 14:48:34 +0000 (GMT) (envelope-from ru@ip.net.ua) Received: from heffalump.ip.net.ua (heffalump.ip.net.ua [82.193.96.213]) by tigra.ip.net.ua (8.12.11/8.12.11) with ESMTP id i7CEmSG3027758 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 12 Aug 2004 17:48:29 +0300 (EEST) (envelope-from ru@ip.net.ua) Received: (from ru@localhost) by heffalump.ip.net.ua (8.12.11/8.12.11) id i7CEmVKa072747; Thu, 12 Aug 2004 17:48:31 +0300 (EEST) (envelope-from ru) Date: Thu, 12 Aug 2004 17:47:10 +0300 From: Ruslan Ermilov To: Robert Watson Message-ID: <20040812144710.GA72404@ip.net.ua> References: <20040812130917.GC24142@ip.net.ua> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="J2SCkAp4GZ/dPZZf" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i X-Virus-Scanned: by amavisd-new cc: net@freebsd.org cc: Chris Stenton cc: FreeBSD Current Subject: Re: bad tcp cksum on outgoing packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Aug 2004 14:48:35 -0000 --J2SCkAp4GZ/dPZZf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 12, 2004 at 10:44:12AM -0400, Robert Watson wrote: >=20 > On Thu, 12 Aug 2004, Ruslan Ermilov wrote: >=20 > > On Thu, Aug 12, 2004 at 12:50:58PM +0100, Chris Stenton wrote: > > > I have just been doing some debugging on my 5.2.1 box and noticed that > > > outgoing tcp packets on the box are coming up with bad checksums on > > > tcpdump. I am using the nge interface. > > >=20 > > > Here is a sample output. > > >=20 > > > 12:44:29.458021 0:4:e2:10:60:83 0:c:6e:4e:a0:cc ip 82: > > > hawk.gnome.co.uk.ssh > kite.gnome.co.uk.2167: P [bad tcp cksum 9420!] > > > 2071:2099(28) ack 753 win 65535 (DF) [tos 0x10] (ttl 64, id 35623, l= en > > > 68, bad cksum 0!) > > >=20 > > > 12:44:29.642088 0:c:6e:4e:a0:cc 0:4:e2:10:60:83 ip 60: > > > kite.gnome.co.uk.2167 > hawk.gnome.co.uk.ssh: . [tcp sum ok] 753:753(= 0) > > > ack 2099 win 64956 (DF) (ttl 128, id 44852, len 40) > > >=20 > > >=20 > > > Any ideas whats going on as the packet does not seem to be resent? > > >=20 > > You don't have hardware checksums enabled, do you? I barely > > recall they are incompatible with bpf(4). >=20 > They're not incompatible per se, but if you're sniffing outgoing packets > and the network interface is calculating the checksum on send, BPF will > see a version of the packet before the checksum is calculated. If tcpdump > later attempts to verify the checksum, it still won't be calculated in the > copy it sees, and will whine. It was unclear to me in the above e-mail if > this was a tcpdump of packets on the wire (say, the receiver), or on the > sender before they hit the wire. >=20 That's what I meant exactly. Thanks for clarifying my thoughts. ;) Cheers, --=20 Ruslan Ermilov ru@FreeBSD.org FreeBSD committer --J2SCkAp4GZ/dPZZf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFBG4LuqRfpzJluFF4RAn3aAJ9oicqVISg6gPjUf/3SIYDAcJ+MVQCfcczt ugfTVw+VylL/3OYDKTbjHIQ= =Ehy7 -----END PGP SIGNATURE----- --J2SCkAp4GZ/dPZZf-- From owner-freebsd-net@FreeBSD.ORG Thu Aug 12 16:59:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 866F816A4CE for ; Thu, 12 Aug 2004 16:59:12 +0000 (GMT) Received: from mx1.mail.ru (mx1.mail.ru [194.67.23.121]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4C7BE43D2D for ; Thu, 12 Aug 2004 16:59:12 +0000 (GMT) (envelope-from avalon_temp@mail.ru) Received: from [80.237.26.193] (port=5586 helo=[127.0.0.1]) by mx1.mail.ru with esmtp id 1BvIv1-0008OF-00 for freebsd-net@FreeBSD.org; Thu, 12 Aug 2004 20:59:11 +0400 Date: Thu, 12 Aug 2004 19:53:07 +0300 From: none X-Mailer: The Bat! (v2.10.01) X-Priority: 3 (Normal) Message-ID: <1652500988.20040812195307@none.no> To: freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam: Not detected Subject: X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: none List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Aug 2004 16:59:12 -0000 From owner-freebsd-net@FreeBSD.ORG Fri Aug 13 14:35:10 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3065B16A4CF for ; Fri, 13 Aug 2004 14:35:10 +0000 (GMT) Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 68AF243D3F for ; Fri, 13 Aug 2004 14:35:09 +0000 (GMT) (envelope-from rik@cronyx.ru) Received: (from root@localhost) by hanoi.cronyx.ru id i7DEW5O6041594 for freebsd-net@freebsd.org.checked; (8.12.8/vak/2.1) Fri, 13 Aug 2004 18:32:05 +0400 (MSD) (envelope-from rik@cronyx.ru) Received: from cronyx.ru (hi.cronyx.ru [144.206.181.94]) by hanoi.cronyx.ru with ESMTP id i7DEVHNA041546; (8.12.8/vak/2.1) Fri, 13 Aug 2004 18:31:18 +0400 (MSD) (envelope-from rik@cronyx.ru) Message-ID: <411CD0F3.3020802@cronyx.ru> Date: Fri, 13 Aug 2004 18:32:19 +0400 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6b) Gecko/20031208 X-Accept-Language: en-us, en MIME-Version: 1.0 To: FreeBSD Current , freebsd-net@freebsd.org, freebsd-hackers@freebsd.org, rik@freebsd.org Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Subject: Sppp & Cronyx (cp(4), ct(4) and cx(4)) testers required X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Aug 2004 14:35:10 -0000 Hi, I am near finish line in mpsafe locking work for sppp and Cronyx adapters drivers, so I need testers for work I've done. Please contact me if you whish to test this code. Best regards, Roman Kurakin From owner-freebsd-net@FreeBSD.ORG Fri Aug 13 17:30:03 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 39B6016A4CE for ; Fri, 13 Aug 2004 17:30:03 +0000 (GMT) Received: from venus.vincentjardin.net (lns-th2-13-82-64-65-30.adsl.proxad.net [82.64.65.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 415C143D46 for ; Fri, 13 Aug 2004 17:30:02 +0000 (GMT) (envelope-from jardin@venus.vincentjardin.net) Received: from venus.vincentjardin.net (localhost [127.0.0.1]) i7DHdWoD020089; Fri, 13 Aug 2004 19:39:32 +0200 (CEST) (envelope-from jardin@venus.vincentjardin.net) Received: from localhost (localhost [[UNIX: localhost]]) by venus.vincentjardin.net (8.12.9/8.12.9/Submit) id i7DHdUjs020088; Fri, 13 Aug 2004 19:39:30 +0200 (CEST) From: Vincent Jardin To: Bruce M Simpson , Nathan K Date: Fri, 13 Aug 2004 19:39:23 +0200 User-Agent: KMail/1.5.2 References: <20040812040745.GA781@empiric.icir.org> In-Reply-To: <20040812040745.GA781@empiric.icir.org> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: clearsigned data Content-Disposition: inline Message-Id: <200408131939.30875.vjardin@free.fr> cc: xorp-users@xorp.org cc: freebsd-net@FreeBSD.org Subject: Re: [Xorp-users] MD5 Support X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Aug 2004 17:30:03 -0000 =2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Future Directions for XORP > -------------------------- > > As PF_KEY is somewhat standardized (RFC 2367 Informational) and well > documented (UNIX Network Programming Vol1 2e Fenner et al) this is a > portable way of achieving this across the BSDs. Linux (FreeS/WAN et > cetera) may be another story. =46YI, Linux does support PF_KEY too. > > Future Directions for TCP-MD5 > ----------------------------- > > This would however require that applications such as Quagga and XORP speak > fluent PF_KEY in the BSD dialect. I think that the routing protocols will have to speak fluently PF_KEY becau= se=20 even for OSPFv2/MD5 or RIP/MD5 the keys could be provided by a "key daemon"= =2E=20 This concept is already described by the RFC 2367, section 1.2 and section= =20 5.3 (OSPF Securrity Example). Regards, Vincent =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQFBHPzRj1uHAMmANdgRAprWAKDtG8oLQUa7SevIgqVNyjZpzsguoACfZMUy LsKFJkGeWhH+lhXNZw7ShA4=3D =3DLvtl =2D----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Sat Aug 14 17:36:53 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9BC8216A4CE for ; Sat, 14 Aug 2004 17:36:53 +0000 (GMT) Received: from kuzey.cc.boun.edu.tr (kuzey.cc.boun.edu.tr [193.140.192.30]) by mx1.FreeBSD.org (Postfix) with SMTP id D9D7D43D53 for ; Sat, 14 Aug 2004 17:36:51 +0000 (GMT) (envelope-from parazona@host.sk) Received: (qmail 36215 invoked from network); 14 Aug 2004 17:34:55 -0000 Received: from unknown (HELO boun.edu.tr) (193.140.192.24) by 0 with SMTP; 14 Aug 2004 17:34:55 -0000 Received: from host.sk ([193.140.214.70]) by boun.edu.tr (SAVSMTP 3.1.1.32) with SMTP id M2004081420391808044 ; Sat, 14 Aug 2004 20:39:18 +0300 Message-ID: <411E77AA.7090307@host.sk> Date: Sat, 14 Aug 2004 23:35:54 +0300 From: Parahat Melayev User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.5) Gecko/20031208 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org, freebsd-net@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Problem: changing IP address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Aug 2004 17:36:53 -0000 Hi list, When I change my IP Address (fxp0) from sysinstall, system does not activate new settings. It is activated only when I reboot system. what may be the problem? do I need restart something? From owner-freebsd-net@FreeBSD.ORG Sat Aug 14 17:44:59 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 794EF16A4CF for ; Sat, 14 Aug 2004 17:44:59 +0000 (GMT) Received: from kuzey.cc.boun.edu.tr (kuzey.cc.boun.edu.tr [193.140.192.30]) by mx1.FreeBSD.org (Postfix) with SMTP id 543A043D54 for ; Sat, 14 Aug 2004 17:44:58 +0000 (GMT) (envelope-from parazona@host.sk) Received: (qmail 37427 invoked from network); 14 Aug 2004 17:43:05 -0000 Received: from unknown (HELO boun.edu.tr) (193.140.192.24) by 0 with SMTP; 14 Aug 2004 17:43:05 -0000 Received: from host.sk ([193.140.214.70]) by boun.edu.tr (SAVSMTP 3.1.1.32) with SMTP id M2004081420472808050 ; Sat, 14 Aug 2004 20:47:28 +0300 Message-ID: <411E7994.8060402@host.sk> Date: Sat, 14 Aug 2004 23:44:04 +0300 From: Parahat Melayev User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.5) Gecko/20031208 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Parahat Melayev References: <411E77AA.7090307@host.sk> In-Reply-To: <411E77AA.7090307@host.sk> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org Subject: Re: Problem: changing IP address (solved) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Aug 2004 17:44:59 -0000 Sorry, I just figured out that I need to refresh network interfaces to activate new settings # /etc/netstart Parahat Melayev wrote: > Hi list, > When I change my IP Address (fxp0) from sysinstall, > system does not activate new settings. > > It is activated only when I reboot system. > > what may be the problem? > do I need restart something? > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Sat Aug 14 23:15:24 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C0D7E16A4CE for ; Sat, 14 Aug 2004 23:15:24 +0000 (GMT) Received: from mproxy.gmail.com (mproxy.gmail.com [216.239.56.252]) by mx1.FreeBSD.org (Postfix) with ESMTP id B1C4743D1F for ; Sat, 14 Aug 2004 23:15:24 +0000 (GMT) (envelope-from galaxy.ranger@gmail.com) Received: by mproxy.gmail.com with SMTP id u15so15209cwc for ; Sat, 14 Aug 2004 16:15:24 -0700 (PDT) Received: by 10.11.120.22 with SMTP id s22mr49441cwc; Sat, 14 Aug 2004 14:28:44 -0700 (PDT) Message-ID: <4a1299a404081414287a9ecbc@mail.gmail.com> Date: Sat, 14 Aug 2004 14:28:36 -0700 From: Fargo Holiday To: freebsd-net@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: [FreeBSD 5.2] Bandwith and packet throttling X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Fargo Holiday List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Aug 2004 23:15:24 -0000 Hello everyone, I sent this out a couple of days ago, but I don't think it actually got out. Anyway, my little network here consists of a wireless router branched off of my FreeBSD box, which routes for all of the cabled computers in the house. There are two wireless clients, laptops, that are in use constantly and between the bit torrents and viruses it's either chewing up my upstream (the achilles heel of my cable connection), or generating some unwholesome amount of packets, or both. I've tried setting up dummynet pipes to restrict the bandwidth for 10.0.0.8 (that's the ip for the wireless router's cabled side), but that dosen't seem to be working. Here are the rules I've been trying, let me know if this not correct: ipfw pipe 1 config bw 50Kbit/s queue 10 delay 2000ms #outbound ipfw pipe 2 config bw 150Kbit/s queue 10 delay 2000ms #inbound ipfw add deny icmp from any to any ipfw add pipe 1 all from 10.0.0.8 to any ipfw add pipe 2 all from any to 10.0.0.8 The painful delay was to test if the pipes were actually working, but never seemed to make a difference. I even tried assigning them to 10.0.0.0/24, but also to no effect. Dummynet is enabled in the kernel, HZ is set to 1000, and passing these dosen't generate any errors, so I have no idea what's going on. Am I just not following how this works? Last question for now, can these pipes also be used to numerically limit packets, or am I limited to slots and memory sizes? Thanks!