From owner-freebsd-net Sun Oct 28 11: 0:42 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id F40D637B432 for ; Sun, 28 Oct 2001 11:00:29 -0800 (PST) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id KAA21424; Sun, 28 Oct 2001 10:56:43 -0800 (PST) Date: Sun, 28 Oct 2001 10:56:42 -0800 (PST) From: Julian Elischer To: Trond Davidsen Cc: freebsd-net@freebsd.org, archie@freesd.org Subject: Re: Mpd with a large number, 200+ , of bundles In-Reply-To: <3BD6FA2F.6070509@ii.uib.no> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Did archie get back to you on this one? On Wed, 24 Oct 2001, Trond Davidsen wrote: > Hi, > some info about the machine: > > vpn-gw2# uname -a > FreeBSD vpn-gw2 4.4-STABLE FreeBSD 4.4-STABLE #2: Tue Oct 16 16:42:27 > CEST 2001 root@vpn-gw2:/usr/obj/usr/src/sys/VPN-GW2 i386 > vpn-gw2# > > The machine is a dual 700MHz PIII with 512MB ram and 3 3c905B nics. > /etc/sysctl.conf looks like this: > > vpn-gw2# cat /etc/sysctl.conf > kern.ipc.shm_use_phys=1 > vfs.vmiodirenable=1 > net.inet.tcp.sendspace=65535 > net.inet.tcp.recvspace=65535 > net.inet.tcp.always_keepalive=1 > kern.ipc.somaxconn=1024 > net.inet.ip.rtexpire=10 > > > I'm trying to set up mpd as a replacement for poptop + ppp. But I run > into a problem when I try to configure more than 100 bundles. When I > configure 30 bundles, everything works nicely. When I configure 100 > bundles, things seems to work nicely, but when I run ngctl, I get the > following error when typing 'list' at the ngctl prompt: > > > [lines for ng100 - ng24 removed] > > Name: ng23 Type: iface ID: 00000849 Num hooks: 1 > Name: Type: socket ID: 00000848 Num hooks: 2 > Name: Type: vjc ID: 00000847 Num hooks: 4 > Name: Type: bpf ID: 00000846 Num hooks: 3 > Name: mpd37379-pptp12 Type: ppp ID: 00000845 Num hooks: 6 > Name: ng22 Type: iface ID: 00000844 Num hooks: 1 > Name: Type: socket ID: 00000843 Num hooks: 2 > Name: Type: vjc ID: 00000842 Num hooks: 4 > Name: Type: bpf ID: 00000841 Num hooks: 3 > Name: xl0 Type: ether ID: 00000001 Num hooks: 0 > ngctl: send msg: No such file or directory > + quit > > it seems to be missing ng0 - ng21, but ifconfig shows all the > interfaces. Earlier ngctl would not list any interfaces but print > something like the following: > > + list > ngctl: send msg: No buffer space available > + quit > > which buffer is this, and how do I make it larger? > > > On a PIII 1.3GHz with 1GB ram, trying to run with 110 bundles: > > vpn-gw3# uname -a > FreeBSD vpn-gw3 4.4-STABLE FreeBSD 4.4-STABLE #0: Thu Oct 18 18:37:21 > CEST 2001 root@vpn-gw3:/usr/obj/usr/src/sys/VPN-GW3 i386 > vpn-gw3# > > > [cut out 97 bundle configs] > > [pptp98] ppp node is "mpd18285-pptp98" > [pptp98] using interface ng108 > Radius: radius_Init > > [pptp99] ppp node is "mpd18285-pptp99" > [pptp99] using interface ng109 > Radius: radius_Init > > [pptp100] can't name ppp node: Address already in use > [pptp100] netgraph initialization failed > [pptp101] can't name ppp node: Address already in use > [pptp101] netgraph initialization failed > [pptp102] can't name ppp node: Address already in use > [pptp102] netgraph initialization failed > [pptp103] can't name ppp node: Address already in use > [pptp103] netgraph initialization failed > [pptp104] can't name ppp node: Address already in use > [pptp104] netgraph initialization failed > [pptp105] can't name ppp node: Address already in use > [pptp105] netgraph initialization failed > [pptp106] can't name ppp node: Address already in use > [pptp106] netgraph initialization failed > [pptp107] can't name ppp node: Address already in use > [pptp107] netgraph initialization failed > [pptp108] can't name ppp node: Address already in use > [pptp108] netgraph initialization failed > [pptp109] can't name ppp node: Address already in use > [pptp109] netgraph initialization failed > [pptp110] can't name ppp node: Address already in use > [pptp110] netgraph initialization failed > [pptp99:pptp99] > > > vpn-gw3# ngctl > + list > ngctl: send msg: No buffer space available > + > > This is with standard sendspace/recvspace. > > > Trond > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Oct 28 11:20:22 2001 Delivered-To: freebsd-net@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id 7C67137B408; Sun, 28 Oct 2001 11:20:15 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id UAA13630; Sun, 28 Oct 2001 20:20:11 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id f9SJ7ss01266; Sun, 28 Oct 2001 20:07:54 +0100 (MET) (envelope-from j) Date: Sun, 28 Oct 2001 20:07:54 +0100 From: Joerg Wunsch To: Roman Kurakin Cc: freebsd-net@FreeBSD.org, Serge Vakulenko , mike@FreeBSD.org, freebsd-bugs@FreeBSD.org, julian@FreeBSD.org, archie@FreeBSD.org Subject: Re: kern/11238, kern/14848, kern/21771, sppp patch's patch_id #1 Message-ID: <20011028200754.B648@uriah.heep.sax.de> Reply-To: Joerg Wunsch References: <000901c1134b$827a69a0$48b5ce90@crox> <3BDABF7B.4060808@cronyx.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <3BDABF7B.4060808@cronyx.ru>; from rik@cronyx.ru on Sat, Oct 27, 2001 at 06:06:51PM +0400 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org As Roman Kurakin wrote: > This is the first patch of set of patches that I plan to make. These > patches ware send several > times as a big patch and last one wasn't even discussed. So I will try > to send them by small > pieces and will try to comment them. One problem i've got with all sppp patches right now is that there's one long overdue task on my plate: merging back the ISDN4BSD sppp changes into the main sppp code. By that way, i'd also like to consider the NetBSD changes. Both offspring drivers have done a lot of bugfixing as well. The sad point is that i can't promise any timeline for this. Also, this cannot be done in a single patch, since that would be a rather large one, but it needs to be pulled piecewise (from the i4b CVS archives, and from the NetBSD CVS archives), to remain at least somewhat transparent to the innocent observer. But by all means, if someone cares to do it, i'm willing to get those PRs assigned to me. -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Oct 28 12:47:43 2001 Delivered-To: freebsd-net@freebsd.org Received: from hotmail.com (f49.pav2.hotmail.com [64.4.37.49]) by hub.freebsd.org (Postfix) with ESMTP id 80F7D37B401 for ; Sun, 28 Oct 2001 12:47:37 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sun, 28 Oct 2001 12:47:37 -0800 Received: from 204.178.20.14 by pv2fd.pav2.hotmail.msn.com with HTTP; Sun, 28 Oct 2001 20:47:37 GMT X-Originating-IP: [204.178.20.14] From: "murthy kn" To: rizzo@aciri.org Cc: net@FreeBSD.ORG Subject: Re: Polling vs Interrupts (was Re: NEW CODE: polling support...) Date: Mon, 29 Oct 2001 02:17:37 +0530 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 28 Oct 2001 20:47:37.0385 (UTC) FILETIME=[C7053990:01C15FF1] Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, First, let me thank for the nice detailed description of polling vs interrupts. I have a couple of questions. > >As the load level increases, your interrupt rate also grows, and >so does the work that you perform in each call to XX_intr(). > >The increase in interrupt rate is dangerous because it can make >you waste a large fraction of your CPU cycles just in overhead and >context switches, leading to a steep drop of the forwarding rate >as the offered load increases. > >The growth in interrupt rate is typically sublinear in the incoming >packet rate, because as the latter increases, it becomes more and >more likely that you get to process a second packet before you can >complete the interrupt service routine. > >This might seem a good thing; but unfortunately, there migth be a >third packet, and a fourth, and a fifth... and so you might remain >within your interrupt service routine for a very large amount of >time (potentially unbounded). This is what makes the system >unresponsive under load, and prevents a fair sharing of resources >among devices. ----------> 1. What will happen if a packet some packets arrive DURING the current call to XXX_intr() - are they processed by the current invocation of XXX_intr() itself without generating a new interrupt or will there be a seperate interrupt for each of those packets ? ( basically, I see a "rcvloop" in the driver code (fxp)) 2. If the answer to the (1) is true, I am not getting the difference between interrupt mitigation/ coalescing described below and the above explanation. Basically, what is being done above is also reducing the number of interrupts (and hence context swithcing overheads) by processing multiple packets in the same call to XXX_intr() ? So, why this kind of becomes a bottleneck whereas interrupt mitigation increases the performance. >write into the status register) and process all events that might have >triggered it -- if you stop early, there might not be another >interrupt that wakes you up to continue the leftover work, so you >have to set a timeout by independent means, or resort to polling. > > >As an example, for a simple I/O read from a register on a PCI card, >I have often measured times as high as 10,000 clock cycles (for >our 750MHz host, this is over 10us) during which the CPU cannot do >anything. Unfortunately, this time is totally unpredictable, and >the CPU has no way to abort the transaction once started. --------> Any pointers on tools/techniques to perform such measurements for instrumenting the kernel will be very helpful. Thanks, Murthy _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Oct 28 15:21: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id D0D6737B405 for ; Sun, 28 Oct 2001 15:20:53 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id f9SNHQW92391; Sun, 28 Oct 2001 15:17:26 -0800 (PST) (envelope-from rizzo) Date: Sun, 28 Oct 2001 15:17:26 -0800 From: Luigi Rizzo To: murthy kn Cc: net@FreeBSD.ORG Subject: Re: Polling vs Interrupts (was Re: NEW CODE: polling support...) Message-ID: <20011028151726.E90224@iguana.aciri.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Oct 29, 2001 at 02:17:37AM +0530, murthy kn wrote: ... > I have a couple of questions. > > 1. What will happen if a packet some packets arrive DURING the > current call to XXX_intr() - are they processed by the > current invocation of XXX_intr() itself without generating a new interrupt yes, provided they arrive before the last read of the status register. > 2. If the answer to the (1) is true, I am not getting the difference > between interrupt mitigation/ coalescing described below and the above Because as the traffic level increases, you _will_ be unlucky and will see a new packet arrive right after you have checked the status register for the last time. Basically, in the worst case you might have 1 intr per packet, which is usually well beyond the interrupt rate that your system is able to sustain. With coalescing, you guarantee that the max intr rate is never larger than 1/timeout (which you get to choose), and this also caps the overhead (i.e. time wasted in switching context). The time spent in processing interrupts still grows with the traffic, but at least you can guarantee that your CPU utilization is above a certain threshold. Coalescing does not prevent livelock, but at least moves the point where you are going to have troubles. > >As an example, for a simple I/O read from a register on a PCI card, > >I have often measured times as high as 10,000 clock cycles (for ... > --------> Any pointers on tools/techniques to perform such measurements for > instrumenting the kernel will be very helpful. see below. You put "TSTMP()" calls in your code, and use sysctl to fetch the buffer and decode it somehow. "Only works for Pentium-class machines, non-SMP." I have already posted this code a couple of weeks ago, trying to see if i can commit it, but because of the above limitation, this ended up in the usual pointless debates on generality and usefulness (which for 20 lines of conditionally compiled code are absolutely overkill, in my opinion). So for the time being I gave up to the commit, I will come back to this in the future, when i have time to spend in writing a big disclaimer and a manpage. cheers luigi Index: conf/options.i386 =================================================================== RCS file: /home/xorpc/u2/freebsd/src/sys/conf/options.i386,v retrieving revision 1.132.2.7 diff -u -r1.132.2.7 options.i386 --- conf/options.i386 2001/08/15 01:23:48 1.132.2.7 +++ conf/options.i386 2001/10/28 17:28:33 @@ -205,5 +205,8 @@ SMBFS # ------------------------------- +KERN_TIMESTAMP opt_global.h + +# ------------------------------- # EOF # ------------------------------- Index: i386/isa/clock.c =================================================================== RCS file: /home/xorpc/u2/freebsd/src/sys/i386/isa/clock.c,v retrieving revision 1.149.2.3 diff -u -r1.149.2.3 clock.c --- i386/isa/clock.c 2001/04/18 23:17:41 1.149.2.3 +++ i386/isa/clock.c 2001/10/23 03:08:41 @@ -199,6 +199,28 @@ SYSCTL_OPAQUE(_debug, OID_AUTO, i8254_timecounter, CTLFLAG_RD, &i8254_timecounter, sizeof(i8254_timecounter), "S,timecounter", ""); +#ifdef KERN_TIMESTAMP +#define L_TSC_SIZE (1<<16) +static u_long tsc[L_TSC_SIZE] ; +SYSCTL_OPAQUE(_debug, OID_AUTO, timestamp, CTLFLAG_RD, tsc, + sizeof(tsc), "LU", "Kernel timestamps"); +void +_TSTMP(u_int32_t x) +{ + static int i ; + + __asm __volatile("pushfl ; cli" : : : "memory"); + + tsc[i] = (u_int32_t)rdtsc(); + tsc[i+1] = x ; + i = i + 2 ; + if (i >= L_TSC_SIZE) + i = 0 ; + tsc[i] = 0 ; /* mark last entry */ + __asm __volatile("popfl" : : : "memory"); +} +#endif KERN_TIMESTAMP + static void clkintr(struct clockframe frame) { Index: sys/param.h =================================================================== RCS file: /home/xorpc/u2/freebsd/src/sys/sys/param.h,v retrieving revision 1.61.2.18 diff -u -r1.61.2.18 param.h --- sys/param.h 2001/09/17 06:54:26 1.61.2.18 +++ sys/param.h 2001/10/23 04:35:44 @@ -263,4 +263,20 @@ void panic __P((const char *, ...)) __dead2 __printflike(1, 2); #endif +#ifdef _KERNEL /* debugging macros accessing the TSC */ + +#define NOTSTMP(a,b,c,d) +#ifdef KERN_TIMESTAMP +#define TSTMP(class, unit, event, par) \ + _TSTMP( (((class) &15) << 28 ) | \ + (((unit) & 15) << 24 ) | \ + (((event)&255) << 16 ) | \ + (((par) & 0xffff) ) ) +extern void _TSTMP(u_int32_t); +#else /* !KERN_TIMESTAMP */ +#define TSTMP(class, unit, event, par) _TSTMP(0) +#define _TSTMP(x) do {} while (0) +#endif /* !KERN_TIMESTAMP */ +#endif + #endif /* _SYS_PARAM_H_ */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Oct 28 18: 5: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from tokyogw.iij.ad.jp (tokyogw.iij.ad.jp [202.232.15.22]) by hub.freebsd.org (Postfix) with ESMTP id 5793037B406 for ; Sun, 28 Oct 2001 18:05:03 -0800 (PST) Received: by tokyogw.iij.ad.jp; id LAA23075; Mon, 29 Oct 2001 11:05:02 +0900 (JST) Received: from h055n005.iij.ad.jp(192.168.5.55) by tokyogw.iij.ad.jp via smap (V4.2) id xma022523; Mon, 29 Oct 01 11:04:07 +0900 Received: from keiichi01.osaka.iij.ad.jp (localhost.osaka.iij.ad.jp [127.0.0.1]) by keiichi01.osaka.iij.ad.jp (8.11.6/8.11.6) with ESMTP id f9T23pY04286; Mon, 29 Oct 2001 11:03:52 +0900 (JST) (envelope-from keiichi@iij.ad.jp) Date: Mon, 29 Oct 2001 11:03:51 +0900 Message-ID: <86ofmr2oe0.wl@keiichi01.osaka.iij.ad.jp> From: Keiichi SHIMA / =?ISO-2022-JP?B?GyRCRWc3RDBsGyhC?= To: Luigi Rizzo Cc: Bosko Milekic , David Malone , Alfred Perlstein , net@FreeBSD.ORG Subject: Re: performance issues with M_PREPEND on clusters In-Reply-To: <20011026075001.C64631@iguana.aciri.org> References: <20011023110307.A34494@iguana.aciri.org> <20011023132813.I15052@elvis.mu.org> <20011023114650.C34494@iguana.aciri.org> <20011023140034.M15052@elvis.mu.org> <20011023140628.A36095@iguana.aciri.org> <20011023185759.A328@technokratis.com> <20011026110635.B14635@walton.maths.tcd.ie> <86u1wmlj1s.wl@keiichi01.osaka.iij.ad.jp> <20011026075001.C64631@iguana.aciri.org> User-Agent: Wanderlust/2.6.0 (Twist And Shout) SEMI/1.14.3 (Ushinoya) FLIM/1.14.3 (=?ISO-8859-1?Q?Unebigory=F2mae?=) APEL/10.2 MULE XEmacs/21.1 (patch 14) (Cuyahoga Valley) (i386--freebsd) Organization: Internet Initiative Japan Inc. MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya") Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Luigi, Luigi Rizzo wrote: > > so i have a question for you -- the next step on this kind of > optimizations is to avoid that m_pullup() allocates an mbuf > when data is already contiguous and in a writable (non-shared) > cluster. > > Garret was suggesting a new interface for this, at the beginning > i thought the same, but now i am a bit uncertain on whether > it is really necessary to use a different interface, > or whether this would cause compatibility > problems with other BSD's. > > Maybe you have already thought about this issue while developing > the KAME code, and can say something on the topic ? Though I am not a mbuf expert, I try to state my understanding. (If some other KAME guys read this thread, please response.) As Bill already said, there are the code those rely on the side-effect of m_pullup() which ensure that the data is not shared. Our code also has such dependency. If we change the behaviour, probably we will have invisible bugs. The possible way is to introduce a new API that does as you are proposing, that is to pullup the mbuf regardless of their writability. In this case, we can use the new API in a new code to gain the performance. Also, the old code works with no problem. I think, if we want a new m_pullup, a new API is a better solution. --- Keiichi SHIMA IIJ Research Laboratory KAME Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 4:41: 7 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail7.bigmailbox.com (mail7.bigmailbox.com [209.132.220.38]) by hub.freebsd.org (Postfix) with ESMTP id AADC337B408 for ; Mon, 29 Oct 2001 04:41:03 -0800 (PST) Received: (from www@localhost) by mail7.bigmailbox.com (8.10.0/8.10.0) id f9TCexF08836; Mon, 29 Oct 2001 04:40:59 -0800 Date: Mon, 29 Oct 2001 04:40:59 -0800 Message-Id: <200110291240.f9TCexF08836@mail7.bigmailbox.com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary X-Mailer: MIME-tools 4.104 (Entity 4.116) Mime-Version: 1.0 X-Originating-Ip: [200.229.133.210] From: "irado@nettaxi.com" To: freebsd-net@FreeBSD.ORG Subject: ipsec vpn - how to test ?? Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I settled a vpn between 2 FreeBSD 4.3. As far as I can see, everything is running smootlhly (no error messages) BUT.. I cannot say that it IS realy doing what we can expect it to do. As these machines will be 1,400 kilometer apart, I must test it BEFORE sending it for its places. So, hereis the real question: Is there a way to connect the VPN in a testbench like? I tried a middle multi-homed linux box, but even with the ´ip-forwarding´ activated I can ping both linux ip-addresses I cannot ping the other vpn box - ´no route..´. I tried also the FreeBSD bridge but.. ´no route´ again - even that the bridge said me that it is ok, in promiscuous mode and so on. Please, any hint?? saudações, irado furioso com tudo GNU/Linux user CASSADO deus é construído à imagem e semelhança do homem. Principalmente em seus defeitos. por favor, clique aqui: http://www.thehungersite.com e aqui também: http://cf6.uol.com.br/umminuto/ ------------------------------------------------------------ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 6:27:44 2001 Delivered-To: freebsd-net@freebsd.org Received: from rerun.lucentctc.com (rerun.lucentctc.com [199.93.237.2]) by hub.freebsd.org (Postfix) with ESMTP id 7D4A337B43B for ; Mon, 29 Oct 2001 06:27:28 -0800 (PST) Received: by rerun.lucentctc.com with Internet Mail Service (5.5.2653.19) id ; Mon, 29 Oct 2001 09:27:16 -0500 Message-ID: <3A6D367EA1EFD4118C9B00A0C9DD99D70651BE@rerun.lucentctc.com> From: "Cambria, Mike" To: "'freebsd-net@FreeBSD.ORG'" Subject: RE: Port-based routing? Date: Mon, 29 Oct 2001 09:27:15 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I think ipfw can do this. At least the man page reads like it does. = There is a "fwd" action which will change the next hop to something you = specify. I've been meaning to try it myself but just never had a reason. MikeC Michael C. Cambria Avaya Inc. Consulting Engineer Former Enterprise Networks Group voice: (978) 287 - 2807 of Lucent Technologies fax: (978) 381 - 6415 300 Baker Avenue email: mcambria@avaya.com Concord, Massachusetts 01742 -----Original Message----- From: Oliver Fromme [mailto:olli@secnetix.de]=20 Sent: Friday, October 26, 2001 7:15 PM To: freebsd-net@FreeBSD.ORG Subject: Port-based routing? Hi, Is there a way in FreeBSD to route packets based on the destination port number? (I'm asking this on behalf of a friend, not for myself.) This is the setup: There are two uplinks, the first is via a ADSL connection (ppp running on tun0, using PPPoE), the second is via a normal ethernet interface (dc0, which has a slower SDSL router connected). They have different IP addresses, of course. Now he would like to direct web traffic (i.e. port 80) to tun0, and everything else to dc0. Is this possible with FreeBSD at all? Thanks in advance for any hint and advice! Regards Oliver --=20 Oliver Fromme, secnetix GmbH & Co KG, Oettingenstr. 2, 80538 M=FCnchen Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "All that we see or seem is just a dream within a dream" (E. A. Poe) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 9:48:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from noralf.uib.no (noralf.uib.no [129.177.30.12]) by hub.freebsd.org (Postfix) with ESMTP id 9032937B403 for ; Mon, 29 Oct 2001 09:48:13 -0800 (PST) Received: from hyll.ii.uib.no (ii.uib.no) [129.177.16.27] by noralf.uib.no with esmtp (Exim 3.16) id 15yGVL-0004YY-00; Mon, 29 Oct 2001 18:47:19 +0100 Message-ID: <3BDD98E8.1070808@ii.uib.no> Date: Mon, 29 Oct 2001 18:59:04 +0100 From: Trond Davidsen Organization: Institutt for Informatikk, UiB User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.5) Gecko/20011011 X-Accept-Language: en-us MIME-Version: 1.0 To: Julian Elischer Cc: freebsd-net@freebsd.org, archie@freesd.org Subject: Re: Mpd with a large number, 200+ , of bundles References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Scanner: exiscan *15yGVL-0004YY-00*bUVCxDUoLko* http://tjinfo.uib.no/virus.html Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Julian Elischer wrote: > > Did archie get back to you on this one? > No. Trond To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 12:36:43 2001 Delivered-To: freebsd-net@freebsd.org Received: from c7.campus.utcluj.ro (c7.campus.utcluj.ro [193.226.6.226]) by hub.freebsd.org (Postfix) with SMTP id 5527437B406 for ; Mon, 29 Oct 2001 12:36:27 -0800 (PST) Received: (qmail 1044 invoked from network); 29 Oct 2001 20:33:59 -0000 Received: from veedee.c7.campus.utcluj.ro (HELO veedee) (172.27.0.3) by gateway.c7.campus.utcluj.ro with SMTP; 29 Oct 2001 20:33:59 -0000 From: "veedee" To: "freebsd-net@FreeBSD.ORG" Date: Mon, 29 Oct 2001 22:34:06 +0200 Reply-To: "veedee" X-Mailer: PMMail 2000 Professional (2.20.2360) For Windows 2000 (5.1.2600) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Message-Id: <20011029203627.5527437B406@hub.freebsd.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, Can anyone please explain to me what this means? Oct 29 21:46:58 /kernel: arp: 00:c0:df:eb:a9:1c is using my IP address 172.27.0.1! Oct 29 21:46:58 /kernel: xl0: no memory for rx list -- packet dropped! ... and after that... a whole bunch of... Oct 29 21:46:58 last message repeated 177 times Oct 29 21:47:28 /kernel: no memory for rx list -- packet dropped! Oct 29 21:47:28 /kernel: xl0: no memory for rx list -- packet dropped! Oct 29 21:47:28 last message repeated 710 times Oct 29 21:47:59 /kernel: no memory for rx list -- packet dropped! Oct 29 21:47:59 /kernel: xl0: no memory for rx list -- packet dropped! Oct 29 21:48:00 last message repeated 716 times Oct 29 21:48:22 /kernel: no memory for rx list -- packet dropped! Oct 29 21:48:22 /kernel: xl0: no memory for rx list -- packet dropped! Oct 29 21:48:22 last message repeated 20 times Oct 29 21:48:22 /kernel: xl0: no memory fno memory for rx list -- packet dropped! Oct 29 21:48:22 /kernel: xl0: no memory for rx list -- packet dropped! Oct 29 21:48:29 last message repeated 742 times After that, my xl0 network interface died on me... I killed squid and the messages stopped, but the interface was still down. Any other attempts of bringing the interface up were hopeless. Rebooting the server eventually solved the problem. I had users setting up (by mistake) their IP address = my server's in the past, but this has never happened before. Thank you in advance, veedee, C7 Campus Network System Administrator To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 13:49:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id 2EB5B37B405 for ; Mon, 29 Oct 2001 13:49:14 -0800 (PST) Received: (qmail 1833 invoked by uid 1000); 29 Oct 2001 21:49:12 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 29 Oct 2001 21:49:12 -0000 Date: Mon, 29 Oct 2001 15:49:12 -0600 (CST) From: Mike Silbersack To: veedee Cc: "freebsd-net@FreeBSD.ORG" Subject: Re: your mail In-Reply-To: <20011029203627.5527437B406@hub.freebsd.org> Message-ID: <20011029154344.X1182-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 29 Oct 2001, veedee wrote: > Hello, > > Can anyone please explain to me what this means? > > Oct 29 21:46:58 /kernel: arp: 00:c0:df:eb:a9:1c is using my IP address 172.27.0.1! Sounds bad, you should figure out who's trying to use your IP and get that fixed. > Oct 29 21:46:58 /kernel: xl0: no memory for rx list -- packet dropped! > ... and after that... a whole bunch of... You're running out of nmbclusters. You can up it by adding kern.ipc.nmbclusters= to /boot/loader.conf and then rebooting. To see what your current mbuf cluster usage / max are, see netstat -m. (If you're running less than 4.4, you will need to set NMBCLUSTERS in the kernel config instead, then rebuild your kernel.) Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 15:44:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from acura.isprime.com (acura.isprime.com [130.94.138.66]) by hub.freebsd.org (Postfix) with ESMTP id C19C037B401 for ; Mon, 29 Oct 2001 15:44:09 -0800 (PST) Received: from winter (localhost [127.0.0.1]) by acura.isprime.com (8.11.3/8.11.2) with SMTP id f9TNi5W49077 for ; Mon, 29 Oct 2001 18:44:06 -0500 (EST) Message-ID: <000501c160d3$7b7362d0$cb8b5e82@winter> From: "Phil Rosenthal" To: Subject: Running out of sockets, TIME_WAIT state Date: Mon, 29 Oct 2001 18:43:16 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 Disposition-Notification-To: "Phil Rosenthal" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have the kernel configured with 65536 sockets. This system is very fast, connected to a very fast network, with a very fast storage system. It is handling about 5000 connections per second and is maxing out its 65536 sockets (because so many are sitting in TIME_WAIT status). This box is pushing ~90 megabit out of a gig-e card and is only using about 50% cpu, but unfortunately it cant answer any more connections because there are no more sockets available. i tried lowering msl, but that seems to make the system act "wierd" (all the webserver processes seem to block at the same status) -- and i tried upping the sockets to 131072, but that seems to cause the system to panic. any ideas? --Phil To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 16:23:10 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail0.yrp.nttdocomo.co.jp (mail0.yrp.nttdocomo.co.jp [202.245.184.18]) by hub.freebsd.org (Postfix) with ESMTP id F1F3A37B407 for ; Mon, 29 Oct 2001 16:23:05 -0800 (PST) Received: from mml.yrp.nttdocomo.co.jp (mml.yrp.nttdocomo.co.jp [172.21.48.50]) by mail0.yrp.nttdocomo.co.jp (8.9.0/YRPHUB0-8819980304) with ESMTP id JAA00403 for ; Tue, 30 Oct 2001 09:23:04 +0900 (JST) Received: from OSUGASYSWKS (dhcp51-242.yrp.nttdocomo.co.jp [172.21.51.242]) by mml.yrp.nttdocomo.co.jp (8.9.2/3.7W-mml-990617) with SMTP id JAA23983 for ; Tue, 30 Oct 2001 09:23:03 +0900 (JST) Message-ID: <001601c160d8$c813d570$f23315ac@OSUGASYSWKS> From: "Daikichi Osuga" To: References: <000501c160d3$7b7362d0$cb8b5e82@winter> Subject: Re: Running out of sockets, TIME_WAIT state Date: Tue, 30 Oct 2001 09:21:12 +0900 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I think use T/TCP is one solution. see ttcp(4), RFC1644, and TCP/IP Illustrated Volume 3. -- Daikichi Osuga ----- Original Message ----- From: "Phil Rosenthal" To: Sent: Tuesday, October 30, 2001 8:43 AM Subject: Running out of sockets, TIME_WAIT state > I have the kernel configured with 65536 sockets. This system is very fast, > connected to a very fast network, with a very fast storage system. It is > handling about 5000 connections per second and is maxing out its 65536 > sockets (because so many are sitting in TIME_WAIT status). > This box is pushing ~90 megabit out of a gig-e card and is only using about > 50% cpu, but unfortunately it cant answer any more connections because there > are no more sockets available. i tried lowering msl, but that seems to make > the system act "wierd" (all the webserver processes seem to block at the > same status) -- and i tried upping the sockets to 131072, but that seems to > cause the system to panic. > any ideas? > --Phil > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 18:41: 4 2001 Delivered-To: freebsd-net@freebsd.org Received: from acura.isprime.com (acura.isprime.com [130.94.138.66]) by hub.freebsd.org (Postfix) with ESMTP id A737237B401 for ; Mon, 29 Oct 2001 18:41:00 -0800 (PST) Received: from winter (localhost [127.0.0.1]) by acura.isprime.com (8.11.3/8.11.2) with SMTP id f9U2f0W54411 for ; Mon, 29 Oct 2001 21:41:00 -0500 (EST) Message-ID: <000c01c160ec$3328e130$6b010a0a@winter> From: "Phil Rosenthal" To: Subject: Re: Running out of sockets, TIME_WAIT state Date: Mon, 29 Oct 2001 21:40:12 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 Disposition-Notification-To: "Phil Rosenthal" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hm. can I use MSG_EOF with a sendfile() in the flags field? man sendfile seems to say no, but perhaps the man page hasnt been updated... --Phil To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 29 22: 3: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 0AA9137B407 for ; Mon, 29 Oct 2001 22:03:06 -0800 (PST) Received: from elischer.org (InterJet.elischer.org [192.168.1.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id VAA28865; Mon, 29 Oct 2001 21:43:24 -0800 (PST) Message-ID: <3BDE3DE7.9F1ED941@elischer.org> Date: Mon, 29 Oct 2001 21:43:03 -0800 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: "irado@nettaxi.com" Cc: freebsd-net@FreeBSD.ORG Subject: Re: FreeBSD divert, redir, what?? :-\ References: <200110051525.f95FP3J12040@mail2.bigmailbox.com> Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "irado@nettaxi.com" wrote: > > maybe just my pain, but I am perusing everywhere (http://groups.google.com), > also faq's, tutorials and so on, but I am not able to get a single reply > (maybe I am too newbie even for the man pages - I cannot apply it to my > question): > > I need to mount a server in a (sort of) dmz, serving http, pop3 and smtp > for both sides of a firewall (the public and the private), like this: > > /internet/---/firewall/--->internal lan (192.168.1.0) > | > |-->/server(s) 192.168.2.0) it's difficult to answer this question exactly. natd may be able to help you... > > any request to the external ip for any available service must be addressed to the 1 > 92.168.2.0. Also, any request from 192.168.1.0 *must* be addressed to the 192.168.2.0 > > Anybody please can point me out to any document, tutorial, easy-hands-on on the > subject?? Even RTFM will help, *if* mentioning the correct expression which must be searched. > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- +------------------------------------+ ______ _ __ | __--_|\ Julian Elischer | \ U \/ / hard at work in | / \ julian@elischer.org +------>x USA \ a very strange | ( OZ ) \___ ___ | country ! +- X_.---._/ presently in San Francisco \_/ \\ v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 8:15:13 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id C8E3637B407 for ; Tue, 30 Oct 2001 08:15:08 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id IAA56574; Tue, 30 Oct 2001 08:02:43 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id f9UG2gr07609; Tue, 30 Oct 2001 08:02:42 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200110301602.f9UG2gr07609@arch20m.dellroad.org> Subject: Re: Mpd with a large number, 200+ , of bundles In-Reply-To: <3BD6FA2F.6070509@ii.uib.no> "from Trond Davidsen at Oct 24, 2001 07:28:15 pm" To: Trond Davidsen Date: Tue, 30 Oct 2001 08:02:42 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Trond Davidsen writes: > I'm trying to set up mpd as a replacement for poptop + ppp. But I run > into a problem when I try to configure more than 100 bundles. When I > configure 30 bundles, everything works nicely. When I configure 100 > bundles, things seems to work nicely, but when I run ngctl, I get the > following error when typing 'list' at the ngctl prompt: > > > [lines for ng100 - ng24 removed] > > Name: ng23 Type: iface ID: 00000849 Num hooks: 1 > Name: Type: socket ID: 00000848 Num hooks: 2 > Name: Type: vjc ID: 00000847 Num hooks: 4 > Name: Type: bpf ID: 00000846 Num hooks: 3 > Name: mpd37379-pptp12 Type: ppp ID: 00000845 Num hooks: 6 One problem with netgraph is that node and hook names can only be about 15 characters.. so when you get to 100 bundles, the hook names start overflowing the buffers. If you're only running one version of mpd, for example, you can try this patch to fix the '100 bundles' problem by shortening the node names: Index: ngfunc.c =================================================================== RCS file: /home/cvs/archie/mpd/src/ngfunc.c,v retrieving revision 1.2 diff -u -r1.2 ngfunc.c --- ngfunc.c 2001/04/12 17:03:33 1.2 +++ ngfunc.c 2001/10/30 15:58:46 @@ -189,7 +189,7 @@ newPpp = 1; /* Give it a name */ - snprintf(nm.name, sizeof(nm.name), "mpd%d-%s", getpid(), b->name); + snprintf(nm.name, sizeof(nm.name), "mpd-%s", b->name); if (NgSendMsg(b->csock, MPD_HOOK_PPP, NGM_GENERIC_COOKIE, NGM_NAME, &nm, sizeof(nm)) < 0) { Log(LG_ERR, ("[%s] can't name %s node: %s", > + list > ngctl: send msg: No buffer space available > + quit > > which buffer is this, and how do I make it larger? This is probably due to a fixed size buffer in the base netgraph code somewhere... it doesn't look like libnetgraph can generate an ENOBUFS on its own. Try running ngctl with one or more '-d' flags.. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 9:59: 3 2001 Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [216.33.66.196]) by hub.freebsd.org (Postfix) with ESMTP id 6B52D37B403 for ; Tue, 30 Oct 2001 09:59:01 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1192) id 5EB4581D01; Tue, 30 Oct 2001 11:59:01 -0600 (CST) Date: Tue, 30 Oct 2001 11:59:01 -0600 From: Alfred Perlstein To: net@freebsd.org Subject: anyone know where the etherboot page is? Message-ID: <20011030115901.P15052@elvis.mu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm looking for that site that makes custom etherboot images via CGI. Anyone have the url? -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' http://www.morons.org/rants/gpl-harmful.php3 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 10: 0:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from cuimail.unige.ch (cuimail.unige.ch [129.194.69.50]) by hub.freebsd.org (Postfix) with ESMTP id F026037B403 for ; Tue, 30 Oct 2001 10:00:17 -0800 (PST) Received: from cuisuna.unige.ch ([129.194.69.101]) by cuimail.unige.ch (PMDF V6.0-025 #38753) with SMTP id <0GM100CD860D8T@cuimail.unige.ch> for freebsd-net@FreeBSD.ORG; Tue, 30 Oct 2001 19:00:13 +0100 (MET) Date: Tue, 30 Oct 2001 19:00:11 +0100 (MET) From: QUEVEDO BUSTILLOS Jose Federico Subject: ng_pppoe accounting? X-Sender: quevedo6@cuisuna.unige.ch To: freebsd-net@FreeBSD.ORG Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I'm a newbie in netgraph structures and I will like to ask your advice about some PPPoE related ideas. I'm using a FreeBDS box with PPPoE installed and working as a gateway. My goal is to establish basic administration and accounting for PPPoE users. The basic accounting needs (not commercial goals) are: 1. Keep track of the MAC addresses and users names of the PPPoE connections to the gateway, store time connection of the session and traffic generated. 2. Dynamic assignation of IP address. (I think on two possibilities a) PPPoE assignation: when PADR arrives, the gw should look into a pool of IP adresses and assign one "before calling PPP". B) leave PPP the assignation and capture the IP in other way). Result: A log file produced with a session match of: MAC add - IP add - username - time of session. Should I touch the ng_pppoe code? or should I create a netgraph node to place between ng_node and ng_ppp? Am I on the good way Thanks in advance, Federico Quevedo ................................................................. Federico Quevedo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 10:27:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from gull.prod.itd.earthlink.net (gull.mail.pas.earthlink.net [207.217.120.84]) by hub.freebsd.org (Postfix) with ESMTP id 1D0ED37B405 for ; Tue, 30 Oct 2001 10:27:51 -0800 (PST) Received: from 1cust205.tnt1.pasadena.ca.da.uu.net ([63.28.226.205] helo=fire) by gull.prod.itd.earthlink.net with smtp (Exim 3.33 #1) id 15ydbw-0003UY-00; Tue, 30 Oct 2001 10:27:41 -0800 Message-ID: <001901c1616f$e7e14990$6503c23f@XGforce.com> Reply-To: "matt" From: "matt" To: "Phil Rosenthal" , References: <000501c160d3$7b7362d0$cb8b5e82@winter> Subject: Re: Running out of sockets, TIME_WAIT state Date: Tue, 30 Oct 2001 10:22:49 -0800 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org check the client program which talk to your box. the client may doing something bad ====================================== WWW.XGFORCE.COM The Next Generation Load Balance and Fail Safe Server Clustering Software for the Internet. ====================================== ----- Original Message ----- From: "Phil Rosenthal" To: Sent: Monday, October 29, 2001 3:43 PM Subject: Running out of sockets, TIME_WAIT state > I have the kernel configured with 65536 sockets. This system is very fast, > connected to a very fast network, with a very fast storage system. It is > handling about 5000 connections per second and is maxing out its 65536 > sockets (because so many are sitting in TIME_WAIT status). > This box is pushing ~90 megabit out of a gig-e card and is only using about > 50% cpu, but unfortunately it cant answer any more connections because there > are no more sockets available. i tried lowering msl, but that seems to make > the system act "wierd" (all the webserver processes seem to block at the > same status) -- and i tried upping the sockets to 131072, but that seems to > cause the system to panic. > any ideas? > --Phil > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 10:33:45 2001 Delivered-To: freebsd-net@freebsd.org Received: from ambrisko.com (adsl-64-174-51-42.dsl.snfc21.pacbell.net [64.174.51.42]) by hub.freebsd.org (Postfix) with ESMTP id A04E037B409 for ; Tue, 30 Oct 2001 10:33:42 -0800 (PST) Received: (from ambrisko@localhost) by ambrisko.com (8.11.6/8.11.6) id f9UIX6e21665; Tue, 30 Oct 2001 10:33:06 -0800 (PST) (envelope-from ambrisko) From: Doug Ambrisko Message-Id: <200110301833.f9UIX6e21665@ambrisko.com> Subject: Re: anyone know where the etherboot page is? In-Reply-To: <20011030115901.P15052@elvis.mu.org> To: Alfred Perlstein Date: Tue, 30 Oct 2001 10:33:05 -0800 (PST) Cc: net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL94b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Alfred Perlstein writes: | I'm looking for that site that makes custom etherboot images | via CGI. Anyone have the url? Don't try Sears or late night info-mercials try the one and only rom-o-matic: www.rom-o-matic.net or your local ports tree. Doug eh? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 10:38:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [216.33.66.196]) by hub.freebsd.org (Postfix) with ESMTP id F17F337B405 for ; Tue, 30 Oct 2001 10:38:36 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1192) id DEFE581D01; Tue, 30 Oct 2001 12:38:36 -0600 (CST) Date: Tue, 30 Oct 2001 12:38:36 -0600 From: Alfred Perlstein To: Doug Ambrisko Cc: net@FreeBSD.ORG Subject: Re: anyone know where the etherboot page is? Message-ID: <20011030123836.R15052@elvis.mu.org> References: <20011030115901.P15052@elvis.mu.org> <200110301833.f9UIX6e21665@ambrisko.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200110301833.f9UIX6e21665@ambrisko.com>; from ambrisko@ambrisko.com on Tue, Oct 30, 2001 at 10:33:05AM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Doug Ambrisko [011030 12:33] wrote: > Alfred Perlstein writes: > | I'm looking for that site that makes custom etherboot images > | via CGI. Anyone have the url? > > Don't try Sears or late night info-mercials try the one and only rom-o-matic: > www.rom-o-matic.net > or your local ports tree. > > Doug eh? Thanks, I know i've asked you five times over for this, I keep memorizing "roms-r-us" for some reason so then I of course can't find it. bleh. -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' http://www.morons.org/rants/gpl-harmful.php3 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 10:44: 3 2001 Delivered-To: freebsd-net@freebsd.org Received: from c7.campus.utcluj.ro (c7.campus.utcluj.ro [193.226.6.226]) by hub.freebsd.org (Postfix) with SMTP id 7EBE537B401 for ; Tue, 30 Oct 2001 10:43:47 -0800 (PST) Received: (qmail 1507 invoked from network); 30 Oct 2001 17:43:14 -0000 Received: from veedee.c7.campus.utcluj.ro (HELO veedee) (172.27.0.3) by gateway.c7.campus.utcluj.ro with SMTP; 30 Oct 2001 17:43:14 -0000 From: "veedee" To: "Mike Silbersack" Cc: "freebsd-net@FreeBSD.ORG" Date: Tue, 30 Oct 2001 19:40:30 +0200 Reply-To: "veedee" X-Mailer: PMMail 2000 Professional (2.20.2360) For Windows 2000 (5.1.2600) In-Reply-To: <20011029154344.X1182-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: your mail Message-Id: <20011030184347.7EBE537B401@hub.freebsd.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 29 Oct 2001 15:49:12 -0600 (CST), Mike Silbersack wrote: >> Oct 29 21:46:58 /kernel: arp: 00:c0:df:eb:a9:1c is using my IP address 172.27.0.1! >Sounds bad, you should figure out who's trying to use your IP and get that >fixed. Already done that. Some of my users are just starting out on linux and they easily get confused over words like "interface" or "gateway" :) >> Oct 29 21:46:58 /kernel: xl0: no memory for rx list -- packet dropped! >> ... and after that... a whole bunch of... >You're running out of nmbclusters. You can up it by adding >kern.ipc.nmbclusters= to /boot/loader.conf and then >rebooting. To see what your current mbuf cluster usage / max are, see >netstat -m. (If you're running less than 4.4, you will need to set >NMBCLUSTERS in the kernel config instead, then rebuild your kernel.) [#] netstat -m 309/1232/6144 mbufs in use (current/peak/max): 194 mbufs allocated to data 115 mbufs allocated to packet headers 170/352/1536 mbuf clusters in use (current/peak/max) 1012 Kbytes allocated to network (21% of mb_map in use) ... what would be an appropriate value? I'm running FreeBSD 4.3 on this box and I have about 400 workstations on my "neck". Thanks in advance, Radu Bogdan Rusu (aka veedee) C7 Campus Network System Administrator To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 10:51:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from rerun.lucentctc.com (rerun.lucentctc.com [199.93.237.2]) by hub.freebsd.org (Postfix) with ESMTP id A09DC37B405 for ; Tue, 30 Oct 2001 10:51:08 -0800 (PST) Received: by rerun.lucentctc.com with Internet Mail Service (5.5.2653.19) id ; Tue, 30 Oct 2001 13:50:56 -0500 Message-ID: <3A6D367EA1EFD4118C9B00A0C9DD99D70651D9@rerun.lucentctc.com> From: "Cambria, Mike" To: "'freebsd-net@freebsd.org'" Subject: SBEI wanADAPT drivers in BSD Date: Tue, 30 Oct 2001 13:50:56 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, According to this link at the SBE website ( http://www.sbei.net/linux_bsd.htm# ), OpenBSD v2.9 and NetBSD v1.6 now include SBEI drivers. I'm curious why FreeBSD isn't included. Is it simply an oversight or is there a reason (e.g. driver doesn't work on FreeBSD) Thanks, MikeC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 11: 0:53 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id C121137B405 for ; Tue, 30 Oct 2001 11:00:49 -0800 (PST) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id KAA31814; Tue, 30 Oct 2001 10:45:15 -0800 (PST) Date: Tue, 30 Oct 2001 10:45:13 -0800 (PST) From: Julian Elischer To: QUEVEDO BUSTILLOS Jose Federico Cc: freebsd-net@FreeBSD.ORG Subject: Re: ng_pppoe accounting? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 30 Oct 2001, QUEVEDO BUSTILLOS Jose Federico wrote: > > Hi, > > I'm a newbie in netgraph structures and I will like to ask your advice > about some PPPoE related ideas. > > I'm using a FreeBDS box with PPPoE installed and working as a gateway. My > goal is to establish basic administration and accounting for PPPoE users. > You are using pppoed to offer pppoe service? > The basic accounting needs (not commercial goals) are: As a server or as a client? > > 1. Keep track of the MAC addresses and users names of the PPPoE > connections to the gateway, store time connection of the session and > traffic generated. Is this the kind of logging you want? (I don't have this.. I did it by hand) 13:23:20 2001-10-29 00:23:33:01:23:54 julian 192.168.1.1 13:24:30 2001-10-29 00:01:43:11:45:78 bob 192.168.1.3 13:25:11 2001-10-29 00:23:33:76:2:24 paul 192.168.1.5 13:35:10 2001-10-29 00:23:33:01:23:54 *close* 12334354 in 32412344 out ... The ppp daemon could do this if it knew the associated link and could retrieve the MAC address associated with it. there are several roadblocks.. 1/the ppp daemon doesn't keep a control socket associated with the connection so it can't inquire about the MAC address. 2/ If it were to try create a new control socket, it could not connect it to the existing data socket. It may be possible that the ppp daemon might know the netgraph node name for the data socket node, in which case it could get the information requested. This would require an answer from Brian > 2. Dynamic assignation of IP address. (I think on two possibilities a) > PPPoE assignation: when PADR arrives, the gw should look into a pool of IP > adresses and assign one "before calling PPP". B) leave PPP the assignation > and capture the IP in other way). I think you need to leave it to ppp. but maybe ppp can become aware of teh MAc address. > > Result: A log file produced with a session match of: > > MAC add - IP add - username - time of session. > > Should I touch the ng_pppoe code? or should I create a netgraph node to > place between ng_node and ng_ppp? > Am I on the good way Probably not good to touch the pppoe code.. until you discuss it with Brian. Then when you can agree on what needs to be changed we can change it. the ppp code needs to be in charge.. > > Thanks in advance, > > Federico Quevedo > > ................................................................. > Federico Quevedo > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 11: 4:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id 7D1AF37B401 for ; Tue, 30 Oct 2001 11:04:27 -0800 (PST) Received: (qmail 5657 invoked by uid 1000); 30 Oct 2001 19:04:22 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 30 Oct 2001 19:04:22 -0000 Date: Tue, 30 Oct 2001 13:04:22 -0600 (CST) From: Mike Silbersack To: veedee Cc: "freebsd-net@FreeBSD.ORG" Subject: Re: your mail In-Reply-To: <20011030184347.7EBE537B401@hub.freebsd.org> Message-ID: <20011030125624.E5542-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 30 Oct 2001, veedee wrote: > [#] netstat -m > 309/1232/6144 mbufs in use (current/peak/max): > 194 mbufs allocated to data > 115 mbufs allocated to packet headers > 170/352/1536 mbuf clusters in use (current/peak/max) > 1012 Kbytes allocated to network (21% of mb_map in use) > ... > > what would be an appropriate value? I'm running FreeBSD 4.3 on this box and I have about 400 workstations on my "neck". > > Thanks in advance, > Radu Bogdan Rusu (aka veedee) > C7 Campus Network System Administrator There's no exact science, but the tuning manpage seems to give a pretty good formula to calculate what you could use. It'd be easier to just pick an abritrary number like 6000, though. :) And if the problem does happen again, run a netstat -n to see if you can see a pattern to buffer usage; there is a DoS called netkill which can be used to suck up all network buffers and cause the problem you're seeing. If it's being used, you'll see that one IP is eating up all the buffers. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 11:28:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp.noos.fr (racine.noos.net [212.198.2.71]) by hub.freebsd.org (Postfix) with ESMTP id 7DC2237B40F for ; Tue, 30 Oct 2001 11:28:28 -0800 (PST) Received: (qmail 13307261 invoked by uid 0); 30 Oct 2001 19:19:00 -0000 Received: from unknown (HELO gits.dyndns.org) ([212.198.229.145]) (envelope-sender ) by 212.198.2.71 (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for ; 30 Oct 2001 19:19:00 -0000 Received: (from root@localhost) by gits.dyndns.org (8.11.6/8.11.6) id f9UJIwP70518; Tue, 30 Oct 2001 20:18:58 +0100 (CET) (envelope-from root) Message-Id: <200110301918.f9UJIwP70518@gits.dyndns.org> Subject: Re: anyone know where the etherboot page is? In-Reply-To: <20011030115901.P15052@elvis.mu.org> To: Alfred Perlstein Date: Tue, 30 Oct 2001 20:18:58 +0100 (CET) Cc: net@freebsd.org Reply-To: clefevre@citeweb.net From: Cyrille Lefevre Organization: ACME X-Face: X-Mailer: ELM [version 2.4ME+ PL95a (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Alfred Perlstein wrote: > I'm looking for that site that makes custom etherboot images > via CGI. Anyone have the url? don't know about the CGI, but regarding the subject line, the answer is : http://www.etherboot.net Cyrille. -- Cyrille Lefevre mailto:clefevre@citeweb.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 13: 0:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id AB1F637B405 for ; Tue, 30 Oct 2001 13:00:13 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id MAA58202; Tue, 30 Oct 2001 12:56:57 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id f9UKuuv08305; Tue, 30 Oct 2001 12:56:56 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200110302056.f9UKuuv08305@arch20m.dellroad.org> Subject: Re: Reply Hazy (Encrypted VPN across FBSD, W2k, RHL, etc...) In-Reply-To: <200110271449.KAA11184@leviathan.umiacs.umd.edu> "from Gary Jackson at Oct 27, 2001 10:49:01 am" To: Gary Jackson Date: Tue, 30 Oct 2001 12:56:56 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Gary Jackson writes: > I have a suspicion that the limiting factor here is going to be the > Microsoft product. It appears as if it will do encrypted VPNs two > ways: > > 1. PPTP with proprietary MPPE encryption/compression > 2. IPSec/l2tp proprietary hybrid > > I looked in to option (1). It seems to be the easiest, with the > exception that apparently I need some proprietary code (as per the > following quote from the ng_mppc(4) manual page: > > The MPPC protocol requires proprietary compression code available from > Hi/Fn (formerly STAC). These files must be obtained elsewhere and added > to the kernel sources before this node type will compile with the > NETGRAPH_MPPC_COMPRESSION option. That's only required if you want to do compression, which is optional. So the net/mpd-netgraph port will do PPTP with encryption but not compression. > Option (2) looks even less likely. I've only been able to find one > implementation of l2tp, and it looks like it's still a pretty flaky > piece of software that hasn't been integrated with IPSec. You can configure Win2k to do pure IPSec without the L2TP part, and this works with FreeBSD/IPSec/racoon. Search the MSoft knowledge base for how to configure it this way (it's non-trivial). -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 13:10:12 2001 Delivered-To: freebsd-net@freebsd.org Received: from leviathan.umiacs.umd.edu (leviathan.umiacs.umd.edu [128.8.120.189]) by hub.freebsd.org (Postfix) with ESMTP id 0A8DF37B401 for ; Tue, 30 Oct 2001 13:10:02 -0800 (PST) Received: from leviathan.umiacs.umd.edu (localhost [127.0.0.1]) by leviathan.umiacs.umd.edu (8.9.3/8.9.1) with ESMTP id QAA13104; Tue, 30 Oct 2001 16:09:59 -0500 (EST) Message-Id: <200110302109.QAA13104@leviathan.umiacs.umd.edu> To: Archie Cobbs Cc: freebsd-net@FreeBSD.ORG Subject: Re: Reply Hazy (Encrypted VPN across FBSD, W2k, RHL, etc...) In-reply-to: Your message of "Tue, 30 Oct 2001 12:56:56 PST." <200110302056.f9UKuuv08305@arch20m.dellroad.org> Date: Tue, 30 Oct 2001 16:09:59 -0500 From: Gary Jackson Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 30 Oct 2001, Archie Cobbs wrote: >That's only required if you want to do compression, which is optional. >So the net/mpd-netgraph port will do PPTP with encryption but not >compression. Ah, cool. >> Option (2) looks even less likely. I've only been able to find one >> implementation of l2tp, and it looks like it's still a pretty flaky >> piece of software that hasn't been integrated with IPSec. > >You can configure Win2k to do pure IPSec without the L2TP part, >and this works with FreeBSD/IPSec/racoon. Search the MSoft knowledge >base for how to configure it this way (it's non-trivial). I think I'll probably stick to the PPTP method, since I may try and pitch this to my boss at some point. I'll take a look at IPSec without L2TP mechanism, though. Thanks for the help! -- Gary Jackson bargle@umiacs.umd.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 15: 3:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from postoffice.aims.com.au (eth0.lnk.aims.com.au [203.31.73.253]) by hub.freebsd.org (Postfix) with ESMTP id BA21137B403 for ; Tue, 30 Oct 2001 15:03:52 -0800 (PST) Received: from postoffice.aims.com.au (nts-ts1.aims.private [192.168.10.2]) by postoffice.aims.com.au with ESMTP id f9UN3pk82713 for ; Wed, 31 Oct 2001 10:03:51 +1100 (EST) (envelope-from chris@aims.com.au) Received: from ntsts1 by aims.com.au with SMTP (MDaemon.v3.5.3.R) for ; Wed, 31 Oct 2001 10:01:34 +1100 Reply-To: From: "Chris Knight" To: Cc: Subject: RE: SBEI wanADAPT drivers in BSD Date: Wed, 31 Oct 2001 10:01:31 +1100 Message-ID: <029401c16196$d1ca76a0$020aa8c0@aims.private> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <3A6D367EA1EFD4118C9B00A0C9DD99D70651D9@rerun.lucentctc.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal X-Return-Path: chris@aims.com.au X-MDaemon-Deliver-To: freebsd-net@freebsd.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Howdy, The driver works just fine on FreeBSD. SBE Inc are looking at getting the driver included into the FreeBSD distribution. It's the port to -current that is holding things up. Regards, Chris Knight Systems Administrator AIMS Independent Computer Professionals Tel: +61 3 6334 6664 Fax: +61 3 6331 7032 Mob: +61 419 528 795 Web: http://www.aims.com.au > -----Original Message----- > From: owner-freebsd-net@FreeBSD.ORG > [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Cambria, Mike > Sent: Wednesday, 31 October 2001 5:51 > To: 'freebsd-net@freebsd.org' > Subject: SBEI wanADAPT drivers in BSD > > > > Hi, > > According to this link at the SBE website ( > http://www.sbei.net/linux_bsd.htm# > ), > OpenBSD v2.9 and NetBSD v1.6 now include SBEI drivers. I'm > curious why > FreeBSD isn't included. Is it simply an oversight or is > there a reason > (e.g. driver doesn't work on FreeBSD) > Thanks, > MikeC > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 18:19:37 2001 Delivered-To: freebsd-net@freebsd.org Received: from softhome.net (jive.SoftHome.net [66.54.152.27]) by hub.freebsd.org (Postfix) with ESMTP id 8BCD337B405 for ; Tue, 30 Oct 2001 18:19:34 -0800 (PST) Received: from w2kpro ([200.16.252.225]) (AUTH: LOGIN movax@softhome.net) by softhome.net with esmtp; Tue, 30 Oct 2001 19:13:13 -0700 Message-ID: <006d01c161b2$8f496770$1614a8c0@w2kpro> From: "movax" To: freebsd-net@freebsd.org Subject: Tutorial on netgraph. Date: Tue, 30 Oct 2001 23:20:03 -0300 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_006A_01C16199.679149F0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_006A_01C16199.679149F0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Where can I find a good tutorial on netgraph arquitechture, design, = implementation that can be practical? ------=_NextPart_000_006A_01C16199.679149F0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Where can I find a good tutorial on = netgraph=20 arquitechture, design, implementation that can be=20 practical?
------=_NextPart_000_006A_01C16199.679149F0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 18:38:39 2001 Delivered-To: freebsd-net@freebsd.org Received: from cuimail.unige.ch (cuimail.unige.ch [129.194.69.50]) by hub.freebsd.org (Postfix) with ESMTP id B9D5637B405 for ; Tue, 30 Oct 2001 18:38:37 -0800 (PST) Received: from cuimail.unige.ch ([212.53.104.142]) by cuimail.unige.ch (PMDF V6.0-025 #38753) with ESMTPA id <0GM100L7SU0836@cuimail.unige.ch> for freebsd-net@freebsd.org; Wed, 31 Oct 2001 03:38:33 +0100 (MET) Date: Wed, 31 Oct 2001 03:53:25 +0100 From: Federico Quevedo Subject: Re: Tutorial on netgraph. To: movax Cc: freebsd-net@freebsd.org Message-id: <3BDF67A5.82CF012@cuimail.unige.ch> MIME-version: 1.0 X-Mailer: Mozilla 4.75 [en] (Windows NT 5.0; U) Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7bit X-Accept-Language: en,be References: <006d01c161b2$8f496770$1614a8c0@w2kpro> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Try this article of Archie Cobbs (very instructive) http://www.daemonnews.org/200003/netgraph.html movax wrote: > Where can I find a good tutorial on netgraph arquitechture, design, > implementation that can be practical? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 19:26:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from cuimail.unige.ch (cuimail.unige.ch [129.194.69.50]) by hub.freebsd.org (Postfix) with ESMTP id 3051437B403 for ; Tue, 30 Oct 2001 19:26:08 -0800 (PST) Received: from cuimail.unige.ch ([212.53.104.142]) by cuimail.unige.ch (PMDF V6.0-025 #38753) with ESMTPA id <0GM100LC3W7H36@cuimail.unige.ch> for freebsd-net@FreeBSD.ORG; Wed, 31 Oct 2001 04:26:07 +0100 (MET) Date: Wed, 31 Oct 2001 04:40:59 +0100 From: Federico Quevedo Subject: Re: ng_pppoe accounting? To: freebsd-net@FreeBSD.ORG Cc: Julian Elischer Message-id: <3BDF72CB.77B15F5C@cuimail.unige.ch> MIME-version: 1.0 X-Mailer: Mozilla 4.75 [en] (Windows NT 5.0; U) Content-type: multipart/mixed; boundary="Boundary_(ID_KAS7p41HoyGLHpz494uVkA)" X-Accept-Language: en,be References: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. --Boundary_(ID_KAS7p41HoyGLHpz494uVkA) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 8BIT Julian Elischer wrote: > On Tue, 30 Oct 2001, QUEVEDO BUSTILLOS Jose Federico wrote: > > > Hi, > > > > I'm a newbie in netgraph structures and I will like to ask your advice > > about some PPPoE related ideas. > > > > I'm using a FreeBDS box with PPPoE installed and working as a gateway. My > > goal is to establish basic administration and accounting for PPPoE users. > > > > You are using pppoed to offer pppoe service? I'm thinking of using pppoed as a server that offers connection to internal network boxes (essentially laptops) that want to establish an Internet connexion acces. Lab University Network -------¦ ¦--------- internal network ¦ ----------- FreeBSD box ---------------¦ Internet pppoe clients ------¦ (pppoed) ¦-------- > > The basic accounting needs (not with commercial goals) are: > > As a server or as a client? > > > > > 1. Keep track of the MAC addresses and users names of the PPPoE > > connections to the gateway, store time connection of the session and > > traffic generated. > > Is this the kind of logging you want? > (I don't have this.. I did it by hand) > > 13:23:20 2001-10-29 00:23:33:01:23:54 julian 192.168.1.1 > 13:24:30 2001-10-29 00:01:43:11:45:78 bob 192.168.1.3 > 13:25:11 2001-10-29 00:23:33:76:2:24 paul 192.168.1.5 > 13:35:10 2001-10-29 00:23:33:01:23:54 *close* 12334354 in 32412344 out > ... Is exactly what I would like to generate! > The ppp daemon could do this if it knew the associated link and could > retrieve the MAC address associated with it. > > there are several roadblocks.. > 1/the ppp daemon doesn't keep a control socket associated with the > connection so it can't inquire about the MAC address. I was thinking to give pppoed (during the discovery phase) the possibility to select the IP from a pool of IP address (the same as ppp does - FreeBSD pppd does?), match it with MAC address of client that is well known at this stage and generate this part of our supposed loggin file: Time_of_starting_connection MAC_address IP_address 13:23:20 00:23:33:01:23:54 192.168.1.1 13:24:30 00:01:43:11:45:78 192.168.1.3 Then, the call message to ppp could be: exec /usr/sbin/ppp -direct -set ifaddr "localhost_ip" "IP_assigned_by_pppoed" and the log file already generated could be used by ppp to retrive MAC address.....??? > 2/ If it were to try create a new control socket, it could not connect it > to the existing data socket. > > It may be possible that the ppp daemon might know the netgraph node name > for the data socket node, in which case it could get the information > requested. > This would require an answer from Brian > > > 2. Dynamic assignation of IP address. (I think on two possibilities a) > > PPPoE assignation: when PADR arrives, the gw should look into a pool of IP > > adresses and assign one "before calling PPP". B) leave PPP the assignation > > and capture the IP in other way). > > I think you need to leave it to ppp. > but maybe ppp can become aware of teh MAc address. > > > > > Result: A log file produced with a session match of: > > > > MAC add - IP add - username - time of session. > > > > Should I touch the ng_pppoe code? or should I create a netgraph node to > > place between ng_node and ng_ppp? > > Am I on the good way > > Probably not good to touch the pppoe code.. > until you discuss it with Brian. > Then when you can agree on what needs to be changed we can change it. > the ppp code needs to be in charge.. Thanks, Federico > > > > > Thanks in advance, > > > > Federico Quevedo > > > > ................................................................. > > Federico Quevedo > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > --Boundary_(ID_KAS7p41HoyGLHpz494uVkA) Content-type: text/x-vcard; charset=us-ascii; name=quevedo6.vcf Content-transfer-encoding: 8BIT Content-disposition: attachment; filename=quevedo6.vcf Content-description: Card for Federico Quevedo begin:vcard n:Quevedo B.;Federico tel;cell:+41 76 582 0473 tel;home:+41 22 347 0999 x-mozilla-html:FALSE org:Université de Genève;Centre Universitaire d'Informatique version:2.1 email;internet:quevedo6@cuimail.unige.ch adr;quoted-printable:;;Rue Gen=E8ral Dufour 4=0D=0A;Genève;;1201;Suisse fn:Federico Quevedo end:vcard --Boundary_(ID_KAS7p41HoyGLHpz494uVkA)-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 21: 0:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id 62A3E37B405 for ; Tue, 30 Oct 2001 21:00:07 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id UAA60771; Tue, 30 Oct 2001 20:51:19 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id f9V4pHo09419; Tue, 30 Oct 2001 20:51:17 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200110310451.f9V4pHo09419@arch20m.dellroad.org> Subject: Re: mdp and ng_iface In-Reply-To: <20011026104640.A3717@cron.sm.ukrtel.net> "from Yegorov Mikhail at Oct 26, 2001 10:46:40 am" To: Yegorov Mikhail Date: Tue, 30 Oct 2001 20:51:17 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Yegorov Mikhail writes: > Mpd-netgraph remove ngX interface at exit but I need fixed interfaces. > Is it possible to create option with which mpd will not send NGM_SHUTDOWN > message to ng_iface node. I'm not sure why you would want to do this. You can 'statically' configure mpd to use a particular interface by using "new -i ngXX ..." when you create the bundle. After mpd stops, the interface is down and unconfigured so it's not useful anyway. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 21: 0:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id B05FE37B405; Tue, 30 Oct 2001 21:00:13 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id UAA60762; Tue, 30 Oct 2001 20:45:18 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id f9V4jIg09404; Tue, 30 Oct 2001 20:45:18 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200110310445.f9V4jIg09404@arch20m.dellroad.org> Subject: Re: pptp via mpd In-Reply-To: <000c01c15c25$8f45dbb0$3200a8c0@mobile.stclairc.ca> "from Ryan Masse at Oct 23, 2001 08:48:01 pm" To: Ryan Masse Date: Tue, 30 Oct 2001 20:45:18 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG, FreeBSD-Questions X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ryan Masse writes: > Is it possible to authenticate users on /etc/master.passwd or by some other > method possibly RADIUS or an SQL table? storing the usernames and passwords > in the mpd.secret file is redundant and insecure IMHO. Sure it's possible, it's just not implemented yet :-) Seriously, I don't have time to do it but it seems like it would be a fairly easy programming project. See e.g. libradius(3). FYI, /etc/passwd is not compatible with MD5 CHAP because you need the cleartext password.. nor is it compabible with MSOFT CHAP. A RADIUS client implementation would make the most sense.. patches welcome. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 30 23:38:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from pc0.sm.ukrtel.net (pc0.sm.ukrtel.net [195.5.1.116]) by hub.freebsd.org (Postfix) with ESMTP id 0587D37B405 for ; Tue, 30 Oct 2001 23:38:54 -0800 (PST) Received: from cron.sm.ukrtel.net (cron.sm.ukrtel.net [10.16.250.40]) by pc0.sm.ukrtel.net (8.9.3/8.9.3) with ESMTP id JAA03643; Wed, 31 Oct 2001 09:38:47 +0200 (EET) (envelope-from mhl@cron.sm.ukrtel.net) Received: (from mhl@localhost) by cron.sm.ukrtel.net (8.11.6/8.11.3) id f9V7chO19182; Wed, 31 Oct 2001 09:38:43 +0200 (EET) (envelope-from mhl) Date: Wed, 31 Oct 2001 09:38:43 +0200 From: Yegorov Mikhail To: Archie Cobbs Cc: freebsd-net@freebsd.org Subject: Re: mdp and ng_iface Message-ID: <20011031093843.A19029@cron.sm.ukrtel.net> References: <20011026104640.A3717@cron.sm.ukrtel.net> <200110310451.f9V4pHo09419@arch20m.dellroad.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <200110310451.f9V4pHo09419@arch20m.dellroad.org>; from archie@dellroad.org on Tue, Oct 30, 2001 at 08:51:17PM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Oct 30, 2001 at 08:51:17PM -0800, Archie Cobbs wrote: > Yegorov Mikhail writes: > > Mpd-netgraph remove ngX interface at exit but I need fixed interfaces. > > Is it possible to create option with which mpd will not send NGM_SHUTDOWN > > message to ng_iface node. > > I'm not sure why you would want to do this. > > You can 'statically' configure mpd to use a particular interface > by using "new -i ngXX ..." when you create the bundle. > > After mpd stops, the interface is down and unconfigured so > it's not useful anyway. > I use SNMP to take counters of in an out octets on leased lines so I need fixed snmp-index. Without this it is hard to get statistic with SNMP. Now I use follow patch but I think this is not a good idea. With this patch after mpd restart snmp-indexes and counters on interfaces stays. --- src/ngfunc.c.orig Fri Oct 26 11:08:24 2001 +++ src/ngfunc.c Wed Oct 31 09:04:46 2001 @@ -524,10 +524,6 @@ Link lnk_save; int k; - if (iface) { - snprintf(path, sizeof(path), "%s:", b->iface.ifname); - NgFuncShutdownNode(b, b->name, path); - } lnk_save = lnk; bund_save = bund; for (k = 0; k < b->n_links; k++) { -- Mikhail Yegorov e-mail: mhl@sm.ukrtel.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 3:58:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from vbook.express.ru (vbook.nc.express.ru [212.24.37.35]) by hub.freebsd.org (Postfix) with ESMTP id 9FC3E37B407; Wed, 31 Oct 2001 03:58:15 -0800 (PST) Received: from vova by vbook.express.ru with local (Exim 3.31 #2) id 15yu0f-0001Nh-00; Wed, 31 Oct 2001 14:58:17 +0300 From: "Vladimir B. Grebenschikov" MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15327.59225.65670.553150@vbook.express.ru> Date: Wed, 31 Oct 2001 14:58:17 +0300 To: obrien@freebsd.org Cc: net@freebsd.org Subject: Re: PXE boot vs. DHCP (fwd) In-Reply-To: <20011023103449.A49909@dragon.nuxi.com> References: <200110231530.f9NFUwm46770@vashon.polstra.com> <200110231535.f9NFZAg46786@vashon.polstra.com> <20011023103449.A49909@dragon.nuxi.com> X-Mailer: VM 6.96 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org David O'Brien writes: > On Tue, Oct 23, 2001 at 08:35:10AM -0700, jdp@polstra.com wrote: > > The patch below for dhclient-script fixes the problem for me. > > Murray and I are very close to importing dhclient 3 (vs. the versoin 2 we > have now). I would prefer to wait until then before changing > isc-dhcp/client/scripts/freebsd. dhclient 3 has a lot of > "modernizations" such as support for dynamic DNS, and I would not be > surprised if PXE booting wasn't also better supported. Does new dhclient support checking media state before trying send requests ? For some environments it is useful not try dhcp at all when card not connected to network. > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- TSB Russian Express, Moscow Vladimir B. Grebenschikov, vova@express.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 5:27:35 2001 Delivered-To: freebsd-net@freebsd.org Received: from www.microelectronics.com (www.microelectronics.com [4.18.26.20]) by hub.freebsd.org (Postfix) with ESMTP id 3986437B403 for ; Wed, 31 Oct 2001 05:27:32 -0800 (PST) Received: from zul.microcenter.com (zul.microcenter.com [4.18.26.10]) by www.microelectronics.com (Pro-8.9.3/Pro-8.9.3) with SMTP id IAA28247 for ; Wed, 31 Oct 2001 08:27:33 -0500 Received: from sysadm.microcenter.com by zul.microcenter.com via smtpd (for www.microelectronics.com [4.18.26.20]) with SMTP; 31 Oct 2001 13:24:22 UT Received: from mail.microcenter.com (anbhpc.microcenter.com [10.10.29.94]) by sysadm.microcenter.com (8.8.5/8.8.5) with ESMTP id IAA10826 for ; Wed, 31 Oct 2001 08:27:15 -0500 (EST) Message-ID: <3BDFFCEC.32FF9CC@mail.microcenter.com> Date: Wed, 31 Oct 2001 08:30:20 -0500 From: Aaron Bush X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.4.2-2 i686) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@FreeBSD.ORG Subject: tuning network limits? Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I have a FreeBSD 4.3-RELEASE box that appears to be dropping network connections. The system is using ipf to track state and only allow web (http, https) connections. Once per day i index one of the virtual domains by using htdig. Sometimes htdig is not able to index the entire site (itself, via route through loopback) and other times it can. The problem is not isolated to htdig though. A PHP application has also reported that it was unable to open a socket. The /var/log/messages show no packets being dropped by the ipf rules (default is to block and log). I am assuming that the system must be hitting some kernel limit and not allowing any more sockets to be created. In the handbook i see mention of tuning the NMBCLUSTERS options and assume that the following command shows that i have indeed hit the limit (mbuf clusters?). Also the requests for memory denied seems to be high, would failed attempts to create sockets cause this to increase? tosh# netstat -m 623/2304/4096 mbufs in use (current/peak/max): 263 mbufs allocated to data 360 mbufs allocated to packet headers 239/1024/1024 mbuf clusters in use (current/peak/max) 2624 Kbytes allocated to network (85% of mb_map in use) 9152 requests for memory denied 3 requests for memory delayed 0 calls to protocol drain routines What other tools can i use to determine where the problem may be. Thanks, -ab To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 13:48:49 2001 Delivered-To: freebsd-net@freebsd.org Received: from lurza.secnetix.de (lurza.secnetix.de [212.66.1.130]) by hub.freebsd.org (Postfix) with ESMTP id 7E81B37B403 for ; Wed, 31 Oct 2001 13:48:43 -0800 (PST) Received: (from olli@localhost) by lurza.secnetix.de (8.11.6/8.11.6) id f9VLmcB83267; Wed, 31 Oct 2001 22:48:38 +0100 (CET) (envelope-from oliver.fromme@secnetix.de) Date: Wed, 31 Oct 2001 22:48:38 +0100 (CET) Message-Id: <200110312148.f9VLmcB83267@lurza.secnetix.de> From: Oliver Fromme To: freebsd-net@FreeBSD.ORG, abush@microcenter.com Reply-To: freebsd-net@FreeBSD.ORG Subject: Re: tuning network limits? In-Reply-To: <3BDFFCEC.32FF9CC@mail.microcenter.com> X-Newsgroups: list.freebsd-net User-Agent: tin/1.5.4-20000523 ("1959") (UNIX) (FreeBSD/4.4-RELEASE (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Aaron Bush wrote: > [...] > tosh# netstat -m > 623/2304/4096 mbufs in use (current/peak/max): > 263 mbufs allocated to data > 360 mbufs allocated to packet headers > 239/1024/1024 mbuf clusters in use (current/peak/max) ^^^^^^^^^ > 2624 Kbytes allocated to network (85% of mb_map in use) > 9152 requests for memory denied > 3 requests for memory delayed > 0 calls to protocol drain routines > > What other tools can i use to determine where the problem may be. The line marked above is exactly your problem. Either compile a larger number of NMBCLUSTERS into your kernel, or use the appropriate loader.conf option to set the value at boot time. By the way, you're lucky -- Earlier versions of FreeBSD tended to panic sometimes when the mbuf limit was hit. ;-) Regards Oliver -- Oliver Fromme, secnetix GmbH & Co KG, Oettingenstr. 2, 80538 München Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "All that we see or seem is just a dream within a dream" (E. A. Poe) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 14:31:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from dragon.nuxi.com (trang.nuxi.com [66.92.13.169]) by hub.freebsd.org (Postfix) with ESMTP id BCD5937B405 for ; Wed, 31 Oct 2001 14:31:48 -0800 (PST) Received: (from obrien@localhost) by dragon.nuxi.com (8.11.6/8.11.1) id f9VMVU186374; Wed, 31 Oct 2001 14:31:30 -0800 (PST) (envelope-from obrien) Date: Wed, 31 Oct 2001 14:31:30 -0800 From: "David O'Brien" To: "Vladimir B. Grebenschikov" Cc: net@freebsd.org Subject: Re: PXE boot vs. DHCP (fwd) Message-ID: <20011031143130.B86319@dragon.nuxi.com> Reply-To: obrien@freebsd.org References: <200110231530.f9NFUwm46770@vashon.polstra.com> <200110231535.f9NFZAg46786@vashon.polstra.com> <20011023103449.A49909@dragon.nuxi.com> <15327.59225.65670.553150@vbook.express.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <15327.59225.65670.553150@vbook.express.ru>; from vova@express.ru on Wed, Oct 31, 2001 at 02:58:17PM +0300 X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Oct 31, 2001 at 02:58:17PM +0300, Vladimir B. Grebenschikov wrote: > David O'Brien writes: > > On Tue, Oct 23, 2001 at 08:35:10AM -0700, jdp@polstra.com wrote: > > > The patch below for dhclient-script fixes the problem for me. > > > > Murray and I are very close to importing dhclient 3 (vs. the versoin 2 we > > have now). I would prefer to wait until then before changing > > isc-dhcp/client/scripts/freebsd. dhclient 3 has a lot of > > "modernizations" such as support for dynamic DNS, and I would not be > > surprised if PXE booting wasn't also better supported. > > Does new dhclient support checking media state before trying send > requests ? For some environments it is useful not try dhcp at all when > card not connected to network. I don't know. This would almost sound like an rc.network issue rather than dhclient one. -- -- David (obrien@FreeBSD.org) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 15:15:14 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id 93CFA37B408 for ; Wed, 31 Oct 2001 15:15:09 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id PAA66347; Wed, 31 Oct 2001 15:03:51 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id f9VN3pC11975; Wed, 31 Oct 2001 15:03:51 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200110312303.f9VN3pC11975@arch20m.dellroad.org> Subject: Re: mdp and ng_iface In-Reply-To: <20011031093843.A19029@cron.sm.ukrtel.net> "from Yegorov Mikhail at Oct 31, 2001 09:38:43 am" To: Yegorov Mikhail Date: Wed, 31 Oct 2001 15:03:50 -0800 (PST) Cc: freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Yegorov Mikhail writes: > I use SNMP to take counters of in an out octets on leased lines so I need > fixed snmp-index. Without this it is hard to get statistic with SNMP. > > Now I use follow patch but I think this is not a good idea. With this patch > after mpd restart snmp-indexes and counters on interfaces stays. > > --- src/ngfunc.c.orig Fri Oct 26 11:08:24 2001 > +++ src/ngfunc.c Wed Oct 31 09:04:46 2001 > @@ -524,10 +524,6 @@ > Link lnk_save; > int k; > > - if (iface) { > - snprintf(path, sizeof(path), "%s:", b->iface.ifname); > - NgFuncShutdownNode(b, b->name, path); > - } > lnk_save = lnk; > bund_save = bund; > for (k = 0; k < b->n_links; k++) { That's the right patch for what you want to do. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 15:26:26 2001 Delivered-To: freebsd-net@freebsd.org Received: from vbook.express.ru (vbook.nc.express.ru [212.24.37.35]) by hub.freebsd.org (Postfix) with ESMTP id 9971837B41F for ; Wed, 31 Oct 2001 15:26:18 -0800 (PST) Received: from vova by vbook.express.ru with local (Exim 3.31 #2) id 15z4kS-000KtD-00 for freebsd-net@freebsd.org; Thu, 01 Nov 2001 02:26:16 +0300 Message-ID: <15328.34968.177198.602714@vbook.express.ru> Date: Thu, 1 Nov 2001 02:26:16 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit In-Reply-To: <200110312303.f9VN3pC11975@arch20m.dellroad.org> References: <20011031093843.A19029@cron.sm.ukrtel.net> <200110312303.f9VN3pC11975@arch20m.dellroad.org> X-Mailer: VM 6.96 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid From: "Vladimir B. Grebenschikov" To: freebsd-net@freebsd.org Subject: Re: mdp and ng_iface Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Archie Cobbs writes: > Yegorov Mikhail writes: > > I use SNMP to take counters of in an out octets on leased lines so I need > > fixed snmp-index. Without this it is hard to get statistic with SNMP. > > > > Now I use follow patch but I think this is not a good idea. With this patch > > after mpd restart snmp-indexes and counters on interfaces stays. > > > > --- src/ngfunc.c.orig Fri Oct 26 11:08:24 2001 > > +++ src/ngfunc.c Wed Oct 31 09:04:46 2001 > > @@ -524,10 +524,6 @@ > > Link lnk_save; > > int k; > > > > - if (iface) { > > - snprintf(path, sizeof(path), "%s:", b->iface.ifname); > > - NgFuncShutdownNode(b, b->name, path); > > - } > > lnk_save = lnk; > > bund_save = bund; > > for (k = 0; k < b->n_links; k++) { > > That's the right patch for what you want to do. May be "more" right solution is rename netgraph interfaces and use SNMP-software that aware about interface names not indexes ? > -Archie > > __________________________________________________________________________ > Archie Cobbs * Packet Design * http://www.packetdesign.com -- TSB Russian Express, Moscow Vladimir B. Grebenschikov, vova@express.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 15:45: 6 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id 7793737B407 for ; Wed, 31 Oct 2001 15:45:03 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id PAA66514; Wed, 31 Oct 2001 15:38:31 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id f9VNcVi12070; Wed, 31 Oct 2001 15:38:31 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200110312338.f9VNcVi12070@arch20m.dellroad.org> Subject: Re: mdp and ng_iface In-Reply-To: <15328.34968.177198.602714@vbook.express.ru> "from Vladimir B. Grebenschikov at Nov 1, 2001 02:26:16 am" To: "Vladimir B. Grebenschikov" Date: Wed, 31 Oct 2001 15:38:31 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Vladimir B. Grebenschikov writes: > > That's the right patch for what you want to do. > > May be "more" right solution is rename netgraph interfaces and use > SNMP-software that aware about interface names not indexes ? Yes.. I don't know what an "SNMP index" is but it seems to imply an assumption that the interface list is static, which is an invalid one. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 15:57:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from vbook.express.ru (vbook.nc.express.ru [212.24.37.35]) by hub.freebsd.org (Postfix) with ESMTP id F0D0A37B405 for ; Wed, 31 Oct 2001 15:57:43 -0800 (PST) Received: from vova by vbook.express.ru with local (Exim 3.31 #2) id 15z5EB-000LB1-00; Thu, 01 Nov 2001 02:56:59 +0300 From: "Vladimir B. Grebenschikov" MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15328.36810.299540.176280@vbook.express.ru> Date: Thu, 1 Nov 2001 02:56:58 +0300 To: Archie Cobbs Cc: "Vladimir B. Grebenschikov" , freebsd-net@FreeBSD.ORG Subject: Re: mdp and ng_iface In-Reply-To: <200110312338.f9VNcVi12070@arch20m.dellroad.org> References: <15328.34968.177198.602714@vbook.express.ru> <200110312338.f9VNcVi12070@arch20m.dellroad.org> X-Mailer: VM 6.96 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Archie Cobbs writes: > Vladimir B. Grebenschikov writes: > > > That's the right patch for what you want to do. > > > > May be "more" right solution is rename netgraph interfaces and use > > SNMP-software that aware about interface names not indexes ? > > Yes.. I don't know what an "SNMP index" is but it seems to > imply an assumption that the interface list is static, which > is an invalid one. Who are can commit changes into ng_iface.c to to support interface renaming ? For my concern there are two possible ways: 1. annouce setifname message for netgraph interface for set interface name (not related with netgraph node name) I have send this patch in list some time ago. 2. extend standart netgraph rename to rename interface simaltaniosly with interface node rename. This change will be helpful I think. > -Archie -- TSB Russian Express, Moscow Vladimir B. Grebenschikov, vova@express.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 16:40:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 08BEF37B401 for ; Wed, 31 Oct 2001 16:40:16 -0800 (PST) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA38243; Wed, 31 Oct 2001 16:27:04 -0800 (PST) Date: Wed, 31 Oct 2001 16:27:02 -0800 (PST) From: Julian Elischer To: "Vladimir B. Grebenschikov" Cc: freebsd-net@freebsd.org Subject: Re: mdp and ng_iface In-Reply-To: <15328.34968.177198.602714@vbook.express.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have some patches somewher ethat allows netgraph interfaces to be renamed. I just need to find them. On Thu, 1 Nov 2001, Vladimir B. Grebenschikov wrote: > Archie Cobbs writes: > > Yegorov Mikhail writes: > > > I use SNMP to take counters of in an out octets on leased lines so I need > > > fixed snmp-index. Without this it is hard to get statistic with SNMP. > > > > > > Now I use follow patch but I think this is not a good idea. With this patch > > > after mpd restart snmp-indexes and counters on interfaces stays. > > > > > > --- src/ngfunc.c.orig Fri Oct 26 11:08:24 2001 > > > +++ src/ngfunc.c Wed Oct 31 09:04:46 2001 > > > @@ -524,10 +524,6 @@ > > > Link lnk_save; > > > int k; > > > > > > - if (iface) { > > > - snprintf(path, sizeof(path), "%s:", b->iface.ifname); > > > - NgFuncShutdownNode(b, b->name, path); > > > - } > > > lnk_save = lnk; > > > bund_save = bund; > > > for (k = 0; k < b->n_links; k++) { > > > > That's the right patch for what you want to do. > > May be "more" right solution is rename netgraph interfaces and use > SNMP-software that aware about interface names not indexes ? > > > -Archie > > > > __________________________________________________________________________ > > Archie Cobbs * Packet Design * http://www.packetdesign.com > > -- > TSB Russian Express, Moscow > Vladimir B. Grebenschikov, vova@express.ru > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 16:40:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 63D9E37B403 for ; Wed, 31 Oct 2001 16:40:24 -0800 (PST) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA38249; Wed, 31 Oct 2001 16:29:37 -0800 (PST) Date: Wed, 31 Oct 2001 16:29:37 -0800 (PST) From: Julian Elischer To: "Vladimir B. Grebenschikov" Cc: Archie Cobbs , freebsd-net@FreeBSD.ORG Subject: Re: mdp and ng_iface In-Reply-To: <15328.36810.299540.176280@vbook.express.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ah you are the source of that patch! I have been meening to do this for a while but I have some differences.. 1/ I think that the netgraph name should change as well. This takes some work but can be done 2/ I would do it in reverse.. changing the nde name would change the interface name.. On Thu, 1 Nov 2001, Vladimir B. Grebenschikov wrote: > Archie Cobbs writes: > > Vladimir B. Grebenschikov writes: > > > > That's the right patch for what you want to do. > > > > > > May be "more" right solution is rename netgraph interfaces and use > > > SNMP-software that aware about interface names not indexes ? > > > > Yes.. I don't know what an "SNMP index" is but it seems to > > imply an assumption that the interface list is static, which > > is an invalid one. > > Who are can commit changes into ng_iface.c to to support interface > renaming ? > For my concern there are two possible ways: > 1. annouce setifname message for netgraph interface > for set interface name (not related with netgraph node name) > I have send this patch in list some time ago. > 2. extend standart netgraph rename to rename interface simaltaniosly > with interface node rename. > > This change will be helpful I think. > > > -Archie > > -- > TSB Russian Express, Moscow > Vladimir B. Grebenschikov, vova@express.ru > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 31 17:41:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id AAB8637B40B; Wed, 31 Oct 2001 17:41:26 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id fA11bt226212; Wed, 31 Oct 2001 17:37:55 -0800 (PST) (envelope-from rizzo) Date: Wed, 31 Oct 2001 17:37:55 -0800 From: Luigi Rizzo To: stable@freebsd.org Subject: HEADS UP: a bunch of ipfw MFC in the next 1-2 days Message-ID: <20011031173755.F23297@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org [Bcc to -net and -ipfw because of relevance] Hi, I am about to merge into stable a number of modifications that have been committed to current over the past month or two. The most significant ones are: * the merge of ipfw rule descriptor and chain pointer. No functional change, but the internal data structures and code are way more readable; * Bill Fenner's code to make ipfw/dummynet/bridge KLD'able BOTH THESE THINGS REQUIRES REBUILDING OF ipfw.ko and /sbin/ipfw * a new type of dynamic rule that lets you limit the number of simultaneous connections matching certain criteria (with the usual aggregation based on port/address masks) * fix spl*() protection in same parts of the code (only relevant for RELENG_4); * misc fixes that have or should arise while diff'ing old and new version of the files in HEAD and RELENG_4 (it happens more frequently than people can imagine, especially for those critical parts of the system for which we are almost doing independent implementations); While i am carefully reviewing and testing the code before committing, and try to do the commit at once, we all do mistakes sometime. So, please test the new code and submit feedback and bug reports as i complete the commits, put please don't rush and install the new code on a production machine two seconds after my first commit. We are sufficiently far away from the next release to do this commit now and shake down any bugs that should occur. cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 1 17:24:32 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 7168A37B407; Thu, 1 Nov 2001 17:24:27 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id fA21Kpq36166; Thu, 1 Nov 2001 17:20:51 -0800 (PST) (envelope-from rizzo) Date: Thu, 1 Nov 2001 17:20:51 -0800 From: Luigi Rizzo To: net@freebsd.org Subject: unused interfaces in if_var.h Message-ID: <20011101172051.B36115@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org [Bcc to net for relevance] in the RELENG_4 version of if_var.h there are some macros and inline functions (namely IF_ENQ_DROP(), if_enq_drop()) which seem to be never used. They have been removed in the version in CURRENT, where instead a IF_HANDOFF() macro has been introduced to handle passing packets to an interface. Would people object to doing a similar change to the code in STABLE ? luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 1 23:45:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by hub.freebsd.org (Postfix) with ESMTP id 30F7C37B405; Thu, 1 Nov 2001 23:45:36 -0800 (PST) Received: from cronyx.ru by hanoi.cronyx.ru with ESMTP id KAA01439; (8.9.3/vak/2.1) Fri, 2 Nov 2001 10:43:44 +0300 (MSK) Message-ID: <3BE24EE4.2020506@cronyx.ru> Date: Fri, 02 Nov 2001 10:44:36 +0300 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1 X-Accept-Language: en-us MIME-Version: 1.0 To: Roman Kurakin Cc: freebsd-net@FreeBSD.org, Serge Vakulenko , mike@FreeBSD.org, freebsd-bugs@FreeBSD.org, julian@FreeBSD.org, archie@FreeBSD.org, joerg@FreeBSD.org Subject: Re: kern/11238, kern/14848, kern/21771, sppp patch's patch_id #1 References: <000901c1134b$827a69a0$48b5ce90@crox> <3BDABF7B.4060808@cronyx.ru> Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, This letter was sent last Saturday. When should I expect any reaction? Best regards, Kurakin Roman Roman Kurakin wrote: > Hi, > This is the first patch of set of patches that I plan to make. > These patches ware send several > times as a big patch and last one wasn't even discussed. So I will try > to send them by small > pieces and will try to comment them. > > Last one big patch was kern/21771. Last our version of sppp and > adapter drivers could be found > at http://www.cronyx.ru/software/ > > First portion contains following changes: > 1) Just a header changes. > 2) Changes like that: > case STATE_CLOSING: > - sppp_cp_change_state(cp, sp, STATE_CLOSED); > (cp->tlf)(sp); > + sppp_cp_change_state(cp, sp, STATE_CLOSED); > break; > > Comment: > > If you change state at first and then call tlf you will get wrong > final state cause tlf will > lead to "Close" event and you will get (for this example) final state > "Initial". > > In some cases this isn't so fatal but in other this will put out of > action a link. > > All this changes was made according to RFC1661. > > Best regards, > > Roman Kurakin, Software Engineer, > Cronyx Engineering > >>> Synopsis: Frame Relay support, corrected >>> >>> State-Changed-From-To: open->suspended >>> State-Changed-By: mike >>> State-Changed-When: Fri Jul 20 19:54:47 PDT 2001 >>> State-Changed-Why: >>> With a little bit of work, this could probably be committed. >>> Awaiting committer. >>> >>> http://www.FreeBSD.org/cgi/query-pr.cgi?pr=14848 >>> >> > > >------------------------------------------------------------------------ > >--- if_spppsubr.c.orig Sat Oct 27 16:37:21 2001 >+++ if_spppsubr.c Sat Oct 27 16:56:32 2001 >@@ -1,13 +1,21 @@ > /* >- * Synchronous PPP/Cisco link level subroutines. >+ * Synchronous PPP/Cisco/Frame Relay link level subroutines. > * Keepalive protocol implemented in both Cisco and PPP modes. >+ * ANSI T1.617-compaible link management signaling >+ * implemented for Frame Relay mode. >+ * Cisco-type Frame Relay framing added, thanks Alex Tutubalin. >+ * Only one DLCI per channel for now. > * >- * Copyright (C) 1994-1996 Cronyx Engineering Ltd. >+ * Copyright (C) 1994-2001 Cronyx Engineering Ltd. > * Author: Serge Vakulenko, > * > * Heavily revamped to conform to RFC 1661. > * Copyright (C) 1997, Joerg Wunsch. > * >+ * Slightly revamped to conform to real life. >+ * Copyright (C) 1999-2001 Cron >yx Engineering Ltd. >+ * Author: Kurakin Roman, >+ * > * This software is distributed with NO WARRANTIES, not even the implied > * warranties for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. > * >@@ -222,7 +230,7 @@ > u_short time0; > u_short time1; > }; >-#define CISCO_PACKET_LEN 18 >+#define CISCO_PACKET_LEN 14 > > /* > * We follow the spelling and capitalization of RFC 1661 here, to make >@@ -1532,12 +1540,12 @@ > case STATE_ACK_SENT: > break; > case STATE_CLOSING: >- sppp_cp_change_state(cp, sp, STATE_CLOSED); > (cp->tlf)(sp); >+ sppp_cp_change_state(cp, sp, STATE_CLOSED); > break; > case STATE_STOPPING: >- sppp_cp_change_state(cp, sp, STATE_STOPPED); > (cp->tlf)(sp); >+ sppp_cp_change_state(cp, sp, STATE_STOPPED); > break; > case STATE_ACK_RCVD: > sppp_cp_change_state(cp, sp >, STATE_REQ_SENT); >@@ -1850,8 +1858,8 @@ > case STATE_CLOSING: > break; > case STATE_STARTING: >- sppp_cp_change_state(cp, sp, STATE_INITIAL); > (cp->tlf)(sp); >+ sppp_cp_change_state(cp, sp, STATE_INITIAL); > break; > case STATE_STOPPED: > sppp_cp_change_state(cp, sp, STATE_CLOSED); >@@ -1890,18 +1898,18 @@ > /* TO- event */ > switch (sp->state[cp->protoidx]) { > case STATE_CLOSING: >- sppp_cp_change_state(cp, sp, STATE_CLOSED); > (cp->tlf)(sp); >+ sppp_cp_change_state(cp, sp, STATE_CLOSED); > break; > case STATE_STOPPING: >- sppp_cp_change_state(cp, sp, STATE_STOPPED); > (cp->tlf)(sp); >+ sppp_cp_change_state(cp, sp, STATE_STOPPED); > break; > case STATE_REQ_SENT: > case STATE_ACK_RCVD: > case STATE_ACK_SENT: >- sppp_cp_change_state(cp, sp, STATE_STOPPED); > (cp->tlf)(sp); >+ sppp_cp_change_state(cp, sp, STATE_STOPPED); > break; > } > > else > > sppp1.pch > > Content-Type: > > text/plain > Content-Encoding: > > 7bit > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 6:55:25 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailgw.servicefactory.se (mailgw.servicefactory.se [192.71.33.33]) by hub.freebsd.org (Postfix) with ESMTP id 9754437B403 for ; Fri, 2 Nov 2001 06:55:18 -0800 (PST) Received: from ark.servicefactory.se (ark.servicefactory.se [192.71.33.5]) by mailgw.servicefactory.se (8.11.6/8.11.6) with ESMTP id fA2EtH827624 for ; Fri, 2 Nov 2001 15:55:17 +0100 (CET) Received: from servicefactory.se (ark.servicefactory.se [192.71.33.5]) by ark.servicefactory.se (8.11.6/8.11.6) with ESMTP id fA2Et2k07150 for ; Fri, 2 Nov 2001 15:55:02 +0100 (CET) Message-ID: <3BE2B3D3.EDE64681@servicefactory.se> Date: Fri, 02 Nov 2001 15:55:15 +0100 From: Jonas =?iso-8859-1?Q?B=FClow?= Organization: Service Factory X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: FreeBSD 4.4, Bug in IPFilter v3.4.20 (264), fastroute bug. Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I just found out what seems to be a bug in IPFilter 3.4.20 (and .21). Using a machine with two NICs ep0 and ep1 and the filter rule: @999 block in quick on ep1 to ep0:10.0.0.42 proto tcp from any to any port = 80 Will cause a reboot on the first packet arrival on ep1 with destination port 80. I should mention that the rule above works in v3.4.17. Any hints or suggestions to solve this? Is there any more information I should mention about the problem? Another interesting problem with fastroute is that the fastroute:ed packet will get an incorrect IP-checksum if it is used together with a PAT rules like: map ep0 10.10.0.0/24 -> 10.0.0.1/32 proxy port ftp ftp/tcp map ep0 10.10.0.0/24 -> 10.0.0.1/32 portmap tcp/udp 1025:65500 map ep0 10.10.0.0/24 -> 10.0.0.1/32 I thought fastroute:ed packets were sent directly to the outgoing interface as shown in http://coombs.anu.edu.au/ipfilter/ipfil-flow.html. It seems like the NAT engine in some way corrupts fastroute:ed packets anyway. Has anyone else experienced problems similar to this? I have searched the IPFilter mail archive briefly without finding any similar problems so I hope it's not an FAQ item. :-) regards, jonas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 7:45:37 2001 Delivered-To: freebsd-net@freebsd.org Received: from ws130.nomadiclab.com (ws130.nomadiclab.com [195.165.196.130]) by hub.freebsd.org (Postfix) with ESMTP id 22AEF37B403 for ; Fri, 2 Nov 2001 07:45:35 -0800 (PST) Received: from ws34.nomadiclab.com (ws34.nomadiclab.com [195.165.196.34]) by ws130.nomadiclab.com (Postfix) with ESMTP id 76F0C74406 for ; Fri, 2 Nov 2001 17:47:44 +0200 (EET) Received: from nomadiclab.com (ws211.nomadiclab.com [195.165.196.211]) by ws34.nomadiclab.com (Postfix) with ESMTP id D998FBA21 for ; Fri, 2 Nov 2001 17:45:32 +0200 (EET) Message-ID: <3BE2BF9C.9020404@nomadiclab.com> Date: Fri, 02 Nov 2001 17:45:32 +0200 From: Pekka Nikander User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:0.9.5+) Gecko/20011101 X-Accept-Language: en-us MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: IEEE 802.1x aka EAPOL implementation Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Just in case somebody is interested to help, I am implementing IEEE 802.1x standard for FreeBSD as a netgraph module. For those that don't happen to know, 802.1x (aka EAPOL) is an Ethernet level protocol for authenticating users very much in the same way PPP authentication is performed. Microsoft has included an implementation in Windows XP, and there are a number of vendors that have implemented it for their Ethernet switches or WLAN base stations. A very early alpha, resulting from a few days hacking, is available at http://www.tml.hut.fi/~pnr/eapol/. So far it includes only client side functionality, but it has been tested to be able to send the EAPOL START and LOGOFF messages. No documentation yet, sorry. RTFS. --Pekka Nikander To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 10:50:48 2001 Delivered-To: freebsd-net@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id 75DFB37B403; Fri, 2 Nov 2001 10:50:43 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id TAA14547; Fri, 2 Nov 2001 19:50:34 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id fA2ITGj45893; Fri, 2 Nov 2001 19:29:16 +0100 (MET) (envelope-from j) Date: Fri, 2 Nov 2001 19:29:16 +0100 From: Joerg Wunsch To: Roman Kurakin Cc: freebsd-net@FreeBSD.org, Serge Vakulenko , mike@FreeBSD.org, freebsd-bugs@FreeBSD.org, julian@FreeBSD.org, archie@FreeBSD.org Subject: Re: kern/11238, kern/14848, kern/21771, sppp patch's patch_id #1 Message-ID: <20011102192916.A43204@uriah.heep.sax.de> Reply-To: Joerg Wunsch References: <000901c1134b$827a69a0$48b5ce90@crox> <3BDABF7B.4060808@cronyx.ru> <3BE24EE4.2020506@cronyx.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <3BE24EE4.2020506@cronyx.ru>; from rik@cronyx.ru on Fri, Nov 02, 2001 at 10:44:36AM +0300 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org As Roman Kurakin wrote: > This letter was sent last Saturday. When should I expect any > reaction? You've already got one from me. -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 12:22:54 2001 Delivered-To: freebsd-net@freebsd.org Received: from sj-msg-core-2.cisco.com (sj-msg-core-2.cisco.com [171.69.24.11]) by hub.freebsd.org (Postfix) with ESMTP id CE9BC37B401 for ; Fri, 2 Nov 2001 12:22:51 -0800 (PST) Received: from mira-sjc5-2.cisco.com (mira-sjc5-2.cisco.com [171.71.163.16]) by sj-msg-core-2.cisco.com (8.11.3/8.9.1) with ESMTP id fA2KMoa14280 for ; Fri, 2 Nov 2001 12:22:50 -0800 (PST) Received: from stewart.chicago.il.us (ssh-sj1.cisco.com [171.68.225.134]) by mira-sjc5-2.cisco.com (Mirapoint) with ESMTP id AAE28306; Fri, 2 Nov 2001 12:22:47 -0800 (PST) Message-ID: <3BE30097.C02C828D@stewart.chicago.il.us> Date: Fri, 02 Nov 2001 14:22:47 -0600 From: Randall Stewart X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: SCTP and multiple default routes Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dear all: I am working on a SCTP implementation for KAME and have a question/issue with routing entries in the current freebsd kernel (4.x stream). The issue is quite simple in that SCTP allows one to have multiple destination addresses as part of an association. This is great but without the machine allowing multiple default routes it really does not do a lot of good (except on specific machines that have subnet routes in place to the peer). What would be nice is to have multiple default routes and then have the ability to be able to do a: rt_alloc_alt(...,prev-route); This would then buy the ability to truely take full advantage of the redundancy with a simple extra default route for the multi-homed machine. rt_alloc_alt() would do what rt_alloc does but if it sees prev-route as the answer, it could look further for an alternate. I have no problem with writting the rt_alloc_alt() routine.. but I would also have to dig in and figure out why multiple defaults are not allowed as well.. sigh.. and of course what it might break if I did it. Anyone have any thoughts on this..or has thought of doing this?? Thanks R -- Randall R. Stewart randall@stewart.chicago.il.us 815-342-5222 (cell phone) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 12:37: 3 2001 Delivered-To: freebsd-net@freebsd.org Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by hub.freebsd.org (Postfix) with ESMTP id 3C76237B407 for ; Fri, 2 Nov 2001 12:37:01 -0800 (PST) Received: from isi.edu (hbo.isi.edu [128.9.160.75]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id fA2KaxO22864; Fri, 2 Nov 2001 12:36:59 -0800 (PST) Message-ID: <3BE303EA.1040506@isi.edu> Date: Fri, 02 Nov 2001 12:36:58 -0800 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.4) Gecko/20010924 X-Accept-Language: en, de MIME-Version: 1.0 To: Randall Stewart Cc: freebsd-net@freebsd.org Subject: Re: SCTP and multiple default routes References: <3BE30097.C02C828D@stewart.chicago.il.us> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Randall Stewart wrote: > I am working on a SCTP implementation for KAME and > have a question/issue with routing entries in > the current freebsd kernel (4.x stream). ... > What would be nice is to have multiple default routes > and then have the ability to be able to do a: I'm not sure multiple default routes make sense. The default route is the one you use if no other route matches a destination. If you allow multiple "defaults", how do you pick which one to use for a given packet? You need a whole new mechanism to choose among default routes. Why not simply use host routes? Disclaimer: I may be biased here, because I think implementing multi-homing at the transport layer (like SCTP tries to) is a bad idea in general. It's a network layer concept, reimplementing it at the transport layer gives you no new capabilities. Lars -- Lars Eggert Information Sciences Institute http://www.isi.edu/larse/ University of Southern California To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 12:37:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by hub.freebsd.org (Postfix) with ESMTP id 6B4DC37B40C for ; Fri, 2 Nov 2001 12:37:28 -0800 (PST) Received: from isi.edu (hbo.isi.edu [128.9.160.75]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id fA2KbQO22958; Fri, 2 Nov 2001 12:37:26 -0800 (PST) Message-ID: <3BE30405.5040508@isi.edu> Date: Fri, 02 Nov 2001 12:37:25 -0800 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.4) Gecko/20010924 X-Accept-Language: en, de MIME-Version: 1.0 To: Randall Stewart Cc: freebsd-net@freebsd.org Subject: Re: SCTP and multiple default routes References: <3BE30097.C02C828D@stewart.chicago.il.us> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Randall Stewart wrote: > I am working on a SCTP implementation for KAME and > have a question/issue with routing entries in > the current freebsd kernel (4.x stream). ... > What would be nice is to have multiple default routes > and then have the ability to be able to do a: I'm not sure multiple default routes make sense. The default route is the one you use if no other route matches a destination. If you allow multiple "defaults", how do you pick which one to use for a given packet? You need a whole new mechanism to choose among default routes. Why not simply use host routes? Disclaimer: I may be biased here, because I think implementing multi-homing at the transport layer (like SCTP tries to) is a bad idea in general. It's a network layer concept, reimplementing it at the transport layer gives you no new capabilities. Lars -- Lars Eggert Information Sciences Institute http://www.isi.edu/larse/ University of Southern California To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 13:27:33 2001 Delivered-To: freebsd-net@freebsd.org Received: from tp.databus.com (p101-46.acedsl.com [160.79.101.46]) by hub.freebsd.org (Postfix) with ESMTP id 3FF5E37B407 for ; Fri, 2 Nov 2001 13:27:27 -0800 (PST) Received: (from barney@localhost) by tp.databus.com (8.11.6/8.11.4) id fA2LR6r38273; Fri, 2 Nov 2001 16:27:06 -0500 (EST) (envelope-from barney) Date: Fri, 2 Nov 2001 16:27:01 -0500 From: Barney Wolff To: Lars Eggert Cc: Randall Stewart , freebsd-net@FreeBSD.ORG Subject: Re: SCTP and multiple default routes Message-ID: <20011102162701.A38190@tp.databus.com> References: <3BE30097.C02C828D@stewart.chicago.il.us> <3BE303EA.1040506@isi.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3BE303EA.1040506@isi.edu>; from larse@ISI.EDU on Fri, Nov 02, 2001 at 12:36:58PM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Nov 02, 2001 at 12:36:58PM -0800, Lars Eggert wrote: > > Disclaimer: I may be biased here, because I think implementing > multi-homing at the transport layer (like SCTP tries to) is a bad idea > in general. It's a network layer concept, reimplementing it at the > transport layer gives you no new capabilities. Whether or not multiple default routes is a good idea, SCTP-style multihoming makes a tremendous difference for small organizations that cannot justify getting a block of addresses big enough to be routed by multiple providers. With SCTP I can have a host with an address from a cable-modem provider and another from a dsl provider and my peers can treat both as addresses of my one machine, so connections will not break if one link goes down. The big payoff for the Internet as a whole is I don't need a separate route to me in the global routing tables. I would gladly pay for two such links if there were an automatic way to switch away from a broken link. Without asking cable or dsl providers to talk bgp to me (which they will surely refuse to do) this is not easy. -- Barney Wolff "Nonetheless, ease and peace had left this people still curiously tough. They were, if it came to it, difficult to daunt or to kill; and they were, perhaps, so unwearyingly fond of good things not least because they could, when put to it, do without them, and could survive rough handling by grief, foe, or weather in a way that astonished those who did not know them well and looked no further than their bellies and their well-fed faces." J.R.R.T. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 14: 1:44 2001 Delivered-To: freebsd-net@freebsd.org Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by hub.freebsd.org (Postfix) with ESMTP id 7690C37B40B for ; Fri, 2 Nov 2001 14:01:40 -0800 (PST) Received: from isi.edu (hbo.isi.edu [128.9.160.75]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id fA2M1SO13703; Fri, 2 Nov 2001 14:01:28 -0800 (PST) Message-ID: <3BE317B8.3040108@isi.edu> Date: Fri, 02 Nov 2001 14:01:28 -0800 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.4) Gecko/20010924 X-Accept-Language: en, de MIME-Version: 1.0 To: Barney Wolff Cc: Randall Stewart , freebsd-net@FreeBSD.ORG, xbone@ISI.EDU Subject: Re: SCTP and multiple default routes References: <3BE30097.C02C828D@stewart.chicago.il.us> <3BE303EA.1040506@isi.edu> <20011102162701.A38190@tp.databus.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Barney Wolff wrote: > Whether or not multiple default routes is a good idea, SCTP-style > multihoming makes a tremendous difference for small organizations > that cannot justify getting a block of addresses big enough to be > routed by multiple providers. With SCTP I can have a host with > an address from a cable-modem provider and another from a dsl provider > and my peers can treat both as addresses of my one machine, so > connections will not break if one link goes down. The big payoff > for the Internet as a whole is I don't need a separate route to me > in the global routing tables. The big drawback is that it requires a completely new protocol... It also requires both peers to speak SCTP, and applications in question must be changed to run over SCTP as well. In other words, it doesn't work yet, and it will be some time before it does, and then only for modified apps. > I would gladly pay for two such links if there were an automatic way > to switch away from a broken link. Without asking cable or dsl > providers to talk bgp to me (which they will surely refuse to do) > this is not easy. You can get the exact same behavior toady, with existing Internet protocols: Create an IP tunnel to the peer over one interface pair, switch the tunnel over to the other pair in case of failure. This is transparent to the application (it uses the virtual addresses of the tunnel), uses existing protocols (TCP/UDP over IP in IP), works now. Only new piece is reconfiguring your tunnel, which is trivial (one or two system commands, and can be easily automated.) But we should probbaly move this discussion over to tsvwg... :-) Lars -- Lars Eggert Information Sciences Institute http://www.isi.edu/larse/ University of Southern California To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 14:16:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from sj-msg-core-1.cisco.com (sj-msg-core-1.cisco.com [171.71.163.11]) by hub.freebsd.org (Postfix) with ESMTP id 58C8737B40D for ; Fri, 2 Nov 2001 14:16:45 -0800 (PST) Received: from mira-sjc5-2.cisco.com (mira-sjc5-2.cisco.com [171.71.163.16]) by sj-msg-core-1.cisco.com (8.11.3/8.9.1) with ESMTP id fA2MGoX23783; Fri, 2 Nov 2001 14:16:50 -0800 (PST) Received: from stewart.chicago.il.us (ssh-sj1.cisco.com [171.68.225.134]) by mira-sjc5-2.cisco.com (Mirapoint) with ESMTP id AAE31804; Fri, 2 Nov 2001 14:16:41 -0800 (PST) Message-ID: <3BE31B48.47A88007@stewart.chicago.il.us> Date: Fri, 02 Nov 2001 16:16:41 -0600 From: Randall Stewart X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Barney Wolff Cc: Lars Eggert , freebsd-net@FreeBSD.ORG Subject: Re: SCTP and multiple default routes References: <3BE30097.C02C828D@stewart.chicago.il.us> <3BE303EA.1040506@isi.edu> <20011102162701.A38190@tp.databus.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Barney: Comments below... Barney Wolff wrote: > > On Fri, Nov 02, 2001 at 12:36:58PM -0800, Lars Eggert wrote: > > > > Disclaimer: I may be biased here, because I think implementing > > multi-homing at the transport layer (like SCTP tries to) is a bad idea > > in general. It's a network layer concept, reimplementing it at the > > transport layer gives you no new capabilities. > > Whether or not multiple default routes is a good idea, SCTP-style > multihoming makes a tremendous difference for small organizations > that cannot justify getting a block of addresses big enough to be > routed by multiple providers. With SCTP I can have a host with > an address from a cable-modem provider and another from a dsl provider > and my peers can treat both as addresses of my one machine, so > connections will not break if one link goes down. The big payoff > for the Internet as a whole is I don't need a separate route to me > in the global routing tables. > > I would gladly pay for two such links if there were an automatic way > to switch away from a broken link. Without asking cable or dsl > providers to talk bgp to me (which they will surely refuse to do) > this is not easy. > I could not have put it better myself!! 1) The current internet is once again getting exponential growth in the routing tables due to multi-homing. The big boys are forcing ISP's to advertise there network address has a host route thus breaking aggregation. This is a BIG problem. 2) Little guys do not have the muster to make their ISP do anything except tell you.. here is your default route... and no way will I advertise your other IP address... (golden rule of business applies here .. he who has the gold makes the rules :>) 3) If I have two default routes.. one for my cable modem and one for my DSL provider. I can set both in. Now when a peer that has the same arrangment sets up an association with me it tells me its two addresses. I then enter these in and do: a) net->rt = rt_alloc(first-addr); b) net2->rt = rt_alloc_alt(second-addr,net-rt); Now what rt_alloc_alt does is attempt to give me an alternate route out a different interface if possible. This might mean we expand the node entry for each level of the routing tree to have a list of alternate entries behind it. It is simple for the little guy and solves his problem and if big guys use it the routing tables do not have to grow so fast ... Yes I know there IS one issue.. i.e. we can still have a broken scenario where I choose my routes opposite of my peer. But with a little thoughtful work with the SACK generation even that can be overcome... a) You have to make sure that SACK's do not go to the source address when you have it marked down b) When you receive duplicates you must SACK to other addresses . This will cause a minor performance degregation while the both sides are detecting the failure .. but thats better then going OOS. R Better yet maybe a error counter R > -- > Barney Wolff > > "Nonetheless, ease and peace had left this people still curiously tough. > They were, if it came to it, difficult to daunt or to kill; and they were, > perhaps, so unwearyingly fond of good things not least because they could, > when put to it, do without them, and could survive rough handling by grief, > foe, or weather in a way that astonished those who did not know them well > and looked no further than their bellies and their well-fed faces." J.R.R.T. -- Randall R. Stewart randall@stewart.chicago.il.us 815-342-5222 (cell phone) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 14:55:53 2001 Delivered-To: freebsd-net@freebsd.org Received: from tp.databus.com (p101-46.acedsl.com [160.79.101.46]) by hub.freebsd.org (Postfix) with ESMTP id 4474737B420 for ; Fri, 2 Nov 2001 14:55:43 -0800 (PST) Received: (from barney@localhost) by tp.databus.com (8.11.6/8.11.4) id fA2Mtcr38824; Fri, 2 Nov 2001 17:55:38 -0500 (EST) (envelope-from barney) Date: Fri, 2 Nov 2001 17:55:33 -0500 From: Barney Wolff To: Randall Stewart Cc: Barney Wolff , Lars Eggert , freebsd-net@FreeBSD.ORG Subject: Re: SCTP and multiple default routes Message-ID: <20011102175533.B38677@tp.databus.com> References: <3BE30097.C02C828D@stewart.chicago.il.us> <3BE303EA.1040506@isi.edu> <20011102162701.A38190@tp.databus.com> <3BE31B48.47A88007@stewart.chicago.il.us> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3BE31B48.47A88007@stewart.chicago.il.us>; from randall@stewart.chicago.il.us on Fri, Nov 02, 2001 at 04:16:41PM -0600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The catch here is you can send out your other link, but your partner cannot send back to your other address via that link since the ISP won't route it that way. To make your partner know to switch over means major mods to TCP, equivalent to replacing it with SCTP. Barney On Fri, Nov 02, 2001 at 04:16:41PM -0600, Randall Stewart wrote: > > 3) If I have two default routes.. one for my cable modem and one for > my DSL provider. I can set both in. Now when a peer that has the > same arrangment sets up an association with me it tells me its > two addresses. I then enter these in and do: > a) net->rt = rt_alloc(first-addr); > b) net2->rt = rt_alloc_alt(second-addr,net-rt); > > Now what rt_alloc_alt does is attempt to give me an alternate route > out a different interface if possible. This might mean we expand > the node entry for each level of the routing tree to have a list > of alternate entries behind it. > > It is simple for the little guy and solves his problem and > if big guys use it the routing tables do not have to grow > so fast ... > > Yes I know there IS one issue.. i.e. we can still have a broken > scenario where I choose my routes opposite of my peer. But with > a little thoughtful work with the SACK generation even that > can be overcome... > > a) You have to make sure that SACK's do not go to > the source address when you have it marked down > > > > b) When you receive duplicates you must SACK to other > addresses . > > This will cause a minor performance degregation while > the both sides are detecting the failure .. but > thats better then going OOS. > > R > > > > Better yet maybe a error counter > > R To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 15:35:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from sj-msg-core-2.cisco.com (sj-msg-core-2.cisco.com [171.69.24.11]) by hub.freebsd.org (Postfix) with ESMTP id 2B3FA37B408 for ; Fri, 2 Nov 2001 15:35:49 -0800 (PST) Received: from mira-sjc5-2.cisco.com (mira-sjc5-2.cisco.com [171.71.163.16]) by sj-msg-core-2.cisco.com (8.11.3/8.9.1) with ESMTP id fA2NZha09986; Fri, 2 Nov 2001 15:35:43 -0800 (PST) Received: from stewart.chicago.il.us (ssh-sj1.cisco.com [171.68.225.134]) by mira-sjc5-2.cisco.com (Mirapoint) with ESMTP id AAE34485; Fri, 2 Nov 2001 15:35:41 -0800 (PST) Message-ID: <3BE32DCC.22A84E28@stewart.chicago.il.us> Date: Fri, 02 Nov 2001 17:35:40 -0600 From: Randall Stewart X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Lars Eggert Cc: Barney Wolff , freebsd-net@FreeBSD.ORG, xbone@ISI.EDU Subject: Re: SCTP and multiple default routes References: <3BE30097.C02C828D@stewart.chicago.il.us> <3BE303EA.1040506@isi.edu> <20011102162701.A38190@tp.databus.com> <3BE317B8.3040108@isi.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Lars: I will add my 2cents to Barney's reply to this as well.. Lars Eggert wrote: > > Barney Wolff wrote: > > > Whether or not multiple default routes is a good idea, SCTP-style > > multihoming makes a tremendous difference for small organizations > > that cannot justify getting a block of addresses big enough to be > > routed by multiple providers. With SCTP I can have a host with > > an address from a cable-modem provider and another from a dsl provider > > and my peers can treat both as addresses of my one machine, so > > connections will not break if one link goes down. The big payoff > > for the Internet as a whole is I don't need a separate route to me > > in the global routing tables. > > The big drawback is that it requires a completely new protocol... Which is currently beginning to be deployed. Sun, Aix, Linux and other O/S's which I refuse to name are putting forward SCTP.. > > It also requires both peers to speak SCTP, and applications in question > > must be changed to run over SCTP as well. In other words, it doesn't The change is a very very simple one instead of fd = socket(AF_INET,SOCK_STREAM, IPPROTO_TCP); you od fd = socket(AF_INET,SOCK_STREAM, IPPROTO_SCTP); Not a big deal for the TCP compatibility model. You don't get to use streams if you do the above only .. but hey you get the multiple interface... Not a big deal... > > work yet, and it will be some time before it does, and then only for modified apps. Not as long as you think.. IMHO > > > I would gladly pay for two such links if there were an automatic way > > to switch away from a broken link. Without asking cable or dsl > > providers to talk bgp to me (which they will surely refuse to do) > > this is not easy. > > You can get the exact same behavior toady, with existing Internet > protocols: Create an IP tunnel to the peer over one interface pair, > switch the tunnel over to the other pair in case of failure. This is > transparent to the application (it uses the virtual addresses of the > tunnel), uses existing protocols (TCP/UDP over IP in IP), works now. > > Only new piece is reconfiguring your tunnel, which is trivial (one or > two system commands, and can be easily automated.) > And to add to Barney's issue... you also must wait for a routing convergence to know to move the tunnel. In the case of SCTP the first timeout moves you to the alternate. R > -- > Lars Eggert Information Sciences Institute > http://www.isi.edu/larse/ University of Southern California > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Randall R. Stewart randall@stewart.chicago.il.us 815-342-5222 (cell phone) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 15:42:50 2001 Delivered-To: freebsd-net@freebsd.org Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by hub.freebsd.org (Postfix) with ESMTP id BB4E937B40D for ; Fri, 2 Nov 2001 15:42:42 -0800 (PST) Received: from isi.edu (sci.isi.edu [128.9.160.93]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id fA2NgZO07336; Fri, 2 Nov 2001 15:42:35 -0800 (PST) Message-ID: <3BE32F6A.7060807@isi.edu> Date: Fri, 02 Nov 2001 15:42:34 -0800 From: Joe Touch User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1 X-Accept-Language: en-us MIME-Version: 1.0 To: Randall Stewart Cc: Lars Eggert , Barney Wolff , freebsd-net@FreeBSD.ORG, xbone@ISI.EDU Subject: Re: SCTP and multiple default routes References: <3BE30097.C02C828D@stewart.chicago.il.us> <3BE303EA.1040506@isi.edu> <20011102162701.A38190@tp.databus.com> <3BE317B8.3040108@isi.edu> <3BE32DCC.22A84E28@stewart.chicago.il.us> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Randall Stewart wrote: > Lars: > > I will add my 2cents to Barney's reply to this as > well.. > > Lars Eggert wrote: > >>Barney Wolff wrote: >> >> >>>Whether or not multiple default routes is a good idea, SCTP-style >>>multihoming makes a tremendous difference for small organizations >>>that cannot justify getting a block of addresses big enough to be >>>routed by multiple providers. With SCTP I can have a host with >>>an address from a cable-modem provider and another from a dsl provider >>>and my peers can treat both as addresses of my one machine, so >>>connections will not break if one link goes down. The big payoff >>>for the Internet as a whole is I don't need a separate route to me >>>in the global routing tables. >>> >>The big drawback is that it requires a completely new protocol... >> > > Which is currently beginning to be deployed. Sun, Aix, Linux and > other O/S's which I refuse to name are putting forward SCTP.. That's an OS; deployment implies that the applications _AND_ libraries are also all changed, and that the users select them. >>It also requires both peers to speak SCTP, and applications in question >> >>must be changed to run over SCTP as well. In other words, it doesn't >> > > The change is a very very simple one instead of > > fd = socket(AF_INET,SOCK_STREAM, IPPROTO_TCP); > > you od > > fd = socket(AF_INET,SOCK_STREAM, IPPROTO_SCTP); > > Not a big deal for the TCP compatibility model. You don't > get to use streams if you do the above only .. but hey you > get the multiple interface... Not a big deal... Presuming you have source code for every application you want to modify. PS - how many of TCP's options translate to SCTP options directly? E.g., Nagle, etc.? All of those must be converted as well. >>work yet, and it will be some time before it does, and then only for modified apps. >> > > Not as long as you think.. IMHO I'll make that bet. What will apps do - use TCP some times, and SCTP others? Will each application have two versions? A configuration that lets you select? Ever seen this happen before? How many current apps. have this capability (e.g., to use two different protocols)? >>>I would gladly pay for two such links if there were an automatic way >>>to switch away from a broken link. Without asking cable or dsl >>>providers to talk bgp to me (which they will surely refuse to do) >>>this is not easy. >>> >>You can get the exact same behavior toady, with existing Internet >>protocols: Create an IP tunnel to the peer over one interface pair, >>switch the tunnel over to the other pair in case of failure. This is >>transparent to the application (it uses the virtual addresses of the >>tunnel), uses existing protocols (TCP/UDP over IP in IP), works now. >> >>Only new piece is reconfiguring your tunnel, which is trivial (one or >>two system commands, and can be easily automated.) > > And to add to Barney's issue... you also must wait for a > routing convergence to know to move the tunnel. In the case > of SCTP the first timeout moves you to the alternate. The 'routing convergence' can happen at the layer of the tunnels, e.g., at the response time of a round trip + the routing protocol's one-hop update frequency. Joe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 16:37:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from gull.prod.itd.earthlink.net (gull.mail.pas.earthlink.net [207.217.120.84]) by hub.freebsd.org (Postfix) with ESMTP id 9564B37B40A for ; Fri, 2 Nov 2001 16:37:37 -0800 (PST) Received: from dialup-209.247.139.223.dial1.sanjose1.level3.net ([209.247.139.223] helo=blossom.cjclark.org) by gull.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 15zooa-0006Lo-00; Fri, 02 Nov 2001 16:37:37 -0800 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.3) id fA30bAT10424; Fri, 2 Nov 2001 16:37:10 -0800 (PST) (envelope-from cjc) Date: Fri, 2 Nov 2001 16:37:09 -0800 From: "Crist J. Clark" To: Lars Eggert Cc: Randall Stewart , freebsd-net@FreeBSD.ORG Subject: Re: SCTP and multiple default routes Message-ID: <20011102163709.R4360@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <3BE30097.C02C828D@stewart.chicago.il.us> <3BE30405.5040508@isi.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3BE30405.5040508@isi.edu>; from larse@ISI.EDU on Fri, Nov 02, 2001 at 12:37:25PM -0800 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Nov 02, 2001 at 12:37:25PM -0800, Lars Eggert wrote: > Randall Stewart wrote: > > > I am working on a SCTP implementation for KAME and > > have a question/issue with routing entries in > > the current freebsd kernel (4.x stream). > > ... > > > What would be nice is to have multiple default routes > > and then have the ability to be able to do a: > > I'm not sure multiple default routes make sense. They are however required to be truly standards compliant. From RFC 1122 (Requirements for Internet Hosts -- Communication Layers), When there is no route cache entry for the destination host address (and the destination is not on the connected network), the IP layer MUST pick a gateway from its list of "default" gateways. The IP layer MUST support multiple default gateways. FreeBSD is not actually compliant on this issue. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 2 16:43:13 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 4C8CA37B408; Fri, 2 Nov 2001 16:42:58 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id fA30dO046366; Fri, 2 Nov 2001 16:39:24 -0800 (PST) (envelope-from rizzo) Date: Fri, 2 Nov 2001 16:39:24 -0800 From: Luigi Rizzo To: undisclosed-recipients: ; Subject: HEADS UP [luigi@FreeBSD.org: cvs commit: src/sys/dev/ed if_ed.c src/sys/net bridge.c bridge.h if_ethersubr.c src/sys/netinet ip_dummynet.c ip_dummynet.h ip_fw.c ip_fw.h ip_input.c ip_output.c raw_ip.c src/sbin/ipfw ipfw.8 ipfw.c] Message-ID: <20011102163924.A46186@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org [Bcc to net@freebsd.org ipfw@freebsd.org stable@freebsd.org] As announced... please give a try to this code and report any bugs. cheers luigi ----- Forwarded message from Luigi Rizzo ----- Date: Fri, 2 Nov 2001 16:36:11 -0800 (PST) From: Luigi Rizzo Subject: cvs commit: src/sys/dev/ed if_ed.c src/sys/net bridge.c bridge.h if_ethersubr.c src/sys/netinet ip_dummynet.c ip_dummynet.h ip_fw.c ip_fw.h ip_input.c ip_output.c raw_ip.c src/sbin/ipfw ipfw.8 ipfw.c To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org luigi 2001/11/02 16:36:11 PST Modified files: (Branch: RELENG_4) sys/dev/ed if_ed.c sys/net bridge.c bridge.h if_ethersubr.c sys/netinet ip_dummynet.c ip_dummynet.h ip_fw.c ip_fw.h ip_input.c ip_output.c raw_ip.c sbin/ipfw ipfw.8 ipfw.c Log: Mega-MFC for ipfw/bridge/dummynet features and fixes added over the past couple of months: * merge of ipfw rule descriptor and chain pointer. No functional change, but the internal data structures and code are way more readable; * BillF code to make ipfw/dummynet/bridge KLD'able. NOTA BENE: this still has some rough edges, which are mostly due to bugs in kldload() rather than in this code. * add a new type of dynamic rule that lets you limit the number of simultaneous connections matching certain criteria (with the usual aggregation based on port/address masks) * fix spl*() protection in same parts of the code; This code also includes some minor bugfixes and code cleanup that I will port to CURRENT as soon as i have a chance. I have tested the code as much as i could, but there is really a million combinations so I might have missed some corner case. Please report if you have problem building things. The only thing known not to work is bridge.ko -- it does forward correctly, but packets directed to the bridge itself are only received from one interface (i suspect some missing initialization), and there are some other issues at unloading time. Please use the statically compiled code for the time being. NOTE ON KLD: It appears that kldload/unload is unable to handle the case of (erroneously) loading/unloading a module which is already compiled in. What happens is that load fails, but the module is listed as loaded, and then the system panics if you attempt an unloading of the module. This problem need fixing in the module loading/unloading code, which is not in my area of competence. Revision Changes Path 1.63.2.17 +41 -18 src/sbin/ipfw/ipfw.8 1.80.2.20 +75 -20 src/sbin/ipfw/ipfw.c 1.173.2.13 +6 -11 src/sys/dev/ed/if_ed.c 1.16.2.15 +223 -102 src/sys/net/bridge.c 1.4.2.3 +18 -45 src/sys/net/bridge.h 1.70.2.18 +29 -22 src/sys/net/if_ethersubr.c 1.24.2.12 +119 -94 src/sys/netinet/ip_dummynet.c 1.10.2.4 +10 -12 src/sys/netinet/ip_dummynet.h 1.131.2.27 +561 -457 src/sys/netinet/ip_fw.c 1.47.2.10 +87 -34 src/sys/netinet/ip_fw.h 1.130.2.28 +9 -20 src/sys/netinet/ip_input.c 1.99.2.19 +6 -13 src/sys/netinet/ip_output.c 1.64.2.9 +19 -24 src/sys/netinet/raw_ip.c ----- End forwarded message ----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 4: 2:48 2001 Delivered-To: freebsd-net@freebsd.org Received: from sj-msg-core-4.cisco.com (sj-msg-core-4.cisco.com [171.71.163.10]) by hub.freebsd.org (Postfix) with ESMTP id 3337B37B413 for ; Sat, 3 Nov 2001 04:02:45 -0800 (PST) Received: from mira-sjc5-2.cisco.com (mira-sjc5-2.cisco.com [171.71.163.16]) by sj-msg-core-4.cisco.com (8.11.3/8.9.1) with ESMTP id fA3C2jT29741; Sat, 3 Nov 2001 04:02:45 -0800 (PST) Received: from stewart.chicago.il.us (ssh-sj1.cisco.com [171.68.225.134]) by mira-sjc5-2.cisco.com (Mirapoint) with ESMTP id AAE43613; Sat, 3 Nov 2001 04:02:43 -0800 (PST) Message-ID: <3BE3DCE2.EE81B6E6@stewart.chicago.il.us> Date: Sat, 03 Nov 2001 06:02:42 -0600 From: Randall Stewart X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: cjclark@alum.mit.edu Cc: Lars Eggert , freebsd-net@FreeBSD.ORG Subject: Re: SCTP and multiple default routes References: <3BE30097.C02C828D@stewart.chicago.il.us> <3BE30405.5040508@isi.edu> <20011102163709.R4360@blossom.cjclark.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Crist: Great point.. I guess with this in mind I will investagate getting this in place (after I do a bit of debugging of our stack) ... R "Crist J. Clark" wrote: > > On Fri, Nov 02, 2001 at 12:37:25PM -0800, Lars Eggert wrote: > > Randall Stewart wrote: > > > > > I am working on a SCTP implementation for KAME and > > > have a question/issue with routing entries in > > > the current freebsd kernel (4.x stream). > > > > ... > > > > > What would be nice is to have multiple default routes > > > and then have the ability to be able to do a: > > > > I'm not sure multiple default routes make sense. > > They are however required to be truly standards compliant. From > RFC 1122 (Requirements for Internet Hosts -- Communication Layers), > > When there is no route cache entry for the destination host > address (and the destination is not on the connected > network), the IP layer MUST pick a gateway from its list of > "default" gateways. The IP layer MUST support multiple > default gateways. > > FreeBSD is not actually compliant on this issue. > -- > Crist J. Clark | cjclark@alum.mit.edu > | cjclark@jhu.edu > http://people.freebsd.org/~cjc/ | cjc@freebsd.org > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Randall R. Stewart randall@stewart.chicago.il.us 815-342-5222 (cell phone) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 5:12:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by hub.freebsd.org (Postfix) with ESMTP id B38E537B41A for ; Sat, 3 Nov 2001 05:12:37 -0800 (PST) Received: by hanoi.cronyx.ru id QAA04623; (8.9.3/vak/2.1) Sat, 3 Nov 2001 16:10:59 +0300 (MSK) Received: from cronyx.ru by hanoi.cronyx.ru with ESMTP id QAA04609; (8.9.3/vak/2.1) Sat, 3 Nov 2001 16:10:59 +0300 (MSK) Message-ID: <3BE3ED17.3060603@cronyx.ru> Date: Sat, 03 Nov 2001 16:11:51 +0300 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1 X-Accept-Language: en-us MIME-Version: 1.0 To: Joerg Wunsch , freebsd-net@FreeBSD.org Subject: Re: kern/11238, kern/14848, kern/21771, sppp patch's patch_id #1 References: <000901c1134b$827a69a0$48b5ce90@crox> <3BDABF7B.4060808@cronyx.ru> <3BE24EE4.2020506@cronyx.ru> <20011102192916.A43204@uriah.heep.sax.de> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Joerg Wunsch wrote: >As Roman Kurakin wrote: > >> This letter was sent last Saturday. When should I expect any >> reaction? >> > >You've already got one from me. > I thought someone else maintains this part of kernel. Was I wrong? Best regards, Kurakin Roman > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 7:19:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from alf.uib.no (alf.uib.no [129.177.30.3]) by hub.freebsd.org (Postfix) with ESMTP id 616DB37B416 for ; Sat, 3 Nov 2001 07:19:13 -0800 (PST) Received: from tunnel-45-14.vpn.uib.no (ii.uib.no) [129.177.45.14] by alf.uib.no with esmtp (Exim 3.16) id 1602ZM-0006Rl-00; Sat, 03 Nov 2001 16:18:48 +0100 Message-ID: <3BE40BC8.9060504@ii.uib.no> Date: Sat, 03 Nov 2001 16:22:48 +0100 From: Trond Davidsen User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.3) Gecko/20010909 X-Accept-Language: en-us MIME-Version: 1.0 To: Archie Cobbs Cc: freebsd-net@FreeBSD.ORG Subject: Re: Mpd with a large number, 200+ , of bundles References: <200110301602.f9UG2gr07609@arch20m.dellroad.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Scanner: exiscan *1602ZM-0006Rl-00*y0vurEDuHDc* http://tjinfo.uib.no/virus.html Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Archie Cobbs wrote: > > One problem with netgraph is that node and hook names can only be about 15 > characters.. so when you get to 100 bundles, the hook names start > overflowing the buffers. > > If you're only running one version of mpd, for example, you can > try this patch to fix the '100 bundles' problem by shortening > the node names: > When I try to make 240 bundles, from the log, it seems mpd is makeing all the nodes ok, but when I try to establish a connection nothing happens, no respons, nothing in the log, and mpd is frozen and needs to be killed with kill -9. And then it leaves 720 nodes behind which needs to be removed manually. > > This is probably due to a fixed size buffer in the base netgraph > code somewhere... it doesn't look like libnetgraph can generate > an ENOBUFS on its own. Try running ngctl with one or more '-d' flags.. > vpn-gw3# ngctl -d -d -d Available commands: config get or set configuration of node at connect Connects hook of the node at to debug Get/set debugging verbosity level help Show command summary or get more help on a specific command list Show information about all nodes mkpeer Create and connect a new node to the node at "path" msg Send a netgraph control message to the node at "path" name Assign name to the node at read Read and execute commands from a file rmhook Disconnect hook "hook" of the node at "path" show Show information about the node at shutdown Shutdown the node at status Get human readable status information from the node at types Show information about all installed node types quit Exit program + list ngctl: SENDING MESSAGE: ngctl: SOCKADDR: { fam=32 len=4 addr="." } ngctl: NG_MESG : ngctl: vers 2 ngctl: arglen 0 ngctl: flags 0 ngctl: token 1 ngctl: cookie GENERIC (851672668) ngctl: cmd 9 ngctl: args (0 bytes) ngctl: sendto(.): No buffer space available ngctl: send msg: No buffer space available + When I create 240 bundles, mpd creates 720 netgraph nodes. Is there a limit on how many nodes the netgraph system can handle? Where is the netgraph system defined? i can find the modules under /usr/src/sys/modules/netgraph, but I can't find the 'netgraph base system'. Trond To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 8: 0:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from alf.uib.no (alf.uib.no [129.177.30.3]) by hub.freebsd.org (Postfix) with ESMTP id D04B037B416 for ; Sat, 3 Nov 2001 08:00:16 -0800 (PST) Received: from tunnel-45-14.vpn.uib.no (ii.uib.no) [129.177.45.14] by alf.uib.no with esmtp (Exim 3.16) id 1603Bn-0007Nq-00; Sat, 03 Nov 2001 16:58:31 +0100 Message-ID: <3BE41516.5040300@ii.uib.no> Date: Sat, 03 Nov 2001 17:02:30 +0100 From: Trond Davidsen User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.3) Gecko/20010909 X-Accept-Language: en-us MIME-Version: 1.0 To: Trond Davidsen Cc: Archie Cobbs , freebsd-net@FreeBSD.ORG Subject: Re: Mpd with a large number, 200+ , of bundles References: <200110301602.f9UG2gr07609@arch20m.dellroad.org> <3BE40BC8.9060504@ii.uib.no> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Scanner: exiscan *1603Bn-0007Nq-00*GyOtmoPUETk* http://tjinfo.uib.no/virus.html Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Trond Davidsen wrote: > > When I create 240 bundles, mpd creates 720 netgraph nodes. > Is there a limit on how many nodes the netgraph system can handle? > Where is the netgraph system defined? i can find the modules under > /usr/src/sys/modules/netgraph, but I can't find the 'netgraph base system'. > My bad, mpd makes 1216 nodes: vpn-gw3# ngctl types There are 21 total types: Type name Number of living nodes --------- ---------------------- pppoe 0 ppp 241 one2many 0 mppc 0 lmi 0 ksocket 0 iface 251 hole 0 frame_relay 0 ether 3 echo 0 cisco 0 bpf 241 async 0 vjc 241 UI 0 tty 0 tee 0 socket 242 rfc1490 0 pptpgre 0 vpn-gw3# can netgraph handle this many nodes by default? Trond To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 9:15:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id A473E37B417 for ; Sat, 3 Nov 2001 09:15:18 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id fA3HBhT56102; Sat, 3 Nov 2001 09:11:43 -0800 (PST) (envelope-from rizzo) Date: Sat, 3 Nov 2001 09:11:43 -0800 From: Luigi Rizzo To: net@freebsd.org, mjacob@feral.com Subject: softc, ifnet and arpcom overlay Message-ID: <20011103091143.B47299@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, i remember early in october this topic came out, but while i can easily find out where the arpcom/ifnet overlay is used, i am not totally certain about the softc/ifnet overlay. For first, there is a reference from ifnet to the corresponding softc, so in principle the overlay is totally unnecessary. Secondly, the only two places where I could find this assumption being actually used seem to be easily fixable: net/if_iso88025subr.c - line 139 @iso88025_ioctl() bcopy(((struct arpcom *)ifp->if_softc)->ac_enaddr, (caddr_t) sa->sa_data, ISO88025_ADDR_LEN); here, the "->if_softc" should be just omitted because ifp can be already cast to a (struct arpcom *) net/if_vlan.c - lnie 528 @vlan_ioctl() bcopy(((struct arpcom *)ifp->if_softc)->ac_enaddr, (caddr_t) sa->sa_data, ETHER_ADDR_LEN); same as above (these two sections seem to be copied one from the other) Is there any other place to look at ? cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 9:50: 6 2001 Delivered-To: freebsd-net@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id 6161837B418 for ; Sat, 3 Nov 2001 09:49:58 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id SAA00132; Sat, 3 Nov 2001 18:49:55 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id fA3HTRx80267; Sat, 3 Nov 2001 18:29:27 +0100 (MET) (envelope-from j) Date: Sat, 3 Nov 2001 18:29:27 +0100 From: Joerg Wunsch To: Roman Kurakin Cc: freebsd-net@FreeBSD.org Subject: Re: kern/11238, kern/14848, kern/21771, sppp patch's patch_id #1 Message-ID: <20011103182927.F43204@uriah.heep.sax.de> Reply-To: Joerg Wunsch References: <000901c1134b$827a69a0$48b5ce90@crox> <3BDABF7B.4060808@cronyx.ru> <3BE24EE4.2020506@cronyx.ru> <20011102192916.A43204@uriah.heep.sax.de> <3BE3ED17.3060603@cronyx.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <3BE3ED17.3060603@cronyx.ru>; from rik@cronyx.ru on Sat, Nov 03, 2001 at 04:11:51PM +0300 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org As Roman Kurakin wrote: > >You've already got one from me. > > > I thought someone else maintains this part of kernel. Was I wrong? Probably. At least it was me who wrote larger parts of the current sppp implementation. As mentioned, it's very unfortunate that a number of offspring implementations evolved in the past, mainly in ISDN4BSD and in NetBSD. It's still my goal to merge the ISDN4BSD version completely (there's no need to have two functionally very similar implementations in our source tree, and i promised this merge to Hellmuth Michaelis), and my review of NetBSD so far has shown that they've also fixed a number of bugs (and added some useful features). Get me right, i wouldn't mind passing this task to someone else :), but the issue here is that both trees should not be merged as a large blurb diff, but patches should rather be taken piecewise from their trees so our CVS history remains clear and the impact can be overlooked by someone else by just following CVS. The NetBSD CVS is now publically available, and i've also got the ISDN4BSD CVS tree here. The downside of all this is that it takes a FreeBSD committer to do it (i expect some two dozens of committs approximately), and someone who's got quite a bit of time at hand. -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 10:17:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from apollo.sitaranetworks.com (apollo.sitaranetworks.com [199.103.141.105]) by hub.freebsd.org (Postfix) with ESMTP id DDFE537B416 for ; Sat, 3 Nov 2001 10:17:37 -0800 (PST) Received: from rios.sitaranetworks.com (rios.sitaranetworks.com [199.103.141.78]) by apollo.sitaranetworks.com (8.10.2+Sun/8.9.3) with ESMTP id fA3IHBp14913; Sat, 3 Nov 2001 13:17:11 -0500 (EST) Received: by rios.sitaranetworks.com with Internet Mail Service (5.5.2653.19) id ; Sat, 3 Nov 2001 13:17:25 -0500 Message-ID: <31269226357BD211979E00A0C9866DAB01BE79AC@rios.sitaranetworks.com> From: Jim McGrath To: "'Luigi Rizzo'" , net@FreeBSD.ORG, mjacob@feral.com Subject: RE: softc, ifnet and arpcom overlay Date: Sat, 3 Nov 2001 13:17:24 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Check mii.c, miibus_attach() Jim -----Original Message----- From: Luigi Rizzo [mailto:rizzo@aciri.org] Sent: Saturday, November 03, 2001 12:12 PM To: net@FreeBSD.ORG; mjacob@feral.com Subject: softc, ifnet and arpcom overlay Hi, i remember early in october this topic came out, but while i can easily find out where the arpcom/ifnet overlay is used, i am not totally certain about the softc/ifnet overlay. For first, there is a reference from ifnet to the corresponding softc, so in principle the overlay is totally unnecessary. Secondly, the only two places where I could find this assumption being actually used seem to be easily fixable: net/if_iso88025subr.c - line 139 @iso88025_ioctl() bcopy(((struct arpcom *)ifp->if_softc)->ac_enaddr, (caddr_t) sa->sa_data, ISO88025_ADDR_LEN); here, the "->if_softc" should be just omitted because ifp can be already cast to a (struct arpcom *) net/if_vlan.c - lnie 528 @vlan_ioctl() bcopy(((struct arpcom *)ifp->if_softc)->ac_enaddr, (caddr_t) sa->sa_data, ETHER_ADDR_LEN); same as above (these two sections seem to be copied one from the other) Is there any other place to look at ? cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 10:45: 9 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id D1CDF37B416 for ; Sat, 3 Nov 2001 10:45:04 -0800 (PST) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id KAA86983; Sat, 3 Nov 2001 10:31:47 -0800 (PST) Received: (from archie@localhost) by arch20m.dellroad.org (8.11.6/8.11.6) id fA3IVl424031; Sat, 3 Nov 2001 10:31:47 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200111031831.fA3IVl424031@arch20m.dellroad.org> Subject: Re: Mpd with a large number, 200+ , of bundles In-Reply-To: <3BE40BC8.9060504@ii.uib.no> "from Trond Davidsen at Nov 3, 2001 04:22:48 pm" To: Trond Davidsen Date: Sat, 3 Nov 2001 10:31:46 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Trond Davidsen writes: > When I try to make 240 bundles, from the log, it seems mpd is makeing > all the nodes ok, but when I try to establish a connection nothing > happens, no respons, nothing in the log, and mpd is frozen and needs to > be killed with kill -9. And then it leaves 720 nodes behind which needs > to be removed manually. Hmmm.. sounds like a kernel problem (the fact that kill -9 is required). > > This is probably due to a fixed size buffer in the base netgraph > > code somewhere... it doesn't look like libnetgraph can generate > > an ENOBUFS on its own. Try running ngctl with one or more '-d' flags.. > > vpn-gw3# ngctl -d -d -d > Available commands: > config get or set configuration of node at > connect Connects hook of the node at to > debug Get/set debugging verbosity level > help Show command summary or get more help on a specific command > list Show information about all nodes > mkpeer Create and connect a new node to the node at "path" > msg Send a netgraph control message to the node at "path" > name Assign name to the node at > read Read and execute commands from a file > rmhook Disconnect hook "hook" of the node at "path" > show Show information about the node at > shutdown Shutdown the node at > status Get human readable status information from the node at > types Show information about all installed node types > quit Exit program > + list > ngctl: SENDING MESSAGE: > ngctl: SOCKADDR: { fam=32 len=4 addr="." } > ngctl: NG_MESG : > ngctl: vers 2 > ngctl: arglen 0 > ngctl: flags 0 > ngctl: token 1 > ngctl: cookie GENERIC (851672668) > ngctl: cmd 9 > ngctl: args (0 bytes) > ngctl: sendto(.): No buffer space available > ngctl: send msg: No buffer space available I think this error must be coming from the socket code. I wonder if increasing the receive buffer size on the netgraph socket would help.. try this patch for example: Index: main.c =================================================================== RCS file: /home/cvs/freebsd/src/usr.sbin/ngctl/main.c,v retrieving revision 1.4.2.3 diff -u -r1.4.2.3 main.c --- main.c 2001/01/09 06:52:25 1.4.2.3 +++ main.c 2001/11/03 18:29:33 @@ -145,6 +145,13 @@ if (NgMkSockNode(name, &csock, &dsock) < 0) err(EX_OSERR, "can't create node"); + { + int size = 128 * 1024; + + if (setsockopt(csock, SOL_SOCKET, SO_RCVBUF, &size, sizeof(size)) == -1) + err(1, "setsockopt"); + } + /* Do commands as requested */ if (ac == 0) { if (fp != NULL) { > When I create 240 bundles, mpd creates 720 netgraph nodes. > Is there a limit on how many nodes the netgraph system can handle? No hard limit internally, but there are limits on how large a control message you can jam through a socket. > Where is the netgraph system defined? i can find the modules under > /usr/src/sys/modules/netgraph, but I can't find the 'netgraph base system'. It's in /sys/netgraph/ng_base.c. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 11: 9:28 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id DB60E37B417 for ; Sat, 3 Nov 2001 11:09:25 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id fA3J5n956766; Sat, 3 Nov 2001 11:05:49 -0800 (PST) (envelope-from rizzo) Date: Sat, 3 Nov 2001 11:05:49 -0800 From: "'Luigi Rizzo'" To: Jim McGrath Cc: net@FreeBSD.ORG, mjacob@feral.com Subject: Re: softc, ifnet and arpcom overlay Message-ID: <20011103110549.A56707@iguana.aciri.org> References: <31269226357BD211979E00A0C9866DAB01BE79AC@rios.sitaranetworks.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <31269226357BD211979E00A0C9866DAB01BE79AC@rios.sitaranetworks.com> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Nov 03, 2001 at 01:17:24PM -0500, Jim McGrath wrote: > Check mii.c, miibus_attach() I don't see anything strange there, the access is through device_get_softc(dev) which presumably does the right thing and makes no assumption on structure layout. cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 11:32:28 2001 Delivered-To: freebsd-net@freebsd.org Received: from apollo.sitaranetworks.com (apollo.sitaranetworks.com [199.103.141.105]) by hub.freebsd.org (Postfix) with ESMTP id 4DF6D37B419 for ; Sat, 3 Nov 2001 11:32:26 -0800 (PST) Received: from rios.sitaranetworks.com (rios.sitaranetworks.com [199.103.141.78]) by apollo.sitaranetworks.com (8.10.2+Sun/8.9.3) with ESMTP id fA3JW4p15244; Sat, 3 Nov 2001 14:32:04 -0500 (EST) Received: by rios.sitaranetworks.com with Internet Mail Service (5.5.2653.19) id ; Sat, 3 Nov 2001 14:32:18 -0500 Message-ID: <31269226357BD211979E00A0C9866DAB01BE79AD@rios.sitaranetworks.com> From: Jim McGrath To: "'Luigi Rizzo'" , Jim McGrath Cc: net@FreeBSD.ORG, mjacob@feral.com Subject: RE: softc, ifnet and arpcom overlay Date: Sat, 3 Nov 2001 14:32:18 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org It makes the assumption that the ifnet/arpcom structure is at the beginning of the softc structure. In needs to do this to maintain media independence. Also see http://www.freebsd.org/cgi/query-pr.cgi?pr=29249 Jim -----Original Message----- From: 'Luigi Rizzo' [mailto:rizzo@aciri.org] Sent: Saturday, November 03, 2001 2:06 PM To: Jim McGrath Cc: net@FreeBSD.ORG; mjacob@feral.com Subject: Re: softc, ifnet and arpcom overlay On Sat, Nov 03, 2001 at 01:17:24PM -0500, Jim McGrath wrote: > Check mii.c, miibus_attach() I don't see anything strange there, the access is through device_get_softc(dev) which presumably does the right thing and makes no assumption on structure layout. cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 11:44:37 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 2655737B416 for ; Sat, 3 Nov 2001 11:44:36 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id fA3JexF57038; Sat, 3 Nov 2001 11:40:59 -0800 (PST) (envelope-from rizzo) Date: Sat, 3 Nov 2001 11:40:59 -0800 From: "'Luigi Rizzo'" To: Jim McGrath Cc: net@FreeBSD.ORG, mjacob@feral.com Subject: Re: softc, ifnet and arpcom overlay Message-ID: <20011103114059.A56950@iguana.aciri.org> References: <31269226357BD211979E00A0C9866DAB01BE79AD@rios.sitaranetworks.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <31269226357BD211979E00A0C9866DAB01BE79AD@rios.sitaranetworks.com> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Nov 03, 2001 at 02:32:18PM -0500, Jim McGrath wrote: > It makes the assumption that the ifnet/arpcom structure is at the beginning > of the softc structure. In needs to do this to maintain media independence. whoops, you are right... it is really bad that dev->softc is a void* and there is no static or dynamic type information associated with it. thanks luigi > Also see http://www.freebsd.org/cgi/query-pr.cgi?pr=29249 > > Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 13:53:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18]) by hub.freebsd.org (Postfix) with ESMTP id 1966737B417 for ; Sat, 3 Nov 2001 13:53:31 -0800 (PST) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [fec0::1:12]) by Awfulhak.org (8.11.6/8.11.6) with ESMTP id fA3LrKH07272; Sat, 3 Nov 2001 21:53:20 GMT (envelope-from brian@freebsd-services.com) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.6/8.11.6) with ESMTP id fA3LrG813154; Sat, 3 Nov 2001 21:53:16 GMT (envelope-from brian@freebsd-services.com) Message-Id: <200111032153.fA3LrG813154@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: Federico Quevedo Cc: freebsd-net@FreeBSD.ORG, Julian Elischer , brian@freebsd-services.com Subject: Re: ng_pppoe accounting? In-Reply-To: Message from Federico Quevedo of "Wed, 31 Oct 2001 04:40:59 +0100." <3BDF72CB.77B15F5C@cuimail.unige.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Date: Sat, 03 Nov 2001 21:53:16 +0000 From: Brian Somers Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I've just implemented a ``log'' command in ppp. You can now do something like ``log ${MACADDR} HISADDR USER UPTIME'' = to your ppp.linkdown. The only missing bit is getting pppoed to put $MACADDR into ppp's = environment.... > Julian Elischer wrote: > = > > On Tue, 30 Oct 2001, QUEVEDO BUSTILLOS Jose Federico wrote: > > > > > Hi, > > > > > > I'm a newbie in netgraph structures and I will like to ask your adv= ice > > > about some PPPoE related ideas. > > > > > > I'm using a FreeBDS box with PPPoE installed and working as a gatew= ay. My > > > goal is to establish basic administration and accounting for PPPoE = users. > > > > > > > You are using pppoed to offer pppoe service? > = > I'm thinking of using pppoed as a server that offers connection to inte= rnal > network boxes (essentially laptops) that want to establish an Internet = connexion > acces. > = > = > Lab > University Network > = > -------=A6 > =A6--------- > internal network =A6 ----------- FreeBSD box ---------------=A6= Internet > = > pppoe clients ------=A6 > (pppoed) =A6-------- > = > = > = > > > The basic accounting needs (not with commercial goals) are: > > > > As a server or as a client? > > > > > > > > 1. Keep track of the MAC addresses and users names of the PPPoE > > > connections to the gateway, store time connection of the session an= d > > > traffic generated. > > > > Is this the kind of logging you want? > > (I don't have this.. I did it by hand) > > > > 13:23:20 2001-10-29 00:23:33:01:23:54 julian 192.168.1.1 > > 13:24:30 2001-10-29 00:01:43:11:45:78 bob 192.168.1.3 > > 13:25:11 2001-10-29 00:23:33:76:2:24 paul 192.168.1.5 > > 13:35:10 2001-10-29 00:23:33:01:23:54 *close* 12334354 in 32412344 = out > > ... > = > Is exactly what I would like to generate! > = > > The ppp daemon could do this if it knew the associated link and could= > > retrieve the MAC address associated with it. > > > > there are several roadblocks.. > > 1/the ppp daemon doesn't keep a control socket associated with the > > connection so it can't inquire about the MAC address. > = > I was thinking to give pppoed (during the discovery phase) the possibil= ity to > select the IP from a pool of IP address (the same as ppp does - FreeBS= D pppd > does?), match it with MAC address of client that is well known at this= stage > and generate this part of our supposed loggin file: > = > Time_of_starting_connection MAC_address IP_address > 13:23:20 00:23:33:01:23:54 19= 2.168.1.1 > = > 13:24:30 00:01:43:11:45:78 19= 2.168.1.3 > = > Then, the call message to ppp could be: > = > exec /usr/sbin/ppp -direct -set ifaddr "localhost_ip" "IP_assigned_by_p= ppoed" > = > and the log file already generated could be used by ppp to retrive MAC > address.....??? > = > > 2/ If it were to try create a new control socket, it could not connec= t it > > to the existing data socket. > > > > It may be possible that the ppp daemon might know the netgraph node n= ame > > for the data socket node, in which case it could get the information > > requested. > > This would require an answer from Brian > > > > > 2. Dynamic assignation of IP address. (I think on two possibilities= a) > > > PPPoE assignation: when PADR arrives, the gw should look into a poo= l of IP > > > adresses and assign one "before calling PPP". B) leave PPP the assi= gnation > > > and capture the IP in other way). > > > > I think you need to leave it to ppp. > > but maybe ppp can become aware of teh MAc address. > > > > > > > > Result: A log file produced with a session match of: > > > > > > MAC add - IP add - username - time of session. > > > > > > Should I touch the ng_pppoe code? or should I create a netgraph nod= e to > > > place between ng_node and ng_ppp? > > > Am I on the good way > > > > Probably not good to touch the pppoe code.. > > until you discuss it with Brian. > > Then when you can agree on what needs to be changed we can change it.= > > the ppp code needs to be in charge.. > = > Thanks, > = > Federico > = > > > > > > > > Thanks in advance, > > > > > > Federico Quevedo > > > > > > ................................................................. > > > Federico Quevedo [.....] -- = Brian http://www.freebsd-services.com/ Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 3 15:32:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from alf.uib.no (alf.uib.no [129.177.30.3]) by hub.freebsd.org (Postfix) with ESMTP id F083137B405 for ; Sat, 3 Nov 2001 15:32:11 -0800 (PST) Received: from tunnel-45-11.vpn.uib.no (ii.uib.no) [129.177.45.11] by alf.uib.no with esmtp (Exim 3.16) id 160AFr-0001dG-00; Sun, 04 Nov 2001 00:31:11 +0100 Message-ID: <3BE47F52.2050001@ii.uib.no> Date: Sun, 04 Nov 2001 00:35:46 +0100 From: Trond Davidsen User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.3) Gecko/20010909 X-Accept-Language: en-us MIME-Version: 1.0 To: Archie Cobbs Cc: freebsd-net@FreeBSD.ORG Subject: Re: Mpd with a large number, 200+ , of bundles References: <200111031831.fA3IVl424031@arch20m.dellroad.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Scanner: exiscan *160AFr-0001dG-00*pktzQiO6l0o* http://tjinfo.uib.no/virus.html Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Archie Cobbs wrote: > > I think this error must be coming from the socket code. I wonder > if increasing the receive buffer size on the netgraph socket would > help.. try this patch for example: > > Index: main.c > =================================================================== > RCS file: /home/cvs/freebsd/src/usr.sbin/ngctl/main.c,v > retrieving revision 1.4.2.3 > diff -u -r1.4.2.3 main.c > --- main.c 2001/01/09 06:52:25 1.4.2.3 > +++ main.c 2001/11/03 18:29:33 > @@ -145,6 +145,13 @@ > if (NgMkSockNode(name, &csock, &dsock) < 0) > err(EX_OSERR, "can't create node"); > > + { > + int size = 128 * 1024; > + > + if (setsockopt(csock, SOL_SOCKET, SO_RCVBUF, &size, sizeof(size)) == -1) > + err(1, "setsockopt"); > + } > + > /* Do commands as requested */ > if (ac == 0) { > if (fp != NULL) { > > After applying this patch, running 'ngctl list' lists bundles 240 - 160: [removed lots of output] Name: mpd-pptp160 Type: ppp ID: 00000330 Num hooks: 6 Name: ng170 Type: iface ID: 0000032f Num hooks: 1 Name: Type: socket ID: 0000032e Num hooks: 2 Name: Type: vjc ID: 0000032d Num hooks: 4 Name: Type: bpf ID: 0000032c Num hooks: 3 Name: fxp0 Type: ether ID: 00000001 Num hooks: 0 ngctl: send msg: No such file or directory vpn-gw3# Running 'ngctl -d list' lists bundles 240 - 160: [removed lots of output] Name: mpd-pptp160 Type: ppp ID: 00000330 Num hooks: 6 Name: ng170 Type: iface ID: 0000032f Num hooks: 1 Name: Type: socket ID: 0000032e Num hooks: 2 Name: Type: vjc ID: 0000032d Num hooks: 4 Name: Type: bpf ID: 0000032c Num hooks: 3 Name: fxp0 Type: ether ID: 00000001 Num hooks: 0 ngctl: sendto([bfbffbf8]:): No such file or directory ngctl: send msg: No such file or directory vpn-gw3# Running 'ngctl -dd list' fills the screen with message dumps, and ends with 'Bus error (core dumped)', gdb shows this: [removed lots of output] Program received signal SIGBUS, Bus error. 0x2806a12e in _NgDebugBytes () from /usr/lib/libnetgraph.so.1 (gdb) bt #0 0x2806a12e in _NgDebugBytes () from /usr/lib/libnetgraph.so.1 #1 0x2806a051 in _NgDebugMsg () from /usr/lib/libnetgraph.so.1 #2 0x2806af7b in NgRecvMsg () from /usr/lib/libnetgraph.so.1 #3 0x804a791 in ListCmd (ac=0, av=0xbfbfca5c) at /usr/src/usr.sbin/ngctl/list.c:93 #4 0x80495d2 in DoCommand (ac=1, av=0xbfbfca58) at /usr/src/usr.sbin/ngctl/main.c:306 #5 0x804956e in DoParseCommand (line=0xbfbfd2f8 "list") at /usr/src/usr.sbin/ngctl/main.c:290 #6 0x804949b in DoInteractive () at /usr/src/usr.sbin/ngctl/main.c:268 #7 0x8048e47 in main (ac=0, av=0xbfbffc30) at /usr/src/usr.sbin/ngctl/main.c:160 #8 0x8048b81 in _start () (gdb) Trond To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message