From owner-freebsd-isp@FreeBSD.ORG Sun May 21 17:01:24 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 921DA16A50F for ; Sun, 21 May 2006 17:01:24 +0000 (UTC) (envelope-from troy@psknet.com) Received: from psknet.com (kennedy.psknet.com [63.171.251.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id B27EF43D53 for ; Sun, 21 May 2006 17:01:23 +0000 (GMT) (envelope-from troy@psknet.com) Received: from pool-151-199-90-96.roa.east.verizon.net ([151.199.90.96] helo=[192.168.1.103]) by psknet.com with esmtpa (Exim 4.62 (FreeBSD)) (envelope-from ) id 1FhrIq-000M2m-Vv; Sun, 21 May 2006 13:01:17 -0400 Message-ID: <44709D4E.4060901@psknet.com> Date: Sun, 21 May 2006 13:03:10 -0400 From: Troy Settle User-Agent: Thunderbird 1.5.0.2 (Windows/20060308) MIME-Version: 1.0 To: Duane Whitty References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> In-Reply-To: <446E6EE9.3060406@greenmeadow.ca> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scan: Clear (ClamAV 0.88.2/1474/Sun May 21 09:18:22 2006) Cc: freebsd-isp@freebsd.org Subject: Re: [OT] Domain Name Registrars X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 May 2006 17:01:24 -0000 Duane Whitty wrote: > Duane Whitty wrote: >> Hello to everyone, >> >> Would anyone care to recommend a good domain name registrar, >> able to offer service for both gTLDs and .ca ccTLDs. >> >> I've tried cheap and to be honest my headache just keeps growing. >> After having setup FreeBSD, DNS, Sendmail, and Apache, I thought >> I had the hard stuff taken care of. I guess I was wrong. >> >> All I want to do is have my registrar point the name server entries for >> a .com domain I'm managing at the name servers I'm running. Why is this >> so difficult? Or expensive? >> >> Is it my fault? Am I doing something wrong? -- I know, kinda hard to >> answer that. >> >> My registrar told me my name server needs to be registered with >> ICANN. I've read >> as much as I could find about ICANN's mandate and policies on their >> website >> http://www.icann.org but I couldn't find anything which indicated I >> had to register >> anything with them unless I intended on becoming an ICANN certified >> registrar. >> >> It seems odd in any event that I would need to register my name >> server, which is in the .ca >> domain, with ICANN. Obviously I had to register with CIRA but that >> seems irrelevant >> to my current situation / vexation. >> >> If I do somehow need to register my name server with ICANN would >> someone be so kind >> as to point me to the correct RTFM entry, URI, etc. >> >> Thanks in advance, >> >> Duane Whitty > Hello again, everyone > > Thank you for your responses. > > Yeah, my registrar is on crack as far as I'm concerned and I think a lot > of other registrars, > if not most of them, are just as bad. > > I wish there was a way to tell the root servers about my name server > without even needing > to go through the registrars > > For the record, the registrar is Netfirms. Beware of Netfirms. I just > don't > understand what the issue is. Maybe they thought I'd roll over and give > them all > my DNS, email, and web hosting business once they made it impossible for me > to run my own DNS. If so, they thought wrong. And ICANN will > definitely be > hearing from me. > > What I don't understand is why they bother with this policy. Isn't it > just easier to sell > a domain name and tell the customer to email you or fill out your web > form with their > name server information. I know that is exactly how it use to be done, > except you only > only dealt with one organization. Then charge a customer if they want > extra stuff. Then > if they want enough extra features start making packages with incentives. > > And even when you know you may have this problem and ask about it > directly it's like > pulling teeth trying to get a straight answer. I've basically come to > the conclusion that > anything other than an immediate "Yes, name servers are your > responsibilty. Tell us > the name of your name servers and the IP addresses. If you want us to > run your DNS it > costs this much $X extra". > > Well, whiners are irritating and I'm starting to irritate myself. So > enough of my noise. > Thanks a lot for the suggestions and clarifications. > > > Most Respectfully, > > Duane Whitty Here's the thing for name servers (at least as far as I understand it)... the glue records must exist in the root servers for each registry. If your name servers are under the .ca TLD, and you're registering a .com domain, then the .com registry must have the glue records for your .ca name servers. While this policy makes sense, it does suck when it comes time to renumber your network, since you'll have to update the glue records in every registry out there. Quite the PITA. Ugh... speaking of which, I have like 8 days left to get my network renumbers... please do feel sorry for me. As an OpenSRS reseller, I have the ability to publish my glue records myself. This doesn't help my customers, but at least the frustration ends with me, and I don't have to fight my registrar to get it done. IMO, if you're not working with a wholesale registrar like OpenSRS, you really should look into it. You get a much greater level of control over your domains, which can make life much nicer. Yes, you might pay a little more than you would with the bottom-feeding registrars and RSPs out there, but it's well worth it IMO. Tucows is pretty responsive to questions (I think that someone already said "they're not assholes"), not that you'll have any once you get up and running and have all your domains transferred over. Good luck, -- Troy Settle Pulaski Networks http://www.psknet.com 866.477.5638 From owner-freebsd-isp@FreeBSD.ORG Sun May 21 20:49:13 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5388B16A427 for ; Sun, 21 May 2006 20:49:13 +0000 (UTC) (envelope-from duane@greenmeadow.ca) Received: from smtpout.eastlink.ca (smtpout.eastlink.ca [24.222.0.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id DFA2543D45 for ; Sun, 21 May 2006 20:49:10 +0000 (GMT) (envelope-from duane@greenmeadow.ca) Received: from ip02.eastlink.ca ([24.222.10.10]) by mta01.eastlink.ca (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) with ESMTP id <0IZM008I5V4JKI70@mta01.eastlink.ca> for freebsd-isp@freebsd.org; Sun, 21 May 2006 17:48:19 -0300 (ADT) Received: from blk-224-199-230.eastlink.ca (HELO [192.168.0.103]) ([24.224.199.230]) by ip02.eastlink.ca with ESMTP; Sun, 21 May 2006 17:49:10 -0300 Date: Sun, 21 May 2006 17:47:49 -0300 From: Duane Whitty In-reply-to: <44709D4E.4060901@psknet.com> To: Troy Settle Message-id: <4470D1F5.1020700@greenmeadow.ca> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7BIT X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAQAAA+k= References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> <44709D4E.4060901@psknet.com> User-Agent: Thunderbird 1.5.0.2 (X11/20060503) Cc: freebsd-isp@freebsd.org Subject: Re: [OT] Domain Name Registrars X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 May 2006 20:49:13 -0000 Troy Settle wrote: > > Duane Whitty wrote: >> Duane Whitty wrote: >>> Hello to everyone, >>> >>> Would anyone care to recommend a good domain name registrar, >>> able to offer service for both gTLDs and .ca ccTLDs. >>> >>> I've tried cheap and to be honest my headache just keeps growing. >>> After having setup FreeBSD, DNS, Sendmail, and Apache, I thought >>> I had the hard stuff taken care of. I guess I was wrong. >>> >>> All I want to do is have my registrar point the name server entries for >>> a .com domain I'm managing at the name servers I'm running. Why is >>> this >>> so difficult? Or expensive? >>> >>> Is it my fault? Am I doing something wrong? -- I know, kinda hard >>> to answer that. >>> >>> My registrar told me my name server needs to be registered with >>> ICANN. I've read >>> as much as I