From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 00:24:04 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76B9337B401 for ; Sun, 6 Jul 2003 00:24:04 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 016C644008 for ; Sun, 6 Jul 2003 00:24:04 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h667O3kN058879; Sun, 6 Jul 2003 00:24:03 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h667O3BH058877; Sun, 6 Jul 2003 00:24:03 -0700 (PDT) (envelope-from rizzo) Date: Sun, 6 Jul 2003 00:24:02 -0700 From: Luigi Rizzo To: Eugene Grosbein Message-ID: <20030706002402.A58528@xorpc.icir.org> References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <3F078E39.ABC0822F@kuzbass.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3F078E39.ABC0822F@kuzbass.ru>; from eugen@kuzbass.ru on Sun, Jul 06, 2003 at 10:49:29AM +0800 cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 07:24:04 -0000 On Sun, Jul 06, 2003 at 10:49:29AM +0800, Eugene Grosbein wrote: > Luigi Rizzo wrote: > > > Bottom line -- the whole architecture has been designed with > > FIFO in mind, and implementing any different queueing policy > > will involve some significant rewriting of the device drivers, > > plus, potentially, some significant performance loss. > > Thank you for detailed explanation. I hope that dummynet's WFQ > would be sufficient but not sure: will it correctly process > weights whith zero-bandwidth pipe? zero-bw pipes are only useful to add delay or to count traffic (e.g. using masks), but will never cause queues to build up and so won't help in your case. cheers luigi From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 00:49:22 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 54F3537B401 for ; Sun, 6 Jul 2003 00:49:22 -0700 (PDT) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5A98544017 for ; Sun, 6 Jul 2003 00:49:20 -0700 (PDT) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82])h667nGCo041931; Sun, 6 Jul 2003 15:49:16 +0800 (KRAST) (envelope-from eugen@kuzbass.ru) Message-ID: <3F07D3CD.4CC3B317@kuzbass.ru> Date: Sun, 06 Jul 2003 15:46:21 +0800 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.8 [en] (Win98; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: Luigi Rizzo References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <3F078E39.ABC0822F@kuzbass.ru> <20030706002402.A58528@xorpc.icir.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 07:49:22 -0000 Luigi Rizzo wrote: > > Thank you for detailed explanation. I hope that dummynet's WFQ > > would be sufficient but not sure: will it correctly process > > weights whith zero-bandwidth pipe? > > zero-bw pipes are only useful to add delay or to count > traffic (e.g. using masks), but will never cause queues > to build up and so won't help in your case. That's sad; it would be nice if dummynet would create queues for zero-bw pipes and perform dequeueing basing on weights. Eugene From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 02:14:05 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1EDB737B401 for ; Sun, 6 Jul 2003 02:14:05 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9252D44031 for ; Sun, 6 Jul 2003 02:14:04 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h669E4kN095953; Sun, 6 Jul 2003 02:14:04 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h669E4Fg095952; Sun, 6 Jul 2003 02:14:04 -0700 (PDT) (envelope-from rizzo) Date: Sun, 6 Jul 2003 02:14:04 -0700 From: Luigi Rizzo To: Eugene Grosbein Message-ID: <20030706021404.A94750@xorpc.icir.org> References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <3F078E39.ABC0822F@kuzbass.ru> <20030706002402.A58528@xorpc.icir.org> <3F07D3CD.4CC3B317@kuzbass.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3F07D3CD.4CC3B317@kuzbass.ru>; from eugen@kuzbass.ru on Sun, Jul 06, 2003 at 03:46:21PM +0800 cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 09:14:05 -0000 On Sun, Jul 06, 2003 at 03:46:21PM +0800, Eugene Grosbein wrote: ... > > zero-bw pipes are only useful to add delay or to count > > traffic (e.g. using masks), but will never cause queues > > to build up and so won't help in your case. > > That's sad; it would be nice if dummynet would create queues for zero-bw > pipes and perform dequeueing basing on weights. that would be magic, not engineering :) How could the scheduler decide when to drain the queue ? As I said, there _is_ a way -- if you know the device where the queueing occurs (say 'wi0'), and are willing to modify the driver, you can insert a call to if_tx_rdy() in the place where the device signals that the 'transmit ring' (see my previous msg) is ready, and then use 'bandwidth wi0' to set the rate of the pipe. In this case, there will be always just one packet in the transmit ring+ifq, all the queueing occurs in the dummynet queues, and you can schedule things as you like (with weights, RED, etc.) But there is some overhead in doing this which does not make the method suitable for 100/1G interfaces (but it is probably completely acceptable for slower things such as 'wi' and 'tun' and 'sio' devices. Maybe even for some 10Mbit/s cards). cheers luigi > Eugene > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 02:44:59 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE27737B401 for ; Sun, 6 Jul 2003 02:44:59 -0700 (PDT) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id E1BE743FDF for ; Sun, 6 Jul 2003 02:44:57 -0700 (PDT) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82])h669irCo051681; Sun, 6 Jul 2003 17:44:54 +0800 (KRAST) (envelope-from eugen@kuzbass.ru) Message-ID: <3F07EEE6.1E4EBE41@kuzbass.ru> Date: Sun, 06 Jul 2003 17:41:58 +0800 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.8 [en] (Win98; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: Luigi Rizzo References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <3F078E39.ABC0822F@kuzbass.ru> <20030706002402.A58528@xorpc.icir.org> <3F07D3CD.4CC3B317@kuzbass.ru> <20030706021404.A94750@xorpc.icir.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 09:45:00 -0000 Luigi Rizzo wrote: > > > zero-bw pipes are only useful to add delay or to count > > > traffic (e.g. using masks), but will never cause queues > > > to build up and so won't help in your case. > > > > That's sad; it would be nice if dummynet would create queues for zero-bw > > pipes and perform dequeueing basing on weights. > > that would be magic, not engineering :) > > How could the scheduler decide when to drain the queue ? It should move packets from zero-bw WFQ pipe the interface FIFO as soon as possible but should consider weights (100 packets from one queue then 1 from another and so on). > As I said, there _is_ a way -- if you know the device where the > queueing occurs (say 'wi0'), and are willing to modify the driver, > you can insert a call to if_tx_rdy() in the place where the device > signals that the 'transmit ring' (see my previous msg) is ready, > and then use 'bandwidth wi0' to set the rate of the pipe. Well, I could do that but my configuration is different. My FreeBSD router does not have WaveLan interface. Instead, I have another device (named "RWR") with one 10Mbit Ethernet interface and one 2Mbit WaveLan interface. RWR can pass traffic with non-zero IP Precedence first. FreeBSD has fxp(4) 100Mbit Ethernet card that connects it to the RWR. So I see no reason to patch fxp(4) here :-) Eugene From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 07:06:48 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 435E237B401 for ; Sun, 6 Jul 2003 07:06:48 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id B47F544001 for ; Sun, 6 Jul 2003 07:06:47 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h66E6lkN019899; Sun, 6 Jul 2003 07:06:47 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h66E6ksw019898; Sun, 6 Jul 2003 07:06:46 -0700 (PDT) (envelope-from rizzo) Date: Sun, 6 Jul 2003 07:06:46 -0700 From: Luigi Rizzo To: Eugene Grosbein Message-ID: <20030706070646.B17595@xorpc.icir.org> References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <3F078E39.ABC0822F@kuzbass.ru> <20030706002402.A58528@xorpc.icir.org> <3F07D3CD.4CC3B317@kuzbass.ru> <20030706021404.A94750@xorpc.icir.org> <3F07EEE6.1E4EBE41@kuzbass.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3F07EEE6.1E4EBE41@kuzbass.ru>; from eugen@kuzbass.ru on Sun, Jul 06, 2003 at 05:41:58PM +0800 cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 14:06:48 -0000 On Sun, Jul 06, 2003 at 05:41:58PM +0800, Eugene Grosbein wrote: > Luigi Rizzo wrote: > > > > > zero-bw pipes are only useful to add delay or to count > > > > traffic (e.g. using masks), but will never cause queues > > > > to build up and so won't help in your case. > > > > > > That's sad; it would be nice if dummynet would create queues for zero-bw > > > pipes and perform dequeueing basing on weights. > > > > that would be magic, not engineering :) > > > > How could the scheduler decide when to drain the queue ? > > It should move packets from zero-bw WFQ pipe the interface FIFO > as soon as possible but should consider weights with infinite bandwidth (that is what 'bw 0' means), "as soon as possible" means immediately, so you will never have anything in the dummynet queues, and weights would have no purpose. > Well, I could do that but my configuration is different. > My FreeBSD router does not have WaveLan interface. Instead, I have > another device (named "RWR") with one 10Mbit Ethernet interface > and one 2Mbit WaveLan interface. RWR can pass traffic with non-zero > IP Precedence first. FreeBSD has fxp(4) 100Mbit Ethernet card that > connects it to the RWR. So I see no reason to patch fxp(4) here :-) so what's your problem then ??? cheers luigi From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 07:14:31 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D04B437B401 for ; Sun, 6 Jul 2003 07:14:31 -0700 (PDT) Received: from smtp2.libero.it (smtp2.libero.it [193.70.192.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9CD344400D for ; Sun, 6 Jul 2003 07:14:30 -0700 (PDT) (envelope-from ml.ventu@flashnet.it) Received: from soth.ventu (151.38.127.191) by smtp2.libero.it (7.0.012) id 3E9BEBC301B95659 for freebsd-net@freebsd.org; Sun, 6 Jul 2003 16:14:30 +0200 Received: from mailer (xanatar.ventu [10.1.2.6]) by soth.ventu (8.12.6p2/8.12.6) with SMTP id h66EERvf001317 for ; Sun, 6 Jul 2003 16:14:28 +0200 (CEST) (envelope-from ml.ventu@flashnet.it) Message-Id: <200307061414.h66EERvf001317@soth.ventu> To: freebsd-net@freebsd.org Priority: Normal X-Mailer: Post Road Mailer for OS/2 (Green Edition Ver 3.0) Date: Sun, 6 Jul 2003 16:14:28 EST From: Andrea Venturoli Subject: vrrp problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Andrea Venturoli List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 14:14:32 -0000 Hello. I'm trying to set up vrrp on two machines and while it seems to work on one, it does not on the other. Here's my config: # This is a simple configuration file for freevrrpd # Please read the documentation before modifying these parameters # I recommend to not set addr to the unique and real ip of your server because # if freevrrpd will shutdown, your server will don't have any IP address. # a good utilization is to set a real IP address not managed by freevrrpd and # then choosing an alias for the virtual IP address managed by freevrrpd # # Each VRID Section must begin with [VRID] keyword [VRID] # serverid is needed to specify the number of the VRID, here VRID = 1 serverid = 1 # you must set interface with a real interface name of your system interface = xl0 # priority = 255 is a MASTER of the VRID # priority < 255 is a BACKUP with a priority 0 to 254 # 254 is a higher BACKUP priority priority = 254 # addr option is need to specify ip address(es) associated with the VRID # you can specify multiple addresses separated by ',' # netmask is specified with CIDR notation so number after '/' represent the # number of bits set to 1 for the netmask. # eg: /24 is 11111111 11111111 11111111 00000000 = 255.255.255.0 addr = 10.1.2.127/32 # if you want to authenticate your VRRP packets you can set a password # associated with this VRID. this is not required but is you don't set a # password, everybody in your LAN can generate VRRP packets without # authentification. If you set this, you must set it to BACKUP VRID too, if you # don't, all BACKUP VRRP packets will be rejected. password = xxx # now, you can specify a script name to execute when this host became master # of this VRID #masterscript = "/usr/local/bin/master_script.sh" # and you can specify a script name to execute when this host became backup # too #backupscript = "/usr/local/bin/backup_script.sh" # if physical interface attached to VRID 1 fail you can specify one or more # VRIDs that must go to backup state in the same time. (monitored circuits) # in this example if rl0 is faulty, xl0 and bge0 go to backup state mode # This is extremly useful to avoir blackhole with Firewalls with two interfaces #vridsdep = 2, 3 #[VRID] serverid = 2 interface = xl0 priority = 255 addr = 10.1.2.126/32 password = xxx As you can see I defined two VRID, but also tried the first one alone (and also as a master). And here's what I see when I do freevrrp -F: initialize ! VServer ID : 2 VServer PRIO : 255 VServer ETHADDR : 00:00:5e:00:01:02 VServer CNT_IP : 1 VServer IPs : 10.1.2.126 VServer ADV_INT : 1 VServer MASTER_DW_TM : 3 VServer SKEW_TIME : 0 VServer State : 0 Server IF_NAME : xl0 Server NB_IP : 1 Server IPs : 10.1.2.15 Server ETHADDR : 00:50:04:22:a9:c0 but then nothing's happen. Is it normal that only one VRID is displayed? I see igmp packet going out on xl0 (which I happened sometimes to block with ipfw) and vrrp packets going out (which ipfw should not allow, but pass anyway), but ifconfig gives: xl0: flags=8943 mtu 1500 options=3 inet 10.1.2.15 netmask 0xffffff00 broadcast 10.1.2.255 ether 00:50:04:22:a9:c0 media: Ethernet 10baseT/UTP (10baseT/UTP ) ed0: flags=8943 mtu 1500 inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255 ether 52:54:40:28:e5:a2 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 What I would expect is that xl0 gets both 10.1.2.126 and 10.1.2.127, since I've not started vrrp on the other machine yet. In the log I see: freevrrpd[532]: initializing threads and all VRID freevrrpd[532]: reading configuration file /usr/local/etc/freevrrpd.conf and when I quit: freevrrpd[532]: restoring real MAC address: 00:50:04:22:A9:C0 for interface xl0 Sometimes, but not often, a message will appear like: freevrrpd[15704]: interface xl0 is faulty, deactivated from VRRP VRIDs So my question is: how do I start debugging this? bye & Thanks av. From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 07:59:25 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B6EC737B401 for ; Sun, 6 Jul 2003 07:59:25 -0700 (PDT) Received: from silver.he.iki.fi (silver.he.iki.fi [193.64.42.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id 446D843FF2 for ; Sun, 6 Jul 2003 07:59:24 -0700 (PDT) (envelope-from pete@he.iki.fi) Received: from he.iki.fi (localhost.he.iki.fi [127.0.0.1]) by silver.he.iki.fi (8.12.9/8.11.4) with ESMTP id h66ExIsL000776; Sun, 6 Jul 2003 17:59:19 +0300 (EEST) (envelope-from pete@he.iki.fi) Message-ID: <3F083946.9020706@he.iki.fi> Date: Sun, 06 Jul 2003 17:59:18 +0300 From: Petri Helenius User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3) Gecko/20030501 X-Accept-Language: English [en],Finnish [fi] MIME-Version: 1.0 To: Eugene Grosbein References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <3F078E39.ABC0822F@kuzbass.ru> <20030706002402.A58528@xorpc.icir.org> <3F07D3CD.4CC3B317@kuzbass.ru> <20030706021404.A94750@xorpc.icir.org> <3F07EEE6.1E4EBE41@kuzbass.ru> In-Reply-To: <3F07EEE6.1E4EBE41@kuzbass.ru> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit cc: Luigi Rizzo cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 14:59:26 -0000 Eugene Grosbein wrote: >Luigi Rizzo wrote: > > > >> >>How could the scheduler decide when to drain the queue ? >> >> > >It should move packets from zero-bw WFQ pipe the interface FIFO >as soon as possible but should consider weights >(100 packets from one queue then 1 from another and so on). > > > That would not be right because packets that need priority might arrive later than you move non-priority packets into the interface FIFO. The "right" way to do this is like Luigi mentioned, you have a rather short (a few packets, depending on interface/pipe bandwidth) hardware queue and then fill the hardware queue from your scheduling algorithm. If you're lucky enough to have more than one hardware queues, then it becomes an issue of doing the same thing but you can stuff the "bulk" data into the low-priority queue with larger hardware window. Any decent piece of hardware has at least 256 if not 1024 or 4096 transmit and receive descriptors, which is quite a long queue even at 100Mbps. Pete From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 10:33:14 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C08F737B43E for ; Sun, 6 Jul 2003 10:33:13 -0700 (PDT) Received: from woozle.rinet.ru (woozle.rinet.ru [195.54.192.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id B90D54400D for ; Sun, 6 Jul 2003 10:33:12 -0700 (PDT) (envelope-from marck@rinet.ru) Received: from localhost (localhost [127.0.0.1]) by woozle.rinet.ru (8.12.9/8.12.9) with ESMTP id h66HXBsp033234 for ; Sun, 6 Jul 2003 21:33:11 +0400 (MSD) (envelope-from marck@rinet.ru) Date: Sun, 6 Jul 2003 21:33:11 +0400 (MSD) From: Dmitry Morozovsky To: freebsd-net@freebsd.org Message-ID: <20030706213123.X10099@woozle.rinet.ru> X-NCC-RegID: ru.rinet MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Request for Review: bin/54151 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 17:33:15 -0000 Dear colleagues, would you please spend a bit of your time to review http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/54151 [patch to add -i option to arp(8)]? Thanks in advance; please keep me CC:d as I'm not subscribet to -net. Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru *** ------------------------------------------------------------------------ From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 12:06:37 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 58EC637B480 for ; Sun, 6 Jul 2003 12:06:37 -0700 (PDT) Received: from smtp.noos.fr (nan-smtp-09.noos.net [212.198.2.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 841D043FD7 for ; Sun, 6 Jul 2003 12:06:35 -0700 (PDT) (envelope-from spe@selectbourse.net) Received: (qmail 79893068 invoked by uid 0); 6 Jul 2003 19:06:32 -0000 Received: from unknown (HELO e104.dhcp212-198-134.noos.fr) ([212.198.134.104]) (envelope-sender ) by 212.198.2.80 (qmail-ldap-1.03) with SMTP for ; 6 Jul 2003 19:06:32 -0000 From: Sebastien Petit To: Andrea Venturoli Date: Sun, 6 Jul 2003 21:07:49 +0200 User-Agent: KMail/1.5.2 References: <200307061414.h66EERvf001317@soth.ventu> In-Reply-To: <200307061414.h66EERvf001317@soth.ventu> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200307062107.49221.spe@selectbourse.net> cc: freebsd-net@freebsd.org Subject: Re: vrrp problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 19:06:38 -0000 Hi, As I can see on your configuration, you must uncomment the line #[VRID] of the second section if you want to activate the second vrid. I think that it's the problem. Freevrrpd is in development for the moment so you must use the last revision of it (0.8.7 actually). Regards, Sebastien. -- spe@selectbourse.net On Sunday 06 July 2003 23:14, Andrea Venturoli wrote: > Hello. > > I'm trying to set up vrrp on two machines and while it seems to work on > one, it does not on the other. > > Here's my config: > > # This is a simple configuration file for freevrrpd > # Please read the documentation before modifying these parameters > # I recommend to not set addr to the unique and real ip of your server > because # if freevrrpd will shutdown, your server will don't have any IP > address. # a good utilization is to set a real IP address not managed by > freevrrpd and # then choosing an alias for the virtual IP address managed > by freevrrpd # > # Each VRID Section must begin with [VRID] keyword > > [VRID] > # serverid is needed to specify the number of the VRID, here VRID = 1 > serverid = 1 > > # you must set interface with a real interface name of your system > interface = xl0 > > # priority = 255 is a MASTER of the VRID > # priority < 255 is a BACKUP with a priority 0 to 254 > # 254 is a higher BACKUP priority > priority = 254 > > # addr option is need to specify ip address(es) associated with the VRID > # you can specify multiple addresses separated by ',' > # netmask is specified with CIDR notation so number after '/' represent the > # number of bits set to 1 for the netmask. > # eg: /24 is 11111111 11111111 11111111 00000000 = 255.255.255.0 > addr = 10.1.2.127/32 > > # if you want to authenticate your VRRP packets you can set a password > # associated with this VRID. this is not required but is you don't set a > # password, everybody in your LAN can generate VRRP packets without > # authentification. If you set this, you must set it to BACKUP VRID too, if > you # don't, all BACKUP VRRP packets will be rejected. > password = xxx > > # now, you can specify a script name to execute when this host became > master # of this VRID > #masterscript = "/usr/local/bin/master_script.sh" > > # and you can specify a script name to execute when this host became backup > # too > #backupscript = "/usr/local/bin/backup_script.sh" > > # if physical interface attached to VRID 1 fail you can specify one or more > # VRIDs that must go to backup state in the same time. (monitored circuits) > # in this example if rl0 is faulty, xl0 and bge0 go to backup state mode > # This is extremly useful to avoir blackhole with Firewalls with two > interfaces #vridsdep = 2, 3 > > #[VRID] > serverid = 2 > interface = xl0 > priority = 255 > addr = 10.1.2.126/32 > password = xxx > > > As you can see I defined two VRID, but also tried the first one alone (and > also as a master). > > > > > > And here's what I see when I do freevrrp -F: > > initialize ! > VServer ID : 2 > VServer PRIO : 255 > VServer ETHADDR : 00:00:5e:00:01:02 > VServer CNT_IP : 1 > VServer IPs : > 10.1.2.126 > VServer ADV_INT : 1 > VServer MASTER_DW_TM : 3 > VServer SKEW_TIME : 0 > VServer State : 0 > Server IF_NAME : xl0 > Server NB_IP : 1 > Server IPs : > 10.1.2.15 > Server ETHADDR : 00:50:04:22:a9:c0 > > > but then nothing's happen. Is it normal that only one VRID is displayed? > > > > I see igmp packet going out on xl0 (which I happened sometimes to block > with ipfw) and vrrp packets going out (which ipfw should not allow, but > pass anyway), but ifconfig gives: > > xl0: flags=8943 mtu 1500 > options=3 > inet 10.1.2.15 netmask 0xffffff00 broadcast 10.1.2.255 > ether 00:50:04:22:a9:c0 > media: Ethernet 10baseT/UTP (10baseT/UTP ) > ed0: flags=8943 mtu 1500 > inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255 > ether 52:54:40:28:e5:a2 > lo0: flags=8049 mtu 16384 > inet 127.0.0.1 netmask 0xff000000 > > What I would expect is that xl0 gets both 10.1.2.126 and 10.1.2.127, since > I've not started vrrp on the other machine yet. > > > In the log I see: > > freevrrpd[532]: initializing threads and all VRID > freevrrpd[532]: reading configuration file /usr/local/etc/freevrrpd.conf > > and when I quit: > > freevrrpd[532]: restoring real MAC address: 00:50:04:22:A9:C0 for interface > xl0 > > > Sometimes, but not often, a message will appear like: > > freevrrpd[15704]: interface xl0 is faulty, deactivated from VRRP VRIDs > > > So my question is: how do I start debugging this? > > > bye & Thanks > av. > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 13:37:00 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1544C37B401 for ; Sun, 6 Jul 2003 13:37:00 -0700 (PDT) Received: from smtp3.libero.it (smtp3.libero.it [193.70.192.127]) by mx1.FreeBSD.org (Postfix) with ESMTP id 52C6B43FF7 for ; Sun, 6 Jul 2003 13:36:59 -0700 (PDT) (envelope-from ml.ventu@flashnet.it) Received: from soth.ventu (151.38.127.191) by smtp3.libero.it (7.0.012) id 3EE735C6007E8E83 for freebsd-net@freebsd.org; Sun, 6 Jul 2003 22:36:57 +0200 Received: from mailer (xanatar.ventu [10.1.2.6]) by soth.ventu (8.12.6p2/8.12.6) with SMTP id h66Kauvg002621 for ; Sun, 6 Jul 2003 22:36:57 +0200 (CEST) (envelope-from ml.ventu@flashnet.it) Message-Id: <200307062036.h66Kauvg002621@soth.ventu> To: freebsd-net@freebsd.org Priority: Normal X-Mailer: Post Road Mailer for OS/2 (Green Edition Ver 3.0) Date: Sun, 6 Jul 2003 22:36:56 EST From: Andrea Venturoli Subject: Re: vrrp problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Andrea Venturoli List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 20:37:00 -0000 ** Reply to note from Sebastien Petit Sun, 6 Jul 2003 21:07:49 +0200 > As I can see on your configuration, you must uncomment the line #[VRID] of the > second section if you want to activate the second vrid. I think that it's the > problem. Thanks for pointing it out, however, after uncommenting it the behaviour did not change (apart from the fact that now I see both listed). Still nothing happens. > Freevrrpd is in development for the moment so you must use the last revision > of it (0.8.7 actually). That's what I'm using. bye & Thanks av. From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 14:53:03 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C9E3037B401 for ; Sun, 6 Jul 2003 14:53:03 -0700 (PDT) Received: from smtp.noos.fr (nan-smtp-05.noos.net [212.198.2.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8523843F75 for ; Sun, 6 Jul 2003 14:53:02 -0700 (PDT) (envelope-from spe@selectbourse.net) Received: (qmail 4839820 invoked by uid 0); 6 Jul 2003 21:53:00 -0000 Received: from unknown (HELO e104.dhcp212-198-134.noos.fr) ([212.198.134.104]) (envelope-sender ) by 212.198.2.74 (qmail-ldap-1.03) with SMTP for ; 6 Jul 2003 21:53:00 -0000 From: Sebastien Petit To: Andrea Venturoli Date: Sun, 6 Jul 2003 23:54:17 +0200 User-Agent: KMail/1.5.2 References: <200307062036.h66Kauvg002621@soth.ventu> In-Reply-To: <200307062036.h66Kauvg002621@soth.ventu> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200307062354.17066.spe@selectbourse.net> cc: freebsd-net@freebsd.org Subject: Re: vrrp problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2003 21:53:04 -0000 I think that this thread is not a good place for freebsd-net... can you send me your FreeBSD revision and all logs with the line: !freevrrpd *.* /var/log/freevrrpd.log setted on your syslog.conf file at my address directly ? normally your configuration must work on FreeBSD-4.x Thank you, Regards, Sebastien. -- spe@selectbourse.net On Monday 07 July 2003 05:36, Andrea Venturoli wrote: > ** Reply to note from Sebastien Petit Sun, 6 Jul > 2003 21:07:49 +0200 > > > As I can see on your configuration, you must uncomment the line #[VRID] > > of the second section if you want to activate the second vrid. I think > > that it's the problem. > > Thanks for pointing it out, however, after uncommenting it the behaviour > did not change (apart from the fact that now I see both listed). > Still nothing happens. > > > Freevrrpd is in development for the moment so you must use the last > > revision of it (0.8.7 actually). > > That's what I'm using. > > bye & Thanks > av. > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sun Jul 6 22:05:04 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8683637B401 for ; Sun, 6 Jul 2003 22:05:04 -0700 (PDT) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4C95043FD7 for ; Sun, 6 Jul 2003 22:05:00 -0700 (PDT) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82])h6754uCo056693; Mon, 7 Jul 2003 13:04:56 +0800 (KRAST) (envelope-from eugen@kuzbass.ru) Message-ID: <3F08FEBF.C121F4CE@kuzbass.ru> Date: Mon, 07 Jul 2003 13:01:51 +0800 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.8 [en] (Win98; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: Luigi Rizzo References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <3F078E39.ABC0822F@kuzbass.ru> <20030706002402.A58528@xorpc.icir.org> <3F07D3CD.4CC3B317@kuzbass.ru> <20030706021404.A94750@xorpc.icir.org> <3F07EEE6.1E4EBE41@kuzbass.ru> <20030706070646.B17595@xorpc.icir.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2003 05:05:04 -0000 > > > How could the scheduler decide when to drain the queue ? > > It should move packets from zero-bw WFQ pipe the interface FIFO > > as soon as possible but should consider weights > with infinite bandwidth (that is what 'bw 0' means), > "as soon as possible" means immediately, so you will > never have anything in the dummynet queues, and weights > would have no purpose. Ok, I've got this. Perhaps, I need to setup 2bmit dummynet pipe. > > Well, I could do that but my configuration is different. > > My FreeBSD router does not have WaveLan interface. Instead, I have > > another device (named "RWR") with one 10Mbit Ethernet interface > > and one 2Mbit WaveLan interface. RWR can pass traffic with non-zero > > IP Precedence first. FreeBSD has fxp(4) 100Mbit Ethernet card that > > connects it to the RWR. So I see no reason to patch fxp(4) here :-) > > so what's your problem then ??? Cisco3640<-ethernet/LAN1->FreeBSD<-ethernet->RWR1<-radio- -radio>RWR2<-ethernet/LAN2>-ATA186 The first problem is that VoIP is delay-intolerate. The second problem is that WaveLan is 2mbit only and is overloaded. The other problem is that routers in the chain are loaded significantly. So the goal is to make voice traffic prioritized over the whole chain of routers. Cisco can pass VoIP before other traffic ("ip rtp priority" command), RWRs can too. Is FreeBSD capable of prioritizing VoIP in this scenario? I hope it is. Perhaps, I need 2mbit dummynet queue for traffing that goes to LAN2 (and back to LAN2) and different weights for VoIP and other flows. Am I right? Eugene Grosbein From owner-freebsd-net@FreeBSD.ORG Mon Jul 7 00:36:59 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1267737B401 for ; Mon, 7 Jul 2003 00:36:59 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 81D8343FCB for ; Mon, 7 Jul 2003 00:36:58 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h677awkN057030; Mon, 7 Jul 2003 00:36:58 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h677awOE057028; Mon, 7 Jul 2003 00:36:58 -0700 (PDT) (envelope-from rizzo) Date: Mon, 7 Jul 2003 00:36:57 -0700 From: Luigi Rizzo To: Eugene Grosbein Message-ID: <20030707003656.A56037@xorpc.icir.org> References: <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <3F078E39.ABC0822F@kuzbass.ru> <20030706002402.A58528@xorpc.icir.org> <3F07D3CD.4CC3B317@kuzbass.ru> <20030706021404.A94750@xorpc.icir.org> <3F07EEE6.1E4EBE41@kuzbass.ru> <20030706070646.B17595@xorpc.icir.org> <3F08FEBF.C121F4CE@kuzbass.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3F08FEBF.C121F4CE@kuzbass.ru>; from eugen@kuzbass.ru on Mon, Jul 07, 2003 at 01:01:51PM +0800 cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2003 07:36:59 -0000 If, in your description, RWRs already do prioritization, that is all what matters, them being the bottleneck nodes. I still believe your problem is elsewhere. Maybe the RWR's do not do prioritization despite their claims. Perhaps your link is just way too overloaded and you need to shape other traffic so that it does not fill up the queue between two subsequent packets (causing drops -- are you sure you aren't seeing drops rather than just delay ?) You said the LAN links are 100Mbit, so even if there is queueing there, 50pkts at 1MSS mean 75Kbyte or 600Kbits which is about 6ms each way -- that cannot be a problem; even at 10Mbit, you have 60ms which is a bit on the high side but ok-ish. cheers luigi On Mon, Jul 07, 2003 at 01:01:51PM +0800, Eugene Grosbein wrote: ... > > so what's your problem then ??? > > Cisco3640<-ethernet/LAN1->FreeBSD<-ethernet->RWR1<-radio- > -radio>RWR2<-ethernet/LAN2>-ATA186 > > The first problem is that VoIP is delay-intolerate. > The second problem is that WaveLan is 2mbit only and is overloaded. > The other problem is that routers in the chain are loaded significantly. > So the goal is to make voice traffic prioritized over the whole > chain of routers. > > Cisco can pass VoIP before other traffic ("ip rtp priority" command), > RWRs can too. Is FreeBSD capable of prioritizing VoIP in this scenario? > I hope it is. Perhaps, I need 2mbit dummynet queue for traffing that > goes to LAN2 (and back to LAN2) and different weights for VoIP > and other flows. Am I right? > > Eugene Grosbein From owner-freebsd-net@FreeBSD.ORG Mon Jul 7 10:23:54 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 75D6B37B401 for ; Mon, 7 Jul 2003 10:23:54 -0700 (PDT) Received: from gw.catspoiler.org (217-ip-163.nccn.net [209.79.217.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC30743F85 for ; Mon, 7 Jul 2003 10:23:53 -0700 (PDT) (envelope-from truckman@FreeBSD.org) Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2]) by gw.catspoiler.org (8.12.9/8.12.9) with ESMTP id h67HNhM7008249; Mon, 7 Jul 2003 10:23:47 -0700 (PDT) (envelope-from truckman@FreeBSD.org) Message-Id: <200307071723.h67HNhM7008249@gw.catspoiler.org> Date: Mon, 7 Jul 2003 10:23:43 -0700 (PDT) From: Don Lewis To: marck@rinet.ru In-Reply-To: <20030706213123.X10099@woozle.rinet.ru> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii cc: freebsd-net@FreeBSD.org Subject: Re: Request for Review: bin/54151 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2003 17:23:54 -0000 On 6 Jul, Dmitry Morozovsky wrote: > Dear colleagues, > > would you please spend a bit of your time to review > http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/54151 > [patch to add -i option to arp(8)]? > > Thanks in advance; please keep me CC:d as I'm not subscribet to -net. The first patch looks ok except for the text of the error message at source line 157. I don't think the second patch is necessary. It might be better to print a error message if no matching arp entries are found, since each broadcast interface should at least have its own permanent arp entry. Checking versus the full interface list doesn't do the correct thing in any case since non-broadcast interfaces like lo0, serial WAN interfaces, etc., don't have arp entries. Should arp -i lo0 -a be totally silent, or should it print an error message? From owner-freebsd-net@FreeBSD.ORG Mon Jul 7 10:36:57 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 755FE37B401; Mon, 7 Jul 2003 10:36:57 -0700 (PDT) Received: from woozle.rinet.ru (woozle.rinet.ru [195.54.192.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3440B43F3F; Mon, 7 Jul 2003 10:36:56 -0700 (PDT) (envelope-from marck@rinet.ru) Received: from localhost (localhost [127.0.0.1]) by woozle.rinet.ru (8.12.9/8.12.9) with ESMTP id h67Hassp000432; Mon, 7 Jul 2003 21:36:54 +0400 (MSD) (envelope-from marck@rinet.ru) Date: Mon, 7 Jul 2003 21:36:54 +0400 (MSD) From: Dmitry Morozovsky To: Don Lewis In-Reply-To: <200307071723.h67HNhM7008249@gw.catspoiler.org> Message-ID: <20030707213257.N48906@woozle.rinet.ru> References: <200307071723.h67HNhM7008249@gw.catspoiler.org> X-NCC-RegID: ru.rinet MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@FreeBSD.org Subject: Re: Request for Review: bin/54151 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2003 17:36:57 -0000 DL> > would you please spend a bit of your time to review DL> > http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/54151 DL> > [patch to add -i option to arp(8)]? DL> > DL> > Thanks in advance; please keep me CC:d as I'm not subscribet to -net. DL> DL> The first patch looks ok except for the text of the error message at DL> source line 157. Well, it's a piece of old junk: firstly, I used strdup(), and then realized it isn't necessary for argv. So, these lines possibly should look simply like @@ -151,6 +154,11 @@ case 'f' : SETFUNC(F_FILESET); break; + case 'i': + rifname = optarg; + if (checkifname(rifname) == 0) + errx(1, "no such interface: %s", rifname); + break; case '?': default: usage(); DL> I don't think the second patch is necessary. It might be better to DL> print a error message if no matching arp entries are found, since each DL> broadcast interface should at least have its own permanent arp entry. DL> Checking versus the full interface list doesn't do the correct thing in DL> any case since non-broadcast interfaces like lo0, serial WAN interfaces, DL> etc., don't have arp entries. Should DL> arp -i lo0 -a DL> be totally silent, or should it print an error message? Yeah, that was exactly the cause I have separated these two patches. ;-) Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru *** ------------------------------------------------------------------------ From owner-freebsd-net@FreeBSD.ORG Mon Jul 7 13:10:01 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EA36537B401 for ; Mon, 7 Jul 2003 13:10:01 -0700 (PDT) Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234]) by mx1.FreeBSD.org (Postfix) with SMTP id B093443F3F for ; Mon, 7 Jul 2003 13:10:00 -0700 (PDT) (envelope-from bms@hysteria.spc.org) Received: (qmail 17140 invoked by uid 5013); 7 Jul 2003 20:08:05 -0000 Date: Mon, 7 Jul 2003 21:08:05 +0100 From: Bruce M Simpson To: Dmitry Morozovsky Message-ID: <20030707200805.GF32325@spc.org> Mail-Followup-To: Bruce M Simpson , Dmitry Morozovsky , freebsd-net@freebsd.org References: <20030706213123.X10099@woozle.rinet.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030706213123.X10099@woozle.rinet.ru> User-Agent: Mutt/1.4.1i cc: freebsd-net@freebsd.org Subject: Re: Request for Review: bin/54151 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2003 20:10:02 -0000 On Sun, Jul 06, 2003 at 09:33:11PM +0400, Dmitry Morozovsky wrote: > Dear colleagues, > > would you please spend a bit of your time to review > http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/54151 > [patch to add -i option to arp(8)]? I think this sort of thing is badly needed, especially for the router/VLAN scenarios which you envisage. However, one thing which has always bothered me is the message: arp: actual retrieval of routing table I've seen this when the arp table is in an undefined state, i.e. empty, it could be more helpfully worded. BMS From owner-freebsd-net@FreeBSD.ORG Mon Jul 7 13:14:44 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 87A3337B401 for ; Mon, 7 Jul 2003 13:14:44 -0700 (PDT) Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234]) by mx1.FreeBSD.org (Postfix) with SMTP id 57A3B43FA3 for ; Mon, 7 Jul 2003 13:14:43 -0700 (PDT) (envelope-from bms@hysteria.spc.org) Received: (qmail 17179 invoked by uid 5013); 7 Jul 2003 20:12:47 -0000 Date: Mon, 7 Jul 2003 21:12:47 +0100 From: Bruce M Simpson To: Luigi Rizzo Message-ID: <20030707201247.GG32325@spc.org> References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030705123332.A60972@xorpc.icir.org> User-Agent: Mutt/1.4.1i cc: Eugene Grosbein cc: Eugene Grosbein cc: net@freebsd.org Subject: Re: ipprecedence X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2003 20:14:44 -0000 On Sat, Jul 05, 2003 at 12:33:32PM -0700, Luigi Rizzo wrote: > permit. Certain hardware even has multiple, prioritized > transmit rings, but there is no support for them in our > drivers (basically we don't have an API for that). One example which immediately springs to mind is the RTL8139C+ which Bill Paul has been playing with this very week. Also, my Efficient Networks Lanai based ATM adapter has support of kinds for this (albeit in ATM-land), even the fxp has Intel's proprietary Priority Packet software for it (pardon the pun). With the increased interest in VoIP and similar these days, perhaps hardware DS/QoS support of this nature is something the project should explore? I have heard the 'provision your network correctly' argument against this, but this doesn't address the problem of pushing isochronous traffic through a narrow pipe used to connect a branch office, so I find it unhelpful. BMS From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 02:09:28 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D8AE637B401 for ; Tue, 8 Jul 2003 02:09:28 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5DBAF43FB1 for ; Tue, 8 Jul 2003 02:09:28 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h6899SkN093920; Tue, 8 Jul 2003 02:09:28 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h6899RrM093919; Tue, 8 Jul 2003 02:09:27 -0700 (PDT) (envelope-from rizzo) Date: Tue, 8 Jul 2003 02:09:27 -0700 From: Luigi Rizzo To: Bruce M Simpson Message-ID: <20030708020927.A89198@xorpc.icir.org> References: <20030703002247.A2097@grosbein.pp.ru> <3F0310CE.5070302@tenebras.com> <3F03867A.79F82968@kuzbass.ru> <20030705123332.A60972@xorpc.icir.org> <20030707201247.GG32325@spc.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030707201247.GG32325@spc.org>; from bms@spc.org on Mon, Jul 07, 2003 at 09:12:47PM +0100 cc: Eugene Grosbein cc: net@freebsd.org Subject: QoS/device API (was Re: ipprecedence) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 09:09:29 -0000 On Mon, Jul 07, 2003 at 09:12:47PM +0100, Bruce M Simpson wrote: ... > With the increased interest in VoIP and similar these days, perhaps hardware > DS/QoS support of this nature is something the project should explore? the usual problem here is that if you want your mechanisms to be useful, you should implement them in software first (even though it has a performance impact), and then exploit the hw capabilities when/if they are present and useful (e.g. on a slow link and fast CPU, you don't care too much about separate hw queues). The 'if_tx_rdy' dummynet trick that i mentioned does cover the software part, and i believe it can be made reasonably cheap (i.e. skip the function call if no pipes are registered to be clocked by that interface) so that it will not harm performance in the general case. If there is interest, i can look into doing this change and adding this call to our device drivers. cheers luigi From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 04:45:21 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5BFAB37B401 for ; Tue, 8 Jul 2003 04:45:21 -0700 (PDT) Received: from fep03-svc.mail.telepac.pt (fep03-svc.mail.telepac.pt [194.65.5.202]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE9B343FBD for ; Tue, 8 Jul 2003 04:45:19 -0700 (PDT) (envelope-from guilherme@nortenet.pt) Received: from nortenet.pt ([213.13.123.140]) by fep03-svc.mail.telepac.pt (InterMail vM.5.01.04.13 201-253-122-122-113-20020313) with ESMTP id <20030708114518.NNRF1913.fep03-svc.mail.telepac.pt@nortenet.pt> for ; Tue, 8 Jul 2003 12:45:18 +0100 Message-ID: <3F0AAECD.4070601@nortenet.pt> Date: Tue, 08 Jul 2003 12:45:17 +0100 From: Guilherme Oliveira User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3.1) Gecko/20030521 X-Accept-Language: pt, pt-br, en-us, en MIME-Version: 1.0 To: FreeBSD-NET@FreeBSD.ORG Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Acess to virtual hosts are being blocked by natd/firewall X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 11:45:21 -0000 Hi ! I've configured a dmz and our workstations (192.168.0) acess to external sites very well. But sites that are hosted in 192.168.1 that are port_redirected by natd with static ip are blocked only if acessed by our workstations with 192.168.0 From internet is fine. It blocks www.site-example.com and xxx.xxx.xxx.xxx. It only works with 192.168.1.2 ! /kernel: Connection attempt to TCP xxx.xxx.xxx.xxx:80 from 192.168.0.3:2366 My natd it's configured with natd_flags="-l -s -m -u -dynamic -log_denied -log_ipfw_denied -redirect_port tcp 192.168.1.2:80 xxx.xxx.xxx.xxx:80" The firewall is configured to "OPEN". netstat -r in natd: default adsl-b3-72-1.telep UGSc 2 4300 tun0 localhost localhost UH 0 0 lo0 192.168.0 link#2 UC 5 0 xl1 192.168.0.2 00:e0:7d:ed:1b:de UHLW 0 38 xl1 940 192.168.0.3 00:50:eb:1d:80:dd UHLW 1 379 xl1 657 192.168.0.5 00:08:02:cf:1b:6d UHLW 0 1262 xl1 349 192.168.0.6 00:c0:df:09:a1:31 UHLW 0 24 xl1 560 192.168.0.7 00:c0:df:09:ab:e7 UHLW 0 977 xl1 521 192.168.1 link#3 UC 1 0 xl2 192.168.1.2 00:04:75:e9:c0:04 UHLW 1 257 xl2 331 adsl-b3-72-1.telep adslemp-b3-123-140 UH 2 0 tun0 adslemp-b3-121-73. link#1 UC 0 0 xl0 adslemp-b3-121-74. link#1 UC 0 0 xl0 adslemp-b3-121-75. link#1 UC 0 0 xl0 adslemp-b3-121-76. link#1 UC 0 0 xl0 adslemp-b3-121-77. link#1 UC 0 0 xl0 adslemp-b3-121-78. link#1 UC 0 0 xl0 netstat -r in workstation: Internet: Destination Gateway Flags Refs Use Netif Expire default sarpa UGSc 10 0 sis0 localhost localhost UH 0 140 lo0 192.168.0 link#1 UC 2 0 sis0 sarpa 00:04:75:e0:d4:52 UHLW 12 12204 sis0 596 parpa 00:50:eb:1d:80:dd UHLW 0 39 lo0 It's natd problem or ipfw ? From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 05:57:27 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6BF8E37B401 for ; Tue, 8 Jul 2003 05:57:27 -0700 (PDT) Received: from hotmail.com (law11-f80.law11.hotmail.com [64.4.17.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 15E0B43F93 for ; Tue, 8 Jul 2003 05:57:27 -0700 (PDT) (envelope-from yqyq22@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 8 Jul 2003 05:57:26 -0700 Received: from 212.80.178.17 by lw11fd.law11.hotmail.msn.com with HTTP; Tue, 08 Jul 2003 12:57:22 GMT X-Originating-IP: [212.80.178.17] X-Originating-Email: [yqyq22@hotmail.com] From: "diego maradona" To: freebsd-net@freebsd.org Date: Tue, 08 Jul 2003 14:57:22 +0200 Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Message-ID: X-OriginalArrivalTime: 08 Jul 2003 12:57:26.0822 (UTC) FILETIME=[7B806C60:01C34550] Subject: network device X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 12:57:27 -0000 Dear all, There is a way to install a 2 network device with fault tolerance(active-standby) or with load-balancing( virtual ip address)? thanks in advance yqyq22 _________________________________________________________________ MSN Extra Storage: piena libertà di esprimersi e comunicare http://www.msn.it/msnservizi/es/?xAPID=534&DI=1044&SU=http://hotmail.it/&HL=HMTAGTX_MSN_Extra_Storage From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 06:37:37 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4FE8137B401 for ; Tue, 8 Jul 2003 06:37:37 -0700 (PDT) Received: from fep01-svc.mail.telepac.pt (fep01-svc.mail.telepac.pt [194.65.5.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B2C443FB1 for ; Tue, 8 Jul 2003 06:37:36 -0700 (PDT) (envelope-from guilherme@nortenet.pt) Received: from nortenet.pt ([213.13.123.140]) by fep01-svc.mail.telepac.pt (InterMail vM.5.01.04.13 201-253-122-122-113-20020313) with ESMTP id <20030708133734.GFMR25665.fep01-svc.mail.telepac.pt@nortenet.pt>; Tue, 8 Jul 2003 14:37:34 +0100 Message-ID: <3F0AC91A.9000502@nortenet.pt> Date: Tue, 08 Jul 2003 14:37:30 +0100 From: Guilherme Oliveira User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3.1) Gecko/20030521 X-Accept-Language: pt, pt-br, en-us, en MIME-Version: 1.0 To: FreeBSD-NET References: <3F0AAECD.4070601@nortenet.pt> <20030708131016.GA32225@wjv.com> In-Reply-To: <20030708131016.GA32225@wjv.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Acess to virtual hosts are being blocked by natd/firewall X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 13:37:37 -0000 I've done that but it's not working. It's strange because if I ping www.site-example.com it goes to the right static ip. So it's pinging the right server. It could be apache configs but it happens also in qmail, ... I think it's natd but don't know how ... From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 07:34:34 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2BE9337B401 for ; Tue, 8 Jul 2003 07:34:34 -0700 (PDT) Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234]) by mx1.FreeBSD.org (Postfix) with SMTP id E81FD43F85 for ; Tue, 8 Jul 2003 07:34:32 -0700 (PDT) (envelope-from bms@hysteria.spc.org) Received: (qmail 29598 invoked by uid 5013); 8 Jul 2003 14:32:35 -0000 Date: Tue, 8 Jul 2003 15:32:35 +0100 From: Bruce M Simpson To: "M. Warner Losh" Message-ID: <20030708143235.GK22331@spc.org> Mail-Followup-To: Bruce M Simpson , "M. Warner Losh" , sam@errno.com, freebsd-net@freebsd.org, consume-thenet@lists.consume.net References: <20030708055626.GH22331@spc.org> <20030708.060709.22312307.imp@bsdimp.com> <686583785.1057648110@melange.errno.com> <20030708.081303.122408805.imp@bsdimp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030708.081303.122408805.imp@bsdimp.com> User-Agent: Mutt/1.4.1i cc: sam@errno.com cc: consume-thenet@lists.consume.net cc: freebsd-net@freebsd.org Subject: AODV RFC is now ratified X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 14:34:34 -0000 On Tue, Jul 08, 2003 at 08:13:03AM -0600, M. Warner Losh wrote: > Cool! Hopefully this work will include fixing lucent cards too :-) Hail Eris. All hail Discordia. By the way, have you seen RFC 3561? It's just out. http://www.faqs.org/rfcs/rfc3561.html Ad hoc On-Demand Distance Vector (AODV) Routing I'm putting together a brief FreeBSD HOWTO -- 'On-demand Routing with XRESOLVE for Dummies' -- hinted at by fenestro. My technique is quite simple, I create a CLONE+XRESOLVE route pointing to disc0 (to avoid routing loops when ip forwarding is enabled) for the route(s) intended to use the wireless cloud as a next-hop, then listen for RTM_RESOLVE messages when the stack tries to use those route entries to clone routes from. That then enables our hypothetical aodvd to issue RTM_CHANGE to route the data to its peer. Seems pretty clean. We can of course tweak the net.inet.ip.rt* cache tunables to prevent the stack getting swamped with stale wireless routes. I may not be able to get AODV all done on my own, but I may have a crack at it - have a lot on my plate just now. BMS From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 07:58:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A169337B401 for ; Tue, 8 Jul 2003 07:58:19 -0700 (PDT) Received: from exchange.wan.no (exchange.wan.no [80.86.128.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7D6E943F93 for ; Tue, 8 Jul 2003 07:58:18 -0700 (PDT) (envelope-from sten.daniel.sorsdal@wan.no) X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Tue, 8 Jul 2003 16:57:05 +0200 Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07DEE4@exchange.wanglobal.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Acess to virtual hosts are being blocked by natd/firewall Thread-Index: AcNFVf3G9DmQ7QSpTcCAgwjyd11L1AACtncQ From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= To: "Guilherme Oliveira" , "FreeBSD-NET" Subject: RE: Acess to virtual hosts are being blocked by natd/firewall X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 14:58:19 -0000 >=20 > I've done that but it's not working. >=20 > It's strange because if I ping www.site-example.com it goes=20 > to the right=20 > static ip. > So it's pinging the right server. >=20 > It could be apache configs but it happens also in qmail, ... >=20 > I think it's natd but don't know how ... >=20 Make sure that you are diverting the traffic from LAN to DMZ via NATD. - Sten From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 08:22:18 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A73DC37B401 for ; Tue, 8 Jul 2003 08:22:18 -0700 (PDT) Received: from fep01-svc.mail.telepac.pt (fep01-svc.mail.telepac.pt [194.65.5.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7623743FDF for ; Tue, 8 Jul 2003 08:22:17 -0700 (PDT) (envelope-from guilherme@nortenet.pt) Received: from nortenet.pt ([213.13.123.140]) by fep01-svc.mail.telepac.pt (InterMail vM.5.01.04.13 201-253-122-122-113-20020313) with ESMTP id <20030708152214.HQXV25665.fep01-svc.mail.telepac.pt@nortenet.pt>; Tue, 8 Jul 2003 16:22:14 +0100 Message-ID: <3F0AE1A2.9080100@nortenet.pt> Date: Tue, 08 Jul 2003 16:22:10 +0100 From: Guilherme Oliveira User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3.1) Gecko/20030521 X-Accept-Language: pt, pt-br, en-us, en MIME-Version: 1.0 To: FreeBSD-NET , References: <0AF1BBDF1218F14E9B4CCE414744E70F07DEE4@exchange.wanglobal.net> In-Reply-To: <0AF1BBDF1218F14E9B4CCE414744E70F07DEE4@exchange.wanglobal.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: Acess to virtual hosts are being blocked by natd/firewall X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 15:22:18 -0000 Sten Daniel Sørsdal wrote: > Make sure that you are diverting the traffic from LAN to DMZ via NATD. I didn'tunderstand very well: ipfw is not doing this thrue the "OPEN" configuration by default ? From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 08:58:26 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 559B237B401 for ; Tue, 8 Jul 2003 08:58:26 -0700 (PDT) Received: from exchange.wan.no (exchange.wan.no [80.86.128.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8FA6543F3F for ; Tue, 8 Jul 2003 08:58:24 -0700 (PDT) (envelope-from sten.daniel.sorsdal@wan.no) X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Tue, 8 Jul 2003 17:57:10 +0200 Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07DEE6@exchange.wanglobal.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Acess to virtual hosts are being blocked by natd/firewall Thread-Index: AcNFZJ40nKVfnq7OQkScXXzjo8NepQAApdBw From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= To: "Guilherme Oliveira" , "FreeBSD-NET" Subject: RE: Acess to virtual hosts are being blocked by natd/firewall X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 15:58:26 -0000 > Sten Daniel S=F8rsdal wrote: > > Make sure that you are diverting the traffic from LAN to=20 > DMZ via NATD. >=20 > I didn'tunderstand very well: > ipfw is not doing this thrue the "OPEN" configuration by default ? >=20 No. in rc.firewall (line 124): ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} This line only NAT's traffic going in and out of your upstream = interface. in "OPEN" configuration it NATs the traffic from LAN and DMZ -to/from- = internet. Not between the LAN and DMZ area, which is what you need. You could look into setting up your own little proxy DNS (such as = pdnsd). Add the servers to hosts file on your workstations, or make it NAT the = way you want. - Sten From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 18:10:51 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A086D37B401 for ; Tue, 8 Jul 2003 18:10:51 -0700 (PDT) Received: from ztxmail03.ztx.compaq.com (ztxmail03.ztx.compaq.com [161.114.1.207]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1785443FB1 for ; Tue, 8 Jul 2003 18:10:50 -0700 (PDT) (envelope-from swaminathan.vasudevan@hp.com) Received: from cceexg11.americas.cpqcorp.net (cceexg11.americas.cpqcorp.net [16.110.250.125]) by ztxmail03.ztx.compaq.com (Postfix) with ESMTP id 90A97A0FF for ; Tue, 8 Jul 2003 20:10:49 -0500 (CDT) Received: from cceexc19.americas.cpqcorp.net ([16.110.250.85]) by cceexg11.americas.cpqcorp.net with Microsoft SMTPSVC(5.0.2195.6673); Tue, 8 Jul 2003 20:10:49 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Tue, 8 Jul 2003 20:10:48 -0500 Message-ID: <702A044A49E1764B8BAEE8C0AE76A578066F2B2C@cceexc19.americas.cpqcorp.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: How can I write a test application for the Network Drivers in FreeBSD Thread-Index: AcNFg1QeFqh3vev2TZWfkOsbbHhoAQAMzgEw From: "Vasudevan, Swaminathan (PNB Roseville)" To: X-OriginalArrivalTime: 09 Jul 2003 01:10:49.0437 (UTC) FILETIME=[EF1AA0D0:01C345B6] Subject: How can I write a test application for the Network Drivers in FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 01:10:51 -0000 Hi, Could any one give an example of writing applications for testing the = Network Drivers in FreeBSD. Thanks Swami -----Original Message----- From: freebsd-net-request@freebsd.org = [mailto:freebsd-net-request@freebsd.org]=20 Sent: Tuesday, July 08, 2003 12:01 PM To: freebsd-net@freebsd.org Subject: freebsd-net Digest, Vol 16, Issue 2 Send freebsd-net mailing list submissions to freebsd-net@freebsd.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freebsd.org/mailman/listinfo/freebsd-net or, via email, send a message with subject or body 'help' to freebsd-net-request@freebsd.org You can reach the person managing the list at freebsd-net-owner@freebsd.org When replying, please edit your Subject line so it is more specific than = "Re: Contents of freebsd-net digest..." Today's Topics: 1. Re: Request for Review: bin/54151 (Bruce M Simpson) 2. Re: ipprecedence (Bruce M Simpson) 3. QoS/device API (was Re: ipprecedence) (Luigi Rizzo) 4. Acess to virtual hosts are being blocked by natd/firewall (Guilherme Oliveira) 5. network device (diego maradona) 6. Re: Acess to virtual hosts are being blocked by natd/firewall (Guilherme Oliveira) 7. AODV RFC is now ratified (Bruce M Simpson) 8. RE: Acess to virtual hosts are being blocked by natd/firewall (Sten Daniel S?rsdal) 9. Re: Acess to virtual hosts are being blocked by natd/firewall (Guilherme Oliveira) 10. RE: Acess to virtual hosts are being blocked by natd/firewall (Sten Daniel S?rsdal) ---------------------------------------------------------------------- Message: 1 Date: Mon, 7 Jul 2003 21:08:05 +0100 From: Bruce M Simpson Subject: Re: Request for Review: bin/54151 To: Dmitry Morozovsky Cc: freebsd-net@freebsd.org Message-ID: <20030707200805.GF32325@spc.org> Content-Type: text/plain; charset=3Dus-ascii On Sun, Jul 06, 2003 at 09:33:11PM +0400, Dmitry Morozovsky wrote: > Dear colleagues, >=20 > would you please spend a bit of your time to review=20 > http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dbin/54151 > [patch to add -i option to arp(8)]? I think this sort of thing is badly needed, especially for the = router/VLAN scenarios which you envisage. However, one thing which has always bothered me is the message: arp: actual retrieval of routing table I've seen this when the arp table is in an undefined state, i.e. empty, = it could be more helpfully worded. BMS ------------------------------ Message: 2 Date: Mon, 7 Jul 2003 21:12:47 +0100 From: Bruce M Simpson Subject: Re: ipprecedence To: Luigi Rizzo Cc: Eugene Grosbein Message-ID: <20030707201247.GG32325@spc.org> Content-Type: text/plain; charset=3Dus-ascii On Sat, Jul 05, 2003 at 12:33:32PM -0700, Luigi Rizzo wrote: > permit. Certain hardware even has multiple, prioritized transmit=20 > rings, but there is no support for them in our drivers (basically we=20 > don't have an API for that). One example which immediately springs to mind is the RTL8139C+ which = Bill Paul has been playing with this very week. Also, my Efficient Networks Lanai based ATM adapter has support of kinds = for this (albeit in ATM-land), even the fxp has Intel's proprietary = Priority Packet software for it (pardon the pun). With the increased interest in VoIP and similar these days, perhaps = hardware DS/QoS support of this nature is something the project should = explore? I have heard the 'provision your network correctly' argument against = this, but this doesn't address the problem of pushing isochronous = traffic through a narrow pipe used to connect a branch office, so I find = it unhelpful. BMS ------------------------------ Message: 3 Date: Tue, 8 Jul 2003 02:09:27 -0700 From: Luigi Rizzo Subject: QoS/device API (was Re: ipprecedence) To: Bruce M Simpson Cc: Eugene Grosbein Message-ID: <20030708020927.A89198@xorpc.icir.org> Content-Type: text/plain; charset=3Dus-ascii On Mon, Jul 07, 2003 at 09:12:47PM +0100, Bruce M Simpson wrote: ... > With the increased interest in VoIP and similar these days, perhaps=20 > hardware DS/QoS support of this nature is something the project should = > explore? the usual problem here is that if you want your mechanisms to be useful, = you should implement them in software first (even though it has a = performance impact), and then exploit the hw capabilities when/if they = are present and useful (e.g. on a slow link and fast CPU, you don't care = too much about separate hw queues). The 'if_tx_rdy' dummynet trick that i mentioned does cover the software = part, and i believe it can be made reasonably cheap (i.e. skip the = function call if no pipes are registered to be clocked by that = interface) so that it will not harm performance in the general case. If there is interest, i can look into doing this change and adding this = call to our device drivers. cheers luigi ------------------------------ Message: 4 Date: Tue, 08 Jul 2003 12:45:17 +0100 From: Guilherme Oliveira Subject: Acess to virtual hosts are being blocked by natd/firewall To: FreeBSD-NET@FreeBSD.ORG Message-ID: <3F0AAECD.4070601@nortenet.pt> Content-Type: text/plain; charset=3Dus-ascii; format=3Dflowed Hi ! I've configured a dmz and our workstations (192.168.0) acess to external = sites very well. But sites that are hosted in 192.168.1 that are port_redirected by natd=20 with static ip are blocked only if acessed by our workstations with=20 192.168.0 From internet is fine. It blocks www.site-example.com and xxx.xxx.xxx.xxx. It only works with 192.168.1.2 ! /kernel: Connection attempt to TCP xxx.xxx.xxx.xxx:80 from = 192.168.0.3:2366 My natd it's configured with natd_flags=3D"-l -s -m -u -dynamic -log_denied -log_ipfw_denied=20 -redirect_port tcp 192.168.1.2:80 xxx.xxx.xxx.xxx:80" The firewall is configured to "OPEN". netstat -r in natd: default adsl-b3-72-1.telep UGSc 2 4300 tun0 localhost localhost UH 0 0 lo0 192.168.0 link#2 UC 5 0 xl1 192.168.0.2 00:e0:7d:ed:1b:de UHLW 0 38 xl1 = 940 192.168.0.3 00:50:eb:1d:80:dd UHLW 1 379 xl1 = 657 192.168.0.5 00:08:02:cf:1b:6d UHLW 0 1262 xl1 = 349 192.168.0.6 00:c0:df:09:a1:31 UHLW 0 24 xl1 = 560 192.168.0.7 00:c0:df:09:ab:e7 UHLW 0 977 xl1 = 521 192.168.1 link#3 UC 1 0 xl2 192.168.1.2 00:04:75:e9:c0:04 UHLW 1 257 xl2 = 331 adsl-b3-72-1.telep adslemp-b3-123-140 UH 2 0 tun0 adslemp-b3-121-73. link#1 UC 0 0 xl0 adslemp-b3-121-74. link#1 UC 0 0 xl0 adslemp-b3-121-75. link#1 UC 0 0 xl0 adslemp-b3-121-76. link#1 UC 0 0 xl0 adslemp-b3-121-77. link#1 UC 0 0 xl0 adslemp-b3-121-78. link#1 UC 0 0 xl0 netstat -r in workstation: Internet: Destination Gateway Flags Refs Use Netif = Expire default sarpa UGSc 10 0 sis0 localhost localhost UH 0 140 lo0 192.168.0 link#1 UC 2 0 sis0 sarpa 00:04:75:e0:d4:52 UHLW 12 12204 sis0 = 596 parpa 00:50:eb:1d:80:dd UHLW 0 39 lo0 It's natd problem or ipfw ? ------------------------------ Message: 5 Date: Tue, 08 Jul 2003 14:57:22 +0200 From: "diego maradona" Subject: network device To: freebsd-net@freebsd.org Message-ID: Content-Type: text/plain; charset=3Diso-8859-1; format=3Dflowed Dear all, There is a way to install a 2 network device with fault=20 tolerance(active-standby) or with load-balancing( virtual ip address)? = thanks in advance yqyq22 _________________________________________________________________ MSN Extra Storage: piena libert=E0 di esprimersi e comunicare =20 http://www.msn.it/msnservizi/es/?xAPID=3D534&DI=3D1044&SU=3Dhttp://hotmai= l.it/&HL=3DHMTAGTX_MSN_Extra_Storage ------------------------------ Message: 6 Date: Tue, 08 Jul 2003 14:37:30 +0100 From: Guilherme Oliveira Subject: Re: Acess to virtual hosts are being blocked by natd/firewall To: FreeBSD-NET Message-ID: <3F0AC91A.9000502@nortenet.pt> Content-Type: text/plain; charset=3Dus-ascii; format=3Dflowed I've done that but it's not working. It's strange because if I ping www.site-example.com it goes to the right = static ip. So it's pinging the right server. It could be apache configs but it happens also in qmail, ... I think it's natd but don't know how ... ------------------------------ Message: 7 Date: Tue, 8 Jul 2003 15:32:35 +0100 From: Bruce M Simpson Subject: AODV RFC is now ratified To: "M. Warner Losh" Cc: sam@errno.com Message-ID: <20030708143235.GK22331@spc.org> Content-Type: text/plain; charset=3Dus-ascii On Tue, Jul 08, 2003 at 08:13:03AM -0600, M. Warner Losh wrote: > Cool! Hopefully this work will include fixing lucent cards too :-) Hail Eris. All hail Discordia. By the way, have you seen RFC 3561? It's just out. http://www.faqs.org/rfcs/rfc3561.html Ad hoc On-Demand Distance Vector (AODV) Routing I'm putting together a brief FreeBSD HOWTO -- 'On-demand Routing with = XRESOLVE for Dummies' -- hinted at by fenestro. My technique is quite = simple, I create a CLONE+XRESOLVE route pointing to disc0 (to avoid = routing loops when ip forwarding is enabled) for the route(s) intended = to use the wireless cloud as a next-hop, then listen for RTM_RESOLVE = messages when the stack tries to use those route entries to clone routes = from. That then enables our hypothetical aodvd to issue RTM_CHANGE to = route the data to its peer. Seems pretty clean. We can of course tweak the net.inet.ip.rt* cache tunables to prevent the = stack getting swamped with stale wireless routes. I may not be able to get AODV all done on my own, but I may have a crack = at it - have a lot on my plate just now. BMS ------------------------------ Message: 8 Date: Tue, 8 Jul 2003 16:57:05 +0200 From: Sten Daniel S?rsdal Subject: RE: Acess to virtual hosts are being blocked by natd/firewall To: "Guilherme Oliveira" , "FreeBSD-NET" Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07DEE4@exchange.wanglobal.net> Content-Type: text/plain; charset=3D"iso-8859-1" >=20 > I've done that but it's not working. >=20 > It's strange because if I ping www.site-example.com it goes > to the right=20 > static ip. > So it's pinging the right server. >=20 > It could be apache configs but it happens also in qmail, ... >=20 > I think it's natd but don't know how ... >=20 Make sure that you are diverting the traffic from LAN to DMZ via NATD. - Sten ------------------------------ Message: 9 Date: Tue, 08 Jul 2003 16:22:10 +0100 From: Guilherme Oliveira Subject: Re: Acess to virtual hosts are being blocked by natd/firewall To: FreeBSD-NET , Message-ID: <3F0AE1A2.9080100@nortenet.pt> Content-Type: text/plain; charset=3DISO-8859-1; format=3Dflowed Sten Daniel S=F8rsdal wrote: > Make sure that you are diverting the traffic from LAN to DMZ via NATD. I didn'tunderstand very well: ipfw is not doing this thrue the "OPEN" configuration by default ? ------------------------------ Message: 10 Date: Tue, 8 Jul 2003 17:57:10 +0200 From: Sten Daniel S?rsdal Subject: RE: Acess to virtual hosts are being blocked by natd/firewall To: "Guilherme Oliveira" , "FreeBSD-NET" Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07DEE6@exchange.wanglobal.net> Content-Type: text/plain; charset=3D"iso-8859-1" > Sten Daniel S=F8rsdal wrote: > > Make sure that you are diverting the traffic from LAN to > DMZ via NATD. >=20 > I didn'tunderstand very well: > ipfw is not doing this thrue the "OPEN" configuration by default ? >=20 No. in rc.firewall (line 124): ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} This line only NAT's traffic going in and out of your upstream = interface. in "OPEN" configuration it NATs the traffic from LAN and DMZ -to/from- = internet. Not between the LAN and DMZ area, which is what you need. You could look into setting up your own little proxy DNS (such as = pdnsd). Add the servers to hosts file on your workstations, or make it = NAT the way you want. - Sten ------------------------------ _______________________________________________ freebsd-net@freebsd.org mailing list = http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" End of freebsd-net Digest, Vol 16, Issue 2 ****************************************** From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 22:18:17 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C9F137B401 for ; Tue, 8 Jul 2003 22:18:17 -0700 (PDT) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6348243FEC for ; Tue, 8 Jul 2003 22:18:13 -0700 (PDT) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82])h695IACo078677 for ; Wed, 9 Jul 2003 13:18:11 +0800 (KRAST) (envelope-from eugen@kuzbass.ru) Message-ID: <3F0BA58E.1F8888A2@kuzbass.ru> Date: Wed, 09 Jul 2003 13:18:06 +0800 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.8 [en] (Win98; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: net@freebsd.org Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Subject: unicast octets statistics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 05:18:17 -0000 Hi! Does FreeBSD 4.8-STABLE keep per-interface summary for received unicast octets? More precisely, I need to know number of unicast octets received by my router via ep0 from uplink. Its ethernet interface carries lots of broadcast (NETBIOS) traffic I need not care of. Eugene Grosbein P.S. I've subscribed now :-) From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 23:11:23 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0CF6137B401 for ; Tue, 8 Jul 2003 23:11:23 -0700 (PDT) Received: from cell.sick.ru (cell.sick.ru [195.91.162.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE66D43F93 for ; Tue, 8 Jul 2003 23:10:01 -0700 (PDT) (envelope-from glebius@cell.sick.ru) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.6/8.12.8) with ESMTP id h6969xNx069238 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Wed, 9 Jul 2003 10:09:59 +0400 (MSD) (envelope-from glebius@cell.sick.ru) Received: (from glebius@localhost) by cell.sick.ru (8.12.6/8.12.6/Submit) id h6969xMs069237; Wed, 9 Jul 2003 10:09:59 +0400 (MSD) Date: Wed, 9 Jul 2003 10:09:58 +0400 From: Gleb Smirnoff To: Eugene Grosbein Message-ID: <20030709060958.GD69076@cell.sick.ru> References: <3F0BA58E.1F8888A2@kuzbass.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <3F0BA58E.1F8888A2@kuzbass.ru> User-Agent: Mutt/1.5.1i cc: net@freebsd.org Subject: Re: unicast octets statistics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 06:11:23 -0000 On Wed, Jul 09, 2003 at 01:18:06PM +0800, Eugene Grosbein wrote: E> Does FreeBSD 4.8-STABLE keep per-interface summary for received E> unicast octets? More precisely, I need to know number of unicast E> octets received by my router via ep0 from uplink. Its ethernet interface E> carries lots of broadcast (NETBIOS) traffic I need not care of. glebius@:~:>snmpwalk -Os -c XXX -v 1 localhost ifInUcastPkts.1 ifInUcastPkts.1 = Counter32: 6062056 /usr/ports/net/net-snmp installed -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 23:53:38 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 36AE437B401 for ; Tue, 8 Jul 2003 23:53:38 -0700 (PDT) Received: from mail.in.nextra.sk (fox.nextra.sk [195.168.1.30]) by mx1.FreeBSD.org (Postfix) with SMTP id 6196843F75 for ; Tue, 8 Jul 2003 23:53:36 -0700 (PDT) (envelope-from root@home.bluegrass.sk) Received: (qmail 25428 invoked from network); 9 Jul 2003 06:53:34 -0000 Received: from unknown (HELO home.bluegrass.sk) (195.168.129.26) by mail.in.nextra.sk with SMTP; 9 Jul 2003 06:53:34 -0000 Content-Type: text/plain; charset="koi8-r" From: Charlie & To: Gleb Smirnoff , Eugene Grosbein Date: Wed, 9 Jul 2003 08:53:31 +0200 X-Mailer: KMail [version 1.4] References: <3F0BA58E.1F8888A2@kuzbass.ru> <20030709060958.GD69076@cell.sick.ru> In-Reply-To: <20030709060958.GD69076@cell.sick.ru> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <200307090853.31579.root@home.bluegrass.sk> cc: net@freebsd.org Subject: Re: unicast octets statistics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 06:53:38 -0000 On Wednesday 09 July 2003 08:09, Gleb Smirnoff wrote: > On Wed, Jul 09, 2003 at 01:18:06PM +0800, Eugene Grosbein wrote: > E> Does FreeBSD 4.8-STABLE keep per-interface summary for received > E> unicast octets? More precisely, I need to know number of unicast > E> octets received by my router via ep0 from uplink. Its ethernet interface > E> carries lots of broadcast (NETBIOS) traffic I need not care of. > > glebius@:~:>snmpwalk -Os -c XXX -v 1 localhost ifInUcastPkts.1 > ifInUcastPkts.1 = Counter32: 6062056 > > /usr/ports/net/net-snmp installed This gives you packets, not octets... There is no such thing in SNMP I think, so some ipfw hackery might be what he wants... Regards, Milan From owner-freebsd-net@FreeBSD.ORG Tue Jul 8 23:55:36 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3942B37B401 for ; Tue, 8 Jul 2003 23:55:36 -0700 (PDT) Received: from cell.sick.ru (cell.sick.ru [195.91.162.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1CAC143FBF for ; Tue, 8 Jul 2003 23:55:35 -0700 (PDT) (envelope-from glebius@cell.sick.ru) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.6/8.12.8) with ESMTP id h696tXNx069428 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Wed, 9 Jul 2003 10:55:33 +0400 (MSD) (envelope-from glebius@cell.sick.ru) Received: (from glebius@localhost) by cell.sick.ru (8.12.6/8.12.6/Submit) id h696tXxK069427 for freebsd-net@freebsd.org; Wed, 9 Jul 2003 10:55:33 +0400 (MSD) Date: Wed, 9 Jul 2003 10:55:32 +0400 From: Gleb Smirnoff To: freebsd-net@freebsd.org Message-ID: <20030709065532.GA69335@cell.sick.ru> Mail-Followup-To: Gleb Smirnoff , freebsd-net@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline User-Agent: Mutt/1.5.1i Subject: Request for review: kern/47920 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 06:55:36 -0000 Dear sirs, could you take a look at http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/47920 This problem is really annoying: large PPPoE network can be DoSed with one non-standard packet. Moreover, if there is >1 FreeBSD machine in network, it is really difficult to return network to normal behavior. The patch, I have sent (the last one), has been tested since PR open date till now on 2 big PPPoE concentrators serving 50 - 200 PPPoE clients each. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 00:02:33 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4889937B401 for ; Wed, 9 Jul 2003 00:02:33 -0700 (PDT) Received: from cell.sick.ru (cell.sick.ru [195.91.162.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id EAFAD43FA3 for ; Wed, 9 Jul 2003 00:02:31 -0700 (PDT) (envelope-from glebius@cell.sick.ru) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.6/8.12.8) with ESMTP id h6972UNx069470 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Wed, 9 Jul 2003 11:02:30 +0400 (MSD) (envelope-from glebius@cell.sick.ru) Received: (from glebius@localhost) by cell.sick.ru (8.12.6/8.12.6/Submit) id h6972TTc069469; Wed, 9 Jul 2003 11:02:29 +0400 (MSD) Date: Wed, 9 Jul 2003 11:02:29 +0400 From: Gleb Smirnoff To: Charlie & Message-ID: <20030709070229.GB69335@cell.sick.ru> References: <3F0BA58E.1F8888A2@kuzbass.ru> <20030709060958.GD69076@cell.sick.ru> <200307090853.31579.root@home.bluegrass.sk> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <200307090853.31579.root@home.bluegrass.sk> User-Agent: Mutt/1.5.1i cc: Eugene Grosbein cc: net@freebsd.org Subject: Re: unicast octets statistics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 07:02:33 -0000 On Wed, Jul 09, 2003 at 08:53:31AM +0200, Charlie & wrote: C> On Wednesday 09 July 2003 08:09, Gleb Smirnoff wrote: C> > On Wed, Jul 09, 2003 at 01:18:06PM +0800, Eugene Grosbein wrote: C> > E> Does FreeBSD 4.8-STABLE keep per-interface summary for received C> > E> unicast octets? More precisely, I need to know number of unicast C> > E> octets received by my router via ep0 from uplink. Its ethernet interface C> > E> carries lots of broadcast (NETBIOS) traffic I need not care of. C> > C> > glebius@:~:>snmpwalk -Os -c XXX -v 1 localhost ifInUcastPkts.1 C> > ifInUcastPkts.1 = Counter32: 6062056 C> > C> > /usr/ports/net/net-snmp installed C> C> This gives you packets, not octets... Shurely. One can evaluate traffic according to packet count. ipfw counters would be more precise. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 00:19:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0DD5E37B401 for ; Wed, 9 Jul 2003 00:19:52 -0700 (PDT) Received: from maillog.itri.org.tw (dnss.itri.org.tw [210.68.176.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id AA8CC43FCB for ; Wed, 9 Jul 2003 00:19:48 -0700 (PDT) (envelope-from mtlin1@ms36.hinet.net) Received: from mail.itri.org.tw (mail [140.96.157.2]) by maillog.itri.org.tw (8.11.6+Sun/8.11.6) with ESMTP id h696p3c00488; Wed, 9 Jul 2003 14:51:03 +0800 (CST) Received: from ms2.itri.org.tw ([140.96.151.157]) by mail.itri.org.tw (8.11.6+Sun/8.11.6) with ESMTP id h696jXF08976; Wed, 9 Jul 2003 14:45:34 +0800 (CST) Received: from mtlin ([140.96.254.153]) by ms2.itri.org.tw (Lotus Domino Release 5.0.11) with ESMTP id 2003070914493719:14589 ; Wed, 9 Jul 2003 14:49:37 +0800 Message-ID: <01cc01c345e5$ff91abf0$3c55608c@mtlin> From: "Morton Lin" To: "Bruce M Simpson" References: Date: Wed, 9 Jul 2003 14:47:37 +0800 MIME-Version: 1.0 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-MIMETrack: Itemize by SMTP Server on MS2/ITRI(Release 5.0.11 |July 24, 2002) at 2003-07-09 02:49:37 PM,2003-07-09 02:49:41 PM, Serialize complete at 2003-07-09 02:49:41 PM Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="big5" cc: freebsd-net@freebsd.org Subject: Re: AODV RFC is now ratified X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Morton Lin List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 07:19:52 -0000 Hi, Sir : I am very interesting in your post. Would you please give me some web pages or information about your brief FreeBSD Howto ? I had built a ad-hoc testbed by using CMU's Monarch DSR implementation. But it's buggy. In 802.11 environment our platform didn't work very well. And I had done simulation for DSR and AODV in OPNET. It seems the performance of AODV was better. Anyway, It's happy to see Perkins and folks make it. :-) PS : Do you ever think the possibility that those ad-hoc routing protocol stack running over Bluetooth environment ? Best Regards, Morton Lin. ----- Original Message ----- From: "Bruce M Simpson" Newsgroups: mailing.freebsd.net Sent: Tuesday, July 08, 2003 10:34 PM Subject: AODV RFC is now ratified > On Tue, Jul 08, 2003 at 08:13:03AM -0600, M. Warner Losh wrote: > > Cool! Hopefully this work will include fixing lucent cards too :-) > > Hail Eris. All hail Discordia. > > By the way, have you seen RFC 3561? It's just out. > > http://www.faqs.org/rfcs/rfc3561.html > Ad hoc On-Demand Distance Vector (AODV) Routing > > I'm putting together a brief FreeBSD HOWTO -- 'On-demand Routing with > XRESOLVE for Dummies' -- hinted at by fenestro. My technique is quite > simple, I create a CLONE+XRESOLVE route pointing to disc0 (to avoid > routing loops when ip forwarding is enabled) for the route(s) intended > to use the wireless cloud as a next-hop, then listen for RTM_RESOLVE > messages when the stack tries to use those route entries to clone routes > from. That then enables our hypothetical aodvd to issue RTM_CHANGE to > route the data to its peer. Seems pretty clean. > > We can of course tweak the net.inet.ip.rt* cache tunables to prevent > the stack getting swamped with stale wireless routes. > > I may not be able to get AODV all done on my own, but I may have a crack > at it - have a lot on my plate just now. > > BMS > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 02:35:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7E10937B401 for ; Wed, 9 Jul 2003 02:35:52 -0700 (PDT) Received: from silver.he.iki.fi (silver.he.iki.fi [193.64.42.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1067343FAF for ; Wed, 9 Jul 2003 02:35:51 -0700 (PDT) (envelope-from pete@he.iki.fi) Received: from he.iki.fi (localhost.he.iki.fi [127.0.0.1]) by silver.he.iki.fi (8.12.9/8.11.4) with ESMTP id h699ZYsL028798; Wed, 9 Jul 2003 12:35:39 +0300 (EEST) (envelope-from pete@he.iki.fi) Message-ID: <3F0BE1E5.6010201@he.iki.fi> Date: Wed, 09 Jul 2003 12:35:33 +0300 From: Petri Helenius User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3) Gecko/20030501 X-Accept-Language: English [en],Finnish [fi] MIME-Version: 1.0 To: Charlie & References: <3F0BA58E.1F8888A2@kuzbass.ru> <20030709060958.GD69076@cell.sick.ru> <200307090853.31579.root@home.bluegrass.sk> In-Reply-To: <200307090853.31579.root@home.bluegrass.sk> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: Eugene Grosbein cc: net@freebsd.org Subject: Re: unicast octets statistics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 09:35:52 -0000 Charlie & wrote: >On Wednesday 09 July 2003 08:09, Gleb Smirnoff wrote: > > >>On Wed, Jul 09, 2003 at 01:18:06PM +0800, Eugene Grosbein wrote: >>E> Does FreeBSD 4.8-STABLE keep per-interface summary for received >>E> unicast octets? More precisely, I need to know number of unicast >>E> octets received by my router via ep0 from uplink. Its ethernet interface >>E> carries lots of broadcast (NETBIOS) traffic I need not care of. >> >>glebius@:~:>snmpwalk -Os -c XXX -v 1 localhost ifInUcastPkts.1 >>ifInUcastPkts.1 = Counter32: 6062056 >> >>/usr/ports/net/net-snmp installed >> >> > >This gives you packets, not octets... >There is no such thing in SNMP I think, so some ipfw hackery might be what he >wants... >Regards, >Milan > > Or maybe you should consider using ifInOctets... Pete From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 03:11:48 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A3D537B401 for ; Wed, 9 Jul 2003 03:11:48 -0700 (PDT) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id F2BAA43FAF for ; Wed, 9 Jul 2003 03:11:45 -0700 (PDT) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82])h69ABcCo014295; Wed, 9 Jul 2003 18:11:39 +0800 (KRAST) (envelope-from eugen@kuzbass.ru) Message-ID: <3F0BEA55.D7ABD657@kuzbass.ru> Date: Wed, 09 Jul 2003 18:11:33 +0800 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.8 [en] (Win98; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: Petri Helenius References: <3F0BA58E.1F8888A2@kuzbass.ru> <20030709060958.GD69076@cell.sick.ru> <200307090853.31579.root@home.bluegrass.sk> <3F0BE1E5.6010201@he.iki.fi> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit cc: Charlie & cc: net@freebsd.org Subject: Re: unicast octets statistics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 10:11:48 -0000 Petri Helenius wrote: > Or maybe you should consider using ifInOctets... ifInOctets counts broadcasts too. I finished with ipfw2, thank you all. Eugene From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 12:23:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C061337B401 for ; Wed, 9 Jul 2003 12:23:52 -0700 (PDT) Received: from ecserv7.uwaterloo.ca (ecserv7.uwaterloo.ca [129.97.50.127]) by mx1.FreeBSD.org (Postfix) with ESMTP id D321B43F3F for ; Wed, 9 Jul 2003 12:23:51 -0700 (PDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: from ecserv7.uwaterloo.ca (localhost.uwaterloo.ca [127.0.0.1]) h69JNrNp071112; Wed, 9 Jul 2003 15:23:53 -0400 (EDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: (from www@localhost) by ecserv7.uwaterloo.ca (8.12.6p2/8.12.6/Submit) id h69JNqTK071111; Wed, 9 Jul 2003 15:23:52 -0400 (EDT) X-Authentication-Warning: ecserv7.uwaterloo.ca: www set sender to kw3wong@engmail.uwaterloo.ca using -f Received: from 129.97.106.24 ( [129.97.106.24])with HTTP; Wed, 9 Jul 2003 15:23:52 -0400 Message-ID: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> Date: Wed, 9 Jul 2003 15:23:52 -0400 From: kw3wong@engmail.uwaterloo.ca To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 / FreeBSD-4.6.2 X-Originating-IP: 129.97.106.24 cc: dsze@engmail.uwaterloo.ca Subject: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 19:23:53 -0000 Hi guys, My first attempts at hacking FreeBSD kernel code has not been very fruitful, so I'm hoping someone with more experience and knowhow might be able to point out the mistakes that I'm making. Firstly, let me explain what I'm trying to do. I'm currently working on a University project that performs some type of transformation (compression, security, string replacement, etc) on packets as they pass through the system. The current setup has the FreeBSD machine configured as a router, and the transformation is performed on packets that are routed. This is done via divert sockets and everything is fine and dandy, we're getting great results from this setup. However, what we want to do next is to have the machine setup as a ethernet bridge instead, and the transformation is to be performed on the bridged packets. Unfortunately, as most of you probably know, divert sockets do not work with bridges as of yet. So I've been trying to add a somewhat hack-ish support for divert sockets over bridges. The concession that I'm making is that instead of diverting ip packets, I'll be diverting ethernet frames. In userspace my program will reattach the ethernet headers back onto the packet before passing it back to the divert socket. A second concession is that when I sendto the divert socket, the sin_zero in the sockaddr must contain the source network adaptor name. All these concessions are necessary (I think) as I would otherwise not know how to output the data in a ip-less bridge. So here is what my code changes involved so far. BTW, I'm using FreeBSD 4.8 1) Removed the check in ipfw_chk (ip_fw2.c) for whether it is layer2 or not. This allows briged packets to still match the ipfw2 divert rules 2) In bridge.c at function bdg_forward, after the ip_fw_chk_ptr (and after the check for dummynet, around line 974), the following code fragment is added if (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0) { struct mbuf *m; /* Need to determine whether this is an IP. If not just forward */ if (ntohs(eh->ether_type) != ETHERTYPE_IP) goto forward; if ( shared ) { int j = min(m0->m_pkthdr.len + ETHER_HDR_LEN, max_protohdr) ; m0 = m_pullup(m0, j) ; if (m0 == NULL) return NULL; } if (shared == 0 && once ) { /* no need to copy */ m = m0 ; m0 = NULL ; /* original is gone */ } else { m = m_copypacket(m0, M_DONTWAIT); if (m == NULL) { printf("bdg_forward: sorry, m_copypacket failed!\n"); return m0 ; /* the original is still there... */ } } if ( (void *)(eh + 1) == (void *)m->m_data) { m->m_data -= ETHER_HDR_LEN ; m->m_len += ETHER_HDR_LEN ; m->m_pkthdr.len += ETHER_HDR_LEN ; bdg_predict++; } else { M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); if (m == NULL) { printf("M_PREPEND failed\n"); /* Should probably return original instead of NULL */ /* return NULL; */ return m0; } bcopy(&save_eh, mtod(m, struct ether_header *), ETHER_HDR_LEN); } divert_packet(m, 1, i & 0xffff, args.divert_rule); return NULL; } This allows me to divert the ethernet frames to userspace. 3) To allow me to inject ethernet frames back into the system via divert sockets, I've modified div_output so that it will call ether_output_frame. The following are my changes to div_output, which is added before ip_output is called: /* rcvif is copied from sin_zero, and is required to be valid for the current system to work */ if (m->m_pkthdr.rcvif != NULL && BDG_USED(m->m_pkthdr.rcvif)) { if (m->m_len < sizeof(struct ether_header)) { /* XXX error in the caller. */ error = EINVAL; goto cantsend; } return ether_output_frame(m->m_pkthdr.rcvif, m); } 4) In userspace for testing purposes, I have a program that simply reads from the divert socket, and writes back out to it - here's the core snippet of the code. while (true) { sstBytes = ::recvfrom(nFD, kpucInPacket, sizeof(kpucInPacket), 0, (struct sockaddr *) &SockAddr, &AddrLen); if (sstBytes == -1) ::err(errno, "recvfrom"); ::bcopy(SockAddr.sin_zero, SockAddrSend.sin_zero, sizeof(SockAddr.sin_zero)); int nSendBytes = ::sendto(nSendFD, (void*)kpucInPacket, sstBytes, 0, (struct sockaddr *) &SockAddrSend, sizeof(SockAddrSend)); if (nSendBytes != sstBytes) ::err(errno, "sendto"); } Now I understand I'm breaking lots of abstractions/layers, but I do plan to clean that up a bit later. And I also understand that perhaps no one else in the world needs this functionality - although I can see a couple of other possible applications for it. The changes does seem to work, I'm able to receive the ethernet frame and also reinject it via the divert sockets - ping, ftp, etc. all work over the bridge when my test program is running. However, I'm finding that I'm losing/leaking mbufs. sbdrop will complain and panic that the sb_cc doesn't match up with what the mbuf chains says - usually the sb_cc will be larger by a couple of hundred bytes. Furthermore, a netstat -m will show that I have mbufs allocated to socket names and address even after the termination of the diverting program. This only seem to happen when I transfer over ftp a really large file (>100M) at high speed (full line speed of a 100Mbps network). Ping and ftping small files do not seem to cause the mbuf leakage. So my question is, does anyone see where I might be losing the mbufs - is there some mbufs that must be freed or not freed that I'm not aware of? I've never worked on the FreeBSD kernel before, so I'm not sure 100% sure how to correctly manage the mbufs. Any advise, tips, discussion, anything will be highly appreciated! =) If anyone needs any more clarification/information, just ask and I'll try my best to explain myself better. Thanks!! Bernie ---------------------------------------- This mail sent through www.mywaterloo.ca From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 12:34:04 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1C71F37B401 for ; Wed, 9 Jul 2003 12:34:04 -0700 (PDT) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6169443FA3 for ; Wed, 9 Jul 2003 12:34:03 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (IDENT:brdavis@localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.12.9/8.12.3) with ESMTP id h69JXrib018544; Wed, 9 Jul 2003 12:33:53 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.12.9/8.12.3/Submit) id h69JXrhJ018542; Wed, 9 Jul 2003 12:33:53 -0700 Date: Wed, 9 Jul 2003 12:33:53 -0700 From: Brooks Davis To: kw3wong@engmail.uwaterloo.ca Message-ID: <20030709193353.GA17128@Odin.AC.HMC.Edu> References: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="SLDf9lqlvOQaIe6s" Content-Disposition: inline In-Reply-To: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> User-Agent: Mutt/1.5.4i X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu cc: freebsd-net@freebsd.org cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 19:34:04 -0000 --SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 09, 2003 at 03:23:52PM -0400, kw3wong@engmail.uwaterloo.ca wrot= e: > Hi guys, >=20 > My first attempts at hacking FreeBSD kernel code has not been very fruitf= ul, so=20 > I'm hoping someone with more experience and knowhow might be able to poin= t out=20 > the mistakes that I'm making. >=20 > Firstly, let me explain what I'm trying to do. I'm currently working on a= =20 > University project that performs some type of transformation (compression= ,=20 > security, string replacement, etc) on packets as they pass through the sy= stem.=20 > The current setup has the FreeBSD machine configured as a router, and the= =20 > transformation is performed on packets that are routed. This is done via = divert=20 > sockets and everything is fine and dandy, we're getting great results fro= m this=20 > setup. >=20 > However, what we want to do next is to have the machine setup as a ethern= et=20 > bridge instead, and the transformation is to be performed on the bridged= =20 > packets. Unfortunately, as most of you probably know, divert sockets do n= ot=20 > work with bridges as of yet. Since you are paying the price of pulling all packets into userland anyway, I'd suggest you just do the bridging in userland. You can use bpf to send and recieve packets on each interface and then bridge and process them in your application. I did this a while back and the whole thing took about 1400 lines of code. Unfortunalty, I can't release the code, but it only took a few hours to write and debug the bridging part. -- Brooks --SLDf9lqlvOQaIe6s Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE/DG4fXY6L6fI4GtQRAu1gAKC4ofX2YjVr8IyAPGYPNFebb6AixwCg1THE 8oWpb8TvldsJKFehgYV9qJs= =B5HP -----END PGP SIGNATURE----- --SLDf9lqlvOQaIe6s-- From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 12:36:30 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 40BDF37B401 for ; Wed, 9 Jul 2003 12:36:30 -0700 (PDT) Received: from rwcrmhc11.comcast.net (rwcrmhc11.comcast.net [204.127.198.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 981F743F75 for ; Wed, 9 Jul 2003 12:36:29 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([12.233.125.100]) by attbi.com (rwcrmhc11) with ESMTP id <2003070919362201300iq3s3e>; Wed, 9 Jul 2003 19:36:22 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id MAA32300; Wed, 9 Jul 2003 12:36:19 -0700 (PDT) Date: Wed, 9 Jul 2003 12:36:17 -0700 (PDT) From: Julian Elischer To: kw3wong@engmail.uwaterloo.ca In-Reply-To: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 19:36:30 -0000 On Wed, 9 Jul 2003 kw3wong@engmail.uwaterloo.ca wrote: > Hi guys, > > My first attempts at hacking FreeBSD kernel code has not been very fruitful, so > I'm hoping someone with more experience and knowhow might be able to point out > the mistakes that I'm making. > > Firstly, let me explain what I'm trying to do. I'm currently working on a > University project that performs some type of transformation (compression, > security, string replacement, etc) on packets as they pass through the system. > The current setup has the FreeBSD machine configured as a router, and the > transformation is performed on packets that are routed. This is done via divert > sockets and everything is fine and dandy, we're getting great results from this > setup. > > However, what we want to do next is to have the machine setup as a ethernet > bridge instead, and the transformation is to be performed on the bridged > packets. Unfortunately, as most of you probably know, divert sockets do not > work with bridges as of yet. > > So I've been trying to add a somewhat hack-ish support for divert sockets over > bridges. The concession that I'm making is that instead of diverting ip > packets, I'll be diverting ethernet frames. In userspace my program will > reattach the ethernet headers back onto the packet before passing it back to > the divert socket. A second concession is that when I sendto the divert socket, > the sin_zero in the sockaddr must contain the source network adaptor name. All > these concessions are necessary (I think) as I would otherwise not know how to > output the data in a ip-less bridge. The very simple way to do what you want is to use netgraph look at the netgraph bridging example in /usr/share/examples/netgraph and add a pair of netgraph sockets at the appropriate places.. You can intrercept any pacet at any place much like divert sockets.. you can also do pre-filtering using the ng_bpf node that allows you to do bpf filerring (see the ng_bpf man page) You can do this all from the command line and you will need to make only minimal changes to your userland program.. basically, get familiar with netgraph and you'll see that you have more options than you can poke a stick at. > > So here is what my code changes involved so far. BTW, I'm using FreeBSD 4.8 > > 1) Removed the check in ipfw_chk (ip_fw2.c) for whether it is layer2 or not. > This allows briged packets to still match the ipfw2 divert rules > > 2) In bridge.c at function bdg_forward, after the ip_fw_chk_ptr (and after the > check for dummynet, around line 974), the following code fragment is added > > if (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0) { > struct mbuf *m; > > /* Need to determine whether this is an IP. If not just forward > */ > if (ntohs(eh->ether_type) != ETHERTYPE_IP) > goto forward; > > if ( shared ) { > int j = min(m0->m_pkthdr.len + ETHER_HDR_LEN, max_protohdr) ; > > m0 = m_pullup(m0, j) ; > if (m0 == NULL) > return NULL; > } > > if (shared == 0 && once ) { /* no need to copy */ > m = m0 ; > m0 = NULL ; /* original is gone */ > } else { > m = m_copypacket(m0, M_DONTWAIT); > if (m == NULL) { > printf("bdg_forward: sorry, m_copypacket failed!\n"); > return m0 ; /* the original is still there... */ > } > } > > if ( (void *)(eh + 1) == (void *)m->m_data) { > m->m_data -= ETHER_HDR_LEN ; > m->m_len += ETHER_HDR_LEN ; > m->m_pkthdr.len += ETHER_HDR_LEN ; > bdg_predict++; > } else { > M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); > if (m == NULL) > { > printf("M_PREPEND failed\n"); > /* Should probably return original instead of NULL */ > /* return NULL; */ > return m0; > } > bcopy(&save_eh, mtod(m, struct ether_header *), ETHER_HDR_LEN); > } > > divert_packet(m, 1, i & 0xffff, args.divert_rule); > return NULL; > } > > This allows me to divert the ethernet frames to userspace. > > > 3) To allow me to inject ethernet frames back into the system via divert > sockets, I've modified div_output so that it will call ether_output_frame. The > following are my changes to div_output, which is added before ip_output is > called: > > /* rcvif is copied from sin_zero, and is required to be valid > for the current system to work > */ > if (m->m_pkthdr.rcvif != NULL && BDG_USED(m->m_pkthdr.rcvif)) > { > if (m->m_len < sizeof(struct ether_header)) { > /* XXX error in the caller. */ > error = EINVAL; > goto cantsend; > } > > return ether_output_frame(m->m_pkthdr.rcvif, m); > } > > 4) In userspace for testing purposes, I have a program that simply reads from > the divert socket, and writes back out to it - here's the core snippet of the > code. > > while (true) > { > sstBytes = ::recvfrom(nFD, kpucInPacket, sizeof(kpucInPacket), 0, > (struct sockaddr *) &SockAddr, &AddrLen); > > if (sstBytes == -1) > ::err(errno, "recvfrom"); > > ::bcopy(SockAddr.sin_zero, > SockAddrSend.sin_zero, > sizeof(SockAddr.sin_zero)); > > int nSendBytes = ::sendto(nSendFD, (void*)kpucInPacket, sstBytes, 0, > (struct sockaddr *) &SockAddrSend, sizeof(SockAddrSend)); > > if (nSendBytes != sstBytes) > ::err(errno, "sendto"); > } > > > Now I understand I'm breaking lots of abstractions/layers, but I do plan to > clean that up a bit later. And I also understand that perhaps no one else in > the world needs this functionality - although I can see a couple of other > possible applications for it. Netgraph is a link-layer manipulation framework.. for link-layer stuff it works much better than divert.... (I'm not biased.. archie and I wrote both of them for different reasons :-) > > The changes does seem to work, I'm able to receive the ethernet frame and also > reinject it via the divert sockets - ping, ftp, etc. all work over the bridge > when my test program is running. However, I'm finding that I'm losing/leaking > mbufs. sbdrop will complain and panic that the sb_cc doesn't match up with what > the mbuf chains says - usually the sb_cc will be larger by a couple of hundred > bytes. Furthermore, a netstat -m will show that I have mbufs allocated to > socket names and address even after the termination of the diverting program. > This only seem to happen when I transfer over ftp a really large file (>100M) > at high speed (full line speed of a 100Mbps network). Ping and ftping small > files do not seem to cause the mbuf leakage. > > So my question is, does anyone see where I might be losing the mbufs - is there > some mbufs that must be freed or not freed that I'm not aware of? I've never > worked on the FreeBSD kernel before, so I'm not sure 100% sure how to correctly > manage the mbufs. Any advise, tips, discussion, anything will be highly > appreciated! =) If anyone needs any more clarification/information, just ask > and I'll try my best to explain myself better. > > Thanks!! > Bernie haven't looked enough to spot your leak.. I'd just use netgraph.. (use libnetgraph to do netgraph manipulations from your program) > > ---------------------------------------- > This mail sent through www.mywaterloo.ca > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 12:38:09 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1E5237B404 for ; Wed, 9 Jul 2003 12:38:09 -0700 (PDT) Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.198.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id D4B8943F75 for ; Wed, 9 Jul 2003 12:38:07 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([12.233.125.100]) by attbi.com (rwcrmhc13) with ESMTP id <2003070919380601500777gke>; Wed, 9 Jul 2003 19:38:06 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id MAA32310; Wed, 9 Jul 2003 12:38:05 -0700 (PDT) Date: Wed, 9 Jul 2003 12:38:04 -0700 (PDT) From: Julian Elischer To: Brooks Davis In-Reply-To: <20030709193353.GA17128@Odin.AC.HMC.Edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: kw3wong@engmail.uwaterloo.ca cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 19:38:10 -0000 On Wed, 9 Jul 2003, Brooks Davis wrote: > On Wed, Jul 09, 2003 at 03:23:52PM -0400, kw3wong@engmail.uwaterloo.ca wrote: > > Hi guys, > > > > My first attempts at hacking FreeBSD kernel code has not been very fruitful, so > > I'm hoping someone with more experience and knowhow might be able to point out > > the mistakes that I'm making. > > > > Firstly, let me explain what I'm trying to do. I'm currently working on a > > University project that performs some type of transformation (compression, > > security, string replacement, etc) on packets as they pass through the system. > > The current setup has the FreeBSD machine configured as a router, and the > > transformation is performed on packets that are routed. This is done via divert > > sockets and everything is fine and dandy, we're getting great results from this > > setup. > > > > However, what we want to do next is to have the machine setup as a ethernet > > bridge instead, and the transformation is to be performed on the bridged > > packets. Unfortunately, as most of you probably know, divert sockets do not > > work with bridges as of yet. > > Since you are paying the price of pulling all packets into userland > anyway, I'd suggest you just do the bridging in userland. You can use > bpf to send and recieve packets on each interface and then bridge and > process them in your application. I did this a while back and the whole > thing took about 1400 lines of code. Unfortunalty, I can't release the > code, but it only took a few hours to write and debug the bridging part. how come no-one knows about netgraph.. the framework designed to do exactly this? :-) It's only been in use for 6 years.. From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 12:55:31 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D516437B401 for ; Wed, 9 Jul 2003 12:55:31 -0700 (PDT) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 397BC43FAF for ; Wed, 9 Jul 2003 12:55:31 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 56346 invoked from network); 9 Jul 2003 19:55:30 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 9 Jul 2003 19:55:30 -0000 Message-ID: <3F0C7328.7080304@tenebras.com> Date: Wed, 09 Jul 2003 12:55:20 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.3.1) Gecko/20030425 X-Accept-Language: en-us, zh-tw, zh-cn, fr, en, de-de MIME-Version: 1.0 To: freebsd-net@freebsd.org References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 19:55:32 -0000 Julian Elischer wrote: > how come no-one knows about netgraph.. the framework designed to do > exactly this? :-) > It's only been in use for 6 years.. Because we're missing a Nutshell book on the topic? Because only initiates into the Dark Art of Whistling know how to use it? ;-) (NB: smiley. You're not a humorless, literal-minded prat, but some of us are.) Heck, Julian, I'd be using it right now if I had the time to figure out how to rewrite ng_one2many to handle something other than round-robin. I'd like to fill the 256kbit/s frame relay to London before directing traffic over the VPN on our DS3, competing with all other traffic. As an advanced exercise, I'd like to balance based on QoS, with low-latency traffic (VoIP, etc.) going over the frame link. From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 12:58:48 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6586237B401 for ; Wed, 9 Jul 2003 12:58:48 -0700 (PDT) Received: from rwcrmhc12.comcast.net (rwcrmhc12.comcast.net [216.148.227.85]) by mx1.FreeBSD.org (Postfix) with ESMTP id EBBBF43F93 for ; Wed, 9 Jul 2003 12:58:47 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([12.233.125.100]) by attbi.com (rwcrmhc12) with ESMTP id <200307091958460140063adpe>; Wed, 9 Jul 2003 19:58:46 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id MAA32449; Wed, 9 Jul 2003 12:58:45 -0700 (PDT) Date: Wed, 9 Jul 2003 12:58:43 -0700 (PDT) From: Julian Elischer To: Michael Sierchio In-Reply-To: <3F0C7328.7080304@tenebras.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 19:58:48 -0000 On Wed, 9 Jul 2003, Michael Sierchio wrote: > Julian Elischer wrote: > > > how come no-one knows about netgraph.. the framework designed to do > > exactly this? :-) > > It's only been in use for 6 years.. > > Because we're missing a Nutshell book on the topic? Because only > initiates into the Dark Art of Whistling know how to use it? ;-) > (NB: smiley. You're not a humorless, literal-minded prat, but some > of us are.) > > Heck, Julian, I'd be using it right now if I had the time to > figure out how to rewrite ng_one2many to handle something > other than round-robin. I'd like to fill the 256kbit/s > frame relay to London before directing traffic over the VPN > on our DS3, competing with all other traffic. As an advanced > exercise, I'd like to balance based on QoS, with low-latency > traffic (VoIP, etc.) going over the frame link. I have a netgraph node that does load balancing, but it's not completed to my satisfaction.. you can play with it if you want :-) > > > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 13:03:27 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB9CC37B401 for ; Wed, 9 Jul 2003 13:03:27 -0700 (PDT) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 30FCE43F3F for ; Wed, 9 Jul 2003 13:03:27 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 56394 invoked from network); 9 Jul 2003 20:03:26 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 9 Jul 2003 20:03:26 -0000 Message-ID: <3F0C750D.6060107@tenebras.com> Date: Wed, 09 Jul 2003 13:03:25 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.3.1) Gecko/20030425 X-Accept-Language: en-us, zh-tw, zh-cn, fr, en, de-de MIME-Version: 1.0 To: Julian Elischer References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 20:03:28 -0000 Julian Elischer wrote: > I have a netgraph node that does load balancing, but it's not completed > to my satisfaction.. > > you can play with it if you want :-) That would be excellent, I might even be in danger of learning something. I have a buncha Soekris net4501 boxes to play with. From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 13:16:39 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 42FA337B401 for ; Wed, 9 Jul 2003 13:16:39 -0700 (PDT) Received: from out001.verizon.net (out001pub.verizon.net [206.46.170.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6057543F3F for ; Wed, 9 Jul 2003 13:16:38 -0700 (PDT) (envelope-from cswiger@mac.com) Received: from mac.com ([141.149.47.46]) by out001.verizon.net (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP id <20030709201637.TGUT12592.out001.verizon.net@mac.com> for ; Wed, 9 Jul 2003 15:16:37 -0500 Message-ID: <3F0C781D.7010607@mac.com> Date: Wed, 09 Jul 2003 16:16:29 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "freebsd-net@freebsd.org" References: <3F0C7328.7080304@tenebras.com> In-Reply-To: <3F0C7328.7080304@tenebras.com> X-Enigmail-Version: 0.76.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out001.verizon.net from [141.149.47.46] at Wed, 9 Jul 2003 15:16:37 -0500 Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 20:16:39 -0000 Michael Sierchio wrote: [ ... ] > (NB: smiley. You're not a humorless, literal-minded prat, but some > of us are.) Nice. The last one-liner I heard that had such a good pacing to it was the remark about some politician "being off his meds and out of therapy". -- -Chuck From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 13:33:50 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E3D937B405 for ; Wed, 9 Jul 2003 13:33:50 -0700 (PDT) Received: from silver.he.iki.fi (silver.he.iki.fi [193.64.42.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEAD743FAF for ; Wed, 9 Jul 2003 13:33:48 -0700 (PDT) (envelope-from pete@he.iki.fi) Received: from PETEX31 (h81.vuokselantie10.fi [193.64.42.129]) by silver.he.iki.fi (8.12.9/8.11.4) with SMTP id h69KWRsL033105; Wed, 9 Jul 2003 23:32:27 +0300 (EEST) (envelope-from pete@he.iki.fi) Message-ID: <008e01c34659$3317d760$812a40c1@PETEX31> From: "Petri Helenius" To: "Julian Elischer" , "Brooks Davis" References: Date: Wed, 9 Jul 2003 23:32:20 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: freebsd-net@freebsd.org cc: kw3wong@engmail.uwaterloo.ca cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 20:33:50 -0000 > > how come no-one knows about netgraph.. the framework designed to do > exactly this? :-) > It's only been in use for 6 years.. > We do this and a lot more with netgraph and love the architechture, thanks goes for the people who did the architechture. So this qualifies as "somebody knows" :) Pete From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 19:05:35 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7914837B401 for ; Wed, 9 Jul 2003 19:05:35 -0700 (PDT) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id A22B343FB1 for ; Wed, 9 Jul 2003 19:05:33 -0700 (PDT) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82])h6A25KCo036817; Thu, 10 Jul 2003 10:05:21 +0800 (KRAST) (envelope-from eugen@kuzbass.ru) Message-ID: <3F0CC9D9.80A1BD78@kuzbass.ru> Date: Thu, 10 Jul 2003 10:05:13 +0800 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.8 [en] (Win98; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: Milan Obuch , net@freebsd.org References: <3F0BA58E.1F8888A2@kuzbass.ru> <20030709060958.GD69076@cell.sick.ru> <200307090853.31579.root@home.bluegrass.sk> <3F0BE1E5.6010201@he.iki.fi> <3F0BEA55.D7ABD657@kuzbass.ru> <20030709104614.GA4540@home.bluegrass.sk> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Subject: Re: unicast octets statistics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 02:05:35 -0000 Milan Obuch wrote: > > ifInOctets counts broadcasts too. > > I finished with ipfw2, thank you all. > Maybe you could 'advertise' your solution :) I use ipfw2 to count packets: from any to any in recv ep0 mac $mymac any and from any to any out xmit ep0. I know my router sends only unicast traffic to uplink so the second rule is simple. Then I use dirty ;) but simple script for net-snmp/pass_persist. Mrtg draws graphic of unicast traffic, asking snmp agent for .1.3.6.1.4.1977.ifnumber.[12] #!/bin/sh # $Id: snmpifmon,v 1.1 2003/07/09 09:25:46 eugen Exp $ # # Format: $MYMIB.ifnum.[12], 1 for input, 2 for output MYMIB=.1.3.6.1.4.1977 OFS="$IFS" while read command do case $command in PING) echo PONG ;; get) read MIB case "$MIB" in $MYMIB*) IFS=. set $MIB IFS=$OFS shift 7 if [ $# -eq 2 ]; then set `echo -n '0 '; ipfw show 4${1}${2} 2>/dev/null` if [ -n "$4" ]; then echo $MIB echo integer echo $4 else echo NONE fi else echo NONE fi ;; *) echo NONE ;; esac ;; *) echo NONE ;; esac done From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 19:56:16 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 042F337B401 for ; Wed, 9 Jul 2003 19:56:16 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7376B43FE3 for ; Wed, 9 Jul 2003 19:56:15 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h6A2t0kN033521; Wed, 9 Jul 2003 19:55:00 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h6A2stCw033509; Wed, 9 Jul 2003 19:54:55 -0700 (PDT) (envelope-from rizzo) Date: Wed, 9 Jul 2003 19:54:55 -0700 From: Luigi Rizzo To: kw3wong@engmail.uwaterloo.ca Message-ID: <20030709195455.A24039@xorpc.icir.org> References: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca>; from kw3wong@engmail.uwaterloo.ca on Wed, Jul 09, 2003 at 03:23:52PM -0400 cc: freebsd-net@freebsd.org cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 02:56:16 -0000 Hi, On Wed, Jul 09, 2003 at 03:23:52PM -0400, kw3wong@engmail.uwaterloo.ca wrote: > So here is what my code changes involved so far. BTW, I'm using FreeBSD 4.8 > > 1) Removed the check in ipfw_chk (ip_fw2.c) for whether it is layer2 or not. > This allows briged packets to still match the ipfw2 divert rules ok... >2) In bridge.c at function bdg_forward, after the ip_fw_chk_ptr (and after the >check for dummynet, around line 974), the following code fragment is added first, i would omit the special case for IP packets. Given that this code is driven by packets selected by ipfw, you can easily put the check there. At this point, this section of code becomes essentially the same as the one used for dummynet packets, so i would do the following change: if (i == 0) /* a PASS rule. */ goto forward ; - if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG)) { + if ((DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG)) || (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0)) { /* * Pass the pkt to dummynet, which consumes it. ... args.oif = real_dst; + if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG)) ip_dn_io_ptr(m, (i & 0xffff),DN_TO_BDG_FWD, &args); + else + divert_packet(m, 1, i & 0xffff, args.divert_rule); return m0 ; } /* * XXX at some point, add support for divert/forward actions. * If none of the above matches, we have to drop the packet. >3) To allow me to inject ethernet frames back into the system via divert >sockets, I've modified div_output so that it will call ether_output_frame. The >following are my changes to div_output, which is added before ip_output is >called: ok-ish though i'd probably look for a better way to tell ethernet frames from IP packets (this also for the input path, of course). >reinject it via the divert sockets - ping, ftp, etc. all work over the bridge >when my test program is running. However, I'm finding that I'm losing/leaking >mbufs.sbdrop will complain and panic that the sb_cc doesn't match up with what >the mbuf chains says - usually the sb_cc will be larger by a couple of hundred > bytes. Furthermore, a netstat -m will show that I have mbufs allocated to no idea about the sb_cc stuff, but your code in bdg_forward had a suspicious 'return NULL' which might cause a leakage. Apart from this (and from the suggestion of using netgraph), have you looked at the approach followed by vtun ? It bridges between physical and virtual (vmnet/tap) ethernet interfaces, then grabs packets from /dev/tap, processes them, and reinjects them as appropriate (ssl or whatever). In your case you could build two bridging clusters sysctl net.link.ether.bridge_cfg="xl0:1 vmnet0:1 xl1:2 vmnet1:2" and build your application as a userland bridge between /dev/tap0 and /dev/tap1. Performance should not be too different from the one you could get with your divert sockets. cheers luigi -----------------------------------+------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56122 PISA (Italy) Mobile +39-347-0373137 -----------------------------------+------------------------------------- From owner-freebsd-net@FreeBSD.ORG Wed Jul 9 23:40:25 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C4D1937B407 for ; Wed, 9 Jul 2003 23:40:22 -0700 (PDT) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id C46C443FD7 for ; Wed, 9 Jul 2003 23:40:20 -0700 (PDT) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82])h6A6eHCo054368 for ; Thu, 10 Jul 2003 14:40:17 +0800 (KRAST) (envelope-from eugen@kuzbass.ru) Message-ID: <3F0D0A4A.46C07679@kuzbass.ru> Date: Thu, 10 Jul 2003 14:40:10 +0800 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.8 [en] (Win98; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: net@freebsd.org References: <3F0BA58E.1F8888A2@kuzbass.ru> <20030709060958.GD69076@cell.sick.ru><3F0BE1E5.6010201@he.iki.fi> <20030709104614.GA4540@home.bluegrass.sk> <3F0CC9D9.80A1BD78@kuzbass.ru> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Subject: Re: unicast octets statistics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 06:40:26 -0000 Eugene Grosbein wrote: > > Milan Obuch wrote: > > > > ifInOctets counts broadcasts too. > > > I finished with ipfw2, thank you all. > > > Maybe you could 'advertise' your solution :) > > I use ipfw2 to count packets: > > from any to any in recv ep0 mac $mymac any > and > from any to any out xmit ep0. The second rule is incorrect for IPFW2, it counts packets twice. It nust be replaced with from any to any out xmit ep0 not layer2 Eugene From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 00:59:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BA43237B401 for ; Thu, 10 Jul 2003 00:59:19 -0700 (PDT) Received: from web21009.mail.yahoo.com (web21009.mail.yahoo.com [216.136.227.63]) by mx1.FreeBSD.org (Postfix) with SMTP id 7780243F85 for ; Thu, 10 Jul 2003 00:59:19 -0700 (PDT) (envelope-from vovanvinh2001@yahoo.com) Message-ID: <20030710075919.91413.qmail@web21009.mail.yahoo.com> Received: from [203.162.5.197] by web21009.mail.yahoo.com via HTTP; Thu, 10 Jul 2003 00:59:19 PDT Date: Thu, 10 Jul 2003 00:59:19 -0700 (PDT) From: Van Vinh Vo To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: mbuf and sk_buffs X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 07:59:20 -0000 i am doing the research about network layer of freeBSD and linux ! i want what difference of management and schedule beetween freeBSD mbufs and linux sk_buffs ! Thanks, Vinh __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 07:31:00 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 72CE437B401 for ; Thu, 10 Jul 2003 07:31:00 -0700 (PDT) Received: from ecserv7.uwaterloo.ca (ecserv7.uwaterloo.ca [129.97.50.127]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79D1C43F3F for ; Thu, 10 Jul 2003 07:30:59 -0700 (PDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: from ecserv7.uwaterloo.ca (localhost.uwaterloo.ca [127.0.0.1]) by ecserv7.uwaterloo.ca (8.12.6p2/8.12.6) with ESMTP id h6AE33BW082823 for ; Thu, 10 Jul 2003 10:30:58 -0400 (EDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: (from www@localhost) by ecserv7.uwaterloo.ca (8.12.6p2/8.12.6/Submit) id h69KZoKP074544; Wed, 9 Jul 2003 16:35:50 -0400 (EDT) X-Authentication-Warning: ecserv7.uwaterloo.ca: www set sender to kw3wong@engmail.uwaterloo.ca using -f Received: from 129.97.106.24 ( [129.97.106.24])with HTTP; Wed, 9 Jul 2003 16:35:50 -0400 Message-ID: <1057782950.3f0c7ca6255e8@www.nexusmail.uwaterloo.ca> Date: Wed, 9 Jul 2003 16:35:50 -0400 From: kw3wong@engmail.uwaterloo.ca To: Julian Elischer References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 / FreeBSD-4.6.2 X-Originating-IP: 129.97.106.24 cc: freebsd-net@freebsd.org cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 14:31:00 -0000 Hi Julian, Thanks for the tip, it looks like netgraph can do what I need to do. I've never used netgraph before, so I better do some background reading first before asking any more questions. I guess once I moved away from the IP layer to the link layer, divert sockets no longer make that much sense to use. Although it is very tempting since the interface is just so simple... =) Bernie Quoting Julian Elischer : > > > On Wed, 9 Jul 2003 kw3wong@engmail.uwaterloo.ca wrote: > > > Hi guys, > > > > My first attempts at hacking FreeBSD kernel code has not been very > fruitful, so > > I'm hoping someone with more experience and knowhow might be able to point > out > > the mistakes that I'm making. > > > > Firstly, let me explain what I'm trying to do. I'm currently working on a > > University project that performs some type of transformation (compression, > > > security, string replacement, etc) on packets as they pass through the > system. > > The current setup has the FreeBSD machine configured as a router, and the > > transformation is performed on packets that are routed. This is done via > divert > > sockets and everything is fine and dandy, we're getting great results from > this > > setup. > > > > However, what we want to do next is to have the machine setup as a ethernet > > > bridge instead, and the transformation is to be performed on the bridged > > packets. Unfortunately, as most of you probably know, divert sockets do not > > > work with bridges as of yet. > > > > So I've been trying to add a somewhat hack-ish support for divert sockets > over > > bridges. The concession that I'm making is that instead of diverting ip > > packets, I'll be diverting ethernet frames. In userspace my program will > > reattach the ethernet headers back onto the packet before passing it back > to > > the divert socket. A second concession is that when I sendto the divert > socket, > > the sin_zero in the sockaddr must contain the source network adaptor name. > All > > these concessions are necessary (I think) as I would otherwise not know how > to > > output the data in a ip-less bridge. > > > > The very simple way to do what you want is to use netgraph > > > look at the netgraph bridging example in /usr/share/examples/netgraph > and add a pair of netgraph sockets at the appropriate places.. > > You can intrercept any pacet at any place much like divert sockets.. > you can also do pre-filtering using the ng_bpf node that allows you to > do bpf filerring (see the ng_bpf man page) > > You can do this all from the command line and you will need to make only > minimal changes to your userland program.. > basically, get familiar with netgraph and you'll see that you have more > options than you can poke a stick at. > > > > > > > > So here is what my code changes involved so far. BTW, I'm using FreeBSD > 4.8 > > > > 1) Removed the check in ipfw_chk (ip_fw2.c) for whether it is layer2 or > not. > > This allows briged packets to still match the ipfw2 divert rules > > > > 2) In bridge.c at function bdg_forward, after the ip_fw_chk_ptr (and after > the > > check for dummynet, around line 974), the following code fragment is added > > > > if (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0) { > > struct mbuf *m; > > > > /* Need to determine whether this is an IP. If not just forward > > */ > > if (ntohs(eh->ether_type) != ETHERTYPE_IP) > > goto forward; > > > > if ( shared ) { > > int j = min(m0->m_pkthdr.len + ETHER_HDR_LEN, max_protohdr) ; > > > > m0 = m_pullup(m0, j) ; > > if (m0 == NULL) > > return NULL; > > } > > > > if (shared == 0 && once ) { /* no need to copy */ > > m = m0 ; > > m0 = NULL ; /* original is gone */ > > } else { > > m = m_copypacket(m0, M_DONTWAIT); > > if (m == NULL) { > > printf("bdg_forward: sorry, m_copypacket failed!\n"); > > return m0 ; /* the original is still there... */ > > } > > } > > > > if ( (void *)(eh + 1) == (void *)m->m_data) { > > m->m_data -= ETHER_HDR_LEN ; > > m->m_len += ETHER_HDR_LEN ; > > m->m_pkthdr.len += ETHER_HDR_LEN ; > > bdg_predict++; > > } else { > > M_PREPEND(m, ETHER_HDR_LEN, M_DONTWAIT); > > if (m == NULL) > > { > > printf("M_PREPEND failed\n"); > > /* Should probably return original instead of NULL */ > > /* return NULL; */ > > return m0; > > } > > bcopy(&save_eh, mtod(m, struct ether_header *), > ETHER_HDR_LEN); > > } > > > > divert_packet(m, 1, i & 0xffff, args.divert_rule); > > return NULL; > > } > > > > This allows me to divert the ethernet frames to userspace. > > > > > > 3) To allow me to inject ethernet frames back into the system via divert > > sockets, I've modified div_output so that it will call ether_output_frame. > The > > following are my changes to div_output, which is added before ip_output is > > > called: > > > > /* rcvif is copied from sin_zero, and is required to be valid > > for the current system to work > > */ > > if (m->m_pkthdr.rcvif != NULL && BDG_USED(m->m_pkthdr.rcvif)) > > { > > if (m->m_len < sizeof(struct ether_header)) { > > /* XXX error in the caller. */ > > error = EINVAL; > > goto cantsend; > > } > > > > return ether_output_frame(m->m_pkthdr.rcvif, m); > > } > > > > 4) In userspace for testing purposes, I have a program that simply reads > from > > the divert socket, and writes back out to it - here's the core snippet of > the > > code. > > > > while (true) > > { > > sstBytes = ::recvfrom(nFD, kpucInPacket, sizeof(kpucInPacket), 0, > > (struct sockaddr *) &SockAddr, &AddrLen); > > > > if (sstBytes == -1) > > ::err(errno, "recvfrom"); > > > > ::bcopy(SockAddr.sin_zero, > > SockAddrSend.sin_zero, > > sizeof(SockAddr.sin_zero)); > > > > int nSendBytes = ::sendto(nSendFD, (void*)kpucInPacket, sstBytes, > 0, > > (struct sockaddr *) &SockAddrSend, sizeof(SockAddrSend)); > > > > if (nSendBytes != sstBytes) > > ::err(errno, "sendto"); > > } > > > > > > Now I understand I'm breaking lots of abstractions/layers, but I do plan to > > > clean that up a bit later. And I also understand that perhaps no one else > in > > the world needs this functionality - although I can see a couple of other > > possible applications for it. > > > Netgraph is a link-layer manipulation framework.. > for link-layer stuff it works much better than divert.... > > (I'm not biased.. archie and I wrote both of them for different reasons > :-) > > > > > The changes does seem to work, I'm able to receive the ethernet frame and > also > > reinject it via the divert sockets - ping, ftp, etc. all work over the > bridge > > when my test program is running. However, I'm finding that I'm > losing/leaking > > mbufs. sbdrop will complain and panic that the sb_cc doesn't match up with > what > > the mbuf chains says - usually the sb_cc will be larger by a couple of > hundred > > bytes. Furthermore, a netstat -m will show that I have mbufs allocated to > > socket names and address even after the termination of the diverting > program. > > This only seem to happen when I transfer over ftp a really large file > (>100M) > > at high speed (full line speed of a 100Mbps network). Ping and ftping small > > > files do not seem to cause the mbuf leakage. > > > > So my question is, does anyone see where I might be losing the mbufs - is > there > > some mbufs that must be freed or not freed that I'm not aware of? I've > never > > worked on the FreeBSD kernel before, so I'm not sure 100% sure how to > correctly > > manage the mbufs. Any advise, tips, discussion, anything will be highly > > appreciated! =) If anyone needs any more clarification/information, just > ask > > and I'll try my best to explain myself better. > > > > Thanks!! > > Bernie > > haven't looked enough to spot your leak.. > I'd just use netgraph.. > (use libnetgraph to do netgraph manipulations from your program) > > > > > ---------------------------------------- > > This mail sent through www.mywaterloo.ca > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > ---------------------------------------- This mail sent through www.mywaterloo.ca From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 09:49:58 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EE28D37B401; Thu, 10 Jul 2003 09:49:58 -0700 (PDT) Received: from proton.hexanet.fr (proton.hexanet.fr [81.23.32.33]) by mx1.FreeBSD.org (Postfix) with ESMTP id B237C43FAF; Thu, 10 Jul 2003 09:49:57 -0700 (PDT) (envelope-from c.prevotaux@hexanet.fr) Received: from proton.hexanet.fr (localhost [127.0.0.1]) by proton.hexanet.fr (8.12.9/8.12.9) with SMTP id h6AGntvG000313; Thu, 10 Jul 2003 18:49:55 +0200 (CEST) (envelope-from c.prevotaux@hexanet.fr) Date: Thu, 10 Jul 2003 18:49:55 +0200 From: Christophe Prevotaux To: freebsd-stable@freebsd.org, freebsd-net@freebsd.org Message-Id: <20030710184955.076e2b9c.c.prevotaux@hexanet.fr> Organization: HEXANET Sarl X-Mailer: Sylpheed version 0.8.11 (GTK+ 1.2.10; i386-portbld-freebsd4.8) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: pppoed problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 16:49:59 -0000 Hi, I am trying to setup a pppoed server using 4.8-STABLE and I get the following error when starting the pppoed process /usr/libexec/pppoed -Fd -P /var/run/pppoed.pid -n 5 -p "*" rl1 pppoed: SENDING MESSAGE: pppoed: SOCKADDR: { fam=3D32 len=3D14 addr=3D".:pppoe-312" } pppoed: NG_MESG : pppoed: vers 2 pppoed: arglen 19 pppoed: flags 0 pppoed: token 7 pppoed: cookie PPPOE (939032003) pppoed: sendto(.:pppoe-312): No such file or directory pppoed: [error decoding message: No such file or directory] pppoed: cmd 3 pppoed: args (19 bytes) pppoed: 0000: 70 70 70 6f 65 2d 33 31 32 00 bf bf 00 92 04 08 pppoe-312.= ...... pppoed: 0010: 01 00 2a ..* = =20 pppoed[312]: Listening as provider * Of course the pppoed does see the PPPOE PADI messages because of this I guess. Can anyone tell me what I am doing wrong ? and how to fix this ?=20 -- =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Christophe Prevotaux Email: c.prevotaux@hexanet.fr HEXANET SARL URL: http://www.hexanet.fr/ Z.A.C Les Charmilles Tel: +33 (0)3 26 79 30 05=20 3 All=E9e Thierry Sabine Direct: +33 (0)3 26 61 77 72=20 BP202 Fax: +33 (0)3 26 79 30 06 51686 Reims Cedex 2 =20 FRANCE HEXANET Network Operation Center =20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 11:10:18 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0ADD137B401 for ; Thu, 10 Jul 2003 11:10:18 -0700 (PDT) Received: from ecserv7.uwaterloo.ca (ecserv7.uwaterloo.ca [129.97.50.127]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2F8B543F3F for ; Thu, 10 Jul 2003 11:10:17 -0700 (PDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: from ecserv7.uwaterloo.ca (localhost.uwaterloo.ca [127.0.0.1]) h6AIAGWa004243; Thu, 10 Jul 2003 14:10:16 -0400 (EDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: (from www@localhost) by ecserv7.uwaterloo.ca (8.12.6p2/8.12.6/Submit) id h6AIAFP8004242; Thu, 10 Jul 2003 14:10:15 -0400 (EDT) (envelope-from kw3wong@engmail.uwaterloo.ca) X-Authentication-Warning: ecserv7.uwaterloo.ca: www set sender to kw3wong@engmail.uwaterloo.ca using -f Received: from 129.97.106.24 ( [129.97.106.24])with HTTP; Thu, 10 Jul 2003 14:10:15 -0400 Message-ID: <1057860615.3f0dac07e1418@www.nexusmail.uwaterloo.ca> Date: Thu, 10 Jul 2003 14:10:15 -0400 From: kw3wong@engmail.uwaterloo.ca To: Luigi Rizzo References: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> <20030709195455.A24039@xorpc.icir.org> In-Reply-To: <20030709195455.A24039@xorpc.icir.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 / FreeBSD-4.6.2 X-Originating-IP: 129.97.106.24 cc: freebsd-net@freebsd.org cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 18:10:18 -0000 Hi Luigi, Thanks for response, the vmnet/tap stuff sounds like neat stuff. After reading the description of tap (from the vtun site), the system seems to make a lot of sense. However, I'm not sure how vmnet comes into play here - what purpose does it serve, shouldn't I just be able to read from the /dev/tap0 and bridge between tap0 and fxp0? I tried writing a simple program to use tap. Basically, I have the bridge setup as such net.link.ether.bridge_cfg: fxp0:0,tap0:0 tap1:1 bge0:1 And I ran this quick test program that I wrote: #include // ssize_t #include // ::socket #include // n_long #include // IPPROTO_DIVERT, struct sockaddr_in #include // IP_MAXPACKET #include // struct tcphdr #include // ::fcntl #include // ::err #include // errno #include // ::printf #include // ::bcopy #include // ::close #define MAX(a, b) (((a) > (b)) ? (a) : (b)) /** main */ int main() { int nFDRight; int nFDLeft; unsigned char kpucInPacket[IP_MAXPACKET]; nFDRight = open("/dev/tap0", O_RDWR); if (nFDRight < 0) ::err(errno, "open"); nFDLeft = open("/dev/tap1", O_RDWR); if (nFDLeft < 0) ::err(errno, "open"); fd_set masterReadSocks; fd_set currentReadSocks; FD_ZERO(&masterReadSocks); FD_SET(nFDRight,&masterReadSocks); FD_SET(nFDLeft, &masterReadSocks); int nMaxFD = MAX(nFDRight, nFDLeft); while (true) { ::bcopy(&masterReadSocks, ¤tReadSocks, sizeof(fd_set)); int nSelectValue = select(nMaxFD + 1, ¤tReadSocks, NULL, NULL, NULL); printf("Unblocked on select\n"); if (nSelectValue == -1) { /* Signal interrupted, just continue */ if (errno == EINTR) continue; ::err(errno, "select"); } if (FD_ISSET(nFDRight, ¤tReadSocks)) { int nReadSize = read(nFDRight, kpucInPacket, sizeof(kpucInPacket)); if (nReadSize < 0) err(errno, "read"); if (write(nFDLeft, kpucInPacket, nReadSize) < 0) err(errno, "write"); } if (FD_ISSET(nFDLeft, ¤tReadSocks)) { int nReadSize = read(nFDLeft, kpucInPacket, sizeof(kpucInPacket)); if (nReadSize < 0) err(errno, "read"); if (write(nFDRight, kpucInPacket, nReadSize) < 0) err(errno, "write"); } } close(nFDLeft); close(nFDRight); } Unfortunately, it doesn't work, it only gets a read event when I make changes to the tap interface via ifconfig. I guess I don't fully understand how the /dev/tapN interface works, can you (or anybody who also know) point out what I'm doing wrong? Thanks again! Bernie ---------------------------------------- This mail sent through www.mywaterloo.ca From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 11:37:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0987937B401 for ; Thu, 10 Jul 2003 11:37:19 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7B49943F85 for ; Thu, 10 Jul 2003 11:37:18 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h6AIbFkN038576; Thu, 10 Jul 2003 11:37:15 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h6AIbFZt038575; Thu, 10 Jul 2003 11:37:15 -0700 (PDT) (envelope-from rizzo) Date: Thu, 10 Jul 2003 11:37:15 -0700 From: Luigi Rizzo To: kw3wong@engmail.uwaterloo.ca Message-ID: <20030710113715.A37895@xorpc.icir.org> References: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> <20030709195455.A24039@xorpc.icir.org> <1057860615.3f0dac07e1418@www.nexusmail.uwaterloo.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <1057860615.3f0dac07e1418@www.nexusmail.uwaterloo.ca>; from kw3wong@engmail.uwaterloo.ca on Thu, Jul 10, 2003 at 02:10:15PM -0400 cc: freebsd-net@freebsd.org cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 18:37:19 -0000 On Thu, Jul 10, 2003 at 02:10:15PM -0400, kw3wong@engmail.uwaterloo.ca wrote: > Hi Luigi, > >Thanks for response, the vmnet/tap stuff sounds like neat stuff. After reading >the description of tap (from the vtun site), the system seems to make a lot of >sense.However, I'm not sure how vmnet comes into play here - what purpose does >it serve, shouldn't I just be able to read from the /dev/tap0 and bridge >between tap0 and fxp0? It's just a naming issue, vmnetX is the network-device name of /dev/tapX. (the ip-equivalent thing, "tun", has the same name for both the network device and the device entry in the filesystem. As a matter of fact the latter is totally arbitrary so "tun" perhaps should be called "vmnet"...) Packets written by a process to /dev/tapX are seen by the network layer as coming from vmnetX; packets sent by the network layer to vmnetX can be read by a process from /dev/tapX > net.link.ether.bridge_cfg: fxp0:0,tap0:0 tap1:1 bge0:1 here you have to use the names vmnet0 and vmnet1 cheers luigi From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 11:55:29 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DCF7537B401 for ; Thu, 10 Jul 2003 11:55:29 -0700 (PDT) Received: from rwcrmhc11.comcast.net (rwcrmhc11.comcast.net [204.127.198.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 43B9543F3F for ; Thu, 10 Jul 2003 11:55:29 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([12.233.125.100]) by attbi.com (rwcrmhc11) with ESMTP id <2003071018552001300gtcmae>; Thu, 10 Jul 2003 18:55:20 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id LAA41238; Thu, 10 Jul 2003 11:55:18 -0700 (PDT) Date: Thu, 10 Jul 2003 11:55:17 -0700 (PDT) From: Julian Elischer To: kw3wong@engmail.uwaterloo.ca In-Reply-To: <1057782950.3f0c7ca6255e8@www.nexusmail.uwaterloo.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 18:55:30 -0000 On Wed, 9 Jul 2003 kw3wong@engmail.uwaterloo.ca wrote: > Hi Julian, > > Thanks for the tip, it looks like netgraph can do what I need to do. I've never > used netgraph before, so I better do some background reading first before > asking any more questions. > > I guess once I moved away from the IP layer to the link layer, divert sockets > no longer make that much sense to use. Although it is very tempting since the > interface is just so simple... =) > > Bernie > > grab the source for nghook /usr/src/usr.sbin/nghook and hack it to open 2 interfaces at once nghook would take teh arguments nghook fxp0: lower to intercept all packets coming in on fxp0 and to be able to send packets out through it. nghook fxp0: upper intercepts all packets from the local machine that would go out through fxp0, and any packets you sed there would be received by the system. If you hack nghook to open multiple of these connections than you can read and write to teh various places at will. alternatively you could hack the ng_bridge node to pass all packets to you. As luigi suggest, you could also use the 'tap' interface type of thing using a bridge of some type so get the oackets you want to it. This is effectively the same as the ng_eiface node type except that the eiface netgraph passes its output through a netgraph interface so that it can be piped through more netgraph nodes (e.g. filterred or fed into a socket directly) where tap passes its data to a device /dev/tapX. Having done quite a bit of this I suggest you look at http://ezine.daemonnews.org/200003/netgraph.html for an overview of how netgraph works... julian From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 12:35:47 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 328F737B404 for ; Thu, 10 Jul 2003 12:35:47 -0700 (PDT) Received: from ecserv7.uwaterloo.ca (ecserv7.uwaterloo.ca [129.97.50.127]) by mx1.FreeBSD.org (Postfix) with ESMTP id B32FA43FA3 for ; Thu, 10 Jul 2003 12:35:45 -0700 (PDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: from ecserv7.uwaterloo.ca (localhost.uwaterloo.ca [127.0.0.1]) h6AJZiWa010034; Thu, 10 Jul 2003 15:35:44 -0400 (EDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: (from www@localhost) by ecserv7.uwaterloo.ca (8.12.6p2/8.12.6/Submit) id h6AJZie3010033; Thu, 10 Jul 2003 15:35:44 -0400 (EDT) (envelope-from kw3wong@engmail.uwaterloo.ca) X-Authentication-Warning: ecserv7.uwaterloo.ca: www set sender to kw3wong@engmail.uwaterloo.ca using -f Received: from 129.97.106.24 ( [129.97.106.24])with HTTP; Thu, 10 Jul 2003 15:35:44 -0400 Message-ID: <1057865744.3f0dc0103f795@www.nexusmail.uwaterloo.ca> Date: Thu, 10 Jul 2003 15:35:44 -0400 From: kw3wong@engmail.uwaterloo.ca To: Luigi Rizzo References: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> <20030709195455.A24039@xorpc.icir.org> <1057860615.3f0dac07e1418@www.nexusmail.uwaterloo.ca> <20030710113715.A37895@xorpc.icir.org> In-Reply-To: <20030710113715.A37895@xorpc.icir.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 / FreeBSD-4.6.2 X-Originating-IP: 129.97.106.24 cc: freebsd-net@freebsd.org cc: dsze@engmail.uwaterloo.ca Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 19:35:47 -0000 Hi Luigi, > It's just a naming issue, vmnetX is the network-device name of /dev/tapX. > (the ip-equivalent thing, "tun", has the same name for both the network > device and the device entry in the filesystem. As a matter of fact the > latter is totally arbitrary so "tun" perhaps should be called "vmnet"...) But when I do a ifconfig, only tapX devices are there, where there is no vmnetX devices. And when I set up the bridge with vmnetX, the kernel will complain that the vmnetX devices do not exist. Do I need to perform a makedev on it first to create the devices? If so, do they have a special major and minor number that I should assign it to? Bernie ---------------------------------------- This mail sent through www.mywaterloo.ca From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 13:06:33 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 62B4237B405 for ; Thu, 10 Jul 2003 13:06:33 -0700 (PDT) Received: from sapo.pt (relay2.ptm.pt [194.65.79.76]) by mx1.FreeBSD.org (Postfix) with SMTP id C724743F3F for ; Thu, 10 Jul 2003 13:06:31 -0700 (PDT) (envelope-from nunotex@pt-quorum.com) Received: (qmail 18347 invoked from network); 10 Jul 2003 20:06:27 -0000 Received: from unknown (HELO sapo.pt) (194.65.79.78) by relay2.ptm.pt with SMTP; 10 Jul 2003 20:06:27 -0000 Received: (qmail 2443 invoked by uid 0); 10 Jul 2003 20:06:27 -0000 Received: from unknown (HELO gw.tex.bogus) (as1303000@sapo.pt@[81.193.17.96]) (envelope-sender ) by sapo.pt (qmail-ldap-1.03) with SMTP for ; 10 Jul 2003 20:06:27 -0000 Received: by gw.tex.bogus (Postfix, from userid 1001) id 78B414570; Thu, 10 Jul 2003 21:06:21 +0000 (GMT) Date: Thu, 10 Jul 2003 21:06:21 +0000 From: Nuno Teixeira To: freebsd-hackers@freebsd.org Message-ID: <20030710210621.GC652@gw.tex.bogus> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Operating-System: FreeBSD 5.1-RELEASE User-Agent: Mutt/1.5.4i cc: freebsd-net@freebsd.org Subject: FreeBSD lacks PPPoE (pppoa3 solution) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 20:06:33 -0000 Hello to all, I'm using FreeBSD for almost 4 years and I will continue with it because I can't find better. I subscribed to a ADSL connection in Portugal that supports only PPPoE (and not PPPoA). Almost everyone in Portugal uses only 2 modems (supported by ISPs): Siemens Santis USB and Alcatel SpeedTouch 330 USB. Linux people has already support to Alcatel USB modems with PPPoE connections and FreeBSD still lacks of PPPoE support. I don't like Linux so, to solve my home network problem, I install a Windows machine to share the Internet (ooops!) across my LAN. The new Speedtouch 1.2 beta2 driver (http://speedtouch.sourceforge.net/index.php?/news.en.html), already support Bridging 1483 mode (PPPoE support) in pppoa3 but without use in FreeBSD. Please read the following thread to see some solutions for implementing PPPoE in FreeBSD. http://www.mail-archive.com/speedtouch@ml.free.fr/msg04514.html For what you can see in this thread: "...that task is simply a matter of two or three #ifdefs for each BSD flavor, but nobody seems volunteering to accomplish it." I'm just a FreeBSD user not a programmer or hacker, so I can only help FreeBSD community asking you to try to implement PPPoE in FreeBSD so everyone uses it. Thanks very much for your great work, Nuno Teixeira -- /* PGP fingerprint: C6D1 06ED EB54 A99C 6B14 6732 0A5D 810D 727D F6C6 */ From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 13:29:33 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B9D8D37B401; Thu, 10 Jul 2003 13:29:33 -0700 (PDT) Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.198.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E84B43F3F; Thu, 10 Jul 2003 13:29:30 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([12.233.125.100]) by attbi.com (rwcrmhc13) with ESMTP id <20030710202929015007athee>; Thu, 10 Jul 2003 20:29:29 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id NAA41883; Thu, 10 Jul 2003 13:29:28 -0700 (PDT) Date: Thu, 10 Jul 2003 13:29:26 -0700 (PDT) From: Julian Elischer To: Nuno Teixeira In-Reply-To: <20030710210621.GC652@gw.tex.bogus> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-hackers@freebsd.org cc: freebsd-net@freebsd.org Subject: Re: FreeBSD lacks PPPoE (pppoa3 solution) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 20:29:34 -0000 I'm confused.. FreeBSD has had full PPPoE support for about 4 years. there is also PPPoA support.. why do you think there is not? On Thu, 10 Jul 2003, Nuno Teixeira wrote: > > Hello to all, > > I'm using FreeBSD for almost 4 years and I will continue with it because > I can't find better. > > I subscribed to a ADSL connection in Portugal that supports only PPPoE > (and not PPPoA). > > Almost everyone in Portugal uses only 2 modems (supported by ISPs): > Siemens Santis USB and Alcatel SpeedTouch 330 USB. > > Linux people has already support to Alcatel USB modems with PPPoE > connections and FreeBSD still lacks of PPPoE support. > > I don't like Linux so, to solve my home network problem, I install a > Windows machine to share the Internet (ooops!) across my LAN. > > The new Speedtouch 1.2 beta2 driver (http://speedtouch.sourceforge.net/index.php?/news.en.html), > already support Bridging 1483 mode (PPPoE support) in pppoa3 but without > use in FreeBSD. > > Please read the following thread to see some solutions for implementing > PPPoE in FreeBSD. > > http://www.mail-archive.com/speedtouch@ml.free.fr/msg04514.html > > For what you can see in this thread: > > "...that task is simply a matter of two or three #ifdefs for each > BSD flavor, but nobody seems volunteering to accomplish it." > > I'm just a FreeBSD user not a programmer or hacker, so I can only help > FreeBSD community asking you to try to implement PPPoE in FreeBSD so > everyone uses it. > > > > Thanks very much for your great work, > > Nuno Teixeira > > -- > > /* > PGP fingerprint: > C6D1 06ED EB54 A99C 6B14 6732 0A5D 810D 727D F6C6 > */ > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 13:45:22 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3ED4037B401 for ; Thu, 10 Jul 2003 13:45:22 -0700 (PDT) Received: from sapo.pt (relay1.ptm.pt [194.65.79.75]) by mx1.FreeBSD.org (Postfix) with SMTP id 55BD143F93 for ; Thu, 10 Jul 2003 13:45:20 -0700 (PDT) (envelope-from nunotex@pt-quorum.com) Received: (qmail 24386 invoked from network); 10 Jul 2003 20:45:19 -0000 Received: from unknown (HELO sapo.pt) (194.65.79.72) by relay1.ptm.pt with SMTP; 10 Jul 2003 20:45:19 -0000 Received: (qmail 22815 invoked by uid 0); 10 Jul 2003 20:45:17 -0000 Received: from unknown (HELO gw.tex.bogus) (as1303000@sapo.pt@[81.193.17.96]) (envelope-sender ) by sapo.pt (qmail-ldap-1.03) with SMTP for ; 10 Jul 2003 20:45:17 -0000 Received: by gw.tex.bogus (Postfix, from userid 1001) id 6459742D3; Thu, 10 Jul 2003 21:45:08 +0000 (GMT) Date: Thu, 10 Jul 2003 21:45:08 +0000 From: Nuno Teixeira To: Julian Elischer Message-ID: <20030710214508.GD73403@gw.tex.bogus> References: <20030710210621.GC652@gw.tex.bogus> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 5.1-RELEASE User-Agent: Mutt/1.5.4i cc: freebsd-hackers@freebsd.org cc: freebsd-net@freebsd.org Subject: Re: FreeBSD lacks PPPoE (pppoa3 solution) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 20:45:22 -0000 Hi, Please see http://speedtouch.sourceforge.net/index.php?/news.en.html "Real" PPPoE with a ethernet card connected with a ADSL Modem works. This problem is related with ISPs that supports *only* PPPoE protocol with USB Modems (this case Alcatel) that "emulates" ethernet with TUN/TAP devices. USB modems don't have a connection to ethernet cards. FreeBSD pppoa port works ok with Alcatel USB Modems but only for PPPoA protocols and not PPPoE. Almost all europe ISPs only support PPPoE and not PPPoA (I don't know the reason why). Thanks, Nuno Teixeira On Thu, Jul 10, 2003 at 01:29:26PM -0700, Julian Elischer wrote: > I'm confused.. FreeBSD has had full PPPoE support for about 4 years. > > there is also PPPoA support.. > > why do you think there is not? > > > > > > On Thu, 10 Jul 2003, Nuno Teixeira wrote: > > > > > Hello to all, > > > > I'm using FreeBSD for almost 4 years and I will continue with it because > > I can't find better. > > > > I subscribed to a ADSL connection in Portugal that supports only PPPoE > > (and not PPPoA). > > > > Almost everyone in Portugal uses only 2 modems (supported by ISPs): > > Siemens Santis USB and Alcatel SpeedTouch 330 USB. > > > > Linux people has already support to Alcatel USB modems with PPPoE > > connections and FreeBSD still lacks of PPPoE support. > > > > I don't like Linux so, to solve my home network problem, I install a > > Windows machine to share the Internet (ooops!) across my LAN. > > > > The new Speedtouch 1.2 beta2 driver (http://speedtouch.sourceforge.net/index.php?/news.en.html), > > already support Bridging 1483 mode (PPPoE support) in pppoa3 but without > > use in FreeBSD. > > > > Please read the following thread to see some solutions for implementing > > PPPoE in FreeBSD. > > > > http://www.mail-archive.com/speedtouch@ml.free.fr/msg04514.html > > > > For what you can see in this thread: > > > > "...that task is simply a matter of two or three #ifdefs for each > > BSD flavor, but nobody seems volunteering to accomplish it." > > > > I'm just a FreeBSD user not a programmer or hacker, so I can only help > > FreeBSD community asking you to try to implement PPPoE in FreeBSD so > > everyone uses it. > > > > > > > > Thanks very much for your great work, > > > > Nuno Teixeira > > > > -- > > > > /* > > PGP fingerprint: > > C6D1 06ED EB54 A99C 6B14 6732 0A5D 810D 727D F6C6 > > */ > > _______________________________________________ > > freebsd-hackers@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" -- /* PGP fingerprint: C6D1 06ED EB54 A99C 6B14 6732 0A5D 810D 727D F6C6 */ From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 14:19:46 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E2EFC37B405 for ; Thu, 10 Jul 2003 14:19:46 -0700 (PDT) Received: from ecserv7.uwaterloo.ca (ecserv7.uwaterloo.ca [129.97.50.127]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0979F43FBF for ; Thu, 10 Jul 2003 14:19:45 -0700 (PDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: from ecserv7.uwaterloo.ca (localhost.uwaterloo.ca [127.0.0.1]) h6ALJiWa016325; Thu, 10 Jul 2003 17:19:44 -0400 (EDT) (envelope-from kw3wong@engmail.uwaterloo.ca) Received: (from www@localhost) by ecserv7.uwaterloo.ca (8.12.6p2/8.12.6/Submit) id h6ALJipm016324; Thu, 10 Jul 2003 17:19:44 -0400 (EDT) (envelope-from kw3wong@engmail.uwaterloo.ca) X-Authentication-Warning: ecserv7.uwaterloo.ca: www set sender to kw3wong@engmail.uwaterloo.ca using -f Received: from 129.97.106.24 ( [129.97.106.24])with HTTP; Thu, 10 Jul 2003 17:19:44 -0400 Message-ID: <1057871984.3f0dd8701e4db@www.nexusmail.uwaterloo.ca> Date: Thu, 10 Jul 2003 17:19:44 -0400 From: kw3wong@engmail.uwaterloo.ca To: kw3wong@engmail.uwaterloo.ca References: <1057778632.3f0c6bc8af474@www.nexusmail.uwaterloo.ca> <20030709195455.A24039@xorpc.icir.org> <1057860615.3f0dac07e1418@www.nexusmail.uwaterloo.ca> <20030710113715.A37895@xorpc.icir.org> <1057865744.3f0dc0103f795@www.nexusmail.uwaterloo.ca> In-Reply-To: <1057865744.3f0dc0103f795@www.nexusmail.uwaterloo.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 / FreeBSD-4.6.2 X-Originating-IP: 129.97.106.24 cc: Luigi Rizzo cc: dsze@engmail.uwaterloo.ca cc: freebsd-net@freebsd.org Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 21:19:47 -0000 Hi guys, I finally got it working - apparently, the taps won't work unless I were to ifconfig the tap device with an ip address (I don't think an ip address is actually needed, but the ifconfig probably does some ioctl that is needed to start up the tap device). I'll try to find what exact ioctl call is necessary to jump start it. Thanks for everyone's help, I didn't know there are so many potential solutions out there for this problem. I'm so glad to find out first hand what a friendly and helpful developer community that FreeBSD has! Thanks! Bernie Quoting kw3wong@engmail.uwaterloo.ca: > Hi Luigi, > > > It's just a naming issue, vmnetX is the network-device name of /dev/tapX. > > (the ip-equivalent thing, "tun", has the same name for both the network > > device and the device entry in the filesystem. As a matter of fact the > > latter is totally arbitrary so "tun" perhaps should be called "vmnet"...) > > But when I do a ifconfig, only tapX devices are there, where there is no > vmnetX > devices. And when I set up the bridge with vmnetX, the kernel will complain > that the vmnetX devices do not exist. Do I need to perform a makedev on it > first to create the devices? If so, do they have a special major and minor > number that I should assign it to? > > Bernie > > ---------------------------------------- > This mail sent through www.mywaterloo.ca > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > ---------------------------------------- This mail sent through www.mywaterloo.ca From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 19:01:49 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2091737B409 for ; Thu, 10 Jul 2003 19:01:49 -0700 (PDT) Received: from www.ambrisko.com (adsl-64-174-51-42.dsl.snfc21.pacbell.net [64.174.51.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 371FE43FCB for ; Thu, 10 Jul 2003 19:01:48 -0700 (PDT) (envelope-from ambrisko@www.ambrisko.com) Received: from www.ambrisko.com (localhost [127.0.0.1]) by www.ambrisko.com (8.12.8p1/8.12.8) with ESMTP id h6B21aO7037868; Thu, 10 Jul 2003 19:01:36 -0700 (PDT) (envelope-from ambrisko@www.ambrisko.com) Received: (from ambrisko@localhost) by www.ambrisko.com (8.12.8p1/8.12.8/Submit) id h6B21Zl5037863; Thu, 10 Jul 2003 19:01:35 -0700 (PDT) (envelope-from ambrisko) From: Doug Ambrisko Message-Id: <200307110201.h6B21Zl5037863@www.ambrisko.com> In-Reply-To: <1057860615.3f0dac07e1418@www.nexusmail.uwaterloo.ca> To: kw3wong@engmail.uwaterloo.ca Date: Thu, 10 Jul 2003 19:01:35 -0700 (PDT) X-Mailer: ELM [version 2.4ME+ PL94b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII cc: Luigi Rizzo cc: freebsd-net@freebsd.org Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 02:01:49 -0000 kw3wong@engmail.uwaterloo.ca writes: [ Charset ISO-8859-1 unsupported, converting... ] | Hi Luigi, | | Thanks for response, the vmnet/tap stuff sounds like neat stuff. After reading | the description of tap (from the vtun site), the system seems to make a lot of | sense. However, I'm not sure how vmnet comes into play here - what purpose does | it serve, shouldn't I just be able to read from the /dev/tap0 and bridge | between tap0 and fxp0? | | I tried writing a simple program to use tap. Basically, I have the bridge setup | as such | | net.link.ether.bridge_cfg: fxp0:0,tap0:0 tap1:1 bge0:1 | | And I ran this quick test program that I wrote: How about a simpler one echo hello > /dev/vmnet0 cat /dev/vmnet0 | Unfortunately, it doesn't work, it only gets a read event when I make changes | to the tap interface via ifconfig. I guess I don't fully understand how | the /dev/tapN interface works, can you (or anybody who also know) point out | what I'm doing wrong? Thanks again! I use vmnet since it stays persistant across opens and closes. So the above would have issues with tap. For bridging you probably need (for -stable): Index: if_tap.c =================================================================== RCS file: /cvs/src/sys/net/if_tap.c,v retrieving revision 1.3.2.3 diff -c -r1.3.2.3 if_tap.c *** if_tap.c 14 Apr 2002 21:41:48 -0000 1.3.2.3 --- if_tap.c 11 Jul 2003 01:57:28 -0000 *************** *** 426,431 **** --- 426,432 ---- return (dummy); case SIOCSIFFLAGS: /* XXX -- just like vmnet does */ + tapifinit(tp); case SIOCADDMULTI: case SIOCDELMULTI: break; or you lose stuff. I have a user-land packet translator that opens a couple of vmnet devices and then bridge those nodes to the HW I want. It works well. Initially I used tap but since every open and closed created a new iface instance the world started to go bad after a lot of stops and starts of the program. Doug A. From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 19:07:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AEAC937B404 for ; Thu, 10 Jul 2003 19:07:52 -0700 (PDT) Received: from www.ambrisko.com (adsl-64-174-51-42.dsl.snfc21.pacbell.net [64.174.51.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 88FAE43FB1 for ; Thu, 10 Jul 2003 19:07:51 -0700 (PDT) (envelope-from ambrisko@www.ambrisko.com) Received: from www.ambrisko.com (localhost [127.0.0.1]) by www.ambrisko.com (8.12.8p1/8.12.8) with ESMTP id h6B27eO7038192; Thu, 10 Jul 2003 19:07:40 -0700 (PDT) (envelope-from ambrisko@www.ambrisko.com) Received: (from ambrisko@localhost) by www.ambrisko.com (8.12.8p1/8.12.8/Submit) id h6B27e6q038191; Thu, 10 Jul 2003 19:07:40 -0700 (PDT) (envelope-from ambrisko) From: Doug Ambrisko Message-Id: <200307110207.h6B27e6q038191@www.ambrisko.com> In-Reply-To: <1057865744.3f0dc0103f795@www.nexusmail.uwaterloo.ca> To: kw3wong@engmail.uwaterloo.ca Date: Thu, 10 Jul 2003 19:07:40 -0700 (PDT) X-Mailer: ELM [version 2.4ME+ PL94b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Question about bridging code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 02:07:53 -0000 kw3wong@engmail.uwaterloo.ca writes: | > It's just a naming issue, vmnetX is the network-device name of /dev/tapX. | > (the ip-equivalent thing, "tun", has the same name for both the network | > device and the device entry in the filesystem. As a matter of fact the | > latter is totally arbitrary so "tun" perhaps should be called "vmnet"...) | | But when I do a ifconfig, only tapX devices are there, where there is no vmnetX | devices. And when I set up the bridge with vmnetX, the kernel will complain | that the vmnetX devices do not exist. Do I need to perform a makedev on it | first to create the devices? If so, do they have a special major and minor | number that I should assign it to? Yes a different offset of minor number maps into vmnetX: a21p% ls -l /compat/linux/dev/vmnet? crw-r--r-- 1 root wheel 149, 0x00010001 Jul 8 18:34 /compat/linux/dev/vmnet1 crw-r--r-- 1 root wheel 149, 0x00010002 Jul 1 19:20 /compat/linux/dev/vmnet2 crw-r--r-- 1 root wheel 149, 0x00010003 Jul 1 19:20 /compat/linux/dev/vmnet3 crw-r--r-- 1 root wheel 149, 0x00010004 Mar 21 2002 /compat/linux/dev/vmnet4 crw-r--r-- 1 root wheel 149, 0x00010005 May 12 09:26 /compat/linux/dev/vmnet5 crw-r--r-- 1 root wheel 149, 0x00010006 Jun 9 15:45 /compat/linux/dev/vmnet6 crw-r--r-- 1 root wheel 149, 0x00010007 Jun 9 15:45 /compat/linux/dev/vmnet7 crw-r--r-- 1 root wheel 149, 0x00010008 Jan 10 2002 /compat/linux/dev/vmnet8 crw-r--r-- 1 root wheel 149, 0x00010009 Jan 10 2002 /compat/linux/dev/vmnet9 a21p% ls -l /dev/tap? crw------- 1 root network 149, 0 Aug 6 2002 /dev/tap0 crw------- 1 root network 149, 1 Aug 6 2002 /dev/tap1 crw------- 1 root network 149, 2 Aug 6 2002 /dev/tap2 crw------- 1 root network 149, 3 Aug 6 2002 /dev/tap3 crw------- 1 root network 149, 4 Dec 11 2001 /dev/tap4 crw------- 1 root network 149, 5 Dec 11 2001 /dev/tap5 crw------- 1 root network 149, 6 Dec 11 2001 /dev/tap6 crw------- 1 root network 149, 7 Dec 11 2001 /dev/tap7 a21p% Then echo -n > /compat/linux/dev/vmnetX and ifconfig will list it. In -current they just show up. Doug A. From owner-freebsd-net@FreeBSD.ORG Thu Jul 10 23:13:16 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B7DB737B401 for ; Thu, 10 Jul 2003 23:13:16 -0700 (PDT) Received: from picard.teleservice.net (mail1.teleservice.net [193.109.175.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id AAB8D43F93 for ; Thu, 10 Jul 2003 23:13:14 -0700 (PDT) (envelope-from kuxien@puffy.nu) Received: from [193.109.246.155] by picard.sjobo.nu (GMS 9.00.3138/NU2793.00.3cfcd31e) with SMTP id lbhbtaaa for freebsd-net@freebsd.org; Fri, 11 Jul 2003 08:11:29 +0200 Date: Thu, 10 Jul 2003 21:55:49 +0200 From: Emil Paulsson To: freebsd-net@freebsd.org Message-Id: <20030710215549.36fd8498.kuxien@puffy.nu> X-Mailer: Sylpheed version 0.8.10claws (GTK+ 1.2.10; i386-portbld-freebsd4.8) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Asus WL-100 WLAN-card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 06:13:17 -0000 Hi all I bought a wlan card today, a WL-100 from Asus. FreeBSD 4.8-RELEASE couldn't start it and complained about the id was not in the database. For you who have had problem with this card, this is howto get it going. Edit your /etc/defaults/pccard.conf and scroll down the the wi driver section and make an entry for the Asus card. It should look something like this. card "ASUS" "802_11b_PC_CARD_25" config auto "wi" ? insert /etc/pccard_ether $device start remove /etc/pccard_ether $device stop Restart your computer and it should work. I think this works with other releases too... /Emil From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 01:57:37 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9AF3F37B401; Fri, 11 Jul 2003 01:57:37 -0700 (PDT) Received: from cus.org.uk (host213-106-240-81.no-dns-yet.ntli.net [213.106.240.81]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0898943FB1; Fri, 11 Jul 2003 01:57:34 -0700 (PDT) (envelope-from dom@cus.org.uk) Received: from cus.org.uk (localhost.cus.org.uk [127.0.0.1]) by cus.org.uk (8.12.6/8.12.6) with ESMTP id h6B8vS5h058363; Fri, 11 Jul 2003 09:57:28 +0100 (BST) (envelope-from dom@cus.org.uk) Received: (from dom@localhost) by cus.org.uk (8.12.6/8.12.6/Submit) id h6B8vRY6058362; Fri, 11 Jul 2003 09:57:27 +0100 (BST) Date: Fri, 11 Jul 2003 09:57:27 +0100 From: Dominic Marks To: Nuno Teixeira Message-ID: <20030711085727.GA57436@cus.org.uk> References: <20030710210621.GC652@gw.tex.bogus> <20030710214508.GD73403@gw.tex.bogus> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030710214508.GD73403@gw.tex.bogus> User-Agent: Mutt/1.4i cc: freebsd-hackers@freebsd.org cc: Julian Elischer cc: freebsd-net@freebsd.org Subject: Re: FreeBSD lacks PPPoE (pppoa3 solution) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 08:57:38 -0000 On 10/07/2003 21:45, Nuno Teixeira wrote: > > Hi, > > Please see http://speedtouch.sourceforge.net/index.php?/news.en.html > > "Real" PPPoE with a ethernet card connected with a ADSL Modem works. > > This problem is related with ISPs that supports *only* PPPoE protocol > with USB Modems (this case Alcatel) that "emulates" ethernet with > TUN/TAP devices. USB modems don't have a connection to ethernet cards. > > FreeBSD pppoa port works ok with Alcatel USB Modems but only for PPPoA > protocols and not PPPoE. > > Almost all europe ISPs only support PPPoE and not PPPoA (I don't know > the reason why). Except in the UK where it seems to be the other way around (for DSL services at least) - incidently do you know that it is impossible to use another modem with your ISP ? I had an Alcatel SpeedTouch USB and I ditched in favour of an Alcatel SpeedTouch Home (ethernet socket), once I had configured everything with the various settings I could get online using mpd (I've now documented this in the Handbook). But then, I was using PPPoA so perhaps my experiences are useless here. > Thanks, > > Nuno Teixeira > -- Dominic From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 11:08:21 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 049B337B401; Fri, 11 Jul 2003 11:08:21 -0700 (PDT) Received: from proton.hexanet.fr (proton.hexanet.fr [81.23.32.33]) by mx1.FreeBSD.org (Postfix) with ESMTP id EC59E43F85; Fri, 11 Jul 2003 11:08:19 -0700 (PDT) (envelope-from c.prevotaux@hexanet.fr) Received: from hexanet.fr (localhost [127.0.0.1]) by proton.hexanet.fr (8.12.9/8.12.9) with SMTP id h6BI8J7x017368; Fri, 11 Jul 2003 20:08:19 +0200 (CEST) (envelope-from c.prevotaux@hexanet.fr) Date: Fri, 11 Jul 2003 20:08:19 +0200 From: Christophe Prevotaux To: freebsd-net@freebsd.org, freebsd-stable@freebsd.org Message-Id: <20030711200819.45435440.c.prevotaux@hexanet.fr> Organization: HEXANET Sarl X-Mailer: Sylpheed version 0.8.11 (GTK+ 1.2.10; i386-portbld-freebsd4.8) X-NCC-RegID: fr.hexanet Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Problems with Netgraph PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 18:08:21 -0000 Hello, i get the following error when trying to start pppoed I am running 4.8-STABLE /usr/libexec/pppoed -Fd -P /var/run/pppoed.pid -n 5 -p "*" rl1 Sending PPPOE_LISTEN to .:pppoe-1581, provider * pppoed: SENDING MESSAGE: pppoed: SOCKADDR: { fam=3D32 len=3D15 addr=3D".:pppoe-1581" } pppoed: NG_MESG : pppoed: vers 2 pppoed: arglen 19 pppoed: flags 0 pppoed: token 7 pppoed: cookie PPPOE (939032003) pppoed: sendto(.:pppoe-1581): No such file or directory pppoed: [error decoding message: No such file or directory] pppoed: cmd 3 pppoed: args (19 bytes) pppoed: 0000: 70 70 70 6f 65 2d 31 35 38 31 00 bf 00 92 04 08 pppoe-1581= ..... . pppoed: 0010: 01 00 2a ..* = =20 =20 pppoed[1581]: Listening as provider * ngctl list There are 5 total nodes: Name: ngctl13794 Type: socket ID: 00000014 Num hooks: 0 Name: Type: socket ID: 0000000f Num hooks: 1 Name: Type: pppoe ID: 00000007 Num hooks: 2 Name: rl1 Type: ether ID: 00000002 Num hooks: 1 Name: rl0 Type: ether ID: 00000001 Num hooks: 0 Name: Type: socket ID: 0000000f Num hooks: 1 Local hook Peer name Peer type Peer ID Peer hook = =20 ---------- --------- --------- ------- --------- = =20 pppoe-13421 pppoe 00000007 pppoe-13421 = =20 ngctl show [14]: ngctl: send msg: No such file or directory ngctl show [07]: Name: Type: pppoe ID: 00000007 Num hooks: 2 Local hook Peer name Peer type Peer ID Peer hook = =20 ---------- --------- --------- ------- --------- = =20 pppoe-13421 socket 0000000f pppoe-13421 = =20 ethernet rl1 ether 00000002 orphans =20 ngctl show [02]: Name: rl1 Type: ether ID: 00000002 Num hooks: 1 Local hook Peer name Peer type Peer ID Peer hook = =20 ---------- --------- --------- ------- --------- = =20 orphans pppoe 00000007 ethernet=20 ngctl show [01]: Name: rl0 Type: ether ID: 00000001 Num hooks: 0 could someone help me and tell me what is wrong ?=20 -- =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Christophe Prevotaux Email: c.prevotaux@hexanet.fr HEXANET SARL URL: http://www.hexanet.fr/ Z.A.C Les Charmilles Tel: +33 (0)3 26 79 30 05=20 3 All=E9e Thierry Sabine Direct: +33 (0)3 26 61 77 72=20 BP202 Fax: +33 (0)3 26 79 30 06 51686 Reims Cedex 2 =20 FRANCE HEXANET Network Operation Center =20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 12:47:42 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4046637B401; Fri, 11 Jul 2003 12:47:42 -0700 (PDT) Received: from rwcrmhc11.comcast.net (rwcrmhc11.comcast.net [204.127.198.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id C63E143F3F; Fri, 11 Jul 2003 12:47:41 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([12.233.125.100]) by attbi.com (rwcrmhc11) with ESMTP id <2003071119473501300nl59me>; Fri, 11 Jul 2003 19:47:36 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id MAA50957; Fri, 11 Jul 2003 12:47:35 -0700 (PDT) Date: Fri, 11 Jul 2003 12:47:35 -0700 (PDT) From: Julian Elischer To: Christophe Prevotaux In-Reply-To: <20030711200819.45435440.c.prevotaux@hexanet.fr> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: freebsd-stable@freebsd.org Subject: Re: Problems with Netgraph PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 19:47:42 -0000 answered in private email.... On Fri, 11 Jul 2003, Christophe Prevotaux wrote: > Hello, > > > i get the following error when trying to start pppoed > I am running 4.8-STABLE > > /usr/libexec/pppoed -Fd -P /var/run/pppoed.pid -n 5 -p "*" rl1 > > > Sending PPPOE_LISTEN to .:pppoe-1581, provider * > pppoed: SENDING MESSAGE: > pppoed: SOCKADDR: { fam=32 len=15 addr=".:pppoe-1581" } > pppoed: NG_MESG : > pppoed: vers 2 [...] From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 12:58:55 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15B2637B401 for ; Fri, 11 Jul 2003 12:58:55 -0700 (PDT) Received: from web21004.mail.yahoo.com (web21004.mail.yahoo.com [216.136.227.58]) by mx1.FreeBSD.org (Postfix) with SMTP id C7BD443F85 for ; Fri, 11 Jul 2003 12:58:54 -0700 (PDT) (envelope-from vovanvinh2001@yahoo.com) Message-ID: <20030711195854.73051.qmail@web21004.mail.yahoo.com> Received: from [203.162.5.197] by web21004.mail.yahoo.com via HTTP; Fri, 11 Jul 2003 12:58:54 PDT Date: Fri, 11 Jul 2003 12:58:54 -0700 (PDT) From: Van Vinh Vo To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: freeBSD and linux networking X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 19:58:55 -0000 Hi all, i am working the research in University it has been said that freeBSD is more stable et faster than linux ! what element do you base on for expalain this result ? i am looking forward to reply thanks, __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 14:07:06 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6DB8337B401 for ; Fri, 11 Jul 2003 14:07:06 -0700 (PDT) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0050943FA3 for ; Fri, 11 Jul 2003 14:07:06 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from salty.rapid.stbernard.com (corp-2.ipinc.com [199.245.188.2]) by smtp-relay.omnis.com (Postfix) with ESMTP id B54129BE61; Fri, 11 Jul 2003 14:07:04 -0700 (PDT) From: Wes Peters Organization: Softweyr.com To: Chuck Swiger , Matthew Grooms Date: Fri, 11 Jul 2003 14:07:04 -0700 User-Agent: KMail/1.5.2 References: <200307011800.h61I0MOW001329@hole.shrew.net> <3F01DA79.4080709@mac.com> In-Reply-To: <3F01DA79.4080709@mac.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200307111407.04591.wes@softweyr.com> cc: "freebsd-net@freebsd.org" Subject: Re: broadcast udp packets ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 21:07:06 -0000 On Tuesday 01 July 2003 12:01, Chuck Swiger wrote: > Matthew Grooms wrote: > > Is there any way to generate a udp broadcast ( all routes > > 255.255.255.255 ) packet using a standard sendto() without it being > > translated into a local network broadcast? Is this just not > > "allowed"? > > Are you trying to use 255.255.255.255 to reach something not on a > local subnet? > > If you have multiple interfaces, a broadcast to 255.255.255.255 > should go out on all of them. That being said, the all-ones > broadcast address means "all local networks", and most routers will > block such traffic from passing on in any event. I was looking at this yesterday (on a 4.4 embedded system) and it turns out this code is broken and pretty much always has been. A short IRC conversation basically resulted in "it's never really worked, and apparently nobody else really does it correctly either." What we observed on our embedded system is the packet gets sent on all attached interfaces, with dest IP 255.255.255.255, and a src IP of the local address that has the default route. If there isn't a default route, sending to 255.255.255.255 fails with "no route to host." This is bogus, so I propose to change it to a special case, where packets sent to 255.255.255.255 will be sent on each attached interface, with src IP of the interface "primary" address. Does this sound reasonable? Should it work without a default route? (I think it should, the special case of the all-call broadcast shouldn't even go into rtalloc.) I hope to have a working prototype done, on either -STABLE or -CURRENT, this weekend. If testers like the behavior, I'll commit to CURRENT and MFC on a normal timeline; we'll want this fixed here before 5.2. Sorry to take so long to reply to this. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 14:09:59 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F208E37B401 for ; Fri, 11 Jul 2003 14:09:58 -0700 (PDT) Received: from gw.catspoiler.org (217-ip-163.nccn.net [209.79.217.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BAED43FCB for ; Fri, 11 Jul 2003 14:09:58 -0700 (PDT) (envelope-from truckman@FreeBSD.org) Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2]) by gw.catspoiler.org (8.12.9/8.12.9) with ESMTP id h6BL9mM7018764; Fri, 11 Jul 2003 14:09:52 -0700 (PDT) (envelope-from truckman@FreeBSD.org) Message-Id: <200307112109.h6BL9mM7018764@gw.catspoiler.org> Date: Fri, 11 Jul 2003 14:09:48 -0700 (PDT) From: Don Lewis To: wes@softweyr.com In-Reply-To: <200307111407.04591.wes@softweyr.com> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii cc: mgrooms@shrew.net cc: freebsd-net@FreeBSD.org Subject: Re: broadcast udp packets ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 21:09:59 -0000 On 11 Jul, Wes Peters wrote: > What we observed on our embedded system is the packet gets sent on all > attached interfaces, with dest IP 255.255.255.255, and a src IP of the > local address that has the default route. If there isn't a default > route, sending to 255.255.255.255 fails with "no route to host." > > This is bogus, so I propose to change it to a special case, where > packets sent to 255.255.255.255 will be sent on each attached > interface, with src IP of the interface "primary" address. Does this > sound reasonable? Should it work without a default route? (I think it > should, the special case of the all-call broadcast shouldn't even go > into rtalloc.) This sounds good. I think it should work without a default route. From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 14:21:42 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8504D37B401; Fri, 11 Jul 2003 14:21:42 -0700 (PDT) Received: from mail.redlinenetworks.com (mail.redlinenetworks.com [216.136.145.172]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACD6443F93; Fri, 11 Jul 2003 14:21:39 -0700 (PDT) (envelope-from sreekanth@redlinenetworks.com) Received: from SREELAPTOP (dhcp-174.redlinenetworks.com [192.168.40.174]) h6BLLdV84637; Fri, 11 Jul 2003 14:21:39 -0700 (PDT) (envelope-from sreekanth@redlinenetworks.com) From: "Sreekanth" To: "'Don Lewis'" , Date: Fri, 11 Jul 2003 14:21:41 -0700 Message-ID: <000001c347f2$6c2ca9f0$ae28a8c0@SREELAPTOP> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 In-Reply-To: <200307112109.h6BL9mM7018764@gw.catspoiler.org> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: freebsd-net@freebsd.org cc: mgrooms@shrew.net Subject: RE: broadcast udp packets ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 21:21:42 -0000 Couldn't it be done just by executing the following command ? #route add 255.255.255.255 -net 255.255.255.255 -ifp [primary interface] I know it is kind of crude but it works in my case :-) Sreekanth > -----Original Message----- > From: owner-freebsd-net@freebsd.org > [mailto:owner-freebsd-net@freebsd.org] On Behalf Of Don Lewis > Sent: Friday, July 11, 2003 2:10 PM > To: wes@softweyr.com > Cc: mgrooms@shrew.net; freebsd-net@freebsd.org > Subject: Re: broadcast udp packets ... > > > On 11 Jul, Wes Peters wrote: > > > > What we observed on our embedded system is the packet gets > sent on all > > attached interfaces, with dest IP 255.255.255.255, and a > src IP of the > > local address that has the default route. If there isn't a default > > route, sending to 255.255.255.255 fails with "no route to host." > > > > This is bogus, so I propose to change it to a special case, where > > packets sent to 255.255.255.255 will be sent on each attached > > interface, with src IP of the interface "primary" address. > Does this > > sound reasonable? Should it work without a default route? > (I think it > > should, the special case of the all-call broadcast > shouldn't even go > > into rtalloc.) > > This sounds good. I think it should work without a default > route. _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/free> bsd-net > To > unsubscribe, send any mail to > "freebsd-net-unsubscribe@freebsd.org" > > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.495 / Virus Database: 294 - Release Date: 6/30/2003 > > From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 16:58:45 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0D74337B401 for ; Fri, 11 Jul 2003 16:58:45 -0700 (PDT) Received: from out001.verizon.net (out001pub.verizon.net [206.46.170.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 376F743FAF for ; Fri, 11 Jul 2003 16:58:44 -0700 (PDT) (envelope-from cswiger@mac.com) Received: from mac.com ([141.149.47.46]) by out001.verizon.net (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP id <20030711235843.RRFL12592.out001.verizon.net@mac.com>; Fri, 11 Jul 2003 18:58:43 -0500 Message-ID: <3F0F4F2A.7040206@mac.com> Date: Fri, 11 Jul 2003 19:58:34 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "freebsd-net@freebsd.org" References: <200307011800.h61I0MOW001329@hole.shrew.net> <3F01DA79.4080709@mac.com> <200307111407.04591.wes@softweyr.com> In-Reply-To: <200307111407.04591.wes@softweyr.com> X-Enigmail-Version: 0.76.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out001.verizon.net from [141.149.47.46] at Fri, 11 Jul 2003 18:58:43 -0500 Subject: Re: broadcast udp packets ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 23:58:45 -0000 Wes Peters wrote: > On Tuesday 01 July 2003 12:01, Chuck Swiger wrote: >> If you have multiple interfaces, a broadcast to 255.255.255.255 >> should go out on all of them. That being said, the all-ones >> broadcast address means "all local networks", and most routers will >> block such traffic from passing on in any event. [ ... ] > What we observed on our embedded system is the packet gets sent on all > attached interfaces, with dest IP 255.255.255.255, and a src IP of the > local address that has the default route. If there isn't a default > route, sending to 255.255.255.255 fails with "no route to host." Thank you for looking into this. > This is bogus, so I propose to change it to a special case, where > packets sent to 255.255.255.255 will be sent on each attached > interface, with src IP of the interface "primary" address. Does this > sound reasonable? Should it work without a default route? (I think it > should, the special case of the all-call broadcast shouldn't even go > into rtalloc.) Your suggestions sound good. Sending to an all-ones address should work without a default route, so that 'dhclient' and the like can _obtain_ a default router by asking via this mechanism. While it may be the case that implementations of 'dhclient' (or bootpd, NetInfo, NIS, SLP, or other form of network autoconfiguration) continue to iterate over all of the interfaces explicitly in the code, they shouldn't have to do that to work. Is there a need to consider bridging as a special case, specificly bridged interfaces which were not ifconfig'ed with an IP address of their own? -- -Chuck From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 17:00:58 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1F4837B401; Fri, 11 Jul 2003 17:00:58 -0700 (PDT) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E21243FB1; Fri, 11 Jul 2003 17:00:58 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from salty.rapid.stbernard.com (corp-2.ipinc.com [199.245.188.2]) by smtp-relay.omnis.com (Postfix) with ESMTP id 6F6845B6B2; Fri, 11 Jul 2003 17:00:55 -0700 (PDT) From: Wes Peters Organization: Softweyr.com To: Don Lewis Date: Fri, 11 Jul 2003 17:00:54 -0700 User-Agent: KMail/1.5.2 References: <200307112109.h6BL9mM7018764@gw.catspoiler.org> In-Reply-To: <200307112109.h6BL9mM7018764@gw.catspoiler.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200307111700.54922.wes@softweyr.com> cc: mgrooms@shrew.net cc: freebsd-net@FreeBSD.org Subject: Re: broadcast udp packets ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2003 00:00:59 -0000 On Friday 11 July 2003 14:09, Don Lewis wrote: > On 11 Jul, Wes Peters wrote: > > What we observed on our embedded system is the packet gets sent on > > all attached interfaces, with dest IP 255.255.255.255, and a src IP > > of the local address that has the default route. If there isn't a > > default route, sending to 255.255.255.255 fails with "no route to > > host." > > > > This is bogus, so I propose to change it to a special case, where > > packets sent to 255.255.255.255 will be sent on each attached > > interface, with src IP of the interface "primary" address. Does > > this sound reasonable? Should it work without a default route? (I > > think it should, the special case of the all-call broadcast > > shouldn't even go into rtalloc.) > > This sounds good. I think it should work without a default route. I forgot to say "on all interfaces which have broadcast enabled," which effectively weeds out the loopback interface amongst others. -- "Where am I, and what am I doing in this handbasket?" Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 17:02:39 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF37F37B401; Fri, 11 Jul 2003 17:02:39 -0700 (PDT) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 826C843F75; Fri, 11 Jul 2003 17:02:39 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from salty.rapid.stbernard.com (corp-2.ipinc.com [199.245.188.2]) by smtp-relay.omnis.com (Postfix) with ESMTP id 062291B314; Fri, 11 Jul 2003 17:02:37 -0700 (PDT) From: Wes Peters Organization: Softweyr.com To: "Sreekanth" , "'Don Lewis'" Date: Fri, 11 Jul 2003 17:02:36 -0700 User-Agent: KMail/1.5.2 References: <000001c347f2$6c2ca9f0$ae28a8c0@SREELAPTOP> In-Reply-To: <000001c347f2$6c2ca9f0$ae28a8c0@SREELAPTOP> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200307111702.36633.wes@softweyr.com> cc: freebsd-net@freebsd.org cc: mgrooms@shrew.net Subject: Re: broadcast udp packets ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2003 00:02:40 -0000 On Friday 11 July 2003 14:21, Sreekanth wrote: > Couldn't it be done just by executing the following command ? > #route add 255.255.255.255 -net 255.255.255.255 -ifp [primary > interface] > > I know it is kind of crude but it works in my case :-) In our case, it's being run before *any* interface has an IP address, so the routing table is completely empty. Yes, it's obviously part of a device discovery phase, and we could do some special ethernet level h0h0magic but we don't want to, we want broadcasting to work. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Fri Jul 11 17:23:38 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB70537B401; Fri, 11 Jul 2003 17:23:38 -0700 (PDT) Received: from mail.redlinenetworks.com (mail.redlinenetworks.com [216.136.145.172]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BF9143F85; Fri, 11 Jul 2003 17:23:38 -0700 (PDT) (envelope-from sreekanth@redlinenetworks.com) Received: from SREELAPTOP (dhcp-174.redlinenetworks.com [192.168.40.174]) h6C0NcV14482; Fri, 11 Jul 2003 17:23:38 -0700 (PDT) (envelope-from sreekanth@redlinenetworks.com) From: "Sreekanth" To: "'Wes Peters'" , "'Don Lewis'" Date: Fri, 11 Jul 2003 17:23:39 -0700 Message-ID: <000001c3480b$d8032230$ae28a8c0@SREELAPTOP> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 In-Reply-To: <200307111702.36633.wes@softweyr.com> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: freebsd-net@freebsd.org cc: mgrooms@shrew.net Subject: RE: broadcast udp packets ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2003 00:23:39 -0000 That brings an interesting topic.If the Interface has not been assigned an IP address.The Interface is NOT initialized.So you cannot really use the interface.Ofcourse you can bypass this by hacking into driver.But do you want to do that is another questions. Just my 2 cents Sreekanth > -----Original Message----- > From: Wes Peters [mailto:wes@softweyr.com] > Sent: Friday, July 11, 2003 5:03 PM > To: Sreekanth; 'Don Lewis' > Cc: mgrooms@shrew.net; freebsd-net@freebsd.org > Subject: Re: broadcast udp packets ... > > > On Friday 11 July 2003 14:21, Sreekanth wrote: > > Couldn't it be done just by executing the following command > ? #route > > add 255.255.255.255 -net 255.255.255.255 -ifp [primary interface] > > > > I know it is kind of crude but it works in my case :-) > > In our case, it's being run before *any* interface has an IP > address, so > the routing table is completely empty. Yes, it's obviously part of a > device discovery phase, and we could do some special ethernet level > h0h0magic but we don't want to, we want broadcasting to work. ;^) > > -- > "Where am I, and what am I doing in this handbasket?" > > Wes Peters > wes@softweyr.com > > > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.495 / Virus Database: 294 - Release Date: 6/30/2003 > > From owner-freebsd-net@FreeBSD.ORG Sat Jul 12 03:08:15 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 83E7737B401 for ; Sat, 12 Jul 2003 03:08:15 -0700 (PDT) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id E3DDB43F3F for ; Sat, 12 Jul 2003 03:08:14 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.homeunix.net (66-91-236-204.san.rr.com [66.91.236.204]) by smtp-relay.omnis.com (Postfix) with ESMTP id C00801B302; Sat, 12 Jul 2003 03:08:13 -0700 (PDT) From: Wes Peters Organization: Softweyr To: Van Vinh Vo , freebsd-net@freebsd.org Date: Sat, 12 Jul 2003 03:08:12 -0700 User-Agent: KMail/1.5.2 References: <20030710075919.91413.qmail@web21009.mail.yahoo.com> In-Reply-To: <20030710075919.91413.qmail@web21009.mail.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200307120308.12141.wes@softweyr.com> Subject: Re: mbuf and sk_buffs X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2003 10:08:15 -0000 On Thursday 10 July 2003 12:59 am, Van Vinh Vo wrote: > i am doing the research about network layer of freeBSD > and linux ! > i want what difference of management and schedule > beetween freeBSD mbufs and linux sk_buffs ! One of the biggest differences is that the BSD implementation is actually documented: http://www.amazon.com/exec/obidos/tg/detail/-/020163354X/ref=pd_sr_ec_ir_b/103-5986084-6837450?v=glance&s=books This, along with the companion volume 1, will tell you everything you need to know about TCP/IPv4. I fear to think what the world of IPv6 will be like without Richard to explain it to us. -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Sat Jul 12 12:10:29 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B40DA37B401 for ; Sat, 12 Jul 2003 12:10:29 -0700 (PDT) Received: from mandarin.fruitsalad.org (pc117.net160.koping.net [81.16.160.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E34843F75 for ; Sat, 12 Jul 2003 12:10:28 -0700 (PDT) (envelope-from mdouhan@fruitsalad.org) Received: from [192.168.15.240] (helo=192.168.15.240) by mandarin.fruitsalad.org with esmtp (Exim 4.14) id 19bPlJ-0003qR-AS for freebsd-net@freebsd.org; Sat, 12 Jul 2003 21:10:25 +0200 From: Matt Douhan To: freebsd-net@freebsd.org Date: Sat, 12 Jul 2003 21:10:30 +0200 User-Agent: KMail/1.5.2 MIME-Version: 1.0 Content-Type: Text/Plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Content-Description: clearsigned data Content-Disposition: inline Message-Id: <200307122110.37349.mdouhan@fruitsalad.org> Subject: very strange problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2003 19:10:30 -0000 =2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello I am running FBSD on two firewalls in a scenario like below internet | =46W2 | DMZ | =46W1 | internal LAN =46W1 is running ipf and fw2 is running ipf and ipnat hosts on the DMZ can access the internet without problems, ping traceroute = and=20 mail, http all is working nicely and fast. hosts on the internal LAN however are seing VERY strange things for example, check this out 9:04pm mdouhan @ [persika] ~ > traceroute www.cisco.com traceroute to www.cisco.com (198.133.219.25), 64 hops max, 40 byte packets 1 192.168.15.254 (192.168.15.254) 0.698 ms 0.532 ms 0.410 ms 2 192.168.254.254 (192.168.254.254) 0.781 ms 0.757 ms 0.744 ms 3 gw-l3-ktv-hc.koping.net (81.16.160.113) 1.210 ms 1.203 ms 1.263 ms 4 gw-l3-ktv-it.koping.net (81.16.160.6) 1.546 ms 4.123 ms 1.272 ms 5 rif3-r1-jvg-kop.arrowhead.com (81.216.90.1) 3.336 ms 2.813 ms 2.649 = ms 6 www.cisco.com (198.133.219.25) 1.278 ms 2.610 ms 1.962 ms the host "persika" is connected on the internal LAN, and is located in Swed= en,=20 Europe and there is NO way it can get to www.cisco.com in 2-3 ms, and I don= t=20 have any caching or proxies or anything, besides traceroute does not care=20 about that anyway AFAIK same traceroute from a host on the DMZ shows the correct thing as follows 9:05pm mdouhan @ [ananas] ~ > traceroute www.cisco.com traceroute to www.cisco.com (198.133.219.25), 64 hops max, 40 byte packets 1 firewall2 (192.168.254.254) 0.671 ms 0.458 ms 0.438 ms 2 gw-l3-ktv-hc.koping.net (81.16.160.113) 0.901 ms 0.931 ms 0.878 ms 3 gw-l3-ktv-it.koping.net (81.16.160.6) 1.416 ms 1.191 ms 1.388 ms 4 rif3-r1-jvg-kop.arrowhead.com (81.216.90.1) 2.345 ms 2.080 ms 2.705 = ms 5 rif2-cr1-vf-kop.arrowhead.com (81.216.2.1) 1.973 ms 2.173 ms 2.263 ms 6 rif6-cr1-vf-vst.arrowhead.com (81.216.0.53) 3.785 ms 2.708 ms 2.540 = ms 7 rif3-cr1-vf-oby.arrowhead.com (213.187.195.97) 3.363 ms 16.022 ms 3.= 862=20 ms 8 rif47-rs1-t4-sto.arrowhead.com (213.187.195.93) 4.769 ms 4.396 ms 3.= 999=20 ms 9 rif5-cr3-kst-sto.arrowhead.com (81.216.0.137) 5.115 ms 4.624 ms 4.76= 2=20 ms 10 Gi14-1-kst-p1.sto.se.sn.net (81.216.0.113) 4.496 ms 4.577 ms 4.666 ms 11 pos2-0.vrt-p1.sto.se.sn.net (213.88.255.245) 4.687 ms 4.757 ms 4.806= ms 12 sl-gw20-sto-2-1.sprintlink.net (80.77.97.89) 4.575 ms 4.526 ms 4.576= ms 13 sl-bb21-sto-12-0.sprintlink.net (80.77.96.98) 4.969 ms 5.132 ms 5.52= 6=20 ms 14 sl-bb21-cop-12-0.sprintlink.net (213.206.129.33) 14.034 ms * 13.904 ms 15 sl-bb20-cop-15-0.sprintlink.net (80.77.64.33) 13.942 ms 13.498 ms =20 13.966 ms 16 sl-bb21-msq-10-0.sprintlink.net (144.232.19.29) 91.125 ms 102.015 ms = =20 93.908 ms 17 sl-bb22-rly-15-3.sprintlink.net (144.232.19.98) 96.692 ms 95.680 ms = =20 96.615 ms 18 sl-bb25-rly-12-0.sprintlink.net (144.232.14.166) 96.692 ms 95.879 ms = =20 95.900 ms 19 sl-bb23-sj-9-0.sprintlink.net (144.232.20.11) 227.115 ms 241.136 ms = =20 220.680 ms 20 sl-bb25-sj-14-0.sprintlink.net (144.232.3.250) 181.269 ms 173.322 ms = =20 164.253 ms 21 sl-gw11-sj-10-0.sprintlink.net (144.232.3.134) 172.763 ms 172.362 ms = =20 172.324 ms 22 sl-ciscopsn2-11-0-0.sprintlink.net (144.228.44.14) 166.180 ms 166.028= ms =20 170.228 ms 23 sjck-dirty-gw1.cisco.com (128.107.239.5) 164.721 ms 166.063 ms 166.1= 74=20 ms 24 sjck-sdf-ciod-gw2.cisco.com (128.107.239.110) 172.908 ms 173.340 ms = =20 173.284 ms 25 www.cisco.com (198.133.219.25) 174.149 ms 174.768 ms * now here is where it gets really weird, I have tries reinstalling FW1 since= it=20 seems to be the cause of the problem, I have tries STABLE, CURRENT, 5.1-R a= ll=20 with the same result, it does NOT work. I have tried swapping FW1 and FW2 and the problem stays the same, so it see= ms=20 to be a misconfiguration on my part (or a bug but thats less likely I think= )=20 but I cannot figure out what it is. my rules are very simple on FW1 allow anything out on the external fxp interface with keep state so = it=20 can get back in. on FW2 I have a number of BIMAP statements and some NAT statements, BIMAP a= re=20 for the servers where we provide services such as mail, www and ftp. Any input or ideas would be highly appreciated, this is driving me crazy =2D --=20 =2D -----------------------------------------------------------------------= =2D------------ Matt Douhan www.fruitsalad.org CCIE #4004 *** ping elvis *** *** elvis is alive *** =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/EF0skU5PITZniCURArKOAJ9HuNWbWCJiV0PRMSpFCo5bv4P3aACfXhAn 9G8PqZQeZZ8RUIABr12VA5Q=3D =3DKda6 =2D----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Sat Jul 12 12:53:08 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 487B137B401 for ; Sat, 12 Jul 2003 12:53:08 -0700 (PDT) Received: from mandarin.fruitsalad.org (pc117.net160.koping.net [81.16.160.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id E6AD643F3F for ; Sat, 12 Jul 2003 12:53:05 -0700 (PDT) (envelope-from mdouhan@fruitsalad.org) Received: from [192.168.15.240] (helo=192.168.15.240) by mandarin.fruitsalad.org with esmtp (Exim 4.14) id 19bQQb-0003v1-3X; Sat, 12 Jul 2003 21:53:05 +0200 From: Matt Douhan To: rmkml Date: Sat, 12 Jul 2003 21:53:10 +0200 User-Agent: KMail/1.5.2 References: <200307122110.37349.mdouhan@fruitsalad.org> <3F106215.8E73129D@wanadoo.fr> In-Reply-To: <3F106215.8E73129D@wanadoo.fr> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: clearsigned data Content-Disposition: inline Message-Id: <200307122153.17101.mdouhan@fruitsalad.org> cc: freebsd-net@freebsd.org Subject: Re: very strange problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Jul 2003 19:53:08 -0000 =2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sorry for topposting but I will try and answer the requests one by one, I c= an=20 only do FW1 today, and fw2 on monday, but here goes > > possible send tcpump record pb ? > (example: tcpdump -ns 0 -i externalintf_fw1 -w all1.tcpdump > and tcpdump -ns 0 -i externalintf_fw2 -w all2.tcpdump) dump is pretty large so I did not want to email it, please download it from http://www.fruitsalad.org/people/mdouhan/fw1.tar.gz > > possible send ipf -V (on two fw) ? 7:47pm mdouhan @ [firewall1] ~ > sudo ipf -V ipf: IP Filter: v3.4.31 (336) Kernel: IP Filter: v3.4.31 Running: yes Log Flags: 0 =3D none set Default: pass all, Logging: available Active list: 0 > > possible send ipfstat -nhio (on two fw) ? > 7:49pm mdouhan @ [firewall1] ~ > sudo ipfstat -nhio 2073551 @1 pass out quick on fxp0 from any to any keep state 1038 @1 pass in quick on fxp0 proto icmp from any to any 1802016 @2 pass in quick on fxp0 from 192.168.254.242/32 to 192.168.15.250/= 32 1255 @3 pass in quick on fxp0 from 192.168.254.250/32 to 192.168.15.249/32 372304 @4 block in log quick on fxp0 from any to any > possible send ipnat -slv (on two fw) ? fw1 is not running NAT, will sedn this on monday when I get to fw2 > > possible send netstat -ni ? > 7:50pm mdouhan @ [firewall1] ~ > netstat -ni Name Mtu Network Address Ipkts Ierrs Opkts Oerrs = =20 Coll fxp0 1500 00:02:b3:cc:20:6e 45474907 0 46776572 0 = =20 0 fxp0 1500 192.168.254 192.168.254.1 612 - 673 - = =20 =2D - fxp0 1500 fe80:1::202:b fe80:1::202:b3ff: 0 - 0 - = =20 =2D - fxp1 1500 00:02:b3:cc:1b:3f 47307566 3 45127446 0 = =20 0 fxp1 1500 192.168.15 192.168.15.254 184152 - 40018 - = =20 =2D - fxp1 1500 fe80:2::202:b fe80:2::202:b3ff: 0 - 0 - = =20 =2D - lp0* 1500 0 0 0 0 = =20 0 lo0 16384 528 0 528 0 = =20 0 lo0 16384 ::1/128 ::1 0 - 0 - = =20 =2D - lo0 16384 fe80:4::1/64 fe80:4::1 0 - 0 - = =20 =2D - lo0 16384 127 127.0.0.1 528 - 528 - = =20 =2D - > possible send ifconfig -a ? > 7:50pm mdouhan @ [firewall1] ~ > ifconfig -a fxp0: flags=3D8843 mtu 1500 options=3D3 inet 192.168.254.1 netmask 0xffffff00 broadcast 192.168.254.255 inet6 fe80::202:b3ff:fecc:206e%fxp0 prefixlen 64 scopeid 0x1 ether 00:02:b3:cc:20:6e media: Ethernet autoselect (100baseTX ) status: active fxp1: flags=3D8843 mtu 1500 options=3D3 inet 192.168.15.254 netmask 0xffffff00 broadcast 192.168.15.255 inet6 fe80::202:b3ff:fecc:1b3f%fxp1 prefixlen 64 scopeid 0x2 ether 00:02:b3:cc:1b:3f media: Ethernet autoselect (100baseTX ) status: active lp0: flags=3D8810 mtu 1500 lo0: flags=3D8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff000000 > possible dmesg ? > 7:51pm mdouhan @ [firewall1] ~ > dmesg Copyright (c) 1992-2003 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. =46reeBSD 5.1-CURRENT #2: Wed Jul 2 15:40:03 GMT 2003 root@firewall1.internal.hasta.se:/usr/obj/usr/src/sys/FIREWALL1 Preloaded elf kernel "/boot/kernel/kernel" at 0xc052a000. Preloaded elf module "/boot/kernel/acpi.ko" at 0xc052a1cc. Timecounter "i8254" frequency 1193182 Hz Timecounter "TSC" frequency 1799806528 Hz CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.81-MHz 686-class CPU) Origin =3D "GenuineIntel" Id =3D 0xf13 Stepping =3D 3 =20 =46eatures=3D0x3febfbff real memory =3D 536805376 (511 MB) avail memory =3D 515776512 (491 MB) Pentium Pro MTRR support enabled npx0: on motherboard npx0: INT 16 interface acpi0: on motherboard pcibios: BIOS version 2.10 Using $PIR table, 11 entries at 0xc00fdeb0 acpi0: power button is handled as a fixed feature programming model. Timecounter "ACPI-fast" frequency 3579545 Hz acpi_timer0: <24-bit timer at 3.579545MHz> port 0x4008-0x400b on acpi0 acpi_cpu0: on acpi0 acpi_cpu1: on acpi0 acpi_tz0: on acpi0 acpi_button0: on acpi0 pcib0: port 0xcf8-0xcff on acpi0 pci0: on pcib0 pcib0: slot 29 INTA is routed to irq 12 pcib0: slot 29 INTB is routed to irq 11 pcib0: slot 29 INTC is routed to irq 12 pcib0: slot 29 INTD is routed to irq 10 pcib0: slot 31 INTB is routed to irq 11 pcib0: slot 31 INTB is routed to irq 11 agp0: mem 0xe0000000-0xe3ffffff at device = 0.0=20 on pci0 pcib1: at device 1.0 on pci0 pci1: on pcib1 pcib0: slot 1 INTA is routed to irq 12 pcib1: slot 0 INTA is routed to irq 12 pci1: at device 0.0 (no driver attached) uhci0: port 0xd800-0xd81f irq 1= 2=20 at device 29.0 on pci0 usb0: on uhci0 usb0: USB revision 1.0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1: port 0xd000-0xd01f irq 1= 1=20 at device 29.1 on pci0 usb1: on uhci1 usb1: USB revision 1.0 uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2: port 0xd400-0xd41f irq 1= 2=20 at device 29.2 on pci0 usb2: on uhci2 usb2: USB revision 1.0 uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered pci0: at device 29.7 (no driver attached) pcib2: at device 30.0 on pci0 pci2: on pcib2 pcib2: slot 7 INTA is routed to irq 11 pcib2: slot 9 INTA is routed to irq 10 fxp0: port 0xc000-0xc03f= =20 mem 0xe9000000-0xe901ffff,0xe9041000-0xe9041fff irq 11 at device 7.0 on pci2 fxp0: Ethernet address 00:02:b3:cc:20:6e miibus0: on fxp0 inphy0: on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp1: port 0xc400-0xc43f= =20 mem 0xe9020000-0xe903ffff,0xe9040000-0xe9040fff irq 10 at device 9.0 on pci2 fxp1: Ethernet address 00:02:b3:cc:1b:3f miibus1: on fxp1 inphy1: on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto isab0: at device 31.0 on pci0 isa0: on isab0 atapci0: port=20 0xf000-0xf00f,0-0x3,0-0x7,0-0x3,0-0x7 at device 31.1 on pci0 ata0: at 0x1f0 irq 14 on atapci0 ata1: at 0x170 irq 15 on atapci0 pci0: at device 31.3 (no driver attached) pci0: at device 31.5 (no driver attached) fdc0: port=20 0x3f7,0x3f0-0x3f5 irq 6 drq 2 on acpi0 fdc0: FIFO enabled, 8 bytes threshold fd0: <1440-KB 3.5" drive> on fdc0 drive 0 sio0 port 0x3f8-0x3ff irq 4 on acpi0 sio0: type 16550A sio1 port 0x2f8-0x2ff irq 3 on acpi0 sio1: type 16550A ppc0 port 0x778-0x77b,0x378-0x37f irq 7 on acpi0 ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode ppbus0: on ppc0 plip0: on ppbus0 lpt0: on ppbus0 lpt0: Interrupt-driven port ppi0: on ppbus0 orm0: