From owner-freebsd-net Mon Jan 1 10:23:34 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 10:23:30 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from panther.unisys.com.br (panther.unisys.com.br [200.220.64.10]) by hub.freebsd.org (Postfix) with ESMTP id 0FF0D37B400; Mon, 1 Jan 2001 10:23:29 -0800 (PST) Received: from uninet.com.br (cheetah.unisys.com.br [200.220.64.9]) by panther.unisys.com.br (8.11.1/8.11.1) with SMTP id f01JNU522186; Mon, 1 Jan 2001 16:23:31 -0300 (BDB) From: romualdo@uninet.com.br Sender: romualdo@uninet.com.br Reply-To: romualdo@uninet.com.br To: freebsd-security@freebsd.org Cc: freebsd-net@freebsd.org Date: Mon, 1 Jan 2001 16:21:27 -300 Subject: IPSTEALTH - transparent router Message-id: <3a50d8b7.3a6d.0@uninet.com.br> X-User-Info: 200.181.80.40 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi. I have many routers with wavelan card working with freeBSD and i am trying without sucessfull use IPSTEALTH work this is my kernel options options IPFIREWALL options IPDIVERT options IPSTEALTH options IPFIREWALL_VERBOSE options IPFIREWALL_FORWARD options IPFIREWALL_VERBOSE_LIMIT=100 options DUMMYNET options NMBCLUSTERS=10240 i have some routes and i use ipfw fwd too i want whem one machine make traceroute dont show my router and go a way Thank for any help Romualdo Arcoverde UNINet Brasilia http://unimail.unisys.com.br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 10:56:38 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 10:56:36 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from prioris.mini.pw.edu.pl (prioris.mini.pw.edu.pl [148.81.80.7]) by hub.freebsd.org (Postfix) with ESMTP id 4F34337B400 for ; Mon, 1 Jan 2001 10:56:36 -0800 (PST) Received: from pf39.warszawa.sdi.tpnet.pl (prioris.mini.pw.edu.pl [148.81.80.7]) by prioris.mini.pw.edu.pl (Postfix) with ESMTP id 501F27D04E for ; Mon, 1 Jan 2001 19:56:28 +0100 (CET) Received: (from zaks@localhost) by pf39.warszawa.sdi.tpnet.pl (8.11.1/8.11.1) id f01ItU200644; Mon, 1 Jan 2001 19:55:30 +0100 (CET) (envelope-from zaks) Content-MD5: 47a06a092a8ae1a962d871f60813f0a2 From: Slawek Zak To: freebsd-net@freebsd.org Subject: Dummynet problem Date: 01 Jan 2001 19:55:24 +0100 Message-ID: <87u27j5cgz.fsf@pf39.warszawa.sdi.tpnet.pl> Lines: 21 User-Agent: Gnus/5.090001 (Oort Gnus v0.01) XEmacs/21.1 (Channel Islands) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I tried to configure dummynet to allow for normal work when downloading files using queue mechanism (4.2-STABLE). IPFW rules are: add 100 queue 10 tcp from any to any uid dnld1 in add 200 queue 11 ip from any to any queue 10 config weight 1 pipe 1 queue 11 config weight 10 pipe 1 mask all pipe 1 config bw 128Kbit/s sysctl net.inet.ip.fw.one_pass is set to 1 Although the counters for both (100 and 200) rules show that they both are hit during two parallel downloads (one by user dnld1), the bandwidth for both is equal. It should not be, I guess. Is it a bug or maybe I've misconfigured something. All the best in New Year, /S To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 12: 8:41 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 12:08:39 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from totem.fix.no (totem.fix.no [213.142.66.130]) by hub.freebsd.org (Postfix) with ESMTP id 4868137B400 for ; Mon, 1 Jan 2001 12:08:39 -0800 (PST) Received: by totem.fix.no (Postfix, from userid 1000) id 3BD763C97; Mon, 1 Jan 2001 21:08:26 +0100 (CET) Date: Mon, 1 Jan 2001 21:08:26 +0100 From: Anders Nordby To: freebsd-net@freebsd.org Subject: ipfw uid rules and matching specific services for bandwidth limiting Message-ID: <20010101210826.A69852@totem.fix.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 4.1.1-STABLE X-PGP-Key: http://anders.fix.no/pgp/ X-PGP-Key-FingerPrint: 1E0F C53C D8DF 6A8F EAAD 19C5 D12A BC9F 0083 5956 Sender: anders@totem.fix.no Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, Are people actually using uid type rules heavily? I'm having trouble matching the packets generated by programs like Apache and ProFTPD. I believe that may be because of root binding the ports these programs use before they setuid() or something, I'm not sure. Particularly I have trouble matching the packets of active FTP, since I have random ports on both ends to deal with and can't match them by port either. Does anyone have a solution to this? Yep, this is for use with Dummynet, which works OK as long as I get to match the packets I need. :-) ProFTPD's mod_xfer module doesn't seem to be able to globally set a max. transfer rate for all transfers in total either, it seems. I suppose I can proxy the traffic and then match the packets somehow perhaps.. Cheers, -- Anders. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 15:24:11 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 15:24:10 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [207.154.226.10]) by hub.freebsd.org (Postfix) with ESMTP id 205BF37B400 for ; Mon, 1 Jan 2001 15:24:10 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1098) id AF6E02B33A; Mon, 1 Jan 2001 17:24:09 -0600 (CST) Date: Mon, 1 Jan 2001 17:24:09 -0600 From: Bill Fumerola To: Anders Nordby Cc: freebsd-net@freebsd.org Subject: Re: ipfw uid rules and matching specific services for bandwidth limiting Message-ID: <20010101172409.I72273@elvis.mu.org> References: <20010101210826.A69852@totem.fix.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010101210826.A69852@totem.fix.no>; from anders@fix.no on Mon, Jan 01, 2001 at 09:08:26PM +0100 X-Operating-System: FreeBSD 4.2-FEARSOME-20001103 i386 Sender: billf@elvis.mu.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jan 01, 2001 at 09:08:26PM +0100, Anders Nordby wrote: > Are people actually using uid type rules heavily? I'm having trouble matching > the packets generated by programs like Apache and ProFTPD. I believe that may > be because of root binding the ports these programs use before they setuid() or > something, I'm not sure. Particularly I have trouble matching the packets of > active FTP, since I have random ports on both ends to deal with and can't match > them by port either. Does anyone have a solution to this? sockstat is your friend, look at the 'user' that is defined per program, thats who is going to be charged for packets on that socket. -- Bill Fumerola - security yahoo / Yahoo! inc. - fumerola@yahoo-inc.com / billf@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 16:14:23 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 16:14:20 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from totem.fix.no (totem.fix.no [213.142.66.130]) by hub.freebsd.org (Postfix) with ESMTP id 2933437B400 for ; Mon, 1 Jan 2001 16:14:20 -0800 (PST) Received: by totem.fix.no (Postfix, from userid 1000) id F21073C98; Tue, 2 Jan 2001 01:14:18 +0100 (CET) Date: Tue, 2 Jan 2001 01:14:18 +0100 From: Anders Nordby To: Bill Fumerola Cc: freebsd-net@freebsd.org Subject: Re: ipfw uid rules and matching specific services for bandwidth limiting Message-ID: <20010102011418.E74504@totem.fix.no> References: <20010101210826.A69852@totem.fix.no> <20010101172409.I72273@elvis.mu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010101172409.I72273@elvis.mu.org>; from billf@mu.org on Mon, Jan 01, 2001 at 05:24:09PM -0600 X-Operating-System: FreeBSD 4.1.1-STABLE X-PGP-Key: http://anders.fix.no/pgp/ X-PGP-Key-FingerPrint: 1E0F C53C D8DF 6A8F EAAD 19C5 D12A BC9F 0083 5956 Sender: anders@totem.fix.no Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jan 01, 2001 at 05:24:09PM -0600, Bill Fumerola wrote: >> Are people actually using uid type rules heavily? I'm having trouble matching >> the packets generated by programs like Apache and ProFTPD. I believe that may >> be because of root binding the ports these programs use before they setuid() or >> something, I'm not sure. Particularly I have trouble matching the packets of >> active FTP, since I have random ports on both ends to deal with and can't match >> them by port either. Does anyone have a solution to this? > sockstat is your friend, look at the 'user' that is defined per program, > thats who is going to be charged for packets on that socket. Nope, doesn't seem to work. Sockstat says: USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS ftp proftpd 75182 0 tcp4 10.0.0.8:21 192.168.0.34:4955 ftp proftpd 75182 1 tcp4 10.0.0.8:21 192.168.0.34:4955 ftp proftpd 75182 12 tcp4 10.0.0.8:478 192.168.0.34:4959 ftp proftpd 75182 13 tcp4 10.0.0.8:478 192.168.0.34:4959 nobody proftpd 68820 0 tcp4 *:21 *:* Then I add a rule to see if I can count the packets while the above mentioned session is kept alive: # ipfw add 00010 count all from any to any uid ftp And ipfw show shows that the rule doesn't intercept any packets: 00010 0 0 count ip from any to any uid ftp FYI I am running 4.1.1-STABLE as of Tue Oct 24 01:25:55 CEST 2000, and top(1) shows all proftpd processes as being owned by root. Regards, -- Anders. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 16:43:34 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 16:43:32 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from totem.fix.no (totem.fix.no [213.142.66.130]) by hub.freebsd.org (Postfix) with ESMTP id 457AC37B400 for ; Mon, 1 Jan 2001 16:43:32 -0800 (PST) Received: by totem.fix.no (Postfix, from userid 1000) id 8765C3C98; Tue, 2 Jan 2001 01:43:30 +0100 (CET) Date: Tue, 2 Jan 2001 01:43:30 +0100 From: Anders Nordby To: Bill Fumerola Cc: freebsd-net@freebsd.org Subject: Re: ipfw uid rules and matching specific services for bandwidth limiting Message-ID: <20010102014330.A75512@totem.fix.no> References: <20010101210826.A69852@totem.fix.no> <20010101172409.I72273@elvis.mu.org> <20010102011418.E74504@totem.fix.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010102011418.E74504@totem.fix.no>; from anders@fix.no on Tue, Jan 02, 2001 at 01:14:18AM +0100 X-Operating-System: FreeBSD 4.1.1-STABLE X-PGP-Key: http://anders.fix.no/pgp/ X-PGP-Key-FingerPrint: 1E0F C53C D8DF 6A8F EAAD 19C5 D12A BC9F 0083 5956 Sender: anders@totem.fix.no Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Jan 02, 2001 at 01:14:18AM +0100, Anders Nordby wrote: > FYI I am running 4.1.1-STABLE as of Tue Oct 24 01:25:55 CEST 2000, and top(1) > shows all proftpd processes as being owned by root. If I filter on uid root, the rules will match the packets (I tried with specific IPs + uid root): 00010 1539 2307193 count log ip from any to 192.168.0.34 uid root 00011 881 35259 count log ip from 192.168.0.34 to any uid root But then again filtering on uid root is not what I want -- it will match ssh sessions and other things as well. And then I'm back to start.. Regards, -- Anders. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 21: 3: 9 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 21:03:06 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id 1FA0737B400 for ; Mon, 1 Jan 2001 21:03:06 -0800 (PST) Received: from waterspout.com (tsunami.fw.waterspout.com [208.13.60.34]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id AAA58976; Tue, 2 Jan 2001 00:01:46 -0500 (EST) (envelope-from csg@waterspout.com) Message-Id: <200101020501.AAA58976@tsunami.waterspout.com> To: Julian Elischer Cc: "C. Stephen Gunn" , Garrett Wollman , Andrea Franceschini , Ferdinand Goldmann , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. In-Reply-To: Your message of "Sun, 31 Dec 2000 19:54:19 PST." <3A4FFF6B.F8C20C5@elischer.org> From: csg@waterspout.com (C. Stephen Gunn) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <99533.978412001.1@waterspout.com> Date: Tue, 02 Jan 2001 00:06:41 -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 31 Dec 2000 19:54:19 PST, Julian Elischer wrote: > > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work. > > FreeBSD should should handle multiple ethernet encapsulations on > > the same physical interface, and relay packets to/from some subordinate > > interface. This support would factor-out the need for current > > work-arounds like if_vlan, and if_ef, and perhaps even if_tap. > > sounds like a perfect use for netgraph.. I've thought about this, and and a migation to netgraph would require significant changes to how FreeBSD handles Ethernet (and other IEEE 802) interfaces. For example, you would no longer simply ``ifconfig xl'', but associate a netgraph link-layer node on top of the xl interface, and a netgraph interface node on top of the link-layer node, which would function (mostly) like xl does now. Netgraph is an excellent technology. While your comment makes sense, there are several issues that will need to be addressed. For instance, the current ARP implementation in FreeBSD is entangled with the generic ethernet code. I'm afraid to even contemplate the POLA and backward compatability issues involved. If this discussion is non-casual, we should eventually migrate it over to -arch. - Steve -- C. Stephen Gunn URL: http://www.waterspout.com/ WaterSpout Communications, Inc. Email: csg@waterspout.com 427 North 6th Street Phone: +1 765.742.6628 Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 21:19: 9 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 21:19:08 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from spider.pilosoft.com (p55-222.acedsl.com [160.79.55.222]) by hub.freebsd.org (Postfix) with ESMTP id 47EB837B400 for ; Mon, 1 Jan 2001 21:19:07 -0800 (PST) Received: from localhost (alexmail@localhost) by spider.pilosoft.com (8.9.3/8.9.3) with ESMTP id AAA12399; Tue, 2 Jan 2001 00:19:29 -0500 (EST) Date: Tue, 2 Jan 2001 00:19:29 -0500 (EST) From: Alex Pilosov To: "C. Stephen Gunn" Cc: "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. In-Reply-To: <200101020501.AAA58976@tsunami.waterspout.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 2 Jan 2001, C. Stephen Gunn wrote: > For example, you would no longer simply ``ifconfig xl'', but > associate a netgraph link-layer node on top of the xl interface, > and a netgraph interface node on top of the link-layer node, which > would function (mostly) like xl does now. Interesting. Possibly that would make freebsd move away from hardware-specific interface names (such as xl0, rl0 ) and make them eth0, eth1, with a generic eth link-layer code to take care of things like ARP and bridging? Would that make sense? Essentially, what an ethernet driver will do is just capturing and sending packets. Then, netgraph "ethllcmac" node attached to it would perform all VLAN tagging/decapsulation and expose a [set of] eth interfaces back to the kernel? I'm thinking of something like this: ngctl mkpeer xl0: ethmacllc raw raw ngctl mkpeer xl0:raw:untagged iface ifconfig ng0 .... ngctl mkpeer xl0:raw:vlan3 iface ifconfig ng1 (the first might have to be set up to be executed on-interface-load) I'm still a bit inebriated...Let me know if I'm completely off-base) > Netgraph is an excellent technology. While your comment makes > sense, there are several issues that will need to be addressed. > For instance, the current ARP implementation in FreeBSD is > entangled with the generic ethernet code. > I'm afraid to even contemplate the POLA and backward compatability > issues involved. I'm afraid to ask, what's POLA? :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 21:49:21 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 21:49:18 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from k2.jozsef.kando.hu (k2.jozsef.kando.hu [193.224.40.3]) by hub.freebsd.org (Postfix) with SMTP id EFCED37B400 for ; Mon, 1 Jan 2001 21:49:17 -0800 (PST) Received: (qmail 22073 invoked by uid 1000); 2 Jan 2001 05:49:15 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 2 Jan 2001 05:49:15 -0000 Date: Tue, 2 Jan 2001 06:49:14 +0100 (CET) From: Attila Nagy X-Sender: bra@k2.jozsef.kando.hu To: romualdo@uninet.com.br Cc: freebsd-security@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPSTEALTH - transparent router In-Reply-To: <3a50d8b7.3a6d.0@uninet.com.br> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, > I have many routers with wavelan card working with freeBSD and i am > trying without sucessfull use IPSTEALTH work i want whem one machine > make traceroute dont show my router and go a way sysctl -w net.inet.ip.stealth=1 -------------------------------------------------------------------------- Attila Nagy e-mail: Attila.Nagy@fsn.hu Budapest Polytechnic (BMF.HU) @work: +361 210 1415 (194) H-1084 Budapest, Tavaszmezo u. 15-17. cell.: +3630 306 6758 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 21:56:55 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 21:56:53 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id C8B0837B400 for ; Mon, 1 Jan 2001 21:56:53 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f025uPH69405; Mon, 1 Jan 2001 21:56:25 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101020556.f025uPH69405@iguana.aciri.org> Subject: Re: ipfw uid rules and matching specific services for bandwidth limiting In-Reply-To: <20010102014330.A75512@totem.fix.no> from Anders Nordby at "Jan 2, 2001 1:43:30 am" To: anders@fix.no (Anders Nordby) Date: Mon, 1 Jan 2001 21:56:25 -0800 (PST) Cc: billf@mu.org, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: rizzo@iguana.aciri.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org the easy way could be (probably) force the ftp daemon run as some other user, or assign a second IP to the server and make sure that the ftpd binds to the second address. But in the end, one probably might also like to have a separate namespace where processes can [be forced to] register and whose values can be used as keys by the various resource allocators (dummynet is just an example, one might want to do the same thing with filesystem clients) cheers luigi > > FYI I am running 4.1.1-STABLE as of Tue Oct 24 01:25:55 CEST 2000, and top(1) > > shows all proftpd processes as being owned by root. > > If I filter on uid root, the rules will match the packets (I tried with > specific IPs + uid root): > > 00010 1539 2307193 count log ip from any to 192.168.0.34 uid root > 00011 881 35259 count log ip from 192.168.0.34 to any uid root > > But then again filtering on uid root is not what I want -- it will match > ssh sessions and other things as well. And then I'm back to start.. > > Regards, > > -- > Anders. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 22: 4: 8 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 22:04:06 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 3892137B404 for ; Mon, 1 Jan 2001 22:04:02 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f0263wf69442; Mon, 1 Jan 2001 22:03:58 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101020603.f0263wf69442@iguana.aciri.org> Subject: Re: Dummynet problem In-Reply-To: <87u27j5cgz.fsf@pf39.warszawa.sdi.tpnet.pl> from Slawek Zak at "Jan 1, 2001 7:55:24 pm" To: zaks@prioris.mini.pw.edu.pl (Slawek Zak) Date: Mon, 1 Jan 2001 22:03:58 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: rizzo@iguana.aciri.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I tried to configure dummynet to allow for normal work when downloading files > using queue mechanism (4.2-STABLE). > > IPFW rules are: > > add 100 queue 10 tcp from any to any uid dnld1 in > add 200 queue 11 ip from any to any > > queue 10 config weight 1 pipe 1 > queue 11 config weight 10 pipe 1 mask all > > pipe 1 config bw 128Kbit/s > > sysctl net.inet.ip.fw.one_pass is set to 1 > > Although the counters for both (100 and 200) rules show that they both are hit > during two parallel downloads (one by user dnld1), the bandwidth for both is > equal. It should not be, I guess. Is it a bug or maybe I've misconfigured > something. it should not be equal provided the 'high weight' flow has sufficient traffic going. Of course bugs are always possible, but i think i checked that the mechanism did work before committing. Can you do an 'ipfw zero' before the transfer, and provide the output of ipfw show ipfw queue show ipfw pipe show after that ? cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 22:19:34 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 22:19:31 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 996BC37B402 for ; Mon, 1 Jan 2001 22:19:28 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14DKsD-0000PG-00; Mon, 01 Jan 2001 23:24:41 -0700 Sender: wes@FreeBSD.ORG Message-ID: <3A517429.91B2F251@softweyr.com> Date: Mon, 01 Jan 2001 23:24:41 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "C. Stephen Gunn" Cc: Julian Elischer , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "C. Stephen Gunn" wrote: > > On Sun, 31 Dec 2000 19:54:19 PST, Julian Elischer wrote: > > > > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work. > > > FreeBSD should should handle multiple ethernet encapsulations on > > > the same physical interface, and relay packets to/from some subordinate > > > interface. This support would factor-out the need for current > > > work-arounds like if_vlan, and if_ef, and perhaps even if_tap. > > > > sounds like a perfect use for netgraph.. > > I've thought about this, and and a migation to netgraph would > require significant changes to how FreeBSD handles Ethernet (and > other IEEE 802) interfaces. > > For example, you would no longer simply ``ifconfig xl'', but > associate a netgraph link-layer node on top of the xl interface, > and a netgraph interface node on top of the link-layer node, which > would function (mostly) like xl does now. > > Netgraph is an excellent technology. While your comment makes > sense, there are several issues that will need to be addressed. > For instance, the current ARP implementation in FreeBSD is > entangled with the generic ethernet code. Under netgraph, it would be just another protocol in a netgraph node, and could be added to (and removed from) the interface as needed. That would be interesting from the standpoint of a secure system over which you wanted to control the ARP entries. Being able to simply turn off dynamic ARP has been discussed often, but never really acted upon. Doing link-layer encapsulation modules is really not very difficult. I've written pretty much the full complement, covering ethernet (10, 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, I can identify that protocol in 20 instructions.) > I'm afraid to even contemplate the POLA and backward compatability > issues involved. Why would we need to violate POLA? The obvious default would be to extend ifconfig to configure the new protocol types, and to assume EthII framing unless explicitly specified. > If this discussion is non-casual, we should eventually migrate > it over to -arch. Perhaps so. If someone does the work to move EthII into netgraph, I can certainly contribute a SNAP/LLC module, and maybe even extensions to ifconfig so you can use it. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 22:25:54 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 22:25:53 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id B7F4237B402 for ; Mon, 1 Jan 2001 22:25:51 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14DKyb-0000PY-00; Mon, 01 Jan 2001 23:31:17 -0700 Sender: wes@FreeBSD.ORG Message-ID: <3A5175B5.1F21090B@softweyr.com> Date: Mon, 01 Jan 2001 23:31:17 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "C. Stephen Gunn" , Julian Elischer , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Wes Peters wrote: > > "C. Stephen Gunn" wrote: > > > > Netgraph is an excellent technology. While your comment makes > > sense, there are several issues that will need to be addressed. > > For instance, the current ARP implementation in FreeBSD is > > entangled with the generic ethernet code. > > Under netgraph, it would be just another protocol in a netgraph node, > and could be added to (and removed from) the interface as needed. That > would be interesting from the standpoint of a secure system over which > you wanted to control the ARP entries. Being able to simply turn off > dynamic ARP has been discussed often, but never really acted upon. Sorry to reply to my own message, but another thought hit me. Now that the swelling has gone down, I thought I should share it: This might even give us a start at a sticky problem that has been bugging VLAN switch makers from the start, namely, per-VLAN ARP tables. That is something really needed to do VLANs correctly. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 22:30:33 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 22:30:30 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from herbelot.dyndns.org (s014.dhcp212-24.cybercable.fr [212.198.24.14]) by hub.freebsd.org (Postfix) with ESMTP id 27AC337B698 for ; Mon, 1 Jan 2001 22:30:29 -0800 (PST) Received: from free.fr (multi.herbelot.nom [192.168.1.2]) by herbelot.dyndns.org (8.9.3/8.9.3) with ESMTP id HAA34113; Tue, 2 Jan 2001 07:30:26 +0100 (CET) (envelope-from thierry.herbelot@free.fr) Sender: thierry.herbelot@herbelot.dyndns.org Message-ID: <3A517581.3A5DA019@free.fr> Date: Tue, 02 Jan 2001 07:30:26 +0100 From: Thierry Herbelot X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "freebsd-net@FreeBSD.ORG" Cc: "C. Stephen Gunn" , Julian Elischer Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Wes Peters wrote: > [SNIP] > > Doing link-layer encapsulation modules is really not very difficult. > I've written pretty much the full complement, covering ethernet (10, > 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, What about a netgraph-enabled ATM NIC driver ? (this seems the missing piece to get bridged Ethernet over RFC1483 encapsulation on ATM) [SNAP] > > Perhaps so. If someone does the work to move EthII into netgraph, I can > certainly contribute a SNAP/LLC module, and maybe even extensions to > ifconfig so you can use it. ;^) > > -- > "Where am I, and what am I doing in this handbasket?" > > Wes Peters Softweyr LLC > wes@softweyr.com http://softweyr.com/ -- Thierry Herbelot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 22:30:37 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 22:30:33 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from fmdb.c3.hu (dial-239.digitel2002.hu [213.163.2.239]) by hub.freebsd.org (Postfix) with SMTP id D27B937B402 for ; Mon, 1 Jan 2001 22:30:27 -0800 (PST) Received: (qmail 877 invoked by uid 1004); 2 Jan 2001 06:30:23 -0000 Date: Tue, 2 Jan 2001 07:30:23 +0100 From: Miklos Niedermayer To: Attila Nagy Cc: romualdo@uninet.com.br, freebsd-security@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPSTEALTH - transparent router Message-ID: <20010102073023.D309@bsd.hu> Mail-Followup-To: Miklos Niedermayer , Attila Nagy , romualdo@uninet.com.br, freebsd-security@freebsd.org, freebsd-net@freebsd.org References: <3a50d8b7.3a6d.0@uninet.com.br> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from bra@fsn.hu on Tue, Jan 02, 2001 at 06:49:14AM +0100 X-Operating-System: FreeBSD - The Power to Serve Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, ( > Attila Nagy) > > I have many routers with wavelan card working with freeBSD and i am > > trying without sucessfull use IPSTEALTH work i want whem one machine > > make traceroute dont show my router and go a way > sysctl -w net.inet.ip.stealth=1 ...or you can live happy with IPFilter's fastroute feature, that does exactly what you want. -- ______ o _. __ / / / (_(_(__(_) @ bsd.hu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 22:52:44 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 22:52:41 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.cn899.com (unknown [202.103.235.68]) by hub.freebsd.org (Postfix) with ESMTP id 0FB9037B400 for ; Mon, 1 Jan 2001 22:52:39 -0800 (PST) Received: by mail.cn899.com (Postfix, from userid 1003) id D02E91B5E12; Tue, 2 Jan 2001 14:50:32 +0800 (CST) To: ipfilter@coombs.anu.edu.au Subject: IP Filter auth rule Cc: freebsd-net@freebsd.org From: song@cn899.com Reply-To: song@cn899.com X-Mailer: NetHome Mail ver 1.0 Content-Type: text/plain Message-Id: <20010102065032.D02E91B5E12@mail.cn899.com> Date: Tue, 2 Jan 2001 14:50:32 +0800 (CST) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I\'m playing around the auth rule and the sample userauth.c of IP Filter on FreeBSD 4.2-RELEASE and below are some results and questions: 1. There is a typo in ip_auth.c which causes the ioctl(SIOCAUTHW) unable to fetch all the fields of the frauth_t struct. Below is a patch for 4.2-RELEASE stock version 3.4.8: *** /sys/netinet/ip_auth.c Sat Dec 30 22:38:09 2000 --- /sys/netinet/ip_auth.c.orig Sat Dec 30 23:35:33 2000 *************** *** 354,358 **** if ((fr_authnext != fr_authend) && fr_authpkts[fr_authnext]) { error = IWCOPYPTR((char *)&fr_auth[fr_authnext], data, ! sizeof(frauth_t)); RWLOCK_EXIT(&ipf_auth); if (error) --- 354,358 ---- if ((fr_authnext != fr_authend) && fr_authpkts[fr_authnext]) { error = IWCOPYPTR((char *)&fr_auth[fr_authnext], data, ! sizeof(fr_info_t)); RWLOCK_EXIT(&ipf_auth); if (error) 2. userauth.c should open IPAUTH_NAME instead of IPL_NAME for ioctl. Maybe on other platforms it should be IPL_NAME? 3. It seems that \"keep state\" does not work for auth rules. For example, the rule: auth in proto tcp from any to 127.0.0.1/32 port = telnet keep state makes every incoming telnet packet to go through the authentication despite the \"keep state\" option. 4. \"auth out ...\" rule does not work :-(. It makes the system hang for a while and then reboot. 5. auth in IP Filter 3.4.15 does not work in FreeBSD 4.2-RELEASE. The authenticated packets nerver reach the destination even though the variable fr_authstats.fas_queok increase as normal. I built the KLD module as follow: # make freebsd4 # make install-bsd # kldload ipf Any hints? Regards, Song Bo Run To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 1 23:13:59 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 23:13:56 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from herbelot.dyndns.org (s014.dhcp212-24.cybercable.fr [212.198.24.14]) by hub.freebsd.org (Postfix) with ESMTP id E580737B400 for ; Mon, 1 Jan 2001 23:13:53 -0800 (PST) Received: from free.fr (multi.herbelot.nom [192.168.1.2]) by herbelot.dyndns.org (8.9.3/8.9.3) with ESMTP id IAA34175; Tue, 2 Jan 2001 08:13:11 +0100 (CET) (envelope-from thierry.herbelot@free.fr) Sender: thierry.herbelot@herbelot.dyndns.org Message-ID: <3A517F87.B130AC0F@free.fr> Date: Tue, 02 Jan 2001 08:13:11 +0100 From: Thierry Herbelot X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Wes Peters , net@freebsd.org Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> <3A517522.EEF1A4B9@free.fr> <3A517A48.A0BD6439@softweyr.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Wes Peters wrote: > > Thierry Herbelot wrote: > > > > Wes Peters wrote: > > > > > [SNIP] > > > > > > Doing link-layer encapsulation modules is really not very difficult. > > > I've written pretty much the full complement, covering ethernet (10, > > > 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, > > > > What about a netgraph-enabled ATM NIC driver ? (this seems the missing > > piece to get bridged Ethernet over RFC1483 encapsulation on ATM) > > If the top of all the network interface drivers is a netgraph connection, we agree on it : FreeBSD needs a netgraphified hfa(4) : I've seen one or two trys to get it done (the trouble is not many of our commiters know well enough both ATM and netgraph to actually do it, and the ones who do are so busy with other, more interesting challenges) TfH PS : at one time, I would even have tried getting some money from my company to pay a consultant do it (there are not many of them in France, though) > any encapsulation should be straightforward. In the Xylan switch, we At work, I'm using a 1100 LSS : is it the same as the one you worked on ? > actually did the conversion on the outbound network interface module, > so the packet was never converted unless it had to be. We could mimic > that behavior, assuming the output device would check the packet to > see if it needs to be converted, and if so call a module to strip it > down to the bare packet, then another to add the correct encapsulation. > > -- > "Where am I, and what am I doing in this handbasket?" > > Wes Peters Softweyr LLC > wes@softweyr.com http://softweyr.com/ -- Thierry Herbelot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 6:46: 2 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 06:46:00 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 00DB837B400 for ; Tue, 2 Jan 2001 06:45:58 -0800 (PST) Received: from kampala-08.budapest.interware.hu ([195.70.52.200] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14DSh3-0000g7-00; Tue, 02 Jan 2001 15:45:42 +0100 Sender: julian@FreeBSD.ORG Message-ID: <3A51E944.FDFA491F@elischer.org> Date: Tue, 02 Jan 2001 06:44:21 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: "C. Stephen Gunn" Cc: Garrett Wollman , Andrea Franceschini , Ferdinand Goldmann , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "C. Stephen Gunn" wrote: > > On Sun, 31 Dec 2000 19:54:19 PST, Julian Elischer wrote: > > > > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work. > > > FreeBSD should should handle multiple ethernet encapsulations on > > > the same physical interface, and relay packets to/from some subordinate > > > interface. This support would factor-out the need for current > > > work-arounds like if_vlan, and if_ef, and perhaps even if_tap. > > > > sounds like a perfect use for netgraph.. > > I've thought about this, and and a migation to netgraph would > require significant changes to how FreeBSD handles Ethernet (and > other IEEE 802) interfaces. not really. We can run netgraph attachments to the ethernet in parallel with normal ethernet interface usage. > > For example, you would no longer simply ``ifconfig xl'', but > associate a netgraph link-layer node on top of the xl interface, > and a netgraph interface node on top of the link-layer node, which > would function (mostly) like xl does now. you can eave the current xl interface running, and let netgraph syphen off only the VLAN packets.. > > Netgraph is an excellent technology. While your comment makes > sense, there are several issues that will need to be addressed. > For instance, the current ARP implementation in FreeBSD is > entangled with the generic ethernet code. > > I'm afraid to even contemplate the POLA and backward compatability > issues involved. POLA could be conserved.. :-) > > If this discussion is non-casual, we should eventually migrate > it over to -arch. -net is ok for now I think. > > - Steve > > -- > C. Stephen Gunn URL: http://www.waterspout.com/ > WaterSpout Communications, Inc. Email: csg@waterspout.com > 427 North 6th Street Phone: +1 765.742.6628 > Lafayette, IN 47901 Fax: +1 765.742.0646 -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 6:52:13 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 06:52:10 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 86AC037B400 for ; Tue, 2 Jan 2001 06:52:09 -0800 (PST) Received: from kampala-08.budapest.interware.hu ([195.70.52.200] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14DSnG-00014f-00; Tue, 02 Jan 2001 15:52:06 +0100 Sender: julian@FreeBSD.ORG Message-ID: <3A51EAC6.4BD2C2ED@elischer.org> Date: Tue, 02 Jan 2001 06:50:46 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: Alex Pilosov Cc: "C. Stephen Gunn" , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Alex Pilosov wrote: > > On Tue, 2 Jan 2001, C. Stephen Gunn wrote: > > > For example, you would no longer simply ``ifconfig xl'', but > > associate a netgraph link-layer node on top of the xl interface, > > and a netgraph interface node on top of the link-layer node, which > > would function (mostly) like xl does now. > Interesting. Possibly that would make freebsd move away from > hardware-specific interface names (such as xl0, rl0 ) and make them eth0, > eth1, with a generic eth link-layer code to take care of things like ARP > and bridging? Would that make sense? not from a POLA (Principle of Least Amazement) point of view, but we could tap into the driver to get only VLAN packets, as Netgraph allows collecting of only 'unrecognised' packets from the driver. > > Essentially, what an ethernet driver will do is just capturing and sending > packets. Then, netgraph "ethllcmac" node attached to it would perform all > VLAN tagging/decapsulation and expose a [set of] eth interfaces back to > the kernel? exactly > > I'm thinking of something like this: > ngctl mkpeer xl0: ethmacllc raw raw ngctl mkpeer xl0: ethermacllc orphans downstream ngctl name xl0:orphans vlan0 might be more usual. 'orphans' only delivers unrecognised packets (this would include VLAN packets I think. > ngctl mkpeer xl0:raw:untagged iface un-needed > ifconfig ng0 .... > ngctl mkpeer xl0:raw:vlan3 iface > ifconfig ng1 > > (the first might have to be set up to be executed on-interface-load) > > I'm still a bit inebriated...Let me know if I'm completely off-base) > > > Netgraph is an excellent technology. While your comment makes > > sense, there are several issues that will need to be addressed. > > For instance, the current ARP implementation in FreeBSD is > > entangled with the generic ethernet code. > > > I'm afraid to even contemplate the POLA and backward compatability > > issues involved. > I'm afraid to ask, what's POLA? :) See above > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 6:54:22 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 06:54:20 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from rerun.lucentctc.com (rerun.lucentctc.com [199.93.237.2]) by hub.freebsd.org (Postfix) with ESMTP id 0A22337B400 for ; Tue, 2 Jan 2001 06:54:20 -0800 (PST) Received: by rerun.lucentctc.com with Internet Mail Service (5.5.2650.21) id ; Tue, 2 Jan 2001 09:51:21 -0500 Message-ID: <443F9E4C6D67D4118C9800A0C9DD99D710823A@rerun.lucentctc.com> From: "Cambria, Mike" To: 'Blaz Zupan' , "Michael C. Cambria" Cc: freebsd-net@FreeBSD.ORG Subject: RE: natd not translating ESP packets Date: Tue, 2 Jan 2001 09:51:20 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Updating my ipfw/natd system to 4.2-Release worked. MikeC -----Original Message----- From: Blaz Zupan [mailto:blaz@amis.net] Sent: Friday, December 29, 2000 11:18 AM To: Michael C. Cambria Cc: freebsd-net@FreeBSD.ORG Subject: Re: natd not translating ESP packets > > IPSec and NAT don't play together > > I've set other pepole up (granted with comercial products) to do this very > thing just fine. > > I'm not using AH, just ESP, so nat'ing the IP address of the outer header > will not break anything. Ok, let me rephrase it. IPSec and NAT don't play together on FreeBSD. natd does not know how to masqeurade ESP packets. Blaz Zupan, Medinet d.o.o, Linhartova 21, 2000 Maribor, Slovenia E-mail: blaz@amis.net, Tel: +386-2-320-6320, Fax: +386-2-320-6325 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 6:55: 4 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 06:55:02 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 09CDC37B400 for ; Tue, 2 Jan 2001 06:55:01 -0800 (PST) Received: from kampala-08.budapest.interware.hu ([195.70.52.200] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14DSq0-0001Nx-00; Tue, 02 Jan 2001 15:54:57 +0100 Sender: julian@FreeBSD.ORG Message-ID: <3A51EB71.8286709E@elischer.org> Date: Tue, 02 Jan 2001 06:53:37 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: Wes Peters Cc: "C. Stephen Gunn" , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Wes Peters wrote: > > "C. Stephen Gunn" wrote: > > > > On Sun, 31 Dec 2000 19:54:19 PST, Julian Elischer wrote: > > > > > > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work. > > > > FreeBSD should should handle multiple ethernet encapsulations on > > > > the same physical interface, and relay packets to/from some subordinate > > > > interface. This support would factor-out the need for current > > > > work-arounds like if_vlan, and if_ef, and perhaps even if_tap. > > > > > > sounds like a perfect use for netgraph.. > > > > I've thought about this, and and a migation to netgraph would > > require significant changes to how FreeBSD handles Ethernet (and > > other IEEE 802) interfaces. > > > > For example, you would no longer simply ``ifconfig xl'', but > > associate a netgraph link-layer node on top of the xl interface, > > and a netgraph interface node on top of the link-layer node, which > > would function (mostly) like xl does now. > > > > Netgraph is an excellent technology. While your comment makes > > sense, there are several issues that will need to be addressed. > > For instance, the current ARP implementation in FreeBSD is > > entangled with the generic ethernet code. > > Under netgraph, it would be just another protocol in a netgraph node, > and could be added to (and removed from) the interface as needed. That > would be interesting from the standpoint of a secure system over which > you wanted to control the ARP entries. Being able to simply turn off > dynamic ARP has been discussed often, but never really acted upon. > > Doing link-layer encapsulation modules is really not very difficult. > I've written pretty much the full complement, covering ethernet (10, > 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, > I can identify that protocol in 20 instructions.) Under netgraph it's a real SNAP (I can't believe I said that) > > > I'm afraid to even contemplate the POLA and backward compatability > > issues involved. > > Why would we need to violate POLA? The obvious default would be to > extend ifconfig to configure the new protocol types, and to assume > EthII framing unless explicitly specified. send only new protocols out to netgraph.. no POLA to break. > > > If this discussion is non-casual, we should eventually migrate > > it over to -arch. > > Perhaps so. If someone does the work to move EthII into netgraph, I can > certainly contribute a SNAP/LLC module, and maybe even extensions to > ifconfig so you can use it. ;^) have a look at the ng_ether node. > > -- > "Where am I, and what am I doing in this handbasket?" > > Wes Peters Softweyr LLC > wes@softweyr.com http://softweyr.com/ -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 6:57:19 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 06:57:15 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from popcs.cs.tin.it (unknown [194.243.155.125]) by hub.freebsd.org (Postfix) with SMTP id 1241837B402 for ; Tue, 2 Jan 2001 06:57:14 -0800 (PST) Received: (qmail 10984 invoked from network); 2 Jan 2001 14:57:20 -0000 Received: from knute-fe.cs.tin.it (HELO cs.tin.it) (212.216.172.40) by popcs.cs.tin.it with SMTP; 2 Jan 2001 14:57:20 -0000 Sender: andrea@FreeBSD.ORG Message-ID: <3A51EB1C.32140225@cs.tin.it> Date: Tue, 02 Jan 2001 15:52:12 +0100 From: Andrea Franceschini X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "C. Stephen Gunn" Cc: Garrett Wollman , Ferdinand Goldmann , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: <200012312258.RAA53006@tsunami.waterspout.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "C. Stephen Gunn" wrote: > > On Sun, 31 Dec 2000 15:33:36 EST, Garrett Wollman wrote: > > > Actually, no, it's not what you want (although the underlying code is > > broken enough to let it ``work'' anyway). What you want is to fix the > > parent network interface driver to indicate its readiness to receive > > 1522-octet frames by setting its if_data.ifi_hdrlen field to 18 rather > > than 14. > > Garrett is correct. My confirmation was intended to tell you it > would work, not that you're in an ideal situation. Then again, you're > applying miscellaneous patches to your ethernet drivers to get vlans > to work, so you're probably aware you're in the weeds. > > I'm not sure that the solution is simply a fix to the parent ethernet > device driver, since it's legitimate (but perhaps not advisable) > to have tagged and untagged frames on the same wire. Setting the > ifi_hdrlen for the entire physical interface seems incomplete also. > > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work. > FreeBSD should should handle multiple ethernet encapsulations on > the same physical interface, and relay packets to/from some subordinate > interface. This support would factor-out the need for current > work-arounds like if_vlan, and if_ef, and perhaps even if_tap. > Let me explain. Vlan interfaces works perfectly to me. The only problem i got is related to natd between vlan. So the problem is not the MTU 'per se',but the if it is involved in someway with the problem with natd explained before. Thank you! > - Steve > > -- > C. Stephen Gunn URL: http://www.waterspout.com/ > WaterSpout Communications, Inc. Email: csg@waterspout.com > 427 North 6th Street Phone: +1 765.742.6628 > Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 6:58:30 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 06:58:28 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 47C8837B400 for ; Tue, 2 Jan 2001 06:58:27 -0800 (PST) Received: from kampala-08.budapest.interware.hu ([195.70.52.200] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14DStN-0001vv-00; Tue, 02 Jan 2001 15:58:25 +0100 Sender: julian@FreeBSD.ORG Message-ID: <3A51EC41.DE19902D@elischer.org> Date: Tue, 02 Jan 2001 06:57:05 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: Thierry Herbelot Cc: "freebsd-net@FreeBSD.ORG" , "C. Stephen Gunn" Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> <3A517581.3A5DA019@free.fr> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thierry Herbelot wrote: > > Wes Peters wrote: > > > [SNIP] > > > > Doing link-layer encapsulation modules is really not very difficult. > > I've written pretty much the full complement, covering ethernet (10, > > 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, > > What about a netgraph-enabled ATM NIC driver ? (this seems the missing > piece to get bridged Ethernet over RFC1483 encapsulation on ATM) Someone was going to do this but I think I stopped them by showing them how they could do what they wanted using only ksocket connections.. (ksocket allows you to open a socket in a netgraph node in order to use a normal protocol to encapsulate something.) > > [SNAP] > > > > > Perhaps so. If someone does the work to move EthII into netgraph, I can > > certainly contribute a SNAP/LLC module, and maybe even extensions to > > ifconfig so you can use it. ;^) > > > > -- > > "Where am I, and what am I doing in this handbasket?" > > > > Wes Peters Softweyr LLC > > wes@softweyr.com http://softweyr.com/ > > -- > Thierry Herbelot > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 7: 0:50 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 07:00:47 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id B200137B400 for ; Tue, 2 Jan 2001 07:00:46 -0800 (PST) Received: from kampala-08.budapest.interware.hu ([195.70.52.200] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14DSvd-0002KK-00; Tue, 02 Jan 2001 16:00:45 +0100 Sender: julian@FreeBSD.ORG Message-ID: <3A51ECCD.CD34B446@elischer.org> Date: Tue, 02 Jan 2001 06:59:25 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: Thierry Herbelot Cc: Wes Peters , net@freebsd.org Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> <3A517522.EEF1A4B9@free.fr> <3A517A48.A0BD6439@softweyr.com> <3A517F87.B130AC0F@free.fr> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thierry Herbelot wrote: > > Wes Peters wrote: > > > > Thierry Herbelot wrote: > > > > > > Wes Peters wrote: > > > > > > > [SNIP] > > > > > > > > Doing link-layer encapsulation modules is really not very difficult. > > > > I've written pretty much the full complement, covering ethernet (10, > > > > 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, > > > > > > What about a netgraph-enabled ATM NIC driver ? (this seems the missing > > > piece to get bridged Ethernet over RFC1483 encapsulation on ATM) > > > > If the top of all the network interface drivers is a netgraph connection, > > we agree on it : FreeBSD needs a netgraphified hfa(4) : I've seen one or > two trys to get it done (the trouble is not many of our commiters know > well enough both ATM and netgraph to actually do it, and the ones who do > are so busy with other, more interesting challenges) > > TfH > > PS : at one time, I would even have tried getting some money from my > company to pay a consultant do it (there are not many of them in France, > though) If I could get together with someone who knows the ATM code and can test it, I'd LOVE to help netgraphify the ATM interfaces and protocols. It's really quite easy. (and can be made to co-exist with exisiting interfaces (see the current ethernet hooks) > > > any encapsulation should be straightforward. In the Xylan switch, we > > At work, I'm using a 1100 LSS : is it the same as the one you worked on > ? > > > actually did the conversion on the outbound network interface module, > > so the packet was never converted unless it had to be. We could mimic > > that behavior, assuming the output device would check the packet to > > see if it needs to be converted, and if so call a module to strip it > > down to the bare packet, then another to add the correct encapsulation. > > > > -- > > "Where am I, and what am I doing in this handbasket?" > > > > Wes Peters Softweyr LLC > > wes@softweyr.com http://softweyr.com/ > > -- > Thierry Herbelot > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 7: 9: 0 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 07:08:58 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mailhub.fokus.gmd.de (mailhub.fokus.gmd.de [193.174.154.14]) by hub.freebsd.org (Postfix) with ESMTP id 159A137B400 for ; Tue, 2 Jan 2001 07:08:58 -0800 (PST) Received: from beagle (beagle [193.175.132.100]) by mailhub.fokus.gmd.de (8.8.8/8.8.8) with ESMTP id QAA12672; Tue, 2 Jan 2001 16:08:46 +0100 (MET) Date: Tue, 2 Jan 2001 16:08:46 +0100 (CET) From: Harti Brandt To: Julian Elischer Cc: Thierry Herbelot , "freebsd-net@FreeBSD.ORG" , "C. Stephen Gunn" Subject: Re: Problems with VLAN and natd. In-Reply-To: <3A51EC41.DE19902D@elischer.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 2 Jan 2001, Julian Elischer wrote: > Thierry Herbelot wrote: > > > > Wes Peters wrote: > > > > > What about a netgraph-enabled ATM NIC driver ? (this seems the missing > > piece to get bridged Ethernet over RFC1483 encapsulation on ATM) > > Someone was going to do this but I think I stopped them by showing them > how they could do what they wanted using only ksocket connections.. > (ksocket allows you to open a socket in a netgraph node in order to > use a normal protocol to encapsulate something.) I was working on that, but with the removal of old-style PCI in -current the hfa and hea drivers don't compile anymore. Anyway they are just a nightmare and I'm rather going to have a fresh fore driver in two or three weeks (if I ever figure out how to correctly use the bus_dma... functions :-) harti -- harti brandt, http://www.fokus.gmd.de/research/cc/cats/employees/hartmut.brandt/private brandt@fokus.gmd.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 7:18:13 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 07:18:10 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 5F45637B400; Tue, 2 Jan 2001 07:18:10 -0800 (PST) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f02FIAg20849; Tue, 2 Jan 2001 07:18:10 -0800 (PST) Date: Tue, 2 Jan 2001 07:18:10 -0800 From: Alfred Perlstein To: net@freebsd.org Cc: wpaul@freebsd.org Subject: 'no memory for rx list' Message-ID: <20010102071809.G19572@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: bright@fw.wintelcom.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I notice that if_fxp.c seems to fail silently when unable to allocate network buffers, perhaps the fact that the kernel can be doing about 200 or more messages per-second makes me guess that it's not helping things, especially when the box has a serial console. I'm taking the printf's out of my copy of if_xl.c on a 3.5 system, I'll let you know if it still goes nuts for extended amounts of time. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 8: 1:17 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 08:01:14 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id A05C037B400 for ; Tue, 2 Jan 2001 08:01:13 -0800 (PST) Received: from dustdevil.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id LAA61927 for ; Tue, 2 Jan 2001 11:01:11 -0500 (EST) (envelope-from csg@dustdevil.waterspout.com) Received: (from csg@localhost) by dustdevil.waterspout.com (8.11.1/8.11.1) id f02G6Ax10751; Tue, 2 Jan 2001 11:06:10 -0500 (EST) (envelope-from csg) Date: Tue, 2 Jan 2001 11:06:08 -0500 From: "C. Stephen Gunn" To: Julian Elischer Cc: freebsd-net@freebsd.org Subject: Re: Problems with VLAN and natd. Message-ID: <20010102110608.A7610@waterspout.com> References: <3A51EAC6.4BD2C2ED@elischer.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3A51EAC6.4BD2C2ED@elischer.org>; from julian@elischer.org on Tue, Jan 02, 2001 at 06:50:46AM -0800 Sender: csg@dustdevil.waterspout.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Jan 02, 2001 at 06:50:46AM -0800, Julian Elischer wrote: > > > For example, you would no longer simply ``ifconfig xl'', but > > > associate a netgraph link-layer node on top of the xl interface, > > > and a netgraph interface node on top of the link-layer node, which > > > would function (mostly) like xl does now. > > > Interesting. Possibly that would make freebsd move away from > > hardware-specific interface names (such as xl0, rl0 ) and make them eth0, > > eth1, with a generic eth link-layer code to take care of things like ARP > > and bridging? Would that make sense? > > not from a POLA (Principle of Least Amazement) point of view, > but we could tap into the driver to get only VLAN packets, > as Netgraph allows collecting of only 'unrecognised' packets > from the driver. But we're only going to be able add so many features onto the side of the old infrastructure with Netgraph. Telling users that plain old ethernet works like it always did, but to get EthII, or 802.1q tags you need to use a Netgraph node with an 'orphans' or 'raw' hook doesn't make much sense. If EthII and VLANS belong in Netgraph, then the plain old ethernet link code belongs there as well. Having different interfaces for similar operations makes little sense. You eventually end up with two protocol stacks. One that uses the legacy infrastructure, and future enhancements, and one built in Netgraph. - Steve -- C. Stephen Gunn URL: http://www.waterspout.com/ WaterSpout Communications, Inc. Email: csg@waterspout.com 427 North 6th Street Phone: +1 765.742.6628 Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 8: 6:17 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 08:06:16 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id 4166C37B400 for ; Tue, 2 Jan 2001 08:06:11 -0800 (PST) Received: from dustdevil.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id LAA61981 for ; Tue, 2 Jan 2001 11:06:10 -0500 (EST) (envelope-from csg@dustdevil.waterspout.com) Received: (from csg@localhost) by dustdevil.waterspout.com (8.11.1/8.11.1) id f02GBAi11919; Tue, 2 Jan 2001 11:11:10 -0500 (EST) (envelope-from csg) Date: Tue, 2 Jan 2001 11:11:09 -0500 From: "C. Stephen Gunn" To: Wes Peters Cc: freebsd-net@freebsd.org Subject: Re: Problems with VLAN and natd. Message-ID: <20010102111109.B7610@waterspout.com> References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3A517429.91B2F251@softweyr.com>; from wes@softweyr.com on Mon, Jan 01, 2001 at 11:24:41PM -0700 Sender: csg@dustdevil.waterspout.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jan 01, 2001 at 11:24:41PM -0700, Wes Peters wrote: > > I'm afraid to even contemplate the POLA and backward compatability > > issues involved. > > Why would we need to violate POLA? The obvious default would be to > extend ifconfig to configure the new protocol types, and to assume > EthII framing unless explicitly specified. Well.. It's a change to ifconfig for normal interface configuraton. I also wasn't aware that ifconfig handles netgraph node creation, I thought you (currently) used ngctl or libnetgraph for that. > Perhaps so. If someone does the work to move EthII into netgraph, I can > certainly contribute a SNAP/LLC module, and maybe even extensions to > ifconfig so you can use it. ;^) If we continue to dicuss this, and this is the correct direction to head, I'd volunteer to take a first-pass at the code. - Steve -- C. Stephen Gunn URL: http://www.waterspout.com/ WaterSpout Communications, Inc. Email: csg@waterspout.com 427 North 6th Street Phone: +1 765.742.6628 Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 8:16:36 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 08:16:34 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id 96B0F37B400 for ; Tue, 2 Jan 2001 08:16:32 -0800 (PST) Received: from dustdevil.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id LAA62078 for ; Tue, 2 Jan 2001 11:16:31 -0500 (EST) (envelope-from csg@dustdevil.waterspout.com) Received: (from csg@localhost) by dustdevil.waterspout.com (8.11.1/8.11.1) id f02GKBR13710; Tue, 2 Jan 2001 11:20:11 -0500 (EST) (envelope-from csg) Date: Tue, 2 Jan 2001 11:18:43 -0500 From: "C. Stephen Gunn" To: Wes Peters Cc: freebsd-net@freebsd.org Subject: Re: Problems with VLAN and natd. Message-ID: <20010102111843.C7610@waterspout.com> References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> <3A5175B5.1F21090B@softweyr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3A5175B5.1F21090B@softweyr.com>; from wes@softweyr.com on Mon, Jan 01, 2001 at 11:31:17PM -0700 Sender: csg@dustdevil.waterspout.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jan 01, 2001 at 11:31:17PM -0700, Wes Peters wrote: > Sorry to reply to my own message, but another thought hit me. Now that > the swelling has gone down, I thought I should share it: > > This might even give us a start at a sticky problem that has been bugging > VLAN switch makers from the start, namely, per-VLAN ARP tables. That is > something really needed to do VLANs correctly. Yeah.. having the same hardware MAC address on each of the virtual interfaces can cause some bigtime problems. We have a major problem with a Cisco at Purdue where the hash it made of (mac_address + ipaddress) was a colission between two of our subnets. The layer-3 switch card in the Cisco decided that it was obviously a load-share routed, route. FreeBSD isn't too happy with 1/2 of its traffic arriving on the _wrong_ virtual interface.. heh. Anyways.. I digress.. I'm not entirely sure what per-interface (or vlan) arp entried on FreeBSD would buy us. The existing VLAN code only makes the *BSD box a multihomed host, not a VLAN forwarder/router. The latter would require a mechnism to bridge/forward/filter packets between independant 802.1q encapsulated interfaces. - Steve -- C. Stephen Gunn URL: http://www.waterspout.com/ WaterSpout Communications, Inc. Email: csg@waterspout.com 427 North 6th Street Phone: +1 765.742.6628 Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 8:34:42 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 08:34:38 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 3E02037B402 for ; Tue, 2 Jan 2001 08:34:38 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14DUU0-00005h-00; Tue, 02 Jan 2001 09:40:20 -0700 Sender: wes@FreeBSD.ORG Message-ID: <3A520474.9E7C8188@softweyr.com> Date: Tue, 02 Jan 2001 09:40:20 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Thierry Herbelot Cc: net@freebsd.org Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> <3A517522.EEF1A4B9@free.fr> <3A517A48.A0BD6439@softweyr.com> <3A517F87.B130AC0F@free.fr> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thierry Herbelot wrote: > > Wes Peters wrote: > > > > Thierry Herbelot wrote: > > > > > > Wes Peters wrote: > > > > > > > [SNIP] > > > > > > > > Doing link-layer encapsulation modules is really not very difficult. > > > > I've written pretty much the full complement, covering ethernet (10, > > > > 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, > > > > > > What about a netgraph-enabled ATM NIC driver ? (this seems the missing > > > piece to get bridged Ethernet over RFC1483 encapsulation on ATM) > > > > If the top of all the network interface drivers is a netgraph connection, > > we agree on it : FreeBSD needs a netgraphified hfa(4) : I've seen one or > two trys to get it done (the trouble is not many of our commiters know > well enough both ATM and netgraph to actually do it, and the ones who do > are so busy with other, more interesting challenges) Like me. Sigh. I've been approached about several interesting contract positions to do FreeBSD work since I joined this nice little startup, but I'm going to stick with them and see if my stock options ever get converted into real money. At least it's OpenBSD work. ;^) > PS : at one time, I would even have tried getting some money from my > company to pay a consultant do it (there are not many of them in France, > though) > > > any encapsulation should be straightforward. In the Xylan switch, we > > At work, I'm using a 1100 LSS : is it the same as the one you worked on > ? No, I worked on OmniSwitch, OmniSwitch/Router, and OmniStack, as well as the new OmniAccess. I wrote the "fastpath routing" code for the last three. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 8:35: 2 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 08:34:59 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id A273537B6A0 for ; Tue, 2 Jan 2001 08:34:58 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id LAA26954; Tue, 2 Jan 2001 11:34:53 -0500 (EST) (envelope-from wollman) Date: Tue, 2 Jan 2001 11:34:53 -0500 (EST) From: Garrett Wollman Message-Id: <200101021634.LAA26954@khavrinen.lcs.mit.edu> To: "C. Stephen Gunn" Cc: freebsd-net@FreeBSD.ORG Subject: Re: Problems with VLAN and natd. In-Reply-To: <20010102111843.C7610@waterspout.com> References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> <3A5175B5.1F21090B@softweyr.com> <20010102111843.C7610@waterspout.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > box a multihomed host, not a VLAN forwarder/router. The latter > would require a mechnism to bridge/forward/filter packets between > independant 802.1q encapsulated interfaces. We have that. They are just interfaces -- the kernel doesn't treat them at all differently. (I can't speak for bridging, but routing certainly is supposed to work.) -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 8:56:32 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 08:56:29 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 1639737B400 for ; Tue, 2 Jan 2001 08:56:29 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14DUpI-00009Z-00; Tue, 02 Jan 2001 10:02:20 -0700 Sender: wes@FreeBSD.ORG Message-ID: <3A52099C.6A94B9BF@softweyr.com> Date: Tue, 02 Jan 2001 10:02:20 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Julian Elischer Cc: "C. Stephen Gunn" , "freebsd-net@FreeBSD.ORG" Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> <3A51EB71.8286709E@elischer.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Julian Elischer wrote: > > Wes Peters wrote: > > > > Doing link-layer encapsulation modules is really not very difficult. > > I've written pretty much the full complement, covering ethernet (10, > > 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck, > > I can identify that protocol in 20 instructions.) > > Under netgraph it's a real SNAP (I can't believe I said that) Har har! ;^) > > > I'm afraid to even contemplate the POLA and backward compatability > > > issues involved. > > > > Why would we need to violate POLA? The obvious default would be to > > extend ifconfig to configure the new protocol types, and to assume > > EthII framing unless explicitly specified. > > send only new protocols out to netgraph.. no POLA to break. Sure, but it would be nice to take over ARP too. > > Perhaps so. If someone does the work to move EthII into netgraph, I can > > certainly contribute a SNAP/LLC module, and maybe even extensions to > > ifconfig so you can use it. ;^) > > have a look at the ng_ether node. Will do. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 9:17:32 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 09:17:30 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id C1C6337B400 for ; Tue, 2 Jan 2001 09:17:29 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14DV9f-0000AD-00; Tue, 02 Jan 2001 10:23:23 -0700 Sender: wes@FreeBSD.ORG Message-ID: <3A520E8B.50AC9CEE@softweyr.com> Date: Tue, 02 Jan 2001 10:23:23 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "C. Stephen Gunn" Cc: freebsd-net@freebsd.org Subject: Re: Problems with VLAN and natd. References: <200101020501.AAA58976@tsunami.waterspout.com> <3A517429.91B2F251@softweyr.com> <20010102111109.B7610@waterspout.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "C. Stephen Gunn" wrote: > > On Mon, Jan 01, 2001 at 11:24:41PM -0700, Wes Peters wrote: > > > > I'm afraid to even contemplate the POLA and backward compatability > > > issues involved. > > > > Why would we need to violate POLA? The obvious default would be to > > extend ifconfig to configure the new protocol types, and to assume > > EthII framing unless explicitly specified. > > Well.. It's a change to ifconfig for normal interface configuraton. No, what I'm saying is that ifconfig would look exactly like it does now for standard IP-over-EthII and for vlan id, and would be extended to handle other configurations not currently supported like SNAP, or SNAP + VLAN. > I also wasn't aware that ifconfig handles netgraph node creation, > I thought you (currently) used ngctl or libnetgraph for that. It doesn't now, but it's only software. > > Perhaps so. If someone does the work to move EthII into netgraph, I can > > certainly contribute a SNAP/LLC module, and maybe even extensions to > > ifconfig so you can use it. ;^) > > If we continue to dicuss this, and this is the correct direction to > head, I'd volunteer to take a first-pass at the code. That would be great, but this we should certainly move to -arch. Personally I don't have any problems with gutting the network interfaces and moving all MAC-layer protocols into netgraph nodes, but others might react violently. With this group, you can never tell. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 9:22:35 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 09:22:31 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from smtp.nettoll.com (matrix.nettoll.net [212.155.143.61]) by hub.freebsd.org (Postfix) with ESMTP id 42B8837B400; Tue, 2 Jan 2001 09:22:30 -0800 (PST) Received: by smtp.nettoll.com; Tue, 2 Jan 2001 18:18:41 +0100 (MET) Message-Id: <4.3.0.20010102182437.02274f00@pop.free.fr> X-Sender: usebsd@pop.free.fr X-Mailer: QUALCOMM Windows Eudora Version 4.3 Date: Tue, 02 Jan 2001 18:27:33 +0100 To: Miklos Niedermayer , Attila Nagy From: mouss Subject: Re: IPSTEALTH - transparent router Cc: romualdo@uninet.com.br, freebsd-security@freebsd.org, freebsd-net@freebsd.org In-Reply-To: <20010102073023.D309@bsd.hu> References: <3a50d8b7.3a6d.0@uninet.com.br> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 07:30 02/01/01 +0100, Miklos Niedermayer wrote: >Hello, > >( > Attila Nagy) > > > > I have many routers with wavelan card working with freeBSD and i am > > > trying without sucessfull use IPSTEALTH work i want whem one machine > > > make traceroute dont show my router and go a way > > sysctl -w net.inet.ip.stealth=1 > >...or you can live happy with IPFilter's fastroute feature, that does >exactly what you want. there are differences though. - with the sysctl, stealth applies to all connections, but packets follow the "standard" stack - with ipfilter, you can force selective "stealth", but you follow ipfilter forwarding functions. according to ipfilter docs, there are concerns. not a real problem, but one should know about. cheers, mouss To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 12:39:34 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 12:39:31 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from prioris.mini.pw.edu.pl (prioris.mini.pw.edu.pl [148.81.80.7]) by hub.freebsd.org (Postfix) with ESMTP id 374B037B402 for ; Tue, 2 Jan 2001 12:39:27 -0800 (PST) Received: from pf39.warszawa.sdi.tpnet.pl (prioris.mini.pw.edu.pl [148.81.80.7]) by prioris.mini.pw.edu.pl (Postfix) with ESMTP id 729067D04E for ; Tue, 2 Jan 2001 21:39:09 +0100 (CET) Received: (from zaks@localhost) by pf39.warszawa.sdi.tpnet.pl (8.11.1/8.11.1) id f02KcxG00701; Tue, 2 Jan 2001 21:38:59 +0100 (CET) (envelope-from zaks) Content-MD5: 2b4c3efccb54ee2f5d822fd1b98f53de From: Slawek Zak To: freebsd-net@freebsd.org Subject: Re: Dummynet problem References: <200101020603.f0263wf69442@iguana.aciri.org> Date: 02 Jan 2001 21:38:58 +0100 In-Reply-To: <200101020603.f0263wf69442@iguana.aciri.org> Message-ID: <87vgrx3d0d.fsf@pf39.warszawa.sdi.tpnet.pl> Lines: 75 User-Agent: Gnus/5.090001 (Oort Gnus v0.01) XEmacs/21.1 (Channel Islands) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 1 Jan 2001, Luigi Rizzo uttered the following: > it should not be equal provided the 'high weight' flow has sufficient > traffic going. Both FTP transfers I've used for testing were around 60Kbps each. One done by user dnld1, the other one by other user. > Can you do an 'ipfw zero' before the transfer, and provide the output of Sure. I've `ipfw zero'ed after both transfers were started. > ipfw show 00100 0 0 allow ip from any to any via lo0 00100 226 327495 queue 10 tcp from any to any uid dnld1 in 00200 0 0 deny ip from any to 127.0.0.0/8 00200 677 338406 queue 11 ip from any to any 65535 0 0 allow ip from any to any > ipfw queue show 00001: 128.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 q00010: weight 1 pipe 1 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12088 488 693234 0 0 0 q00011: weight 10 pipe 1 50 sl. 168 queues (64 buckets) droptail mask: 0xff 0xffffffff/0xffff -> 0xffffffff/0xffff BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp AAA.BBB.CCC.DDD/22 XXX.YYY.ZZZ.QQQ/1022 1 44 0 0 0 4 tcp XXX.YYY.ZZZ.QQQ/12092 AAA.BBB.CCC.DDD/49186 318 12724 0 0 0 5 tcp XXX.YYY.ZZZ.QQQ/12091 AAA.BBB.CCC.DDD/49185 463 18524 0 0 0 5 tcp XXX.YYY.ZZZ.QQQ/12089 AAA.BBB.CCC.DDD/49184 5 204 0 0 0 15 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12088 1 40 0 0 0 23 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12084 30 2153 0 0 0 25 tcp AAA.BBB.CCC.DDD/49183 XXX.YYY.ZZZ.QQQ/12086 207 306124 0 0 0 30 tcp AAA.BBB.CCC.DDD/49182 XXX.YYY.ZZZ.QQQ/12085 4 1455 0 0 0 34 tcp XXX.YYY.ZZZ.QQQ/12084 AAA.BBB.CCC.DDD/21 34 1828 0 0 0 46 tcp XXX.YYY.ZZZ.QQQ/12088 AAA.BBB.CCC.DDD/21 24 1220 0 0 0 46 tcp XXX.YYY.ZZZ.QQQ/1022 AAA.BBB.CCC.DDD/22 2 84 0 0 0 48 tcp AAA.BBB.CCC.DDD/49186 XXX.YYY.ZZZ.QQQ/12092 317 469668 0 0 0 52 tcp XXX.YYY.ZZZ.QQQ/12086 AAA.BBB.CCC.DDD/49183 207 8284 0 0 0 53 tcp XXX.YYY.ZZZ.QQQ/12085 AAA.BBB.CCC.DDD/49182 5 204 0 0 0 > ipfw pipe show 00001: 128.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 q00010: weight 1 pipe 1 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12088 488 693234 0 0 0 q00011: weight 10 pipe 1 50 sl. 168 queues (64 buckets) droptail mask: 0xff 0xffffffff/0xffff -> 0xffffffff/0xffff BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp AAA.BBB.CCC.DDD/22 XXX.YYY.ZZZ.QQQ/1022 1 44 0 0 0 4 tcp XXX.YYY.ZZZ.QQQ/12092 AAA.BBB.CCC.DDD/49186 318 12724 0 0 0 5 tcp XXX.YYY.ZZZ.QQQ/12091 AAA.BBB.CCC.DDD/49185 463 18524 0 0 0 5 tcp XXX.YYY.ZZZ.QQQ/12089 AAA.BBB.CCC.DDD/49184 5 204 0 0 0 15 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12088 1 40 0 0 0 23 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12084 30 2153 0 0 0 25 tcp AAA.BBB.CCC.DDD/49183 XXX.YYY.ZZZ.QQQ/12086 207 306124 0 0 0 30 tcp AAA.BBB.CCC.DDD/49182 XXX.YYY.ZZZ.QQQ/12085 4 1455 0 0 0 34 tcp XXX.YYY.ZZZ.QQQ/12084 AAA.BBB.CCC.DDD/21 34 1828 0 0 0 46 tcp XXX.YYY.ZZZ.QQQ/12088 AAA.BBB.CCC.DDD/21 24 1220 0 0 0 46 tcp XXX.YYY.ZZZ.QQQ/1022 AAA.BBB.CCC.DDD/22 2 84 0 0 0 48 tcp AAA.BBB.CCC.DDD/49186 XXX.YYY.ZZZ.QQQ/12092 317 469668 0 0 0 52 tcp XXX.YYY.ZZZ.QQQ/12086 AAA.BBB.CCC.DDD/49183 207 8284 0 0 0 53 tcp XXX.YYY.ZZZ.QQQ/12085 AAA.BBB.CCC.DDD/49182 5 204 0 0 0 Irrelevant udp/icmp traffic was snipped, IP's were masked to protect the innocent ;) `ipfw pipe show' and `ipfw queue show' look both very similar - hmm. Best regards, /S To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 20:39:30 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 20:39:29 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id DC9A037B400; Tue, 2 Jan 2001 20:39:27 -0800 (PST) Received: from waterspout.com (tsunami.fw.waterspout.com [208.13.60.34]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id XAA66729; Tue, 2 Jan 2001 23:39:23 -0500 (EST) (envelope-from csg@waterspout.com) Message-Id: <200101030439.XAA66729@tsunami.waterspout.com> To: Wes Peters Cc: freebsd-net@freebsd.org, asmodai@freebsd.org Subject: Re: Problems with VLAN and natd. In-Reply-To: Your message of "Tue, 02 Jan 2001 10:02:20 MST." <3A52099C.6A94B9BF@softweyr.com> From: csg@waterspout.com (C. Stephen Gunn) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <16751.978497081.1@waterspout.com> Date: Tue, 02 Jan 2001 23:44:41 -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 02 Jan 2001 10:02:20 MST, Wes Peters wrote: > Sure, but it would be nice to take over ARP too. FWIW. Jeoren was looking at the NetBSD media-independant arp code. I'm not sure what he learned. - Steve -- C. Stephen Gunn URL: http://www.waterspout.com/ WaterSpout Communications, Inc. Email: csg@waterspout.com 427 North 6th Street Phone: +1 765.742.6628 Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 20:42:59 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 20:42:57 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id 4B58F37B400 for ; Tue, 2 Jan 2001 20:42:56 -0800 (PST) Received: from waterspout.com (tsunami.fw.waterspout.com [208.13.60.34]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id XAA66745; Tue, 2 Jan 2001 23:42:51 -0500 (EST) (envelope-from csg@waterspout.com) Message-Id: <200101030442.XAA66745@tsunami.waterspout.com> To: Wes Peters Cc: freebsd-net@freebsd.org Subject: Re: Problems with VLAN and natd. In-Reply-To: Your message of "Tue, 02 Jan 2001 10:23:23 MST." <3A520E8B.50AC9CEE@softweyr.com> From: csg@waterspout.com (C. Stephen Gunn) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <16765.978497289.1@waterspout.com> Date: Tue, 02 Jan 2001 23:48:09 -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 02 Jan 2001 10:23:23 MST, Wes Peters wrote: > > Well.. It's a change to ifconfig for normal interface configuraton. > > No, what I'm saying is that ifconfig would look exactly like it does now > for standard IP-over-EthII and for vlan id, and would be extended to handle > other configurations not currently supported like SNAP, or SNAP + VLAN. > > > I also wasn't aware that ifconfig handles netgraph node creation, > > I thought you (currently) used ngctl or libnetgraph for that. > > It doesn't now, but it's only software. We're on the same page. I was just observing that it was a software change to ifconfig. We're teaching it tricks about creating/associating netgraph nodes with interfaces. Not just configuring interfaces. I'm not saying that it's wrong, I'm just advocating planning, thought, and most importantly coordination with the other BSDs when possible. - Steve -- C. Stephen Gunn URL: http://www.waterspout.com/ WaterSpout Communications, Inc. Email: csg@waterspout.com 427 North 6th Street Phone: +1 765.742.6628 Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 2 23:14:33 2001 From owner-freebsd-net@FreeBSD.ORG Tue Jan 2 23:14:30 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from njord.bart.nl (njord.bart.nl [194.158.170.15]) by hub.freebsd.org (Postfix) with ESMTP id 018FC37B400 for ; Tue, 2 Jan 2001 23:14:30 -0800 (PST) Received: from daemon.chronias.ninth-circle.org (root@cable.ninth-circle.org [195.38.232.6]) by njord.bart.nl (8.10.1/8.10.1) with ESMTP id f037ERo51289; Wed, 3 Jan 2001 08:14:27 +0100 (CET) Received: (from asmodai@localhost) by daemon.chronias.ninth-circle.org (8.11.1/8.11.0) id f037EEV10187; Wed, 3 Jan 2001 08:14:14 +0100 (CET) (envelope-from asmodai) Date: Wed, 3 Jan 2001 08:14:14 +0100 From: Jeroen Ruigrok/Asmodai To: "C. Stephen Gunn" Cc: Wes Peters , freebsd-net@freebsd.org Subject: Re: Problems with VLAN and natd. Message-ID: <20010103081414.A7948@daemon.ninth-circle.org> References: <3A52099C.6A94B9BF@softweyr.com> <200101030439.XAA66729@tsunami.waterspout.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200101030439.XAA66729@tsunami.waterspout.com>; from csg@waterspout.com on Tue, Jan 02, 2001 at 11:44:41PM -0500 Organisation: Ninth-Circle Enterprises Sender: asmodai@wxs.nl Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -On [20010103 06:00], C. Stephen Gunn (csg@waterspout.com) wrote: >On Tue, 02 Jan 2001 10:02:20 MST, Wes Peters wrote: > >> Sure, but it would be nice to take over ARP too. > >FWIW. Jeoren was looking at the NetBSD >media-independant arp code. I'm not sure what he learned. I learned some things yes. :) However I put a bit of it on the backburner until I gained some more understanding about some things I didn't quite grasp back then. Wes and me are also talking about some other interesting network extensions. I think 2001 will be a valuable year for us. :) -- Jeroen Ruigrok vd Werven/Asmodai asmodai@[wxs.nl|bart.nl|freebsd.org] Documentation nutter/C-rated Coder BSD: Technical excellence at its best D78D D0AD 244D 1D12 C9CA 7152 035C 1138 546A B867 What is history but a fable agreed 'pon? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 6:39: 0 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 06:38:56 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id CA9B837B400 for ; Wed, 3 Jan 2001 06:38:55 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f03Eckw80927; Wed, 3 Jan 2001 06:38:46 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101031438.f03Eckw80927@iguana.aciri.org> Subject: Re: Dummynet problem In-Reply-To: <87vgrx3d0d.fsf@pf39.warszawa.sdi.tpnet.pl> from Slawek Zak at "Jan 2, 2001 9:38:58 pm" To: zaks@prioris.mini.pw.edu.pl (Slawek Zak) Date: Wed, 3 Jan 2001 06:38:46 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: rizzo@iguana.aciri.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, i have just run a test locally (on a 4.2R system, queues with weight 1 and 10, transfers on different tcp port) and the results are exactly what one would expect -- one flow gets 10 times the bw of the other one. So i believe you have done some mistake in your config or your measurement (e.g. some other bottleneck in the net limiting one flow to 60Kbit, leaving a full 60k to the other no matter how weight are assigned). Note that running this kind of experiments requires a bit of care -- with a 10:1 speed ratio, one of the transfer might complete much faster than the other leaving full bw to the the other flow for 90% of the time, which in the end causes both flow to show approx the same speed. cheers luigi > > it should not be equal provided the 'high weight' flow has sufficient > > traffic going. > > Both FTP transfers I've used for testing were around 60Kbps each. One done by > user dnld1, the other one by other user. > > > Can you do an 'ipfw zero' before the transfer, and provide the output of > > Sure. I've `ipfw zero'ed after both transfers were started. > > > ipfw show > > 00100 0 0 allow ip from any to any via lo0 > 00100 226 327495 queue 10 tcp from any to any uid dnld1 in > 00200 0 0 deny ip from any to 127.0.0.0/8 > 00200 677 338406 queue 11 ip from any to any > 65535 0 0 allow ip from any to any > > > ipfw queue show > > 00001: 128.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets) droptail > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > q00010: weight 1 pipe 1 50 sl. 1 queues (1 buckets) droptail > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp > 0 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12088 488 693234 0 0 0 > q00011: weight 10 pipe 1 50 sl. 168 queues (64 buckets) droptail > mask: 0xff 0xffffffff/0xffff -> 0xffffffff/0xffff > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp > 0 tcp AAA.BBB.CCC.DDD/22 XXX.YYY.ZZZ.QQQ/1022 1 44 0 0 0 > 4 tcp XXX.YYY.ZZZ.QQQ/12092 AAA.BBB.CCC.DDD/49186 318 12724 0 0 0 > 5 tcp XXX.YYY.ZZZ.QQQ/12091 AAA.BBB.CCC.DDD/49185 463 18524 0 0 0 > 5 tcp XXX.YYY.ZZZ.QQQ/12089 AAA.BBB.CCC.DDD/49184 5 204 0 0 0 > 15 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12088 1 40 0 0 0 > 23 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12084 30 2153 0 0 0 > 25 tcp AAA.BBB.CCC.DDD/49183 XXX.YYY.ZZZ.QQQ/12086 207 306124 0 0 0 > 30 tcp AAA.BBB.CCC.DDD/49182 XXX.YYY.ZZZ.QQQ/12085 4 1455 0 0 0 > 34 tcp XXX.YYY.ZZZ.QQQ/12084 AAA.BBB.CCC.DDD/21 34 1828 0 0 0 > 46 tcp XXX.YYY.ZZZ.QQQ/12088 AAA.BBB.CCC.DDD/21 24 1220 0 0 0 > 46 tcp XXX.YYY.ZZZ.QQQ/1022 AAA.BBB.CCC.DDD/22 2 84 0 0 0 > 48 tcp AAA.BBB.CCC.DDD/49186 XXX.YYY.ZZZ.QQQ/12092 317 469668 0 0 0 > 52 tcp XXX.YYY.ZZZ.QQQ/12086 AAA.BBB.CCC.DDD/49183 207 8284 0 0 0 > 53 tcp XXX.YYY.ZZZ.QQQ/12085 AAA.BBB.CCC.DDD/49182 5 204 0 0 0 > > > ipfw pipe show > > 00001: 128.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets) droptail > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > q00010: weight 1 pipe 1 50 sl. 1 queues (1 buckets) droptail > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp > 0 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12088 488 693234 0 0 0 > q00011: weight 10 pipe 1 50 sl. 168 queues (64 buckets) droptail > mask: 0xff 0xffffffff/0xffff -> 0xffffffff/0xffff > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp > 0 tcp AAA.BBB.CCC.DDD/22 XXX.YYY.ZZZ.QQQ/1022 1 44 0 0 0 > 4 tcp XXX.YYY.ZZZ.QQQ/12092 AAA.BBB.CCC.DDD/49186 318 12724 0 0 0 > 5 tcp XXX.YYY.ZZZ.QQQ/12091 AAA.BBB.CCC.DDD/49185 463 18524 0 0 0 > 5 tcp XXX.YYY.ZZZ.QQQ/12089 AAA.BBB.CCC.DDD/49184 5 204 0 0 0 > 15 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12088 1 40 0 0 0 > 23 tcp AAA.BBB.CCC.DDD/21 XXX.YYY.ZZZ.QQQ/12084 30 2153 0 0 0 > 25 tcp AAA.BBB.CCC.DDD/49183 XXX.YYY.ZZZ.QQQ/12086 207 306124 0 0 0 > 30 tcp AAA.BBB.CCC.DDD/49182 XXX.YYY.ZZZ.QQQ/12085 4 1455 0 0 0 > 34 tcp XXX.YYY.ZZZ.QQQ/12084 AAA.BBB.CCC.DDD/21 34 1828 0 0 0 > 46 tcp XXX.YYY.ZZZ.QQQ/12088 AAA.BBB.CCC.DDD/21 24 1220 0 0 0 > 46 tcp XXX.YYY.ZZZ.QQQ/1022 AAA.BBB.CCC.DDD/22 2 84 0 0 0 > 48 tcp AAA.BBB.CCC.DDD/49186 XXX.YYY.ZZZ.QQQ/12092 317 469668 0 0 0 > 52 tcp XXX.YYY.ZZZ.QQQ/12086 AAA.BBB.CCC.DDD/49183 207 8284 0 0 0 > 53 tcp XXX.YYY.ZZZ.QQQ/12085 AAA.BBB.CCC.DDD/49182 5 204 0 0 0 > > Irrelevant udp/icmp traffic was snipped, IP's were masked to protect the > innocent ;) `ipfw pipe show' and `ipfw queue show' look both very similar - hmm. > > Best regards, /S > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 8:16:33 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 08:16:31 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id 6F1C737B402 for ; Wed, 3 Jan 2001 08:16:31 -0800 (PST) Received: from dustdevil.waterspout.com (tsunami.fw.waterspout.com [208.13.60.34]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id LAA70026 for ; Wed, 3 Jan 2001 11:16:26 -0500 (EST) (envelope-from csg@dustdevil.waterspout.com) Received: (from csg@localhost) by dustdevil.waterspout.com (8.11.1/8.11.1) id f03EQH000624; Wed, 3 Jan 2001 09:26:17 -0500 (EST) (envelope-from csg) Date: Wed, 3 Jan 2001 09:24:48 -0500 From: "C. Stephen Gunn" To: Alfred Perlstein Cc: freebsd-net@freebsd.org Subject: Re: 'no memory for rx list' Message-ID: <20010103092448.A594@waterspout.com> References: <20010102071809.G19572@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010102071809.G19572@fw.wintelcom.net>; from bright@wintelcom.net on Tue, Jan 02, 2001 at 07:18:10AM -0800 Sender: csg@dustdevil.waterspout.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Jan 02, 2001 at 07:18:10AM -0800, Alfred Perlstein wrote: > I notice that if_fxp.c seems to fail silently when unable to > allocate network buffers, perhaps the fact that the kernel can > be doing about 200 or more messages per-second makes me guess > that it's not helping things, especially when the box has a > serial console. > > I'm taking the printf's out of my copy of if_xl.c on a 3.5 > system, I'll let you know if it still goes nuts for extended > amounts of time. You could change the printf()'s to log()'s, and allow syslogd to filter/combine/report them on your console. I'm sure you already know this, you could increase NBMCLUSTERS and friends in your kernel config, or at boot time. (For posterity in the list archives). - Steve -- C. Stephen Gunn URL: http://www.waterspout.com/ WaterSpout Communications, Inc. Email: csg@waterspout.com 427 North 6th Street Phone: +1 765.742.6628 Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 8:45: 4 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 08:45:00 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 9326937B400 for ; Wed, 3 Jan 2001 08:45:00 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14Dr7Z-0000LZ-00; Wed, 03 Jan 2001 09:50:42 -0700 Sender: wes@FreeBSD.ORG Message-ID: <3A535861.FF2CFDCD@softweyr.com> Date: Wed, 03 Jan 2001 09:50:41 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "C. Stephen Gunn" Cc: freebsd-net@freebsd.org Subject: Re: Problems with VLAN and natd. References: <200101030442.XAA66745@tsunami.waterspout.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "C. Stephen Gunn" wrote: > > On Tue, 02 Jan 2001 10:23:23 MST, Wes Peters wrote: > > > > Well.. It's a change to ifconfig for normal interface configuraton. > > > > No, what I'm saying is that ifconfig would look exactly like it does now > > for standard IP-over-EthII and for vlan id, and would be extended to handle > > other configurations not currently supported like SNAP, or SNAP + VLAN. > > > > > I also wasn't aware that ifconfig handles netgraph node creation, > > > I thought you (currently) used ngctl or libnetgraph for that. > > > > It doesn't now, but it's only software. > > We're on the same page. I was just observing that it was a software change > to ifconfig. We're teaching it tricks about creating/associating netgraph > nodes with interfaces. Not just configuring interfaces. That *is* configuring interfaces, you're just using a new mechanism to do it. ifconfig fxp0 192.168.42.11 netmask 255.255.255.0 encap snap > I'm not saying > that it's wrong, I'm just advocating planning, thought, and most importantly > coordination with the other BSDs when possible. Given their lack of netgraph, and apparent reluctance to implement it, that doesn't seem much of a problem at this time. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 9:11:53 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 09:11:51 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id 5569637B404 for ; Wed, 3 Jan 2001 09:11:51 -0800 (PST) Received: from waterspout.com (tsunami.fw.waterspout.com [208.13.60.34]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id MAA70291; Wed, 3 Jan 2001 12:11:38 -0500 (EST) (envelope-from csg@waterspout.com) Message-Id: <200101031711.MAA70291@tsunami.waterspout.com> To: Wes Peters Cc: freebsd-net@freebsd.org Subject: Re: Problems with VLAN and natd. In-Reply-To: Your message of "Wed, 03 Jan 2001 09:50:41 MST." <3A535861.FF2CFDCD@softweyr.com> From: csg@waterspout.com (C. Stephen Gunn) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <1356.978542223.1@waterspout.com> Date: Wed, 03 Jan 2001 12:17:03 -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 03 Jan 2001 09:50:41 MST, Wes Peters wrote: >> We're on the same page. I was just observing that it was a software change >> to ifconfig. We're teaching it tricks about creating/associating netgraph >> nodes with interfaces. Not just configuring interfaces. > > That *is* configuring interfaces, you're just using a new mechanism to > do it. > > ifconfig fxp0 192.168.42.11 netmask 255.255.255.0 encap snap That works fine. But if SNAP, or EthII are implemented in netgraph instead of the ethernet infrastructure, you need to create a ng0 device, and then stick the layer-3 address on that. I agree that you could educate ifconfig in the ways of netgraph and hide it all behind the command interface you propose. It's a migration to a broader view of interfaces for ifconfig(8). Right now, ifconfig(8) is basically a front-end for ioctl()'s on a single network existing interface. The UNIX paradigm is powerful because of many well-made, single-task tools. In most regards, ifconfig is complete. Adding significant functionalty causes ripples. For starters, libnetgraph moves into libstand, and picobsd. Or we could fork ifconfig(8) to have two variants. I'm not saying it's wrong. I'm just saying that it makes me feel dirty and violated. > Given their lack of netgraph, and apparent reluctance to implement it, > that doesn't seem much of a problem at this time. Yup. I'd prefer to see FreeBSD take the higher-road and strive to be compatible and cooperative whenver possible. Instead of continued isolation, divergance, and proprietization. Hey, I don't even currently run Net/OpenBSD. ;-) - Steve -- C. Stephen Gunn URL: http://www.waterspout.com/ WaterSpout Communications, Inc. Email: csg@waterspout.com 427 North 6th Street Phone: +1 765.742.6628 Lafayette, IN 47901 Fax: +1 765.742.0646 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 9:25:46 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 09:25:41 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from spider.pilosoft.com (p55-222.acedsl.com [160.79.55.222]) by hub.freebsd.org (Postfix) with ESMTP id D4AD237B402 for ; Wed, 3 Jan 2001 09:25:40 -0800 (PST) Received: from localhost (alexmail@localhost) by spider.pilosoft.com (8.9.3/8.9.3) with ESMTP id MAA23357; Wed, 3 Jan 2001 12:26:21 -0500 (EST) Date: Wed, 3 Jan 2001 12:26:21 -0500 (EST) From: Alex Pilosov To: "C. Stephen Gunn" Cc: Wes Peters , freebsd-net@FreeBSD.ORG Subject: Re: Problems with VLAN and natd. In-Reply-To: <200101031711.MAA70291@tsunami.waterspout.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 3 Jan 2001, C. Stephen Gunn wrote: > I agree that you could educate ifconfig in the ways of netgraph > and hide it all behind the command interface you propose. It's a > migration to a broader view of interfaces for ifconfig(8). Right > now, ifconfig(8) is basically a front-end for ioctl()'s on a single > network existing interface. Well, with netgraph support it'd be ioctls plus netgraph's messages. I don't think it'd be THAT incompatible or bloated compared to original ifconfig. > The UNIX paradigm is powerful because of many well-made, single-task > tools. In most regards, ifconfig is complete. Adding significant > functionalty causes ripples. For starters, libnetgraph moves into > libstand, and picobsd. Or we could fork ifconfig(8) to have two > variants. Sometimes in the course of human events it is necessary to break with compatibility ;) I believe netgraph is sufficiently advanced and well-made system that it should be used as much as possible. > I'm not saying it's wrong. I'm just saying that it makes me feel > dirty and violated. > > > > > Given their lack of netgraph, and apparent reluctance to implement it, > > that doesn't seem much of a problem at this time. > > Yup. I'd prefer to see FreeBSD take the higher-road and strive to > be compatible and cooperative whenver possible. Instead of continued > isolation, divergance, and proprietization. Hey, I don't even > currently run Net/OpenBSD. ;-) There's nothing that would prevent OpenBSD people from taking netgraph and implementing it. I run OpenBSD, and threw the idea a few times on their mailing lists, and response was less than enthusiastic...Which lead me to choose FreeBSD for my next networking project. :) -alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 10:10:18 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 10:10:15 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id C6D9F37B400 for ; Wed, 3 Jan 2001 10:10:15 -0800 (PST) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f03IA9a04204; Wed, 3 Jan 2001 10:10:09 -0800 (PST) Date: Wed, 3 Jan 2001 10:10:09 -0800 From: Alfred Perlstein To: "C. Stephen Gunn" Cc: freebsd-net@freebsd.org Subject: Re: 'no memory for rx list' Message-ID: <20010103101008.I19572@fw.wintelcom.net> References: <20010102071809.G19572@fw.wintelcom.net> <20010103092448.A594@waterspout.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010103092448.A594@waterspout.com>; from csg@waterspout.com on Wed, Jan 03, 2001 at 09:24:48AM -0500 Sender: bright@fw.wintelcom.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * C. Stephen Gunn [010103 06:22] wrote: > On Tue, Jan 02, 2001 at 07:18:10AM -0800, Alfred Perlstein wrote: > > > I notice that if_fxp.c seems to fail silently when unable to > > allocate network buffers, perhaps the fact that the kernel can > > be doing about 200 or more messages per-second makes me guess > > that it's not helping things, especially when the box has a > > serial console. > > > > I'm taking the printf's out of my copy of if_xl.c on a 3.5 > > system, I'll let you know if it still goes nuts for extended > > amounts of time. > > You could change the printf()'s to log()'s, and allow syslogd > to filter/combine/report them on your console. I'm sure you > already know this, you could increase NBMCLUSTERS and friends > in your kernel config, or at boot time. (For posterity in > the list archives). I really don't see any point in assisting a cascade-like failure situation by adding more work that the kernel has to do when faced with a shortage. Raising nmbclusters will help, but only to delay the problem. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 10:20:41 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 10:20:36 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from vitoria.e-net.com.br (vitoria.e-net.com.br [200.194.249.19]) by hub.freebsd.org (Postfix) with ESMTP id 9FCAF37B400 for ; Wed, 3 Jan 2001 10:20:34 -0800 (PST) Received: from localhost (michel@localhost) by vitoria.e-net.com.br (8.9.3/8.9.3) with ESMTP id QAA07374 for ; Wed, 3 Jan 2001 16:23:13 -0200 Date: Wed, 3 Jan 2001 16:23:13 -0200 (BRST) From: Michel Martins Marinho X-Sender: To: Subject: Problems with traceroute and natd. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi I possess some servers freebsd functioning as roteadores and some of them making nat. I have the following one problem. When I make one traceroute for some equipment that is after these servers, it returns the IP from the first server who is making nat. ex: [fulano@vitoria /]# traceroute 192.168.250.194 traceroute to 192.168.250.194 (192.168.250.194), 30 hops max, 38 byte packets 1 bss (192.168.0.128) 0.505 ms 0.435 ms 0.383 ms 2 192.168.250.194 (192.168.250.194) 38.520 ms 2.985 ms 3.798 ms 3 192.168.250.194 (192.168.250.194) 35.513 ms 27.109 ms 35.208 ms 4 192.168.250.194 (192.168.250.194) 56.532 ms 55.075 ms 52.811 ms 5 192.168.250.194 (192.168.250.194) 67.176 ms 76.174 ms 73.122 ms 6 192.168.250.194 (192.168.250.194) 67.687 ms 82.497 ms 67.614 ms [fulano@vitoria /root]# Would be possible the result to be normal? [fulano@vitoria /]# traceroute 192.168.250.194 traceroute to 192.168.250.194 (192.168.250.194), 30 hops max, 38 byte packets 1 bss (192.168.0.128) 0.505 ms 0.435 ms 0.383 ms 2 192.168.1.10 (192.168.1.10) 38.520 ms 2.985 ms 3.798 ms 3 192.168.25.1 (192.168.25.1) 35.513 ms 27.109 ms 35.208 ms 4 192.168.35.1 (192.168.35.1) 56.532 ms 55.075 ms 52.811 ms 5 192.168.100.15 (192.168.100.15) 67.176 ms 76.174 ms 73.122 ms 6 192.168.250.194 (192.168.250.194) 67.687 ms 82.497 ms 67.614 ms [fulano@vitoria /root]# I'm sorry my english! {]'s Michel Marinho IFX Networks marinho@ifx.com.br www.ifx.com.br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 10:39:44 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 10:39:40 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from frmta00.chello.fr (smtp.chello.fr [212.186.224.11]) by hub.freebsd.org (Postfix) with ESMTP id 3793637B404 for ; Wed, 3 Jan 2001 10:39:40 -0800 (PST) Received: from cha213245067180.chello.fr ([213.245.67.180]) by frmta00.chello.fr with ESMTP id <20010103183915.BXKX8091.frmta00@cha213245067180.chello.fr>; Wed, 3 Jan 2001 19:39:15 +0100 Date: Wed, 03 Jan 2001 19:42:41 CET From: Sebastien To: Michel Martins Marinho Cc: freebsd-net@FreeBSD.ORG Subject: Re: Problems with traceroute and natd. Reply-To: spe@bsdfr.org X-Mailer: Spruce 0.6.5 for X11 w/smtpio 0.7.9 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Message-Id: <20010103183915.BXKX8091.frmta00@cha213245067180.chello.fr> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org when you enter ipfw rule don't use: ipfw add divert natd all from any to any but use: ipfw add divert natd all from any to any via xl0 (xl0 is the natd interface that you have specified whit natd -n ... change it with your interface name) after, your traceroutes will be "normal" :-) spe. -- spe@bsdfr.org On Wed, 3 Jan 2001, Michel Martins Marinho wrote: > Date: Wed, 3 Jan 2001 16:23:13 -0200 (BRST) > To: > From: Michel Martins Marinho > Subject: Problems with traceroute and natd. > > Hi > > > I possess some servers freebsd functioning as roteadores and some of them > making nat. > > > I have the following one problem. When I make one traceroute for some > equipment that is after these servers, it returns the IP from the first > server who is making nat. > > ex: > > [fulano@vitoria /]# traceroute 192.168.250.194 > traceroute to 192.168.250.194 (192.168.250.194), 30 hops max, 38 byte > packets > 1 bss (192.168.0.128) 0.505 ms 0.435 ms 0.383 ms > 2 192.168.250.194 (192.168.250.194) 38.520 ms 2.985 ms 3.798 ms > 3 192.168.250.194 (192.168.250.194) 35.513 ms 27.109 ms 35.208 ms > 4 192.168.250.194 (192.168.250.194) 56.532 ms 55.075 ms 52.811 ms > 5 192.168.250.194 (192.168.250.194) 67.176 ms 76.174 ms 73.122 ms > 6 192.168.250.194 (192.168.250.194) 67.687 ms 82.497 ms 67.614 ms > [fulano@vitoria /root]# > > Would be possible the result to be normal? > > [fulano@vitoria /]# traceroute 192.168.250.194 > traceroute to 192.168.250.194 (192.168.250.194), 30 hops max, 38 byte > packets > 1 bss (192.168.0.128) 0.505 ms 0.435 ms 0.383 ms > 2 192.168.1.10 (192.168.1.10) 38.520 ms 2.985 ms 3.798 ms > 3 192.168.25.1 (192.168.25.1) 35.513 ms 27.109 ms 35.208 ms > 4 192.168.35.1 (192.168.35.1) 56.532 ms 55.075 ms 52.811 ms > 5 192.168.100.15 (192.168.100.15) 67.176 ms 76.174 ms 73.122 ms > 6 192.168.250.194 (192.168.250.194) 67.687 ms 82.497 ms 67.614 ms > [fulano@vitoria /root]# > > > I'm sorry my english! > > {]'s > > > > > Michel Marinho > IFX Networks > marinho@ifx.com.br > www.ifx.com.br > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Sebastien Petit spe@bsdfr.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 11:58:15 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 11:58:13 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from prioris.mini.pw.edu.pl (prioris.mini.pw.edu.pl [148.81.80.7]) by hub.freebsd.org (Postfix) with ESMTP id F115D37B400 for ; Wed, 3 Jan 2001 11:58:12 -0800 (PST) Received: from pf39.warszawa.sdi.tpnet.pl (prioris.mini.pw.edu.pl [148.81.80.7]) by prioris.mini.pw.edu.pl (Postfix) with ESMTP id 0FBB87CFAA for ; Wed, 3 Jan 2001 20:58:08 +0100 (CET) Received: (from zaks@localhost) by pf39.warszawa.sdi.tpnet.pl (8.11.1/8.11.1) id f03Jvtv00627; Wed, 3 Jan 2001 20:57:55 +0100 (CET) (envelope-from zaks) Content-MD5: a8362c935845f1e20c11ed30716215eb From: Slawek Zak To: freebsd-net@freebsd.org Subject: Re: Dummynet problem References: <200101031438.f03Eckw80927@iguana.aciri.org> Date: 03 Jan 2001 20:57:55 +0100 In-Reply-To: <200101031438.f03Eckw80927@iguana.aciri.org> Message-ID: <87n1d81k8s.fsf@pf39.warszawa.sdi.tpnet.pl> Lines: 20 User-Agent: Gnus/5.090001 (Oort Gnus v0.01) XEmacs/21.1 (Channel Islands) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 3 Jan 2001, Luigi Rizzo spake thusly: > So i believe you have done some mistake in your config or your > measurement (e.g. some other bottleneck in the net limiting > one flow to 60Kbit, leaving a full 60k to the other no matter how > weight are assigned). I really don't think so. Only those two transfers were active. Config is very simple and looks okay (see the counts for both rules). > Note that running this kind of experiments requires a bit of care -- > with a 10:1 speed ratio, one of the transfer might complete much faster > than the other leaving full bw to the the other flow for 90% > of the time, which in the end causes both flow to show > approx the same speed. Well. It is not the case I think. Both transfers were for big files (~200MB each). I've zeroed the counters after start. Measurments are acuurate according to both rules as well as lftp status messages. Regards, /S To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 12:28:26 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 12:28:24 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from tsunami.waterspout.com (tsunami.waterspout.com [208.13.56.11]) by hub.freebsd.org (Postfix) with ESMTP id 033EA37B400 for ; Wed, 3 Jan 2001 12:28:24 -0800 (PST) Received: from waterspout.com (tsunami.fw.waterspout.com [208.13.60.34]) by tsunami.waterspout.com (8.9.3/8.9.3) with ESMTP id PAA71628; Wed, 3 Jan 2001 15:28:14 -0500 (EST) (envelope-from csg@waterspout.com) Message-Id: <200101032028.PAA71628@tsunami.waterspout.com> To: Alex Pilosov Cc: freebsd-net@freebsd.org, wes@softweyr.com Subject: Re: Problems with VLAN and natd. In-Reply-To: Your message of "Wed, 03 Jan 2001 12:26:21 EST." From: csg@waterspout.com (C. Stephen Gunn) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <2499.978554019.1@waterspout.com> Date: Wed, 03 Jan 2001 15:33:39 -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 03 Jan 2001 12:26:21 EST, Alex Pilosov wrote: > Sometimes in the course of human events it is necessary to break with > compatibility ;) I believe netgraph is sufficiently advanced and well-made > system that it should be used as much as possible. Microsoft might argue the same about Windows. Someone has to take the counterpoint around here. ;-) > There's nothing that would prevent OpenBSD people from taking > netgraph and implementing it. I run OpenBSD, and threw the idea a > few times on their mailing lists, and response was less than > enthusiastic...Which lead me to choose FreeBSD for my next networking > project. :) We can't _make_ the Linux folks adopt BSD technologies either, but we continue to jump through hoops for compatability layers in the BSD variants. I'm just advocating a search for prior-art, and/or a friendly design conversation with the other projects _before_ integration into FreeBSD. - Steve -- C. Stephen Gunn | Waterspout Communications, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 12:29:15 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 12:29:13 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 5BC5A37B400; Wed, 3 Jan 2001 12:29:13 -0800 (PST) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f03KTBu02677; Wed, 3 Jan 2001 12:29:11 -0800 (PST) Date: Wed, 3 Jan 2001 12:29:11 -0800 From: Alfred Perlstein To: "C. Stephen Gunn" Cc: wpaul@freebsd.org, net@freebsd.org Subject: Re: 'no memory for rx list' Message-ID: <20010103122911.H292@fw.wintelcom.net> References: <20010103101008.I19572@fw.wintelcom.net> <200101032018.PAA71589@tsunami.waterspout.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200101032018.PAA71589@tsunami.waterspout.com>; from csg@waterspout.com on Wed, Jan 03, 2001 at 03:24:20PM -0500 Sender: bright@fw.wintelcom.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * C. Stephen Gunn [010103 12:19] wrote: > On Wed, 03 Jan 2001 10:10:09 PST, Alfred Perlstein wrote: > > > > You could change the printf()'s to log()'s, and allow syslogd > > > to filter/combine/report them on your console. I'm sure you > > > already know this, you could increase NBMCLUSTERS and friends > > > in your kernel config, or at boot time. (For posterity in > > > the list archives). > > > > I really don't see any point in assisting a cascade-like failure > > situation by adding more work that the kernel has to do when faced > > with a shortage. > > I hadn't thought about it from that perspective. Having the driver > log something to the console about the condition is desirable > though, otherwise it simply fails without notice. A delicate > trade-off. A proper fix would be to have the driver do what it does when it can't get an mbuf by incrementing if_ierrors or something. Then the admin would be able to see it through the tools to view network device stats. I may be wrong here, but I want to know what Bill Paul thinks about this as he's far more clueful than me especially when it comes to drivers. Another solution would be something along the lines of the what the ICMP code does, which is only print the message after X number of instances and at most 1 time per second. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 14: 9:26 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 14:09:25 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 548A237B402 for ; Wed, 3 Jan 2001 14:09:25 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f03M9KN84700; Wed, 3 Jan 2001 14:09:20 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101032209.f03M9KN84700@iguana.aciri.org> Subject: Re: Dummynet problem In-Reply-To: <87n1d81k8s.fsf@pf39.warszawa.sdi.tpnet.pl> from Slawek Zak at "Jan 3, 2001 8:57:55 pm" To: zaks@prioris.mini.pw.edu.pl (Slawek Zak) Date: Wed, 3 Jan 2001 14:09:20 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: rizzo@iguana.aciri.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Well. It is not the case I think. Both transfers were for big files (~200MB > each). I've zeroed the counters after start. Measurments are acuurate according > to both rules as well as lftp status messages. actually the counters you sent me only showed some 300Kbytes per transfer (which amount to 40s at the speed you mention -- a time which is quite short considering queueing delays etc, at those speeds), and the throughput indications from *ftp counters are not always accurate. please check again your setup. As i said, i tried a config with different weights, and it did what it was supposed to do. cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 23:41:54 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 23:41:52 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 22F3E37B400 for ; Wed, 3 Jan 2001 23:41:52 -0800 (PST) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f047fpI18698 for net@freebsd.org; Wed, 3 Jan 2001 23:41:51 -0800 (PST) Date: Wed, 3 Jan 2001 23:41:51 -0800 From: Alfred Perlstein To: net@freebsd.org Subject: (forw) Two NICs In FreeBSD Message-ID: <20010103234151.R292@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: bright@fw.wintelcom.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org /kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1 Hi can we axe this message already? I see the possibility of using two 100mbit cards on a switch with a gig uplink to be reason enough to either axe it, or make it a sysctl to quiet the warnings. I've also had this broken config setup as a temporary thing and my console getting flooded was also quite irritating. Anyone going to raise a rukus if I turn it a) off b) sysctl default off c) sysctl default on thanks, -Alfred ----- Forwarded message from Tim Gustafson ----- From: Tim Gustafson To: freebsd-questions@FreeBSD.ORG Subject: Two NICs In FreeBSD Date: Wed, 03 Jan 2001 23:37:06 -0500 Message-Id: <5.0.0.25.2.20010103233521.00a58890@esther.falconsoft.com> X-Mailer: QUALCOMM Windows Eudora Version 5.0 Sender: owner-freebsd-questions@FreeBSD.ORG Hello I just installed two NIC cards into my FreeBSD machine that are on the same LAN, each with a different IP. However, I keep getting this sort of message in my syslog: /kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1 I realize that the message is because it's getting two ARP replies, but this is normal (for this network, anyhow). How can I suppress these messages from appearing in the syslog? Is it OK to have both interfaces receiving ARP replies? Will this mess anything up? Tim -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tim Gustafson tim@falconsoft.com www.falconsoft.com (631)475-6662 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Share your knowledge - it's a way to achieve immortality. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message ----- End forwarded message ----- -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 3 23:49:58 2001 From owner-freebsd-net@FreeBSD.ORG Wed Jan 3 23:49:55 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from VL-MS-MR002.sc1.videotron.ca (relais.videotron.ca [24.201.245.36]) by hub.freebsd.org (Postfix) with ESMTP id D2F7237B400 for ; Wed, 3 Jan 2001 23:49:54 -0800 (PST) Received: from jehovah ([24.202.203.37]) by VL-MS-MR002.sc1.videotron.ca (Netscape Messaging Server 4.15) with SMTP id G6MOF600.GAC; Thu, 4 Jan 2001 02:49:54 -0500 Message-ID: <003b01c07623$182dedd0$25cbca18@jehovah> From: "Bosko Milekic" To: "Alfred Perlstein" Cc: References: <20010103234151.R292@fw.wintelcom.net> Subject: Re: (forw) Two NICs In FreeBSD Date: Thu, 4 Jan 2001 02:51:06 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I would go with (a) unless someone is religiously obsessed with having the message stay. Else go with (b) but see if you can fit it in with some "generic verbosity" sysctl knob, as opposed to creating its own. Later, Bosko. > /kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1 > > Hi can we axe this message already? I see the possibility of using > two 100mbit cards on a switch with a gig uplink to be reason enough > to either axe it, or make it a sysctl to quiet the warnings. > > I've also had this broken config setup as a temporary thing and > my console getting flooded was also quite irritating. > > Anyone going to raise a rukus if I turn it > a) off > b) sysctl default off > c) sysctl default on > > thanks, > -Alfred > > ----- Forwarded message from Tim Gustafson ----- > > From: Tim Gustafson > To: freebsd-questions@FreeBSD.ORG > Subject: Two NICs In FreeBSD > Date: Wed, 03 Jan 2001 23:37:06 -0500 > Message-Id: <5.0.0.25.2.20010103233521.00a58890@esther.falconsoft.com> > X-Mailer: QUALCOMM Windows Eudora Version 5.0 > Sender: owner-freebsd-questions@FreeBSD.ORG > > Hello > > I just installed two NIC cards into my FreeBSD machine that are on the same > LAN, each with a different IP. However, I keep getting this sort of > message in my syslog: > > /kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1 > > I realize that the message is because it's getting two ARP replies, but > this is normal (for this network, anyhow). How can I suppress these > messages from appearing in the syslog? Is it OK to have both interfaces > receiving ARP replies? Will this mess anything up? > > Tim > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Tim Gustafson tim@falconsoft.com > www.falconsoft.com (631)475-6662 > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Share your knowledge - it's a way to achieve immortality. > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > > ----- End forwarded message ----- > > -- > -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] > "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 3:19:24 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 03:19:22 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from vitoria.e-net.com.br (vitoria.e-net.com.br [200.194.249.19]) by hub.freebsd.org (Postfix) with ESMTP id C604D37B402 for ; Thu, 4 Jan 2001 03:19:20 -0800 (PST) Received: from localhost (michel@localhost) by vitoria.e-net.com.br (8.9.3/8.9.3) with ESMTP id JAA26317; Thu, 4 Jan 2001 09:21:55 -0200 Date: Thu, 4 Jan 2001 09:21:55 -0200 (BRST) From: Michel Martins Marinho X-Sender: To: Sebastien Cc: Subject: Re: Problems with traceroute and natd. In-Reply-To: <20010103183915.BXKX8091.frmta00@cha213245067180.chello.fr> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 3 Jan 2001, Sebastien wrote: > > when you enter ipfw rule don't use: > ipfw add divert natd all from any to any > but use: > ipfw add divert natd all from any to any via xl0 > (xl0 is the natd interface that you have specified whit natd -n ... change > it with your interface name) > > after, your traceroutes will be "normal" :-) > > spe. > Hello Sebastien, My ipfw rule is : ip add divert natd ip from any to any via ed0 ed0 ( interface primary network ) exactly thus the problem occurs. Exists another possibility to decide this problem? []'s Michel Marinho www.ifx.com.br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 6:58:33 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 06:58:28 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from virtual.sysadmin-inc.com (lists.sysadmin-inc.com [209.16.228.140]) by hub.freebsd.org (Postfix) with ESMTP id 2136A37B698 for ; Thu, 4 Jan 2001 06:58:28 -0800 (PST) Received: from wkst ([209.16.228.146]) by virtual.sysadmin-inc.com (8.9.1/8.9.1) with SMTP id KAA04447 for ; Thu, 4 Jan 2001 10:03:35 -0500 Reply-To: From: "Peter Brezny" To: Subject: RE: (forw) Two NICs In FreeBSD Date: Thu, 4 Jan 2001 09:57:42 -0800 Message-ID: <000101c07677$d62af860$46010a0a@sysadmininc.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <003b01c07623$182dedd0$25cbca18@jehovah> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I find it useful, and not that big of a deal to shut off in syslog.conf. However, option c seems like a good idea. Peter Brezny SysAdmin Services Inc. -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Bosko Milekic Sent: Wednesday, January 03, 2001 11:51 PM To: Alfred Perlstein Cc: net@FreeBSD.ORG Subject: Re: (forw) Two NICs In FreeBSD I would go with (a) unless someone is religiously obsessed with having the message stay. Else go with (b) but see if you can fit it in with some "generic verbosity" sysctl knob, as opposed to creating its own. Later, Bosko. > /kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1 > > Hi can we axe this message already? I see the possibility of using > two 100mbit cards on a switch with a gig uplink to be reason enough > to either axe it, or make it a sysctl to quiet the warnings. > > I've also had this broken config setup as a temporary thing and > my console getting flooded was also quite irritating. > > Anyone going to raise a rukus if I turn it > a) off > b) sysctl default off > c) sysctl default on > > thanks, > -Alfred > > ----- Forwarded message from Tim Gustafson ----- > > From: Tim Gustafson > To: freebsd-questions@FreeBSD.ORG > Subject: Two NICs In FreeBSD > Date: Wed, 03 Jan 2001 23:37:06 -0500 > Message-Id: <5.0.0.25.2.20010103233521.00a58890@esther.falconsoft.com> > X-Mailer: QUALCOMM Windows Eudora Version 5.0 > Sender: owner-freebsd-questions@FreeBSD.ORG > > Hello > > I just installed two NIC cards into my FreeBSD machine that are on the same > LAN, each with a different IP. However, I keep getting this sort of > message in my syslog: > > /kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1 > > I realize that the message is because it's getting two ARP replies, but > this is normal (for this network, anyhow). How can I suppress these > messages from appearing in the syslog? Is it OK to have both interfaces > receiving ARP replies? Will this mess anything up? > > Tim > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Tim Gustafson tim@falconsoft.com > www.falconsoft.com (631)475-6662 > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Share your knowledge - it's a way to achieve immortality. > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > > ----- End forwarded message ----- > > -- > -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] > "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 7:47:43 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 07:47:38 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from magellan.palisadesys.com (magellan.palisadesys.com [192.188.162.211]) by hub.freebsd.org (Postfix) with ESMTP id 9607737B402 for ; Thu, 4 Jan 2001 07:47:37 -0800 (PST) Received: from localhost (ghelmer@localhost) by magellan.palisadesys.com (8.11.0/8.11.0) with ESMTP id f04FlZN11522; Thu, 4 Jan 2001 09:47:35 -0600 Date: Thu, 4 Jan 2001 09:47:35 -0600 (CST) From: Guy Helmer To: Alfred Perlstein Cc: net@FreeBSD.ORG Subject: Re: (forw) Two NICs In FreeBSD In-Reply-To: <20010103234151.R292@fw.wintelcom.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 3 Jan 2001, Alfred Perlstein wrote: > /kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1 > > Hi can we axe this message already? I see the possibility of using > two 100mbit cards on a switch with a gig uplink to be reason enough > to either axe it, or make it a sysctl to quiet the warnings. > > I've also had this broken config setup as a temporary thing and > my console getting flooded was also quite irritating. > > Anyone going to raise a rukus if I turn it > a) off > b) sysctl default off > c) sysctl default on > > thanks, > -Alfred I have also suggested this (a sysctl knob) within the past few weeks and had no negative responses. However, since I have not received any messages saying "this exists for such-and-such a reason", I vote for (a). If you don't do it soon, I will :-) Guy > ----- Forwarded message from Tim Gustafson ----- > > From: Tim Gustafson > To: freebsd-questions@FreeBSD.ORG > Subject: Two NICs In FreeBSD > Date: Wed, 03 Jan 2001 23:37:06 -0500 > Message-Id: <5.0.0.25.2.20010103233521.00a58890@esther.falconsoft.com> > X-Mailer: QUALCOMM Windows Eudora Version 5.0 > Sender: owner-freebsd-questions@FreeBSD.ORG > > Hello > > I just installed two NIC cards into my FreeBSD machine that are on the same > LAN, each with a different IP. However, I keep getting this sort of > message in my syslog: > > /kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1 > > I realize that the message is because it's getting two ARP replies, but > this is normal (for this network, anyhow). How can I suppress these > messages from appearing in the syslog? Is it OK to have both interfaces > receiving ARP replies? Will this mess anything up? > > Tim -- Guy Helmer, Ph.D. Sr. Software Engineer, Palisade Systems --- ghelmer@palisadesys.com http://www.palisadesys.com/~ghelmer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 9: 3:14 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 09:03:12 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by hub.freebsd.org (Postfix) with SMTP id BD15F37B400 for ; Thu, 4 Jan 2001 09:03:11 -0800 (PST) Received: from gosset.maths.tcd.ie by salmon.maths.tcd.ie with SMTP id ; 4 Jan 2001 17:03:10 +0000 (GMT) To: Guy Helmer Cc: Alfred Perlstein , net@FreeBSD.ORG, iedowse@maths.tcd.ie Subject: Re: (forw) Two NICs In FreeBSD In-Reply-To: Your message of "Thu, 04 Jan 2001 09:47:35 CST." Date: Thu, 04 Jan 2001 17:03:10 +0000 From: Ian Dowse Message-ID: <200101041703.aa70160@salmon.maths.tcd.ie> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message , Guy Helmer writes: >I have also suggested this (a sysctl knob) within the past few weeks and >had no negative responses. However, since I have not received any >messages saying "this exists for such-and-such a reason", I vote for (a). >If you don't do it soon, I will :-) I would prefer this to be a sysctl knob, defaulting to the current behaviour. The diagnostic message is a useful indication that the routing table does not reflect reality. It is not exactly trivial to set up a useful configuration with two NICs on the same network anyway. The two interfaces must have addresses in different logical subnets, and to get the benefit of increased throughput you need to have traffic on each interface going to/from addresses on the same subnet as the interface. Simple "two cards on one network" configurations that sound like they should work usually don't, so this message is also a good indication to the user that they are doing something odd :-) (We use a hack locally where two NICs on the same network can have IPs in the same subnet, but it requires extra ARP changes, and a horrible hack to ipfw to allow the source address to influence the choice of output interface). Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 9:35: 5 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 09:35:03 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from fmdb.c3.hu (dial-146.digitel2002.hu [213.163.2.146]) by hub.freebsd.org (Postfix) with SMTP id 493C937B404 for ; Thu, 4 Jan 2001 09:34:58 -0800 (PST) Received: (qmail 2710 invoked by uid 1004); 4 Jan 2001 17:34:50 -0000 Date: Thu, 4 Jan 2001 18:34:49 +0100 From: Miklos Niedermayer To: Romualdo Arcoverde Cc: Attila Nagy , mouss , freebsd-security@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPSTEALTH - transparent router Message-ID: <20010104183449.A1274@bsd.hu> Mail-Followup-To: Miklos Niedermayer , Romualdo Arcoverde , Attila Nagy , mouss , freebsd-security@freebsd.org, freebsd-net@freebsd.org References: <3a50d8b7.3a6d.0@uninet.com.br> <4.3.0.20010102182437.02274f00@pop.free.fr> <001601c075ff$62929de0$8250b5c8@isiteleinformatica.com.br> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <001601c075ff$62929de0$8250b5c8@isiteleinformatica.com.br>; from romualdo@uninet.com.br on Thu, Jan 04, 2001 at 01:28:15AM -0200 X-Operating-System: FreeBSD - The Power to Serve Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, ( > Romualdo Arcoverde) > I use sysctl and works fine how i want, i have to use ipfw becouse i use > dummynet. We are using both IPFilter and ipfw. (ipfw for DUMMYNET and IPFilter for packet filtering. But we are going to replace DUMMYNET with ALTQ) -- ______ o _. __ / / / (_(_(__(_) @ bsd.hu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 14:49:21 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 14:49:19 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from hetnet.nl (net014s.hetnet.nl [194.151.104.154]) by hub.freebsd.org (Postfix) with ESMTP id 36AB037B402 for ; Thu, 4 Jan 2001 14:49:18 -0800 (PST) Received: from hetnet.nl ([192.150.187.12]) by hetnet.nl with Microsoft SMTPSVC(5.5.1877.537.53); Thu, 4 Jan 2001 23:47:44 +0100 Sender: degraaf@FreeBSD.ORG Message-ID: <3A54FDEB.FB442E82@hetnet.nl> Date: Thu, 04 Jan 2001 14:49:15 -0800 From: Wilbert de Graaf X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: net@freebsd.org Subject: igmp and if_down() Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Some time ago I worked on an implementation of IGMPv3 on FreeBSD. Somebody I know is using it to test his router implementation on a terminal / ppp server. He told me the following: * a socket subscribes to some group on the ppp interface, and he sees IGMP reports * hangs no up, and dials in again and the IGMP messages continue He thinks this is not okay, but I'm not sure. You could argue that membership on a non-existing interface is impossible. On the other hand, it's get more complicated if you do remove membership: are you going to inform those sockets on which you removed their membership ? What do you think ? Btw. When I looked at the code I came as far as net/if.c in the fucntion if_down(). The documentation says that protocols should be informed here. I took a peek at the Linux code and they do notify IGMP, which removes all memberships on the interface that's going down. Wilbert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 15:11:54 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 15:11:52 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from hetnet.nl (unknown [194.151.104.184]) by hub.freebsd.org (Postfix) with ESMTP id BAAF737B400 for ; Thu, 4 Jan 2001 15:11:51 -0800 (PST) Received: from hetnet.nl ([192.150.187.12]) by hetnet.nl with Microsoft SMTPSVC(5.5.1877.537.53); Fri, 5 Jan 2001 00:10:58 +0100 Sender: degraaf@FreeBSD.ORG Message-ID: <3A550334.7489DF76@hetnet.nl> Date: Thu, 04 Jan 2001 15:11:48 -0800 From: Wilbert de Graaf X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: net@freebsd.org Subject: Re: igmp and if_down() References: <3A54FDEB.FB442E82@hetnet.nl> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > * a socket subscribes to some group on the ppp interface, and he sees > IGMP reports > * hangs no up, and dials in again and the IGMP messages continue > > He thinks this is not okay, but I'm not sure. You could argue that > membership on a non-existing interface is impossible. On the other hand, > it's get more complicated if you do remove membership: are you going to > inform those sockets on which you removed their membership ? > > What do you think ? Thinking about it, the FreeBSD works out fine if multicast applications conclude that something is wrong if they don't get traffic on a socket. Their action would be to simply close() the socket or remove membership. Wilbert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 22:21:59 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 22:21:54 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 3F11537B400; Thu, 4 Jan 2001 22:21:53 -0800 (PST) Received: from bissau-07.budapest.interware.hu ([195.70.53.135] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14EQG5-0008MS-00; Fri, 05 Jan 2001 07:21:50 +0100 Sender: julian@FreeBSD.ORG Message-ID: <3A5567A7.A11F47E3@elischer.org> Date: Thu, 04 Jan 2001 22:20:23 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: net@freebsd.org, current@freebsd.org Subject: HEADSUP! New netgraph code coming Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a largely rewritten version of netgraph ready for commit. It is redesigned to work in an SMP "ouside the BGL" environment. I have not completed it to the stage yet that it will run without BGL yet but it's close and it's running stably. I hope to commit this in about 24 hours (maybe less) the files concerned are: julian@jules:grep Index: /tmp/xx Index: sys/dev/lmc/if_lmc.c Index: sys/dev/usb/udbp.c Index: sys/i386/isa/if_ar.c Index: sys/i386/isa/if_sr.c Index: sys/i4b/driver/i4b_ing.c Index: sys/pci/if_mn.c Index: sys/dev/musycc/musycc.c Index: sys/netgraph/netgraph.h Index: sys/netgraph/ng_UI.c Index: sys/netgraph/ng_async.c Index: sys/netgraph/ng_base.c Index: sys/netgraph/ng_bpf.c Index: sys/netgraph/ng_bridge.c Index: sys/netgraph/ng_cisco.c Index: sys/netgraph/ng_echo.c Index: sys/netgraph/ng_ether.c Index: sys/netgraph/ng_frame_relay.c Index: sys/netgraph/ng_hole.c Index: sys/netgraph/ng_iface.c Index: sys/netgraph/ng_ksocket.c Index: sys/netgraph/ng_lmi.c Index: sys/netgraph/ng_message.h Index: sys/netgraph/ng_mppc.c Index: sys/netgraph/ng_one2many.c Index: sys/netgraph/ng_ppp.c Index: sys/netgraph/ng_pppoe.c Index: sys/netgraph/ng_pptpgre.c Index: sys/netgraph/ng_rfc1490.c Index: sys/netgraph/ng_sample.c Index: sys/netgraph/ng_socket.c Index: sys/netgraph/ng_tee.c Index: sys/netgraph/ng_tty.c Index: sys/netgraph/ng_vjc.c -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 4 23:40: 4 2001 From owner-freebsd-net@FreeBSD.ORG Thu Jan 4 23:39:56 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from krell.webweaver.net (krell.webweaver.net [64.124.90.11]) by hub.freebsd.org (Postfix) with ESMTP id 714D537B400; Thu, 4 Jan 2001 23:39:56 -0800 (PST) Received: from xwin.nmhtech.com (xwin.daemontech.net [208.138.46.161]) by krell.webweaver.net (Postfix) with ESMTP id 3468720F04; Thu, 4 Jan 2001 23:39:56 -0800 (PST) Content-Length: 3057 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 2 (High) Priority: urgent Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Thu, 04 Jan 2001 23:39:56 -0800 (PST) Sender: altera@xwin.nmhtech.com From: Nicole To: freebsd-isp@freebsd.org, freebsd-net@freebsd.org Subject: Problem with fxp0 card and slowing/dying transmits Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello all My poor hair is abt to come out as I keep pulling on it trying to solve what is, to me, a Very Very weird problem. I have a server, running FreeBSD-3.5-STABLE as of 1/2/2000. It is a dual 400Mhz processor system with (I think) an Intel Motherboard (could also be a tyan) that has built in (intel) Ethernet and SCSI. It has 256 Megs of Memory. It is connected to an Intel 460 switch along with abt 5 others servers very similar to it. The problem is that when trying to scp a file or send a large file to it via sendmail, (large = 253952 ) it seems to transmit along happily, then (at least for scp) at abt 1/2 way through, it seems to just start crawling. When I have let it run, it will go forever and will seem to eventually finish but will hang as the transfer speed keeps dropping through the floor. I have tried numerous things, including shutting off the built in Ethernet card and replacing it with a standard intel 10/100 pro card. (not the new ones with the small VLSI chip, but the older style unit, exactly like what the other systems have) I have tried altering net.inet.tcp.rfc1323 and net.inet.tcp.rfc1644. I have tried setting the card into solid 100TX via ifconfig (ifconfig fxp0 inet 10.0.0.1 netmask 255.255.255.0 media 100baseTX ) with no effect. I even tried setting it to 10/BT with no improvement. Changed the port it was in on the switch. Changed cables 3 times. Said several ancient prayers, and even succomed to eating dead cow over it. The only other semi clue is that it was just moved from another ISP were it was plugged into a Cisco switch and it seemed to be working fine there. All of the other servers with the same card seem to work fine however via the same Intel switch. You would think it would be happier, Intel card to Intel switch anyway. ANY help or clues would be appreciated. Could this be caused by the MB? What else can I try? Please CC me in any replies to make sure I see it right away. Thanks!!! Nicole nicole@home:/home/nicole> sysctl -a | grep tcp tcpcb: 288, 2344, 124, 142, 2761 net.inet.tcp.rfc1323: 0 net.inet.tcp.rfc1644: 1 net.inet.tcp.mssdflt: 512 net.inet.tcp.rttdflt: 3 net.inet.tcp.keepidle: 14400 net.inet.tcp.keepintvl: 150 net.inet.tcp.sendspace: 16384 net.inet.tcp.recvspace: 16384 net.inet.tcp.keepinit: 150 net.inet.tcp.log_in_vain: 0 net.inet.tcp.delayed_ack: 1 net.inet.tcp.pcbcount: 124 net.inet.tcp.always_keepalive: 1 nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((---------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- I don't speak for anybody but myself - that's enough trouble -- -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- ------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 0: 6:31 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 00:06:29 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from misery.sdf.com (misery.sdf.com [204.244.213.49]) by hub.freebsd.org (Postfix) with ESMTP id DF39F37B400 for ; Fri, 5 Jan 2001 00:06:27 -0800 (PST) Received: from tom (helo=localhost) by misery.sdf.com with local-esmtp (Exim 2.12 #1) id 14ERBw-0005pN-00; Thu, 4 Jan 2001 23:21:36 -0800 Date: Thu, 4 Jan 2001 23:21:34 -0800 (PST) From: Tom Samplonius To: Nicole Cc: freebsd-net@freebsd.org Subject: Re: Problem with fxp0 card and slowing/dying transmits In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 4 Jan 2001, Nicole wrote: ... > The problem is that when trying to scp a file or send a large file to it via > sendmail, (large = 253952 ) it seems to transmit along > happily, then (at least for scp) at abt 1/2 way through, it seems to just start > crawling. When I have let it run, it will go forever and will seem to > eventually finish but will hang as the transfer speed keeps dropping through the > floor. ... Mismatched duplex settings can cause problems like this. When using a switch, duplex settings on your server and switch must match. Most FreeBSD ethernet card drivers default to autonegotiation, but can be changed with an ifconfig option. Auto negotiation may not be trustworthy as it requires a good and recent switch, and a good and recent card. You should verify that autonegotiation actually picks the right duplex setting before trusting it with your hardware. Auto negotation requires that both the server and switch are set to auto. "auto negotation" is not the same as "auto detect". And hubs are always half-duplex. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 0:49:19 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 00:49:15 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from krell.webweaver.net (krell.webweaver.net [64.124.90.11]) by hub.freebsd.org (Postfix) with ESMTP id AEF7437B400 for ; Fri, 5 Jan 2001 00:49:15 -0800 (PST) Received: from xwin.nmhtech.com (xwin.daemontech.net [208.138.46.161]) by krell.webweaver.net (Postfix) with ESMTP id 8EF9320F04; Fri, 5 Jan 2001 00:49:15 -0800 (PST) Content-Length: 2594 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Fri, 05 Jan 2001 00:49:15 -0800 (PST) Sender: altera@xwin.nmhtech.com From: Nicole To: Tom Samplonius Subject: Re: Problem with fxp0 card and slowing/dying transmits Cc: freebsd-net@freebsd.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 05-Jan-01 Tom Samplonius wrote: > > On Thu, 4 Jan 2001, Nicole wrote: > > ... >> The problem is that when trying to scp a file or send a large file to it >> via >> sendmail, (large = 253952 ) it seems to transmit along >> happily, then (at least for scp) at abt 1/2 way through, it seems to just >> start >> crawling. When I have let it run, it will go forever and will seem to >> eventually finish but will hang as the transfer speed keeps dropping through >> the >> floor. > ... > > Mismatched duplex settings can cause problems like this. When using a > switch, duplex settings on your server and switch must match. Most > FreeBSD ethernet card drivers default to autonegotiation, but can be > changed with an ifconfig option. Auto negotiation may not be trustworthy > as it requires a good and recent switch, and a good and recent card. You > should verify that autonegotiation actually picks the right duplex setting > before trusting it with your hardware. Auto negotation requires that both > the server and switch are set to auto. "auto negotation" is not the same > as "auto detect". > > And hubs are always half-duplex. > > Tom Yup.... Set to 100/TX via ifconfig - Ifconfig -a shows: fxp0: flags=8843 mtu 1500 media: 100baseTX status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP The switch is showing: 100Mbps/Half/BP-Off As opposed to another server on the same switch, set to auto. ifconfig -a media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP The switch shows: 100Mbps/Full/Enabled (IEEE 802.3x) Hmm Even if I force the switch to full duplex it does not seem to change the server to full duplex when using autonegotiate via ifconfig.. What is the right syntax to force full neg via ifconfig? Nicole nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((---------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- I don't speak for anybody but myself - that's enough trouble -- -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- ------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 0:58: 5 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 00:58:01 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from krell.webweaver.net (krell.webweaver.net [64.124.90.11]) by hub.freebsd.org (Postfix) with ESMTP id 5DCB437B400 for ; Fri, 5 Jan 2001 00:58:01 -0800 (PST) Received: from xwin.nmhtech.com (xwin.daemontech.net [208.138.46.161]) by krell.webweaver.net (Postfix) with ESMTP id 3FCDB20F04 for ; Fri, 5 Jan 2001 00:58:01 -0800 (PST) Content-Length: 5214 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="_=XFMail.1.4.0.FreeBSD:010105005801:304=_" Resent-Date: Fri, 5 Jan 2001 00:49:20 -0800 (PST) Resent-Message-Id: <20010105084920.5D1AA20F0D@krell.webweaver.net> Resent-From: (Mail Delivery System) Resent-To: nicole@unixgirl.com Date: Fri, 05 Jan 2001 00:58:01 -0800 (PST) Sender: altera@xwin.nmhtech.com From: Nicole To: freebsd-net@freebsd.org Subject: FW: Undelivered Mail Returned to Sender Resent-Sender: nicole@unixgirl.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format --_=XFMail.1.4.0.FreeBSD:010105005801:304=_ Content-Type: text/plain; charset=us-ascii -----FW: <20010105084920.5D1AA20F0D@krell.webweaver.net>----- Date: Fri, 5 Jan 2001 00:49:20 -0800 (PST) From: (Mail Delivery System) To: nicole@unixgirl.com Subject: Undelivered Mail Returned to Sender This is the Postfix program at host krell.webweaver.net. I'm sorry to have to inform you that the message returned below could not be delivered to one or more destinations. For further assistance, please contact If you do so, please include this problem report. You can delete your own text from the message returned below. The Postfix program : host misery.sdf.com[204.244.213.49] said: 550-untestable - above.net has multiple open relays and has blocked the ORBS tester. 550 rejected: administrative prohibition I'm sorry.. But this really put Orbs on my idiots list. They are blocking mail from any server colocated at above.net? Hello? Nicole --------------End of forwarded message------------------------- nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((---------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- I don't speak for anybody but myself - that's enough trouble -- -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- ------------------------------------------------------------------------- --_=XFMail.1.4.0.FreeBSD:010105005801:304=_ Content-Description: Undelivered Message Content-Type: message/rfc822 Received: from xwin.nmhtech.com (xwin.daemontech.net [208.138.46.161]) by krell.webweaver.net (Postfix) with ESMTP id 8EF9320F04; Fri, 5 Jan 2001 00:49:15 -0800 (PST) Content-Length: 2594 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Fri, 05 Jan 2001 00:49:15 -0800 (PST) Sender: altera@xwin.nmhtech.com From: Nicole To: Tom Samplonius Subject: Re: Problem with fxp0 card and slowing/dying transmits Cc: freebsd-net@freebsd.org On 05-Jan-01 Tom Samplonius wrote: > > On Thu, 4 Jan 2001, Nicole wrote: > > ... >> The problem is that when trying to scp a file or send a large file to it >> via >> sendmail, (large = 253952 ) it seems to transmit along >> happily, then (at least for scp) at abt 1/2 way through, it seems to just >> start >> crawling. When I have let it run, it will go forever and will seem to >> eventually finish but will hang as the transfer speed keeps dropping through >> the >> floor. > ... > > Mismatched duplex settings can cause problems like this. When using a > switch, duplex settings on your server and switch must match. Most > FreeBSD ethernet card drivers default to autonegotiation, but can be > changed with an ifconfig option. Auto negotiation may not be trustworthy > as it requires a good and recent switch, and a good and recent card. You > should verify that autonegotiation actually picks the right duplex setting > before trusting it with your hardware. Auto negotation requires that both > the server and switch are set to auto. "auto negotation" is not the same > as "auto detect". > > And hubs are always half-duplex. > > Tom Yup.... Set to 100/TX via ifconfig - Ifconfig -a shows: fxp0: flags=8843 mtu 1500 media: 100baseTX status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP The switch is showing: 100Mbps/Half/BP-Off As opposed to another server on the same switch, set to auto. ifconfig -a media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP The switch shows: 100Mbps/Full/Enabled (IEEE 802.3x) Hmm Even if I force the switch to full duplex it does not seem to change the server to full duplex when using autonegotiate via ifconfig.. What is the right syntax to force full neg via ifconfig? Nicole nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((---------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- I don't speak for anybody but myself - that's enough trouble -- -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- ------------------------------------------------------------------------- --_=XFMail.1.4.0.FreeBSD:010105005801:304=_-- End of MIME message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 1:41:45 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 01:41:44 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from gvr.gvr.org (gvr.gvr.org [194.151.74.97]) by hub.freebsd.org (Postfix) with ESMTP id 516B637B400 for ; Fri, 5 Jan 2001 01:41:44 -0800 (PST) Received: by gvr.gvr.org (Postfix, from userid 657) id B21595848; Fri, 5 Jan 2001 10:41:42 +0100 (CET) Date: Fri, 5 Jan 2001 10:41:42 +0100 From: Guido van Rooij To: freebsd-net@freebsd.org Subject: raw ethernetpackets..how? Message-ID: <20010105104142.A36057@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I wonder if it is possible to send raw ethernet packets somehow in FreeBSD. E.g. using a AF_LINK, SOCK_RAW socket or something. -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 1:45:57 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 01:45:55 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id A286E37B400 for ; Fri, 5 Jan 2001 01:45:55 -0800 (PST) Received: from InterJet.elischer.org (InterJet.elischer.org [192.168.1.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id BAA69220; Fri, 5 Jan 2001 01:45:46 -0800 (PST) Date: Fri, 5 Jan 2001 01:45:44 -0800 (PST) From: Julian Elischer To: Guido van Rooij Cc: freebsd-net@freebsd.org Subject: Re: raw ethernetpackets..how? In-Reply-To: <20010105104142.A36057@gvr.gvr.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org yes and yes..it can be done. I think dhcp does it.. you can also do it very trivially by hooking a netgraph socket directly to the netgraph hook on teh ehternet driver. On Fri, 5 Jan 2001, Guido van Rooij wrote: > > I wonder if it is possible to send raw ethernet packets somehow in FreeBSD. > E.g. using a AF_LINK, SOCK_RAW socket or something. > > -Guido > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 1:58: 9 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 01:58:07 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mailhub.fokus.gmd.de (mailhub.fokus.gmd.de [193.174.154.14]) by hub.freebsd.org (Postfix) with ESMTP id 2721837B400 for ; Fri, 5 Jan 2001 01:58:07 -0800 (PST) Received: from beagle (beagle [193.175.132.100]) by mailhub.fokus.gmd.de (8.8.8/8.8.8) with ESMTP id KAA02953; Fri, 5 Jan 2001 10:57:57 +0100 (MET) Date: Fri, 5 Jan 2001 10:57:57 +0100 (CET) From: Harti Brandt To: Guido van Rooij Cc: freebsd-net@FreeBSD.ORG Subject: Re: raw ethernetpackets..how? In-Reply-To: <20010105104142.A36057@gvr.gvr.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 5 Jan 2001, Guido van Rooij wrote: > I wonder if it is possible to send raw ethernet packets somehow in FreeBSD. > E.g. using a AF_LINK, SOCK_RAW socket or something. man 4 bpf -- harti brandt, http://www.fokus.gmd.de/research/cc/cats/employees/hartmut.brandt/private brandt@fokus.gmd.de, harti@begemot.org, lhbrandt@mail.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 2: 0:15 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 02:00:13 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from gvr.gvr.org (gvr.gvr.org [194.151.74.97]) by hub.freebsd.org (Postfix) with ESMTP id 4E8B637B402 for ; Fri, 5 Jan 2001 02:00:13 -0800 (PST) Received: by gvr.gvr.org (Postfix, from userid 657) id C94855848; Fri, 5 Jan 2001 11:00:11 +0100 (CET) Date: Fri, 5 Jan 2001 11:00:11 +0100 From: Guido van Rooij To: Harti Brandt Cc: freebsd-net@FreeBSD.ORG Subject: Re: raw ethernetpackets..how? Message-ID: <20010105110011.A36934@gvr.gvr.org> References: <20010105104142.A36057@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: ; from brandt@fokus.gmd.de on Fri, Jan 05, 2001 at 10:57:57AM +0100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Jan 05, 2001 at 10:57:57AM +0100, Harti Brandt wrote: > On Fri, 5 Jan 2001, Guido van Rooij wrote: > > > I wonder if it is possible to send raw ethernet packets somehow in FreeBSD. > > E.g. using a AF_LINK, SOCK_RAW socket or something. > > man 4 bpf Eh..._send_, not receive. -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 2: 4:11 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 02:04:10 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from gvr.gvr.org (gvr.gvr.org [194.151.74.97]) by hub.freebsd.org (Postfix) with ESMTP id 9856C37B402 for ; Fri, 5 Jan 2001 02:04:09 -0800 (PST) Received: by gvr.gvr.org (Postfix, from userid 657) id 435D75848; Fri, 5 Jan 2001 11:04:08 +0100 (CET) Date: Fri, 5 Jan 2001 11:04:08 +0100 From: Guido van Rooij To: Harti Brandt Cc: freebsd-net@FreeBSD.ORG Subject: Re: raw ethernetpackets..how? Message-ID: <20010105110408.A36990@gvr.gvr.org> References: <20010105104142.A36057@gvr.gvr.org> <20010105110011.A36934@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010105110011.A36934@gvr.gvr.org>; from guido@gvr.org on Fri, Jan 05, 2001 at 11:00:11AM +0100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Jan 05, 2001 at 11:00:11AM +0100, Guido van Rooij wrote: > On Fri, Jan 05, 2001 at 10:57:57AM +0100, Harti Brandt wrote: > > On Fri, 5 Jan 2001, Guido van Rooij wrote: > > > > > I wonder if it is possible to send raw ethernet packets somehow in FreeBSD. > > > E.g. using a AF_LINK, SOCK_RAW socket or something. > > > > man 4 bpf > > Eh..._send_, not receive. > Hmm blush. I never you bpf also gave a raw output ;-) -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 2:11:54 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 02:11:52 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mailhub.fokus.gmd.de (mailhub.fokus.gmd.de [193.174.154.14]) by hub.freebsd.org (Postfix) with ESMTP id B395537B400 for ; Fri, 5 Jan 2001 02:11:51 -0800 (PST) Received: from beagle (beagle [193.175.132.100]) by mailhub.fokus.gmd.de (8.8.8/8.8.8) with ESMTP id LAA04177; Fri, 5 Jan 2001 11:11:49 +0100 (MET) Date: Fri, 5 Jan 2001 11:11:49 +0100 (CET) From: Harti Brandt To: Guido van Rooij Cc: freebsd-net@FreeBSD.ORG Subject: Re: raw ethernetpackets..how? In-Reply-To: <20010105110011.A36934@gvr.gvr.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 5 Jan 2001, Guido van Rooij wrote: > On Fri, Jan 05, 2001 at 10:57:57AM +0100, Harti Brandt wrote: > > On Fri, 5 Jan 2001, Guido van Rooij wrote: > > > > > I wonder if it is possible to send raw ethernet packets somehow in FreeBSD. > > > E.g. using a AF_LINK, SOCK_RAW socket or something. > > > > man 4 bpf > > Eh..._send_, not receive. Look at the last paragrpah before IOCTLS. harti -- harti brandt, http://www.fokus.gmd.de/research/cc/cats/employees/hartmut.brandt/private brandt@fokus.gmd.de, harti@begemot.org, lhbrandt@mail.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 2:46:22 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 02:46:20 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from euitt.upm.es (haddock.euitt.upm.es [138.100.52.102]) by hub.freebsd.org (Postfix) with ESMTP id 3A37C37B400 for ; Fri, 5 Jan 2001 02:46:19 -0800 (PST) Received: from deneb.euitt.upm.es (deneb.euitt.upm.es [138.100.52.12]) by euitt.upm.es (8.9.3/8.9.3) with ESMTP id LAA18683 for ; Fri, 5 Jan 2001 11:46:07 +0100 (MET) Date: Fri, 5 Jan 2001 11:46:07 +0100 (CET) From: "Pedro J. Lobo" To: freebsd-net@freebsd.org Subject: Updated fxp VLAN patch for 4.2-RELEASE Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, all. I've put in my web page (http://www.euitt.upm.es/~pjlobo/fbsdvlan.html) an updated version of the patch to add vlan support to the fxp driver. This patch differs from the previous releases in two major aspects: - It doesn't modify if_vlan.c anymore. Instead, it uses ifi_hdrlen to tell if_vlan.c that it supports long frames. - It adds hardware support for long frames for the 82558/9 controllers. The code is taken from the OpenBSD driver. I'd suggest that this patch should be merged into the main tree, but there is still a minor problem: the physical device's output byte counter is still broken. All other counters (input and output) work as expenced, and the virtual devices's counters are all ok. I still haven't found the time to investigate it. Any comment, suggestion, etc., is welcome. Cheers, Pedro. -- -------------------------------------------------------------------- Pedro José Lobo Perea Tel: +34 913367819 / Fax: +34 913319229 Centro de Cálculo e-mail: pjlobo@euitt.upm.es E.U.I.T. Telecomunicación Universidad Politécnica de Madrid Ctra. de Valencia, Km. 7 E-28031 Madrid - España / Spain To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 4:30:52 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 04:30:47 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail2.rdc1.il.home.com (mail2.rdc1.il.home.com [24.2.1.77]) by hub.freebsd.org (Postfix) with ESMTP id 31F5137B402 for ; Fri, 5 Jan 2001 04:30:47 -0800 (PST) Received: from home.com ([24.14.186.233]) by mail2.rdc1.il.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010105123046.KUGP17385.mail2.rdc1.il.home.com@home.com> for ; Fri, 5 Jan 2001 04:30:46 -0800 Sender: root@FreeBSD.ORG Message-ID: <3A55BE97.B30025E8@home.com> Date: Fri, 05 Jan 2001 06:31:20 -0600 From: Sean X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@FreeBSD.ORG Subject: Problem with Multihomed Machine Content-Type: multipart/alternative; boundary="------------ED8A790389787DDED75D4CDC" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --------------ED8A790389787DDED75D4CDC Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hello. I'm having some problems setting up a multihomed machine and was wondering if someone could point me in the right direction. I have a FreeBSD box with 2 ethernet cards. One card, rl0, is connected to my cable modem. The other card, rl1, is connected to a Win2000 box. The goal is to have FreeBSD act as a firewall for the Win2000 machine. I have set the IP address of the internal network card (rl1) to 10.0.0.1, and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of 10.0.0.1. The problem I'm having is, I can't get Win2000 to do anything to try and connect to FreeBSD, it won't even do a ping of the FreeBSD machine. From FreeBSD, I can get on the internet, and ping Win2000, but, Win2000 won't connect to anything. I've read quite a few howtos on natd and setting up a firewall, but, I can't figure out why it's not working. Just from looking at the Win2000 settings, it appears it's set up right, so, I am wondering if I'm doing something wrong in FreeBSD. Below I've included the output from ifconfig -a, netstat -rn and netstat -in. Any help would be greatly appreciated. IFCONFIG -A rl0: flags=8843 mtu 1500 inet 24.14.186.233 netmask 0xffffff80 broadcast 24.14.186.255 inet6 fe80::200:21ff:fedb:7c22%rl0 prefixlen 64 scopeid 0x1 ether 00:00:21:db:7c:22 media: autoselect (none) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 100baseTX rl1: flags=8843 mtu 1500 inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255 inet6 fe80::250:baff:fed3:5b03%rl1 prefixlen 64 scopeid 0x2 ether 00:50:ba:d3:5b:03 media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 100baseTX NETSTAT -RN Routing tables Internet: Destination Gateway Flags Netif Expire default 24.14.186.129 UGSc rl0 10/24 link#2 UC rl1 => 24.14.186.128/25 link#1 UC rl0 => 24.14.186.129 0:30:80:6e:e8:70 UHLW rl0 823 24.14.186.255 ff:ff:ff:ff:ff:ff UHLWb rl0 127.0.0.1 127.0.0.1 UH lo0 NETSTAT -IN Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll rl0 1500 00:00:21:db:7c:22 52 0 11 0 0 rl0 1500 24.14.186.128 24.14.186.233 52 0 11 0 0 rl0 1500 fe80:1::200 fe80:1::200:21ff: 52 0 11 0 0 rl1 1500 00:50:ba:d3:5b:03 19 0 9 0 0 rl1 1500 10/24 10.0.0.1 19 0 9 0 0 rl1 1500 fe80:2::250 fe80:2::250:baff: 19 0 9 0 0 Sean Chisek devotwo@home.com --------------ED8A790389787DDED75D4CDC Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Hello.  I'm having some problems setting up a multihomed machine and was wondering if someone could point me in the right direction.  I have a FreeBSD box with 2 ethernet cards.  One card, rl0, is connected to my cable modem.  The other card, rl1, is connected to a Win2000 box.   The goal is to have FreeBSD act as a firewall for the Win2000 machine.  I have set the IP address of the internal network card (rl1) to 10.0.0.1, and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of 10.0.0.1.  The problem I'm having is, I can't get Win2000 to do anything to try and connect to FreeBSD, it won't even do a ping of the FreeBSD machine.  From FreeBSD, I can get on the internet, and ping Win2000, but, Win2000 won't connect to anything.  I've read quite a few howtos on natd and setting up a firewall, but, I can't figure out why it's not working.  Just from looking at the Win2000 settings, it appears it's set up right, so, I am wondering if I'm doing something wrong in FreeBSD.

Below I've included the output from ifconfig -a, netstat -rn and netstat -in.  Any help would be greatly appreciated.

IFCONFIG -A
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
 inet 24.14.186.233 netmask 0xffffff80 broadcast 24.14.186.255
 inet6 fe80::200:21ff:fedb:7c22%rl0 prefixlen 64 scopeid 0x1
 ether 00:00:21:db:7c:22
 media: autoselect (none) status: active
 supported media: autoselect 100baseTX <full-duplex> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP 100baseTX <hw-loopback>
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
 inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
 inet6 fe80::250:baff:fed3:5b03%rl1 prefixlen 64 scopeid 0x2
 ether 00:50:ba:d3:5b:03
 media: autoselect (100baseTX <full-duplex>) status: active
 supported media: autoselect 100baseTX <full-duplex> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP 100baseTX <hw-loopback>
 

NETSTAT -RN
Routing tables

Internet:
Destination        Gateway            Flags      Netif Expire
default            24.14.186.129      UGSc        rl0
10/24              link#2             UC          rl1 =>
24.14.186.128/25   link#1             UC          rl0 =>
24.14.186.129      0:30:80:6e:e8:70   UHLW        rl0    823
24.14.186.255      ff:ff:ff:ff:ff:ff  UHLWb       rl0
127.0.0.1          127.0.0.1          UH          lo0
 

NETSTAT -IN
Name  Mtu   Network       Address            Ipkts Ierrs    Opkts Oerrs  Coll
rl0   1500  <Link#1>    00:00:21:db:7c:22       52     0       11     0     0
rl0   1500  24.14.186.128 24.14.186.233         52     0       11     0     0
rl0   1500  fe80:1::200 fe80:1::200:21ff:       52     0       11     0     0
rl1   1500  <Link#2>    00:50:ba:d3:5b:03       19     0        9     0     0
rl1   1500  10/24         10.0.0.1              19     0        9     0     0
rl1   1500  fe80:2::250 fe80:2::250:baff:       19     0        9     0     0 

Sean Chisek
devotwo@home.com
  --------------ED8A790389787DDED75D4CDC-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 5:30:17 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 05:30:15 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from www.ansp.br (www.ansp.br [143.108.25.7]) by hub.freebsd.org (Postfix) with ESMTP id BE3DD37B400 for ; Fri, 5 Jan 2001 05:30:14 -0800 (PST) Received: from ansp.br (cronus.ansp.br [143.108.22.7]) by www.ansp.br (Postfix) with ESMTP id 5067210C0A3; Fri, 5 Jan 2001 11:29:57 -0200 (BRST) Sender: marcus@www.ansp.br Message-ID: <3A55CC63.CAEFF6FE@ansp.br> Date: Fri, 05 Jan 2001 11:30:12 -0200 From: Marcus =?iso-8859-1?Q?Vin=EDcius?= Midena Ramos Organization: Fapesp X-Mailer: Mozilla 4.7 [pt_BR] (X11; U; Linux 2.2.12-20 i686) X-Accept-Language: en MIME-Version: 1.0 To: Guido van Rooij Cc: freebsd-net@FreeBSD.ORG Subject: Re: raw ethernetpackets..how? References: <20010105104142.A36057@gvr.gvr.org> <20010105110011.A36934@gvr.gvr.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Try libnet (www.packetfactory.net/libnet). It is for injecting packets. Marcus. Guido van Rooij wrote: > On Fri, Jan 05, 2001 at 10:57:57AM +0100, Harti Brandt wrote: > > On Fri, 5 Jan 2001, Guido van Rooij wrote: > > > > > I wonder if it is possible to send raw ethernet packets somehow in FreeBSD. > > > E.g. using a AF_LINK, SOCK_RAW socket or something. > > > > man 4 bpf > > Eh..._send_, not receive. > > -Guido > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 6:20:20 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 06:20:15 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from worldclass.jolt.nu (lgh637b.hn-krukan.AC [212.217.139.112]) by hub.freebsd.org (Postfix) with ESMTP id 7804637B402 for ; Fri, 5 Jan 2001 06:20:14 -0800 (PST) Received: from localhost (c4@localhost) by worldclass.jolt.nu (8.9.3/8.9.3) with ESMTP id PAA63658; Fri, 5 Jan 2001 15:17:57 +0100 (CET) (envelope-from c4@worldclass.jolt.nu) Date: Fri, 5 Jan 2001 15:17:56 +0100 (CET) From: ppX To: Nicole Cc: Tom Samplonius , freebsd-net@FreeBSD.ORG Subject: Re: Problem with fxp0 card and slowing/dying transmits In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ifconfig fxp0 media 100baseTX mediaopt full-duplex is the correct way to set 100mbps fdx i've had similar problems and they where related to full-duplex/half-duplex settings... On Fri, 5 Jan 2001, Nicole wrote: > > On 05-Jan-01 Tom Samplonius wrote: > > > > On Thu, 4 Jan 2001, Nicole wrote: > > > > ... > >> The problem is that when trying to scp a file or send a large file to it > >> via > >> sendmail, (large = 253952 ) it seems to transmit along > >> happily, then (at least for scp) at abt 1/2 way through, it seems to just > >> start > >> crawling. When I have let it run, it will go forever and will seem to > >> eventually finish but will hang as the transfer speed keeps dropping through > >> the > >> floor. > > ... > > > > Mismatched duplex settings can cause problems like this. When using a > > switch, duplex settings on your server and switch must match. Most > > FreeBSD ethernet card drivers default to autonegotiation, but can be > > changed with an ifconfig option. Auto negotiation may not be trustworthy > > as it requires a good and recent switch, and a good and recent card. You > > should verify that autonegotiation actually picks the right duplex setting > > before trusting it with your hardware. Auto negotation requires that both > > the server and switch are set to auto. "auto negotation" is not the same > > as "auto detect". > > > > And hubs are always half-duplex. > > > > Tom > > Yup.... Set to 100/TX via ifconfig - > > Ifconfig -a shows: > fxp0: flags=8843 mtu 1500 > media: 100baseTX status: active > supported media: autoselect 100baseTX 100baseTX > 10baseT/UTP 10baseT/UTP > > The switch is showing: 100Mbps/Half/BP-Off > > > As opposed to another server on the same switch, set to auto. > > ifconfig -a > media: autoselect (100baseTX ) status: active > supported media: autoselect 100baseTX 100baseTX > 10baseT/UTP 10baseT/UTP > > The switch shows: 100Mbps/Full/Enabled (IEEE 802.3x) > > > Hmm Even if I force the switch to full duplex it does not seem to change the > server to full duplex when using autonegotiate via ifconfig.. What is the > right syntax to force full neg via ifconfig? > > > Nicole > > > > > nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ > webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ > nicole@deviantimages.com // \\ http://www.deviantimages.com/ > > ---------------------------(((---(((---------------------------------------- > > -- Powered by Coka-Cola and FreeBSD -- > -- I don't speak for anybody but myself - that's enough trouble -- > -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- > > ------------------------------------------------------------------------- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 8:12: 5 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 08:12:03 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id A8A2A37B400 for ; Fri, 5 Jan 2001 08:12:02 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id LAA70969; Fri, 5 Jan 2001 11:11:12 -0500 (EST) (envelope-from wollman) Date: Fri, 5 Jan 2001 11:11:12 -0500 (EST) From: Garrett Wollman Message-Id: <200101051611.LAA70969@khavrinen.lcs.mit.edu> To: "Pedro J. Lobo" Cc: freebsd-net@FreeBSD.ORG Subject: Updated fxp VLAN patch for 4.2-RELEASE In-Reply-To: References: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > - It doesn't modify if_vlan.c anymore. Instead, it uses ifi_hdrlen to tell > if_vlan.c that it supports long frames. This looks good -- but I'm a bit confused by this segment of code: + #if NVLAN > 0 + ifp->if_data.ifi_hdrlen = sizeof(struct ether_vlan_header); + #else + if (sc->not_82557) { + ifp->if_data.ifi_hdrlen = sizeof(struct ether_vlan_header); + } + #endif Can you explain the logic here? (This seems to interfere with the loadability of this module.) -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 8:22:36 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 08:22:34 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id 4266337B402 for ; Fri, 5 Jan 2001 08:22:34 -0800 (PST) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id JAA25079; Fri, 5 Jan 2001 09:22:32 -0700 (MST) Date: Fri, 5 Jan 2001 09:22:32 -0700 (MST) From: Nick Rogness To: Sean Cc: freebsd-net@FreeBSD.ORG Subject: Re: Problem with Multihomed Machine In-Reply-To: <3A55BE97.B30025E8@home.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 5 Jan 2001, Sean wrote: > Hello. I'm having some problems setting up a multihomed machine and was > wondering if someone could point me in the right direction. I have a > FreeBSD box with 2 ethernet cards. One card, rl0, is connected to my > cable modem. The other card, rl1, is connected to a Win2000 box. The > goal is to have FreeBSD act as a firewall for the Win2000 machine. I > have set the IP address of the internal network card (rl1) to 10.0.0.1, > and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of > 10.0.0.1. The problem I'm having is, I can't get Win2000 to do anything > to try and connect to FreeBSD, it won't even do a ping of the FreeBSD > machine. From FreeBSD, I can get on the internet, and ping Win2000, > but, Win2000 won't connect to anything. I've read quite a few howtos on Is gateway_enable turned on ? Is firewalling turned on? If so, what do your rules look like? Is natd enabled? > natd and setting up a firewall, but, I can't figure out why it's not > working. Just from looking at the Win2000 settings, it appears it's set > up right, so, I am wondering if I'm doing something wrong in FreeBSD. > > Below I've included the output from ifconfig -a, netstat -rn and netstat > -in. Any help would be greatly appreciated. > Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 11:44:42 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 11:44:38 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 2873537B400 for ; Fri, 5 Jan 2001 11:44:38 -0800 (PST) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f05JiMb01292; Fri, 5 Jan 2001 11:44:22 -0800 Date: Fri, 5 Jan 2001 11:44:22 -0800 From: Brooks Davis To: =?iso-8859-1?Q?Marcus_Vin=EDcius_Midena_Ramos?= Cc: Guido van Rooij , freebsd-net@FreeBSD.ORG Subject: Re: raw ethernetpackets..how? Message-ID: <20010105114422.G23398@Odin.AC.HMC.Edu> References: <20010105104142.A36057@gvr.gvr.org> <20010105110011.A36934@gvr.gvr.org> <3A55CC63.CAEFF6FE@ansp.br> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2i In-Reply-To: <3A55CC63.CAEFF6FE@ansp.br>; from marcus@ansp.br on Fri, Jan 05, 2001 at 11:30:12AM -0200 Sender: brdavis@odin.ac.hmc.edu Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Jan 05, 2001 at 11:30:12AM -0200, Marcus Vinícius Midena Ramos wrote: > Try libnet (www.packetfactory.net/libnet). It is for injecting packets. I've you've got plans to port your code to something other then BSD you'll want to use libnet. Note that last time I looked, libnet didn't support the header complete option required to let you send ethernet packets with forged MACs. Also, while libnet is the best option for portable raw writes I know of, I really dislike it. It's full of junk that has nothing to do with it's task (being the compliment of libpcap.) I did use them to write a cute little userland bridge for use as a man in the middle attack on SecureRPC. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 11:50:22 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 11:49:56 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from virtual.sysadmin-inc.com (lists.sysadmin-inc.com [209.16.228.140]) by hub.freebsd.org (Postfix) with ESMTP id 6977937B400 for ; Fri, 5 Jan 2001 11:49:55 -0800 (PST) Received: from wkst ([209.16.228.146]) by virtual.sysadmin-inc.com (8.9.1/8.9.1) with SMTP id OAA23130; Fri, 5 Jan 2001 14:55:03 -0500 Reply-To: From: "Peter Brezny" To: "'Sean'" Cc: Subject: RE: Problem with Multihomed Machine Date: Fri, 5 Jan 2001 14:48:59 -0800 Message-ID: <000301c07769$b21584c0$46010a0a@sysadmininc.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0004_01C07726.A3F244C0" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <3A55BE97.B30025E8@home.com> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0004_01C07726.A3F244C0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit If your freebsd machine is working fine and you can ping the windows box from freebsd but not the other way, it seems to point to your firewall preventing the windows box from connecting. you can disable the firewall completely and see if you can ping from the windows machine, then work back from there. try ipfw -f flush ipfw add allow all from any to any at the command line then see if things work. you can use /etc/netstart to reread your rc.conf (and restart your firewall) or restart the firewall directly if it's a script sh /etc/rc.firewall have a look at http://www.bsdtoday.com/2000/December/Features359.html for yet another nat/ipfw how to. Peter Brezny SysAdmin Services Inc. -----Original Message----- From: root@FreeBSD.ORG [mailto:root@FreeBSD.ORG]On Behalf Of Sean Sent: Friday, January 05, 2001 4:31 AM To: freebsd-net@FreeBSD.ORG Subject: Problem with Multihomed Machine Hello. I'm having some problems setting up a multihomed machine and was wondering if someone could point me in the right direction. I have a FreeBSD box with 2 ethernet cards. One card, rl0, is connected to my cable modem. The other card, rl1, is connected to a Win2000 box. The goal is to have FreeBSD act as a firewall for the Win2000 machine. I have set the IP address of the internal network card (rl1) to 10.0.0.1, and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of 10.0.0.1. The problem I'm having is, I can't get Win2000 to do anything to try and connect to FreeBSD, it won't even do a ping of the FreeBSD machine. From FreeBSD, I can get on the internet, and ping Win2000, but, Win2000 won't connect to anything. I've read quite a few howtos on natd and setting up a firewall, but, I can't figure out why it's not working. Just from looking at the Win2000 settings, it appears it's set up right, so, I am wondering if I'm doing something wrong in FreeBSD. Below I've included the output from ifconfig -a, netstat -rn and netstat -in. Any help would be greatly appreciated. IFCONFIG -A rl0: flags=8843 mtu 1500 inet 24.14.186.233 netmask 0xffffff80 broadcast 24.14.186.255 inet6 fe80::200:21ff:fedb:7c22%rl0 prefixlen 64 scopeid 0x1 ether 00:00:21:db:7c:22 media: autoselect (none) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 100baseTX rl1: flags=8843 mtu 1500 inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255 inet6 fe80::250:baff:fed3:5b03%rl1 prefixlen 64 scopeid 0x2 ether 00:50:ba:d3:5b:03 media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 100baseTX NETSTAT -RN Routing tables Internet: Destination Gateway Flags Netif Expire default 24.14.186.129 UGSc rl0 10/24 link#2 UC rl1 => 24.14.186.128/25 link#1 UC rl0 => 24.14.186.129 0:30:80:6e:e8:70 UHLW rl0 823 24.14.186.255 ff:ff:ff:ff:ff:ff UHLWb rl0 127.0.0.1 127.0.0.1 UH lo0 NETSTAT -IN Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll rl0 1500 00:00:21:db:7c:22 52 0 11 0 0 rl0 1500 24.14.186.128 24.14.186.233 52 0 11 0 0 rl0 1500 fe80:1::200 fe80:1::200:21ff: 52 0 11 0 0 rl1 1500 00:50:ba:d3:5b:03 19 0 9 0 0 rl1 1500 10/24 10.0.0.1 19 0 9 0 0 rl1 1500 fe80:2::250 fe80:2::250:baff: 19 0 9 0 0 Sean Chisek devotwo@home.com ------=_NextPart_000_0004_01C07726.A3F244C0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
If=20 your freebsd machine is working fine and you can ping the windows box = from=20 freebsd but not the other way, it seems to point to your firewall = preventing the=20 windows box from connecting.
 
you=20 can disable the firewall completely and see if you can ping from the = windows=20 machine, then work back from there.
 
try
 
ipfw=20 -f flush
ipfw=20 add allow all from any to any
 
at the=20 command line then see if things work.
 
you=20 can use
 
/etc/netstart
 
to=20 reread your rc.conf (and restart your firewall)
 
or=20 restart the firewall directly if it's a script
 
sh=20 /etc/rc.firewall
 
have a=20 look at
 

Peter Brezny
SysAdmin Services Inc.

-----Original Message-----
From: root@FreeBSD.ORG=20 [mailto:root@FreeBSD.ORG]On Behalf Of Sean
Sent: = Friday,=20 January 05, 2001 4:31 AM
To:=20 freebsd-net@FreeBSD.ORG
Subject: Problem with Multihomed=20 Machine

Hello.  I'm having some problems = setting up a=20 multihomed machine and was wondering if someone could point me in the = right=20 direction.  I have a FreeBSD box with 2 ethernet cards.  One = card,=20 rl0, is connected to my cable modem.  The other card, rl1, is = connected=20 to a Win2000 box.   The goal is to have FreeBSD act as a = firewall=20 for the Win2000 machine.  I have set the IP address of the = internal=20 network card (rl1) to 10.0.0.1, and I have the IP address of Win2000 = set as=20 10.0.0.2, with a gateway of 10.0.0.1.  The problem I'm having is, = I can't=20 get Win2000 to do anything to try and connect to FreeBSD, it won't = even do a=20 ping of the FreeBSD machine.  From FreeBSD, I can get on the = internet,=20 and ping Win2000, but, Win2000 won't connect to anything.  I've = read=20 quite a few howtos on natd and setting up a firewall, but, I can't = figure out=20 why it's not working.  Just from looking at the Win2000 settings, = it=20 appears it's set up right, so, I am wondering if I'm doing something = wrong in=20 FreeBSD.=20

Below I've included the output from ifconfig -a, netstat -rn and = netstat=20 -in.  Any help would be greatly appreciated.=20

IFCONFIG -A
rl0:=20 flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500=20
 inet 24.14.186.233 netmask 0xffffff80 broadcast = 24.14.186.255=20
 inet6 fe80::200:21ff:fedb:7c22%rl0 prefixlen 64 scopeid 0x1=20
 ether 00:00:21:db:7c:22
 media: autoselect (none) = status:=20 active
 supported media: autoselect 100baseTX = <full-duplex>=20 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP 100baseTX=20 <hw-loopback>
rl1:=20 flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500=20
 inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255=20
 inet6 fe80::250:baff:fed3:5b03%rl1 prefixlen 64 scopeid 0x2=20
 ether 00:50:ba:d3:5b:03
 media: autoselect = (100baseTX=20 <full-duplex>) status: active
 supported media: = autoselect=20 100baseTX <full-duplex> 100baseTX 10baseT/UTP = <full-duplex>=20 10baseT/UTP 100baseTX <hw-loopback>
 =20

NETSTAT -RN
Routing tables=20

Internet:
Destination        = = Gateway           = =20 Flags      Netif Expire=20 =
default          &n= bsp;=20 24.14.186.129     =20 UGSc        rl0=20 =
10/24          &nbs= p;  =20 = link#2           &= nbsp;=20 UC          rl1 =3D>=20
24.14.186.128/25  =20 = link#1           &= nbsp;=20 UC          rl0 =3D>=20
24.14.186.129      = 0:30:80:6e:e8:70  =20 UHLW        rl0    = 823=20
24.14.186.255      = ff:ff:ff:ff:ff:ff =20 UHLWb       rl0=20
127.0.0.1         =20 127.0.0.1         =20 UH          lo0 =
 =20

NETSTAT -IN
Name  Mtu  =20 Network      =20 = Address           = =20 Ipkts Ierrs    Opkts Oerrs  Coll =
rl0  =20 1500  <Link#1>   =20 00:00:21:db:7c:22      =20 52     0      =20 11     0     0 =
rl0  =20 1500  24.14.186.128=20 24.14.186.233        =20 52     0      =20 11     0     0 =
rl0  =20 1500  fe80:1::200 = fe80:1::200:21ff:      =20 52     0      =20 11     0     0 =
rl1  =20 1500  <Link#2>   =20 00:50:ba:d3:5b:03      =20 19     0        = 9     0     0 =
rl1  =20 1500  10/24        =20 = 10.0.0.1           = ;  =20 19     0        = 9     0     0 =
rl1  =20 1500  fe80:2::250 = fe80:2::250:baff:      =20 19     0        = 9     0     0 

Sean Chisek
devotwo@home.com
 
------=_NextPart_000_0004_01C07726.A3F244C0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 13:52: 2 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 13:52:00 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from proxy.outblaze.com (proxy.outblaze.com [202.77.223.120]) by hub.freebsd.org (Postfix) with SMTP id 88B7837B400 for ; Fri, 5 Jan 2001 13:51:59 -0800 (PST) Received: (qmail 89264 invoked from network); 5 Jan 2001 21:51:52 -0000 Received: from unknown (HELO yusufg.portal2.com) (202.77.181.217) by proxy.outblaze.com with SMTP; 5 Jan 2001 21:51:52 -0000 Received: (qmail 17005 invoked by uid 500); 5 Jan 2001 21:55:56 -0000 Date: Sat, 6 Jan 2001 05:55:56 +0800 From: Yusuf Goolamabbas To: freebsd-net@freebsd.org Subject: Using DUMMYNET on a filtering bridge Message-ID: <20010106055556.A16881@outblaze.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I seem to have a problem getting dummynet working on a filtering bridge running 4.2-stable as on Dec 6 Problem: I am trying to limit the total outbound bandwith from a certain machine. Prior to inserting the filtering bridge, it is directly connected to a switch port which is connected to the router and then to the leased line Now, I inserted a filtering bridge between the switch port and the machine. The connection looks like this FB ==> Filtering bridge switch-port -> fxp0 of FB machine with IP [A.B.C.D] -> fxp1 of FB I have bound an IP address to fxp0 of FB so I can login in there for remote and configure the box The following are the relevant options in my kernel config options NMBCLUSTERS=16384 options BRIDGE options IPFIREWALL options IPFIREWALL_VERBOSE options DUMMYNET options IPFIREWALL_DEFAULT_TO_ACCEPT I have the following in /etc/sysctl.conf net.link.ether.bridge_ipfw=1 net.link.ether.bridge=1 net.inet.ip.fw.dyn_max=10000 My rc.firewall looks like this ipfw add 100 pass all from any to any via lo0 ipfw add 200 deny all from any to 127.0.0.0/8 ipfw add 300 pass udp from 0.0.0.0 2054 to 0.0.0.0 ipfw add 400 pipe 1 ip from A.B.C.D to any in via fxp1 ipfw pipe 1 config bw 256 Kbit/s queue 30KB However, this does not seem to provide any shaping to the machine ipfw show does not show any packets/bytes counters incremented for rule 400. ipfw pipe show also shows up blank Is there some fundamental mistake I have made ? Regards, Yusuf -- Yusuf Goolamabbas yusufg@outblaze.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 14:33:29 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 14:33:22 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from krell.webweaver.net (krell.webweaver.net [64.124.90.11]) by hub.freebsd.org (Postfix) with ESMTP id C3B6C37B400 for ; Fri, 5 Jan 2001 14:33:22 -0800 (PST) Received: from xwin.nmhtech.com (xwin.daemontech.net [208.138.46.161]) by krell.webweaver.net (Postfix) with ESMTP id 99CC120F04; Fri, 5 Jan 2001 14:33:22 -0800 (PST) Content-Length: 5453 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Fri, 05 Jan 2001 14:33:22 -0800 (PST) Sender: altera@xwin.nmhtech.com From: Nicole To: ppX Subject: Re: Problem with fxp0 card and slowing/dying transmits - still :( Cc: freebsd-net@FreeBSD.ORG, Tom Samplonius Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 05-Jan-01 ppX wrote: > ifconfig fxp0 media 100baseTX mediaopt full-duplex > is the correct way to set 100mbps fdx > > i've had similar problems and they where related to > full-duplex/half-duplex settings... > *SIGH* Yup.. Well I tried setting the switch manually to: 100Mbps/Half/Enabled (BackPressure) (It won't let me select no Flow control) ifconfiging to 100BT/X it says media: 100baseTX status: active Same problem. Yes the switch is a Intel 460T. However the other servers are on the same switch with the same nic card and don't seem to have the problem. Now.. I have the server set to 100Mb/Full duplex. But same problem :( Switch: 100Mbps/Full/Enabled (IEEE 802.3x) Server: media: 100baseTX status: active root@goodserver:/usr/sbin> scp sendmail.8.9.3 nicole@badserver.com: nicole@badserver's password: Filesize = 290448 sendmail.8.9.3 | 8 KB | 8.0 kB/s | ETA: 00:00:34 | 2% sendmail.8.9.3 | 152 KB | 76.0 kB/s | ETA: 00:00:01 | 53% sendmail.8.9.3 | 160 KB | 14.5 kB/s | ETA: 00:00:08 | 56% ^CKilled by signal 2. root@goodserver:/root> scp LSOF nicole@badsever.com: nicole@badservers's password: Filesize = 340877 LSOF | 8 KB | 8.0 kB/s | ETA: 00:00:40 | 2% LSOF | 152 KB | 76.0 kB/s | ETA: 00:00:02 | 45% LSOF | 160 KB | 14.5 kB/s | ETA: 00:00:11 | 48% ^CKilled by signal 2. Filesize = 1569116 root@goodserver:/var/mail> scp xxx nicole@badserver.com: nicole@badservers's password: xxx | 8 KB | 8.0 kB/s | ETA: 00:03:10 | 0% xxx | 152 KB | 76.0 kB/s | ETA: 00:00:18 | 9% xxx | 160 KB | 14.5 kB/s | ETA: 00:01:34 | 10% ^CKilled by signal 2. HELLLLP Way frustrated Nicole > > On Fri, 5 Jan 2001, Nicole wrote: > >> >> On 05-Jan-01 Tom Samplonius wrote: >> > >> > On Thu, 4 Jan 2001, Nicole wrote: >> > >> > ... >> >> The problem is that when trying to scp a file or send a large file to it >> >> via >> >> sendmail, (large = 253952 ) it seems to transmit >> >> along >> >> happily, then (at least for scp) at abt 1/2 way through, it seems to just >> >> start >> >> crawling. When I have let it run, it will go forever and will seem to >> >> eventually finish but will hang as the transfer speed keeps dropping >> >> through >> >> the >> >> floor. >> > ... >> > >> > Mismatched duplex settings can cause problems like this. When using a >> > switch, duplex settings on your server and switch must match. Most >> > FreeBSD ethernet card drivers default to autonegotiation, but can be >> > changed with an ifconfig option. Auto negotiation may not be trustworthy >> > as it requires a good and recent switch, and a good and recent card. You >> > should verify that autonegotiation actually picks the right duplex setting >> > before trusting it with your hardware. Auto negotation requires that both >> > the server and switch are set to auto. "auto negotation" is not the same >> > as "auto detect". >> > >> > And hubs are always half-duplex. >> > >> > Tom >> >> Yup.... Set to 100/TX via ifconfig - >> >> Ifconfig -a shows: >> fxp0: flags=8843 mtu 1500 >> media: 100baseTX status: active >> supported media: autoselect 100baseTX 100baseTX >> 10baseT/UTP 10baseT/UTP >> >> The switch is showing: 100Mbps/Half/BP-Off >> >> >> As opposed to another server on the same switch, set to auto. >> >> ifconfig -a >> media: autoselect (100baseTX ) status: active >> supported media: autoselect 100baseTX 100baseTX >> 10baseT/UTP 10baseT/UTP >> >> The switch shows: 100Mbps/Full/Enabled (IEEE 802.3x) >> >> >> Hmm Even if I force the switch to full duplex it does not seem to change >> the >> server to full duplex when using autonegotiate via ifconfig.. What is the >> right syntax to force full neg via ifconfig? >> >> >> Nicole >> >> >> >> >> nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ >> webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ >> nicole@deviantimages.com // \\ http://www.deviantimages.com/ >> >> ---------------------------(((---(((---------------------------------------- >> >> -- Powered by Coka-Cola and FreeBSD -- >> -- I don't speak for anybody but myself - that's enough trouble -- >> -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- >> >> ------------------------------------------------------------------------- >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-net" in the body of the message >> nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((---------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- I don't speak for anybody but myself - that's enough trouble -- -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- ------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 14:44:17 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 14:44:14 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from implode.root.com (root.com [209.102.106.178]) by hub.freebsd.org (Postfix) with ESMTP id D179337B400 for ; Fri, 5 Jan 2001 14:44:13 -0800 (PST) Received: from implode.root.com (localhost [127.0.0.1]) by implode.root.com (8.8.8/8.8.5) with ESMTP id OAA07017; Fri, 5 Jan 2001 14:37:14 -0800 (PST) Message-Id: <200101052237.OAA07017@implode.root.com> To: Nicole Cc: ppX , freebsd-net@FreeBSD.ORG, Tom Samplonius Subject: Re: Problem with fxp0 card and slowing/dying transmits - still :( In-reply-to: Your message of "Fri, 05 Jan 2001 14:33:22 PST." From: David Greenman Reply-To: dg@root.com Date: Fri, 05 Jan 2001 14:37:14 -0800 Sender: dg@implode.root.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > *SIGH* > Yup.. Well I tried setting the switch manually to: 100Mbps/Half/Enabled >(BackPressure) (It won't let me select no Flow control) ifconfiging to > 100BT/X it says media: 100baseTX status: active > >Same problem. Yes the switch is a Intel 460T. However the other servers are on >the same switch with the same nic card and don't seem to have the problem. > > Now.. I have the server set to 100Mb/Full duplex. But same problem :( > >Switch: 100Mbps/Full/Enabled (IEEE 802.3x) >Server: media: 100baseTX status: active Hmmm. I would still guess a duplex problem, but the above is hard to argue with. Dumb question: are you sure you're configuring the correct port on the switch? If it's not a duplex problem, then there is probably something wonky with the server motherboard. -DG David Greenman Co-founder, The FreeBSD Project - http://www.freebsd.org President, TeraSolutions, Inc. - http://www.terasolutions.com Pave the road of life with opportunities. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 15: 4:22 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 15:04:19 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from krell.webweaver.net (krell.webweaver.net [64.124.90.11]) by hub.freebsd.org (Postfix) with ESMTP id B666937B400 for ; Fri, 5 Jan 2001 15:04:17 -0800 (PST) Received: from xwin.nmhtech.com (xwin.daemontech.net [208.138.46.161]) by krell.webweaver.net (Postfix) with ESMTP id 4242A20F04; Fri, 5 Jan 2001 15:04:17 -0800 (PST) Content-Length: 2068 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <200101052237.OAA07017@implode.root.com> Date: Fri, 05 Jan 2001 15:04:17 -0800 (PST) Sender: altera@xwin.nmhtech.com From: Nicole To: David Greenman Subject: Re: Problem with fxp0 card and slowing/dying transmits - still : Cc: Tom Samplonius , freebsd-net@FreeBSD.ORG, ppX Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 05-Jan-01 David Greenman wrote: >> *SIGH* >> Yup.. Well I tried setting the switch manually to: 100Mbps/Half/Enabled >>(BackPressure) (It won't let me select no Flow control) ifconfiging to >> 100BT/X it says media: 100baseTX status: active >> >>Same problem. Yes the switch is a Intel 460T. However the other servers are >>on >>the same switch with the same nic card and don't seem to have the problem. >> >> Now.. I have the server set to 100Mb/Full duplex. But same problem :( >> >>Switch: 100Mbps/Full/Enabled (IEEE 802.3x) >>Server: media: 100baseTX status: active > > Hmmm. I would still guess a duplex problem, but the above is hard to argue > with. Dumb question: are you sure you're configuring the correct port on the > switch? > If it's not a duplex problem, then there is probably something wonky with > the server motherboard. > > -DG Ahha.. Well.. Nice new word for the day "wonky" I like that :) Yea.. as I change things on the server, I can see the switch respond to my settings when it it is autoconfig mode. (worried abt that too :> ) So then it *Could* be the motherboard.. I mean whats left, right? Thanks David! Nicole > > David Greenman > Co-founder, The FreeBSD Project - http://www.freebsd.org > President, TeraSolutions, Inc. - http://www.terasolutions.com > Pave the road of life with opportunities. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((---------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- I don't speak for anybody but myself - that's enough trouble -- -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- ------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 15: 8:53 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 15:08:51 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from implode.root.com (root.com [209.102.106.178]) by hub.freebsd.org (Postfix) with ESMTP id 8A9B737B400 for ; Fri, 5 Jan 2001 15:08:50 -0800 (PST) Received: from implode.root.com (localhost [127.0.0.1]) by implode.root.com (8.8.8/8.8.5) with ESMTP id PAA07131; Fri, 5 Jan 2001 15:02:04 -0800 (PST) Message-Id: <200101052302.PAA07131@implode.root.com> To: Nicole Cc: Tom Samplonius , freebsd-net@FreeBSD.ORG, ppX Subject: Re: Problem with fxp0 card and slowing/dying transmits - still : In-reply-to: Your message of "Fri, 05 Jan 2001 15:04:17 PST." From: David Greenman Reply-To: dg@root.com Date: Fri, 05 Jan 2001 15:02:04 -0800 Sender: dg@implode.root.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Ahha.. Well.. Nice new word for the day "wonky" I like that :) > > Yea.. as I change things on the server, I can see the switch respond to my >settings when it it is autoconfig mode. (worried abt that too :> ) > > So then it *Could* be the motherboard.. I mean whats left, right? It's very unlikely, but stranger things have happend. One other thing - on some switches the new settings don't take effect until they are properly written out to NVRAM. You might want to verify that the new switch settings are really getting set. -DG David Greenman Co-founder, The FreeBSD Project - http://www.freebsd.org President, TeraSolutions, Inc. - http://www.terasolutions.com Pave the road of life with opportunities. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 16:23:38 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 16:23:33 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail2.rdc1.il.home.com (mail2.rdc1.il.home.com [24.2.1.77]) by hub.freebsd.org (Postfix) with ESMTP id 114C537B400 for ; Fri, 5 Jan 2001 16:23:33 -0800 (PST) Received: from home.com ([24.14.186.233]) by mail2.rdc1.il.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010106002332.XYDD17385.mail2.rdc1.il.home.com@home.com> for ; Fri, 5 Jan 2001 16:23:32 -0800 Sender: root@FreeBSD.ORG Message-ID: <3A5665A5.1DB1C4B4@home.com> Date: Fri, 05 Jan 2001 18:24:06 -0600 From: Sean X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@FreeBSD.ORG Subject: Re: Problem with Multihomed Machine References: Content-Type: multipart/alternative; boundary="------------B5A2EB99E10D2F83425AE2E5" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --------------B5A2EB99E10D2F83425AE2E5 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Nick Rogness wrote: > On Fri, 5 Jan 2001, Sean wrote: > > > Hello. I'm having some problems setting up a multihomed machine and was > > wondering if someone could point me in the right direction. I have a > > FreeBSD box with 2 ethernet cards. One card, rl0, is connected to my > > cable modem. The other card, rl1, is connected to a Win2000 box. The > > goal is to have FreeBSD act as a firewall for the Win2000 machine. I > > have set the IP address of the internal network card (rl1) to 10.0.0.1, > > and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of > > 10.0.0.1. The problem I'm having is, I can't get Win2000 to do anything > > to try and connect to FreeBSD, it won't even do a ping of the FreeBSD > > machine. From FreeBSD, I can get on the internet, and ping Win2000, > > but, Win2000 won't connect to anything. I've read quite a few howtos on > > Is gateway_enable turned on ? Is firewalling turned on? If > so, what do your rules look like? Is natd enabled? In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES". For the firewalling, I recompiled the kernel with the following options: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT from "ipfw list", I have the following rules in place 00100 divert 8668 ip from any to any via rl0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65535 allow ip from any to any I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect. In my natd configuration file, i have: unregistered_only log yes use_sockets yes same_ports yes > > > > natd and setting up a firewall, but, I can't figure out why it's not > > working. Just from looking at the Win2000 settings, it appears it's set > > up right, so, I am wondering if I'm doing something wrong in FreeBSD. > > > > Below I've included the output from ifconfig -a, netstat -rn and netstat > > -in. Any help would be greatly appreciated. > > > > Nick Rogness > - Drive defensively. Buy a tank. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Sean Chisek devotwo@home.com --------------B5A2EB99E10D2F83425AE2E5 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Nick Rogness wrote:
On Fri, 5 Jan 2001, Sean wrote:

> Hello.  I'm having some problems setting up a multihomed machine and was
> wondering if someone could point me in the right direction.  I have a
> FreeBSD box with 2 ethernet cards.  One card, rl0, is connected to my
> cable modem.  The other card, rl1, is connected to a Win2000 box.   The
> goal is to have FreeBSD act as a firewall for the Win2000 machine.  I
> have set the IP address of the internal network card (rl1) to 10.0.0.1,
> and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of
> 10.0.0.1.  The problem I'm having is, I can't get Win2000 to do anything
> to try and connect to FreeBSD, it won't even do a ping of the FreeBSD
> machine.  From FreeBSD, I can get on the internet, and ping Win2000,
> but, Win2000 won't connect to anything.  I've read quite a few howtos on

        Is gateway_enable turned on ?  Is firewalling turned on?  If
        so, what do your rules look like?  Is natd enabled?

In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES".  For the firewalling,  I recompiled the kernel with the following options:

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
options IPFIREWALL_FORWARD
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT

from "ipfw list", I have the following rules in place
00100 divert 8668 ip from any to any via rl0
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65000 allow ip from any to any
65535 allow ip from any to any

I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect.

In my natd configuration file, i have:

unregistered_only
log yes
use_sockets yes
same_ports yes
 

 

> natd and setting up a firewall, but, I can't figure out why it's not
> working.  Just from looking at the Win2000 settings, it appears it's set
> up right, so, I am wondering if I'm doing something wrong in FreeBSD.
>
> Below I've included the output from ifconfig -a, netstat -rn and netstat
> -in.  Any help would be greatly appreciated.
>

Nick Rogness
- Drive defensively.  Buy a tank.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

-- 

Sean Chisek
devotwo@home.com
  --------------B5A2EB99E10D2F83425AE2E5-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 16:51:55 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 16:51:50 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 41F4B37B400; Fri, 5 Jan 2001 16:51:49 -0800 (PST) Received: from victoria-060.budapest.interware.hu ([195.70.63.60] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14EhaE-0007Ej-00; Sat, 06 Jan 2001 01:51:47 +0100 Sender: julian@FreeBSD.ORG Message-ID: <3A566BCB.BFD6FA2D@elischer.org> Date: Fri, 05 Jan 2001 16:50:19 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: net@freebsd.org, current@freebsd.org Subject: Re: HEADSUP! New netgraph code coming References: <3A5567A7.A11F47E3@elischer.org> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This has been committed. People with unusual netgraph usage should contact me for assistance if things fail. In particular I would like to get some more pppoe users to try it as I haven't convinced myself it's tested enough. For the Netgraph-aware, the following changes have been made. 1/ data and contol-messages are now delivered as part of a larger entity called an 'item'. Thus the prototypes for these methods has changed and the code must be changed to free this (or not) as required. 2/ piggyback responses have been removed, The new response method is almost as quick and much cleaner. 3/ All nodes have queues into which items are place IFF there is lock contention and teh data cannot be processed immediatly. I expect the code to be a LITLE shaky for a few days around the time when nodes are deleted. but operation seems solid. Julian Elischer wrote: > > I have a largely rewritten version of netgraph > ready for commit. > It is redesigned to work in an SMP "ouside the BGL" environment. > I have not completed it to the stage yet that it will run > without BGL yet but it's close and it's running stably. > > I hope to commit this in about 24 hours (maybe less) > > the files concerned are: > > julian@jules:grep Index: /tmp/xx > Index: sys/dev/lmc/if_lmc.c > Index: sys/dev/usb/udbp.c > Index: sys/i386/isa/if_ar.c > Index: sys/i386/isa/if_sr.c > Index: sys/i4b/driver/i4b_ing.c > Index: sys/pci/if_mn.c > Index: sys/dev/musycc/musycc.c > Index: sys/netgraph/netgraph.h > Index: sys/netgraph/ng_UI.c > Index: sys/netgraph/ng_async.c > Index: sys/netgraph/ng_base.c > Index: sys/netgraph/ng_bpf.c > Index: sys/netgraph/ng_bridge.c > Index: sys/netgraph/ng_cisco.c > Index: sys/netgraph/ng_echo.c > Index: sys/netgraph/ng_ether.c > Index: sys/netgraph/ng_frame_relay.c > Index: sys/netgraph/ng_hole.c > Index: sys/netgraph/ng_iface.c > Index: sys/netgraph/ng_ksocket.c > Index: sys/netgraph/ng_lmi.c > Index: sys/netgraph/ng_message.h > Index: sys/netgraph/ng_mppc.c > Index: sys/netgraph/ng_one2many.c > Index: sys/netgraph/ng_ppp.c > Index: sys/netgraph/ng_pppoe.c > Index: sys/netgraph/ng_pptpgre.c > Index: sys/netgraph/ng_rfc1490.c > Index: sys/netgraph/ng_sample.c > Index: sys/netgraph/ng_socket.c > Index: sys/netgraph/ng_tee.c > Index: sys/netgraph/ng_tty.c > Index: sys/netgraph/ng_vjc.c e -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 17:17:15 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 17:17:14 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.knight-trosoft.com (mail.knight-trosoft.com [209.180.70.2]) by hub.freebsd.org (Postfix) with ESMTP id E6CDB37B402 for ; Fri, 5 Jan 2001 17:17:13 -0800 (PST) Received: (from johnp@localhost) by mail.knight-trosoft.com (8.11.0/8.11.0) id f061BN958557; Fri, 5 Jan 2001 19:11:23 -0600 (CST) Date: Fri, 5 Jan 2001 19:11:23 -0600 (CST) From: John Prince Message-Id: <200101060111.f061BN958557@mail.knight-trosoft.com> To: dg@root.com, nicole@unixgirl.com Subject: Re: Problem with fxp0 card and slowing/dying transmits - still : Cc: c4@worldclass.jolt.nu, freebsd-net@FreeBSD.ORG, tom@sdf.com In-Reply-To: Sender: johnp@mail.knight-trosoft.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello.. Not seeing the entire thread, I am curious.. Do you have the same problem with ftp?? Or is it scp that the problem shows up with?? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 17:18:43 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 17:18:37 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail1.rdc1.il.home.com (mail1.rdc1.il.home.com [24.2.1.76]) by hub.freebsd.org (Postfix) with ESMTP id C808637B402 for ; Fri, 5 Jan 2001 17:18:36 -0800 (PST) Received: from home.com ([24.14.186.233]) by mail1.rdc1.il.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010106011831.ZGHA17339.mail1.rdc1.il.home.com@home.com> for ; Fri, 5 Jan 2001 17:18:31 -0800 Sender: root@FreeBSD.ORG Message-ID: <3A567289.DBD37F7@home.com> Date: Fri, 05 Jan 2001 19:19:05 -0600 From: Sean X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re: Problem with Multihomed Machine References: Content-Type: multipart/alternative; boundary="------------CBD155DAFF970F8F91602504" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --------------CBD155DAFF970F8F91602504 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Nick Rogness wrote: > On Fri, 5 Jan 2001, Sean wrote: > > > Hello. I'm having some problems setting up a multihomed machine and > was > > wondering if someone could point me in the right direction. I have > a > > FreeBSD box with 2 ethernet cards. One card, rl0, is connected to > my > > cable modem. The other card, rl1, is connected to a Win2000 box. > The > > goal is to have FreeBSD act as a firewall for the Win2000 machine. > I > > have set the IP address of the internal network card (rl1) to > 10.0.0.1, > > and I have the IP address of Win2000 set as 10.0.0.2, with a gateway > of > > 10.0.0.1. The problem I'm having is, I can't get Win2000 to do > anything > > to try and connect to FreeBSD, it won't even do a ping of the > FreeBSD > > machine. From FreeBSD, I can get on the internet, and ping Win2000, > > > but, Win2000 won't connect to anything. I've read quite a few > howtos on > > Is gateway_enable turned on ? Is firewalling turned on? If > so, what do your rules look like? Is natd enabled? In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES". For the firewalling, I recompiled the kernel with the following options: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT from "ipfw list", I have the following rules in place 00100 divert 8668 ip from any to any via rl0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65535 allow ip from any to any I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect. In my natd configuration file, i have: unregistered_only log yes use_sockets yes same_ports yes > > > > natd and setting up a firewall, but, I can't figure out why it's not > > > working. Just from looking at the Win2000 settings, it appears it's > set > > up right, so, I am wondering if I'm doing something wrong in > FreeBSD. > > > > Below I've included the output from ifconfig -a, netstat -rn and > netstat > > -in. Any help would be greatly appreciated. > > > > Nick Rogness > - Drive defensively. Buy a tank. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Sean Chisek devotwo@home.com --------------CBD155DAFF970F8F91602504 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit  
Nick Rogness wrote:
On Fri, 5 Jan 2001, Sean wrote:

> Hello.  I'm having some problems setting up a multihomed machine and was
> wondering if someone could point me in the right direction.  I have a
> FreeBSD box with 2 ethernet cards.  One card, rl0, is connected to my
> cable modem.  The other card, rl1, is connected to a Win2000 box.   The
> goal is to have FreeBSD act as a firewall for the Win2000 machine.  I
> have set the IP address of the internal network card (rl1) to 10.0.0.1,
> and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of
> 10.0.0.1.  The problem I'm having is, I can't get Win2000 to do anything
> to try and connect to FreeBSD, it won't even do a ping of the FreeBSD
> machine.  From FreeBSD, I can get on the internet, and ping Win2000,
> but, Win2000 won't connect to anything.  I've read quite a few howtos on

        Is gateway_enable turned on ?  Is firewalling turned on?  If
        so, what do your rules look like?  Is natd enabled?

In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES".  For the firewalling,  I recompiled the kernel with the following options:

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
options IPFIREWALL_FORWARD
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT

from "ipfw list", I have the following rules in place
00100 divert 8668 ip from any to any via rl0
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65000 allow ip from any to any
65535 allow ip from any to any

I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect.

In my natd configuration file, i have:

unregistered_only
log yes
use_sockets yes
same_ports yes
 

 

> natd and setting up a firewall, but, I can't figure out why it's not
> working.  Just from looking at the Win2000 settings, it appears it's set
> up right, so, I am wondering if I'm doing something wrong in FreeBSD.
>
> Below I've included the output from ifconfig -a, netstat -rn and netstat
> -in.  Any help would be greatly appreciated.
>

Nick Rogness
- Drive defensively.  Buy a tank.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

-- 

Sean Chisek
devotwo@home.com
 

  --------------CBD155DAFF970F8F91602504-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 17:29:13 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 17:29:10 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail.knight-trosoft.com (mail.knight-trosoft.com [209.180.70.2]) by hub.freebsd.org (Postfix) with ESMTP id 1062737B400 for ; Fri, 5 Jan 2001 17:29:10 -0800 (PST) Received: (from johnp@localhost) by mail.knight-trosoft.com (8.11.0/8.11.0) id f061NOq58674; Fri, 5 Jan 2001 19:23:24 -0600 (CST) Date: Fri, 5 Jan 2001 19:23:24 -0600 (CST) From: John Prince Message-Id: <200101060123.f061NOq58674@mail.knight-trosoft.com> To: dg@root.com, nicole@unixgirl.com Subject: Re: Problem with fxp0 card and slowing/dying transmits - still : Cc: c4@worldclass.jolt.nu, freebsd-net@FreeBSD.ORG, tom@sdf.com In-Reply-To: Sender: johnp@mail.knight-trosoft.com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, What type of motherboard, processor, and speed are you using? Are you overclocking? Can you run healthd? We recently had a series of problems, that appeared to be with or related to scp. Since scp is somewhat processor intense, the microprocessor was getting warm, no hot.. Hot enough to shut down. Prior the the shutdown, as the processor was heating up, the motherboard would slow the system clock, in an attempt to keep the processor from over-heating. This is a bios feature on the motherboard we use. Our processor heat problem was caused by the heatsink that we use with the OEM intel chips.. Our assembly department neglected to utilize heat sink compound. The heatsink was milled to allow the "chip" of the microprocessor to be inset. Unfortunately the milled area was not flat, allowing for hotspots on the chip. --john > From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 16:59:00 2001 > Date: Fri, 05 Jan 2001 15:04:17 -0800 (PST) > From: Nicole > To: David Greenman > Subject: Re: Problem with fxp0 card and slowing/dying transmits - still : > Cc: Tom Samplonius , freebsd-net@FreeBSD.ORG, > ppX > > > On 05-Jan-01 David Greenman wrote: > >> *SIGH* > >> Yup.. Well I tried setting the switch manually to: 100Mbps/Half/Enabled > >>(BackPressure) (It won't let me select no Flow control) ifconfiging to > >> 100BT/X it says media: 100baseTX status: active > >> > >>Same problem. Yes the switch is a Intel 460T. However the other servers are > >>on > >>the same switch with the same nic card and don't seem to have the problem. > >> > >> Now.. I have the server set to 100Mb/Full duplex. But same problem :( > >> > >>Switch: 100Mbps/Full/Enabled (IEEE 802.3x) > >>Server: media: 100baseTX status: active > > > > Hmmm. I would still guess a duplex problem, but the above is hard to argue > > with. Dumb question: are you sure you're configuring the correct port on the > > switch? > > If it's not a duplex problem, then there is probably something wonky with > > the server motherboard. > > > > -DG > > Ahha.. Well.. Nice new word for the day "wonky" I like that :) > > Yea.. as I change things on the server, I can see the switch respond to my > settings when it it is autoconfig mode. (worried abt that too :> ) > > So then it *Could* be the motherboard.. I mean whats left, right? > > Thanks David! > > Nicole > > > > > > > David Greenman > > Co-founder, The FreeBSD Project - http://www.freebsd.org > > President, TeraSolutions, Inc. - http://www.terasolutions.com > > Pave the road of life with opportunities. > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ > webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ > nicole@deviantimages.com // \\ http://www.deviantimages.com/ > > ---------------------------(((---(((---------------------------------------- > > -- Powered by Coka-Cola and FreeBSD -- > -- I don't speak for anybody but myself - that's enough trouble -- > -- Back Up My Hard Drive? I Can't Find The Reverse Switch! -- > > ------------------------------------------------------------------------- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 5 17:54:10 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 17:54:08 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id 0933A37B400 for ; Fri, 5 Jan 2001 17:54:08 -0800 (PST) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id SAA26403; Fri, 5 Jan 2001 18:53:58 -0700 (MST) Date: Fri, 5 Jan 2001 18:53:58 -0700 (MST) From: Nick Rogness To: Sean Cc: freebsd-net@freebsd.org Subject: Re: Problem with Multihomed Machine In-Reply-To: <3A567289.DBD37F7@home.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 5 Jan 2001, Sean wrote: > > > > Is gateway_enable turned on ? Is firewalling turned on? If > > so, what do your rules look like? Is natd enabled? > > In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES". For > the firewalling, I recompiled the kernel with the following options: > > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=10 > options IPFIREWALL_FORWARD > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPDIVERT > > from "ipfw list", I have the following rules in place > 00100 divert 8668 ip from any to any via rl0 > 00100 allow ip from any to any via lo0 > 00200 deny ip from any to 127.0.0.0/8 > 65000 allow ip from any to any > 65535 allow ip from any to any > > I tried resetting the internal network card's IP address to 10.0.0.3, > per another suggestion, but, that didn't have any effect. > > In my natd configuration file, i have: > > unregistered_only > log yes > use_sockets yes > same_ports yes > What about the alias_address or interface option? > > Can you ping the inside interface on your FreeBSD machine from your Win2K box? What does tcpdump show? Change your firewall rule 65000 to "log" and look at the firewall logs. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 7:39: 4 2001 From owner-freebsd-net@FreeBSD.ORG Sat Jan 6 07:39:02 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail2.rdc1.il.home.com (mail2.rdc1.il.home.com [24.2.1.77]) by hub.freebsd.org (Postfix) with ESMTP id 3538F37B400 for ; Sat, 6 Jan 2001 07:39:02 -0800 (PST) Received: from home.com ([24.14.186.233]) by mail2.rdc1.il.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010106153901.JUGZ17385.mail2.rdc1.il.home.com@home.com> for ; Sat, 6 Jan 2001 07:39:01 -0800 Sender: root@FreeBSD.ORG Message-ID: <3A573C37.1A5593D2@home.com> Date: Sat, 06 Jan 2001 09:39:36 -0600 From: Sean X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re:Problem with Multihomed Machine Content-Type: multipart/alternative; boundary="------------4719909D48608A83ADC5E6AB" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --------------4719909D48608A83ADC5E6AB Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Thanks for your help! It now seems to be working, at least for connecting W2K to the internet through FreeBSD. Here's a general question. Are UDP packets mail packets? I think I need to add some "udp divert" rule for natd, and a "udp allow all" rule for ipfw, since I don't have mail connectivity yet in W2K. At least when I did a tcpdump in FreeBSD, I got some messages about UDP packets. I'm fairly new to this, as you may be able to tell. But, it seems to be coming along. Thanks again! -- Sean devotwo@home.com --------------4719909D48608A83ADC5E6AB Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Thanks for your help!  It now seems to be working, at least for connecting W2K to the internet through FreeBSD.  Here's a general question.  Are UDP packets mail packets?  I think I need to add some "udp divert" rule for natd, and a "udp allow all" rule for ipfw, since I don't have mail connectivity yet in W2K.  At least when I did a tcpdump in FreeBSD, I got some messages about UDP packets.  I'm fairly new to this, as you may be able to tell.  But, it seems to be coming along.  Thanks again! 

-- 

Sean
devotwo@home.com
  --------------4719909D48608A83ADC5E6AB-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 9:17:41 2001 From owner-freebsd-net@FreeBSD.ORG Sat Jan 6 09:17:38 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from virtual.sysadmin-inc.com (lists.sysadmin-inc.com [209.16.228.140]) by hub.freebsd.org (Postfix) with ESMTP id B40DB37B400 for ; Sat, 6 Jan 2001 09:17:36 -0800 (PST) Received: from wkst ([209.16.228.146]) by virtual.sysadmin-inc.com (8.9.1/8.9.1) with SMTP id MAA18062 for ; Sat, 6 Jan 2001 12:22:57 -0500 Reply-To: From: "Peter Brezny" To: Subject: general question re: PTR records. Date: Sat, 6 Jan 2001 12:16:51 -0800 Message-ID: <000101c0781d$9b4a5ae0$46010a0a@sysadmininc.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Why are PTR records placed in zone db files separate from all other resource records? For small domains, wouldn't it be simpler to just have your reverse ip to name mappings in the same zone db file as your forward name to ip mappings? Something like jack.com. IN A x.y.z.q ... q.z.y.x-in.addr.arpa. IN PTR jack.com. I realize the advantage of having one big reverse zone db file for your subnet as far as the amount of raw data entry is required, but for a small host it seems a little more straight forward to put everything for a domain in one db file. I've read through all of ch4 in dns & bind, and haven't come across anything that says you couldn't do it this way... Will named accept this? Is it just a really bad idea? TIA Peter Brezny SysAdmin Services Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 9:21:18 2001 From owner-freebsd-net@FreeBSD.ORG Sat Jan 6 09:21:16 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 63E3F37B400 for ; Sat, 6 Jan 2001 09:21:16 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14Ex7p-00007T-00; Sat, 06 Jan 2001 10:27:29 -0700 Sender: wes@FreeBSD.ORG Message-ID: <3A575581.E21B3264@softweyr.com> Date: Sat, 06 Jan 2001 10:27:29 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Sean Cc: freebsd-net@freebsd.org Subject: Re: Problem with Multihomed Machine References: <3A573C37.1A5593D2@home.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Sean wrote: > > Thanks for your help! It now seems to be working, at least for > connecting W2K to the internet through FreeBSD. Here's a general > question. Are UDP packets mail packets? I don't know of any mail protocol that uses UDP. You're probably seeing the DNS lookup requests for the mail server, which are normally UDP. > I think I need to add some "udp divert" rule for natd, and a "udp > allow all" rule for ipfw, since I don't have mail connectivity yet > in W2K. At least when I did a tcpdump in FreeBSD, I got some > messages about UDP packets. I'm fairly new to this, as you may be > able to tell. But, it seems to be coming along. Thanks again! You don't need to allow ALL UDP packets. Find a couple of sample ipfw configurations in the archives, they've been posted a number of times, and look at those. Adding a "cache only" DNS server on your FreeBSD machine and having your Windows machine use that as it's nameserver will potentially save some DNS traffic (and latency) for you. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 9:27: 0 2001 From owner-freebsd-net@FreeBSD.ORG Sat Jan 6 09:26:58 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 07C6E37B400 for ; Sat, 6 Jan 2001 09:26:58 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id MAA94908; Sat, 6 Jan 2001 12:26:50 -0500 (EST) (envelope-from wollman) Date: Sat, 6 Jan 2001 12:26:50 -0500 (EST) From: Garrett Wollman Message-Id: <200101061726.MAA94908@khavrinen.lcs.mit.edu> To: Cc: Subject: general question re: PTR records. In-Reply-To: <000101c0781d$9b4a5ae0$46010a0a@sysadmininc.com> References: <000101c0781d$9b4a5ae0$46010a0a@sysadmininc.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > Why are PTR records placed in zone db files separate from all other resource > records? Because they are in a different zone! -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 11: 6:54 2001 From owner-freebsd-net@FreeBSD.ORG Sat Jan 6 11:06:51 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by hub.freebsd.org (Postfix) with ESMTP id 3657A37B400 for ; Sat, 6 Jan 2001 11:06:51 -0800 (PST) Received: from ruby.ccmr.cornell.edu (IDENT:0@ruby.ccmr.cornell.edu [128.84.231.115]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id OAA17658; Sat, 6 Jan 2001 14:06:47 -0500 Received: from localhost (mitch@localhost) by ruby.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id OAA28275; Sat, 6 Jan 2001 14:06:46 -0500 X-Authentication-Warning: ruby.ccmr.cornell.edu: mitch owned process doing -bs Date: Sat, 6 Jan 2001 14:06:46 -0500 (EST) From: Mitch Collinsworth To: Peter Brezny Cc: freebsd-net@FreeBSD.ORG Subject: Re: general question re: PTR records. In-Reply-To: <000101c0781d$9b4a5ae0$46010a0a@sysadmininc.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 6 Jan 2001, Peter Brezny wrote: > Why are PTR records placed in zone db files separate from all other resource > records? Because they're not in the same zone. > For small domains, wouldn't it be simpler to just have your reverse ip to > name mappings in the same zone db file as your forward name to ip mappings? No. There's not necessarily a one-to-one mapping. Consider the case of a web server that servers hundreds of domain names for example. > Something like > > jack.com. IN A x.y.z.q > ... > q.z.y.x-in.addr.arpa. IN PTR jack.com. Notice that jack.com. belongs to the com. zone, while q.z.y.x.in-addr.arpa. belongs to the in-addr.arpa. zone. > I realize the advantage of having one big reverse zone db file for your > subnet as far as the amount of raw data entry is required, but for a small > host it seems a little more straight forward to put everything for a domain > in one db file. I've read through all of ch4 in dns & bind, and haven't > come across anything that says you couldn't do it this way... You can't do it. > Will named accept this? No. > Is it just a really bad idea? It's an interesting idea, but it assumes a picture of the world that doesn't correspond with actual reality. -Mitch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 12: 4:55 2001 From owner-freebsd-net@FreeBSD.ORG Sat Jan 6 12:04:53 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from rip.psg.com (rip.psg.com [147.28.0.39]) by hub.freebsd.org (Postfix) with ESMTP id B8E3E37B400 for ; Sat, 6 Jan 2001 12:04:53 -0800 (PST) Received: from randy by rip.psg.com with local (Exim 3.16 #1) id 14Eza7-000DmA-00; Sat, 06 Jan 2001 12:04:51 -0800 From: Randy Bush MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: "Peter Brezny" Cc: Subject: Re: general question re: PTR records. References: <000101c0781d$9b4a5ae0$46010a0a@sysadmininc.com> Message-Id: Date: Sat, 06 Jan 2001 12:04:51 -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > jack.com. IN A x.y.z.q > ... > q.z.y.x-in.addr.arpa. IN PTR jack.com. hint: what would be the label of such a zone? i.e. what is the label on the soa? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 12:55:18 2001 From owner-freebsd-net@FreeBSD.ORG Sat Jan 6 12:55:15 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from cg.nu (e106195.upc-e.chello.nl [213.93.106.195]) by hub.freebsd.org (Postfix) with ESMTP id 808EA37B400; Sat, 6 Jan 2001 12:55:15 -0800 (PST) Received: from kpnlep (unknown [10.10.1.8]) by cg.nu (Postfix) with SMTP id 8B61C1315D; Sat, 6 Jan 2001 21:55:13 +0100 (CET) From: "Henk Wevers" To: , Subject: Setup an IPSec VLAN with two cablemodem's Date: Sat, 6 Jan 2001 21:55:13 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I did not find enough information on how to connect two intranet's thru an secure IPSec connection. After a few hour's work i did find a working configuration. Hope this document could help somebody with making IPSec VLAN VPN connections. http://FreeBSD.cg.nu/ipsec.html Please give comment's i am new to IPSec. Henk Wevers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 13:40:57 2001 From owner-freebsd-net@FreeBSD.ORG Sat Jan 6 13:40:56 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from gw.gbch.net (gw.gbch.net [203.24.22.66]) by hub.freebsd.org (Postfix) with SMTP id 9A96537B400 for ; Sat, 6 Jan 2001 13:40:52 -0800 (PST) Received: (qmail 68115 invoked by uid 1001); 7 Jan 2001 07:40:37 +1000 X-Posted-By: GJB-Post 2.08 05-Jan-2001 (FreeBSD) X-URL: http://www.gbch.net X-Image-URL: http://www.gbch.net/gjb/img/gjb-auug048.gif X-PGP-Fingerprint: 5A91 6942 8CEA 9DAB B95B C249 1CE1 493B 2B5A CE30 X-PGP-Public-Key: http://www.gbch.net/gjb/gjb-pgpkey.asc Message-Id: Date: Sun, 07 Jan 2001 07:40:37 +1000 From: Greg Black To: Mitch Collinsworth Cc: Peter Brezny , freebsd-net@FreeBSD.ORG Subject: Re: general question re: PTR records. References: In-reply-to: of Sat, 06 Jan 2001 14:06:46 EST Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Mitch Collinsworth wrote: > > Is it just a really bad idea? > > It's an interesting idea, but it assumes a picture of the world that > doesn't correspond with actual reality. The expression "actual reality" should be read as "the BIND way of doing things". There are alternative DNS implementations that work just the way the original poster wanted, albeit with quite different syntax. "All the world's not named," to steal a well-known proposition. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 18:47:18 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id 725C937B400; Sat, 6 Jan 2001 18:46:12 -0800 (PST) Received: from nairobi-35.budapest.interware.hu ([195.70.50.227] helo=elischer.org) by mail.interware.hu with esmtp (Exim 3.16 #1 (Debian)) id 14F5qU-00047r-00; Sun, 07 Jan 2001 03:46:10 +0100 Message-ID: <3A57D816.FDE9B45F@elischer.org> Date: Sat, 06 Jan 2001 18:44:38 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: net@freebsd.org, current@freebsd.org Subject: Warning: wild pointer somewhere in netgraph. Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have uncovered some odd behavior on my machine here using netgraph since the last changes.. I'm trying to find the problem but I need sleep... If you have used he latest netgraph code, let me know what modules you are using and how so I can try narrow my search.. thanks.. Julian -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ from Perth, presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 22: 6:13 2001 Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 34C5F37B404 for ; Sat, 6 Jan 2001 22:05:56 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14F93l-0000Me-00; Sat, 06 Jan 2001 23:12:05 -0700 Message-ID: <3A5808B5.6ECDBAA1@softweyr.com> Date: Sat, 06 Jan 2001 23:12:05 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Randy Bush Cc: Peter Brezny , freebsd-net@freebsd.org Subject: Re: general question re: PTR records. References: <000101c0781d$9b4a5ae0$46010a0a@sysadmininc.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Randy Bush wrote: > > > jack.com. IN A x.y.z.q > > ... > > q.z.y.x-in.addr.arpa. IN PTR jack.com. > > hint: what would be the label of such a zone? i.e. what is the label on the > soa? The domain in reverse, i.e. 42.168.192.in-addr.arpa. IN SOA would begin the SOA record for a 192.168.42 address. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 22:10: 3 2001 Delivered-To: freebsd-net@freebsd.org Received: from rip.psg.com (rip.psg.com [147.28.0.39]) by hub.freebsd.org (Postfix) with ESMTP id 3CBF337B400 for ; Sat, 6 Jan 2001 22:09:46 -0800 (PST) Received: from randy by rip.psg.com with local (Exim 3.16 #1) id 14F91S-00068O-00; Sat, 06 Jan 2001 22:09:42 -0800 From: Randy Bush MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: Wes Peters Cc: Peter Brezny , freebsd-net@freebsd.org Subject: Re: general question re: PTR records. References: <000101c0781d$9b4a5ae0$46010a0a@sysadmininc.com> <3A5808B5.6ECDBAA1@softweyr.com> Message-Id: Date: Sat, 06 Jan 2001 22:09:42 -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>> jack.com. IN A x.y.z.q >>> ... >>> q.z.y.x-in.addr.arpa. IN PTR jack.com. >> hint: what would be the label of such a zone? i.e. what is the label on the >> soa? > The domain in reverse, i.e. > 42.168.192.in-addr.arpa. IN SOA > would begin the SOA record for a 192.168.42 address. then how would one find the jack.com. name in the 42.168.192.in-addr.arpa. zone? randy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 6 23:18:35 2001 Delivered-To: freebsd-net@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 0709B37B754 for ; Sat, 6 Jan 2001 22:46:12 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14F9gm-0000O1-00; Sat, 06 Jan 2001 23:52:25 -0700 Message-ID: <3A581228.2DBAD34C@softweyr.com> Date: Sat, 06 Jan 2001 23:52:24 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Randy Bush Cc: Peter Brezny , freebsd-net@freebsd.org Subject: Re: general question re: PTR records. References: <000101c0781d$9b4a5ae0$46010a0a@sysadmininc.com> <3A5808B5.6ECDBAA1@softweyr.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Randy Bush wrote: > > >>> jack.com. IN A x.y.z.q > >>> ... > >>> q.z.y.x-in.addr.arpa. IN PTR jack.com. > >> hint: what would be the label of such a zone? i.e. what is the label on the > >> soa? > > The domain in reverse, i.e. > > 42.168.192.in-addr.arpa. IN SOA > > would begin the SOA record for a 192.168.42 address. > > then how would one find the jack.com. name in the 42.168.192.in-addr.arpa. > zone? One would not find jack.com. in that zone. One might find 12.42.168.192.in-addr.arpa with a PTR value of "jack.com". If one wanted to find jack.com, one would look in the .com domain. If one was interested in success, that is. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message