could find about ICANN's mandate and policies on their >>> website >>> http://www.icann.org but I couldn't find anything which indicated I >>> had to register >>> anything with them unless I intended on becoming an ICANN certified >>> registrar. >>> >>> It seems odd in any event that I would need to register my name >>> server, which is in the .ca >>> domain, with ICANN. Obviously I had to register with CIRA but that >>> seems irrelevant >>> to my current situation / vexation. >>> >>> If I do somehow need to register my name server with ICANN would >>> someone be so kind >>> as to point me to the correct RTFM entry, URI, etc. >>> >>> Thanks in advance, >>> >>> Duane Whitty >> Hello again, everyone >> >> Thank you for your responses. >> >> Yeah, my registrar is on crack as far as I'm concerned and I think a >> lot of other registrars, >> if not most of them, are just as bad. >> >> I wish there was a way to tell the root servers about my name server >> without even needing >> to go through the registrars >> >> For the record, the registrar is Netfirms. Beware of Netfirms. I >> just don't >> understand what the issue is. Maybe they thought I'd roll over and >> give them all >> my DNS, email, and web hosting business once they made it impossible >> for me >> to run my own DNS. If so, they thought wrong. And ICANN will >> definitely be >> hearing from me. >> >> What I don't understand is why they bother with this policy. Isn't >> it just easier to sell >> a domain name and tell the customer to email you or fill out your web >> form with their >> name server information. I know that is exactly how it use to be >> done, except you only >> only dealt with one organization. Then charge a customer if they >> want extra stuff. Then >> if they want enough extra features start making packages with >> incentives. >> >> And even when you know you may have this problem and ask about it >> directly it's like >> pulling teeth trying to get a straight answer. I've basically come >> to the conclusion that >> anything other than an immediate "Yes, name servers are your >> responsibilty. Tell us >> the name of your name servers and the IP addresses. If you want us >> to run your DNS it >> costs this much $X extra". >> >> Well, whiners are irritating and I'm starting to irritate myself. So >> enough of my noise. >> Thanks a lot for the suggestions and clarifications. >> >> >> Most Respectfully, >> >> Duane Whitty > > > Here's the thing for name servers (at least as far as I understand > it)... the glue records must exist in the root servers for each > registry. If your name servers are under the .ca TLD, and you're > registering a .com domain, then the .com registry must have the glue > records for your .ca name servers. Well, interstingly enough, it seems you can get by with the root servers not having glue records for everything; My secondary name server is missing glue records in the root servers. And dnsreport.com notifies me of this whenever I do a check. > > While this policy makes sense, it does suck when it comes time to > renumber your network, since you'll have to update the glue records in > every registry out there. Quite the PITA. > > Ugh... speaking of which, I have like 8 days left to get my network > renumbers... please do feel sorry for me. > > As an OpenSRS reseller, I have the ability to publish my glue records > myself. This doesn't help my customers, but at least the frustration > ends with me, and I don't have to fight my registrar to get it done. > > IMO, if you're not working with a wholesale registrar like OpenSRS, > you really should look into it. You get a much greater level of > control over your domains, which can make life much nicer. Yes, you > might pay a little more than you would with the bottom-feeding > registrars and RSPs out there, but it's well worth it IMO. Tucows is > pretty responsive to questions (I think that someone already said > "they're not assholes"), not that you'll have any once you get up and > running and have all your domains transferred over. The other concern of course is that I will probably have more domains in the future. Almost guaranteed actually. So yes, transferring domains is hopefully a one time deal which I really need to get done with Real Soon Now. But once bitten twice shy, as the saying goes, so now I am being quite cautious about which registrar I transfer my domains too. Luckily I have received lots of good feedback, yours included, that I believe will help me deal with this. > > Good luck, > > -- > Troy Settle > Pulaski Networks > http://www.psknet.com > 866.477.5638 > > > Thanks Duane Whitty -- duane@greenmeadow.ca From owner-freebsd-isp@FreeBSD.ORG Sun May 21 23:16:26 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AEC5916A504 for ; Sun, 21 May 2006 23:16:26 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.FreeBSD.org (Postfix) with SMTP id 2A8C143D45 for ; Sun, 21 May 2006 23:16:21 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: (qmail 7204 invoked by uid 399); 21 May 2006 23:16:20 -0000 Received: from localhost (HELO ?192.168.0.3?) (dougb@dougbarton.us@127.0.0.1) by localhost with SMTP; 21 May 2006 23:16:20 -0000 Message-ID: <4470F4BE.7030702@FreeBSD.org> Date: Sun, 21 May 2006 16:16:14 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 1.5.0.2 (X11/20060507) MIME-Version: 1.0 To: Troy Settle References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> <44709D4E.4060901@psknet.com> In-Reply-To: <44709D4E.4060901@psknet.com> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org, Duane Whitty Subject: Re: [OT] Domain Name Registrars X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 May 2006 23:16:27 -0000 Troy Settle wrote: > Here's the thing for name servers (at least as far as I understand > it)... With all due respect, the problem with postings like this is that it actually slows down the process of people finding out the truth for themselves by perpetuating misinformation. It's far better to either do the research and post accurate information, or avoid posting. > the glue records must exist in the root servers for each registry. A) The only "root servers" are those that serve the root zone. What you're referring to are Top Level Domain (TLD) name servers. B) Policies on whether name server IP records are necessary for domain registration vary by registry. There is no hard and fast rule. C) "Glue" is a DNS term of art that refers specifically to IP addresses for servers whose hostnames are IN the zone they serve. For example, if you have the following NS records: example.org. NS ns1.example.org. example.org. NS ns2.example.org. Then glue records are _required_ in the ORG TLD name servers. Otherwise there is no way for anyone to reach your servers. However, for those situations where the name server hostnames are all out of zone, it's generally better to avoid putting IP address records for those hostnames in the parent zone (regardless of what level we're talking about here) because it makes the administration of the zones/domains much more difficult. > If your name servers are under the .ca TLD, and you're > registering a .com domain, then the .com registry must have the glue > records for your .ca name servers. That's actually exactly the opposite of the truth. If the name servers for your COM name are in CA, then the IP addresses can be resolved the normal way (recursively). > As an OpenSRS reseller, eek, Doug -- This .signature sanitized for your protection From owner-freebsd-isp@FreeBSD.ORG Mon May 22 00:29:06 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7171B16A6CD; Mon, 22 May 2006 00:29:06 +0000 (UTC) (envelope-from duane@greenmeadow.ca) Received: from smtpout.eastlink.ca (smtpout.eastlink.ca [24.222.0.