From owner-freebsd-net@FreeBSD.ORG Sun Jul 31 13:23:52 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F230016A41F; Sun, 31 Jul 2005 13:23:51 +0000 (GMT) (envelope-from doconnor@gsoft.com.au) Received: from smtp1.adl2.internode.on.net (smtp1.adl2.internode.on.net [203.16.214.181]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4093E43D46; Sun, 31 Jul 2005 13:23:45 +0000 (GMT) (envelope-from doconnor@gsoft.com.au) Received: from midget.dons.net.au (ppp217-188.lns1.adl2.internode.on.net [203.122.217.188]) by smtp1.adl2.internode.on.net (8.12.9/8.12.9) with ESMTP id j6VDNZJ2084806; Sun, 31 Jul 2005 22:53:35 +0930 (CST) Received: from inchoate.dons.net.au (inchoate.dons.net.au [10.0.2.105]) (authenticated bits=0) by midget.dons.net.au (8.13.4/8.13.3) with ESMTP id j6VDNTxd001293 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Sun, 31 Jul 2005 22:53:34 +0930 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" To: Julian Elischer Date: Sun, 31 Jul 2005 22:53:28 +0930 User-Agent: KMail/1.8.1 References: <200507290834.10268.doconnor@gsoft.com.au> <200507310056.21857.doconnor@gsoft.com.au> <42EBD738.2010105@elischer.org> In-Reply-To: <42EBD738.2010105@elischer.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1629617.39ku3ImXzu"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200507312253.29038.doconnor@gsoft.com.au> X-Spam-Score: 0 () X-Scanned-By: MIMEDefang 2.52 on 10.0.2.7 Cc: freebsd-net@freebsd.org Subject: Re: AltQ + ng_iface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Jul 2005 13:23:52 -0000 --nextPart1629617.39ku3ImXzu Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 31 July 2005 05:08, Julian Elischer wrote: > mbuf tags have "families" so that differetn modules can use > the same ID numbers and not clash. > here is a netgraph family for tags, using the netgraph cookies. > It's been a while since I looked at it but if you are using mbuf > tags in netgraph you should check out the netgraph tag facilities. I see the cookies for ksocket, lmi and ipfw, but I don't understand how the= =20 magic numbers were chosen.. gettimeofday() ? There is NGM_GENERIC_COOKIE.. should I use that and add an entry to=20 ng_message.h? > If you queue data to be send over a hook you must have the data hold a > reference on the hook to ensure that the hook is not removed while your > packet is in teh queue. Similarly either the packet holds a reference > on teh node as well, or the node must lock it's queue and remove all > packets when shut down. >=20 > I see that you don't actually decid eon what hook will be used until late= r=20 > so teh reference to teh hook needn't be done, but you haven't added any c= ode=20 > to either hold a reference on the node, or to clean the queue on shutdown. > (or is that done automatically by some iface base code that is called > during shutdown). I think cleaning the queue is done by the generic interface code - I couldn= 't=20 find anything in other drivers that cleans up the queue on unload (for=20 example). > The calling code must always have a reference on the node to ensure that > it is not removed while it is running in it. This is sometimes > done automatically. This is why there is an ng_callout facility to ensure > that the locking andreferences are done automatically and correctly. OK, I'll look into that. > I would also want to have the altq optional.. > in other words I'd want a control message to ng_iface that could make it > act as before. I believe that if ALTQ is not enabled then the IFQ_HANDOFF/DEQUEUE macros d= o=20 nothing special so ng_iface should act as before albeit slightly more slowl= y=20 (but not any different to just about every other network interface) =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart1629617.39ku3ImXzu Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQBC7NDR5ZPcIHs/zowRAtLYAJ0aqhnHBQ4YKNTjzmWfexllJ8fc4wCfbn0m dgYSrYO6ftFbisAFSmetGpQ= =RkTv -----END PGP SIGNATURE----- --nextPart1629617.39ku3ImXzu-- From owner-freebsd-net@FreeBSD.ORG Mon Aug 1 11:02:02 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E70216A41F for ; Mon, 1 Aug 2005 11:02:02 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25EA243D49 for ; Mon, 1 Aug 2005 11:02:02 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j71B21Du017240 for ; Mon, 1 Aug 2005 11:02:01 GMT (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j71B20NN017230 for freebsd-net@freebsd.org; Mon, 1 Aug 2005 11:02:00 GMT (envelope-from owner-bugmaster@freebsd.org) Date: Mon, 1 Aug 2005 11:02:00 GMT Message-Id: <200508011102.j71B20NN017230@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Aug 2005 11:02:02 -0000 Current FreeBSD problem reports Critical problems Serious problems Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2003/07/11] kern/54383 net [nfs] [patch] NFS root configurations wit o [2005/06/21] kern/82470 net FreeBSD advertises wrong window scale in 2 problems total. From owner-freebsd-net@FreeBSD.ORG Mon Aug 1 18:14:54 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 10FF516A45C; Mon, 1 Aug 2005 18:14:54 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [204.156.12.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id A57E043D46; Mon, 1 Aug 2005 18:14:53 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by cyrus.watson.org (Postfix) with ESMTP id 3684046B20; Mon, 1 Aug 2005 14:14:53 -0400 (EDT) Date: Mon, 1 Aug 2005 19:16:58 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Ed Maste In-Reply-To: <20050723013902.L40216@fledge.watson.org> Message-ID: <20050801190211.Q61500@fledge.watson.org> References: <42CEF0EB.4000107@borderware.com> <42D006DB.8080108@errno.com> <20050712150224.GA38249@sandvine.com> <20050712162332.Q79478@fledge.watson.org> <20050712220452.GB38249@sandvine.com> <20050723012046.K40216@fledge.watson.org> <20050723013902.L40216@fledge.watson.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org, gnn@FreeBSD.org Subject: Re: what to replace splnet in FreeBSD 5.x? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Aug 2005 18:14:54 -0000 On Sat, 23 Jul 2005, Robert Watson wrote: > On Sat, 23 Jul 2005, Robert Watson wrote: > >> The attached patch introduces locking around the link layer and IPv4 >> multicast address lists, as well as updates drivers to use the locking. >> It's a fairly large diff, but other than the changes to if.c, in.c, and >> igmp.c, is fairly mechanical. It may well correct the problem you've >> been seeing. If possible, and given sufficient review, I'd like to get >> this change into 6.0, especially given that it affects the layout of >> struct ifnet which is part of the ABI for network interface device >> drivers. > > Updated version of the patch at: > > http://www.watson.org/~robert/freebsd/netperf/20050523-multicast.diff > > Spl-related cleanups (no longer useful documentation of old > synchronization in many places), lock order hard-coded into WITNESS > order rather than dynamically detected. Ed, Have you had a chance to run with this patch as yet? If possible, I'd like to get it merged to 7.x-CURRENT so we can backport it for 6.0. Robert N M Watson From owner-freebsd-net@FreeBSD.ORG Mon Aug 1 23:31:19 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D4ED016A41F for ; Mon, 1 Aug 2005 23:31:19 +0000 (GMT) (envelope-from list-freebsd-net@ezekiel.jasatel.net.id) Received: from Thales.jasatel.net.id (noc-svr.Thales.jasatel.net.id [202.69.98.254]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2FB4F43D45 for ; Mon, 1 Aug 2005 23:31:18 +0000 (GMT) (envelope-from list-freebsd-net@ezekiel.jasatel.net.id) Received: from localhost (localhost [127.0.0.1]) by Thales.jasatel.net.id (Postfix) with ESMTP id 29B588BA86 for ; Tue, 2 Aug 2005 06:30:40 +0700 (WIT) Received: from Thales.jasatel.net.id ([127.0.0.1]) by localhost (Thales.jasatel.net.id [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 48449-08 for ; Tue, 2 Aug 2005 06:30:37 +0700 (WIT) Received: from Milk.Jasatel.Net.Id (Milk.jasatel.net.id [202.69.98.138]) by Thales.jasatel.net.id (Postfix) with ESMTP id D1D4B8BA23 for ; Tue, 2 Aug 2005 06:30:37 +0700 (WIT) Date: Tue, 2 Aug 2005 06:31:23 +0700 From: Hendry X-Priority: 3 (Normal) Message-ID: <15837208.20050802063123@freebsd.org> To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Virus-And-Spam-Scanned: by amavisd-new, Spam Assasin, Bayesian at Jasatel.Net.Id Subject: Strange Routing issue X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-net@freebsd.org List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Aug 2005 23:31:20 -0000 Hello networkers, We have a strange issue that currently happened at our router. information: OS : FreeBSD 4.11-STABLE #1: Tue Jun 7 19:21:04 WIT 2005 Routing Software : quagga-0.98.3 (compiling from ports) Network: Running eBGP (with full international route 16k prefix) 1 Neighbor, route about 6-8 Mbps traffic. here's the issue: -- from quagga BGPD -- BGPD-gw-int-2> sh ip bgp 216.136.204.117 BGP routing table entry for 216.136.204.0/24 Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 202.69.98.3 18059 7473 10310 26085, (aggregated by 26085 66.163.160.248) 202.43.160.77 from 202.78.192.161 (64.110.188.178) Origin IGP, localpref 100, valid, external, best Last update: Tue Aug 2 05:18:56 2005 -- from zebra daemon -- ZEBRA-gw-int-2# sh ip route 216.136.204.117 Routing entry for 216.136.204.0/24 Known via "bgp", distance 20, metric 0, best Last update 00:58:07 ago * 202.43.160.77, via fxp0 -- From=20the command line -- ro-gw-int-2# route -n get 216.136.204.117 route: writing to routing socket: No such process -- results from another terminal while run above command, -- ro-gw-int-2# route -nv monitor got message of size 164 on Tue Aug 2 06:12:58 2005 RTM_GET: Report Metrics: len 164, pid: 68487, seq 1, errno 3, flags: locks: inits: sockaddrs: 216.136.204.117 ro-gw-int-2# netstat -nrfinet | grep 216.136.204 (null result) -- unmatched result -- =20 BGPD-gw-int-2#sh ip bgp sum BGP router identifier 202.69.96.214, local AS number 9785 27551 BGP AS-PATH entries 0 BGP community entries Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/P= fxRcd 202.78.192.161 4 xxxx 215377 61070 0 0 0 4d05h38m 1651= 66 ro-gw-int-2#netstat -nrfinet | wc -l 148886 ro-gw-int-2#netstat -m 899/1424/131072 mbufs in use (current/peak/max): 899 mbufs allocated to data 896/1024/32768 mbuf clusters in use (current/peak/max) 2404 Kbytes allocated to network (2% of mb_map in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines =20 is there any suggestion? we're just having a plan to increased the the amount of memory tomorrow night from 512Mb to 1G. but for sure this router have been quite stable for about half year without any problem. not sure though whether its quagga or freebsd issue. -- cheers hendry From owner-freebsd-net@FreeBSD.ORG Tue Aug 2 13:39:50 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 548C916A41F for ; Tue, 2 Aug 2005 13:39:50 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from fileserver.fields.utoronto.ca (fileserver.fields.utoronto.ca [128.100.216.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id DBD2043D45 for ; Tue, 2 Aug 2005 13:39:49 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from fields.fields.utoronto.ca (fields.localdomain [192.168.216.11]) by fileserver.fields.utoronto.ca (8.12.8/8.12.8/Fields 6.0) with ESMTP id j72DdmNV021611 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 2 Aug 2005 09:39:49 -0400 Received: from obsecurity.dyndns.org (fields.fields.utoronto.ca [128.100.216.11]) by fields.fields.utoronto.ca (8.12.8/8.12.8/Fields WS 6.0) with ESMTP id j72Ddm6P003337; Tue, 2 Aug 2005 09:39:48 -0400 Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 8E71C514C4; Tue, 2 Aug 2005 09:39:39 -0400 (EDT) Date: Tue, 2 Aug 2005 09:39:39 -0400 From: Kris Kennaway To: sibel kanmaz Message-ID: <20050802133939.GA41300@xor.obsecurity.org> References: <20050729104515.82498.qmail@web53502.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="C7zPtVaVf+AK4Oqc" Content-Disposition: inline In-Reply-To: <20050729104515.82498.qmail@web53502.mail.yahoo.com> User-Agent: Mutt/1.4.2.1i Cc: freebsd-net@freebsd.org Subject: Re: SSL lib X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 13:39:50 -0000 --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 29, 2005 at 03:45:15AM -0700, sibel kanmaz wrote: > hello I have some problems with openssl: > wclient2.o(.text+0x3a6): undefined reference to `SSL_new' > wclient2.o(.text+0x3b9): undefined reference to `BIO_new_socket' > wclient2.o(.text+0x3d0): undefined reference to `SSL_set_bio' > wclient2.o(.text+0x3de): undefined reference to `SSL_connect' > wclient2.o(.text+0x3f2): undefined reference to `berr_exit' > wclient2.o(.text+0x40f): undefined reference to `check_cert' > wclient2.o(.text+0x42a): undefined reference to `SSL_get1_session' > wclient2.o(.text+0x43b): undefined reference to `SSL_shutdown' > wclient2.o(.text+0x449): undefined reference to `SSL_free' > wclient2.o(.text+0x46e): undefined reference to `tcp_connect' > as I have seen at internet you have had a problem like this if you solved= this please help me,thanks. > Good days,Sibel=20 You probably aren't linking to the correct libraries, e.g. -lssl -lcrypto. If this is not the case, post the exact command that caused the above errors. Kris --C7zPtVaVf+AK4Oqc Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC73ebWry0BWjoQKURAim/AJ0XspI3AZivSdWxERn1RzQDWaJzBgCgu/9b r3txH1MT9edSzGfm7Fp1IRc= =rWuc -----END PGP SIGNATURE----- --C7zPtVaVf+AK4Oqc-- From owner-freebsd-net@FreeBSD.ORG Tue Aug 2 13:53:19 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C61116A41F for ; Tue, 2 Aug 2005 13:53:19 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from corwin.easynet.fr (smarthost160.mail.easynet.fr [212.180.1.160]) by mx1.FreeBSD.org (Postfix) with ESMTP id C2DAB43D45 for ; Tue, 2 Aug 2005 13:53:18 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from easyconnect2121135-233.clients.easynet.fr ([212.11.35.233] helo=smtp.zeninc.net) by corwin.easynet.fr with esmtp (Exim 4.50) id 1DzxCl-0001ik-CA for freebsd-net@freebsd.org; Tue, 02 Aug 2005 15:53:15 +0200 Received: from localhost.localdomain (spartacus.zen.inc [192.168.1.20]) by smtp.zeninc.net (smtpd) with ESMTP id C78633F61 for ; Tue, 2 Aug 2005 15:53:15 +0200 (CEST) Received: by localhost.localdomain (Postfix, from userid 1000) id AAA0785602; Tue, 2 Aug 2005 15:53:15 +0200 (CEST) Date: Tue, 2 Aug 2005 15:53:15 +0200 From: VANHULLEBUS Yvan To: freebsd-net@freebsd.org Message-ID: <20050802135315.GB12739@zeninc.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.9i Subject: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 13:53:19 -0000 Hi all. For some months now, ipsec-tools is now the "official" version of racoon, the KAME's isakmp daemon. Ipsec-tools support NAT-Traversal (RFCs 3947 / 3948), but needs some kernel support for that. This kernel support has been done for the Linux 2.6 Kernel for some time, has been done for NetBSD some months ago, and I made a similar patchset for FreeBSD. The FreeBSD 4 patchset is used for some month by various people, and I recently ported it to the FreeBSD 6 kernel source. The first version of this patch can be found here: http://ipsec-tools.sourceforge.net/freebsd6-natt.diff There are still some things to do for this patch, starting by support for FAST_IPSEC (it only works with IPSEC for now) and probably some cleanup (ENABLE_NATT => something else ?, etc...). As I don't want to keep porting such patch over versions, as some people already asked me lots of things about this patch, and as it would be interesting to have it widely used by people, I would be happy to do "what is needed" to have it reported to the FreeBSD source tree. Are you interested in it ? Do you have some comments on the actual version, some things that should be done before reporting it ? Of course, it would also be interesting to have an ipsec-tools port, I'll contact the ports list for such an integration. Yvan. From owner-freebsd-net@FreeBSD.ORG Tue Aug 2 17:29:27 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0039116A41F for ; Tue, 2 Aug 2005 17:29:26 +0000 (GMT) (envelope-from MGrooms@seton.org) Received: from mx2-out.seton.org (mx2-out.seton.org [65.118.63.