From owner-freebsd-net Sun Jul 23 19: 4:52 2000 Delivered-To: freebsd-net@freebsd.org Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124]) by hub.freebsd.org (Postfix) with ESMTP id ABE0137B5A8 for ; Sun, 23 Jul 2000 19:04:48 -0700 (PDT) (envelope-from jinmei@isl.rdc.toshiba.co.jp) Received: from localhost ([3ffe:501:100f:10c1:250:4ff:fefe:d85f]) by shuttle.wide.toshiba.co.jp (8.9.1+3.1W/8.9.1) with ESMTP id KAA16571; Mon, 24 Jul 2000 10:49:52 +0900 (JST) Date: Mon, 24 Jul 2000 11:00:01 +0900 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: zaks@prioris.mini.pw.edu.pl Cc: freebsd-net@FreeBSD.ORG Subject: Re: "nd6_lookup: failed" after upgrade to 4.1-RC In-Reply-To: In your message of "Fri, 21 Jul 2000 19:27:14 +0200" <20000721192714.A75927@prioris.mini.pw.edu.pl> References: <20000721192714.A75927@prioris.mini.pw.edu.pl> User-Agent: Wanderlust/2.3.0 (Roam) Emacs/20.6 Mule/4.0 (HANANOEN) Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan. MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu") Content-Type: text/plain; charset=US-ASCII X-Dispatcher: imput version 980905(IM100) Lines: 43 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>>>> On Fri, 21 Jul 2000 19:27:14 +0200, >>>>> Slawek Zak said: > I have a tunnel v6 over v4. When I try to connect any host using ipv6 > I a flooded with messages saying: > pf39 nd6_lookup: failed to add route for a \ > neighbor(3ffe:8010:0007:0002::0001), errno=17 > When I manualy delete the route to 3ffe:8010:0007:0002::0001 I get: > pf39 nd6_lookup: failed to lookup \ > 3ffe:8010:0007:0002::0001 (if = gif0) > In both cases I can communicate just fine, only the syslog hurts. Please set 128 to the prefix length for a pair of source and destination address on a p2p interface. If not, the kernel will regard the peer as a neighbor and try to check reachability using IPv6 neighbor unreachability detection mechanism, which causes the above warning. So, > ## IPv6 > ifconfig_gif0="inet6 3ffe:8010:7:2::2 3ffe:8010:7:2::1 prefixlen 126" should be ifconfig_gif0="inet6 3ffe:8010:7:2::2 3ffe:8010:7:2::1 prefixlen 128" By the way, > ipv6_route_gif0="default 3ffe:8010:7:2::1" does this mean that the default route is the global address? I recommend you not to use a global address as a gateway in the routing table, since a global gateway annoys routing protocols in some cases (e.g. PIM for IPv6 does not work with a global gateway). JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jul 23 20:16:18 2000 Delivered-To: freebsd-net@freebsd.org Received: from sasami.jurai.net (sasami.jurai.net [63.67.141.99]) by hub.freebsd.org (Postfix) with ESMTP id 7190837B7B1 for ; Sun, 23 Jul 2000 20:16:15 -0700 (PDT) (envelope-from winter@jurai.net) Received: from localhost (winter@localhost) by sasami.jurai.net (8.9.3/8.8.7) with ESMTP id XAA15905; Sun, 23 Jul 2000 23:15:59 -0400 (EDT) Date: Sun, 23 Jul 2000 23:15:59 -0400 (EDT) From: "Matthew N. Dodd" To: "Richard A. Steenbergen" Cc: bv@wjv.com, freebsd-net@FreeBSD.ORG Subject: Re: "ifconfig" == "ifconfig -a" In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 19 Jul 2000, Richard A. Steenbergen wrote: > I don't think the arguement is to make it "like linux", I think the > arguement is that "classic unix" behavior is wrong and inconsistant > with a well thought out design. :P Uh... When commands are faced with insufficiently specific user input they should stop everything and ask the user what they really want. Seems to lend itself to consistancy and is well thought out to boot. I'm against all this "but Linux/NT/foo does it this way!" nonesense. -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | winter@jurai.net | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | This Space For Rent | ISO8802.5 4ever | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 4:19:33 2000 Delivered-To: freebsd-net@freebsd.org Received: from ns1.eds.ch (ns1.eds.ch [194.235.48.8]) by hub.freebsd.org (Postfix) with ESMTP id AEAC737B6F5 for ; Mon, 24 Jul 2000 04:19:23 -0700 (PDT) (envelope-from roberto.Nunnari@agie.ch) Received: from onyx.eds.ch (onyx.eds.ch [206.122.128.224]) by ns1.eds.ch (8.9.3/8.9.3) with ESMTP id NAA09823 for ; Mon, 24 Jul 2000 13:27:56 +0200 (MET DST) Received: from mailsrv.eds.ch (mailsrv.eds.ch [194.235.174.72] (may be forged)) by onyx.eds.ch (8.9.3/8.9.3) with ESMTP id NAA11432 for ; Mon, 24 Jul 2000 13:23:29 +0200 (MET DST) Received: from agie.ch ([198.132.159.194]) by mailsrv.eds.ch (Netscape Messaging Server 3.6) with ESMTP id AAA5AD7 for ; Mon, 24 Jul 2000 13:15:18 +0200 Message-ID: <397C340E.98B471AA@agie.ch> Date: Mon, 24 Jul 2000 13:18:22 +0100 From: "Roberto Nunnari, AGIE" Organization: AGIE X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: net@freebsd.org Subject: gateway strange behaviour for telnet and ftp Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi there. Some time ago I already posted a question on this strange behaviour I see when telnet or ftp from the local network to the gateway. Here's the network configuration: - host1 192.168.1.1 gateway to my isp - host2 192.168.1.2 workstation - host3 192.168.1.3 workstation - host4 192.168.1.4 workstation host1 also acts as a master DNS for the local network other host have host1 as the default router and DNS. all workstation can reach each other and also access the internet through host1 Every thing works just marveillous until I try to telnet or ftp or nfs host1 from any other host on the local network. Here, the initiating host don't get a login prompt until host1 has made a connection to the isp. I'm pretty sure named is behaving well as nslookup doesn't report anything wrong and the problem show up both using host1's name or ip address directly. I'm thinking more of some missconfigured filter or ipfw, but host1 is not set up as a firewall... Any hints? Best regards. -- Roberto Nunnari -software engineer- mailto:roberto.nunnari@agie.ch AGIE - http://www.agie.com Via dei pioppi 16 tel: +41-91-8069138 6616 Losone """ Switzerland (o o) =======================oOO==(_)==OOo======================== MY OPNIONS ARE NOT NECESSARELY THOSE OF MY EMPLOYER To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 7: 0:21 2000 Delivered-To: freebsd-net@freebsd.org Received: from sugar.pharlap.com (sugar.pharlap.com [192.107.36.1]) by hub.freebsd.org (Postfix) with ESMTP id E6C6F37B842 for ; Mon, 24 Jul 2000 07:00:15 -0700 (PDT) (envelope-from clark@pharlap.com) Received: from clark ([192.107.36.171]) by sugar.pharlap.com (Post.Office MTA v3.5.2 release 221 ID# 0-56365U200L2S100V35) with SMTP id com for ; Mon, 24 Jul 2000 10:02:07 -0400 From: clark@pharlap.com (Clark Jarvis) Date: Mon, 24 Jul 2000 10:08:52 -0400 To: freebsd-net@FreeBSD.ORG In-Reply-To: Subject: Re: "ifconfig" == "ifconfig -a" X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v2.19zg/19zg Message-ID: <20000724140207670.AAA249@sugar.pharlap.com@clark> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In , on 07/23/00 at 10:15 PM, "Matthew N. Dodd" said: >On Wed, 19 Jul 2000, Richard A. Steenbergen wrote: >> I don't think the arguement is to make it "like linux", I think the >> arguement is that "classic unix" behavior is wrong and inconsistant >> with a well thought out design. :P >Uh... When commands are faced with insufficiently specific user input >they should stop everything and ask the user what they really want. >Seems to lend itself to consistancy and is well thought out to boot. Yeah, but *NIX _isn't_ consistent. Witness the different, although all defendably valid behaviors of mount, arp, and route. Mount dumps all with no arguments, arp allows "-a" to get all ARP entries, but route doesn't provide any way to get the entire routing table. -- Clark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 7: 9: 4 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id 9BB1E37B914 for ; Mon, 24 Jul 2000 07:09:00 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id IAA80971; Mon, 24 Jul 2000 08:08:49 -0600 (MDT) Date: Mon, 24 Jul 2000 08:08:49 -0600 (MDT) From: Nick Rogness To: "Roberto Nunnari, AGIE" Cc: net@freebsd.org Subject: Re: gateway strange behaviour for telnet and ftp In-Reply-To: <397C340E.98B471AA@agie.ch> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 24 Jul 2000, Roberto Nunnari, AGIE wrote: > > Here's the network configuration: > - host1 192.168.1.1 gateway to my isp > - host2 192.168.1.2 workstation > - host3 192.168.1.3 workstation > - host4 192.168.1.4 workstation > > host1 also acts as a master DNS for the local network > > other host have host1 as the default router and DNS. > > all workstation can reach each other and also access the > internet through host1 > > Every thing works just marveillous until I try to > telnet or ftp or nfs host1 from any other host on the local > network. Here, the initiating host don't get a login prompt > until host1 has made a connection to the isp. This is DNS related. More than likely, it is trying to do a reverse lookup on your 192.168.1.0/24 network hosts. Add that network's IN_ADDR_ARPA in your name server (host1), add corresponding A pointers as well for all host on the local network. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 7:45:37 2000 Delivered-To: freebsd-net@freebsd.org Received: from ns1.eds.ch (ns1.eds.ch [194.235.48.8]) by hub.freebsd.org (Postfix) with ESMTP id 9183637B719 for ; Mon, 24 Jul 2000 07:45:15 -0700 (PDT) (envelope-from roberto.Nunnari@agie.ch) Received: from onyx.eds.ch (onyx.eds.ch [206.122.128.224]) by ns1.eds.ch (8.9.3/8.9.3) with ESMTP id QAA13824 for ; Mon, 24 Jul 2000 16:53:43 +0200 (MET DST) Received: from mailsrv.eds.ch (mailsrv.eds.ch [194.235.174.72] (may be forged)) by onyx.eds.ch (8.9.3/8.9.3) with ESMTP id QAA21092 for ; Mon, 24 Jul 2000 16:49:14 +0200 (MET DST) Received: from agie.ch ([198.132.159.194]) by mailsrv.eds.ch (Netscape Messaging Server 3.6) with ESMTP id AAA929; Mon, 24 Jul 2000 16:41:00 +0200 Message-ID: <397C6440.37253C6C@agie.ch> Date: Mon, 24 Jul 2000 16:44:00 +0100 From: "Roberto Nunnari, AGIE" Organization: AGIE X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Nick Rogness Cc: net@freebsd.org Subject: Re: gateway strange behaviour for telnet and ftp References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Nick. Thanks for replying. But why it behaves that way only for telnet/ftp/nfs? ping host1 works OK. As ping works at ICMP level, I also wrote a couple of small programs that ping host1 at TCP and UDP level. Well, that test works just fine, both when using host1's name or ipaddress. What do you think? This evening I'll give it a try with IN_ADDR_ARPA anyway... Nick Rogness wrote: > > > Every thing works just marveillous until I try to > > telnet or ftp or nfs host1 from any other host on the local > > network. Here, the initiating host don't get a login prompt > > until host1 has made a connection to the isp. > > This is DNS related. More than likely, it is trying to do a > reverse lookup on your 192.168.1.0/24 network hosts. Add that > network's IN_ADDR_ARPA in your name server (host1), add > corresponding A pointers as well for all host on the local > network. > -- Roberto Nunnari -software engineer- mailto:roberto.nunnari@agie.ch AGIE - http://www.agie.com Via dei pioppi 16 tel: +41-91-8069138 6616 Losone """ Switzerland (o o) =======================oOO==(_)==OOo======================== MY OPNIONS ARE NOT NECESSARELY THOSE OF MY EMPLOYER To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 8: 6:36 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id A5A7E37BAFC for ; Mon, 24 Jul 2000 08:05:43 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id JAA14013; Mon, 24 Jul 2000 09:05:39 -0600 (MDT) Date: Mon, 24 Jul 2000 09:05:39 -0600 (MDT) From: Nick Rogness To: "Roberto Nunnari, AGIE" Cc: net@freebsd.org Subject: Re: gateway strange behaviour for telnet and ftp In-Reply-To: <397C6440.37253C6C@agie.ch> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 24 Jul 2000, Roberto Nunnari, AGIE wrote: > > But why it behaves that way only for telnet/ftp/nfs? When you telnet to a host on your network, the telnetd daemon running on that machine, issues a (PTR) request to your name server asking for name of the host connecting. A good test would be using nslookup: # nslookup Default Server: ns1.domain.com Address: 192.168.1.1 > 192.168.1.2 Server: ns1.domain.com Address: 192.168.1.1 *** ns1.domain.com can't find 192.168.1.2: Non-existent host/domain If that request makes your nameserver dial, you know you have found your problem. Solution: Either add entries in all of your /etc/hosts (or equivilent hosts file) or add a in-addr-arpa zone in your nameserver: zone "1.168.192.IN-ADDR.ARPA" { blah blah allow-query { 192.168.1/24; }; }; Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 8:16:21 2000 Delivered-To: freebsd-net@freebsd.org Received: from obie.softweyr.com (obie.softweyr.com [204.68.178.33]) by hub.freebsd.org (Postfix) with ESMTP id 6E82737BC9F for ; Mon, 24 Jul 2000 08:15:43 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.com (Foolstrustident!@homer.softweyr.com [204.68.178.39]) by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id JAA00101; Mon, 24 Jul 2000 09:15:31 -0600 (MDT) (envelope-from wes@softweyr.com) Message-ID: <397C5E86.6B0A0B72@softweyr.com> Date: Mon, 24 Jul 2000 09:19:34 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.0-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: "Roberto Nunnari, AGIE" Cc: Nick Rogness , net@FreeBSD.ORG Subject: Re: gateway strange behaviour for telnet and ftp References: <397C6440.37253C6C@agie.ch> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "Roberto Nunnari, AGIE" wrote: > > Hi Nick. Thanks for replying. > > But why it behaves that way only for telnet/ftp/nfs? Because the server daemones for each of those do the reverse lookup, for logging and/or authentication purposes. Ping never gets out of the IP stack; one of the reasons it is preferred for testing connectivity is the minimal load it imposes on the target being pinged. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 8:53:33 2000 Delivered-To: freebsd-net@freebsd.org Received: from ns1.eds.ch (ns1.eds.ch [194.235.48.8]) by hub.freebsd.org (Postfix) with ESMTP id AAC3C37BB6E for ; Mon, 24 Jul 2000 08:52:56 -0700 (PDT) (envelope-from roberto.Nunnari@agie.ch) Received: from onyx.eds.ch (onyx.eds.ch [206.122.128.224]) by ns1.eds.ch (8.9.3/8.9.3) with ESMTP id SAA14950 for ; Mon, 24 Jul 2000 18:01:29 +0200 (MET DST) Received: from mailsrv.eds.ch (mailsrv.eds.ch [194.235.174.72] (may be forged)) by onyx.eds.ch (8.9.3/8.9.3) with ESMTP id RAA23773 for ; Mon, 24 Jul 2000 17:56:59 +0200 (MET DST) Received: from agie.ch ([198.132.159.194]) by mailsrv.eds.ch (Netscape Messaging Server 3.6) with ESMTP id AAA1247; Mon, 24 Jul 2000 17:48:47 +0200 Message-ID: <397C7421.484B3CD4@agie.ch> Date: Mon, 24 Jul 2000 17:51:45 +0100 From: "Roberto Nunnari, AGIE" Organization: AGIE X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Nick Rogness Cc: net@freebsd.org Subject: Re: gateway strange behaviour for telnet and ftp References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thank you very very much Nick. It's not easy to find somebody competent and I understand you are. This evening I'll try to fix it up. Best regards. -- Roberto Nunnari -software engineer- mailto:roberto.nunnari@agie.ch AGIE - http://www.agie.com Via dei pioppi 16 tel: +41-91-8069138 6616 Losone """ Switzerland (o o) =======================oOO==(_)==OOo======================== MY OPNIONS ARE NOT NECESSARELY THOSE OF MY EMPLOYER To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 10: 0:50 2000 Delivered-To: freebsd-net@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 620CE37B830 for ; Mon, 24 Jul 2000 10:00:45 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id NAA45742; Mon, 24 Jul 2000 13:00:09 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 24 Jul 2000 13:00:09 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Wes Peters Cc: "Roberto Nunnari, AGIE" , Nick Rogness , net@FreeBSD.ORG Subject: Re: gateway strange behaviour for telnet and ftp In-Reply-To: <397C5E86.6B0A0B72@softweyr.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 24 Jul 2000, Wes Peters wrote: > Because the server daemones for each of those do the reverse lookup, for > logging and/or authentication purposes. Ping never gets out of the IP > stack; one of the reasons it is preferred for testing connectivity is the > minimal load it imposes on the target being pinged. This has gotten worse recently (well, relatively recently) with inclusion of TCP wrappers in standard binaries, including inetd, et al. Introducing DNS lookups is actually fairly irritating, especially given that most of the checks there are somewhat bogus, as easily spoofed :-). I don't believe our default wrapper rules should require DNS lookups; it would be nice if they didn't do them. Would also be nice if we logged IPs as well as hostnames in wtmp all of the time. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 10: 1: 6 2000 Delivered-To: freebsd-net@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id CA57C37B870; Mon, 24 Jul 2000 10:00:57 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id NAA45797; Mon, 24 Jul 2000 13:00:56 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 24 Jul 2000 13:00:56 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: freebsd-hackers@FreeBSD.org, freebsd-net@FreeBSD.org Subject: pass 2: Pittsburgh August IETF Meeting: FreeBSD dinner, et al? (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a resend of the original as we haven't picked up many people yet. Please reply to only appropriate addresses. :-) Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services ---------- Forwarded message ---------- Date: Fri, 14 Jul 2000 00:38:35 -0400 (EDT) From: Robert Watson To: freebsd-hackers@FreeBSD.org, freebsd-chat@FreeBSD.org Subject: Pittsburgh August IETF Meeting: FreeBSD dinner, et al? So it's coming up on that IETF time of year again, this time in beautiful (?) down-town Pittsburgh, in the first week of August. First, I'd like to encourage FreeBSD people to turn out for the event, as a strong showing in the standards community is great, and keeps the research projects coming to the platform (bring us things like industry-standard IP stacks). IETF meetings are a lot of fun, even if you don't have the technical background to participate fully. The hotels are filling fast, so book soon. Second, I'd like to bring up the topic of a FreeBSD dinner. We did one at the November IETF in DC with relatively good success, last year, although a reservation in advance is probably a good idea this time :-). With that in mind, I'd be glad to help organize things somewhat. The best day for me might actually be Monday evening, during the two-hour break, but I'm open to suggestions here if there are any serious BSD conflicts (i.e., a KAME meeting or something). If you're interested in participating, please feel free to send me an e-mail including: Your name Your preferred e-mail address Your preferred contact mechanism while at IETF (shout, for example, but preferably e-mail, or hotel information) Whether you would like to attend (obligatory: yes) Whether Monday would work for you or not, and if not, why Hope to see you all there! Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 10:26:28 2000 Delivered-To: freebsd-net@freebsd.org Received: from pogo.caustic.org (pogo.caustic.org [208.44.193.69]) by hub.freebsd.org (Postfix) with ESMTP id EF93437BA00 for ; Mon, 24 Jul 2000 10:26:24 -0700 (PDT) (envelope-from jan@caustic.org) Received: from localhost (jan@localhost) by pogo.caustic.org (8.10.0/ignatz) with ESMTP id e6OHQIE59575 for ; Mon, 24 Jul 2000 10:26:18 -0700 (PDT) Date: Mon, 24 Jul 2000 10:26:18 -0700 (PDT) From: "f.johan.beisser" To: freebsd-net@freebsd.org Subject: true aliased interface? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org i've not dug anything up on this, but i'm curious. is there a way to alias or set up an extra interface? not adding an IP to the existing one, but an a true separate interface on the same hardware? E.G: fxp0 flags=8843 mtu=1500 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 fxp0.1 flags=8843 mtu=1500 inet 192.168.0.2 netmask 0xffffffff broadcast 192.168.0.255 etc... thanks much, jan +-----/ f. johan beisser /------------------------------+ email: jan[at]caustic.org web: http://www.caustic.org/~jan "knowledge is power. power corrupts. study hard, be evil." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 10:27:38 2000 Delivered-To: freebsd-net@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id 3CC3D37BC37; Mon, 24 Jul 2000 10:27:32 -0700 (PDT) (envelope-from ume@mahoroba.org) Received: from localhost (IDENT:FDu0hvEP+Z2ufymPsd7v1H7bKpVhd1yWxhiv7bRWdo6KHWPfnr0afCgkN4kB9sO/@localhost [::1]) (authenticated) by peace.mahoroba.org (8.10.2/3.7W-peace) with ESMTP id e6OHRQh67053; Tue, 25 Jul 2000 02:27:26 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Tue, 25 Jul 2000 02:27:23 +0900 (JST) Message-Id: <20000725.022723.115966623.ume@mahoroba.org> To: rwatson@FreeBSD.ORG Cc: wes@softweyr.com, roberto.Nunnari@agie.ch, nick@rapidnet.com, net@FreeBSD.ORG Cc: ume@mahoroba.org Subject: Re: gateway strange behaviour for telnet and ftp From: Hajimu UMEMOTO In-Reply-To: References: <397C5E86.6B0A0B72@softweyr.com> X-Mailer: xcite1.20> Mew version 1.95b38 on Emacs 20.6 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-OS: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>>>> On Mon, 24 Jul 2000 13:00:09 -0400 (EDT) >>>>> Robert Watson said: rwatson> This has gotten worse recently (well, relatively recently) with inclusion rwatson> of TCP wrappers in standard binaries, including inetd, et al. Introducing rwatson> DNS lookups is actually fairly irritating, especially given that most of rwatson> the checks there are somewhat bogus, as easily spoofed :-). I don't rwatson> believe our default wrapper rules should require DNS lookups; it would be rwatson> nice if they didn't do them. No. Default rule of libwrap allows any connections. I believe this doesn't do reverse lookup. It is done by realhostname{,_sa}(3) during login process. rwatson> Would also be nice if we logged IPs as well as hostnames in wtmp all of rwatson> the time. If you intend to obtain hostname, you need reverse lookup. ;-) -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 11: 9:20 2000 Delivered-To: freebsd-net@freebsd.org Received: from ozias.inrs-telecom.uquebec.ca (ozias.inrs-telecom.uquebec.ca [192.26.211.164]) by hub.freebsd.org (Postfix) with ESMTP id 1863C37BD22 for ; Mon, 24 Jul 2000 11:08:50 -0700 (PDT) (envelope-from aljtarik@cholla.inrs-telecom.uquebec.ca) Received: from cholla.INRS-Telecom.UQuebec.CA (cholla [192.26.211.110]) by ozias.inrs-telecom.uquebec.ca (8.9.1/8.9.1) with ESMTP id OAA04495; Mon, 24 Jul 2000 14:08:25 -0400 (EDT) Received: from cholla by cholla.INRS-Telecom.UQuebec.CA (8.9.3+Sun/SMI-SVR4) id OAA01624; Mon, 24 Jul 2000 14:08:22 -0400 (EDT) Message-Id: <200007241808.OAA01624@cholla.INRS-Telecom.UQuebec.CA> Date: Mon, 24 Jul 2000 14:08:22 -0400 (EDT) From: Tarik Alj Reply-To: Tarik Alj Subject: Re: true aliased interface? To: jan@caustic.org Cc: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: XYqtHnfqUHMuLFPAk86Iyg== X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.4 SunOS 5.8 sun4u sparc Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I believe ifconfig would be the tool for that. >Delivered-To: freebsd-net@freebsd.org >Date: Mon, 24 Jul 2000 10:26:18 -0700 (PDT) >From: "f.johan.beisser" >To: freebsd-net@freebsd.org >Subject: true aliased interface? >MIME-Version: 1.0 >X-Loop: FreeBSD.org > > >i've not dug anything up on this, but i'm curious. > >is there a way to alias or set up an extra interface? not adding an IP to >the existing one, but an a true separate interface on the same hardware? > >E.G: > fxp0 flags=8843 mtu=1500 > inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 > > fxp0.1 flags=8843 mtu=1500 > inet 192.168.0.2 netmask 0xffffffff broadcast 192.168.0.255 > > etc... > >thanks much, >jan > > +-----/ f. johan beisser /------------------------------+ > email: jan[at]caustic.org web: http://www.caustic.org/~jan > "knowledge is power. power corrupts. study hard, be evil." > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-net" in the body of the message Tarik To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 12:51:26 2000 Delivered-To: freebsd-net@freebsd.org Received: from snafu.adept.org (adsl-63-201-63-44.dsl.snfc21.pacbell.net [63.201.63.44]) by hub.freebsd.org (Postfix) with ESMTP id A3A4737BC5C for ; Mon, 24 Jul 2000 12:51:21 -0700 (PDT) (envelope-from mike@adept.org) Received: by snafu.adept.org (Postfix, from userid 1000) id 01E709EE01; Mon, 24 Jul 2000 12:51:00 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by snafu.adept.org (Postfix) with ESMTP id EE7E39B001; Mon, 24 Jul 2000 12:51:00 -0700 (PDT) Date: Mon, 24 Jul 2000 12:51:00 -0700 (PDT) From: Mike Hoskins To: "f.johan.beisser" Cc: freebsd-net@freebsd.org Subject: Re: true aliased interface? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 24 Jul 2000, f.johan.beisser wrote: > fxp0 flags=8843 mtu=1500 > inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 > fxp0.1 flags=8843 mtu=1500 > inet 192.168.0.2 netmask 0xffffffff broadcast 192.168.0.255 > etc... Hmm... like cisco subifs. What would this accomplish? The traffic is still going over the same physical interface... so is the subif desire for cosmetic purposes, or is there some performance aspect in mind? -mrh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 15: 5:59 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail.interware.hu (mail.interware.hu [195.70.32.130]) by hub.freebsd.org (Postfix) with ESMTP id C394737BC34 for ; Mon, 24 Jul 2000 15:05:52 -0700 (PDT) (envelope-from julian@elischer.org) Received: from bissau-32.budapest.interware.hu ([195.70.53.160] helo=jules.elischer.org) by mail.interware.hu with smtp (Exim 3.12 #1 (Debian)) id 13GqM4-0003qr-00; Tue, 25 Jul 2000 00:05:44 +0200 Message-ID: <397CBD99.2781E494@elischer.org> Date: Mon, 24 Jul 2000 15:05:13 -0700 From: Julian Elischer X-Mailer: Mozilla 3.04Gold (X11; I; FreeBSD 5.0-CURRENT i386) MIME-Version: 1.0 To: net@freebsd.org Cc: m_evmenkin@yahoo.com Subject: Tap driver. Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I am slightly curious why the 'tap' driver was written. It seems to duplicate the 'tun' driver to a large extent. It could also be implemeted pretty easily with the netgraph interface type. Certainly it might have been easier to add the extra bells and whistles to one of these existing pseudo-interfaces than to rewrite and add a third... In fact I was considering whether the tun device could go away and be implemented using negraph.. It would give the opportunity of having arbitrary in-kernel processing of packets being received and sent. -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ;_.---._/ presently in: Budapest v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 24 18:28:14 2000 Delivered-To: freebsd-net@freebsd.org Received: from pogo.caustic.org (pogo.caustic.org [208.44.193.69]) by hub.freebsd.org (Postfix) with ESMTP id 9892037B78A for ; Mon, 24 Jul 2000 18:28:10 -0700 (PDT) (envelope-from jan@caustic.org) Received: from localhost (jan@localhost) by pogo.caustic.org (8.10.0/ignatz) with ESMTP id e6P1S7O60990; Mon, 24 Jul 2000 18:28:07 -0700 (PDT) Date: Mon, 24 Jul 2000 18:28:07 -0700 (PDT) From: "f.johan.beisser" To: Mike Hoskins Cc: freebsd-net@freebsd.org Subject: Re: true aliased interface? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org the real advantage is for a goofy test i'd like to do. basically, i want to have the two interfaces on one physical for natd on one machine, without installing two cards. if i can accomplish this with just ifconfig, i would, but i can't seem to dig up any info on it. -- jan On Mon, 24 Jul 2000, Mike Hoskins wrote: > On Mon, 24 Jul 2000, f.johan.beisser wrote: > > > fxp0 flags=8843 mtu=1500 > > inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 > > fxp0.1 flags=8843 mtu=1500 > > inet 192.168.0.2 netmask 0xffffffff broadcast 192.168.0.255 > > etc... > > Hmm... like cisco subifs. What would this accomplish? The traffic is > still going over the same physical interface... so is the subif desire > for cosmetic purposes, or is there some performance aspect in mind? > > -mrh > +-----/ f. johan beisser /------------------------------+ email: jan[at]caustic.org web: http://www.caustic.org/~jan "knowledge is power. power corrupts. study hard, be evil." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 25 2:37:34 2000 Delivered-To: freebsd-net@freebsd.org Received: from ns1.eds.ch (ns1.eds.ch [194.235.48.8]) by hub.freebsd.org (Postfix) with ESMTP id 5E62237BD2A for ; Tue, 25 Jul 2000 02:37:30 -0700 (PDT) (envelope-from roberto.Nunnari@agie.ch) Received: from onyx.eds.ch (onyx.eds.ch [206.122.128.224]) by ns1.eds.ch (8.9.3/8.9.3) with ESMTP id LAA23010 for ; Tue, 25 Jul 2000 11:46:03 +0200 (MET DST) Received: from mailsrv.eds.ch (mailsrv.eds.ch [194.235.174.72] (may be forged)) by onyx.eds.ch (8.9.3/8.9.3) with ESMTP id LAA10811 for ; Tue, 25 Jul 2000 11:41:33 +0200 (MET DST) Received: from agie.ch ([198.132.159.194]) by mailsrv.eds.ch (Netscape Messaging Server 3.6) with ESMTP id AAA5618; Tue, 25 Jul 2000 11:33:13 +0200 Message-ID: <397D6DA2.230EAC72@agie.ch> Date: Tue, 25 Jul 2000 11:36:18 +0100 From: "Roberto Nunnari, AGIE" Organization: AGIE X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Nick Rogness Cc: net@freebsd.org Subject: Re: gateway strange behaviour for telnet and ftp References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thanks Nick. Fixed! Best regards. -- Roberto Nunnari -software engineer- mailto:roberto.nunnari@agie.ch AGIE - http://www.agie.com Via dei pioppi 16 tel: +41-91-8069138 6616 Losone """ Switzerland (o o) =======================oOO==(_)==OOo======================== MY OPNIONS ARE NOT NECESSARELY THOSE OF MY EMPLOYER To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 25 5:35:33 2000 Delivered-To: freebsd-net@freebsd.org Received: from d12lmsgate.de.ibm.com (d12lmsgate.de.ibm.com [195.212.91.199]) by hub.freebsd.org (Postfix) with ESMTP id 7960137BD82 for ; Tue, 25 Jul 2000 05:35:29 -0700 (PDT) (envelope-from DRHAGER@de.ibm.com) Received: from d12relay01.de.ibm.com (d12relay01.de.ibm.com [9.165.215.22]) by d12lmsgate.de.ibm.com (1.0.0) with ESMTP id OAA75926; Tue, 25 Jul 2000 14:35:25 +0200 From: DRHAGER@de.ibm.com Received: from d12mta01.de.ibm.com (d12mta01_cs0 [9.165.222.237]) by d12relay01.de.ibm.com (8.8.8m3/NCO v4.92) with SMTP id OAA13894; Tue, 25 Jul 2000 14:35:19 +0200 Received: by d12mta01.de.ibm.com(Lotus SMTP MTA v4.6.5 (863.2 5-20-1999)) id C1256927.00452330 ; Tue, 25 Jul 2000 14:35:09 +0200 X-Lotus-FromDomain: IBMDE To: "f.johan.beisser" Cc: freebsd-net@FreeBSD.ORG Message-ID: Date: Tue, 25 Jul 2000 14:34:56 +0200 Subject: Re: true aliased interface? Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org For me this looks like Solaris.. I dont know if this is some System V related feature. In BSD you cant create this sub-interfaces you want. It is always the same hardware beneath. Ifconfig offers aliasing, if you want the adapter to listen on another Ip-adress in addition to the adress you gave it initially. "Alias" is some sort of misnomer, I think. You can put a lot of IP definitons on a Interface, but they are completely equal, there is no preference between them. You can give a interface a first adress, then a "alias", remove the first adress treating it as an alias and then you will have the same interface as if it would have been configured with this "alias" adress right at the beginning. --Orm > On Mon, 24 Jul 2000, f.johan.beisser wrote: > > > fxp0 flags=8843 mtu=1500 > > inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 > > fxp0.1 flags=8843 mtu=1500 > > inet 192.168.0.2 netmask 0xffffffff broadcast 192.168.0.255 > > etc... > > Hmm... like cisco subifs. What would this accomplish? The traffic is > still going over the same physical interface... so is the subif desire > for cosmetic purposes, or is there some performance aspect in mind? > > -mrh > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 25 8: 6:19 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail.cweg.goe.net (stoffel.cweg.stud.uni-goettingen.de [134.76.25.223]) by hub.freebsd.org (Postfix) with ESMTP id CB0BE37B5D6 for ; Tue, 25 Jul 2000 08:06:09 -0700 (PDT) (envelope-from sanders@maelstrom.anderson.de) Received: from z723.cweg.local ([172.27.7.23] ident=sanders) by mail.cweg.goe.net with esmtp (Exim 2.053 #1) id 13H6HQ-0002dL-00 for freebsd-net@freebsd.org; Tue, 25 Jul 2000 17:06:00 +0200 Date: Tue, 25 Jul 2000 17:05:53 +0200 (MEST) From: Sven Anderson Reply-To: Sven Anderson To: freebsd-net@freebsd.org Subject: no static NAT for router itself? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hi, I have a problem with my static NAT setup: isn't it possible, that connections originating from the router itself to the external ips are also corecctly nated to the internal ip's? First the setup-details: stoffel:~ # uname -r 2.2.8-RELEASE stoffel:~ # ifconfig -a ed1: flags=8843 mtu 1500 inet 134.76.25.223 netmask 0xffffff00 broadcast 134.76.25.255 inet 134.76.25.224 netmask 0xffffffff broadcast 134.76.25.224 inet 134.76.25.225 netmask 0xffffffff broadcast 134.76.25.225 ether 00:00:b4:98:58:12 de0: flags=8943 mtu 1500 inet 172.27.10.254 netmask 0xffff0000 broadcast 172.27.255.255 ether 00:80:c8:44:14:d7 media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 stoffel:~ # cat /etc/nat.conf unregistered_only yes #deny_incoming yes use_sockets yes same_ports yes #log yes redirect_address 172.27.7.23 134.76.25.224 redirect_address 172.27.14.38 134.76.25.225 stoffel:~ # ps ax | grep natd 143 ?? Rs 0:26.80 natd -f /etc/nat.conf -n ed1 stoffel:~ # ipfw list 00050 allow ip from any to 127.0.0.1 via lo0 00051 allow ip from any to 172.27.10.254 via lo0 00052 allow ip from any to 134.76.25.223 via lo0 00100 divert 8668 ip from any to any 00150 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65535 deny ip from any to any stoffel:~ # netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 134.76.25.254 UGSc 6 26210 ed1 127.0.0.1 127.0.0.1 UH 1 6 lo0 134.76.25/24 link#1 UC 0 0 134.76.25.224/32 link#1 UC 0 0 134.76.25.225/32 link#1 UC 0 0 134.76.25.254 0:80:3e:87:9a:e4 UHLW 5 0 ed1 1199 172.16/12 172.27.7.23 UGSc 0 0 de0 172.27 link#2 UC 0 0 [...] What works: Connections to the external IPs (134.76.25.224/225) work fine from the external and internal net and are nated correctly to the corresponding internal IPs (172.27.x.y), and the maquerading for all the other internal IPs to 134.76.25.223 also works great. What does not work: Packets originating from the router to one of the external aliased IPs, f.e. 134.76.25.224, are nated correctly to the internal IP 172.27.7.23, BUT the source address of the packet is not 134.76.25.223 (the router) as it should be but 134.76.25.224 (the NAT-alias)! If i look at the netmask of the alias-interface this is actually correct, because the netmask fits exactly 134.76.25.224, so that the source-address is set to the IP of the interface, which is the same IP. To prevent this, a netmask that matches never is needed. Well, so I assumed, that defining the external IPs as alias-interfaces is not the right way to do static NAT (btw.: why there is no HOWTO for this, is static NAT really used so seldom?). So I tried catching the external IPs with proxy-arp entries and setting a special route for the external IPs. I tried all routes I could imagine, but with noone the NAT worked for connections from out of the router to teh external IPs (as described above). If I set the route to lo0, the destination is nated correctly, but the source is set to 127.0.0.1, and if I set the route to de0 (the internal interface), the source-address is correct (172.27.10.254) but the destination isn't nated, which both of course don't work. I'm surprised that this behavior isn't mentioned anywhere (ML-Archieves, FAQs,...), because this should concern anybody who has a combined router/server which needs to connect the internal hosts by their external IP (because of DNS-entries for exapmle). Thanks for any hints! Sven - -- _mailto:sven@anderson.de _tel:+49-551-9969285 _tel:+49-179-4939223 _http://tuttle.home.pages.de _irc://IRCNet/tuttle,isnick "Macht verrueckt, was Euch verrueckt macht!" (Blumfeld) -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 iQCVAwUBOX2s1wc0fSHyIVytAQFU9QP+KGv93n3rCma/o3dN+pW0RfEYq9tlCbap E9WVy8dq1kosI8hqSZikaHUe+1tzuqz1etasOXh0g5bAdu5fdPD0QpDbLEBGNKaU cHpDoX7gTCNiYMJ1SJk7dR+sg9DcbvZ0mhJ6I0/jOsxOtltqMJn2dkkX8A7znfF/ lnZ1vlXm6CM= =xdjb -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 25 15:34:36 2000 Delivered-To: freebsd-net@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id E697137BDC8 for ; Tue, 25 Jul 2000 15:34:29 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id PAA14463 for freebsd-net@freebsd.org; Tue, 25 Jul 2000 15:34:27 -0700 (PDT) (envelope-from archie) Received: from alpo.whistle.com (alpo.whistle.com [207.76.206.1]) by bubba.whistle.com (8.9.3/8.9.3) with ESMTP id PAA14379 for ; Tue, 25 Jul 2000 15:31:01 -0700 (PDT) (envelope-from erik@whistle.com) Received: from whistle.com (erik.whistle.com [207.76.205.71]) by alpo.whistle.com (8.9.1a/8.9.1) with ESMTP id PAA36108; Tue, 25 Jul 2000 15:28:16 -0700 (PDT) Message-ID: <397E147E.7487B761@whistle.com> Date: Tue, 25 Jul 2000 15:28:14 -0700 From: Erik Salander X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.3-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: hackers@freebsd.org Cc: Brian Somers , Junichi Satoh , Ruslan Ermilov , archie@whistle.com Subject: Re: RealSystem module for libalias References: <200006160751.IAA01536@hak.lan.Awfulhak.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Here's the latest patch for the aliasing of the RTSP/RTP and PNA (an earlier proprietary protocol from Real.com (Progressive Networks)) protocols. This is the last call for comments, trying to commit this week. ftp://ftp.whistle.com/pub/erik/misc/libalias-rtsp-patch.3 FYI, this is the latest phase of some libalias changes we've been working on. Earlier changes were for FTP enhancements and PPTP aliasing. Those have been committed. Junichi and I worked on this latest change. Let us know of any questions or comments. Thanks. Erik Salander Brian Somers wrote: > > Brian, this is just to let you know that: > > > > 1) I am currently in process of applying *big* PPTP patch to libalias > > so I would really appreciate it if you do not touch libalias before > > I finish with PPTP part. > > Ok, no problem - I'm pretty busy at the moment anyway. > > > 2) Erik Salander is working together with Mr. Junichi > > on $Subject issue (see attached), so you will probably want to contact > > them directly, since I am not particularly interested in these changes. > > But I would appreciate if you send me the patch for review before you > > commit it. > > Absolutely - I planned to anyway. > > Cheers. > -- > Brian > > Don't _EVER_ lose your sense of humour ! > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 25 15:35:17 2000 Delivered-To: freebsd-net@freebsd.org Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (Postfix) with ESMTP id 09E6A37BB98; Tue, 25 Jul 2000 15:35:07 -0700 (PDT) (envelope-from erik@whistle.com) Received: from whistle.com (erik.whistle.com [207.76.205.71]) by alpo.whistle.com (8.9.1a/8.9.1) with ESMTP id PAA36235; Tue, 25 Jul 2000 15:31:18 -0700 (PDT) Message-ID: <397E1535.F9E6F7F1@whistle.com> Date: Tue, 25 Jul 2000 15:31:17 -0700 From: Erik Salander X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.3-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Cc: Junichi Satoh , archie@whistle.com, Ruslan Ermilov Subject: RealSystem module for libalias Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Here's the latest patch for the aliasing of the RTSP/RTP and PNA (an earlier proprietary protocol from Real.com (Progressive Networks)) protocols. This is the last call for comments, trying to commit this week. ftp://ftp.whistle.com/pub/erik/misc/libalias-rtsp-patch.3 FYI, this is the latest phase of some libalias changes we've been working on. Earlier changes were for FTP enhancements and PPTP aliasing. Those have been committed. Junichi and I worked on this latest change. Let us know of any questions or comments. Thanks. Erik Salander To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 25 22:31:37 2000 Delivered-To: freebsd-net@freebsd.org Received: from obie.softweyr.com (obie.softweyr.com [204.68.178.33]) by hub.freebsd.org (Postfix) with ESMTP id B324137BE4A; Tue, 25 Jul 2000 22:31:29 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.com (Foolstrustident!@homer.softweyr.com [204.68.178.39]) by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id XAA04440; Tue, 25 Jul 2000 23:31:27 -0600 (MDT) (envelope-from wes@softweyr.com) Message-ID: <397E78B1.BDE3A622@softweyr.com> Date: Tue, 25 Jul 2000 23:35:45 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.1-RC i386) X-Accept-Language: en MIME-Version: 1.0 To: Robert Watson Cc: "Roberto Nunnari, AGIE" , Nick Rogness , net@FreeBSD.ORG Subject: Re: gateway strange behaviour for telnet and ftp References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Robert Watson wrote: > > On Mon, 24 Jul 2000, Wes Peters wrote: > > > Because the server daemones for each of those do the reverse lookup, for > > logging and/or authentication purposes. Ping never gets out of the IP > > stack; one of the reasons it is preferred for testing connectivity is the > > minimal load it imposes on the target being pinged. > > This has gotten worse recently (well, relatively recently) with inclusion > of TCP wrappers in standard binaries, including inetd, et al. Introducing > DNS lookups is actually fairly irritating, especially given that most of > the checks there are somewhat bogus, as easily spoofed :-). I don't > believe our default wrapper rules should require DNS lookups; it would be > nice if they didn't do them. > > Would also be nice if we logged IPs as well as hostnames in wtmp all of > the time. It would be better to just log the IP address and make who et al smart enough to do the reverse lookup at display time. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 8:57:20 2000 Delivered-To: freebsd-net@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 032D037B80B for ; Wed, 26 Jul 2000 08:57:17 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id LAA77564; Wed, 26 Jul 2000 11:57:02 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Wed, 26 Jul 2000 11:57:02 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Wes Peters Cc: "Roberto Nunnari, AGIE" , Nick Rogness , net@FreeBSD.ORG Subject: Re: gateway strange behaviour for telnet and ftp In-Reply-To: <397E78B1.BDE3A622@softweyr.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 25 Jul 2000, Wes Peters wrote: > It would be better to just log the IP address and make who et al smart > enough to do the reverse lookup at display time. Sadly, I used to agree, but changed my mind on seeing the increasing usage of dynamic DNS. If people start using it a fair amount with dynamic IP allocation, it would be useful to have the hostname for accounting/debugging purposes. Not to be relied upon sans DNSsec, of course, but still useful. In any case, the IP address is something that should definitely be there, especially in light of the current logging of "invalid hostname" instead of any useful information if the DNS response is poor :-). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 10: 4:25 2000 Delivered-To: freebsd-net@freebsd.org Received: from falla.videotron.net (falla.videotron.net [205.151.222.106]) by hub.freebsd.org (Postfix) with ESMTP id 2D9BF37BEF7 for ; Wed, 26 Jul 2000 10:04:21 -0700 (PDT) (envelope-from bmilekic@dsuper.net) Received: from modemcable009.62-201-24.mtl.mc.videotron.net ([24.201.62.9]) by falla.videotron.net (Sun Internet Mail Server sims.3.5.1999.12.14.10.29.p8) with ESMTP id <0FYB00MXBDVMYM@falla.videotron.net> for net@freebsd.org; Wed, 26 Jul 2000 12:59:46 -0400 (EDT) Date: Wed, 26 Jul 2000 13:02:18 -0400 (EDT) From: Bosko Milekic Subject: Re: Mbuf stuff. In-reply-to: X-Sender: bmilekic@jehovah.technokratis.com To: David Malone Cc: Alfred Perlstein , net@freebsd.org Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > intial idea: > > > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=109252+0+archive/2000/freebsd-net > > > > > Summary of Bosko's refinements: > > > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=185726+0+archive/2000/freebsd-net > > Okay, the relevant code can now be found at: http://24.201.62.9/code/mbuf/newstuff/ I still have some modifications to do at a later time, including a cleanup of things and some changes as well, but the above should be ready to go in. However, I encourage you to test it first, perhaps because you may be able to do so more effectively than me (on heavier loaded machines). Regards, Bosko. P.S.: Alfred: thanks. -- Bosko Milekic * Voice/Mobile: 514.865.7738 * Pager: 514.921.0237 bmilekic@technokratis.com * http://www.technokratis.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 11:25:30 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id C949237BD52 for ; Wed, 26 Jul 2000 11:25:24 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id MAA85619; Wed, 26 Jul 2000 12:25:04 -0600 (MDT) Date: Wed, 26 Jul 2000 12:25:04 -0600 (MDT) From: Nick Rogness To: Sven Anderson Cc: freebsd-net@freebsd.org Subject: Re: no static NAT for router itself? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 25 Jul 2000, Sven Anderson wrote: > > I have a problem with my static NAT setup: > > isn't it possible, that connections originating from the router itself > to the external ips are also corecctly nated to the internal ip's? > > First the setup-details: > > stoffel:~ # ifconfig -a > ed1: flags=8843 mtu 1500 > inet 134.76.25.223 netmask 0xffffff00 broadcast 134.76.25.255 > inet 134.76.25.224 netmask 0xffffffff broadcast 134.76.25.224 > inet 134.76.25.225 netmask 0xffffffff broadcast 134.76.25.225 Why do you have these addresses bound to this card? Is your provider routing them to you? > de0: flags=8943 mtu 1500 > inet 172.27.10.254 netmask 0xffff0000 broadcast 172.27.255.255 > ether 00:80:c8:44:14:d7 > media: autoselect (100baseTX ) status: active > supported media: autoselect 100baseTX 100baseTX > 10baseT/UTP 10baseT/UTP > lo0: flags=8049 mtu 16384 > inet 127.0.0.1 netmask 0xff000000 > > What does not work: > > Packets originating from the router to one of the external aliased IPs, > f.e. 134.76.25.224, are nated correctly to the internal IP 172.27.7.23, > BUT the source address of the packet is not 134.76.25.223 (the router) as > it should be but 134.76.25.224 (the NAT-alias)! If i look at the netmask > of the alias-interface this is actually correct, because the netmask fits > exactly 134.76.25.224, so that the source-address is set to the IP of > the interface, which is the same IP. To prevent this, a netmask that > matches never is needed. Have you tried the -alias_address option instead of -n ? > > Well, so I assumed, that defining the external IPs as alias-interfaces is > not the right way to do static NAT (btw.: why there is no HOWTO for this, > is static NAT really used so seldom?). So I tried catching the external No, I use it all of the time as (I assume) many people do. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 12:59:16 2000 Delivered-To: freebsd-net@freebsd.org Received: from mx1.thewrittenword.com (pipe.thewrittenword.com [216.80.59.125]) by hub.freebsd.org (Postfix) with SMTP id 2B52C37B7E5 for ; Wed, 26 Jul 2000 12:58:29 -0700 (PDT) (envelope-from freebsd-net@thewrittenword.com) From: freebsd-net@thewrittenword.com Date: Wed, 26 Jul 2000 01:36:52 -0500 To: freebsd-net@freebsd.org Subject: Routing help Message-Id: <20000726195829.2B52C37B7E5@hub.freebsd.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a FreeBSD/x86 3.4 box configured with two NICs, both connected to separate networks. I have one default route. How would I do the following: 1. Respond to all packets coming from NIC #1 through NIC #1 and respond to all packages coming from NIC #2 through NIC #2. Because I have a default route, all packages return through only one NIC. 2. If NIC #1 goes down and the default route is set to NIC #1, no packets can go through on NIC #2 (only for that subnet). Is it possible to add a second default route so when the network on NIC #1 goes down packets are sent through NIC #2 (this disturbs connections already on NIC #1 but that's OK). -- albert chin (china@thewrittenword.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 13:15:14 2000 Delivered-To: freebsd-net@freebsd.org Received: from mx1.thewrittenword.com (pipe.thewrittenword.com [216.80.59.125]) by hub.freebsd.org (Postfix) with ESMTP id CDF1337BE1D for ; Wed, 26 Jul 2000 13:15:09 -0700 (PDT) (envelope-from freebsd-net@thewrittenword.com) Received: (from root@localhost) by postal.thewrittenword.com (8.9.3/8.9.3) id IAA23294 for freebsd-net@freebsd.org; Wed, 26 Jul 2000 08:02:12 -0500 (CDT) From: freebsd-net@thewrittenword.com Date: Wed, 26 Jul 2000 01:36:52 -0500 To: freebsd-net@freebsd.org Subject: Routing help Message-ID: <20000726013652.B8690@postal.thewrittenword.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.1.12i Status: RO Lines: 16 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a FreeBSD/x86 3.4 box configured with two NICs, both connected to separate networks. I have one default route. How would I do the following: 1. Respond to all packets coming from NIC #1 through NIC #1 and respond to all packages coming from NIC #2 through NIC #2. Because I have a default route, all packages return through only one NIC. 2. If NIC #1 goes down and the default route is set to NIC #1, no packets can go through on NIC #2 (only for that subnet). Is it possible to add a second default route so when the network on NIC #1 goes down packets are sent through NIC #2 (this disturbs connections already on NIC #1 but that's OK). -- albert chin (china@thewrittenword.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 13:15:16 2000 Delivered-To: freebsd-net@freebsd.org Received: from mx1.thewrittenword.com (pipe.thewrittenword.com [216.80.59.125]) by hub.freebsd.org (Postfix) with ESMTP id 6070437BE80 for ; Wed, 26 Jul 2000 13:15:11 -0700 (PDT) (envelope-from china@thewrittenword.com) Received: (from china@localhost) by postal.thewrittenword.com (8.9.3/8.9.3) id BAA01998 for freebsd-net@freebsd.org; Wed, 26 Jul 2000 01:36:53 -0500 (CDT) From: Albert Chin-A-Young Date: Wed, 26 Jul 2000 01:36:53 -0500 To: freebsd-net@freebsd.org Subject: Routing help Message-ID: <20000726013652.B8690@postal.thewrittenword.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.1.12i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a FreeBSD/x86 3.4 box configured with two NICs, both connected to separate networks. I have one default route. How would I do the following: 1. Respond to all packets coming from NIC #1 through NIC #1 and respond to all packages coming from NIC #2 through NIC #2. Because I have a default route, all packages return through only one NIC. 2. If NIC #1 goes down and the default route is set to NIC #1, no packets can go through on NIC #2 (only for that subnet). Is it possible to add a second default route so when the network on NIC #1 goes down packets are sent through NIC #2 (this disturbs connections already on NIC #1 but that's OK). -- albert chin (china@thewrittenword.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 13:23:31 2000 Delivered-To: freebsd-net@freebsd.org Received: from mario.zyan.com (mario.zyan.com [209.250.96.140]) by hub.freebsd.org (Postfix) with ESMTP id 6CAFA37BE1D for ; Wed, 26 Jul 2000 13:23:27 -0700 (PDT) (envelope-from orville@weyrich.com) Received: from dopey.weyrich.com (node-64-249-12-250.dslspeed.zyan.com [64.249.12.250]) by mario.zyan.com (8.9.3/8.9.3) with ESMTP id NAA79031 for ; Wed, 26 Jul 2000 13:23:25 -0700 (PDT) (envelope-from orville@weyrich.com) Received: from localhost (orville@localhost) by dopey.weyrich.com (8.9.3/8.6.9) with ESMTP id NAA07820 for ; Wed, 26 Jul 2000 13:39:46 -0700 Date: Wed, 26 Jul 2000 13:39:46 -0700 (MST) From: "Orville R. Weyrich.Jr" Cc: freebsd-net@FreeBSD.ORG Subject: Routing problem In-Reply-To: <20000726195829.2B52C37B7E5@hub.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a general Internet problem that doesn't directly involve BSD, but hopefully I can get some answer. My local machine (smtp.ameriroots.com) cannot route to another specific machine on the Internet (gopws.com). However, if I telnet to a third machine on the Internet (smtp.ameriroots.com to goodnet.com) I can then telnet to the desired destination (goodnet.com to gopws.com). This work-around does not help trying to access web pages from smtp.ameriroots.com to gopws.com. I ran traceroute and see where the routing apparently ends, and it is not a system I control. I have tried to get the attention of the system operators and have gotten no response. What mechanism is available for me to resolve this problem? The traceroute output is shown below. 1 node-64-249-12-249.dslspeed.zyan.com (64.249.12.249) 39.868 ms 30.88 ms 33.194 ms 2 c7200.la.zyan.com (209.250.96.129) 26.01 ms 25.776 ms 26.514 ms 3 ga035.rt1.lan.netrail.net (209.44.96.45) 28.756 ms 29.665 ms 28.788 ms 4 ga030.rt1.PaloAlto.CA.us.netrail.net (205.215.63.89) 37.271 ms 36.918 ms 36.04 ms 5 at-0-2-0.1.rt2.PaloAlto.CA.us.netrail.net (205.215.12.2) 37.33 ms 37.993 ms 37.252 ms 6 core3-atm3-0.SanFrancisco.cw.net (198.32.128.12) 42.811 ms 43.669 ms 39.474 ms 7 bordercore1.SanFrancisco.cw.net (166.48.12.1) 42.279 ms 40.242 ms 40.033 ms 8 frontier-communications.SanFrancisco.cw.net (166.48.13.242) 44.569 ms 44.151 ms 44.546 ms 9 pos4-1-155M.cr2.SNV.gblx.net (206.132.150.233) 44.555 ms 49.344 ms 50.693 ms 10 so3-0-0-2488M.wr2.SNV2.gblx.net (208.50.169.85) 45.79 ms 56.622 ms 57.461 ms 11 pos10-0-2488M.wr2.SFO1.gblx.net (208.50.169.114) 51.393 ms 57.713 ms 44.545 ms 12 pos2-0-2488M.wr1.LAX1.gblx.net (206.132.110.86) 58.527 ms 78.561 ms 87.254 ms 13 pos2-0-622M.cr1.PHX1.gblx.net (206.132.112.90) 72.062 ms 61.161 ms 64.208 ms 14 pos10-1-0-cr1.PHX.gblx.net (206.132.117.82) 65.354 ms 64.683 ms 69.437 ms 15 * * * 16 * * * 17 * * * 18 * ------------------------------------------------------------------- Orville R. Weyrich, Jr. Weyrich Computer Consulting mailto:orville@weyrich.com KD7HJV http://www.weyrich.com ------------------------------------------------------------------- Visit our online collection of book reviews: http://www.weyrich.com/book_reviews/ Ask about our world wide web services! ------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 13:43:48 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id E63D837B5D3 for ; Wed, 26 Jul 2000 13:43:43 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id OAA71163; Wed, 26 Jul 2000 14:43:30 -0600 (MDT) Date: Wed, 26 Jul 2000 14:43:30 -0600 (MDT) From: Nick Rogness To: Albert Chin-A-Young Cc: freebsd-net@freebsd.org Subject: Re: Routing help In-Reply-To: <20000726013652.B8690@postal.thewrittenword.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > I have a FreeBSD/x86 3.4 box configured with two NICs, both connected > to separate networks. I have one default route. How would I do the > following: > 1. Respond to all packets coming from NIC #1 through NIC #1 and > respond to all packages coming from NIC #2 through NIC #2. > Because I have a default route, all packages return through > only one NIC. Return from where? Are the hosts on the networks connected pointed at the FreeBSD as the default gateway? I'm not quite clear on what you mean but I would recommend some type of Interior routing protocol, like RIP or OSPF to handle your routing needs. Static routes can be a pain to manage after a while. > 2. If NIC #1 goes down and the default route is set to NIC #1, > no packets can go through on NIC #2 (only for that subnet). > Is it possible to add a second default route so when the > network on NIC #1 goes down packets are sent through > NIC #2 (this disturbs connections already on NIC #1 but > that's OK). > This discussion has come up before. You can't (yet) add the same route to a netblock that is already in the routing table. However, here is a possible solution for 2 default gateways (1 as primary and 1 as a backup): route add -net 0.0.0.0 -netmask 128.0.0.0 XXX.XXX.XXX.XXX route add -net 128.0.0.0 -netmask 128.0.0.0 XXX.XXX.XXX.XXX route add -net 0.0.0.0 -netmask 0.0.0.0 BBB.BBB.BBB.BBB Where XXX.XXX.XXX.XXX is your main gateway (primary) and BBB.BBB.BBB.BBB is your backup gateway IP. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 13:43:56 2000 Delivered-To: freebsd-net@freebsd.org Received: from hotmail.com (f97.law7.hotmail.com [216.33.237.97]) by hub.freebsd.org (Postfix) with SMTP id 268D637B5D3 for ; Wed, 26 Jul 2000 13:43:50 -0700 (PDT) (envelope-from johnnyteardrop@hotmail.com) Received: (qmail 79439 invoked by uid 0); 26 Jul 2000 20:43:49 -0000 Message-ID: <20000726204349.79438.qmail@hotmail.com> Received: from 209.249.186.215 by www.hotmail.com with HTTP; Wed, 26 Jul 2000 13:43:49 PDT X-Originating-IP: [209.249.186.215] From: "Greg Thompson" To: freebsd-net@freebsd.org Subject: socket() and ENOBUFS Date: Wed, 26 Jul 2000 16:43:49 EDT Mime-Version: 1.0 Content-Type: text/plain; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org net hackers, i have a multithreaded app in which each thread repeatedly opens a socket, sends some data, receives some data, then closes the socket. as such, the total number of open sockets is bounded by the number of threads. i'm finding that over time, i start getting ENOBUFS from my calls to socket(). if, in response to this, i make the code pause for somewhere between 10 and 60 seconds (i don't have an exact number), it can start opening sockets again. my questions are: what exactly is going on here? systat -mbufs shows the free pool drop down to the ~200 range. after killing the process, it seems to take some time for mbufs in use to be freed. is there a resource limit than can be raised on my system to postpone the blockage? i'm fairly new to freebsd. i've tried grepping through /usr/src/sys a bit to find the code that gets hit when a socket is created, but i've had no luck. i see the entry for the syscall in syscalls.master, but i don't see the code that gets hit when the syscall is invoked. how do i visually follow a syscall? thanks. -- -greg ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 14: 4:59 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id 667B737BF08 for ; Wed, 26 Jul 2000 14:04:52 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id PAA82916; Wed, 26 Jul 2000 15:04:46 -0600 (MDT) Date: Wed, 26 Jul 2000 15:04:46 -0600 (MDT) From: Nick Rogness To: "Orville R. Weyrich.Jr" Cc: freebsd-net@FreeBSD.ORG Subject: Re: Routing problem In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 26 Jul 2000, Orville R. Weyrich.Jr wrote: > This is a general Internet problem that doesn't directly involve BSD, but > hopefully I can get some answer. My local machine (smtp.ameriroots.com) > cannot route to another specific machine on the Internet > (gopws.com). However, if I telnet to a third machine on the > Internet (smtp.ameriroots.com to goodnet.com) I can then telnet to the > desired destination (goodnet.com to gopws.com). This work-around > does not help trying to access web pages from > smtp.ameriroots.com to gopws.com. I'm assuming you can get to other sites from your machine. How about hitting other machines within the same (/24 or bigger) network that is unreachable from your machine? There could be several things that could be wrong: - It could be a routing problem on the network that the gopws.com machine sits on. -- Talk with them on the phone. Have them see if they traceroute to your host, etc,etc. - This could be a BGP problem with your upstream(s) or your upstream's BGP peering points. -- Call your upstreams and explain what is happening. - It could be a problem with your network. --Make sure you can reach other sites and traceroute to see what network they reside on. Make sure Tunneling/NAT, etc are configured right. It is probably something typed in Wrong in your upstream's BGP config. Good Luck. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 14: 7:12 2000 Delivered-To: freebsd-net@freebsd.org Received: from mx1.thewrittenword.com (pipe.thewrittenword.com [216.80.59.125]) by hub.freebsd.org (Postfix) with ESMTP id 3019237BEB6 for ; Wed, 26 Jul 2000 14:07:05 -0700 (PDT) (envelope-from china@thewrittenword.com) Received: (from china@localhost) by mx1.thewrittenword.com (8.9.3/8.9.3) id QAA29906; Wed, 26 Jul 2000 16:06:30 -0500 (CDT) From: Albert Chin-A-Young Date: Wed, 26 Jul 2000 16:06:30 -0500 To: Nick Rogness Cc: freebsd-net@freebsd.org Subject: Re: Routing help Message-ID: <20000726160630.A6599@postal.thewrittenword.com> References: <20000726013652.B8690@postal.thewrittenword.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.1.12i In-Reply-To: ; from nick@rapidnet.com on Wed, Jul 26, 2000 at 02:43:30PM -0600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Jul 26, 2000 at 02:43:30PM -0600, Nick Rogness wrote: > On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > > I have a FreeBSD/x86 3.4 box configured with two NICs, both connected > > to separate networks. I have one default route. How would I do the > > following: > > 1. Respond to all packets coming from NIC #1 through NIC #1 and > > respond to all packages coming from NIC #2 through NIC #2. > > Because I have a default route, all packages return through > > only one NIC. > > Return from where? Are the hosts on the networks connected > pointed at the FreeBSD as the default gateway? > > I'm not quite clear on what you mean but I would recommend some > type of Interior routing protocol, like RIP or OSPF to handle > your routing needs. Static routes can be a pain to manage after a > while. Say the FreeBSD box is a web server and gets a connection from host foo on the 'net. This connection comes in over NIC #1. When the BSD box wishes to communicate back with this host, I want the traffic to go back through NIC #1, regardless of what the default route says. > > 2. If NIC #1 goes down and the default route is set to NIC #1, > > no packets can go through on NIC #2 (only for that subnet). > > Is it possible to add a second default route so when the > > network on NIC #1 goes down packets are sent through > > NIC #2 (this disturbs connections already on NIC #1 but > > that's OK). > > > > This discussion has come up before. You can't > (yet) add the same route to a netblock that is already in the > routing table. Yet as it's being worked on? Thanks. -- albert chin (china@thewrittenword.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 15: 8:13 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id B936D37BFFA for ; Wed, 26 Jul 2000 15:08:02 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id QAA18118; Wed, 26 Jul 2000 16:07:58 -0600 (MDT) Date: Wed, 26 Jul 2000 16:07:58 -0600 (MDT) From: Nick Rogness To: Albert Chin-A-Young Cc: freebsd-net@freebsd.org Subject: Re: Routing help In-Reply-To: <20000726160630.A6599@postal.thewrittenword.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > On Wed, Jul 26, 2000 at 02:43:30PM -0600, Nick Rogness wrote: > > On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > > > I have a FreeBSD/x86 3.4 box configured with two NICs, both connected > > > to separate networks. I have one default route. How would I do the > > > following: > > > 1. Respond to all packets coming from NIC #1 through NIC #1 and > > > respond to all packages coming from NIC #2 through NIC #2. > > > Because I have a default route, all packages return through > > > only one NIC. > > > > Return from where? Are the hosts on the networks connected > > pointed at the FreeBSD as the default gateway? > > > > I'm not quite clear on what you mean but I would recommend some > > type of Interior routing protocol, like RIP or OSPF to handle > > your routing needs. Static routes can be a pain to manage after a > > while. > > Say the FreeBSD box is a web server and gets a connection from host > foo on the 'net. This connection comes in over NIC #1. When the > BSD box wishes to communicate back with this host, I want the traffic > to go back through NIC #1, regardless of what the default route says. You need to run a routing protocol then ;-) depending on how your network is designed and how your host connects to the network, you can tweek this quite a bit. Still, this would be very tricky to implement in certain situations and would never be exact. Here's a question for ya, Are all networks (routeable) reachable through both ethernet cards? What are you trying to accomplish? > Yet as it's being worked on? I don't know. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 15:16:40 2000 Delivered-To: freebsd-net@freebsd.org Received: from mx1.thewrittenword.com (pipe.thewrittenword.com [216.80.59.125]) by hub.freebsd.org (Postfix) with ESMTP id C3E0137BF7A for ; Wed, 26 Jul 2000 15:16:28 -0700 (PDT) (envelope-from china@thewrittenword.com) Received: (from china@localhost) by mx1.thewrittenword.com (8.9.3/8.9.3) id RAA24093; Wed, 26 Jul 2000 17:15:48 -0500 (CDT) From: Albert Chin-A-Young Date: Wed, 26 Jul 2000 17:15:47 -0500 To: Nick Rogness Cc: freebsd-net@freebsd.org Subject: Re: Routing help Message-ID: <20000726171547.A10709@postal.thewrittenword.com> References: <20000726160630.A6599@postal.thewrittenword.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.1.12i In-Reply-To: ; from nick@rapidnet.com on Wed, Jul 26, 2000 at 04:07:58PM -0600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Jul 26, 2000 at 04:07:58PM -0600, Nick Rogness wrote: > On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > > > On Wed, Jul 26, 2000 at 02:43:30PM -0600, Nick Rogness wrote: > > > On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > > > > I have a FreeBSD/x86 3.4 box configured with two NICs, both connected > > > > to separate networks. I have one default route. How would I do the > > > > following: > > > > 1. Respond to all packets coming from NIC #1 through NIC #1 and > > > > respond to all packages coming from NIC #2 through NIC #2. > > > > Because I have a default route, all packages return through > > > > only one NIC. > > > > > > Return from where? Are the hosts on the networks connected > > > pointed at the FreeBSD as the default gateway? > > > > > > I'm not quite clear on what you mean but I would recommend some > > > type of Interior routing protocol, like RIP or OSPF to handle > > > your routing needs. Static routes can be a pain to manage after a > > > while. > > > > Say the FreeBSD box is a web server and gets a connection from host > > foo on the 'net. This connection comes in over NIC #1. When the > > BSD box wishes to communicate back with this host, I want the traffic > > to go back through NIC #1, regardless of what the default route says. > > You need to run a routing protocol then ;-) depending on how your > network is designed and how your host connects to the > network, you can tweek this quite a bit. Still, this would be > very tricky to implement in certain situations and would never be > exact. > > Here's a question for ya, Are all networks (routeable) reachable > through both ethernet cards? Yes. > What are you trying to accomplish? We have two different ISPs providing our internet connection, with the web and ftp server multihomed (second NIC not alive yet). I want to survive the case where one ISP goes dead. -- albert chin (china@thewrittenword.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 16:14: 5 2000 Delivered-To: freebsd-net@freebsd.org Received: from web5505.mail.yahoo.com (web5505.mail.yahoo.com [216.115.106.188]) by hub.freebsd.org (Postfix) with SMTP id 5009137BFAA for ; Wed, 26 Jul 2000 16:14:02 -0700 (PDT) (envelope-from chustevens@yahoo.com) Message-ID: <20000726231356.27638.qmail@web5505.mail.yahoo.com> Received: from [207.135.89.235] by web5505.mail.yahoo.com; Wed, 26 Jul 2000 16:13:56 PDT Date: Wed, 26 Jul 2000 16:13:56 -0700 (PDT) From: Chuck Stevens Subject: [Q]: ifconfig down and route question To: freebsd-net@FreeBSD.ORG MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org If I ifconfig an interface down like: "ifconfig ne0 down", the interface route still exists in the routing table on my FreeBSD box. (Confirmed by 'netstat' command) Shouldn't the interface route be deleted and added again only when it comes up? If I were to run a routing protocol, would it announce this interface route even though the interface itself was down? Thanks CS __________________________________________________ Do You Yahoo!? Get Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 16:35:51 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail.cweg.goe.net (stoffel.cweg.stud.uni-goettingen.de [134.76.25.223]) by hub.freebsd.org (Postfix) with ESMTP id C243437B78F for ; Wed, 26 Jul 2000 16:35:47 -0700 (PDT) (envelope-from sanders@maelstrom.anderson.de) Received: from maelstrom.cweg.stud.uni-goettingen.de ([134.76.25.224] helo=maelstrom.anderson.de ident=sanders) by mail.cweg.goe.net with esmtp (Exim 2.053 #1) id 13HaiD-0004gL-00; Thu, 27 Jul 2000 01:35:41 +0200 Date: Thu, 27 Jul 2000 01:35:32 +0200 (MEST) From: Sven Anderson Reply-To: Sven Anderson To: Nick Rogness , freebsd-net@freebsd.org Subject: Re: no static NAT for router itself? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- On Wed, 26 Jul 2000, Nick Rogness wrote: > > stoffel:~ # ifconfig -a > > ed1: flags=8843 mtu 1500 > > inet 134.76.25.223 netmask 0xffffff00 broadcast 134.76.25.255 > > inet 134.76.25.224 netmask 0xffffffff broadcast 134.76.25.224 > > inet 134.76.25.225 netmask 0xffffffff broadcast 134.76.25.225 > > > Why do you have these addresses bound to this card? Is > your provider routing them to you? There's no provider, it's a subnet of the university-network. Our three IPs aren't directly routed to us, so i have to "catch it" by Proxy-ARP. > > What does not work: > > > > Packets originating from the router to one of the external aliased IPs, > > f.e. 134.76.25.224, are nated correctly to the internal IP 172.27.7.23, > > BUT the source address of the packet is not 134.76.25.223 (the router) as > > it should be but 134.76.25.224 (the NAT-alias)! If i look at the netmask > > of the alias-interface this is actually correct, because the netmask fits > > exactly 134.76.25.224, so that the source-address is set to the IP of > > the interface, which is the same IP. To prevent this, a netmask that > > matches never is needed. > > Have you tried the -alias_address option instead of -n ? The alias_address is for the masquerading (many host share one real IP), which works fine. The problem appears only with the static 1:1 NAT IPs. > > Well, so I assumed, that defining the external IPs as alias-interfaces is > > not the right way to do static NAT (btw.: why there is no HOWTO for this, > > is static NAT really used so seldom?). So I tried catching the external > > No, I use it all of the time as (I assume) many people do. So please tell me, can you connect _from_ the NATing host to an _internal_ host by it's _public_ IP? And if yes, what is you exact setup? Thanks, Sven - -- _mailto:sven@anderson.de _tel:+49-551-9969285 _tel:+49-179-4939223 _http://tuttle.home.pages.de _irc://IRCNet/tuttle,isnick "Macht verrueckt, was Euch verrueckt macht!" (Blumfeld) -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 iQCVAwUBOX91zAc0fSHyIVytAQFjjAQAmLldYC1uno4ZHiUvOuftSSgHmPG2fYWD 8WyQShwxZLO2uHR8EXz+xV1gzodmVvaeg2yFngS0BEVavVrCjrSXc6bxD8MBxxgo KgDEds3zo64YmwsmELV6dt35SYHwO3yMAfC/5KEzRddW8CpCQZ5++U2bwCmZOpPw FSR8frgdChs= =xgX8 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 26 17:55: 7 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id 8C19D37BC5A for ; Wed, 26 Jul 2000 17:55:02 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id SAA85994; Wed, 26 Jul 2000 18:54:55 -0600 (MDT) Date: Wed, 26 Jul 2000 18:54:54 -0600 (MDT) From: Nick Rogness To: Albert Chin-A-Young Cc: freebsd-net@freebsd.org Subject: Re: Routing help In-Reply-To: <20000726171547.A10709@postal.thewrittenword.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > > Here's a question for ya, Are all networks (routeable) reachable > > through both ethernet cards? > > Yes. > > > What are you trying to accomplish? > > We have two different ISPs providing our internet connection, with the > web and ftp server multihomed (second NIC not alive yet). I want to > survive the case where one ISP goes dead. > Talk to your ISPs about running BGP or some other routing technique to advertise both netblocks to both providers. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 0:20:13 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail2.netcologne.de (mail2.netcologne.de [194.8.194.103]) by hub.freebsd.org (Postfix) with ESMTP id 45EAA37C088 for ; Thu, 27 Jul 2000 00:20:09 -0700 (PDT) (envelope-from pherman@frenchfries.net) Received: from bagabeedaboo.security.at12.de (dial-195-14-251-125.netcologne.de [195.14.251.125]) by mail2.netcologne.de (8.9.3/8.9.3) with ESMTP id JAA02971; Thu, 27 Jul 2000 09:20:02 +0200 (MET DST) Received: from localhost (localhost.security.at12.de [127.0.0.1]) by bagabeedaboo.security.at12.de (8.10.2/8.10.2) with ESMTP id e6R7JU000614; Thu, 27 Jul 2000 09:19:30 +0200 (CEST) Date: Thu, 27 Jul 2000 09:19:30 +0200 (CEST) From: Paul Herman To: Nick Rogness Cc: Albert Chin-A-Young , freebsd-net@FreeBSD.ORG Subject: Re: Routing help In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 26 Jul 2000, Nick Rogness wrote: > On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > > > > Here's a question for ya, Are all networks (routeable) reachable > > > through both ethernet cards? > > > > Yes. > > > > > What are you trying to accomplish? > > > > We have two different ISPs providing our internet connection, with the > > web and ftp server multihomed (second NIC not alive yet). I want to > > survive the case where one ISP goes dead. > > > > Talk to your ISPs about running BGP or some other routing > technique to advertise both netblocks to both providers. Is this a viable solution nowadays? I mean, anything smaller than /19 won't get propagated to the rest of the world anyway. Also, I've never had any luck convincing two providers to somehow work together to solve a "small problem" like BGPing a small /24 block of addresses with their so called "competition" (at least here in Europe, anyway.) Perhaps, it's different in the US? Of course, if Albert is indeed talking about a /19 block, then this isn't an issue, his ISPs probably wouldn't want to lose him, and you can forget what I just said :) -Paul. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 1:58:51 2000 Delivered-To: freebsd-net@freebsd.org Received: from devnull.xpert.com (xpert.com [199.203.132.1]) by hub.freebsd.org (Postfix) with ESMTP id 46D3A37BACC for ; Thu, 27 Jul 2000 01:58:46 -0700 (PDT) (envelope-from Yonatan@xpert.com) Received: from exchange.xpert.com ([199.203.132.115]) by devnull.xpert.com with esmtp (Exim 3.01 #1) id 13HjUg-0002rF-00 for net@freebsd.org; Thu, 27 Jul 2000 11:58:18 +0300 Received: by exchange.xpert.com with Internet Mail Service (5.5.2650.21) id ; Thu, 27 Jul 2000 12:00:41 +0300 Message-ID: <00BF97DD9F3FD311AB860060084E50DD311BBA@exchange.xpert.com> From: Yonatan Bokovza To: "'net@freebsd.org'" Subject: NAT and UDP Sessions Date: Thu, 27 Jul 2000 12:00:40 +0300 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="windows-1255" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi all, I have problem with UDP packets that goes bidirectionally via NAT. NAT is implemented by many machines and softwares, and a common problem is to define what exactly IS a "UDP Session". UDP is sessionless, meaning there is no "first packet" or "last packet" or any kind of (standard) netgotiation). The model i'm referring to is client behind NAT talking to a known server in UDP. Now, i think CheckPoint's FireWall-1 NAT uses "Statefull Inspection" to allow the server's packets to get back to the client if the client send the first packet. FW-1 will allow returning (server to client) packets up to a default of 30 seconds since the client-to-server packet was sent. From Cisco's site i gathered that the default for IOS NAT (thus probably for Cisco's PIX FireWall) is 300 Seconds (5Min) since the last packet. Anyone has similar information regarding other NAT implementation? Regards, Yonatan. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 6:45:16 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id E67F337B8FC for ; Thu, 27 Jul 2000 06:45:11 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id HAA91573; Thu, 27 Jul 2000 07:45:03 -0600 (MDT) Date: Thu, 27 Jul 2000 07:45:03 -0600 (MDT) From: Nick Rogness To: Paul Herman Cc: Albert Chin-A-Young , freebsd-net@FreeBSD.ORG Subject: Re: Routing help In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 27 Jul 2000, Paul Herman wrote: > > > > Talk to your ISPs about running BGP or some other routing > > technique to advertise both netblocks to both providers. > > Is this a viable solution nowadays? I mean, anything smaller than /19 > won't get propagated to the rest of the world anyway. Also, I've never > had any luck convincing two providers to somehow work together to > solve a "small problem" like BGPing a small /24 block of addresses > with their so called "competition" (at least here in Europe, anyway.) > > Perhaps, it's different in the US? > NO, it is not too different. It is hard to work with the upstream provider to announce anything smaller than a /24. However, some of them do run other Routing protocols that you could accomplish the same thing (In some cases) and they are usually easier to work with on that level. Or maybe he's multi-homed within the same provider... Either way, it's a pain in the butt to work with these people. Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 7:52: 9 2000 Delivered-To: freebsd-net@freebsd.org Received: from amazhan.bitstream.net (amazhan.bitstream.net [216.243.128.132]) by hub.freebsd.org (Postfix) with SMTP id BADE837BA63 for ; Thu, 27 Jul 2000 07:51:50 -0700 (PDT) (envelope-from airboss@bitstream.net) Received: (qmail 93508 invoked by uid 79); 27 Jul 2000 14:51:44 -0000 Received: from copper.air-boss.net (HELO copper) (216.243.168.19) by mail.bitstream.net with SMTP; 27 Jul 2000 14:51:44 -0000 Date: Thu, 27 Jul 2000 07:50:42 -0700 From: Dan Debertin X-Sender: airboss@copper.air-boss.net To: Nick Rogness Cc: Paul Herman , Albert Chin-A-Young , freebsd-net@FreeBSD.ORG Subject: Re: Routing help In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 27 Jul 2000, Nick Rogness wrote: > > NO, it is not too different. It is hard to work with the upstream > provider to announce anything smaller than a /24. However, some > of them do run other Routing protocols that you could > accomplish the same thing (In some cases) and they are > usually easier to work with on that level. Or maybe he's > multi-homed within the same provider... > > Either way, it's a pain in the butt to work with these people. Hey now. Keep in mind the responsibilities of your upstreams. They have around 80K BGP routes to manage; the feasibility of announcing and propagating something smaller than a /24 is laughable, when the majority of your routes are /19 and the like. Even if they did agree to run BGP out to you for your /28 (or whatever), somehow getting other providers to accept the announcement (most of whom will neither accept nor announce anything smaller than a /24) would be impossible, and undesirable, even if it were possible. The best way to do what he wants is to have a large-ish (larger than /24, anyway) netblock that is portable, i.e. obtained from ARIN or other registry, not leased from one of the upstreams, and run BGP to both, advertising a lower MED to the preferred (primary) ISP, and a higher one to the backup. Such a setup would also require an AS number. With a smaller netblock, he could run another routing protocol such as OSPF. You might run into problems if your address space isn't portable, though. It would make it technically more difficult, as well as administratively, as I doubt that ISP A will really want you advertising its prefixes to ISP B. I am making a leap in logic here, though, so correct me if this is inaccurate. ~Dan D. ++ Dan Debertin ++ Senior Systems Administrator ++ Bitstream Underground ++ airboss@bitstream.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 11:17:42 2000 Delivered-To: freebsd-net@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id C85F737BB6B for ; Thu, 27 Jul 2000 11:17:34 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id MAA24513; Thu, 27 Jul 2000 12:17:11 -0600 (MDT) Date: Thu, 27 Jul 2000 12:17:11 -0600 (MDT) From: Nick Rogness To: Dan Debertin Cc: Paul Herman , Albert Chin-A-Young , freebsd-net@FreeBSD.ORG Subject: Re: Routing help In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 27 Jul 2000, Dan Debertin wrote: > On Thu, 27 Jul 2000, Nick Rogness wrote: > > > > NO, it is not too different. It is hard to work with the upstream > > provider to announce anything smaller than a /24. However, some > > of them do run other Routing protocols that you could > > accomplish the same thing (In some cases) and they are > > usually easier to work with on that level. Or maybe he's > > multi-homed within the same provider... > > > > Either way, it's a pain in the butt to work with these people. > > Hey now. Keep in mind the responsibilities of your upstreams. They have > around 80K BGP routes to manage; the feasibility of announcing and > propagating something smaller than a /24 is laughable, when the majority > of your routes are /19 and the like. Even if they did agree to run BGP out > to you for your /28 (or whatever), somehow getting other providers to > accept the announcement (most of whom will neither accept nor announce > anything smaller than a /24) would be impossible, and undesirable, even if > it were possible. I know I work for one ;-) And I was talking more of a multi-homed situation within the same upstream and running some sort of IRP. You are correct though, announcements of anything smaller than a /24 just is not doable in todays Backbones. > > The best way to do what he wants is to have a large-ish (larger than /24, > anyway) netblock that is portable, i.e. obtained from ARIN or other > registry, not leased from one of the upstreams, and run BGP to both, > advertising a lower MED to the preferred (primary) ISP, and a higher one > to the backup. Such a setup would also require an AS number. > ARIN will not give anything smaller than a /19... > With a smaller netblock, he could run another routing protocol such as > OSPF. You might run into problems if your address space isn't portable, > though. It would make it technically more difficult, as well as > administratively, as I doubt that ISP A will really want you advertising > its prefixes to ISP B. I am making a leap in logic here, though, so > correct me if this is inaccurate. > You are correct. This is practically undoable. Unless ISP-A and ISP-B are the same ISP... I think we have beat this dog to death... Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 11:27:32 2000 Delivered-To: freebsd-net@freebsd.org Received: from mx1.thewrittenword.com (pipe.thewrittenword.com [216.80.59.125]) by hub.freebsd.org (Postfix) with ESMTP id 3AB3E37B798 for ; Thu, 27 Jul 2000 11:27:28 -0700 (PDT) (envelope-from china@thewrittenword.com) Received: (from china@localhost) by mx1.thewrittenword.com (8.9.3/8.9.3) id NAA06398; Thu, 27 Jul 2000 13:26:23 -0500 (CDT) From: Albert Chin-A-Young Date: Thu, 27 Jul 2000 13:26:22 -0500 To: Paul Herman Cc: Nick Rogness , freebsd-net@FreeBSD.ORG Subject: Re: Routing help Message-ID: <20000727132622.C32716@postal.thewrittenword.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.1.12i In-Reply-To: ; from pherman@frenchfries.net on Thu, Jul 27, 2000 at 09:19:30AM +0200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Jul 27, 2000 at 09:19:30AM +0200, Paul Herman wrote: > On Wed, 26 Jul 2000, Nick Rogness wrote: > > > On Wed, 26 Jul 2000, Albert Chin-A-Young wrote: > > > > > > Here's a question for ya, Are all networks (routeable) reachable > > > > through both ethernet cards? > > > > > > Yes. > > > > > > > What are you trying to accomplish? > > > > > > We have two different ISPs providing our internet connection, with the > > > web and ftp server multihomed (second NIC not alive yet). I want to > > > survive the case where one ISP goes dead. > > > > > > > Talk to your ISPs about running BGP or some other routing > > technique to advertise both netblocks to both providers. > > Is this a viable solution nowadays? I mean, anything smaller than /19 > won't get propagated to the rest of the world anyway. Also, I've never > had any luck convincing two providers to somehow work together to > solve a "small problem" like BGPing a small /24 block of addresses > with their so called "competition" (at least here in Europe, anyway.) > > Perhaps, it's different in the US? > > Of course, if Albert is indeed talking about a /19 block, then this > isn't an issue, his ISPs probably wouldn't want to lose him, and you > can forget what I just said :) If we had a /19, we'd buy a router and be done with it :) We should probably just do it though. -- albert chin (china@thewrittenword.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 11:33:47 2000 Delivered-To: freebsd-net@freebsd.org Received: from amazhan.bitstream.net (amazhan.bitstream.net [216.243.128.132]) by hub.freebsd.org (Postfix) with SMTP id 1A96A37BD4E for ; Thu, 27 Jul 2000 11:33:43 -0700 (PDT) (envelope-from airboss@bitstream.net) Received: (qmail 1132 invoked by uid 79); 27 Jul 2000 18:33:38 -0000 Received: from dmitri.bitstream.net (206.144.236.191) by mail.bitstream.net with SMTP; 27 Jul 2000 18:33:38 -0000 Date: Thu, 27 Jul 2000 13:41:59 -0500 (CDT) From: To: Albert Chin-A-Young Cc: Paul Herman , Nick Rogness , freebsd-net@FreeBSD.ORG Subject: Re: Routing help In-Reply-To: <20000727132622.C32716@postal.thewrittenword.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 27 Jul 2000, Albert Chin-A-Young wrote: > > If we had a /19, we'd buy a router and be done with it :) We should > probably just do it though. That's pretty much it ;). I think your original question was "how can i fail over to routing to the alternate link if the primary goes down?". This is possible and, in fact, trivial -- but it's only solving 50% of your problem, as you still don't have control of how traffic is routed _to_ you. For that, as mentioned at length in previous posts, you need to do something that affects global routing; either BGP or something that gets redistributed into BGP eventually. ~Dan D. -- __________________________________________________________________ -- I feel the earth move. -- I feel the tumbling down, the tumbling down. ++ Dan Debertin ++ Senior Systems Administrator ++ Bitstream Underground, LLC ++ airboss@bitstream.net ++ (612)321-9290 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 12:48: 5 2000 Delivered-To: freebsd-net@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 8BBCD37BABF for ; Thu, 27 Jul 2000 12:48:00 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id PAA08568; Thu, 27 Jul 2000 15:47:05 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Thu, 27 Jul 2000 15:47:04 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: DRHAGER@de.ibm.com Cc: "f.johan.beisser" , freebsd-net@FreeBSD.ORG Subject: Re: true aliased interface? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 25 Jul 2000 DRHAGER@de.ibm.com wrote: > For me this looks like Solaris.. > I dont know if this is some System V related feature. > > In BSD you cant create this sub-interfaces you want. > It is always the same hardware beneath. > > Ifconfig offers aliasing, if you want the adapter to listen > on another Ip-adress in addition to the adress you gave it > initially. > > "Alias" is some sort of misnomer, I think. You can put a lot > of IP definitons on a Interface, but they are completely equal, > there is no preference between them. You can give a interface > a first adress, then a "alias", remove the first adress treating > it as an alias and then you will have the same interface as if > it would have been configured with this "alias" adress right at > the beginning. This is why I followed the BSD/OS lead and added alternative forms for alias addition and deletion: ifconfig fxp0 inet add 192.0.2.200 255.255.255.255 ifconfig fxp0 inet remove 192.0.2.200 Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 13:27:30 2000 Delivered-To: freebsd-net@freebsd.org Received: from sn1oexchr01.nextvenue.com (sn1oexchr01.nextvenue.com [63.209.169.9]) by hub.freebsd.org (Postfix) with SMTP id ACE6537BEA1 for ; Thu, 27 Jul 2000 13:27:18 -0700 (PDT) (envelope-from nevans@nextvenue.com) Received: FROM sn1exchmbx.nextvenue.com BY sn1oexchr01.nextvenue.com ; Thu Jul 27 16:25:29 2000 -0400 Received: by sn1exchmbx.nextvenue.com with Internet Mail Service (5.5.2650.21) id ; Thu, 27 Jul 2000 16:22:51 -0400 Message-ID: <712384017032D411AD7B0001023D799B07CA78@sn1exchmbx.nextvenue.com> From: Nick Evans To: "'freebsd-isp@freebsd.org'" , "'freebsd-net@freebsd.org'" Subject: Fault tolerance across multiple boxes. Date: Thu, 27 Jul 2000 16:22:41 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01BFF808.6A4C8610" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01BFF808.6A4C8610 Content-Type: text/plain; charset="iso-8859-1" I have a FreeBSD 4.0-R firewall box running IPFilter with 4 interfaces (office, external, dmz, engineering networks). I also have two switches one being a backup of the other. I am using STP, and possibly HSRP soon to provide the fault sensory information between the switches. Basically what I am looking to do is if one of the switches goes down STP will detect a closed path and automatically bring the other switch live. My predicament is that if either the switch or the firewall goes down the other has to be brought live without intervention by a user. The Cisco PIX's we have now will do automatic failover between two physical devices. They have identical configurations and when one is detected as dead the other will come online and all is well. Is there a way to do something similar with FreeBSD? Perhaps something that communicates through a serial port and can then activate interfaces or provide some other means of fault tolerance? thx nick ------------------------------------------ nick.evans network.engineering NextVenue, Inc. phone: (212) 909.2988 pager: (888) 642.5541 ------_=_NextPart_001_01BFF808.6A4C8610 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Fault tolerance across multiple boxes.

I have a FreeBSD 4.0-R firewall box running IPFilter = with 4 interfaces (office, external, dmz, engineering networks). I also = have two switches one being a backup of the other. I am using STP, and = possibly HSRP soon to provide the fault sensory information between the = switches. Basically what I am looking to do is if one of the switches = goes down STP will detect a closed path and automatically bring the = other switch live. My predicament is that if either the switch or the = firewall goes down the other has to be brought live without = intervention by a user. The Cisco PIX's we have now will do automatic = failover between two physical devices. They have identical = configurations and when one is detected as dead the other will come = online and all is well. Is there a way to do something similar with = FreeBSD? Perhaps something that communicates through a serial port and = can then activate interfaces or provide some other means of fault = tolerance?

thx
nick

------------------------------------------
nick.evans
network.engineering
NextVenue, Inc.
phone: (212) 909.2988
pager: (888) 642.5541

------_=_NextPart_001_01BFF808.6A4C8610-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 14:38:24 2000 Delivered-To: freebsd-net@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id 2DAF537B523 for ; Thu, 27 Jul 2000 14:38:20 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id OAA11016 for freebsd-net@freebsd.org; Thu, 27 Jul 2000 14:38:18 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200007272138.OAA11016@bubba.whistle.com> Subject: sub-optimal tcp_ouput() performance in the face of ENOBUFS To: freebsd-net@freebsd.org Date: Thu, 27 Jul 2000 14:38:18 -0700 (PDT) X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dear TCP gurus, It seems like there is sub-optimal behaviour in tcp_output(), and I'm wondering what other people think. Consider an output interface whose transmit queue is full. tcp_output() calls ip_output(), and it will return ENOBUFS. Here's where this is handled (tcp_output, line 863): error = ip_output(m, tp->t_inpcb->inp_options, &tp->t_inpcb->inp_route, (so->so_options & SO_DONTROUTE), 0); } if (error) { out: if (error == ENOBUFS) { if (!callout_active(tp->tt_rexmt) && !callout_active(tp->tt_persist)) callout_reset(tp->tt_rexmt, tp->t_rxtcur, tcp_timer_rexmt, tp); tcp_quench(tp->t_inpcb, 0); return (0); } The problem is that the 'next sequence number to transmit' variable (tp->snd_nxt) has already been advanced for the data in the dropped packet, back on line 758: tp->snd_nxt += len; The result is that even though TCP "knows" that the packet was lost, it fails to retransmit the data in the lost packet with the next packet output, instead skipping to the next chunk of data when it sends the next packet. Instead, it seems like tp->snd_nxt should be decremented back len bytes when ENOBUFS -- or any other error for that matter, if it represents a dropped packet -- is returned. I've witnessed this causing netperf to show a 40% performance slowdown. This is a problem because some links are very slow, and having a queue length large enough so that TCP never gets ENOBUFS means having very high potential latency, e.g., on the order of 10 seconds with a full output queue. So the choice becomes an unfortunate one between high bandwidth and low latency -- but not both at the same time. I haven't stared at the code long enough to come up with a proposed patch, because there is some interaction with timers, etc. I'd be happy to test one out if anyone else comes up with one in the meantime. Thanks, -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 17: 0:20 2000 Delivered-To: freebsd-net@freebsd.org Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (Postfix) with ESMTP id 5CA5F37B5D2; Thu, 27 Jul 2000 17:00:15 -0700 (PDT) (envelope-from erik@whistle.com) Received: from whistle.com (erik.whistle.com [207.76.205.71]) by alpo.whistle.com (8.9.1a/8.9.1) with ESMTP id QAA13668; Thu, 27 Jul 2000 16:59:40 -0700 (PDT) Message-ID: <3980CCEC.379C5ACF@whistle.com> Date: Thu, 27 Jul 2000 16:59:40 -0700 From: Erik Salander X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.0-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: net@FreeBSD.ORG Cc: Ruslan Ermilov , Archie Cobbs , Julian Elischer , Brian Somers , Charles Mott , Eivind Eklund Subject: Re: Improved PPTP support for libalias(3) References: <20000417170542.A61926@relay.ucb.crimea.ua> <200004180014.RAA28144@bubba.whistle.com> <20000419115513.A42767@relay.ucb.crimea.ua> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We've ran into a bit of a snag with 2 PPTP clients, behind the same address-translation entity, attempting to connect to the same PPTP server. Everything is fine in the address-translation: two mappings, each distinguishable from either direction. But at the PPTP server, PPTP maintains an IP address based association between the client and server. So a second connection (in the described manner) results in a collision of sorts. Yesterday, when we checked in the RTSP/RTP aliasing changes, we added a BUGS section to the libalias man page about this. This is a restriction for now. This is how the combinations work at this point: - 2 clients being address translated can successfully connect to different servers - 2 clients being address translated can not connect to the same server (restriction described by this post) - 1 server being address translated can successfully serve many clients - 2 servers being address translated is not yet supported. Erik Ruslan Ermilov wrote: > On Mon, Apr 17, 2000 at 05:14:25PM -0700, Archie Cobbs wrote: > > Ruslan Ermilov writes: > > > > does this mean that only one PC at a time behind a NAT wall, can access a > > > > particular machine? > > > > i.e. two visitors with their own laptops from the same place, > > > > cannot go back to the same host to read their mail..? > > > > This is not a BAD restriction, but it is a restriction.. > > > > > > > If you mean two PCs, each with their own tunnel to the same host, this > > > will not work. The problem here is that we need some "tag" to use with > > > source and destination IP addresses, to successfully de-alias packets > > > coming in. For TCP and UDP packets, there are port numbers. For ICMP > > > echo/timestamp packets, there is an ID field. But unfortunately, there > > > seems to be no such "tag" with PPTP protocols. > > > > Sure there is: the Call ID. > > > > We are probably going to implement the remaining bit of this here > > at Whistle in the next couple of weeks.. and will submit when done. > > > This patch should (hopefully) allow for concurrent PPTP tunnels from > multiple local PACs to the same remote PNS to work behind NAT (rfc2637 > terminology is being used). > > Could someone please test this patch, since I do not have enough test > environment here? > > Note please, that you DO NOT need PacketAliasRedirectPptp() for this > to work. Just running natd(8) with the default set of options should > be enough. > > If someone is going to test this, please mail me the output of `natd -v' > while trying PPTP to the same PNS from two or more local PACs. > > Thanks, > -- > Ruslan Ermilov Sysadmin and DBA of the > ru@ucb.crimea.ua United Commercial Bank, > ru@FreeBSD.org FreeBSD committer, > +380.652.247.647 Simferopol, Ukraine > > http://www.FreeBSD.org The Power To Serve > http://www.oracle.com Enabling The Information Age > > ------------------------------------------------------------------------ > > pName: p > Type: Plain Text (text/plain) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 17: 5:34 2000 Delivered-To: freebsd-net@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id 2B16F37B5E5; Thu, 27 Jul 2000 17:05:29 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id RAA14244; Thu, 27 Jul 2000 17:05:27 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200007280005.RAA14244@bubba.whistle.com> Subject: Re: Improved PPTP support for libalias(3) In-Reply-To: <3980CCEC.379C5ACF@whistle.com> from Erik Salander at "Jul 27, 2000 04:59:40 pm" To: Erik Salander Date: Thu, 27 Jul 2000 17:05:27 -0700 (PDT) Cc: net@FreeBSD.ORG, Ruslan Ermilov , Archie Cobbs , Julian Elischer , Brian Somers , Charles Mott , Eivind Eklund X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Erik Salander writes: > This is how the combinations work at this point: > > - 2 clients being address translated can successfully connect to > different servers > > - 2 clients being address translated can not connect to the same server Clarification: *at the same time* If they connect at different times it will still work. To fix this would require "merging" the two client TCP streams into the single server TCP stream.. kindof ugly, but possible. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 18:54:55 2000 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id B10D737C1D9 for ; Thu, 27 Jul 2000 18:54:32 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id VAA19214; Thu, 27 Jul 2000 21:54:27 -0400 (EDT) (envelope-from wollman) Date: Thu, 27 Jul 2000 21:54:27 -0400 (EDT) From: Garrett Wollman Message-Id: <200007280154.VAA19214@khavrinen.lcs.mit.edu> To: Archie Cobbs Cc: freebsd-net@FreeBSD.ORG Subject: sub-optimal tcp_ouput() performance in the face of ENOBUFS In-Reply-To: <200007272138.OAA11016@bubba.whistle.com> References: <200007272138.OAA11016@bubba.whistle.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > Consider an output interface whose transmit queue is full. > tcp_output() calls ip_output(), and it will return ENOBUFS. > Here's where this is handled (tcp_output, line 863): [snip snip] > The result is that even though TCP "knows" that the packet was > lost, it fails to retransmit the data in the lost packet with the > next packet output, instead skipping to the next chunk of data when > it sends the next packet. I think your analysis is correct, although I haven't thought through the ramifications of the change you suggest. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 19:36: 0 2000 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with SMTP id 1D26437B55E for ; Thu, 27 Jul 2000 19:35:58 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 16898 invoked by uid 1000); 28 Jul 2000 02:35:57 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 28 Jul 2000 02:35:57 -0000 Date: Thu, 27 Jul 2000 21:35:57 -0500 (CDT) From: Mike Silbersack To: Archie Cobbs Cc: freebsd-net@freebsd.org Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS In-Reply-To: <200007272138.OAA11016@bubba.whistle.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 27 Jul 2000, Archie Cobbs wrote: > Dear TCP gurus, > > It seems like there is sub-optimal behaviour in tcp_output(), > and I'm wondering what other people think. > > Consider an output interface whose transmit queue is full. > tcp_output() calls ip_output(), and it will return ENOBUFS. > Here's where this is handled (tcp_output, line 863): I get the impression that ENOBUFS was never tested, if it makes you feel any better. The code which checks to make sure a timer is pending wasn't even there until a few weeks ago. Until it was added, sockets could semi-easily get stuck in the LAST_ACK state forever. So, while you're fixing the case you just found, you may want to try to think of other bad outcomes due to ENOBUFS - there probably are a few more. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 20:16: 3 2000 Delivered-To: freebsd-net@freebsd.org Received: from chartres.scientech.com (mail.rv.scientech.com [198.60.89.9]) by hub.freebsd.org (Postfix) with ESMTP id 3F4F337C17A; Thu, 27 Jul 2000 20:16:00 -0700 (PDT) (envelope-from cmott@scientech.com) Received: from carcassonne (carcassonne.scientech.com [10.10.25.250]) by chartres.scientech.com (8.9.3/8.9.3) with ESMTP id VAA23601; Thu, 27 Jul 2000 21:15:56 -0600 Date: Thu, 27 Jul 2000 21:15:56 -0600 (MDT) From: Charles Mott To: Archie Cobbs Cc: Erik Salander , net@FreeBSD.ORG, Ruslan Ermilov , Julian Elischer , Brian Somers , Eivind Eklund Subject: Re: Improved PPTP support for libalias(3) In-Reply-To: <200007280005.RAA14244@bubba.whistle.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Is this a limitation of a specific server implementation, or a limitation of the PPTP standard? > Erik Salander writes: > > This is how the combinations work at this point: > > > > - 2 clients being address translated can successfully connect to > > different servers > > > > - 2 clients being address translated can not connect to the same server > > Clarification: *at the same time* > > If they connect at different times it will still work. > > To fix this would require "merging" the two client TCP streams into > the single server TCP stream.. kindof ugly, but possible. > > -Archie > > ___________________________________________________________________________ > Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 27 23:38:50 2000 Delivered-To: freebsd-net@freebsd.org Received: from osku.suutari.iki.fi (osku.syncrontech.com [213.28.98.4]) by hub.freebsd.org (Postfix) with ESMTP id 4EA8437B663 for ; Thu, 27 Jul 2000 23:38:46 -0700 (PDT) (envelope-from ari@suutari.iki.fi) Received: from coffee (adsl-nat.syncrontech.com [213.28.98.3]) by osku.suutari.iki.fi (8.9.3/8.9.3) with SMTP id JAA03457 for ; Fri, 28 Jul 2000 09:38:44 +0300 (EEST) (envelope-from ari@suutari.iki.fi) Message-ID: <000801bff85e$a264ea00$0e05a8c0@intranet.syncrontech.com> From: "Ari Suutari" To: Subject: IPSEC tunnel mode & ipfw Date: Fri, 28 Jul 2000 09:39:51 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I would like to run IPsec in tunnel mode between two offices connected by internet. Works OK otherwise, but I cannot figure out how to use ipfw in this situation so that to result is secure. Assume a packet going from office A (192.168.1.xxx) to office B (192.168.2.xxx). Host in A (192.168.1.2) | Gateway/Firewall (192.168.1.1) | Internet | Gateway/Firewall (192.168.2.1) | Host in B (192.168.2.2) The gateway machines run FreeBSD 4.0 currently. When packet comes to firewall in office A, it is tunneled by IPsec and sent to gateway at office B via internet. No problem here. At office B i have ipfw rule, which allows IPsec AH packets to come from A's gateway. Firewall at B de-tunnels the packet and it hits firewall rules again. Now, for this to work I have to have a ipfw rule allowing packets from 192.168.1.xxx to 192.168.2.xxx, otherwise the de-tunneled packet is dropped by ipfw. When I add this rule, everything works fine. However, I'm a little bit worried, since this last rule would also allow packets through if someone pretends to be 192.168.1.xxx since there is no way to tell ipfw that the rule is valid only if the packet being examined has arrived through IPsec tunnel. I solved this temporarily by using pipsecd - now I can trust that packets coming from interface tun0 have gone through IPsec checks. However, I would like to use the functionality available in kernel. Any ideas anyone ? Ari S. -- Ari Suutari Lemi, Finland To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 28 10:35:45 2000 Delivered-To: freebsd-net@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id C417937B7F9; Fri, 28 Jul 2000 10:35:30 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id KAA25478; Fri, 28 Jul 2000 10:35:23 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200007281735.KAA25478@bubba.whistle.com> Subject: Re: Improved PPTP support for libalias(3) In-Reply-To: from Charles Mott at "Jul 27, 2000 09:15:56 pm" To: Charles Mott Date: Fri, 28 Jul 2000 10:35:23 -0700 (PDT) Cc: Archie Cobbs , Erik Salander , net@FreeBSD.ORG, Ruslan Ermilov , Julian Elischer , Brian Somers , Eivind Eklund X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Charles Mott writes: > Is this a limitation of a specific server implementation, or > a limitation of the PPTP standard? It's simply a limitation in our address translation module for PPTP. There's nothing implied wrong with the standard itself or the server implementation. This limitation could be eliminated with more coding, but it's somewhat ugly (you have to make two TCP streams appear as one). -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 28 12:41:54 2000 Delivered-To: freebsd-net@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id 938B637BC9C; Fri, 28 Jul 2000 12:41:44 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id MAA26153; Fri, 28 Jul 2000 12:41:34 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200007281941.MAA26153@bubba.whistle.com> Subject: Re: Improved PPTP support for libalias(3) In-Reply-To: <200007281735.KAA25478@bubba.whistle.com> from Archie Cobbs at "Jul 28, 2000 10:35:23 am" To: Archie Cobbs Date: Fri, 28 Jul 2000 12:41:34 -0700 (PDT) Cc: Charles Mott , Erik Salander , net@FreeBSD.ORG, Ruslan Ermilov , Julian Elischer , Brian Somers , Eivind Eklund X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Archie Cobbs writes: > > Is this a limitation of a specific server implementation, or > > a limitation of the PPTP standard? > > It's simply a limitation in our address translation module for PPTP. > There's nothing implied wrong with the standard itself or the server > implementation. > > This limitation could be eliminated with more coding, but it's > somewhat ugly (you have to make two TCP streams appear as one). Sorry, I may have misinterpreted your question... It is inherent in the PPTP standard that there be at most ONE PPTP TCP control connection between any two IP addresses. If you think about it for a second you can see why: when a machine receives a GRE packet, it identifies the call using the pair . That means that there can be at most ONE entity living at sourceIP doling out CallID's for calls to the local machine/IP address.. otherwise CallID's would not be guaranteed to be unique. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 28 14:35:28 2000 Delivered-To: freebsd-net@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id D08BE37B68D; Fri, 28 Jul 2000 14:35:24 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id OAA27448; Fri, 28 Jul 2000 14:34:48 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200007282134.OAA27448@bubba.whistle.com> Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS In-Reply-To: from Mike Silbersack at "Jul 27, 2000 09:35:57 pm" To: Mike Silbersack Date: Fri, 28 Jul 2000 14:34:48 -0700 (PDT) Cc: freebsd-net@FreeBSD.ORG, jlemon@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Mike Silbersack writes: > > Consider an output interface whose transmit queue is full. > > tcp_output() calls ip_output(), and it will return ENOBUFS. > > Here's where this is handled (tcp_output, line 863): > > I get the impression that ENOBUFS was never tested, if it makes you feel > any better. The code which checks to make sure a timer is pending wasn't > even there until a few weeks ago. Until it was added, sockets could > semi-easily get stuck in the LAST_ACK state forever. > > So, while you're fixing the case you just found, you may want to try to > think of other bad outcomes due to ENOBUFS - there probably are a few > more. OK, now I'm trying to understand the code.. uh.. ok.. now looking at this commit.. > 1.43 Fri Jun 2 17:38:45 2000 UTC by jlemon > > When attempting to transmit a packet, if the system fails to allocate > a mbuf, it may return without setting any timers. If no more data is > scheduled to be transmitted (this was a FIN) the system will sit in > LAST_ACK state forever. > > Thus, when mbuf allocation fails, set the retransmit timer if neither > the retransmit or persist timer is already pending. I understand the scenario described by the commit message. What I don't understand about this commit is this: suppose the exact same scenario happens, except that instead of ip_output() returning ENOBUFS, it returns zero, BUT the packet is dropped anyway because of (say) an Ethernet collision. Then why wouldn't you have the same thing happen, i.e., no retransmit timer running and you're stuck in LAST_ACK forever? No timer is being set in the subsequent code at the end of tcp_output().. It seems like this commit should have been added after the call to ip_output(), no matter what "error" is equal to.. Clarifications warmly accepted.. Thanks, -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 28 14:43:20 2000 Delivered-To: freebsd-net@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id E9A5037B7C8 for ; Fri, 28 Jul 2000 14:43:15 -0700 (PDT) (envelope-from sthaug@nethelp.no) Received: (qmail 20396 invoked by uid 1001); 28 Jul 2000 21:43:10 +0000 (GMT) To: archie@whistle.com Cc: silby@silby.com, freebsd-net@FreeBSD.ORG, jlemon@FreeBSD.ORG Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS From: sthaug@nethelp.no In-Reply-To: Your message of "Fri, 28 Jul 2000 14:34:48 -0700 (PDT)" References: <200007282134.OAA27448@bubba.whistle.com> X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Fri, 28 Jul 2000 23:43:09 +0200 Message-ID: <20394.964820589@verdi.nethelp.no> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I understand the scenario described by the commit message. What > I don't understand about this commit is this: suppose the exact > same scenario happens, except that instead of ip_output() returning > ENOBUFS, it returns zero, BUT the packet is dropped anyway because > of (say) an Ethernet collision. A normal Ethernet collision does *not* result in a dropped packet - simply a packet which is transmitted a few microseconds later by the Ethernet hardware. If the packet has not been successfully transmitted in 16 attempts, it is indeed dropped - but this is (or should be!) an extremely rare event. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 28 14:50: 4 2000 Delivered-To: freebsd-net@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id 315A037C2FF; Fri, 28 Jul 2000 14:49:49 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id OAA27647; Fri, 28 Jul 2000 14:48:46 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200007282148.OAA27647@bubba.whistle.com> Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS In-Reply-To: <20394.964820589@verdi.nethelp.no> from "sthaug@nethelp.no" at "Jul 28, 2000 11:43:09 pm" To: sthaug@nethelp.no Date: Fri, 28 Jul 2000 14:48:45 -0700 (PDT) Cc: archie@whistle.com, silby@silby.com, freebsd-net@FreeBSD.ORG, jlemon@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org sthaug@nethelp.no writes: > > I understand the scenario described by the commit message. What > > I don't understand about this commit is this: suppose the exact > > same scenario happens, except that instead of ip_output() returning > > ENOBUFS, it returns zero, BUT the packet is dropped anyway because > > of (say) an Ethernet collision. > > A normal Ethernet collision does *not* result in a dropped packet - > simply a packet which is transmitted a few microseconds later by the > Ethernet hardware. > > If the packet has not been successfully transmitted in 16 attempts, > it is indeed dropped - but this is (or should be!) an extremely rare > event. Yes, that's what I meant -- 16 collisions or whatever. The point is that the packet gets dropped, it doesn't matter how. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 28 15:44:12 2000 Delivered-To: freebsd-net@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id 95D3237B63A; Fri, 28 Jul 2000 15:44:05 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id PAA28204; Fri, 28 Jul 2000 15:44:03 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200007282244.PAA28204@bubba.whistle.com> Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS In-Reply-To: from Mike Silbersack at "Jul 27, 2000 09:35:57 pm" To: freebsd-net@freebsd.org Date: Fri, 28 Jul 2000 15:44:03 -0700 (PDT) Cc: silby@silby.com, jlemon@freebsd.org, wollman@khavrinen.lcs.mit.edu X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Mike Silbersack writes: > > It seems like there is sub-optimal behaviour in tcp_output(), > > and I'm wondering what other people think. > > > > Consider an output interface whose transmit queue is full. > > tcp_output() calls ip_output(), and it will return ENOBUFS. > > Here's where this is handled (tcp_output, line 863): OK, here's a first stab at a patch.. reviews requested.. This dramatically improves performance for me when I lower the max queue length. Still get good throughput even with 25% of the transmitted packets returning ENOBUFS. However, I haven't tested the edge conditions: SYN and FIN, persist state, etc. Thanks, -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com Index: tcp_output.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/tcp_output.c,v retrieving revision 1.39.2.4 diff -u -r1.39.2.4 tcp_output.c --- tcp_output.c 2000/07/15 07:14:31 1.39.2.4 +++ tcp_output.c 2000/07/28 22:25:21 @@ -860,6 +860,21 @@ (so->so_options & SO_DONTROUTE), 0); } if (error) { + + /* + * We know that the packet was lost, so back out the + * sequence number advance, if any. + */ + if (tp->t_force == 0 || !callout_active(tp->tt_persist)) { + /* + * No need to check for TH_FIN here because + * the TF_SENTFIN flag handles that case. + */ + if (flags & TH_SYN) + tp->snd_nxt--; + tp->snd_nxt -= len; + } + out: if (error == ENOBUFS) { if (!callout_active(tp->tt_rexmt) && To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 28 19:58:11 2000 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with SMTP id 5B28537B8EB for ; Fri, 28 Jul 2000 19:58:08 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 20284 invoked by uid 1000); 29 Jul 2000 02:58:05 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 29 Jul 2000 02:58:05 -0000 Date: Fri, 28 Jul 2000 21:58:05 -0500 (CDT) From: Mike Silbersack To: Archie Cobbs Cc: freebsd-net@FreeBSD.ORG, jlemon@FreeBSD.ORG Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS In-Reply-To: <200007282134.OAA27448@bubba.whistle.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 28 Jul 2000, Archie Cobbs wrote: > I understand the scenario described by the commit message. What > I don't understand about this commit is this: suppose the exact > same scenario happens, except that instead of ip_output() returning > ENOBUFS, it returns zero, BUT the packet is dropped anyway because > of (say) an Ethernet collision. > > Then why wouldn't you have the same thing happen, i.e., no retransmit > timer running and you're stuck in LAST_ACK forever? No timer is being > set in the subsequent code at the end of tcp_output().. Hm, I was going to wager that some calling procedure was acting differently depending on the return value of tcp_output, but since ENOBUFS returns 0, and the error isn't checked anyway. It may be that a timer is active in the normal case, causing the timer check in the ENOBUFS case to be unneccesary normally... that still doesn't explain all cases, though. Hmph. I think a really good patch is going to take a lot of research. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 28 22:52: 5 2000 Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 030E937B9E1 for ; Fri, 28 Jul 2000 22:51:59 -0700 (PDT) (envelope-from bright@fw.wintelcom.net) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e6T5pkp22448; Fri, 28 Jul 2000 22:51:46 -0700 (PDT) Date: Fri, 28 Jul 2000 22:51:45 -0700 From: Alfred Perlstein To: Bosko Milekic Cc: David Malone , net@FreeBSD.ORG Subject: Re: Mbuf stuff. Message-ID: <20000728225145.A21967@fw.wintelcom.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: ; from bmilekic@dsuper.net on Wed, Jul 26, 2000 at 01:02:18PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * Bosko Milekic [000726 10:11] wrote: > > > > > intial idea: > > > > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=109252+0+archive/2000/freebsd-net > > > > > > > Summary of Bosko's refinements: > > > > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=185726+0+archive/2000/freebsd-net > > > > > > Okay, the relevant code can now be found at: > > http://24.201.62.9/code/mbuf/newstuff/ > > I still have some modifications to do at a later time, including > a cleanup of things and some changes as well, but the above should > be ready to go in. However, I encourage you to test it first, perhaps > because you may be able to do so more effectively than me (on heavier > loaded machines). > > Regards, > Bosko. > Ok, I've looked over it and it looks really good, the only thing that I wonder about is that perhaps we should pass a pointer to the mbuf instead of just 'arg' to the ext_free routine. I'm sort of undecided about this but wanted to bring it up for discussion. Basically, your call. :) > P.S.: Alfred: thanks. bah, you did all the work! :) -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 1:40:15 2000 Delivered-To: freebsd-net@freebsd.org Received: from field.videotron.net (field.videotron.net [205.151.222.108]) by hub.freebsd.org (Postfix) with ESMTP id 9466F37BB67 for ; Sat, 29 Jul 2000 01:40:12 -0700 (PDT) (envelope-from bmilekic@dsuper.net) Received: from modemcable009.62-201-24.mtl.mc.videotron.net ([24.201.62.9]) by field.videotron.net (Sun Internet Mail Server sims.3.5.1999.12.14.10.29.p8) with ESMTP id <0FYG0023MAQUGK@field.videotron.net> for net@FreeBSD.ORG; Sat, 29 Jul 2000 04:40:06 -0400 (EDT) Date: Sat, 29 Jul 2000 04:42:40 -0400 (EDT) From: Bosko Milekic Subject: Re: Mbuf stuff. In-reply-to: <20000728225145.A21967@fw.wintelcom.net> X-Sender: bmilekic@jehovah.technokratis.com To: Alfred Perlstein Cc: David Malone , net@FreeBSD.ORG Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Leaving it as void is cleaner as an interface as it doesn't force other layers to have to deal with struct mbufs, and, also, if you want to pass the mbuf, nothing stops you from casting the args as an mbuf struct pointer and passing up the mbuf struct's base address. So I think that more flexibility is better in this sense. On Fri, 28 Jul 2000, Alfred Perlstein wrote: > Ok, I've looked over it and it looks really good, the only thing > that I wonder about is that perhaps we should pass a pointer to > the mbuf instead of just 'arg' to the ext_free routine. > > I'm sort of undecided about this but wanted to bring it up for > discussion. > > Basically, your call. :) > > > P.S.: Alfred: thanks. > > bah, you did all the work! :) Well, that work is pretty much useless without feedback and support. Given previous experiences I've had, your interest in this deffinately deserves a thanks, at the least. > -Alfred Cheers, Bosko. -- Bosko Milekic * Voice/Mobile: 514.865.7738 * Pager: 514.921.0237 bmilekic@technokratis.com * http://www.technokratis.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 10:25:41 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail-out2.apple.com (mail-out2.apple.com [17.254.0.51]) by hub.freebsd.org (Postfix) with ESMTP id 5249B37B60A for ; Sat, 29 Jul 2000 10:25:21 -0700 (PDT) (envelope-from justin@apple.com) Received: from mailgate1.apple.com (A17-128-100-225.apple.com [17.128.100.225]) by mail-out2.apple.com (8.9.3/8.9.3) with ESMTP id KAA07470 for ; Sat, 29 Jul 2000 10:25:16 -0700 (PDT) Received: from scv1.apple.com (scv1.apple.com) by mailgate1.apple.com (Content Technologies SMTPRS 4.1.5) with ESMTP id for ; Sat, 29 Jul 2000 10:25:16 -0700 Received: from grinch ([17.219.158.67]) by scv1.apple.com (8.9.3/8.9.3) with SMTP id KAA11439 for ; Sat, 29 Jul 2000 10:25:12 -0700 (PDT) Message-Id: <200007291725.KAA11439@scv1.apple.com> To: freebsd-net@freebsd.org Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS Date: Sat, 29 Jul 2000 10:26:14 -0700 From: "Justin C. Walker" Reply-To: justin@apple.com x-mailer: Apple Mail (2.317) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Friday, July 28, 2000, at 07:58 PM, Mike Silbersack wrote: > > On Fri, 28 Jul 2000, Archie Cobbs wrote: > > > I understand the scenario described by the commit message. What > > I don't understand about this commit is this: suppose the exact > > same scenario happens, except that instead of ip_output() returning > > ENOBUFS, it returns zero, BUT the packet is dropped anyway because > > of (say) an Ethernet collision. > > > > Then why wouldn't you have the same thing happen, i.e., no retransmit > > timer running and you're stuck in LAST_ACK forever? No timer is being > > set in the subsequent code at the end of tcp_output().. > > Hm, I was going to wager that some calling procedure was acting > differently depending on the return value of tcp_output, but since ENOBUFS > returns 0, and the error isn't checked anyway. Forgive my early-morning density, but I've read this sentence several times, and it just doesn't look right. Could you try again? I know there's value in it, but it isn't making it through. Regards, Justin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 10:32:42 2000 Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 8284C37B85B for ; Sat, 29 Jul 2000 10:32:39 -0700 (PDT) (envelope-from bright@fw.wintelcom.net) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e6THWTA10439; Sat, 29 Jul 2000 10:32:29 -0700 (PDT) Date: Sat, 29 Jul 2000 10:32:28 -0700 From: Alfred Perlstein To: Bosko Milekic Cc: David Malone , net@FreeBSD.ORG Subject: Re: Mbuf stuff. Message-ID: <20000729103228.C21967@fw.wintelcom.net> References: <20000728225145.A21967@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: ; from bmilekic@dsuper.net on Sat, Jul 29, 2000 at 04:42:40AM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * Bosko Milekic [000729 01:40] wrote: > > Leaving it as void is cleaner as an interface as it doesn't force other > layers to have to deal with struct mbufs, and, also, if you want to pass > the mbuf, nothing stops you from casting the args as an mbuf struct > pointer and passing up the mbuf struct's base address. So I think that > more flexibility is better in this sense. Makes sense, I'll be testing and hopefully have it committed sunday/monday. -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 10:56:42 2000 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with SMTP id BAD2937B6F2 for ; Sat, 29 Jul 2000 10:56:37 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 25932 invoked by uid 1000); 29 Jul 2000 17:56:35 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 29 Jul 2000 17:56:35 -0000 Date: Sat, 29 Jul 2000 12:56:35 -0500 (CDT) From: Mike Silbersack To: "Justin C. Walker" Cc: freebsd-net@freebsd.org Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS In-Reply-To: <200007291725.KAA11439@scv1.apple.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 29 Jul 2000, Justin C. Walker wrote: > On Friday, July 28, 2000, at 07:58 PM, Mike Silbersack wrote: > > Hm, I was going to wager that some calling procedure was acting > > differently depending on the return value of tcp_output, but since ENOBUFS > > returns 0, and the error isn't checked anyway. > > Forgive my early-morning density, but I've read this sentence several > times, and it just doesn't look right. Could you try again? I know > there's value in it, but it isn't making it through. > > Regards, > > Justin In the case of ip_output returning ENOBUFS to tcp_output, tcp_output returns 0, even though there's an error. (I guess if the ENOBUFS case was handled properly, 0 would be correct. But for now, it's certainly an error.) But tcp_output returning an error wouldn't matter anyway, since nothing which calls tcp_output actually checks the return value. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 11:10:45 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail-out1.apple.com (mail-out1.apple.com [17.254.0.52]) by hub.freebsd.org (Postfix) with ESMTP id D80A237B50B for ; Sat, 29 Jul 2000 11:10:32 -0700 (PDT) (envelope-from justin@apple.com) Received: from mailgate1.apple.com (A17-128-100-225.apple.com [17.128.100.225]) by mail-out1.apple.com (8.9.3/8.9.3) with ESMTP id LAA16612 for ; Sat, 29 Jul 2000 11:10:24 -0700 (PDT) Received: from scv2.apple.com (scv2.apple.com) by mailgate1.apple.com (Content Technologies SMTPRS 4.1.5) with ESMTP id for ; Sat, 29 Jul 2000 11:10:23 -0700 Received: from grinch ([17.219.158.67]) by scv2.apple.com (8.9.3/8.9.3) with SMTP id LAA14583 for ; Sat, 29 Jul 2000 11:10:23 -0700 (PDT) Message-Id: <200007291810.LAA14583@scv2.apple.com> To: freebsd-net@freebsd.org Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS Date: Sat, 29 Jul 2000 11:11:25 -0700 From: "Justin C. Walker" Reply-To: justin@apple.com mime-version: 1.0 (Apple Message framework v317) content-type: text/plain; charset=iso-8859-1 content-transfer-encoding: quoted-printable x-mailer: Apple Mail (2.317) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Saturday, July 29, 2000, at 10:56 AM, Mike Silbersack wrote: > > On Sat, 29 Jul 2000, Justin C. Walker wrote: > > > On Friday, July 28, 2000, at 07:58 PM, Mike Silbersack wrote: > > > Hm, I was going to wager that some calling procedure was acting > > > differently depending on the return value of tcp_output, but since = =20 ENOBUFS > > > returns 0, and the error isn't checked anyway. > > > > Forgive my early-morning density, but I've read this sentence = several =20 > > times, and it just doesn't look right. Could you try again? I know = =20 > > there's value in it, but it isn't making it through. > > > > Regards, > > > > Justin > > In the case of ip_output returning ENOBUFS to tcp_output, tcp_output > returns 0, even though there's an error. (I guess if the ENOBUFS case = was=20 > handled properly, 0 would be correct. But for now, it's certainly an > error.) > > But tcp_output returning an error wouldn't matter anyway, since = nothing > which calls tcp_output actually checks the return value. Thanks for the clarification. FWIW in our source (FB3.2-based), while a lot of calls are cast as = (void), =20 the returned error actually is checked in a number of places =20 (tcp_usrreq.c). These eventually wander back into user space, I think. Regards, Justin Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics =A0=A0 | Manager, CoreOS Networking =A0=A0 | =A0=A0Men are from = Earth. Apple Computer, Inc. =A0=A0=A0 =A0| = =A0=A0Women are from Earth. 2 Infinite Loop=A0=A0=A0=A0=A0=A0 = | =20 =A0=A0=A0=A0=A0=A0Deal with it. Cupertino, CA 95014=A0=A0=A0=A0 | = *------------------------------------------------------*------------------= ------------------* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 12:48:23 2000 Delivered-To: freebsd-net@freebsd.org Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by hub.freebsd.org (Postfix) with SMTP id 67E5637B595 for ; Sat, 29 Jul 2000 12:48:18 -0700 (PDT) (envelope-from dwmalone@maths.tcd.ie) Received: from walton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP id ; 29 Jul 2000 20:48:15 +0100 (BST) To: Alfred Perlstein Cc: Bosko Milekic , David Malone , net@FreeBSD.ORG Subject: Re: Mbuf stuff. In-reply-to: Your message of "Sat, 29 Jul 2000 10:32:28 PDT." <20000729103228.C21967@fw.wintelcom.net> X-Request-Do: Date: Sat, 29 Jul 2000 20:48:14 +0100 From: David Malone Message-ID: <200007292048.aa16087@salmon.maths.tcd.ie> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > Leaving it as void is cleaner as an interface as it doesn't force other > > layers to have to deal with struct mbufs, and, also, if you want to pass > > the mbuf, nothing stops you from casting the args as an mbuf struct > > pointer and passing up the mbuf struct's base address. So I think that > > more flexibility is better in this sense. > Makes sense, I'll be testing and hopefully have it committed sunday/monday. Do you want to commit the slip abuse stuff with it, or should I do that now? I've been testing it and it works fine. I've started testing the mbuf external reference counting patches and they seem to work. I've read through them and have a few comments, but other than that they seem fine. David. /usr/src/sys/alpha/alpha/machdep.c When calculating mb_map_size it doesn't add space for sizeof (union mext_refcnt) /usr/src/sys/kern/uipc_mbuf.c The mbstat sysctl stuff is made read only. This seems sensible, as it doesn't make sense to write to I guess. /usr/src/sys/netkey/key_debug.c Should we consider printing the pointer to the ref_cnt pointer? /usr/src/sys/pc98/i386/machdep.c Same as alpha - mb_map_size doesn't account for mext_refcnt. /usr/src/sys/sys/mbuf.h The call to _MEXTFREE in MFREE is wrapped in braces, which I think goes against style(9). Should we comment the fact that _MEXTFREE has to be called at splimp? /usr/src/usr.bin/netstat/mbuf.c The printf refers to "reference count structs" - should that be "reference count unions" or maybe just "reference counters" incase the way they are counted changes. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 13:46:45 2000 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with SMTP id 12AF137B8B7 for ; Sat, 29 Jul 2000 13:46:41 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 26327 invoked by uid 1000); 29 Jul 2000 20:46:39 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 29 Jul 2000 20:46:39 -0000 Date: Sat, 29 Jul 2000 15:46:39 -0500 (CDT) From: Mike Silbersack To: "Justin C. Walker" Cc: freebsd-net@freebsd.org Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS In-Reply-To: <200007291810.LAA14583@scv2.apple.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 29 Jul 2000, Justin C. Walker wrote: > On Saturday, July 29, 2000, at 10:56 AM, Mike Silbersack wrote: > > > In the case of ip_output returning ENOBUFS to tcp_output, tcp_output > > returns 0, even though there's an error. (I guess if the ENOBUFS case was > > handled properly, 0 would be correct. But for now, it's certainly an > > error.) > > > > But tcp_output returning an error wouldn't matter anyway, since nothing > > which calls tcp_output actually checks the return value. > > Thanks for the clarification. > > FWIW in our source (FB3.2-based), while a lot of calls are cast as (void), > the returned error actually is checked in a number of places > (tcp_usrreq.c). These eventually wander back into user space, I think. > > Regards, > > Justin Yep, you're correct. I must've been tired when I grepped last night. Do you guys handle ip_output returning ENOBUFS any differently/better in Darwin as of now? Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 13:54:33 2000 Delivered-To: freebsd-net@freebsd.org Received: from falla.videotron.net (falla.videotron.net [205.151.222.106]) by hub.freebsd.org (Postfix) with ESMTP id B548C37B51B for ; Sat, 29 Jul 2000 13:54:24 -0700 (PDT) (envelope-from bmilekic@dsuper.net) Received: from modemcable009.62-201-24.mtl.mc.videotron.net ([24.201.62.9]) by falla.videotron.net (Sun Internet Mail Server sims.3.5.1999.12.14.10.29.p8) with ESMTP id <0FYH009Z78QDEF@falla.videotron.net> for net@FreeBSD.ORG; Sat, 29 Jul 2000 16:54:13 -0400 (EDT) Date: Sat, 29 Jul 2000 16:56:49 -0400 (EDT) From: Bosko Milekic Subject: Re: Mbuf stuff. In-reply-to: <200007292048.aa16087@salmon.maths.tcd.ie> X-Sender: bmilekic@jehovah.technokratis.com To: David Malone Cc: Alfred Perlstein , net@FreeBSD.ORG Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 29 Jul 2000, David Malone wrote: > Do you want to commit the slip abuse stuff with it, or should I do > that now? I've been testing it and it works fine. I've started > testing the mbuf external reference counting patches and they seem > to work. I've read through them and have a few comments, but other > than that they seem fine. It should deffinately go in either before or at the same time, if you want to avoid breaking the build. > David. > > /usr/src/sys/alpha/alpha/machdep.c > > When calculating mb_map_size it doesn't add space for > sizeof (union mext_refcnt) Rats! Nice thing you caught it! Yes, it should deffinately be added to match i386/i386/machdep.c -- Thanks! > /usr/src/sys/kern/uipc_mbuf.c > > The mbstat sysctl stuff is made read only. This seems > sensible, as it doesn't make sense to write to I guess. Yes, I always wondered why it was read+write in the first place, so I changed it here instead of submitting separate diffs. > /usr/src/sys/netkey/key_debug.c > > Should we consider printing the pointer to the ref_cnt pointer? Sounds good. > /usr/src/sys/pc98/i386/machdep.c > > Same as alpha - mb_map_size doesn't account for mext_refcnt. Yeah, missed it here too. > /usr/src/sys/sys/mbuf.h > > The call to _MEXTFREE in MFREE is wrapped in braces, which > I think goes against style(9). That's up to you, it makes no difference to me. I don't remember seeing anything specifically _against_ it in style(9) but I'm not sure. > Should we comment the fact that _MEXTFREE has to be called > at splimp? Not really necessary, because it always is called at splimp(), and it's not the exported macro. The "exported" version of the macro wraps _MEXTFREE at MBUFLOCK(), and it's called MEXTFREE(). > /usr/src/usr.bin/netstat/mbuf.c > > The printf refers to "reference count structs" - should that be > "reference count unions" or maybe just "reference counters" incase > the way they are counted changes. Yes, certainly, up to you as to how you want to go with verbosity, I was just too busy thinking about related code functionality as opposed to verbosity and user-friendliness. Thank you very much for bringing all this stuff up! -Bosko -- Bosko Milekic * Voice/Mobile: 514.865.7738 * Pager: 514.921.0237 bmilekic@technokratis.com * http://www.technokratis.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 15:14:30 2000 Delivered-To: freebsd-net@freebsd.org Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by hub.freebsd.org (Postfix) with SMTP id 8136A37B621 for ; Sat, 29 Jul 2000 15:14:24 -0700 (PDT) (envelope-from dwmalone@maths.tcd.ie) Received: from walton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP id ; 29 Jul 2000 23:14:23 +0100 (BST) To: Bosko Milekic Cc: David Malone , Alfred Perlstein , net@FreeBSD.ORG Subject: Re: Mbuf stuff. In-reply-to: Your message of "Sat, 29 Jul 2000 16:56:49 EDT." X-Request-Do: Date: Sat, 29 Jul 2000 23:14:22 +0100 From: David Malone Message-ID: <200007292314.aa22039@salmon.maths.tcd.ie> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > /usr/src/sys/sys/mbuf.h > > > > The call to _MEXTFREE in MFREE is wrapped in braces, which > > I think goes against style(9). > That's up to you, it makes no difference to me. I don't remember > seeing anything specifically _against_ it in style(9) but I'm not sure. It says: "No braces are used for control statements with zero or only a single statement unless that statement is more than a single line in which case they are permitted." > > Should we comment the fact that _MEXTFREE has to be called > > at splimp? > Not really necessary, because it always is called at splimp(), and > it's not the exported macro. The "exported" version of the macro wraps > _MEXTFREE at MBUFLOCK(), and it's called MEXTFREE(). _MEXT_DEALLOC_CNT is also internal, but has an XXX somment saying it should be called at splimp(), which it always is. I just thought it would be more consistant to have a comment for both. > Thank you very much for bringing all this stuff up! Glad to be useful ;-) Do you want to make a new version of the patch available, or should Alfred make the changes as he commits? David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 16:13:34 2000 Delivered-To: freebsd-net@freebsd.org Received: from mail-out1.apple.com (mail-out1.apple.com [17.254.0.52]) by hub.freebsd.org (Postfix) with ESMTP id 4969637B621 for ; Sat, 29 Jul 2000 16:13:32 -0700 (PDT) (envelope-from justin@apple.com) Received: from mailgate1.apple.com (A17-128-100-225.apple.com [17.128.100.225]) by mail-out1.apple.com (8.9.3/8.9.3) with ESMTP id QAA13967 for ; Sat, 29 Jul 2000 16:13:31 -0700 (PDT) Received: from scv2.apple.com (scv2.apple.com) by mailgate1.apple.com (Content Technologies SMTPRS 4.1.5) with ESMTP id for ; Sat, 29 Jul 2000 16:13:31 -0700 Received: from grinch ([17.219.158.67]) by scv2.apple.com (8.9.3/8.9.3) with SMTP id QAA29140 for ; Sat, 29 Jul 2000 16:13:23 -0700 (PDT) Message-Id: <200007292313.QAA29140@scv2.apple.com> To: freebsd-net@freebsd.org Subject: Re: sub-optimal tcp_ouput() performance in the face of ENOBUFS Date: Sat, 29 Jul 2000 16:14:25 -0700 From: "Justin C. Walker" Reply-To: justin@apple.com x-mailer: Apple Mail (2.317) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Saturday, July 29, 2000, at 01:46 PM, Mike Silbersack wrote: > > On Sat, 29 Jul 2000, Justin C. Walker wrote: > > > On Saturday, July 29, 2000, at 10:56 AM, Mike Silbersack wrote: > > [snip] > Yep, you're correct. I must've been tired when I grepped last night. > > Do you guys handle ip_output returning ENOBUFS any differently/better in > Darwin as of now? The Darwin source has a checkered past. For the kernel, most of the BSD-like part is Lite2-derived, I think (but of course, with a *lot* of work done on it in the interim). The network part was updated to FreeBSD 3.1-2 last year. I haven't looked into the changes from 3.x to 4/5, but I'd guess the answer is "no". Using cscope, I see about 170 references to ENOBUFS, and only two are checking for the value; the rest set/return it. Regards, Justin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 29 17:30:19 2000 Delivered-To: freebsd-net@freebsd.org Received: from falla.videotron.net (falla.videotron.net [205.151.222.106]) by hub.freebsd.org (Postfix) with ESMTP id 75C9D37B52D for ; Sat, 29 Jul 2000 17:30:08 -0700 (PDT) (envelope-from bmilekic@technokratis.com) Received: from jehovah ([24.201.62.138]) by falla.videotron.net (Sun Internet Mail Server sims.3.5.1999.12.14.10.29.p8) with SMTP id <0FYH002DCIN0X6@falla.videotron.net> for net@FreeBSD.ORG; Sat, 29 Jul 2000 20:28:12 -0400 (EDT) Date: Sat, 29 Jul 2000 20:28:34 -0400 From: Bosko Milekic Subject: Re: Mbuf stuff. To: Bosko Milekic , David Malone Cc: Alfred Perlstein , net@FreeBSD.ORG Message-id: <001b01bff9bd$66266270$8a3ec918@jehovah> MIME-version: 1.0 X-Mailer: Microsoft Outlook Express 5.00.2919.6700 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 References: <200007292314.aa22039@salmon.maths.tcd.ie> X-Priority: 3 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > It says: "No braces are used for control statements with zero or only a > single statement unless that statement is more than a single line in > which case they are permitted." Okay. In that case, Alfred, please remove the braces? :-) > > Not really necessary, because it always is called at splimp(), and > > it's not the exported macro. The "exported" version of the macro wraps > > _MEXTFREE at MBUFLOCK(), and it's called MEXTFREE(). > > _MEXT_DEALLOC_CNT is also internal, but has an XXX somment saying > it should be called at splimp(), which it always is. I just thought > it would be more consistant to have a comment for both. Well, you're right, as _MEXT_DEALLOC_CNT() isn't exportable at all, the comment should just be removed, or added in both cases. > > Thank you very much for bringing all this stuff up! > > Glad to be useful ;-) > > Do you want to make a new version of the patch available, or should > Alfred make the changes as he commits? Well, the changes aren't big at all so I think that it would be simpler for Alfred to add them in the patch rather than me roll over a new set of diffs. Also, my repo is further de-sync'd right now as I've been making some other changes as well. > David. Cheers, Bosko. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message