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 59CC943D6E; Mon, 22 May 2006 00:29:02 +0000 (GMT) (envelope-from duane@greenmeadow.ca) Received: from ip02.eastlink.ca ([24.222.10.10]) by mta01.eastlink.ca (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) with ESMTP id <0IZN00G2P5CVIFG0@mta01.eastlink.ca>; Sun, 21 May 2006 21:29:20 -0300 (ADT) Received: from blk-224-199-230.eastlink.ca (HELO [192.168.0.103]) ([24.224.199.230]) by ip02.eastlink.ca with ESMTP; Sun, 21 May 2006 21:29:00 -0300 Date: Sun, 21 May 2006 21:27:43 -0300 From: Duane Whitty In-reply-to: <4470F4BE.7030702@FreeBSD.org> To: Doug Barton Message-id: <4471057F.8000604@greenmeadow.ca> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7BIT X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAQAAA+k= References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> <44709D4E.4060901@psknet.com> <4470F4BE.7030702@FreeBSD.org> User-Agent: Thunderbird 1.5.0.2 (X11/20060503) Cc: freebsd-isp@freebsd.org Subject: Re: [OT] Domain Name Registrars X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2006 00:29:06 -0000 Doug Barton wrote: > Troy Settle wrote: > > >> Here's the thing for name servers (at least as far as I understand >> it)... >> > > With all due respect, the problem with postings like this is that it > actually slows down the process of people finding out the truth for > themselves by perpetuating misinformation. It's far better to either do the > research and post accurate information, or avoid posting. > > >> the glue records must exist in the root servers for each registry. >> > > A) The only "root servers" are those that serve the root zone. What you're > referring to are Top Level Domain (TLD) name servers. To clarify for myself, the root name servers are not authoritative for (most of) the TLDs. The authoritative name servers for zones represented by the TLDs are the ones to which the root name servers have delegated authority to for those zones. So there are authoritative name servers for the zones such as .ca, .gc.ca, .com etc. However I have determined, using nslookup, that for the .mil zone four of the root servers are authoritative, as one example. > B) Policies on whether > name server IP records are necessary for domain registration vary by > registry. There is no hard and fast rule. C) "Glue" is a DNS term of art > that refers specifically to IP addresses for servers whose hostnames are IN > the zone they serve. For example, if you have the following NS records: > > example.org. NS ns1.example.org. > example.org. NS ns2.example.org. > > Then glue records are _required_ in the ORG TLD name servers. Otherwise > there is no way for anyone to reach your servers. > So then what the registrars are doing (or supposed to be doing) is providing A and NS records for the name servers in my parent zone which point to my primary name servers and secondary name servers? This then is the "glue" which makes recursive queries possible. So, and pardon my verbosity, when a resolver needs to resolve dwlabs.ca, assuming it doesn't have the data cached, it queries one of ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org, which then responds with the names and ip addresses of the authoritative name servers for dwlabs.ca. Am I correct? > However, for those situations where the name server hostnames are all out of > zone, it's generally better to avoid putting IP address records for those > hostnames in the parent zone (regardless of what level we're talking about > here) because it makes the administration of the zones/domains much more > difficult. > > >> If your name servers are under the .ca TLD, and you're >> registering a .com domain, then the .com registry must have the glue >> records for your .ca name servers. >> > > That's actually exactly the opposite of the truth. If the name servers for > your COM name are in CA, then the IP addresses can be resolved the normal > way (recursively). > So no glue, but an NS record as in example.com. IN NS ns1.dwlabs.ca. ? In this case the response to the resolver query from the .com authoritative name server will be that the unauthoritative answer is ns1.dwlabs.ca. Authoritative answers can be found at ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org. ? Because of this they don't need A records for my domain, if I am correct. So the privilege and responsibility of being a registrar includes , in addition to selling globally unique domain names, is in getting and validating information from your clients regarding their name servers and then passing on the information to parent zone name servers so that the appropriate A records and NS records can be created and or updated (in a timely fashion). > >> As an OpenSRS reseller, >> > > eek, > > Doug > > Much thanks and respect to all for helping me start to truly understand this. Sincerely Duane Whitty -- duane@greenmeadow.ca From owner-freebsd-isp@FreeBSD.ORG Mon May 22 12:56:16 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 626DA16A984; Mon, 22 May 2006 12:56:16 +0000 (UTC) (envelope-from b.candler@pobox.com) Received: from rune.pobox.com (rune.pobox.com [208.210.124.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 89FF543D72; Mon, 22 May 2006 12:56:14 +0000 (GMT) (envelope-from b.candler@pobox.com) Received: from rune (localhost [127.0.0.1]) by rune.pobox.com (Postfix) with ESMTP id DCCDC78135; Mon, 22 May 2006 08:56:34 -0400 (EDT) Received: from mappit.local.linnet.org (212-74-113-67.static.dsl.as9105.com [212.74.113.67]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by rune.sasl.smtp.pobox.com (Postfix) with ESMTP id 5A27D18935; Mon, 22 May 2006 08:56:32 -0400 (EDT) Received: from lists by mappit.local.linnet.org with local (Exim 4.61 (FreeBSD)) (envelope-from ) id 1Fi9xB-0008eM-03; Mon, 22 May 2006 13:56:09 +0100 Date: Mon, 22 May 2006 13:56:08 +0100 From: Brian Candler To: Duane Whitty Message-ID: <20060522125608.GA33204@uk.tiscali.com> References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> <44709D4E.4060901@psknet.com> <4470F4BE.7030702@FreeBSD.org> <4471057F.8000604@greenmeadow.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4471057F.8000604@greenmeadow.ca> User-Agent: Mutt/1.4.2.1i Cc: freebsd-isp@freebsd.org, Doug Barton Subject: Re: [OT] Domain Name Registrars X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2006 12:56:19 -0000 On Sun, May 21, 2006 at 09:27:43PM -0300, Duane Whitty wrote: > So then what the registrars are doing (or supposed to be doing) is > providing A and NS records > for the name servers in my parent zone which point to my primary name > servers and > secondary name servers? They put NS records pointing at the names of your authoritative nameservers. They only need to put A records (mapping the names of your authoritative nameservers to their IP addresses) if those names are within the domain which is being delegated. For example, if you a registering "example.com" and your nameserver is "ns1.example.com" > This then is the "glue" which makes recursive > queries possible. "glue" is the extra A records mentioned above. They are only required if the nameserver's name is within the name being delegated. Otherwise, normal recursive lookups are used to map the name in the NS record to its IP address. > So, and pardon my verbosity, when a resolver needs to resolve dwlabs.ca, > assuming it doesn't > have the data cached, it queries one of ca0[1,2,4,5,6].cira.ca or > ns-ext.isc.org, which then > responds with the names and ip addresses of the authoritative name > servers for dwlabs.ca. > Am I correct? Firstly, it queries a root server of its choice. $ dig @a.root-servers.net. www.dwlabs.ca. a This refers it to the .CA nameservers you mention. So, next it queries one of those: e.g. $ dig @ca05.cira.ca. www.dwlabs.ca. a ; <<>> DiG 9.3.1 <<>> @ca05.cira.ca. www.dwlabs.ca. a ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35868 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;www.dwlabs.ca. IN A ;; AUTHORITY SECTION: dwlabs.ca. 86400 IN NS helsinki.cgc.gc.ca. dwlabs.ca. 86400 IN NS dwpc.dwlabs.ca. ;; ADDITIONAL SECTION: dwpc.dwlabs.ca. 86400 IN A 24.224.199.230 Notice that it comes back with the *names* of the two nameservers. The only IP address it comes back with is for dwpc.dwlabs.ca, since that's inside the domain dwlabs.ca. (That's glue). In order to send the query to one of these two nameservers, the cache then uses its normal name-to-IP recursive resolution techniques to find an A record for either 'helsinki.cgc.gc.ca' or 'dwpc.dwlabs.ca' If it tries to resolve dwpc.dwlabs.ca and doesn't already have the address in its caches then there's a chicken-and-egg situation; in order to resolve dwpc.dwlabs.ca it needs to find the IP address of a nameserver for dwlabs.ca, but dwpc.dwlabs.ca *is* one of the nameservers for dwlabs.ca. In this situation, it falls back on using the glue A record in the 'ADDITIONAL' section of the referral. > >That's actually exactly the opposite of the truth. If the name servers for > >your COM name are in CA, then the IP addresses can be resolved the normal > >way (recursively). > > > So no glue, but an NS record as in > example.com. IN NS ns1.dwlabs.ca. ? Yes. > In this case the response to the resolver query from the .com > authoritative name server > will be that the unauthoritative answer is ns1.dwlabs.ca. No. You will get a referral to ns1.dwlabs.ca, saying "this is the authoritative nameserver which holds the information you're asking for" > Authoritative > answers can be > found at ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org. ? No. Authoritative answers for example.com can be found at ns1.dwlabs.ca. > So the privilege and responsibility of being a registrar includes , in > addition to selling globally > unique domain names, is in getting and validating information from your > clients regarding their > name servers and then passing on the information to parent zone name > servers so that the > appropriate A records and NS records can be created and or updated (in a > timely fashion). Yes. Since most clients don't know a nameserver from a double-decker bus, this is why most domain resellers just point the domain at their own nameservers. It can be quite hard to get them to repoint them at your own nameservers, since people like you probably represent about 1 in 10,000 of their customer base. Regards, Brian. From owner-freebsd-isp@FreeBSD.ORG Mon May 22 20:10:36 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 90AB116A752 for ; Mon, 22 May 2006 20:10:36 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.FreeBSD.org (Postfix) with SMTP id 0145943D69 for ; Mon, 22 May 2006 20:10:35 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: (qmail 26091 invoked by uid 399); 22 May 2006 20:10:34 -0000 Received: from localhost (HELO ?192.168.0.3?) (dougb@dougbarton.us@127.0.0.1) by localhost with SMTP; 22 May 2006 20:10:34 -0000 Message-ID: <44721AB9.8010807@FreeBSD.org> Date: Mon, 22 May 2006 13:10:33 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 1.5.0.2 (X11/20060507) MIME-Version: 1.0 To: Duane Whitty References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> <44709D4E.4060901@psknet.com> <4470F4BE.7030702@FreeBSD.org> <4471057F.8000604@greenmeadow.ca> In-Reply-To: <4471057F.8000604@greenmeadow.ca> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org Subject: Re: [OT] Domain Name Registrars X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2006 20:10:47 -0000 Duane Whitty wrote: > Doug Barton wrote: >> Troy Settle wrote: >> >> >>> Here's the thing for name servers (at least as far as I understand >>> it)... >>> >> >> With all due respect, the problem with postings like this is that it >> actually slows down the process of people finding out the truth for >> themselves by perpetuating misinformation. It's far better to either do >> the research and post accurate information, or avoid posting. >> >> >>> the glue records must exist in the root servers for each registry. >>> >> >> A) The only "root servers" are those that serve the root zone. What >> you're referring to are Top Level Domain (TLD) name servers. > To clarify for myself, the root name servers are not authoritative for > (most of) the TLDs. All of the roots except for j are authoritative for ARPA. That's a legacy issue, and the goal is for it to be moved to its own set of servers "some day." In addition to 6 other servers; a, b, e, g, and h root are all authoritative for MIL. This zone should be moved off the roots as well, but who knows when/if that should happen. The root zone servers are not authoritative for any other zones (other than the root zone itself, of course.) This isn't particularly interesting for 99.9999% of the Internet though, since Joe average Internet user is not going to be able to add a domain to those zones. > The authoritative name servers for zones represented > by the TLDs are the ones to which the root name servers have delegated > authority to for those zones. So there are authoritative name servers > for the zones such as .ca, .gc.ca, .com etc. Yes, basically. >> B) Policies on whether name server IP records are necessary for domain >> registration vary by registry. There is no hard and fast rule. C) >> "Glue" is a DNS term of art that refers specifically to IP addresses >> for servers whose hostnames are IN the zone they serve. For example, if >> you have the following NS records: >> >> example.org. NS ns1.example.org. example.org. NS >> ns2.example.org. >> >> Then glue records are _required_ in the ORG TLD name servers. Otherwise >> there is no way for anyone to reach your servers. >> > So then what the registrars are doing (or supposed to be doing) is > providing A and NS records for the name servers in my parent zone which > point to my primary name servers and secondary name servers? NS records yes, in all cases. The policies for A records vary from TLD registry to TLD registry, and from registrar to registrar. > This then is the "glue" which makes recursive queries possible. Not entirely accurate. As I said in a previous message, "glue" is a DNS term of art that means precisely an A (or AAAA) record for a name server hostname that is in the same zone (or a descendant of the same zone) that is being delegated. So, in the following example: example.org. NS ns1.example.org. A glue record would be required. > So, and pardon my verbosity, when a resolver needs to resolve dwlabs.ca, > assuming it doesn't have the data cached, it queries one of > ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org, Good so far, as those are the name servers which are authoritative for the CA zone. > which then responds with the > names and ip addresses of the authoritative name servers for dwlabs.ca. > Am I correct? Well, let's see: ; <<>> DiG 9.3.2 <<>> @ca01.cira.ca dwlabs.ca A ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10584 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;dwlabs.ca. IN A ;; AUTHORITY SECTION: dwlabs.ca. 86400 IN NS helsinki.cgc.gc.ca. dwlabs.ca. 86400 IN NS dwpc.dwlabs.ca. ;; ADDITIONAL SECTION: dwpc.dwlabs.ca. 86400 IN A 24.224.199.230 ;; Query time: 116 msec ;; SERVER: 192.228.27.11#53(192.228.27.11) ;; WHEN: Mon May 22 13:05:26 2006 ;; MSG SIZE rcvd: 92 A couple of things to notice here. First, I did a query for an A record, since that is what most resolvers would do. The CA name server responded with a delegation record for dwlabs.ca, and a glue record for dwpc.dwlabs.ca since that hostname is in the zone that is being delegated. > So no glue, but an NS record as in example.com. IN NS ns1.dwlabs.ca. > ? Voila! > In this case the response to the resolver query from the .com > authoritative name server will be that the unauthoritative answer is > ns1.dwlabs.ca. Authoritative answers can be found at > ca0[1,2,4,5,6].cira.ca or ns-ext.isc.org. ? Because of this they