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id 626AC43D48 for ; Tue, 2 Aug 2005 17:29:26 +0000 (GMT) (envelope-from MGrooms@seton.org) Received: from localhost (unknown [127.0.0.1]) by mx2-out.seton.org (Postfix) with ESMTP id 949D11227; Tue, 2 Aug 2005 12:29:25 -0500 (CDT) Received: from mx2-out.seton.org ([10.21.254.241]) by localhost (mx2 [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 29385-12; Tue, 2 Aug 2005 12:29:25 -0500 (CDT) Received: from ausexfe02.seton.org (unknown [10.20.10.186]) by mx2-out.seton.org (Postfix) with ESMTP id 8564B78A; Tue, 2 Aug 2005 12:29:25 -0500 (CDT) Received: from [10.20.160.190] ([10.20.160.190]) by ausexfe02.seton.org with Microsoft SMTPSVC(6.0.3790.211); Tue, 2 Aug 2005 12:29:25 -0500 Message-ID: <42EFAEBE.8060905@seton.org> Date: Tue, 02 Aug 2005 12:34:54 -0500 From: Matthew Grooms Organization: Seton Healthcare Network User-Agent: Mozilla Thunderbird 1.0.5 (Windows/20050711) X-Accept-Language: en-us, en MIME-Version: 1.0 To: vanhu_bsd@zeninc.net Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 02 Aug 2005 17:29:25.0472 (UTC) FILETIME=[BA77CE00:01C59787] X-Virus-Scanned: by amavisd-new at seton.org Cc: freebsd-net@freebsd.org Subject: RE: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 17:29:27 -0000 Woohoo!!! Thanks!!! I was just checking poking around for this last week and wondering when someone was going to bring this support to FreeBSD. >For some months now, ipsec-tools is now the "official" version of >racoon, the KAME's isakmp daemon. I hope it shows up in ports soon. The racoon port maintainer mentioned that the most recent import would be the last and the KAME racoon developer has stated he won't be maintaining the code anymore. A lot of fixes have shown up in ipsec-tools after the fork from the KAME project as well as hybrid user authentication support via pam. OpenBSDs isakmpd supports NAT-T as well. FreeBSD seems to be the straggler here. If memory serves me right, KAME IPSEC is still not SMP safe at the moment. It seems like FAST_IPSEC had a caveat as well like it doesn't work with IPV6 or something like that. Could it be that there is no developer that 'owns' these subsystems? Perhaps rrwatson has this on his list of things to attack with his ninja net hacking skills. >Are you interested in it? Yes ( as a user ) but I am not a FreeBSD developer. I think there was initially resistance from open source groups to integrate this support due to patent issues ( maybe just WRT usage w/ IKEv1 ) but must have been resolved as both OpenBSD and Linux support this functionality now. It would be very cool to get NAT-T + ipsec tools support as it opens the door for FreeBSD to compete with the big boys in the client based VPN market at some point down the road and offers an IPSEC alternative to OpenVPN. >Of course, it would also be interesting to have an ipsec-tools port, >I'll contact the ports list for such an integration. Fantastic! The website states that it compiles cleanly and works well on FreeBSD so it should be a piece of cake. I am in the process of moving but once settled and upgrade to 6 I will definitely test out your patches and would be willing to test out any ipsec-tools port as well. Thanks again for your work on this. -Matthew From owner-freebsd-net@FreeBSD.ORG Tue Aug 2 18:30:12 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 469D316A41F for ; Tue, 2 Aug 2005 18:30:12 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from corwin.easynet.fr (smarthost160.mail.easynet.fr [212.180.1.160]) by mx1.FreeBSD.org (Postfix) with ESMTP id A311043D45 for ; Tue, 2 Aug 2005 18:30:11 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from easyconnect2121135-233.clients.easynet.fr ([212.11.35.233] helo=smtp.zeninc.net) by corwin.easynet.fr with esmtp (Exim 4.50) id 1E01Wi-0003tw-46 for freebsd-net@freebsd.org; Tue, 02 Aug 2005 20:30:08 +0200 Received: from localhost.localdomain (spartacus.zen.inc [192.168.1.20]) by smtp.zeninc.net (smtpd) with ESMTP id 2A3753F61 for ; Tue, 2 Aug 2005 20:30:08 +0200 (CEST) Received: by localhost.localdomain (Postfix, from userid 1000) id 1146385602; Tue, 2 Aug 2005 20:30:08 +0200 (CEST) Date: Tue, 2 Aug 2005 20:30:08 +0200 From: VANHULLEBUS Yvan To: freebsd-net@freebsd.org Message-ID: <20050802183007.GA13203@zeninc.net> References: <42EFAEBE.8060905@seton.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <42EFAEBE.8060905@seton.org> User-Agent: Mutt/1.5.9i Subject: Re: RE: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 18:30:12 -0000 On Tue, Aug 02, 2005 at 12:34:54PM -0500, Matthew Grooms wrote: > Woohoo!!! Thanks!!! I was just checking poking around for this last week > and wondering when someone was going to bring this support to FreeBSD. Well, I made at least one guy being happy today, cool :-) > >For some months now, ipsec-tools is now the "official" version of > >racoon, the KAME's isakmp daemon. > > I hope it shows up in ports soon. The racoon port maintainer mentioned > that the most recent import would be the last and the KAME racoon > developer has stated he won't be maintaining the code anymore. A lot of > fixes have shown up in ipsec-tools after the fork from the KAME project > as well as hybrid user authentication support via pam. OpenBSDs isakmpd > supports NAT-T as well. FreeBSD seems to be the straggler here. Yep, we (the Ipsec-tools team) and KAME team agreed a few month ago about that, and about the fact that the new "official" racoon's version was now ipsec-tool's one. > If memory serves me right, KAME IPSEC is still not SMP safe at the > moment. It seems like FAST_IPSEC had a caveat as well like it doesn't > work with IPV6 or something like that. Could it be that there is no > developer that 'owns' these subsystems? Perhaps rrwatson has this on his > list of things to attack with his ninja net hacking skills. I don't think so. KAME stack still uses the splnet() "giant lock", and I have a (probably not complete) list of missing locks, but I guess it should be quite SMP safe (at least when I'll have some time to make a clean patch for the missing locks, but this is not SMP specific). > >Are you interested in it? > > Yes ( as a user ) but I am not a FreeBSD developer. I think there was > initially resistance from open source groups to integrate this support > due to patent issues ( maybe just WRT usage w/ IKEv1 ) but must have > been resolved as both OpenBSD and Linux support this functionality now. Yep. KAME team did not integrate another NAT-T implementation a few years ago for those reasons. More infos about that may be get from Emmanuel Dreyfus, a NetBSD developper and a member of the ipsec-tools team, which made the NetBSD NAT-T support, and told me a few month ago that NetBSD lawyers were looking at that potential IPR issue. But I guess Manu's personnal answer will be something like "most of us live in Europe, so we don't care about such patents" :-) > It would be very cool to get NAT-T + ipsec tools support as it opens the > door for FreeBSD to compete with the big boys in the client based VPN > market at some point down the road and offers an IPSEC alternative to > OpenVPN. Well, I though that OpenVPN was the alternative, and IPSec the standard :-) > >Of course, it would also be interesting to have an ipsec-tools port, > >I'll contact the ports list for such an integration. > > Fantastic! The website states that it compiles cleanly and works well on > FreeBSD so it should be a piece of cake. That has been my first "job" as an ipsec-tools developer, and working Free/NetBSD is now again an official goal of ipsec-tools. > I am in the process of moving but once settled and upgrade to 6 I will > definitely test out your patches and would be willing to test out any > ipsec-tools port as well. Thanks again for your work on this. I already have "something which can be used as a base to make a port", I'll send it to the ports mailing list as soon as I'll have some time to clean it up a little bit. Yvan. From owner-freebsd-net@FreeBSD.ORG Tue Aug 2 20:55:10 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4EE4216A41F for ; Tue, 2 Aug 2005 20:55:10 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id D5DD943D45 for ; Tue, 2 Aug 2005 20:55:09 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id BE4731FF9AF; Tue, 2 Aug 2005 22:55:07 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id 455421FF9A8; Tue, 2 Aug 2005 22:55:05 +0200 (CEST) Received: by mail.int.zabbadoz.net (Postfix, from userid 1060) id E778F1560B; Tue, 2 Aug 2005 20:51:55 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.int.zabbadoz.net (Postfix) with ESMTP id DD62915380; Tue, 2 Aug 2005 20:51:55 +0000 (UTC) Date: Tue, 2 Aug 2005 20:51:55 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net To: VANHULLEBUS Yvan In-Reply-To: <20050802183007.GA13203@zeninc.net> Message-ID: References: <42EFAEBE.8060905@seton.org> <20050802183007.GA13203@zeninc.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de Cc: freebsd-net@freebsd.org Subject: Re: RE: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 20:55:10 -0000 On Tue, 2 Aug 2005, VANHULLEBUS Yvan wrote: Hi, > > Yes ( as a user ) but I am not a FreeBSD developer. I think there was > > initially resistance from open source groups to integrate this support > > due to patent issues ( maybe just WRT usage w/ IKEv1 ) but must have > > been resolved as both OpenBSD and Linux support this functionality now. > > Yep. > > KAME team did not integrate another NAT-T implementation a few years > ago for those reasons. > > More infos about that may be get from Emmanuel Dreyfus, a NetBSD > developper and a member of the ipsec-tools team, which made the NetBSD > NAT-T support, and told me a few month ago that NetBSD lawyers were > looking at that potential IPR issue. do you have more info about this? -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 01:18:08 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE83F16A41F; Wed, 3 Aug 2005 01:18:08 +0000 (GMT) (envelope-from emaste@phaedrus.sandvine.ca) Received: from mailserver.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F47043D48; Wed, 3 Aug 2005 01:18:08 +0000 (GMT) (envelope-from emaste@phaedrus.sandvine.ca) Received: from labgw2.phaedrus.sandvine.com ([192.168.3.11]) by mailserver.sandvine.com with Microsoft SMTPSVC(5.0.2195.6713); Tue, 2 Aug 2005 21:18:07 -0400 Received: by labgw2.phaedrus.sandvine.com (Postfix, from userid 12627) id EB86E13650; Tue, 2 Aug 2005 21:18:06 -0400 (EDT) Date: Tue, 2 Aug 2005 21:18:06 -0400 From: Ed Maste To: Robert Watson Message-ID: <20050803011806.GA32338@sandvine.com> References: <42CEF0EB.4000107@borderware.com> <42D006DB.8080108@errno.com> <20050712150224.GA38249@sandvine.com> <20050712162332.Q79478@fledge.watson.org> <20050712220452.GB38249@sandvine.com> <20050723012046.K40216@fledge.watson.org> <20050723013902.L40216@fledge.watson.org> <20050801190211.Q61500@fledge.watson.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050801190211.Q61500@fledge.watson.org> User-Agent: Mutt/1.4.2.1i X-OriginalArrivalTime: 03 Aug 2005 01:18:07.0134 (UTC) FILETIME=[3448E3E0:01C597C9] Cc: freebsd-net@freebsd.org, gnn@FreeBSD.org Subject: Re: what to replace splnet in FreeBSD 5.x? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 01:18:08 -0000 On Mon, Aug 01, 2005 at 07:16:58PM +0100, Robert Watson wrote: > >Updated version of the patch at: > > > >http://www.watson.org/~robert/freebsd/netperf/20050523-multicast.diff > > > >Spl-related cleanups (no longer useful documentation of old > >synchronization in many places), lock order hard-coded into WITNESS > >order rather than dynamically detected. > > Ed, > > Have you had a chance to run with this patch as yet? If possible, I'd > like to get it merged to 7.x-CURRENT so we can backport it for 6.0. I finally got our local CVS repository back into shape and gave this patch a try. Unfortunately got a panic as soon as our multicast app started up: panic: _mtx_lock_sleep: recursed on non-recursive mutex in_multi_mtx @ /d2/emaste/cvs_mcast/src/sys/netinet/ip_output.c:298 cpuid = 0 KDB: stack backtrace: kdb_backtrace(100,a2894300,a07eba00,a07eba00,12a) at 0xa0586915 = kdb_backtrace+0x29 panic(a071a883,a071f26e,a0729680,12a,a07eba00) at 0xa056eeb8 = panic+0x114 _mtx_lock_sleep(a07eba00,a2894300,0,a0729680,12a) at 0xa05669cb = _mtx_lock_sleep+0x33 _mtx_lock_flags(a07eba00,0,a0729680,12a,0) at 0xa05664ba = _mtx_lock_flags+0x8a ip_output(a2645e00,a2649100,a07eb9b0,0,c8635b08) at 0xa05f7b0e = ip_output+0x3fe igmp_sendpkt(a24b9de0,16,0,a24b9de0,c8635bb8) at 0xa05e292e = igmp_sendpkt+0x106 igmp_joingroup(a24b9de0,a2504240,210,240600ef,0) at 0xa05e2642 = igmp_joingroup+0x92 in_addmulti(c8635bcc,a23a1400,a23a1400,240600ef,1000001) at 0xa05e437e = in_addmulti+0x10e ip_setmoptions(a272c7f8,c8635c90,a071a701,12c,0) at 0xa05f9278 = ip_setmoptions+0x3a0 ip_ctloutput(a27c2650,c8635c90,a283a22c,0,a0722810) at 0xa05f8a57 = ip_ctloutput+0x36b sosetopt(a27c2650,c8635c90,a26af798,1,0) at 0xa05a91ac = sosetopt+0x2c kern_setsockopt(a2894300,b,0,c,9fbfcd60) at 0xa05ada71 = kern_setsockopt+0xb5 setsockopt(a2894300,c8635d04,5,3,246) at 0xa05ad9ba = setsockopt+0x1e syscall(81e003b,81e003b,9fbf003b,9fbfcd70,841fc28) at 0xa06c72fb = syscall+0x25b in_addmulti holds the in_multi_mtx when it calls _joingroup. I haven't yet looked over the whole patch to understand the specifics. I'll post again once I do if I have any ideas. -- Ed Maste, Sandvine Incorporated. From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 03:49:36 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2D3A916A41F for ; Wed, 3 Aug 2005 03:49:36 +0000 (GMT) (envelope-from dave-sender-1932b5@seddon.ca) Received: from seddon.ca (seddon.ca [203.209.212.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 5B4E943D48 for ; Wed, 3 Aug 2005 03:49:35 +0000 (GMT) (envelope-from dave-sender-1932b5@seddon.ca) Received: (qmail 95463 invoked by uid 89); 3 Aug 2005 03:49:34 -0000 Received: by seddon.ca (tmda-sendmail, from uid 89); Wed, 03 Aug 2005 13:49:33 +1000 (EST) To: freebsd-net@freebsd.org Date: Wed, 03 Aug 2005 13:49:32 +1000 Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: quoted-printable From: Dave+Seddon Message-ID: <1123040973.95445.TMDA@seddon.ca> X-Delivery-Agent: TMDA/1.0.3 (Seattle Slew) Subject: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 03:49:36 -0000 Greetings, I'm trying to do some performance testing of a content filtering system, = so I'm trying to get very high HTTP throughput. I've got 4 * HP DL380s with= 3.4G Xeon processors (hyper threading) and 1 G RAM, 2 onboard BGEs, and 2= * 2 port EM. Using FreeBSD5.4-stable (as of 2005/08/02) and device polling= , I've configured a large number (246) VLAN interfaces on two machines, and= have apache on one box and siege on the other. Using 'siege -f /home/my_big_list_of_urls -c 50 --internet' one host does a large number = of request from the other machine. I've been trying to tune for maximum performance and have been using lots of examples for /etc/sysctl.conf and= so on from the web. Adjusting these settings and running the siege, I've fo= und the apache server completely loses network connectivity when device polli= ng is enabled. I've adjusted the HZ lots and found the system survives the longest set a 15000 (yes it seems very large doesn't it). The problem no= w seems to be that I'm running out of mbufs: -------------------------------------- 4294264419 mbufs in use 4294866740/2147483647 mbuf clusters in use (current/max) 0/3/6656 sfbufs in use (current/peak/max) 3817472 KBytes allocated to network 0 requests for sfbufs denied 0 requests for sfbufs delayed 0 requests for I/O initiated by sendfile 0 calls to protocol drain routines -------------------------------------- host228# cat kern.polling kern.polling.burst: 671 kern.polling.each_burst: 100 kern.polling.burst_max: 1000 kern.polling.idle_poll: 0 kern.polling.poll_in_trap: 0 kern.polling.user_frac: 70 kern.polling.reg_frac: 40 kern.polling.short_ticks: 3523 kern.polling.lost_polls: 49996588 kern.polling.pending_polls: 1 kern.polling.residual_burst: 0 kern.polling.handlers: 2 kern.polling.enable: 1 kern.polling.phase: 0 kern.polling.suspect: 1768262 kern.polling.stalled: 9 kern.polling.idlepoll_sleeping: 1 ------------------------------------- For some reason, the 'current' can be WAAAY higher than the 'max' which seems very odd. I've tried putting the 'max' right up to 5 billion, howe= ver it only goes to 2.1 billion. How should I proceed further? How come the box loses all connectivity, rather than just some TCP stream= s failing? Why doesn't the network recover when I stop the siege? Why does kern.polling.burst_max only go to 1000 when I try setting it to 1500? Settings: ---------------------------------------------------------- host228# sysctl kern.polling kern.polling.burst: 684 kern.polling.each_burst: 100 kern.polling.burst_max: 1000 kern.polling.idle_poll: 0 kern.polling.poll_in_trap: 0 kern.polling.user_frac: 70 kern.polling.reg_frac: 40 kern.polling.short_ticks: 97 kern.polling.lost_polls: 8390 kern.polling.pending_polls: 0 kern.polling.residual_burst: 0 kern.polling.handlers: 2 kern.polling.enable: 1 kern.polling.phase: 0 kern.polling.suspect: 3642 kern.polling.stalled: 0 kern.polling.idlepoll_sleeping: 1 ------------------------------------------------------------ host228# cat /etc/sysctl.conf #kern.polling.enable=3D1 kern.polling.enable=3D1 #kern.polling.user_frac: 50 #kern.polling.reg_frac: 20 kern.polling.user_frac=3D70 kern.polling.reg_frac=3D40 #kern.polling.burst: 5 #kern.polling.each_burst: 5 #kern.polling.burst_max: 150 #default for 100MB/s kern.polling.burst=3D1000 kern.polling.each_burst=3D100 kern.polling.burst_max=3D2000 #example I found on the web #kern.polling.burst: 1000 #kern.polling.each_burst: 80 #kern.polling.burst_max: 1000 #net.inet.tcp.sendspace: 32768 #net.inet.tcp.recvspace: 65536 net.inet.tcp.sendspace=3D1024000 net.inet.tcp.recvspace=3D1024000 #sysctl net.inet.tcp.rfc1323=3D1 Activate window scaling and timestamp options according to RFC 1323. net.inet.tcp.rfc1323=3D1 net.inet.tcp.delayed_ack=3D0 #kern.ipc.maxsockbuf: 262144 kern.ipc.maxsockbuf=3D20480000 #The kern.ipc.somaxconn sysctl variable limits the size of the listen que= ue for accepting new TCP connections. The default value of 128 is typically = too low for robust handling of new connections in a heavily loaded web server= environment. #kern.ipc.somaxconn: 128 kern.ipc.somaxconn=3D1024 #The TCP Bandwidth Delay Product Limiting is similar to TCP/Vegas in NetB= SD. It can be enabled by setting net.inet.tcp.inflight.enable sysctl variable= to 1. The system will attempt to calculate the bandwidth delay product for e= ach connection and limit the amount of data queued to the network to just the= amount required to maintain optimum throughput. #This feature is useful if you are serving data over modems, Gigabit Ethernet, or even high speed WAN links (or any other link with a high bandwidth delay product), especially if you are also using window scaling= or have configured a large send window. If you enable this option, you shoul= d also be sure to set net.inet.tcp.inflight.debug to 0 (disable debugging),= and for production use setting net.inet.tcp.inflight.min to at least 6144= may be beneficial. #these are the defaults #net.inet.tcp.inflight.enable: 1 #net.inet.tcp.inflight.debug: 0 #net.inet.tcp.inflight.min: 6144 #net.inet.tcp.inflight.max: 1073725440 #net.inet.tcp.inflight.stab: 20 #Disable entropy harvesting for ethernet devices and interrupts. There a= re optimizations present in 6.x that have not yet been backported that impro= ve the overhead of entropy harvesting, but you can get the same benefits by disabling it. In your environment, it's likely not needed. I hope to backport these changes in a couple of weeks to 5-STABLE. kern.random.sys.harvest.ethernet=3D0 kern.random.sys.harvest.interrupt=3D0 -------------------------------------------------- host228# sysctl -a | grep ipc | grep nm kern.ipc.nmbclusters: 25600 host228# sysctl kern.ipc.nmbclusters=3D5000000000 kern.ipc.nmbclusters: 25600 -> 2147483647 host228# sysctl -a | grep ipc | grep nm kern.ipc.nmbclusters: 2147483647 ------------------------------------------------- host228# sysctl -a | grep hz kern.clockrate: { hz =3D 15000, tick =3D 66, profhz =3D 1024, stathz =3D = 128 } debug.psmhz: 20 -------------------------------------------------- THE PHYSCIAL INTERFACES ONLY (I'm only using 1 interface per 2 port card,= and only running performance tests on the em cards) bge0: flags=3D8843 mtu 1500 options=3D1a inet 192.168.1.228 netmask 0xffffff00 broadcast 192.168.1.255 ether 00:12:79:cf:d0:bf media: Ethernet autoselect (1000baseTX ) status: active bge1: flags=3D8802 mtu 1500 options=3D1a ether 00:12:79:cf:d0:be media: Ethernet autoselect (none) status: no carrier em0: flags=3D18843 mtu 15= 00 options=3D4b ether 00:11:0a:56:ab:3a media: Ethernet autoselect (1000baseTX ) status: active em1: flags=3D8843 mtu 1500 options=3D4b ether 00:11:0a:56:ab:3b media: Ethernet autoselect status: no carrier em2: flags=3D18843 mtu 15= 00 options=3D4b ether 00:11:0a:56:b2:4c media: Ethernet autoselect (1000baseTX ) status: active em3: flags=3D8843 mtu 1500 options=3D4b ether 00:11:0a:56:b2:4d media: Ethernet autoselect status: no carrier lo0: flags=3D8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 --------------------------------------- Regards, Dave Seddon das-keyword-net.6770cb@seddon.ca From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 03:51:41 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id C670516A420; Wed, 3 Aug 2005 03:51:41 +0000 (GMT) Date: Wed, 3 Aug 2005 03:51:41 +0000 From: Kris Kennaway To: Dave+Seddon Message-ID: <20050803035141.GC92364@hub.freebsd.org> References: <1123040973.95445.TMDA@seddon.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: <1123040973.95445.TMDA@seddon.ca> User-Agent: Mutt/1.4.2.1i Cc: freebsd-net@freebsd.org Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 03:51:41 -0000 On Wed, Aug 03, 2005 at 01:49:32PM +1000, Dave+Seddon wrote: > Greetings, >=20 > I'm trying to do some performance testing of a content filtering system, = so > I'm trying to get very high HTTP throughput. I've got 4 * HP DL380s with > 3.4G Xeon processors (hyper threading) and 1 G RAM, 2 onboard BGEs, and 2= * > 2 port EM. Using FreeBSD5.4-stable (as of 2005/08/02) and device polling, > I've configured a large number (246) VLAN interfaces on two machines, and > have apache on one box and siege on the other. Using 'siege -f > /home/my_big_list_of_urls -c 50 --internet' one host does a large number = of > request from the other machine. I've been trying to tune for maximum > performance and have been using lots of examples for /etc/sysctl.conf and= so > on from the web. Adjusting these settings and running the siege, I've fo= und > the apache server completely loses network connectivity when device polli= ng > is enabled. I've adjusted the HZ lots and found the system survives the > longest set a 15000 (yes it seems very large doesn't it). The problem now > seems to be that I'm running out of mbufs: >=20 > -------------------------------------- > 4294264419 mbufs in use > 4294866740/2147483647 mbuf clusters in use (current/max) This is a FAQ..see the release errata. The short answer is that it's not a real leak, only a leak in the stats. This is fixed in 7.0 and might be fixed in 6.0-RELEASE. Kris From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 03:54:20 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 643D516A41F for ; Wed, 3 Aug 2005 03:54:20 +0000 (GMT) (envelope-from dave-sender-1932b5@seddon.ca) Received: from seddon.ca (seddon.ca [203.209.212.18]) by mx1.FreeBSD.org (Postfix) with SMTP id A2E0343D46 for ; Wed, 3 Aug 2005 03:54:19 +0000 (GMT) (envelope-from dave-sender-1932b5@seddon.ca) Received: (qmail 96022 invoked by uid 89); 3 Aug 2005 03:54:18 -0000 Received: by seddon.ca (tmda-sendmail, from uid 89); Wed, 03 Aug 2005 13:54:18 +1000 (EST) References: <1123040973.95445.TMDA@seddon.ca> <20050803035141.GC92364@hub.freebsd.org> In-Reply-To: <20050803035141.GC92364@hub.freebsd.org> To: freebsd-net@freebsd.org Date: Wed, 03 Aug 2005 13:54:16 +1000 Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit From: Dave+Seddon Message-ID: <1123041258.96004.TMDA@seddon.ca> X-Delivery-Agent: TMDA/1.0.3 (Seattle Slew) Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 03:54:20 -0000 So as for the system losing all network connectivity, do you have any suggestions? regards, Dave Kris Kennaway writes: > On Wed, Aug 03, 2005 at 01:49:32PM +1000, Dave+Seddon wrote: >> Greetings, >> >> I'm trying to do some performance testing of a content filtering system, so >> I'm trying to get very high HTTP throughput. I've got 4 * HP DL380s with >> 3.4G Xeon processors (hyper threading) and 1 G RAM, 2 onboard BGEs, and 2 * >> 2 port EM. Using FreeBSD5.4-stable (as of 2005/08/02) and device polling, >> I've configured a large number (246) VLAN interfaces on two machines, and >> have apache on one box and siege on the other. Using 'siege -f >> /home/my_big_list_of_urls -c 50 --internet' one host does a large number of >> request from the other machine. I've been trying to tune for maximum >> performance and have been using lots of examples for /etc/sysctl.conf and so >> on from the web. Adjusting these settings and running the siege, I've found >> the apache server completely loses network connectivity when device polling >> is enabled. I've adjusted the HZ lots and found the system survives the >> longest set a 15000 (yes it seems very large doesn't it). The problem now >> seems to be that I'm running out of mbufs: >> >> -------------------------------------- >> 4294264419 mbufs in use >> 4294866740/2147483647 mbuf clusters in use (current/max) > > This is a FAQ..see the release errata. The short answer is that it's > not a real leak, only a leak in the stats. This is fixed in 7.0 and > might be fixed in 6.0-RELEASE. > > Kris > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 03:55:39 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id C8FC316A420; Wed, 3 Aug 2005 03:55:39 +0000 (GMT) Date: Wed, 3 Aug 2005 03:55:39 +0000 From: Kris Kennaway To: Dave+Seddon Message-ID: <20050803035539.GD92364@hub.freebsd.org> References: <1123040973.95445.TMDA@seddon.ca> <20050803035141.GC92364@hub.freebsd.org> <1123041258.96004.TMDA@seddon.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1123041258.96004.TMDA@seddon.ca> User-Agent: Mutt/1.4.2.1i Cc: freebsd-net@freebsd.org Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 03:55:39 -0000 On Wed, Aug 03, 2005 at 01:54:16PM +1000, Dave+Seddon wrote: > So as for the system losing all network connectivity, do you have any > suggestions? No, it must be some unrelated problem. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 03:56:02 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 4D76116A421; Wed, 3 Aug 2005 03:56:02 +0000 (GMT) Date: Wed, 3 Aug 2005 03:56:02 +0000 From: Kris Kennaway To: Kris Kennaway Message-ID: <20050803035602.GE92364@hub.freebsd.org> References: <1123040973.95445.TMDA@seddon.ca> <20050803035141.GC92364@hub.freebsd.org> <1123041258.96004.TMDA@seddon.ca> <20050803035539.GD92364@hub.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050803035539.GD92364@hub.freebsd.org> User-Agent: Mutt/1.4.2.1i Cc: Dave+Seddon , freebsd-net@freebsd.org Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 03:56:02 -0000 On Wed, Aug 03, 2005 at 03:55:39AM +0000, Kris Kennaway wrote: > On Wed, Aug 03, 2005 at 01:54:16PM +1000, Dave+Seddon wrote: > > So as for the system losing all network connectivity, do you have any > > suggestions? > > No, it must be some unrelated problem. P.S. Return mail to your address bounces. From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 03:59:47 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D2F316A41F for ; Wed, 3 Aug 2005 03:59:47 +0000 (GMT) (envelope-from silby@silby.com) Received: from relay01.pair.com (relay01.pair.com [209.68.5.15]) by mx1.FreeBSD.org (Postfix) with SMTP id 15B0043D45 for ; Wed, 3 Aug 2005 03:59:46 +0000 (GMT) (envelope-from silby@silby.com) Received: (qmail 53564 invoked from network); 3 Aug 2005 03:59:45 -0000 Received: from unknown (HELO localhost) (unknown) by unknown with SMTP; 3 Aug 2005 03:59:45 -0000 X-pair-Authenticated: 209.68.2.70 Date: Tue, 2 Aug 2005 22:59:45 -0500 (CDT) From: Mike Silbersack To: Dave+Seddon In-Reply-To: <1123040973.95445.TMDA@seddon.ca> Message-ID: <20050802225518.G53516@odysseus.silby.com> References: <1123040973.95445.TMDA@seddon.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 03:59:47 -0000 On Wed, 3 Aug 2005, Dave+Seddon wrote: > For some reason, the 'current' can be WAAAY higher than the 'max' which > seems very odd. I've tried putting the 'max' right up to 5 billion, however > it only goes to 2.1 billion. Argh, kris beat me to mentioning the statistics problem. Well, I'd add another potentially useful piece of data: > net.inet.tcp.sendspace=1024000 > net.inet.tcp.recvspace=1024000 > kern.ipc.maxsockbuf=20480000 I don't think large socket buffers have been tested well, it's possible that you're exhausting almost all of your mbufs with just a few connections - if you're really stuffing that much data in. I'd go back to the default settings for the above and try again. Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 04:44:01 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 670C416A41F for ; Wed, 3 Aug 2005 04:44:01 +0000 (GMT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1726043D45 for ; Wed, 3 Aug 2005 04:44:00 +0000 (GMT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.13.0/8.13.0) with ESMTP id j734i0rN027412; Tue, 2 Aug 2005 21:44:00 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.13.0/8.13.0/Submit) id j734i0S6027411; Tue, 2 Aug 2005 21:44:00 -0700 Date: Tue, 2 Aug 2005 21:44:00 -0700 From: Brooks Davis To: Dave+Seddon Message-ID: <20050803044400.GA6079@odin.ac.hmc.edu> References: <1123040973.95445.TMDA@seddon.ca> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="SUOF0GtieIMvvwua" Content-Disposition: inline In-Reply-To: <1123040973.95445.TMDA@seddon.ca> User-Agent: Mutt/1.4.1i X-Virus-Scanned: by amavisd-new X-Spam-Status: No, hits=0.0 required=8.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on odin.ac.hmc.edu Cc: freebsd-net@freebsd.org Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 04:44:01 -0000 --SUOF0GtieIMvvwua Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Aug 03, 2005 at 01:49:32PM +1000, Dave+Seddon wrote: > Greetings,=20 >=20 > I'm trying to do some performance testing of a content filtering system, = so=20 > I'm trying to get very high HTTP throughput. I've got 4 * HP DL380s with= =20 > 3.4G Xeon processors (hyper threading) and 1 G RAM, 2 onboard BGEs, and 2= *=20 > 2 port EM. Using FreeBSD5.4-stable (as of 2005/08/02) and device polling= ,=20 > I've configured a large number (246) VLAN interfaces on two machines, and= =20 > have apache on one box and siege on the other. Using 'siege -f=20 > /home/my_big_list_of_urls -c 50 --internet' one host does a large number = of=20 > request from the other machine. I've been trying to tune for maximum=20 > performance and have been using lots of examples for /etc/sysctl.conf and= =20 > so on from the web. Adjusting these settings and running the siege, I've= =20 > found the apache server completely loses network connectivity when device= =20 > polling is enabled. I've adjusted the HZ lots and found the system=20 > survives the longest set a 15000 (yes it seems very large doesn't it). T= he=20 > problem now seems to be that I'm running out of mbufs:=20 I doubt this is relevant, but it's worth noting that the vlan code is is rather stupid in the face of large number of vlans because they are all hung off a last. Thus assuming even load, you're traversing an average of 123 elements in the list per packet. This might have a significant impact on performance that could be causing excessive queuing. It's fairly easy to fix by allocating an array indexed by vlan so dispatch is constant time (modulo cache effects), but it hasn't been done yet. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --SUOF0GtieIMvvwua Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC8EuPXY6L6fI4GtQRAnFnAKC19kpGJubV7ztj+HUDXw1dpCEoDgCfQI9o HNUslpupZv8ypAm/R5M5Zxo= =Go9u -----END PGP SIGNATURE----- --SUOF0GtieIMvvwua-- From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 05:16:31 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9CA5716A41F; Wed, 3 Aug 2005 05:16:31 +0000 (GMT) (envelope-from aquatique@rusunix.org) Received: from rusunix.org (rusunix.org [212.118.165.104]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B43C43D48; Wed, 3 Aug 2005 05:16:31 +0000 (GMT) (envelope-from aquatique@rusunix.org) Received: by rusunix.org (Postfix, from userid 1111) id 13521228027; Wed, 3 Aug 2005 07:14:15 +0200 (CEST) Date: Wed, 3 Aug 2005 07:14:15 +0200 From: "Evgueni V. Gavrilov" To: freebsd-stable@freebsd.org Message-ID: <20050803051415.GA29093@rusunix.org> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.5.9i Cc: freebsd-net@freebsd.org Subject: another sbdrop panic on 6.0-BETA2 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 05:16:31 -0000 # kgdb kernel.debug /usr/crash/vmcore.26 [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". #0 doadump () at pcpu.h:165 165 __asm __volatile("movl %%fs:0,%0" : "=r" (td)); (kgdb) where full #0 doadump () at pcpu.h:165 No locals. #1 0xc05afc75 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:397 first_buf_printf = 1 #2 0xc05b0023 in panic (fmt=0xc078b541 "sbdrop") at /usr/src/sys/kern/kern_shutdown.c:553 td = (struct thread *) 0xc36fa600 bootopt = 260 newpanic = 0 ap = 0xc36fa600 "<\232oà ´8Ã" buf = "sbdrop", '\0' #3 0xc05f975d in sbdrop_locked (sb=0xeaabb9d8, len=232) at /usr/src/sys/kern/uipc_socket2.c:1144 m = (struct mbuf *) 0x0 next = (struct mbuf *) 0x0 #4 0xc05f9641 in sbflush_locked (sb=0xeaabb9d8) at /usr/src/sys/kern/uipc_socket2.c:1111 No locals. #5 0xc05f89d4 in sbrelease_locked (sb=0xeaabb9d8, so=0x0) at /usr/src/sys/kern/uipc_socket2.c:559 No locals. #6 0xc05f8a70 in sbrelease (sb=0xeaabb9d8, so=0x0) at /usr/src/sys/kern/uipc_socket2.c:572 No locals. #7 0xc05f5f9c in sorflush (so=0xc564d164) at /usr/src/sys/kern/uipc_socket.c:1480 sb = (struct sockbuf *) 0xc564d1b4 pr = (struct protosw *) 0xc07bdae0 asb = {sb_sel = {si_thrlist = {tqe_next = 0x0, tqe_prev = 0x0}, si_thread = 0x0, si_note = {kl_list = { slh_first = 0x0}, kl_lock = 0, kl_unlock = 0, kl_locked = 0, kl_lockarg = 0x0}, si_flags = 0}, sb_mtx = { mtx_object = {lo_class = 0xc07b8224, lo_name = 0xc078b496 "so_rcv", lo_type = 0xc078b496 "so_rcv", lo_flags = 196608, lo_list = {tqe_next = 0x0, tqe_prev = 0x0}, lo_witness = 0x0}, mtx_lock = 3278874112, mtx_recurse = 0}, sb_state = 0, sb_mb = 0xc38b8300, sb_mbtail = 0xc3965800, sb_lastrecord = 0xc38b8300, sb_cc = 232, sb_hiwat = 8192, sb_mbcnt = 256, sb_mbmax = 65536, sb_ctl = 0, sb_lowat = 1, sb_timeo = 0, sb_flags = 64} #8 0xc05f3c6d in sofree (so=0xc564d164) at /usr/src/sys/kern/uipc_socket.c:406 head = (struct socket *) 0x0 #9 0xc05f4042 in soclose (so=0xc564d164) at /usr/src/sys/kern/uipc_socket.c:484 error = 0 #10 0xc05e16d8 in soo_close (fp=0xc4537090, td=0xc36fa600) at /usr/src/sys/kern/sys_socket.c:317 error = 0 so = (struct socket *) 0x0 #11 0xc058a4ea in fdrop_locked (fp=0xc4537090, td=0x0) at file.h:289 error = 0 #12 0xc058a40c in fdrop (fp=0xc4537090, td=0x0) at /usr/src/sys/kern/kern_descrip.c:2099 No locals. #13 0xc058835c in closef (fp=0xc4537090, td=0xc36fa600) at /usr/src/sys/kern/kern_descrip.c:1919 vp = (struct vnode *) 0xc36f6798 lf = {l_start = -4585496678308791428, l_len = 25769803786, l_pid = -1, l_type = -12240, l_whence = -16264} fdtol = (struct filedesc_to_leader *) 0x0 fdp = (struct filedesc *) 0xc36f6700 #14 0xc0586ed1 in fdfree (td=0xc36fa600) at /usr/src/sys/kern/kern_descrip.c:1620 fdp = (struct filedesc *) 0xc36f6700 fpp = (struct file **) 0xc36f6798 i = -1 fdtol = (struct filedesc_to_leader *) 0x0 fp = (struct file *) 0xc104a270 vp = (struct vnode *) 0x0 lf = {l_start = -4169999003410235389, l_len = -4586296654622376952, l_pid = -1065657888, l_type = 128, l_whence = 0} #15 0xc05923ca in exit1 (td=0xc36fa600, rv=11) at /usr/src/sys/kern/kern_exit.c:237 new_switchtime = {sec = -357843864, frac = 16909816604093579274} p = (struct proc *) 0xc36f9a3c nq = (struct proc *) 0x0 q = (struct proc *) 0x0 tp = (struct tty *) 0xc35b8400 ttyvp = (struct vnode *) 0xc35b8400 vm = (struct vmspace *) 0x0 vtmp = (struct vnode *) 0x0 tracevp = (struct vnode *) 0x0 tracecred = (struct ucred *) 0xc35b8400 plim = (struct plimit *) 0x0 refcnt = 0 #16 0xc05b544d in sigexit (td=0xc36fa600, sig=11) at /usr/src/sys/kern/kern_sig.c:2439 p = (struct proc *) 0xc36f9a3c #17 0xc05b50d6 in postsig (sig=11) at /usr/src/sys/kern/kern_sig.c:2314 td = (struct thread *) 0xc36fa600 p = (struct proc *) 0xc36f9a3c ps = (struct sigacts *) 0xc37d5000 action = 0 returnmask = {__bits = {3278874112, 3278874112, 3937123560, 3227189686}} code = 0 #18 0xc05d758c in ast (framep=0xeaabbd38) at /usr/src/sys/kern/subr_trap.c:266 td = (struct thread *) 0xc36fa600 p = (struct proc *) 0xc36f9a3c kg = (struct ksegrp *) 0xc338b420 rlim = {rlim_cur = 51539607552, rlim_max = 38654705675} sticks = 9 sflag = 1 flags = 16910336 sig = 0 #19 0xc072ce3d in doreti_ast () at /usr/src/sys/i386/i386/exception.s:293 No locals. #20 0xeaabbd38 in ?? () No symbol table info available. #21 0x080a003b in ?? () No symbol table info available. #22 0x0814003b in ?? () No symbol table info available. #23 0xbfbf003b in ?? () No symbol table info available. #24 0x00000000 in ?? () No symbol table info available. #25 0x68746958 in ?? () No symbol table info available. #26 0xbfbfed88 in ?? () No symbol table info available. #27 0xeaabbd64 in ?? () No symbol table info available. #28 0x68746958 in ?? () No symbol table info available. #29 0x00000000 in ?? () No symbol table info available. #30 0x1a1d1a56 in ?? () No symbol table info available. #31 0x00000000 in ?? () No symbol table info available. #32 0x0000000c in ?? () No symbol table info available. #33 0x00000000 in ?? () No symbol table info available. #34 0x2845981f in ?? () No symbol table info available. #35 0x00000033 in ?? () No symbol table info available. #36 0x00010206 in ?? () No symbol table info available. #37 0xbfbfec00 in ?? () No symbol table info available. #38 0x0000003b in ?? () No symbol table info available. #39 0x00000000 in ?? () No symbol table info available. #40 0x00000000 in ?? () No symbol table info available. #41 0x00000000 in ?? () No symbol table info available. #42 0x00000000 in ?? () No symbol table info available. #43 0x75ae2000 in ?? () No symbol table info available. #44 0xc36f9a3c in ?? () No symbol table info available. #45 0xc36fa600 in ?? () No symbol table info available. #46 0xeaabb874 in ?? () No symbol table info available. #47 0xeaabb85c in ?? () No symbol table info available. #48 0xc331a780 in ?? () No symbol table info available. #49 0xc05c5128 in sched_switch (td=0x68746958, newtd=0x68746958, flags=Cannot access memory at address 0xbfbfed98 ) at /usr/src/sys/kern/sched_4bsd.c:973 kg = (struct ksegrp *) 0x0 p = (struct proc *) 0x0 Previous frame inner to this frame (corrupt stack?) (kgdb) quit Copyright (c) 1992-2005 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.0-BETA2 #0: Tue Aug 2 18:43:26 OMSST 2005 aquatique@blackbird.opsb:/usr/obj/usr/src/sys/BLACKBIRD6 acpi_alloc_wakeup_handler: can't alloc wake memory ACPI APIC Table: Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Xeon(TM) CPU 2.40GHz (2392.29-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf27 Stepping = 7 Features=0xbfebfbff Features2=0x4400> Hyperthreading: 2 logical CPUs real memory = 2013265920 (1920 MB) avail memory = 1964122112 (1873 MB) FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs cpu0 (BSP): APIC ID: 0 cpu1 (AP): APIC ID: 1 cpu2 (AP): APIC ID: 6 cpu3 (AP): APIC ID: 7 ACPI-0698: *** Warning: Type override - [DEB_] had invalid type (Integer) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [MLIB] had invalid type (Integer) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [DATA] had invalid type (String) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [SIO_] had invalid type (String) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [LEDP] had invalid type (String) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [GPEN] had invalid type (String) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [GPST] had invalid type (String) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [WUES] had invalid type (String) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [WUSE] had invalid type (String) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [SBID] had invalid type (String) for Scope operator, changed to (Scope) ACPI-0698: *** Warning: Type override - [SWCE] had invalid type (String) for Scope operator, changed to (Scope) ioapic0 irqs 0-23 on motherboard ioapic1 irqs 24-47 on motherboard ioapic2 irqs 48-71 on motherboard lapic0: Forcing LINT1 to edge trigger netsmb_dev: loaded npx0: [FAST] npx0: on motherboard npx0: INT 16 interface acpi0: on motherboard acpi0: Power Button (fixed) acpi_ec0: port 0xca6,0xca7 on acpi0 pci_link0: irq 9 on acpi0 pci_link1: irq 11 on acpi0 pci_link2: irq 0 on acpi0 pci_link3: irq 0 on acpi0 Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0 cpu0: on acpi0 cpu1: on acpi0 cpu2: on acpi0 cpu3: on acpi0 pcib0: port 0xcf8-0xcff on acpi0 pci0: on pcib0 pci0: at device 0.1 (no driver attached) pcib1: at device 3.0 on pci0 pci2: on pcib1 pci2: at device 28.0 (no driver attached) pcib2: at device 29.0 on pci2 pci4: on pcib2 iir0: mem 0xfa000000-0xfbffffff irq 48 at device 8.0 on pci4 iir0: [GIANT-LOCKED] pci2: at device 30.0 (no driver attached) pcib3: at device 31.0 on pci2 pci3: on pcib3 em0: port 0x2040-0x207f mem 0xfe8c0000-0xfe8dffff irq 30 at device 7.0 on pci3 em0: Ethernet address: 00:07:e9:05:a4:28 em0: Speed:N/A Duplex:N/A em1: port 0x2000-0x203f mem 0xfe8e0000-0xfe8fffff irq 31 at device 7.1 on pci3 em1: Ethernet address: 00:07:e9:05:a4:29 em1: Speed:N/A Duplex:N/A pci0: at device 3.1 (no driver attached) pcib4: at device 30.0 on pci0 pci1: on pcib4 pci1: at device 12.0 (no driver attached) isab0: at device 31.0 on pci0 isa0: on isab0 atapci0: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x3a0-0x3af at device 31.1 on pci0 ata0: on atapci0 ata1: on atapci0 pci0: at device 31.3 (no driver attached) atkbdc0: port 0x60,0x64 irq 1 on acpi0 atkbd0: irq 1 on atkbdc0 kbd0 at atkbd0 atkbd0: [GIANT-LOCKED] psm0: irq 12 on atkbdc0 psm0: [GIANT-LOCKED] psm0: model Generic PS/2 mouse, device ID 0 fdc0: port 0x3f2-0x3f3,0x3f4-0x3f5,0x3f7 irq 6 drq 2 on acpi0 fdc0: [FAST] fd0: <1440-KB 3.5" drive> on fdc0 drive 0 sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0 sio1: type 16550A orm0: at iomem 0xc0000-0xc7fff,0xcd800-0xcefff,0xcf000-0xd07ff on isa0 sc0: at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 Timecounters tick every 1.000 msec Waiting 2 seconds for SCSI devices to settle acd0: CDROM at ata1-master UDMA33 ses0 at iir0 bus 1 target 6 lun 0 ses0: Fixed Processor SCSI-2 device ses0: SAF-TE Compliant Device da0 at iir0 bus 2 target 0 lun 0 da0: Fixed Direct Access SCSI-2 device da0: Tagged Queueing Enabled da0: 17461MB (35760690 512 byte sectors: 255H 63S/T 2226C) ATA PseudoRAID loaded SMP: AP CPU #3 Launched! SMP: AP CPU #1 Launched! lapic6: Forcing LINT1 to edge trigger SMP: AP CPU #2 Launched! Trying to mount root from ufs:/dev/da0s1a WARNING: /mnt was not properly dismounted WARNING: /mnt/usr was not properly dismounted WARNING: /mnt/var was not properly dismounted /mnt/var: mount pending error: blocks 2688 files 2 em0: link state changed to UP Accounting enabled machine i386 cpu I686_CPU ident BLACKBIRD6 makeoptions DEBUG=-g options SCHED_4BSD options PREEMPTION options INET options FFS options SOFTUPDATES options UFS_EXTATTR options UFS_EXTATTR_AUTOSTART options UFS_ACL options UFS_DIRHASH options MD_ROOT options NFSCLIENT options NFSSERVER options MSDOSFS options MSDOSFS_LARGE options CD9660 options PROCFS options NULLFS options PSEUDOFS options GEOM_GPT options COMPAT_43 options COMPAT_FREEBSD4 options COMPAT_FREEBSD5 options SCSI_DELAY=2000 options KTRACE options VESA options COMPAT_LINUX options LINPROCFS options SMBFS options NETSMB options NETSMBCRYPTO options LIBMCHAIN options LIBICONV options ZERO_COPY_SOCKETS options SC_HISTORY_SIZE=4096 options INCLUDE_CONFIG_FILE options SYSVSHM options SHMMAXPGS=65535 options SHMMIN=2 options SHMMNI=128 options SHMSEG=128 options SYSVMSG options MSGMNB=16384 options MSGMNI=41 options MSGSEG=2049 options MSGSSZ=64 options MSGTQL=2048 options SYSVSEM options SEMMAP=31 options SEMMNI=40 options SEMMNS=240 options SEMMNU=120 options SEMMSL=61 options SEMOPM=101 options SEMUME=40 options _KPOSIX_PRIORITY_SCHEDULING options KBD_INSTALL_CDEV options SMP device apic device isa device pci device fdc device ata device atadisk device ataraid device atapicd device atapifd device atapist options ATA_STATIC_ID device ahc device ahd device aha device aic device bt device isp device ciss device iir device ips device mly device twa device scbus device ch device da device sa device cd device pass device ses device atkbdc device atkbd device psm device vga device splash device sc device agp device npx device sio device miibus device em device ixgb device bge device fxp device loop device mem device io device random device ether device pty device md device bpf device pf device pflog options MAXMEM=(1920*1024) From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 07:59:14 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACB4216A41F for ; Wed, 3 Aug 2005 07:59:14 +0000 (GMT) (envelope-from dave-sender-1932b5@seddon.ca) Received: from seddon.ca (seddon.ca [203.209.212.18]) by mx1.FreeBSD.org (Postfix) with SMTP id CF4E543D45 for ; Wed, 3 Aug 2005 07:59:13 +0000 (GMT) (envelope-from dave-sender-1932b5@seddon.ca) Received: (qmail 16809 invoked by uid 89); 3 Aug 2005 07:59:11 -0000 Received: by seddon.ca (tmda-sendmail, from uid 89); Wed, 03 Aug 2005 17:59:11 +1000 (EST) References: <1123040973.95445.TMDA@seddon.ca> <20050802225518.G53516@odysseus.silby.com> In-Reply-To: <20050802225518.G53516@odysseus.silby.com> To: freebsd-net@freebsd.org Date: Wed, 03 Aug 2005 17:59:10 +1000 Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit From: Dave+Seddon Message-ID: <1123055951.16791.TMDA@seddon.ca> X-Delivery-Agent: TMDA/1.0.3 (Seattle Slew) Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Dave+Seddon List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 07:59:14 -0000 Greetings, Thanks to everybody for their quick responces before. (I've also had another crack at my TMDA filter so hopefully my reply address will work this time). Last time I forgot to mention I was pulling the datafiles from a compaq raid system (ciss0: ). I had a large number of files with random content, so there was lots of waiting for disk. I've now setup MFS with not as many files. This seemed to bring back network stability. I also adjusted the TCP windows (net.inet.tcp.sendspace=65536, net.inet.tcp.recvspace=65536), but once on the MFS I found no change moving to the bigger window sizes (net.inet.tcp.sendspace=1024000, net.inet.tcp.recvspace=1024000). I've found that the polling settings all seem to be for 100MB/s not Gig, so I've edited /usr/src/sys/kern/kern_poll.c and increased the #define statements by at least 10: Before: #define MIN_POLL_BURST_MAX 10 #define MAX_POLL_BURST_MAX 1000 After: #define MIN_POLL_BURST_MAX 1000 #define MAX_POLL_BURST_MAX 10000 Then set /etc/sysctl.conf to -------------------- kern.polling.burst=5000 kern.polling.each_burst=1000 kern.polling.burst_max=8000 -------------------- Performance improved lots, although I was still seeing the "kern.polling.short_ticks" increasing rapidly. The /usr/src/sys/kern/kern_poll.c mentions that this means the poll rate is to high, so I dropped the HZ back to 10000 from 15000, and the problem has gone away. The server under siege is now stable with 60 concurrnet sessions, when before it could not handle this. The processes also seem to be in "accept" rather than "lockf". -------------------- last pid: 3469; load averages: 1.79, 1.70, 1.47 up 0+00:28:09 05:59:46 191 processes: 8 running, 183 sleeping CPU states: 2.0% user, 0.0% nice, 32.6% system, 48.0% interrupt, 17.4% idle Mem: 34M Active, 7180K Inact, 87M Wired, 29M Buf, 869M Free Swap: 2023M Total, 2023M Free PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU CPU COMMAND 616 www 4 0 3420K 2152K sbwait 1 0:07 0.39% 0.39% httpd 3305 www 4 0 3432K 2160K accept 1 0:07 0.34% 0.34% httpd 690 www 4 0 3420K 2152K accept 1 0:06 0.34% 0.34% httpd 664 www 4 0 3436K 2172K accept 1 0:06 0.29% 0.29% httpd 633 www 4 0 3436K 2172K accept 1 0:06 0.29% 0.29% httpd 651 www 4 0 3436K 2172K RUN 1 0:06 0.24% 0.24% httpd 3390 www 4 0 3432K 2160K accept 0 0:05 0.24% 0.24% httpd 612 www 4 0 3436K 2172K accept 1 0:07 0.20% 0.20% httpd 631 www 4 0 3436K 2172K accept 1 0:07 0.20% 0.20% httpd 621 www 4 0 3436K 2172K accept 1 0:06 0.15% 0.15% httpd 697 www 4 0 3436K 2172K RUN 1 0:06 0.15% 0.15% httpd 3380 www 4 0 3432K 2160K sbwait 1 0:06 0.15% 0.15% httpd 3392 www 4 0 3432K 2160K accept 1 0:05 0.15% 0.15% httpd 3397 www 4 0 3432K 2160K RUN 1 0:05 0.15% 0.15% httpd 3376 www 4 0 3432K 2160K accept 1 0:05 0.15% 0.15% httpd 3383 www 4 0 3432K 2160K accept 1 0:05 0.15% 0.15% httpd 3315 www 4 0 3432K 2160K accept 0 0:07 0.10% 0.10% httpd 3309 www 4 0 3432K 2160K sbwait 1 0:07 0.10% 0.10% httpd -------------------- This is another server under siege the same configuration, but without the POLL_BURST_MAX tweaks and HZ=15000. -------------------- last pid: 24068; load averages: 13.54, 5.40, 4.63 up 0+02:59:04 17:19:11 233 processes: 4 running, 228 sleeping, 1 zombie CPU states: 3.8% user, 0.0% nice, 31.8% system, 47.3% interrupt, 17.0% idle Mem: 46M Active, 8396K Inact, 105M Wired, 48K Cache, 33M Buf, 838M Free Swap: 2023M Total, 2023M Free PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU CPU COMMAND 4508 www 4 0 5040K 3256K sbwait 1 0:37 0.54% 0.54% httpd 4497 www 4 0 5040K 3256K sbwait 1 0:34 0.34% 0.34% httpd 4539 www 4 0 5040K 3256K sbwait 1 0:36 0.29% 0.29% httpd 4521 www 20 0 5040K 3256K lockf 1 0:34 0.29% 0.29% httpd 626 www 4 0 5040K 3252K sbwait 1 0:36 0.24% 0.24% httpd 4896 www 20 0 5040K 3256K lockf 1 0:35 0.24% 0.24% httpd 4522 www 4 0 5040K 3256K sbwait 0 0:34 0.24% 0.24% httpd 629 www 20 0 5040K 3252K lockf 1 0:35 0.20% 0.20% httpd 601 www 4 0 5040K 3252K sbwait 1 0:33 0.20% 0.20% httpd 600 www 20 0 5040K 3252K lockf 1 0:35 0.15% 0.15% httpd 674 www 20 0 5040K 3252K lockf 1 0:34 0.15% 0.15% httpd 4787 www 4 0 5040K 3256K sbwait 1 0:34 0.15% 0.15% httpd 669 www 20 0 5040K 3252K lockf 1 0:34 0.15% 0.15% httpd 4509 www 20 0 5040K 3256K lockf 1 0:32 0.15% 0.15% httpd 4486 www 20 0 5040K 3256K lockf 1 0:36 0.10% 0.10% httpd 4906 www 20 0 5040K 3256K lockf 1 0:36 0.10% 0.10% httpd 4542 www 20 0 5040K 3256K lockf 1 0:36 0.10% 0.10% httpd 607 www 4 0 5040K 3252K sbwait 1 0:35 0.10% 0.10% httpd 4510 www 4 0 5040K 3272K sbwait 1 0:35 0.10% 0.10% httpd -------------------- On both system the kern.polling.lost_polls is still increasing rapidly. I'm not sure what to do about this. ?? -------------------- kern.polling.lost_polls: 9605569 -------------------- Also the kern.polling.suspect is increasing similarly. I'm not sure what to do about this either. ?? ------------------ kern.polling.suspect: 608527 ------------------ Also thanks for the info on the VLAN searching. I think the adjustment you suggested sounds good, but at bit out of my league. It seems there are plent of things to tweak in the kernel still. BTW, I'd be interested to know people's thoughts on multiple IP stacks on FreeBSD. It would be really cool to be able to give a jail it's own IP stack bound to a VLAN interface. It could then be like a VRF on Cisco. Regards, Dave Seddon From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 08:39:07 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4246416A41F for ; Wed, 3 Aug 2005 08:39:07 +0000 (GMT) (envelope-from pieter@thedarkside.nl) Received: from mail.thelostparadise.com (129pc197.sshunet.nl [145.97.197.129]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1CC7943D55 for ; Wed, 3 Aug 2005 08:39:05 +0000 (GMT) (envelope-from pieter@thedarkside.nl) Received: from [195.16.84.92] (92-unused.virt-ix.net [195.16.84.92]) by mail.thelostparadise.com (8.13.1/8.13.1) with ESMTP id j738d3xa050211 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 3 Aug 2005 10:39:03 +0200 (CEST) (envelope-from pieter@thedarkside.nl) Message-ID: <42F082A2.1050908@thedarkside.nl> Date: Wed, 03 Aug 2005 10:38:58 +0200 From: Pieter de Boer User-Agent: Mozilla Thunderbird 1.0.5 (X11/20050720) X-Accept-Language: en-us, en MIME-Version: 1.0 References: <1123040973.95445.TMDA@seddon.ca> <20050802225518.G53516@odysseus.silby.com> In-Reply-To: <20050802225518.G53516@odysseus.silby.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Dave+Seddon , freebsd-net@freebsd.org Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 08:39:07 -0000 Mike Silbersack wrote: >> net.inet.tcp.sendspace=1024000 >> net.inet.tcp.recvspace=1024000 >> kern.ipc.maxsockbuf=20480000 > I don't think large socket buffers have been tested well, it's possible > that you're exhausting almost all of your mbufs with just a few > connections - if you're really stuffing that much data in. I'd go back > to the default settings for the above and try again. With the added note that the send/recv spaces should be 65535 * 2^x (which 1024000 isn't). I might add that there's still a bug in the calculation of the TCP window scale option with regards to the set window size, leading to a FreeBSD system advertising a too large recvspace, which makes setting this option right even more necessary. (http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/82470) -- Pieter From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 09:14:21 2005 Return-Path: X-Original-To: freebsd-net@hub.freebsd.org Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DEA1316A41F; Wed, 3 Aug 2005 09:14:21 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C3AE43D48; Wed, 3 Aug 2005 09:14:21 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from freefall.freebsd.org (rwatson@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j739ELsY083279; Wed, 3 Aug 2005 09:14:21 GMT (envelope-from rwatson@freefall.freebsd.org) Received: (from rwatson@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j739ELrO083275; Wed, 3 Aug 2005 09:14:21 GMT (envelope-from rwatson) Date: Wed, 3 Aug 2005 09:14:21 GMT From: Robert Watson Message-Id: <200508030914.j739ELrO083275@freefall.freebsd.org> To: rwatson@FreeBSD.org, freebsd-net@FreeBSD.org, silby@FreeBSD.org Cc: Subject: Re: kern/82470: FreeBSD advertises wrong window scale in some situations X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 09:14:22 -0000 Synopsis: FreeBSD advertises wrong window scale in some situations Responsible-Changed-From-To: freebsd-net->silby Responsible-Changed-By: rwatson Responsible-Changed-When: Wed Aug 3 09:13:49 GMT 2005 Responsible-Changed-Why: Chown to silby, who has recently been spending some quality time with TCP. http://www.freebsd.org/cgi/query-pr.cgi?pr=82470 From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 12:13:48 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5845716A41F for ; Wed, 3 Aug 2005 12:13:48 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from caine.easynet.fr (smarthost163.mail.easynet.fr [212.180.1.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 43D6A43D53 for ; Wed, 3 Aug 2005 12:13:46 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from easyconnect2121135-233.clients.easynet.fr ([212.11.35.233] helo=smtp.zeninc.net) by caine.easynet.fr with esmtp (Exim 4.50) id 1E0I80-0005ri-Ln for freebsd-net@freebsd.org; Wed, 03 Aug 2005 14:13:44 +0200 Received: by smtp.zeninc.net (smtpd, from userid 1000) id 934243F61; Wed, 3 Aug 2005 14:13:40 +0200 (CEST) Date: Wed, 3 Aug 2005 14:13:40 +0200 From: VANHULLEBUS Yvan To: freebsd-net@freebsd.org Message-ID: <20050803121340.GA28839@zen.inc> References: <42EFAEBE.8060905@seton.org> <20050802183007.GA13203@zeninc.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.28i Subject: Re: RE: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 12:13:48 -0000 On Tue, Aug 02, 2005 at 08:51:55PM +0000, Bjoern A. Zeeb wrote: [IPSec, NAT-T, IPR] > do you have more info about this? I asked for more informations from NetBSD team, waiting for answers. For ipsec-tools project, our decision for such IPR potential problems was to provide features as optionnal, and let users decide if they want to enable it, and ensure that they can use it. Yvan. From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 16:44:51 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 66D1016A41F; Wed, 3 Aug 2005 16:44:51 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [204.156.12.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1154143D46; Wed, 3 Aug 2005 16:44:51 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by cyrus.watson.org (Postfix) with ESMTP id 7895E46B88; Wed, 3 Aug 2005 12:44:50 -0400 (EDT) Date: Wed, 3 Aug 2005 17:47:13 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Ed Maste In-Reply-To: <20050803011806.GA32338@sandvine.com> Message-ID: <20050803173735.P23885@fledge.watson.org> References: <42CEF0EB.4000107@borderware.com> <42D006DB.8080108@errno.com> <20050712150224.GA38249@sandvine.com> <20050712162332.Q79478@fledge.watson.org> <20050712220452.GB38249@sandvine.com> <20050723012046.K40216@fledge.watson.org> <20050723013902.L40216@fledge.watson.org> <20050801190211.Q61500@fledge.watson.org> <20050803011806.GA32338@sandvine.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org, gnn@FreeBSD.org Subject: Re: what to replace splnet in FreeBSD 5.x? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 16:44:51 -0000 On Tue, 2 Aug 2005, Ed Maste wrote: >>> Spl-related cleanups (no longer useful documentation of old >>> synchronization in many places), lock order hard-coded into WITNESS >>> order rather than dynamically detected. >> >> Have you had a chance to run with this patch as yet? If possible, I'd >> like to get it merged to 7.x-CURRENT so we can backport it for 6.0. > > I finally got our local CVS repository back into shape and gave this > patch a try. Unfortunately got a panic as soon as our multicast app > started up: > > panic: _mtx_lock_sleep: recursed on non-recursive mutex in_multi_mtx @ > /d2/emaste/cvs_mcast/src/sys/netinet/ip_output.c:298 For now, we can flag in_multi_mtx as MTX_RECURSE in the mtx_init() call in in_var.h, but a better answer is probably desirable. Robert N M Watson > > cpuid = 0 > KDB: stack backtrace: > kdb_backtrace(100,a2894300,a07eba00,a07eba00,12a) at 0xa0586915 = kdb_backtrace+0x29 > panic(a071a883,a071f26e,a0729680,12a,a07eba00) at 0xa056eeb8 = panic+0x114 > _mtx_lock_sleep(a07eba00,a2894300,0,a0729680,12a) at 0xa05669cb = _mtx_lock_sleep+0x33 > _mtx_lock_flags(a07eba00,0,a0729680,12a,0) at 0xa05664ba = _mtx_lock_flags+0x8a > ip_output(a2645e00,a2649100,a07eb9b0,0,c8635b08) at 0xa05f7b0e = ip_output+0x3fe > igmp_sendpkt(a24b9de0,16,0,a24b9de0,c8635bb8) at 0xa05e292e = igmp_sendpkt+0x106 > igmp_joingroup(a24b9de0,a2504240,210,240600ef,0) at 0xa05e2642 = igmp_joingroup+0x92 > in_addmulti(c8635bcc,a23a1400,a23a1400,240600ef,1000001) at 0xa05e437e = in_addmulti+0x10e > ip_setmoptions(a272c7f8,c8635c90,a071a701,12c,0) at 0xa05f9278 = ip_setmoptions+0x3a0 > ip_ctloutput(a27c2650,c8635c90,a283a22c,0,a0722810) at 0xa05f8a57 = ip_ctloutput+0x36b > sosetopt(a27c2650,c8635c90,a26af798,1,0) at 0xa05a91ac = sosetopt+0x2c > kern_setsockopt(a2894300,b,0,c,9fbfcd60) at 0xa05ada71 = kern_setsockopt+0xb5 > setsockopt(a2894300,c8635d04,5,3,246) at 0xa05ad9ba = setsockopt+0x1e > syscall(81e003b,81e003b,9fbf003b,9fbfcd70,841fc28) at 0xa06c72fb = syscall+0x25b > > in_addmulti holds the in_multi_mtx when it calls _joingroup. > > I haven't yet looked over the whole patch to understand the > specifics. I'll post again once I do if I have any ideas. > > -- > Ed Maste, Sandvine Incorporated. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 21:40:45 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3DE2D16A41F for ; Wed, 3 Aug 2005 21:40:45 +0000 (GMT) (envelope-from stephane@enertiasoft.com) Received: from mx1.enertiatech.com (h204-9-110-143.enertiatech.com [204.9.110.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD2D743D45 for ; Wed, 3 Aug 2005 21:40:44 +0000 (GMT) (envelope-from stephane@enertiasoft.com) Received: from localhost (localhost [127.0.0.1]) by mx1.enertiatech.com (Postfix) with ESMTP id B86D36313 for ; Wed, 3 Aug 2005 15:40:20 -0600 (MDT) Received: from mx1.enertiatech.com ([127.0.0.1]) by localhost (mx1.enertiatech.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 67911-08 for ; Wed, 3 Aug 2005 15:40:18 -0600 (MDT) Received: from [10.0.0.34] (unknown [10.0.0.34]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.enertiatech.com (Postfix) with ESMTP id 6B51C62F8 for ; Wed, 3 Aug 2005 15:40:18 -0600 (MDT) Mime-Version: 1.0 (Apple Message framework v733) Content-Transfer-Encoding: 7bit Message-Id: Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed To: freebsd-net@freebsd.org From: Stephane Raimbault Date: Wed, 3 Aug 2005 15:40:39 -0600 X-Mailer: Apple Mail (2.733) X-Virus-Scanned: amavisd-new at enertiasoft.com Subject: How-to use CARP? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 21:40:45 -0000 Hi all, I'm having a bit of a problem running 5.4-RELEASE and carp. All the documentation that I read (man carp and other web based sources) indicate to simply create my carp interface as follows: ifconfig carp0 create However when I run this... I get the following error: # ifconfig carp0 create ifconfig: SIOCIFCREATE: Invalid argument # Any thoughts or comments that can steer me in the right direction would be appreciated. I'm sure I'm missing something obvious... here's my dmesg.boot # cat /var/run/dmesg.boot Copyright (c) 1992-2005 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.4-RELEASE #0: Sun May 8 10:21:06 UTC 2005 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC ACPI APIC Table: Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Pentium(R) 4 CPU 2.66GHz (2660.46-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf29 Stepping = 9 Features=0xbfebfbff real memory = 528416768 (503 MB) avail memory = 507523072 (484 MB) ioapic0 irqs 0-23 on motherboard npx0: on motherboard npx0: INT 16 interface acpi0: on motherboard acpi0: Power Button (fixed) Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0 cpu0: on acpi0 acpi_button0: on acpi0 pcib0: port 0xcf8-0xcff on acpi0 pci0: on pcib0 agp0: mem 0xec100000-0xec17ffff,0xe0000000-0xe7ffffff irq 16 at device 2.0 on pci0 agp0: detected 8060k stolen memory agp0: aperture size is 128M uhci0: port 0xb800-0xb81f irq 16 at device 29.0 on pci0 usb0: on uhci0 usb0: USB revision 1.0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1: port 0xb000-0xb01f irq 19 at device 29.1 on pci0 usb1: on uhci1 usb1: USB revision 1.0 uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2: port 0xb400-0xb41f irq 18 at device 29.2 on pci0 usb2: on uhci2 usb2: USB revision 1.0 uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered pci0: at device 29.7 (no driver attached) pcib1: at device 30.0 on pci0 pci1: on pcib1 em0: port 0xa000-0xa03f mem 0xec000000-0xec01ffff irq 22 at device 5.0 on pci1 em0: Ethernet address: 00:30:48:42:49:c4 em0: Speed:N/A Duplex:N/A em1: port 0xa400-0xa43f mem 0xec020000-0xec03ffff irq 23 at device 6.0 on pci1 em1: Ethernet address: 00:30:48:42:49:c5 em1: Speed:N/A Duplex:N/A isab0: at device 31.0 on pci0 isa0: on isab0 atapci0: port 0xcc00-0xcc0f, 0x376,0x170-0x177,0x3f6,0x1f0-0x1f7 at device 31.1 on pci0 ata0: channel #0 on atapci0 ata1: channel #1 on atapci0 pci0: at device 31.3 (no driver attached) acpi_tz0: on acpi0 fdc0: port 0x3f7,0x3f0-0x3f5 irq 6 drq 2 on acpi0 fd0: <1440-KB 3.5" drive> on fdc0 drive 0 sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A, console sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0 sio1: type 16550A ppc0: port 0x778-0x77b,0x378-0x37f irq 7 drq 3 on acpi0 ppc0: SMC-like chipset (ECP/EPP/PS2/NIBBLE) in COMPATIBLE mode ppc0: FIFO with 16/16/9 bytes threshold ppbus0: on ppc0 plip0: on ppbus0 lpt0: on ppbus0 lpt0: Interrupt-driven port ppi0: on ppbus0 atkbdc0: port 0x64,0x60 irq 1 on acpi0 atkbd0: irq 1 on atkbdc0 kbd0 at atkbd0 orm0: at iomem 0xce000-0xcf7ff,0xcc000-0xcd7ff on isa0 pmtimer0 on isa0 sc0: at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x100> vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 Timecounter "TSC" frequency 2660461336 Hz quality 800 Timecounters tick every 10.000 msec ad0: 38166MB [77545/16/63] at ata0- master UDMA100 acd0: CDROM at ata1-master PIO4 Mounting root from ufs:/dev/ad0s1a # Thank you, Stephane. From owner-freebsd-net@FreeBSD.ORG Wed Aug 3 23:16:36 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BB85816A420 for ; Wed, 3 Aug 2005 23:16:36 +0000 (GMT) (envelope-from dave-sender-1932b5@seddon.ca) Received: from seddon.ca (seddon.ca [203.209.212.18]) by mx1.FreeBSD.org (Postfix) with SMTP id D845543D49 for ; Wed, 3 Aug 2005 23:16:35 +0000 (GMT) (envelope-from dave-sender-1932b5@seddon.ca) Received: (qmail 91411 invoked by uid 89); 3 Aug 2005 23:16:33 -0000 Received: by seddon.ca (tmda-sendmail, from uid 89); Thu, 04 Aug 2005 09:16:32 +1000 (EST) References: <1123040973.95445.TMDA@seddon.ca> <20050802225518.G53516@odysseus.silby.com> <42F082A2.1050908@thedarkside.nl> In-Reply-To: <42F082A2.1050908@thedarkside.nl> To: freebsd-net@freebsd.org Date: Thu, 04 Aug 2005 09:16:31 +1000 Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit From: Dave+Seddon Message-ID: <1123110992.91393.TMDA@seddon.ca> X-Delivery-Agent: TMDA/1.0.3 (Seattle Slew) Subject: Re: running out of mbufs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Dave+Seddon List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 23:16:36 -0000 Perhaps a quick "fix" to the bug would be to output a message to the console when somebody tried to set the tcp.sendspace or tcp.recvspace space > 65535 * 2. Regards, Dave Seddon Pieter de Boer writes: > Mike Silbersack wrote: > >>> net.inet.tcp.sendspace=1024000 >>> net.inet.tcp.recvspace=1024000 >>> kern.ipc.maxsockbuf=20480000 >> I don't think large socket buffers have been tested well, it's possible >> that you're exhausting almost all of your mbufs with just a few >> connections - if you're really stuffing that much data in. I'd go back >> to the default settings for the above and try again. > > With the added note that the send/recv spaces should be 65535 * 2^x (which > 1024000 isn't). I might add that there's still a bug in the calculation of > the TCP window scale option with regards to the set window size, leading > to a FreeBSD system advertising a too large recvspace, which makes setting > this option right even more necessary. > (http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/82470) > > -- > Pieter > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 07:36:02 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC76816A41F for ; Thu, 4 Aug 2005 07:36:02 +0000 (GMT) (envelope-from darcy@wavefire.com) Received: from freebsd4.homenet.dbitech.bc.ca (S010600a08330057a.ok.shawcable.net [24.71.51.191]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5577843D45 for ; Thu, 4 Aug 2005 07:36:01 +0000 (GMT) (envelope-from darcy@wavefire.com) Received: from localhost (localhost [127.0.0.1]) by freebsd4.homenet.dbitech.bc.ca (8.13.3/8.13.1) with ESMTP id j746w2vS098572 for ; Wed, 3 Aug 2005 23:58:07 -0700 (PDT) (envelope-from darcy@wavefire.com) Date: Wed, 3 Aug 2005 23:58:02 -0700 (PDT) From: Darcy Buskermolen X-X-Sender: darcy@freebsd4.homenet.dbitech.bc.ca To: freebsd-net@freebsd.org Message-ID: <20050803235302.O98559@freebsd4.homenet.dbitech.bc.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: inet6_pfil_hook undefined on -HEAD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 07:36:03 -0000 In an effort to test the bridge device, I followed the instructions in man if_bridge to create the bridge, I received an SIOCIFCREATE Invalid argument, so I figured I needed to load the bridging code module. When I attempt to kldload if_bridge I get the above error. If any further information is needed please feel free to ask, and I will endevore to provide answers. From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 07:46:55 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FDDE16A41F for ; Thu, 4 Aug 2005 07:46:55 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from caine.easynet.fr (smarthost163.mail.easynet.fr [212.180.1.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id F398B43D4C for ; Thu, 4 Aug 2005 07:46:54 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from easyconnect2121135-233.clients.easynet.fr ([212.11.35.233] helo=smtp.zeninc.net) by caine.easynet.fr with esmtp (Exim 4.50) id 1E0aRI-0003Dy-9r for freebsd-net@freebsd.org; Thu, 04 Aug 2005 09:46:52 +0200 Received: by smtp.zeninc.net (smtpd, from userid 1000) id E869B3F61; Thu, 4 Aug 2005 09:46:42 +0200 (CEST) Date: Thu, 4 Aug 2005 09:46:42 +0200 From: VANHULLEBUS Yvan To: freebsd-net@freebsd.org Message-ID: <20050804074642.GA3437@zen.inc> References: <42EFAEBE.8060905@seton.org> <20050802183007.GA13203@zeninc.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.28i Subject: Re: RE: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 07:46:55 -0000 On Tue, Aug 02, 2005 at 08:51:55PM +0000, Bjoern A. Zeeb wrote: [NAT-T, IPR, etc....] > > More infos about that may be get from Emmanuel Dreyfus, a NetBSD > > developper and a member of the ipsec-tools team, which made the NetBSD > > NAT-T support, and told me a few month ago that NetBSD lawyers were > > looking at that potential IPR issue. > > do you have more info about this? Ok, I have more informations about what have been done for NetBSD: There are known patents which may covert some parts of NAT-T, but those patents are very unclear, and it is very difficult to see if they really cover some parts of the NAT-T process, and it is still more unclear if they are valid. So, the solution choosen for NetBSD is the same as for ipsec-tools: it is enabled by an option, and it is specified in the documentation that "some parts of this code may be patent encumbered in some countries". I also asked a few months ago what have changed for OpenBSD (they told some years ago that they woudn't implement NAT-T until no all potential IPR problems were solved, then they implemented NAT-T), but had no real answer. Yvan. From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 08:15:02 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 635E016A41F for ; Thu, 4 Aug 2005 08:15:02 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from postfix4-1.free.fr (postfix4-1.free.fr [213.228.0.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C13243D46 for ; Thu, 4 Aug 2005 08:15:01 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98]) by postfix4-1.free.fr (Postfix) with ESMTP id F22B1319DCD; Thu, 4 Aug 2005 10:15:00 +0200 (CEST) Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000) id 877FF405C; Thu, 4 Aug 2005 10:15:17 +0200 (CEST) Date: Thu, 4 Aug 2005 10:15:17 +0200 From: Jeremie Le Hen To: Stephane Raimbault Message-ID: <20050804081517.GQ45385@obiwan.tataz.chchile.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.9i Cc: freebsd-net@freebsd.org Subject: Re: How-to use CARP? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 08:15:02 -0000 Hi Stephane, > I'm having a bit of a problem running 5.4-RELEASE and carp. All the > documentation that I read (man carp and other web based sources) > indicate to simply create my carp interface as follows: > > ifconfig carp0 create > > However when I run this... I get the following error: > > # ifconfig carp0 create > ifconfig: SIOCIFCREATE: Invalid argument > # Add "device carp" to you kernel configuration file and recompile. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 09:42:54 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7779B16A41F for ; Thu, 4 Aug 2005 09:42:54 +0000 (GMT) (envelope-from thompsa@freebsd.org) Received: from heff.fud.org.nz (60-234-149-201.bitstream.orcon.net.nz [60.234.149.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B3A643D49 for ; Thu, 4 Aug 2005 09:42:53 +0000 (GMT) (envelope-from thompsa@freebsd.org) Received: by heff.fud.org.nz (Postfix, from userid 1001) id 8175E1CCD4; Thu, 4 Aug 2005 21:42:52 +1200 (NZST) Date: Thu, 4 Aug 2005 21:42:52 +1200 From: Andrew Thompson To: Darcy Buskermolen Message-ID: <20050804094252.GA37921@heff.fud.org.nz> References: <20050803235302.O98559@freebsd4.homenet.dbitech.bc.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050803235302.O98559@freebsd4.homenet.dbitech.bc.ca> User-Agent: Mutt/1.4.2.1i Cc: freebsd-net@freebsd.org Subject: Re: inet6_pfil_hook undefined on -HEAD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 09:42:54 -0000 On Wed, Aug 03, 2005 at 11:58:02PM -0700, Darcy Buskermolen wrote: > In an effort to test the bridge device, I followed the instructions in > man if_bridge to create the bridge, I received an SIOCIFCREATE Invalid > argument, so I figured I needed to load the bridging code module. When I > attempt to kldload if_bridge I get the above error. > It looks like you have built your kernel without INET6 and are loading if_bridge as a module (automatically from ifconfig). Modules are built independently from the kernel so you will need to put NO_INET6=yes in your /etc/make.conf and rebuild the module (cd /sys/modules/if_bridge; make; make install clean) cheers, Andrew From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 16:54:38 2005 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D6D7016A41F for ; Thu, 4 Aug 2005 16:54:38 +0000 (GMT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: from bewilderbeast.blackhelicopters.org (bewilderbeast.blackhelicopters.org [198.22.63.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2831F43D48 for ; Thu, 4 Aug 2005 16:54:38 +0000 (GMT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: from bewilderbeast.blackhelicopters.org (mwlucas@localhost [127.0.0.1]) by bewilderbeast.blackhelicopters.org (8.12.10/8.12.10) with ESMTP id j74GsbNT045426 for ; Thu, 4 Aug 2005 12:54:37 -0400 (EDT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: (from mwlucas@localhost) by bewilderbeast.blackhelicopters.org (8.12.10/8.12.10/Submit) id j74GsbLl045425 for net@freebsd.org; Thu, 4 Aug 2005 12:54:37 -0400 (EDT) (envelope-from mwlucas) Date: Thu, 4 Aug 2005 12:54:37 -0400 From: "Michael W. Lucas" To: net@freebsd.org Message-ID: <20050804165437.GA45366@bewilderbeast.blackhelicopters.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Spam-Score: (0) X-Scanned-By: MIMEDefang 2.39 Cc: Subject: rstp & FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 16:54:39 -0000 I'm sure we support rstp Ethernet for redundancy, but damned if I can find the documentation. Any suggestions? The hard part of any UNIX is knowing which man page to read. :-) ==ml -- Michael W. Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org http://www.BlackHelicopters.org/~mwlucas/ "The cloak of anonymity protects me from the nuisance of caring." -Non Sequitur From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 18:17:04 2005 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5DB8716A41F for ; Thu, 4 Aug 2005 18:17:04 +0000 (GMT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACF1943D45 for ; Thu, 4 Aug 2005 18:17:03 +0000 (GMT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.13.0/8.13.0) with ESMTP id j74IGkFA022155; Thu, 4 Aug 2005 11:16:46 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.13.0/8.13.0/Submit) id j74IGkIh022154; Thu, 4 Aug 2005 11:16:46 -0700 Date: Thu, 4 Aug 2005 11:16:46 -0700 From: Brooks Davis To: "Michael W. Lucas" Message-ID: <20050804181646.GB7946@odin.ac.hmc.edu> References: <20050804165437.GA45366@bewilderbeast.blackhelicopters.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="yEPQxsgoJgBvi8ip" Content-Disposition: inline In-Reply-To: <20050804165437.GA45366@bewilderbeast.blackhelicopters.org> User-Agent: Mutt/1.4.1i X-Virus-Scanned: by amavisd-new X-Spam-Status: No, hits=0.0 required=8.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on odin.ac.hmc.edu Cc: net@freebsd.org Subject: Re: rstp & FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 18:17:04 -0000 --yEPQxsgoJgBvi8ip Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 04, 2005 at 12:54:37PM -0400, Michael W. Lucas wrote: >=20 > I'm sure we support rstp Ethernet for redundancy, but damned if I can > find the documentation. Any suggestions? I don't think we have any RSTP code in the tree. We recently aquired an STP implementation in if_bridge, but not RSTP. It's not immediatly clear to me how a host would use RSTP for redundency. I suppose you could use a virtual interface and two ports that pretended to be switch ports that talked RSTP? If RSTP were added to if_bridge, I think that would be easy to do. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --yEPQxsgoJgBvi8ip Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC8luNXY6L6fI4GtQRAgq/AJ9215UqMaxoCn5Yubz374OkTVkfSgCfSzEt klReSQx8FJG45JGDFr2EGBw= =i7Xs -----END PGP SIGNATURE----- --yEPQxsgoJgBvi8ip-- From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 18:26:10 2005 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B127B16A41F for ; Thu, 4 Aug 2005 18:26:10 +0000 (GMT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: from bewilderbeast.blackhelicopters.org (bewilderbeast.blackhelicopters.org [198.22.63.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id E19DF43D48 for ; Thu, 4 Aug 2005 18:26:09 +0000 (GMT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: from bewilderbeast.blackhelicopters.org (mwlucas@localhost [127.0.0.1]) by bewilderbeast.blackhelicopters.org (8.12.10/8.12.10) with ESMTP id j74IQ7NT046089; Thu, 4 Aug 2005 14:26:08 -0400 (EDT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: (from mwlucas@localhost) by bewilderbeast.blackhelicopters.org (8.12.10/8.12.10/Submit) id j74IQ7Js046088; Thu, 4 Aug 2005 14:26:07 -0400 (EDT) (envelope-from mwlucas) Date: Thu, 4 Aug 2005 14:26:07 -0400 From: "Michael W. Lucas" To: Brooks Davis Message-ID: <20050804182607.GA46067@bewilderbeast.blackhelicopters.org> References: <20050804165437.GA45366@bewilderbeast.blackhelicopters.org> <20050804181646.GB7946@odin.ac.hmc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050804181646.GB7946@odin.ac.hmc.edu> User-Agent: Mutt/1.4.1i X-Spam-Score: (0) X-Scanned-By: MIMEDefang 2.39 Cc: "Michael W. Lucas" , net@freebsd.org Subject: Re: rstp & FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 18:26:10 -0000 On Thu, Aug 04, 2005 at 11:16:46AM -0700, Brooks Davis wrote: > On Thu, Aug 04, 2005 at 12:54:37PM -0400, Michael W. Lucas wrote: > > > > I'm sure we support rstp Ethernet for redundancy, but damned if I can > > find the documentation. Any suggestions? > > I don't think we have any RSTP code in the tree. We recently aquired an > STP implementation in if_bridge, but not RSTP. > > It's not immediatly clear to me how a host would use RSTP for > redundency. I suppose you could use a virtual interface and two ports > that pretended to be switch ports that talked RSTP? If RSTP were added > to if_bridge, I think that would be easy to do. I think I'm asking my question wrong, my apologies. Let me try again: "I want to have my FreeBSD server plugged into two switches, so that if one switch fails I get uninterrupted service. The switches fail over with RSTP. I'm sure people do this, which man page should I read?" Thanks, ==ml -- Michael W. Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org http://www.BlackHelicopters.org/~mwlucas/ "The cloak of anonymity protects me from the nuisance of caring." -Non Sequitur From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 19:01:47 2005 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF6B416A41F for ; Thu, 4 Aug 2005 19:01:47 +0000 (GMT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6D07443D46 for ; Thu, 4 Aug 2005 19:01:47 +0000 (GMT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.13.0/8.13.0) with ESMTP id j74J1jcg026039; Thu, 4 Aug 2005 12:01:45 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.13.0/8.13.0/Submit) id j74J1jW9026038; Thu, 4 Aug 2005 12:01:45 -0700 Date: Thu, 4 Aug 2005 12:01:45 -0700 From: Brooks Davis To: "Michael W. Lucas" Message-ID: <20050804190145.GD7946@odin.ac.hmc.edu> References: <20050804165437.GA45366@bewilderbeast.blackhelicopters.org> <20050804181646.GB7946@odin.ac.hmc.edu> <20050804182607.GA46067@bewilderbeast.blackhelicopters.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Km1U/tdNT/EmXiR1" Content-Disposition: inline In-Reply-To: <20050804182607.GA46067@bewilderbeast.blackhelicopters.org> User-Agent: Mutt/1.4.1i X-Virus-Scanned: by amavisd-new X-Spam-Status: No, hits=0.0 required=8.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on odin.ac.hmc.edu Cc: net@freebsd.org Subject: Re: rstp & FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 19:01:47 -0000 --Km1U/tdNT/EmXiR1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 04, 2005 at 02:26:07PM -0400, Michael W. Lucas wrote: > On Thu, Aug 04, 2005 at 11:16:46AM -0700, Brooks Davis wrote: > > On Thu, Aug 04, 2005 at 12:54:37PM -0400, Michael W. Lucas wrote: > > >=20 > > > I'm sure we support rstp Ethernet for redundancy, but damned if I can > > > find the documentation. Any suggestions? > >=20 > > I don't think we have any RSTP code in the tree. We recently aquired an > > STP implementation in if_bridge, but not RSTP. > >=20 > > It's not immediatly clear to me how a host would use RSTP for > > redundency. I suppose you could use a virtual interface and two ports > > that pretended to be switch ports that talked RSTP? If RSTP were added > > to if_bridge, I think that would be easy to do. >=20 > I think I'm asking my question wrong, my apologies. Let me try again: >=20 > "I want to have my FreeBSD server plugged into two switches, so that > if one switch fails I get uninterrupted service. The switches fail > over with RSTP. I'm sure people do this, which man page should I > read?" I'm not sure. You might be able to do it with ng_one2many. I think if_bridge (plus RSTP) might actually be the closest to what you want, but it's not available yet. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --Km1U/tdNT/EmXiR1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC8mYZXY6L6fI4GtQRAoBLAJ9WhWNoHbi1yAc3JLgl1xeeLCgR4wCdHWj4 AvCxzwbZNCe7bp7zlwFEcGs= =DlTA -----END PGP SIGNATURE----- --Km1U/tdNT/EmXiR1-- From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 19:02:52 2005 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DBD416A41F for ; Thu, 4 Aug 2005 19:02:52 +0000 (GMT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: from bewilderbeast.blackhelicopters.org (bewilderbeast.blackhelicopters.org [198.22.63.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 122F143D46 for ; Thu, 4 Aug 2005 19:02:51 +0000 (GMT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: from bewilderbeast.blackhelicopters.org (mwlucas@localhost [127.0.0.1]) by bewilderbeast.blackhelicopters.org (8.12.10/8.12.10) with ESMTP id j74J2nNT046290; Thu, 4 Aug 2005 15:02:50 -0400 (EDT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: (from mwlucas@localhost) by bewilderbeast.blackhelicopters.org (8.12.10/8.12.10/Submit) id j74J2nja046289; Thu, 4 Aug 2005 15:02:49 -0400 (EDT) (envelope-from mwlucas) Date: Thu, 4 Aug 2005 15:02:49 -0400 From: "Michael W. Lucas" To: Brooks Davis Message-ID: <20050804190249.GA46277@bewilderbeast.blackhelicopters.org> References: <20050804165437.GA45366@bewilderbeast.blackhelicopters.org> <20050804181646.GB7946@odin.ac.hmc.edu> <20050804182607.GA46067@bewilderbeast.blackhelicopters.org> <20050804190145.GD7946@odin.ac.hmc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050804190145.GD7946@odin.ac.hmc.edu> User-Agent: Mutt/1.4.1i X-Spam-Score: (0) X-Scanned-By: MIMEDefang 2.39 Cc: "Michael W. Lucas" , net@freebsd.org Subject: Re: rstp & FreeBSD X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 19:02:52 -0000 On Thu, Aug 04, 2005 at 12:01:45PM -0700, Brooks Davis wrote: > On Thu, Aug 04, 2005 at 02:26:07PM -0400, Michael W. Lucas wrote: > > On Thu, Aug 04, 2005 at 11:16:46AM -0700, Brooks Davis wrote: > > > On Thu, Aug 04, 2005 at 12:54:37PM -0400, Michael W. Lucas wrote: > > > > > > > > I'm sure we support rstp Ethernet for redundancy, but damned if I can > > > > find the documentation. Any suggestions? > > > > > > I don't think we have any RSTP code in the tree. We recently aquired an > > > STP implementation in if_bridge, but not RSTP. > > > > > > It's not immediatly clear to me how a host would use RSTP for > > > redundency. I suppose you could use a virtual interface and two ports > > > that pretended to be switch ports that talked RSTP? If RSTP were added > > > to if_bridge, I think that would be easy to do. > > > > I think I'm asking my question wrong, my apologies. Let me try again: > > > > "I want to have my FreeBSD server plugged into two switches, so that > > if one switch fails I get uninterrupted service. The switches fail > > over with RSTP. I'm sure people do this, which man page should I > > read?" > > I'm not sure. You might be able to do it with ng_one2many. I think > if_bridge (plus RSTP) might actually be the closest to what you want, > but it's not available yet. one2many sure looks like it, I'll give it a try. ==ml -- Michael W. Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org http://www.BlackHelicopters.org/~mwlucas/ "The cloak of anonymity protects me from the nuisance of caring." -Non Sequitur From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 20:18:15 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA50316A41F for ; Thu, 4 Aug 2005 20:18:15 +0000 (GMT) (envelope-from MGrooms@seton.org) Received: from mx2-out.seton.org (mx2-out.seton.org [65.118.63.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6224343D48 for ; Thu, 4 Aug 2005 20:18:15 +0000 (GMT) (envelope-from MGrooms@seton.org) Received: from localhost (unknown [127.0.0.1]) by mx2-out.seton.org (Postfix) with ESMTP id 896DE8D1 for ; Thu, 4 Aug 2005 15:18:14 -0500 (CDT) Received: from mx2-out.seton.org ([10.21.254.241]) by localhost (mx2 [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 21919-24 for ; Thu, 4 Aug 2005 15:18:14 -0500 (CDT) Received: from ausexfe02.seton.org (unknown [10.20.10.186]) by mx2-out.seton.org (Postfix) with ESMTP id 7AF4A887 for ; Thu, 4 Aug 2005 15:18:14 -0500 (CDT) Received: from [10.20.160.190] ([10.20.160.190]) by ausexfe02.seton.org with Microsoft SMTPSVC(6.0.3790.211); Thu, 4 Aug 2005 15:18:14 -0500 Message-ID: <42F27951.20808@seton.org> Date: Thu, 04 Aug 2005 15:23:45 -0500 From: Matthew Grooms Organization: Seton Healthcare Network User-Agent: Mozilla Thunderbird 1.0.5 (Windows/20050711) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 04 Aug 2005 20:18:14.0195 (UTC) FILETIME=[A47BC830:01C59931] X-Virus-Scanned: by amavisd-new at seton.org Subject: RE: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 20:18:15 -0000 Not sure if this helps at all, but I did some searching a bit to read others comments concerning the NAT-T / IPR debate. These two documents get mentioned repeatedly and would appear to have something to do with other vendors decision to adopt NAT-T support. http://www.ietf.org/ietf/IPR/MICROSOFT-NAT-Traversal.txt http://www.ietf.org/ietf/IPR/SSH-NAT There was also some mention of a third claim but it was hard to find details on the subject. Lastly, some people voiced concerns regarding the application of NAT-T to IKEv2 as the first of the two disclosures mention the IKEv1 RFC specifically where the other is quite broad. I can't imagine anyone is actively defending any patent claims here with so many implementations of IKE / NAT-T out there. Would a group such as the FreeBSD Foundation be able to help find answers to legal questions such as this? reference : www.google.com -> nat-t patent ipsec -Matthew From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 20:30:10 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DBB8E16A41F for ; Thu, 4 Aug 2005 20:30:10 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6FD8D43D45 for ; Thu, 4 Aug 2005 20:30:10 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id BDF1D1FF9AB; Thu, 4 Aug 2005 22:30:07 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id 936E21FF9A8; Thu, 4 Aug 2005 22:30:05 +0200 (CEST) Received: by mail.int.zabbadoz.net (Postfix, from userid 1060) id C48171560B; Thu, 4 Aug 2005 20:29:57 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.int.zabbadoz.net (Postfix) with ESMTP id BA27415329; Thu, 4 Aug 2005 20:29:57 +0000 (UTC) Date: Thu, 4 Aug 2005 20:29:57 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net To: Matthew Grooms In-Reply-To: <42F27951.20808@seton.org> Message-ID: References: <42F27951.20808@seton.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de Cc: freebsd-net@freebsd.org Subject: RE: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 20:30:11 -0000 On Thu, 4 Aug 2005, Matthew Grooms wrote: > Not sure if this helps at all, but I did some searching a bit to read > others comments concerning the NAT-T / IPR debate. These two documents > get mentioned repeatedly and would appear to have something to do with > other vendors decision to adopt NAT-T support. > > http://www.ietf.org/ietf/IPR/MICROSOFT-NAT-Traversal.txt > http://www.ietf.org/ietf/IPR/SSH-NAT > > There was also some mention of a third claim but it was hard to find > details on the subject. Lastly, some people voiced concerns regarding ietf.org -> IPR -> Search -> NAT-T https://datatracker.ietf.org/public/ipr_detail_show.cgi?&ipr_id=88 ? > the application of NAT-T to IKEv2 as the first of the two disclosures > mention the IKEv1 RFC specifically where the other is quite broad. > > I can't imagine anyone is actively defending any patent claims here with > so many implementations of IKE / NAT-T out there. Would a group such as > the FreeBSD Foundation be able to help find answers to legal questions > such as this? I had hoped to get a clear answer after I heared that NetBSD had started on this but why does nobody send mail to those people listed as contacts and asks? -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 21:34:29 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 262A016A41F for ; Thu, 4 Aug 2005 21:34:29 +0000 (GMT) (envelope-from MGrooms@seton.org) Received: from mx2-out.seton.org (mx2-out.seton.org [65.118.63.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id B047A43D45 for ; Thu, 4 Aug 2005 21:34:26 +0000 (GMT) (envelope-from MGrooms@seton.org) Received: from localhost (unknown [127.0.0.1]) by mx2-out.seton.org (Postfix) with ESMTP id D0CF41213; Thu, 4 Aug 2005 16:34:25 -0500 (CDT) Received: from mx2-out.seton.org ([10.21.254.241]) by localhost (mx2 [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 22244-40; Thu, 4 Aug 2005 16:34:25 -0500 (CDT) Received: from ausexfe02.seton.org (unknown [10.20.10.186]) by mx2-out.seton.org (Postfix) with ESMTP id C1FC1763; Thu, 4 Aug 2005 16:34:25 -0500 (CDT) Received: from [10.20.160.190] ([10.20.160.190]) by ausexfe02.seton.org with Microsoft SMTPSVC(6.0.3790.211); Thu, 4 Aug 2005 16:34:25 -0500 Message-ID: <42F28B2C.40402@seton.org> Date: Thu, 04 Aug 2005 16:39:56 -0500 From: Matthew Grooms Organization: Seton Healthcare Network User-Agent: Mozilla Thunderbird 1.0.5 (Windows/20050711) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Bjoern A. Zeeb" References: <42F27951.20808@seton.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 04 Aug 2005 21:34:25.0709 (UTC) FILETIME=[495175D0:01C5993C] X-Virus-Scanned: by amavisd-new at seton.org Cc: freebsd-net@freebsd.org Subject: Re: NAT-T support for IPSec stack X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 21:34:29 -0000 Bjoern A. Zeeb wrote: > On Thu, 4 Aug 2005, Matthew Grooms wrote: > >>There was also some mention of a third claim but it was hard to find >>details on the subject. Lastly, some people voiced concerns regarding > > ietf.org -> IPR -> Search -> NAT-T > > https://datatracker.ietf.org/public/ipr_detail_show.cgi?&ipr_id=88 > > ? > Software patents suck. The one I was referring to concerned a third claim also by Microsoft regarding IKEv2. As I said before, I found mention of ( by an ssh.com employee ) but no further details. Here is the reference ... http://www.vpnc.org/ietf-ipsec/03.ipsec/msg01797.html > > I had hoped to get a clear answer after I heared that NetBSD had > started on this but why does nobody send mail to those people listed > as contacts and asks? > Sorry man, I was just trying to be helpful. Do you mean the contacts listed along with the IP disclosures? -Matthew From owner-freebsd-net@FreeBSD.ORG Thu Aug 4 23:45:17 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9AC1416A41F for ; Thu, 4 Aug 2005 23:45:17 +0000 (GMT) (envelope-from stephane@enertiasoft.com) Received: from mx1.enertiatech.com (h204-9-110-143.enertiatech.com [204.9.110.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F85C43D45 for ; Thu, 4 Aug 2005 23:45:17 +0000 (GMT) (envelope-from stephane@enertiasoft.com) Received: from localhost (localhost [127.0.0.1]) by mx1.enertiatech.com (Postfix) with ESMTP id 9AEAC632C; Thu, 4 Aug 2005 17:44:46 -0600 (MDT) Received: from mx1.enertiatech.com ([127.0.0.1]) by localhost (mx1.enertiatech.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 21931-01; Thu, 4 Aug 2005 17:44:45 -0600 (MDT) Received: from [10.0.0.34] (unknown [10.0.0.34]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.enertiatech.com (Postfix) with ESMTP id E6B53632B; Thu, 4 Aug 2005 17:44:45 -0600 (MDT) In-Reply-To: <20050804081517.GQ45385@obiwan.tataz.chchile.org> References: <20050804081517.GQ45385@obiwan.tataz.chchile.org> Mime-Version: 1.0 (Apple Message framework v733) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <9262C743-C889-4165-BF71-B63633E87042@enertiasoft.com> Content-Transfer-Encoding: 7bit From: Stephane Raimbault Date: Thu, 4 Aug 2005 17:45:10 -0600 To: Jeremie Le Hen X-Mailer: Apple Mail (2.733) X-Virus-Scanned: amavisd-new at enertiasoft.com Cc: freebsd-net@freebsd.org Subject: Re: How-to use CARP? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2005 23:45:17 -0000 Thank you, that was it. Am I correct to say that pfsync is not available in 5.4 but will be available in 6.0 and/or in 5.5 ? Thanks, Stephane On 4-Aug-05, at 2:15 AM, Jeremie Le Hen wrote: > Hi Stephane, > > >> I'm having a bit of a problem running 5.4-RELEASE and carp. All the >> documentation that I read (man carp and other web based sources) >> indicate to simply create my carp interface as follows: >> >> ifconfig carp0 create >> >> However when I run this... I get the following error: >> >> # ifconfig carp0 create >> ifconfig: SIOCIFCREATE: Invalid argument >> # >> > > Add "device carp" to you kernel configuration file and recompile. > > Regards, > -- > Jeremie Le Hen > < jeremie at le-hen dot org >< ttz at chchile dot org > > From owner-freebsd-net@FreeBSD.ORG Fri Aug 5 00:10:41 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C867C16A41F for ; Fri, 5 Aug 2005 00:10:41 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from lapdance.yazzy.net (mail.yazzy.org [217.8.140.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 458AD43D45 for ; Fri, 5 Aug 2005 00:10:40 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from localhost (localhost [127.0.0.1]) by lapdance.yazzy.net (8.13.4/8.13.4) with SMTP id j750AVB1002575; Fri, 5 Aug 2005 02:10:32 +0200 (CEST) (envelope-from lists@yazzy.org) Date: Fri, 5 Aug 2005 02:10:31 +0200 From: Marcin Jessa To: Stephane Raimbault Message-Id: <20050805021031.21dbcf52.lists@yazzy.org> In-Reply-To: References: Organization: YazzY.org X-Mailer: Sylpheed version 2.0.0 (GTK+ 2.6.7; i386-portbld-freebsd6.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: How-to use CARP? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Aug 2005 00:10:41 -0000 Hi. Here is a good link http://www.countersiege.com/doc/pfsync-carp/ Cheers, Marcin Jessa On Wed, 3 Aug 2005 15:40:39 -0600 Stephane Raimbault wrote: > Hi all, > > I'm having a bit of a problem running 5.4-RELEASE and carp. All the > documentation that I read (man carp and other web based sources) > indicate to simply create my carp interface as follows: > > ifconfig carp0 create > > However when I run this... I get the following error: > > # ifconfig carp0 create > ifconfig: SIOCIFCREATE: Invalid argument > # > > > Any thoughts or comments that can steer me in the right direction > would be appreciated. > > > I'm sure I'm missing something obvious... here's my dmesg.boot > > > # cat /var/run/dmesg.boot > Copyright (c) 1992-2005 The FreeBSD Project. > Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 > The Regents of the University of California. All rights > reserved. > FreeBSD 5.4-RELEASE #0: Sun May 8 10:21:06 UTC 2005 > root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC > ACPI APIC Table: > Timecounter "i8254" frequency 1193182 Hz quality 0 > CPU: Intel(R) Pentium(R) 4 CPU 2.66GHz (2660.46-MHz 686-class CPU) > Origin = "GenuineIntel" Id = 0xf29 Stepping = 9 > > Features=0xbfebfbff ,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> > real memory = 528416768 (503 MB) > avail memory = 507523072 (484 MB) > ioapic0 irqs 0-23 on motherboard > npx0: on motherboard > npx0: INT 16 interface > acpi0: on motherboard > acpi0: Power Button (fixed) > Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000 > acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0 > cpu0: on acpi0 > acpi_button0: on acpi0 > pcib0: port 0xcf8-0xcff on acpi0 > pci0: on pcib0 > agp0: mem > 0xec100000-0xec17ffff,0xe0000000-0xe7ffffff irq 16 at device 2.0 on pci0 > agp0: detected 8060k stolen memory > agp0: aperture size is 128M > uhci0: port 0xb800-0xb81f > irq 16 at device 29.0 on pci0 > usb0: on uhci0 > usb0: USB revision 1.0 > uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 > uhub0: 2 ports with 2 removable, self powered > uhci1: port 0xb000-0xb01f > irq 19 at device 29.1 on pci0 > usb1: on uhci1 > usb1: USB revision 1.0 > uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 > uhub1: 2 ports with 2 removable, self powered > uhci2: port 0xb400-0xb41f > irq 18 at device 29.2 on pci0 > usb2: on uhci2 > usb2: USB revision 1.0 > uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 > uhub2: 2 ports with 2 removable, self powered > pci0: at device 29.7 (no driver attached) > pcib1: at device 30.0 on pci0 > pci1: on pcib1 > em0: port > 0xa000-0xa03f mem 0xec000000-0xec01ffff irq 22 at device 5.0 on pci1 > em0: Ethernet address: 00:30:48:42:49:c4 > em0: Speed:N/A Duplex:N/A > em1: port > 0xa400-0xa43f mem 0xec020000-0xec03ffff irq 23 at device 6.0 on pci1 > em1: Ethernet address: 00:30:48:42:49:c5 > em1: Speed:N/A Duplex:N/A > isab0: at device 31.0 on pci0 > isa0: on isab0 > atapci0: port 0xcc00-0xcc0f, > 0x376,0x170-0x177,0x3f6,0x1f0-0x1f7 at device 31.1 on pci0 > ata0: channel #0 on atapci0 > ata1: channel #1 on atapci0 > pci0: at device 31.3 (no driver attached) > acpi_tz0: on acpi0 > fdc0: port 0x3f7,0x3f0-0x3f5 irq 6 drq 2 on > acpi0 > fd0: <1440-KB 3.5" drive> on fdc0 drive 0 > sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 > on acpi0 > sio0: type 16550A, console > sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0 > sio1: type 16550A > ppc0: port 0x778-0x77b,0x378-0x37f irq 7 > drq 3 on acpi0 > ppc0: SMC-like chipset (ECP/EPP/PS2/NIBBLE) in COMPATIBLE mode > ppc0: FIFO with 16/16/9 bytes threshold > ppbus0: on ppc0 > plip0: on ppbus0 > lpt0: on ppbus0 > lpt0: Interrupt-driven port > ppi0: on ppbus0 > atkbdc0: port 0x64,0x60 irq 1 on acpi0 > atkbd0: irq 1 on atkbdc0 > kbd0 at atkbd0 > orm0: at iomem 0xce000-0xcf7ff,0xcc000-0xcd7ff on isa0 > pmtimer0 on isa0 > sc0: at flags 0x100 on isa0 > sc0: VGA <16 virtual consoles, flags=0x100> > vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on > isa0 > Timecounter "TSC" frequency 2660461336 Hz quality 800 > Timecounters tick every 10.000 msec > ad0: 38166MB [77545/16/63] at ata0- > master UDMA100 > acd0: CDROM at ata1-master PIO4 > Mounting root from ufs:/dev/ad0s1a > # > > > Thank you, > Stephane. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Aug 5 04:54:04 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CC1616A41F for ; Fri, 5 Aug 2005 04:54:04 +0000 (GMT) (envelope-from donatas@lrtc.net) Received: from mail.lrtc.lt (pegasus.lrtc.lt [217.9.240.100]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE72443D46 for ; Fri, 5 Aug 2005 04:54:02 +0000 (GMT) (envelope-from donatas@lrtc.net) Received: (qmail 25550 invoked from network); 5 Aug 2005 03:20:46 -0000 Received: from p2p-241-242-ird.vln0.lrtc.net (HELO donatas) (d.gendvilas@[217.9.241.242]) (envelope-sender ) by mail.lrtc.lt (qmail-ldap-1.03) with SMTP for ; 5 Aug 2005 03:20:46 -0000 Message-ID: <002f01c59979$b0641a10$9f90a8c0@donatas> From: "Donatas" To: Date: Fri, 5 Aug 2005 07:53:57 +0300 Organization: AB Lietuvos Radijo ir Televizijos Centras MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-4" Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Subject: carp & ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Donatas List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Aug 2005 04:54:04 -0000 is there any possibility to create ipfw load-balancer using carp? From owner-freebsd-net@FreeBSD.ORG Sat Aug 6 11:44:09 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5BCED16A41F for ; Sat, 6 Aug 2005 11:44:09 +0000 (GMT) (envelope-from gbergling@0xfce3.net) Received: from generic.0xfce3.net (generic.0xfce3.net [62.75.158.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 06ABD43D88 for ; Sat, 6 Aug 2005 11:44:08 +0000 (GMT) (envelope-from gbergling@0xfce3.net) Received: from port-212-202-34-189.dynamic.qsc.de ([212.202.34.189] helo=[192.168.1.7]) by vs158227.vserver.de with esmtpa (Exim 4.50) id 1E1N5u-00050i-7P for freebsd-net@freebsd.org; Sat, 06 Aug 2005 13:44:02 +0200 Message-ID: <42F4A261.9060207@0xfce3.net> Date: Sat, 06 Aug 2005 13:43:29 +0200 From: Gordon Bergling User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [RFC] Port of DfBSDs new IP Checksum Code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Aug 2005 11:44:09 -0000 Hi folks, I have ported the new IP Checksum Code from DragonflyBSD to FreeBSD. I have a patch available at http://generic.0xfce3.net/freebsd/ipchecksum/20050805-ipchecksum.patch This patch is against HEAD (also applies to RELENG_6). There are a minor things where I would like to receive feedback before I'll send-pr it. - sys/conf/files.* I comment the old in_cksum.c file out. Should them be deleted? - contrib/ipfilter/netinet/ip_compat.h here is a "extern" definition of in_cksum() I have comment it out. It compiles right away, but I am not sure that I have done the right thing. comments? ;) Please not that is only the kernel part for now. I know there are some programs in userland which require . On of those programs is natd. At this time I grep through /usr/src to find any programs which include the old in_cksum.h. These things are most time s/machine/sys/ so it should be hard to do. I'll provide a patch in a few hours for this. Any feedback would greatly be appreciated. best regards, Gordon From owner-freebsd-net@FreeBSD.ORG Sat Aug 6 12:16:25 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC37116A41F for ; Sat, 6 Aug 2005 12:16:25 +0000 (GMT) (envelope-from bms@spc.org) Received: from arginine.spc.org (arginine.spc.org [83.167.185.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0CFEC43D53 for ; Sat, 6 Aug 2005 12:16:23 +0000 (GMT) (envelope-from bms@spc.org) Received: from localhost (localhost [127.0.0.1]) by arginine.spc.org (Postfix) with ESMTP id 2234665640; Sat, 6 Aug 2005 13:16:16 +0100 (BST) Received: from arginine.spc.org ([127.0.0.1]) by localhost (arginine.spc.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 87500-01-4; Sat, 6 Aug 2005 13:16:15 +0100 (BST) Received: from empiric.dek.spc.org (213-152-59-152.dsl.eclipse.net.uk [213.152.59.152]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by arginine.spc.org (Postfix) with ESMTP id 39FE665641; Sat, 6 Aug 2005 13:16:11 +0100 (BST) Received: by empiric.dek.spc.org (Postfix, from userid 1001) id 866F86ABC; Sat, 6 Aug 2005 13:15:04 +0100 (BST) Date: Sat, 6 Aug 2005 13:15:04 +0100 From: Bruce M Simpson To: Gordon Bergling Message-ID: <20050806121504.GC740@empiric.icir.org> Mail-Followup-To: Gordon Bergling , freebsd-net@freebsd.org References: <42F4A261.9060207@0xfce3.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <42F4A261.9060207@0xfce3.net> Cc: freebsd-net@freebsd.org Subject: Re: [RFC] Port of DfBSDs new IP Checksum Code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Aug 2005 12:16:25 -0000 Hi, On Sat, Aug 06, 2005 at 01:43:29PM +0200, Gordon Bergling wrote: > I have ported the new IP Checksum Code from DragonflyBSD to FreeBSD. > I have a patch available at > http://generic.0xfce3.net/freebsd/ipchecksum/20050805-ipchecksum.patch There are inline i386 instructions in a machine-independent header; is this intentional? Also the asm_ones32() code seems to exist only for i386. Without support for other platforms, and some cleanup, I don't think that the patch can be committed as is, sadly. I do like the general idea of rewriting in_cksum() to take advantage of branch prediction logic in modern microprocessors, however. Regards, BMS From owner-freebsd-net@FreeBSD.ORG Sat Aug 6 15:34:29 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2CF516A41F for ; Sat, 6 Aug 2005 15:34:28 +0000 (GMT) (envelope-from gbergling@0xfce3.net) Received: from generic.0xfce3.net (generic.0xfce3.net [62.75.158.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9786F43D5C for ; Sat, 6 Aug 2005 15:34:27 +0000 (GMT) (envelope-from gbergling@0xfce3.net) Received: from port-212-202-34-189.dynamic.qsc.de ([212.202.34.189] helo=[192.168.1.7]) by vs158227.vserver.de with esmtpa (Exim 4.50) id 1E1Qgm-0006vx-90; Sat, 06 Aug 2005 17:34:20 +0200 Message-ID: <42F4D862.6040002@0xfce3.net> Date: Sat, 06 Aug 2005 17:33:54 +0200 From: Gordon Bergling User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Bruce M Simpson References: <42F4A261.9060207@0xfce3.net> <20050806121504.GC740@empiric.icir.org> In-Reply-To: <20050806121504.GC740@empiric.icir.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: [RFC] Port of DfBSDs new IP Checksum Code X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Aug 2005 15:34:29 -0000 Hi Bruce, Bruce M Simpson wrote: >On Sat, Aug 06, 2005 at 01:43:29PM +0200, Gordon Bergling wrote: > > >>I have ported the new IP Checksum Code from DragonflyBSD to FreeBSD. >>I have a patch available at >>http://generic.0xfce3.net/freebsd/ipchecksum/20050805-ipchecksum.patch >> >> > >There are inline i386 instructions in a machine-independent header; is this >intentional? Also the asm_ones32() code seems to exist only for i386. > > I can't say something about the internals of the rework of checksum code. I have the commit messages on the hand, but I can't find something related. >Without support for other platforms, and some cleanup, I don't think that >the patch can be committed as is, sadly. > > As far as I understand the commit messages [1 - 3] correctly the new code should be machine independent. What cleanup do you mean? >I do like the general idea of rewriting in_cksum() to take advantage of >branch prediction logic in modern microprocessors, however. > > I am willing to spend more time on this and, if anyone could point me to the right direction regarding the next steps to get this into the tree. regards, Gordon [1] http://leaf.dragonflybsd.org/mailarchive/commits/2004-02/msg00187.html [2] http://leaf.dragonflybsd.org/mailarchive/commits/2004-02/msg00198.html [3] http://leaf.dragonflybsd.org/mailarchive/commits/2004-02/msg00200.html From owner-freebsd-net@FreeBSD.ORG Sat Aug 6 19:44:55 2005 Return-Path: X-Original-To: freebsd-net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B0DF016A41F for ; Sat, 6 Aug 2005 19:44:55 +0000 (GMT) (envelope-from arved@arved.at) Received: from 21322530218.direct.eti.at (21322530218.direct.eti.at [213.225.30.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6FAFE43D46 for ; Sat, 6 Aug 2005 19:44:54 +0000 (GMT) (envelope-from arved@arved.at) Received: from [192.168.1.24] (ische.arved.de [192.168.1.24]) by 21322530218.direct.eti.at (8.13.3/8.13.1) with ESMTP id j76JipnI045559; Sat, 6 Aug 2005 21:44:51 +0200 (CEST) (envelope-from arved@arved.at) Mime-Version: 1.0 (Apple Message framework v622) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-5--978605292" Message-Id: <38bcd230a8da978cf1901ede6ce4eb95@arved.at> Content-Transfer-Encoding: 7bit From: Tilman Linneweh Date: Sat, 6 Aug 2005 21:44:42 +0200 To: freebsd-net@FreeBSD.org X-Pgp-Agent: GPGMail 1.1 (Panther) X-Mailer: Apple Mail (2.622) Cc: Tilman Linneweh Subject: IPv6 LOR X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Aug 2005 19:44:55 -0000 --Apple-Mail-5--978605292 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Hi, Today i tried to configure IPv6 on a RELENG_6 box with an axe(4) USB NIC. I got these two traces in my log: Aug 6 21:35:18 via kernel: Sleeping on "usbsyn" with the following non-sleepabl e locks held: Aug 6 21:35:18 via kernel: exclusive sleep mutex inp (raw6inp) r = 0 (0xc133a9b 4) locked @ /usr/RELENG_6/src/sys/netinet6/raw_ip6.c:624 Aug 6 21:35:18 via kernel: exclusive sleep mutex rip r = 0 (0xc079628c) locked @ /usr/RELENG_6/src/sys/netinet6/raw_ip6.c:611 Aug 6 21:35:18 via kernel: KDB: stack backtrace: Aug 6 21:35:18 via kernel: kdb_backtrace(2,c15fdc48,c1194780,2,d350b970) at kdb _backtrace+0x29 Aug 6 21:35:18 via kernel: witness_warn(5,0,c06d85fe,c06cfc71) at witness_warn+ 0x18e Aug 6 21:35:18 via kernel: msleep(c23f0600,0,4c,c06cfc71,0) at msleep+0x42 Aug 6 21:35:18 via kernel: usbd_transfer(c23f0600,d350b9d0,c04d0825,c23f0600,24 6) at usbd_transfer+0x121 Aug 6 21:35:18 via kernel: usbd_sync_transfer(c23f0600,246,c074c360,d350b9cc,0) at usbd_sync_transfer+0x11 Aug 6 21:35:18 via kernel: usbd_do_request_flags_pipe(c1574400,c23e5a80,d350ba2 8,d350ba5e,0) at usbd_do_request_flags_pipe+0x5d Aug 6 21:35:18 via kernel: usbd_do_request_flags(c1574400,d350ba28,d350ba5e,0,0 ) at usbd_do_request_flags+0x20 Aug 6 21:35:18 via kernel: usbd_do_request(c1574400,d350ba28,d350ba5e) at usbd_ do_request+0x1a Aug 6 21:35:18 via kernel: axe_cmd(c23d4500,200f,0,0,d350ba5e) at axe_cmd+0x74 Aug 6 21:35:18 via kernel: axe_setmulti(c23d4500,c23b4080,c23b4080,c1564680,c11 c9400) at axe_setmulti+0x2f Aug 6 21:35:18 via kernel: axe_ioctl(c11c9400,80206932,0) at axe_ioctl+0x13e Aug 6 21:35:18 via kernel: if_delmulti(c11c9400,c23ea640) at if_delmulti+0x199 Aug 6 21:35:18 via kernel: in6_delmulti(c1fe3bc0) at in6_delmulti+0x4f Aug 6 21:35:18 via kernel: ip6_freemoptions(c11cb9c0,0) at ip6_freemoptions+0x3 7 Aug 6 21:35:18 via kernel: in6_pcbdetach(c133a924,c133a9b4,0,c06ec94e,270) at i n6_pcbdetach+0x184 Aug 6 21:35:18 via kernel: rip6_detach(c14a342c) at rip6_detach+0x96 Aug 6 21:35:18 via kernel: soclose(c14a342c,c126b5e8,0,d350bb5c,c05045b8) at so close+0x1e0 Aug 6 21:35:18 via kernel: soo_close(c126b5e8,c1194780) at soo_close+0x4b Aug 6 21:35:18 via kernel: fdrop_locked(c126b5e8,c1194780,c1070784,0,c06d4c2e) at fdrop_locked+0x88 Aug 6 21:35:18 via kernel: fdrop(c126b5e8,c1194780,d350bba8,c053ff84,c06d4c2e) at fdrop+0x24 Aug 6 21:35:18 via kernel: closef(c126b5e8,c1194780) at closef+0x35f Aug 6 21:35:18 via kernel: fdfree(c1194780,c15fdd94,0,c06db654,6ac) at fdfree+0 x473 Aug 6 21:35:18 via kernel: exit1(c1194780,100,d350bd30,c0696c87,c1194780) at ex it1+0x3f6 Aug 6 21:35:18 via kernel: exit1(c1194780,d350bd04,1,2,296) at exit1 Aug 6 21:35:18 via kernel: syscall(3b,3b,3b,0,8057300) at syscall+0x22f Aug 6 21:35:18 via kernel: Xint0x80_syscall() at Xint0x80_syscall+0x1f Aug 6 21:35:18 via kernel: --- syscall (1, FreeBSD ELF32, sys_exit), eip = 0x28 0bd383, esp = 0xbfbfe17c, ebp = 0xbfbfe198 --- Aug 6 21:35:18 via kernel: lock order reversal Aug 6 21:35:18 via kernel: 1st 0xc133a9b4 inp (raw6inp) @ /usr/RELENG_6/src/sys /netinet6/raw_ip6.c:624 Aug 6 21:35:18 via kernel: 2nd 0xc0747060 Giant (Giant) @ /usr/RELENG_6/src/sys /kern/kern_synch.c:236 Aug 6 21:35:18 via kernel: KDB: stack backtrace: Aug 6 21:35:18 via kernel: kdb_backtrace(0,ffffffff,c07543c0,c0756328,c071d1c4) at kdb_backtrace+0x29 Aug 6 21:35:18 via kernel: witness_checkorder(c0747060,9,c06d8637,ec) at witnes s_checkorder+0x564 Aug 6 21:35:18 via kernel: _mtx_lock_flags(c0747060,0,c06d8637,ec) at _mtx_lock _flags+0x5b Aug 6 21:35:18 via kernel: msleep(c23f0600,0,4c,c06cfc71,0) at msleep+0x386 Aug 6 21:35:18 via kernel: usbd_transfer(c23f0600,d350b9d0,c04d0825,c23f0600,24 6) at usbd_transfer+0x121 Aug 6 21:35:18 via kernel: usbd_sync_transfer(c23f0600,246,c074c360,d350b9cc,0) at usbd_sync_transfer+0x11 Aug 6 21:35:18 via kernel: usbd_do_request_flags_pipe(c1574400,c23e5a80,d350ba2 8,d350ba5e,0) at usbd_do_request_flags_pipe+0x5d Aug 6 21:35:18 via kernel: usbd_do_request_flags(c1574400,d350ba28,d350ba5e,0,0 ) at usbd_do_request_flags+0x20 Aug 6 21:35:18 via kernel: usbd_do_request(c1574400,d350ba28,d350ba5e) at usbd_ do_request+0x1a Aug 6 21:35:18 via kernel: axe_cmd(c23d4500,200f,0,0,d350ba5e) at axe_cmd+0x74 Aug 6 21:35:18 via kernel: axe_setmulti(c23d4500,c23b4080,c23b4080,c1564680,c11 c9400) at axe_setmulti+0x2f Aug 6 21:35:18 via kernel: axe_ioctl(c11c9400,80206932,0) at axe_ioctl+0x13e Aug 6 21:35:18 via kernel: if_delmulti(c11c9400,c23ea640) at if_delmulti+0x199 Aug 6 21:35:18 via kernel: in6_delmulti(c1fe3bc0) at in6_delmulti+0x4f Aug 6 21:35:18 via kernel: ip6_freemoptions(c11cb9c0,0) at ip6_freemoptions+0x3 7 Aug 6 21:35:18 via kernel: in6_pcbdetach(c133a924,c133a9b4,0,c06ec94e,270) at i n6_pcbdetach+0x184 Aug 6 21:35:18 via kernel: rip6_detach(c14a342c) at rip6_detach+0x96 Aug 6 21:35:18 via kernel: soclose(c14a342c,c126b5e8,0,d350bb5c,c05045b8) at so close+0x1e0 Aug 6 21:35:18 via kernel: soo_close(c126b5e8,c1194780) at soo_close+0x4b Aug 6 21:35:18 via kernel: fdrop_locked(c126b5e8,c1194780,c1070784,0,c06d4c2e) at fdrop_locked+0x88 Aug 6 21:35:18 via kernel: fdrop(c126b5e8,c1194780,d350bba8,c053ff84,c06d4c2e) at fdrop+0x24 Aug 6 21:35:18 via kernel: closef(c126b5e8,c1194780) at closef+0x35f Aug 6 21:35:18 via kernel: fdfree(c1194780,c15fdd94,0,c06db654,6ac) at fdfree+0 x473 Aug 6 21:35:18 via kernel: exit1(c1194780,100,d350bd30,c0696c87,c1194780) at ex it1+0x3f6 Aug 6 21:35:18 via kernel: exit1(c1194780,d350bd04,1,2,296) at exit1 Aug 6 21:35:18 via kernel: syscall(3b,3b,3b,0,8057300) at syscall+0x22f Aug 6 21:35:18 via kernel: Xint0x80_syscall() at Xint0x80_syscall+0x1f Aug 6 21:35:18 via kernel: --- syscall (1, FreeBSD ELF32, sys_exit), eip = 0x28 0bd383, esp = 0xbfbfe17c, ebp = 0xbfbfe198 --- --Apple-Mail-5--978605292 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: Signierter Teil der Nachricht content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Darwin) iD8DBQFC9RMvfCLDn4B6xToRArtaAJsE7z6H4jzFEiq4vj1UkKpOpX3aaACeKHD8 tgQmxamk5Uu4qKGTFMeRHUk= =SsOi -----END PGP SIGNATURE----- --Apple-Mail-5--978605292-- From owner-freebsd-net@FreeBSD.ORG Sat Aug 6 22:20:09 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DC5B016A41F for ; Sat, 6 Aug 2005 22:20:09 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7309D43D53 for ; Sat, 6 Aug 2005 22:20:09 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id E95B61FFAD1; Sun, 7 Aug 2005 00:20:07 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id C171A1FFACC; Sun, 7 Aug 2005 00:20:05 +0200 (CEST) Received: by mail.int.zabbadoz.net (Postfix, from userid 1060) id 77323158A0; Sat, 6 Aug 2005 22:15:09 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.int.zabbadoz.net (Postfix) with ESMTP id 6F5D41589F; Sat, 6 Aug 2005 22:15:09 +0000 (UTC) Date: Sat, 6 Aug 2005 22:15:09 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@e0-0.zab2.int.zabbadoz.net To: Tilman Linneweh In-Reply-To: <38bcd230a8da978cf1901ede6ce4eb95@arved.at> Message-ID: References: <38bcd230a8da978cf1901ede6ce4eb95@arved.at> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de Cc: freebsd-net@FreeBSD.org Subject: Re: IPv6 LOR X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Aug 2005 22:20:10 -0000 On Sat, 6 Aug 2005, Tilman Linneweh wrote: > Today i tried to configure IPv6 on a RELENG_6 box with an axe(4) USB > NIC. > > I got these two traces in my log: would you be able to send this w/o lines wrapped and perhaps also without the syslog line starting. Would be easier to read;) From what I had seen this isn't only a LOR but more problems... -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT