From owner-freebsd-net@FreeBSD.ORG Sun May 11 02:52:30 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 80B7237B401 for ; Sun, 11 May 2003 02:52:30 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5358243FDF for ; Sun, 11 May 2003 02:52:29 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from katana.zip.com.au (katana.zip.com.au [61.8.7.246]) by mailman.zeta.org.au (8.9.3p2/8.8.7) with ESMTP id TAA05409; Sun, 11 May 2003 19:52:12 +1000 Date: Sun, 11 May 2003 19:52:10 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Don Bowman In-Reply-To: Message-ID: <20030511190918.H74932@gamplex.bde.org> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: RE: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2003 09:52:30 -0000 On Sat, 10 May 2003, Don Bowman wrote: [accounting for the details of idle time] > > The former. It's hard for it to work better without wasting too many > > cycles for the accounting. In RELENG_4, everything done in the "idle" > > loop is counted as idle time using the single counter > > cp_time[CP_IDLE]. > > This is very efficient. > > I tried this on my system, but I still end up with 0 system time. Did you try my hack? > Does the machdep.cpu_idle_hlt=1 have any affect on this? No. However, counting the halted time separately would give another indication of fully idle time (if this sysctl variable is set). On waking up from the halted state, the CPU has to check if there is something to run. This can be considered as useful work and counted as system time. However, if we don't halt then we have to mostly just spin doing the check, and this must be considered as unuseful work. > I'm passing 1Gbps each way through a bridge (e.g. 1Gbps in > and 1Gbps out each of 2 interfaces), and I have 88.4% idle. > This is admittedly on a pretty fast processor, a 2x2.8GHz XEON. I don't quite believe that it could have 88.4% fully idle. Bruce From owner-freebsd-net@FreeBSD.ORG Sun May 11 08:44:30 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9D60237B401 for ; Sun, 11 May 2003 08:44:30 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id E0E1343F93 for ; Sun, 11 May 2003 08:44:29 -0700 (PDT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Sun, 11 May 2003 11:44:29 -0400 Message-ID: From: Don Bowman To: 'Bruce Evans' , Don Bowman Date: Sun, 11 May 2003 11:44:28 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" cc: freebsd-net@freebsd.org Subject: RE: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2003 15:44:30 -0000 From: Bruce Evans [mailto:bde@zeta.org.au] > On Sat, 10 May 2003, Don Bowman wrote: > > [accounting for the details of idle time] > > > > The former. It's hard for it to work better without > wasting too many > > > cycles for the accounting. In RELENG_4, everything done > in the "idle" > > > loop is counted as idle time using the single counter > > > cp_time[CP_IDLE]. > > > This is very efficient. > > > > I tried this on my system, but I still end up with 0 system time. > > Did you try my hack? I tried the hack, as below. The other thing that makes idle wildly inaccurate is the symmetric multi-threading on the xeon (aka hyperthreading). Index: kern_clock.c =================================================================== RCS file: /usr/cvs/src/sys/kern/kern_clock.c,v retrieving revision 1.105.2.9.1000.2 diff -U3 -r1.105.2.9.1000.2 kern_clock.c --- kern_clock.c 13 Feb 2003 23:05:58 -0000 1.105.2.9.1000.2 +++ kern_clock.c 10 May 2003 23:41:47 -0000 @@ -68,6 +68,7 @@ #endif #ifdef DEVICE_POLLING +extern int in_polling; extern void init_device_poll(void); extern void hardclock_device_poll(void); #endif /* DEVICE_POLLING */ @@ -550,6 +551,11 @@ } else if (p != NULL) { p->p_sticks++; cp_time[CP_SYS]++; +#if defined(DEVICE_POLLING) + } else if (in_polling) { + p->p_sticks++; + cp_time[CP_SYS]++; +#endif } else cp_time[CP_IDLE]++; } Index: kern_poll.c =================================================================== RCS file: /usr/cvs/src/sys/kern/kern_poll.c,v retrieving revision 1.2.2.4.1000.1 diff -U3 -r1.2.2.4.1000.1 kern_poll.c --- kern_poll.c 10 Feb 2003 16:49:19 -0000 1.2.2.4.1000.1 +++ kern_poll.c 10 May 2003 23:37:11 -0000 @@ -54,6 +54,8 @@ void ether_poll(int); /* polling while in trap */ int idle_poll(void); /* poll while in idle loop */ +int in_polling; + /* * Polling support for [network] device drivers. * @@ -268,11 +270,13 @@ { if (poll_in_idle_loop && poll_handlers > 0) { int s = splimp(); + in_polling = 1; enable_intr(); ether_poll(poll_each_burst); disable_intr(); splx(s); vm_page_zero_idle(); + in_polling = 0; return 1; } else return vm_page_zero_idle(); From owner-freebsd-net@FreeBSD.ORG Sun May 11 08:57:27 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7362637B401 for ; Sun, 11 May 2003 08:57:27 -0700 (PDT) Received: from server2.stileproject.com (server2-a.dragondata.com [64.202.112.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id ABC7043FAF for ; Sun, 11 May 2003 08:57:26 -0700 (PDT) (envelope-from toasty@dragondata.com) Received: from KEVIN-AW.dragondata.com (localhost [127.0.0.1]) h4BFvwUE002501; Sun, 11 May 2003 10:57:58 -0500 (CDT) (envelope-from toasty@dragondata.com) Message-Id: <5.2.0.9.2.20030511105600.037dfec8@127.0.0.1> X-Sender: toasty@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Sun, 11 May 2003 10:57:25 -0500 To: Don Bowman From: Kevin Day In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by amavisd-new cc: freebsd-net@freebsd.org Subject: RE: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2003 15:57:27 -0000 At 10:44 AM 5/11/2003, you wrote: >I tried the hack, as below. The other thing that makes idle >wildly inaccurate is the symmetric multi-threading on the xeon >(aka hyperthreading). Smack me if I'm wrong, but you can't compile the kernel with DEVICE_POLLING active at the same time as SMP. Without SMP you don't get any of the advantages/effects of HTT. (or has polling been made to play nice with SMP in -current?) -- Kevin From owner-freebsd-net@FreeBSD.ORG Sun May 11 09:05:25 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E013037B404 for ; Sun, 11 May 2003 09:05:25 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id A6BCA43FF3 for ; Sun, 11 May 2003 09:05:24 -0700 (PDT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Sun, 11 May 2003 12:05:24 -0400 Message-ID: From: Don Bowman To: 'Kevin Day' , Don Bowman Date: Sun, 11 May 2003 12:05:23 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" cc: freebsd-net@freebsd.org Subject: RE: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2003 16:05:26 -0000 From: Kevin Day [mailto:toasty@dragondata.com] > At 10:44 AM 5/11/2003, you wrote: > >I tried the hack, as below. The other thing that makes idle > >wildly inaccurate is the symmetric multi-threading on the xeon > >(aka hyperthreading). > > Smack me if I'm wrong, but you can't compile the kernel with > DEVICE_POLLING > active at the same time as SMP. Without SMP you don't get any of the > advantages/effects of HTT. > > (or has polling been made to play nice with SMP in -current?) DEVICE_POLLING actually works fine with SMP, there was just some question as to whether it was the best way to make use of the SMP. I just removed the #error in kern_poll.c in the #ifdef SMP case. --don From owner-freebsd-net@FreeBSD.ORG Sun May 11 09:15:55 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 022F737B401 for ; Sun, 11 May 2003 09:15:55 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7ED0F43FEC for ; Sun, 11 May 2003 09:15:54 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h4BGFgQg064330; Sun, 11 May 2003 09:15:42 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h4BGFga3064329; Sun, 11 May 2003 09:15:42 -0700 (PDT) (envelope-from rizzo) Date: Sun, 11 May 2003 09:15:42 -0700 From: Luigi Rizzo To: Don Bowman Message-ID: <20030511091542.A59848@xorpc.icir.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from don@sandvine.com on Sun, May 11, 2003 at 12:05:23PM -0400 cc: freebsd-net@freebsd.org Subject: Re: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2003 16:15:55 -0000 On Sun, May 11, 2003 at 12:05:23PM -0400, Don Bowman wrote: > From: Kevin Day [mailto:toasty@dragondata.com] > > At 10:44 AM 5/11/2003, you wrote: > > >I tried the hack, as below. The other thing that makes idle > > >wildly inaccurate is the symmetric multi-threading on the xeon > > >(aka hyperthreading). > > > > Smack me if I'm wrong, but you can't compile the kernel with > > DEVICE_POLLING > > active at the same time as SMP. Without SMP you don't get any of the > > advantages/effects of HTT. > > > > (or has polling been made to play nice with SMP in -current?) > > DEVICE_POLLING actually works fine with SMP, there was just > some question as to whether it was the best way to make use > of the SMP. I just removed the #error in kern_poll.c in the > #ifdef SMP case. Interesting! Well, let's see: The polling code (including the code that schedules the cpu between kernel and userland) is written upon the assumption that only one polling loop is active. Now, because polling can occur in the idle loop or right after hardclock, and there are multiple concurrent idle_loops in the SMP cases, and the locking is just not there. Probably, the reason it works for you is that likely there is only one instance of hardclock handler, _and_ the idle_loop code is different for the UP and SMP cases, and I only provided polling hooks for the former. So you are limited to doing polling only in the assigned fraction of CPU, and the CPU(s) will not use any extra CPU for polling even if available. cheers luigi > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sun May 11 09:22:48 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6EE8E37B401 for ; Sun, 11 May 2003 09:22:48 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id BCFA343FCB for ; Sun, 11 May 2003 09:22:47 -0700 (PDT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Sun, 11 May 2003 12:22:47 -0400 Message-ID: From: Don Bowman To: 'Luigi Rizzo' , Don Bowman Date: Sun, 11 May 2003 12:22:46 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" cc: freebsd-net@freebsd.org Subject: RE: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2003 16:22:48 -0000 From: Luigi Rizzo [mailto:rizzo@icir.org] > [Polling in SMP case] > > Interesting! Well, let's see: > > The polling code (including the code that schedules the cpu > between kernel and userland) is written upon the assumption > that only one > polling loop is active. Now, because polling can occur in the idle > loop or right after hardclock, and there are multiple concurrent > idle_loops in the SMP cases, and the locking is just not there. > > Probably, the reason it works for you is that likely there is only > one instance of hardclock handler, _and_ the idle_loop code is > different for the UP and SMP cases, and I only provided polling > hooks for the former. So you are limited to doing polling only in > the assigned fraction of CPU, and the CPU(s) will not use any extra > CPU for polling even if available. I think since idle_poll does: int idle_poll(void) { if (poll_in_idle_loop && poll_handlers > 0) { int s = splimp(); in_polling = 1; enable_intr(); ether_poll(poll_each_burst); disable_intr(); splx(s); vm_page_zero_idle(); in_polling = 0; return 1; } else return vm_page_zero_idle(); } that it won't matter since splimp() is held. Am I missing something? I should be able to place a call to _idle_poll in the swtch.s idle_loop() for SMP? not sure why it enables interrupts before calling poll, and disables them afterwards? From owner-freebsd-net@FreeBSD.ORG Sun May 11 18:25:34 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3601537B404 for ; Sun, 11 May 2003 18:25:34 -0700 (PDT) Received: from lakecmmtao02.coxmail.com (lakecmmtao02.coxmail.com [68.99.120.69]) by mx1.FreeBSD.org (Postfix) with ESMTP id AEFBD43FAF for ; Sun, 11 May 2003 18:25:32 -0700 (PDT) (envelope-from steve@freeslacker.net) Received: from lakecm2mtao02 ([68.99.120.57]) by lakecmmtao02.coxmail.com (InterMail vM.5.01.04.05 201-253-122-122-105-20011231) with SMTP id <20030512012530.UAPE1385.lakecmmtao02.coxmail.com@lakecm2mtao02> for ; Sun, 11 May 2003 21:25:30 -0400 From: To: freebsd-net@freebsd.org Date: Sun, 11 May 2003 18:25:30 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20030512012530.UAPE1385.lakecmmtao02.coxmail.com@lakecm2mtao02> Subject: SOLVED re: mult public conn/mult private conn routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2003 01:25:34 -0000 This has now been solved. Here's how for anyone who might be put in such a situation in the future and need a hand like I did. 1. Add firewall and divert to kernel ... options IPFIREWALL options IPDIVERT ... 2. configure rc.conf ... defaultrouter="" gateway_enable="YES" ifconfig_fxp0="inet netmask 255.255.255.192" ifconfig_fxp1="inet netmask 255.255.255.192" ifconfig_em0="inet netmask 255.255.255.0" ifconfig_em1="inet netmask 255.255.255.0" firewall_enable="YES" firewall_type="/etc/ipfw.conf" natd_enable="YES" natd_program="/usr/local/sbin/natdhack" ... 3. configure /etc/ipfw.conf ... add 00100 divert 8668 ip from /24 to any add 00100 divert 8669 ip from /24 to any add 00200 divert 8668 ip from any to add 00200 divert 8669 ip from any to add 00300 fwd ip from to any ... 4. configure natd_program # /usr/local/sbin/natdhack #!/bin/sh - # # Initialization script for multiple natd's /sbin/natd -m -s -p 8668 -alias_address ; /sbin/natd -m -s -p 8669 -alias_address ; many thx to David for repeatedly helping me. without that help I am sure I would still not have this solved. Steve Stremciuc ------------------ original question post Hello, I am having a problem with setting up a box I just built for the dedicated purpose of being a freebsd router. Below is a diagram describing my physical setup: ISP conn #1 ISP conn #2 | | \ 68.x.x.x/26 24.x.x.x/26 / -----------------_____------------------- fxp0| |fxp1 | | em0| ____|em1 / \ 192.168.0.1/24____| |_____192.168.100.1/24 fxp0 is 3.2Mb/s down 256Kbp/s up and will be used by all normal hosts on em0 fxp1 is 3.2Mb/s down 450Kbp/s up and will be used by servers on em1 What I want to achieve is having all outbound traffic from em0 (192.168.0.1/24) use fxp0, and all outbound traffic from em1 (192.168.100.1/24) use fxp1. em0 and em1 should be able to talk to each other. The problem is that since defaultrouter="68.x.x.x" is specified in /etc/rc.conf all traffic gets routed out through fxp0. Also, since natd_interface="fxp0" is specified, all packets are nat'ed from either em0 or em1 through fxp0. Is it possible to have natd on both fxp0 *and* fxp1 (i tried putting both natd_interface="fxp0" and natd_interface="fxp1" in /etc/rc.conf but this did not work)? Once a packet gets routed to fxp1, it just times out since the default route is atached to only fxp0. I've read up on routed and ipfw, but do not see a way to tell fxp0 to use defaultrouter A, and tell fxp1 to use defaultrouter B. Do I have to run a routing daemon for this? (examples/suggestions would be appreciated) Any ideas? Steve Stremciuc From owner-freebsd-net@FreeBSD.ORG Sun May 11 21:05:04 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C93237B401 for ; Sun, 11 May 2003 21:05:04 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id CBF7843FB1 for ; Sun, 11 May 2003 21:05:02 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from katana.zip.com.au (katana.zip.com.au [61.8.7.246]) by mailman.zeta.org.au (8.9.3p2/8.8.7) with ESMTP id OAA00621; Mon, 12 May 2003 14:04:51 +1000 Date: Mon, 12 May 2003 14:04:50 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Don Bowman In-Reply-To: Message-ID: <20030512133324.C77949@gamplex.bde.org> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: RE: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2003 04:05:04 -0000 On Sun, 11 May 2003, Don Bowman wrote: > From: Bruce Evans [mailto:bde@zeta.org.au] > > Did you try my hack? > > I tried the hack, as below. The other thing that makes idle > wildly inaccurate is the symmetric multi-threading on the xeon > (aka hyperthreading). The variable needs to be per-cpu for the SMP case. Perhaps there are other complications for SMP (from having to forward clock interrupts). Hyperthreading might increase them. Anyway, get the !SMP case working first. > Index: kern_clock.c > =================================================================== > RCS file: /usr/cvs/src/sys/kern/kern_clock.c,v > retrieving revision 1.105.2.9.1000.2 > diff -U3 -r1.105.2.9.1000.2 kern_clock.c > --- kern_clock.c 13 Feb 2003 23:05:58 -0000 1.105.2.9.1000.2 > +++ kern_clock.c 10 May 2003 23:41:47 -0000 > @@ -68,6 +68,7 @@ > #endif > > #ifdef DEVICE_POLLING > +extern int in_polling; Per-cpu variables are complicated to initialized in RELENG_4. I think an array with index cpuid can be used with little cost here (cpuid is a per-cpu global giving the cpu number). > @@ -550,6 +551,11 @@ > } else if (p != NULL) { > p->p_sticks++; > cp_time[CP_SYS]++; > +#if defined(DEVICE_POLLING) > + } else if (in_polling) { Maybe in_polling[cpuid]. > + p->p_sticks++; Don't incrememnt this. p should always be NULL here. > + cp_time[CP_SYS]++; > +#endif > } else > cp_time[CP_IDLE]++; > } > Index: kern_poll.c > =================================================================== > RCS file: /usr/cvs/src/sys/kern/kern_poll.c,v > retrieving revision 1.2.2.4.1000.1 > diff -U3 -r1.2.2.4.1000.1 kern_poll.c > --- kern_poll.c 10 Feb 2003 16:49:19 -0000 1.2.2.4.1000.1 > +++ kern_poll.c 10 May 2003 23:37:11 -0000 > @@ -54,6 +54,8 @@ > void ether_poll(int); /* polling while in trap */ > int idle_poll(void); /* poll while in idle loop */ > > +int in_polling; > + > /* > * Polling support for [network] device drivers. > * > @@ -268,11 +270,13 @@ > { > if (poll_in_idle_loop && poll_handlers > 0) { > int s = splimp(); > + in_polling = 1; > enable_intr(); > ether_poll(poll_each_burst); > disable_intr(); > splx(s); > vm_page_zero_idle(); > + in_polling = 0; > return 1; > } else > return vm_page_zero_idle(); > Meybe set the variable for the whole function and name the variable without using "polling" so that it counts work done by vm_page_zero_idle() too. The above is better if you just want to count network overhead. Since the null pointer is apparently never followed in statclock(), the above apparently doesn't work. I think you aren't actually calling it for the SMP case. swtch.s has a separate idle loop for the SMP case in RELENG_4. Only the !SMP case calls the above unless you have changed it. So the idle time may actually be idle. Bruce From owner-freebsd-net@FreeBSD.ORG Mon May 12 06:53:34 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0CF9237B401 for ; Mon, 12 May 2003 06:53:34 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F07743FBD for ; Mon, 12 May 2003 06:53:33 -0700 (PDT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Mon, 12 May 2003 09:53:32 -0400 Message-ID: From: Don Bowman To: 'Bruce Evans' , Don Bowman Date: Mon, 12 May 2003 09:53:29 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" cc: freebsd-net@freebsd.org Subject: RE: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2003 13:53:34 -0000 From: Bruce Evans [mailto:bde@zeta.org.au] > On Sun, 11 May 2003, Don Bowman wrote: > > > From: Bruce Evans [mailto:bde@zeta.org.au] > > > Did you try my hack? > > > > I tried the hack, as below. The other thing that makes idle > > wildly inaccurate is the symmetric multi-threading on the xeon > > (aka hyperthreading). > > The variable needs to be per-cpu for the SMP case. Perhaps there > are other complications for SMP (from having to forward clock > interrupts). > Hyperthreading might increase them. Anyway, get the !SMP case working > first. ... Thanks very much for the feedback. As you say, I had neglected to put a call in to poll in the smp idle loop. This is slightly more complicated. I'll work on getting the idle poll called in the smp case and make the changes you suggested and see where that gets me. thanks again! --don From owner-freebsd-net@FreeBSD.ORG Mon May 12 21:55:50 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 802C137B401 for ; Mon, 12 May 2003 21:55:50 -0700 (PDT) Received: from mailhost.icepr.com (rotnsrv.icenetworks.com [196.12.160.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A4EB43F85 for ; Mon, 12 May 2003 21:55:49 -0700 (PDT) (envelope-from aalejandro@icenetworks.com) Received: (qmail 94269 invoked from network); 13 May 2003 04:57:18 -0000 Received: from unknown (HELO icenetworks.com) (127.0.0.1) by localhost with SMTP; 13 May 2003 04:57:18 -0000 Received: from 63.245.32.105 (SquirrelMail authenticated user aalejandro) by icenetworks.com with HTTP; Tue, 13 May 2003 00:57:18 -0400 (AST) Message-ID: <46485.63.245.32.105.1052801838.squirrel@icenetworks.com> Date: Tue, 13 May 2003 00:57:18 -0400 (AST) From: To: X-Priority: 3 Importance: Normal X-MSMail-Priority: Normal X-Mailer: SquirrelMail (version 1.2.6) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit cc: aalejandro@icepr.com Subject: X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2003 04:55:50 -0000 Hello, I am using a FreeBSD-4.8 box as a router, using Zebra. I only have 2 ethernet interfaces. My logs are starting to get flooded by this type of errors, once in a while (3 or 4 days) the box stops responding to any packets, its still alive in the console, but the network is dead. Heres the system: bsdrouter# uname -a FreeBSD bsdrouter.icenetworks.com 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Thu Apr 3 10:53:38 GMT 2003 root@freebsd-stable.sentex.ca:/usr/obj/usr/src/sys/GENERIC i386 Heres the log error: May 13 00:52:06 bsdrouter /kernel: arplookup 196.12.X.2 failed: could not allocate llinfoMay 13 00:52:06 bsdrouter /kernel: arpresolve: can't allocate llinfo for 196.12.170.2rtMay 13 00:52:07 bsdrouter /kernel: arp_rtrequest: malloc failed May 13 00:52:08 bsdrouter /kernel: arplookup 196.12.X.2 failed: could not allocate llinfo Please CC, I am not subscribed. Thanks. -- Abel Alejandro, ICENetworks.com From owner-freebsd-net@FreeBSD.ORG Tue May 13 04:16:40 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 49F4737B401 for ; Tue, 13 May 2003 04:16:40 -0700 (PDT) Received: from myra.cc.metu.edu.tr (myra.cc.metu.edu.tr [144.122.199.93]) by mx1.FreeBSD.org (Postfix) with ESMTP id D14C243FBD for ; Tue, 13 May 2003 04:16:30 -0700 (PDT) (envelope-from eryol@metu.edu.tr) Received: from metu.edu.tr (yelken.cc.metu.edu.tr [144.122.3.235]) by myra.cc.metu.edu.tr (8.11.7/8.11.7) with ESMTP id h4DBGIr00290; Tue, 13 May 2003 14:16:18 +0300 (EEST) Message-ID: <3EC0D3E8.301@metu.edu.tr> Date: Tue, 13 May 2003 14:15:52 +0300 From: Gokhan ERYOL Organization: Middle East Tech. University, Computer Center User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003 X-Accept-Language: en-us, en, tr MIME-Version: 1.0 To: Matt Green , freebsd-net@FreeBSD.ORG References: <20030513100556.76638.qmail@web41502.mail.yahoo.com> Content-Type: text/plain; charset=ISO-8859-9; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: WCCP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2003 11:16:40 -0000 Hi Matt, I've never tried FreeBSD v5, but still using v4-STABLE and from December'02, gre support embedded in Stable series. There should be no difference in 5 series. First of all, you have to compile kernel with "options GRE", so that you can create gre tunnels. Then, you should create a gre interface, and a tunnel with BSD box to Cisco in a tricky way. Sample script is as follows : /etc/start_if.gre: ifconfig gre0 create ifconfig gre0 x.y.z.1 10.20.30.40 netmask 255.255.255.255 link1 tunnel x.y.z.1 x.y.z.2 up Here x.y.z.1 is the address of FreeBSD box with squid running, x.y.z.2 is address of Cisco router. Since there are some problems of gre driver when source and destination tunnel addresses are on the same ethernet segment, a fake address is used for other side of tunnel on FreeBSD (10.20.30.40). This fake address'll be never used, because when using WCCP, the tunnel is unidirectional as packets are only transmitted from Cisco router to FreeBSD. Regards, Gokhan ERYOL Matt Green wrote: >Hi Gokhan, > >I've searched through the mailing lists & it appears >you're the only one whose got it working!!! > >My situation is simply - > >- Cisco router IOS ver 12.1(15)T1 >- FreeBSD v5 Stable >- Squid 2.5 Stable 2 > >Cisco configured with wccp version 1. > >FreeBSD has no patches at all - from what I've found >GRE is built-in to this release. Squid complies & runs >without errors. > >What do I have to do on the FreeBSD box to make this >work? From the Cisco I can see the I-SEE-YOU and >HERE-I-AM packets but it doesn't see it as an Webcache >Engine. > >Any help would be greatly appreciated. > >Cheers, >Matt. > > >__________________________________ >Do you Yahoo!? >The New Yahoo! Search - Faster. Easier. Bingo. >http://search.yahoo.com > > From owner-freebsd-net@FreeBSD.ORG Tue May 13 08:43:22 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B292637B401 for ; Tue, 13 May 2003 08:43:22 -0700 (PDT) Received: from vmx2.skoleetaten.oslo.no (vmx2.skoleetaten.oslo.no [193.156.192.