don't > need A records for my domain, if I am correct. Well, kind of. You can easily get confused here because "authority" is one of those terms of art that actually can mean different things depending on where and how it's applied. Better to refer to what comes from the parent as a delegation record, and avoid issues of authority in this situation. hope this helps, Doug -- This .signature sanitized for your protection From owner-freebsd-isp@FreeBSD.ORG Mon May 22 20:19:22 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 56B1416B035 for ; Mon, 22 May 2006 20:19:22 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.FreeBSD.org (Postfix) with SMTP id C2AA943D45 for ; Mon, 22 May 2006 20:19:21 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: (qmail 3162 invoked by uid 399); 22 May 2006 20:19:21 -0000 Received: from localhost (HELO ?192.168.0.3?) (dougb@dougbarton.us@127.0.0.1) by localhost with SMTP; 22 May 2006 20:19:21 -0000 Message-ID: <44721CC5.6080008@FreeBSD.org> Date: Mon, 22 May 2006 13:19:17 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 1.5.0.2 (X11/20060507) MIME-Version: 1.0 To: freebsd-isp@freebsd.org References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> <44709D4E.4060901@psknet.com> <4470F4BE.7030702@FreeBSD.org> <4471057F.8000604@greenmeadow.ca> <44721AB9.8010807@FreeBSD.org> In-Reply-To: <44721AB9.8010807@FreeBSD.org> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Duane Whitty Subject: Re: [OT] Domain Name Registrars X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2006 20:19:27 -0000 Doug Barton wrote: > The root zone servers are not authoritative for any other zones (other > than the root zone itself, of course.) Sorry, I should have been more careful in my terminology here. The roots are not authoritative for any other TLDs besides ARPA and MIL. They are authoritative for in-addr.arpa, which has the same legacy issue as ARPA itself (it needs to be moved). hth, Doug -- This .signature sanitized for your protection From owner-freebsd-isp@FreeBSD.ORG Mon May 22 22:14:09 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 51EA316AD80; Mon, 22 May 2006 22:14:09 +0000 (UTC) (envelope-from duane@greenmeadow.ca) Received: from smtpout.eastlink.ca (smtpout.eastlink.ca [24.222.0.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0285F43D60; Mon, 22 May 2006 22:14:03 +0000 (GMT) (envelope-from duane@greenmeadow.ca) Received: from ip01.eastlink.ca ([24.222.10.5]) by mta01.eastlink.ca (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) with ESMTP id <0IZO002UDTRWW3H0@mta01.eastlink.ca>; Mon, 22 May 2006 19:14:20 -0300 (ADT) Received: from blk-224-199-230.eastlink.ca (HELO [192.168.0.103]) ([24.224.199.230]) by ip01.eastlink.ca with ESMTP; Mon, 22 May 2006 19:14:03 -0300 Date: Mon, 22 May 2006 19:12:40 -0300 From: Duane Whitty In-reply-to: <44721AB9.8010807@FreeBSD.org> To: Doug Barton Message-id: <44723758.7080709@greenmeadow.ca> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7BIT X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAQAAA+k= References: <446D157A.4070308@greenmeadow.ca> <446E6EE9.3060406@greenmeadow.ca> <44709D4E.4060901@psknet.com> <4470F4BE.7030702@FreeBSD.org> <4471057F.8000604@greenmeadow.ca> <44721AB9.8010807@FreeBSD.org> User-Agent: Thunderbird 1.5.0.2 (X11/20060503) Cc: freebsd-isp@freebsd.org Subject: Re: [OT] Domain Name Registrars X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2006 22:14:09 -0000 Doug Barton wrote: > [snip] > Well, kind of. You can easily get confused here because "authority" is one > of those terms of art that actually can mean different things depending on > where and how it's applied. Better to refer to what comes from the parent as > a delegation record, and avoid issues of authority in this situation. > > hope this helps, > > Doug > > Hi, Yes, thank you for your time and detailed explanations. I appreciate it very much. Most Respectfully, Duane Whitty -- duane@greenmeadow.ca ISP acolyte in training :) From owner-freebsd-isp@FreeBSD.ORG Tue May 23 23:32:50 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8696216A513 for ; Tue, 23 May 2006 23:32:50 +0000 (UTC) (envelope-from freebsd@abv.bg) Received: from smtp-out.abv.bg (smtp-out.abv.bg [194.153.145.99]) by mx1.FreeBSD.org (Postfix) with ESMTP id E29A843D48 for ; Tue, 23 May 2006 23:32:47 +0000 (GMT) (envelope-from freebsd@abv.bg) Received: from mail03.abv.bg (app8.ni.bg [192.168.151.29]) by smtp-out.abv.bg (Postfix) with ESMTP id 043BCEB3D4 for ; Wed, 24 May 2006 02:32:46 +0300 (EEST) Received: from mail03.abv.bg (localhost.localdomain [127.0.0.1]) by mail03.abv.bg (Postfix) with ESMTP id F03F1154B25 for ; Wed, 24 May 2006 02:32:45 +0300 (EEST) Message-ID: <528031609.959681148427165982.JavaMail.nobody@mail03.abv.bg> Date: Wed, 24 May 2006 02:32:45 +0300 (EEST) From: Mario Pavlov To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: 8bit X-Mailer: AbvMail 1.0 X-Originating-IP: 85.187.137.6 Subject: syslogd: cannot create /var/run/log: No buffer space available X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 May 2006 23:32:53 -0000 Hi guys I have very bad problem! my syslogd crashes on my newly installed FreeBSD-6.1 router look: ================================================================ router# tail /var/log/messages May 22 07:09:50 router last message repeated 3 times May 22 08:41:46 router kernel: rl1: promiscuous mode enabled May 22 08:42:29 router kernel: rl1: promiscuous mode disabled May 22 08:44:00 router kernel: rl1: promiscuous mode enabled May 22 08:44:28 router kernel: rl1: promiscuous mode disabled May 22 09:03:20 router kernel: rl1: promiscuous mode enabled May 22 09:03:28 router kernel: rl1: promiscuous mode disabled May 22 09:04:24 router kernel: arplookup 10.5.15.71 failed: host is not on local network May 22 09:04:25 router kernel: arplookup 10.5.15.71 failed: host is not on local network May 22 14:28:08 router syslogd: exiting on signal 15 /============================================================== today is 23rd and I can't start it again: =============================================================== router# /etc/rc.d/syslogd start Starting syslogd. syslogd: child pid 665 exited with return code 1 router# /============================================================== here is the debugging mode: =============================================================== router# syslogd -d syslogd: cannot create /var/run/log: No buffer space available logmsg: pri 53, flags 4, from , msg syslogd: cannot create /var/run/log: No buffer space available Logging to CONSOLE /dev/console cannot create /var/run/log (0) router# /============================================================== what does this mean ? here is my sysctl variables: =============================================================== router# cat /etc/sysctl.conf net.inet.ip.fastforwarding=1 kern.ipc.maxsockbuf=520000 kern.ipc.nmbclusters=65536 kern.ipc.nsfbufs=8000 kern.ipc.somaxconn=2048 kern.polling.enable=1 net.inet.tcp.sendspace=131072 net.inet.tcp.recvspace=131072 net.inet.udp.recvspace=42080 net.inet.raw.recvspace=65536 net.inet.raw.maxdgram=57344 net.local.dgram.maxdgram=57344 net.local.stream.recvspace=65536 net.local.stream.sendspace=65536 net.local.dgram.recvspace=655536 net.inet.tcp.inflight.enable=1 net.inet.tcp.inflight.min=8000 net.inet.icmp.icmplim=1024 net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1 router# /============================================================== and also: =============================================================== router# cat /boot/loader.conf kern.ipc.nsfbufs=10000 router# /============================================================== this router serves less then 200 clients BUT I have bigger problem since this syslogd crashed all clients experience losses to the router more than 30% and delays from 2ms to 60ms and more... even with absolutely minimal ipfw+dummynet configuration is still the same: =============================================================== $IPFW add 1000 pipe 1 ip from ip.network/24 to any out $IPFW add 1001 pipe 2 ip from any to ip.network/24 in $IPFW pipe 1 config mask src-ip 0x000000ff bw 1Mbit/s queue 20Kbytes $IPFW pipe 2 config mask dst-ip 0x000000ff bw 1Mbit/s queue 20Kbytes /============================================================== please tell me how can I fix this! thank you P.S. this router used to run linux and it was fine, so the problem isn't in the hardware ----------------------------------------------------------------- http://www.sportni.bg/worldcup/ - Германия 2006 - Световното първенство по футбол наближава! From owner-freebsd-isp@FreeBSD.ORG Wed May 24 16:41:43 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4090616A432 for ; Wed, 24 May 2006 16:41:43 +0000 (UTC) (envelope-from freebsd@abv.bg) Received: from smtp-out.abv.bg (smtp-out.abv.bg [194.153.145.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id AAC7F43D48 for ; Wed, 24 May 2006 16:41:42 +0000 (GMT) (envelope-from freebsd@abv.bg) Received: from mail02.abv.bg (app9.ni.bg [192.168.151.43]) by smtp-out.abv.bg (Postfix) with ESMTP id 18B1514AD6B for ; Wed, 24 May 2006 19:38:40 +0300 (EEST) Received: from mail02.abv.bg (localhost.localdomain [127.0.0.1]) by mail02.abv.bg (Postfix) with ESMTP id 603ED86B54 for ; Wed, 24 May 2006 19:41:41 +0300 (EEST) Message-ID: <36831794.1127841148488901391.JavaMail.nobody@mail02.abv.bg> Date: Wed, 24 May 2006 19:41:41 +0300 (EEST) From: Mario Pavlov To: freebsd-isp@freebsd.org Subject: Re: Re: syslogd: cannot create /var/run/log: No buffer space X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 May 2006 16:41:43 -0000 available MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: 8bit X-Mailer: AbvMail 1.0 X-Originating-IP: 85.187.137.6 Nope the disk isn't full btw /var/run/log is a socket I've got syslogd to work I just set: net.local.dgram.maxdgram net.local.stream.recvspace net.local.stream.sendspace net.local.dgram.recvspace to the default values and now my syslogd is running and about the losses...the problem was in a switch near the router >Looks like you filled your disk. > >What does df -h say? > >On Wed, 2006-05-24 at 02:32 +0300, Mario Pavlov wrote: >> router# syslogd -d >> syslogd: cannot create /var/run/log: No buffer space available >> logmsg: pri 53, flags 4, from , msg syslogd: cannot >> create /var/run/log: No buffer space available >> Logging to CONSOLE /dev/console >> cannot create /var/run/log (0) > > ----------------------------------------------------------------- http://www.sportni.bg/worldcup/ - Германия 2006 - Световното първенство по футбол наближава! From owner-freebsd-isp@FreeBSD.ORG Fri May 26 15:56:00 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 33E7116A53F for ; Fri, 26 May 2006 15:56:00 +0000 (UTC) (envelope-from fisp@ccstores.com) Received: from mail.qcislands.net (mail.qcislands.net [209.53.238.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id E851443D78 for ; Fri, 26 May 2006 15:55:59 +0000 (GMT) (envelope-from fisp@ccstores.com) Received: from [64.114.58.101] (helo=[192.168.1.4]) by mail.qcislands.net with esmtp (Exim 4.62) (envelope-from ) id 1FjefP-0007MG-2P; Fri, 26 May 2006 08:55:59 -0700 Message-ID: <4477250F.2@ccstores.com> Date: Fri, 26 May 2006 08:55:59 -0700 From: Jim Pazarena Organization: City Centre Stores Ltd User-Agent: Thunderbird 1.5.0.2 (Windows/20060308) MIME-Version: 1.0 To: freebsd-isp@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-local_scan: locally submitted (01) Subject: bandwidth monitoring X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2006 15:56:01 -0000 Is there the ability to have a server which is in the common hub monitor bandwidth usage of clients going out the gateway? My telco will shortly be changing billing practices and bandwidth usage per client will be extremely important per customer. Is there a FreeBSD port available to do this, or must I have an appliance in-line that all traffic passes thru? Thanks! Jim From owner-freebsd-isp@FreeBSD.ORG Fri May 26 15:58:03 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4480D16A801 for ; Fri, 26 May 2006 15:58:03 +0000 (UTC) (envelope-from steve@energistic.com) Received: from energistic.com (mail.energistic.com [216.54.148.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 62D0843D6D for ; Fri, 26 May 2006 15:58:01 +0000 (GMT) (envelope-from steve@energistic.com) Received: from energistic.com (steve@localhost.energistic.com [127.0.0.1]) by energistic.com (8.13.6/8.13.6) with ESMTP id k4QFvwZo025232; Fri, 26 May 2006 11:57:58 -0400 (EDT) (envelope-from steve@energistic.com) Received: (from steve@localhost) by energistic.com (8.13.6/8.13.6/Submit) id k4QFvwpa022619; Fri, 26 May 2006 11:57:58 -0400 (EDT) (envelope-from steve) Date: Fri, 26 May 2006 11:57:58 -0400 From: Steve Ames To: Jim Pazarena Message-ID: <20060526155758.GA69287@energistic.com> References: <4477250F.2@ccstores.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4477250F.2@ccstores.com> User-Agent: Mutt/1.5.11 X-Spam-Status: No, score=-8.5 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS, SPF_PASS,USER_IN_WHITELIST_TO autolearn=ham version=3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on energistic.com Cc: freebsd-isp@freebsd.org Subject: Re: bandwidth monitoring X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2006 15:58:14 -0000 ntop would work if its actually a hub. ntop would work with a switch also but you'd have to tell the switch to make sure that your BSD box gets a copy of all traffic. On Fri, May 26, 2006 at 08:55:59AM -0700, Jim Pazarena wrote: > Is there the ability to have a server which is in the common hub > monitor bandwidth usage of clients going out the gateway? > > My telco will shortly be changing billing practices and bandwidth > usage per client will be extremely important per customer. > > Is there a FreeBSD port available to do this, or must I have an appliance > in-line that all traffic passes thru? > > Thanks! > Jim > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Fri May 26 17:01:51 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 82B4B16AAAB for ; Fri, 26 May 2006 17:01:51 +0000 (UTC) (envelope-from streetw3@bsd15.nyct.net) Received: from mailin2.nyct.net (bsd15.nyct.net [216.139.147.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18A4A43D6B for ; Fri, 26 May 2006 17:01:50 +0000 (GMT) (envelope-from streetw3@bsd15.nyct.net) Received: from bsd15.nyct.net (localhost [127.0.0.1]) by mailin2.nyct.net (8.13.4/8.13.4) with ESMTP id k4QH1oGJ019866 for ; Fri, 26 May 2006 13:01:50 -0400 (EDT) (envelope-from streetw3@bsd15.nyct.net) Received: (from streetw3@localhost) by bsd15.nyct.net (8.13.4/8.13.1/Submit) id k4QH1nJq019851 for freebsd-isp@freebsd.org; Fri, 26 May 2006 13:01:49 -0400 (EDT) (envelope-from streetw3) Date: Fri, 26 May 2006 13:01:49 -0400 (EDT) Message-Id: <200605261701.k4QH1nJq019851@bsd15.nyct.net> To: freebsd-isp@freebsd.org Auto-Submitted: auto-replied From: joanne_lee@streetwisepartners.org Subject: Out of Office X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2006 17:01:55 -0000 Hello, I will be out of the office beginning Monday, May 22nd, and will return on Tuesday, May 30th. If you have an urgent matter, please call 212-971-0078. Otherwise, I will respond to your email when I return. Thank you very much. Joanne K. Lee Director of Business Development and Strategy StreetWise Partners, Inc. 11 Park Place, Suite 701 New York, NY 10007 Direct: (646) 278-5692 Main: (212) 971-0078 Fax: (646) 365-3183 From owner-freebsd-isp@FreeBSD.ORG Fri May 26 18:12:23 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C269816A9C7 for ; Fri, 26 May 2006 18:12:23 +0000 (UTC) (envelope-from cody@wilkshire.net) Received: from mail.wilkshire.net (mail.wilkshire.net [12.111.120.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id C5B2443D48 for ; Fri, 26 May 2006 18:12:22 +0000 (GMT) (envelope-from cody@wilkshire.net) Received: (qmail 25020 invoked from network); 26 May 2006 14:12:21 -0400 Received: from unknown (HELO localhost) (10.10.55.25) by 10.10.55.20 with SMTP; 26 May 2006 14:12:21 -0400 Received: from mail.wilkshire.net ([10.10.55.20]) by localhost (virusproxy5.wilkshire.net [10.10.55.25]) (amavisd-new, port 10024) with ESMTP id 25307-05; Fri, 26 May 2006 14:12:19 -0400 (EDT) Received: from [10.57.128.241] (fw1.bolivar.wilkshire.net [12.111.120.4]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wilkshire.net (Postfix) with ESMTP id DB452A74248; Fri, 26 May 2006 14:12:18 -0400 (EDT) Message-ID: <44774502.7060303@wilkshire.net> Date: Fri, 26 May 2006 14:12:18 -0400 From: Cody Baker User-Agent: Thunderbird 1.5.0.2 (Windows/20060308) MIME-Version: 1.0 CC: freebsd-isp@freebsd.org References: <4477250F.2@ccstores.com> <20060526155758.GA69287@energistic.com> In-Reply-To: <20060526155758.GA69287@energistic.com> X-Enigmail-Version: 0.94.0.0 X-Virus-Scanned: amavisd-new at wilkshire.net Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: bandwidth monitoring X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2006 18:12:29 -0000 Ntop is a good tool, we use it, but my experience is that it's buggy at best and downright unusable at times. Also, it's data isn't very portable. I'd recommend using SNMP data from a managed switch. If that's not an option the you might consider using SNMP data from your router or worst case directly from each individual server. In terms of software this generally means net-snmp connected to rrdtool or mrtg. I googled real quick and http://www.openxtra.co.uk/resource-center/open_source_network_monitoring.php seems to provide a quick front en to these tools. Thank You, Cody Baker cody@wilkshire.net Steve Ames wrote: > ntop would work if its actually a hub. ntop would work with a switch > also but you'd have to tell the switch to make sure that your BSD > box gets a copy of all traffic. > > On Fri, May 26, 2006 at 08:55:59AM -0700, Jim Pazarena wrote: > >> Is there the ability to have a server which is in the common hub >> monitor bandwidth usage of clients going out the gateway? >> >> My telco will shortly be changing billing practices and bandwidth >> usage per client will be extremely important per customer. >> >> Is there a FreeBSD port available to do this, or must I have an appliance >> in-line that all traffic passes thru? >> >> Thanks! >> Jim >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >> > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Fri May 26 18:27:39 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2179616A45A for ; Fri, 26 May 2006 18:27:39 +0000 (UTC) (envelope-from ormandj@corenode.com) Received: from zone2.corenode.com (zone2.corenode.com [66.91.129.184]) by mx1.FreeBSD.org (Postfix) with ESMTP id BAF6243D46 for ; Fri, 26 May 2006 18:27:38 +0000 (GMT) (envelope-from ormandj@corenode.com) Received: from corenode.com ([127.0.0.1]) by zone2.corenode.com (Sun Java System Messaging Server 6.2-3.04 (built Jul 15 2005)) with ESMTP id <0IZV00F06Y09HJ00@zone2.corenode.com> for freebsd-isp@freebsd.org; Fri, 26 May 2006 08:28:57 -1000 (HST) Received: from [132.160.192.10] by zone2.corenode.com (mshttpd); Fri, 26 May 2006 08:28:57 -1000 Date: Fri, 26 May 2006 08:28:57 -1000 From: "David J. Orman" In-reply-to: <44774502.7060303@wilkshire.net> To: freebsd-isp@freebsd.org Message-id: MIME-version: 1.0 X-Mailer: Sun Java(tm) System Messenger Express 6.2-3.04 (built Jul 15 2005) Content-type: text/plain; charset=us-ascii Content-language: en Content-transfer-encoding: 7BIT Content-disposition: inline X-Accept-Language: en Priority: normal References: <4477250F.2@ccstores.com> <20060526155758.GA69287@energistic.com> <44774502.7060303@wilkshire.net> Subject: Re: bandwidth monitoring X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2006 18:27:47 -0000 SNMP is the way to go, absolutely, at the switch + possibly router level. There is no other solution that even comes close. If absolutely necessary, you can, as the previous posted mentioned, monitor the servers themselves via SNMP. This generally isn't a good idea, however, and it is best to avoid it if possible (for bandwidth monitoring.. keep in mind you can monitor cpu, memory, and lots of other nifty stuff via snmp on the servers themselves.) That being said, you'll need a way to collect data, analyze it, store it, and display it in usable means. There is again, one solution that trumps them all: http://www.cacti.net/ I know I sound really opinionated, but it really is the truth. If they ever finish the PgSQL support, it'll be pure bliss. That's the only thing about the package I don't like, the mySQL requirement. ;) Cheers, David ----- Original Message ----- From: Cody Baker Date: Friday, May 26, 2006 8:12 am Subject: Re: bandwidth monitoring > Ntop is a good tool, we use it, but my experience is that it's > buggy at > best and downright unusable at times. Also, it's data isn't very > portable. I'd recommend using SNMP data from a managed switch. If > that'snot an option the you might consider using SNMP data from > your router or > worst case directly from each individual server. In terms of software > this generally means net-snmp connected to rrdtool or mrtg. I googled > real quick and > http://www.openxtra.co.uk/resource- > center/open_source_network_monitoring.phpseems to provide a quick > front en to these tools. > > Thank You, > > Cody Baker > cody@wilkshire.net > > > Steve Ames wrote: > > ntop would work if its actually a hub. ntop would work with a switch > > also but you'd have to tell the switch to make sure that your BSD > > box gets a copy of all traffic. > > > > On Fri, May 26, 2006 at 08:55:59AM -0700, Jim Pazarena wrote: > > > >> Is there the ability to have a server which is in the common hub > >> monitor bandwidth usage of clients going out the gateway? > >> > >> My telco will shortly be changing billing practices and bandwidth > >> usage per client will be extremely important per customer. > >> > >> Is there a FreeBSD port available to do this, or must I have an > appliance>> in-line that all traffic passes thru? > >> > >> Thanks! > >> Jim > >> _______________________________________________ > >> freebsd-isp@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp > >> To unsubscribe, send any mail to "freebsd-isp- > unsubscribe@freebsd.org">> > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp- > unsubscribe@freebsd.org"> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Fri May 26 18:27:48 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 37F6516A5AB for ; Fri, 26 May 2006 18:27:43 +0000 (UTC) (envelope-from steve@virtual-voodoo.com) Received: from energistic.com (mail.energistic.com [216.54.148.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 28B5143D46 for ; Fri, 26 May 2006 18:27:41 +0000 (GMT) (envelope-from steve@virtual-voodoo.com) Received: from stevenew (static-71-98-120-2.ipslin.dsl-w.verizon.net [71.98.120.2]) (authenticated bits=0) by energistic.com (8.13.6/8.13.6) with ESMTP id k4QIRaRA071694; Fri, 26 May 2006 14:27:40 -0400 (EDT) (envelope-from steve@virtual-voodoo.com) Message-ID: <017a01c680f2$1061e590$aa00030a@officescape.net> From: "Steve Ames" To: "Cody Baker" References: <4477250F.2@ccstores.com> <20060526155758.GA69287@energistic.com> <44774502.7060303@wilkshire.net> Date: Fri, 26 May 2006 14:27:35 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1807 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1807 X-Spam-Status: No, score=-7.5 required=5.0 tests=AWL,BAYES_00,SPF_FAIL, USER_IN_WHITELIST_TO autolearn=no version=3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on energistic.com Cc: freebsd-isp@freebsd.org Subject: Re: bandwidth monitoring X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2006 18:27:58 -0000 SNMP is solid if each individual client is connected to its own port on a switch that you have SNMP access to. In that case your suggestion is dead-on. I was assuming that the information had to be snagged at a higher layer but re-reading the original question I'm not sure why I believed that. Cody Baker wrote: > Ntop is a good tool, we use it, but my experience is that it's buggy > at best and downright unusable at times. Also, it's data isn't very > portable. I'd recommend using SNMP data from a managed switch. If > that's not an option the you might consider using SNMP data from your > router or worst case directly from each individual server. In terms > of software this generally means net-snmp connected to rrdtool or > mrtg. I googled real quick and > http://www.openxtra.co.uk/resource-center/open_source_network_monitoring.php > seems to provide a quick front en to these tools. > > Thank You, > > Cody Baker > cody@wilkshire.net > > > Steve Ames wrote: >> ntop would work if its actually a hub. ntop would work with a switch >> also but you'd have to tell the switch to make sure that your BSD >> box gets a copy of all traffic. >> >> On Fri, May 26, 2006 at 08:55:59AM -0700, Jim Pazarena wrote: >> >>> Is there the ability to have a server which is in the common hub >>> monitor bandwidth usage of clients going out the gateway? >>> >>> My telco will shortly be changing billing practices and bandwidth >>> usage per client will be extremely important per customer. >>> >>> Is there a FreeBSD port available to do this, or must I have an >>> appliance in-line that all traffic passes thru? >>> >>> Thanks! >>> Jim >>> _______________________________________________ >>> freebsd-isp@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >>> To unsubscribe, send any mail to >>> "freebsd-isp-unsubscribe@freebsd.org" >>> >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to >> "freebsd-isp-unsubscribe@freebsd.org" >> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Fri May 26 18:35:54 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB2D816AEFA for ; Fri, 26 May 2006 18:35:54 +0000 (UTC) (envelope-from jjirsa@hmc.edu) Received: from 2advanced.com (2advanced.com [216.174.103.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8EA7343D72 for ; Fri, 26 May 2006 18:35:54 +0000 (GMT) (envelope-from jjirsa@hmc.edu) Received: from JJirsa (cartman.2advanced.net [216.174.103.7]) by 2advanced.com (8.12.9/8.12.9) with ESMTP id k4QIZjop021784 for ; Fri, 26 May 2006 11:35:45 -0700 From: "Jeff Jirsa \(HMC\)" To: Date: Fri, 26 May 2006 11:35:51 -0700 Message-ID: <007401c680f3$36e3e0f0$a001a8c0@2advanced.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 In-Reply-To: <44774502.7060303@wilkshire.net> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 Thread-Index: AcaA8G8I/bQXMVtfQd+gHIjGK0mj9QAAdnEA Subject: RE: bandwidth monitoring X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2006 18:36:07 -0000 Steve Ames wrote: > ntop would work if its actually a hub. ntop would work with a switch > also but you'd have to tell the switch to make sure that your BSD > box gets a copy of all traffic. You can use ntop's netflow collector in conjunction with netflow-enabled switches to avoid spanning all of the traffic to the BSD box. That way, you're only getting a few UDP streams instead of a copy of all traffic crossing the switch - much easier to handle. We use that combination to collect data, then dump at regular intervals into a database for accounting/billing. - J -- Jeff Jirsa jjirsa@2advanced.net Senior Network Engineer 2advanced.net: Precision Hosting Platform From owner-freebsd-isp@FreeBSD.ORG Sat May 27 01:10:57 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6074A16A4CC for ; Sat, 27 May 2006 01:10:57 +0000 (UTC) (envelope-from jon@seaholm.caamora.com.au) Received: from seaholm.caamora.com.au (seaholm.caamora.com.au [203.7.226.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id DDA0843D46 for ; Sat, 27 May 2006 01:10:54 +0000 (GMT) (envelope-from jon@seaholm.caamora.com.au) Received: (from jon@localhost) by seaholm.caamora.com.au (8.11.1/8.11.1) id k4R1Adq07780; Sat, 27 May 2006 11:10:39 +1000 (EST) Message-ID: <20060527111039.48930@caamora.com.au> Date: Sat, 27 May 2006 11:10:39 +1000 From: jonathan michaels To: Jim Pazarena References: <4477250F.2@ccstores.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.84e In-Reply-To: <4477250F.2@ccstores.com>; from Jim Pazarena on Fri, May 26, 2006 at 08:55:59AM -0700 Organisation: Caamora, PO Box 144, Rosebery NSW 1445 Australia Cc: freebsd-isp@freebsd.org Subject: Re: bandwidth monitoring X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 May 2006 01:10:57 -0000 On Fri, May 26, 2006 at 08:55:59AM -0700, Jim Pazarena wrote: > Is there the ability to have a server which is in the common hub > monitor bandwidth usage of clients going out the gateway? > > My telco will shortly be changing billing practices and bandwidth > usage per client will be extremely important per customer. > > Is there a FreeBSD port available to do this, or must I have an appliance > in-line that all traffic passes thru? name of package is NetraMet NeTraMet-4.3 /usr/ports/net/NeTraMet it is basically self contained excpet for "nifty" which is a x11 based flow analyser .. all in all it is a goodly package, i used it for a freebsd v4.6-release project. this is an tcp/ip network accounting package, it reports on teh trafic flow through you network and to each node, gives quite detaild reports. also it can provide lots of stuff teh other "simple" packet counters are not able to do as they just don't have the tools to be able to do so. netramet is an implementation of the "internet accounting architecture" rfc-2063 and rfc 2064 for further details and documentation see ... WWW: http://www.auckland.ac.nz/net/Accounting/ a basic do teh job toolkit is available from freebsd ports well hope that this helps, its an oldie but a goodie as tehy used ti say in teh old days .. regards and best wishes jonathan -- ================================================================ powered by .. QNX, OS9 and freeBSD -- http://caamora com au/operating system ==== === appropriate solution in an inappropriate world === ==== From owner-freebsd-isp@FreeBSD.ORG Sat May 27 15:14:37 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5ACE516B15F for ; Sat, 27 May 2006 15:14:37 +0000 (UTC) (envelope-from janasamit@wlink.com.np) Received: from krishna.wlink.com.np (krishna.wlink.com.np [202.79.32.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8427343D4C for ; Sat, 27 May 2006 15:14:36 +0000 (GMT) (envelope-from janasamit@wlink.com.np) Received: from samit.wlink.com.np (samit.wlink.com.np [202.79.36.161]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by krishna.wlink.com.np (Postfix) with ESMTP id 8A9B8625D8 for ; Sat, 27 May 2006 20:37:35 +0545 (NPT) From: Samit Jana Organization: WorldLink Communicatios To: freebsd-isp@freebsd.org Date: Sat, 27 May 2006 20:37:33 +0545 User-Agent: KMail/1.8.3 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200605272037.34036.janasamit@wlink.com.np> Subject: PPPOE over VLan Interfaces X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 May 2006 15:14:49 -0000 Hi , I am testing PPPOE over VLAN interfaces on a Freebsd 4.10 server with 3 Vlan interfaces and running 3 separated pppoed service for each Vlan interface. So far it is performing well and serving over 40 simultaneous connection without any problem during my test. Now before I put the boxes on Production to serve over 400 simultaneous connections and over 40 VLAN interfaces, I would like to hear some comments If anybody running similar kind of setup? and is there any performance issues known so far? -- samit