From owner-freebsd-net@FreeBSD.ORG Sun Jun 15 10:49:58 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7D63237B401 for ; Sun, 15 Jun 2003 10:49:58 -0700 (PDT) Received: from pierce.numericable.net (pierce.numericable.net [80.236.0.150]) by mx1.FreeBSD.org (Postfix) with SMTP id 3391043F85 for ; Sun, 15 Jun 2003 10:49:57 -0700 (PDT) (envelope-from vitalis@numericable.fr) Received: (qmail 13284 invoked from network); 15 Jun 2003 17:49:55 -0000 Received: from unknown (HELO sankukai) ([81.220.28.12]) (envelope-sender ) by 0 (qmail-ldap-1.03) with SMTP for ; 15 Jun 2003 17:49:55 -0000 Date: Sun, 15 Jun 2003 19:48:15 +0000 From: Vitalis To: jrh@it.uc3m.es Message-Id: <20030615194815.4ad7bc50.vitalis@numericable.fr> In-Reply-To: <200306111332.05563.jrh_it.uc3m.es@ns.sol.net> References: <200306111332.05563.jrh_it.uc3m.es@ns.sol.net> X-Mailer: Sylpheed version 0.9.0 (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: net@freebsd.org Subject: Re: Is there any tool for tracking/following the memory used by a X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2003 17:49:58 -0000 -- On 11 Jun 2003 11:33:57 +0000 jrh@it.uc3m.es wrote: > I know "top", but I don't want to be in front of the computer all the time > (because if the process finishes/dies the information vanished) > > Thanks and sorry if this isn't an specifiq question about networking :) Just save the results of "ps up [PID]" by executing it regularly in an infinite loop. OK, the process running the loop could die too ;-) From owner-freebsd-net@FreeBSD.ORG Sun Jun 15 11:42:15 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4704137B404 for ; Sun, 15 Jun 2003 11:42:15 -0700 (PDT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5D7DD43FB1 for ; Sun, 15 Jun 2003 11:42:14 -0700 (PDT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.12.9/8.12.9) with ESMTP id h5FIgDNY036735; Sun, 15 Jun 2003 14:42:13 -0400 (EDT) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.12.9/8.12.9/Submit) id h5FIgCwL036734; Sun, 15 Jun 2003 14:42:12 -0400 (EDT) Date: Sun, 15 Jun 2003 14:42:12 -0400 From: Barney Wolff To: Gianmarco Giovannelli Message-ID: <20030615184212.GA36647@pit.databus.com> References: <5.2.1.1.2.20030615064011.02e39eb8@194.184.65.4> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5.2.1.1.2.20030615064011.02e39eb8@194.184.65.4> User-Agent: Mutt/1.4.1i X-Scanned-By: MIMEDefang 2.33 (www . roaringpenguin . com / mimedefang) cc: esperti@gufi.org cc: net@freebsd.org Subject: Re: ADSL PPoA or RFC1483, any solutions ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2003 18:42:15 -0000 On Sun, Jun 15, 2003 at 06:55:28AM +0200, Gianmarco Giovannelli wrote: > Hi, > I need in a near future to convert a bunch of adsl from PPPoE to PPPoA > (more than 100 :-). > > Now they was working on FreeBSD (usually 4.8-STABLE, user ppp in PPPoE, > zyxel 645M). > Everything works fine until the management choose a new feeder for them > which doesn't use PPPoE at all, but only RFC1483 and PPPoA. If, as I expect, the DSL modem still has an Ethernet interface, you can just set up the inside system as though the Ethernet leads to the outside world, with the IP address of the ISP's router as the default route. My ISP works that way. My Freebsd system's external Ethernet has address w.x.y.z/24 and my default route is w.x.y.1. If you don't get a static IP address, running dhclient on the Ethernet interface that talks to the DSL modem should work. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. From owner-freebsd-net@FreeBSD.ORG Sun Jun 15 14:02:00 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 70AEB37B401 for ; Sun, 15 Jun 2003 14:02:00 -0700 (PDT) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7ADB343FB1 for ; Sun, 15 Jun 2003 14:01:57 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.homeunix.net (66-91-236-204.san.rr.com [66.91.236.204]) by smtp-relay.omnis.com (Postfix) with ESMTP id 6995E1B32A; Sun, 15 Jun 2003 14:01:55 -0700 (PDT) From: Wes Peters Organization: Softweyr To: "G.B.Naidu" Date: Sun, 15 Jun 2003 14:01:53 -0700 User-Agent: KMail/1.5.2 References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200306151401.53630.wes@softweyr.com> cc: freebsd-net@FreeBSD.org Subject: Re: TCP/IP stack performance... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2003 21:02:00 -0000 On Friday 13 June 2003 04:01 am, G.B.Naidu wrote: > Hi, > > Thanks for your reply. > > The target processor I am looking for is 2 GHz Xeon Processor. I would > appreciate if you could provide me the TCP/IP stack performance for > this. If the data for this is not available, please provide for Intel > Pentium processor. You apparently don't know enough to know how little you know. A computer *system* is compromised of much more than just a CPU. The short answer to this is why don't you test it yourself, on the system you have in mind? -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Sun Jun 15 23:03:33 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B4CED37B405 for ; Sun, 15 Jun 2003 23:03:33 -0700 (PDT) Received: from cecov.masternet.it (cecov.masternet.it [194.184.65.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 774DB43FA3 for ; Sun, 15 Jun 2003 23:03:32 -0700 (PDT) (envelope-from gmarco@scotty.masternet.it) Received: from usul.scotty.masternet.it (freebsd.giovannelli.com [194.184.65.139]) by cecov.masternet.it (8.12.9/8.12.9) with ESMTP id h5G65jNX051103; Mon, 16 Jun 2003 08:05:46 +0200 (CEST) (envelope-from gmarco@scotty.masternet.it) Message-Id: <5.2.1.1.2.20030616075937.0242deb8@194.184.65.7> X-Sender: gmarco@194.184.65.7 (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.2.1 Date: Mon, 16 Jun 2003 08:03:21 +0200 To: Barney Wolff From: Gianmarco Giovannelli In-Reply-To: <20030615184212.GA36647@pit.databus.com> References: <5.2.1.1.2.20030615064011.02e39eb8@194.184.65.4> <5.2.1.1.2.20030615064011.02e39eb8@194.184.65.4> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed cc: esperti@gufi.org cc: net@freebsd.org Subject: Re: ADSL PPoA or RFC1483, any solutions ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2003 06:03:34 -0000 At 15/06/2003, Barney Wolff wrote: >On Sun, Jun 15, 2003 at 06:55:28AM +0200, Gianmarco Giovannelli wrote: > > Hi, > > I need in a near future to convert a bunch of adsl from PPPoE to PPPoA > > (more than 100 :-). > > > > Now they was working on FreeBSD (usually 4.8-STABLE, user ppp in PPPoE, > > zyxel 645M). > > Everything works fine until the management choose a new feeder for them > > which doesn't use PPPoE at all, but only RFC1483 and PPPoA. > >If, as I expect, the DSL modem still has an Ethernet interface, you >can just set up the inside system as though the Ethernet leads to the >outside world, with the IP address of the ISP's router as the default >route. My ISP works that way. My Freebsd system's external Ethernet >has address w.x.y.z/24 and my default route is w.x.y.1. If you >don't get a static IP address, running dhclient on the Ethernet >interface that talks to the DSL modem should work. Uhm... this seems to me too much simple and beautifull to be true. Do you use a simple modem and/or you use a router in bridging mode ? So to summarize you use rfc1843 in the modem/router (but you have to put an ip in the modem/router configuration if I am not wrong). Then you assign your ethernet card the IP you get from your provider and you use the default peer as default gateway. Correct ? Is this work in this way ? Best Regards, Gianmarco Giovannelli , "Unix expert since yesterday" http://www.gufi.org/~gmarco From owner-freebsd-net@FreeBSD.ORG Mon Jun 16 02:48:28 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B71D337B401 for ; Mon, 16 Jun 2003 02:48:28 -0700 (PDT) Received: from jawa.at (jawa.at [213.229.17.146]) by mx1.FreeBSD.org (Postfix) with ESMTP id 935DF43FD7 for ; Mon, 16 Jun 2003 02:48:27 -0700 (PDT) (envelope-from mbretter@jawa.at) Received: from worf (worf.jawa.at [192.168.201.12]) by jawa.at (8.12.8p1/8.12.6) with ESMTP id h5G9jMpH029127; Mon, 16 Jun 2003 11:45:32 +0200 (CEST) (envelope-from mbretter@jawa.at) Date: Mon, 16 Jun 2003 11:41:20 +0200 (CEST) From: Michael Bretterklieber To: "Ilia E. Chipitsine" In-Reply-To: <20030614120833.T16514-100000@mail.cgu.chel.su> Message-ID: <20030616114030.E368@worf.jawa.at> References: <20030614120833.T16514-100000@mail.cgu.chel.su> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by amavisd-milter (http://amavis.org/) X-Spam-Status: No, hits=-23.8 required=5.0 tests=DEAR_SOMETHING,EMAIL_ATTRIBUTION,IN_REP_TO, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES version=2.53 X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp) cc: freebsd-net@freebsd.org Subject: Re: mpd + RADIUS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2003 09:48:29 -0000 Hi, On Sat, 14 Jun 2003, Ilia E. Chipitsine wrote: > Dear Sirs, > > I've configured RADIUS (gnu-radius), and it works as I can see by > "radauth" command. However, it doesn't work with mpd. > > anybody already running mpd+gnu-radius ? > can you please provide more info (mpd.conf, mpd-log etc.) bye, -- ------------------------------- ---------------------------------- Michael Bretterklieber - http://www.bretterklieber.com JAWA Management Software GmbH - http://www.jawa.at Tel: ++43-(0)316-403274-12 - GSM: ++43-(0)676-84 03 15 712 ------------------------------- ---------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 From owner-freebsd-net@FreeBSD.ORG Mon Jun 16 21:51:22 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0925637B401 for ; Mon, 16 Jun 2003 21:51:22 -0700 (PDT) Received: from manganese.bos.dyndns.org (manganese.bos.dyndns.org [66.151.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4A27043FA3 for ; Mon, 16 Jun 2003 21:51:21 -0700 (PDT) (envelope-from tom@dyndns.org) Received: from manganese.bos.dyndns.org (tom@localhost [127.0.0.1]) h5H4pJWN018196 for ; Tue, 17 Jun 2003 00:51:19 -0400 (EDT) (envelope-from tom@dyndns.org) Received: from localhost (tom@localhost)h5H4pJij018193 for ; Tue, 17 Jun 2003 00:51:19 -0400 (EDT) X-Authentication-Warning: manganese.bos.dyndns.org: tom owned process doing -bs Date: Mon, 16 Jun 2003 16:56:30 -0400 (EDT) From: Tom Daly X-X-Sender: tom@manganese.bos.dyndns.org To: isp-routing@isp-routing.com Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII ReSent-Date: Tue, 17 Jun 2003 00:51:14 -0400 (EDT) Resent-From: Tom Daly Resent-To: freebsd-net@freebsd.org ReSent-Subject: Multicast Routing ReSent-Message-ID: Subject: Multicast Routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 04:51:22 -0000 Hello, Has anyone been able to create a unified multicast broadcast domain using FreeBSD routers and tunnels? Our internal telephone system VOIP system that uses multicast to handle things like conference calling and paging. Many of our employess are off site, which DSL lines. A FreeBSD box creates a PPP tuennel for packet flow, which lets basic VOIP functions happen, but to allow more flexibility, I need to route multicast traffic as well. Anyone have any good suggestions as to how to get this going? I have tried numerous things with mrouted, but they do not seem to work. Regars, Tom -- Tom Daly tom@dyndns.org Chief Infrastructure Officer Dynamic DNS Network Services http://www.dyndns.org/ From owner-freebsd-net@FreeBSD.ORG Mon Jun 16 21:55:38 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 10ACE37B401 for ; Mon, 16 Jun 2003 21:55:38 -0700 (PDT) Received: from manganese.bos.dyndns.org (manganese.bos.dyndns.org [66.151.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6318E43FD7 for ; Mon, 16 Jun 2003 21:55:37 -0700 (PDT) (envelope-from tom@dyndns.org) Received: from manganese.bos.dyndns.org (tom@localhost [127.0.0.1]) h5H4taWN020301 for ; Tue, 17 Jun 2003 00:55:36 -0400 (EDT) (envelope-from tom@dyndns.org) Received: from localhost (tom@localhost)h5H4tarE020298 for ; Tue, 17 Jun 2003 00:55:36 -0400 (EDT) X-Authentication-Warning: manganese.bos.dyndns.org: tom owned process doing -bs Date: Tue, 17 Jun 2003 00:55:36 -0400 (EDT) From: Tom Daly X-X-Sender: tom@manganese.bos.dyndns.org To: freebsd-net@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Sorry if duplicate...Multicast Routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 04:55:38 -0000 Hello, Has anyone been able to create a unified multicast broadcast domain using FreeBSD routers and tunnels? Our internal telephone system VOIP system that uses multicast to handle things like conference calling and paging. Many of our employess are off site, which DSL lines. A FreeBSD box creates a PPP tuennel for packet flow, which lets basic VOIP functions happen, but to allow more flexibility, I need to route multicast traffic as well. Anyone have any good suggestions as to how to get this going? I have tried numerous things with mrouted, but they do not seem to work. Regards, Tom -- Tom Daly tom@dyndns.org Chief Infrastructure Officer Dynamic DNS Network Services http://www.dyndns.org/ From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 10:05:09 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA39337B405 for ; Tue, 17 Jun 2003 10:05:09 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 006F143F75 for ; Tue, 17 Jun 2003 10:05:08 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h5HH3CYA016879; Tue, 17 Jun 2003 13:03:13 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h5HH3CCt016876; Tue, 17 Jun 2003 13:03:12 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 17 Jun 2003 13:03:11 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Tom Daly In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Sorry if duplicate...Multicast Routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 17:05:10 -0000 On Tue, 17 Jun 2003, Tom Daly wrote: > Has anyone been able to create a unified multicast broadcast domain > using FreeBSD routers and tunnels? Our internal telephone system VOIP > system that uses multicast to handle things like conference calling and > paging. Many of our employess are off site, which DSL lines. A FreeBSD > box creates a PPP tuennel for packet flow, which lets basic VOIP > functions happen, but to allow more flexibility, I need to route > multicast traffic as well. Anyone have any good suggestions as to how > to get this going? I have tried numerous things with mrouted, but they > do not seem to work. I've never used PPP to directly tunnel multicast, although the tun0 interfaces appear to have the MULTICAST flag set. The configuration we use here at NAI Labs is to use IP in IP tunneling between sites, and IP multicast over ethernet multicast on local area networks, which works quite well. We use this specifically for video multicast, since we are generally relying on the phone networks to do audio still for latency reasons. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 11:24:39 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6868F37B401; Tue, 17 Jun 2003 11:24:39 -0700 (PDT) Received: from manganese.bos.dyndns.org (manganese.bos.dyndns.org [66.151.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9957143F93; Tue, 17 Jun 2003 11:24:38 -0700 (PDT) (envelope-from tom@dyndns.org) Received: from manganese.bos.dyndns.org (tom@localhost [127.0.0.1]) h5HIObWN014786; Tue, 17 Jun 2003 14:24:37 -0400 (EDT) (envelope-from tom@dyndns.org) Received: from localhost (tom@localhost)h5HIObbu014783; Tue, 17 Jun 2003 14:24:37 -0400 (EDT) X-Authentication-Warning: manganese.bos.dyndns.org: tom owned process doing -bs Date: Tue, 17 Jun 2003 14:24:37 -0400 (EDT) From: Tom Daly X-X-Sender: tom@manganese.bos.dyndns.org To: Robert Watson In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Sorry if duplicate...Multicast Routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 18:24:39 -0000 Robert, Could you clarify a bit? Are you able to move the multicast traffic between each side of the IP-IP tunnel? Tom On Tue, 17 Jun 2003, Robert Watson wrote: > > On Tue, 17 Jun 2003, Tom Daly wrote: > > > Has anyone been able to create a unified multicast broadcast domain > > using FreeBSD routers and tunnels? Our internal telephone system VOIP > > system that uses multicast to handle things like conference calling and > > paging. Many of our employess are off site, which DSL lines. A FreeBSD > > box creates a PPP tuennel for packet flow, which lets basic VOIP > > functions happen, but to allow more flexibility, I need to route > > multicast traffic as well. Anyone have any good suggestions as to how > > to get this going? I have tried numerous things with mrouted, but they > > do not seem to work. > > I've never used PPP to directly tunnel multicast, although the tun0 > interfaces appear to have the MULTICAST flag set. The configuration we > use here at NAI Labs is to use IP in IP tunneling between sites, and IP > multicast over ethernet multicast on local area networks, which works > quite well. We use this specifically for video multicast, since we are > generally relying on the phone networks to do audio still for latency > reasons. > > Robert N M Watson FreeBSD Core Team, TrustedBSD Projects > robert@fledge.watson.org Network Associates Laboratories > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Tom Daly tom@dyndns.org Chief Infrastructure Officer Dynamic DNS Network Services http://www.dyndns.org/ From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 12:48:36 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 42C8937B401 for ; Tue, 17 Jun 2003 12:48:36 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 686EA43F85 for ; Tue, 17 Jun 2003 12:48:35 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h5HJknYA017976; Tue, 17 Jun 2003 15:46:49 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h5HJknAh017973; Tue, 17 Jun 2003 15:46:49 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 17 Jun 2003 15:46:49 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Tom Daly In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Sorry if duplicate...Multicast Routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 19:48:36 -0000 On Tue, 17 Jun 2003, Tom Daly wrote: > Could you clarify a bit? Are you able to move the multicast traffic > between each side of the IP-IP tunnel? Yes. We use mrouted to configure multicast tunnels in pretty much the following way (IP addresses tweaked to protect the guilty): % more mrouted.conf tunnel 10.33.1.16 192.168.49.50 metric 1 threshold 1 tunnel 10.33.1.16 192.168.10.251 metric 1 threshold 1 ... In this case, 10.33.1.16 is the local IP, and 192.168.49.50 are remote IPs of other multicast tunnel endpoints with similar configurations. The remote boxes are generally on the other side of wide area networks without multicast routing in between. This "just works". > > Tom > > On Tue, 17 Jun 2003, Robert Watson wrote: > > > > > On Tue, 17 Jun 2003, Tom Daly wrote: > > > > > Has anyone been able to create a unified multicast broadcast domain > > > using FreeBSD routers and tunnels? Our internal telephone system VOIP > > > system that uses multicast to handle things like conference calling and > > > paging. Many of our employess are off site, which DSL lines. A FreeBSD > > > box creates a PPP tuennel for packet flow, which lets basic VOIP > > > functions happen, but to allow more flexibility, I need to route > > > multicast traffic as well. Anyone have any good suggestions as to how > > > to get this going? I have tried numerous things with mrouted, but they > > > do not seem to work. > > > > I've never used PPP to directly tunnel multicast, although the tun0 > > interfaces appear to have the MULTICAST flag set. The configuration we > > use here at NAI Labs is to use IP in IP tunneling between sites, and IP > > multicast over ethernet multicast on local area networks, which works > > quite well. We use this specifically for video multicast, since we are > > generally relying on the phone networks to do audio still for latency > > reasons. > > > > Robert N M Watson FreeBSD Core Team, TrustedBSD Projects > > robert@fledge.watson.org Network Associates Laboratories > > > > > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > -- > Tom Daly > tom@dyndns.org > Chief Infrastructure Officer > Dynamic DNS Network Services > http://www.dyndns.org/ > > From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 13:02:11 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B6B2837B401 for ; Tue, 17 Jun 2003 13:02:11 -0700 (PDT) Received: from bluhayz.org (ip68-106-103-50.nv.nv.cox.net [68.106.103.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id DE90D43FB1 for ; Tue, 17 Jun 2003 13:02:10 -0700 (PDT) (envelope-from dero@bluhayz.org) Received: from ww2.bluhayz.org (localhost.homeunix.org [127.0.0.1]) by bluhayz.org (8.12.8p1/8.12.8) with ESMTP id h5HKVBvY002287 for ; Tue, 17 Jun 2003 16:31:11 -0400 (EDT) (envelope-from dero@bluhayz.org) From: "agent dero" To: freebsd-net@freebsd.org Date: Tue, 17 Jun 2003 16:31:11 -0400 Message-Id: <20030617202641.M89021@bluhayz.org> In-Reply-To: <20030617190116.F234C37B404@hub.freebsd.org> References: <20030617190116.F234C37B404@hub.freebsd.org> X-Mailer: Open WebMail 2.01 20030425 X-OriginatingIP: 172.183.190.253 (dero) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Subject: IPv6 and me.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 20:02:12 -0000 I am starting a hosting company in southern texas using a couple of dual Pentium servers I got from a friend, and I using FreeBSD to run the whole sha- bang. I am also planning on using IPv6, mainly because of it's advantages, and I think the internet should start moving over to IPv6. The big questions are, does anyone know of any ISPs that support it? And/Or any router/switch manufacturers that have compatibility with it. Don't get me wrong, I am still heavily dependant on IPv4, but I would like to start having IPv6 compatibility. On another un-related topic, who do I send this image to (http://www.bluhayz.org/images/poweredbyfreebsd_2.gif) Do get it put on the FreeBSD.org site,(the other 88x31 button was too ugly for me :-p) -thanks --agent dero From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 13:17:53 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF47537B401; Tue, 17 Jun 2003 13:17:53 -0700 (PDT) Received: from manganese.bos.dyndns.org (manganese.bos.dyndns.org [66.151.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3060843F93; Tue, 17 Jun 2003 13:17:52 -0700 (PDT) (envelope-from tom@dyndns.org) Received: from manganese.bos.dyndns.org (tom@localhost [127.0.0.1]) h5HKHoWN028076; Tue, 17 Jun 2003 16:17:50 -0400 (EDT) (envelope-from tom@dyndns.org) Received: from localhost (tom@localhost)h5HKHohg028073; Tue, 17 Jun 2003 16:17:50 -0400 (EDT) X-Authentication-Warning: manganese.bos.dyndns.org: tom owned process doing -bs Date: Tue, 17 Jun 2003 16:17:50 -0400 (EDT) From: Tom Daly X-X-Sender: tom@manganese.bos.dyndns.org To: Robert Watson In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Sorry if duplicate...Multicast Routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 20:17:54 -0000 Robert, I think our situation is a bit more complicated, however, I'll draw it out to hopefully add some direction. ###################### ### Office VOIP PBX### Routable IP Address Office Net ###################### || ENET || ###################### ### FreeBSD Router ### ###################### || DSL || ###################### #### INTERNET ### ###################### || DSL || ###################### WAN IP Routable ### FreeBSD Router ### ###################### NAT Inside / Remote Network || ENET || ###################### ### VOIP Phone ### IP on RFC1918 Space ###################### Currently, we use a PPP tunnel to put the PBX and Phone on subnets that can talk to each other. The two FBSD boxen run as the endpoints of the tunnel. We need to be able to seamlessly forward multicast traffic between the remote network and the office network. Any ideas? Thanks, Tom On Tue, 17 Jun 2003, Robert Watson wrote: > > On Tue, 17 Jun 2003, Tom Daly wrote: > > > Could you clarify a bit? Are you able to move the multicast traffic > > between each side of the IP-IP tunnel? > > Yes. We use mrouted to configure multicast tunnels in pretty much the > following way (IP addresses tweaked to protect the guilty): > > % more mrouted.conf > tunnel 10.33.1.16 192.168.49.50 metric 1 threshold 1 > tunnel 10.33.1.16 192.168.10.251 metric 1 threshold 1 > ... > > In this case, 10.33.1.16 is the local IP, and 192.168.49.50 are remote IPs > of other multicast tunnel endpoints with similar configurations. The > remote boxes are generally on the other side of wide area networks without > multicast routing in between. This "just works". > > > > > Tom > > > > On Tue, 17 Jun 2003, Robert Watson wrote: > > > > > > > > On Tue, 17 Jun 2003, Tom Daly wrote: > > > > > > > Has anyone been able to create a unified multicast broadcast domain > > > > using FreeBSD routers and tunnels? Our internal telephone system VOIP > > > > system that uses multicast to handle things like conference calling and > > > > paging. Many of our employess are off site, which DSL lines. A FreeBSD > > > > box creates a PPP tuennel for packet flow, which lets basic VOIP > > > > functions happen, but to allow more flexibility, I need to route > > > > multicast traffic as well. Anyone have any good suggestions as to how > > > > to get this going? I have tried numerous things with mrouted, but they > > > > do not seem to work. > > > > > > I've never used PPP to directly tunnel multicast, although the tun0 > > > interfaces appear to have the MULTICAST flag set. The configuration we > > > use here at NAI Labs is to use IP in IP tunneling between sites, and IP > > > multicast over ethernet multicast on local area networks, which works > > > quite well. We use this specifically for video multicast, since we are > > > generally relying on the phone networks to do audio still for latency > > > reasons. > > > > > > Robert N M Watson FreeBSD Core Team, TrustedBSD Projects > > > robert@fledge.watson.org Network Associates Laboratories > > > > > > > > > _______________________________________________ > > > freebsd-net@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > > > > -- > > Tom Daly > > tom@dyndns.org > > Chief Infrastructure Officer > > Dynamic DNS Network Services > > http://www.dyndns.org/ > > > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Tom Daly tom@dyndns.org Chief Infrastructure Officer Dynamic DNS Network Services http://www.dyndns.org/ From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 14:44:47 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B688937B407 for ; Tue, 17 Jun 2003 14:44:47 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0CFAC43F93 for ; Tue, 17 Jun 2003 14:44:47 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h5HLguYA018694; Tue, 17 Jun 2003 17:42:56 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h5HLguLl018691; Tue, 17 Jun 2003 17:42:56 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 17 Jun 2003 17:42:56 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: agent dero In-Reply-To: <20030617202641.M89021@bluhayz.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: IPv6 and me.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 21:44:48 -0000 On Tue, 17 Jun 2003, agent dero wrote: > I am starting a hosting company in southern texas using a couple of dual > Pentium servers I got from a friend, and I using FreeBSD to run the > whole sha- bang. I am also planning on using IPv6, mainly because of > it's advantages, and I think the internet should start moving over to > IPv6. > > The big questions are, does anyone know of any ISPs that support it? > And/Or any router/switch manufacturers that have compatibility with it. > > Don't get me wrong, I am still heavily dependant on IPv4, but I would > like to start having IPv6 compatibility. This isn't the answer you're looking for, but... I was very interested to see a CNET article that DoD has announced a concrete interest in deploying IPv6 over the next five years. If that is indeed the case, you're going to see a lot more support for IPv6 from vendors, etc. On the other hand, I can't tell you which ISPs in the US would provide IPv6 support... :-) Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 14:50:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF16737B401 for ; Tue, 17 Jun 2003 14:50:52 -0700 (PDT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 14D2343FA3 for ; Tue, 17 Jun 2003 14:50:52 -0700 (PDT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.12.9/8.12.9) with ESMTP id h5HLolNY071276; Tue, 17 Jun 2003 17:50:47 -0400 (EDT) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.12.9/8.12.9/Submit) id h5HLolRu071275; Tue, 17 Jun 2003 17:50:47 -0400 (EDT) Date: Tue, 17 Jun 2003 17:50:47 -0400 From: Barney Wolff To: freebsd-net@freebsd.org Message-ID: <20030617215047.GA71157@pit.databus.com> References: <20030617202641.M89021@bluhayz.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i X-Scanned-By: MIMEDefang 2.33 (www . roaringpenguin . com / mimedefang) cc: agent dero Subject: Re: IPv6 and me.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 21:50:53 -0000 On Tue, Jun 17, 2003 at 05:42:56PM -0400, Robert Watson wrote: > > This isn't the answer you're looking for, but... I was very interested to > see a CNET article that DoD has announced a concrete interest in deploying > IPv6 over the next five years. If that is indeed the case, you're going > to see a lot more support for IPv6 from vendors, etc. On the other hand, > I can't tell you which ISPs in the US would provide IPv6 support... :-) There was a recent discussion of IPv6 ISPs on NANOG. Look at the nanog archives for messages listing them. www.nanog.org -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 16:41:57 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C9DA537B401 for ; Tue, 17 Jun 2003 16:41:57 -0700 (PDT) Received: from bellana.nc-rj.rnp.br (bellana.nc-rj.rnp.br [200.17.63.130]) by mx1.FreeBSD.org (Postfix) with SMTP id 01C2C43F75 for ; Tue, 17 Jun 2003 16:41:56 -0700 (PDT) (envelope-from alex@rnp.br) Received: (qmail 94829 invoked by uid 0); 17 Jun 2003 23:41:54 -0000 Received: from kira.nc-rj.rnp.br (200.17.63.90) by 0 with SMTP; 17 Jun 2003 23:41:54 -0000 Received: (qmail 61654 invoked by uid 0); 17 Jun 2003 23:41:53 -0000 Received: from chiclete.nc-rj.rnp.br (HELO chiclete) (200.17.63.13) by 0 with SMTP; 17 Jun 2003 23:41:53 -0000 Message-ID: <004101c3352a$08183a90$0d3f11c8@ncrj.rnp.br> From: "Alex Soares de Moura" To: References: <20030617202641.M89021@bluhayz.org> <20030617215047.GA71157@pit.databus.com> Date: Tue, 17 Jun 2003 20:41:53 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: IPv6 and me.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 23:41:58 -0000 It seems that the most of the commercial deployment of IPv6 has been mostly done in Asia. NTT/Verio has a Tier1 backbone in production. Nanog has a FAQ entry about the subject: http://www.nanog.org/listfaq.html Maybe in the list of sites by contry you'll find something useful: http://www.cs-ipv6.lancs.ac.uk/ipv6/6Bone/Whois/bycountry.html Best regards, Alex S.M. RNP - NOC Brazilian Academic Research Network - http://www.rnp.br/ ----- Original Message ----- From: "Barney Wolff" To: Cc: "agent dero" Sent: Tuesday, June 17, 2003 6:50 PM Subject: Re: IPv6 and me.... > On Tue, Jun 17, 2003 at 05:42:56PM -0400, Robert Watson wrote: > > > > This isn't the answer you're looking for, but... I was very interested to > > see a CNET article that DoD has announced a concrete interest in deploying > > IPv6 over the next five years. If that is indeed the case, you're going > > to see a lot more support for IPv6 from vendors, etc. On the other hand, > > I can't tell you which ISPs in the US would provide IPv6 support... :-) > > There was a recent discussion of IPv6 ISPs on NANOG. Look at the > nanog archives for messages listing them. www.nanog.org > > -- > Barney Wolff http://www.databus.com/bwresume.pdf > I'm available by contract or FT, in the NYC metro area or via the 'Net. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 17:35:25 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8039F37B401 for ; Tue, 17 Jun 2003 17:35:25 -0700 (PDT) Received: from relay1.softcomca.com (relay1.softcomca.com [168.144.1.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id BE17343FBD for ; Tue, 17 Jun 2003 17:35:24 -0700 (PDT) (envelope-from akanwar@digitarchy.com) Received: from M2W048.mail2web.com ([168.144.251.155]) by relay1.softcomca.com with Microsoft SMTPSVC(5.0.2195.5576); Tue, 17 Jun 2003 20:35:23 -0400 Message-ID: <265000-22003631803523906@M2W048.mail2web.com> X-Priority: 3 X-Originating-IP: 66.162.33.181 X-URL: http://mail2web.com/ From: "akanwar@digitarchy.com" To: freebsd-net@freebsd.org Date: Tue, 17 Jun 2003 20:35:23 -0400 MIME-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-OriginalArrivalTime: 18 Jun 2003 00:35:24.0074 (UTC) FILETIME=[819D38A0:01C33531] Subject: replacement for SOCK_PACKET X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: akanwar@digitarchy.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 00:35:25 -0000 Hi all, =20 What is the BSD equivalent of this Linux call: sock=3Dsocket(AF_INET,SOCK_PACKET,htons(ETH_P_RARP)); Thanks, -ansh -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web=2Ecom/ =2E From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 17:59:26 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E0AF737B401 for ; Tue, 17 Jun 2003 17:59:26 -0700 (PDT) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 20EE043F3F for ; Tue, 17 Jun 2003 17:59:26 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.9/8.12.9) with ESMTP id h5I0xNjp036669 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 17 Jun 2003 20:59:24 -0400 (EDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.9/8.12.9/Submit) id h5I0xNGa036666; Tue, 17 Jun 2003 20:59:23 -0400 (EDT) (envelope-from wollman) Date: Tue, 17 Jun 2003 20:59:23 -0400 (EDT) From: Garrett Wollman Message-Id: <200306180059.h5I0xNGa036666@khavrinen.lcs.mit.edu> To: akanwar@digitarchy.com In-Reply-To: <265000-22003631803523906@M2W048.mail2web.com> References: <265000-22003631803523906@M2W048.mail2web.com> X-Spam-Score: -9.9 () IN_REP_TO,REFERENCES X-Scanned-By: MIMEDefang 2.33 (www . roaringpenguin . com / mimedefang) cc: freebsd-net@freebsd.org Subject: replacement for SOCK_PACKET X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 00:59:27 -0000 < said: > What is the BSD equivalent of this Linux call: > sock=socket(AF_INET,SOCK_PACKET,htons(ETH_P_RARP)); man libpcap -GAWollman From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 18:22:50 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CD1637B401 for ; Tue, 17 Jun 2003 18:22:50 -0700 (PDT) Received: from linux.research.att.com (H-135-207-24-16.research.att.com [135.207.24.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 810EC43F85 for ; Tue, 17 Jun 2003 18:22:49 -0700 (PDT) (envelope-from fenner@research.att.com) Received: from unixmail.research.att.com (unixmail.research.att.com [135.207.26.71])h5I1U2EI007739; Tue, 17 Jun 2003 21:30:02 -0400 Received: from windsor.research.att.com (windsor.research.att.com [135.207.26.46])h5I1L2Xs011002; Tue, 17 Jun 2003 21:21:03 -0400 (EDT) From: Bill Fenner Received: (from fenner@localhost) by windsor.research.att.com (8.11.6+Sun/8.8.5) id h5I1Mfc26416; Tue, 17 Jun 2003 18:22:41 -0700 (PDT) Message-Id: <200306180122.h5I1Mfc26416@windsor.research.att.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII To: tom@dyndns.org References: Date: Tue, 17 Jun 2003 18:22:41 -0700 Versions: dmail (solaris) 2.5a/makemail 2.9d cc: freebsd-net@freebsd.org Subject: Re: Multicast Routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 01:22:50 -0000 Tom, >Currently, we use a PPP tunnel to put the PBX and Phone on subnets that >can talk to each other. The two FBSD boxen run as the endpoints of the >tunnel. We need to be able to seamlessly forward multicast traffic between >the remote network and the office network. > >Any ideas? mrouted should work fine in this situation, IF it's run after the ppp session is established (it doesn't know how to handle dynamic interfaces). If it doesn't, try kill -USR1 `cat /var/run/mrouted.pid` and send me the /var/tmp/mrouted.dump file that it creates and I'll try to walk through it with you. Bill From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 18:34:46 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6614D37B401 for ; Tue, 17 Jun 2003 18:34:46 -0700 (PDT) Received: from relay1.softcomca.com (relay1.softcomca.com [168.144.1.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id C4E7243FAF for ; Tue, 17 Jun 2003 18:34:45 -0700 (PDT) (envelope-from akanwar@digitarchy.com) Received: from M2W098.mail2web.com ([168.144.251.211]) by relay1.softcomca.com with Microsoft SMTPSVC(5.0.2195.5576); Tue, 17 Jun 2003 21:34:45 -0400 Message-ID: <184670-22003631813445521@M2W098.mail2web.com> X-Priority: 3 X-Originating-IP: 66.162.33.181 X-URL: http://mail2web.com/ From: "akanwar@digitarchy.com" To: wollman@lcs.mit.edu, freebsd-net@freebsd.org Date: Tue, 17 Jun 2003 21:34:45 -0400 MIME-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-OriginalArrivalTime: 18 Jun 2003 01:34:45.0462 (UTC) FILETIME=[CC5DE760:01C33539] Subject: RE: replacement for SOCK_PACKET X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: akanwar@digitarchy.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 01:34:46 -0000 Thanks Garrett=2E=20 I am trying to write a small program to send out gratituous arps (because the em driver does not work) for a redundancy (via IP address take over) scheme=2E I do NOT want to use libpcap or libnet as these will not be available on prodution servers=2E I could probably statically link and make a huge executable=2E=2E=2Ebut then I think there ought to be a simpler way=2E Any ideas? -ansh =20 Original Message: ----------------- From: Garrett Wollman wollman@lcs=2Emit=2Eedu Date: Tue, 17 Jun 2003 20:59:23 -0400 (EDT) To: akanwar@digitarchy=2Ecom, freebsd-net@freebsd=2Eorg Subject: replacement for SOCK_PACKET ansh said: > What is the BSD equivalent of this Linux call: > sock=3Dsocket(AF_INET,SOCK_PACKET,htons(ETH_P_RARP)); man libpcap -GAWollman -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web=2Ecom/ =2E From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 20:40:05 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9D55837B401 for ; Tue, 17 Jun 2003 20:40:05 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id C231443F93 for ; Tue, 17 Jun 2003 20:40:04 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h5I3e2KJ001245; Tue, 17 Jun 2003 23:40:02 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h5I3e2kQ001242; Tue, 17 Jun 2003 23:40:02 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 17 Jun 2003 23:40:02 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: "akanwar@digitarchy.com" In-Reply-To: <184670-22003631813445521@M2W098.mail2web.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: wollman@lcs.mit.edu cc: freebsd-net@freebsd.org Subject: RE: replacement for SOCK_PACKET X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 03:40:05 -0000 On Tue, 17 Jun 2003, akanwar@digitarchy.com wrote: > I am trying to write a small program to send out gratituous arps > (because the em driver does not work) for a redundancy (via IP address > take over) scheme. Hmm. If you're having if_em bugs and haven't already submitted a PR, please do so. Our if_em maintainer is Prafulle Deuskar at Intel. > I do NOT want to use libpcap or libnet as these will not be available on > prodution servers. I could probably statically link and make a huge > executable...but then I think there ought to be a simpler way. If pcap is not available on your production FreeBSD servers, it's because you've removed it. BPF is the supported "link layer transmission" mechanism in most BSD-derived platforms. libpcap provides a portable library interface to BPF; pcap ports are available (and shipped with) many other OS implementations, including Linux. If you have tcpdump installed, which is common for many production installations, you likely have pcap. If you just want to bypass libpcap, open /dev/bpf%d directly, issue the necessary ioctl() to bind the interface (BIOCSETIF), possibly change the "header completion mode" (BIOCSHDRCMPLT), and write the packet to the BPF device. Here's a code fragment: do { sprintf(device, "/dev/bpf%d", n++); fd = open(device, O_RDWR); } while (fd < 0 && errno == EBUSY && n < 1000); if (fd < 0) { perror("open"); return (-1); } strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); if (ioctl(fd, BIOCSETIF, &ifr)) { perror("ioctl"); close(fd); return (-1); } if (ioctl(fd, BIOCGDLT, &data)) { perror("ioctl"); close(fd); return (-1); } if (data != DLT_EN10MB) { fprintf(stderr, "ioctl: invalid data link type\n"); close(fd); return (-1); } data = 1; if (ioctl(fd, BIOCSHDRCMPLT, &data)) { perror("ioctl"); close(fd); return (-1); } ... if (write(fd, pbuf, pbuflen) != pbuflen) ... Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories From owner-freebsd-net@FreeBSD.ORG Tue Jun 17 22:27:06 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E6EDB37B401; Tue, 17 Jun 2003 22:27:06 -0700 (PDT) Received: from cocoa.syncrontech.com (cocoa-e0.syncrontech.com [62.71.8.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1F44643FAF; Tue, 17 Jun 2003 22:27:05 -0700 (PDT) (envelope-from ari.suutari@syncrontech.com) Received: from guinness.syncrontech.com (guinness.syncrontech.com [62.71.8.19])h5I5QxsV086682; Wed, 18 Jun 2003 08:27:00 +0300 (EEST) (envelope-from ari.suutari@syncrontech.com) Received: from coffee.syncrontech.com (coffee.syncrontech.com [62.71.8.37]) h5I5Qwk6076418; Wed, 18 Jun 2003 08:26:58 +0300 (EEST) (envelope-from ari.suutari@syncrontech.com) From: Ari Suutari Organization: Syncron Tech Oy To: freebsd-net@freebsd.org Date: Wed, 18 Jun 2003 08:26:52 +0300 User-Agent: KMail/1.5.2 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200306180826.52639.ari.suutari@syncrontech.com> X-Scanned-By: MIMEDefang 2.24 (www . roaringpenguin . com / mimedefang) cc: sumikawa@freebsd.org Subject: Enhancements for racoon X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 05:27:07 -0000 Hi, I have developed two enhancements for racoon. First one is simple support for 'keepalive' statement in racoon configuration file, which causes racoon to keep link up with remote end even when there is no traffic. It also does this when racoon is started, which is very nice since it also causes initial-contact notification to be sent to other end so possible old SAs are removed and connection comes up immediately (otherwise it comes up when the side which restarted sends something or SAs expire which can take longer time). Second one gives more support on environments which have multiple IP addresses on same interface. It allows selecting which local IP address to use when isakmp packets are sent. These things are currently under my testing, but I'm going to make them available publicly. Which would be the best approach for this - should I put the patches into freebsd racoon port or maybe pass them directly to kame project ? Ari S. Lapppeenranta, Finland From owner-freebsd-net@FreeBSD.ORG Wed Jun 18 00:20:29 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D62DA37B404; Wed, 18 Jun 2003 00:20:29 -0700 (PDT) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2D9B543F3F; Wed, 18 Jun 2003 00:20:27 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from zaphod (66-91-236-204.san.rr.com [66.91.236.204]) by smtp-relay.omnis.com (Postfix) with ESMTP id 4A4845B6CF; Wed, 18 Jun 2003 00:20:25 -0700 (PDT) Date: Wed, 18 Jun 2003 00:18:18 -0700 From: Wes Peters To: Robert Watson Message-Id: <20030618001818.0df230d3.wes@softweyr.com> In-Reply-To: References: <20030617202641.M89021@bluhayz.org> Organization: Softweyr.com X-Mailer: Sylpheed version 0.9.2 (GTK+ 1.2.10; i386-portbld-freebsd4.8) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org cc: dero@bluhayz.org Subject: Re: IPv6 and me.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 07:20:30 -0000 On Tue, 17 Jun 2003 17:42:56 -0400 (EDT) Robert Watson wrote: > > On Tue, 17 Jun 2003, agent dero wrote: > > > I am starting a hosting company in southern texas using a couple of > > dual Pentium servers I got from a friend, and I using FreeBSD to run > > the whole sha- bang. I am also planning on using IPv6, mainly > > because of it's advantages, and I think the internet should start > > moving over to IPv6. > > > > The big questions are, does anyone know of any ISPs that support it? > > And/Or any router/switch manufacturers that have compatibility with > > it. > > > > Don't get me wrong, I am still heavily dependant on IPv4, but I > > would like to start having IPv6 compatibility. > > This isn't the answer you're looking for, but... I was very interested > to see a CNET article that DoD has announced a concrete interest in > deploying IPv6 over the next five years. If that is indeed the case, > you're going to see a lot more support for IPv6 from vendors, etc. On > the other hand, I can't tell you which ISPs in the US would provide > IPv6 support... :-) Xmission does. www.xmission.com. Probably not useful to you unless you're located in Utah, and I have no idea what it means outside their own network. -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Wed Jun 18 05:15:47 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FBFB37B401; Wed, 18 Jun 2003 05:15:47 -0700 (PDT) Received: from v6.hitachi.co.jp (galilei.v6.hitachi.co.jp [133.145.167.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3A55E43F3F; Wed, 18 Jun 2003 05:15:46 -0700 (PDT) (envelope-from sumikawa@freebsd.org) Received: from prince.don.to ([192.168.242.69]) by v6.hitachi.co.jp (8.12.9/8.11.6) with ESMTP id h5ICRNah086411; Wed, 18 Jun 2003 21:27:24 +0900 (JST) (envelope-from sumikawa@freebsd.org) Received: from localhost (localhost [127.0.0.1]) by prince.don.to (8.12.9/3.7W) with ESMTP id h5ICFGcs000858; Wed, 18 Jun 2003 13:15:16 +0100 (BST) Date: Wed, 18 Jun 2003 13:15:16 +0100 (BST) Message-Id: <20030618.131516.25867561.sumikawa@ebina.hitachi.co.jp> To: ari.suutari@syncrontech.com From: Munechika Sumikawa In-Reply-To: <200306180826.52639.ari.suutari@syncrontech.com> References: <200306180826.52639.ari.suutari@syncrontech.com> X-Mailer: xcite1.48> Mew version 4.0.53 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org cc: sumikawa@freebsd.org Subject: Re: Enhancements for racoon X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 12:15:47 -0000 Ari, > These things are currently under my testing, but I'm > going to make them available publicly. Which would > be the best approach for this - should I put > the patches into freebsd racoon port or maybe pass > them directly to kame project ? I recommend you communicate with KAME developers directly because your patch looks generic, not FreeBSD specific. -- Sumikawa From owner-freebsd-net@FreeBSD.ORG Wed Jun 18 06:17:22 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 56BCC37B401 for ; Wed, 18 Jun 2003 06:17:22 -0700 (PDT) Received: from spitfire.velocet.net (spitfire.velocet.net [216.138.223.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 45AC443F93 for ; Wed, 18 Jun 2003 06:17:19 -0700 (PDT) (envelope-from steve@nomad.tor.lets.net) Received: from nomad.lets.net (H74.C220.tor.velocet.net [216.138.220.74]) by spitfire.velocet.net (Postfix) with SMTP id DD7D14B7F4B for ; Wed, 18 Jun 2003 09:17:16 -0400 (EDT) Received: (qmail 84049 invoked by uid 1008); 18 Jun 2003 13:42:34 -0000 Date: Wed, 18 Jun 2003 09:42:34 -0400 From: Steve Shorter To: net@freebsd.org Message-ID: <20030618134234.GA84032@nomad.lets.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Subject: arp "bug" ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 13:17:22 -0000 Howdy! I have a nfs booted server (FreeBSD 4.5p24) with local disk for data/swap. It has 2 network interfaces configured as follows .... Jun 18 08:16:18 <14.6> db0 /kernel: fxp0: flags=8843 mtu 1500 Jun 18 08:16:18 <14.6> db0 /kernel: inet 192.168.10.11 netmask 0xffffff00 broadcast 192.168.10.255 Jun 18 08:16:18 <14.6> db0 /kernel: ether 00:d0:b7:c9:c5:f0 Jun 18 08:16:18 <14.6> db0 /kernel: media: Ethernet autoselect (100baseTX ) Jun 18 08:16:18 <14.6> db0 /kernel: status: active Jun 18 08:16:18 <14.6> db0 /kernel: fxp1: flags=8843 mtu 1500 Jun 18 08:16:18 <14.6> db0 /kernel: inet 192.168.20.11 netmask 0xffffff00 broadcast 192.168.20.255 Jun 18 08:16:18 <14.6> db0 /kernel: ether 00:b0:d0:49:ba:05 Jun 18 08:16:18 <14.6> db0 /kernel: media: Ethernet autoselect (100baseTX ) Jun 18 08:16:18 <14.6> db0 /kernel: status: active Twice in the last 24 hours it logged the following arp messages Jun 18 07:57:12 <1.3> db0 /kernel: arp: 00:b0:d0:49:ba:05 is using my IP address 192.168.10.11! Jun 18 08:00:39 <1.3> db0 /kernel: arp: 00:b0:d0:49:ba:05 is using my IP address 192.168.10.11! Jun 18 08:04:17 <1.3> db0 /kernel: arp: 00:b0:d0:49:ba:05 is using my IP address 192.168.10.11! Jun 18 08:07:06 <1.3> db0 /kernel: arp: 00:b0:d0:49:ba:05 is using my IP address 192.168.10.11! I seems that the MAC address of the fxp1 interface is being confused somehow with the IP of the fxp0 interface. Since this interface is the root fs the machine hung and had to be power cycled. I don't see why this error should happen, both interfaces are on different subnets ie. fxp0 - 192.168.10.11/24 and fxp1 - 192.168.20.11/24. I have some 4.6.2 servers that also log similar messages, but I've been ignoring them up to now cause it never was a "problem". Is this a bug? or is there a misconfiguration or other fix? thanx - steve From owner-freebsd-net@FreeBSD.ORG Wed Jun 18 08:47:38 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3250937B401; Wed, 18 Jun 2003 08:47:38 -0700 (PDT) Received: from wall.polstra.com (wall-gw.polstra.com [206.213.73.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3525743F85; Wed, 18 Jun 2003 08:47:35 -0700 (PDT) (envelope-from jdp@polstra.com) Received: from strings.polstra.com (strings.polstra.com [206.213.73.20]) by wall.polstra.com (8.12.3p2/8.12.3) with ESMTP id h5IFlYPM057242 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Wed, 18 Jun 2003 08:47:34 -0700 (PDT) (envelope-from jdp@strings.polstra.com) Received: (from jdp@localhost) by strings.polstra.com (8.12.6/8.12.6/Submit) id h5IFlXPu022709; Wed, 18 Jun 2003 08:47:33 -0700 (PDT) (envelope-from jdp) Date: Wed, 18 Jun 2003 08:47:33 -0700 (PDT) Message-Id: <200306181547.h5IFlXPu022709@strings.polstra.com> To: net@freebsd.org From: John Polstra In-Reply-To: References: Organization: Polstra & Co., Seattle, WA X-Bogosity: No, tests=bogofilter, spamicity=0.499999, version=0.11.2 cc: rwatson@freebsd.org Subject: Re: IPv6 and me.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 15:47:38 -0000 In article , Robert Watson wrote: > > This isn't the answer you're looking for, but... I was very interested to > see a CNET article that DoD has announced a concrete interest in deploying > IPv6 over the next five years. If that is indeed the case, you're going > to see a lot more support for IPv6 from vendors, etc. Kind of like what happened with Ada, eh? ;-) John -- John Polstra John D. Polstra & Co., Inc. Seattle, Washington USA "Two buttocks cannot avoid friction." -- Malawi saying From owner-freebsd-net@FreeBSD.ORG Wed Jun 18 09:05:45 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6376637B401; Wed, 18 Jun 2003 09:05:45 -0700 (PDT) Received: from nic-naa.net (216-220-241-233.midmaine.com [216.220.241.233]) by mx1.FreeBSD.org (Postfix) with ESMTP id 626ED43F93; Wed, 18 Jun 2003 09:05:44 -0700 (PDT) (envelope-from brunner@nic-naa.net) Received: from nic-naa.net (localhost [127.0.0.1]) by nic-naa.net (8.12.9/8.12.9) with ESMTP id h5IG2qiC048161; Wed, 18 Jun 2003 16:02:52 GMT Message-Id: <200306181602.h5IG2qiC048161@nic-naa.net> To: John Polstra In-Reply-To: Your message of "Wed, 18 Jun 2003 08:47:33 PDT." <200306181547.h5IFlXPu022709@strings.polstra.com> Date: Wed, 18 Jun 2003 12:02:52 -0400 From: Eric Brunner-Williams in Portland Maine cc: rwatson@freebsd.org cc: net@freebsd.org Subject: Re: IPv6 and me.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 16:05:45 -0000 well ... One day my mom (a lifer in the data center at the Naval Post-Graduate School in Monterey) called to tell me that the new Admiral had decided that the School would go all-MS ... Unlike Ada, the DoD has been fairly effective in wiping non-MS operating system products off its desk-top spindles. Is this a "good thing"? Nope. Is this going to change? Nope. Is it (and all the attached human investment) a defensible element in US National Security Infrastructure? Nope. Was the DoD always this stupid, or is it simply a cerebral hemmorage at DARPA a decade ago that is now ... profoundly visibile? Cheers, Eric From owner-freebsd-net@FreeBSD.ORG Wed Jun 18 09:41:40 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C8DBE37B404 for ; Wed, 18 Jun 2003 09:41:40 -0700 (PDT) Received: from letters.cs.ucsb.edu (letters.cs.ucsb.edu [128.111.41.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5010743F85 for ; Wed, 18 Jun 2003 09:41:40 -0700 (PDT) (envelope-from ynshenoy@cs.ucsb.edu) Received: from bird (bird [128.111.43.203]) by letters.cs.ucsb.edu (8.11.6+Sun/8.11.6) with ESMTP id h5IGfd528596 for ; Wed, 18 Jun 2003 09:41:40 -0700 (PDT) Date: Wed, 18 Jun 2003 09:41:38 -0700 (PDT) From: Yogeshwar Shenoy X-Sender: ynshenoy@bird To: freebsd-net@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: process crash on signal 4 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 16:41:41 -0000 Can someone throw some light on what the different reasons for signal 4 (SIGILL) being sent to a process are? ('Illegal instruction' does not quite make sense in this case). We are running a server that uses TCP, on Intel Xeon CPU 2.40GHz (hyperthreading disabled) running FreeBSD 4.8-RELEASE. This process core dumped on signal 4 when pushing ~15Mbit/sec over an em (gigabit copper) interface. Using gdb I find that the address in the EIP register is actually the start of my own function; the stack trace does not show a frame for abort() either. So I am not sure what caused this signal to be sent to the process. The exact same binary running on a PIII 1.2GHz (FreeBSD 4.6.2-RELEASE), using an fxp interface has been running fine (also steadily pushing ~15Mbit/sec) for about 8 months. The binary was compiled on a PIII machine running FreeBSD 4.4-RELEASE machine using gcc version 2.95.3 20010315 (release) [FreeBSD], with the -O2 option. I'd appreciate any help in getting to the bottom of the SIGILL. Thanks, Yogeshwar. From owner-freebsd-net@FreeBSD.ORG Wed Jun 18 16:32:53 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 778CE37B401 for ; Wed, 18 Jun 2003 16:32:53 -0700 (PDT) Received: from manganese.bos.dyndns.org (manganese.bos.dyndns.org [66.151.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id A058843F85 for ; Wed, 18 Jun 2003 16:32:52 -0700 (PDT) (envelope-from tom@dyndns.org) Received: from manganese.bos.dyndns.org (tom@localhost [127.0.0.1]) h5INWoWN027541; Wed, 18 Jun 2003 19:32:50 -0400 (EDT) (envelope-from tom@dyndns.org) Received: from localhost (tom@localhost)h5INWnk7027538; Wed, 18 Jun 2003 19:32:50 -0400 (EDT) X-Authentication-Warning: manganese.bos.dyndns.org: tom owned process doing -bs Date: Wed, 18 Jun 2003 19:32:49 -0400 (EDT) From: Tom Daly X-X-Sender: tom@manganese.bos.dyndns.org To: Bill Fenner In-Reply-To: <200306180122.h5I1Mfc26416@windsor.research.att.com> Message-ID: References: <200306180122.h5I1Mfc26416@windsor.research.att.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Multicast Routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2003 23:32:53 -0000 Thanks to everyone, esp. Bill, I was able to finally get things working the way they should. A combination of complicating the mrouted.conf with more tunnels than needed and a firewall in the way was preventing things from fully working. Thanks to everyone for thier input. Tom On Tue, 17 Jun 2003, Bill Fenner wrote: > > Tom, > > >Currently, we use a PPP tunnel to put the PBX and Phone on subnets that > >can talk to each other. The two FBSD boxen run as the endpoints of the > >tunnel. We need to be able to seamlessly forward multicast traffic between > >the remote network and the office network. > > > >Any ideas? > > mrouted should work fine in this situation, IF it's run after the ppp > session is established (it doesn't know how to handle dynamic interfaces). > If it doesn't, try kill -USR1 `cat /var/run/mrouted.pid` and send me the > /var/tmp/mrouted.dump file that it creates and I'll try to walk through > it with you. > > Bill > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Tom Daly tom@dyndns.org Chief Infrastructure Officer Dynamic DNS Network Services http://www.dyndns.org/ From owner-freebsd-net@FreeBSD.ORG Wed Jun 18 23:57:44 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B51A37B401 for ; Wed, 18 Jun 2003 23:57:44 -0700 (PDT) Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id EB5C543FB1 for ; Wed, 18 Jun 2003 23:57:42 -0700 (PDT) (envelope-from Olivier.Nicole@ait.ac.th) Received: from bazooka.cs.ait.ac.th (on@bazooka.cs.ait.ac.th [192.41.170.2]) by mail.cs.ait.ac.th (8.12.3/8.9.3) with ESMTP id h5J6vc4s078562 for ; Thu, 19 Jun 2003 13:57:40 +0700 (ICT) From: Olivier Nicole Received: (from on@localhost) by bazooka.cs.ait.ac.th (8.8.5/8.8.5) id NAA10108; Thu, 19 Jun 2003 13:57:36 +0700 (ICT) Date: Thu, 19 Jun 2003 13:57:36 +0700 (ICT) Message-Id: <200306190657.NAA10108@bazooka.cs.ait.ac.th> In-reply-to: <200306181547.h5IFlXPu022709@strings.polstra.com> (message from John Polstra on Wed, 18 Jun 2003 08:47:33 -0700 (PDT)) X-Virus-Scanned: by amavisd-milter (http://amavis.org/) cc: net@freebsd.org Subject: Re: IPv6 and me.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 06:57:44 -0000 I would not be so pessimistic about comparing IPv6 and Ada. From Asia Educational network, using IPv6 means having large bandwidth, almost unused to cross the ocean, that is a strong motivation to do the move. Olivier From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 03:31:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B2B937B401; Thu, 19 Jun 2003 03:31:52 -0700 (PDT) Received: from cocoa.syncrontech.com (cocoa-e0.syncrontech.com [62.71.8.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0737243FB1; Thu, 19 Jun 2003 03:31:49 -0700 (PDT) (envelope-from ari.suutari@syncrontech.com) Received: from guinness.syncrontech.com (guinness.syncrontech.com [62.71.8.19])h5JAVgsV090939; Thu, 19 Jun 2003 13:31:46 +0300 (EEST) (envelope-from ari.suutari@syncrontech.com) Received: from coffee.syncrontech.com (coffee.syncrontech.com [62.71.8.37]) h5JAVek6097316; Thu, 19 Jun 2003 13:31:41 +0300 (EEST) (envelope-from ari.suutari@syncrontech.com) From: Ari Suutari Organization: Syncron Tech Oy To: freebsd-net@freebsd.org, freebsd-ipfw@freebsd.org Date: Thu, 19 Jun 2003 13:31:40 +0300 User-Agent: KMail/1.5.2 MIME-Version: 1.0 Content-Type: Multipart/Mixed; boundary="Boundary-00=_MEZ8+8qZ+4wqeHL" Message-Id: <200306191331.40421.ari.suutari@syncrontech.com> X-Scanned-By: MIMEDefang 2.24 (www . roaringpenguin . com / mimedefang) X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: patches for ipsec packet filtering support in ipfw2 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 10:31:53 -0000 --Boundary-00=_MEZ8+8qZ+4wqeHL Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi, Here are two small patches (done on 5.1-RELEASE, but should be ok for -current also) which add new "ipsec" flag to ipfw2. Rules with this flag match only packets that have ipsec history (ie. came from ipsec processing). Rules with "not ipsec" match only non-ipsec packets. Without the new keyword, both types of packets match (as before). To try these out, apply the patches, and compile kernel with options IPFIREWALL options IPSEC options IPSEC_ESP options IPSEC_FILTERGIF Also, recompile /usr/src/sbin/ipfw and install it. With the new flag it is possible easily to stop spoofing from RFC1918 networks, but allow traffic from those nets if it is coming from IPsec: ipfw add deny all from 192.168.0.0/16 to any via ${oif} not ipsec ipfw add pass tcp from 192.168.x.y/24 to a.b.c.d 23 ipsec setup This example drops spoofed packets, but allows telnet connection *if* the packet comes via ipsec. My testing has been done on 5.1-RELEASE machine. It seems to work, and it didn't crash anything. I hope that this flag is useful to others too, maybe someone could get it committed into -current ? Ari S. Lappeenranta, Finland --Boundary-00=_MEZ8+8qZ+4wqeHL-- From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 05:20:46 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8705937B401 for ; Thu, 19 Jun 2003 05:20:46 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1364143FE9 for ; Thu, 19 Jun 2003 05:20:45 -0700 (PDT) (envelope-from sloach@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Thu, 19 Jun 2003 08:20:41 -0400 Message-ID: From: Scot Loach To: "'freebsd-net@freebsd.org'" Date: Thu, 19 Jun 2003 08:20:34 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Subject: socket leak in FreeBSD 4.7 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 12:20:46 -0000 If I execute the following program on a FreeBSD 4.7 system: int main() { for (int i = 0; i < 70000; i++) { socket(PF_INET, SOCK_STREAM, 0); } return 0; } the sockets never seem to be freed. vmstat tells me the memory is still in use: bash-2.05a$ vmstat -z ITEM SIZE LIMIT USED FREE REQUESTS tcpcb: 544, 106000, 65557, 4474, 70029 udpcb: 192, 106000, 7, 35, 481 unpcb: 160, 0, 7, 43, 78 socket: 192, 106000, 65571, 4487, 70639 However, fstat and sockstat do not show a large number of sockets. netstat shows them, and they look like this: tcp4 0 0 *.* *.* CLOSED If I explicitly close the sockets before the program exits, this does not occur. However I'm worried about the case where a high-volume server exits unexpectedly and leaks sockets. Any ideas of what might be wrong? From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 06:44:44 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3776C37B401 for ; Thu, 19 Jun 2003 06:44:44 -0700 (PDT) Received: from smail2.alcatel.fr (colt-na7.alcatel.fr [62.23.212.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9A97143F93 for ; Thu, 19 Jun 2003 06:44:42 -0700 (PDT) (envelope-from ciprian.badescu@alcatel.ro) Received: from ns.tm.alcatel.ro (ns.tm.alcatel.ro [155.132.154.34]) by smail2.alcatel.fr (ALCANET/NETFR) with SMTP id h5JDiddk031511 for ; Thu, 19 Jun 2003 15:44:40 +0200 Received: FROM mail.tm.alcatel.ro BY ns.tm.alcatel.ro ; Thu Jun 19 16:46:45 2003 +0300 Received: from mrc.mrc.alcatel.ro (unverified [172.25.128.124]) by mail.tm.alcatel.ro (EMWAC SMTPRS 0.83) with SMTP id ; Thu, 19 Jun 2003 16:46:08 +0300 Received: from mcd01paf (mcd01paf.mrc.alcatel.ro [172.25.128.175]) h5JDspNr026110 for ; Thu, 19 Jun 2003 16:54:52 +0300 (EEST) Date: Thu, 19 Jun 2003 16:50:17 +0300 (EEST) From: Ciprian Badescu X-X-Sender: badescu@mcd01p59.mrc.alcatel.ro To: freebsd-net@freebsd.org In-Reply-To: Message-ID: <20030619164024.L698@mcd01p59.mrc.alcatel.ro> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by amavisd-new Subject: Redundant link configuration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 13:44:44 -0000 Hi, I'm not very old in networking, and I want to migrate to following configuration: Local router Remote router +---------------+ +---------------+ | | | | | |192.168.0.1 link 1 192.168.0.11 | | | |---------------------------------------| | | |---------------------------------------| | | |192.268.0.2 link 2 192.168.0.12 | | +---------------+ +---------------+ The link 192.168.0.1 <->192.168.0.11 Is the actual one, using RF, and I want to move all traffic to the new OF link 192.268.0.2 <->192.168.0.12. I don't know how to configura the routers to use the second link, and to keep the first link for redundancy, and if something is happening with link2, tha traffic must use automatically link1. It's enough tu use routing metrics, or I must use a routing protocol (and if so, which one)? -- Ciprian Badescu On Thu, 19 Jun 2003, Scot Loach wrote: > Date: Thu, 19 Jun 2003 08:20:34 -0400 > From: Scot Loach > To: "'freebsd-net@freebsd.org'" > Subject: socket leak in FreeBSD 4.7 > > If I execute the following program on a FreeBSD 4.7 system: > > int main() > { > for (int i = 0; i < 70000; i++) > { > socket(PF_INET, SOCK_STREAM, 0); > } > return 0; > } > the sockets never seem to be freed. > > vmstat tells me the memory is still in use: > > bash-2.05a$ vmstat -z > > ITEM SIZE LIMIT USED FREE REQUESTS > > tcpcb: 544, 106000, 65557, 4474, 70029 > udpcb: 192, 106000, 7, 35, 481 > unpcb: 160, 0, 7, 43, 78 > socket: 192, 106000, 65571, 4487, 70639 > > However, fstat and sockstat do not show a large number of sockets. > > netstat shows them, and they look like this: > > tcp4 0 0 *.* *.* CLOSED > > > If I explicitly close the sockets before the program exits, this does not > occur. However I'm worried about the case where a high-volume server exits > unexpectedly and leaks sockets. > > Any ideas of what might be wrong? > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 06:50:34 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 299C037B401 for ; Thu, 19 Jun 2003 06:50:34 -0700 (PDT) Received: from mx.vipnet.ro (cosmic.vipnet.ro [193.230.219.1]) by mx1.FreeBSD.org (Postfix) with SMTP id B8CEA43FAF for ; Thu, 19 Jun 2003 06:50:31 -0700 (PDT) (envelope-from vladg@vipnet.ro) Received: (qmail 24953 invoked from network); 19 Jun 2003 13:53:15 -0000 Received: from unknown (HELO rtfm.vipnet.ro) (193.230.219.12) by cosmic.vipnet.ro with SMTP; 19 Jun 2003 13:53:15 -0000 Date: Thu, 19 Jun 2003 16:49:50 +0300 From: Vlad GALU To: freebsd-net@freebsd.org Message-Id: <20030619164950.49c942c0.vladg@vipnet.ro> In-Reply-To: <20030619164024.L698@mcd01p59.mrc.alcatel.ro> References: <20030619164024.L698@mcd01p59.mrc.alcatel.ro> Organization: VipNET Bucharest X-Mailer: Sylpheed version 0.8.11 (GTK+ 1.2.10; i386-portbld-freebsd4.8) Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha1"; boundary="=.CggU66nugv24?w" Subject: Re: Redundant link configuration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 13:50:34 -0000 --=.CggU66nugv24?w Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Thu, 19 Jun 2003 16:50:17 +0300 (EEST) Ciprian Badescu wrote: > Hi, > > I'm not very old in networking, and I want to migrate to following > configuration: > > > > Local router Remote router > +---------------+ +---------------+ > | | | | > | |192.168.0.1 link 1 192.168.0.11 | | > | |---------------------------------------| | > | |---------------------------------------| | > | |192.268.0.2 link 2 192.168.0.12 | | > +---------------+ +---------------+ > I tried channel bonding and it worked pretty good. I haven't yet tested it extensively. Give it a try though. As for the system interface, all I know about this is that you should use mii-based NIC's, because they know how to report downlinks. I'm not aware of any failover software at this very moment, but this can be my poor memory. I hope someone else can answer to this more properly. > > The link 192.168.0.1 <->192.168.0.11 Is the actual one, using RF, and > I want to move all traffic to the new OF link 192.268.0.2 > <->192.168.0.12. > > I don't know how to configura the routers to use the second link, and > to keep the first link for redundancy, and if something is happening > with link2, tha traffic must use automatically link1. > > It's enough tu use routing metrics, or I must use a routing protocol > (and if so, which one)? > > > > > > -- > Ciprian Badescu > > On Thu, 19 Jun 2003, Scot Loach wrote: > > > Date: Thu, 19 Jun 2003 08:20:34 -0400 > > From: Scot Loach > > To: "'freebsd-net@freebsd.org'" > > Subject: socket leak in FreeBSD 4.7 > > > > If I execute the following program on a FreeBSD 4.7 system: > > > > int main() > > { > > for (int i = 0; i < 70000; i++) > > { > > socket(PF_INET, SOCK_STREAM, 0); > > } > > return 0; > > } > > the sockets never seem to be freed. > > > > vmstat tells me the memory is still in use: > > > > bash-2.05a$ vmstat -z > > > > ITEM SIZE LIMIT USED FREE REQUESTS > > > > tcpcb: 544, 106000, 65557, 4474, 70029 > > udpcb: 192, 106000, 7, 35, 481 > > unpcb: 160, 0, 7, 43, 78 > > socket: 192, 106000, 65571, 4487, 70639 > > > > However, fstat and sockstat do not show a large number of sockets. > > > > netstat shows them, and they look like this: > > > > tcp4 0 0 *.* *.* > > CLOSED > > > > > > If I explicitly close the sockets before the program exits, this > > does not occur. However I'm worried about the case where a > > high-volume server exits unexpectedly and leaks sockets. > > > > Any ideas of what might be wrong? > > > > > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to > > "freebsd-net-unsubscribe@freebsd.org" > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Vlad GALU Network Administrator VipNET Bucharest tel: 021/3039940 email: vladg@vipnet.ro web: http://www.vipnet.ro PGP: http://mirapoint.vipnet.ro/public_key.pgp --=.CggU66nugv24?w Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE+8b+CBQlxy6GegvARAo/1AKDifIFKRaHE20g2fdg+iDRJ9/KrIQCgyr6k EIpww7tfN+wppxn42nMLa1I= =qioA -----END PGP SIGNATURE----- --=.CggU66nugv24?w-- From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 07:02:13 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 04CB737B401 for ; Thu, 19 Jun 2003 07:02:13 -0700 (PDT) Received: from mail.drunkencomputing.de (ratz.drunkencomputing.de [195.244.235.248]) by mx1.FreeBSD.org (Postfix) with ESMTP id BDF2D43F93 for ; Thu, 19 Jun 2003 07:02:11 -0700 (PDT) (envelope-from hscholz@raisdorf.net) Received: from localhost (localhost [127.0.0.1]) by mail.drunkencomputing.de (Postfix) with ESMTP id 9AD228AF67 for ; Thu, 19 Jun 2003 16:03:14 +0200 (CEST) Received: from mail.drunkencomputing.de ([127.0.0.1])port 10024) with ESMTP id 74204-03 for ; Thu, 19 Jun 2003 16:03:13 +0200 (CEST) Received: from goanna.lan.raisdorf.net (pD95275F7.dip.t-dialin.net [217.82.117.247]) by mail.drunkencomputing.de (Postfix) with ESMTP id EEC768AF4D for ; Thu, 19 Jun 2003 16:03:12 +0200 (CEST) Date: Thu, 19 Jun 2003 16:02:17 +0200 From: Hendrik Scholz To: freebsd-net@freebsd.org Message-Id: <20030619160217.61c77314.hscholz@raisdorf.net> In-Reply-To: <20030619164024.L698@mcd01p59.mrc.alcatel.ro> References: <20030619164024.L698@mcd01p59.mrc.alcatel.ro> X-Mailer: Sylpheed version 0.8.10claws (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at drunkencomputing.de Subject: Re: Redundant link configuration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 14:02:13 -0000 Hi! On Thu, 19 Jun 2003 16:50:17 +0300 (EEST) Ciprian Badescu wrote: > I don't know how to configura the routers to use the second link, and > to keep the first link for redundancy, and if something is happening > with link2, tha traffic must use automatically link1. Have a look at the ng_one2many module. The manpage comes with a nice example and offers the needed featuers. Btw: ng_fec (fast ether channels) is not recommended but may work too. Hendrik -- Hendrik Scholz - - http://raisdorf.net/ Forcast for tonight: Dark. From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 07:30:57 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5977137B410 for ; Thu, 19 Jun 2003 07:30:57 -0700 (PDT) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id A767843F75 for ; Thu, 19 Jun 2003 07:30:52 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 16793 invoked from network); 19 Jun 2003 14:30:51 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 19 Jun 2003 14:30:51 -0000 Message-ID: <3EF1C91B.3080409@tenebras.com> Date: Thu, 19 Jun 2003 07:30:51 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.3.1) Gecko/20030425 X-Accept-Language: en-us, zh-tw, zh-cn, fr, en, de-de MIME-Version: 1.0 To: Vlad GALU References: <20030619164024.L698@mcd01p59.mrc.alcatel.ro> <20030619164950.49c942c0.vladg@vipnet.ro> In-Reply-To: <20030619164950.49c942c0.vladg@vipnet.ro> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Redundant link configuration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 14:30:57 -0000 Vlad GALU wrote: > I tried channel bonding and it worked pretty good. how? From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 07:47:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 880D737B401 for ; Thu, 19 Jun 2003 07:47:19 -0700 (PDT) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 588B743F85 for ; Thu, 19 Jun 2003 07:47:17 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 16873 invoked from network); 19 Jun 2003 14:47:15 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 19 Jun 2003 14:47:15 -0000 Message-ID: <3EF1CCF3.4070506@tenebras.com> Date: Thu, 19 Jun 2003 07:47:15 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.3.1) Gecko/20030425 X-Accept-Language: en-us, zh-tw, zh-cn, fr, en, de-de MIME-Version: 1.0 To: Hendrik Scholz References: <20030619164024.L698@mcd01p59.mrc.alcatel.ro> <20030619160217.61c77314.hscholz@raisdorf.net> In-Reply-To: <20030619160217.61c77314.hscholz@raisdorf.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Redundant link configuration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 14:47:19 -0000 Hendrik Scholz wrote: > Have a look at the ng_one2many module. The manpage comes with a nice > example and offers the needed featuers. NG_ONE2MANY(4) TRANSMIT ALGORITHMS At this time, the only algorithm for determing the outgoing many hook is a simple round-robin delivery algorithm. Packets are delivered out the many hooks in sequential order. In the future other algorithms may be added as well. That would be nice -- in particular, links with different characteristic capacities and latencies would be nice to bond -- as in a shared DS3 and a 256kb frame relay, my current problem. We have an expensively idle backup frame relay link which could be carrying "stuff" -- even simple parameters such as weighted preference would suffice. From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 11:30:05 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7609237B401; Thu, 19 Jun 2003 11:30:05 -0700 (PDT) Received: from osku.suutari.iki.fi (osku.syncrontech.com [213.28.98.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8875143F3F; Thu, 19 Jun 2003 11:30:03 -0700 (PDT) (envelope-from ari@suutari.iki.fi) Received: from raisa (raisa.lemi.suutari.iki.fi [192.168.53.2]) by osku.suutari.iki.fi (8.12.8p1/8.12.8) with SMTP id h5JIU0np081070; Thu, 19 Jun 2003 21:30:00 +0300 (EEST) (envelope-from ari@suutari.iki.fi) Message-ID: <000901c33691$4d4bd8c0$0235a8c0@raisa> From: "Ari Suutari" To: "clemens fischer" References: <200306191331.40421.ari.suutari@syncrontech.com> Date: Thu, 19 Jun 2003 21:33:33 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 cc: freebsd-ipfw@freebsd.org cc: freebsd-net@freebsd.org Subject: Re: patches for ipsec packet filtering support in ipfw2 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 18:30:05 -0000 Hi, > * Ari Suutari: > > > Here are two small patches (done on 5.1-RELEASE, but should be ok > > for -current also) which add new "ipsec" flag to ipfw2. > > i did not receive any attachments. will this functionality be > included into freebsd-5 in the future? Does the mailing list strip attachments ? Here they are one for /sys/netinet and other for /usr/src/sbin/ipfw: This is for /sys/netinet: Index: ip_fw.h =================================================================== RCS file: /net/pommac/scratch/freebsd-cvs/src/sys/netinet/ip_fw.h,v retrieving revision 1.76.2.1 diff -u -r1.76.2.1 ip_fw.h --- ip_fw.h 4 Jun 2003 02:19:36 -0000 1.76.2.1 +++ ip_fw.h 19 Jun 2003 08:17:44 -0000 @@ -119,6 +119,7 @@ O_TEE, /* arg1=port number */ O_FORWARD_IP, /* fwd sockaddr */ O_FORWARD_MAC, /* fwd mac */ + O_IPSEC, /* has ipsec history */ O_LAST_OPCODE /* not an opcode! */ }; Index: ip_fw2.c =================================================================== RCS file: /net/pommac/scratch/freebsd-cvs/src/sys/netinet/ip_fw2.c,v retrieving revision 1.28.2.1 diff -u -r1.28.2.1 ip_fw2.c --- ip_fw2.c 4 Jun 2003 02:19:36 -0000 1.28.2.1 +++ ip_fw2.c 19 Jun 2003 18:24:40 -0000 @@ -1787,6 +1787,14 @@ (TH_RST | TH_ACK | TH_SYN)) != TH_SYN); break; + case O_IPSEC: +#ifdef IPSEC + match = (ipsec_gethist(m, NULL) != NULL); +#else + match = 0; +#endif + break; + case O_LOG: if (fw_verbose) ipfw_log(f, hlen, args->eh, m, oif); @@ -2378,6 +2386,7 @@ case O_TCPFLAGS: case O_TCPOPTS: case O_ESTAB: + case O_IPSEC: case O_VERREVPATH: if (cmdlen != F_INSN_SIZE(ipfw_insn)) goto bad_size; --------------- This is for /usr/src/sbin/ipfw: Index: ipfw.8 =================================================================== RCS file: /net/pommac/scratch/freebsd-cvs/src/sbin/ipfw/ipfw.8,v retrieving revision 1.122 diff -u -r1.122 ipfw.8 --- ipfw.8 15 Mar 2003 01:13:00 -0000 1.122 +++ ipfw.8 19 Jun 2003 10:21:30 -0000 @@ -835,6 +835,8 @@ specified as argument. .It Cm established Matches TCP packets that have the RST or ACK bits set. +.It Cm ipsec +Matches IP packets that have originated from IPsec stack. .It Cm frag Matches packets that are fragments and not the first fragment of an IP datagram. Note that these packets will not have Index: ipfw2.c =================================================================== RCS file: /net/pommac/scratch/freebsd-cvs/src/sbin/ipfw/ipfw2.c,v retrieving revision 1.23.2.1 diff -u -r1.23.2.1 ipfw2.c --- ipfw2.c 4 Jun 2003 02:19:36 -0000 1.23.2.1 +++ ipfw2.c 19 Jun 2003 08:25:33 -0000 @@ -242,6 +242,7 @@ TOK_DROPTAIL, TOK_PROTO, TOK_WEIGHT, + TOK_IPSEC, }; struct _s_x dummynet_params[] = { @@ -335,6 +336,7 @@ { "mac", TOK_MAC }, { "mac-type", TOK_MACTYPE }, { "verrevpath", TOK_VERREVPATH }, + { "ipsec", TOK_IPSEC }, { "not", TOK_NOT }, /* pseudo option */ { "!", /* escape ? */ TOK_NOT }, /* pseudo option */ @@ -1131,6 +1133,10 @@ printf(" established"); break; + case O_IPSEC: + printf(" ipsec"); + break; + case O_TCPFLAGS: print_flags("tcpflags", cmd, f_tcpflags); break; @@ -3050,6 +3056,10 @@ case TOK_ESTAB: fill_cmd(cmd, O_ESTAB, 0, 0); + break; + + case TOK_IPSEC: + fill_cmd(cmd, O_IPSEC, 0, 0); break; case TOK_SETUP: -- Ari S. From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 11:56:58 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C75A37B401; Thu, 19 Jun 2003 11:56:58 -0700 (PDT) Received: from arthur.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6121343F85; Thu, 19 Jun 2003 11:56:57 -0700 (PDT) (envelope-from simon@arthur.nitro.dk) Received: by arthur.nitro.dk (Postfix, from userid 1000) id C4F4810BF8B; Thu, 19 Jun 2003 20:56:55 +0200 (CEST) Date: Thu, 19 Jun 2003 20:56:55 +0200 From: "Simon L. Nielsen" To: Ari Suutari Message-ID: <20030619185654.GA408@nitro.dk> References: <200306191331.40421.ari.suutari@syncrontech.com> <000901c33691$4d4bd8c0$0235a8c0@raisa> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="XsQoSWH+UP9D9v3l" Content-Disposition: inline In-Reply-To: <000901c33691$4d4bd8c0$0235a8c0@raisa> User-Agent: Mutt/1.5.4i cc: freebsd-ipfw@freebsd.org cc: clemens fischer cc: freebsd-net@freebsd.org Subject: Re: patches for ipsec packet filtering support in ipfw2 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 18:56:58 -0000 --XsQoSWH+UP9D9v3l Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.06.19 21:33:33 +0300, Ari Suutari wrote: > Hi, >=20 > > * Ari Suutari: > >=20 > > > Here are two small patches (done on 5.1-RELEASE, but should be ok > > > for -current also) which add new "ipsec" flag to ipfw2. > >=20 > > i did not receive any attachments. will this functionality be > > included into freebsd-5 in the future? >=20 > Does the mailing list strip attachments ? Yes, and it has in fact recently been documented :-). http://www.freebsd.org/doc/en/books/handbook/eresources.html#ERESOURCES-MAI= LFILTERING Your code looks interesting, but since I don't have IPsec set up (yet) I can't really test it. If no committer picks it up right away, I would suggest submitting it as a PR to make sure it isn't forgotten. Then hopefolly one of the ipfw guru's will have look at it at some point. --=20 Simon L. Nielsen --XsQoSWH+UP9D9v3l Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE+8gd28kocFXgPTRwRArr5AJ0erD99En9xhB4Lc7TjqZX88GuhZwCg2FLm 6ARPzM7XDIxFpnJmp1eRk5w= =qAnE -----END PGP SIGNATURE----- --XsQoSWH+UP9D9v3l-- From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 12:45:20 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 96B5F37B401 for ; Thu, 19 Jun 2003 12:45:20 -0700 (PDT) Received: from manganese.bos.dyndns.org (manganese.bos.dyndns.org [66.151.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id DDCD343F3F for ; Thu, 19 Jun 2003 12:45:19 -0700 (PDT) (envelope-from tom@dyndns.org) Received: from manganese.bos.dyndns.org (tom@localhost [127.0.0.1]) h5JJjIWN074070 for ; Thu, 19 Jun 2003 15:45:18 -0400 (EDT) (envelope-from tom@dyndns.org) Received: from localhost (tom@localhost)h5JJjI74074067 for ; Thu, 19 Jun 2003 15:45:18 -0400 (EDT) X-Authentication-Warning: manganese.bos.dyndns.org: tom owned process doing -bs Date: Thu, 19 Jun 2003 15:45:18 -0400 (EDT) From: Tom Daly X-X-Sender: tom@manganese.bos.dyndns.org To: freebsd-net@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Firewall Performance Question. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 19:45:20 -0000 Hello, I am currently running a Dell Poweredge 350 with FreeBSD 4.7 as a network firewall for one of our sites. This site sees about 3 megabits of traffic. The average firewall ruleset runs around 600-800 rules, running on IPFW. The PE350 uses dual fxp chips on the machine's single PCI bus. Could this be a direct cause of why my system's interrupt usage is over 50% at many times, as well as sending ICMP source quenchs from time to time? Can anyone suggest a performance tweak to help this box along? Thanks, Tom -- Tom Daly tom@dyndns.org Chief Infrastructure Officer Dynamic DNS Network Services http://www.dyndns.org/ From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 13:00:12 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE08737B401 for ; Thu, 19 Jun 2003 13:00:12 -0700 (PDT) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 033B443F85 for ; Thu, 19 Jun 2003 13:00:10 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 17549 invoked from network); 19 Jun 2003 20:00:09 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 19 Jun 2003 20:00:09 -0000 Message-ID: <3EF21648.8080205@tenebras.com> Date: Thu, 19 Jun 2003 13:00:08 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.3.1) Gecko/20030425 X-Accept-Language: en-us, zh-tw, zh-cn, fr, en, de-de MIME-Version: 1.0 To: Tom Daly References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Firewall Performance Question. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 20:00:13 -0000 Tom Daly wrote: > I am currently running a Dell Poweredge 350 with FreeBSD 4.7 as a network > firewall for one of our sites. This site sees about 3 megabits of traffic. per some unit of time, I presume? ;-) maybe 3Mbit/s? > The average firewall ruleset runs around 600-800 rules, running on IPFW. That's a huge number of rules -- do you have any idea what number of packets are checked against how many rules before being accepted or denied? A histogram would be nice.... > Could this be a direct cause of why my system's interrupt usage is over > 50% at many times, as well as sending ICMP source quenchs from time to > time? > > Can anyone suggest a performance tweak to help this box along? Without seeing the ruleset, I'd venture a guess that IPFW2 would help reduce the number of rules, and that a clever refactoring (with poss. use of skipto rules) might reduce the load. -- "Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent man requires only two thousand five hundred." - The Mahabharata From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 14:08:04 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9177937B401 for ; Thu, 19 Jun 2003 14:08:04 -0700 (PDT) Received: from manganese.bos.dyndns.org (manganese.bos.dyndns.org [66.151.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id C1F5243F3F for ; Thu, 19 Jun 2003 14:08:03 -0700 (PDT) (envelope-from tom@dyndns.org) Received: from manganese.bos.dyndns.org (tom@localhost [127.0.0.1]) h5JL82WN082787; Thu, 19 Jun 2003 17:08:02 -0400 (EDT) (envelope-from tom@dyndns.org) Received: from localhost (tom@localhost)h5JL82PR082784; Thu, 19 Jun 2003 17:08:02 -0400 (EDT) X-Authentication-Warning: manganese.bos.dyndns.org: tom owned process doing -bs Date: Thu, 19 Jun 2003 17:08:02 -0400 (EDT) From: Tom Daly X-X-Sender: tom@manganese.bos.dyndns.org To: Michael Sierchio In-Reply-To: <3EF21648.8080205@tenebras.com> Message-ID: References: <3EF21648.8080205@tenebras.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Firewall Performance Question. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 21:08:04 -0000 Hi, On Thu, 19 Jun 2003, Michael Sierchio wrote: > Tom Daly wrote: > > > I am currently running a Dell Poweredge 350 with FreeBSD 4.7 as a network > > firewall for one of our sites. This site sees about 3 megabits of traffic. > > per some unit of time, I presume? ;-) maybe 3Mbit/s? > Yes, 3Mbits/s. > > The average firewall ruleset runs around 600-800 rules, running on IPFW. > > That's a huge number of rules -- do you have any idea what number > of packets are checked against how many rules before being accepted > or denied? A histogram would be nice.... > Most of these rules are a simple "ipfw deny all from x.x.x.x to any." Could some sort of source route to a null interface be better? > > Could this be a direct cause of why my system's interrupt usage is over > > 50% at many times, as well as sending ICMP source quenchs from time to > > time? > > > > Can anyone suggest a performance tweak to help this box along? > > Without seeing the ruleset, I'd venture a guess that IPFW2 would > help reduce the number of rules, and that a clever refactoring > (with poss. use of skipto rules) might reduce the load. > The base ruleset is about 160 rules. The box can handle this with minimal CPU load. The additional 500 rules, similar to the one above are the problem. Suggestions? Tom > > -- > > "Well," Brahma said, "even after ten thousand explanations, a fool is no > wiser, but an intelligent man requires only two thousand five hundred." > - The Mahabharata > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Tom Daly tom@dyndns.org Chief Infrastructure Officer Dynamic DNS Network Services http://www.dyndns.org/ From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 14:44:00 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B05137B401 for ; Thu, 19 Jun 2003 14:44:00 -0700 (PDT) Received: from mail2.dbitech.ca (radius.wavefire.com [64.141.13.252]) by mx1.FreeBSD.org (Postfix) with SMTP id 4A14143FBF for ; Thu, 19 Jun 2003 14:43:59 -0700 (PDT) (envelope-from darcy@wavefire.com) Received: (qmail 14273 invoked from network); 19 Jun 2003 22:03:29 -0000 Received: from dbitech.wavefire.com (HELO dbitech) (darcy@64.141.15.253) by radius.wavefire.com with SMTP; 19 Jun 2003 22:03:29 -0000 Content-Type: text/plain; charset="iso-8859-1" From: Darcy Buskermolen Organization: Wavefire Technologies Corp. To: Tom Daly , Michael Sierchio Date: Thu, 19 Jun 2003 14:43:48 -0700 User-Agent: KMail/1.4.3 References: <3EF21648.8080205@tenebras.com> In-Reply-To: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200306191443.48433.darcy@wavefire.com> cc: freebsd-net@freebsd.org Subject: Re: Firewall Performance Question. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 21:44:00 -0000 You could try organizing your rules using skipto to redice the number of=20 rukles any packet has to travers for example... 100 skipto 1000 ip from 1.0.0.0/4 to my-ip 200 skipto 2000 ip from 128.0.0.0/4 to my ip 1000 deny ip from 24.6.76.8 to any 1001 deny ip from 65.65.26.7 to any 1999 skipto 3000 ip from any to any 2000 deny ip from 192.168.0.1 to any 2001 deny ip from 243.74.87.32 to any 2999 skipto 3000 ip form any to any 3000 allow ip form any to any This would in effect redduce the number of rules any packet was traversin= g by=20 50% I hope this gets your mind thinking... On Thursday 19 June 2003 14:08, Tom Daly wrote: > Hi, > > On Thu, 19 Jun 2003, Michael Sierchio wrote: > > Tom Daly wrote: > > > I am currently running a Dell Poweredge 350 with FreeBSD 4.7 as a > > > network firewall for one of our sites. This site sees about 3 megab= its > > > of traffic. > > > > per some unit of time, I presume? ;-) maybe 3Mbit/s? > > Yes, 3Mbits/s. > > > > The average firewall ruleset runs around 600-800 rules, running on > > > IPFW. > > > > That's a huge number of rules -- do you have any idea what number > > of packets are checked against how many rules before being accepted > > or denied? A histogram would be nice.... > > Most of these rules are a simple "ipfw deny all from x.x.x.x to any." > Could some sort of source route to a null interface be better? > > > > Could this be a direct cause of why my system's interrupt usage is = over > > > 50% at many times, as well as sending ICMP source quenchs from time= to > > > time? > > > > > > Can anyone suggest a performance tweak to help this box along? > > > > Without seeing the ruleset, I'd venture a guess that IPFW2 would > > help reduce the number of rules, and that a clever refactoring > > (with poss. use of skipto rules) might reduce the load. > > The base ruleset is about 160 rules. The box can handle this with minim= al > CPU load. The additional 500 rules, similar to the one above are the > problem. > > Suggestions? > > Tom > > > -- > > > > "Well," Brahma said, "even after ten thousand explanations, a fool is= no > > wiser, but an intelligent man requires only two thousand five hundr= ed." > > - The Mahabharata > > > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org= " --=20 Darcy Buskermolen Wavefire Technologies Corp. ph: 250.717.0200 fx: 250.763.1759 http://www.wavefire.com From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 15:16:33 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 543B737B404; Thu, 19 Jun 2003 15:16:33 -0700 (PDT) Received: from mail.cyberonic.com (mail.cyberonic.com [4.17.179.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6F0E643F93; Thu, 19 Jun 2003 15:16:32 -0700 (PDT) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (node-40244c0a.sfo.onnet.us.uu.net [64.36.76.10]) by mail.cyberonic.com (8.12.8/8.12.5) with ESMTP id h5JMh9Mo025758; Thu, 19 Jun 2003 18:43:09 -0400 Received: (from jmg@localhost) by hydrogen.funkthat.com (8.12.9/8.11.6) id h5JMH3O8080327; Thu, 19 Jun 2003 15:17:03 -0700 (PDT) (envelope-from jmg) Date: Thu, 19 Jun 2003 15:17:03 -0700 From: John-Mark Gurney To: freebsd-net@FreeBSD.org, freebsd-current@FreeBSD.org Message-ID: <20030619221703.GD64061@funkthat.com> Mail-Followup-To: freebsd-net@FreeBSD.org, freebsd-current@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Operating-System: FreeBSD 4.2-RELEASE i386 X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31 96 7A 22 B3 D8 56 36 F4 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html Subject: locking problems in IPv6 code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: John-Mark Gurney List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 22:16:33 -0000 I am running FreeBSD 5.1-R on a sparc64 machine, and am getting warnings about mallocing data w/ a lock aquired. dmesg output: malloc() of "64" with the following non-sleepablelocks held: exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 malloc() of "64" with the following non-sleepablelocks held: exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 malloc() of "32" with the following non-sleepablelocks held: exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 malloc() of "64" with the following non-sleepablelocks held: exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 malloc() of "64" with the following non-sleepablelocks held: exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 If I disable IPv6 in /etc/rc.conf, the above warnings don't appear. I tried to follow the code path in IPv6's source, but it's soooo long that I couldn't find where it might be allocating memory. Anyone have any ideas? -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 15:28:15 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A97537B401 for ; Thu, 19 Jun 2003 15:28:15 -0700 (PDT) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 7F7E843F75 for ; Thu, 19 Jun 2003 15:28:14 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 18050 invoked from network); 19 Jun 2003 22:28:13 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 19 Jun 2003 22:28:13 -0000 Message-ID: <3EF238FC.6040005@tenebras.com> Date: Thu, 19 Jun 2003 15:28:12 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.3.1) Gecko/20030425 X-Accept-Language: en-us, zh-tw, zh-cn, fr, en, de-de MIME-Version: 1.0 To: Tom Daly References: <3EF21648.8080205@tenebras.com> In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Firewall Performance Question. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 22:28:15 -0000 Tom Daly wrote: >>>The average firewall ruleset runs around 600-800 rules, running on IPFW. >> >>That's a huge number of rules -- do you have any idea what number >>of packets are checked against how many rules before being accepted >>or denied? A histogram would be nice.... > > Most of these rules are a simple "ipfw deny all from x.x.x.x to any." > Could some sort of source route to a null interface be better? > > The base ruleset is about 160 rules. The box can handle this with minimal > CPU load. The additional 500 rules, similar to the one above are the > problem. I'm of the opinion that 100 rules makes for a very large ruleset. > Suggestions? So, you're incurring a huge penalty for those packets that you allow in order to deny hosts/networks explicitly. Why? What percentage of packets are denied if you let them fall through to the bottom? Also, I strongly urge you to switch to IPFW2 -- in addition to using sets you can enable or disable atomically, or switch atomically, you can do things like: #!/bin/sh # fw rules bad_guys="{ \ 61.11.0.0/19 or \ 61.144.16.0/16 or \ 61.72.248.192/26 or \ 203.248.0.0/13 or \ 210.72.224.0/24 or \ 211.71.128.0/18 or \ 211.104.0.0/13 or \ 211.112.0.0/13 or \ 211.194.117.160/27 or \ 212.45.13.0/24 or \ 217.80.0.0/13 or \ 218.144.0.0/12 \ etc. }" # people we simply are not at home for ipfw add 00700 set 0 deny ip from $bad_guys to any in recv $oif # block those Microsoft protocols ipfw add 00900 set 0 deny ip from any to any 137-139,445,568-569,1433-1434,1512,2002 in recv $oif You get the idea -- it's not just the expressiveness of the notation, but the efficiency in matching packets that helps. From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 15:33:54 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B392D37B401; Thu, 19 Jun 2003 15:33:54 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01F2443F93; Thu, 19 Jun 2003 15:33:53 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h5JMXdKJ017421; Thu, 19 Jun 2003 18:33:40 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h5JMXdC9017418; Thu, 19 Jun 2003 18:33:39 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Thu, 19 Jun 2003 18:33:39 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: John-Mark Gurney In-Reply-To: <20030619221703.GD64061@funkthat.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@FreeBSD.org cc: freebsd-current@FreeBSD.org Subject: Re: locking problems in IPv6 code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 22:33:55 -0000 Could you run with debug.witness_ddb and get a stack trace for the warning? Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories On Thu, 19 Jun 2003, John-Mark Gurney wrote: > I am running FreeBSD 5.1-R on a sparc64 machine, and am getting warnings > about mallocing data w/ a lock aquired. > > dmesg output: > malloc() of "64" with the following non-sleepablelocks held: > exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 > malloc() of "64" with the following non-sleepablelocks held: > exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 > malloc() of "32" with the following non-sleepablelocks held: > exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 > malloc() of "64" with the following non-sleepablelocks held: > exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 > malloc() of "64" with the following non-sleepablelocks held: > exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 > > If I disable IPv6 in /etc/rc.conf, the above warnings don't appear. > I tried to follow the code path in IPv6's source, but it's soooo long > that I couldn't find where it might be allocating memory. > > Anyone have any ideas? > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 16:12:09 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3ADEB37B401 for ; Thu, 19 Jun 2003 16:12:08 -0700 (PDT) Received: from bluhayz.org (ip68-106-103-50.nv.nv.cox.net [68.106.103.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 029B743FB1 for ; Thu, 19 Jun 2003 16:12:08 -0700 (PDT) (envelope-from dero@bluhayz.org) Received: from ww2.bluhayz.org (localhost.homeunix.org [127.0.0.1]) by bluhayz.org (8.12.8p1/8.12.8) with ESMTP id h5JNf1vY006842 for ; Thu, 19 Jun 2003 19:41:01 -0400 (EDT) (envelope-from dero@bluhayz.org) From: "agent dero" To: freebsd-net@freebsd.org Date: Thu, 19 Jun 2003 19:41:01 -0400 Message-Id: <20030619233434.M7791@bluhayz.org> In-Reply-To: <20030619190103.8F10D37B404@hub.freebsd.org> References: <20030619190103.8F10D37B404@hub.freebsd.org> X-Mailer: Open WebMail 2.01 20030425 X-OriginatingIP: 217.3.102.70 (dero) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Subject: FreeBSD = Router, and vice versa X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 23:12:09 -0000 I guess this is a simple question, but I have never done something like this before, so I figure I'll ask. I have been using FBSD for a while, but now I need to ship a FBSD server half way across america, and have a newbie press the power button, plug in two network cards, and have it work. I have already setup the two network cards on the machine, both with DHCP, meaning when plugged in interface fxp0 will receive via DHCP an IP from the broadband provider, and then on interface dc0, the client computers will retreive a LAN IP address. I also configured the rc.conf so that it is enabled as a gateway. But is that all I need to do? Help appreciated. -dero From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 16:20:05 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 93B6437B401 for ; Thu, 19 Jun 2003 16:20:05 -0700 (PDT) Received: from sccrmhc11.attbi.com (sccrmhc11.comcast.net [204.127.202.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86C8543FA3 for ; Thu, 19 Jun 2003 16:20:04 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([12.233.125.100]) by attbi.com (sccrmhc11) with ESMTP id <200306192320020110080c5je>; Thu, 19 Jun 2003 23:20:03 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA50562; Thu, 19 Jun 2003 16:20:01 -0700 (PDT) Date: Thu, 19 Jun 2003 16:19:59 -0700 (PDT) From: Julian Elischer To: agent dero In-Reply-To: <20030619233434.M7791@bluhayz.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: FreeBSD = Router, and vice versa X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 23:20:05 -0000 basically I think that is right, as long as the provider is supplying enough addresses for all the clients.. if not then you need to be using NAT on the external interface. This implies running ipfw, but then, you probably should be doing that anyhow.. On Thu, 19 Jun 2003, agent dero wrote: > I guess this is a simple question, but I have never done something like this > before, so I figure I'll ask. I have been using FBSD for a while, but now I > need to ship a FBSD server half way across america, and have a newbie press > the power button, plug in two network cards, and have it work. > > I have already setup the two network cards on the machine, both with DHCP, > meaning when plugged in interface fxp0 will receive via DHCP an IP from the > broadband provider, and then on interface dc0, the client computers will > retreive a LAN IP address. I also configured the rc.conf so that it is > enabled as a gateway. But is that all I need to do? > > Help appreciated. > -dero > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 16:21:48 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B21437B401 for ; Thu, 19 Jun 2003 16:21:48 -0700 (PDT) Received: from fep02-mail.bloor.is.net.cable.rogers.com (fep02-mail.bloor.is.net.cable.rogers.com [66.185.86.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id A636E43F75 for ; Thu, 19 Jun 2003 16:21:47 -0700 (PDT) (envelope-from quiz@rogers.com) Received: from localhost ([127.0.0.1]) by fep02-mail.bloor.is.net.cable.rogers.comESMTP <20030619232139.TQRX12647.fep02-mail.bloor.is.net.cable.rogers.com@localhost> for ; Thu, 19 Jun 2003 19:21:39 -0400 X-Mailer: Openwave WebEngine, version 2.8.10 (webedge20-101-191-20030113) From: Quiz To: Date: Thu, 19 Jun 2003 23:21:39 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH LOGIN at fep02-mail.bloor.is.net.cable.rogers.com from [127.0.0.1] using ID at Thu, 19 Jun 2003 19:21:39 -0400 Message-Id: <20030619232139.TQRX12647.fep02-mail.bloor.is.net.cable.rogers.com@localhost> Subject: X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 23:21:48 -0000 From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 21:23:06 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF81137B401 for ; Thu, 19 Jun 2003 21:23:06 -0700 (PDT) Received: from c009.snv.cp.net (h018.c009.snv.cp.net [209.228.34.131]) by mx1.FreeBSD.org (Postfix) with SMTP id 646AA43FBF for ; Thu, 19 Jun 2003 21:23:06 -0700 (PDT) (envelope-from jdroflet@canada.com) Received: (cpmta 8176 invoked from network); 19 Jun 2003 21:23:05 -0700 Received: from 209.228.34.122 (HELO mail.canada.com.criticalpath.net) by smtp.canada.com (209.228.34.131) with SMTP; 19 Jun 2003 21:23:05 -0700 X-Sent: 20 Jun 2003 04:23:05 GMT Received: from [65.92.127.154] by mail.canada.com with HTTP; Thu, 19 Jun 2003 21:23:04 -0700 (PDT) Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 7bit MIME-Version: 1.0 To: freebsd-net@freebsd.org From: jdroflet@canada.com X-Sent-From: jdroflet@canada.com Date: Thu, 19 Jun 2003 21:23:04 -0700 (PDT) X-Mailer: Web Mail 5.4.0-4_sol28 Message-Id: <20030619212305.2525.h009.c009.wm@mail.canada.com.criticalpath.net> cc: dero@bluhayz.org Subject: Re: FreeBSD = Router, and vice versa X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 04:23:07 -0000 You should probably include some backdoor access in case the ISP DHCP settings need tweaking, some options: - Include a modem with your box that you can dial into. - An internal station with remote control (PCAnywhere) that you can dial into then hop over to the internal NIC of your box via puTTY ssh client. -A station that has some form of Internet access to which you can access with PCAnywhere or VNC or GotoMYPC remote control and then hop onto your box. If you are not installing any desktop (I never do on gateways) then install Webmin (usermin perhaps too) then if you need to talk newbie through changes they will be more comfortable with the browser GUI than terrifying them with a black screen and a prompt ;) -All the NAT and Firewall stuff that should be on a gateway - many good tutorials on the web Regards, JD ----- Original Message ----- Subject: FreeBSD = Router, and vice versa > I guess this is a simple question, but I have never done something like this > before, so I figure I'll ask. I have been using FBSD for a while, but now I > need to ship a FBSD server half way across america, and have a newbie press > the power button, plug in two network cards, and have it work. > > I have already setup the two network cards on the machine, both with DHCP, > meaning when plugged in interface fxp0 will receive via DHCP an IP from the > broadband provider, and then on interface dc0, the client computers will > retreive a LAN IP address. I also configured the rc.conf so that it is > enabled as a gateway. But is that all I need to do? > > Help appreciated. > -dero From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 22:53:54 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 43A8137B404 for ; Thu, 19 Jun 2003 22:53:54 -0700 (PDT) Received: from smail2.alcatel.fr (colt-na7.alcatel.fr [62.23.212.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 906E843F75 for ; Thu, 19 Jun 2003 22:53:52 -0700 (PDT) (envelope-from ciprian.badescu@alcatel.ro) Received: from ns.tm.alcatel.ro (ns.tm.alcatel.ro [155.132.154.34]) by smail2.alcatel.fr (ALCANET/NETFR) with SMTP id h5K5rpdk019758 for ; Fri, 20 Jun 2003 07:53:51 +0200 Received: FROM mail.tm.alcatel.ro BY ns.tm.alcatel.ro ; Fri Jun 20 08:55:56 2003 +0300 Received: from mrc.mrc.alcatel.ro (unverified [172.25.128.124]) by mail.tm.alcatel.ro (EMWAC SMTPRS 0.83) with SMTP id ; Fri, 20 Jun 2003 08:55:19 +0300 Received: from mcd01paf (mcd01paf.mrc.alcatel.ro [172.25.128.175]) h5K644Nr009980 for ; Fri, 20 Jun 2003 09:04:04 +0300 (EEST) Date: Fri, 20 Jun 2003 08:59:29 +0300 (EEST) From: Ciprian Badescu X-X-Sender: badescu@mcd01p59.mrc.alcatel.ro To: freebsd-net@freebsd.org In-Reply-To: <3EF1CCF3.4070506@tenebras.com> Message-ID: <20030620084923.Y12785@mcd01p59.mrc.alcatel.ro> References: <20030619160217.61c77314.hscholz@raisdorf.net> <3EF1CCF3.4070506@tenebras.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by amavisd-new Subject: Re: Redundant link configuration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 05:53:54 -0000 I agree, the weight parameter is also what I need;) but I ask again: It isn't possible to solve this at a higher level (routing) ? There is the 'metric' option for routes, I can put a bigger metric for the backup link. Will this link be automatically used when the primary link with a lower metric is down? Or RIP running on both routers can be a solution for this? thanks -- Ciprian Badescu On Thu, 19 Jun 2003, Michael Sierchio wrote: > Date: Thu, 19 Jun 2003 07:47:15 -0700 > From: Michael Sierchio > To: Hendrik Scholz > Cc: freebsd-net@freebsd.org > Subject: Re: Redundant link configuration > > Hendrik Scholz wrote: > > > Have a look at the ng_one2many module. The manpage comes with a nice > > example and offers the needed featuers. > > NG_ONE2MANY(4) > > TRANSMIT ALGORITHMS > At this time, the only algorithm for determing the outgoing many hook is > a simple round-robin delivery algorithm. Packets are delivered out the > many hooks in sequential order. > > In the future other algorithms may be added as well. > > That would be nice -- in particular, links with different > characteristic capacities and latencies would be nice to bond -- > as in a shared DS3 and a 256kb frame relay, my current problem. > > We have an expensively idle backup frame relay link which could > be carrying "stuff" -- even simple parameters such as weighted > preference would suffice. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 23:06:50 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ED6CD37B401 for ; Thu, 19 Jun 2003 23:06:50 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 24AB743F93 for ; Thu, 19 Jun 2003 23:06:50 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 81292 invoked from network); 20 Jun 2003 06:06:49 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 20 Jun 2003 06:06:49 -0000 X-pair-Authenticated: 209.68.2.70 Date: Fri, 20 Jun 2003 03:06:42 -0500 (CDT) From: Mike Silbersack To: Scot Loach In-Reply-To: Message-ID: <20030620030555.N5845@odysseus.silby.com> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: "'freebsd-net@freebsd.org'" Subject: Re: socket leak in FreeBSD 4.7 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 06:06:51 -0000 I don't see this on my 4.8 or 5.x systems. Are you running any custom patches on that machine's kernel? Alternately, can anyone else with a 4.7 or earlier machine replicate this problem? Thanks, Mike "Silby" Silbersack On Thu, 19 Jun 2003, Scot Loach wrote: > If I execute the following program on a FreeBSD 4.7 system: > > int main() > { > for (int i = 0; i < 70000; i++) > { > socket(PF_INET, SOCK_STREAM, 0); > } > return 0; > } > the sockets never seem to be freed. From owner-freebsd-net@FreeBSD.ORG Thu Jun 19 23:39:56 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB35A37B401 for ; Thu, 19 Jun 2003 23:39:56 -0700 (PDT) Received: from manganese.bos.dyndns.org (manganese.bos.dyndns.org [66.151.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0987943F3F for ; Thu, 19 Jun 2003 23:39:56 -0700 (PDT) (envelope-from tom@dyndns.org) Received: from manganese.bos.dyndns.org (tom@localhost [127.0.0.1]) h5K6dtWN061905; Fri, 20 Jun 2003 02:39:55 -0400 (EDT) (envelope-from tom@dyndns.org) Received: from localhost (tom@localhost)h5K6dsb3061897; Fri, 20 Jun 2003 02:39:55 -0400 (EDT) X-Authentication-Warning: manganese.bos.dyndns.org: tom owned process doing -bs Date: Fri, 20 Jun 2003 02:39:54 -0400 (EDT) From: Tom Daly X-X-Sender: tom@manganese.bos.dyndns.org To: Michael Sierchio In-Reply-To: <3EF238FC.6040005@tenebras.com> Message-ID: References: <3EF238FC.6040005@tenebras.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Firewall Performance Question. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 06:39:57 -0000 Hi Mike, Its looks like this will make a big difference to us. I will take a look at setting up a test bed to get IPFW2 going. Thanks to everyone, Tom On Thu, 19 Jun 2003, Michael Sierchio wrote: > Tom Daly wrote: > > >>>The average firewall ruleset runs around 600-800 rules, running on IPFW. > >> > >>That's a huge number of rules -- do you have any idea what number > >>of packets are checked against how many rules before being accepted > >>or denied? A histogram would be nice.... > > > > Most of these rules are a simple "ipfw deny all from x.x.x.x to any." > > Could some sort of source route to a null interface be better? > > > > The base ruleset is about 160 rules. The box can handle this with minimal > > CPU load. The additional 500 rules, similar to the one above are the > > problem. > > I'm of the opinion that 100 rules makes for a very large > ruleset. > > > Suggestions? > > So, you're incurring a huge penalty for those packets that you > allow in order to deny hosts/networks explicitly. Why? What > percentage of packets are denied if you let them fall through to > the bottom? > > > Also, I strongly urge you to switch to IPFW2 -- in addition to > using sets you can enable or disable atomically, or switch > atomically, you can do things like: > > #!/bin/sh > > # fw rules > > bad_guys="{ \ > 61.11.0.0/19 or \ > 61.144.16.0/16 or \ > 61.72.248.192/26 or \ > 203.248.0.0/13 or \ > 210.72.224.0/24 or \ > 211.71.128.0/18 or \ > 211.104.0.0/13 or \ > 211.112.0.0/13 or \ > 211.194.117.160/27 or \ > 212.45.13.0/24 or \ > 217.80.0.0/13 or \ > 218.144.0.0/12 \ > > etc. > }" > > # people we simply are not at home for > ipfw add 00700 set 0 deny ip from $bad_guys to any in recv $oif > > # block those Microsoft protocols > ipfw add 00900 set 0 deny ip from any to any 137-139,445,568-569,1433-1434,1512,2002 in recv $oif > > You get the idea -- it's not just the expressiveness of the > notation, but the efficiency in matching packets that helps. > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Tom Daly tom@dyndns.org Chief Infrastructure Officer Dynamic DNS Network Services http://www.dyndns.org/ From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 04:03:55 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 27FD137B401 for ; Fri, 20 Jun 2003 04:03:55 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6368E43FBD for ; Fri, 20 Jun 2003 04:03:54 -0700 (PDT) (envelope-from sloach@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Fri, 20 Jun 2003 07:03:47 -0400 Message-ID: From: Scot Loach To: "Freebsd-Net (E-mail)" Date: Fri, 20 Jun 2003 07:03:32 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Subject: RE: socket leak in FreeBSD 4.7 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 11:03:55 -0000 Yes, I'm running some custom patches, that must be it. Thanks for trying to reproduce it anyway, at least now I have an idea where to look. scot. -----Original Message----- From: Mike Silbersack [mailto:silby@silby.com] Sent: Friday, June 20, 2003 4:07 AM To: Scot Loach Cc: 'freebsd-net@freebsd.org' Subject: Re: socket leak in FreeBSD 4.7 I don't see this on my 4.8 or 5.x systems. Are you running any custom patches on that machine's kernel? Alternately, can anyone else with a 4.7 or earlier machine replicate this problem? Thanks, Mike "Silby" Silbersack On Thu, 19 Jun 2003, Scot Loach wrote: > If I execute the following program on a FreeBSD 4.7 system: > > int main() > { > for (int i = 0; i < 70000; i++) > { > socket(PF_INET, SOCK_STREAM, 0); > } > return 0; > } > the sockets never seem to be freed. From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 04:45:10 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E956F37B401 for ; Fri, 20 Jun 2003 04:45:10 -0700 (PDT) Received: from argosy.ca (www.argosy.ca [138.73.18.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id B42C043FBD for ; Fri, 20 Jun 2003 04:45:09 -0700 (PDT) (envelope-from hhwoo@argosy.ca) Received: from a7n8x (mctn1-7763.nb.aliant.net [156.34.22.87]) by argosy.ca (8.12.9/8.12.9) with SMTP id h5KBkLt2001601; Fri, 20 Jun 2003 08:46:21 -0300 (ADT) (envelope-from hhwoo@argosy.ca) Message-ID: <000b01c33721$8581f180$0200a8c0@a7n8x> From: "Han Hwei Woo" To: "Mike Silbersack" , "Scot Loach" References: <20030620030555.N5845@odysseus.silby.com> Date: Fri, 20 Jun 2003 08:46:00 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: freebsd-net@freebsd.org Subject: Re: socket leak in FreeBSD 4.7 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 11:45:11 -0000 I find that the sockets are slow to free up if you don't explicitly close them, but they do free up after a while. Han Hwei Woo ----- Original Message ----- From: "Mike Silbersack" To: "Scot Loach" Cc: Sent: Friday, June 20, 2003 5:06 AM Subject: Re: socket leak in FreeBSD 4.7 > > I don't see this on my 4.8 or 5.x systems. Are you running any custom > patches on that machine's kernel? > > Alternately, can anyone else with a 4.7 or earlier machine replicate this > problem? > > Thanks, > > Mike "Silby" Silbersack > > On Thu, 19 Jun 2003, Scot Loach wrote: > > > If I execute the following program on a FreeBSD 4.7 system: > > > > int main() > > { > > for (int i = 0; i < 70000; i++) > > { > > socket(PF_INET, SOCK_STREAM, 0); > > } > > return 0; > > } > > the sockets never seem to be freed. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 06:44:25 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A674B37B405 for ; Fri, 20 Jun 2003 06:44:25 -0700 (PDT) Received: from moray.dnsvelocity.com (moray.dnsvelocity.com [64.21.80.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25C1143FDD for ; Fri, 20 Jun 2003 06:44:23 -0700 (PDT) (envelope-from jolt@nicholasofmyra.org) Received: from bdsl.66.12.117.154.gte.net ([66.12.117.154] helo=compops5) by moray.dnsvelocity.com with asmtp (TLSv1:RC4-MD5:128) (Exim 3.36 #1) id 19TMAW-00012x-00; Fri, 20 Jun 2003 13:43:08 +0000 Message-ID: <00e601c33732$04940d90$ee64010a@compops5> From: "Joseph" To: "agent dero" , References: <20030619190103.8F10D37B404@hub.freebsd.org> <20030619233434.M7791@bluhayz.org> Date: Fri, 20 Jun 2003 09:44:01 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - moray.dnsvelocity.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [0 0] X-AntiAbuse: Sender Address Domain - nicholasofmyra.org Subject: Re: FreeBSD = Router, and vice versa X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 13:44:26 -0000 There are probably a couple of things you will need to do for everything to ... just work. I agree with Julian Elischer, you should run ipfw with a basic firewall rule set, because you will need natd running. However, this will have it's own set of problems. First, if you use ipfw, you will need a way to dynamically determine the IP address for the rules. I use: IPADDR=`/sbin/ifconfig sis0 | grep inet | awk '{print $2}'` in my firewall script to get the address of the external interface "sis0". There may be a better way, but this works for me. Second, you will need a way to reload firewall rules if the address changes. I rerun the firewall rule set in /etc/dhclient-exit-hooks. I added this: #!/bin/sh UPTIME=`/usr/bin/uptime | awk '{print $4}'` IP_FILE='/var/run/dhclient.oldip' CUR_IP=`/sbin/ifconfig sis0 | grep inet | awk '{print $2}'` OLD_IP=`cat $IP_FILE` if [ x$CUR_IP != x$OLD_IP ]; then echo New IP [$CUR_IP] echo $CUR_IP > $IP_FILE # If we have only been up for seconds, then we just rebooted, and don't need to rerun firewall script. if [ "$UPTIME" != "secs," ]; then # Fix firewall /etc/rc.firewall.custom fi fi echo $CUR_IP > $IP_FILE Check out man for dhclient-script for more info on the exit hooks. The script will run every time the computer tries to get an IP address, even if the same one is given. So, this script will only rerun rules if the address changes while the PC is running. It doesn't need to rerun on a reboot. I can't remember what prompted that test, but I do remember I had problems until I tested for it. Third, is there a DHCP server running on the destination network? That DHCP server will need to update the default route on all of the clients. For that reason, it may be better to set a static IP address for the default gateway (LAN interface). If there is not one running, you can configure the computer you are sending to be a DHCP server. You could use DHCP on the internal interface as long as you are updating the DNS records dynamically. Forth, you need a way to get the IP address of the machine you are giving them. You may need to tweak it a bit when it gets there. I would suggest using http://www.dyndns.org/ or another comparable service. The advantage of this one is that it is free. You can use the port /usr/ports/net/ddclient/ to update the dns record. I use this at home and it works great! Last, I agree with JD, you need some kind of access. I would suggest opening up ssh to the server via ipfw. It would be best if you have a static IP where you are ssh'ing from. If you do, only allow that address to connect to the sshd on the external interface. I would further suggest setting the protocol to 2 in /etc/ssh/sshd_config. If you have to tweak the firewall rules through that, be careful, you can cut yourself off if you are not. I always update rules in a copy of the firewall rules I use. Run it with "rc.firewall.copy >/tmp/rules &". You can check the output by looking at /tmp/rules. If you don't add "&" and you get cut off, the script will not complete and may leave you in an unpredictable state. As long as you are editing a copy of the rules, if something goes wrong, you just get someone to reboot the computer, it will use the original rule set. To minimize getting cut off, move your sshd rules of the external interface to as close to the top as you can. One other note if you are using securelevel. You may have trouble with dhcp if you use securelevel 3. I have my home firewall set to reboot to securelevel -1, then every so often, as a cron job, increase the securelevel to 2. If you have to tweak things, you can reboot, tweak before the timed securelevel increase. This is not the most secure way of doing it, but it allows you to work with a firewall that isn't physically accessible. If you don't expect the IP address to change, and are willing to reboot if it does, you can increase the securelevel to 3. Hope this helps, Joseph ----- Original Message ----- From: "agent dero" To: Sent: Thursday, June 19, 2003 7:41 PM Subject: FreeBSD = Router, and vice versa > I guess this is a simple question, but I have never done something like this > before, so I figure I'll ask. I have been using FBSD for a while, but now I > need to ship a FBSD server half way across america, and have a newbie press > the power button, plug in two network cards, and have it work. > > I have already setup the two network cards on the machine, both with DHCP, > meaning when plugged in interface fxp0 will receive via DHCP an IP from the > broadband provider, and then on interface dc0, the client computers will > retreive a LAN IP address. I also configured the rc.conf so that it is > enabled as a gateway. But is that all I need to do? > > Help appreciated. > -dero > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 07:17:17 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E885E37B401 for ; Fri, 20 Jun 2003 07:17:17 -0700 (PDT) Received: from postfix3-2.free.fr (postfix3-2.free.fr [213.228.0.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id DDDE843F93 for ; Fri, 20 Jun 2003 07:17:16 -0700 (PDT) (envelope-from zel@free.fr) Received: from imp3-1.free.fr (imp3-1.free.fr [213.228.0.28]) by postfix3-2.free.fr (Postfix) with ESMTP id 68F70C207 for ; Fri, 20 Jun 2003 16:17:15 +0200 (CEST) Received: by imp3-1.free.fr (Postfix, from userid 33) id 6C866FAA4; Fri, 20 Jun 2003 16:20:19 +0200 (CEST) To: freebsd-net@FreeBSD.ORG Message-ID: <1056118819.3ef318232dc52@imp.free.fr> Date: Fri, 20 Jun 2003 16:20:19 +0200 (CEST) From: zel@free.fr MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP IMAP webmail program 2.2.6 X-Originating-IP: 81.80.243.157 Subject: [freebsd-net] pb with nat.... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 14:17:18 -0000 I had a pb with my config and now with your help... it is resolved by, now I am in front of a new problem: The situation is described below: - 10.0.0.0/24 - - 192.168.1.0/24 - ed1/tun0 ep0 So... All outcoming packets are 'nated' by the firewall, which is a very small computer (a P100 with only 24 Mo RAM and a little hard drive..). So this computer must not do an other thing than firewalling, routing or nating packets. But, I would like offer ftp and telnet services on an another computer behind the firewall for computers inside and outside of the LAN. I think that natd would do perfectly this job, but natd already run on interface tun0 for Internet access. What can I do to offer theses services ? Thanks. Zel From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 07:28:45 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DCE3037B401 for ; Fri, 20 Jun 2003 07:28:45 -0700 (PDT) Received: from mail.liu.se (mail.liu.se [130.236.1.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC3F543F75 for ; Fri, 20 Jun 2003 07:28:44 -0700 (PDT) (envelope-from antbl656@student.liu.se) Received: by mail.liu.se (Postfix, from userid 506) id 9E4F21FE67; Fri, 20 Jun 2003 16:28:43 +0200 (CEST) Received: from elysium.student.liu.se (elysium.student.liu.se [130.236.230.91]) by mail.liu.se (Postfix) with ESMTP id 1F65F1FD02 for ; Fri, 20 Jun 2003 16:28:43 +0200 (CEST) Received: by elysium.student.liu.se (Postfix, from userid 102) id 62C0322E81; Fri, 20 Jun 2003 16:28:42 +0200 (MEST) Received: from m201.ryd.student.liu.se (m201.ryd.student.liu.se [130.236.214.201]) by elysium.student.liu.se (Postfix) with ESMTP id 7681122E7C for ; Fri, 20 Jun 2003 16:28:41 +0200 (MEST) Date: Fri, 20 Jun 2003 16:28:55 +0200 (CEST) From: Anton Blad X-X-Sender: crp@org.darktech.org To: Frebbsd-net Message-ID: <20030620150315.P5634@org.darktech.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-0.1 required=5.0 tests=FROM_ENDS_IN_NUMS,LIU_FROM_MATCHES_LIUSTUDENT version=2.54-liu_1.4 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.54-liu_1.4 (1.174.2.17-2003-05-11-exp) Subject: Point-to-point over ethernet X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 14:28:46 -0000 Hello. I have problems setting up a point-to-point link on an ethernet interface. The computers on the link have IP:s 130.236.214.201 and 130.236.236.148, 130.236.214.201 being a FreeBSD box running 5.1. In the ifconfig man page I saw the dest_address option for point-to-point links. However, this set the broadcast instead and didn't seem to work. Maybe it expects the interface to have the POINTOPOINT flag set.. Then on the net I saw that I needed to use "route add -interface", so I tested: # ifconfig rl1 inet 130.236.214.201/32 # route add -interface 130.236.236.148 130.236.214.201 -ifp rl1 The configuration is then # ifconfig rl1 rl1: flags=8843 mtu 1500 inet6 fe80::20a:cdff:fe02:e307%rl1 prefixlen 64 scopeid 0x3 inet 130.236.214.201 netmask 0xffffffff broadcast 130.236.214.201 ether 00:0a:cd:02:e3:07 media: Ethernet autoselect (100baseTX ) status: active # netstat -rnf inet Destination Gateway Flags Refs Use Netif Expire default 130.236.214.1 UGSc 7 51450 rl0 127.0.0.1 127.0.0.1 UH 4 15049 lo0 130.236.214/24 link#2 UC 2 0 rl0 130.236.214.1 00:20:9c:53:49:c4 UHLW 6 1146 rl0 1200 130.236.214.201 00:0a:cd:02:e3:07 UHLW 2 2 lo0 => 130.236.214.201/32 link#3 UC 1 0 rl1 130.236.214.255 ff:ff:ff:ff:ff:ff UHLWb 0 6 rl0 130.236.236.148 130.236.214.201 UHS 0 4 rl1 Then I get in the log: Jun 20 15:33:54 stonesail kernel: arp_rtrequest: bad gateway value Jun 20 15:34:41 stonesail kernel: arplookup 130.236.236.148 failed: could not allocate llinfo Jun 20 15:34:41 stonesail kernel: arpresolve: can't allocate llinfo for 130.236.236.148rt I have the address 130.236.214.201 on the external interface rl0 too and thought this could be the problem, so I tried to setup the link on the 10 net too. I tried different addresses, both on and off the net, and I tried different netmasks. I got the same error, though, and not even an arp request on the interface. What do I do wrong? I'm thankful for any help. / Anton From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 07:39:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 368A337B404 for ; Fri, 20 Jun 2003 07:39:19 -0700 (PDT) Received: from simmts2-srv.bellnexxia.net (simmts2.bellnexxia.net [206.47.199.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id C41B243F85 for ; Fri, 20 Jun 2003 07:39:17 -0700 (PDT) (envelope-from hhwoo@nb.sympatico.ca) Received: from a7n8x ([156.34.22.87]) by simmts2-srv.bellnexxia.net (InterMail vM.5.01.05.32 201-253-122-126-132-20030307) with SMTP id <20030620143915.HAKQ22805.simmts2-srv.bellnexxia.net@a7n8x> for ; Fri, 20 Jun 2003 10:39:15 -0400 Message-ID: <000c01c33739$cf3d9910$0200a8c0@a7n8x> From: "Han Hwei Woo" To: Date: Fri, 20 Jun 2003 11:39:52 -0300 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Mailman-Approved-At: Fri, 20 Jun 2003 08:59:47 -0700 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: VLAN/Bridge No response from trunk Interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 14:39:19 -0000 Here's the network I'm trying to setup 192.168.0.3 192.168.0.1 = 192.168.0.2 OpenBSD | vlan0----><--- vlan0 | FreeBSD | em0 ---><--- em0 | Windows = 2000 with net.link.ether.bridge_cfg: vlan0,em0 If I try to ping the FreeBSD machine from OpenBSD, arp requests are sent = out, and they are seen on both of the FreeBSD machine's interfaces. = However, no arp response is generated.=20 So, I enter in the arp entries myself. Once I do that, when I again try to ping the FreeBSD host from OpenBSD, = the ping requests are seen on both the FreeBSD interfaces. However, no = response is generated.=20 If I instead try to ping the OpenBSD machine from FreeBSD, the ping = requests get to the OpenBSD machine, and the OpenBSD replies, and both = the FreeBSD interfaces receive the reply, according to tcpdump. However, = the ping program does not receive them. I also tried this setup: 192.168.0.3 192.168.0.1 = 192.168.0.2 OpenBSD | vlan0----><--- vlan0 | FreeBSD | vlan1 ---><--- vlan0 | = Windows 2000 with net.link.ether.bridge_cfg: vlan0,vlan1 And the same problem occurs. I have also tried with different network = cards as the parent interface of vlan0 on FreeBSD (fxp0,dc0). Han Hwei Woo http://www.argosy.ca/~hhw From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 09:35:43 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06C1137B401; Fri, 20 Jun 2003 09:35:42 -0700 (PDT) Received: from cheer.mahoroba.org (flets19-083.kamome.or.jp [218.45.19.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id B825043FAF; Fri, 20 Jun 2003 09:35:40 -0700 (PDT) (envelope-from ume@mahoroba.org) Received: from lyrics.mahoroba.org (IDENT:+k2FNa5LZiLs3FesAMtGtzfAjrnHJNCwgdnjLyY0el9aaEYgncQsO3eQiXHWXSZS@lyrics.mahoroba.org [IPv6:3ffe:501:185b:8010:280:88ff:fe03:4841]) (user=ume mech=CRAM-MD5 bits=0)h5KGZT1O059783 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 21 Jun 2003 01:35:33 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Sat, 21 Jun 2003 01:35:29 +0900 Message-ID: From: Hajimu UMEMOTO To: net@FreeBSD.org, cvs-all@FreeBSD.org References: <200306201615.h5KGFxn9005867@repoman.freebsd.org> User-Agent: Wanderlust/2.11.0 (Wonderwall) SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.4 Emacs/21.3 (i386--freebsd) MULE/5.0 (=?ISO-2022-JP?B?GyRCOC1MWhsoQg==?=) X-Operating-System: FreeBSD 5.1-CURRENT MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen") Content-Type: multipart/mixed; boundary="Multipart_Sat_Jun_21_01:35:29_2003-1" X-Virus-Scanned: by amavisd-new X-Spam-Status: No, hits=-0.5 required=5.0 tests=REFERENCES,USER_AGENT version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) Subject: Forward: cvs commit: src/usr.sbin/ppp command.c radius.c radius.h X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 16:35:43 -0000 --Multipart_Sat_Jun_21_01:35:29_2003-1 Content-Type: text/plain; charset=US-ASCII Hi, FYI: You can play with this in conjunction with KAME dhcp6 with following patch is applied: http://www.imasy.or.jp/~ume/ipv6/dhcp6-ppp-20030620.diff.gz I'm using FreeRADIUS from ports for testing. Sincerely, --Multipart_Sat_Jun_21_01:35:29_2003-1 Content-Type: message/rfc822 X-Sieve: CMU Sieve 2.2 Delivered-To: ume@freebsd.org Delivered-To: src-committers@freebsd.org Message-Id: <200306201615.h5KGFxn9005867@repoman.freebsd.org> From: Hajimu UMEMOTO Date: Fri, 20 Jun 2003 09:15:59 -0700 (PDT) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/usr.sbin/ppp command.c radius.c radius.h X-FreeBSD-CVS-Branch: HEAD Sender: owner-src-committers@FreeBSD.org Precedence: bulk X-Loop: FreeBSD.ORG X-Virus-Scanned: by amavisd-new X-Spam-Status: No, hits=0.0 required=5.0 tests=X_LOOP version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) ume 2003/06/20 09:15:59 PDT FreeBSD src repository Modified files: usr.sbin/ppp command.c radius.c radius.h Log: IPV6PREFIX is set when Framed-IPv6-Prefix is defined, You may want to pass the value to upper layer protocol such as DHCPv6 for prefix delegation. MFC after: 1 week Revision Changes Path 1.296 +20 -0 src/usr.sbin/ppp/command.c 1.42 +44 -0 src/usr.sbin/ppp/radius.c 1.18 +1 -0 src/usr.sbin/ppp/radius.h --Multipart_Sat_Jun_21_01:35:29_2003-1 Content-Type: text/plain; charset=US-ASCII -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/ --Multipart_Sat_Jun_21_01:35:29_2003-1-- From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 10:25:04 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B5E037B401 for ; Fri, 20 Jun 2003 10:25:04 -0700 (PDT) Received: from simmts4-srv.bellnexxia.net (simmts4-srv.bellnexxia.net [206.47.199.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1ED4843F85 for ; Fri, 20 Jun 2003 10:25:03 -0700 (PDT) (envelope-from hhwoo@nb.sympatico.ca) Received: from a7n8x ([156.34.22.87]) by simmts5-srv.bellnexxia.net (InterMail vM.5.01.05.32 201-253-122-126-132-20030307) with SMTP id <20030620170831.ENKL21205.simmts5-srv.bellnexxia.net@a7n8x>; Fri, 20 Jun 2003 13:08:31 -0400 Message-ID: <001201c3374e$c137eb30$0200a8c0@a7n8x> From: "Han Hwei Woo" To: , "rmkml" References: <000c01c33739$cf3d9910$0200a8c0@a7n8x> <3EF33683.8CB62A6E@wanadoo.fr> Date: Fri, 20 Jun 2003 14:09:48 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: VLAN/Bridge No response from trunk Interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 17:25:04 -0000 ----- Original Message ----- From: "rmkml" To: "Han Hwei Woo" Sent: Friday, June 20, 2003 1:29 PM Subject: Re: VLAN/Bridge No response from trunk Interface > Hi, > > sorry I not your help, > > but I have question : > > A) why trunk on subject ? > trunk= two network interface aggregated I'm probably mistaken on the use of the term "trunk" then. I was reading the man page on bridge, and it seemed like what they described as a trunk interface was what I was trying to accomplish. > > B) how many interface ? All the interfaces in my setup are listed in the diagram (aside from the parent interfaces of the vlan interfaces of course) > > C) and what is your conf on this ? Essentially, GENERIC with unnecessary drivers stripped. > > D) You use freebsd 4.8, do you have updated via CVS ? FreeBSD 4.8-STABLE, last cvs'ed about a week ago. > > Regard. > > > > Han Hwei Woo wrote: > > > Here's the network I'm trying to setup > > > > 192.168.0.3 192.168.0.1 192.168.0.2 > > OpenBSD | vlan0----><--- vlan0 | FreeBSD | em0 ---><--- em0 | Windows 2000 > > > > with net.link.ether.bridge_cfg: vlan0,em0 > > > > If I try to ping the FreeBSD machine from OpenBSD, arp requests are sent out, and they are seen on both of the FreeBSD machine's interfaces. However, no arp response is generated. > > > > So, I enter in the arp entries myself. > > > > Once I do that, when I again try to ping the FreeBSD host from OpenBSD, the ping requests are seen on both the FreeBSD interfaces. However, no response is generated. > > > > If I instead try to ping the OpenBSD machine from FreeBSD, the ping requests get to the OpenBSD machine, and the OpenBSD replies, and both the FreeBSD interfaces receive the reply, according to tcpdump. However, the ping program does not receive them. > > > > I also tried this setup: > > > > 192.168.0.3 192.168.0.1 192.168.0.2 > > OpenBSD | vlan0----><--- vlan0 | FreeBSD | vlan1 ---><--- vlan0 | Windows 2000 > > > > with net.link.ether.bridge_cfg: vlan0,vlan1 > > > > And the same problem occurs. I have also tried with different network cards as the parent interface of vlan0 on FreeBSD (fxp0,dc0). > > > > Han Hwei Woo > > http://www.argosy.ca/~hhw > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 10:41:27 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 308F737B401 for ; Fri, 20 Jun 2003 10:41:27 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7C23A43F93 for ; Fri, 20 Jun 2003 10:41:26 -0700 (PDT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Fri, 20 Jun 2003 13:41:25 -0400 Message-ID: From: Don Bowman To: "'freebsd-net@freebsd.org'" Date: Fri, 20 Jun 2003 13:41:21 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Subject: nested ipfw dummynet pipes X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 17:41:27 -0000 is there any way, in a bridging config, to have nested pipes? In particular, what i would like to achieve is a rule that allows e.g. 64kbps per host (src-mask 0xffffffff), but that all these hosts are in an overall 10Mbps pipe. The idea will be that @ some times of the day the pipe is less than full, so everyone gets 64kbps, but @ other times of the day the pipe is full, and I don't want more than 10Mbps flowing. net.inet.ip.fw.one_pass looks to do what i want but: "Note: bridged and layer 2 packets coming out of a pipe are never reinjected in the firewall irrespective of the value of this variable." suggests this is not the case. Is there some technique using e.g. netgraph? Or can someone suggest why the note is there and if it might be easily removed? e.g. what i have is a system with em0 <--> em1 net.link.ether.bridge_cfg="em0 em1" net.link.ether.bridge=1 net.link.ether.bridge_ipfw=1 net.inet.ip.fw.one_pass=1 --don From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 10:46:39 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF7A737B401 for ; Fri, 20 Jun 2003 10:46:39 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3048243F85 for ; Fri, 20 Jun 2003 10:46:39 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h5KHkcQg084252; Fri, 20 Jun 2003 10:46:38 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h5KHkcW0084251; Fri, 20 Jun 2003 10:46:38 -0700 (PDT) (envelope-from rizzo) Date: Fri, 20 Jun 2003 10:46:38 -0700 From: Luigi Rizzo To: Don Bowman Message-ID: <20030620104638.A84204@xorpc.icir.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from don@sandvine.com on Fri, Jun 20, 2003 at 01:41:21PM -0400 cc: "'freebsd-net@freebsd.org'" Subject: Re: nested ipfw dummynet pipes X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 17:46:40 -0000 On Fri, Jun 20, 2003 at 01:41:21PM -0400, Don Bowman wrote: > is there any way, in a bridging config, to have nested pipes? net.inet.ip.fw.one_pass=0 should do the job, i think the comment in the manpage is now incorrect and the code (in net/bridge.c) has been fixed (one-line) to implement this. Check the commit logs, i don't have them handy at the moment. cheers luigi > In particular, what i would like to achieve is a rule that > allows e.g. 64kbps per host (src-mask 0xffffffff), but > that all these hosts are in an overall 10Mbps pipe. The idea > will be that @ some times of the day the pipe is less than > full, so everyone gets 64kbps, but @ other times of the day > the pipe is full, and I don't want more than 10Mbps flowing. > > net.inet.ip.fw.one_pass looks to do what i want but: > "Note: bridged and layer 2 packets coming out of a pipe are never > reinjected in the firewall irrespective of the value of this > variable." > > suggests this is not the case. > > Is there some technique using e.g. netgraph? Or can someone suggest > why the note is there and if it might be easily removed? > > e.g. what i have is a system with > > em0 <--> em1 > net.link.ether.bridge_cfg="em0 em1" > net.link.ether.bridge=1 > net.link.ether.bridge_ipfw=1 > net.inet.ip.fw.one_pass=1 > > --don > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 11:18:24 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F34337B401 for ; Fri, 20 Jun 2003 11:18:24 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79AF143FB1 for ; Fri, 20 Jun 2003 11:18:23 -0700 (PDT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Fri, 20 Jun 2003 14:18:20 -0400 Message-ID: From: Don Bowman To: 'Luigi Rizzo' , Don Bowman Date: Fri, 20 Jun 2003 14:18:17 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" cc: "'freebsd-net@freebsd.org'" Subject: RE: nested ipfw dummynet pipes X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 18:18:24 -0000 From: Luigi Rizzo [mailto:rizzo@icir.org] > > On Fri, Jun 20, 2003 at 01:41:21PM -0400, Don Bowman wrote: > > is there any way, in a bridging config, to have nested pipes? > > net.inet.ip.fw.one_pass=0 should do the job, i think the comment > in the manpage is now incorrect and the code (in net/bridge.c) > has been fixed (one-line) to implement this. > > Check the commit logs, i don't have them handy at the moment. Thanks very much, I will check this. I assume this will be true for IPFW2 rather than IPFW. It appears that 1.16.2.23, nov 21 2002, RELENG_4 has this from the log: "MFC: obey to fw_one_pass in bridge and layer 2 firewalling (the latter only affects ipfw2 users). Move fw_one_pass from ip_fw[2].c to ip_input.c to avoid depending on IPFIREWALL." I will try this out. From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 11:43:31 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F82137B401 for ; Fri, 20 Jun 2003 11:43:31 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B75443F75 for ; Fri, 20 Jun 2003 11:43:31 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h5KIhUQg098185; Fri, 20 Jun 2003 11:43:30 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h5KIhUrs098184; Fri, 20 Jun 2003 11:43:30 -0700 (PDT) (envelope-from rizzo) Date: Fri, 20 Jun 2003 11:43:30 -0700 From: "'Luigi Rizzo'" To: Don Bowman Message-ID: <20030620114330.A98172@xorpc.icir.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from don@sandvine.com on Fri, Jun 20, 2003 at 02:18:17PM -0400 cc: "'freebsd-net@freebsd.org'" Subject: Re: nested ipfw dummynet pipes X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 18:43:31 -0000 On Fri, Jun 20, 2003 at 02:18:17PM -0400, Don Bowman wrote: ... > Thanks very much, I will check this. I assume this will be true > for IPFW2 rather than IPFW. one_pass actually affect both. the comment in parentheses refers to "layer 2 firewalling which is an ipfw2-only fature (bridge firewalling is also available with ipfw1) cheers luigi > It appears that 1.16.2.23, nov 21 2002, RELENG_4 has this > from the log: > "MFC: obey to fw_one_pass in bridge and layer 2 firewalling (the latter > only affects ipfw2 users). > Move fw_one_pass from ip_fw[2].c to ip_input.c to avoid depending on > IPFIREWALL." > > I will try this out. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 11:58:14 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0261137B401 for ; Fri, 20 Jun 2003 11:58:14 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4D08E43F3F for ; Fri, 20 Jun 2003 11:58:13 -0700 (PDT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Fri, 20 Jun 2003 14:58:12 -0400 Message-ID: From: Don Bowman To: 'Luigi Rizzo' , Don Bowman Date: Fri, 20 Jun 2003 14:58:07 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" cc: "'freebsd-net@freebsd.org'" Subject: RE: nested ipfw dummynet pipes X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 18:58:14 -0000 From: 'Luigi Rizzo' [mailto:rizzo@icir.org] > On Fri, Jun 20, 2003 at 02:18:17PM -0400, Don Bowman wrote: > ... > > Thanks very much, I will check this. I assume this will be true > > for IPFW2 rather than IPFW. > > one_pass actually affect both. > the comment in parentheses refers to "layer 2 firewalling > which is an ipfw2-only fature (bridge firewalling > is also available with ipfw1) This works correctly, thanks very much. Attached is a trivial patch to correct the man page. Is there a benefit to having the single wide pipe first, or the many narrow pipes first, in the ruleset? $ cvs diff -U5 ipfw.8 Index: ipfw.8 =================================================================== RCS file: /usr/cvs/src/sbin/ipfw/ipfw.8,v retrieving revision 1.63.2.28 diff -U5 -r1.63.2.28 ipfw.8 --- ipfw.8 30 Sep 2002 20:57:05 -0000 1.63.2.28 +++ ipfw.8 20 Jun 2003 18:49:02 -0000 @@ -1587,14 +1587,10 @@ When set, the packet exiting from the .Xr dummynet 4 pipe is not passed though the firewall again. Otherwise, after a pipe action, the packet is reinjected into the firewall at the next rule. -.Pp -Note: bridged and layer 2 packets coming out of a pipe -are never reinjected in the firewall irrespective of the -value of this variable. .It Em net.inet.ip.fw.verbose : No 1 Enables verbose messages. .It Em net.inet.ip.fw.verbose_limit : No 0 Limits the number of messages produced by a verbose firewall. .It Em net.link.ether.ipfw : No 0 From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 12:41:16 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3A3D337B401 for ; Fri, 20 Jun 2003 12:41:16 -0700 (PDT) Received: from relay.macomnet.ru (relay.macomnet.ru [195.128.64.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id C6CA443FB1 for ; Fri, 20 Jun 2003 12:41:14 -0700 (PDT) (envelope-from maxim@macomnet.ru) Received: from news1.macomnet.ru (news1.macomnet.ru [195.128.64.14]) by relay.macomnet.ru (8.11.6/8.11.6) with ESMTP id h5KJfAq7887861; Fri, 20 Jun 2003 23:41:11 +0400 (MSD) Date: Fri, 20 Jun 2003 23:41:10 +0400 (MSD) From: Maxim Konovalov To: Han Hwei Woo In-Reply-To: <000c01c33739$cf3d9910$0200a8c0@a7n8x> Message-ID: <20030620233323.W47630@news1.macomnet.ru> References: <000c01c33739$cf3d9910$0200a8c0@a7n8x> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: VLAN/Bridge No response from trunk Interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 19:41:16 -0000 Hello, On Fri, 20 Jun 2003, 11:39-0300, Han Hwei Woo wrote: > Here's the network I'm trying to setup > > 192.168.0.3 192.168.0.1 192.168.0.2 > OpenBSD | vlan0----><--- vlan0 | FreeBSD | em0 ---><--- em0 | Windows 2000 > > with net.link.ether.bridge_cfg: vlan0,em0 > > If I try to ping the FreeBSD machine from OpenBSD, arp requests are > sent out, and they are seen on both of the FreeBSD machine's > interfaces. However, no arp response is generated. > > So, I enter in the arp entries myself. > > Once I do that, when I again try to ping the FreeBSD host from > OpenBSD, the ping requests are seen on both the FreeBSD interfaces. > However, no response is generated. > > If I instead try to ping the OpenBSD machine from FreeBSD, the ping > requests get to the OpenBSD machine, and the OpenBSD replies, and > both the FreeBSD interfaces receive the reply, according to tcpdump. > However, the ping program does not receive them. > > > I also tried this setup: > > 192.168.0.3 192.168.0.1 192.168.0.2 > OpenBSD | vlan0----><--- vlan0 | FreeBSD | vlan1 ---><--- vlan0 | Windows 2000 > > with net.link.ether.bridge_cfg: vlan0,vlan1 > > And the same problem occurs. I have also tried with different > network cards as the parent interface of vlan0 on FreeBSD > (fxp0,dc0). 1) Please try a hack below; 2) Don't use bridge.ko, it is semi-broken, compile the bridging code in kernel instead (options BRIDGE); 3) sysctl net.inet.ip.check_interface=0 is mandatory in some topologies. Index: if_ethersubr.c =================================================================== RCS file: /home/ncvs/src/sys/net/if_ethersubr.c,v retrieving revision 1.147 diff -u -r1.147 if_ethersubr.c --- if_ethersubr.c 5 May 2003 09:15:50 -0000 1.147 +++ if_ethersubr.c 20 May 2003 15:06:50 -0000 @@ -625,6 +625,7 @@ if (rule) /* packet was already bridged */ goto post_stats; +#if 0 if (!(BDG_ACTIVE(ifp))) { /* * Discard packet if upper layers shouldn't see it because it @@ -641,6 +642,7 @@ return; } } +#endif /* Discard packet if interface is not up */ if ((ifp->if_flags & IFF_UP) == 0) { %%% -- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org From owner-freebsd-net@FreeBSD.ORG Fri Jun 20 17:27:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ECEE337B401 for ; Fri, 20 Jun 2003 17:27:18 -0700 (PDT) Received: from c009.snv.cp.net (h019.c009.snv.cp.net [209.228.34.132]) by mx1.FreeBSD.org (Postfix) with SMTP id 46EB543FBF for ; Fri, 20 Jun 2003 17:27:18 -0700 (PDT) (envelope-from jdroflet@canada.com) Received: (cpmta 6643 invoked from network); 20 Jun 2003 17:27:17 -0700 Received: from 209.228.34.114 (HELO mail.canada.com.criticalpath.net) by smtp.canada.com (209.228.34.132) with SMTP; 20 Jun 2003 17:27:17 -0700 X-Sent: 21 Jun 2003 00:27:17 GMT Received: from [65.92.127.154] by mail.canada.com with HTTP; Fri, 20 Jun 2003 17:27:15 -0700 (PDT) Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 7bit MIME-Version: 1.0 To: dero@bluhayz.org From: jdroflet@canada.com X-Sent-From: jdroflet@canada.com Date: Fri, 20 Jun 2003 17:27:15 -0700 (PDT) X-Mailer: Web Mail 5.4.0-4_sol28 Message-Id: <20030620172717.1996.h001.c009.wm@mail.canada.com.criticalpath.net> cc: freebsd-net@freebsd.org Subject: X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 00:27:19 -0000 I realized this after posting I should have included info restarting rules and Joeseph has hit on it here, I now use /usr/src/share/examples/ipfw/change_rules.sh that is with the standard install for any firewall changes. It saves old rulesets, allows you to view (syntax), then confirm rule changes. If you don't confirm within a set number of seconds it does not install the new rules. I have yet to cut myself off when changing remote rules using this script. For natd changes i have a script with the line: killall -9 natd;sleep 2;/sbin/natd -config /etc/natd.file -n fxp0 & Perhaps someone has a more elegant method ;) Regards, JD > firewall rules through that, be careful, you can cut yourself off if you are not. I always update rules in a copy of the firewall rules I use. Run it > with "rc.firewall.copy >/tmp/rules &". You can check the output by looking > at /tmp/rules. If you don't add "&" and you get cut off, the script will > not complete and may leave you in an unpredictable state. As long as you > are editing a copy of the rules, if something goes wrong, you just get > someone to reboot the computer, it will use the original rule set. To > minimize getting cut off, move your sshd rules of the external interface to > as close to the top as you can. From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 04:58:15 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DD6237B401 for ; Sat, 21 Jun 2003 04:58:15 -0700 (PDT) Received: from mx0.gmx.net (mx0.gmx.net [213.165.64.100]) by mx1.FreeBSD.org (Postfix) with SMTP id 945B643F85 for ; Sat, 21 Jun 2003 04:58:13 -0700 (PDT) (envelope-from freebsd_deamon@gmx.net) Received: (qmail 9081 invoked by uid 0); 21 Jun 2003 11:58:12 -0000 Date: Sat, 21 Jun 2003 13:58:12 +0200 (MEST) From: freebsd_deamon@gmx.net To: freebsd-net@freebsd.org, freebsd-hackers@freebsd.org MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="========GMXBoundary272721056196692" X-Priority: 3 (Normal) X-Authenticated-Sender: #0018491972@gmx.net X-Authenticated-IP: [141.20.121.49] Message-ID: <27272.1056196692@www62.gmx.net> X-Mailer: WWW-Mail 1.6 (Global Message Exchange) X-Flags: 0001 Subject: reboot loop; udbp-driver X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 11:58:15 -0000 This is a MIME encapsulated multipart message - please use a MIME-compliant e-mail program to open it. Dies ist eine mehrteilige Nachricht im MIME-Format - bitte verwenden Sie zum Lesen ein MIME-konformes Mailprogramm. --========GMXBoundary272721056196692 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit dear list! yesterday i recompiled the kernel of two of my machines running 5.1R with options NETGRAPH device udbp in order to try netgraph with a Prolific PL2301 (inspired by the thread on hackers a while ago). one of machines (m/b: ASUS P2L97-S, more specific to hardware please cf qilin) since goes into a reboot loop right after [...] ata1: at 0x170 irq 15 on atapci0 uhci0: port 0xd400-0xd41f irq 9 at device 4.2 on pci0 usb0: on uhci0 usb0: USB revision 1.0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered if i boot it with the usb host-to-host adapter pluged in (if i plug it in after the machine booted up there are no problems) the other (m/d: PC-Chip M571, more specific to hardware please cf zhuangzi) does boot without any problems with the adapter plugged in the only difference between the machines with regard to adaptor is that the P2L97-S has a "Intel 82371AB/EB (PIIX4) USB controller" (UHCI) and the M571 a "SiS 5571 USB controller" (OHCI) any suggestions to how to solve the problem? thanks in advance Zheyu dmesg and kernel configs of both machines attached -- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! --========GMXBoundary272721056196692 Content-Type: text/plain; name="qilin.txt" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="qilin.txt" Iy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0jCiMgRE1FU0cgYW5kIEtFUk5FTCBD T05GSUcgb2YgUUlMSU4gIwojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLSMKIy0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgZG1lc2cgb2YgUUlMSU4gKFAyTDk3LVMp CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQoKQ29weXJpZ2h0IChjKSAxOTkyLTIw MDMgVGhlIEZyZWVCU0QgUHJvamVjdC4KQ29weXJpZ2h0IChjKSAxOTc5LCAxOTgwLCAxOTgzLCAx OTg2LCAxOTg4LCAxOTg5LCAxOTkxLCAxOTkyLCAxOTkzLCAxOTk0CglUaGUgUmVnZW50cyBvZiB0 aGUgVW5pdmVyc2l0eSBvZiBDYWxpZm9ybmlhLiBBbGwgcmlnaHRzIHJlc2VydmVkLgpGcmVlQlNE IDUuMS1SRUxFQVNFICMzOiBTYXQgSnVuIDIxIDAzOjE0OjA4IENTVCAyMDAzCiAgICB6aGV5dUBx aWxpbi5rb2pvLm5ldDovdXNyL3NyYy9zeXMvaTM4Ni9jb21waWxlL0tFUk5FTF9RSUxJTgpQcmVs b2FkZWQgZWxmIGtlcm5lbCAiL2Jvb3Qva2VybmVsL2tlcm5lbCIgYXQgMHhjMDRlNTAwMC4KUHJl bG9hZGVkIGVsZiBtb2R1bGUgIi9ib290L2tlcm5lbC9hY3BpLmtvIiBhdCAweGMwNGU1MWNjLgpU aW1lY291bnRlciAiaTgyNTQiICBmcmVxdWVuY3kgMTE5MzE4MiBIegpUaW1lY291bnRlciAiVFND IiAgZnJlcXVlbmN5IDIzMzg2NTM0NSBIegpDUFU6IFBlbnRpdW0gSUkvUGVudGl1bSBJSSBYZW9u L0NlbGVyb24gKDIzMy44Ny1NSHogNjg2LWNsYXNzIENQVSkKICBPcmlnaW4gPSAiR2VudWluZUlu dGVsIiAgSWQgPSAweDYzNCAgU3RlcHBpbmcgPSA0CiAgRmVhdHVyZXM9MHg4MGY5ZmY8RlBVLFZN RSxERSxQU0UsVFNDLE1TUixQQUUsTUNFLENYOCxTRVAsTVRSUixQR0UsTUNBLENNT1YsTU1YPgpy ZWFsIG1lbW9yeSAgPSAxMzQyMDU0NDAgKDEyNyBNQikKYXZhaWwgbWVtb3J5ID0gMTI1MDE0MDE2 ICgxMTkgTUIpClBlbnRpdW0gUHJvIE1UUlIgc3VwcG9ydCBlbmFibGVkCm5weDA6IDxtYXRoIHBy b2Nlc3Nvcj4gb24gbW90aGVyYm9hcmQKbnB4MDogSU5UIDE2IGludGVyZmFjZQphY3BpMDogPEFT VVMgICBQMkw5Ny1TID4gb24gbW90aGVyYm9hcmQKcGNpYmlvczogQklPUyB2ZXJzaW9uIDIuMTAK VXNpbmcgJFBJUiB0YWJsZSwgNyBlbnRyaWVzIGF0IDB4YzAwZjBkMTAKYWNwaTA6IHBvd2VyIGJ1 dHRvbiBpcyBoYW5kbGVkIGFzIGEgZml4ZWQgZmVhdHVyZSBwcm9ncmFtbWluZyBtb2RlbC4KVGlt ZWNvdW50ZXIgIkFDUEktZmFzdCIgIGZyZXF1ZW5jeSAzNTc5NTQ1IEh6CmFjcGlfdGltZXIwOiA8 MjQtYml0IHRpbWVyIGF0IDMuNTc5NTQ1TUh6PiBwb3J0IDB4ZTQwOC0weGU0MGIgb24gYWNwaTAK cGNtMDogPENTNDIzMT4gcG9ydCAweDUzMC0weDUzNyBvbiBhY3BpMApkZXZpY2VfcHJvYmVfYW5k X2F0dGFjaDogcGNtMCBhdHRhY2ggcmV0dXJuZWQgNgphY3BpX2J1dHRvbjA6IDxQb3dlciBCdXR0 b24+IG9uIGFjcGkwCnBjaWIwOiA8QUNQSSBIb3N0LVBDSSBicmlkZ2U+IHBvcnQgMHhjZjgtMHhj ZmYgb24gYWNwaTAKcGNpMDogPEFDUEkgUENJIGJ1cz4gb24gcGNpYjAKYWdwMDogPEludGVsIDgy NDQzTFggKDQ0MCBMWCkgaG9zdCB0byBQQ0kgYnJpZGdlPiBtZW0gMHhlNDAwMDAwMC0weGU3ZmZm ZmZmIGF0IGRldmljZSAwLjAgb24gcGNpMApwY2liMTogPFBDSUJJT1MgUENJLVBDSSBicmlkZ2U+ IGF0IGRldmljZSAxLjAgb24gcGNpMApwY2kxOiA8UENJIGJ1cz4gb24gcGNpYjEKaXNhYjA6IDxQ Q0ktSVNBIGJyaWRnZT4gYXQgZGV2aWNlIDQuMCBvbiBwY2kwCmlzYTA6IDxJU0EgYnVzPiBvbiBp c2FiMAphdGFwY2kwOiA8SW50ZWwgUElJWDQgVURNQTMzIGNvbnRyb2xsZXI+IHBvcnQgMHhkODAw LTB4ZDgwZiBhdCBkZXZpY2UgNC4xIG9uIHBjaTAKYXRhMDogYXQgMHgxZjAgaXJxIDE0IG9uIGF0 YXBjaTAKYXRhMTogYXQgMHgxNzAgaXJxIDE1IG9uIGF0YXBjaTAKdWhjaTA6IDxJbnRlbCA4MjM3 MUFCL0VCIChQSUlYNCkgVVNCIGNvbnRyb2xsZXI+IHBvcnQgMHhkNDAwLTB4ZDQxZiBpcnEgOSBh dCBkZXZpY2UgNC4yIG9uIHBjaTAKdXNiMDogPEludGVsIDgyMzcxQUIvRUIgKFBJSVg0KSBVU0Ig Y29udHJvbGxlcj4gb24gdWhjaTAKdXNiMDogVVNCIHJldmlzaW9uIDEuMAp1aHViMDogSW50ZWwg VUhDSSByb290IGh1YiwgY2xhc3MgOS8wLCByZXYgMS4wMC8xLjAwLCBhZGRyIDEKdWh1YjA6IDIg cG9ydHMgd2l0aCAyIHJlbW92YWJsZSwgc2VsZiBwb3dlcmVkCnBjaTA6IDxicmlkZ2UsIFBDSS11 bmtub3duPiBhdCBkZXZpY2UgNC4zIChubyBkcml2ZXIgYXR0YWNoZWQpCmFoYzA6IDxBZGFwdGVj IGFpYzc4ODAgVWx0cmEgU0NTSSBhZGFwdGVyPiBwb3J0IDB4ZDAwMC0weGQwZmYgbWVtIDB4ZTMw MDAwMDAtMHhlMzAwMGZmZiBpcnEgOSBhdCBkZXZpY2UgNi4wIG9uIHBjaTAKYWhjMDogSWxsZWdh bCBjYWJsZSBjb25maWd1cmF0aW9uISEuIE9ubHkgdHdvIGNvbm5lY3RvcnMgb24gdGhlIGFkYXB0 ZXIgbWF5IGJlIHVzZWQgYXQgYSB0aW1lIQphaWM3ODgwOiBVbHRyYSBXaWRlIENoYW5uZWwgQSwg U0NTSSBJZD03LCAxNi8yNTMgU0NCcwp2cjA6IDxWSUEgVlQ2MTAyIFJoaW5lIElJIDEwLzEwMEJh c2VUWD4gcG9ydCAweGI4MDAtMHhiOGZmIG1lbSAweGUyODAwMDAwLTB4ZTI4MDAwZmYgaXJxIDEy IGF0IGRldmljZSAxMC4wIG9uIHBjaTAKdnIwOiBFdGhlcm5ldCBhZGRyZXNzOiAwMDo1MDpiYTox MjpmOTo5ZAptaWlidXMwOiA8TUlJIGJ1cz4gb24gdnIwCnVrcGh5MDogPEdlbmVyaWMgSUVFRSA4 MDIuM3UgbWVkaWEgaW50ZXJmYWNlPiBvbiBtaWlidXMwCnVrcGh5MDogIDEwYmFzZVQsIDEwYmFz ZVQtRkRYLCAxMDBiYXNlVFgsIDEwMGJhc2VUWC1GRFgsIGF1dG8KcGNpMDogPGRpc3BsYXksIFZH QT4gYXQgZGV2aWNlIDEyLjAgKG5vIGRyaXZlciBhdHRhY2hlZCkKcGNtMDogPENTNDIzMT4gcG9y dCAweDUzMC0weDUzNyBvbiBhY3BpMApkZXZpY2VfcHJvYmVfYW5kX2F0dGFjaDogcGNtMCBhdHRh Y2ggcmV0dXJuZWQgNgpwY20wOiA8Q1M0MjMxPiBwb3J0IDB4NTMwLTB4NTM3IG9uIGFjcGkwCmRl dmljZV9wcm9iZV9hbmRfYXR0YWNoOiBwY20wIGF0dGFjaCByZXR1cm5lZCA2CnBjbTA6IDxDUzQy MzE+IHBvcnQgMHg1MzAtMHg1Mzcgb24gYWNwaTAKZGV2aWNlX3Byb2JlX2FuZF9hdHRhY2g6IHBj bTAgYXR0YWNoIHJldHVybmVkIDYKcGNtMDogPENTNDIzMT4gcG9ydCAweDUzMC0weDUzNyBvbiBh Y3BpMApkZXZpY2VfcHJvYmVfYW5kX2F0dGFjaDogcGNtMCBhdHRhY2ggcmV0dXJuZWQgNgpmZGMw OiA8RW5oYW5jZWQgZmxvcHB5IGNvbnRyb2xsZXIgKGk4MjA3NywgTkU3MjA2NSBvciBjbG9uZSk+ IHBvcnQgMHgzZjcsMHgzZjItMHgzZjUgaXJxIDYgZHJxIDIgb24gYWNwaTAKZmRjMDogRklGTyBl bmFibGVkLCA4IGJ5dGVzIHRocmVzaG9sZApmZDA6IDwxNDQwLUtCIDMuNSIgZHJpdmU+IG9uIGZk YzAgZHJpdmUgMApwcGMwIHBvcnQgMHg3NzgtMHg3N2IsMHgzNzgtMHgzN2YgaXJxIDcgZHJxIDMg b24gYWNwaTAKcHBjMDogU01DLWxpa2UgY2hpcHNldCAoRUNQL0VQUC9QUzIvTklCQkxFKSBpbiBD T01QQVRJQkxFIG1vZGUKcHBjMDogRklGTyB3aXRoIDE2LzE2LzkgYnl0ZXMgdGhyZXNob2xkCnBw YnVzMDogPFBhcmFsbGVsIHBvcnQgYnVzPiBvbiBwcGMwCnBsaXAwOiA8UExJUCBuZXR3b3JrIGlu dGVyZmFjZT4gb24gcHBidXMwCmxwdDA6IDxQcmludGVyPiBvbiBwcGJ1czAKbHB0MDogSW50ZXJy dXB0LWRyaXZlbiBwb3J0CnBwaTA6IDxQYXJhbGxlbCBJL08+IG9uIHBwYnVzMApzaW8wIHBvcnQg MHgzZjgtMHgzZmYgaXJxIDQgb24gYWNwaTAKc2lvMDogdHlwZSAxNjU1MEEKc2lvMSBwb3J0IDB4 MmY4LTB4MmZmIGlycSAzIG9uIGFjcGkwCnNpbzE6IHR5cGUgMTY1NTBBCmF0a2JkYzA6IDxLZXli b2FyZCBjb250cm9sbGVyIChpODA0Mik+IHBvcnQgMHg2NCwweDYwIGlycSAxIG9uIGFjcGkwCnBj bTA6IDxDUzQyMzE+IHBvcnQgMHg1MzAtMHg1Mzcgb24gYWNwaTAKZGV2aWNlX3Byb2JlX2FuZF9h dHRhY2g6IHBjbTAgYXR0YWNoIHJldHVybmVkIDYKcGNtMDogPENTNDIzMT4gcG9ydCAweDUzMC0w eDUzNyBvbiBhY3BpMApkZXZpY2VfcHJvYmVfYW5kX2F0dGFjaDogcGNtMCBhdHRhY2ggcmV0dXJu ZWQgNgpwY20wOiA8Q1M0MjMxPiBwb3J0IDB4NTMwLTB4NTM3IG9uIGFjcGkwCmRldmljZV9wcm9i ZV9hbmRfYXR0YWNoOiBwY20wIGF0dGFjaCByZXR1cm5lZCA2CnBjbTA6IDxDUzQyMzE+IHBvcnQg MHg1MzAtMHg1Mzcgb24gYWNwaTAKZGV2aWNlX3Byb2JlX2FuZF9hdHRhY2g6IHBjbTAgYXR0YWNo IHJldHVybmVkIDYKcGNtMDogPENTNDIzMT4gcG9ydCAweDUzMC0weDUzNyBvbiBhY3BpMApkZXZp Y2VfcHJvYmVfYW5kX2F0dGFjaDogcGNtMCBhdHRhY2ggcmV0dXJuZWQgNgpvcm0wOiA8T3B0aW9u IFJPTXM+IGF0IGlvbWVtIDB4YzgwMDAtMHhjODdmZiwweGMwMDAwLTB4YzdmZmYgb24gaXNhMApw bXRpbWVyMCBvbiBpc2EwCnZnYTA6IDxHZW5lcmljIElTQSBWR0E+IGF0IHBvcnQgMHgzYzAtMHgz ZGYgaW9tZW0gMHhhMDAwMC0weGJmZmZmIG9uIGlzYTAKc2MwOiA8U3lzdGVtIGNvbnNvbGU+IGF0 IGZsYWdzIDB4MTAwIG9uIGlzYTAKc2MwOiBWR0EgPDE2IHZpcnR1YWwgY29uc29sZXMsIGZsYWdz PTB4MzAwPgpwY20wOiA8WWFtYWhhIE9QTC1TQXg+IGF0IHBvcnQgMHgzNzAtMHgzNzEsMHgzMzAt MHgzMzEsMHgzODgtMHgzOGIsMHg1MzAtMHg1MzcsMHgyMjAtMHgyMmYgaXJxIDUgZHJxIDEsMCBv biBpc2EwCmF0YTI6IDxHZW5lcmljIEVTREkvSURFL0FUQSBjb250cm9sbGVyPiBhdCBwb3J0IDB4 M2VlLDB4MWU4LTB4MWVmIGlycSAxMSBvbiBpc2EwClRpbWVjb3VudGVycyB0aWNrIGV2ZXJ5IDEw LjAwMCBtc2VjCmFkMDogNDg5Mk1CIDxRVUFOVFVNIEZJUkVCQUxMIEVYNS4xQT4gWzEwNjAyLzE1 LzYzXSBhdCBhdGEwLW1hc3RlciBVRE1BMzMKYWQyOiAxOTU5NU1CIDxRVUFOVFVNIEZJUkVCQUxM UCBMTTIwLjU+IFszOTgxMy8xNi82M10gYXQgYXRhMS1tYXN0ZXIgVURNQTMzCmFjZDA6IENEUk9N IDxDRC05NTZFL0FLVj4gYXQgYXRhMC1zbGF2ZSBQSU80CldhaXRpbmcgMTUgc2Vjb25kcyBmb3Ig U0NTSSBkZXZpY2VzIHRvIHNldHRsZQpNb3VudGluZyByb290IGZyb20gdWZzOi9kZXYvYWQwczFh CnVkYnAwOiBQcm9saWZpYyBUZWNobm9sb2d5IEluYy4gUEwyMzAxIEhvc3QtSG9zdCBpbnRlcmZh Y2UsIHJldiAxLjAwLzAuMDAsIGFkZHIgMiwgaWNsYXNzIDI1NS8wCgoKCiMtLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tCiMga2VybmVsIGNvbmZpZ3VyYXRpb24gZmlsZSBvZiBRSUxJTiAo UDJMOTcpCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMKIyBHRU5FUklDIC0tIEdl bmVyaWMga2VybmVsIGNvbmZpZ3VyYXRpb24gZmlsZSBmb3IgRnJlZUJTRC9pMzg2CiMKIyBGb3Ig bW9yZSBpbmZvcm1hdGlvbiBvbiB0aGlzIGZpbGUsIHBsZWFzZSByZWFkIHRoZSBoYW5kYm9vayBz ZWN0aW9uIG9uCiMgS2VybmVsIENvbmZpZ3VyYXRpb24gRmlsZXM6CiMKIyAgICBodHRwOi8vd3d3 LkZyZWVCU0Qub3JnL2RvYy9lbl9VUy5JU084ODU5LTEvYm9va3MvaGFuZGJvb2sva2VybmVsY29u ZmlnLWNvbmZpZy5odG1sCiMKIyBUaGUgaGFuZGJvb2sgaXMgYWxzbyBhdmFpbGFibGUgbG9jYWxs eSBpbiAvdXNyL3NoYXJlL2RvYy9oYW5kYm9vawojIGlmIHlvdSd2ZSBpbnN0YWxsZWQgdGhlIGRv YyBkaXN0cmlidXRpb24sIG90aGVyd2lzZSBhbHdheXMgc2VlIHRoZQojIEZyZWVCU0QgV29ybGQg V2lkZSBXZWIgc2VydmVyIChodHRwOi8vd3d3LkZyZWVCU0Qub3JnLykgZm9yIHRoZQojIGxhdGVz dCBpbmZvcm1hdGlvbi4KIwojIEFuIGV4aGF1c3RpdmUgbGlzdCBvZiBvcHRpb25zIGFuZCBtb3Jl IGRldGFpbGVkIGV4cGxhbmF0aW9ucyBvZiB0aGUKIyBkZXZpY2UgbGluZXMgaXMgYWxzbyBwcmVz ZW50IGluIHRoZSAuLi8uLi9jb25mL05PVEVTIGFuZCBOT1RFUyBmaWxlcy4gCiMgSWYgeW91IGFy ZSBpbiBkb3VidCBhcyB0byB0aGUgcHVycG9zZSBvciBuZWNlc3NpdHkgb2YgYSBsaW5lLCBjaGVj ayBmaXJzdCAKIyBpbiBOT1RFUy4KIwojICRGcmVlQlNEOiBzcmMvc3lzL2kzODYvY29uZi9HRU5F UklDLHYgMS4zODQuMi4yIDIwMDMvMDUvMzEgMTU6MTg6NDEgc2NvdHRsIEV4cCAkCgptYWNoaW5l CQlpMzg2CiNjcHUJCUk0ODZfQ1BVCiNjcHUJCUk1ODZfQ1BVCmNwdQkJSTY4Nl9DUFUKaWRlbnQJ CU1ZS0VSTkVMX1FJTElOCgojVG8gc3RhdGljYWxseSBjb21waWxlIGluIGRldmljZSB3aXJpbmcg aW5zdGVhZCBvZiAvYm9vdC9kZXZpY2UuaGludHMKaGludHMJCSJHRU5FUklDLmhpbnRzIgkJI0Rl ZmF1bHQgcGxhY2VzIHRvIGxvb2sgZm9yIGRldmljZXMuCgojbWFrZW9wdGlvbnMJREVCVUc9LWcJ CSNCdWlsZCBrZXJuZWwgd2l0aCBnZGIoMSkgZGVidWcgc3ltYm9scwoKb3B0aW9ucyAJU0NIRURf NEJTRAkJIzRCU0Qgc2NoZWR1bGVyCm9wdGlvbnMgCUlORVQJCQkjSW50ZXJORVR3b3JraW5nCiNv cHRpb25zIAlJTkVUNgkJCSNJUHY2IGNvbW11bmljYXRpb25zIHByb3RvY29scwpvcHRpb25zIAlG RlMJCQkjQmVya2VsZXkgRmFzdCBGaWxlc3lzdGVtCm9wdGlvbnMgCVNPRlRVUERBVEVTCQkjRW5h YmxlIEZGUyBzb2Z0IHVwZGF0ZXMgc3VwcG9ydApvcHRpb25zIAlVRlNfQUNMCQkJI1N1cHBvcnQg Zm9yIGFjY2VzcyBjb250cm9sIGxpc3RzCm9wdGlvbnMgCVVGU19ESVJIQVNICQkjSW1wcm92ZSBw ZXJmb3JtYW5jZSBvbiBiaWcgZGlyZWN0b3JpZXMKI29wdGlvbnMgCU1EX1JPT1QJCQkjTUQgaXMg YSBwb3RlbnRpYWwgcm9vdCBkZXZpY2UKb3B0aW9ucyAJTkZTQ0xJRU5UCQkjTmV0d29yayBGaWxl c3lzdGVtIENsaWVudApvcHRpb25zIAlORlNTRVJWRVIJCSNOZXR3b3JrIEZpbGVzeXN0ZW0gU2Vy dmVyCiNvcHRpb25zIAlORlNfUk9PVAkJI05GUyB1c2FibGUgYXMgcm9vdCBkZXZpY2UsIHJlcXVp cmVzIE5GU0NMSUVOVAojb3B0aW9ucyAJTVNET1NGUwkJCSNNU0RPUyBGaWxlc3lzdGVtCiNvcHRp b25zIAlDRDk2NjAJCQkjSVNPIDk2NjAgRmlsZXN5c3RlbQpvcHRpb25zIAlQUk9DRlMJCQkjUHJv Y2VzcyBmaWxlc3lzdGVtIChyZXF1aXJlcyBQU0VVRE9GUykKb3B0aW9ucyAJUFNFVURPRlMJCSNQ c2V1ZG8tZmlsZXN5c3RlbSBmcmFtZXdvcmsKb3B0aW9ucyAJQ09NUEFUXzQzCQkjQ29tcGF0aWJs ZSB3aXRoIEJTRCA0LjMgW0tFRVAgVEhJUyFdCm9wdGlvbnMgCUNPTVBBVF9GUkVFQlNENAkJI0Nv bXBhdGlibGUgd2l0aCBGcmVlQlNENApvcHRpb25zIAlTQ1NJX0RFTEFZPTE1MDAwCSNEZWxheSAo aW4gbXMpIGJlZm9yZSBwcm9iaW5nIFNDU0kKb3B0aW9ucyAJS1RSQUNFCQkJI2t0cmFjZSgxKSBz dXBwb3J0Cm9wdGlvbnMgCVNZU1ZTSE0JCQkjU1lTVi1zdHlsZSBzaGFyZWQgbWVtb3J5Cm9wdGlv bnMgCVNZU1ZNU0cJCQkjU1lTVi1zdHlsZSBtZXNzYWdlIHF1ZXVlcwpvcHRpb25zIAlTWVNWU0VN CQkJI1NZU1Ytc3R5bGUgc2VtYXBob3JlcwpvcHRpb25zIAlfS1BPU0lYX1BSSU9SSVRZX1NDSEVE VUxJTkcgI1Bvc2l4IFAxMDAzXzFCIHJlYWwtdGltZSBleHRlbnNpb25zCm9wdGlvbnMgCUtCRF9J TlNUQUxMX0NERVYJIyBpbnN0YWxsIGEgQ0RFViBlbnRyeSBpbiAvZGV2Cm9wdGlvbnMgCUFIQ19S RUdfUFJFVFRZX1BSSU5UCSMgUHJpbnQgcmVnaXN0ZXIgYml0ZmllbGRzIGluIGRlYnVnCgkJCQkJ IyBvdXRwdXQuICBBZGRzIH4xMjhrIHRvIGRyaXZlci4Kb3B0aW9ucyAJQUhEX1JFR19QUkVUVFlf UFJJTlQJIyBQcmludCByZWdpc3RlciBiaXRmaWVsZHMgaW4gZGVidWcKCQkJCQkjIG91dHB1dC4g IEFkZHMgfjIxNWsgdG8gZHJpdmVyLgoKIyBEZWJ1Z2dpbmcgZm9yIHVzZSBpbiAtY3VycmVudAoj b3B0aW9ucyAJRERCCQkJI0VuYWJsZSB0aGUga2VybmVsIGRlYnVnZ2VyCiNvcHRpb25zIAlJTlZB UklBTlRTCQkjRW5hYmxlIGNhbGxzIG9mIGV4dHJhIHNhbml0eSBjaGVja2luZwpvcHRpb25zIAlJ TlZBUklBTlRfU1VQUE9SVAkjRXh0cmEgc2FuaXR5IGNoZWNrcyBvZiBpbnRlcm5hbCBzdHJ1Y3R1 cmVzLCByZXF1aXJlZCBieSBJTlZBUklBTlRTCiNvcHRpb25zIAlXSVRORVNTCQkJI0VuYWJsZSBj aGVja3MgdG8gZGV0ZWN0IGRlYWRsb2NrcyBhbmQgY3ljbGVzCiNvcHRpb25zIAlXSVRORVNTX1NL SVBTUElOCSNEb24ndCBydW4gd2l0bmVzcyBvbiBzcGlubG9ja3MgZm9yIHNwZWVkCgojIFRvIG1h a2UgYW4gU01QIGtlcm5lbCwgdGhlIG5leHQgdHdvIGFyZSBuZWVkZWQKI29wdGlvbnMgCVNNUAkJ CSMgU3ltbWV0cmljIE11bHRpUHJvY2Vzc29yIEtlcm5lbAojb3B0aW9ucyAJQVBJQ19JTwkJCSMg U3ltbWV0cmljIChBUElDKSBJL08KCmRldmljZQkJaXNhCiNkZXZpY2UJCWVpc2EKZGV2aWNlCQlw Y2kKCiMgRmxvcHB5IGRyaXZlcwpkZXZpY2UJCWZkYwoKIyBBVEEgYW5kIEFUQVBJIGRldmljZXMK ZGV2aWNlCQlhdGEKZGV2aWNlCQlhdGFkaXNrCQkJIyBBVEEgZGlzayBkcml2ZXMKZGV2aWNlCQlh dGFwaWNkCQkJIyBBVEFQSSBDRFJPTSBkcml2ZXMKZGV2aWNlCQlhdGFwaWZkCQkJIyBBVEFQSSBm bG9wcHkgZHJpdmVzCiNkZXZpY2UJCWF0YXBpc3QJCQkjIEFUQVBJIHRhcGUgZHJpdmVzCm9wdGlv bnMgCUFUQV9TVEFUSUNfSUQJCSNTdGF0aWMgZGV2aWNlIG51bWJlcmluZwoKIyBTQ1NJIENvbnRy b2xsZXJzCiNkZXZpY2UJCWFoYgkJIyBFSVNBIEFIQTE3NDIgZmFtaWx5CmRldmljZQkJYWhjCQkj IEFIQTI5NDAgYW5kIG9uYm9hcmQgQUlDN3h4eCBkZXZpY2VzCiNkZXZpY2UJCWFoZAkJIyBBSEEz OTMyMC8yOTMyMCBhbmQgb25ib2FyZCBBSUM3OXh4IGRldmljZXMKI2RldmljZQkJYW1kCQkjIEFN RCA1M0M5NzQgKFRla3JhbSBEQy0zOTAoVCkpCiNkZXZpY2UJCWlzcAkJIyBRbG9naWMgZmFtaWx5 CiNkZXZpY2UJCW1wdAkJIyBMU0ktTG9naWMgTVBULUZ1c2lvbgojZGV2aWNlCQluY3IJCSMgTkNS L1N5bWJpb3MgTG9naWMKI2RldmljZQkJc3ltCQkjIE5DUi9TeW1iaW9zIExvZ2ljIChuZXdlciBj aGlwc2V0cyArIHRob3NlIG9mIGBuY3InKQojZGV2aWNlCQl0cm0JCSMgVGVrcmFtIERDMzk1VS9V Vy9GIERDMzE1VSBhZGFwdGVycwoKI2RldmljZQkJYWR2CQkjIEFkdmFuc3lzIFNDU0kgYWRhcHRl cnMKI2RldmljZQkJYWR3CQkjIEFkdmFuc3lzIHdpZGUgU0NTSSBhZGFwdGVycwojZGV2aWNlCQlh aGEJCSMgQWRhcHRlYyAxNTR4IFNDU0kgYWRhcHRlcnMKI2RldmljZQkJYWljCQkjIEFkYXB0ZWMg MTVbMDEyXXggU0NTSSBhZGFwdGVycywgQUlDLTZbMjNdNjAuCiNkZXZpY2UJCWJ0CQkjIEJ1c2xv Z2ljL015bGV4IE11bHRpTWFzdGVyIFNDU0kgYWRhcHRlcnMKCiNkZXZpY2UJCW5jdgkJIyBOQ1Ig NTNDNTAwCiNkZXZpY2UJCW5zcAkJIyBXb3JrYml0IE5pbmphIFNDU0ktMwojZGV2aWNlCQlzdGcJ CSMgVE1DIDE4QzMwLzE4QzUwCgojIFJBSUQgY29udHJvbGxlcnMgaW50ZXJmYWNlZCB0byB0aGUg U0NTSSBzdWJzeXN0ZW0KI2RldmljZQkJYXNyCQkjIERQVCBTbWFydFJBSUQgViwgVkkgYW5kIEFk YXB0ZWMgU0NTSSBSQUlECiNkZXZpY2UJCWNpc3MJCSMgQ29tcGFxIFNtYXJ0IFJBSUQgNSoKI2Rl dmljZQkJZHB0CQkjIERQVCBTbWFydGNhY2hlIElJSSwgSVYgLSBTZWUgTk9URVMgZm9yIG9wdGlv bnMhCiNkZXZpY2UJCWlpcgkJIyBJbnRlbCBJbnRlZ3JhdGVkIFJBSUQKI2RldmljZQkJbWx5CQkj IE15bGV4IEFjY2VsZVJBSUQvZVh0cmVtZVJBSUQKCiMgU0NTSSBwZXJpcGhlcmFscwpkZXZpY2UJ CXNjYnVzCQkjIFNDU0kgYnVzIChyZXF1aXJlZCkKI2RldmljZQkJY2gJCSMgU0NTSSBtZWRpYSBj aGFuZ2VycwpkZXZpY2UJCWRhCQkjIERpcmVjdCBBY2Nlc3MgKGRpc2tzKQojZGV2aWNlCQlzYQkJ IyBTZXF1ZW50aWFsIEFjY2VzcyAodGFwZSBldGMpCiNkZXZpY2UJCWNkCQkjIENECiNkZXZpY2UJ CXBhc3MJCSMgUGFzc3Rocm91Z2ggZGV2aWNlIChkaXJlY3QgU0NTSSBhY2Nlc3MpCiNkZXZpY2UJ CXNlcwkJIyBTQ1NJIEVudmlyb25tZW50YWwgU2VydmljZXMgKGFuZCBTQUYtVEUpCgojIFJBSUQg Y29udHJvbGxlcnMKI2RldmljZQkJYWFjCQkjIEFkYXB0ZWMgRlNBIFJBSUQKI2RldmljZQkJYWFj cAkJIyBTQ1NJIHBhc3N0aHJvdWdoIGZvciBhYWMgKHJlcXVpcmVzIENBTSkKI2RldmljZQkJYW1y CQkjIEFNSSBNZWdhUkFJRAojZGV2aWNlCQlpZGEJCSMgQ29tcGFxIFNtYXJ0IFJBSUQKI2Rldmlj ZQkJaXBzCQkjIElCTSAoQWRhcHRlYykgU2VydmVSQUlECiNkZXZpY2UJCW1seAkJIyBNeWxleCBE QUM5NjAgZmFtaWx5CiNkZXZpY2UJCXBzdAkJIyBQcm9taXNlIFN1cGVydHJhayBTWDYwMDAKI2Rl dmljZQkJdHdlCQkjIDN3YXJlIEFUQSBSQUlECgojIGF0a2JkYzAgY29udHJvbHMgYm90aCB0aGUg a2V5Ym9hcmQgYW5kIHRoZSBQUy8yIG1vdXNlCmRldmljZQkJYXRrYmRjCQkjIEFUIGtleWJvYXJk IGNvbnRyb2xsZXIKZGV2aWNlCQlhdGtiZAkJIyBBVCBrZXlib2FyZApkZXZpY2UJCXBzbQkJIyBQ Uy8yIG1vdXNlCgpkZXZpY2UJCXZnYQkJIyBWR0EgdmlkZW8gY2FyZCBkcml2ZXIKCmRldmljZQkJ c3BsYXNoCQkjIFNwbGFzaCBzY3JlZW4gYW5kIHNjcmVlbiBzYXZlciBzdXBwb3J0CgojIHN5c2Nv bnMgaXMgdGhlIGRlZmF1bHQgY29uc29sZSBkcml2ZXIsIHJlc2VtYmxpbmcgYW4gU0NPIGNvbnNv bGUKZGV2aWNlCQlzYwoKIyBFbmFibGUgdGhpcyBmb3IgdGhlIHBjdnQgKFZUMjIwIGNvbXBhdGli bGUpIGNvbnNvbGUgZHJpdmVyCiNkZXZpY2UJCXZ0CiNvcHRpb25zIAlYU0VSVkVSCQkJIyBzdXBw b3J0IGZvciBYIHNlcnZlciBvbiBhIHZ0IGNvbnNvbGUKI29wdGlvbnMgCUZBVF9DVVJTT1IJCSMg c3RhcnQgd2l0aCBibG9jayBjdXJzb3IKCmRldmljZQkJYWdwCQkjIHN1cHBvcnQgc2V2ZXJhbCBB R1AgY2hpcHNldHMKCiMgRmxvYXRpbmcgcG9pbnQgc3VwcG9ydCAtIGRvIG5vdCBkaXNhYmxlLgpk ZXZpY2UJCW5weAoKIyBQb3dlciBtYW5hZ2VtZW50IHN1cHBvcnQgKHNlZSBOT1RFUyBmb3IgbW9y ZSBvcHRpb25zKQojZGV2aWNlCQlhcG0KIyBBZGQgc3VzcGVuZC9yZXN1bWUgc3VwcG9ydCBmb3Ig dGhlIGk4MjU0LgpkZXZpY2UJCXBtdGltZXIKCiMgUENDQVJEIChQQ01DSUEpIHN1cHBvcnQKIyBQ Y21jaWEgYW5kIGNhcmRidXMgYnJpZGdlIHN1cHBvcnQKI2RldmljZQkJY2JiCQkJIyBjYXJkYnVz ICh5ZW50YSkgYnJpZGdlCiNkZXZpY2UJCXBjaWMJCQkjIEV4Q0EgSVNBIGFuZCBQQ0kgYnJpZGdl cwojZGV2aWNlCQlwY2NhcmQJCQkjIFBDIENhcmQgKDE2LWJpdCkgYnVzCiNkZXZpY2UJCWNhcmRi dXMJCQkjIENhcmRCdXMgKDMyLWJpdCkgYnVzCgojIFNlcmlhbCAoQ09NKSBwb3J0cwpkZXZpY2UJ CXNpbwkJIyA4MjUwLCAxNls0NV01MCBiYXNlZCBzZXJpYWwgcG9ydHMKCiMgUGFyYWxsZWwgcG9y dApkZXZpY2UJCXBwYwpkZXZpY2UJCXBwYnVzCQkjIFBhcmFsbGVsIHBvcnQgYnVzIChyZXF1aXJl ZCkKZGV2aWNlCQlscHQJCSMgUHJpbnRlcgpkZXZpY2UJCXBsaXAJCSMgVENQL0lQIG92ZXIgcGFy YWxsZWwKZGV2aWNlCQlwcGkJCSMgUGFyYWxsZWwgcG9ydCBpbnRlcmZhY2UgZGV2aWNlCiNkZXZp Y2UJCXZwbwkJIyBSZXF1aXJlcyBzY2J1cyBhbmQgZGEKCgojIFBDSSBFdGhlcm5ldCBOSUNzLgoj ZGV2aWNlCQlkZQkJIyBERUMvSW50ZWwgREMyMXg0eCAoYGBUdWxpcCcnKQojZGV2aWNlCQllbQkJ IyBJbnRlbCBQUk8vMTAwMCBhZGFwdGVyIEdpZ2FiaXQgRXRoZXJuZXQgQ2FyZAojZGV2aWNlCQl0 eHAJCSMgM0NvbSAzY1I5OTAgKGBgVHlwaG9vbicnKQojZGV2aWNlCQl2eAkJIyAzQ29tIDNjNTkw LCAzYzU5NSAoYGBWb3J0ZXgnJykKCiMgUENJIEV0aGVybmV0IE5JQ3MgdGhhdCB1c2UgdGhlIGNv bW1vbiBNSUkgYnVzIGNvbnRyb2xsZXIgY29kZS4KIyBOT1RFOiBCZSBzdXJlIHRvIGtlZXAgdGhl ICdkZXZpY2UgbWlpYnVzJyBsaW5lIGluIG9yZGVyIHRvIHVzZSB0aGVzZSBOSUNzIQpkZXZpY2UJ CW1paWJ1cwkJIyBNSUkgYnVzIHN1cHBvcnQKI2RldmljZQkJZGMJCSMgREVDL0ludGVsIDIxMTQz IGFuZCB2YXJpb3VzIHdvcmthbGlrZXMKI2RldmljZQkJZnhwCQkjIEludGVsIEV0aGVyRXhwcmVz cyBQUk8vMTAwQiAoODI1NTcsIDgyNTU4KQojZGV2aWNlCQlwY24JCSMgQU1EIEFtNzlDOTd4IFBD SSAxMC8xMDAgKHByZWNlZGVuY2Ugb3ZlciAnbG5jJykKI2RldmljZQkJcmwJCSMgUmVhbFRlayA4 MTI5LzgxMzkKI2RldmljZQkJc2YJCSMgQWRhcHRlYyBBSUMtNjkxNSAoYGBTdGFyZmlyZScnKQoj ZGV2aWNlCQlzaXMJCSMgU2lsaWNvbiBJbnRlZ3JhdGVkIFN5c3RlbXMgU2lTIDkwMC9TaVMgNzAx NgojZGV2aWNlCQlzawkJIyBTeXNLb25uZWN0IFNLLTk4NHggYW5kIFNLLTk4MnggZ2lnYWJpdCBl dGhlcm5ldAojZGV2aWNlCQlzdGUJCSMgU3VuZGFuY2UgU1QyMDEgKEQtTGluayBERkUtNTUwVFgp CiNkZXZpY2UJCXRpCQkjIEFsdGVvbiBOZXR3b3JrcyBUaWdvbiBJL0lJIGdpZ2FiaXQgZXRoZXJu ZXQKI2RldmljZQkJdGwJCSMgVGV4YXMgSW5zdHJ1bWVudHMgVGh1bmRlckxBTgojZGV2aWNlCQl0 eAkJIyBTTUMgRXRoZXJQb3dlciBJSSAoODNjMTcwIGBgRVBJQycnKQpkZXZpY2UJCXZyCQkjIFZJ QSBSaGluZSwgUmhpbmUgSUkKI2RldmljZQkJd2IJCSMgV2luYm9uZCBXODlDODQwRgojZGV2aWNl CQl4bAkJIyAzQ29tIDNjOTB4IChgYEJvb21lcmFuZycnLCBgYEN5Y2xvbmUnJykKI2RldmljZQkJ YmdlCQkjIEJyb2FkY29tIEJDTTU3MHh4IEdpZ2FiaXQgRXRoZXJuZXQKCiMgSVNBIEV0aGVybmV0 IE5JQ3MuICBwY2NhcmQgbmljcyBpbmNsdWRlZC4KI2RldmljZQkJY3MJCSMgQ3J5c3RhbCBTZW1p Y29uZHVjdG9yIENTODl4MCBOSUMKIyAnZGV2aWNlIGVkJyByZXF1aXJlcyAnZGV2aWNlIG1paWJ1 cycKI2RldmljZQkJZWQJCSMgTkVbMTJdMDAwLCBTTUMgVWx0cmEsIDNjNTAzLCBEUzgzOTAgY2Fy ZHMKI2RldmljZQkJZXgJCSMgSW50ZWwgRXRoZXJFeHByZXNzIFByby8xMCBhbmQgUHJvLzEwKwoj ZGV2aWNlCQllcAkJIyBFdGhlcmxpbmsgSUlJIGJhc2VkIGNhcmRzCiNkZXZpY2UJCWZlCQkjIEZ1 aml0c3UgTUI4Njk2eCBiYXNlZCBjYXJkcwojZGV2aWNlCQlpZQkJIyBFdGhlckV4cHJlc3MgOC8x NiwgM0M1MDcsIFN0YXJMQU4gMTAgZXRjLgojZGV2aWNlCQlsbmMJCSMgTkUyMTAwLCBORTMyLVZM IExhbmNlIEV0aGVybmV0IGNhcmRzCiNkZXZpY2UJCXNuCQkjIFNNQydzIDkwMDAgc2VyaWVzIG9m IGV0aGVybmV0IGNoaXBzCiNkZXZpY2UJCXhlCQkjIFhpcmNvbSBwY2NhcmQgZXRoZXJuZXQKCiMg SVNBIGRldmljZXMgdGhhdCB1c2UgdGhlIG9sZCBJU0Egc2hpbXMKI2RldmljZQkJbGUKCiMgV2ly ZWxlc3MgTklDIGNhcmRzCiNkZXZpY2UJCXdsYW4JCSMgODAyLjExIHN1cHBvcnQKI2RldmljZQkJ YW4JCSMgQWlyb25ldCA0NTAwLzQ4MDAgODAyLjExIHdpcmVsZXNzIE5JQ3MuIAojZGV2aWNlCQlh d2kJCSMgQmF5U3RhY2sgNjYwIGFuZCBvdGhlcnMKI2RldmljZQkJd2kJCSMgV2F2ZUxBTi9JbnRl cnNpbC9TeW1ib2wgODAyLjExIHdpcmVsZXNzIE5JQ3MuCiNkZXZpY2UJCXdsCQkjIE9sZGVyIG5v biA4MDIuMTEgV2F2ZWxhbiB3aXJlbGVzcyBOSUMuCgojIFBzZXVkbyBkZXZpY2VzIC0gdGhlIG51 bWJlciBpbmRpY2F0ZXMgaG93IG1hbnkgdW5pdHMgdG8gYWxsb2NhdGUuCmRldmljZQkJcmFuZG9t CQkjIEVudHJvcHkgZGV2aWNlCmRldmljZQkJbG9vcAkJIyBOZXR3b3JrIGxvb3BiYWNrCmRldmlj ZQkJZXRoZXIJCSMgRXRoZXJuZXQgc3VwcG9ydApkZXZpY2UJCXNsCQkjIEtlcm5lbCBTTElQCmRl dmljZQkJcHBwCQkjIEtlcm5lbCBQUFAKZGV2aWNlCQl0dW4JCSMgUGFja2V0IHR1bm5lbC4KZGV2 aWNlCQlwdHkJCSMgUHNldWRvLXR0eXMgKHRlbG5ldCBldGMpCmRldmljZQkJbWQJCSMgTWVtb3J5 ICJkaXNrcyIKZGV2aWNlCQlnaWYJCSMgSVB2NiBhbmQgSVB2NCB0dW5uZWxpbmcKI2RldmljZQkJ ZmFpdGgJCSMgSVB2Ni10by1JUHY0IHJlbGF5aW5nICh0cmFuc2xhdGlvbikKCiMgVGhlIGBicGYn IGRldmljZSBlbmFibGVzIHRoZSBCZXJrZWxleSBQYWNrZXQgRmlsdGVyLgojIEJlIGF3YXJlIG9m IHRoZSBhZG1pbmlzdHJhdGl2ZSBjb25zZXF1ZW5jZXMgb2YgZW5hYmxpbmcgdGhpcyEKZGV2aWNl CQlicGYJCSMgQmVya2VsZXkgcGFja2V0IGZpbHRlcgoKIyBVU0Igc3VwcG9ydApkZXZpY2UJCXVo Y2kJCSMgVUhDSSBQQ0ktPlVTQiBpbnRlcmZhY2UKI2RldmljZQkJb2hjaQkJIyBPSENJIFBDSS0+ VVNCIGludGVyZmFjZQpkZXZpY2UJCXVzYgkJIyBVU0IgQnVzIChyZXF1aXJlZCkKI2RldmljZQkJ dWRicAkJIyBVU0IgRG91YmxlIEJ1bGsgUGlwZSBkZXZpY2VzCmRldmljZQkJdWdlbgkJIyBHZW5l cmljCmRldmljZQkJdWhpZAkJIyAiSHVtYW4gSW50ZXJmYWNlIERldmljZXMiCmRldmljZQkJdWti ZAkJIyBLZXlib2FyZApkZXZpY2UJCXVscHQJCSMgUHJpbnRlcgpkZXZpY2UJCXVtYXNzCQkjIERp c2tzL01hc3Mgc3RvcmFnZSAtIFJlcXVpcmVzIHNjYnVzIGFuZCBkYQpkZXZpY2UJCXVtcwkJIyBN b3VzZQojZGV2aWNlCQl1cmlvCQkjIERpYW1vbmQgUmlvIDUwMCBNUDMgcGxheWVyCmRldmljZQkJ dXNjYW5uZXIJIyBTY2FubmVycwojIFVTQiBFdGhlcm5ldCwgcmVxdWlyZXMgbWlpCiNkZXZpY2UJ CWF1ZQkJIyBBRE10ZWsgVVNCIGV0aGVybmV0CiNkZXZpY2UJCWF4ZQkJIyBBU0lYIEVsZWN0cm9u aWNzIFVTQiBldGhlcm5ldAojZGV2aWNlCQljdWUJCSMgQ0FUQyBVU0IgZXRoZXJuZXQKI2Rldmlj ZQkJa3VlCQkjIEthd2FzYWtpIExTSSBVU0IgZXRoZXJuZXQKCiMgRmlyZVdpcmUgc3VwcG9ydAoj ZGV2aWNlCQlmaXJld2lyZQkjIEZpcmVXaXJlIGJ1cyBjb2RlCiNkZXZpY2UJCXNicAkJIyBTQ1NJ IG92ZXIgRmlyZVdpcmUgKFJlcXVpcmVzIHNjYnVzIGFuZCBkYSkKI2RldmljZQkJZndlCQkjIEV0 aGVybmV0IG92ZXIgRmlyZVdpcmUgKG5vbi1zdGFuZGFyZCEpCgoKCmRldmljZQkJcGNtCgpvcHRp b25zCQlORVRHUkFQSApkZXZpY2UJCXVkYnAKCg== --========GMXBoundary272721056196692 Content-Type: text/plain; name="zhuangzi.txt" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="zhuangzi.txt" Iy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0jCiMgRE1FU0cgYW5kIEtFUk5F TCBDT05GSUcgb2YgWkhVQU5HWkkgIwojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLSMKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBkbWVzZyBvZiBaSFVBTkdaSSAo TTU3MSkKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KCkNvcHlyaWdodCAoYykgMTk5Mi0y MDAzIFRoZSBGcmVlQlNEIFByb2plY3QuCkNvcHlyaWdodCAoYykgMTk3OSwgMTk4MCwgMTk4Mywg MTk4NiwgMTk4OCwgMTk4OSwgMTk5MSwgMTk5MiwgMTk5MywgMTk5NAoJVGhlIFJlZ2VudHMgb2Yg dGhlIFVuaXZlcnNpdHkgb2YgQ2FsaWZvcm5pYS4gQWxsIHJpZ2h0cyByZXNlcnZlZC4KRnJlZUJT RCA1LjEtUkVMRUFTRSAjMDogU2F0IEp1biAyMSAwNToxMTo0NCBDU1QgMjAwMwogICAgemhleXVA emh1YW5nemkua29qby5uZXQ6L3Vzci9zcmMvc3lzL2kzODYvY29tcGlsZS9LRVJORUxfWkhVQU5H WkkKUHJlbG9hZGVkIGVsZiBrZXJuZWwgIi9ib290L2tlcm5lbC9rZXJuZWwiIGF0IDB4YzAzZGUw MDAuClRpbWVjb3VudGVyICJpODI1NCIgIGZyZXF1ZW5jeSAxMTkzMTgyIEh6ClRpbWVjb3VudGVy ICJUU0MiICBmcmVxdWVuY3kgMjAwNDU3MDEzIEh6CkNQVTogUGVudGl1bS9QNTVDICgyMDAuNDYt TUh6IDU4Ni1jbGFzcyBDUFUpCiAgT3JpZ2luID0gIkdlbnVpbmVJbnRlbCIgIElkID0gMHg1NDMg IFN0ZXBwaW5nID0gMwogIEZlYXR1cmVzPTB4ODAwMWJmPEZQVSxWTUUsREUsUFNFLFRTQyxNU1Is TUNFLENYOCxNTVg+CnJlYWwgbWVtb3J5ICA9IDY2MDYwMjg4ICg2MyBNQikKYXZhaWwgbWVtb3J5 ID0gNTk5NDA4NjQgKDU3IE1CKQpJbnRlbCBQZW50aXVtIGRldGVjdGVkLCBpbnN0YWxsaW5nIHdv cmthcm91bmQgZm9yIEYwMEYgYnVnCm5weDA6IDxtYXRoIHByb2Nlc3Nvcj4gb24gbW90aGVyYm9h cmQKbnB4MDogSU5UIDE2IGludGVyZmFjZQpwY2liaW9zOiBCSU9TIHZlcnNpb24gMi4xMApwY2li MDogPEhvc3QgdG8gUENJIGJyaWRnZT4gYXQgcGNpYnVzIDAgb24gbW90aGVyYm9hcmQKcGNpMDog PFBDSSBidXM+IG9uIHBjaWIwCmlzYWIwOiA8UENJLUlTQSBicmlkZ2U+IGF0IGRldmljZSAxLjAg b24gcGNpMAppc2EwOiA8SVNBIGJ1cz4gb24gaXNhYjAKYXRhcGNpMDogPFNpUyA1NTEzIFVETUEz MyBjb250cm9sbGVyPiBwb3J0IDB4NDAwMC0weDQwMGYsMHg0MTI1MGIyMC0weDQxMjUwYjIzLDB4 MjMwMmQ5MTgtMHgyMzAyZDkxZiwweDg4MDRjOTJjLTB4ODgwNGM5MmYsMHgxMDkyODAtMHgxMDky ODcgYXQgZGV2aWNlIDEuMSBvbiBwY2kwCmF0YTA6IGF0IDB4MWYwIGlycSAxNCBvbiBhdGFwY2kw CmF0YTE6IGF0IDB4MTcwIGlycSAxNSBvbiBhdGFwY2kwCm9oY2kwOiA8U2lTIDU1NzEgVVNCIGNv bnRyb2xsZXI+IG1lbSAweGZmYWRmMDAwLTB4ZmZhZGZmZmYgaXJxIDExIGF0IGRldmljZSAxLjIg b24gcGNpMAp1c2IwOiBPSENJIHZlcnNpb24gMS4wLCBsZWdhY3kgc3VwcG9ydAp1c2IwOiA8U2lT IDU1NzEgVVNCIGNvbnRyb2xsZXI+IG9uIG9oY2kwCnVzYjA6IFVTQiByZXZpc2lvbiAxLjAKdWh1 YjA6IFNpUyBPSENJIHJvb3QgaHViLCBjbGFzcyA5LzAsIHJldiAxLjAwLzEuMDAsIGFkZHIgMQp1 aHViMDogMiBwb3J0cyB3aXRoIDIgcmVtb3ZhYmxlLCBzZWxmIHBvd2VyZWQKdWRicDA6IFByb2xp ZmljIFRlY2hub2xvZ3kgSW5jLiBQTDIzMDEgSG9zdC1Ib3N0IGludGVyZmFjZSwgcmV2IDEuMDAv MC4wMCwgYWRkciAyLCBpY2xhc3MgMjU1LzAKcmwwOiA8UmVhbFRlayA4MTM5IDEwLzEwMEJhc2VU WD4gcG9ydCAweGY2MDAtMHhmNmZmIG1lbSAweGZmYWRlZjAwLTB4ZmZhZGVmZmYgaXJxIDEwIGF0 IGRldmljZSAxMy4wIG9uIHBjaTAKcmwwOiBSZWFsdGVrIDgxMzlCIGRldGVjdGVkLiBXYXJuaW5n LCB0aGlzIG1heSBiZSB1bnN0YWJsZSBpbiBhdXRvc2VsZWN0IG1vZGUKcmwwOiBFdGhlcm5ldCBh ZGRyZXNzOiAwMDpjMToyNjoxMTozMTo4YwptaWlidXMwOiA8TUlJIGJ1cz4gb24gcmwwCnJscGh5 MDogPFJlYWxUZWsgaW50ZXJuYWwgbWVkaWEgaW50ZXJmYWNlPiBvbiBtaWlidXMwCnJscGh5MDog IDEwYmFzZVQsIDEwYmFzZVQtRkRYLCAxMDBiYXNlVFgsIDEwMGJhc2VUWC1GRFgsIGF1dG8KcGNp MDogPGRpc3BsYXksIFZHQT4gYXQgZGV2aWNlIDIwLjAgKG5vIGRyaXZlciBhdHRhY2hlZCkKb3Jt MDogPE9wdGlvbiBST00+IGF0IGlvbWVtIDB4YzAwMDAtMHhjYmZmZiBvbiBpc2EwCnBtdGltZXIw IG9uIGlzYTAKYXRrYmRjMDogPEtleWJvYXJkIGNvbnRyb2xsZXIgKGk4MDQyKT4gYXQgcG9ydCAw eDY0LDB4NjAgb24gaXNhMAphdGtiZDA6IDxBVCBLZXlib2FyZD4gZmxhZ3MgMHgxIGlycSAxIG9u IGF0a2JkYzAKa2JkMCBhdCBhdGtiZDAKZmRjMDogPE5FQyA3NjUgb3IgY2xvbmU+IGF0IHBvcnQg MHgzZjcsMHgzZjAtMHgzZjUgaXJxIDYgZHJxIDIgb24gaXNhMApmZDA6IDwxNDQwLUtCIDMuNSIg ZHJpdmU+IG9uIGZkYzAgZHJpdmUgMApwcGMwOiA8UGFyYWxsZWwgcG9ydD4gYXQgcG9ydCAweDM3 OC0weDM3ZiBpcnEgNyBvbiBpc2EwCnBwYzA6IEdlbmVyaWMgY2hpcHNldCAoTklCQkxFLW9ubHkp IGluIENPTVBBVElCTEUgbW9kZQpwcGJ1czA6IDxQYXJhbGxlbCBwb3J0IGJ1cz4gb24gcHBjMApw bGlwMDogPFBMSVAgbmV0d29yayBpbnRlcmZhY2U+IG9uIHBwYnVzMApscHQwOiA8UHJpbnRlcj4g b24gcHBidXMwCmxwdDA6IEludGVycnVwdC1kcml2ZW4gcG9ydApwcGkwOiA8UGFyYWxsZWwgSS9P PiBvbiBwcGJ1czAKc2MwOiA8U3lzdGVtIGNvbnNvbGU+IGF0IGZsYWdzIDB4MTAwIG9uIGlzYTAK c2MwOiBWR0EgPDE2IHZpcnR1YWwgY29uc29sZXMsIGZsYWdzPTB4MzAwPgpzaW8wIGF0IHBvcnQg MHgzZjgtMHgzZmYgaXJxIDQgZmxhZ3MgMHgxMCBvbiBpc2EwCnNpbzA6IHR5cGUgMTY1NTBBCnNp bzEgYXQgcG9ydCAweDJmOC0weDJmZiBpcnEgMyBvbiBpc2EwCnNpbzE6IHR5cGUgMTY1NTBBCnZn YTA6IDxHZW5lcmljIElTQSBWR0E+IGF0IHBvcnQgMHgzYzAtMHgzZGYgaW9tZW0gMHhhMDAwMC0w eGJmZmZmIG9uIGlzYTAKdW5rbm93bjogPFBOUDAzMDM+IGNhbid0IGFzc2lnbiByZXNvdXJjZXMg KHBvcnQpCnVua25vd246IDxQTlAwNTAxPiBjYW4ndCBhc3NpZ24gcmVzb3VyY2VzIChwb3J0KQp1 bmtub3duOiA8UE5QMDUwMT4gY2FuJ3QgYXNzaWduIHJlc291cmNlcyAocG9ydCkKdW5rbm93bjog PFBOUDA0MDA+IGNhbid0IGFzc2lnbiByZXNvdXJjZXMgKHBvcnQpCnVua25vd246IDxQTlAwNzAw PiBjYW4ndCBhc3NpZ24gcmVzb3VyY2VzIChwb3J0KQp1bmtub3duOiA8UE5QMGMwMj4gY2FuJ3Qg YXNzaWduIHJlc291cmNlcyAocG9ydCkKVGltZWNvdW50ZXJzIHRpY2sgZXZlcnkgMTAuMDAwIG1z ZWMKYWQwOiA0MTExTUIgPFNUMzQzMTBBPiBbODM1NC8xNi82M10gYXQgYXRhMC1tYXN0ZXIgVURN QTMzCmFjZDA6IENEUk9NIDxCQ0QgMTZYQSBDRC1ST00+IGF0IGF0YTAtc2xhdmUgUElPNApNb3Vu dGluZyByb290IGZyb20gdWZzOi9kZXYvYWQwczFhCgoKCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tCiMga2VybmVsIGNvZmlndXJhdGlvbiBmaWxlIG9mIFpIVUFOR1pJIChNNTcxKQoj LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojCiMgR0VORVJJQyAtLSBHZW5lcmljIGtl cm5lbCBjb25maWd1cmF0aW9uIGZpbGUgZm9yIEZyZWVCU0QvaTM4NgojCiMgRm9yIG1vcmUgaW5m b3JtYXRpb24gb24gdGhpcyBmaWxlLCBwbGVhc2UgcmVhZCB0aGUgaGFuZGJvb2sgc2VjdGlvbiBv bgojIEtlcm5lbCBDb25maWd1cmF0aW9uIEZpbGVzOgojCiMgICAgaHR0cDovL3d3dy5GcmVlQlNE Lm9yZy9kb2MvZW5fVVMuSVNPODg1OS0xL2Jvb2tzL2hhbmRib29rL2tlcm5lbGNvbmZpZy1jb25m aWcuaHRtbAojCiMgVGhlIGhhbmRib29rIGlzIGFsc28gYXZhaWxhYmxlIGxvY2FsbHkgaW4gL3Vz ci9zaGFyZS9kb2MvaGFuZGJvb2sKIyBpZiB5b3UndmUgaW5zdGFsbGVkIHRoZSBkb2MgZGlzdHJp YnV0aW9uLCBvdGhlcndpc2UgYWx3YXlzIHNlZSB0aGUKIyBGcmVlQlNEIFdvcmxkIFdpZGUgV2Vi IHNlcnZlciAoaHR0cDovL3d3dy5GcmVlQlNELm9yZy8pIGZvciB0aGUKIyBsYXRlc3QgaW5mb3Jt YXRpb24uCiMKIyBBbiBleGhhdXN0aXZlIGxpc3Qgb2Ygb3B0aW9ucyBhbmQgbW9yZSBkZXRhaWxl ZCBleHBsYW5hdGlvbnMgb2YgdGhlCiMgZGV2aWNlIGxpbmVzIGlzIGFsc28gcHJlc2VudCBpbiB0 aGUgLi4vLi4vY29uZi9OT1RFUyBhbmQgTk9URVMgZmlsZXMuIAojIElmIHlvdSBhcmUgaW4gZG91 YnQgYXMgdG8gdGhlIHB1cnBvc2Ugb3IgbmVjZXNzaXR5IG9mIGEgbGluZSwgY2hlY2sgZmlyc3Qg CiMgaW4gTk9URVMuCiMKIyAkRnJlZUJTRDogc3JjL3N5cy9pMzg2L2NvbmYvR0VORVJJQyx2IDEu Mzg0LjIuMiAyMDAzLzA1LzMxIDE1OjE4OjQxIHNjb3R0bCBFeHAgJAoKbWFjaGluZQkJaTM4Ngoj Y3B1CQlJNDg2X0NQVQpjcHUJCUk1ODZfQ1BVCiNjcHUJCUk2ODZfQ1BVCmlkZW50CQlLRVJORUxf WkhVQU5HWkkKCiNUbyBzdGF0aWNhbGx5IGNvbXBpbGUgaW4gZGV2aWNlIHdpcmluZyBpbnN0ZWFk IG9mIC9ib290L2RldmljZS5oaW50cwojaGludHMJCSJHRU5FUklDLmhpbnRzIgkJI0RlZmF1bHQg cGxhY2VzIHRvIGxvb2sgZm9yIGRldmljZXMuCgojbWFrZW9wdGlvbnMJREVCVUc9LWcJCSNCdWls ZCBrZXJuZWwgd2l0aCBnZGIoMSkgZGVidWcgc3ltYm9scwoKb3B0aW9ucyAJU0NIRURfNEJTRAkJ IzRCU0Qgc2NoZWR1bGVyCm9wdGlvbnMgCUlORVQJCQkjSW50ZXJORVR3b3JraW5nCiNvcHRpb25z IAlJTkVUNgkJCSNJUHY2IGNvbW11bmljYXRpb25zIHByb3RvY29scwpvcHRpb25zIAlGRlMJCQkj QmVya2VsZXkgRmFzdCBGaWxlc3lzdGVtCm9wdGlvbnMgCVNPRlRVUERBVEVTCQkjRW5hYmxlIEZG UyBzb2Z0IHVwZGF0ZXMgc3VwcG9ydApvcHRpb25zIAlVRlNfQUNMCQkJI1N1cHBvcnQgZm9yIGFj Y2VzcyBjb250cm9sIGxpc3RzCm9wdGlvbnMgCVVGU19ESVJIQVNICQkjSW1wcm92ZSBwZXJmb3Jt YW5jZSBvbiBiaWcgZGlyZWN0b3JpZXMKb3B0aW9ucyAJTURfUk9PVAkJCSNNRCBpcyBhIHBvdGVu dGlhbCByb290IGRldmljZQojb3B0aW9ucyAJTkZTQ0xJRU5UCQkjTmV0d29yayBGaWxlc3lzdGVt IENsaWVudAojb3B0aW9ucyAJTkZTU0VSVkVSCQkjTmV0d29yayBGaWxlc3lzdGVtIFNlcnZlcgoj b3B0aW9ucyAJTkZTX1JPT1QJCSNORlMgdXNhYmxlIGFzIHJvb3QgZGV2aWNlLCByZXF1aXJlcyBO RlNDTElFTlQKI29wdGlvbnMgCU1TRE9TRlMJCQkjTVNET1MgRmlsZXN5c3RlbQojb3B0aW9ucyAJ Q0Q5NjYwCQkJI0lTTyA5NjYwIEZpbGVzeXN0ZW0Kb3B0aW9ucyAJUFJPQ0ZTCQkJI1Byb2Nlc3Mg ZmlsZXN5c3RlbSAocmVxdWlyZXMgUFNFVURPRlMpCm9wdGlvbnMgCVBTRVVET0ZTCQkjUHNldWRv LWZpbGVzeXN0ZW0gZnJhbWV3b3JrCm9wdGlvbnMgCUNPTVBBVF80MwkJI0NvbXBhdGlibGUgd2l0 aCBCU0QgNC4zIFtLRUVQIFRISVMhXQpvcHRpb25zIAlDT01QQVRfRlJFRUJTRDQJCSNDb21wYXRp YmxlIHdpdGggRnJlZUJTRDQKI29wdGlvbnMgCVNDU0lfREVMQVk9MTUwMDAJI0RlbGF5IChpbiBt cykgYmVmb3JlIHByb2JpbmcgU0NTSQpvcHRpb25zIAlLVFJBQ0UJCQkja3RyYWNlKDEpIHN1cHBv cnQKb3B0aW9ucyAJU1lTVlNITQkJCSNTWVNWLXN0eWxlIHNoYXJlZCBtZW1vcnkKb3B0aW9ucyAJ U1lTVk1TRwkJCSNTWVNWLXN0eWxlIG1lc3NhZ2UgcXVldWVzCm9wdGlvbnMgCVNZU1ZTRU0JCQkj U1lTVi1zdHlsZSBzZW1hcGhvcmVzCm9wdGlvbnMgCV9LUE9TSVhfUFJJT1JJVFlfU0NIRURVTElO RyAjUG9zaXggUDEwMDNfMUIgcmVhbC10aW1lIGV4dGVuc2lvbnMKb3B0aW9ucyAJS0JEX0lOU1RB TExfQ0RFVgkjIGluc3RhbGwgYSBDREVWIGVudHJ5IGluIC9kZXYKb3B0aW9ucyAJQUhDX1JFR19Q UkVUVFlfUFJJTlQJIyBQcmludCByZWdpc3RlciBiaXRmaWVsZHMgaW4gZGVidWcKCQkJCQkjIG91 dHB1dC4gIEFkZHMgfjEyOGsgdG8gZHJpdmVyLgpvcHRpb25zIAlBSERfUkVHX1BSRVRUWV9QUklO VAkjIFByaW50IHJlZ2lzdGVyIGJpdGZpZWxkcyBpbiBkZWJ1ZwoJCQkJCSMgb3V0cHV0LiAgQWRk cyB+MjE1ayB0byBkcml2ZXIuCgojIERlYnVnZ2luZyBmb3IgdXNlIGluIC1jdXJyZW50CiNvcHRp b25zIAlEREIJCQkjRW5hYmxlIHRoZSBrZXJuZWwgZGVidWdnZXIKI29wdGlvbnMgCUlOVkFSSUFO VFMJCSNFbmFibGUgY2FsbHMgb2YgZXh0cmEgc2FuaXR5IGNoZWNraW5nCm9wdGlvbnMgCUlOVkFS SUFOVF9TVVBQT1JUCSNFeHRyYSBzYW5pdHkgY2hlY2tzIG9mIGludGVybmFsIHN0cnVjdHVyZXMs IHJlcXVpcmVkIGJ5IElOVkFSSUFOVFMKI29wdGlvbnMgCVdJVE5FU1MJCQkjRW5hYmxlIGNoZWNr cyB0byBkZXRlY3QgZGVhZGxvY2tzIGFuZCBjeWNsZXMKI29wdGlvbnMgCVdJVE5FU1NfU0tJUFNQ SU4JI0Rvbid0IHJ1biB3aXRuZXNzIG9uIHNwaW5sb2NrcyBmb3Igc3BlZWQKCiMgVG8gbWFrZSBh biBTTVAga2VybmVsLCB0aGUgbmV4dCB0d28gYXJlIG5lZWRlZAojb3B0aW9ucyAJU01QCQkJIyBT eW1tZXRyaWMgTXVsdGlQcm9jZXNzb3IgS2VybmVsCiNvcHRpb25zIAlBUElDX0lPCQkJIyBTeW1t ZXRyaWMgKEFQSUMpIEkvTwoKZGV2aWNlCQlpc2EKI2RldmljZQkJZWlzYQpkZXZpY2UJCXBjaQoK IyBGbG9wcHkgZHJpdmVzCmRldmljZQkJZmRjCgojIEFUQSBhbmQgQVRBUEkgZGV2aWNlcwpkZXZp Y2UJCWF0YQpkZXZpY2UJCWF0YWRpc2sJCQkjIEFUQSBkaXNrIGRyaXZlcwpkZXZpY2UJCWF0YXBp Y2QJCQkjIEFUQVBJIENEUk9NIGRyaXZlcwpkZXZpY2UJCWF0YXBpZmQJCQkjIEFUQVBJIGZsb3Bw eSBkcml2ZXMKI2RldmljZQkJYXRhcGlzdAkJCSMgQVRBUEkgdGFwZSBkcml2ZXMKb3B0aW9ucyAJ QVRBX1NUQVRJQ19JRAkJI1N0YXRpYyBkZXZpY2UgbnVtYmVyaW5nCgojIFNDU0kgQ29udHJvbGxl cnMKI2RldmljZQkJYWhiCQkjIEVJU0EgQUhBMTc0MiBmYW1pbHkKI2RldmljZQkJYWhjCQkjIEFI QTI5NDAgYW5kIG9uYm9hcmQgQUlDN3h4eCBkZXZpY2VzCiNkZXZpY2UJCWFoZAkJIyBBSEEzOTMy MC8yOTMyMCBhbmQgb25ib2FyZCBBSUM3OXh4IGRldmljZXMKI2RldmljZQkJYW1kCQkjIEFNRCA1 M0M5NzQgKFRla3JhbSBEQy0zOTAoVCkpCiNkZXZpY2UJCWlzcAkJIyBRbG9naWMgZmFtaWx5CiNk ZXZpY2UJCW1wdAkJIyBMU0ktTG9naWMgTVBULUZ1c2lvbgojZGV2aWNlCQluY3IJCSMgTkNSL1N5 bWJpb3MgTG9naWMKI2RldmljZQkJc3ltCQkjIE5DUi9TeW1iaW9zIExvZ2ljIChuZXdlciBjaGlw c2V0cyArIHRob3NlIG9mIGBuY3InKQojZGV2aWNlCQl0cm0JCSMgVGVrcmFtIERDMzk1VS9VVy9G IERDMzE1VSBhZGFwdGVycwoKI2RldmljZQkJYWR2CQkjIEFkdmFuc3lzIFNDU0kgYWRhcHRlcnMK I2RldmljZQkJYWR3CQkjIEFkdmFuc3lzIHdpZGUgU0NTSSBhZGFwdGVycwojZGV2aWNlCQlhaGEJ CSMgQWRhcHRlYyAxNTR4IFNDU0kgYWRhcHRlcnMKI2RldmljZQkJYWljCQkjIEFkYXB0ZWMgMTVb MDEyXXggU0NTSSBhZGFwdGVycywgQUlDLTZbMjNdNjAuCiNkZXZpY2UJCWJ0CQkjIEJ1c2xvZ2lj L015bGV4IE11bHRpTWFzdGVyIFNDU0kgYWRhcHRlcnMKCiNkZXZpY2UJCW5jdgkJIyBOQ1IgNTND NTAwCiNkZXZpY2UJCW5zcAkJIyBXb3JrYml0IE5pbmphIFNDU0ktMwojZGV2aWNlCQlzdGcJCSMg VE1DIDE4QzMwLzE4QzUwCgojIFJBSUQgY29udHJvbGxlcnMgaW50ZXJmYWNlZCB0byB0aGUgU0NT SSBzdWJzeXN0ZW0KI2RldmljZQkJYXNyCQkjIERQVCBTbWFydFJBSUQgViwgVkkgYW5kIEFkYXB0 ZWMgU0NTSSBSQUlECiNkZXZpY2UJCWNpc3MJCSMgQ29tcGFxIFNtYXJ0IFJBSUQgNSoKI2Rldmlj ZQkJZHB0CQkjIERQVCBTbWFydGNhY2hlIElJSSwgSVYgLSBTZWUgTk9URVMgZm9yIG9wdGlvbnMh CiNkZXZpY2UJCWlpcgkJIyBJbnRlbCBJbnRlZ3JhdGVkIFJBSUQKI2RldmljZQkJbWx5CQkjIE15 bGV4IEFjY2VsZVJBSUQvZVh0cmVtZVJBSUQKCiMgU0NTSSBwZXJpcGhlcmFscwpkZXZpY2UJCXNj YnVzCQkjIFNDU0kgYnVzIChyZXF1aXJlZCkKI2RldmljZQkJY2gJCSMgU0NTSSBtZWRpYSBjaGFu Z2VycwpkZXZpY2UJCWRhCQkjIERpcmVjdCBBY2Nlc3MgKGRpc2tzKQojZGV2aWNlCQlzYQkJIyBT ZXF1ZW50aWFsIEFjY2VzcyAodGFwZSBldGMpCiNkZXZpY2UJCWNkCQkjIENECiNkZXZpY2UJCXBh c3MJCSMgUGFzc3Rocm91Z2ggZGV2aWNlIChkaXJlY3QgU0NTSSBhY2Nlc3MpCiNkZXZpY2UJCXNl cwkJIyBTQ1NJIEVudmlyb25tZW50YWwgU2VydmljZXMgKGFuZCBTQUYtVEUpCgojIFJBSUQgY29u dHJvbGxlcnMKI2RldmljZQkJYWFjCQkjIEFkYXB0ZWMgRlNBIFJBSUQKI2RldmljZQkJYWFjcAkJ IyBTQ1NJIHBhc3N0aHJvdWdoIGZvciBhYWMgKHJlcXVpcmVzIENBTSkKI2RldmljZQkJYW1yCQkj IEFNSSBNZWdhUkFJRAojZGV2aWNlCQlpZGEJCSMgQ29tcGFxIFNtYXJ0IFJBSUQKI2RldmljZQkJ aXBzCQkjIElCTSAoQWRhcHRlYykgU2VydmVSQUlECiNkZXZpY2UJCW1seAkJIyBNeWxleCBEQUM5 NjAgZmFtaWx5CiNkZXZpY2UJCXBzdAkJIyBQcm9taXNlIFN1cGVydHJhayBTWDYwMDAKI2Rldmlj ZQkJdHdlCQkjIDN3YXJlIEFUQSBSQUlECgojIGF0a2JkYzAgY29udHJvbHMgYm90aCB0aGUga2V5 Ym9hcmQgYW5kIHRoZSBQUy8yIG1vdXNlCmRldmljZQkJYXRrYmRjCQkjIEFUIGtleWJvYXJkIGNv bnRyb2xsZXIKZGV2aWNlCQlhdGtiZAkJIyBBVCBrZXlib2FyZApkZXZpY2UJCXBzbQkJIyBQUy8y IG1vdXNlCgpkZXZpY2UJCXZnYQkJIyBWR0EgdmlkZW8gY2FyZCBkcml2ZXIKCmRldmljZQkJc3Bs YXNoCQkjIFNwbGFzaCBzY3JlZW4gYW5kIHNjcmVlbiBzYXZlciBzdXBwb3J0CgojIHN5c2NvbnMg aXMgdGhlIGRlZmF1bHQgY29uc29sZSBkcml2ZXIsIHJlc2VtYmxpbmcgYW4gU0NPIGNvbnNvbGUK ZGV2aWNlCQlzYwoKIyBFbmFibGUgdGhpcyBmb3IgdGhlIHBjdnQgKFZUMjIwIGNvbXBhdGlibGUp IGNvbnNvbGUgZHJpdmVyCiNkZXZpY2UJCXZ0CiNvcHRpb25zIAlYU0VSVkVSCQkJIyBzdXBwb3J0 IGZvciBYIHNlcnZlciBvbiBhIHZ0IGNvbnNvbGUKI29wdGlvbnMgCUZBVF9DVVJTT1IJCSMgc3Rh cnQgd2l0aCBibG9jayBjdXJzb3IKCmRldmljZQkJYWdwCQkjIHN1cHBvcnQgc2V2ZXJhbCBBR1Ag Y2hpcHNldHMKCiMgRmxvYXRpbmcgcG9pbnQgc3VwcG9ydCAtIGRvIG5vdCBkaXNhYmxlLgpkZXZp Y2UJCW5weAoKIyBQb3dlciBtYW5hZ2VtZW50IHN1cHBvcnQgKHNlZSBOT1RFUyBmb3IgbW9yZSBv cHRpb25zKQojZGV2aWNlCQlhcG0KIyBBZGQgc3VzcGVuZC9yZXN1bWUgc3VwcG9ydCBmb3IgdGhl IGk4MjU0LgpkZXZpY2UJCXBtdGltZXIKCiMgUENDQVJEIChQQ01DSUEpIHN1cHBvcnQKIyBQY21j aWEgYW5kIGNhcmRidXMgYnJpZGdlIHN1cHBvcnQKI2RldmljZQkJY2JiCQkJIyBjYXJkYnVzICh5 ZW50YSkgYnJpZGdlCiNkZXZpY2UJCXBjaWMJCQkjIEV4Q0EgSVNBIGFuZCBQQ0kgYnJpZGdlcwoj ZGV2aWNlCQlwY2NhcmQJCQkjIFBDIENhcmQgKDE2LWJpdCkgYnVzCiNkZXZpY2UJCWNhcmRidXMJ CQkjIENhcmRCdXMgKDMyLWJpdCkgYnVzCgojIFNlcmlhbCAoQ09NKSBwb3J0cwpkZXZpY2UJCXNp bwkJIyA4MjUwLCAxNls0NV01MCBiYXNlZCBzZXJpYWwgcG9ydHMKCiMgUGFyYWxsZWwgcG9ydApk ZXZpY2UJCXBwYwpkZXZpY2UJCXBwYnVzCQkjIFBhcmFsbGVsIHBvcnQgYnVzIChyZXF1aXJlZCkK ZGV2aWNlCQlscHQJCSMgUHJpbnRlcgpkZXZpY2UJCXBsaXAJCSMgVENQL0lQIG92ZXIgcGFyYWxs ZWwKZGV2aWNlCQlwcGkJCSMgUGFyYWxsZWwgcG9ydCBpbnRlcmZhY2UgZGV2aWNlCiNkZXZpY2UJ CXZwbwkJIyBSZXF1aXJlcyBzY2J1cyBhbmQgZGEKCgojIFBDSSBFdGhlcm5ldCBOSUNzLgojZGV2 aWNlCQlkZQkJIyBERUMvSW50ZWwgREMyMXg0eCAoYGBUdWxpcCcnKQojZGV2aWNlCQllbQkJIyBJ bnRlbCBQUk8vMTAwMCBhZGFwdGVyIEdpZ2FiaXQgRXRoZXJuZXQgQ2FyZAojZGV2aWNlCQl0eHAJ CSMgM0NvbSAzY1I5OTAgKGBgVHlwaG9vbicnKQojZGV2aWNlCQl2eAkJIyAzQ29tIDNjNTkwLCAz YzU5NSAoYGBWb3J0ZXgnJykKCiMgUENJIEV0aGVybmV0IE5JQ3MgdGhhdCB1c2UgdGhlIGNvbW1v biBNSUkgYnVzIGNvbnRyb2xsZXIgY29kZS4KIyBOT1RFOiBCZSBzdXJlIHRvIGtlZXAgdGhlICdk ZXZpY2UgbWlpYnVzJyBsaW5lIGluIG9yZGVyIHRvIHVzZSB0aGVzZSBOSUNzIQpkZXZpY2UJCW1p aWJ1cwkJIyBNSUkgYnVzIHN1cHBvcnQKI2RldmljZQkJZGMJCSMgREVDL0ludGVsIDIxMTQzIGFu ZCB2YXJpb3VzIHdvcmthbGlrZXMKI2RldmljZQkJZnhwCQkjIEludGVsIEV0aGVyRXhwcmVzcyBQ Uk8vMTAwQiAoODI1NTcsIDgyNTU4KQojZGV2aWNlCQlwY24JCSMgQU1EIEFtNzlDOTd4IFBDSSAx MC8xMDAgKHByZWNlZGVuY2Ugb3ZlciAnbG5jJykKZGV2aWNlCQlybAkJIyBSZWFsVGVrIDgxMjkv ODEzOQojZGV2aWNlCQlzZgkJIyBBZGFwdGVjIEFJQy02OTE1IChgYFN0YXJmaXJlJycpCiNkZXZp Y2UJCXNpcwkJIyBTaWxpY29uIEludGVncmF0ZWQgU3lzdGVtcyBTaVMgOTAwL1NpUyA3MDE2CiNk ZXZpY2UJCXNrCQkjIFN5c0tvbm5lY3QgU0stOTg0eCBhbmQgU0stOTgyeCBnaWdhYml0IGV0aGVy bmV0CiNkZXZpY2UJCXN0ZQkJIyBTdW5kYW5jZSBTVDIwMSAoRC1MaW5rIERGRS01NTBUWCkKI2Rl dmljZQkJdGkJCSMgQWx0ZW9uIE5ldHdvcmtzIFRpZ29uIEkvSUkgZ2lnYWJpdCBldGhlcm5ldAoj ZGV2aWNlCQl0bAkJIyBUZXhhcyBJbnN0cnVtZW50cyBUaHVuZGVyTEFOCiNkZXZpY2UJCXR4CQkj IFNNQyBFdGhlclBvd2VyIElJICg4M2MxNzAgYGBFUElDJycpCiNkZXZpY2UJCXZyCQkjIFZJQSBS aGluZSwgUmhpbmUgSUkKI2RldmljZQkJd2IJCSMgV2luYm9uZCBXODlDODQwRgojZGV2aWNlCQl4 bAkJIyAzQ29tIDNjOTB4IChgYEJvb21lcmFuZycnLCBgYEN5Y2xvbmUnJykKI2RldmljZQkJYmdl CQkjIEJyb2FkY29tIEJDTTU3MHh4IEdpZ2FiaXQgRXRoZXJuZXQKCiMgSVNBIEV0aGVybmV0IE5J Q3MuICBwY2NhcmQgbmljcyBpbmNsdWRlZC4KI2RldmljZQkJY3MJCSMgQ3J5c3RhbCBTZW1pY29u ZHVjdG9yIENTODl4MCBOSUMKIyAnZGV2aWNlIGVkJyByZXF1aXJlcyAnZGV2aWNlIG1paWJ1cycK I2RldmljZQkJZWQJCSMgTkVbMTJdMDAwLCBTTUMgVWx0cmEsIDNjNTAzLCBEUzgzOTAgY2FyZHMK I2RldmljZQkJZXgJCSMgSW50ZWwgRXRoZXJFeHByZXNzIFByby8xMCBhbmQgUHJvLzEwKwojZGV2 aWNlCQllcAkJIyBFdGhlcmxpbmsgSUlJIGJhc2VkIGNhcmRzCiNkZXZpY2UJCWZlCQkjIEZ1aml0 c3UgTUI4Njk2eCBiYXNlZCBjYXJkcwojZGV2aWNlCQlpZQkJIyBFdGhlckV4cHJlc3MgOC8xNiwg M0M1MDcsIFN0YXJMQU4gMTAgZXRjLgojZGV2aWNlCQlsbmMJCSMgTkUyMTAwLCBORTMyLVZMIExh bmNlIEV0aGVybmV0IGNhcmRzCiNkZXZpY2UJCXNuCQkjIFNNQydzIDkwMDAgc2VyaWVzIG9mIGV0 aGVybmV0IGNoaXBzCiNkZXZpY2UJCXhlCQkjIFhpcmNvbSBwY2NhcmQgZXRoZXJuZXQKCiMgSVNB IGRldmljZXMgdGhhdCB1c2UgdGhlIG9sZCBJU0Egc2hpbXMKI2RldmljZQkJbGUKCiMgV2lyZWxl c3MgTklDIGNhcmRzCiNkZXZpY2UJCXdsYW4JCSMgODAyLjExIHN1cHBvcnQKI2RldmljZQkJYW4J CSMgQWlyb25ldCA0NTAwLzQ4MDAgODAyLjExIHdpcmVsZXNzIE5JQ3MuIAojZGV2aWNlCQlhd2kJ CSMgQmF5U3RhY2sgNjYwIGFuZCBvdGhlcnMKI2RldmljZQkJd2kJCSMgV2F2ZUxBTi9JbnRlcnNp bC9TeW1ib2wgODAyLjExIHdpcmVsZXNzIE5JQ3MuCiNkZXZpY2UJCXdsCQkjIE9sZGVyIG5vbiA4 MDIuMTEgV2F2ZWxhbiB3aXJlbGVzcyBOSUMuCgojIFBzZXVkbyBkZXZpY2VzIC0gdGhlIG51bWJl ciBpbmRpY2F0ZXMgaG93IG1hbnkgdW5pdHMgdG8gYWxsb2NhdGUuCmRldmljZQkJcmFuZG9tCQkj IEVudHJvcHkgZGV2aWNlCmRldmljZQkJbG9vcAkJIyBOZXR3b3JrIGxvb3BiYWNrCmRldmljZQkJ ZXRoZXIJCSMgRXRoZXJuZXQgc3VwcG9ydApkZXZpY2UJCXNsCQkjIEtlcm5lbCBTTElQCmRldmlj ZQkJcHBwCQkjIEtlcm5lbCBQUFAKZGV2aWNlCQl0dW4JCSMgUGFja2V0IHR1bm5lbC4KZGV2aWNl CQlwdHkJCSMgUHNldWRvLXR0eXMgKHRlbG5ldCBldGMpCmRldmljZQkJbWQJCSMgTWVtb3J5ICJk aXNrcyIKZGV2aWNlCQlnaWYJCSMgSVB2NiBhbmQgSVB2NCB0dW5uZWxpbmcKI2RldmljZQkJZmFp dGgJCSMgSVB2Ni10by1JUHY0IHJlbGF5aW5nICh0cmFuc2xhdGlvbikKCiMgVGhlIGBicGYnIGRl dmljZSBlbmFibGVzIHRoZSBCZXJrZWxleSBQYWNrZXQgRmlsdGVyLgojIEJlIGF3YXJlIG9mIHRo ZSBhZG1pbmlzdHJhdGl2ZSBjb25zZXF1ZW5jZXMgb2YgZW5hYmxpbmcgdGhpcyEKZGV2aWNlCQli cGYJCSMgQmVya2VsZXkgcGFja2V0IGZpbHRlcgoKIyBVU0Igc3VwcG9ydAojZGV2aWNlCQl1aGNp CQkjIFVIQ0kgUENJLT5VU0IgaW50ZXJmYWNlCmRldmljZQkJb2hjaQkJIyBPSENJIFBDSS0+VVNC IGludGVyZmFjZQpkZXZpY2UJCXVzYgkJIyBVU0IgQnVzIChyZXF1aXJlZCkKI2RldmljZQkJdWRi cAkJIyBVU0IgRG91YmxlIEJ1bGsgUGlwZSBkZXZpY2VzCmRldmljZQkJdWdlbgkJIyBHZW5lcmlj CmRldmljZQkJdWhpZAkJIyAiSHVtYW4gSW50ZXJmYWNlIERldmljZXMiCmRldmljZQkJdWtiZAkJ IyBLZXlib2FyZApkZXZpY2UJCXVscHQJCSMgUHJpbnRlcgpkZXZpY2UJCXVtYXNzCQkjIERpc2tz L01hc3Mgc3RvcmFnZSAtIFJlcXVpcmVzIHNjYnVzIGFuZCBkYQpkZXZpY2UJCXVtcwkJIyBNb3Vz ZQojZGV2aWNlCQl1cmlvCQkjIERpYW1vbmQgUmlvIDUwMCBNUDMgcGxheWVyCmRldmljZQkJdXNj YW5uZXIJIyBTY2FubmVycwojIFVTQiBFdGhlcm5ldCwgcmVxdWlyZXMgbWlpCiNkZXZpY2UJCWF1 ZQkJIyBBRE10ZWsgVVNCIGV0aGVybmV0CiNkZXZpY2UJCWF4ZQkJIyBBU0lYIEVsZWN0cm9uaWNz IFVTQiBldGhlcm5ldAojZGV2aWNlCQljdWUJCSMgQ0FUQyBVU0IgZXRoZXJuZXQKI2RldmljZQkJ a3VlCQkjIEthd2FzYWtpIExTSSBVU0IgZXRoZXJuZXQKCiMgRmlyZVdpcmUgc3VwcG9ydAojZGV2 aWNlCQlmaXJld2lyZQkjIEZpcmVXaXJlIGJ1cyBjb2RlCiNkZXZpY2UJCXNicAkJIyBTQ1NJIG92 ZXIgRmlyZVdpcmUgKFJlcXVpcmVzIHNjYnVzIGFuZCBkYSkKI2RldmljZQkJZndlCQkjIEV0aGVy bmV0IG92ZXIgRmlyZVdpcmUgKG5vbi1zdGFuZGFyZCEpCgoKCm9wdGlvbnMJCU5FVEdSQVBICmRl dmljZQkJdWRicAo= --========GMXBoundary272721056196692-- From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 05:08:10 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A51137B401; Sat, 21 Jun 2003 05:08:10 -0700 (PDT) Received: from perrin.int.nxad.com (internal.ext.nxad.com [69.1.70.251]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42F5B43FBD; Sat, 21 Jun 2003 05:08:10 -0700 (PDT) (envelope-from hmp@nxad.com) Received: by perrin.int.nxad.com (Postfix, from userid 1072) id A25D82105A; Sat, 21 Jun 2003 05:08:09 -0700 (PDT) Date: Sat, 21 Jun 2003 05:08:09 -0700 From: Hiten Pandya To: freebsd-net@FreeBSD.org, freebsd-current@FreeBSD.org Message-ID: <20030621120809.GC5692@perrin.int.nxad.com> References: <20030619221703.GD64061@funkthat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030619221703.GD64061@funkthat.com> X-Operating-System: FreeBSD FreeBSD 4.7-STABLE User-Agent: Mutt/1.5.4i Subject: Re: locking problems in IPv6 code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 12:08:11 -0000 On Thu, Jun 19, 2003 at 03:17:03PM -0700, John-Mark Gurney wrote: > I am running FreeBSD 5.1-R on a sparc64 machine, and am getting warnings > about mallocing data w/ a lock aquired. > > dmesg output: > malloc() of "64" with the following non-sleepablelocks held: > exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 For what it's worth, these warnings also appear if netisr direct dispatch is enabled with the fxp(4) driver. Cheers. -- Hiten (hmp@FreeBSD.ORG) From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 05:30:54 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 62AAE37B401 for ; Sat, 21 Jun 2003 05:30:54 -0700 (PDT) Received: from mx0.gmx.net (mx0.gmx.net [213.165.64.100]) by mx1.FreeBSD.org (Postfix) with SMTP id 4865343F75 for ; Sat, 21 Jun 2003 05:30:52 -0700 (PDT) (envelope-from freebsd_deamon@gmx.net) Received: (qmail 6389 invoked by uid 0); 21 Jun 2003 12:30:51 -0000 Date: Sat, 21 Jun 2003 14:30:51 +0200 (MEST) From: freebsd_deamon@gmx.net To: freebsd-net@freebsd.org MIME-Version: 1.0 X-Priority: 3 (Normal) X-Authenticated-Sender: #0018491972@gmx.net X-Authenticated-IP: [141.20.121.49] Message-ID: <13652.1056198651@www27.gmx.net> X-Mailer: WWW-Mail 1.6 (Global Message Exchange) X-Flags: 0001 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Subject: netgraph nge device mac address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 12:30:54 -0000 dear list i yesterday played around with a Prolific PL2301 usb host to host adapter to connect two machines using netgraph after # ngctl mkpeer udbp0: eiface data ether # ifconfig nge0 inet 192.168.1.1 (192.168.1.2 on the other machine) i got (ifconfig) nge0: flags=8843 mtu 1500 inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 ether 00:00:00:00:00:00 and nge0: flags=8843 mtu 1500 inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255 ether 00:00:00:00:00:00 now i wonder how to set the MAC addresses? in man ifconfig i could not find the answer and ... i think they should be set to something unique, right besides ... (this might be interrelated) i cannot ping the other host (if i use "iface data inet" and "ifconfig ng0 10.0.0.1 10.0.0.2" (10.0.0.2 10.0.0.1 on the other machine) i can ping but the connection seems to be instable) TIA Zheyu -- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 06:44:24 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E7CA637B401; Sat, 21 Jun 2003 06:44:24 -0700 (PDT) Received: from stork.mail.pas.earthlink.net (stork.mail.pas.earthlink.net [207.217.120.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4B51043F3F; Sat, 21 Jun 2003 06:44:24 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from user-2ivfi5h.dialup.mindspring.com ([165.247.200.177] helo=mindspring.com) by stork.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 19TifH-0007fb-00; Sat, 21 Jun 2003 06:44:24 -0700 Message-ID: <3EF460E5.86A45983@mindspring.com> Date: Sat, 21 Jun 2003 06:43:01 -0700 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Hiten Pandya References: <20030619221703.GD64061@funkthat.com> <20030621120809.GC5692@perrin.int.nxad.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a4e38481dd0b012f31d3d3fa68c89af35ca7ce0e8f8d31aa3f350badd9bab72f9c350badd9bab72f9c cc: freebsd-net@FreeBSD.org cc: freebsd-current@FreeBSD.org Subject: Re: locking problems in IPv6 code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 13:44:25 -0000 Hiten Pandya wrote: > On Thu, Jun 19, 2003 at 03:17:03PM -0700, John-Mark Gurney wrote: > > I am running FreeBSD 5.1-R on a sparc64 machine, and am getting warnings > > about mallocing data w/ a lock aquired. > > > > dmesg output: > > malloc() of "64" with the following non-sleepablelocks held: > > exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 > > For what it's worth, these warnings also appear if netisr direct > dispatch is enabled with the fxp(4) driver. There are basically 2 structures of exactly 64 bytes in the kernel; one is the zombie structure, and the other is the template structure for TCP. I'm going to guess that this one is the template structure, if you are interested in tracking down the problem. -- Terry From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 08:36:24 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E2CD37B401 for ; Sat, 21 Jun 2003 08:36:24 -0700 (PDT) Received: from janeway.weblabbet.se (gulins.infracom.se [193.201.97.30]) by mx1.FreeBSD.org (Postfix) with SMTP id 2C5E043F75 for ; Sat, 21 Jun 2003 08:36:22 -0700 (PDT) (envelope-from daniel@hobbit.se) Received: (qmail 66033 invoked from network); 21 Jun 2003 15:32:30 -0000 Received: from as2-6-8.sp.m.bonet.se (HELO neuromancer) (194.236.106.236) by 192.168.12.11 with SMTP; 21 Jun 2003 15:32:30 -0000 Date: Sat, 21 Jun 2003 17:36:19 +0200 From: Daniel Gustafson To: freebsd-net@freebsd.org Message-Id: <20030621173619.40eefd23.daniel@hobbit.se> X-Mailer: Sylpheed version 0.8.9claws (GTK+ 1.2.10; i386-portbld-freebsd4.7) Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="Multipart_Sat__21_Jun_2003_17:36:19_+0200_0860cc00" Subject: Typo in /etc/services X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 15:36:24 -0000 This is a multi-part message in MIME format. --Multipart_Sat__21_Jun_2003_17:36:19_+0200_0860cc00 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit When doing some maintenance on my server i found what I believe to be a typo in the /etc/services file on the novastorbackup rows. -novastorbakcup 308/tcp #novastor backup -novastorbakcup 308/udp #novastor backup +novastorbackup 308/tcp #novastor backup +novastorbackup 308/udp #novastor backup The attached patch fixes this. This was found on my 4.7-STABLE machine but appears according to the cvsweb to bre present in at least 5.1-RELEASE. sincerely -- Daniel "DeGe" Gustafson - daniel@hobbit.se - CS Student, Mah Sweden -- "The idea of art kills creativity" - Douglas N Adams -- --Multipart_Sat__21_Jun_2003_17:36:19_+0200_0860cc00 Content-Type: application/octet-stream; name="services.patch" Content-Disposition: attachment; filename="services.patch" Content-Transfer-Encoding: base64 LS0tIC9ldGMvc2VydmljZXMJV2VkIE9jdCAgOSAxNDo0Njo1MiAyMDAyCisrKyBzZXJ2aWNlcy5j b3JyZWN0ZWQJU2F0IEp1biAyMSAxNzoyNjozMSAyMDAzCkBAIC00OTcsOCArNDk3LDggQEAKIGNh YmxlcG9ydC1heAkyODIvdGNwCSAgICNjYWJsZSBwb3J0IGEveAogY2FibGVwb3J0LWF4CTI4Mi91 ZHAJICAgI2NhYmxlIHBvcnQgYS94CiAjCQkyODMtMzA3ICAgIHVuYXNzaWduZWQKLW5vdmFzdG9y YmFrY3VwCTMwOC90Y3AJICAgI25vdmFzdG9yIGJhY2t1cAotbm92YXN0b3JiYWtjdXAJMzA4L3Vk cAkgICAjbm92YXN0b3IgYmFja3VwCitub3Zhc3RvcmJhY2t1cAkzMDgvdGNwCSAgICNub3Zhc3Rv ciBiYWNrdXAKK25vdmFzdG9yYmFja3VwCTMwOC91ZHAJICAgI25vdmFzdG9yIGJhY2t1cAogZW50 cnVzdHRpbWUJMzA5L3RjcAogZW50cnVzdHRpbWUJMzA5L3VkcAogYmhtZHMJCTMxMC90Y3AK --Multipart_Sat__21_Jun_2003_17:36:19_+0200_0860cc00-- From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 08:39:49 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06D2337B401; Sat, 21 Jun 2003 08:39:49 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2D2E743F75; Sat, 21 Jun 2003 08:39:48 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h5LFdbKJ033362; Sat, 21 Jun 2003 11:39:37 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h5LFdb5m033359; Sat, 21 Jun 2003 11:39:37 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sat, 21 Jun 2003 11:39:37 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Hiten Pandya In-Reply-To: <20030621120809.GC5692@perrin.int.nxad.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@FreeBSD.ORG cc: freebsd-current@FreeBSD.ORG Subject: Re: locking problems in IPv6 code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 15:39:49 -0000 On Sat, 21 Jun 2003, Hiten Pandya wrote: > On Thu, Jun 19, 2003 at 03:17:03PM -0700, John-Mark Gurney wrote: > > I am running FreeBSD 5.1-R on a sparc64 machine, and am getting warnings > > about mallocing data w/ a lock aquired. > > > > dmesg output: > > malloc() of "64" with the following non-sleepablelocks held: > > exclusive sleep mutex netisr lock r = 0 (0xc0271890) locked @ net/netisr.c:215 > > For what it's worth, these warnings also appear if netisr direct > dispatch is enabled with the fxp(4) driver. These messages occur because our link layer address management code does mallocs with M_WAITOK. We need to teach that code to not wait when called from the interrupt path, and pass back up failure modes, or avoid holding locks while calling it. Probably the former, although the latter is also going to be good from a lock order perspective. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 10:36:35 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 54F9737B401 for ; Sat, 21 Jun 2003 10:36:35 -0700 (PDT) Received: from bilver.wjv.com (user38.net339.fl.sprint-hsd.net [65.40.24.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2F8A543F93 for ; Sat, 21 Jun 2003 10:36:34 -0700 (PDT) (envelope-from bv@wjv.com) Received: from bilver.wjv.com (localhost.wjv.com [127.0.0.1]) by bilver.wjv.com (8.12.9/8.12.9) with ESMTP id h5LHaPs3055978; Sat, 21 Jun 2003 13:36:26 -0400 (EDT) (envelope-from bv@wjv.com) Received: (from bv@localhost) by bilver.wjv.com (8.12.9/8.12.9/Submit) id h5LHaOS3055958; Sat, 21 Jun 2003 13:36:24 -0400 (EDT) Date: Sat, 21 Jun 2003 13:36:24 -0400 From: Bill Vermillion To: Daniel Gustafson Message-ID: <20030621173624.GA50764@wjv.com> References: <20030621173619.40eefd23.daniel@hobbit.se> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030621173619.40eefd23.daniel@hobbit.se> Organization: W.J.Vermillion / Orlando - Winter Park ReplyTo: bv@wjv.com User-Agent: Mutt/1.5.1i X-Spam-Status: No, hits=-26.0 required=5.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT version=2.53 X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp) cc: freebsd-net@freebsd.org Subject: Re: Typo in /etc/services X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bv@wjv.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 17:36:35 -0000 On Sat, Jun 21, 2003 at 17:36 , while denying his reply is spam, Daniel Gustafson prattled on endlessly saying: > When doing some maintenance on my server i found what I believe to be a > typo in the /etc/services file on the novastorbackup rows. > -novastorbakcup 308/tcp #novastor backup > -novastorbakcup 308/udp #novastor backup > +novastorbackup 308/tcp #novastor backup > +novastorbackup 308/udp #novastor backup > The attached patch fixes this. This was found on my 4.7-STABLE machine > but appears according to the cvsweb to bre present in at least > 5.1-RELEASE. That's the wrong place to fix this. The 'bakcup' spelling has been there quite a long time in the OFFICIAL port numbers. See http://www.iana.org/assignments/port-numbers IOW it is not a FreeBSD problem but is in the distribution from IANA. I have no idea on how to get them to fix it. The last official update at IANA shows June 18 of this year, and it is still spelled bakcup. Bill -- Bill Vermillion - bv @ wjv . com From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 13:12:55 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11BCC37B401 for ; Sat, 21 Jun 2003 13:12:55 -0700 (PDT) Received: from bluhayz.org (ip68-106-103-50.nv.nv.cox.net [68.106.103.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 19BCF43FCB for ; Sat, 21 Jun 2003 13:12:54 -0700 (PDT) (envelope-from dero@bluhayz.org) Received: from ww2.bluhayz.org (localhost.homeunix.org [127.0.0.1]) by bluhayz.org (8.12.8p1/8.12.8) with ESMTP id h5LKffvY013544 for ; Sat, 21 Jun 2003 16:41:41 -0400 (EDT) (envelope-from dero@bluhayz.org) From: "agent dero" To: freebsd-net@freebsd.org Date: Sat, 21 Jun 2003 16:41:41 -0400 Message-Id: <20030621203103.M9576@bluhayz.org> In-Reply-To: <20030621190121.DA36437B405@hub.freebsd.org> References: <20030621190121.DA36437B405@hub.freebsd.org> X-Mailer: Open WebMail 2.01 20030425 X-OriginatingIP: 172.180.154.206 (dero) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Subject: Re: freebsd-net Digest, Vol 13, Issue 6 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jun 2003 20:12:55 -0000 I am re-organizing my company's network, albeit a small one, but it is still very very important. I run a small webhosting company, and I am rebuilding the LAN with the idea of expandibility. the LAN Diagram is here http://www.bluhayz.org/~dero/overall_lan.png (I apologize for PNG, but that's how AppleWorks wanted to save it.) Anyways, I am wondering about overall network performance, given that our net connection isn't higher than 45Mbps (burstable connection, yay!) (All machines are running FreeBSD 4.8-RELEASE) The plan is to store all user directories, i.e. web sites, on the NFS disk server, equipped with a gazillion disk drives, all with RAID0+1, and simply running NFS (and of course SSH) Then the FTP server(1), the web servers(2 at current point in time) and then somewhere in the future, the MySQL servers will all have data stored on the NFS server. In addition, the overall workload will be spread across the web servers, using BIND's round-robin capability. Note: I am planning on upgrading to Gigabit sometime soon. The question being, how will this network perform, I realize there will be increased network traffic, but the two things I am worried about, are overall added latency, and plausibility, i.e. before I buy more hardware, will this work! The biggest toss-up is the tradeoff between a couple ms of latency, and expandibility. According to this current diagram, all we need to do to add a new server to help releive load is to add a new Web Server, and configure it in the BIND configuration files, and get it to use the NFS server. Help is not only needed, but appreciated. thanks! From owner-freebsd-net@FreeBSD.ORG Sat Jun 21 18:18:54 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E3ED737B401 for ; Sat, 21 Jun 2003 18:18:53 -0700 (PDT) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6579543F75 for ; Sat, 21 Jun 2003 18:18:53 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.homeunix.net (66-91-236-204.san.rr.com [66.91.236.204]) by smtp-relay.omnis.com (Postfix) with ESMTP id 1B0725B688; Sat, 21 Jun 2003 18:18:50 -0700 (PDT) From: Wes Peters Organization: Softweyr To: bv@wjv.com, Daniel Gustafson Date: Sat, 21 Jun 2003 18:18:48 -0700 User-Agent: KMail/1.5.2 References: <20030621173619.40eefd23.daniel@hobbit.se> <20030621173624.GA50764@wjv.com> In-Reply-To: <20030621173624.GA50764@wjv.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200306211818.48618.wes@softweyr.com> cc: freebsd-net@freebsd.org Subject: Re: Typo in /etc/services X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jun 2003 01:18:54 -0000 On Saturday 21 June 2003 10:36 am, Bill Vermillion wrote: > On Sat, Jun 21, 2003 at 17:36 , while denying his reply is > > spam, Daniel Gustafson prattled on endlessly saying: > > When doing some maintenance on my server i found what I believe to be > > a typo in the /etc/services file on the novastorbackup rows. > > > > -novastorbakcup 308/tcp #novastor backup > > -novastorbakcup 308/udp #novastor backup > > +novastorbackup 308/tcp #novastor backup > > +novastorbackup 308/udp #novastor backup > > > > The attached patch fixes this. This was found on my 4.7-STABLE > > machine but appears according to the cvsweb to bre present in at > > least 5.1-RELEASE. > > That's the wrong place to fix this. > > The 'bakcup' spelling has been there quite a long time in > the OFFICIAL port numbers. > > See http://www.iana.org/assignments/port-numbers > > IOW it is not a FreeBSD problem but is in the distribution from > IANA. I have no idea on how to get them to fix it. In general you just email the maintainer and he changes it. If you're the registered owner of port 308, that is. Perhaps it would be best to contact the novastor maintainer and get him to fix it? The current registered maintainer is Brian Dickman . -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com