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1884F43F3F for ; Tue, 13 May 2003 08:43:21 -0700 (PDT) (envelope-from shamz@nevada.skoleetaten.oslo.no) Received: from smtp.skoleetaten.oslo.no (localhost [127.0.0.1]) 893D2793A2 for ; Tue, 13 May 2003 17:43:19 +0200 (CEST) Received: from nevada.skoleetaten.oslo.no (nevada.skoleetaten.oslo.no [193.156.192.131])4D6C07931B for ; Tue, 13 May 2003 17:43:19 +0200 (CEST) Received: from nevada.skoleetaten.oslo.no (localhost [127.0.0.1]) h4DFhJOU068932 for ; Tue, 13 May 2003 17:43:19 +0200 (CEST) (envelope-from shamz@nevada.skoleetaten.oslo.no) Received: (from shamz@localhost)h4DFhDeN068931 for freebsd-net@freebsd.org; Tue, 13 May 2003 17:43:13 +0200 (CEST) Date: Tue, 13 May 2003 17:43:13 +0200 From: Shaun Jurrens To: freebsd-net@freebsd.org Message-ID: <20030513154313.GR547@nevada.skoleetaten.oslo.no> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ZuvoxmZMh0nHqhEq" Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Operating-System: FreeBSD 4.8-RELEASE Subject: KVM exhaustion from routing table "leaks" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2003 15:43:23 -0000 --ZuvoxmZMh0nHqhEq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi all, I've been fighting with a long term problem with a box that does a good deal of packet pushing for a /17 and a little ipf work as well. One nic does ip= nat for a /24. The box does some static routing between 2 cisco routers and the= =20 routes are added via the rc.conf mechanism for static routes, e.g.: static_routes=3D"bla0 bla1 ...." route_bla0=3D" -net 193.xxx.3.0 -netmask 255.255.255.0 193.xxx.19x.1x" route_bla1=3D" -net 193.xxx.4.0 -netmask 255.255.255.192 193.xxx.19x.1x" The problem is in the continuous growth of cloned routes in the routing tab= le. I've managed to allocate enough kva to keep the box up for an extended amou= nt=20 of time but, eventually, it chews up every bit of kva that it can and=20 allocating new routes fails and it has even taken the box down on occassion. This happens on other boxes as well with lesser traffic. The box is running 4.7-RELEASE-p7, with 5 fxp nic's, (4 in use) =2E.. Timecounter "i8254" frequency 1193182 Hz Timecounter "TSC" frequency 863678217 Hz CPU: Pentium III/Pentium III Xeon/Celeron (863.68-MHz 686-class CPU) Origin =3D "GenuineIntel" Id =3D 0x686 Stepping =3D 6 Features=3D0x383fbff real memory =3D 671023104 (655296K bytes) avail memory =3D 648257536 (633064K bytes) Preloaded elf kernel "kernel" at 0xc031f000. Preloaded elf module "ipl.ko" at 0xc031f09c. =2E.. So, now a little information over the current state of things: nol33n0x:/#> netstat -arn | wc -l 696714 Number of static routes: nol33n0x:/#> netstat -arn | grep S | wc -l 34 Number of static routes with -cloning set: nol33n0x:/#> netstat -arn | grep Sc | wc -l 34 Number of cloned routes (box is still running, so number has grown): nol33n0x:/#> netstat -arn | grep W | wc -l 696830 Use of KVA by routing table: nol33n0x:/#> vmstat -m | grep routetbl ... routetbl1394589196107K 196107K262144K 1465571 0 0 16,32,64,12= 8,256 and a little more: Memory Totals: In Use Free Requests 204934K 4103K 264929580 Observations:=20 Number of routes with 'Use' =3D=3D 0 on fxp0 (nic to "default" router): nol33n0x:/#> netstat -arn | awk '/fxp0/ { print $5 }' | grep -e '^0$' | wc = -l 294790 Number of routes with 'Ref' =3D=3D 0 on fxp0: nol33n0x:/#> netstat -arn | awk '/fxp0/ { print $4 }' | grep -e '^0$' | wc = -l 3 Number of routes with 'Use' =3D=3D 0 on fxp1 (small /24): nol33n0x:/#> netstat -arn | awk '/fxp1/ { print $5 }' | grep -e '^0$' | wc = -l 1 Number of routes with 'Use' =3D=3D 0 on fxp2 (most of the rest of our /17): nol33n0x:/#> netstat -arn | awk '/fxp2/ { print $5 }' | grep -e '^0$' | wc = -l 49 Number of routes with 'Ref' =3D=3D 0 on fxp2: nol33n0x:/#> netstat -arn | awk '/fxp2/ { print $4 }' | grep -e '^0$' | wc = -l 7 How icmp redirect is handled: nol33n0x:/#> sysctl -a | grep redir net.inet.ip.redirect: 1 net.inet.icmp.drop_redirect: 1 net.inet.icmp.log_redirect: 0 Sysctl's on routing: net.inet.ip.rtexpire: 2 net.inet.ip.rtminexpire: 2 net.inet.ip.rtmaxcache: 512 (these seem to have no effect whatsoever...) Specific questions: 1. Why do statically added routes assume -cloning? 2. Forgive my ignorance, but why is -cloning necessary for the default rout= e? 3. Although I haven't done an exhaustive comparison of the content of the= =20 routing table, why don't cloned routes with Use=3D=3D0 time out? 4. There was a security advisory about a possible DoS dealing with -cloning= =20 and KVA exhaustion on an earlier -release, was the fix part of the breakage? 5. Manual removal of routes with 'Use'=3D=3D0 does not free up kernel memor= y, why? I'm starting to think the next hack I'm going to have to try is running rou= ted or zebra to manipulate the routing table more actively, even though this wo= uld seem to be sort of giving in to the problem, instead of fixing (assuming I'm not just imagining all of this). Perhaps I'm just ignorant of how routing is supposed to work, if so, I'll t= ake my cluebat like a man. I haven't dug through the code because I _know_ I'm= =20 ignorant there. Guess I could use a little help. Comments and/or suggestio= ns=20 welcome. --=20 Med vennlig hilsen/Sincerely, Shaun D. Jurrens Drift og Sikkerhetskonsulent IKT-Avdeling Oslo Skoleetaten Tel: +47 2208 7394 Mobil: +47 9820 8826 gpg key fingerprint: 007A B6BD 8B1B BAB9 C583 2D19 3A7F 4A3E F83E 84AE --ZuvoxmZMh0nHqhEq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+wRKROn9KPvg+hK4RAo6GAJ91yI96ShFkhLGvVR2Aj0HRXWOFPQCg1oSZ ea3U5W6DjhW+ofRzy0pEGcs= =YgYr -----END PGP SIGNATURE----- --ZuvoxmZMh0nHqhEq-- From owner-freebsd-net@FreeBSD.ORG Tue May 13 08:51:26 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0F46337B401; Tue, 13 May 2003 08:51:26 -0700 (PDT) Received: from stewart.chicago.il.us (stewart.chicago.il.us [66.93.186.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F03E43FDF; Tue, 13 May 2003 08:51:23 -0700 (PDT) (envelope-from randall@stewart.chicago.il.us) Received: from stewart.chicago.il.us (stewart.chicago.il.us [127.0.0.1]) h4DFpFrf048132; Tue, 13 May 2003 10:51:16 -0500 (CDT) (envelope-from randall@stewart.chicago.il.us) Message-ID: <3EC11473.8030605@stewart.chicago.il.us> Date: Tue, 13 May 2003 10:51:15 -0500 From: Randall Stewart User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3b) Gecko/20030323 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Andrew P. Lentvorski" References: <20021018222132.P68535-100000@mail.allcaps.org> In-Reply-To: <20021018222132.P68535-100000@mail.allcaps.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@FreeBSD.ORG cc: "Crist J. Clark" Subject: Re: IPSEC/NAT issues X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2003 15:51:26 -0000 Andrew: One little correction for your consideration :-D Andrew P. Lentvorski wrote: > On Fri, 18 Oct 2002, Me, Myself, and I blathered: > >>You cannot NAT an IPSEC packet. NAT rewrites the IP headers and the >>packet will get rejected when it reaches the other IPSEC node. > > > I still stand by my original statement. However, it won't be true for > much longer. There is now a draft document (as of August 18, 2002) for > dealing with NAT traversal. > > http://www.ietf.org/internet-drafts/draft-ietf-ipsec-nat-reqts-02.txt > > > a) Incompatibility between IPsec AH [RFC2402] and NAT. Since the AH header > incorporates the IP source and destination addresses in the > keyed message integrity check, NAT or reverse NAT devices making changes > to address fields will invalidate the message integrity check. > Since IPsec ESP [4] does not incorporate the IP source and > destination addresses in its keyed message integrity check, > this issue does not arise for ESP. > > b) Incompatibility between checksums and NAT. TCP/UDP/SCTP > checksums have a dependency on the IP source and destination > addresses through inclusion of the "pseudo-header" in the > calculation. As a result, where checksums are calculated and > checked on receipt, they will be invalidated by passage through > a NAT or reverse NAT device. SCTP does NOT use a "pseudo-header". Psuedo-headers were introduced to protect against mis-routing.. i.e. if a router mis-sent a message TCP/UDP to you to whom which you had a connection as well you could easily mistaken it.. but by putting it in the c-sum the packet would be invalid.. For SCTP there is a V-Tag in every packet. This is a random number that is selected by each side at association/connection startup. This V-Tag protects you from mis-routed packets since a wrong V-tag will result in discarding the packet silently (assuming its from an old connection). The V-Tag also obviates the need for timed-wait state for ports... You do need to do a timed-wait on V-tags themselves.. but it won't prevent you from setting up an association ever :> And you can get a very nice implementation of SCTP with one of the KAME snaps.. (I and Peter Lei wrote it so forgive me for being a bit in-modest). Hey speaking of which, is anyone in the FreeBSD world interested in getting SCTP into the base release yet? I do think we are stable enough now..... Regards R > > As a result, IPsec ESP will only pass unimpeded through a NAT if > TCP/UDP/SCTP protocols are not involved (as in IPsec tunnel > mode or IPsec/GRE), or checksums are not calculated (as is > possible with IPv4 UDP) > > > -a > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > -- Randall R. Stewart randall@stewart.chicago.il.us 815-342-5222 (cell phone) From owner-freebsd-net@FreeBSD.ORG Tue May 13 13:36:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F71737B401 for ; Tue, 13 May 2003 13:36:52 -0700 (PDT) Received: from niwun.pair.com (niwun.pair.com [209.68.2.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 39F6243F93 for ; Tue, 13 May 2003 13:36:51 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 90931 invoked by uid 3193); 13 May 2003 20:36:50 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 13 May 2003 20:36:50 -0000 Date: Tue, 13 May 2003 16:36:50 -0400 (EDT) From: Mike Silbersack X-X-Sender: silby@niwun.pair.com To: Shaun Jurrens In-Reply-To: <20030513154313.GR547@nevada.skoleetaten.oslo.no> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: KVM exhaustion from routing table "leaks" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 May 2003 20:36:52 -0000 On Tue, 13 May 2003, Shaun Jurrens wrote: > Specific questions: > > 1. Why do statically added routes assume -cloning? > 2. Forgive my ignorance, but why is -cloning necessary for the default route? > 3. Although I haven't done an exhaustive comparison of the content of the > routing table, why don't cloned routes with Use==0 time out? > 4. There was a security advisory about a possible DoS dealing with -cloning > and KVA exhaustion on an earlier -release, was the fix part of the breakage? > 5. Manual removal of routes with 'Use'==0 does not free up kernel memory, why? I'm not sure I have time to properly answer your questions, so I'll give a quick answer. 1. I'm not aware of any actual memory leaks, and if there are any, we'd definitely like to fix them. (Some may have been fixed post 4.7, I'm not really sure.) 2. The process by which cloned routes are expired is indeed very poor, and I'm not surprised that you have many sticking around for long periods of time. I had started writing an improved method of cleaning out stale routes, but stopped when I found out what a mess it was. 3. Someone said he had his graduate students working on a replacement to cloned routes, I'm not sure what happened with that. :) Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Wed May 14 12:17:57 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CD2D337B401 for ; Wed, 14 May 2003 12:17:57 -0700 (PDT) Received: from maeko.hayai.de (denver038.server4free.de [217.172.178.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id B05D143F75 for ; Wed, 14 May 2003 12:17:52 -0700 (PDT) (envelope-from mail@maeko.hayai.de) Received: from maeko.hayai.de (localhost [127.0.0.1]) by maeko.hayai.de (8.12.7/8.12.7) with ESMTP id h4EJI7rW008052 (version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=NO) for ; Wed, 14 May 2003 21:18:07 +0200 Resent-From: mail@maeko.hayai.de Received: (from mail@localhost) by maeko.hayai.de (8.12.7/8.12.7/Submit) id h4EJI7vL008051 for freebsd-net@freebsd.org; Wed, 14 May 2003 21:18:07 +0200 Resent-Message-Id: <200305141918.h4EJI7vL008051@maeko.hayai.de> Date: Wed, 14 May 2003 20:48:45 +0200 From: Marco Wertejuk To: freebsd-hackers@freebsd.org Message-ID: <20030514184845.GA7573@maeko> Mail-Followup-To: freebsd-hackers@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Resent-Date: Wed, 14 May 2003 21:18:07 +0200 Resent-To: freebsd-net@freebsd.org Subject: vlan/bridging broken in 4.8-release? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2003 19:17:58 -0000 Hello, I'm trying to get bridging working on vlans, and it seems as if packet destined for the other side of the bridge don't get forwarded from the vlan-if to the phys-if and vice versa. An example: there are two hosts (foo[10.1.2.1/24], bar[10.1.2.2/24]) and the bridge doh. All 4.8-RELEASE. foo is crosslinked to doh's fxp1, bar is on a hp procurve switch in vlan 11. doh uses fxp0 to the switch and has vlans enabled, see ifconfig on doh: fxp0: flags=8943 mtu 1500 ether 00:d0:b7:9a:1a:0e media: Ethernet autoselect (100baseTX ) status: active fxp1: flags=8943 mtu 1500 ether 00:d0:b7:9a:1a:0f media: Ethernet autoselect (100baseTX ) status: active vlan0: flags=8843 mtu 1500 ether 00:d0:b7:9a:1a:0e media: Ethernet autoselect (100baseTX ) status: active vlan: 11 parent interface: fxp0 Bridging is enabled between vlan0 and fxp1. Now, when bar tries to ping foo (traffic goes from vlan0 to fxp1) this happens on doh: (tcpdump -tni fxp0): 802.1Q vlan#11 P0 arp who-has 10.1.2.1 tell 10.1.2.2 802.1Q vlan#11 P0 arp reply 10.1.2.1 is-at 0:d0:b7:b:1e:92 802.1Q vlan#11 P0 10.1.2.2 > 10.1.2.1: icmp: echo request (tcpdump -tni vlan0): arp who-has 10.1.2.1 tell 10.1.2.2 arp reply 10.1.2.1 is-at 0:d0:b7:b:1e:92 The icmp echo request is not passed to the vlan-if because it's not to a broadcast packet and so it is not bridged. Is there a trick to get this working or do you need more debug info? -- Mit freundlichen Gruessen, Marco Wertejuk - mwcis.com Consulting & Internet Solutions From owner-freebsd-net@FreeBSD.ORG Wed May 14 22:56:35 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4268437B401; Wed, 14 May 2003 22:56:35 -0700 (PDT) Received: from mail.uni-bielefeld.de (mail2.uni-bielefeld.de [129.70.4.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id DF83843FAF; Wed, 14 May 2003 22:56:33 -0700 (PDT) (envelope-from lars.koeller@uni-bielefeld.de) Received: from rayadm.hrz.uni-bielefeld.de (rayadm.hrz.uni-bielefeld.de [129.70.202.15]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0HEW00JC9Z51ER@mail.uni-bielefeld.de>; Thu, 15 May 2003 07:55:49 +0200 (MET DST) Received: from rayadm.hrz.uni-bielefeld.de (lkoeller@localhost) h4F5tmo15331; Thu, 15 May 2003 07:55:48 +0200 (MEST) Date: Thu, 15 May 2003 07:55:48 +0200 From: Lars =?iso-8859-1?Q?K=F6ller?= X-Face: eCcoCV}FjV*O{6>[1$XP/e%]TJhEw2MF33dFh)^HM7Gfd=[/(4+0a$~ MIME-version: 1.0 X-Mailer: exmh version 2.6.1 02/18/2003 with nmh-1.0.4 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: quoted-printable cc: freebsd-net@FreeBSD.org Subject: Re: bin/51586: rsh/rshd connect problem (select: protocol failurein circuit setup) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2003 05:56:35 -0000 -------- Hello, due to the problem in PR 51586, Mike Silbersack give = me the hint to contact you. Please can you have a look at the PR and try to verify where the error originates from (telnet host 623 hangs). If you need more information, please don't heasitate to contact me. Many thanks and best regards Lars = -- = E-Mail: Lars.Koeller@Uni-Bielefeld.DE \ Lars K=F6ller lkoeller@FreeBSD.org \ CC University of PGP: http://www.uk.pgp.net/pgpnet/wwwkeys.html \ Bielefeld, Germany = Key-ID: A430D499 \ Tel: +49 521 106 4964 ----------- FreeBSD, what else? ---- http://www.freebsd.org -------------= From owner-freebsd-net@FreeBSD.ORG Thu May 15 11:55:11 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0ED4137B401; Thu, 15 May 2003 11:55:11 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 45D5643F3F; Thu, 15 May 2003 11:55:10 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h4FIsuOn023814; Thu, 15 May 2003 14:54:56 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h4FIstrj023811; Thu, 15 May 2003 14:54:56 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Thu, 15 May 2003 14:54:55 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Petri Helenius In-Reply-To: <3EBB3245.50809@he.iki.fi> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: freebsd-current@freebsd.org Subject: Re: 5.1-BETA em X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2003 18:55:11 -0000 Could you file a PR for this, if it hasn't already been resolved? Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories On Fri, 9 May 2003, Petri Helenius wrote: > > I installed 5.0-RELEASE on an X31 IBM laptop and em0 worked. (1.4.x > driver) Then > I cvsupped -CURRENT two days ago and now the em0 probe only displays: > em0: port > 0x8000-0x803f > mem 0xc0200000-0xc020ffff, 0xc0220000-0xc023ffff irq 11 at device 1.0 on > pci2 > em0: The EEPROM Checksum Is Not Valid > em0: Unable to initialize the hardware > > The chip is supposedly Intel mobile GE, and the machine has Win XP as > dual booth with FreeBSD. > > Pete > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu May 15 14:12:38 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9CA8937B401 for ; Thu, 15 May 2003 14:12:38 -0700 (PDT) Received: from ms-smtp-03.nyroc.rr.com (ms-smtp-03.nyroc.rr.com [24.92.226.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7A66A43F93 for ; Thu, 15 May 2003 14:12:37 -0700 (PDT) (envelope-from justin@shiningsilence.com) Received: from home.shiningsilence.com (rrcs-nys-24-169-96-227.biz.rr.com [24.169.96.227])h4FLCWik023346 for ; Thu, 15 May 2003 17:12:36 -0400 (EDT) Received: from 24.93.1.61 (SquirrelMail authenticated user justin) by home.shiningsilence.com with HTTP; Thu, 15 May 2003 16:18:17 -0400 (EDT) Message-ID: <49537.24.93.1.61.1053029897.squirrel@home.shiningsilence.com> Date: Thu, 15 May 2003 16:18:17 -0400 (EDT) From: "Justin C. Sherrill" To: freebsd-net@freebsd.org User-Agent: SquirrelMail/1.4.0 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 Importance: Normal Subject: load balance ordinary traffic X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2003 21:12:38 -0000 I have a FreeBSD 4.8-stable machine with multiple network interfaces. One goes to a local network (192.168.*) and the other goes to the Internet via cable modem. This machine does NAT for the 192.168.* network. I'd like to add more Ethernet cards to this computer and connect them to other cable modems, thereby providing more bandwidth to the 192.168.* network. Where can I look for more information on how to do this? Specifically, the software changes (with ipfw?) to "concatenate" the connection. From owner-freebsd-net@FreeBSD.ORG Thu May 15 14:38:14 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ABCBA37B40A for ; Thu, 15 May 2003 14:38:14 -0700 (PDT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 59E8E43F3F for ; Thu, 15 May 2003 14:38:13 -0700 (PDT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.12.9/8.12.9) with ESMTP id h4FLcCiK009119; Thu, 15 May 2003 17:38:12 -0400 (EDT) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.12.9/8.12.9/Submit) id h4FLcCow009118; Thu, 15 May 2003 17:38:12 -0400 (EDT) Date: Thu, 15 May 2003 17:38:12 -0400 From: Barney Wolff To: "Justin C. Sherrill" Message-ID: <20030515213812.GA8905@pit.databus.com> References: <49537.24.93.1.61.1053029897.squirrel@home.shiningsilence.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <49537.24.93.1.61.1053029897.squirrel@home.shiningsilence.com> User-Agent: Mutt/1.4.1i X-Scanned-By: MIMEDefang 2.32 (www . roaringpenguin . com / mimedefang) cc: freebsd-net@freebsd.org Subject: Re: load balance ordinary traffic X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2003 21:38:15 -0000 On Thu, May 15, 2003 at 04:18:17PM -0400, Justin C. Sherrill wrote: > I have a FreeBSD 4.8-stable machine with multiple network interfaces. One > goes to a local network (192.168.*) and the other goes to the Internet via > cable modem. This machine does NAT for the 192.168.* network. > > I'd like to add more Ethernet cards to this computer and connect them to > other cable modems, thereby providing more bandwidth to the 192.168.* > network. Where can I look for more information on how to do this? > Specifically, the software changes (with ipfw?) to "concatenate" the > connection. This is unlikely to work with cable modems. You're already competing with your immendiate neighbors for a fixed pie of cable bandwidth. You have a better shot with DSL, if you pay for multiple DSL lines. In that case, you can set it up so some of your local hosts go to each DSL link, by ipfw and natd rules. However, what you can't do is have a single TCP connection on a single local host use both external lines. That would require at a minimum cooperation from your ISP which they are most unlikely to provide. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. From owner-freebsd-net@FreeBSD.ORG Thu May 15 14:42:44 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 85A8F37B401 for ; Thu, 15 May 2003 14:42:44 -0700 (PDT) Received: from web21506.mail.yahoo.com (web21506.mail.yahoo.com [66.163.169.17]) by mx1.FreeBSD.org (Postfix) with SMTP id B413B43F75 for ; Thu, 15 May 2003 14:42:41 -0700 (PDT) (envelope-from fadizio@yahoo.fr) Message-ID: <20030515214241.3132.qmail@web21506.mail.yahoo.com> Received: from [193.227.168.2] by web21506.mail.yahoo.com via HTTP; Thu, 15 May 2003 23:42:41 CEST Date: Thu, 15 May 2003 23:42:41 +0200 (CEST) From: =?iso-8859-1?q?fa=20ch?= To: freebsd-net@freebsd.org MIME-Version: 1.0 X-Mailman-Approved-At: Thu, 15 May 2003 14:51:49 -0700 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: ipsec X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2003 21:42:44 -0000 i am working on a project ipv6/ipsec between XP/freebsd 4.7 can u please tell why setting up ipsec isn't working using manual keys and if am wrong why hope u reply before monday wich is the deadline of my project thank u --------------------------------- Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Testez le nouveau Yahoo! Mail From owner-freebsd-net@FreeBSD.ORG Thu May 15 14:59:25 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8630937B401 for ; Thu, 15 May 2003 14:59:25 -0700 (PDT) Received: from magellan.palisadesys.com (magellan.palisadesys.com [192.188.162.211]) by mx1.FreeBSD.org (Postfix) with ESMTP id B38F143F93 for ; Thu, 15 May 2003 14:59:24 -0700 (PDT) (envelope-from ghelmer@palisadesys.com) Received: from mira (mira.palisadesys.com [192.188.162.116]) (authenticated bits=0)h4FLxN3r084487 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO) for ; Thu, 15 May 2003 16:59:24 -0500 (CDT) (envelope-from ghelmer@palisadesys.com) From: "Guy Helmer" To: Date: Thu, 15 May 2003 16:59:39 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal In-Reply-To: Subject: Intel Pro/1000 82540 Ethernet, was RE: SuperMicro X5DEI-GG X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 May 2003 21:59:25 -0000 Originally I wrote to smp@freebsd.org: > Has anyone had positive or negative experience with the > SuperMicro X5DEI-GG > dual-Xeon motherboard? It seems to work OK on a uniprocessor kernel, but > FreeBSD 4.8 SMP kernels lock up after the "mounting root" message or after > ifconfiging lo0 in the startup scripts. Our first machine may just be > flaky, so I'll try another one as soon as possible... I seem to have isolated the problems with SMP on this machine to the built-in Intel Pro/1000 (82540) Ethernet interfaces. The machine *nearly* freezes after ifconfig is run during startup. It can respond to the keyboard (accepting characters) the first few times I unplug/plug the Ethernet cable from em0 and cause link down/up messages on the console. This only works a few times before the keyboard becomes completely unresponsive. I've tried a 4.8-RELEASE and a 4.9-STABLE kernel cvsuped today. Any suggestions would be appreciated. > Machine details (dmesg, pciconf, mptable) follow. > > Thanks, > Guy > > Guy Helmer, Ph.D., Sr. Software Engineer, Palisade Systems, Inc. > http://www.palisadesys.com/~ghelmer/ > > Copyright (c) 1992-2003 The FreeBSD Project. > Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 > The Regents of the University of California. All rights reserved. > FreeBSD 4.8-RELEASE #23: Fri May 2 14:20:47 GMT 2003 > support@palisadesys.com:PH > Timecounter "i8254" frequency 1193182 Hz > CPU: Intel(R) Xeon(TM) CPU 2.80GHz (2800.12-MHz 686-class CPU) > Origin = "GenuineIntel" Id = 0xf27 Stepping = 7 > > Features=0xbfebfbff RR,PGE,MCA > ,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> > Hyperthreading: 2 logical CPUs > real memory = 536805376 (524224K bytes) > avail memory = 518397952 (506248K bytes) > Preloaded elf kernel "kernel.UP" at 0xc03d1000. > Pentium Pro MTRR support enabled > md0: Malloc disk > Using $PIR table, 11 entries at 0xc00f4a50 > apm0: on motherboard > apm0: found APM BIOS v1.2, connected at v1.2 > npx0: on motherboard > npx0: INT 16 interface > pcib0: on motherboard > pci0: on pcib0 > em0: port > 0xe000-0xe03f mem 0xfeb80000-0xfeb9ffff irq 9 at device 8.0 on pci0 > em0: Speed:100 Mbps Duplex:Half > em1: port > 0xe400-0xe43f mem 0xfeba0000-0xfebbffff irq 11 at device 9.0 on pci0 > em1: Speed:N/A Duplex:N/A > pci0: at 11.0 irq 10 > atapci0: port > 0xffa0-0xffaf,0x374-0x377,0x170-0x177,0x3f4-0x3f7,0x1f0-0x1f7 at > device 15.1 > on pci0 > ata0: at 0x1f0 irq 14 on atapci0 > ata1: at 0x170 irq 15 on atapci0 > ohci0: mem 0xfebfe000-0xfebfefff irq 10 at > device 15.2 on pci0 > usb0: OHCI version 1.0, legacy support > usb0: SMM does not respond, resetting > usb0: on ohci0 > usb0: USB revision 1.0 > uhub0: (0x1166) OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 > uhub0: 4 ports with 4 removable, self powered > isab0: at device > 15.3 on pci0 > isa0: on isab0 > pcib255: on motherboard > pci255: on pcib255 > pcib1: on motherboard > pci1: on pcib1 > orm0: