From owner-freebsd-net@FreeBSD.ORG Sun Mar 16 05:59:35 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A64DD1065674 for ; Sun, 16 Mar 2008 05:59:35 +0000 (UTC) (envelope-from toasty@dragondata.com) Received: from tokyo01.jp.mail.your.org (tokyo01.jp.mail.your.org [204.9.54.5]) by mx1.freebsd.org (Postfix) with ESMTP id 75CD08FC12 for ; Sun, 16 Mar 2008 05:59:35 +0000 (UTC) (envelope-from toasty@dragondata.com) Received: from mail.your.org (server3-a.your.org [64.202.112.67]) by tokyo01.jp.mail.your.org (Postfix) with ESMTP id E3AEF2AD59BD for ; Sun, 16 Mar 2008 05:59:32 +0000 (UTC) Received: from pool014.dhcp.your.org (pool014.dhcp.your.org [69.31.99.14]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.your.org (Postfix) with ESMTP id 24896A0A44E for ; Sun, 16 Mar 2008 05:59:32 +0000 (UTC) Message-Id: From: Kevin Day To: freebsd-net@freebsd.org Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v919.2) Date: Sun, 16 Mar 2008 00:59:31 -0500 X-Mailer: Apple Mail (2.919.2) Subject: Deadlock in 7.0-RELEASE with nd6/rtalloc X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2008 05:59:35 -0000 I've got a somewhat reproducible deadlock in 7.0-RELEASE. I believe the same was present in 6.x as well. The problem is that the deadlock is so hard that DDB doesn't work, so I've had to resort to firewire debugging. That makes mutex debugging a real challenge. :) Two threads are deadlocking in rtalloc1. One is netisr receiving a packet for a v6 host. The other is a process trying to send a packet to the same host. Process 1: PID 14: 7 Thread 100005 (PID=14: swi1: net) sched_switch (td=0xc3875420, newtd=0xc3f48c60, flags=1) at ../../../kern/sched_4bsd.c:931 #0 sched_switch (td=0xc3875420, newtd=0xc3f48c60, flags=1) at ../../../kern/sched_4bsd.c:931 #1 0xc0642287 in mi_switch (flags=Variable "flags" is not available. ) at ../../../kern/kern_synch.c:442 #2 0xc066d60b in turnstile_wait (ts=0xc385ce10, owner=0xc3f48c60, queue=Variable "queue" is not available. ) at ../../../kern/subr_turnstile.c:747 #3 0xc062e73d in _mtx_lock_sleep (m=0xc40817e0, tid=3280426016, opts=0, file=0xc08ca1c5 "../../../net/route.c", line=197) at ../../../ kern/kern_mutex.c:416 #4 0xc062e84e in _mtx_lock_flags (m=0xc40817e0, opts=0, file=0xc08ca1c5 "../../../net/route.c", line=197) at ../../../kern/ kern_mutex.c:186 #5 0xc06dc405 in rtalloc1 (dst=0xc09ba704, report=1, ignflags=0) at ../../../net/route.c:197 #6 0xc06dd3c6 in rtalloc_ign (ro=0xc09ba700, ignore=0) at ../../../ net/route.c:117 #7 0xc06dd419 in rtalloc (ro=0xc09ba700) at ../../../net/route.c:103 #8 0xc07711dc in ip6_input (m=0xc3e48800) at ../../../netinet6/ ip6_input.c:479 #9 0xc06d752b in netisr_processqueue (ni=0xc09b74c4) at ../../../net/ netisr.c:143 #10 0xc06d75fb in swi_net (dummy=0x0) at ../../../net/netisr.c:250 #11 0xc061e7d5 in ithread_loop (arg=0xc383ac90) at ../../../kern/ kern_intr.c:1036 #12 0xc061bd58 in fork_exit (callout=0xc061e620 , arg=0xc383ac90, frame=0xe11b8d38) at ../../../kern/kern_fork.c:781 #13 0xc0845c30 in fork_trampoline () at ../../../i386/i386/exception.s: 205 Process 2: PID 4096: 95 Thread 100078 (PID=4096: fping6) sched_switch (td=0xc3f48c60, newtd=0xc3875a50, flags=1) at ../../../kern/sched_4bsd.c:931 (kgdb) bt #0 sched_switch (td=0xc3f48c60, newtd=0xc3875a50, flags=1) at ../../../kern/sched_4bsd.c:931 #1 0xc0642287 in mi_switch (flags=Variable "flags" is not available. ) at ../../../kern/kern_synch.c:442 #2 0xc066d60b in turnstile_wait (ts=0xc385d280, owner=0xc3875420, queue=Variable "queue" is not available. ) at ../../../kern/subr_turnstile.c:747 #3 0xc062e73d in _mtx_lock_sleep (m=0xc3b8107c, tid=3287583840, opts=0, file=0xc08ca1c5 "../../../net/route.c", line=147) at ../../../ kern/kern_mutex.c:416 #4 0xc062e84e in _mtx_lock_flags (m=0xc3b8107c, opts=0, file=0xc08ca1c5 "../../../net/route.c", line=147) at ../../../kern/ kern_mutex.c:186 #5 0xc06dc243 in rtalloc1 (dst=0xe344a7f0, report=0, ignflags=0) at ../../../net/route.c:147 #6 0xc0777a35 in nd6_lookup (addr6=0xc409f1e4, create=0, ifp=0xc4069800) at ../../../netinet6/nd6.c:819 #7 0xc0777d4b in nd6_is_addr_neighbor (addr=0xc409f1dc, ifp=0xc4069800) at ../../../netinet6/nd6.c:998 #8 0xc077818f in nd6_output (ifp=0xc4069800, origifp=0xc4069800, m0=0xc3bca300, dst=0xc409f1dc, rt0=0xc4081780) at ../../../netinet6/ nd6.c:1960 #9 0xc07756e1 in ip6_output (m0=0xc3bca300, opt=0x0, ro=0xe344a9f0, flags=0, im6o=0x0, ifpp=0xe344aa74, inp=0xc3dd5438) at ../../../ netinet6/ip6_output.c:927 #10 0xc07806cc in rip6_output (m=0xc3bca300) at ../../../netinet6/ raw_ip6.c:452 #11 0xc0780c50 in rip6_send (so=0xc3fbc18c, flags=0, m=0xc3bca300, nam=0xc40a14c0, control=0x0, td=0xc3f48c60) at ../../../netinet6/ raw_ip6.c:793 #12 0xc069173d in sosend_generic (so=0xc3fbc18c, addr=0xc40a14c0, uio=0xe344abe8, top=0xc3bca300, control=0x0, flags=0, td=0xc3f48c60) at ../../../kern/uipc_socket.c:1240 #13 0xc068dff4 in sosend (so=0xc3fbc18c, addr=0xc40a14c0, uio=0xe344abe8, top=0x0, control=0x0, flags=0, td=0xc3f48c60) at ../../../kern/uipc_socket.c:1286 #14 0xc06946e6 in kern_sendit (td=0xc3f48c60, s=4, mp=0xe344ac64, flags=0, control=0x0, segflg=UIO_USERSPACE) at ../../../kern/ uipc_syscalls.c:789 #15 0xc06967a1 in sendit (td=0xc3f48c60, s=4, mp=0xe344ac64, flags=0) at ../../../kern/uipc_syscalls.c:730 #16 0xc06968b8 in sendto (td=0xc3f48c60, uap=0xe344acfc) at ../../../ kern/uipc_syscalls.c:841 #17 0xc08573b3 in syscall (frame=0xe344ad38) at ../../../i386/i386/ trap.c:1035 #18 0xc0845c20 in Xint0x80_syscall () at ../../../i386/i386/ exception.s:196 Process 2(fping) is trying to send a packet to a v6 host. In nd6_output, it grabs a lock on the rtentry for this host: netinet6/nd6.c:1930 RT_LOCK(rt); After this, it makes its way down to rtalloc, where it tries to get a lock on the head node. net/route.c:147 RADIX_NODE_HEAD_LOCK(rnh); However, Process 1(netisr) already has a lock on the head node. It grabbed it on net/route.c:147 as well, and got down to: net/route.c:197 RT_LOCK(newrt); And just to sanity check, newrt in rtalloc1 is the same kernel address as rt in nd6_output. The v6 destination address of rip6_send is also the same as the v6 destination address received in ip6_input. So, Process 1 has "radix head node", and needs "rtentry" for this route. Process 2 has "rtentry" for this route, and needs "radix head node". Deadlock. I'm happy to file a PR, or I'm happy to try to fix this myself, but is there anyone here who's got familiarity with this chunk of code who can point me in the right direction of what's actually supposed to be happening to prevent this? This also might be related to the LOR I reported in kern/121443. -- Kevin From owner-freebsd-net@FreeBSD.ORG Sun Mar 16 09:42:40 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3E34F10656C1 for ; Sun, 16 Mar 2008 09:42:40 +0000 (UTC) (envelope-from tedm@toybox.placo.com) Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [65.75.192.90]) by mx1.freebsd.org (Postfix) with ESMTP id E909D8FC14 for ; Sun, 16 Mar 2008 09:42:39 +0000 (UTC) (envelope-from tedm@toybox.placo.com) Received: from TEDSDSK (nat-rtr.freebsd-corp-net-guide.com [65.75.197.130]) by mail.freebsd-corp-net-guide.com (8.13.8/8.13.8) with SMTP id m2G9C87j085734; Sun, 16 Mar 2008 02:12:09 -0700 (PDT) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Glen Barber" , , Date: Sun, 16 Mar 2008 01:13:21 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1914 In-Reply-To: <200803132256.01197.glen.j.barber@gmail.com> Importance: Normal X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (mail.freebsd-corp-net-guide.com [65.75.192.90]); Sun, 16 Mar 2008 02:12:09 -0700 (PDT) Cc: Subject: RE: ndis0 no link on 6.3-RELEASE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2008 09:42:40 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Glen Barber > Sent: Thursday, March 13, 2008 6:56 PM > To: freebsd-net@freebsd.org; freebsd-questions@freebsd.org > Subject: ndis0 no link on 6.3-RELEASE >=20 >=20 > Hello everyone. =20 >=20 > First off, sorry for the double post, but I'm not 100% certain at=20 > where this=20 > post belongs. =20 >=20 > I've found via Google many problems with ndis0 and failure to=20 > find a link in=20 > 6.3-RELEASE, without resolution. So here's my setup. >=20 > I'm using a Broadcom 4318 chipset, with drivers created from=20 > ndisgen. If you=20 > need more specific information on the drivers, I'll be more than happy = to=20 > provide information, however I believe it to be irrelevant at=20 > this moment, as=20 > I have used more than one driver version, with the same results. =20 >=20 > In 6.3-RC1 and below (tested in 6.2-RELEASE, and all -STABLE releases = in=20 > between), my ndis0 adapter works as exptected, using WPA and=20 > DHCP. I can't=20 > pinpoint exaclty what changed (I've check in /usr/src/UPDATING,=20 > as it seemed=20 > to be most relevant), with no avail to finding anything regarding=20 > either wpa=20 > or dhclient. =20 >=20 > Since an upgrade to 6.3-RELEASE (both, via csup and a fresh=20 > install off of=20 > cd), I generate my ndis module, create an /etc/wpa_supplicant.conf,=20 > leaving /etc/dhclient as default, and am prompted with: > ndis0: no link.......... giving up >=20 > Upon 'kldunload bcmwl5.ko; kldload bcmwl5.ko', my ndis0 card=20 > looses all WPA=20 > capabilities. =20 >=20 > What seems to me to be the interesting part is this: > If I 'csup' to 6.3-RELEASE from -RC1, and build a kernel, the=20 > problem does not=20 > occur -- as long as I do not 'buildworld'. However, once I = 'buildworld;=20 > installworld', I am faced with the same problems as if I had installed = > 6.3-RELEASE from cd. =20 >=20 > I would really like to figure out what is causing this (both for=20 > myself, and=20 > the other affected ndis0 victims), but I'm not sure where to look --=20 > dhclient, wpa_supplicant or ndis itself. Any other information I = could=20 > provide, please let me know. =20 >=20 Hi Glen, I just setup my laptop with a wireless card a couple weeks ago and FreeBSD 6.3-RELEASE. (it's an older Toshiba) I went through a total of 5 different wireless cards before I found one that I was able to get working ndis drivers from ndisgen. Fortunately there's a used computer place near here (freegeek.org) that had a box of pcmcia wireless cards of all different makes and models, which kindly allowed me to plunk down my laptop (which dual-boots between Windows 98 and FreeBSD) and they have wireless. So I would pick a card out of their bin, boot into Windows, download the Windows driver, make sure the card worked under Windows, then boot into FreeBSD and mount the Windows partition, copy over the Windows driver and inf file to the FreeBSD side, run ndisgen and then try loading the driver. With some cards, the driver wouldn't even activate the card. With other cards, the driver would allow me to list the wireless nodes then panic the system when I tried associating. The card that did work was a Realtek-based card. And, it did not work with the most current Windows drivers from the Realtek website, it worked with the Windows drivers that were from a couple years ago. (I found this out quite by accident) Fortunately, they DID also have a number of the Wavelan cards - these are supported natively with the wi0 driver - that worked out of the box. Those cards are only 802.11b though so I kept at it with ndisgen and the newer cards. The interesting thing is that the original wireless card I had in the Toshiba - a Texas Instruments-based chipset model - never really quite worked properly in the Toshiba under Windows. I put it into a different laptop I owned - a Thinkpad, and it worked great in that. Unfortunately, in your case, nothing has changed with ndisgen since 2006 (see = http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.sbin/ndiscvt/ ) so it's not that, it's something else in the system that changed. Start with the basics. Copy your bcmwl5.ko into /boot/modules then in loader.conf put bcmw15_load=3D"YES" and reboot the system, check dmesg, and see if it's even loading Next put in /etc/rc.conf "ifconfig_ndis0=3D"inet 192.168.1.1 ssid = myssid" and see if it even comes up at all and you can ping out (obviously you will have to temporairly turn off wpa on your wireless node, set the correct ssid, and set the correct IP address to hard-code an IP address) If that doesen't work, regen the bcmw15.ko file using the "old" method: # cp foo.sys foo.inf /sys/modules/if_ndis # cd /sys/modules/ndis # make; make load # cd /sys/modules/if_ndis # ndiscvt -i foo.inf -s foo.sys -o ndis_driver_data.h # make; make load You need to isolate the problem to see if the driver is simply just not working at all under 6.3, or if it is working, but it's a scripting or turnup out of sequence error. And you need to see if wpa has anything to do with it. Ted From owner-freebsd-net@FreeBSD.ORG Sun Mar 16 16:42:36 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C665C1065670 for ; Sun, 16 Mar 2008 16:42:36 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.178]) by mx1.freebsd.org (Postfix) with ESMTP id AE10E8FC28 for ; Sun, 16 Mar 2008 16:42:36 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so5758767waf.3 for ; Sun, 16 Mar 2008 09:42:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:received:date:from:to:subject:message-id:mail-followup-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; bh=RlRqzhB/H4IfWiHMnHTYiGzT3REDa0xtH5vWKEmT5Q0=; b=Navsz8sXfl82FozUhjtiGYiTm4OfqLLkCgEdJVNSJegJiPcbE1JNmEoWraRn6oBA93oOJxMH0bMSGCMbCM+N8pHBSb5eBXoArA+VPBiqLCzE0+xQlRAaiaOdii9hsbJW9bvHMm9GiOwn+M953WfpazTpGfdQicvB9eZotFYL5h8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:mail-followup-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; b=YoGlgRVBUNS+QqXKkoQi1Tf4jrenu86A78O8HJiitVwyqLK5Yb32SZXhG/jQguKHQR2gBmHVKRPak/TM3nFo8IXRS///PSPYlDrxnVnMkFQSVJE/oog0Ment2ytEkBR0u4kk4fpc8kqJm2HqVf3vtF/uILZjFEfghQoLi9VzITs= Received: by 10.114.195.19 with SMTP id s19mr16024315waf.58.1205685755665; Sun, 16 Mar 2008 09:42:35 -0700 (PDT) Received: from hexidigital.org ( [24.229.62.9]) by mx.google.com with ESMTPS id i39sm9177330wxd.27.2008.03.16.09.42.31 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 16 Mar 2008 09:42:33 -0700 (PDT) Received: from gbarber by hexidigital.org with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1JavwI-0000Ei-M5; Sun, 16 Mar 2008 12:42:26 -0400 Date: Sun, 16 Mar 2008 12:42:26 -0400 From: Glen Barber To: freebsd-net@freebsd.org, freebsd-questions@freebsd.org Message-ID: <20080316164226.GA658@orion.hexidigital.org> Mail-Followup-To: freebsd-net@freebsd.org, freebsd-questions@freebsd.org References: <200803132256.01197.glen.j.barber@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.17 (2007-11-01) Cc: Subject: Re: ndis0 no link on 6.3-RELEASE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2008 16:42:36 -0000 Ted Mittelstaedt said: > > I just setup my laptop with a wireless card a couple weeks > ago and FreeBSD 6.3-RELEASE. (it's an older Toshiba) > > I went through a total of 5 different wireless cards before > I found one that I was able to get working ndis drivers from > ndisgen. Fortunately there's a used computer place near here > (freegeek.org) that had a box of pcmcia wireless cards of all > different makes and models, which kindly allowed me to plunk > down my laptop (which dual-boots between Windows 98 and FreeBSD) > and they have wireless. So I would pick a card out of their bin, > boot into Windows, download the Windows driver, make sure the > card worked under Windows, then boot into FreeBSD and mount > the Windows partition, copy over the Windows driver and inf > file to the FreeBSD side, run ndisgen and then try loading the > driver. > > With some cards, the driver wouldn't even activate the card. > With other cards, the driver would allow me to list the wireless > nodes then panic the system when I tried associating. > > The card that did work was a Realtek-based card. And, it did > not work with the most current Windows drivers from the Realtek > website, it worked with the Windows drivers that were from a couple > years ago. (I found this out quite by accident) > > Fortunately, they DID also have a number of the Wavelan > cards - these are supported natively with the wi0 driver - > that worked out of the box. Those cards are only 802.11b > though so I kept at it with ndisgen and the newer cards. > > The interesting thing is that the original wireless card I > had in the Toshiba - a Texas Instruments-based chipset model - > never really quite worked properly in the Toshiba under Windows. > I put it into a different laptop I owned - a Thinkpad, and > it worked great in that. > > Unfortunately, in your case, nothing has changed with ndisgen > since 2006 (see http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.sbin/ndiscvt/ ) > so it's not that, it's something else in the system that changed. > > Start with the basics. Copy your bcmwl5.ko into /boot/modules > then in loader.conf put bcmw15_load="YES" and reboot the system, > check dmesg, and see if it's even loading > > Next put in /etc/rc.conf "ifconfig_ndis0="inet 192.168.1.1 ssid myssid" > and see if it even comes up at all and you can ping out (obviously > you will have to temporairly turn off wpa on your wireless node, > set the correct ssid, and set the correct IP address to hard-code an > IP address) > > If that doesen't work, regen the bcmw15.ko file using the "old" > method: > > # cp foo.sys foo.inf /sys/modules/if_ndis > # cd /sys/modules/ndis > # make; make load > # cd /sys/modules/if_ndis > # ndiscvt -i foo.inf -s foo.sys -o ndis_driver_data.h > # make; make load > > You need to isolate the problem to see if the driver is simply > just not working at all under 6.3, or if it is working, but it's > a scripting or turnup out of sequence error. And you need to > see if wpa has anything to do with it. > Hi Ted. Thanks for the reply. Unfortunately, until I either get time to resize my hard disk and add a separate freebsd installation, or I figure out how to undo a buildworld, looks like I'm stuck. It's my school laptop, so I kind of need to get work done. ;) (I am able to run a 6.3-RELEASE kernel, but the 'world' is 6.3-RC1.) Regarding older drivers: Yes, I had this problem with my current chipset in 6.2-RELEASE. This is why I was so surprised I had problems with 6.3-RELEASE. Either way, I appreciate your response. Cheers. -- Glen Barber http://www.dev-urandom.com/ From owner-freebsd-net@FreeBSD.ORG Sun Mar 16 18:03:48 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CB9461065675 for ; Sun, 16 Mar 2008 18:03:48 +0000 (UTC) (envelope-from coda.trigger@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.181]) by mx1.freebsd.org (Postfix) with ESMTP id A93D68FC18 for ; Sun, 16 Mar 2008 18:03:48 +0000 (UTC) (envelope-from coda.trigger@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so5789814waf.3 for ; Sun, 16 Mar 2008 11:03:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=0RIohMyvNm7PnG1hzzTQRgrDeG6u1n+mKLiZwHqgG9o=; b=pOCGGW8t8QpQud1xYrNFauEVpaOga1yrOy3nD8LriTX42gV2iavfCk4ZhEE4LLxPCbhtUX8JJJz/dK2DGUpAyrdPWlsC0NxsvhJU0aB/FCyD1zktitZd1WE6NH7cOkDJ2t3tfoncw0u5SMNcMiwMQ+NlRUmYsE4W0oZ6Y/wRoMQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=eW3mlfWl+IzqOArkk5Ff7oYtJfwm5zRMk4MvpVBw7AX18ZIHhFXa9gq/BVKnnwDrikY3SZf15zY85+URgaTHT5tP3ieZosniWKI9f6Ft+uUQmLpckxgCArhSfNugIOyFUczDOts4IJgZ5XV21JtWYLi/4v/xjDAdEXWbOmSmcYA= Received: by 10.114.112.1 with SMTP id k1mr16321167wac.24.1205690628259; Sun, 16 Mar 2008 11:03:48 -0700 (PDT) Received: by 10.115.15.12 with HTTP; Sun, 16 Mar 2008 11:03:48 -0700 (PDT) Message-ID: Date: Sun, 16 Mar 2008 14:03:48 -0400 From: "d.s. al coda" To: "Andre Oppermann" In-Reply-To: <47D860AC.6030707@freebsd.org> MIME-Version: 1.0 References: <47D860AC.6030707@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: TCP options order changed in FreeBSD 7, incompatible with some routers X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2008 18:03:48 -0000 On 3/12/08, Andre Oppermann wrote: > > We've already fixed two issues. The first changes the order of the TCP > options > and is in this change: > > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_var.h.diff?r1=1.160;r2=1.161 > > It is to solve a problem observed by ISC that sounds very much like what > you > describe. This fixed the issue in this case. Since this patch just has the effect of moving sackOK after the timestamps, it won't fix the problem that we were seeing, because it was occurring only in the absence of timestamps. > The second changes the alignment padding from NOP to 0x00. Whether this > was > a contributing factor to the reported problem is not clear. There hasn't > (yet) > been any specific test case for it. It was fixed because the RFC > specifies 0x00 > to be used for padding and nothing else. > > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_output.c.diff?r1=1.145;r2=1.146 This looks promising. I didn't realize that the 0x01 padding was wrong since I didn't read the spec :) > It would be very helpful if you could apply these two patches after each > other > to your 7.0 test server and find out together with the affected user(s) > which > of these fixes the issue. If you can please try to test each one with and > w/o > the routers firewall enabled. It is interesting to know whether the NAT > or > firewalling part of the router chokes on it. I've applied the two patches and reversed mine (side note -- sadly, this is a production server, not a test server) . I'll let you know shortly whether we're still having problems, and I'll also try get the router info for you. -coda From owner-freebsd-net@FreeBSD.ORG Sun Mar 16 20:29:54 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E3FF8106566B for ; Sun, 16 Mar 2008 20:29:54 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from mail.farley.org (farley.org [67.64.95.201]) by mx1.freebsd.org (Postfix) with ESMTP id ABCE48FC1A for ; Sun, 16 Mar 2008 20:29:54 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from thor.farley.org (thor.farley.org [192.168.1.5]) by mail.farley.org (8.14.2/8.14.2) with ESMTP id m2GKTqRo005419 for ; Sun, 16 Mar 2008 15:29:52 -0500 (CDT) (envelope-from scf@FreeBSD.org) Date: Sun, 16 Mar 2008 15:29:52 -0500 (CDT) From: "Sean C. Farley" To: freebsd-net@FreeBSD.org Message-ID: User-Agent: Alpine 1.00 (BSF 882 2007-12-20) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on mail.farley.org Cc: Subject: Frequent pauses with Linux-based router X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2008 20:29:55 -0000 I have noticed that with a Linux-based Netgear DG834G (DSL modem) frequent pauses (example[1]) between external systems and 7-STABLE (March 14th). At first, I thought it was ipfilter or ipnat, but I took those out of the picture by activating telnet on the router and connecting directly to it. Even running "ls /usr/sbin" on the router would pause occasionally. I did not (or did not recall) have these problems with 6-STABLE (post 6.2). I switched out the NIC (FA-311 (sis) to a FA-310 (dc)), cable and tried different ports on the modem by which to connect. I also tried disabling all RFC sysctl's and SACK. Nothing helped. Finally, I brought out an old DSL modem (SpeedStream 5660). This fixed the issue. I think this maybe a specific issue between Linux (2.4.17_mvl21-malta-mips_fp_le) and FreeBSD 7. Is there anything else I may test to see what is happening? Sean 1. http://www.farley.org/freebsd/tmp/DSL/dsl-dmp.txt (telnet session between gateway and DSL modem) -- scf@FreeBSD.org From owner-freebsd-net@FreeBSD.ORG Sun Mar 16 20:45:45 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AA7A5106566B; Sun, 16 Mar 2008 20:45:45 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 7E8E38FC27; Sun, 16 Mar 2008 20:45:45 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from freefall.freebsd.org (scf@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2GKjjou087241; Sun, 16 Mar 2008 20:45:45 GMT (envelope-from scf@freefall.freebsd.org) Received: (from scf@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2GKjj0J087237; Sun, 16 Mar 2008 15:45:45 -0500 (CDT) (envelope-from scf) Date: Sun, 16 Mar 2008 15:45:45 -0500 (CDT) Message-Id: <200803162045.m2GKjj0J087237@freefall.freebsd.org> To: scf@FreeBSD.org, scf@FreeBSD.org, freebsd-net@FreeBSD.org, darrenr@FreeBSD.org From: scf@FreeBSD.org Cc: Subject: Re: kern/121274: [panic] Panic in ether_input() with different NIC's. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2008 20:45:45 -0000 Synopsis: [panic] Panic in ether_input() with different NIC's. State-Changed-From-To: feedback->open State-Changed-By: scf State-Changed-When: Sun Mar 16 15:42:57 CDT 2008 State-Changed-Why: As this looks like an issue between ipnat and gif, assign PR to darrenr for analysis. Responsible-Changed-From-To: freebsd-net->darrenr Responsible-Changed-By: scf Responsible-Changed-When: Sun Mar 16 15:42:57 CDT 2008 Responsible-Changed-Why: As this looks like an issue between ipnat and gif, assign PR to darrenr for analysis. http://www.freebsd.org/cgi/query-pr.cgi?pr=121274 From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 04:39:59 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6FC2C1065672 for ; Mon, 17 Mar 2008 04:39:59 +0000 (UTC) (envelope-from pyunyh@gmail.com) Received: from hs-out-0708.google.com (hs-out-0708.google.com [64.233.178.251]) by mx1.freebsd.org (Postfix) with ESMTP id 2BDE58FC1A for ; Mon, 17 Mar 2008 04:39:59 +0000 (UTC) (envelope-from pyunyh@gmail.com) Received: by hs-out-0708.google.com with SMTP id m63so4382716hsc.11 for ; Sun, 16 Mar 2008 21:39:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:received:received:date:from:to:cc:subject:message-id:reply-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; bh=1TKxisf5a040/+/YtpYUv+M/8R8OLzHYUzAa+9GWm/s=; b=vyyWmj9pihLSUOI/GKDQLDjqkiz6TxJ+81U7DJf6YEW545RsqJ9dS2iCq6uZaVHtdc2e9dE2PvSi25Q/cvGcHgMmMgdEMGNGmuA3QmzWQg34QXhT0EqBNKiIadvuP5/q/8nslkJPEE77wHLhFAjcdb7DfQA8wB/duf9S0fLmYI8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:cc:subject:message-id:reply-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; b=fNXqPE7Ie77sTA5ExMMWhzKYxGU5JYUErktvKf8DL/bA7MpT++zrWxhv2Hz8sNwnIhk7wnycvzO1VK+1wIV209AaIPnE/anElvgsvzby9xo/diTAuYP0HrVN1Kuohg5T5sPGDFuggYizRD1YFbyJDWp7fHTgqcaVt0KyO4oqQeY= Received: by 10.100.119.17 with SMTP id r17mr31440965anc.42.1205728798145; Sun, 16 Mar 2008 21:39:58 -0700 (PDT) Received: from michelle.cdnetworks.co.kr ( [211.53.35.84]) by mx.google.com with ESMTPS id 67sm27727427wra.19.2008.03.16.21.39.55 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 16 Mar 2008 21:39:56 -0700 (PDT) Received: from michelle.cdnetworks.co.kr (localhost.cdnetworks.co.kr [127.0.0.1]) by michelle.cdnetworks.co.kr (8.13.5/8.13.5) with ESMTP id m2H4dlDa002549 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 17 Mar 2008 13:39:47 +0900 (KST) (envelope-from pyunyh@gmail.com) Received: (from yongari@localhost) by michelle.cdnetworks.co.kr (8.13.5/8.13.5/Submit) id m2H4djZH002548; Mon, 17 Mar 2008 13:39:45 +0900 (KST) (envelope-from pyunyh@gmail.com) Date: Mon, 17 Mar 2008 13:39:45 +0900 From: Pyun YongHyeon To: Giulio Ferro Message-ID: <20080317043945.GA2503@cdnetworks.co.kr> References: <47D817D2.9010306@errno.com> <47D8499A.5070605@zirakzigil.org> <20080313033029.GF16972@cdnetworks.co.kr> <47D92F9D.4070701@zirakzigil.org> <20080314001704.GA22788@cdnetworks.co.kr> <47DA4DCD.6050304@zirakzigil.org> <20080314101555.GF22788@cdnetworks.co.kr> <47DA682E.9010504@zirakzigil.org> <20080314122708.GG22788@cdnetworks.co.kr> <47DA9BC0.8030205@zirakzigil.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47DA9BC0.8030205@zirakzigil.org> User-Agent: Mutt/1.4.2.1i Cc: Andrew Thompson , freebsd-net@freebsd.org Subject: Re: VLAN trunking and fragmentation X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: pyunyh@gmail.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 04:39:59 -0000 On Fri, Mar 14, 2008 at 04:37:36PM +0100, Giulio Ferro wrote: > Pyun YongHyeon wrote: > >This hardware really make me crazy. There had been many attempts to > >fix checksum offload related issues. But it seems that several users > >still suffer from bad checksum or VLAN issues. So I guess the root > >cause of hardware bug was not yet known. This means that previous > >patch to work around hardware bug is not complete. > > > >Hmm, I'm not sure but it could be related with padding. What makes > >me wonder is why the first packet of fragmented packet does not > >show up on destination host. I guess the second packet of fragmented > >packet may be composed of single mbuf. From these information I > >will experiment possible combination of work around in next week. > >I'll let you know when I have a code. > > > > > Great! Thanks for the good job. > Please try latest attempt to fix re(4) issues. http://people.freebsd.org/~yongari/re/if_re.c http://people.freebsd.org/~yongari/re/if_rlreg.h This one is attempt to fix the following bug reports on re(4). - VLAN tagging does not work on multi-fragmented frames. - Non-working/instability on re(4) hardwares that uses MSI. - Unconditional VLAN tag stripping without respect to ifconfig configuration. - ENOBUFS on transmitting UDP frames under heavy network loads. - DAC does not work. This one removed previous checksum offload hack for checksum offload on PCIe hardwares so I'm not sure checksum offload still work on PCIe hardwares. Please test and let me know how it goes. Also make sure you have all hardware features enabled.(checksum offload, TSO, VLAN hardware tagging etc). -- Regards, Pyun YongHyeon From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 05:25:27 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B9CCC106566B for ; Mon, 17 Mar 2008 05:25:27 +0000 (UTC) (envelope-from silby@silby.com) Received: from relay00.pair.com (relay00.pair.com [209.68.5.9]) by mx1.freebsd.org (Postfix) with SMTP id 5DC8C8FC1C for ; Mon, 17 Mar 2008 05:25:26 +0000 (UTC) (envelope-from silby@silby.com) Received: (qmail 10905 invoked from network); 17 Mar 2008 05:25:25 -0000 Received: from unknown (HELO localhost) (unknown) by unknown with SMTP; 17 Mar 2008 05:25:25 -0000 X-pair-Authenticated: 209.68.2.70 Date: Mon, 17 Mar 2008 00:25:22 -0500 (CDT) From: Mike Silbersack To: "Bjoern A. Zeeb" In-Reply-To: <20080314100707.F50685@maildrop.int.zabbadoz.net> Message-ID: <20080317002414.C71897@odysseus.silby.com> References: <20080312231330.D60219@odysseus.silby.com> <20080312232607.J60219@odysseus.silby.com> <20080313154547.F50685@maildrop.int.zabbadoz.net> <20080314005224.S65945@odysseus.silby.com> <20080314100707.F50685@maildrop.int.zabbadoz.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: TCP options order changed in FreeBSD 7, incompatible with some routers X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 05:25:27 -0000 On Fri, 14 Mar 2008, Bjoern A. Zeeb wrote: >> But I think the "good" case should look like it did before, per POLA. > > Ok, I am only printing it in case bad padding happens or one gave -v. > > The new patch is here: > > http://sources.zabbadoz.net/freebsd/patchset/20080314-01-tcpdump-print-tcp-option-padding.diff > > -- > Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT I still think the non-bad case should look exactly as it did before, no matter what set of options was selected. :) I have not heard back from the tcpdump person that I contacted. :( -Mike From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 06:55:07 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CF9CE106564A for ; Mon, 17 Mar 2008 06:55:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id 861AD8FC26 for ; Mon, 17 Mar 2008 06:55:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id D66D741C751; Mon, 17 Mar 2008 07:55:05 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id QD5tVKS-w0PG; Mon, 17 Mar 2008 07:55:05 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id 6558E41C75B; Mon, 17 Mar 2008 07:55:05 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 66C4244487F; Mon, 17 Mar 2008 06:54:50 +0000 (UTC) Date: Mon, 17 Mar 2008 06:54:49 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Mike Silbersack In-Reply-To: <20080317002414.C71897@odysseus.silby.com> Message-ID: <20080317065251.E50685@maildrop.int.zabbadoz.net> References: <20080312231330.D60219@odysseus.silby.com> <20080312232607.J60219@odysseus.silby.com> <20080313154547.F50685@maildrop.int.zabbadoz.net> <20080314005224.S65945@odysseus.silby.com> <20080314100707.F50685@maildrop.int.zabbadoz.net> <20080317002414.C71897@odysseus.silby.com> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: TCP options order changed in FreeBSD 7, incompatible with some routers X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 06:55:07 -0000 On Mon, 17 Mar 2008, Mike Silbersack wrote: > > On Fri, 14 Mar 2008, Bjoern A. Zeeb wrote: > >>> But I think the "good" case should look like it did before, per POLA. >> >> Ok, I am only printing it in case bad padding happens or one gave -v. >> >> The new patch is here: >> >> http://sources.zabbadoz.net/freebsd/patchset/20080314-01-tcpdump-print-tcp-option-padding.diff >> >> -- >> Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT > > I still think the non-bad case should look exactly as it did before, no > matter what set of options was selected. :) > > I have not heard back from the tcpdump person that I contacted. :( Well I'd still like to be able to somehow see the padding if there is any without having to look at the hex output of each packet. But it's faily easy to get the behaviour you are requesting by simply removing the vflag now. -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT Software is harder than hardware so better get it right the first time. From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 07:20:02 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BEFBF106564A for ; Mon, 17 Mar 2008 07:20:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A05718FC18 for ; Mon, 17 Mar 2008 07:20:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2H7K2G3037593 for ; Mon, 17 Mar 2008 07:20:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2H7K2C1037592; Mon, 17 Mar 2008 07:20:02 GMT (envelope-from gnats) Date: Mon, 17 Mar 2008 07:20:02 GMT Message-Id: <200803170720.m2H7K2C1037592@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Andrew Lankford Cc: Subject: Re: kern/121720: [wpi] wpi doesnt work if kernel has options SCHED_ULE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Andrew Lankford List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 07:20:02 -0000 The following reply was made to PR kern/121720; it has been noted by GNATS. From: Andrew Lankford To: bug-followup@FreeBSD.org, Helko.Glathe@freenet.de Cc: Subject: Re: kern/121720: [wpi] wpi doesnt work if kernel has options SCHED_ULE Date: Mon, 17 Mar 2008 02:49:43 -0400 Same problem here with my 7-STABLE machine. Settling for SCHED_4BSD did the trick. If this is a problem with the driver, then perhaps a MFC of some recent (as in several days old) "stability fixes" to the wpi source will fix the problem: http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/wpi/if_wpi.c wpi in STABLE has panicked my laptop at least once. If you're impatient, I imagine that the latest cvs patches may work with 7-STABLE. Andrew Lankford From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 08:53:57 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 157A51065673 for ; Mon, 17 Mar 2008 08:53:57 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id BB5278FC19 for ; Mon, 17 Mar 2008 08:53:56 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1JbB6M-0002Lh-Uc for freebsd-net@freebsd.org; Mon, 17 Mar 2008 08:53:50 +0000 Received: from 195.208.174.178 ([195.208.174.178]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 17 Mar 2008 08:53:50 +0000 Received: from vadim_nuclight by 195.208.174.178 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 17 Mar 2008 08:53:50 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Vadim Goncharov Date: Mon, 17 Mar 2008 08:53:42 +0000 (UTC) Organization: Nuclear Lightning @ Tomsk, TPU AVTF Hostel Lines: 24 Message-ID: References: <20080314232456.GQ91152@hal.rescomp.berkeley.edu> <47DB1C6A.8050908@elischer.org> X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 195.208.174.178 X-Comment-To: Julian Elischer User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news Subject: Re: Behavior of `ipfw table n list' in 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: vadim_nuclight@mail.ru List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 08:53:57 -0000 Hi Julian Elischer! On Fri, 14 Mar 2008 17:46:34 -0700; Julian Elischer wrote about 'Re: Behavior of `ipfw table n list' in 7.0': > I think the dotted quad part is mentioned somewhere, but anyhow > a patch was put in to add a specific option to ipfw(8) to request > the quad notation If you get a new version of ipfw(8) it should > have the fix.. > Or pull the fix from the freebsd source cvs web page.. > pull and apply the diff for revision 1.114 from the following page > http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/ipfw/ipfw2.c > and apply it and then reinstall it. > that reminds me I need to merge this back to RELENG_7 Oh, and to RELENG_6 please, too. Then PR 120720 can be said to fully closed, yes. -- WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight] From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 10:57:29 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 81B6E1065670 for ; Mon, 17 Mar 2008 10:57:29 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com [66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id 60FDB8FC18 for ; Mon, 17 Mar 2008 10:57:28 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 3D5BDD312F; Mon, 17 Mar 2008 06:57:28 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Mon, 17 Mar 2008 06:57:28 -0400 X-Sasl-enc: ibNFsqGJ0QALoFkKqeeM2CfdVEzBK6n95pRrbxf0p/hD 1205751447 Received: from empiric.lon.incunabulum.net (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id B0F04175D7; Mon, 17 Mar 2008 06:57:27 -0400 (EDT) Message-ID: <47DE4E96.8080507@FreeBSD.org> Date: Mon, 17 Mar 2008 10:57:26 +0000 From: "Bruce M. Simpson" User-Agent: Thunderbird 2.0.0.9 (X11/20080207) MIME-Version: 1.0 To: "Sean C. Farley" References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@FreeBSD.org Subject: Re: Frequent pauses with Linux-based router X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 10:57:29 -0000 Sean C. Farley wrote: > I have noticed that with a Linux-based Netgear DG834G (DSL modem) > frequent pauses (example[1]) between external systems and 7-STABLE > (March 14th). At first, I thought it was ipfilter or ipnat, but I took > those out of the picture by activating telnet on the router and > connecting directly to it. Even running "ls /usr/sbin" on the router > would pause occasionally. I did not (or did not recall) have these > problems with 6-STABLE (post 6.2). I switched out the NIC (FA-311 (sis) > to a FA-310 (dc)), cable and tried different ports on the modem by which > to connect. I also tried disabling all RFC sysctl's and SACK. Nothing > helped. > > Finally, I brought out an old DSL modem (SpeedStream 5660). This fixed > the issue. I think this maybe a specific issue between Linux > (2.4.17_mvl21-malta-mips_fp_le) and FreeBSD 7. Is there anything else I > may test to see what is happening? OT: Hang on, are you saying you're running a MIPS MALTA targeted Linux kernel on a Netgear DG834G? That would be interesting as a test platform for FreeBSD/mips, considering the platform support for Malta is already there. I had a go at doing the Broadcom Sentry5 SoC last year but hadn't finished anything. Long shot, but are 802.3 pause frames appearing anywhere, ie can you test with a crossover cable? Have you done a BER test with UDP or something like that to try to rule out non-TCP protocols? cheers BMS From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 11:07:09 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4AD131065682 for ; Mon, 17 Mar 2008 11:07:09 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 36EBE8FC30 for ; Mon, 17 Mar 2008 11:07:09 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2HB79UL055182 for ; Mon, 17 Mar 2008 11:07:09 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2HB78ri055178 for freebsd-net@FreeBSD.org; Mon, 17 Mar 2008 11:07:08 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 17 Mar 2008 11:07:08 GMT Message-Id: <200803171107.m2HB78ri055178@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-net@FreeBSD.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 11:07:09 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/35442 net [sis] [patch] Problem transmitting runts in if_sis dri a kern/38554 net changing interface ipaddress doesn't seem to work s kern/39937 net ipstealth issue s kern/81147 net [net] [patch] em0 reinitialization while adding aliase o kern/92090 net [bge] bge0: watchdog timeout -- resetting f kern/92552 net A serious bug in most network drivers from 5.X to 6.X s kern/105943 net Network stack may modify read-only mbuf chain copies o kern/106316 net [dummynet] dummynet with multipass ipfw drops packets o kern/108542 net [bce]: Huge network latencies with 6.2-RELEASE / STABL o kern/112528 net [nfs] NFS over TCP under load hangs with "impossible p o kern/112686 net [patm] patm driver freezes System (FreeBSD 6.2-p4) i38 o kern/112722 net [udp] IP v4 udp fragmented packet reject o kern/113842 net [ipv6] PF_INET6 proto domain state can't be cleared wi o kern/114714 net [gre][patch] gre(4) is not MPSAFE and does not support o kern/114839 net [fxp] fxp looses ability to speak with traffic o kern/115239 net [ipnat] panic with 'kmem_map too small' using ipnat o kern/116077 net [ip] [patch] 6.2-STABLE panic during use of multi-cast f kern/116172 net [tun] [panic] Network / ipv6 recursive mutex panic o kern/116185 net [iwi] if_iwi driver leads system to reboot o kern/116328 net [bge]: Solid hang with bge interface o kern/116747 net [ndis] FreeBSD 7.0-CURRENT crash with Dell TrueMobile o kern/116837 net [tun] [panic] [patch] ifconfig tunX destroy: panic o kern/117043 net [em] Intel PWLA8492MT Dual-Port Network adapter EEPROM o kern/117271 net [tap] OpenVPN TAP uses 99% CPU on releng_6 when if_tap o kern/117423 net [vlan] Duplicate IP on different interfaces o kern/117448 net [carp] 6.2 kernel crash (regression) o kern/118880 net [ipv6] IP_RECVDSTADDR & IP_SENDSRCADDR not implemented o kern/119225 net [wi] 7.0-RC1 no carrier with Prism 2.5 wifi card (regr o kern/119345 net [ath] Unsuported Atheros 5424/2424 and CPU speedstep n o kern/119361 net [bge] bge(4) transmit performance problem o kern/119945 net [rum] [panic] rum device in hostap mode, cause kernel o kern/120130 net [carp] [panic] carp causes kernel panics in any conste o kern/120266 net [panic] gnugk causes kernel panic when closing UDP soc o kern/120304 net [netgraph] [patch] netgraph source assumes 32-bit time f kern/120725 net [bce] On board second lan port 'bce1' with Broadcom Ne f kern/120966 net [rum]: kernel panic with if_rum and WPA encryption o kern/121181 net [panic] Fatal trap 3: breakpoint instruction fault whi o kern/121437 net [vlan] Routing to layer-2 address does not work on VLA o kern/121555 net Fatal trap 12: current process = 12 (swi1: net) o kern/121624 net [em] [regression] Intel em WOL fails after upgrade to o kern/121720 net [wpi] wpi doesnt work if kernel has options SCHED_ULE 41 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/23063 net [PATCH] for static ARP tables in rc.network s bin/41647 net ifconfig(8) doesn't accept lladdr along with inet addr o kern/54383 net [nfs] [patch] NFS root configurations without dynamic s kern/60293 net FreeBSD arp poison patch o kern/64556 net [sis] if_sis short cable fix problems with NetGear FA3 o kern/77913 net [wi] [patch] Add the APDL-325 WLAN pccard to wi(4) o bin/79228 net [patch] extend /sbin/arp to be able to create blackhol o kern/93378 net [tcp] Slow data transfer in Postfix and Cyrus IMAP (wo o kern/95267 net packet drops periodically appear o kern/95277 net [netinet] [patch] IP Encapsulation mask_match() return o kern/100519 net [netisr] suggestion to fix suboptimal network polling o kern/102035 net [plip] plip networking disables parallel port printing o conf/102502 net [patch] ifconfig name does't rename netgraph node in n o conf/107035 net [patch] bridge interface given in rc.conf not taking a o kern/109470 net [wi] Orinoco Classic Gold PC Card Can't Channel Hop o kern/112179 net [sis] [patch] sis driver for natsemi DP83815D autonego o bin/112557 net [patch] ppp(8) lock file should not use symlink name o kern/114915 net [patch] [pcn] pcn (sys/pci/if_pcn.c) ethernet driver f o bin/116643 net [patch] [request] fstat(1): add INET/INET6 socket deta o bin/117339 net [patch] route(8): loading routing management commands o kern/118727 net [ng] [patch] [request] add new ng_pf module a kern/118879 net [bge] [patch] bge has checksum problems on the 5703 ch o kern/118975 net [bge] [patch] Broadcom 5906 not handled by FreeBSD o bin/118987 net ifconfig(8): ifconfig -l (address_family) does not wor o kern/119432 net [arp] route add -host -iface causes arp e o kern/119617 net [nfs] nfs error on wpa network when reseting/shutdown o kern/119791 net [nfs] UDP NFS mount of aliased IP addresses from a Sol o kern/120232 net [nfe] [patch] Bring in nfe(4) to RELENG_6 o kern/120493 net [wpi] if_wpi.ko fails to load on a Toshiba Satellite P o kern/120566 net [request]: ifconfig(8) make order of arguments more fr o kern/120958 net no response to ICMP traffic on interface configured wi o kern/121242 net [ate] [patch] Promiscuous mode of if_ate (arm) doesn't o kern/121257 net [tcp] TSO + natd -> slow outgoing tcp traffic o kern/121443 net [gif] LOR icmp6_input/nd6_lookup o kern/121706 net [netinet] [patch] "rtfree: 0xc4383870 has 1 refs" emit 35 problems total. From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 11:24:19 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 16F5A106566B for ; Mon, 17 Mar 2008 11:24:19 +0000 (UTC) (envelope-from yoniy@mellanox.co.il) Received: from mellanox.co.il (mail.mellanox.co.il [194.90.237.43]) by mx1.freebsd.org (Postfix) with ESMTP id 8DBE58FC30 for ; Mon, 17 Mar 2008 11:24:17 +0000 (UTC) (envelope-from yoniy@mellanox.co.il) Received: from Internal Mail-Server by MTLPINE1 (envelope-from yoniy@mellanox.co.il) with SMTP; 17 Mar 2008 13:24:14 +0200 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Mon, 17 Mar 2008 13:24:13 +0200 Message-ID: <6C2C79E72C305246B504CBA17B5500C9038B0EA3@mtlexch01.mtl.com> In-Reply-To: <200803171107.m2HB78ri055178@freefall.freebsd.org> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Duplicate interface name Thread-Index: AciIH68IZVnhj9wTQRyVjqXD65KvzQAAQE2Q From: "Yehonatan Yossef" To: Cc: Subject: Duplicate interface name X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 11:24:19 -0000 =20 Hi, I'm porting a 10GigE driver to FreeBSD 6.3. My card has 2 ports. Loading the driver brings up two new interfaces, problem is they have the same name. How do I configure the interface numbering? Thanks -Yony From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 13:53:28 2008 Return-Path: Delivered-To: net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 086A6106564A for ; Mon, 17 Mar 2008 13:53:28 +0000 (UTC) (envelope-from robert@fledge.watson.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id A98218FC2E for ; Mon, 17 Mar 2008 13:53:27 +0000 (UTC) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id A8ECD46C4D for ; Mon, 17 Mar 2008 09:46:07 -0400 (EDT) X-Return-Path: X-Received: from cyrus.watson.org ([unix socket]) by cyrus.watson.org (Cyrus v2.1.18) with LMTP; Mon, 17 Mar 2008 09:30:56 -0400 X-Sieve: CMU Sieve 2.2 X-Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53]) by cyrus.watson.org (Postfix) with ESMTP id E3CE846C7C for ; Mon, 17 Mar 2008 09:30:55 -0400 (EDT) X-Received: from hub.freebsd.org (hub.freebsd.org [IPv6:2001:4f8:fff6::36]) by mx2.freebsd.org (Postfix) with ESMTP id 7C03915F79F; Mon, 17 Mar 2008 13:30:36 +0000 (UTC) (envelope-from owner-freebsd-arch@freebsd.org) X-Received: from hub.freebsd.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 2B29A1065686; Mon, 17 Mar 2008 13:30:36 +0000 (UTC) (envelope-from owner-freebsd-arch@freebsd.org) X-Delivered-To: arch@freebsd.org X-Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9A4781065674 for ; Mon, 17 Mar 2008 13:30:30 +0000 (UTC) (envelope-from csjp@sub.vaned.net) X-Received: from sub.vaned.net (sub.vaned.net [205.200.235.40]) by mx1.freebsd.org (Postfix) with ESMTP id 666658FC1E for ; Mon, 17 Mar 2008 13:30:30 +0000 (UTC) (envelope-from csjp@sub.vaned.net) X-Received: by sub.vaned.net (Postfix, from userid 1001) id 350A72E1; Mon, 17 Mar 2008 08:30:29 -0500 (CDT) Date: Mon, 17 Mar 2008 08:30:29 -0500 From: "Christian S.J. Peron" To: freebsd-current@freebsd.org Message-ID: <20080317133029.GA19369@sub.vaned.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.3i X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Sender: owner-freebsd-arch@freebsd.org Errors-To: owner-freebsd-arch@freebsd.org ReSent-Date: Mon, 17 Mar 2008 13:46:01 +0000 (GMT) ReSent-From: robert ReSent-To: net@FreeBSD.org ReSent-Subject: HEADS UP: zerocopy bpf commits impending ReSent-Message-ID: <20080317134601.L3253@fledge.watson.org> Cc: arch@freebsd.org Subject: HEADS UP: zerocopy bpf commits impending X-BeenThere: freebsd-net@freebsd.org List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 13:53:28 -0000 All, Just wanted to give a heads up that I plan to start merging the work located in the zerocopy bpf perforce branch. We have been working on this project for about a year now and feel that it is ready to come into the tree. I will begin to merge hopefully today [assuming nobody has any concerns] or tommorow. Zerocopy bpf will be disabled by default, and can be enabled globally though the use of a sysctl variable. Once the kernel bits are in and we sort out a couple minor nits in libpcap+tcpdump, we will be be looking at getting our libpcap patches committed upstream. I will post a patch for people to experiment with in the meantime after the kernel commits are complete. We do not anticipate this will have any effect on existing bpf consumers like libpcap, tcpdump etc... so if something breaks, it shouldn't have and we need to know about :) We were pretty careful about preserving the ABI. The only exception to this is, netstat will need a recompile because the size of it's bpf stats structure changed. So if there are any objections or concerns, now is the time to raise them. Thanks _______________________________________________ freebsd-arch@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-arch To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 13:58:28 2008 Return-Path: Delivered-To: net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 06CA81065670 for ; Mon, 17 Mar 2008 13:58:28 +0000 (UTC) (envelope-from robert@fledge.watson.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id ACA908FC1D for ; Mon, 17 Mar 2008 13:58:27 +0000 (UTC) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 1AEE546C7F for ; Mon, 17 Mar 2008 09:43:09 -0400 (EDT) X-Return-Path: X-Received: from cyrus.watson.org ([unix socket]) by cyrus.watson.org (Cyrus v2.1.18) with LMTP; Mon, 17 Mar 2008 09:30:56 -0400 X-Sieve: CMU Sieve 2.2 X-Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53]) by cyrus.watson.org (Postfix) with ESMTP id E3CE846C7C for ; Mon, 17 Mar 2008 09:30:55 -0400 (EDT) X-Received: from hub.freebsd.org (hub.freebsd.org [IPv6:2001:4f8:fff6::36]) by mx2.freebsd.org (Postfix) with ESMTP id 7C03915F79F; Mon, 17 Mar 2008 13:30:36 +0000 (UTC) (envelope-from owner-freebsd-arch@freebsd.org) X-Received: from hub.freebsd.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 2B29A1065686; Mon, 17 Mar 2008 13:30:36 +0000 (UTC) (envelope-from owner-freebsd-arch@freebsd.org) X-Delivered-To: arch@freebsd.org X-Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9A4781065674 for ; Mon, 17 Mar 2008 13:30:30 +0000 (UTC) (envelope-from csjp@sub.vaned.net) X-Received: from sub.vaned.net (sub.vaned.net [205.200.235.40]) by mx1.freebsd.org (Postfix) with ESMTP id 666658FC1E for ; Mon, 17 Mar 2008 13:30:30 +0000 (UTC) (envelope-from csjp@sub.vaned.net) X-Received: by sub.vaned.net (Postfix, from userid 1001) id 350A72E1; Mon, 17 Mar 2008 08:30:29 -0500 (CDT) Date: Mon, 17 Mar 2008 08:30:29 -0500 From: "Christian S.J. Peron" To: freebsd-current@freebsd.org Message-ID: <20080317133029.GA19369@sub.vaned.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.3i X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Sender: owner-freebsd-arch@freebsd.org Errors-To: owner-freebsd-arch@freebsd.org ReSent-Date: Mon, 17 Mar 2008 13:43:06 +0000 (GMT) ReSent-From: robert ReSent-To: net@FreeBSD.org ReSent-Subject: HEADS UP: zerocopy bpf commits impending ReSent-Message-ID: <20080317134306.N3253@fledge.watson.org> Cc: arch@freebsd.org Subject: HEADS UP: zerocopy bpf commits impending X-BeenThere: freebsd-net@freebsd.org List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 13:58:28 -0000 All, Just wanted to give a heads up that I plan to start merging the work located in the zerocopy bpf perforce branch. We have been working on this project for about a year now and feel that it is ready to come into the tree. I will begin to merge hopefully today [assuming nobody has any concerns] or tommorow. Zerocopy bpf will be disabled by default, and can be enabled globally though the use of a sysctl variable. Once the kernel bits are in and we sort out a couple minor nits in libpcap+tcpdump, we will be be looking at getting our libpcap patches committed upstream. I will post a patch for people to experiment with in the meantime after the kernel commits are complete. We do not anticipate this will have any effect on existing bpf consumers like libpcap, tcpdump etc... so if something breaks, it shouldn't have and we need to know about :) We were pretty careful about preserving the ABI. The only exception to this is, netstat will need a recompile because the size of it's bpf stats structure changed. So if there are any objections or concerns, now is the time to raise them. Thanks _______________________________________________ freebsd-arch@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-arch To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 15:55:14 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 97CE9106564A for ; Mon, 17 Mar 2008 15:55:14 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (cl-162.ewr-01.us.sixxs.net [IPv6:2001:4830:1200:a1::2]) by mx1.freebsd.org (Postfix) with ESMTP id 168A68FC13 for ; Mon, 17 Mar 2008 15:55:13 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (localhost [127.0.0.1]) by lor.one-eyed-alien.net (8.14.1/8.13.8) with ESMTP id m2HFtDpo048729; Mon, 17 Mar 2008 10:55:13 -0500 (CDT) (envelope-from brooks@lor.one-eyed-alien.net) Received: (from brooks@localhost) by lor.one-eyed-alien.net (8.14.2/8.14.2/Submit) id m2HFtCPD048728; Mon, 17 Mar 2008 10:55:12 -0500 (CDT) (envelope-from brooks) Date: Mon, 17 Mar 2008 10:55:12 -0500 From: Brooks Davis To: Yehonatan Yossef Message-ID: <20080317155512.GB38485@lor.one-eyed-alien.net> References: <200803171107.m2HB78ri055178@freefall.freebsd.org> <6C2C79E72C305246B504CBA17B5500C9038B0EA3@mtlexch01.mtl.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="R3G7APHDIzY6R/pk" Content-Disposition: inline In-Reply-To: <6C2C79E72C305246B504CBA17B5500C9038B0EA3@mtlexch01.mtl.com> User-Agent: Mutt/1.5.17 (2007-11-01) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (lor.one-eyed-alien.net [127.0.0.1]); Mon, 17 Mar 2008 10:55:13 -0500 (CDT) Cc: freebsd-net@freebsd.org Subject: Re: Duplicate interface name X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 15:55:14 -0000 --R3G7APHDIzY6R/pk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 17, 2008 at 01:24:13PM +0200, Yehonatan Yossef wrote: > =20 > Hi, >=20 > I'm porting a 10GigE driver to FreeBSD 6.3. My card has 2 ports. > Loading the driver brings up two new interfaces, problem is they have > the same name. >=20 > How do I configure the interface numbering? Generating the interface name is the driver's responsibility. In a typical hardware driver, this code is used: if_initname(ifp, device_get_name(dev), device_get_unit(dev)); With a dual-ported card that has only one bus attachment, you can't do that since you'll have to ifnets. If the driver will only support cards that ha= ve exactly two port, the easy solution would be to make the first if_initname call: if_initname(ifp, device_get_name(dev), device_get_unit(dev)*2); and the second if_initname(ifp, device_get_name(dev), (device_get_unit(dev)*2) + 1); If the number of ports can potentially vary then the driver will need to manage them internally. The unit number allocation framework can take care= of this for you. See alloc_unr(9). -- Brooks --R3G7APHDIzY6R/pk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (FreeBSD) iD8DBQFH3pRfXY6L6fI4GtQRApMXAJ9xC4+/GcAQSemNdUH0ZdeBd3EO8gCgoM8D 2AdxnGoKSfZWMQc2Fa7kzSg= =0Qax -----END PGP SIGNATURE----- --R3G7APHDIzY6R/pk-- From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 18:11:07 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DD4551065670 for ; Mon, 17 Mar 2008 18:11:07 +0000 (UTC) (envelope-from fbsdlists@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.189]) by mx1.freebsd.org (Postfix) with ESMTP id 512338FC25 for ; Mon, 17 Mar 2008 18:11:07 +0000 (UTC) (envelope-from fbsdlists@gmail.com) Received: by rv-out-0910.google.com with SMTP id g13so3595229rvb.43 for ; Mon, 17 Mar 2008 11:11:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=hOIugs/PqaGHIY5F0+zE0ibUNXCPSjpEYHgHETSCmHw=; b=LjgmgLyGdq2Yf0Hj3KoKrcAS1i58RibtUTKGWIT6oslChFz+GJ4Rr7jRVPlNJdKhK+7MjOvQnERDXTG52wlYnjB3LQF8LBtpUC3LYF5s1su1Cyl/yUwMrzci1hIvH+QIMcYneM1x0pm1AV7XqhXajxb9G0CAJBwK5jIOidHygkk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=QYZMlR4S1YxNZ7S29dRtucKyvfx26CzIkXt2tPJVfCta2cMiWHOuWLvqRP1Sa/ZXEGWOggMyOBMj9ZC6V3ZkOfJNVXRK7TLHZeTioUB5JSVm6f2bU4prYMu3IUFe2d/ZPXohUsJAhWB5TfAwmChQs9n0/VFxp0C27pA91wMzlAU= Received: by 10.141.36.10 with SMTP id o10mr342719rvj.176.1205775994805; Mon, 17 Mar 2008 10:46:34 -0700 (PDT) Received: by 10.141.179.18 with HTTP; Mon, 17 Mar 2008 10:46:34 -0700 (PDT) Message-ID: <54db43990803171046q5c19546bjea297fce1dae8cb7@mail.gmail.com> Date: Mon, 17 Mar 2008 13:46:34 -0400 From: "Bob Johnson" To: "Kai Lockwood" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200803141803.12974.kailockwood@gmail.com> <004701c886c0$6c866910$0200a8c0@dts> Cc: freebsd-net@freebsd.org Subject: Re: SLIP slipping away X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 18:11:08 -0000 On 3/15/08, Kai Lockwood wrote: > I was just trying to setup a really simple network with a null modem cable. > I looked into ppp but the documentation I read didn't help and I'm still not > smart enough to figure out how to do it yet. I haven't ever used SLIP on FreeBSD, but serial port implementations can be extremely picky about the use of RS-232 control signals. If your null modem doesn't at least support DCD you will likely have problems. In that specific case, slattach -l ... might help (that's a lower-case "L"). In fact, for a null modem cable, I'd expect the -l option would be desirable anyway (but as I said, I haven't used SLIP myself, so that's just conjecture). slattach(8) seems to say the default behavior is to abort if there is no reattach script specified (the -r option) unless you specify -l, so it might even fit the symptoms you describe. In other words, try slattach -l -s 115200 /dev/cuad0 and see if that helps. If both systems have Ethernet ports it would be easy (easier, I suspect) to set up a two-node network with a crossover cable, assuming that's a workable solution for you. - Bob From owner-freebsd-net@FreeBSD.ORG Mon Mar 17 21:16:40 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E35B5106566B for ; Mon, 17 Mar 2008 21:16:40 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from gv-out-0910.google.com (gv-out-0910.google.com [216.239.58.186]) by mx1.freebsd.org (Postfix) with ESMTP id 6FE8D8FC25 for ; Mon, 17 Mar 2008 21:16:40 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: by gv-out-0910.google.com with SMTP id n40so1190747gve.39 for ; Mon, 17 Mar 2008 14:16:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=b0qfzmma0plYa7YoMCTT4rVtXFqYMQRTDKgqbzAobJ4=; b=kfWBklvCwWpYLQwb2NzEclWyrLP0osJiMw+6YaGutn52ayTZydQ78Py7oi+w0hxNgYP1Lun5wUvZMZlLGELTkCgpRKCpQgnIo4JdVU/AgWPWTSWuMQp4FYSZZ6ZWZ/JI0XuKqtq95habkOAwlkTlK4uuF9NYAQ1suY4YMo67pto= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=hLwYTOIwx0JJlnmvCL5lqJoZQfjhCvT16fD62PGWaA4zEqWYShgj6Sw64P8pKED9s6id5JAaoqafJfbc3EW3Om4EdXKasVaIYbH//0uHFqvDqLV6Fu+LoOAwUdn/3yAPELqlIW9FphuORqmoudrGkAYeoOYBJhGj+IGUQ49yqtY= Received: by 10.142.222.21 with SMTP id u21mr732067wfg.41.1205788597660; Mon, 17 Mar 2008 14:16:37 -0700 (PDT) Received: by 10.142.87.9 with HTTP; Mon, 17 Mar 2008 14:16:37 -0700 (PDT) Message-ID: Date: Mon, 17 Mar 2008 14:16:37 -0700 From: "Kurt Buff" To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Sangoma A301? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 21:16:41 -0000 I've just received mine, and am trying to get FreeBSD 6.3 Release to recognize it. The application for this card is a fractional DS3 circuit that we're getting installed soon, and the box will eventually manage multiple links with BGP. I've been reading the docs from the Sangoma web site, and while they talk about FreeBSD installation/diagnostics/configuration/etc., they don't mention either the A301 or DS3 circuits. I've installed the wanpipe software (3.2.1), but am at this point lost in the thickets of the sparse documentation. Before I send off a message to their tech support, does anyone have words of wisdom for me? Thanks, Kurt From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 07:03:07 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4A6F81065670 for ; Tue, 18 Mar 2008 07:03:07 +0000 (UTC) (envelope-from alex@sangoma.com) Received: from smtp104.rog.mail.re2.yahoo.com (smtp104.rog.mail.re2.yahoo.com [206.190.36.82]) by mx1.freebsd.org (Postfix) with SMTP id A4F188FC26 for ; Tue, 18 Mar 2008 07:03:06 +0000 (UTC) (envelope-from alex@sangoma.com) Received: (qmail 42330 invoked from network); 18 Mar 2008 06:36:24 -0000 Received: from unknown (HELO alaptop) (afeldm9594@rogers.com@99.248.65.60 with login) by smtp104.rog.mail.re2.yahoo.com with SMTP; 18 Mar 2008 06:36:24 -0000 X-YMail-OSG: FfoLvq0VM1ktPLB6.68BQ8C0sNMlidEH6gNJPLLGqxPjq1Hn6Sp8gsoQRDEeMoxzzg-- X-Yahoo-Newman-Property: ymail-3 From: "Alex Feldman" To: "'Kurt Buff'" , Date: Tue, 18 Mar 2008 02:36:23 -0400 Organization: Sangoma Technologies Corp. MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: AciIdDeSQmrFTm0NQKWX92oGuPN+PgATVRoQ X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 In-Reply-To: Message-Id: <20080318070306.A4F188FC26@mx1.freebsd.org> Cc: Subject: RE: Sangoma A301? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: alex@sangoma.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 07:03:07 -0000 Hi Kurt, We support DS3 card but only clear channel. We don't have fractional DS3 support. Did u try to load this card? Does it recognize by kernel? If you have any questions, please feel free to contact me. Alex Sangoma Technologies -----Original Message----- From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-net@freebsd.org] On Behalf Of Kurt Buff Sent: March 17, 2008 5:17 PM To: freebsd-net@freebsd.org Subject: Sangoma A301? I've just received mine, and am trying to get FreeBSD 6.3 Release to recognize it. The application for this card is a fractional DS3 circuit that we're getting installed soon, and the box will eventually manage multiple links with BGP. I've been reading the docs from the Sangoma web site, and while they talk about FreeBSD installation/diagnostics/configuration/etc., they don't mention either the A301 or DS3 circuits. I've installed the wanpipe software (3.2.1), but am at this point lost in the thickets of the sparse documentation. Before I send off a message to their tech support, does anyone have words of wisdom for me? Thanks, Kurt _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 10:40:04 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 125241065671 for ; Tue, 18 Mar 2008 10:40:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id EEF9C8FC1A for ; Tue, 18 Mar 2008 10:40:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2IAe3kJ062540 for ; Tue, 18 Mar 2008 10:40:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2IAe3dR062536; Tue, 18 Mar 2008 10:40:03 GMT (envelope-from gnats) Date: Tue, 18 Mar 2008 10:40:03 GMT Message-Id: <200803181040.m2IAe3dR062536@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: "Oleksandr V. Typlyns'kyi" Cc: Subject: Re: kern/121181: [panic] Fatal trap 3: breakpoint instruction fault while in kernel mode, rtfree: NULL rnh X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Oleksandr V. Typlyns'kyi" List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 10:40:04 -0000 The following reply was made to PR kern/121181; it has been noted by GNATS. From: "Oleksandr V. Typlyns'kyi" To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/121181: [panic] Fatal trap 3: breakpoint instruction fault while in kernel mode, rtfree: NULL rnh Date: Tue, 18 Mar 2008 12:36:30 +0200 (EET) Another crash 16 march 2008: kgdb kernel.debug /var/crash/vmcore.0 [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". Unread portion of the kernel message buffer: panic: rtfree: NULL rnh cpuid = 7 Uptime: 16d22h19m19s Dumping 2046 MB (2 chunks) chunk 0: 1MB (156 pages) ... ok chunk 1: 2047MB (523872 pages) 2031 2015 1999 1983 1967 1951 1935 1919 1903 1887 1871 1855 1839 1823 1807 1791 1775 1759 1743 1727 1711 1695 1679 1663 1647 1631 1615 1599 1583 1567 1551 1535 1519 1503 1487 1471 1455 1439 1423 1407 1391 1375 1359 1343 1327 1311 1295 1279 1263 1247 1231 1215 1199 1183 1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943 927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 3 83 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15 #0 doadump () at pcpu.h:165 165 __asm __volatile("movl %%fs:0,%0" : "=r" (td)); (kgdb) bt full #0 doadump () at pcpu.h:165 No locals. #1 0xc04f225a in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409 first_buf_printf = 1 #2 0xc04f260b in panic (fmt=0xc069b980 "rtfree: NULL rnh") at /usr/src/sys/kern/kern_shutdown.c:565 td = (struct thread *) 0xc6af6780 bootopt = 260 newpanic = 0 ap = 0xc6af6780 "`xJÌ ¾ÍÊ" buf = "rtfree: NULL rnh", '\0' #3 0xc05808e7 in rtfree (rt=0xc6161c00) at /usr/src/sys/net/route.c:240 rnh = (struct radix_node_head *) 0x0 #4 0xc0598aa3 in ip_output (m=0xc98c4d00, opt=0xc6161c00, ro=0xe8edda80, flags=0, imo=0x0, inp=0xc756e384) at /usr/src/sys/netinet/ip_output.c:835 ip = (struct ip *) 0xc98c4d40 ifp = (struct ifnet *) 0xc6161c00 m0 = (struct mbuf *) 0x1 hlen = 20 len = -961583232 error = 0 dst = (struct sockaddr_in *) 0xe8edda84 ia = (struct in_ifaddr *) 0xc6444c00 isbroadcast = 0 sw_csum = 1 iproute = {ro_rt = 0xc6532000, ro_dst = {sa_len = 16 '\020', sa_family = 2 '\002', sa_data = "\000\000\177\000\000\001\000\000\000\000\000\000\000"}} odst = {s_addr = 1} fwd_tag = (struct m_tag *) 0x0 #5 0xc05a2ce0 in tcp_output (tp=0xcab1fae0) at /usr/src/sys/netinet/tcp_output.c:1080 so = (struct socket *) 0xcd167b20 len = 43 recwin = 71680 sendwin = -913552044 off = 0 flags = 24 error = 0 m = (struct mbuf *) 0xc98c4d00 ip = (struct ip *) 0xc98c4d40 th = (struct tcphdr *) 0xc98c4d54 opt = "\001\001\b\nW/3âW/3Ûè{\026Í\000È\206É\000\000\000\000è{\026Í`ÛíèîÁSÀè{\026Í" ipoptlen = 0 optlen = 12 hdrlen = 52 idle = 1 sendalot = 0 i = -387065040 sack_rxmit = 0 sack_bytes_rxmt = 0 p = (struct sackhole *) 0x0 #6 0xc05a997f in tcp_usr_send (so=0xcd167b20, flags=0, m=0xc986c800, nam=0x0, control=0x0, td=0xc6af6780) at /usr/src/sys/netinet/tcp_usrreq.c:698 error = 0 inp = (struct inpcb *) 0xc756e384 tp = (struct tcpcb *) 0xcab1fae0 unlocked = 1 #7 0xc0538024 in sosend (so=0xcd167b20, addr=0x0, uio=0xe8eddc34, top=0xc986c800, control=0x0, flags=128, td=0xc6af6780) at /usr/src/sys/kern/uipc_socket.c:836 mp = (struct mbuf **) 0xc986c800 m = (struct mbuf *) 0xc986c800 space = 71637 len = 43 resid = 0 clen = -913913856 error = 0 dontroute = 0 atomic = 0 #8 0xc053eb94 in kern_sendit (td=0xc6af6780, s=16, mp=0xe8eddcb0, flags=128, control=0x0, segflg=UIO_USERSPACE) at /usr/src/sys/kern/uipc_syscalls.c:772 fp = (struct file *) 0xc6a248b8 auio = {uio_iov = 0xe8eddca8, uio_iovcnt = 1, uio_offset = 43, uio_resid = 0, uio_segflg = UIO_USERSPACE, uio_rw = UIO_WRITE, uio_td = 0xc6af6780} iov = (struct iovec *) 0x0 so = (struct socket *) 0xcd167b20 i = 0 len = 43 error = 0 ktruio = (struct uio *) 0x0 #9 0xc053ea1d in sendit (td=0x0, s=0, mp=0xe8eddcb0, flags=0) at /usr/src/sys/kern/uipc_syscalls.c:712 control = (struct mbuf *) 0x0 to = (struct sockaddr *) 0x0 error = -867534752 #10 0xc053ed8a in sendto (td=0x0, uap=0x0) at /usr/src/sys/kern/uipc_syscalls.c:830 msg = {msg_name = 0x0, msg_namelen = 0, msg_iov = 0xe8eddca8, msg_iovlen = 1, msg_control = 0x0, msg_controllen = 3427432544, msg_flags = 0} aiov = {iov_base = 0x81a3a17, iov_len = 0} error = 0 #11 0xc06682db in syscall (frame= {tf_fs = -1078001605, tf_es = 1747386427, tf_ds = -1078001605, tf_edi = 138327552, tf_esi = 43, tf_ebp = -1077943256, tf_isp = -387064476, tf_ebx = 1748313312, tf_edx = 43, tf_ecx = 128, tf_eax = 133, tf_trapno = 0, tf_err = 2, tf_eip = 1748138419, tf_cs = 51, tf_eflags = 2097798, tf_esp = -1077943300, tf_ss = 59}) at /usr/src/sys/i386/i386/trap.c:984 params = 0xbfbfe400
callp = (struct sysent *) 0xc06bbf1c td = (struct thread *) 0xc6af6780 p = (struct proc *) 0xcc4a7860 orig_tf_eflags = 2097798 sticks = 622 error = 0 narg = 6 args = {16, 135936492, 43, 128, 0, 0, -387064532, -1067092312} code = 133 #12 0xc065074f in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:200 No locals. #13 0x00000033 in ?? () No symbol table info available. And today: kgdb kernel.debug /var/crash/vmcore.1 [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". Unread portion of the kernel message buffer: panic: rtfree: NULL rnh cpuid = 7 Uptime: 1d17h38m0s Dumping 2046 MB (2 chunks) chunk 0: 1MB (156 pages) ... ok chunk 1: 2047MB (523872 pages) 2031 2015 1999 1983 1967 1951 1935 1919 1903 1887 1871 1855 1839 1823 1807 1791 1775 1759 1743 1727 1711 1695 1679 1663 1647 1631 1615 1599 1583 1567 1551 1535 1519 1503 1487 1471 1455 1439 1423 1407 1391 1375 1359 1343 1327 1311 1295 1279 1263 1247 1231 1215 1199 1183 1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943 927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 3 83 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15 #0 doadump () at pcpu.h:165 165 __asm __volatile("movl %%fs:0,%0" : "=r" (td)); (kgdb) bt full #0 doadump () at pcpu.h:165 No locals. #1 0xc04f225a in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409 first_buf_printf = 1 #2 0xc04f260b in panic (fmt=0xc069b980 "rtfree: NULL rnh") at /usr/src/sys/kern/kern_shutdown.c:565 td = (struct thread *) 0xc6127900 bootopt = 260 newpanic = 0 ap = 0xc6127900 "`h\022Æ`@ÿÅ" buf = "rtfree: NULL rnh", '\0' #3 0xc05808e7 in rtfree (rt=0xc6161c00) at /usr/src/sys/net/route.c:240 rnh = (struct radix_node_head *) 0x0 #4 0xc0598aa3 in ip_output (m=0xc920a100, opt=0xc6161c00, ro=0xe681fa80, flags=0, imo=0x0, inp=0xc95d3a8c) at /usr/src/sys/netinet/ip_output.c:835 ip = (struct ip *) 0xc920a140 ifp = (struct ifnet *) 0xc6161c00 m0 = (struct mbuf *) 0x1 hlen = 20 len = -971867904 error = 0 dst = (struct sockaddr_in *) 0xe681fa84 ia = (struct in_ifaddr *) 0xc62a4c00 isbroadcast = 0 sw_csum = 1 iproute = {ro_rt = 0xc6460000, ro_dst = {sa_len = 16 '\020', sa_family = 2 '\002', sa_data = "\000\000\177\000\000\001\000\000\000\000\000\000\000"}} odst = {s_addr = 1} fwd_tag = (struct m_tag *) 0x0 #5 0xc05a2ce0 in tcp_output (tp=0xc76d4cb0) at /usr/src/sys/netinet/tcp_output.c:1080 so = (struct socket *) 0xc94292c8 len = 32 recwin = 71680 sendwin = -920608428 off = 0 flags = 24 error = 0 m = (struct mbuf *) 0xc920a100 ip = (struct ip *) 0xc920a140 th = (struct tcphdr *) 0xc920a154 opt = "\001\001\b\n\bîçï\bîç\201\220\223BÉ\0009vÆ\000\000\000\000\220\223BÉ`û\201æîÁSÀ\220\223BÉ" ipoptlen = 0 optlen = 12 hdrlen = 52 idle = 1 sendalot = 0 i = -961414496 sack_rxmit = 0 sack_bytes_rxmt = 0 p = (struct sackhole *) 0x0 #6 0xc05a997f in tcp_usr_send (so=0xc94292c8, flags=0, m=0xc6763900, nam=0x0, control=0x0, td=0xc6127900) at /usr/src/sys/netinet/tcp_usrreq.c:698 error = 0 inp = (struct inpcb *) 0xc95d3a8c tp = (struct tcpcb *) 0xc76d4cb0 unlocked = 1 #7 0xc0538024 in sosend (so=0xc94292c8, addr=0x0, uio=0xe681fc34, top=0xc6763900, control=0x0, flags=128, td=0xc6127900) at /usr/src/sys/kern/uipc_socket.c:836 mp = (struct mbuf **) 0xc6763900 m = (struct mbuf *) 0xc6763900 space = 71648 len = 32 resid = 0 clen = -965330688 error = 0 dontroute = 0 atomic = 0 #8 0xc053eb94 in kern_sendit (td=0xc6127900, s=16, mp=0xe681fcb0, flags=128, control=0x0, segflg=UIO_USERSPACE) at /usr/src/sys/kern/uipc_syscalls.c:772 fp = (struct file *) 0xc6504558 auio = {uio_iov = 0xe681fca8, uio_iovcnt = 1, uio_offset = 32, uio_resid = 0, uio_segflg = UIO_USERSPACE, uio_rw = UIO_WRITE, uio_td = 0xc6127900} iov = (struct iovec *) 0x0 so = (struct socket *) 0xc94292c8 i = 0 len = 32 error = 0 ktruio = (struct uio *) 0x0 #9 0xc053ea1d in sendit (td=0x0, s=0, mp=0xe681fcb0, flags=0) at /usr/src/sys/kern/uipc_syscalls.c:712 control = (struct mbuf *) 0x0 to = (struct sockaddr *) 0x0 error = -971872160 #10 0xc053ed8a in sendto (td=0x0, uap=0x0) at /usr/src/sys/kern/uipc_syscalls.c:830 msg = {msg_name = 0x0, msg_namelen = 0, msg_iov = 0xe681fca8, msg_iovlen = 1, msg_control = 0x0, msg_controllen = 3323095136, msg_flags = 0} aiov = {iov_base = 0x819df64, iov_len = 0} error = 0 #11 0xc06682db in syscall (frame= {tf_fs = 1754660923, tf_es = 1754660923, tf_ds = -1078001605, tf_edi = 137748992, tf_esi = 32, tf_ebp = -1077951208, tf_isp = -427688604, tf_ebx = 1748313312, tf_edx = 32, tf_ecx = 128, tf_eax = 133, tf_trapno = 22, tf_err = 2, tf_eip = 1748138419, tf_cs = 51, tf_eflags = 2097798, tf_esp = -1077951252, tf_ss = 59}) at /usr/src/sys/i386/i386/trap.c:984 params = 0xbfbfc4f0
callp = (struct sysent *) 0xc06bbf1c td = (struct thread *) 0xc6127900 p = (struct proc *) 0xc6126860 orig_tf_eflags = 2097798 sticks = 8929 error = 0 narg = 6 args = {16, 135913284, 32, 128, 0, 0, 8929, -971872160} code = 133 #12 0xc065074f in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:200 No locals. #13 0x00000033 in ?? () No symbol table info available. Previous frame inner to this frame (corrupt stack?) What can I do to help solve this problem? 6.3-RELEASE, SCHED_4BSD, 2x dual core Xeon + HT Family: 15 Model: 6 Stepping: 4 Type: 0 Brand: 0 CPU Model: Unknown CPU Original OEM Processor name string: Intel(R) Xeon(TM) CPU 3.20GHz Feature flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflsh ds acpi mmx fxsr sse sse2 ss ht tm pbe sse3 monitor ds-cpl vmx cntx-id cx16 xTPR Extended feature flags: em64t lahf_lm Cache info Instruction trace cache: 12K uOps, 8-way associative. L1 Data cache: 16KB, sectored, 8-way associative. 64 byte line size. L2 unified cache: 2MB, sectored, 8-way associative. 64 byte line size. TLB info Instruction TLB: 4K, 2MB or 4MB pages, fully associative, 64 entries. Data TLB: 4KB or 4MB pages, fully associative, 64 entries. The physical package supports 4 logical processors -- WNGS-RIPE KP Media / bigmir)net From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 16:00:04 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AB721106564A for ; Tue, 18 Mar 2008 16:00:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id ACFA08FC19 for ; Tue, 18 Mar 2008 16:00:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2IG04FB087302 for ; Tue, 18 Mar 2008 16:00:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2IG04sj087301; Tue, 18 Mar 2008 16:00:04 GMT (envelope-from gnats) Date: Tue, 18 Mar 2008 16:00:04 GMT Message-Id: <200803181600.m2IG04sj087301@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: "Yousif Hassan" Cc: Subject: Re: kern/121720: [wpi] wpi doesnt work if kernel has optionsSCHED_ULE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Yousif Hassan List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 16:00:04 -0000 The following reply was made to PR kern/121720; it has been noted by GNATS. From: "Yousif Hassan" To: "Andrew Lankford" , , Cc: Subject: Re: kern/121720: [wpi] wpi doesnt work if kernel has optionsSCHED_ULE Date: Tue, 18 Mar 2008 11:34:09 -0400 ----- Original Message ----- From: "Andrew Lankford" To: Sent: Monday, March 17, 2008 3:20 AM Subject: Re: kern/121720: [wpi] wpi doesnt work if kernel has optionsSCHED_ULE > The following reply was made to PR kern/121720; it has been noted by > GNATS. > > From: Andrew Lankford > To: bug-followup@FreeBSD.org, Helko.Glathe@freenet.de > Cc: > Subject: Re: kern/121720: [wpi] wpi doesnt work if kernel has options > SCHED_ULE > Date: Mon, 17 Mar 2008 02:49:43 -0400 > > Same problem here with my 7-STABLE machine. Settling for SCHED_4BSD did > the trick. If this is a problem with the driver, then perhaps a MFC of > some recent (as in several days old) "stability fixes" to the wpi source > will fix the problem: > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/wpi/if_wpi.c > > wpi in STABLE has panicked my laptop at least once. > > If you're impatient, I imagine that the latest cvs patches may work with > 7-STABLE. > > Andrew Lankford I'm adding this as a point of reference in case it helps a developer: My HP dv9700t runs SCHED_ULE and wpi works great. This leads me to suspect that this is probably not just as simple as if_wpi and the scheduler; I believe this has to do with a combination of the wpi driver and the BIOS (and/or ACPI). There have been other problem reports related to different loading / attach / buggy behavior with wpi - different computers seem to produce different results. This sounds related (albeit SCHED_4BSD appears to solve this particular issue). FWIW. --Y From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 18:13:26 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C66761065673; Tue, 18 Mar 2008 18:13:26 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id AFCE88FC19; Tue, 18 Mar 2008 18:13:26 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (gavin@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2IIDQaI099476; Tue, 18 Mar 2008 18:13:26 GMT (envelope-from gavin@freefall.freebsd.org) Received: (from gavin@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2IIDQkr099472; Tue, 18 Mar 2008 18:13:26 GMT (envelope-from gavin) Date: Tue, 18 Mar 2008 18:13:26 GMT Message-Id: <200803181813.m2IIDQkr099472@freefall.freebsd.org> To: andreas@klemm.apsfilter.org, gavin@FreeBSD.org, gavin@FreeBSD.org, freebsd-net@FreeBSD.org From: gavin@FreeBSD.org Cc: Subject: Re: kern/86920: [ndis] ifconfig: SIOCS80211: Invalid argument (regression) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 18:13:26 -0000 Synopsis: [ndis] ifconfig: SIOCS80211: Invalid argument (regression) State-Changed-From-To: feedback->suspended State-Changed-By: gavin State-Changed-When: Tue Mar 18 18:06:42 UTC 2008 State-Changed-Why: Mark as suspended for now, as submitter has no time to test right now. To submitter: if you can see if this is still an issue at some point, we can look into it, otherwise if nobody else can recreate it, we'll have to close this PR. Responsible-Changed-From-To: gavin->freebsd-net Responsible-Changed-By: gavin Responsible-Changed-When: Tue Mar 18 18:06:42 UTC 2008 Responsible-Changed-Why: Over to -net http://www.freebsd.org/cgi/query-pr.cgi?pr=86920 From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 19:09:34 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 873991065670 for ; Tue, 18 Mar 2008 19:09:34 +0000 (UTC) (envelope-from obrien@NUXI.org) Received: from dragon.nuxi.org (trang.nuxi.org [74.95.12.85]) by mx1.freebsd.org (Postfix) with ESMTP id 80A0D8FC19 for ; Tue, 18 Mar 2008 19:09:34 +0000 (UTC) (envelope-from obrien@NUXI.org) Received: from dragon.nuxi.org (obrien@localhost [127.0.0.1]) by dragon.nuxi.org (8.14.1/8.14.1) with ESMTP id m2IIYwFY038782 for ; Tue, 18 Mar 2008 11:34:58 -0700 (PDT) (envelope-from obrien@dragon.nuxi.org) Received: (from obrien@localhost) by dragon.nuxi.org (8.14.2/8.14.1/Submit) id m2IIYw1E038781 for freebsd-net@freebsd.org; Tue, 18 Mar 2008 11:34:58 -0700 (PDT) (envelope-from obrien) Date: Tue, 18 Mar 2008 11:34:58 -0700 From: "David O'Brien" To: freebsd-net@freebsd.org Message-ID: <20080318183458.GA38209@dragon.NUXI.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Operating-System: FreeBSD 8.0-CURRENT User-Agent: Mutt/1.5.16 (2007-06-09) Subject: Why do some ports insist on make IPv6 connections? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: obrien@freebsd.org List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 19:09:34 -0000 On systems running the GENERIC kernel (and thus having IPv6 enabled), two ports that I know of run into trouble: ncftp3 and dillo. For hosts that have both IPv4 and IPv6 A[A] records: $ host ftp.vim.org ftp.nluug.nl has address 192.87.102.43 ftp.nluug.nl has address 192.87.102.42 ftp.nluug.nl has address 2001:610:1:80aa:192:87:102:42 ftp.nluug.nl has address 2001:610:1:80aa:192:87:102:43 These apps insist on making IPv6 connections. However, the only IPv6 routes I have is for lo0. So I get errors like: Could not connect to ftp.vim.org: No route to host. My question is why does this happen? Why isn't the connection IPv4 given I cannot get there from here [over IPv6]? thanks, -- -- David (obrien@FreeBSD.org) From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 20:49:00 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 23CA8106567D for ; Tue, 18 Mar 2008 20:49:00 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from mail.farley.org (farley.org [67.64.95.201]) by mx1.freebsd.org (Postfix) with ESMTP id DE8488FC1B for ; Tue, 18 Mar 2008 20:48:59 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from thor.farley.org (thor.farley.org [192.168.1.5]) by mail.farley.org (8.14.2/8.14.2) with ESMTP id m2IKmvl0034481; Tue, 18 Mar 2008 15:48:57 -0500 (CDT) (envelope-from scf@FreeBSD.org) Date: Tue, 18 Mar 2008 15:48:57 -0500 (CDT) From: "Sean C. Farley" To: "Bruce M. Simpson" In-Reply-To: <47DE4E96.8080507@FreeBSD.org> Message-ID: References: <47DE4E96.8080507@FreeBSD.org> User-Agent: Alpine 1.00 (BSF 882 2007-12-20) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on mail.farley.org Cc: freebsd-net@FreeBSD.org Subject: Re: Frequent pauses with Linux-based router X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 20:49:00 -0000 On Mon, 17 Mar 2008, Bruce M. Simpson wrote: > Sean C. Farley wrote: >> I have noticed that with a Linux-based Netgear DG834G (DSL modem) >> frequent pauses (example[1]) between external systems and 7-STABLE >> (March 14th). At first, I thought it was ipfilter or ipnat, but I >> took those out of the picture by activating telnet on the router and >> connecting directly to it. Even running "ls /usr/sbin" on the router >> would pause occasionally. I did not (or did not recall) have these >> problems with 6-STABLE (post 6.2). I switched out the NIC (FA-311 >> (sis) to a FA-310 (dc)), cable and tried different ports on the modem >> by which to connect. I also tried disabling all RFC sysctl's and >> SACK. Nothing helped. >> >> Finally, I brought out an old DSL modem (SpeedStream 5660). This >> fixed the issue. I think this maybe a specific issue between Linux >> (2.4.17_mvl21-malta-mips_fp_le) and FreeBSD 7. Is there anything >> else I may test to see what is happening? > > OT: Hang on, are you saying you're running a MIPS MALTA targeted Linux > kernel on a Netgear DG834G? That would be interesting as a test > platform for FreeBSD/mips, considering the platform support for Malta > is already there. I had a go at doing the Broadcom Sentry5 SoC last > year but hadn't finished anything. Here is a bit of information about it from /proc: # cat cpuinfo processor : 0 cpu model : MIPS 4KEc V4.8 BogoMIPS : 211.35 wait instruction : no microsecond timers : yes extra interrupt vector : yes hardware watchpoint : yes VCED exceptions : not available VCEI exceptions : not available # cat meminfo total: used: free: shared: buffers: cached: Mem: 14712832 9666560 5046272 0 1130496 3694592 Swap: 0 0 0 If I was not using it for my main DSL router, I would consider putting FreeBSD on it. After the frustration I had with it, I did seriously wonder about FreeBSD on it. It would be especially tempting if it would still function as a DSL router along with the web interface. :) It has wireless, but I have that disabled. If you are interested in more specs, I can cat /proc for you. > Long shot, but are 802.3 pause frames appearing anywhere, ie can you > test with a crossover cable? > Have you done a BER test with UDP or something like that to try to > rule out non-TCP protocols? Well, with help on IRC from Robert Watson and others, I was able to "fix" it. An ICMP test showed that there were occasional pauses and packet loss. The fix: use 100Mb instead of 10Mb. :) For some reason I do not recall, I had forced the interface connected to the DSL router to 10Mb. When I noticed XP did not have the same problem and that it had a 100Mb connection to the router, I found and removed the "media 10baseT/UTP mediaopt full-duplex" from /etc/rc.conf for the interface. That appears to have fixed it. I have never heard of pause frames. Interesting. Also, I do not recall seeing anything unusual with tcpdump (using "host dsl" expression I think). The pause always seemed to be for packets from the router to the computer. Sean -- scf@FreeBSD.org From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 21:50:02 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 774B7106566C for ; Tue, 18 Mar 2008 21:50:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 7A5588FC35 for ; Tue, 18 Mar 2008 21:50:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2ILo243018370 for ; Tue, 18 Mar 2008 21:50:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2ILo2ts018369; Tue, 18 Mar 2008 21:50:02 GMT (envelope-from gnats) Date: Tue, 18 Mar 2008 21:50:02 GMT Message-Id: <200803182150.m2ILo2ts018369@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: dfilter@FreeBSD.org (dfilter service) Cc: Subject: Re: bin/79228: commit references a PR X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 21:50:02 -0000 The following reply was made to PR bin/79228; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: bin/79228: commit references a PR Date: Tue, 18 Mar 2008 21:45:32 +0000 (UTC) sam 2008-03-18 21:45:27 UTC FreeBSD src repository Modified files: usr.sbin/arp arp.8 arp.c Log: add reject+blackhole keywords to install entries with RTF_BLACKHOLE and RTF_REJECT, respectively PR: bin/79228 Submitted by: Dan Lukes MFC after: 2 weeks Revision Changes Path 1.26 +16 -0 src/usr.sbin/arp/arp.8 1.67 +7 -4 src/usr.sbin/arp/arp.c _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 21:55:52 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 653871065670; Tue, 18 Mar 2008 21:55:52 +0000 (UTC) (envelope-from sam@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4F5FC8FC23; Tue, 18 Mar 2008 21:55:52 +0000 (UTC) (envelope-from sam@FreeBSD.org) Received: from freefall.freebsd.org (sam@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2ILtqpq018609; Tue, 18 Mar 2008 21:55:52 GMT (envelope-from sam@freefall.freebsd.org) Received: (from sam@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2ILtq0s018605; Tue, 18 Mar 2008 21:55:52 GMT (envelope-from sam) Date: Tue, 18 Mar 2008 21:55:52 GMT Message-Id: <200803182155.m2ILtq0s018605@freefall.freebsd.org> To: sam@FreeBSD.org, freebsd-net@FreeBSD.org, thompsa@FreeBSD.org From: sam@FreeBSD.org Cc: Subject: Re: kern/121720: [wpi] wpi doesnt work if kernel has options SCHED_ULE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 21:55:52 -0000 Synopsis: [wpi] wpi doesnt work if kernel has options SCHED_ULE Responsible-Changed-From-To: freebsd-net->thompsa Responsible-Changed-By: sam Responsible-Changed-When: Tue Mar 18 21:54:31 UTC 2008 Responsible-Changed-Why: Hand to Andrew as he's been working on this driver. FWIW my guess is this is preemption causing problems with the questionable locking that used to be done by the driver. I think Andrew's recent round of changes eliminated that stuff. http://www.freebsd.org/cgi/query-pr.cgi?pr=121720 From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 22:30:05 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4ED491065671 for ; Tue, 18 Mar 2008 22:30:05 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.174]) by mx1.freebsd.org (Postfix) with ESMTP id 3746B8FC26 for ; Tue, 18 Mar 2008 22:30:05 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: by wf-out-1314.google.com with SMTP id 25so99143wfa.7 for ; Tue, 18 Mar 2008 15:30:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=gBreRf2cuGtF71nf1ckljuAgSdvFvE0wuo97ydHQnyo=; b=Jvo2Ccu92PWbioEtNT66RqJdkb/2Be3WqOXvWsLvDkcT7gJVViPn2DyReua6JqfGxH0hxrHiNi8LdoEIcId3LnpK7SJxXVCb4mY4OQ8hK+Vyl2csMs15YK7KnAGoxC87j/qIlD7pK07VyJbnVbmv6EJ+XhUM8nszkavR/by3t/Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=svvYzSgTk1sxutUSbyHk50qJ7i1vbzBjym110oj7A8XFSfjNLwhTdIFdtBr8d/vU0UHngtZeCRCPjYVSEhGnk4uFEw91Dd7IeynozlEA8+e5Yqo4dcKPWG8CR24EtfxJdv1XV4qAhBwwyRzBmD1AuhmPawrxST0mkUn3fQSgbYE= Received: by 10.142.172.12 with SMTP id u12mr1517158wfe.19.1205879404510; Tue, 18 Mar 2008 15:30:04 -0700 (PDT) Received: by 10.142.87.9 with HTTP; Tue, 18 Mar 2008 15:30:04 -0700 (PDT) Message-ID: Date: Tue, 18 Mar 2008 15:30:04 -0700 From: "Kurt Buff" To: alex@sangoma.com In-Reply-To: <47df62e8.3026360a.0e6e.582dSMTPIN_ADDED@mx.google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47df62e8.3026360a.0e6e.582dSMTPIN_ADDED@mx.google.com> Cc: freebsd-net@freebsd.org Subject: Re: Sangoma A301? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 22:30:05 -0000 Alex, Your reminder about clear channel got me going. I think I've got this thing configured - the wancfg program isn't completely intuitive, but it's pretty good, and after banging around in it, I think I've got it configured. We're awaiting cable pull for the coax, about 200 ft from demarc to server room, and then circuit turn-up and addressing, etc., from the ISP. I've configured the card with some RFC1918 addresses so that I could complete the configuration. ifconfig reveals those addresses on the wag1 interface after reboot, and the messages on console indicate goodness too, so I think I'm good to go. The ISP says the protocol will be Cisco HDLC, so that's what I configured it with. I know I'll have more questions later, but for now this looks like success. Thanks, Kurt On Mon, Mar 17, 2008 at 11:36 PM, Alex Feldman wrote: > Hi Kurt, > > We support DS3 card but only clear channel. We don't have fractional DS3 > support. > > Did u try to load this card? Does it recognize by kernel? > > If you have any questions, please feel free to contact me. > > Alex > Sangoma Technologies > > > > > -----Original Message----- > From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-net@freebsd.org] > On Behalf Of Kurt Buff > Sent: March 17, 2008 5:17 PM > To: freebsd-net@freebsd.org > Subject: Sangoma A301? > > I've just received mine, and am trying to get FreeBSD 6.3 Release to > recognize it. > > The application for this card is a fractional DS3 circuit that we're > getting installed soon, and the box will eventually manage multiple > links with BGP. > > I've been reading the docs from the Sangoma web site, and while they > talk about FreeBSD installation/diagnostics/configuration/etc., they > don't mention either the A301 or DS3 circuits. > > I've installed the wanpipe software (3.2.1), but am at this point lost > in the thickets of the sparse documentation. Before I send off a > message to their tech support, does anyone have words of wisdom for > me? > > > Thanks, > > Kurt > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 22:34:05 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DB7C61065671 for ; Tue, 18 Mar 2008 22:34:05 +0000 (UTC) (envelope-from fox@verio.net) Received: from dfw-smtpout1.email.verio.net (dfw-smtpout1.email.verio.net [129.250.36.41]) by mx1.freebsd.org (Postfix) with ESMTP id CB9CB8FC13 for ; Tue, 18 Mar 2008 22:34:05 +0000 (UTC) (envelope-from fox@verio.net) Received: from [129.250.36.63] (helo=dfw-mmp3.email.verio.net) by dfw-smtpout1.email.verio.net with esmtp id 1JbkNh-0004y8-FL for freebsd-net@freebsd.org; Tue, 18 Mar 2008 22:34:05 +0000 Received: from [129.250.40.241] (helo=limbo.int.dllstx01.us.it.verio.net) by dfw-mmp3.email.verio.net with esmtp id 1JbkNh-0002vC-Ar for freebsd-net@freebsd.org; Tue, 18 Mar 2008 22:34:05 +0000 Received: by limbo.int.dllstx01.us.it.verio.net (Postfix, from userid 1000) id 288A98E296; Tue, 18 Mar 2008 17:34:05 -0500 (CDT) Date: Tue, 18 Mar 2008 17:34:05 -0500 From: David DeSimone To: freebsd-net@freebsd.org Message-ID: <20080318223404.GB24011@verio.net> Mail-Followup-To: freebsd-net@freebsd.org References: <47DE4E96.8080507@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; x-action=pgp-signed Content-Disposition: inline In-Reply-To: Precedence: bulk User-Agent: Mutt/1.5.9i Subject: Re: Frequent pauses with Linux-based router X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 22:34:06 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sean C. Farley wrote: > > An ICMP test showed that there were occasional pauses and packet loss. > The fix: use 100Mb instead of 10Mb. :) For some reason I do not > recall, I had forced the interface connected to the DSL router to > 10Mb. When I noticed XP did not have the same problem and that it had > a 100Mb connection to the router, I found and removed the "media > 10baseT/UTP mediaopt full-duplex" from /etc/rc.conf for the interface. > That appears to have fixed it. The fix here is not that you moved to 100 Mb, it's that you stopped forcing duplex, and allow auto-negotiation to take place. With the forced duplex in effect, your NIC does not auto-negotiate with the other end (the router), and it falls back to half duplex, which leads to large numbers of collision errors. > The pause always seemed to be for packets from the router to the > computer. Yep, whenever the router would try to send, if your end happened to be sending a frame, the router's NIC would stop to avoid the collision, leading to packet loss. This is a classic duplex-mismatch scenario. - -- David DeSimone == Network Admin == fox@verio.net "This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, dis- tribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio, Inc. makes no warranty that this email is error or virus free. Thank you." --Lawyer Bot 6000 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFH4ENcFSrKRjX5eCoRAlOGAJ0SDIGlWFKFAiMXhzE/fjEqFvGzXQCdH7f5 02ycEA/hJuwAQlk4x9wMblo= =IyQq -----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 23:21:05 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 12F2D106566B; Tue, 18 Mar 2008 23:21:05 +0000 (UTC) (envelope-from vwe@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id F16088FC1A; Tue, 18 Mar 2008 23:21:04 +0000 (UTC) (envelope-from vwe@FreeBSD.org) Received: from freefall.freebsd.org (vwe@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2INL4D0025326; Tue, 18 Mar 2008 23:21:04 GMT (envelope-from vwe@freefall.freebsd.org) Received: (from vwe@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2INL4IY025322; Tue, 18 Mar 2008 23:21:04 GMT (envelope-from vwe) Date: Tue, 18 Mar 2008 23:21:04 GMT Message-Id: <200803182321.m2INL4IY025322@freefall.freebsd.org> To: vwe@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: vwe@FreeBSD.org Cc: Subject: Re: kern/121774: 6.3 kernel panic in swi1: net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 23:21:05 -0000 Synopsis: 6.3 kernel panic in swi1: net Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: vwe Responsible-Changed-When: Tue Mar 18 23:20:38 UTC 2008 Responsible-Changed-Why: I think the fine guys at net@ may take care... ;) http://www.freebsd.org/cgi/query-pr.cgi?pr=121774 From owner-freebsd-net@FreeBSD.ORG Tue Mar 18 23:30:04 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 783FA1065670 for ; Tue, 18 Mar 2008 23:30:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 7A3D58FC1F for ; Tue, 18 Mar 2008 23:30:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2INU4Mr026037 for ; Tue, 18 Mar 2008 23:30:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2INU4BT026034; Tue, 18 Mar 2008 23:30:04 GMT (envelope-from gnats) Date: Tue, 18 Mar 2008 23:30:04 GMT Message-Id: <200803182330.m2INU4BT026034@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Edwin Groothuis Cc: Subject: Re: kern/121774: 6.3 kernel panic in swi1: net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Edwin Groothuis List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 23:30:04 -0000 The following reply was made to PR kern/121774; it has been noted by GNATS. From: Edwin Groothuis To: FreeBSD Gnats Submit Cc: freebsd-bugs@FreeBSD.org Subject: Re: kern/121774: 6.3 kernel panic in swi1: net Date: Wed, 19 Mar 2008 10:24:21 +1100 On Tue, Mar 18, 2008 at 11:21:04PM +0000, vwe@FreeBSD.org wrote: > I think the fine guys at net@ may take care... ;) After running a debug kernel it hasn't happened anymore. Once it happens again (I will know :-) I will have more information on this. Edwin -- Edwin Groothuis | Personal website: http://www.mavetju.org edwin@mavetju.org | Weblog: http://www.mavetju.org/weblog/ From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 09:27:01 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 85C6F106564A; Wed, 19 Mar 2008 09:27:01 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4E8798FC21; Wed, 19 Mar 2008 09:27:01 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (gavin@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2J9R17D083884; Wed, 19 Mar 2008 09:27:01 GMT (envelope-from gavin@freefall.freebsd.org) Received: (from gavin@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2J9R1k3083880; Wed, 19 Mar 2008 09:27:01 GMT (envelope-from gavin) Date: Wed, 19 Mar 2008 09:27:01 GMT Message-Id: <200803190927.m2J9R1k3083880@freefall.freebsd.org> To: gavin@FreeBSD.org, freebsd-i386@FreeBSD.org, freebsd-net@FreeBSD.org From: gavin@FreeBSD.org Cc: Subject: Re: i386/121853: [if_ppp] Page fault while in kernel mode. Supervisor read, page not present. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 09:27:01 -0000 Old Synopsis: Page fault while in kernel mode. Supervisor read, page not present. New Synopsis: [if_ppp] Page fault while in kernel mode. Supervisor read, page not present. Responsible-Changed-From-To: freebsd-i386->freebsd-net Responsible-Changed-By: gavin Responsible-Changed-When: Wed Mar 19 09:23:53 UTC 2008 Responsible-Changed-Why: This appears to be -net related, maybe with in-kernel if_ppp http://www.freebsd.org/cgi/query-pr.cgi?pr=121853 From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 10:22:05 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D73F6106566B; Wed, 19 Mar 2008 10:22:05 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A58388FC23; Wed, 19 Mar 2008 10:22:05 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (gavin@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JAM54Q088153; Wed, 19 Mar 2008 10:22:05 GMT (envelope-from gavin@freefall.freebsd.org) Received: (from gavin@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JAM58f088149; Wed, 19 Mar 2008 10:22:05 GMT (envelope-from gavin) Date: Wed, 19 Mar 2008 10:22:05 GMT Message-Id: <200803191022.m2JAM58f088149@freefall.freebsd.org> To: joe518psu@yahoo.com, gavin@FreeBSD.org, freebsd-net@FreeBSD.org From: gavin@FreeBSD.org Cc: Subject: Re: i386/121853: [if_ppp] Page fault while in kernel mode. Supervisor read, page not present. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 10:22:06 -0000 Synopsis: [if_ppp] Page fault while in kernel mode. Supervisor read, page not present. State-Changed-From-To: open->closed State-Changed-By: gavin State-Changed-When: Wed Mar 19 10:21:41 UTC 2008 State-Changed-Why: On second thoughts, close this, as a duplicate of kern/95288 http://www.freebsd.org/cgi/query-pr.cgi?pr=121853 From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 10:24:17 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7B8451065672; Wed, 19 Mar 2008 10:24:17 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4A9E68FC2E; Wed, 19 Mar 2008 10:24:17 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (gavin@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JAOHMd088226; Wed, 19 Mar 2008 10:24:17 GMT (envelope-from gavin@freefall.freebsd.org) Received: (from gavin@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JAOHwx088222; Wed, 19 Mar 2008 10:24:17 GMT (envelope-from gavin) Date: Wed, 19 Mar 2008 10:24:17 GMT Message-Id: <200803191024.m2JAOHwx088222@freefall.freebsd.org> To: gavin@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: gavin@FreeBSD.org Cc: Subject: Re: kern/95288: [if_ppp] [tty] [panic] if_ppp panic in sys/kern/tty_subr.c putc() X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 10:24:17 -0000 Old Synopsis: [tty] [panic] panic in sys/kern/tty_subr.c putc() New Synopsis: [if_ppp] [tty] [panic] if_ppp panic in sys/kern/tty_subr.c putc() Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: gavin Responsible-Changed-When: Wed Mar 19 10:22:10 UTC 2008 Responsible-Changed-Why: Over to -net, this looks to me like it may be an issue with in-kernel PPP. Note that the issue still exists with 7.0-RELEASE, see PR i386/121853. http://www.freebsd.org/cgi/query-pr.cgi?pr=95288 From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 12:17:17 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE2301065672; Wed, 19 Mar 2008 12:17:17 +0000 (UTC) (envelope-from benjsc@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A56BD8FC30; Wed, 19 Mar 2008 12:17:17 +0000 (UTC) (envelope-from benjsc@FreeBSD.org) Received: from freefall.freebsd.org (benjsc@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JCHHcv097238; Wed, 19 Mar 2008 12:17:17 GMT (envelope-from benjsc@freefall.freebsd.org) Received: (from benjsc@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JCHHLS097234; Wed, 19 Mar 2008 12:17:17 GMT (envelope-from benjsc) Date: Wed, 19 Mar 2008 12:17:17 GMT Message-Id: <200803191217.m2JCHHLS097234@freefall.freebsd.org> To: benjsc@FreeBSD.org, freebsd-net@FreeBSD.org, benjsc@FreeBSD.org From: benjsc@FreeBSD.org Cc: Subject: Re: kern/120493: [wpi] if_wpi.ko fails to load on a Toshiba Satellite Pro P100-439 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 12:17:17 -0000 Synopsis: [wpi] if_wpi.ko fails to load on a Toshiba Satellite Pro P100-439 Responsible-Changed-From-To: freebsd-net->benjsc Responsible-Changed-By: benjsc Responsible-Changed-When: Wed Mar 19 12:15:00 UTC 2008 Responsible-Changed-Why: Over to maintainer http://www.freebsd.org/cgi/query-pr.cgi?pr=120493 From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 12:35:40 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2510B1065671; Wed, 19 Mar 2008 12:35:40 +0000 (UTC) (envelope-from Benjamin.Close@clearchain.com) Received: from ipmail05.adl2.internode.on.net (ipmail05.adl2.internode.on.net [203.16.214.145]) by mx1.freebsd.org (Postfix) with ESMTP id 40F0C8FC29; Wed, 19 Mar 2008 12:35:39 +0000 (UTC) (envelope-from Benjamin.Close@clearchain.com) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AuAFADuk4Ed5LbaWWmdsb2JhbACBWo8fAR2Yfg X-IronPort-AV: E=Sophos;i="4.25,524,1199626200"; d="scan'208";a="79303087" Received: from ppp121-45-182-150.lns11.adl2.internode.on.net (HELO mail.clearchain.com) ([121.45.182.150]) by ipmail05.adl2.internode.on.net with ESMTP; 19 Mar 2008 23:05:38 +1030 Received: from [192.168.155.236] (taurus.internal.clearchain.com [192.168.155.236]) (authenticated bits=0) by mail.clearchain.com (8.14.2/8.14.2) with ESMTP id m2JCZCqJ064664 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 19 Mar 2008 23:05:14 +1030 (CST) (envelope-from Benjamin.Close@clearchain.com) Message-ID: <47E1088A.8090203@clearchain.com> Date: Wed, 19 Mar 2008 23:05:22 +1030 From: Benjamin Close User-Agent: Thunderbird 2.0.0.12 (Windows/20080213) MIME-Version: 1.0 To: Yousif Hassan References: <47C078EC.4020907@student.utwente.nl> <200802241730.13328.fbsd.questions@rachie.is-a-geek.net> <47D63A65.8010507@clearchain.com> <200803111356.00400.fbsd.questions@rachie.is-a-geek.net> <47D68808.5060709@student.utwente.nl><47D6FB5B.3020107@clearchain.com><1205366956.2082.13.camel@localhost> <47D88DC0.1010903@freebsd.org> <47D9A5E3.1020900@clearchain.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.92.1, clamav-milter version 0.92.1 on pegasus.clearchain.com X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0 (mail.clearchain.com [192.168.154.1]); Wed, 19 Mar 2008 23:05:18 +1030 (CST) Cc: freebsd-net@freebsd.org, Sam Leffler , Mel , Alphons Fonz van Werven , freebsd-mobile@freebsd.org Subject: Re: [Wireless] Can't connect to wlan X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 12:35:40 -0000 Yousif Hassan wrote: > Benjamin Close wrote: > >> Sam Leffler wrote: >>> Yousif Hassan wrote: >>>> On Wed, 2008-03-12 at 08:06 +1030, Benjamin Close wrote: >>>> > >>>> The slightly wonky: >>>> - As reported by someone else: >>>> wpi0: timeout resetting Tx ring 1 >>>> wpi0: timeout resetting Tx ring 3 >>>> wpi0: timeout resetting Tx ring 4 >>>> appear on startup and occasionally on kldload - however they don't >>>> appear to adversely affect too much > >>> >>> wpi doesn't yet support background scan so doing an explicit scan >>> from the command line will disconnect you from any ap you care >>> connected to. It shouldn't be hard to add bgscan--but that's easy >>> for me to say :) >>> >> It's certainly on my todo list! > > Thanks for reminding me about the bgscan thing. I had read that > somewhere before and completely forgotten! > > Ben, are the > wpi0: timeout resetting Tx ring 1 > wpi0: timeout resetting Tx ring 3 > wpi0: timeout resetting Tx ring 4 > (and other variants thereof) > messages anything to be concerned about? It doesn't seem to affect > stuff but it does show up on initial startup and every other scan I do. > > Thanks to everyone who worked on wpi for a most excellent driver. The timeouts are related to the firmware not being able to reset the tx ring. Normally this isn't too bad as the first thing after resetting the tx rings is to stop the firmware and reinit it. Whilst it won't cause a crash, it still a bug that needs fixing. Cheers, Benjamin From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 12:40:03 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B4177106564A for ; Wed, 19 Mar 2008 12:40:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 8A6768FC23 for ; Wed, 19 Mar 2008 12:40:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JCe3s0098767 for ; Wed, 19 Mar 2008 12:40:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JCe3aP098760; Wed, 19 Mar 2008 12:40:03 GMT (envelope-from gnats) Date: Wed, 19 Mar 2008 12:40:03 GMT Message-Id: <200803191240.m2JCe3aP098760@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Benjamin Close Cc: Subject: Re: kern/118975: [bge] [patch] Broadcom 5906 not handled by FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Benjamin Close List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 12:40:03 -0000 The following reply was made to PR kern/118975; it has been noted by GNATS. From: Benjamin Close To: bug-followup@FreeBSD.org, thn@saeab.se Cc: Subject: Re: kern/118975: [bge] [patch] Broadcom 5906 not handled by FreeBSD Date: Wed, 19 Mar 2008 22:51:16 +1030 Hi Thomas, Are you able to attach a recent patch rather than inling it - I'll see what I can do to test/get it merged. Cheers, Benjamin From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 12:40:16 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DFD501065671; Wed, 19 Mar 2008 12:40:16 +0000 (UTC) (envelope-from vwe@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B88638FC27; Wed, 19 Mar 2008 12:40:16 +0000 (UTC) (envelope-from vwe@FreeBSD.org) Received: from freefall.freebsd.org (vwe@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JCeG0A098876; Wed, 19 Mar 2008 12:40:16 GMT (envelope-from vwe@freefall.freebsd.org) Received: (from vwe@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JCeGcR098872; Wed, 19 Mar 2008 12:40:16 GMT (envelope-from vwe) Date: Wed, 19 Mar 2008 12:40:16 GMT Message-Id: <200803191240.m2JCeGcR098872@freefall.freebsd.org> To: edwin@mavetju.org, vwe@FreeBSD.org, freebsd-net@FreeBSD.org From: vwe@FreeBSD.org Cc: Subject: Re: kern/121774: 6.3 kernel panic in swi1: net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 12:40:17 -0000 Synopsis: 6.3 kernel panic in swi1: net State-Changed-From-To: open->suspended State-Changed-By: vwe State-Changed-When: Wed Mar 19 12:39:19 UTC 2008 State-Changed-Why: Suspend for now until Edwin is able to reproduce this. http://www.freebsd.org/cgi/query-pr.cgi?pr=121774 From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 14:30:16 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6CF44106568B for ; Wed, 19 Mar 2008 14:30:16 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from mail.farley.org (farley.org [67.64.95.201]) by mx1.freebsd.org (Postfix) with ESMTP id 348718FC29 for ; Wed, 19 Mar 2008 14:30:16 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from thor.farley.org (thor.farley.org [192.168.1.5]) by mail.farley.org (8.14.2/8.14.2) with ESMTP id m2JEUBbF088247; Wed, 19 Mar 2008 09:30:14 -0500 (CDT) (envelope-from scf@FreeBSD.org) Date: Wed, 19 Mar 2008 09:30:11 -0500 (CDT) From: "Sean C. Farley" To: David DeSimone In-Reply-To: <20080318223404.GB24011@verio.net> Message-ID: References: <47DE4E96.8080507@FreeBSD.org> <20080318223404.GB24011@verio.net> User-Agent: Alpine 1.00 (BSF 882 2007-12-20) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on mail.farley.org Cc: freebsd-net@FreeBSD.org Subject: Re: Frequent pauses with Linux-based router X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 14:30:16 -0000 On Tue, 18 Mar 2008, David DeSimone wrote: > Sean C. Farley wrote: >> >> An ICMP test showed that there were occasional pauses and packet >> loss. The fix: use 100Mb instead of 10Mb. :) For some reason I do >> not recall, I had forced the interface connected to the DSL router to >> 10Mb. When I noticed XP did not have the same problem and that it >> had a 100Mb connection to the router, I found and removed the "media >> 10baseT/UTP mediaopt full-duplex" from /etc/rc.conf for the >> interface. That appears to have fixed it. > > The fix here is not that you moved to 100 Mb, it's that you stopped > forcing duplex, and allow auto-negotiation to take place. > > With the forced duplex in effect, your NIC does not auto-negotiate > with the other end (the router), and it falls back to half duplex, > which leads to large numbers of collision errors. Ah! I tried it again at 10Mb without setting it to full-duplex, and it worked. Out of curiosity, is it normal that 100Mb will default to full-duplex yet 10Mb will not, or is it dependent on the hardware? >> The pause always seemed to be for packets from the router to the >> computer. > > Yep, whenever the router would try to send, if your end happened to be > sending a frame, the router's NIC would stop to avoid the collision, > leading to packet loss. This is a classic duplex-mismatch scenario. My wife was getting tired of hearing the thump of my head on the wall. Maybe one more to make sure I remember this next time. :) Thank you for the explanation. Sean -- scf@FreeBSD.org From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 16:19:31 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B372A106564A for ; Wed, 19 Mar 2008 16:19:31 +0000 (UTC) (envelope-from fox@verio.net) Received: from dfw-smtpout2.email.verio.net (dfw-smtpout2.email.verio.net [129.250.36.42]) by mx1.freebsd.org (Postfix) with ESMTP id 63B828FC39 for ; Wed, 19 Mar 2008 16:19:31 +0000 (UTC) (envelope-from fox@verio.net) Received: from [129.250.36.64] (helo=dfw-mmp4.email.verio.net) by dfw-smtpout2.email.verio.net with esmtp id 1Jc10i-0005EI-0C for freebsd-net@FreeBSD.org; Wed, 19 Mar 2008 16:19:28 +0000 Received: from [129.250.40.241] (helo=limbo.int.dllstx01.us.it.verio.net) by dfw-mmp4.email.verio.net with esmtp id 1Jc10h-0001Jr-T4 for freebsd-net@FreeBSD.org; Wed, 19 Mar 2008 16:19:27 +0000 Received: by limbo.int.dllstx01.us.it.verio.net (Postfix, from userid 1000) id B4B0F8E296; Wed, 19 Mar 2008 11:19:22 -0500 (CDT) Date: Wed, 19 Mar 2008 11:19:22 -0500 From: David DeSimone To: freebsd-net@FreeBSD.org Message-ID: <20080319161922.GE24197@verio.net> Mail-Followup-To: freebsd-net@FreeBSD.org References: <47DE4E96.8080507@FreeBSD.org> <20080318223404.GB24011@verio.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; x-action=pgp-signed Content-Disposition: inline In-Reply-To: Precedence: bulk User-Agent: Mutt/1.5.9i Cc: Subject: Re: Frequent pauses with Linux-based router X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 16:19:31 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sean C. Farley wrote: > > Ah! I tried it again at 10Mb without setting it to full-duplex, and > it worked. Out of curiosity, is it normal that 100Mb will default to > full-duplex yet 10Mb will not, or is it dependent on the hardware? Speed and duplex are set independently of each other. It does not matter what you set the speed to, it only matters that you forced the duplex setting on one end of the link, without forcing the same setting on the other end of the link. The rule is that both ends of the link must use the same settings, either both forced, or both auto. It turns out that speed settings can be reliably detected by the other end of the link, but duplex can NOT. A duplex mismatch is thus a very common condition, and is usually only detected by "slow network response" being the symptom. - -- David DeSimone == Network Admin == fox@verio.net "This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, dis- tribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio, Inc. makes no warranty that this email is error or virus free. Thank you." --Lawyer Bot 6000 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFH4T0KFSrKRjX5eCoRAiCLAJ9qEEMWGOmjLT153p5vunhwD90XmACgn8Lv 6GZOlfz5DLlR3mTD3qAKtJA= =+k2X -----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 20:32:11 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B32AA1065675 for ; Wed, 19 Mar 2008 20:32:11 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id 90D328FC12 for ; Wed, 19 Mar 2008 20:32:11 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id 0E3F91A000B1B for ; Wed, 19 Mar 2008 13:32:10 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id pKq5N4Zenb6H for ; Wed, 19 Mar 2008 13:32:02 -0700 (PDT) Received: from coal.local (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id D6EE71A000B32 for ; Wed, 19 Mar 2008 13:32:02 -0700 (PDT) From: Freddie Cash Organization: School District 73 To: freebsd-net@freebsd.org Date: Wed, 19 Mar 2008 13:32:01 -0700 User-Agent: KMail/1.9.7 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803191332.01878.fjwcash@gmail.com> Subject: Separate rules for each port, or one for all ports? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:32:11 -0000 I'm just curious if there is any information available on how quickly ipfw processes rules, and whether or not a long list of ports in a single rule makes things faster or slower? Just curious if there is a big difference between: ipfw add allow tcp from any to me 22,25,80,110,143,443,10000 in recv fxp0 and ipfw add allow tcp from any to me 22 in recv fxp0 ipfw add allow tcp from any to me 25 in recv fxp0 ipfw add allow tcp from any to me 80 in recv fxp0 ipfw add allow tcp from any to me 110 in recv fxp0 ipfw add allow tcp from any to me 143 in recv fxp0 ipfw add allow tcp from any to me 443 in recv fxp0 ipfw add allow tcp from any to me 10000 in recv fxp0 Other than the ability to track traffic through each port, of course. -- Freddie Cash fjwcash@gmail.com From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 20:35:02 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 29A03106567A for ; Wed, 19 Mar 2008 20:35:02 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id 06EC38FC20 for ; Wed, 19 Mar 2008 20:35:02 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id ADDF61A000B1B for ; Wed, 19 Mar 2008 13:35:01 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 5roAQlRSIdAF for ; Wed, 19 Mar 2008 13:34:55 -0700 (PDT) Received: from coal.local (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id 3AD0E1A000B2D for ; Wed, 19 Mar 2008 13:34:55 -0700 (PDT) From: Freddie Cash Organization: School District 73 To: freebsd-net@freebsd.org Date: Wed, 19 Mar 2008 13:34:54 -0700 User-Agent: KMail/1.9.7 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803191334.54510.fjwcash@gmail.com> Subject: "established" on { tcp or udp } rules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:35:02 -0000 Just curious if the following rule will work correctly. It is accepted by the ipfw command. In the process of working out a test for it, but thought I'd ask here as well, just to be sure. ipfw add { tcp or udp } from me to any 53 out xmit fxp0 ipfw add { tcp or udp } from any 53 to me in recv fxp0 established Will the UDP packets go through correctly, even though "established" has no meaning for UDP streams, and the ipfw command will barf if you use it with just "ipfw add udp" rules? -- Freddie Cash fjwcash@gmail.com From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 20:40:22 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 29A261065671 for ; Wed, 19 Mar 2008 20:40:22 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outO.internet-mail-service.net (outO.internet-mail-service.net [216.240.47.238]) by mx1.freebsd.org (Postfix) with ESMTP id 0F56F8FC29 for ; Wed, 19 Mar 2008 20:40:22 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Wed, 19 Mar 2008 13:40:24 -0700 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 700592D6015; Wed, 19 Mar 2008 13:40:21 -0700 (PDT) Message-ID: <47E17A35.8030004@elischer.org> Date: Wed, 19 Mar 2008 13:40:21 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213) MIME-Version: 1.0 To: Freddie Cash References: <200803191332.01878.fjwcash@gmail.com> In-Reply-To: <200803191332.01878.fjwcash@gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Separate rules for each port, or one for all ports? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:40:22 -0000 Freddie Cash wrote: > I'm just curious if there is any information available on how quickly ipfw > processes rules, and whether or not a long list of ports in a single rule > makes things faster or slower? > > Just curious if there is a big difference between: > > ipfw add allow tcp from any to me 22,25,80,110,143,443,10000 in recv fxp0 > > and > > ipfw add allow tcp from any to me 22 in recv fxp0 > ipfw add allow tcp from any to me 25 in recv fxp0 > ipfw add allow tcp from any to me 80 in recv fxp0 > ipfw add allow tcp from any to me 110 in recv fxp0 > ipfw add allow tcp from any to me 143 in recv fxp0 > ipfw add allow tcp from any to me 443 in recv fxp0 > ipfw add allow tcp from any to me 10000 in recv fxp0 > > Other than the ability to track traffic through each port, of course. > the first is faster. From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 20:43:54 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9EE621065674 for ; Wed, 19 Mar 2008 20:43:54 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id 7A3AD8FC22 for ; Wed, 19 Mar 2008 20:43:54 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id 0AE691A000B28 for ; Wed, 19 Mar 2008 13:43:54 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id zFUmZufQtAbW for ; Wed, 19 Mar 2008 13:43:46 -0700 (PDT) Received: from coal.local (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id 4E6611A000B14 for ; Wed, 19 Mar 2008 13:43:46 -0700 (PDT) From: Freddie Cash Organization: School District 73 To: freebsd-net@freebsd.org Date: Wed, 19 Mar 2008 13:43:45 -0700 User-Agent: KMail/1.9.7 References: <200803191334.54510.fjwcash@gmail.com> In-Reply-To: <200803191334.54510.fjwcash@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803191343.45516.fjwcash@gmail.com> Subject: Re: "established" on { tcp or udp } rules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:43:54 -0000 On March 19, 2008 01:34 pm Freddie Cash wrote: > Just curious if the following rule will work correctly. It is accepted > by the ipfw command. In the process of working out a test for it, but > thought I'd ask here as well, just to be sure. > > ipfw add { tcp or udp } from me to any 53 out xmit fxp0 > ipfw add { tcp or udp } from any 53 to me in recv fxp0 established > > Will the UDP packets go through correctly, even though "established" > has no meaning for UDP streams, and the ipfw command will barf if you > use it with just "ipfw add udp" rules? Hmm, from the looks of things, it doesn't work. Even though it specifies both tcp and udp, the rule only matches tcp packets from an established connection. Perhaps a warning or error should be given when you try to use TCP options on rules that aren't TCP-specific? Or am I missing something here? -- Freddie Cash fjwcash@gmail.com From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 20:47:36 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 84695106566C for ; Wed, 19 Mar 2008 20:47:36 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id 5F1B98FC1A for ; Wed, 19 Mar 2008 20:47:36 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id A20FC1A000B14 for ; Wed, 19 Mar 2008 13:47:35 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 8iMOGlamzWoC for ; Wed, 19 Mar 2008 13:47:29 -0700 (PDT) Received: from coal.local (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id 25A521A000B16 for ; Wed, 19 Mar 2008 13:47:29 -0700 (PDT) From: Freddie Cash Organization: School District 73 To: freebsd-net@freebsd.org Date: Wed, 19 Mar 2008 13:47:28 -0700 User-Agent: KMail/1.9.7 References: <200803191334.54510.fjwcash@gmail.com> <200803191343.45516.fjwcash@gmail.com> In-Reply-To: <200803191343.45516.fjwcash@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803191347.28329.fjwcash@gmail.com> Subject: Re: "established" on { tcp or udp } rules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:47:36 -0000 On March 19, 2008 01:43 pm Freddie Cash wrote: > On March 19, 2008 01:34 pm Freddie Cash wrote: > > Just curious if the following rule will work correctly. It is > > accepted by the ipfw command. In the process of working out a test > > for it, but thought I'd ask here as well, just to be sure. > > > > ipfw add { tcp or udp } from me to any 53 out xmit fxp0 > > ipfw add { tcp or udp } from any 53 to me in recv fxp0 > > established > > > > Will the UDP packets go through correctly, even though "established" > > has no meaning for UDP streams, and the ipfw command will barf if you > > use it with just "ipfw add udp" rules? > > Hmm, from the looks of things, it doesn't work. Even though it > specifies both tcp and udp, the rule only matches tcp packets from an > established connection. > > Perhaps a warning or error should be given when you try to use TCP > options on rules that aren't TCP-specific? > > Or am I missing something here? Guess I should probably have included a test case. From "ipfw show" output: 00100 3 162 allow { tcp or udp } from me to any dst-port 53 out xmit fxp0 00110 0 0 allow { tcp or udp } from any 53 to me in recv fxp0 established 00120 3 409 allow { tcp or udp } from any 53 to me in recv fxp0 Without a "deny ip from any to any" rule instead of the last rule, UDP DNS requests fail. -- Freddie Cash fjwcash@gmail.com From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 20:47:55 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 38E8F106564A for ; Wed, 19 Mar 2008 20:47:55 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outK.internet-mail-service.net (outK.internet-mail-service.net [216.240.47.234]) by mx1.freebsd.org (Postfix) with ESMTP id 1DFC68FC24 for ; Wed, 19 Mar 2008 20:47:54 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Wed, 19 Mar 2008 13:48:12 -0700 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id CE3482D601F; Wed, 19 Mar 2008 13:47:53 -0700 (PDT) Message-ID: <47E17BF9.1030403@elischer.org> Date: Wed, 19 Mar 2008 13:47:53 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213) MIME-Version: 1.0 To: Freddie Cash References: <200803191334.54510.fjwcash@gmail.com> In-Reply-To: <200803191334.54510.fjwcash@gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: "established" on { tcp or udp } rules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:47:55 -0000 Freddie Cash wrote: > Just curious if the following rule will work correctly. It is accepted by > the ipfw command. In the process of working out a test for it, but > thought I'd ask here as well, just to be sure. > > ipfw add { tcp or udp } from me to any 53 out xmit fxp0 > ipfw add { tcp or udp } from any 53 to me in recv fxp0 established > > Will the UDP packets go through correctly, even though "established" has > no meaning for UDP streams, and the ipfw command will barf if you use it > with just "ipfw add udp" rules? > well, an action to do would be good.. as for the question of whether UDP ... established evaluates to true or false, I would guess false but you'll have to test. From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 20:56:37 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7BD91106567E for ; Wed, 19 Mar 2008 20:56:37 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outA.internet-mail-service.net (outA.internet-mail-service.net [216.240.47.224]) by mx1.freebsd.org (Postfix) with ESMTP id 5F7B58FC22 for ; Wed, 19 Mar 2008 20:56:37 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Wed, 19 Mar 2008 13:56:46 -0700 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 5E0982D6014; Wed, 19 Mar 2008 13:56:36 -0700 (PDT) Message-ID: <47E17E03.8040304@elischer.org> Date: Wed, 19 Mar 2008 13:56:35 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213) MIME-Version: 1.0 To: Freddie Cash References: <200803191334.54510.fjwcash@gmail.com> <200803191343.45516.fjwcash@gmail.com> <200803191347.28329.fjwcash@gmail.com> In-Reply-To: <200803191347.28329.fjwcash@gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: "established" on { tcp or udp } rules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:56:37 -0000 Freddie Cash wrote: > On March 19, 2008 01:43 pm Freddie Cash wrote: >> On March 19, 2008 01:34 pm Freddie Cash wrote: >>> Just curious if the following rule will work correctly. It is >>> accepted by the ipfw command. In the process of working out a test >>> for it, but thought I'd ask here as well, just to be sure. >>> >>> ipfw add { tcp or udp } from me to any 53 out xmit fxp0 >>> ipfw add { tcp or udp } from any 53 to me in recv fxp0 >>> established >>> >>> Will the UDP packets go through correctly, even though "established" >>> has no meaning for UDP streams, and the ipfw command will barf if you >>> use it with just "ipfw add udp" rules? >> Hmm, from the looks of things, it doesn't work. Even though it >> specifies both tcp and udp, the rule only matches tcp packets from an >> established connection. >> >> Perhaps a warning or error should be given when you try to use TCP >> options on rules that aren't TCP-specific? >> >> Or am I missing something here? > > Guess I should probably have included a test case. From "ipfw show" > output: > 00100 3 162 allow { tcp or udp } from me to any dst-port 53 out xmit fxp0 > > 00110 0 0 allow { tcp or udp } from any 53 to me in recv fxp0 > established > > 00120 3 409 allow { tcp or udp } from any 53 to me in recv fxp0 > > > Without a "deny ip from any to any" rule instead of the last rule, UDP DNS > requests fail. > "count log" is the best thing to do test cases.. From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 20:56:47 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A709C1065685 for ; Wed, 19 Mar 2008 20:56:47 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id 74EB58FC27 for ; Wed, 19 Mar 2008 20:56:47 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id F31291A000B23 for ; Wed, 19 Mar 2008 13:56:46 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id EWypm7K7Fv+E for ; Wed, 19 Mar 2008 13:56:46 -0700 (PDT) Received: from coal.local (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id A28171A000B1B for ; Wed, 19 Mar 2008 13:56:46 -0700 (PDT) Resent-From: Freddie Cash Resent-To: freebsd-net@freebsd.org Resent-Date: Wed, 19 Mar 2008 13:56:46 -0700 Resent-Message-ID: <200803191356.46842.fjwcash@gmail.com> From: Freddie Cash Organization: School District 73 To: Julian Elischer Date: Wed, 19 Mar 2008 13:55:53 -0700 User-Agent: KMail/1.9.7 References: <200803191334.54510.fjwcash@gmail.com> <47E17BF9.1030403@elischer.org> In-Reply-To: <47E17BF9.1030403@elischer.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803191355.54288.fjwcash@gmail.com> X-Length: 2561 X-UID: 43558 Cc: Subject: Re: "established" on { tcp or udp } rules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:56:47 -0000 On March 19, 2008 01:47 pm you wrote: > Freddie Cash wrote: > > Just curious if the following rule will work correctly. It is > > accepted by the ipfw command. In the process of working out a test > > for it, but thought I'd ask here as well, just to be sure. > > > > ipfw add { tcp or udp } from me to any 53 out xmit fxp0 > > ipfw add { tcp or udp } from any 53 to me in recv fxp0 > > established > > > > Will the UDP packets go through correctly, even though "established" > > has no meaning for UDP streams, and the ipfw command will barf if you > > use it with just "ipfw add udp" rules? > > well, an action to do would be good.. D'oh, typo in the e-mail. The rules are allow: ipfw add allow { tcp or udp } from me to any 53 out xmit fxp0 ipfw add allow { tcp or udp } from any 53 to me in recv fxp0 established > as for the question of whether UDP ... established evaluates to true > or false, I would guess false but you'll have to test. See my follow-up e-mail. It appears that UDP packets don't match due to the established keyword. It appears that: ipfw add allow tcp from any to me in recv fxp0 established and ipfw add allow { tcp or udp } from any to me in recv fxp0 established are functionally the same. Perhaps a warning should be emitted when one tries to add the rule? Hrm, it seems something is different with ipfw on 6.3. One can add: ipfw add allow udp from any to any established without any errors or warnings, but it will never match any packets. I'm sure back in the 4.x days when I started using ipfw that it would error out with something along the lines of "TCP options can't be used with UDP rules". -- Freddie Cash fjwcash@gmail.com From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 21:03:54 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DEA66106566B for ; Wed, 19 Mar 2008 21:03:53 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id AF2CB8FC17 for ; Wed, 19 Mar 2008 21:03:53 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id 3819B1A000B2C for ; Wed, 19 Mar 2008 14:03:53 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id FuZvgc69qdYx for ; Wed, 19 Mar 2008 14:03:44 -0700 (PDT) Received: from coal.local (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id 9D9BA1A000B22 for ; Wed, 19 Mar 2008 14:03:44 -0700 (PDT) From: Freddie Cash Organization: School District 73 To: freebsd-net@freebsd.org Date: Wed, 19 Mar 2008 14:03:43 -0700 User-Agent: KMail/1.9.7 References: <200803191334.54510.fjwcash@gmail.com> <200803191347.28329.fjwcash@gmail.com> <47E17E03.8040304@elischer.org> In-Reply-To: <47E17E03.8040304@elischer.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200803191403.44012.fjwcash@gmail.com> Subject: Re: "established" on { tcp or udp } rules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 21:03:54 -0000 On March 19, 2008 01:56 pm you wrote: > Freddie Cash wrote: > > On March 19, 2008 01:43 pm Freddie Cash wrote: > >> On March 19, 2008 01:34 pm Freddie Cash wrote: > >>> Just curious if the following rule will work correctly. It is > >>> accepted by the ipfw command. In the process of working out a test > >>> for it, but thought I'd ask here as well, just to be sure. > >>> > >>> ipfw add { tcp or udp } from me to any 53 out xmit fxp0 > >>> ipfw add { tcp or udp } from any 53 to me in recv fxp0 > >>> established > >>> > >>> Will the UDP packets go through correctly, even though > >>> "established" has no meaning for UDP streams, and the ipfw command > >>> will barf if you use it with just "ipfw add udp" rules? > >> > >> Hmm, from the looks of things, it doesn't work. Even though it > >> specifies both tcp and udp, the rule only matches tcp packets from > >> an established connection. > >> > >> Perhaps a warning or error should be given when you try to use TCP > >> options on rules that aren't TCP-specific? > >> > >> Or am I missing something here? > > > > Guess I should probably have included a test case. From "ipfw show" > > output: > > 00100 3 162 allow { tcp or udp } from me to any dst-port 53 out xmit > > fxp0 > > > > 00110 0 0 allow { tcp or udp } from any 53 to me in recv fxp0 > > established > > > > 00120 3 409 allow { tcp or udp } from any 53 to me in recv fxp0 > > > > > > Without a "deny ip from any to any" rule instead of the last rule, > > UDP DNS requests fail. > > "count log" is the best thing to do test cases.. [fcash@nexus ~]$ sudo ipfw add 50 count log \{ tcp or udp \} from me to any 53 out xmit fxp0 00050 count log logamount 5000 { tcp or udp } from me to any dst-port 53 out xmit fxp0 [fcash@nexus ~]$ sudo ipfw add 60 count log \{ tcp or udp \} from any 53 to me in recv fxp0 established 00060 count log logamount 5000 { tcp or udp } from any 53 to me in recv fxp0 established [fcash@nexus ~]$ sudo ipfw add 70 count log \{ tcp or udp \} from any 53 to me in recv fxp0 00070 count log logamount 5000 { tcp or udp } from any 53 to me in recv fxp0 [fcash@nexus ~]$ sudo ipfw zero 50 60 70 Entry 50 cleared. Entry 60 cleared. Entry 70 cleared. [fcash@nexus ~]$ host ocis.net ocis.net has address 209.52.173.1 ocis.net mail is handled by 5 mx1.securelinks.net. [fcash@nexus ~]$ tail /var/log/security Mar 19 13:59:04 nexus last message repeated 4 times Mar 19 13:59:10 nexus kernel: ipfw: Entry 50 cleared. Mar 19 13:59:10 nexus kernel: ipfw: Entry 60 cleared. Mar 19 13:59:10 nexus kernel: ipfw: Entry 70 cleared. Mar 19 13:59:13 nexus kernel: ipfw: 50 Count UDP me:59050 172.24.13.171:53 out via fxp0 Mar 19 13:59:13 nexus kernel: ipfw: 70 Count UDP 172.24.13.171:53 me:59050 in via fxp0 Mar 19 13:59:13 nexus kernel: ipfw: 50 Count UDP me:64581 172.24.13.171:53 out via fxp0 Mar 19 13:59:13 nexus kernel: ipfw: 70 Count UDP 172.24.13.171:53 me:64581 in via fxp0 Mar 19 13:59:13 nexus kernel: ipfw: 50 Count UDP me:62570 172.24.13.171:53 out via fxp0 Mar 19 13:59:13 nexus kernel: ipfw: 70 Count UDP 172.24.13.171:53 me:62570 in via fxp0 Rule 60, with the established keyword, is never touched by the UDP packets. -- Freddie Cash fjwcash@gmail.com From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 22:50:05 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 179C41065673 for ; Wed, 19 Mar 2008 22:50:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id F09398FC19 for ; Wed, 19 Mar 2008 22:50:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JMo4ep051652 for ; Wed, 19 Mar 2008 22:50:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JMo4io051651; Wed, 19 Mar 2008 22:50:04 GMT (envelope-from gnats) Date: Wed, 19 Mar 2008 22:50:04 GMT Message-Id: <200803192250.m2JMo4io051651@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: =?ISO-8859-1?Q?Thomas_Nystr=F6m?= Cc: Subject: Re: kern/118975: [bge] [patch] Broadcom 5906 not handled by FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: =?ISO-8859-1?Q?Thomas_Nystr=F6m?= List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 22:50:05 -0000 The following reply was made to PR kern/118975; it has been noted by GNATS. From: =?ISO-8859-1?Q?Thomas_Nystr=F6m?= To: Benjamin Close Cc: bug-followup@FreeBSD.org Subject: Re: kern/118975: [bge] [patch] Broadcom 5906 not handled by FreeBSD Date: Wed, 19 Mar 2008 23:41:47 +0100 Benjamin Close skrev: > Hi Thomas, > Are you able to attach a recent patch rather than inling it - I'll > see what I can do to test/get it merged. Hi Benjamin! I tried to attach the updated patch the last time but it seems that something got wrong... I have now put both patches here: http://ture.saeab.se/bcm5906/ One for 6.3R and one for 7.0R. Last time I checked the 7.0R also applied to -CURRENT without problem. Currently my machine with 5906 is running 6.3R but I will arrange so it also could run -CURRENT. /Thomas -- --------------------------------------------------------------- Svensk Aktuell Elektronik AB Thomas Nyström Box 10 Phone: +46 73 069 69 30 S-191 21 Sollentuna Fax: +46 8 35 92 89 Sweden Email: thn@saeab.se --------------------------------------------------------------- From owner-freebsd-net@FreeBSD.ORG Wed Mar 19 22:56:03 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0860F1065670; Wed, 19 Mar 2008 22:56:03 +0000 (UTC) (envelope-from remko@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C98CF8FC16; Wed, 19 Mar 2008 22:56:02 +0000 (UTC) (envelope-from remko@FreeBSD.org) Received: from freefall.freebsd.org (remko@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JMu2s2051860; Wed, 19 Mar 2008 22:56:02 GMT (envelope-from remko@freefall.freebsd.org) Received: (from remko@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JMu2Pr051856; Wed, 19 Mar 2008 22:56:02 GMT (envelope-from remko) Date: Wed, 19 Mar 2008 22:56:02 GMT Message-Id: <200803192256.m2JMu2Pr051856@freefall.freebsd.org> To: remko@FreeBSD.org, freebsd-i386@FreeBSD.org, freebsd-net@FreeBSD.org From: remko@FreeBSD.org Cc: Subject: Re: kern/121872: [wpi] driver fails to attach on a fujitsu-siemens s7110 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 22:56:03 -0000 Synopsis: [wpi] driver fails to attach on a fujitsu-siemens s7110 Responsible-Changed-From-To: freebsd-i386->freebsd-net Responsible-Changed-By: remko Responsible-Changed-When: Wed Mar 19 22:55:47 UTC 2008 Responsible-Changed-Why: This is somethin network related. http://www.freebsd.org/cgi/query-pr.cgi?pr=121872 From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 08:55:27 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A76701065678 for ; Thu, 20 Mar 2008 08:55:27 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 590878FC23 for ; Thu, 20 Mar 2008 08:55:26 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1JcGYV-0000fb-FV for freebsd-net@freebsd.org; Thu, 20 Mar 2008 08:55:23 +0000 Received: from 195.208.174.178 ([195.208.174.178]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Mar 2008 08:55:23 +0000 Received: from vadim_nuclight by 195.208.174.178 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Mar 2008 08:55:23 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Vadim Goncharov Date: Thu, 20 Mar 2008 08:55:16 +0000 (UTC) Organization: Nuclear Lightning @ Tomsk, TPU AVTF Hostel Lines: 29 Message-ID: References: <200803191332.01878.fjwcash@gmail.com> X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 195.208.174.178 X-Comment-To: Freddie Cash User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news Subject: Re: Separate rules for each port, or one for all ports? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: vadim_nuclight@mail.ru List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 08:55:27 -0000 Hi Freddie Cash! On Wed, 19 Mar 2008 13:32:01 -0700; Freddie Cash wrote about 'Separate rules for each port, or one for all ports?': > I'm just curious if there is any information available on how quickly ipfw > processes rules, and whether or not a long list of ports in a single rule > makes things faster or slower? > Just curious if there is a big difference between: > ipfw add allow tcp from any to me 22,25,80,110,143,443,10000 in recv fxp0 > and > ipfw add allow tcp from any to me 22 in recv fxp0 > ipfw add allow tcp from any to me 25 in recv fxp0 > ipfw add allow tcp from any to me 80 in recv fxp0 > ipfw add allow tcp from any to me 110 in recv fxp0 > ipfw add allow tcp from any to me 143 in recv fxp0 > ipfw add allow tcp from any to me 443 in recv fxp0 > ipfw add allow tcp from any to me 10000 in recv fxp0 > Other than the ability to track traffic through each port, of course. The first becomes significantly faster when you have hundreds of rules. -- WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight] From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 09:03:55 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B4B821065671 for ; Thu, 20 Mar 2008 09:03:55 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 655578FC36 for ; Thu, 20 Mar 2008 09:03:55 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1JcGgj-00013f-4R for freebsd-net@freebsd.org; Thu, 20 Mar 2008 09:03:53 +0000 Received: from 195.208.174.178 ([195.208.174.178]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Mar 2008 09:03:53 +0000 Received: from vadim_nuclight by 195.208.174.178 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Mar 2008 09:03:53 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Vadim Goncharov Date: Thu, 20 Mar 2008 09:03:45 +0000 (UTC) Organization: Nuclear Lightning @ Tomsk, TPU AVTF Hostel Lines: 46 Message-ID: References: <200803191334.54510.fjwcash@gmail.com> <47E17BF9.1030403@elischer.org> <200803191355.54288.fjwcash@gmail.com> X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 195.208.174.178 X-Comment-To: Freddie Cash User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news Subject: Re: "established" on { tcp or udp } rules X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: vadim_nuclight@mail.ru List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 09:03:55 -0000 Hi Freddie Cash! On Wed, 19 Mar 2008 13:55:53 -0700; Freddie Cash wrote about 'Re: "established" on { tcp or udp } rules': > ipfw add allow { tcp or udp } from me to any 53 out xmit fxp0 > ipfw add allow { tcp or udp } from any 53 to me in recv fxp0 > established >> as for the question of whether UDP ... established evaluates to true >> or false, I would guess false but you'll have to test. > See my follow-up e-mail. It appears that UDP packets don't match due to > the established keyword. > It appears that: > ipfw add allow tcp from any to me in recv fxp0 established > and > ipfw add allow { tcp or udp } from any to me in recv fxp0 established > are functionally the same. Perhaps a warning should be emitted when one > tries to add the rule? > Hrm, it seems something is different with ipfw on 6.3. One can add: > ipfw add allow udp from any to any established > without any errors or warnings, but it will never match any packets. I'm > sure back in the 4.x days when I started using ipfw that it would error > out with something along the lines of "TCP options can't be used with UDP > rules". This is behaviour of ipfw2 - options are independently ANDed. Thus, man page explicitly says: established Matches TCP packets that have the RST or ACK bits set. So, it is obvious that udp packet will not match and thus entire rule will not match. -- WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight] From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 10:12:19 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 03B19106564A for ; Thu, 20 Mar 2008 10:12:19 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.176]) by mx1.freebsd.org (Postfix) with ESMTP id DA7AE8FC24 for ; Thu, 20 Mar 2008 10:12:18 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so933540waf.3 for ; Thu, 20 Mar 2008 03:12:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=IrMaK8UrRApa/vfmHHfaLKttHNM6v8ESZ0cNdFC3kEA=; b=pSZgHUmuB69ZBKNEknuxHYVJ5gV+Hm9T7BjvT0BCXzQNOdClAJ0y8TxwRbQq7/WgiHJST6MsIuyOFd7ZZyWEDZBegaBKk3vpFmXD+uqcU8vPazoIXI1pDxmwbW+Z6tCK29HMZlm51VRLNdrS/fq5kl22uVzj1vU7GY5JFjosLKc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=RQ9Z7to8gtT4/vSzYhpLbwZa3s30mZgqpo3fXYKu0QW5d1d5bz0NI2Ir5eNdKXPsuYBUs19UL/lvpM5ljrYF7rYBaxdWUNkrUYQ/2I2NqdTv8A0ehp18Bdka6fFxZaNBNJbpzZhT0jB65SmlCdaPVDjTogvRvpS+hUUQhjKtsDQ= Received: by 10.114.13.1 with SMTP id 1mr3146593wam.60.1206006232730; Thu, 20 Mar 2008 02:43:52 -0700 (PDT) Received: by 10.115.78.3 with HTTP; Thu, 20 Mar 2008 02:43:52 -0700 (PDT) Message-ID: Date: Thu, 20 Mar 2008 09:43:52 +0000 From: "Alireza Torabi" To: freebsd-net@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Subject: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 10:12:19 -0000 Hi All, Is it possible to redirect/send/divert a bpf packet capture of one interface to a listening tcp socket on another interface of the same machine? Here is my problem: I'm capturing packets on one interface but for some specific tcp packets let's say from host A to host B on port P, I want to hijack the packet and send it to a listening tcp socket on the other interface and reply an "Access Denied" message. I'd like to use the tcp socket on the other interface as it's not possible to communicate over the interface that's doing the packet capture and I don't want to invent the wheel by doing all the tcp/tcb states hence using a tcp socket. Thanks a lot Alireza PS. I've posted this to freebsd-questions too. My apologies. From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 10:50:08 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 90B1B1065672 for ; Thu, 20 Mar 2008 10:50:08 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 457448FC22 for ; Thu, 20 Mar 2008 10:50:08 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from root by ciao.gmane.org with local (Exim 4.43) id 1JcILS-0006Bc-9E for freebsd-net@freebsd.org; Thu, 20 Mar 2008 10:50:02 +0000 Received: from 195.208.174.178 ([195.208.174.178]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Mar 2008 10:50:02 +0000 Received: from vadim_nuclight by 195.208.174.178 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Mar 2008 10:50:02 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Vadim Goncharov Date: Thu, 20 Mar 2008 10:47:09 +0000 (UTC) Organization: Nuclear Lightning @ Tomsk, TPU AVTF Hostel Lines: 28 Message-ID: References: X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 195.208.174.178 X-Comment-To: Alireza Torabi User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: vadim_nuclight@mail.ru List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 10:50:08 -0000 Hi Alireza Torabi! On Thu, 20 Mar 2008 09:43:52 +0000; Alireza Torabi wrote about 'bpf packet capture and SOCK_STREAM socket redirects...': > Is it possible to redirect/send/divert a bpf packet capture of one > interface to a listening tcp socket on another interface of the same > machine? > Here is my problem: > I'm capturing packets on one interface but for some specific tcp > packets let's say from host A to host B on port P, I want to hijack > the packet and send it to a listening tcp socket on the other > interface and reply an "Access Denied" message. > I'd like to use the tcp socket on the other interface as it's not > possible to communicate over the interface that's doing the packet > capture and I don't want to invent the wheel by doing all the tcp/tcb > states hence using a tcp socket. But if that's a middle of connection, how would you do? Kernel sockets assume they've acted in a conversation from the very beginning SYN's, so if you redirect such packet, socket will not understand it. If you yopu want to simply close/reset connection, however, this can be done somehow. -- WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight] From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 10:57:41 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 16E4A106564A for ; Thu, 20 Mar 2008 10:57:41 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.224]) by mx1.freebsd.org (Postfix) with ESMTP id D17C68FC1C for ; Thu, 20 Mar 2008 10:57:40 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: by wr-out-0506.google.com with SMTP id 50so805254wra.13 for ; Thu, 20 Mar 2008 03:57:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=fF9HpfC+RRc7X02ZbYwqwRAbj/HcfwUdbd1tekFmtdY=; b=YzivwYnGMmZO7P07WNsQ6ycjXG2z4pmloJ9q2UHXADfujFBGxrwJuzSFXSLkyQ2UfzHjRyvgf2bzg0l4VcxOrqEUdByI1mjsXGXBDBQvYyWpFMEv/HBiumP2wvsPMSsq9Rg5Cfn6mfl4foZLy/YzkVArEJ1o6PmzEI8XwHYg+AQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=T/HD1tT0SPO9XmPmz5tT2/Ju4eoS/SxYx+BOFGeqV3fQHjA78SwFjteAB7OJZUx4fdWK9jzv3r9b9cmiXcLNuzXLc9zFFNVxSYMVEhScZFKOfJZbES5/+TW/eKwLgi9rbZfQDz7MnK/Dz0qlDMlvfYBR4k4YEfTSO3orcvcIxXU= Received: by 10.115.18.1 with SMTP id v1mr3235363wai.81.1206010659413; Thu, 20 Mar 2008 03:57:39 -0700 (PDT) Received: by 10.115.78.3 with HTTP; Thu, 20 Mar 2008 03:57:39 -0700 (PDT) Message-ID: Date: Thu, 20 Mar 2008 10:57:39 +0000 From: "Alireza Torabi" To: freebsd-net@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Cc: vadim_nuclight@mail.ru Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 10:57:41 -0000 Thanks for reply. That's sort of the problem. I've got a data link capture of the packet (bpf) and let say I redirect this packet to a SOCK_STREAM on another machine and the whole thing will work fine (OK after rewritting some mac and ip and checksums...). I just need to do this on the SOCK_STREAM of the same machine. If I try to put it in another way: Is it possible to do a bpf write of a packet that can be seen by the interface the bpf is bound to? This means that the interface does it's normal work and the packet will be deliverd to SOCK_STREAM bound to it. A On 3/20/08, Vadim Goncharov wrote: > Hi Alireza Torabi! > > On Thu, 20 Mar 2008 09:43:52 +0000; Alireza Torabi wrote about 'bpf packet capture and SOCK_STREAM socket redirects...': > > > Is it possible to redirect/send/divert a bpf packet capture of one > > interface to a listening tcp socket on another interface of the same > > machine? > > Here is my problem: > > I'm capturing packets on one interface but for some specific tcp > > packets let's say from host A to host B on port P, I want to hijack > > the packet and send it to a listening tcp socket on the other > > interface and reply an "Access Denied" message. > > > I'd like to use the tcp socket on the other interface as it's not > > possible to communicate over the interface that's doing the packet > > capture and I don't want to invent the wheel by doing all the tcp/tcb > > states hence using a tcp socket. > > But if that's a middle of connection, how would you do? Kernel sockets assume > they've acted in a conversation from the very beginning SYN's, so if you > redirect such packet, socket will not understand it. > > If you yopu want to simply close/reset connection, however, this can be done > somehow. > > -- > WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru > [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight] > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 11:13:27 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9F956106564A for ; Thu, 20 Mar 2008 11:13:27 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 530EC8FC1C for ; Thu, 20 Mar 2008 11:13:27 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1JcIi1-0007F2-M0 for freebsd-net@freebsd.org; Thu, 20 Mar 2008 11:13:21 +0000 Received: from 195.208.174.178 ([195.208.174.178]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Mar 2008 11:13:21 +0000 Received: from vadim_nuclight by 195.208.174.178 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 20 Mar 2008 11:13:21 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Vadim Goncharov Date: Thu, 20 Mar 2008 11:13:08 +0000 (UTC) Organization: Nuclear Lightning @ Tomsk, TPU AVTF Hostel Lines: 26 Message-ID: References: X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 195.208.174.178 X-Comment-To: Alireza Torabi User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: vadim_nuclight@mail.ru List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 11:13:27 -0000 Hi Alireza Torabi! On Thu, 20 Mar 2008 10:57:39 +0000; Alireza Torabi wrote about 'Re: bpf packet capture and SOCK_STREAM socket redirects...': > That's sort of the problem. I've got a data link capture of the packet > (bpf) and let say I redirect this packet to a SOCK_STREAM on another > machine and the whole thing will work fine (OK after rewritting some > mac and ip and checksums...). > I just need to do this on the SOCK_STREAM of the same machine. If I > try to put it in another way: > Is it possible to do a bpf write of a packet that can be seen by the > interface the bpf is bound to? AFAIK, no. > This means that the interface does it's normal work and the packet > will be deliverd to SOCK_STREAM bound to it. What exactly is your task? May be it is worth consider some other ways if additional details are known. -- WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight] From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 11:27:54 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 885BC1065673 for ; Thu, 20 Mar 2008 11:27:54 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.181]) by mx1.freebsd.org (Postfix) with ESMTP id 69A1F8FC1F for ; Thu, 20 Mar 2008 11:27:54 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so962626waf.3 for ; Thu, 20 Mar 2008 04:27:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=SWcJpgSwigaBHmKYhe5uKjE+SohH5S9Y+vQfrtybEHM=; b=nRaUd6IgxR23LVic0xN6tIycfjqFD8KjWKTZ+jZ19aIR/XuLicb0xKaD0NgOCFqb6ijwuNqNuXdQSNT6TTbUdv76H3IEUImaOULZZwfChynMgX4oKh08vJrUJHy6INiPRodxyvZ90tfAJNL1g3H2N0pZTTu3AaDiN9FxxuYBAhM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=msSEgk2TrpfDHdWqjkGx7qhKDeTq48Q8sfV+EtjcUZc96DW0Ap9XR+vT7y7HBL0J9X7Nje2UY6Txh4Ffa3eh1uu8L2VL8V6AF8e7AdPn4DxSaxjklT0oaCEniW/Zunj8eLJclHO2zJnhD+wkI5vxK6PErxGidqW3hjxb3ugwvpI= Received: by 10.114.89.1 with SMTP id m1mr3298986wab.77.1206012473640; Thu, 20 Mar 2008 04:27:53 -0700 (PDT) Received: by 10.115.78.3 with HTTP; Thu, 20 Mar 2008 04:27:53 -0700 (PDT) Message-ID: Date: Thu, 20 Mar 2008 11:27:53 +0000 From: "Alireza Torabi" To: vadim_nuclight@mail.ru In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Cc: freebsd-net@freebsd.org Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 11:27:54 -0000 Imagine this: | (1) packets | | (4) [nic1] [nic2] bpf SOCK_STREAM | (2) | [FreeBSD] (3) 1) all user traffic are being monitored 2) bpf on [nic] is capturing these packets 3) after processing we know a connection is about to be established from A to B NOW: 4) I want to deliver this packet to the socket on [nic2] and as this is a tcp socket it'll take care of it from there (my code here for this sockets sends and arbitary data to A making it think it came from B) hope this helps. On 3/20/08, Vadim Goncharov wrote: > Hi Alireza Torabi! > > On Thu, 20 Mar 2008 10:57:39 +0000; Alireza Torabi wrote about 'Re: bpf packet capture and SOCK_STREAM socket redirects...': > > > That's sort of the problem. I've got a data link capture of the packet > > (bpf) and let say I redirect this packet to a SOCK_STREAM on another > > machine and the whole thing will work fine (OK after rewritting some > > mac and ip and checksums...). > > > I just need to do this on the SOCK_STREAM of the same machine. If I > > try to put it in another way: > > > Is it possible to do a bpf write of a packet that can be seen by the > > interface the bpf is bound to? > > AFAIK, no. > > > This means that the interface does it's normal work and the packet > > will be deliverd to SOCK_STREAM bound to it. > > What exactly is your task? May be it is worth consider some other ways if > additional details are known. > > -- > WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru > [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight] > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 12:50:13 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 03773106566C for ; Thu, 20 Mar 2008 12:50:13 +0000 (UTC) (envelope-from wcglist@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.226]) by mx1.freebsd.org (Postfix) with ESMTP id BE07D8FC20 for ; Thu, 20 Mar 2008 12:50:12 +0000 (UTC) (envelope-from wcglist@gmail.com) Received: by wx-out-0506.google.com with SMTP id i29so1089080wxd.7 for ; Thu, 20 Mar 2008 05:50:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=eQAhGTHbolReyp7Xx215xQt6i325Tz0iZWUiAx67etU=; b=JGG1qR8UOzrgTWEM/RkBzVGHw9pXzmhGeRpk76mUVGUHZns3RDaQ4nmrpQGmLzDO0lhqW/H04jObxQCj3xml9G6o2qiPxKdpcMCcofK7FsJEqSSbgwRjgVAhkdLYvypmQl7AOtsq5fcaWv0C1pu9WP1MU+v+jJrKSlXWXNjZmEg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=KYwFI/TXu8SDAESMdLwok/bY7g/UseAcP3pARY1m47t2R9BC+M3I2Q8FkD1AfBF9IrUsx7D9KYksOUDw+8hROmgXQ+6SSZRO6liEDfaoKfNT4ZY976w9x9PHR9Pyvl/z9BV1zowu2pk/v9btQItzN4PEs5Jp6dx7ha5wP20sqmU= Received: by 10.140.180.13 with SMTP id c13mr632169rvf.188.1206015853117; Thu, 20 Mar 2008 05:24:13 -0700 (PDT) Received: by 10.141.123.18 with HTTP; Thu, 20 Mar 2008 05:24:13 -0700 (PDT) Message-ID: Date: Thu, 20 Mar 2008 09:24:13 -0300 From: Wesley To: freebsd-net@freebsd.org In-Reply-To: MIME-Version: 1.0 References: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: route-to not working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 12:50:13 -0000 Dear people, I have 2 links on a box, and I don't want to load balance it but, only to reply requests in the same interface that it comes. I tried to use the route-to, but it not seems to work. Could you please, give-me a help? It's my configuration: set skip on lo0 scrub on xl0 reassemble tcp no-df random-id scrub on xl1 reassemble tcp no-df random-id scrub on dc0 reassemble tcp no-df random-id nat on xl0 from 172.16.0.0/24 to any -> (xl0) static-port rdr on dc0 inet proto tcp to port 80 -> 127.0.0.1 port 3128 round-robin sticky-address antispoof quick for {xl0,dc0,xl1} block proto tcp from 172.16.0.0/24 to any port 3128 # Internal Traffic pass in quick on dc0 from any to any pass out quick on dc0 from any to any # Outgoing pass out on xl0 proto tcp all flags S/SA modulate state pass out on xl0 proto { udp, icmp } all keep state pass out on xl1 proto tcp all flags S/SA modulate state pass out on xl1 proto { udp, icmp } all keep state # Pass basic services pass in quick on xl1 proto tcp from any to any port { 22, 21, 1194 } keep state pass in quick on xl0 proto tcp from any to any port { 22, 21, 1194 } keep state pass in on xl0 proto udp from any to any port 53 pass in on xl1 proto udp from any to any port 53 # Pass VPN pass in quick on xl1 proto udp from any to port 1194 keep state pass quick on tun0 # Source nat route pass out log on xl0 route-to ( xl1 200.232.164.1 ) from xl1 to any pass out on xl1 route-to ( xl0 201.83.16.1 ) from xl0 to any # Close block return-rst in log quick on xl0 inet proto tcp from any to any block return-rst in log quick on xl1 inet proto tcp from any to any block return-icmp in log quick on xl0 proto udp from any to any block return-icmp in log quick on xl1 proto udp from any to any block in quick on xl0 all block in quick on xl1 all Best Regards, Wesley Gentine From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 12:57:50 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C9B7D106566B for ; Thu, 20 Mar 2008 12:57:50 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: from blah.sun-fish.com (blah.sun-fish.com [217.18.249.150]) by mx1.freebsd.org (Postfix) with ESMTP id 42D498FC1C for ; Thu, 20 Mar 2008 12:57:50 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: by blah.sun-fish.com (Postfix, from userid 1002) id 91C591B10EE0; Thu, 20 Mar 2008 13:57:48 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on blah.cmotd.com X-Spam-Level: X-Spam-Status: No, score=-10.6 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.2.3 Received: from hater.haters.org (hater.cmotd.com [192.168.3.125]) by blah.sun-fish.com (Postfix) with ESMTP id 7DA041B10EF2; Thu, 20 Mar 2008 13:57:42 +0100 (CET) Message-ID: <47E25F45.8010805@moneybookers.com> Date: Thu, 20 Mar 2008 14:57:41 +0200 From: Stefan Lambrev User-Agent: Thunderbird 2.0.0.12 (X11/20080229) MIME-Version: 1.0 To: Wesley References: In-Reply-To: Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.91.2/6310/Thu Mar 20 07:02:00 2008 on blah.cmotd.com X-Virus-Status: Clean Cc: freebsd-net@freebsd.org Subject: Re: route-to not working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 12:57:50 -0000 Greetings, Wesley wrote: > Dear people, > > I have 2 links on a box, and I don't want to load balance it but, only to > reply requests in the same interface that it comes. > > I tried to use the route-to, but it not seems to work. > > Could you please, give-me a help? > I do not see where you use "reply-to" in you configuration But here is working example which you can improve off course. #dual home pass in on $ext_if1 reply-to ($ext_if1 $gw1) from any to $external_addr1 keep state pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any pass in on $ext_if2 reply-to ($ext_if2 $gw2) from any to $external_addr2 keep state pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any #dual home ssh only pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any pass in on $ext_if1 reply-to ($ext_if1 $gw1) proto tcp from any to $external_addr1 port 22 keep state pass in on $ext_if2 reply-to ($ext_if2 $gw2) proto tcp from any to $external_addr2 port 22 keep state > It's my configuration: > > set skip on lo0 > scrub on xl0 reassemble tcp no-df random-id > scrub on xl1 reassemble tcp no-df random-id > scrub on dc0 reassemble tcp no-df random-id > nat on xl0 from 172.16.0.0/24 to any -> (xl0) static-port > rdr on dc0 inet proto tcp to port 80 -> 127.0.0.1 port 3128 round-robin > sticky-address > antispoof quick for {xl0,dc0,xl1} > block proto tcp from 172.16.0.0/24 to any port 3128 > # Internal Traffic > pass in quick on dc0 from any to any > pass out quick on dc0 from any to any > # Outgoing > pass out on xl0 proto tcp all flags S/SA modulate state > pass out on xl0 proto { udp, icmp } all keep state > pass out on xl1 proto tcp all flags S/SA modulate state > pass out on xl1 proto { udp, icmp } all keep state > # Pass basic services > pass in quick on xl1 proto tcp from any to any port { 22, 21, 1194 } keep > state > pass in quick on xl0 proto tcp from any to any port { 22, 21, 1194 } keep > state > pass in on xl0 proto udp from any to any port 53 > pass in on xl1 proto udp from any to any port 53 > # Pass VPN > pass in quick on xl1 proto udp from any to port 1194 keep state > pass quick on tun0 > # Source nat route > pass out log on xl0 route-to ( xl1 200.232.164.1 ) from xl1 to any > pass out on xl1 route-to ( xl0 201.83.16.1 ) from xl0 to any > # Close > block return-rst in log quick on xl0 inet proto tcp from any to any > block return-rst in log quick on xl1 inet proto tcp from any to any > block return-icmp in log quick on xl0 proto udp from any to any > block return-icmp in log quick on xl1 proto udp from any to any > block in quick on xl0 all > block in quick on xl1 all > > Best Regards, > > Wesley Gentine > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Best Wishes, Stefan Lambrev ICQ# 24134177 From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 13:35:14 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 68FBD1065672 for ; Thu, 20 Mar 2008 13:35:14 +0000 (UTC) (envelope-from dudu@dudu.ro) Received: from fk-out-0910.google.com (fk-out-0910.google.com [209.85.128.191]) by mx1.freebsd.org (Postfix) with ESMTP id D31708FC26 for ; Thu, 20 Mar 2008 13:35:13 +0000 (UTC) (envelope-from dudu@dudu.ro) Received: by fk-out-0910.google.com with SMTP id b27so1233450fka.11 for ; Thu, 20 Mar 2008 06:35:12 -0700 (PDT) Received: by 10.82.116.15 with SMTP id o15mr4008910buc.11.1206018401767; Thu, 20 Mar 2008 06:06:41 -0700 (PDT) Received: by 10.82.185.8 with HTTP; Thu, 20 Mar 2008 06:06:41 -0700 (PDT) Message-ID: Date: Thu, 20 Mar 2008 15:06:41 +0200 From: "Vlad GALU" To: freebsd-net@freebsd.org In-Reply-To: <47E25F45.8010805@moneybookers.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47E25F45.8010805@moneybookers.com> Subject: Re: route-to not working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 13:35:14 -0000 On 3/20/08, Stefan Lambrev wrote: > Greetings, > > > > Wesley wrote: > > Dear people, > > > > I have 2 links on a box, and I don't want to load balance it but, only to > > reply requests in the same interface that it comes. > > > > I tried to use the route-to, but it not seems to work. > > > > Could you please, give-me a help? > > > > I do not see where you use "reply-to" in you configuration > > But here is working example which you can improve off course. > > #dual home > pass in on $ext_if1 reply-to ($ext_if1 $gw1) from any to $external_addr1 > keep state > pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any > pass in on $ext_if2 reply-to ($ext_if2 $gw2) from any to $external_addr2 > keep state > pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any > > #dual home ssh only > pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any > pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any > pass in on $ext_if1 reply-to ($ext_if1 $gw1) proto tcp from any to > $external_addr1 port 22 keep state > pass in on $ext_if2 reply-to ($ext_if2 $gw2) proto tcp from any to > $external_addr2 port 22 keep state Don't mind me asking, but isn't your example working due to your route-to rules? I, as well as Wesley, assumed that reply-to should've been enough to reach the goal. > > > It's my configuration: > > > > set skip on lo0 > > scrub on xl0 reassemble tcp no-df random-id > > scrub on xl1 reassemble tcp no-df random-id > > scrub on dc0 reassemble tcp no-df random-id > > nat on xl0 from 172.16.0.0/24 to any -> (xl0) static-port > > rdr on dc0 inet proto tcp to port 80 -> 127.0.0.1 port 3128 round-robin > > sticky-address > > antispoof quick for {xl0,dc0,xl1} > > block proto tcp from 172.16.0.0/24 to any port 3128 > > # Internal Traffic > > pass in quick on dc0 from any to any > > pass out quick on dc0 from any to any > > # Outgoing > > pass out on xl0 proto tcp all flags S/SA modulate state > > pass out on xl0 proto { udp, icmp } all keep state > > pass out on xl1 proto tcp all flags S/SA modulate state > > pass out on xl1 proto { udp, icmp } all keep state > > # Pass basic services > > pass in quick on xl1 proto tcp from any to any port { 22, 21, 1194 } keep > > state > > pass in quick on xl0 proto tcp from any to any port { 22, 21, 1194 } keep > > state > > pass in on xl0 proto udp from any to any port 53 > > pass in on xl1 proto udp from any to any port 53 > > # Pass VPN > > pass in quick on xl1 proto udp from any to port 1194 keep state > > pass quick on tun0 > > # Source nat route > > pass out log on xl0 route-to ( xl1 200.232.164.1 ) from xl1 to any > > pass out on xl1 route-to ( xl0 201.83.16.1 ) from xl0 to any > > # Close > > block return-rst in log quick on xl0 inet proto tcp from any to any > > block return-rst in log quick on xl1 inet proto tcp from any to any > > block return-icmp in log quick on xl0 proto udp from any to any > > block return-icmp in log quick on xl1 proto udp from any to any > > block in quick on xl0 all > > block in quick on xl1 all > > > > Best Regards, > > > > Wesley Gentine > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > > -- > > Best Wishes, > Stefan Lambrev > ICQ# 24134177 > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- ~/.signature: no such file or directory From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 13:43:58 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A7779106566B for ; Thu, 20 Mar 2008 13:43:58 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: from blah.sun-fish.com (blah.sun-fish.com [217.18.249.150]) by mx1.freebsd.org (Postfix) with ESMTP id 03B3D8FC21 for ; Thu, 20 Mar 2008 13:43:57 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: by blah.sun-fish.com (Postfix, from userid 1002) id CE32C1B10EF4; Thu, 20 Mar 2008 14:43:56 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on blah.cmotd.com X-Spam-Level: X-Spam-Status: No, score=-10.6 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.2.3 Received: from hater.haters.org (hater.cmotd.com [192.168.3.125]) by blah.sun-fish.com (Postfix) with ESMTP id E81641B10EBB; Thu, 20 Mar 2008 14:43:44 +0100 (CET) Message-ID: <47E26A10.4040305@moneybookers.com> Date: Thu, 20 Mar 2008 15:43:44 +0200 From: Stefan Lambrev User-Agent: Thunderbird 2.0.0.12 (X11/20080229) MIME-Version: 1.0 To: Vlad GALU References: <47E25F45.8010805@moneybookers.com> In-Reply-To: Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.91.2/6310/Thu Mar 20 07:02:00 2008 on blah.cmotd.com X-Virus-Status: Clean Cc: freebsd-net@freebsd.org Subject: Re: route-to not working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 13:43:58 -0000 Vlad GALU wrote: > On 3/20/08, Stefan Lambrev wrote: > >> Greetings, >> >> >> >> Wesley wrote: >> > Dear people, >> > >> > I have 2 links on a box, and I don't want to load balance it but, only to >> > reply requests in the same interface that it comes. >> > >> > I tried to use the route-to, but it not seems to work. >> > >> > Could you please, give-me a help? >> > >> >> I do not see where you use "reply-to" in you configuration >> >> But here is working example which you can improve off course. >> >> #dual home >> pass in on $ext_if1 reply-to ($ext_if1 $gw1) from any to $external_addr1 >> keep state >> pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any >> pass in on $ext_if2 reply-to ($ext_if2 $gw2) from any to $external_addr2 >> keep state >> pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any >> >> #dual home ssh only >> pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any >> pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any >> pass in on $ext_if1 reply-to ($ext_if1 $gw1) proto tcp from any to >> $external_addr1 port 22 keep state >> pass in on $ext_if2 reply-to ($ext_if2 $gw2) proto tcp from any to >> $external_addr2 port 22 keep state >> > > > Don't mind me asking, but isn't your example working due to your > route-to rules? I, as well as Wesley, assumed that reply-to should've > been enough to reach the goal. > It's working because of reply-to rules - incoming packets does not match "pass out route-to" rules. The "pass out" rules are needed if the packet(s) is generated locally and does not match the "pass in" rules. You forget that the first rule to match wins and keep state (which is on by default in 7.0) will make replies to match the state not the pass out rules. > >>> It's my configuration: >>> >> > >> > set skip on lo0 >> > scrub on xl0 reassemble tcp no-df random-id >> > scrub on xl1 reassemble tcp no-df random-id >> > scrub on dc0 reassemble tcp no-df random-id >> > nat on xl0 from 172.16.0.0/24 to any -> (xl0) static-port >> > rdr on dc0 inet proto tcp to port 80 -> 127.0.0.1 port 3128 round-robin >> > sticky-address >> > antispoof quick for {xl0,dc0,xl1} >> > block proto tcp from 172.16.0.0/24 to any port 3128 >> > # Internal Traffic >> > pass in quick on dc0 from any to any >> > pass out quick on dc0 from any to any >> > # Outgoing >> > pass out on xl0 proto tcp all flags S/SA modulate state >> > pass out on xl0 proto { udp, icmp } all keep state >> > pass out on xl1 proto tcp all flags S/SA modulate state >> > pass out on xl1 proto { udp, icmp } all keep state >> > # Pass basic services >> > pass in quick on xl1 proto tcp from any to any port { 22, 21, 1194 } keep >> > state >> > pass in quick on xl0 proto tcp from any to any port { 22, 21, 1194 } keep >> > state >> > pass in on xl0 proto udp from any to any port 53 >> > pass in on xl1 proto udp from any to any port 53 >> > # Pass VPN >> > pass in quick on xl1 proto udp from any to port 1194 keep state >> > pass quick on tun0 >> > # Source nat route >> > pass out log on xl0 route-to ( xl1 200.232.164.1 ) from xl1 to any >> > pass out on xl1 route-to ( xl0 201.83.16.1 ) from xl0 to any >> > # Close >> > block return-rst in log quick on xl0 inet proto tcp from any to any >> > block return-rst in log quick on xl1 inet proto tcp from any to any >> > block return-icmp in log quick on xl0 proto udp from any to any >> > block return-icmp in log quick on xl1 proto udp from any to any >> > block in quick on xl0 all >> > block in quick on xl1 all >> > >> > Best Regards, >> > >> > Wesley Gentine >> > _______________________________________________ >> > freebsd-net@freebsd.org mailing list >> > http://lists.freebsd.org/mailman/listinfo/freebsd-net >> > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> > >> >> >> -- >> >> Best Wishes, >> Stefan Lambrev >> ICQ# 24134177 >> >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> >> > > > -- Best Wishes, Stefan Lambrev ICQ# 24134177 From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 14:22:55 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0BE671065671 for ; Thu, 20 Mar 2008 14:22:55 +0000 (UTC) (envelope-from dudu@dudu.ro) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.158]) by mx1.freebsd.org (Postfix) with ESMTP id B99D78FC12 for ; Thu, 20 Mar 2008 14:22:53 +0000 (UTC) (envelope-from dudu@dudu.ro) Received: by fg-out-1718.google.com with SMTP id 16so769543fgg.35 for ; Thu, 20 Mar 2008 07:22:52 -0700 (PDT) Received: by 10.82.166.9 with SMTP id o9mr4154495bue.33.1206022971460; Thu, 20 Mar 2008 07:22:51 -0700 (PDT) Received: by 10.82.185.8 with HTTP; Thu, 20 Mar 2008 07:22:51 -0700 (PDT) Message-ID: Date: Thu, 20 Mar 2008 16:22:51 +0200 From: "Vlad GALU" To: "Stefan Lambrev" In-Reply-To: <47E26A10.4040305@moneybookers.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47E25F45.8010805@moneybookers.com> <47E26A10.4040305@moneybookers.com> Cc: freebsd-net@freebsd.org Subject: Re: route-to not working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 14:22:55 -0000 On 3/20/08, Stefan Lambrev wrote: > > > Vlad GALU wrote: > > On 3/20/08, Stefan Lambrev wrote: > > > >> Greetings, > >> > >> > >> > >> Wesley wrote: > >> > Dear people, > >> > > >> > I have 2 links on a box, and I don't want to load balance it but, only to > >> > reply requests in the same interface that it comes. > >> > > >> > I tried to use the route-to, but it not seems to work. > >> > > >> > Could you please, give-me a help? > >> > > >> > >> I do not see where you use "reply-to" in you configuration > >> > >> But here is working example which you can improve off course. > >> > >> #dual home > >> pass in on $ext_if1 reply-to ($ext_if1 $gw1) from any to $external_addr1 > >> keep state > >> pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any > >> pass in on $ext_if2 reply-to ($ext_if2 $gw2) from any to $external_addr2 > >> keep state > >> pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any > >> > >> #dual home ssh only > >> pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any > >> pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any > >> pass in on $ext_if1 reply-to ($ext_if1 $gw1) proto tcp from any to > >> $external_addr1 port 22 keep state > >> pass in on $ext_if2 reply-to ($ext_if2 $gw2) proto tcp from any to > >> $external_addr2 port 22 keep state > >> > > > > > > Don't mind me asking, but isn't your example working due to your > > route-to rules? I, as well as Wesley, assumed that reply-to should've > > been enough to reach the goal. > > > > It's working because of reply-to rules - incoming packets does not match > "pass out route-to" rules. > The "pass out" rules are needed if the packet(s) is generated locally > and does not match the "pass in" rules. > > You forget that the first rule to match wins and keep state (which is on > by default in 7.0) > will make replies to match the state not the pass out rules. Yes, you're right, I'm sorry :) ENOTENOUGHCOFFEE :) However, I do recall having seen the symptom once myself. > > > > >>> It's my configuration: > >>> > >> > > >> > set skip on lo0 > >> > scrub on xl0 reassemble tcp no-df random-id > >> > scrub on xl1 reassemble tcp no-df random-id > >> > scrub on dc0 reassemble tcp no-df random-id > >> > nat on xl0 from 172.16.0.0/24 to any -> (xl0) static-port > >> > rdr on dc0 inet proto tcp to port 80 -> 127.0.0.1 port 3128 round-robin > >> > sticky-address > >> > antispoof quick for {xl0,dc0,xl1} > >> > block proto tcp from 172.16.0.0/24 to any port 3128 > >> > # Internal Traffic > >> > pass in quick on dc0 from any to any > >> > pass out quick on dc0 from any to any > >> > # Outgoing > >> > pass out on xl0 proto tcp all flags S/SA modulate state > >> > pass out on xl0 proto { udp, icmp } all keep state > >> > pass out on xl1 proto tcp all flags S/SA modulate state > >> > pass out on xl1 proto { udp, icmp } all keep state > >> > # Pass basic services > >> > pass in quick on xl1 proto tcp from any to any port { 22, 21, 1194 } keep > >> > state > >> > pass in quick on xl0 proto tcp from any to any port { 22, 21, 1194 } keep > >> > state > >> > pass in on xl0 proto udp from any to any port 53 > >> > pass in on xl1 proto udp from any to any port 53 > >> > # Pass VPN > >> > pass in quick on xl1 proto udp from any to port 1194 keep state > >> > pass quick on tun0 > >> > # Source nat route > >> > pass out log on xl0 route-to ( xl1 200.232.164.1 ) from xl1 to any > >> > pass out on xl1 route-to ( xl0 201.83.16.1 ) from xl0 to any > >> > # Close > >> > block return-rst in log quick on xl0 inet proto tcp from any to any > >> > block return-rst in log quick on xl1 inet proto tcp from any to any > >> > block return-icmp in log quick on xl0 proto udp from any to any > >> > block return-icmp in log quick on xl1 proto udp from any to any > >> > block in quick on xl0 all > >> > block in quick on xl1 all > >> > > >> > Best Regards, > >> > > >> > Wesley Gentine > >> > _______________________________________________ > >> > freebsd-net@freebsd.org mailing list > >> > http://lists.freebsd.org/mailman/listinfo/freebsd-net > >> > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >> > > >> > >> > >> -- > >> > >> Best Wishes, > >> Stefan Lambrev > >> ICQ# 24134177 > >> > >> > >> _______________________________________________ > >> freebsd-net@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-net > >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >> > >> > > > > > > > > -- > > Best Wishes, > Stefan Lambrev > ICQ# 24134177 > > -- ~/.signature: no such file or directory From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 14:29:52 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4AA23106564A for ; Thu, 20 Mar 2008 14:29:52 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 01FC68FC12 for ; Thu, 20 Mar 2008 14:29:51 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject; b=iNlaWHHLOTwv5sasyc2gnKaiCqKRMoDyp6jp5eAzC424zCH/9nXPPUI1sOAbCk+E9TBBCI6hnSROEYriO4XmX37vHhUeYyQ2qs7CJeoJ/NY9PnrvgrPKgSFb615DTgyir2L+iU5Fthc42HvbBnEYmzeze3/yfowEHV+1OrPrY4c=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1JcLm9-000LG2-Gl; Thu, 20 Mar 2008 17:29:49 +0300 Date: Thu, 20 Mar 2008 17:29:48 +0300 From: Eygene Ryabinkin To: Stefan Lambrev Message-ID: References: <47E25F45.8010805@moneybookers.com> <47E26A10.4040305@moneybookers.com> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <47E26A10.4040305@moneybookers.com> Sender: rea-fbsd@codelabs.ru X-Spam-Status: No, score=-1.7 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_50 Cc: freebsd-net@freebsd.org, Vlad GALU Subject: Re: route-to not working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 14:29:52 -0000 Stefan, good day. Thu, Mar 20, 2008 at 03:43:44PM +0200, Stefan Lambrev wrote: >>> But here is working example which you can improve off course. >>> >>> #dual home >>> pass in on $ext_if1 reply-to ($ext_if1 $gw1) from any to $external_addr1 >>> keep state >>> pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any >>> pass in on $ext_if2 reply-to ($ext_if2 $gw2) from any to $external_addr2 >>> keep state >>> pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any >>> >>> #dual home ssh only >>> pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any >>> pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any >>> pass in on $ext_if1 reply-to ($ext_if1 $gw1) proto tcp from any to >>> $external_addr1 port 22 keep state >>> pass in on $ext_if2 reply-to ($ext_if2 $gw2) proto tcp from any to >>> $external_addr2 port 22 keep state [...] > You forget that the first rule to match wins and keep state (which is on by > default in 7.0) will make replies to match the state not the pass out rules. May be I am badly interpreting the last sentence, but in pf, the last rule that matches (or the first rule with the 'quick' keyword) wins. The above rules are just decoupled from each other, because they are differing in the interface/direction. And sure, when the state is created, the subsequent packets are not passed through the ruleset. Am I missing something? Thank you. -- Eygene From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 14:40:49 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3DDDE1065679 for ; Thu, 20 Mar 2008 14:40:49 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: from blah.sun-fish.com (blah.sun-fish.com [217.18.249.150]) by mx1.freebsd.org (Postfix) with ESMTP id F08C98FC19 for ; Thu, 20 Mar 2008 14:40:48 +0000 (UTC) (envelope-from stefan.lambrev@moneybookers.com) Received: by blah.sun-fish.com (Postfix, from userid 1002) id 368AA1B10EFC; Thu, 20 Mar 2008 15:40:47 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on blah.cmotd.com X-Spam-Level: X-Spam-Status: No, score=-10.6 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.2.3 Received: from hater.haters.org (hater.cmotd.com [192.168.3.125]) by blah.sun-fish.com (Postfix) with ESMTP id 5359E1B10EBB; Thu, 20 Mar 2008 15:40:38 +0100 (CET) Message-ID: <47E27766.6010901@moneybookers.com> Date: Thu, 20 Mar 2008 16:40:38 +0200 From: Stefan Lambrev User-Agent: Thunderbird 2.0.0.12 (X11/20080229) MIME-Version: 1.0 To: Eygene Ryabinkin References: <47E25F45.8010805@moneybookers.com> <47E26A10.4040305@moneybookers.com> In-Reply-To: Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.91.2/6310/Thu Mar 20 07:02:00 2008 on blah.cmotd.com X-Virus-Status: Clean Cc: freebsd-net@freebsd.org, Vlad GALU Subject: Re: route-to not working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 14:40:49 -0000 Greetings, Eygene Ryabinkin wrote: > Stefan, good day. > > Thu, Mar 20, 2008 at 03:43:44PM +0200, Stefan Lambrev wrote: > >>>> But here is working example which you can improve off course. >>>> >>>> #dual home >>>> pass in on $ext_if1 reply-to ($ext_if1 $gw1) from any to $external_addr1 >>>> keep state >>>> pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any >>>> pass in on $ext_if2 reply-to ($ext_if2 $gw2) from any to $external_addr2 >>>> keep state >>>> pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any >>>> >>>> #dual home ssh only >>>> pass out on $ext_if2 route-to ($ext_if1 $gw1) from $external_addr1 to any >>>> pass out on $ext_if1 route-to ($ext_if2 $gw1) from $external_addr2 to any >>>> pass in on $ext_if1 reply-to ($ext_if1 $gw1) proto tcp from any to >>>> $external_addr1 port 22 keep state >>>> pass in on $ext_if2 reply-to ($ext_if2 $gw2) proto tcp from any to >>>> $external_addr2 port 22 keep state >>>> > [...] > >> You forget that the first rule to match wins and keep state (which is on by >> default in 7.0) will make replies to match the state not the pass out rules. >> > > May be I am badly interpreting the last sentence, but in pf, the > last rule that matches (or the first rule with the 'quick' keyword) > wins. The above rules are just decoupled from each other, because > they are differing in the interface/direction. And sure, when the > state is created, the subsequent packets are not passed through the > ruleset. Am I missing something? > Yes you are absolutely right - last rule, that match will win, and there is only one rule that will match incoming packets and will create state, thus preventing outgoing packets to match anything else, just this state. > Thank you. > -- Best Wishes, Stefan Lambrev ICQ# 24134177 From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 17:03:25 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1482D106566B for ; Thu, 20 Mar 2008 17:03:25 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from aurynhome1sv1.zirakzigil.org (mail.zirakzigil.org [82.63.178.63]) by mx1.freebsd.org (Postfix) with SMTP id 3DE6D8FC15 for ; Thu, 20 Mar 2008 17:03:18 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: (qmail 44057 invoked by uid 98); 20 Mar 2008 17:03:04 -0000 Received: from 89.96.52.22 by aurynhome1sv1.zirakzigil.org (envelope-from , uid 89) with qmail-scanner-1.25 ( Clear:RC:0(89.96.52.22):. Processed in 0.136912 secs); 20 Mar 2008 17:03:04 -0000 X-Qmail-Scanner-Mail-From: auryn@zirakzigil.org via aurynhome1sv1.zirakzigil.org X-Qmail-Scanner: 1.25 (Clear:RC:0(89.96.52.22):. Processed in 0.136912 secs) Received: from unknown (HELO aurynmob2.giulioferro.it) (auryn@zirakzigil.org@89.96.52.22) by 0 with SMTP; 20 Mar 2008 17:03:04 -0000 Message-ID: <47E298BD.7050807@zirakzigil.org> Date: Thu, 20 Mar 2008 18:02:53 +0100 From: Giulio Ferro User-Agent: Thunderbird 2.0.0.5 (X11/20070724) MIME-Version: 1.0 To: pyunyh@gmail.com References: <47D817D2.9010306@errno.com> <47D8499A.5070605@zirakzigil.org> <20080313033029.GF16972@cdnetworks.co.kr> <47D92F9D.4070701@zirakzigil.org> <20080314001704.GA22788@cdnetworks.co.kr> <47DA4DCD.6050304@zirakzigil.org> <20080314101555.GF22788@cdnetworks.co.kr> <47DA682E.9010504@zirakzigil.org> <20080314122708.GG22788@cdnetworks.co.kr> <47DA9BC0.8030205@zirakzigil.org> <20080317043945.GA2503@cdnetworks.co.kr> In-Reply-To: <20080317043945.GA2503@cdnetworks.co.kr> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Andrew Thompson , freebsd-net@freebsd.org Subject: Re: VLAN trunking and fragmentation X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 17:03:25 -0000 Pyun YongHyeon wrote: > Please try latest attempt to fix re(4) issues. > http://people.freebsd.org/~yongari/re/if_re.c > http://people.freebsd.org/~yongari/re/if_rlreg.h > > This one is attempt to fix the following bug reports on re(4). > - VLAN tagging does not work on multi-fragmented frames. > - Non-working/instability on re(4) hardwares that uses MSI. > - Unconditional VLAN tag stripping without respect to ifconfig > configuration. > - ENOBUFS on transmitting UDP frames under heavy network loads. > - DAC does not work. > > This one removed previous checksum offload hack for checksum offload > on PCIe hardwares so I'm not sure checksum offload still work on > PCIe hardwares. Please test and let me know how it goes. > Also make sure you have all hardware features enabled.(checksum > offload, TSO, VLAN hardware tagging etc). > > Sorry for the slow answer. I've tried the new files, and they seem to work: # ifconfig re0 re0: flags=8843 metric 0 mtu 1500 options=19b ether 00:14:c1:40:c2:e8 inet 192.168.60.1 netmask 0xffffff00 broadcast 192.168.60.255 media: Ethernet autoselect (1000baseTX ) status: active The only problem I see now is the one I already mention in the last mail. There are slow packets in the stream of the communication: # ping -s 2000 192.168.100.2 PING 192.168.100.2 (192.168.100.2): 2000 data bytes 2008 bytes from 192.168.100.2: icmp_seq=0 ttl=64 time=0.264 ms 2008 bytes from 192.168.100.2: icmp_seq=1 ttl=64 time=1001.186 ms 2008 bytes from 192.168.100.2: icmp_seq=2 ttl=64 time=0.235 ms 2008 bytes from 192.168.100.2: icmp_seq=3 ttl=64 time=0.187 ms 2008 bytes from 192.168.100.2: icmp_seq=4 ttl=64 time=0.189 ms 2008 bytes from 192.168.100.2: icmp_seq=5 ttl=64 time=2002.172 ms 2008 bytes from 192.168.100.2: icmp_seq=6 ttl=64 time=1001.182 ms 2008 bytes from 192.168.100.2: icmp_seq=7 ttl=64 time=2002.178 ms 2008 bytes from 192.168.100.2: icmp_seq=8 ttl=64 time=1001.186 ms 2008 bytes from 192.168.100.2: icmp_seq=9 ttl=64 time=1001.174 ms 2008 bytes from 192.168.100.2: icmp_seq=10 ttl=64 time=0.179 ms 2008 bytes from 192.168.100.2: icmp_seq=11 ttl=64 time=1001.172 ms 2008 bytes from 192.168.100.2: icmp_seq=12 ttl=64 time=0.180 ms 2008 bytes from 192.168.100.2: icmp_seq=13 ttl=64 time=1001.188 ms 2008 bytes from 192.168.100.2: icmp_seq=14 ttl=64 time=0.244 ms 2008 bytes from 192.168.100.2: icmp_seq=15 ttl=64 time=0.188 ms 2008 bytes from 192.168.100.2: icmp_seq=16 ttl=64 time=0.184 ms 2008 bytes from 192.168.100.2: icmp_seq=17 ttl=64 time=1001.173 ms 2008 bytes from 192.168.100.2: icmp_seq=18 ttl=64 time=0.180 ms 2008 bytes from 192.168.100.2: icmp_seq=19 ttl=64 time=0.188 ms 2008 bytes from 192.168.100.2: icmp_seq=20 ttl=64 time=0.185 ms 2008 bytes from 192.168.100.2: icmp_seq=21 ttl=64 time=0.186 ms 2008 bytes from 192.168.100.2: icmp_seq=22 ttl=64 time=2002.174 ms 2008 bytes from 192.168.100.2: icmp_seq=23 ttl=64 time=1001.182 ms 2008 bytes from 192.168.100.2: icmp_seq=24 ttl=64 time=1001.178 ms 2008 bytes from 192.168.100.2: icmp_seq=25 ttl=64 time=0.185 ms 2008 bytes from 192.168.100.2: icmp_seq=26 ttl=64 time=0.176 ms 2008 bytes from 192.168.100.2: icmp_seq=27 ttl=64 time=0.189 ms 2008 bytes from 192.168.100.2: icmp_seq=28 ttl=64 time=0.176 ms 2008 bytes from 192.168.100.2: icmp_seq=29 ttl=64 time=0.190 ms 2008 bytes from 192.168.100.2: icmp_seq=30 ttl=64 time=0.188 ms 2008 bytes from 192.168.100.2: icmp_seq=31 ttl=64 time=0.187 ms 2008 bytes from 192.168.100.2: icmp_seq=32 ttl=64 time=0.188 ms 2008 bytes from 192.168.100.2: icmp_seq=33 ttl=64 time=1001.186 ms 2008 bytes from 192.168.100.2: icmp_seq=34 ttl=64 time=0.234 ms 2008 bytes from 192.168.100.2: icmp_seq=35 ttl=64 time=0.187 ms 2008 bytes from 192.168.100.2: icmp_seq=36 ttl=64 time=0.189 ms 2008 bytes from 192.168.100.2: icmp_seq=37 ttl=64 time=1001.183 ms 2008 bytes from 192.168.100.2: icmp_seq=38 ttl=64 time=0.232 ms 2008 bytes from 192.168.100.2: icmp_seq=39 ttl=64 time=0.187 ms 2008 bytes from 192.168.100.2: icmp_seq=40 ttl=64 time=1001.174 ms 2008 bytes from 192.168.100.2: icmp_seq=41 ttl=64 time=0.181 ms It would be great if you could understand why this happens... Thanks again. From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 20:37:51 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1B0CA106566B for ; Thu, 20 Mar 2008 20:37:51 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx24.fluidhosting.com [204.14.89.7]) by mx1.freebsd.org (Postfix) with SMTP id 740AD8FC18 for ; Thu, 20 Mar 2008 20:37:50 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 25086 invoked by uid 399); 20 Mar 2008 20:29:02 -0000 Received: from localhost (HELO lap.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTP; 20 Mar 2008 20:29:02 -0000 X-Originating-IP: 127.0.0.1 Message-ID: <47E2C7E4.6070800@FreeBSD.org> Date: Thu, 20 Mar 2008 13:24:04 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.12 (X11/20080319) MIME-Version: 1.0 To: freebsd-net@freebsd.org X-Enigmail-Version: 0.95.5 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: /etc/exports and IPv6 networks X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 20:37:51 -0000 Folks, I spent a fair amount of time today reading through the man pages and source code and could not find any way of specifying an IPv6 network in /etc/exports as you can with v4 and -network/-netmask. Am I missing something? If not, is this an update that is on someone's list somewhere? All the NFS (v3) stuff works using IPv6 FYI, and I was able to address my security concerns through other means. But it would still be nice to be able to have this parallel capability. Doug -- This .signature sanitized for your protection From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 21:36:47 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B7036106564A; Thu, 20 Mar 2008 21:36:47 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from mail.farley.org (farley.org [67.64.95.201]) by mx1.freebsd.org (Postfix) with ESMTP id 7D0928FC35; Thu, 20 Mar 2008 21:36:47 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from thor.farley.org (thor.farley.org [192.168.1.5]) by mail.farley.org (8.14.2/8.14.2) with ESMTP id m2KLaiva095560; Thu, 20 Mar 2008 16:36:44 -0500 (CDT) (envelope-from scf@FreeBSD.org) Date: Thu, 20 Mar 2008 16:36:44 -0500 (CDT) From: "Sean C. Farley" To: Doug Barton In-Reply-To: <47E2C7E4.6070800@FreeBSD.org> Message-ID: References: <47E2C7E4.6070800@FreeBSD.org> User-Agent: Alpine 1.10 (BSF 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on mail.farley.org Cc: freebsd-net@FreeBSD.org Subject: Re: /etc/exports and IPv6 networks X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 21:36:47 -0000 On Thu, 20 Mar 2008, Doug Barton wrote: > Folks, > > I spent a fair amount of time today reading through the man pages and > source code and could not find any way of specifying an IPv6 network > in /etc/exports as you can with v4 and -network/-netmask. Am I missing > something? If not, is this an update that is on someone's list > somewhere? Something like this has worked for me: /usr -maproot=root -network AAAA:BBBB:CCCC:DDDD:EEEE:: -mask ::0 One thing I have run into was that an install of a kernel over NFS using IPv6 can stall the mount. I have not had time to look into it, so I do not know what exactly triggers it (number of bytes or files?). It has always been while copying a kernel module. Sean -- scf@FreeBSD.org From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 23:54:30 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 72415106566C for ; Thu, 20 Mar 2008 23:54:30 +0000 (UTC) (envelope-from pyunyh@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.235]) by mx1.freebsd.org (Postfix) with ESMTP id 14B2A8FC1F for ; Thu, 20 Mar 2008 23:54:29 +0000 (UTC) (envelope-from pyunyh@gmail.com) Received: by wx-out-0506.google.com with SMTP id i29so1373267wxd.7 for ; Thu, 20 Mar 2008 16:54:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:received:received:date:from:to:cc:subject:message-id:reply-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; bh=y7l6G5xPgS3ZfgQ6hpf/jkt9b5ADGV3V0tpB7kAWNSU=; b=GCjPpprFx/va+2Oh+FvWdf/rR8L8MUpWcQVptOAoiZhCW8zQc0BbnTuFX8Xik7/dau0I/l3HhwZgs+THE+FI+IceRDgC6VFg8ueC0m1bO2xz/fxlP7XzDLDoD6eSJqFDs3GB+T1xqSwUpLg+RRIWxqyTm7wy+oDL7o9Pv+oWmnU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=date:from:to:cc:subject:message-id:reply-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; b=PdzgIBkddAEkSFVgFwrEtz8IrZictaZqzdcMoUIU20jjl42yfRRLNjh4JmtHu0wla2CpgCo9P18HoonuDS/jOSI+SA+vKXM8RBKRBoq79LtL5jMi99yuvpefYIKqFs1I0UN42FCfgkHbR6RdACVpoM/sfA8VuQV3/Y0qP3c7TUA= Received: by 10.142.47.6 with SMTP id u6mr1949805wfu.29.1206057268526; Thu, 20 Mar 2008 16:54:28 -0700 (PDT) Received: from michelle.cdnetworks.co.kr ( [211.53.35.84]) by mx.google.com with ESMTPS id 20sm4998718wfi.14.2008.03.20.16.54.25 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 20 Mar 2008 16:54:27 -0700 (PDT) Received: from michelle.cdnetworks.co.kr (localhost.cdnetworks.co.kr [127.0.0.1]) by michelle.cdnetworks.co.kr (8.13.5/8.13.5) with ESMTP id m2KNsMV7070816 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 21 Mar 2008 08:54:22 +0900 (KST) (envelope-from pyunyh@gmail.com) Received: (from yongari@localhost) by michelle.cdnetworks.co.kr (8.13.5/8.13.5/Submit) id m2KNsKH1070815; Fri, 21 Mar 2008 08:54:20 +0900 (KST) (envelope-from pyunyh@gmail.com) Date: Fri, 21 Mar 2008 08:54:20 +0900 From: Pyun YongHyeon To: Giulio Ferro Message-ID: <20080320235420.GA70708@cdnetworks.co.kr> References: <20080313033029.GF16972@cdnetworks.co.kr> <47D92F9D.4070701@zirakzigil.org> <20080314001704.GA22788@cdnetworks.co.kr> <47DA4DCD.6050304@zirakzigil.org> <20080314101555.GF22788@cdnetworks.co.kr> <47DA682E.9010504@zirakzigil.org> <20080314122708.GG22788@cdnetworks.co.kr> <47DA9BC0.8030205@zirakzigil.org> <20080317043945.GA2503@cdnetworks.co.kr> <47E298BD.7050807@zirakzigil.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47E298BD.7050807@zirakzigil.org> User-Agent: Mutt/1.4.2.1i Cc: Andrew Thompson , freebsd-net@freebsd.org Subject: Re: VLAN trunking and fragmentation X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: pyunyh@gmail.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 23:54:30 -0000 On Thu, Mar 20, 2008 at 06:02:53PM +0100, Giulio Ferro wrote: > Pyun YongHyeon wrote: > >Please try latest attempt to fix re(4) issues. > > http://people.freebsd.org/~yongari/re/if_re.c > > http://people.freebsd.org/~yongari/re/if_rlreg.h > > > >This one is attempt to fix the following bug reports on re(4). > > - VLAN tagging does not work on multi-fragmented frames. > > - Non-working/instability on re(4) hardwares that uses MSI. > > - Unconditional VLAN tag stripping without respect to ifconfig > > configuration. > > - ENOBUFS on transmitting UDP frames under heavy network loads. > > - DAC does not work. > > > >This one removed previous checksum offload hack for checksum offload > >on PCIe hardwares so I'm not sure checksum offload still work on > >PCIe hardwares. Please test and let me know how it goes. > >Also make sure you have all hardware features enabled.(checksum > >offload, TSO, VLAN hardware tagging etc). > > > > > > Sorry for the slow answer. > > I've tried the new files, and they seem to work: > > # ifconfig re0 > re0: flags=8843 metric 0 mtu 1500 > options=19b > ether 00:14:c1:40:c2:e8 > inet 192.168.60.1 netmask 0xffffff00 broadcast 192.168.60.255 > media: Ethernet autoselect (1000baseTX ) > status: active > > > The only problem I see now is the one I already mention in the last > mail. There are slow packets > in the stream of the communication: > > # ping -s 2000 192.168.100.2 > PING 192.168.100.2 (192.168.100.2): 2000 data bytes > 2008 bytes from 192.168.100.2: icmp_seq=0 ttl=64 time=0.264 ms > 2008 bytes from 192.168.100.2: icmp_seq=1 ttl=64 time=1001.186 ms [...] > 2008 bytes from 192.168.100.2: icmp_seq=41 ttl=64 time=0.181 ms > > > > It would be great if you could understand why this happens... > Try set tunable hw.re.msi_disable and let me know how it goes. (Add hw.re.msi_disable="1" to /boot/loader.conf) -- Regards, Pyun YongHyeon From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 02:09:50 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DC881106566C for ; Fri, 21 Mar 2008 02:09:50 +0000 (UTC) (envelope-from coda.trigger@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.177]) by mx1.freebsd.org (Postfix) with ESMTP id A5A278FC15 for ; Fri, 21 Mar 2008 02:09:50 +0000 (UTC) (envelope-from coda.trigger@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so1313380waf.3 for ; Thu, 20 Mar 2008 19:09:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=SzfeHM9jS239MzQL1JYoF69i9FuL1WNVxKFIiFmcY1M=; b=RGJUsDrtPOkGNh0lhMd99rAeqiloYd6oUL9rS+RhE4wPBVmi6YsU/cKvLlcCVdlyid++IasyvU8+qowJwPJMKI+dU6uhQhESOXWLk+YGefYVfNRjysgLK7/WMtkv7KzpaBNdOB4tc1fzG35qxvlspJi6kC7Psq2m1eCS6m7Snbw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=JanaEUK13ytlL/lQq/A9mYLb7EDNxUGvnq3gGybPcG4p/wD0rLklu5wq61JBg1vLO2teVCklv4XuPn9flk3IwnwyKWdurHUGzyzFNKLYQiLuoQ30QM1ji8QUfUHZfusHsgVFtlqq9OuzBTJA0JfWOitQPXWgvOQEyIviKbZ/yBE= Received: by 10.114.134.20 with SMTP id h20mr4892930wad.91.1206065389937; Thu, 20 Mar 2008 19:09:49 -0700 (PDT) Received: by 10.114.73.4 with HTTP; Thu, 20 Mar 2008 19:09:49 -0700 (PDT) Message-ID: Date: Thu, 20 Mar 2008 22:09:49 -0400 From: "d.s. al coda" To: "Andre Oppermann" In-Reply-To: <47D860AC.6030707@freebsd.org> MIME-Version: 1.0 References: <47D860AC.6030707@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: TCP options order changed in FreeBSD 7, incompatible with some routers X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 02:09:51 -0000 On 3/12/08, Andre Oppermann wrote: > > I'd be very interesting to know the exactly models and their firmware > version > of the affected routers. If available locally I'd like to obtain a > similar > model myself for future regression tests. Here are the models we managed to hear about via email: D-Link WBR-1310 Linksys WCG200 (with firewall enabled) Encore Broadband Router Linksys WAG354G Ambit U10C019 Netgear CG814GCMR We didn't get any firmware version info that I know of. Hope this is still helpful. > > We've already fixed two issues. The first changes the order of the TCP > options > and is in this change: > > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_var.h.diff?r1=1.160;r2=1.161 > > It is to solve a problem observed by ISC that sounds very much like what > you > describe. This fixed the issue in this case. > > The second changes the alignment padding from NOP to 0x00. Whether this > was > a contributing factor to the reported problem is not clear. There hasn't > (yet) > been any specific test case for it. It was fixed because the RFC > specifies 0x00 > to be used for padding and nothing else. > > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_output.c.diff?r1=1.145;r2=1.146 > > It would be very helpful if you could apply these two patches after each > other > to your 7.0 test server and find out together with the affected user(s) > which > of these fixes the issue. If you can please try to test each one with and > w/o > the routers firewall enabled. It is interesting to know whether the NAT > or > firewalling part of the router chokes on it. > > We've been running with the patches for a few days now, and they seem to fix the issue. We checked with one previously-affected user, and we haven't received any reports of problems. -coda From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 06:11:48 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3DA2E1065672 for ; Fri, 21 Mar 2008 06:11:48 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx24.fluidhosting.com [204.14.89.7]) by mx1.freebsd.org (Postfix) with SMTP id C3D1B8FC14 for ; Fri, 21 Mar 2008 06:11:47 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 1646 invoked by uid 399); 21 Mar 2008 06:16:45 -0000 Received: from localhost (HELO lap.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTP; 21 Mar 2008 06:16:45 -0000 X-Originating-IP: 127.0.0.1 Message-ID: <47E351A1.1020501@FreeBSD.org> Date: Thu, 20 Mar 2008 23:11:45 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.12 (X11/20080319) MIME-Version: 1.0 To: "Sean C. Farley" References: <47E2C7E4.6070800@FreeBSD.org> In-Reply-To: X-Enigmail-Version: 0.95.5 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-net@FreeBSD.org Subject: Re: /etc/exports and IPv6 networks X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 06:11:48 -0000 Sean C. Farley wrote: > On Thu, 20 Mar 2008, Doug Barton wrote: > >> Folks, >> >> I spent a fair amount of time today reading through the man pages and >> source code and could not find any way of specifying an IPv6 network >> in /etc/exports as you can with v4 and -network/-netmask. Am I missing >> something? If not, is this an update that is on someone's list >> somewhere? > > Something like this has worked for me: > /usr -maproot=root -network AAAA:BBBB:CCCC:DDDD:EEEE:: -mask ::0 I confess that's one combination I didn't think to try, and it did work, thanks! Care to add that to the man page? > One thing I have run into was that an install of a kernel over NFS using > IPv6 can stall the mount. I have not had time to look into it, so I do > not know what exactly triggers it (number of bytes or files?). It has > always been while copying a kernel module. Wacky. Is this still true after the recent (before the 7.0 branch) work to make v6 stuff "work the same way as" v4 stuff? Doug -- This .signature sanitized for your protection From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 06:27:28 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AF6AF1065674 for ; Fri, 21 Mar 2008 06:27:28 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from outbound0.mx.meer.net (outbound0.mx.meer.net [209.157.153.23]) by mx1.freebsd.org (Postfix) with ESMTP id 8C9148FC16 for ; Fri, 21 Mar 2008 06:27:28 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [209.157.152.14]) by outbound0.mx.meer.net (8.12.10/8.12.6) with ESMTP id m2L6R4iK050023; Thu, 20 Mar 2008 22:27:28 -0800 (PST) (envelope-from gnn@neville-neil.com) Received: from mail2.meer.net (mail2.meer.net [64.13.141.16]) by mail.meer.net (8.13.3/8.13.3/meer) with ESMTP id m2L6Qbq7046821; Thu, 20 Mar 2008 23:26:37 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (61.204.211.246.customerlink.pwd.ne.jp [61.204.211.246]) (authenticated bits=0) by mail2.meer.net (8.14.1/8.14.1) with ESMTP id m2L6QaaB088727; Thu, 20 Mar 2008 23:26:36 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Fri, 21 Mar 2008 15:26:35 +0900 Message-ID: From: gnn@freebsd.org To: James Snow In-Reply-To: <20080314005825.GD92537@teardrop.org> References: <200802222124.m1MLO7qq012802@freefall.freebsd.org> <47BF46DC.6030700@FreeBSD.org> <20080314004007.GC92537@teardrop.org> <20080314005825.GD92537@teardrop.org> User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (=?ISO-8859-4?Q?Shij=F2?=) APEL/10.7 Emacs/22.1.50 (i386-apple-darwin8.10.1) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: freebsd-net@freebsd.org Subject: Re: [PATCH] kern/120958: no response to ICMP traffic on interface configured with a link-local address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 06:27:28 -0000 At Thu, 13 Mar 2008 20:58:25 -0400, James Snow wrote: > > [1 ] > On Thu, Mar 13, 2008 at 08:40:07PM -0400, James Snow wrote: > > > > Also, I took a cue from the IN_LINKLOCAL() macro and added two new > > macros to sys/netinet/in.h to perform checks for the loopback network > > and the "zero" network. IN_LOOPBACK() and IN_ZERONET(), respectively. > > Woops. I suppose the macros are more useful when they're actually > called. > > Attached is a revised patch that performs the check for loopback > addresses less than twice but more than never. > This looks good. Best, George From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 06:35:19 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D95E3106566B for ; Fri, 21 Mar 2008 06:35:19 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail01.syd.optusnet.com.au (mail01.syd.optusnet.com.au [211.29.132.182]) by mx1.freebsd.org (Postfix) with ESMTP id 620368FC18 for ; Fri, 21 Mar 2008 06:35:19 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from server.vk2pj.dyndns.org (c220-239-20-82.belrs4.nsw.optusnet.com.au [220.239.20.82]) by mail01.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m2L6ZHZP009048 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 21 Mar 2008 17:35:18 +1100 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.2/8.14.1) with ESMTP id m2L6ZH4x086482; Fri, 21 Mar 2008 17:35:17 +1100 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.2/8.14.2/Submit) id m2L6ZHRg086481; Fri, 21 Mar 2008 17:35:17 +1100 (EST) (envelope-from peter) Date: Fri, 21 Mar 2008 17:35:17 +1100 From: Peter Jeremy To: Alireza Torabi Message-ID: <20080321063517.GK85901@server.vk2pj.dyndns.org> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="69pVuxX8awAiJ7fD" Content-Disposition: inline In-Reply-To: X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.17 (2007-11-01) Cc: freebsd-net@freebsd.org Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 06:35:20 -0000 --69pVuxX8awAiJ7fD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 20, 2008 at 11:27:53AM +0000, Alireza Torabi wrote: >Imagine this: > > | (1) > packets > | | (4) > [nic1] [nic2] > bpf SOCK_STREAM > | (2) | > [FreeBSD] (3) > >1) all user traffic are being monitored >2) bpf on [nic] is capturing these packets >3) after processing we know a connection is about to be established from A= to B > >NOW: >4) I want to deliver this packet to the socket on [nic2] >and as this is a tcp socket it'll take care of it from there >(my code here for this sockets sends and arbitary data to A making it >think it came from B) Have a look at divert(4). I suspect it comes closest to what you want. --=20 Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. --69pVuxX8awAiJ7fD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.8 (FreeBSD) iEYEARECAAYFAkfjVyUACgkQ/opHv/APuIeSYwCbBRTRNgeMWCPUcaJQzR2j4PS/ Rw0AnRnVjwm57vmmj1fxoPMncQhIK050 =/whQ -----END PGP SIGNATURE----- --69pVuxX8awAiJ7fD-- From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 06:53:53 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 25DA01065670 for ; Fri, 21 Mar 2008 06:53:53 +0000 (UTC) (envelope-from jontheil@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.182]) by mx1.freebsd.org (Postfix) with ESMTP id EBF248FC24 for ; Fri, 21 Mar 2008 06:53:52 +0000 (UTC) (envelope-from jontheil@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so1422122waf.3 for ; Thu, 20 Mar 2008 23:53:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=Q6hqh27Y+7OIhDcAnL1335Jui+WJz4HlDT1d1qE5oNc=; b=XmPiQfnSQWj5rgt7BeYyrPGdQsAUkGI8yGdG04okt5cP6GludvWuhHRyStEmqLRrTE6Qrj+DZD2xaqgcT9KBUMXa/IWrl7L0goVlQiorbJE9Aa7PQ++5S21ONarr4/BvER9xFne1QSsaWxlZA0R7WVwy3bxqVkNYGdzUim/MfGo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:mime-version:content-type; b=ea81IPEiQ1m8BTWY9R2fyEWMHVii7EwfhhczJ/ushH4pyRw8OgSBO0wlR7hZKJ9QlaIF4SAreUeueWLXM0H3GkULTTOPpt4f8vd4zo244ML3JRt0Z80X0E+aPaoq8xKdTI6oNPrni65Ckm152t2826xJxwh9+jH0h9QgTb8dzqE= Received: by 10.114.136.1 with SMTP id j1mr5198658wad.85.1206080972931; Thu, 20 Mar 2008 23:29:32 -0700 (PDT) Received: by 10.114.168.6 with HTTP; Thu, 20 Mar 2008 23:29:32 -0700 (PDT) Message-ID: <8f82c35c0803202329k1aff674cgd7deee4c1a58e20b@mail.gmail.com> Date: Fri, 21 Mar 2008 07:29:32 +0100 From: "Jon Theil Nielsen" To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Samba PDC with VPN access X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 06:53:53 -0000 We have a Samba PDC on FreeBSD 7.0-release. The goal is to make users home drrives accessible throuth a VPN connection from Windows clients. Until now I have experimented with the Poptop server without much success and now have a working configuration based on Mpd4. This is not ideal, since I have to keep usernames/passwords manually updated in the mpd.secret file. And that can not be combined with users changing their own Samba and UNIX passwords via password sync. It seems that some kind of authentication via Winbind and ntml_auth would be a way to go. Maybe it can be done by installing a Radius server to communicate with Mpd, but that seems to be unnessesarily complicated. Does anyone know the "best" solution to achieve the goal? Regards, Jon Theil Nielsen From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 11:02:06 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 926761065670 for ; Fri, 21 Mar 2008 11:02:06 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.191]) by mx1.freebsd.org (Postfix) with ESMTP id 67E888FC17 for ; Fri, 21 Mar 2008 11:02:05 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: by rv-out-0910.google.com with SMTP id g13so842057rvb.43 for ; Fri, 21 Mar 2008 04:02:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=9Oku3XmKKWs1r7DZ3aju9OhMZcfnTaP5y170d/p71I0=; b=bNwMFcwB0Qec02urIZTTd9JmVzc2sjibrRkxJWMTp0VAbWezEX3sc66JcaCqnR5hR+zV2enNoqgO66k0aM4shJhLgG1eCMXgj+uAl8eKIdNesnycJ76iLKNsMmsWjdYUB13/UIt5AO+AvNoCikQ2+foLzgnCEoXg+uS9TW7oF7I= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=sBqTcUStdne9kw+mAA6H9akgsV02F/kRJ/b1ODwzSC3mJad7L/fDk7e8EGAMSfWNZY0KHUYx4bDIm898jMpQ35QwzhnEI93Pbkxxi479JyR8qlzkqC4o5I84zU6gnag5jEFDpqUv6zBcn7U2GFD6vZcyELERBobP8rumlHCcX9I= Received: by 10.141.178.5 with SMTP id f5mr1234242rvp.112.1206097325343; Fri, 21 Mar 2008 04:02:05 -0700 (PDT) Received: by 10.140.148.10 with HTTP; Fri, 21 Mar 2008 04:02:05 -0700 (PDT) Message-ID: Date: Fri, 21 Mar 2008 11:02:05 +0000 From: "Alireza Torabi" To: "Peter Jeremy" In-Reply-To: <20080321063517.GK85901@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080321063517.GK85901@server.vk2pj.dyndns.org> Cc: freebsd-net@freebsd.org Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 11:02:06 -0000 On Fri, Mar 21, 2008 at 6:35 AM, Peter Jeremy wrote: > On Thu, Mar 20, 2008 at 11:27:53AM +0000, Alireza Torabi wrote: > >Imagine this: > > > > | (1) > > packets > > | | (4) > > [nic1] [nic2] > > bpf SOCK_STREAM > > | (2) | > > [FreeBSD] (3) > > > >1) all user traffic are being monitored > >2) bpf on [nic] is capturing these packets > >3) after processing we know a connection is about to be established from A to B > > > >NOW: > >4) I want to deliver this packet to the socket on [nic2] > >and as this is a tcp socket it'll take care of it from there > >(my code here for this sockets sends and arbitary data to A making it > >think it came from B) > > Have a look at divert(4). I suspect it comes closest to what you want. > > -- > Peter Jeremy > Please excuse any delays as the result of my ISP's inability to implement > an MTA that is either RFC2821-compliant or matches their claimed behaviour. > Yes. It sounds promising. I was reading natd and planning to read ipfw source interestingly! Thanks Alireza From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 13:28:38 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 57FDF1065673 for ; Fri, 21 Mar 2008 13:28:38 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from aurynhome1sv1.zirakzigil.org (mail.zirakzigil.org [82.63.178.63]) by mx1.freebsd.org (Postfix) with SMTP id 723AD8FC25 for ; Fri, 21 Mar 2008 13:28:36 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: (qmail 53342 invoked by uid 98); 21 Mar 2008 13:28:35 -0000 Received: from 89.96.52.22 by aurynhome1sv1.zirakzigil.org (envelope-from , uid 89) with qmail-scanner-1.25 ( Clear:RC:0(89.96.52.22):. Processed in 0.039683 secs); 21 Mar 2008 13:28:35 -0000 X-Qmail-Scanner-Mail-From: auryn@zirakzigil.org via aurynhome1sv1.zirakzigil.org X-Qmail-Scanner: 1.25 (Clear:RC:0(89.96.52.22):. Processed in 0.039683 secs) Received: from unknown (HELO aurynmob2.giulioferro.it) (auryn@zirakzigil.org@89.96.52.22) by 0 with SMTP; 21 Mar 2008 13:28:35 -0000 Message-ID: <47E3B7F8.40307@zirakzigil.org> Date: Fri, 21 Mar 2008 14:28:24 +0100 From: Giulio Ferro User-Agent: Thunderbird 2.0.0.5 (X11/20070724) MIME-Version: 1.0 To: pyunyh@gmail.com References: <20080313033029.GF16972@cdnetworks.co.kr> <47D92F9D.4070701@zirakzigil.org> <20080314001704.GA22788@cdnetworks.co.kr> <47DA4DCD.6050304@zirakzigil.org> <20080314101555.GF22788@cdnetworks.co.kr> <47DA682E.9010504@zirakzigil.org> <20080314122708.GG22788@cdnetworks.co.kr> <47DA9BC0.8030205@zirakzigil.org> <20080317043945.GA2503@cdnetworks.co.kr> <47E298BD.7050807@zirakzigil.org> <20080320235420.GA70708@cdnetworks.co.kr> In-Reply-To: <20080320235420.GA70708@cdnetworks.co.kr> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Andrew Thompson , freebsd-net@freebsd.org Subject: Re: VLAN trunking and fragmentation X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 13:28:38 -0000 Pyun YongHyeon wrote: > > > > # ping -s 2000 192.168.100.2 > > PING 192.168.100.2 (192.168.100.2): 2000 data bytes > > 2008 bytes from 192.168.100.2: icmp_seq=0 ttl=64 time=0.264 ms > > 2008 bytes from 192.168.100.2: icmp_seq=1 ttl=64 time=1001.186 ms > > [...] > > > 2008 bytes from 192.168.100.2: icmp_seq=41 ttl=64 time=0.181 ms > > > > > > > > It would be great if you could understand why this happens... > > > > Try set tunable hw.re.msi_disable and let me know how it goes. > (Add hw.re.msi_disable="1" to /boot/loader.conf) > > You're spot on! ---------------------------------- # ping -c 200 -s 1472 192.168.100.2 PING 192.168.100.2 (192.168.100.2): 1472 data bytes 1480 bytes from 192.168.100.2: icmp_seq=0 ttl=64 time=0.192 ms 1480 bytes from 192.168.100.2: icmp_seq=1 ttl=64 time=0.151 ms 1480 bytes from 192.168.100.2: icmp_seq=2 ttl=64 time=0.155 ms 1480 bytes from 192.168.100.2: icmp_seq=3 ttl=64 time=0.150 ms 1480 bytes from 192.168.100.2: icmp_seq=4 ttl=64 time=0.151 ms 1480 bytes from 192.168.100.2: icmp_seq=5 ttl=64 time=0.149 ms 1480 bytes from 192.168.100.2: icmp_seq=6 ttl=64 time=0.153 ms 1480 bytes from 192.168.100.2: icmp_seq=7 ttl=64 time=0.149 ms [...] --- 192.168.100.2 ping statistics --- 200 packets transmitted, 200 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.148/0.159/1.472/0.093 ms ---------------------------------- What does that tunable do? From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 16:25:22 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3F2C01065674 for ; Fri, 21 Mar 2008 16:25:22 +0000 (UTC) (envelope-from brett@lariat.net) Received: from lariat.net (lariat.net [66.119.58.2]) by mx1.freebsd.org (Postfix) with ESMTP id E13F08FC33 for ; Fri, 21 Mar 2008 16:25:21 +0000 (UTC) (envelope-from brett@lariat.net) Received: from anne-o1dpaayth1.lariat.org (IDENT:ppp1000.lariat.net@lariat.net [66.119.58.2]) by lariat.net (8.9.3/8.9.3) with ESMTP id JAA28265 for ; Fri, 21 Mar 2008 09:47:26 -0600 (MDT) Message-Id: <200803211547.JAA28265@lariat.net> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 21 Mar 2008 09:47:08 -0600 To: net@freebsd.org From: Brett Glass Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Cc: Subject: GRE Mux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 16:25:22 -0000 Everyone: I have recently been building FreeBSD VPN servers which can accept 50 to 100 PPTP connections. PPTP is, essentially, PPP over GRE (with a TCP control connection), so we have large numbers of packets passing in and out using GRE. Unfortunately, GRE on FreeBSD doesn't currently have a multiplexing function as does TCP. If userland PPP and pptpd are used to handle the PPTP sessions, each GRE packet is passed to the first pptpd process. If the call ID doesn't match, it's passed to the next, and then the next, and so on. What's more, each test requires a "bounce" into and out of the kernel. mpd, which uses netgraph, does more of the work within the kernel, but the testing still takes place in linear time -- and the potential delay increases with the number of PPTP sessions that have been established. The packet is bounced from one netgraph node to another until one of them accepts it or the packet falls off the end of the chain. It seems to me that it might be worth it to implement a multiplexing function that dispatches the packet directly to the right process or netgraph node rather than passing it from hand to hand. Thoughts? --Brett Glass From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 16:36:44 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 95241106566B for ; Fri, 21 Mar 2008 16:36:44 +0000 (UTC) (envelope-from sinister@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.182]) by mx1.freebsd.org (Postfix) with ESMTP id 4C7C28FC2C for ; Fri, 21 Mar 2008 16:36:44 +0000 (UTC) (envelope-from sinister@gmail.com) Received: by py-out-1112.google.com with SMTP id u52so2089886pyb.10 for ; Fri, 21 Mar 2008 09:36:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:from:to:references:subject:date:mime-version:content-type:content-transfer-encoding:x-priority:x-msmail-priority:x-mailer:x-mimeole; bh=365+tH0/jzwUaAU1WZUkzE686Zllg2t2Rfl2Xewt7ug=; b=dmkeNblcOZy7HHC6fKdZUBmwhm0apzwreKkF3qHWMfTMn23bDpfRUenKZz0TOx+GJMBEizJpjXWtF+J98azI9/8F77j0hjnQ7m3uOofMoTF1yuvqIHcki0OTPdWbVOKCulkZeUfnCud0XXeL/9OzC4MalztCWF6y5J9KS2cZ5/k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:from:to:references:subject:date:mime-version:content-type:content-transfer-encoding:x-priority:x-msmail-priority:x-mailer:x-mimeole; b=OKm0U/wRlmUqZYIAxtjkewtnPOC9Z8A45NaI29aYOeLGzjPo9BEaYiQRs6zhCHTYYZErf6sbfWubKXh05mZHwaUKykaw5Hq7yzSBZjJil55D5HKcjztnrWsIr5cp2cwBg9P9d81Qt2oW2d3N81bas752g7oppK1W40DVNeQwFDQ= Received: by 10.35.68.3 with SMTP id v3mr2944461pyk.32.1206117403757; Fri, 21 Mar 2008 09:36:43 -0700 (PDT) Received: from dts ( [216.8.139.47]) by mx.google.com with ESMTPS id y67sm8769392pyg.39.2008.03.21.09.36.42 (version=SSLv3 cipher=RC4-MD5); Fri, 21 Mar 2008 09:36:42 -0700 (PDT) Message-ID: <062101c88b71$cb290e90$0200a8c0@dts> From: "Sin" To: "Jon Theil Nielsen" , References: <8f82c35c0803202329k1aff674cgd7deee4c1a58e20b@mail.gmail.com> Date: Fri, 21 Mar 2008 12:37:02 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2527 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 Cc: Subject: Re: Samba PDC with VPN access X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 16:36:44 -0000 I just happen to be looking into vpn stuff with FreeBSD, I was looking at the man page for ppp, there is a section that states passwd(5) can be used instead of a secret file. Not sure if this entirely relates to your setup, but I will be trying this out /* If MyAuthPasswd is a ``*'', the password is looked up in the passwd(5) database. */ ----- Original Message ----- From: "Jon Theil Nielsen" To: Sent: Friday, March 21, 2008 2:29 AM Subject: Samba PDC with VPN access > We have a Samba PDC on FreeBSD 7.0-release. The goal is to make users home > drrives accessible throuth a VPN connection from Windows clients. Until > now > I have experimented with the Poptop server without much success and now > have > a working configuration based on Mpd4. This is not ideal, since I have to > keep usernames/passwords manually updated in the mpd.secret file. And that > can not be combined with users changing their own Samba and UNIX passwords > via password sync. > It seems that some kind of authentication via Winbind and ntml_auth would > be > a way to go. > Maybe it can be done by installing a Radius server to communicate with > Mpd, > but that seems to be unnessesarily complicated. > Does anyone know the "best" solution to achieve the goal? > > Regards, > Jon Theil Nielsen > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 18:16:51 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 797EF106566C for ; Fri, 21 Mar 2008 18:16:51 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outN.internet-mail-service.net (outN.internet-mail-service.net [216.240.47.237]) by mx1.freebsd.org (Postfix) with ESMTP id 54E7D8FC1E for ; Fri, 21 Mar 2008 18:16:51 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Fri, 21 Mar 2008 11:16:57 -0700 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 111B12D600E; Fri, 21 Mar 2008 11:16:50 -0700 (PDT) Message-ID: <47E3FB93.1080501@elischer.org> Date: Fri, 21 Mar 2008 11:16:51 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213) MIME-Version: 1.0 To: Alireza Torabi References: <20080321063517.GK85901@server.vk2pj.dyndns.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Peter Jeremy , freebsd-net@freebsd.org Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 18:16:51 -0000 Alireza Torabi wrote: > On Fri, Mar 21, 2008 at 6:35 AM, Peter Jeremy > wrote: >> On Thu, Mar 20, 2008 at 11:27:53AM +0000, Alireza Torabi wrote: >> >Imagine this: >> > >> > | (1) >> > packets >> > | | (4) >> > [nic1] [nic2] >> > bpf SOCK_STREAM >> > | (2) | >> > --------------------------------------- >> > [FreeBSD] (3) >> > >> >1) all user traffic are being monitored >> >2) bpf on [nic] is capturing these packets >> >3) after processing we know a connection is about to be established from A to B >> > >> >NOW: >> >4) I want to deliver this packet to the socket on [nic2] >> >and as this is a tcp socket it'll take care of it from there >> >(my code here for this sockets sends and arbitary data to A making it >> >think it came from B) >> >> Have a look at divert(4). I suspect it comes closest to what you want. >> >> -- >> Peter Jeremy >> Please excuse any delays as the result of my ISP's inability to implement >> an MTA that is either RFC2821-compliant or matches their claimed behaviour. >> > > Yes. It sounds promising. I was reading natd and planning to read ipfw > source interestingly! also I think you may want the 'fwd' call in ipfw... I don't quite understand your question.. (despite the picture) where ia A and where is B? and why 2 nics? User traffic where? on a switch? coming in and out of this machine? you need to define a little more of the picture.. Julian > Thanks > > Alireza > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 18:54:45 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AEA50106566B for ; Fri, 21 Mar 2008 18:54:45 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outP.internet-mail-service.net (outP.internet-mail-service.net [216.240.47.239]) by mx1.freebsd.org (Postfix) with ESMTP id 929658FC1E for ; Fri, 21 Mar 2008 18:54:45 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Fri, 21 Mar 2008 11:40:59 -0700 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 546E52D600D; Fri, 21 Mar 2008 11:40:47 -0700 (PDT) Message-ID: <47E40130.1000901@elischer.org> Date: Fri, 21 Mar 2008 11:40:48 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213) MIME-Version: 1.0 To: Brett Glass References: <200803211547.JAA28265@lariat.net> In-Reply-To: <200803211547.JAA28265@lariat.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: net@freebsd.org Subject: Re: GRE Mux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 18:54:45 -0000 Brett Glass wrote: > Everyone: > > I have recently been building FreeBSD VPN servers which can accept 50 to > 100 PPTP connections. PPTP is, essentially, PPP over GRE (with a TCP > control connection), so we have large numbers of packets passing in and > out using GRE. Unfortunately, GRE on FreeBSD doesn't currently have a > multiplexing function as does TCP. If userland PPP and pptpd are used to > handle the PPTP sessions, each GRE packet is passed to the first pptpd > process. If the call ID doesn't match, it's passed to the next, and then > the next, and so on. What's more, each test requires a "bounce" into and > out of the kernel. mpd, which uses netgraph, does more of the work > within the kernel, but the testing still takes place in linear time -- > and the potential delay increases with the number of PPTP sessions that > have been established. The packet is bounced from one netgraph node to > another until one of them accepts it or the packet falls off the end of > the chain. > > It seems to me that it might be worth it to implement a multiplexing > function that dispatches the packet directly to the right process or > netgraph node rather than passing it from hand to hand. Thoughts? if it takes you more than 1 day to write a netgraph function to do it you are taking too many coffee breaks. mpd could probably do it automatically as it already does a lot of netgraph munging. > > --Brett Glass > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 20:06:30 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 656661065670 for ; Fri, 21 Mar 2008 20:06:30 +0000 (UTC) (envelope-from kagekonjou@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.187]) by mx1.freebsd.org (Postfix) with ESMTP id 9A7218FC14 for ; Fri, 21 Mar 2008 20:06:29 +0000 (UTC) (envelope-from kagekonjou@gmail.com) Received: by rv-out-0910.google.com with SMTP id g13so967456rvb.43 for ; Fri, 21 Mar 2008 13:06:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; bh=BhcTLU9uHaltvrd5Ixdyp7PuRZTorwf9QkknZcvAoic=; b=ivbhYA80OvTWebExSTqFd/At8KRnjo23qIYQtBQI+cWK5ApUwx3Pmud35GTTM87fWpBCd+HhJW9Uv4PtnXbSokmurOjyzFoZd7wvmN4F4Wpv5SScLl7Mbikg8pQHM3KGbcSkSE62CRod+aaXPFKDpq622ZewVk2AxRyYYG+abbs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=dabEzUXByDd2z2Cg43dfXfnzb56gmtbdzD2wdCO7lzdlsfQ9YnSEvcv5OiJLYNiwyntYCFCVMWAhJqnTm6JF3Con5tRoOlsWpRsq/EhqTuqDWES5x3xiPZJspaSMwlUGSK0UFx/IzFfPUSIBgWW1zv40QkM2yESKEyI6CiAhWug= Received: by 10.141.76.21 with SMTP id d21mr1585925rvl.270.1206128359537; Fri, 21 Mar 2008 12:39:19 -0700 (PDT) Received: by 10.70.110.17 with HTTP; Fri, 21 Mar 2008 12:39:19 -0700 (PDT) Message-ID: Date: Fri, 21 Mar 2008 15:39:19 -0400 From: Kage To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: freebsd-ipfw@freebsd.org Subject: natd port forward times out, tcpdump yields nothing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 20:06:30 -0000 Hey guys, This is a fun one that's stumped people in Freenode ##freebsd. Basically, I have this layout: irc.domain.com -> DNS A -> IRC Jail When someone connects to irc.domain.com on IRC ports (6667, 8067, etc.), it round-robins them using natd, otherwise it sends all other port requests to the IRC jail as per normal (such as port 80, which is my primary concern). As for having it setup to have ipfw divert to natd, that's done and works, as shown by natd verbose mode: In {default}[TCP] [TCP] 72.65.73.23:2980 -> 207.210.114.45:6667 aliased to [TCP] 72.65.73.23:2980 -> 207.210.114.45:6667 (For reference) 207.210.114.45 = jail IP 72.20.28.202 = example target IP in the round-robin 72.65.73.23 = my IP Right now, my ipfw.rules file is as follows: [root@nub /etc]# cat ipfw.rules IPF="ipfw -q add" ipfw -f -q flush #loopback $IPF 10 allow all from any to any via lo0 $IPF 20 deny all from any to 127.0.0.0/8 $IPF 30 deny all from 127.0.0.0/8 to any $IPF 40 deny tcp from any to any frag # statefull $IPF 50 check-state $IPF 60 allow tcp from any to any established $IPF 70 allow all from any to any out keep-state $IPF 54999 allow icmp from any to any # Include the deny file . /etc/ipfw.deny [snip -- some allowed ports] # IRC (natd divert for IRC port-forwarding $IPF 50220 divert natd all from any to 207.210.114.45 6667 via rl0 $IPF 50230 divert natd all from any to 207.210.114.45 8067 via rl0 $IPF 50240 divert natd all from any to 207.210.114.45 8068 via rl0 $IPF 50250 divert natd all from any to 207.210.114.45 6697 via rl0 $IPF 50260 divert natd all from any to 207.210.114.45 7000 via rl0 # keep these two IRC ports normally open for BNC $IPF 50270 allow all from any to any 31337 in $IPF 50380 allow all from any to any 31337 out [snip -- more allowed ports] # deny and log everything $IPF 55000 deny log all from any to any ----- Here's a dump of ipfw show, with some stuff cut out for space purposes (they're just denied DDoS IPs) [root@nub /etc]# ipfw show 00010 61124 16056802 allow ip from any to any via lo0 00020 0 0 deny ip from any to 127.0.0.0/8 00030 0 0 deny ip from 127.0.0.0/8 to any 00040 0 0 deny tcp from any to any frag 00050 0 0 check-state 00060 670616 455926379 allow tcp from any to any established 00070 16213 14071853 allow ip from any to any out keep-state [snip] 50220 468 22464 divert 8668 ip from any to 207.210.114.45 dst-port 6667 via rl0 50230 0 0 divert 8668 ip from any to 207.210.114.45 dst-port 8067 via rl0 50240 0 0 divert 8668 ip from any to 207.210.114.45 dst-port 8068 via rl0 50250 0 0 divert 8668 ip from any to 207.210.114.45 dst-port 6697 via rl0 50260 0 0 divert 8668 ip from any to 207.210.114.45 dst-port 7000 via rl0 50270 1 60 allow ip from any to any dst-port 31337 in 54999 66 3991 allow icmp from any to any 55000 4364 343609 deny log logamount 100 ip from any to any 65535 29 4176 allow ip from any to any My natd.conf is as follows: [root@nub /etc]# cat natd.conf # Nub.Core NATd verbose alias_address 207.210.114.45 log log_denied log_ipfw_denied pid_file /var/run/natd.pid ### IRC Redirect Ports # 6667 redirect_port tcp 72.20.28.202:6667 207.210.114.45:6667 207.210.114.45:6667 [root@nub /etc]# And, as stated above, I am showing connection diverts to natd. When I run the following three tcpdumps: tcpdump -s 0 -w me_to_nat.pcap -vvv -i rl0 src host 72.65.73.23 and dst host 207.210.114.45 and dst port 6667 tcpdump -s 0 -w nat_to_jail.pcap -vvv -i rl0 src host 72.20.28.202 and dst host 207.210.114.45 and dst port 6667 tcpdump -s 0 -w jail_to_nat.pcap -vvv -i rl0 src host 207.210.114.45 and dst host 72.20.28.202 and src port 6667 Only the "me_to_nat.pcap" gets any data. The rest are 0 bytes. Example: -rw-r--r-- 1 root wheel 0 Mar 21 14:57 jail_to_nat.pcap -rw-r--r-- 1 root wheel 16384 Mar 21 15:24 me_to_nat.pcap -rw-r--r-- 1 root wheel 0 Mar 21 14:57 nat_to_jail.pcap So, can anyone diagnose and fix this? Thanks. (P.S.: I'm aware of the DNS methods of doing round-robin, but please keep that from this discussion. I need to port-forward round-robin, not whole DNS) -- ~ Kage http://vitund.com http://hackthissite.org From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 20:33:28 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9EA181065673 for ; Fri, 21 Mar 2008 20:33:28 +0000 (UTC) (envelope-from brett@lariat.net) Received: from lariat.net (lariat.net [66.119.58.2]) by mx1.freebsd.org (Postfix) with ESMTP id 232FF8FC19 for ; Fri, 21 Mar 2008 20:33:27 +0000 (UTC) (envelope-from brett@lariat.net) Received: from anne-o1dpaayth1.lariat.org (IDENT:ppp1000.lariat.net@lariat.net [66.119.58.2]) by lariat.net (8.9.3/8.9.3) with ESMTP id OAA03723; Fri, 21 Mar 2008 14:33:22 -0600 (MDT) Message-Id: <200803212033.OAA03723@lariat.net> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 21 Mar 2008 14:33:18 -0600 To: Julian Elischer From: Brett Glass In-Reply-To: <47E40130.1000901@elischer.org> References: <200803211547.JAA28265@lariat.net> <47E40130.1000901@elischer.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Cc: net@freebsd.org Subject: Re: GRE Mux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 20:33:28 -0000 At 12:40 PM 3/21/2008, Julian Elischer wrote: >if it takes you more than 1 day to write a netgraph function to do it you are taking too many coffee breaks. It might be possible to do it, but (a) it would break the interface to mpd and (b) if it it would not help other apps (e.g. pptpd). It would be nice to make both mpd and pptpd work properly with it.... --Brett Glass From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 20:44:52 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A01831065676 for ; Fri, 21 Mar 2008 20:44:52 +0000 (UTC) (envelope-from jontheil@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.178]) by mx1.freebsd.org (Postfix) with ESMTP id 6496C8FC1B for ; Fri, 21 Mar 2008 20:44:52 +0000 (UTC) (envelope-from jontheil@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so1758583waf.3 for ; Fri, 21 Mar 2008 13:44:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=ZHj3HleavhZWWHyYjFqGCkMgWeEaLvIQqEEqP8e/mQ0=; b=CjqDkZttw9oCFKZ7kUTYay33v6c+zic1cC1sBOFE1GuhMobH2pteq/JvHub09Had6Wkmel/eocRXqCz7OQgI9JcVTJ1CS9pKe/j+x0JvOfq/a0jLUH3dTs+VjGlZHy18x6K1vpaRODdTaWiGfhwy244zt5lz1a9ro5J7TSEe28o= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=NBZprn2hePBLM89CgsT7Mhjx0HMgiOAkBOMTvAJmOgAzI/nlBVvvs4A/sgYb051vtorkA9WFaS1grbZRgJFwz1yvEeo0IlZa9Ghe5h6djUx8ZBUSN6Yxy/Py7rmrbUw/QgARi3VG67EO83bUeoYovNmNq3nqitf9m3mDnEpndY4= Received: by 10.115.106.7 with SMTP id i7mr6742012wam.18.1206132291835; Fri, 21 Mar 2008 13:44:51 -0700 (PDT) Received: by 10.114.168.6 with HTTP; Fri, 21 Mar 2008 13:44:51 -0700 (PDT) Message-ID: <8f82c35c0803211344he63903fpebe6e43d1bc73c8e@mail.gmail.com> Date: Fri, 21 Mar 2008 21:44:51 +0100 From: "Jon Theil Nielsen" To: Sin In-Reply-To: <062101c88b71$cb290e90$0200a8c0@dts> MIME-Version: 1.0 References: <8f82c35c0803202329k1aff674cgd7deee4c1a58e20b@mail.gmail.com> <062101c88b71$cb290e90$0200a8c0@dts> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: Samba PDC with VPN access X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 20:44:52 -0000 2008/3/21, Sin : > > I just happen to be looking into vpn stuff with FreeBSD, I was looking > at > the man page for ppp, there is a section that states passwd(5) can be used > instead of a secret file. Not sure if this entirely relates to your > setup, > but I will be trying this out > > /* > If MyAuthPasswd is a ``*'', the password is looked up in the passwd(5) > database. > */ > > > We have a Samba PDC on FreeBSD 7.0-release. The goal is to make users > home > > drrives accessible throuth a VPN connection from Windows clients. Until > > now > > I have experimented with the Poptop server without much success and now > > have > > a working configuration based on Mpd4. This is not ideal, since I have > to > > keep usernames/passwords manually updated in the mpd.secret file. And > that > > can not be combined with users changing their own Samba and UNIX > passwords > > via password sync. > > It seems that some kind of authentication via Winbind and ntml_auth > would > > be > > a way to go. > > Maybe it can be done by installing a Radius server to communicate with > > Mpd, > > but that seems to be unnessesarily complicated. > > Does anyone know the "best" solution to achieve the goal? > You migth be right about trying (again) with ppp. I just didn't make it work in the first place. So I would surely like to hear if it is something you can do. And if so, I would like to have a look at your conf files. Best regards, Jon From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 21:01:16 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 09CA91065671 for ; Fri, 21 Mar 2008 21:01:16 +0000 (UTC) (envelope-from jontheil@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.183]) by mx1.freebsd.org (Postfix) with ESMTP id C4EC68FC1B for ; Fri, 21 Mar 2008 21:01:15 +0000 (UTC) (envelope-from jontheil@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so1764932waf.3 for ; Fri, 21 Mar 2008 14:01:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=AsdQzy1FaZsryIoFt3r1VxXwaA3aRbg+BVEx1tvtrjQ=; b=nMpOtt86YrXqC13sY9p0vOLrlFKiLproProTj8+NjHg96h95P1YFRaU3wpAy9hFjja+pWMoJ6eIyMzFPUSgZ06c1Ehh0pEroloE06bm8+TJOxkvPxRcJjpyQbTQarq36xklBsyCipZGelO7tLnpy6t6lndDtnDDENq2IWJkvb5s= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=MvHg378l/l7GK8oZoanHBM5XL/WpnRdQfXfQa14oo7QglrWz/N+YB14CGnjbDQbd2LPpX66Ij3JkzusgN7zJ6bUNe3AFRpxHxUD0wsOJc+WpCyiwJLI+PD0S49U16ggzhYKxpNQ94ux8i2hVaxZpO30+VaTnmTzr38Eo18Iby7w= Received: by 10.114.66.2 with SMTP id o2mr6698497waa.102.1206133275537; Fri, 21 Mar 2008 14:01:15 -0700 (PDT) Received: by 10.114.168.6 with HTTP; Fri, 21 Mar 2008 14:01:15 -0700 (PDT) Message-ID: <8f82c35c0803211401s488bba8bm3587cef4422505f6@mail.gmail.com> Date: Fri, 21 Mar 2008 22:01:15 +0100 From: "Jon Theil Nielsen" To: Sin In-Reply-To: <062101c88b71$cb290e90$0200a8c0@dts> MIME-Version: 1.0 References: <8f82c35c0803202329k1aff674cgd7deee4c1a58e20b@mail.gmail.com> <062101c88b71$cb290e90$0200a8c0@dts> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: Samba PDC with VPN access X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 21:01:16 -0000 2008/3/21, Sin : > > I just happen to be looking into vpn stuff with FreeBSD, I was looking > at > the man page for ppp, there is a section that states passwd(5) can be used > instead of a secret file. Not sure if this entirely relates to your > setup, > but I will be trying this out > > /* > If MyAuthPasswd is a ``*'', the password is looked up in the passwd(5) > database. > */ BTW, I think this is a method to authenticate yourself when establishing a connection from your own machine to another one. One something I can use to authenticate outside users to my (VPN) server. Regards, Jon From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 22:53:43 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2E6571065674 for ; Fri, 21 Mar 2008 22:53:43 +0000 (UTC) (envelope-from mattjreimer@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.177]) by mx1.freebsd.org (Postfix) with ESMTP id C84BE8FC13 for ; Fri, 21 Mar 2008 22:53:42 +0000 (UTC) (envelope-from mattjreimer@gmail.com) Received: by py-out-1112.google.com with SMTP id u52so2332976pyb.10 for ; Fri, 21 Mar 2008 15:53:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=zbcq+JuiI980CftiI47kUpSF84aF/QfmlZnySxgXVgg=; b=Di1z83oKC61aBWv+DUzA9Jz9tWbJ4yu4zlD3HCxyKn3KI0wBofwJxP8MxtHP7mMZVu/uBUEK1SF0uI79kV7PDOeEOYvi4thzxObgL8Qzve6SEWPhNqkdgq1dF9vLY+sLcmZjxLXeOirbMRO/USLHqJZgGt8C+AjuduSi6KBi4Og= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=pJbPew4u9mO2xnzgq4fiLkThSZCgw2AcN0tqXRZucfGErtTNjh3cJ8IpUPmgp80iYOQuv/RlHNyk3rZQ9eWMiYmNEY9u/nJRIeULn5RboGbb2PEFFBTJT23cFIGVpS2tnA/Hekq5OC8DP1BLJmmiK3IKiTY7aasWoxjQIRgihh8= Received: by 10.35.79.3 with SMTP id g3mr3603776pyl.53.1206140021533; Fri, 21 Mar 2008 15:53:41 -0700 (PDT) Received: by 10.35.58.11 with HTTP; Fri, 21 Mar 2008 15:53:41 -0700 (PDT) Message-ID: Date: Fri, 21 Mar 2008 15:53:41 -0700 From: "Matt Reimer" To: "d.s. al coda" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47D860AC.6030707@freebsd.org> Cc: freebsd-net@freebsd.org, Andre Oppermann Subject: Re: TCP options order changed in FreeBSD 7, incompatible with some routers X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 22:53:43 -0000 On Thu, Mar 20, 2008 at 7:09 PM, d.s. al coda wrote: > On 3/12/08, Andre Oppermann wrote: > > > > > > I'd be very interesting to know the exactly models and their firmware > > version > > of the affected routers. If available locally I'd like to obtain a > > similar > > model myself for future regression tests. > > > Here are the models we managed to hear about via email: > D-Link WBR-1310 > Linksys WCG200 (with firewall enabled) > Encore Broadband Router > Linksys WAG354G > Ambit U10C019 > Netgear CG814GCMR I've seen this on a Netgear CG814WG. Matt From owner-freebsd-net@FreeBSD.ORG Fri Mar 21 23:15:55 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2EDFA1065671 for ; Fri, 21 Mar 2008 23:15:55 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.246]) by mx1.freebsd.org (Postfix) with ESMTP id C68E08FC20 for ; Fri, 21 Mar 2008 23:15:54 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so560228anc.13 for ; Fri, 21 Mar 2008 16:15:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=/5jWkyZreYZgp1pWs/AQCj0DAcHqdFzpHP3zrMBiqdg=; b=fJn0gvEmlBBnteMT1Dc91SPFfG/Ns+WkjG9a/XwqYsA51JOn0gdMKxMCpqx5gotOLs/KNZLQeWFyBUCXtFQCs9PYfZPRZbBWrKVI0o1vHcHl25E8O6kuRjzC8BY5u5HJtGnd60zx+fQia0+NGEH1ZbMw/wrscm0UCWZLa7D7IxM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=qXWVKz1ebmmMHL8JTPZZ/QCpJvZzZJ1y2gxpMW0Fk2YGYhO+vbYxF+13M1B66A503P3hgzwwih1jm5Xz2ZFdI0/3W5YK2g8+ctS2L3PqyVTwfOe6D68lBJ0+fuOhEAu+13VEd56itqyeK4p0CUtnxvTrbjJYspg3uMOJM6Cmq9c= Received: by 10.100.152.11 with SMTP id z11mr9622094and.17.1206139821307; Fri, 21 Mar 2008 15:50:21 -0700 (PDT) Received: by 10.100.240.5 with HTTP; Fri, 21 Mar 2008 15:50:21 -0700 (PDT) Message-ID: <9a542da30803211550s2ae854f7p23405b64f0c43f9c@mail.gmail.com> Date: Fri, 21 Mar 2008 23:50:21 +0100 From: "=?ISO-8859-1?Q?Ermal_Lu=E7i?=" To: "Brett Glass" In-Reply-To: <200803211547.JAA28265@lariat.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200803211547.JAA28265@lariat.net> Cc: net@freebsd.org Subject: Re: GRE Mux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 23:15:55 -0000 On Fri, Mar 21, 2008 at 4:47 PM, Brett Glass wrote: > Everyone: > > I have recently been building FreeBSD VPN servers which can accept > 50 to 100 PPTP connections. PPTP is, essentially, PPP over GRE > (with a TCP control connection), so we have large numbers of > packets passing in and out using GRE. Unfortunately, GRE on FreeBSD > doesn't currently have a multiplexing function as does TCP. If > userland PPP and pptpd are used to handle the PPTP sessions, each > GRE packet is passed to the first pptpd process. If the call ID > doesn't match, it's passed to the next, and then the next, and so > on. What's more, each test requires a "bounce" into and out of the > kernel. mpd, which uses netgraph, does more of the work within the > kernel, but the testing still takes place in linear time -- and the > potential delay increases with the number of PPTP sessions that > have been established. The packet is bounced from one netgraph node > to another until one of them accepts it or the packet falls off the > end of the chain. > > It seems to me that it might be worth it to implement a > multiplexing function that dispatches the packet directly to the > right process or netgraph node rather than passing it from hand to > hand. Thoughts? > ng_gif_demux does the same it shouldn't be to hard to come with something similar for pptp. If you find the time and do it please share. > --Brett Glass > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 01:25:04 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2EF5D106564A for ; Sat, 22 Mar 2008 01:25:04 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.171]) by mx1.freebsd.org (Postfix) with ESMTP id E40338FC14 for ; Sat, 22 Mar 2008 01:25:03 +0000 (UTC) (envelope-from alireza.torabi@gmail.com) Received: by wf-out-1314.google.com with SMTP id 25so1838179wfa.7 for ; Fri, 21 Mar 2008 18:25:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=6GwCRfASeCiwnSV76bo543p5OP7Tl8dM3zBBjFzIXA0=; b=lccivbCT0UKOjXZst8maShs4MdTkWUSx3Nez7p6vnNl1EOJGeG9bC6CiKtCG+CJCHnDb7FZJYQyHDAU0susTEG0ETGcj9s6Y7lndZiNbRzJ/EjYGIfhFLgPRa2q5e5WRwdG8s+nU99CigjS0pNcXnxCGN28Yj8bBHZPotfZoIMI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=oWnu5c8DPFldGWVoCG3Y5j11riCcBzS1cUNvWlf4idp/XkcakXiQilSySmNXNILVi7Et50Sxki3yGyXgZW91yBJP5/RKnvIOaxsfpMZCqJTbRk4OSV4/jNn0YtYs9mcIns8KPZAm1Zr0t9Tqu+dAWVj/B5OPXa61sZjJRf3LO1c= Received: by 10.114.202.15 with SMTP id z15mr7066215waf.72.1206149103649; Fri, 21 Mar 2008 18:25:03 -0700 (PDT) Received: by 10.115.78.3 with HTTP; Fri, 21 Mar 2008 18:25:03 -0700 (PDT) Message-ID: Date: Sat, 22 Mar 2008 01:25:03 +0000 From: "Alireza Torabi" To: freebsd-net@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080321063517.GK85901@server.vk2pj.dyndns.org> <47E3FB93.1080501@elischer.org> Subject: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 01:25:04 -0000 On Fri, Mar 21, 2008 at 6:16 PM, Julian Elischer wrote: > > Alireza Torabi wrote: > > On Fri, Mar 21, 2008 at 6:35 AM, Peter Jeremy > > wrote: > >> On Thu, Mar 20, 2008 at 11:27:53AM +0000, Alireza Torabi wrote: > >> >Imagine this: > >> > > >> > | (1) > >> > packets > >> > | | (4) > >> > [nic1] [nic2] > >> > bpf SOCK_STREAM > >> > | (2) | > >> > --------------------------------------- > >> > [FreeBSD] (3) > >> > > >> >1) all user traffic are being monitored > >> >2) bpf on [nic] is capturing these packets > >> >3) after processing we know a connection is about to be established from A to B > >> > > >> >NOW: > >> >4) I want to deliver this packet to the socket on [nic2] > >> >and as this is a tcp socket it'll take care of it from there > >> >(my code here for this sockets sends and arbitary data to A making it > >> >think it came from B) > >> > >> Have a look at divert(4). I suspect it comes closest to what you want. > >> > >> -- > >> Peter Jeremy > >> Please excuse any delays as the result of my ISP's inability to implement > >> an MTA that is either RFC2821-compliant or matches their claimed behaviour. > >> > > > > Yes. It sounds promising. I was reading natd and planning to read ipfw > > source interestingly! > > also I think you may want the 'fwd' call in ipfw... > I won't be using ipfw(8) at all as this is monitoring a copy of all the packets flowing through a core switch on a span/rmon 'ed switch port. > I don't quite understand your question.. > (despite the picture) > where ia A and where is B? > As I say I can only they a copy of these hosts' traffic over an rmon/span 'ed (Cisco terms) switch port. > and why 2 nics? [nic1] is connected to above switch port and and is bpf ing all the the packets (promisc) and [nic2] has it's own ip address and connected to a normal switch port, hence can send and receive data. ie talk to A or B > > User traffic where? > on a switch? > coming in and out of this machine? bpf is reading all the incoming packets coming to [nic1] off. > > you need to define a little more of the picture.. > > Julian btw, are you the Julian netgraph(8)? > > > > Thanks > > > > Alireza > > > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 02:25:56 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C89AD1065670 for ; Sat, 22 Mar 2008 02:25:56 +0000 (UTC) (envelope-from sinister@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.180]) by mx1.freebsd.org (Postfix) with ESMTP id 73E5A8FC23 for ; Sat, 22 Mar 2008 02:25:56 +0000 (UTC) (envelope-from sinister@gmail.com) Received: by py-out-1112.google.com with SMTP id u52so2456035pyb.10 for ; Fri, 21 Mar 2008 19:25:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:from:to:cc:references:subject:date:mime-version:content-type:x-priority:x-msmail-priority:x-mailer:x-mimeole; bh=kY9PPWe2WtT66IzGZvV2yU+qcPQI/d/8ZIOdlyshhro=; b=fyXYVoK83/rjGTHjsp+CN02m2knevWLvNhUerRqZE9zt9ST/nxXebSI3WHP+HQv9KO6VkzEFfXsO5tCBMjnFN6gHYjSkufQQETQgrbqqZjdxanJdrNvuBLWJGmyAWiqA3u5hXX1zNJzVW2fd22R2Qc6ing6yRTPqc7abQGRvOOk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:from:to:cc:references:subject:date:mime-version:content-type:x-priority:x-msmail-priority:x-mailer:x-mimeole; b=RPzMNATTOrq/Rkf810sGOXf7AFSV+tGiP/gC/v3wg/dwb4O8wAO9sMAmZayFWGjcnz+SQaukPXHKoyJ6dBgTji4MUU+fIdR2tQP9MSwM3bbKzi1vjkHor0hMTzt2GcNVhw1bbYO46YXElxTlLHXLzmtfyhMVzg+sT8d7/UwY3Lc= Received: by 10.35.84.20 with SMTP id m20mr3848865pyl.55.1206152755586; Fri, 21 Mar 2008 19:25:55 -0700 (PDT) Received: from dts ( [216.8.139.47]) by mx.google.com with ESMTPS id f78sm10455820pyh.18.2008.03.21.19.25.53 (version=SSLv3 cipher=RC4-MD5); Fri, 21 Mar 2008 19:25:53 -0700 (PDT) Message-ID: <067401c88bc4$1a6ad900$0200a8c0@dts> From: "Sin" To: "Jon Theil Nielsen" References: <8f82c35c0803202329k1aff674cgd7deee4c1a58e20b@mail.gmail.com> <062101c88b71$cb290e90$0200a8c0@dts> <8f82c35c0803211344he63903fpebe6e43d1bc73c8e@mail.gmail.com> Date: Fri, 21 Mar 2008 22:26:14 -0400 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2527 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: Samba PDC with VPN access X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 02:25:56 -0000 Well, Looks like I did get it connected. But its very broken. I'm = trying to make it connect from Windows XP VPN client and the client = talks to the server, but nothing comes of it. ( You can see all the = chatter in ppp.log ) However, if I tell my other FreeBSD machine to = connect to the pptp server, it connects and a TCP link is created under = the settings I specified. Here's some usefull info: server: 7.0-RELEASE PPP Version 3.4.2 server IP: 10.0.0.2 /etc/inetd.conf pptp stream tcp nowait root /usr/sbin/ppp ppp -direct ppp-in /etc/ppp/ppp.conf: ppp-in: set log All set timeout 0 set ifaddr 10.0.4.1 10.0.4.2 disable chap enable pap enable passwdauth /etc/ppp/ppp.secret sin sinspassword /etc/ppp/ppp.linkup pptp: add 10.0.1.0/24 HISADDR Client machine (1): 6.3-RELEASE PPP Version 3.4.2 Client IP: 10.0.0.1 /etc/ppp/ppp.conf vpn: set device 10.0.0.2:1723/tcp set authname sin set authkey sinspassword and then I make the connection by using ppp interactly for testing. = "dial vpn " gets you the three capitals P's, then a simple ping test = proves the link. PPP ON router> show iface tun1 (idx 9) mtu 1500 has 1 address: inet 10.0.4.2 --> 10.0.4.1 netmask 0xffffffff Client machine (2) Windows XP sp3 Error 800 Unable to establish the VPN connection. The VPN server may be = unreachable, or security parameters may not be coinfigured properly for = this connection. - You can see the ppp.log file fill up while the XP machine tries to = connect. Something is missing here and I think i've been staring at = this ppp man page way to long because i'm starting to think that this = pptp server is not the same thing as the XP pptp server/client = connection. You migth be right about trying (again) with ppp. I just didn't make = it work in the first place. So I would surely like to hear if it is = something you can do. And if so, I would like to have a look at your = conf files. Best regards, Jon From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 02:47:10 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C054D1065673 for ; Sat, 22 Mar 2008 02:47:10 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outA.internet-mail-service.net (outA.internet-mail-service.net [216.240.47.224]) by mx1.freebsd.org (Postfix) with ESMTP id 9DD418FC1B for ; Sat, 22 Mar 2008 02:47:10 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Fri, 21 Mar 2008 19:48:19 -0700 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id CA99F2D6011; Fri, 21 Mar 2008 19:47:09 -0700 (PDT) Message-ID: <47E4732D.5050807@elischer.org> Date: Fri, 21 Mar 2008 19:47:09 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213) MIME-Version: 1.0 To: Alireza Torabi References: <20080321063517.GK85901@server.vk2pj.dyndns.org> <47E3FB93.1080501@elischer.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: bpf packet capture and SOCK_STREAM socket redirects... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 02:47:10 -0000 Ok I have read this again, I think you are trying to hijack a session before the intended target can start it up... but you have some problems. The original packets will continue on to the intended server so it will respond as well. And when the session you have created starts talking, that original server is going to start sending you lots of resets. They MAY or MAY NOT (depending on the client OS) reset your session. We do something almost exactly like this sometimes, but we have a mechanism to stop the original packets. as long as the port is in promiscuous mode, you should be able to jsut use ipfw add 100 fwd 127.0.0.1,1000 tcp from any to any 80 in recv em0 setup where em0 is your span NIC and your dummy server is listening on port 1000 on 127.0.0.1 It will respond faster than the remote server (assuming port 80 here) and will supply a sequence number that the intended window will fail to match. you can force the interface into promiscuous mode in several ways.. including using netgraph and ifconfig. From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 05:37:14 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F1ACD106566B for ; Sat, 22 Mar 2008 05:37:14 +0000 (UTC) (envelope-from pyunyh@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.170]) by mx1.freebsd.org (Postfix) with ESMTP id CB3758FC15 for ; Sat, 22 Mar 2008 05:37:14 +0000 (UTC) (envelope-from pyunyh@gmail.com) Received: by wf-out-1314.google.com with SMTP id 25so1926564wfa.7 for ; Fri, 21 Mar 2008 22:37:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:received:received:date:from:to:cc:subject:message-id:reply-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; bh=bMg/rIdzSt1Zgaka2ZgszOYK8AZ0O0Z8DhPxjsD232M=; b=jBv4cC3OywQ8fAx6E3lMBQIwxRpWYzw99/GCqbSWZ4dalU4TUmYGHgR3pZwMWUDhaLROlcaa40RIPmfuLIg8Jvy6hiB7f+N/47mexrmhYJuloD16ONiWo2lXIIEX4yOnP0jgOGdFouoRnoU2jjd14sQxcFrC0NyUZ8jPWgGF0Uo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=date:from:to:cc:subject:message-id:reply-to:references:mime-version:content-type:content-disposition:in-reply-to:user-agent; b=Tc0xdfkj38pxtyOJ+EaedfhUn/2hoHuWmrgz/IlYI/H2q1ZrGa2o0jaDchirq5fAp7k02o+lV9Wv2hQCbasknON6BKhXYMHPPuyPTkGlVdBgnkpnqBAtKbU3KXyFHGKkv9ka6yvZYB9O6TmLVM3WAKkD7shmGcqQAabl76kW+FE= Received: by 10.142.83.4 with SMTP id g4mr2913960wfb.103.1206164234306; Fri, 21 Mar 2008 22:37:14 -0700 (PDT) Received: from michelle.cdnetworks.co.kr ( [211.53.35.84]) by mx.google.com with ESMTPS id 22sm8822738wfi.12.2008.03.21.22.37.11 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 21 Mar 2008 22:37:13 -0700 (PDT) Received: from michelle.cdnetworks.co.kr (localhost.cdnetworks.co.kr [127.0.0.1]) by michelle.cdnetworks.co.kr (8.13.5/8.13.5) with ESMTP id m2M5b8tl075507 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 22 Mar 2008 14:37:08 +0900 (KST) (envelope-from pyunyh@gmail.com) Received: (from yongari@localhost) by michelle.cdnetworks.co.kr (8.13.5/8.13.5/Submit) id m2M5b69w075506; Sat, 22 Mar 2008 14:37:06 +0900 (KST) (envelope-from pyunyh@gmail.com) Date: Sat, 22 Mar 2008 14:37:06 +0900 From: Pyun YongHyeon To: Giulio Ferro Message-ID: <20080322053706.GC74996@cdnetworks.co.kr> References: <20080314001704.GA22788@cdnetworks.co.kr> <47DA4DCD.6050304@zirakzigil.org> <20080314101555.GF22788@cdnetworks.co.kr> <47DA682E.9010504@zirakzigil.org> <20080314122708.GG22788@cdnetworks.co.kr> <47DA9BC0.8030205@zirakzigil.org> <20080317043945.GA2503@cdnetworks.co.kr> <47E298BD.7050807@zirakzigil.org> <20080320235420.GA70708@cdnetworks.co.kr> <47E3B7F8.40307@zirakzigil.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47E3B7F8.40307@zirakzigil.org> User-Agent: Mutt/1.4.2.1i Cc: Andrew Thompson , freebsd-net@freebsd.org Subject: Re: VLAN trunking and fragmentation X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: pyunyh@gmail.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 05:37:15 -0000 On Fri, Mar 21, 2008 at 02:28:24PM +0100, Giulio Ferro wrote: > Pyun YongHyeon wrote: > > > > > > # ping -s 2000 192.168.100.2 > > > PING 192.168.100.2 (192.168.100.2): 2000 data bytes > > > 2008 bytes from 192.168.100.2: icmp_seq=0 ttl=64 time=0.264 ms > > > 2008 bytes from 192.168.100.2: icmp_seq=1 ttl=64 time=1001.186 ms > > > >[...] > > > > > 2008 bytes from 192.168.100.2: icmp_seq=41 ttl=64 time=0.181 ms > > > > > > > > > > > > It would be great if you could understand why this happens... > > > > > > >Try set tunable hw.re.msi_disable and let me know how it goes. > >(Add hw.re.msi_disable="1" to /boot/loader.conf) > > > > > You're spot on! > > ---------------------------------- > # ping -c 200 -s 1472 192.168.100.2 > PING 192.168.100.2 (192.168.100.2): 1472 data bytes > 1480 bytes from 192.168.100.2: icmp_seq=0 ttl=64 time=0.192 ms > 1480 bytes from 192.168.100.2: icmp_seq=1 ttl=64 time=0.151 ms > 1480 bytes from 192.168.100.2: icmp_seq=2 ttl=64 time=0.155 ms > 1480 bytes from 192.168.100.2: icmp_seq=3 ttl=64 time=0.150 ms > 1480 bytes from 192.168.100.2: icmp_seq=4 ttl=64 time=0.151 ms > 1480 bytes from 192.168.100.2: icmp_seq=5 ttl=64 time=0.149 ms > 1480 bytes from 192.168.100.2: icmp_seq=6 ttl=64 time=0.153 ms > 1480 bytes from 192.168.100.2: icmp_seq=7 ttl=64 time=0.149 ms > [...] > --- 192.168.100.2 ping statistics --- > 200 packets transmitted, 200 packets received, 0.0% packet loss > round-trip min/avg/max/stddev = 0.148/0.159/1.472/0.093 ms > ---------------------------------- > > What does that tunable do? > That tunable disables the use of MSI which is believed to be preferred way to deliver interrtups on recent hardwares that supports MSI. But it seems that some variants of RealTek hardware doesn't seem to work correctly with MSI. -- Regards, Pyun YongHyeon From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 13:27:22 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CF656106564A for ; Sat, 22 Mar 2008 13:27:22 +0000 (UTC) (envelope-from hlh@restart.be) Received: from tignes.restart.be (unknown [IPv6:2001:41d0:1:2ad2::1]) by mx1.freebsd.org (Postfix) with ESMTP id 59F8D8FC17 for ; Sat, 22 Mar 2008 13:27:22 +0000 (UTC) (envelope-from hlh@restart.be) Received: from restart.be (avoriaz.tunnel.bel [IPv6:2001:41d0:1:2ad2::fffe:0]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "avoriaz.restart.be", Issuer "CA master" (verified OK)) by tignes.restart.be (Postfix) with ESMTPS id 2FEBE1BAC11 for ; Sat, 22 Mar 2008 14:27:21 +0100 (CET) Received: from morzine.restart.bel (morzine6.restart.bel [IPv6:2001:41d0:1:2ad2::1:2]) (authenticated bits=0) by restart.be (8.14.2/8.14.2) with ESMTP id m2MDRIdD082844 for ; Sat, 22 Mar 2008 14:27:18 +0100 (CET) (envelope-from hlh@restart.be) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=restart.be; s=avoriaz; t=1206192440; bh=rOpnuOLnOzAWhP4Ox4gF2Xx609Vdb+biKJ3Hpm2 YfeU=; h=DomainKey-Signature:Message-ID:Date:From:Organization: User-Agent:MIME-Version:To:Subject:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:X-Scanned-By; b=aRxpCiTXLeN vvB2GQ9BLpUAfsDusZ+W3FyHFw1/l9NW5B9zgGXrrKT5Ps3ocy7mhfFYs/Q3qkgfwtY yeyVwp4Q== DomainKey-Signature: a=rsa-sha1; s=avoriaz; d=restart.be; c=nofws; q=dns; h=message-id:date:from:organization:user-agent:mime-version:to: subject:references:in-reply-to:content-type: content-transfer-encoding:x-scanned-by; b=ZKoIDudMLs0Qku3pQl/7YzpxScXEs86gOMPIUWvGtiPQ6ZmAlv11u4NR7oDzsBPkg ttqABoFYZRW8+NbsBiX6g== Message-ID: <47E50936.1010405@restart.be> Date: Sat, 22 Mar 2008 14:27:18 +0100 From: Henri Hennebert Organization: RestartSoft User-Agent: Thunderbird 2.0.0.12 (X11/20080316) MIME-Version: 1.0 To: freebsd-net@freebsd.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.63 on IPv6:2001:41d0:1:2ad2::1:1 Subject: Re: natd port forward times out, tcpdump yields nothing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 13:27:22 -0000 Kage wrote: > Hey guys, > > This is a fun one that's stumped people in Freenode ##freebsd. > Basically, I have this layout: > > irc.domain.com -> DNS A -> IRC Jail > > When someone connects to irc.domain.com on IRC ports (6667, 8067, > etc.), it round-robins them using natd, otherwise it sends all other > port requests to the IRC jail as per normal (such as port 80, which is > my primary concern). As for having it setup to have ipfw divert to > natd, that's done and works, as shown by natd verbose mode: > > In {default}[TCP] [TCP] 72.65.73.23:2980 -> 207.210.114.45:6667 aliased to > [TCP] 72.65.73.23:2980 -> 207.210.114.45:6667 > > (For reference) > 207.210.114.45 = jail IP > 72.20.28.202 = example target IP in the round-robin > 72.65.73.23 = my IP > > Right now, my ipfw.rules file is as follows: > > [root@nub /etc]# cat ipfw.rules > IPF="ipfw -q add" > ipfw -f -q flush > > #loopback > $IPF 10 allow all from any to any via lo0 > $IPF 20 deny all from any to 127.0.0.0/8 > $IPF 30 deny all from 127.0.0.0/8 to any > $IPF 40 deny tcp from any to any frag > > # statefull > $IPF 50 check-state > $IPF 60 allow tcp from any to any established > $IPF 70 allow all from any to any out keep-state > $IPF 54999 allow icmp from any to any > > # Include the deny file > . /etc/ipfw.deny > > [snip -- some allowed ports] > # IRC (natd divert for IRC port-forwarding > $IPF 50220 divert natd all from any to 207.210.114.45 6667 via rl0 > $IPF 50230 divert natd all from any to 207.210.114.45 8067 via rl0 > $IPF 50240 divert natd all from any to 207.210.114.45 8068 via rl0 > $IPF 50250 divert natd all from any to 207.210.114.45 6697 via rl0 > $IPF 50260 divert natd all from any to 207.210.114.45 7000 via rl0 You must also divert the response trafic AFAIK eg: $IPF 50220 divert natd all from 72.20.28.202 6667 to 207.210.114.45 via rl0 > # keep these two IRC ports normally open for BNC > $IPF 50270 allow all from any to any 31337 in > $IPF 50380 allow all from any to any 31337 out > [snip -- more allowed ports] > # deny and log everything > $IPF 55000 deny log all from any to any > > ----- > > Here's a dump of ipfw show, with some stuff cut out for space purposes > (they're just denied DDoS IPs) > > [root@nub /etc]# ipfw show > 00010 61124 16056802 allow ip from any to any via lo0 > 00020 0 0 deny ip from any to 127.0.0.0/8 > 00030 0 0 deny ip from 127.0.0.0/8 to any > 00040 0 0 deny tcp from any to any frag > 00050 0 0 check-state > 00060 670616 455926379 allow tcp from any to any established > 00070 16213 14071853 allow ip from any to any out keep-state > [snip] > 50220 468 22464 divert 8668 ip from any to 207.210.114.45 > dst-port 6667 via rl0 > 50230 0 0 divert 8668 ip from any to 207.210.114.45 > dst-port 8067 via rl0 > 50240 0 0 divert 8668 ip from any to 207.210.114.45 > dst-port 8068 via rl0 > 50250 0 0 divert 8668 ip from any to 207.210.114.45 > dst-port 6697 via rl0 > 50260 0 0 divert 8668 ip from any to 207.210.114.45 > dst-port 7000 via rl0 > 50270 1 60 allow ip from any to any dst-port 31337 in > 54999 66 3991 allow icmp from any to any > 55000 4364 343609 deny log logamount 100 ip from any to any > 65535 29 4176 allow ip from any to any > > My natd.conf is as follows: > > [root@nub /etc]# cat natd.conf > # Nub.Core NATd > verbose > alias_address 207.210.114.45 > log > log_denied > log_ipfw_denied > pid_file /var/run/natd.pid > > > ### IRC Redirect Ports > # 6667 If I understand man natd > redirect_port tcp 72.20.28.202:6667 207.210.114.45:6667 207.210.114.45:6667 ^^^^^^^^^^^^^ Trafic is comming from 72.65.73.23 - so the rule don't apply > [root@nub /etc]# > > And, as stated above, I am showing connection diverts to natd. When I > run the following three tcpdumps: > > tcpdump -s 0 -w me_to_nat.pcap -vvv -i rl0 src host 72.65.73.23 and > dst host 207.210.114.45 and dst port 6667 > tcpdump -s 0 -w nat_to_jail.pcap -vvv -i rl0 src host 72.20.28.202 and > dst host 207.210.114.45 and dst port 6667 > tcpdump -s 0 -w jail_to_nat.pcap -vvv -i rl0 src host 207.210.114.45 > and dst host 72.20.28.202 and src port 6667 > > Only the "me_to_nat.pcap" gets any data. The rest are 0 bytes. Example: > > -rw-r--r-- 1 root wheel 0 Mar 21 14:57 jail_to_nat.pcap > -rw-r--r-- 1 root wheel 16384 Mar 21 15:24 me_to_nat.pcap > -rw-r--r-- 1 root wheel 0 Mar 21 14:57 nat_to_jail.pcap > > So, can anyone diagnose and fix this? Thanks. > > (P.S.: I'm aware of the DNS methods of doing round-robin, but please > keep that from this discussion. I need to port-forward round-robin, > not whole DNS) > From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 15:04:00 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A44521065671 for ; Sat, 22 Mar 2008 15:04:00 +0000 (UTC) (envelope-from brett@lariat.net) Received: from lariat.net (lariat.net [66.119.58.2]) by mx1.freebsd.org (Postfix) with ESMTP id 3CC568FC1E for ; Sat, 22 Mar 2008 15:04:00 +0000 (UTC) (envelope-from brett@lariat.net) Received: from anne-o1dpaayth1.lariat.org (IDENT:ppp1000.lariat.net@lariat.net [66.119.58.2]) by lariat.net (8.9.3/8.9.3) with ESMTP id JAA17438; Sat, 22 Mar 2008 09:03:56 -0600 (MDT) Message-Id: <200803221503.JAA17438@lariat.net> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Sat, 22 Mar 2008 09:03:52 -0600 To: "Ermal Luçi" From: Brett Glass In-Reply-To: <9a542da30803211550s2ae854f7p23405b64f0c43f9c@mail.gmail.co m> References: <200803211547.JAA28265@lariat.net> <9a542da30803211550s2ae854f7p23405b64f0c43f9c@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Cc: net@freebsd.org Subject: Re: GRE Mux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 15:04:00 -0000 At 04:50 PM 3/21/2008, Ermal Luçi wrote: >ng_gif_demux does the same it shouldn't be to hard to come with >something similar for pptp. >If you find the time and do it please share. If I do it, I certainly will. I'd need to work with the developers of mpd to make sure that the two would work together. The main disadvantage of doing this as a netgraph node rather than as a direct kernel hack is that other PPTP implementations would not be able to use the netgraph node without massive recoding. If it was set up more like an ordinary UDP "listen", it would have wider applicability and it would be easy to create a netgraph stub for it. --Brett Glass From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 15:25:11 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 301E71065685; Sat, 22 Mar 2008 15:25:11 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from mail.farley.org (farley.org [67.64.95.201]) by mx1.freebsd.org (Postfix) with ESMTP id DA7D78FC4F; Sat, 22 Mar 2008 15:25:10 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from thor.farley.org (thor.farley.org [192.168.1.5]) by mail.farley.org (8.14.2/8.14.2) with ESMTP id m2MFP6YX044330; Sat, 22 Mar 2008 10:25:06 -0500 (CDT) (envelope-from scf@FreeBSD.org) Date: Sat, 22 Mar 2008 10:25:06 -0500 (CDT) From: "Sean C. Farley" To: Doug Barton In-Reply-To: <47E351A1.1020501@FreeBSD.org> Message-ID: References: <47E2C7E4.6070800@FreeBSD.org> <47E351A1.1020501@FreeBSD.org> User-Agent: Alpine 1.10 (BSF 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on mail.farley.org Cc: freebsd-net@FreeBSD.org Subject: Re: /etc/exports and IPv6 networks X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 15:25:11 -0000 On Thu, 20 Mar 2008, Doug Barton wrote: > Sean C. Farley wrote: >> On Thu, 20 Mar 2008, Doug Barton wrote: >> >>> Folks, >>> >>> I spent a fair amount of time today reading through the man pages >>> and source code and could not find any way of specifying an IPv6 >>> network in /etc/exports as you can with v4 and -network/-netmask. Am >>> I missing something? If not, is this an update that is on someone's >>> list somewhere? >> >> Something like this has worked for me: >> /usr -maproot=root -network AAAA:BBBB:CCCC:DDDD:EEEE:: -mask ::0 > > I confess that's one combination I didn't think to try, and it did > work, thanks! Care to add that to the man page? You are welcome. I forgot how I found how to do, but it did take a good deal of searching before I found it. Yes, I will write an addition to the man page in a couple of days. That way I will not lose it. :) >> One thing I have run into was that an install of a kernel over NFS >> using IPv6 can stall the mount. I have not had time to look into it, >> so I do not know what exactly triggers it (number of bytes or >> files?). It has always been while copying a kernel module. > > Wacky. Is this still true after the recent (before the 7.0 branch) > work to make v6 stuff "work the same way as" v4 stuff? As of March 14th, RELENG_7 still exhibited it for me. Sean -- scf@FreeBSD.org From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 20:42:50 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5BC6B1065671 for ; Sat, 22 Mar 2008 20:42:50 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outD.internet-mail-service.net (outd.internet-mail-service.net [216.240.47.227]) by mx1.freebsd.org (Postfix) with ESMTP id 3DBBE8FC14 for ; Sat, 22 Mar 2008 20:42:50 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Sat, 22 Mar 2008 13:47:38 -0700 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id D938C2D6026; Sat, 22 Mar 2008 13:42:48 -0700 (PDT) Message-ID: <47E56F47.7010908@elischer.org> Date: Sat, 22 Mar 2008 13:42:47 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213) MIME-Version: 1.0 To: ext Brett Glass References: <200803211547.JAA28265@lariat.net> <47E40130.1000901@elischer.org> <200803212033.OAA03723@lariat.net> In-Reply-To: <200803212033.OAA03723@lariat.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: net@freebsd.org Subject: Re: GRE Mux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 20:42:50 -0000 ext Brett Glass wrote: > At 12:40 PM 3/21/2008, Julian Elischer wrote: > >> if it takes you more than 1 day to write a netgraph function to do it you are taking too many coffee breaks. > > It might be possible to do it, but (a) it would break the interface to mpd > and (b) if it it would not help other apps (e.g. pptpd). It would be nice > to make both mpd and pptpd work properly with it.... mpd can attach to arbitrary netgraph things... > --Brett Glass > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 21:50:07 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C69A61065670 for ; Sat, 22 Mar 2008 21:50:07 +0000 (UTC) (envelope-from citrin@citrin.ru) Received: from mail-chaos.rambler.ru (mail-chaos.rambler.ru [81.19.68.130]) by mx1.freebsd.org (Postfix) with ESMTP id 8D4588FC26 for ; Sat, 22 Mar 2008 21:50:07 +0000 (UTC) (envelope-from citrin@citrin.ru) Received: from [192.168.1.34] (unknown [83.167.116.128]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: citrin@citrin.ru) by mail-chaos.rambler.ru (Postfix) with ESMTPSA id 86F231704A for ; Sun, 23 Mar 2008 00:39:35 +0300 (MSK) Message-ID: <47E57C8F.4090602@citrin.ru> Date: Sun, 23 Mar 2008 00:39:27 +0300 From: Anton Yuzhaninov User-Agent: Thunderbird 2.0.0.12 (Windows/20080213) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 7bit Subject: re TSO: data corruption X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 21:50:07 -0000 When TSO enabled on my re NIC, data transferred via network corrupted. It easy to reproduce using scp: citrin:~>scp some_file.tar.bz2 some_host: .. Received disconnect from 10.10.10.100: 2: Corrupted MAC on input. lost connection And same when data transferred to any other host. re0: flags=8843 metric 0 mtu 1500 options=399b ether 00:1a:4d:2d:82:6e inet 10.10.10.101 netmask 0xfffffe00 broadcast 10.10.10.255 media: Ethernet autoselect (100baseTX ) status: active re0@pci0:2:5:0: class=0x020000 card=0xe0001458 chip=0x816710ec rev=0x10 hdr=0x00 vendor = 'Realtek Semiconductor' device = 'RTL8169/8110 Family Gigabit Ethernet NIC' class = network subclass = ethernet Known workaround: ifconfig re0 -tso May be TSO should be disabled by default? System is fresh: FreeBSD 8.0-CURRENT #7: Sat Mar 22 20:59:10 MSK 2008 amd64 -- WBR, Anton Yuzhaninov From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 21:53:47 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DC8F7106566C for ; Sat, 22 Mar 2008 21:53:47 +0000 (UTC) (envelope-from kip.macy@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.171]) by mx1.freebsd.org (Postfix) with ESMTP id BAA5B8FC16 for ; Sat, 22 Mar 2008 21:53:47 +0000 (UTC) (envelope-from kip.macy@gmail.com) Received: by wf-out-1314.google.com with SMTP id 25so2289810wfa.7 for ; Sat, 22 Mar 2008 14:53:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=4ta1f2LJu7lI+YnWxMS+hmdgwMCwEp6fFHilGmOmBuI=; b=GKzn1UqPjuWvymTAzZ2cqxw1/Gkcjgkx7Lo6aHvCJGrRB60PWAk9yivQ8iAve/9DArF62qx07ij8JzwiQea9DE4BeYbRnTl5JPEs9IXrl88XLB9NCBqwIl1n9y0u+0IKdVS8e3SWdneRiiRFmRc7Cg1Vx6VppvuQj5yo5Sfps+k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=YScoeoJCTvt0ip9j/FRWTwssxtANzK0XwXE7msDaYXa1ZpD/ioGSjf79Otu3stgFymXovzdtkNfzV9Pvyttvfu2jKdhInlIytKGEdifhPOZ5jwkjva1LU+3/yi5LCHp4CeEWcTKhSDp9mOYpoEypL5OXIE2BeXkdJUdTDb/i37g= Received: by 10.114.149.2 with SMTP id w2mr8747684wad.29.1206222826990; Sat, 22 Mar 2008 14:53:46 -0700 (PDT) Received: by 10.115.22.10 with HTTP; Sat, 22 Mar 2008 14:53:46 -0700 (PDT) Message-ID: Date: Sat, 22 Mar 2008 14:53:46 -0700 From: "Kip Macy" To: "Anton Yuzhaninov" In-Reply-To: <47E57C8F.4090602@citrin.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47E57C8F.4090602@citrin.ru> Cc: freebsd-net@freebsd.org Subject: Re: re TSO: data corruption X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 21:53:48 -0000 On Sat, Mar 22, 2008 at 2:39 PM, Anton Yuzhaninov wrote: > When TSO enabled on my re NIC, data transferred via network corrupted. > > It easy to reproduce using scp: > > citrin:~>scp some_file.tar.bz2 some_host: > > .. > Received disconnect from 10.10.10.100: 2: Corrupted MAC on input. > lost connection > > And same when data transferred to any other host. > > re0: flags=8843 metric 0 mtu 1500 > options=399b > ether 00:1a:4d:2d:82:6e > inet 10.10.10.101 netmask 0xfffffe00 broadcast 10.10.10.255 > media: Ethernet autoselect (100baseTX ) > status: active > > re0@pci0:2:5:0: class=0x020000 card=0xe0001458 chip=0x816710ec rev=0x10 hdr=0x00 > vendor = 'Realtek Semiconductor' > device = 'RTL8169/8110 Family Gigabit Ethernet NIC' > class = network > subclass = ethernet > > Known workaround: > ifconfig re0 -tso > > May be TSO should be disabled by default? > On anything coming from Realtek? Probably. Certainly not in general. -Kip From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 23:25:55 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4F112106566B for ; Sat, 22 Mar 2008 23:25:55 +0000 (UTC) (envelope-from artemb@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.182]) by mx1.freebsd.org (Postfix) with ESMTP id 11E758FC13 for ; Sat, 22 Mar 2008 23:25:54 +0000 (UTC) (envelope-from artemb@gmail.com) Received: by py-out-1112.google.com with SMTP id u52so3044005pyb.10 for ; Sat, 22 Mar 2008 16:25:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=95uLDqww0gvZ3hXBd4SfjIrIXveJHA69C07ak3nv404=; b=qcTWzzi7eFLoAYwSJLfmGriq6hM1nvRCSTY547v6EnBVLfGI3K6dZ52tm49SE4nxe1hh6fKzEVPvOYJ9Fw2pbbQZkFG5Xe2K48vs7PmPyxabkM9FTz8lM23qpoYvyMtt1C531wJMOa+kU0I0ndG4628UYv3ld3Qv6q+EK4kjRPs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=Mu0Rs7QtIaqWUZq9PGN4fIo23i3tZD9kcCd8reWv1XT4eG/kc0CnYLZI+cWyQ9a7VZu/qfbU1NpdkSKQw10wV8ZQLPbPmoIPqMIoVgbNXsfdDsA67QofhkDTJBhNSXkwePYf1bq5rhHy+cfQLetmiyj7hX+XdqGkuwRzOU2VvRA= Received: by 10.64.185.18 with SMTP id i18mr9841649qbf.29.1206226910962; Sat, 22 Mar 2008 16:01:50 -0700 (PDT) Received: by 10.65.224.20 with HTTP; Sat, 22 Mar 2008 16:01:50 -0700 (PDT) Message-ID: Date: Sat, 22 Mar 2008 16:01:50 -0700 From: "Artem Belevich" Sender: artemb@gmail.com To: freebsd-net@freebsd.org, "Anton Yuzhaninov" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47E57C8F.4090602@citrin.ru> X-Google-Sender-Auth: f80492c31b1284f2 Cc: Subject: Re: re TSO: data corruption X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 23:25:55 -0000 TSO does seem to be broken on Realtek adapters. I ran into it on Windows, went googling and found that I'm not the only one suffering: http://blogs.zdnet.com/Ou/?p=663 http://www.mail-archive.com/netdev@vger.kernel.org/msg56764.html --Artem On 3/22/08, Kip Macy wrote: > > Known workaround: > > ifconfig re0 -tso > > > > May be TSO should be disabled by default? > > > On anything coming from Realtek? Probably. Certainly not in general. > -Kip From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 23:31:23 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 80031106566C for ; Sat, 22 Mar 2008 23:31:23 +0000 (UTC) (envelope-from brett@lariat.net) Received: from lariat.net (lariat.net [66.119.58.2]) by mx1.freebsd.org (Postfix) with ESMTP id 16E1E8FC21 for ; Sat, 22 Mar 2008 23:31:22 +0000 (UTC) (envelope-from brett@lariat.net) Received: from anne-o1dpaayth1.lariat.org (IDENT:ppp1000.lariat.net@lariat.net [66.119.58.2]) by lariat.net (8.9.3/8.9.3) with ESMTP id RAA23225; Sat, 22 Mar 2008 17:31:17 -0600 (MDT) Message-Id: <200803222331.RAA23225@lariat.net> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Sat, 22 Mar 2008 17:31:15 -0600 To: Julian Elischer From: Brett Glass In-Reply-To: <47E56F47.7010908@elischer.org> References: <200803211547.JAA28265@lariat.net> <47E40130.1000901@elischer.org> <200803212033.OAA03723@lariat.net> <47E56F47.7010908@elischer.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Cc: net@freebsd.org Subject: Re: GRE Mux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 23:31:23 -0000 At 02:42 PM 3/22/2008, Julian Elischer wrote: >mpd can attach to arbitrary netgraph things... Yes, it can; however, there's no way in its configuration language to say, "set up a PPTP connection, but let this netgraph node do the demultiplexing." (Or, better, let the kernel do the demultiplexing.) So, mpd would need to be modified so that when you told it to set up a pptp server, it did the right thing. Not hard, I'm sure, but it would need to be coordinated. --Brett From owner-freebsd-net@FreeBSD.ORG Sat Mar 22 23:53:40 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E1763106566B for ; Sat, 22 Mar 2008 23:53:40 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.243]) by mx1.freebsd.org (Postfix) with ESMTP id 998428FC2F for ; Sat, 22 Mar 2008 23:53:40 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so730032anc.13 for ; Sat, 22 Mar 2008 16:53:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=rl8gHYV2wR5UcKpzAN0cPdJsZN0gcR8ZJswj1KuOKI4=; b=XncoLZrgfSfA1lQ+Vdy4Zi7aFsL3Rjh9rDKZIw8LzCQxZA50ePfwZfiBur/60fa8+/gHC/u6b2K5q/rFx2zJ+suzja+W9i3tJjX06gDY2rhQCQR9R98OF2tF2gjfD3iH4Yly7vPhMJgXPWKNG3Uij6Bzt2UR3zWDxIorpF5ew/M= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=LUTLlhHZot7c1wltKLhiMC0RX0dipJmYC7go4fRMA0WN9U6rEoliQC+yqHwlehB1jFJToAYJvJAtsqMx8dtRT6BYtwA2XNWp7FoIKGWlx/ckD1SqTrg4/Geg+pWyg7amxT6W4A9JZU6m0yYiu5A3KlUZfAc2CXJTeP45RyyhWLc= Received: by 10.100.43.13 with SMTP id q13mr13452173anq.74.1206230005746; Sat, 22 Mar 2008 16:53:25 -0700 (PDT) Received: by 10.100.240.5 with HTTP; Sat, 22 Mar 2008 16:53:25 -0700 (PDT) Message-ID: <9a542da30803221653k2dbb9ca8ua992021ffb56a539@mail.gmail.com> Date: Sun, 23 Mar 2008 00:53:25 +0100 From: "=?ISO-8859-1?Q?Ermal_Lu=E7i?=" To: "Brett Glass" In-Reply-To: <200803222331.RAA23225@lariat.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200803211547.JAA28265@lariat.net> <47E40130.1000901@elischer.org> <200803212033.OAA03723@lariat.net> <47E56F47.7010908@elischer.org> <200803222331.RAA23225@lariat.net> Cc: Julian Elischer , net@freebsd.org Subject: Re: GRE Mux X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Mar 2008 23:53:41 -0000 On Sun, Mar 23, 2008 at 12:31 AM, Brett Glass wrote: > At 02:42 PM 3/22/2008, Julian Elischer wrote: > > >mpd can attach to arbitrary netgraph things... > > Yes, it can; however, there's no way in its configuration language > to say, "set up a PPTP connection, but let this netgraph node do the > demultiplexing." (Or, better, let the kernel do the demultiplexing.) > So, mpd would need to be modified so that when you told it to set up > a pptp server, it did the right thing. Not hard, I'm sure, but it would > need to be coordinated. It is just a matter of connecting the right hooks, no?! > > --Brett > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >