From owner-freebsd-net Sun Nov 10 0:57:53 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F050137B401 for ; Sun, 10 Nov 2002 00:57:52 -0800 (PST) Received: from otdel-1.org (draculina.otdel-1.org [195.230.89.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id 32CAF43E3B for ; Sun, 10 Nov 2002 00:57:51 -0800 (PST) (envelope-from bsd#nms@otdel-1.org) Received: by otdel-1.org (CommuniGate Pro PIPE 4.0.1) with PIPE id 2340299; Sun, 10 Nov 2002 11:57:43 +0300 Date: Sun, 10 Nov 2002 11:57:42 +0300 From: Nikolai Saoukh To: freebsd-net@FreeBSD.ORG Subject: Re: HTTPS throw tunnels Message-ID: <20021110085742.GA23259@otdel1.org> Mail-Followup-To: freebsd-net@FreeBSD.ORG References: <200211052108.gA5L8iCg039833@arch20m.dellroad.org> <007601c28882$10c8b430$02010101@wall> <20021110062557.GA22951@otdel1.org> <00ae01c28888$0bc8e440$02010101@wall> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00ae01c28888$0bc8e440$02010101@wall> User-Agent: Mutt/1.5.1i X-Mailer: CommuniGate Pro CLI mailer Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org | > to be precise -- any kind of traffic through mpd tunnel is slow. | > A least slower then pptp tunnel between to windows computers. | And how to find answer ? I have no answer yet. As well as to another problem where mpd tunnel freezes after some time. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Nov 10 1:41:53 2002 Delivered-To: freebsd-net@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 508) id E655837B401; Sun, 10 Nov 2002 01:41:50 -0800 (PST) To: freebsd-net@freebsd.org, toasty@dragondata.com Subject: Re: Packet forwarding overhead - with ipfw counting In-Reply-To: <5.1.1.5.2.20021109202725.00b61a10@127.0.0.1> Message-Id: <20021110094150.E655837B401@hub.freebsd.org> Date: Sun, 10 Nov 2002 01:41:50 -0800 (PST) From: julian@FreeBSD.ORG (Julian Elischer) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I have a server acting as a router. Dual bge gigabit network interfaces > (PCI-X), one is the WAN side the other is the LAN side. > When we're pushing 250-300mbits through, we're using about 15% of its > 2.4Ghz P4 Xeon CPU. All of it is in "interrupt" time... that seems a bit > high, but that'll still let us max things out at 1gbit so we're ok. > However, we wanted to do some MRTG style traffic charts per ip. I added > about 30 sets of ipfw rules like this: > count ip from 10.0.0.160 to any > count ip from any to 10.0.0.160 > Having these in place more than tripled the CPU usage. Am I just hitting a > non-optimized codepath in ipfw, or is this normal for these kind of rules? make sure you minimise the rules each packet passes through.. for a start, start with a rule like: # send packets through the externa linteface for counting 100 skipto 1000 ip from any to any in recv fxp0 110 skipto 2000 ip from any to any out xmit fxp0 # let packets going through the other (internal) interfaces pass. 120 accept ip from any to any Ok, so now only count incoming packets at rule 1000 and outgoing packets at 2000 You have imediatly halved the number of rules each packet traverses. Next, try use a binary tree structure of some sort (using skipto) on each set of these rules to ensure each packet sees the minimum number of rules. for example assuming you are couning 30 addresses 10.0.0.1 through 10.0.0.31 you can do as follows for counting the incoming packets. Each packet traverses on average 5 rules. # don't count packets outside the range we are interested in. 1000 skipto 1900 ip from any to not 10.0.0.0/27 # make a binary tree down to 4 addresses 1010 skipto 1500 ip from any to 10.0.0.16/28 # 0..15 1020 skipto 1300 ip from any to 10.0.0.8/29 # 0..7 1100 skipto 1204 ip from any to 10.0.0.4/30 # 0..3 1200 skipto 3000 count ip from any to 10.0.0.0 1201 skipto 3000 count ip from any to 10.0.0.1 1202 skipto 3000 count ip from any to 10.0.0.2 1203 skipto 3000 count ip from any to 10.0.0.3 # 4..7 1204 skipto 3000 count ip from any to 10.0.0.4 1205 skipto 3000 count ip from any to 10.0.0.5 1206 skipto 3000 count ip from any to 10.0.0.6 1207 skipto 3000 count ip from any to 10.0.0.7 # 8..16 1300 skipto 1312 ip from any to 10.0.0.12/30 # 8..15 1308 skipto 3000 count ip from any to 10.0.0.8 1309 skipto 3000 count ip from any to 10.0.0.9 1310 skipto 3000 count ip from any to 10.0.0.10 1311 skipto 3000 count ip from any to 10.0.0.11 # 12..15 1312 skipto 3000 count ip from any to 10.0.0.12 1313 skipto 3000 count ip from any to 10.0.0.13 1314 skipto 3000 count ip from any to 10.0.0.14 1315 skipto 3000 count ip from any to 10.0.0.15 # 16..31 1500 skipto 1600 ip from any to 10.0.0.24/29 # 16..23 1500 skipto 1520 ip from any to 10.0.0.20/30 # 16..19 1516 skipto 3000 count ip from any to 10.0.0.16 1517 skipto 3000 count ip from any to 10.0.0.17 1518 skipto 3000 count ip from any to 10.0.0.18 1519 skipto 3000 count ip from any to 10.0.0.19 # 20..23 1520 skipto 3000 count ip from any to 10.0.0.20 1521 skipto 3000 count ip from any to 10.0.0.21 1522 skipto 3000 count ip from any to 10.0.0.22 1523 skipto 3000 count ip from any to 10.0.0.23 # 24..31 1600 skipto 1628 ip from any to 10.0.0.28/30 # 24..27 1624 skipto 3000 count ip from any to 10.0.0.24 1625 skipto 3000 count ip from any to 10.0.0.25 1626 skipto 3000 count ip from any to 10.0.0.26 1627 skipto 3000 count ip from any to 10.0.0.27 # 28..31 1628 skipto 3000 count ip from any to 10.0.0.28 1629 skipto 3000 count ip from any to 10.0.0.29 1630 skipto 3000 count ip from any to 10.0.0.30 1631 skipto 3000 count ip from any to 10.0.0.31 Obviously a similar rule set can be created for outgoing packets. A shell script could be written to write this ruleset.. [note I have not tested it but I have done similar in the past.] This reduces the number of rules tested per packet from 64 to 6 julian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Nov 10 1:46:15 2002 Delivered-To: freebsd-net@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 508) id 8774737B401; Sun, 10 Nov 2002 01:46:14 -0800 (PST) To: freebsd-net@freebsd.org, julian@FreeBSD.ORG, toasty@dragondata.com Subject: Re: Packet forwarding overhead - with ipfw counting In-Reply-To: <20021110094150.E655837B401@hub.freebsd.org> Message-Id: <20021110094614.8774737B401@hub.freebsd.org> Date: Sun, 10 Nov 2002 01:46:14 -0800 (PST) From: julian@FreeBSD.ORG (Julian Elischer) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org oops, duh, Take the 'count' keyword out.. they count anyhow.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Nov 10 1:52:38 2002 Delivered-To: freebsd-net@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 508) id D39F337B401; Sun, 10 Nov 2002 01:52:37 -0800 (PST) To: bsd#nms@otdel-1.org, freebsd-net@FreeBSD.ORG Subject: Re: HTTPS throw tunnels In-Reply-To: <20021110085742.GA23259@otdel1.org> Message-Id: <20021110095237.D39F337B401@hub.freebsd.org> Date: Sun, 10 Nov 2002 01:52:37 -0800 (PST) From: julian@FreeBSD.ORG (Julian Elischer) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > | > to be precise -- any kind of traffic through mpd tunnel is slow. > | > A least slower then pptp tunnel between to windows computers. > | And how to find answer ? > I have no answer yet. As well as to another problem where mpd > tunnel freezes after some time. well it takes a while for people to read the email.. define 'slow'. I have seen several MB/sec through mpd tunnels. (mpd running over IPSEC) I HAVE seen some tunnel freezes under mpd and am working with archie to fix it, however it got a lot better with the newest ng_ppp kernel module. I run multilink over udp over IPSEC to get ISP failure independence. (different upd tunnels are routed via different ISPs) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Nov 10 2:37:49 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4CB4937B401; Sun, 10 Nov 2002 02:37:46 -0800 (PST) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id D9B7243E3B; Sun, 10 Nov 2002 02:37:45 -0800 (PST) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.3/8.12.3) with ESMTP id gAAAbXAh087349; Sun, 10 Nov 2002 02:37:33 -0800 (PST) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.3/8.12.3/Submit) id gAAAbXIj087348; Sun, 10 Nov 2002 02:37:33 -0800 (PST) (envelope-from rizzo) Date: Sun, 10 Nov 2002 02:37:33 -0800 From: Luigi Rizzo To: Julian Elischer Cc: freebsd-net@FreeBSD.ORG, toasty@dragondata.com Subject: Re: Packet forwarding overhead - with ipfw counting Message-ID: <20021110023733.A86928@xorpc.icir.org> References: <5.1.1.5.2.20021109202725.00b61a10@127.0.0.1> <20021110094150.E655837B401@hub.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20021110094150.E655837B401@hub.freebsd.org>; from julian@FreeBSD.ORG on Sun, Nov 10, 2002 at 01:41:50AM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org another way to do the count efficiently is to use dummynet dynamic pipes: ipfw add 100 pipe 1 ip from 10.0.0.0/24 to any ipfw add 100 pipe 2 ip from any to 10.0.0.0/24 ipfw pipe 1 config mask src-ip 0xffffffff ipfw pipe 2 config mask dst-ip 0xffffffff sysctl net.inet.ip.dummynet.expire=0 and then do ipfw pipe show to display the stats (and read the ipfw manpage for details). cheers luigi On Sun, Nov 10, 2002 at 01:41:50AM -0800, Julian Elischer wrote: > > > I have a server acting as a router. Dual bge gigabit network interfaces > > (PCI-X), one is the WAN side the other is the LAN side. > > > When we're pushing 250-300mbits through, we're using about 15% of its > > 2.4Ghz P4 Xeon CPU. All of it is in "interrupt" time... that seems a bit > > high, but that'll still let us max things out at 1gbit so we're ok. > > > However, we wanted to do some MRTG style traffic charts per ip. I added > > about 30 sets of ipfw rules like this: > > > count ip from 10.0.0.160 to any > > count ip from any to 10.0.0.160 > > > Having these in place more than tripled the CPU usage. Am I just hitting a > > non-optimized codepath in ipfw, or is this normal for these kind of rules? > > > make sure you minimise the rules each packet passes through.. > for a start, start with a rule like: > > # send packets through the externa linteface for counting > 100 skipto 1000 ip from any to any in recv fxp0 > 110 skipto 2000 ip from any to any out xmit fxp0 > # let packets going through the other (internal) interfaces pass. > 120 accept ip from any to any > > Ok, so now only count incoming packets at rule 1000 > and outgoing packets at 2000 You have imediatly halved the > number of rules each packet traverses. > > Next, try use a binary tree structure of some sort (using skipto) > on each set of these rules to ensure each packet sees the minimum > number of rules. > > for example assuming you are couning 30 addresses 10.0.0.1 through > 10.0.0.31 > > > > you can do as follows for counting the incoming packets. > Each packet traverses on average 5 rules. > > # don't count packets outside the range we are interested in. > 1000 skipto 1900 ip from any to not 10.0.0.0/27 > # make a binary tree down to 4 addresses > 1010 skipto 1500 ip from any to 10.0.0.16/28 > # 0..15 > 1020 skipto 1300 ip from any to 10.0.0.8/29 > # 0..7 > 1100 skipto 1204 ip from any to 10.0.0.4/30 > # 0..3 > 1200 skipto 3000 count ip from any to 10.0.0.0 > 1201 skipto 3000 count ip from any to 10.0.0.1 > 1202 skipto 3000 count ip from any to 10.0.0.2 > 1203 skipto 3000 count ip from any to 10.0.0.3 > # 4..7 > 1204 skipto 3000 count ip from any to 10.0.0.4 > 1205 skipto 3000 count ip from any to 10.0.0.5 > 1206 skipto 3000 count ip from any to 10.0.0.6 > 1207 skipto 3000 count ip from any to 10.0.0.7 > # 8..16 > 1300 skipto 1312 ip from any to 10.0.0.12/30 > # 8..15 > 1308 skipto 3000 count ip from any to 10.0.0.8 > 1309 skipto 3000 count ip from any to 10.0.0.9 > 1310 skipto 3000 count ip from any to 10.0.0.10 > 1311 skipto 3000 count ip from any to 10.0.0.11 > # 12..15 > 1312 skipto 3000 count ip from any to 10.0.0.12 > 1313 skipto 3000 count ip from any to 10.0.0.13 > 1314 skipto 3000 count ip from any to 10.0.0.14 > 1315 skipto 3000 count ip from any to 10.0.0.15 > # 16..31 > 1500 skipto 1600 ip from any to 10.0.0.24/29 > # 16..23 > 1500 skipto 1520 ip from any to 10.0.0.20/30 > # 16..19 > 1516 skipto 3000 count ip from any to 10.0.0.16 > 1517 skipto 3000 count ip from any to 10.0.0.17 > 1518 skipto 3000 count ip from any to 10.0.0.18 > 1519 skipto 3000 count ip from any to 10.0.0.19 > # 20..23 > 1520 skipto 3000 count ip from any to 10.0.0.20 > 1521 skipto 3000 count ip from any to 10.0.0.21 > 1522 skipto 3000 count ip from any to 10.0.0.22 > 1523 skipto 3000 count ip from any to 10.0.0.23 > # 24..31 > 1600 skipto 1628 ip from any to 10.0.0.28/30 > # 24..27 > 1624 skipto 3000 count ip from any to 10.0.0.24 > 1625 skipto 3000 count ip from any to 10.0.0.25 > 1626 skipto 3000 count ip from any to 10.0.0.26 > 1627 skipto 3000 count ip from any to 10.0.0.27 > # 28..31 > 1628 skipto 3000 count ip from any to 10.0.0.28 > 1629 skipto 3000 count ip from any to 10.0.0.29 > 1630 skipto 3000 count ip from any to 10.0.0.30 > 1631 skipto 3000 count ip from any to 10.0.0.31 > > > Obviously a similar rule set can be created for outgoing packets. > A shell script could be written to write this ruleset.. > [note I have not tested it but I have done similar in the past.] > > > This reduces the number of rules tested per packet from 64 > to 6 > > julian > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Nov 10 2:44:12 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BBAC337B401; Sun, 10 Nov 2002 02:44:10 -0800 (PST) Received: from ns.mmk.ru (ns1.mmk.ru [195.54.3.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8525143E42; Sun, 10 Nov 2002 02:44:07 -0800 (PST) (envelope-from freebsd@mmk.ru) Received: from antivirus.mmk.ru (sinful [161.8.100.3]) by ns.mmk.ru (8.12.6/8.12.6) with ESMTP id gAAAg1Af072853; Sun, 10 Nov 2002 15:42:01 +0500 (YEKT) (envelope-from freebsd@mmk.ru) Received: from wall.mmk.ru (localhost [127.0.0.1]) by antivirus.mmk.ru (8.11.6/8.11.6) with ESMTP id gAAAaoZ08524; Sun, 10 Nov 2002 15:36:50 +0500 (ESK) Received: from wall (localhost [127.0.0.1]) by wall.mmk.ru (8.12.6/8.12.6) with SMTP id gAAAfiDx014034; Sun, 10 Nov 2002 15:41:45 +0500 (YEKT) (envelope-from freebsd@mmk.ru) Message-ID: <00ff01c288a6$8ed6b6a0$02010101@wall> From: "Dmitry A. Bondareff" To: , , "Julian Elischer" References: <20021110095237.D39F337B401@hub.freebsd.org> Subject: Re: HTTPS throw tunnels Date: Sun, 10 Nov 2002 15:47:24 +0500 MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Right now I have FreeBSD 4.7 RELEASE and MPD 3.10 All works fine and quick, but HTTPS send some packets and then halt for a time, after that send 2 packets and halting again. With IPSEC channel HTTPS works similar. ----- Original Message ----- From: "Julian Elischer" To: ; Sent: Sunday, November 10, 2002 2:52 PM Subject: Re: HTTPS throw tunnels > > > | > to be precise -- any kind of traffic through mpd tunnel is slow. > > | > A least slower then pptp tunnel between to windows computers. > > > | And how to find answer ? > > > I have no answer yet. As well as to another problem where mpd > > tunnel freezes after some time. > > well it takes a while for people to read the email.. > > define 'slow'. > > I have seen several MB/sec through mpd tunnels. (mpd running over IPSEC) > > I HAVE seen some tunnel freezes under mpd and am working with archie to fix it, > however it got a lot better with the newest ng_ppp kernel module. > > > I run multilink over udp over IPSEC to get ISP failure independence. > (different upd tunnels are routed via different ISPs) > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Nov 10 2:44:20 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1AE0A37B401 for ; Sun, 10 Nov 2002 02:44:20 -0800 (PST) Received: from otdel-1.org (draculina.otdel-1.org [195.230.89.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2DD7643E3B for ; Sun, 10 Nov 2002 02:44:18 -0800 (PST) (envelope-from bsd#nms@otdel-1.org) Received: by otdel-1.org (CommuniGate Pro PIPE 4.0.1) with PIPE id 2340328; Sun, 10 Nov 2002 13:44:13 +0300 Date: Sun, 10 Nov 2002 13:43:59 +0300 From: Nikolai Saoukh To: freebsd-net@FreeBSD.ORG Subject: Re: HTTPS throw tunnels Message-ID: <20021110104359.GB23459@otdel1.org> Mail-Followup-To: freebsd-net@FreeBSD.ORG References: <20021110085742.GA23259@otdel1.org> <20021110095237.D39F337B401@hub.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021110095237.D39F337B401@hub.freebsd.org> User-Agent: Mutt/1.5.1i X-Mailer: CommuniGate Pro CLI mailer Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Nov 10, 2002 at 01:52:37AM -0800, Julian Elischer wrote: | I have seen several MB/sec through mpd tunnels. (mpd running over IPSEC) Are you running under -stable? I do. | I HAVE seen some tunnel freezes under mpd and am working with archie to fix it, | however it got a lot better with the newest ng_ppp kernel module. define 'newest', please ;-) | I run multilink over udp over IPSEC to get ISP failure independence. | (different upd tunnels are routed via different ISPs) No one argue about benefits of mpd ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Nov 10 8:21:31 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E278C37B401 for ; Sun, 10 Nov 2002 08:21:27 -0800 (PST) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4F44943E42 for ; Sun, 10 Nov 2002 08:21:27 -0800 (PST) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id <42S9V9B9>; Sun, 10 Nov 2002 11:21:26 -0500 Message-ID: From: Don Bowman To: 'Kevin Day' , freebsd-net@freebsd.org Subject: RE: Packet forwarding overhead - with ipfw counting Date: Sun, 10 Nov 2002 11:21:23 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org From: Kevin Day [mailto:toasty@dragondata.com] > When we're pushing 250-300mbits through, we're using about 15% of its > 2.4Ghz P4 Xeon CPU. All of it is in "interrupt" time... that > seems a bit > high, but that'll still let us max things out at 1gbit so we're ok. Try applying these diff to your bge driver, it should reduce your interrupt time substantially in this configuration. I also increased net.inet.ip.intr_queue_maxlen to 500 from 50 since I was seeing drops. Out of curiousity, which motherboard is this? I've been doing some modelling using the e7500 vs serverworks, and the serverworks is significantly better, but no one seems to make a 1U one with 2 PCI-X slots. The e7500 has a 1GB/s half-duplex hublink versus the 3.2GB/s full-duplex one on the GC-LE. Index: if_bge.c =================================================================== RCS file: /cvs/src/sys/dev/bge/if_bge.c,v retrieving revision 1.3.2.18 diff -C5 -r1.3.2.18 if_bge.c *** if_bge.c 2 Nov 2002 18:22:23 -0000 1.3.2.18 --- if_bge.c 10 Nov 2002 16:12:03 -0000 *************** *** 1654,1668 **** error = ENXIO; goto fail; } /* Set default tuneable values. */ sc->bge_stat_ticks = BGE_TICKS_PER_SEC; ! sc->bge_rx_coal_ticks = 150; ! sc->bge_tx_coal_ticks = 150; ! sc->bge_rx_max_coal_bds = 64; ! sc->bge_tx_max_coal_bds = 128; /* Set up ifnet structure */ ifp = &sc->arpcom.ac_if; ifp->if_softc = sc; ifp->if_unit = sc->bge_unit; --- 1654,1692 ---- error = ENXIO; goto fail; } /* Set default tuneable values. */ + /* How often should we update the statistics in host memory? */ sc->bge_stat_ticks = BGE_TICKS_PER_SEC; ! /* The coalescing works as follows: for each of Rx|Tx, there ! * are two tunables: ticks, and packets. The first one to trip ! * will cause an interrupt. For exampple, if the ticks is set to ! * 1us, an interrupt will be generated no more than 1us after ! * a packet has come in. If the bds is set to 10, then the ! * interrupt would be after 10 packets had been received. ! * If ticks=1 and bds=10, then the interrupt will come in ! * min(1us, 10packets time), likely 1us. ! * Tuning these to larger values reduces interrupts at the ! * expense of latency to interactive applications. If you ! * are serving files, make these large. If you are running ! * telnet sessions, make them small. ! * ! * The settings below, 500us means a max interrupt rate ! * of 2000/s due to the ticks elapsing, and 120 means ! * a peak interrupt rate of ~2000/s due to avg packets (512) arriving ! * (for min sized packets this would be 870, for max ! * sized packets it would be 41: 1Gps / ((8*size)+96)) ! */ ! /* RX Interrupt no more than every 500 us */ ! sc->bge_rx_coal_ticks = 500; ! /* TX Interrupt no more than every 500 us */ ! sc->bge_tx_coal_ticks = 500; ! /* RX Interrupt no more than every 120 packets */ ! sc->bge_rx_max_coal_bds = 120; ! /* TX Interrupt no more than every 120 packets */ ! sc->bge_tx_max_coal_bds = 120; /* Set up ifnet structure */ ifp = &sc->arpcom.ac_if; ifp->if_softc = sc; ifp->if_unit = sc->bge_unit; Index: if_bgereg.h =================================================================== RCS file: /cvs/src/sys/dev/bge/if_bgereg.h,v retrieving revision 1.1.2.7 diff -C5 -r1.1.2.7 if_bgereg.h *** if_bgereg.h 2 Nov 2002 18:17:55 -0000 1.1.2.7 --- if_bgereg.h 10 Nov 2002 16:12:21 -0000 *************** *** 2057,2068 **** * Memory management stuff. Note: the SSLOTS, MSLOTS and JSLOTS * values are tuneable. They control the actual amount of buffers * allocated for the standard, mini and jumbo receive rings. */ ! #define BGE_SSLOTS 256 ! #define BGE_MSLOTS 256 #define BGE_JSLOTS 384 #define BGE_JRAWLEN (BGE_JUMBO_FRAMELEN + ETHER_ALIGN + sizeof(u_int64_t)) #define BGE_JLEN (BGE_JRAWLEN + (sizeof(u_int64_t) - \ (BGE_JRAWLEN % sizeof(u_int64_t)))) --- 2057,2068 ---- * Memory management stuff. Note: the SSLOTS, MSLOTS and JSLOTS * values are tuneable. They control the actual amount of buffers * allocated for the standard, mini and jumbo receive rings. */ ! #define BGE_SSLOTS 384 ! #define BGE_MSLOTS 384 #define BGE_JSLOTS 384 #define BGE_JRAWLEN (BGE_JUMBO_FRAMELEN + ETHER_ALIGN + sizeof(u_int64_t)) #define BGE_JLEN (BGE_JRAWLEN + (sizeof(u_int64_t) - \ (BGE_JRAWLEN % sizeof(u_int64_t)))) --don (don@sandvine.com www.sandvine.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Nov 10 9:54:15 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5CBC037B401 for ; Sun, 10 Nov 2002 09:54:14 -0800 (PST) Received: from m2.bezeqint.net (m2.bezeqint.net [192.115.106.47]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1FE2043E3B for ; Sun, 10 Nov 2002 09:54:13 -0800 (PST) (envelope-from nimrod-me@bezeqint.net) Received: from localhost.bsd.net.il (bzq-113-98.red.bezeqint.net [62.219.113.98]) by m2.bezeqint.net (Mirapoint Messaging Server MOS 3.2.1-GA) with ESMTP id AHC43228; Sun, 10 Nov 2002 19:54:06 +0200 (IST) Received: from localhost.bsd.net.il (nimrodm@localhost [127.0.0.1]) by localhost.bsd.net.il (8.12.6/8.12.6) with ESMTP id gAAIlNSH006221; Sun, 10 Nov 2002 20:47:23 +0200 (IST) (envelope-from nimrodm@localhost.bsd.net.il) Received: (from nimrodm@localhost) by localhost.bsd.net.il (8.12.6/8.12.3/Submit) id gAAIlK3u006220; Sun, 10 Nov 2002 20:47:20 +0200 (IST) (envelope-from nimrodm) From: Nimrod Mesika Date: Sun, 10 Nov 2002 20:47:20 +0200 To: Girnet Vladimir Cc: net@FreeBSD.ORG Subject: Re: ICMP question Message-ID: <20021110184720.GA607@localhost.bsd.net.il> Mail-Followup-To: Girnet Vladimir , net@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Looking at FreeBSD's source code, it seems like you can't disable this feature. Now, I don't really see the point in disabling it (at most the TCP source may choose to ignore such a message), but you can always use IPFW to drop all such packets. On Wed, Nov 06, 2002 at 12:32:29PM +0200, Girnet Vladimir wrote: > I'm using FreeBSD for routing and shaping in my company. > Now, I have a problem: each time the pipe queue is full, the router sends : ICMP: Source quench. -- Nimrod. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Nov 11 3:43:27 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E5E337B401 for ; Mon, 11 Nov 2002 03:43:21 -0800 (PST) Received: from moof.catpipe.net (moof.catpipe.net [195.249.214.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE8BF43E3B for ; Mon, 11 Nov 2002 03:43:19 -0800 (PST) (envelope-from lists@petri.cc) Received: from unlink.catpipe.net (unlink.catpipe.net [195.249.214.172]) by moof.catpipe.net (8.11.6/8.11.6) with ESMTP id gABBhJu60428 for ; Mon, 11 Nov 2002 12:43:19 +0100 (CET) (envelope-from lists@petri.cc) From: lists@petri.cc Organization: catpipe Systems ApS To: freebsd-net@freebsd.org Subject: Bug/Missing implementation of udp proxying in libalias. Date: Mon, 11 Nov 2002 12:44:53 +0100 User-Agent: KMail/1.4.3 MIME-Version: 1.0 Content-Type: Multipart/Mixed; boundary="------------Boundary-00=_TYTE2F5GVBK3WZSJLYUT" Message-Id: <200211111244.53738.lists@petri.cc> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --------------Boundary-00=_TYTE2F5GVBK3WZSJLYUT Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi all. When looking thru the code (and manpage) in libalias i could see that=20 proxy_rules support udp packets. This is nice.. The only problem is that = in=20 the udpPacketIn/out functions proxy rules is not checked. I wrote a small= =20 patch that implements this and I've done some basic testing..=20 Patch is attached to this mail. I couldn't see any maintainer for libalias and decided to write to -net. = I=20 hope this is the right list :) Comments ? --- Nicolai Petri catpipe Systems ApS Copenhagen / Denmark Ps. A volunteering commiter would be nice if the patch looks sane. --------------Boundary-00=_TYTE2F5GVBK3WZSJLYUT Content-Type: text/x-diff; charset="us-ascii"; name="alias_udp_patch.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="alias_udp_patch.diff" --- alias.c.orig Fri Nov 8 14:45:08 2002 +++ alias.c Mon Nov 11 11:38:46 2002 @@ -257,7 +257,7 @@ static int ProtoAliasIn(struct ip *); static int ProtoAliasOut(struct ip *); -static int UdpAliasOut(struct ip *); +static int UdpAliasOut(struct ip *, int); static int UdpAliasIn (struct ip *); static int TcpAliasOut(struct ip *, int); @@ -744,28 +744,28 @@ struct udphdr *ud; struct alias_link *link; -/* Return if proxy-only mode is enabled */ - if (packetAliasMode & PKT_ALIAS_PROXY_ONLY) - return PKT_ALIAS_OK; - ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); link = FindUdpTcpIn(pip->ip_src, pip->ip_dst, ud->uh_sport, ud->uh_dport, - IPPROTO_UDP, 1); + IPPROTO_UDP, !(packetAliasMode & PKT_ALIAS_PROXY_ONLY)); if (link != NULL) { struct in_addr alias_address; struct in_addr original_address; + struct in_addr proxy_address; u_short alias_port; + u_short proxy_port; int accumulate; u_short *sptr; - int r = 0; + int r = 0; alias_address = GetAliasAddress(link); original_address = GetOriginalAddress(link); + proxy_address = GetProxyAddress(link); alias_port = ud->uh_dport; ud->uh_dport = GetOriginalPort(link); + proxy_port = GetProxyPort(link); /* Special processing for IP encoding protocols */ if (ntohs(ud->uh_dport) == CUSEEME_PORT_NUMBER) @@ -791,14 +791,48 @@ sptr = (u_short *) &original_address; accumulate -= *sptr++; accumulate -= *sptr; + +/* If this is a proxy packet, modify checksum because of source change.*/ + if (proxy_port != 0) + { + accumulate += ud->uh_sport; + accumulate -= proxy_port; + } + + if (proxy_address.s_addr != 0) + { + sptr = (u_short *) &pip->ip_src; + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) &proxy_address; + accumulate -= *sptr++; + accumulate -= *sptr; + } + ADJUST_CHECKSUM(accumulate, ud->uh_sum); + } +/* XXX: Could the two if's below be concatenated to one ? */ +/* Restore source port and/or address in case of proxying*/ + + if (proxy_port != 0) + ud->uh_sport = proxy_port; + + if (proxy_address.s_addr != 0) + { + DifferentialChecksum(&pip->ip_sum, + (u_short *) &proxy_address, + (u_short *) &pip->ip_src, + 2); + pip->ip_src = proxy_address; + } + /* Restore original IP address */ DifferentialChecksum(&pip->ip_sum, - (u_short *) &original_address, - (u_short *) &pip->ip_dst, - 2); + (u_short *) &original_address, + (u_short *) &pip->ip_dst, + 2); pip->ip_dst = original_address; /* @@ -813,16 +847,57 @@ } static int -UdpAliasOut(struct ip *pip) +UdpAliasOut(struct ip *pip, int maxpacketsize) { struct udphdr *ud; struct alias_link *link; + int proxy_type; + u_short dest_port; + u_short proxy_server_port; + struct in_addr dest_address; + struct in_addr proxy_server_address; -/* Return if proxy-only mode is enabled */ - if (packetAliasMode & PKT_ALIAS_PROXY_ONLY) +/* Return if proxy-only mode is enabled and not proxyrule found.*/ + ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); + + proxy_type = ProxyCheck(pip, &proxy_server_address, &proxy_server_port); + + if (proxy_type == 0 && (packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return PKT_ALIAS_OK; - ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); +/* If this is a transparent proxy, save original destination, + then alter the destination and adjust checksums */ + dest_port = ud->uh_dport; + dest_address = pip->ip_dst; + + if (proxy_type != 0) + { + int accumulate; + u_short *sptr; + + accumulate = ud->uh_dport; + ud->uh_dport = proxy_server_port; + accumulate -= ud->uh_dport; + + sptr = (u_short *) &(pip->ip_dst); + accumulate += *sptr++; + accumulate += *sptr; + sptr = (u_short *) &proxy_server_address; + accumulate -= *sptr++; + accumulate -= *sptr; + + ADJUST_CHECKSUM(accumulate, ud->uh_sum); + + sptr = (u_short *) &(pip->ip_dst); + accumulate = *sptr++; + accumulate += *sptr; + pip->ip_dst = proxy_server_address; + sptr = (u_short *) &(pip->ip_dst); + accumulate -= *sptr++; + accumulate -= *sptr; + + ADJUST_CHECKSUM(accumulate, pip->ip_sum); + } link = FindUdpTcpOut(pip->ip_src, pip->ip_dst, ud->uh_sport, ud->uh_dport, @@ -832,6 +907,17 @@ u_short alias_port; struct in_addr alias_address; +/* Save original destination address, if this is a proxy packet. + Also modify packet to include destination encoding. This may + change the size of IP header. */ + if (proxy_type != 0) + { + SetProxyPort(link, dest_port); + SetProxyAddress(link, dest_address); + ProxyModify(link, pip, maxpacketsize, proxy_type); + ud = (struct udphdr *) ((char *) pip + (pip->ip_hl << 2)); + } + alias_address = GetAliasAddress(link); alias_port = GetAliasPort(link); @@ -1092,7 +1178,7 @@ else if (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1 || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_1 || ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2 - || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2) + || ntohs(tc->th_sport) == RTSP_CONTROL_PORT_NUMBER_2) AliasHandleRtspOut(pip, link, maxpacketsize); else if (ntohs(tc->th_dport) == PPTP_CONTROL_PORT_NUMBER || ntohs(tc->th_sport) == PPTP_CONTROL_PORT_NUMBER) @@ -1434,7 +1520,7 @@ iresult = IcmpAliasOut(pip); break; case IPPROTO_UDP: - iresult = UdpAliasOut(pip); + iresult = UdpAliasOut(pip, maxpacketsize); break; case IPPROTO_TCP: iresult = TcpAliasOut(pip, maxpacketsize); --------------Boundary-00=_TYTE2F5GVBK3WZSJLYUT-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Nov 11 4:48:36 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 799ED37B401 for ; Mon, 11 Nov 2002 04:48:34 -0800 (PST) Received: from mail.alkar.net (mumu.alkar.net [195.248.191.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id 54A8143E42 for ; Mon, 11 Nov 2002 04:48:30 -0800 (PST) (envelope-from mav@alkar.net) Received: from [212.86.226.11] (HELO alkar.net) by mail.alkar.net (CommuniGate Pro SMTP 3.5.9) with ESMTP id 49924970 for freebsd-net@freebsd.org; Mon, 11 Nov 2002 14:48:25 +0200 Message-ID: <3DCFA718.7000906@alkar.net> Date: Mon, 11 Nov 2002 14:48:24 +0200 From: Alexander Motin User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.2b) Gecko/20021105 X-Accept-Language: ru, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Bug in pppd with CallBack Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi! I think i found bug in CBCP support in pppd 2.3.5. When used AdminDefined Call Back I take: rcvd [CBCP Request id=0x63 < AdminDefined delay = 0>] length: 3 user admin defined allowed cbcp_resp cb_type=8 cbcp_resp CONF_ADMIN sent [CBCP Response id=0x63 < AdminDefined delay = 5 number = >] rcvd [CBCP Request id=0x64 < AdminDefined delay = 0>] length: 3 user admin defined allowed cbcp_resp cb_type=8 cbcp_resp CONF_ADMIN sent [CBCP Response id=0x64 < AdminDefined delay = 5 number = >] rcvd [CBCP Request id=0x65 < AdminDefined delay = 0>] Looks like pppd sends one byte more then required. After applying patch i got normal connection: rcvd [CBCP Request id=0x3d < AdminDefined delay = 0>] length: 3 user admin defined allowed cbcp_resp cb_type=8 cbcp_resp CONF_ADMIN sent [CBCP Response id=0x3d < AdminDefined delay = 5>] rcvd [CBCP Ack id=0x3e < AdminDefined delay = 5>] id doesn't match: expected 61 recv 62 sent [LCP TermReq id=0x2 "Call me back, please"] rcvd [LCP TermAck id=0x2] May be this patch need to be commited into FreeBSD STABLE? *** cbcp.c.orig Sat Aug 28 04:19:00 1999 --- cbcp.c Mon Nov 11 14:15:41 2002 *************** *** 343,352 **** if (cb_type & ( 1 << CB_CONF_ADMIN ) ) { syslog(LOG_DEBUG, "cbcp_resp CONF_ADMIN"); PUTCHAR(CB_CONF_ADMIN, bufp); ! len = 3 + 1; PUTCHAR(len , bufp); PUTCHAR(5, bufp); /* delay */ - PUTCHAR(0, bufp); cbcp_send(us, CBCP_RESP, buf, len); return; } --- 343,351 ---- if (cb_type & ( 1 << CB_CONF_ADMIN ) ) { syslog(LOG_DEBUG, "cbcp_resp CONF_ADMIN"); PUTCHAR(CB_CONF_ADMIN, bufp); ! len = 3; PUTCHAR(len , bufp); PUTCHAR(5, bufp); /* delay */ cbcp_send(us, CBCP_RESP, buf, len); return; } -- Alexander Motin mav@alkar.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Nov 11 6:51:30 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D127037B401 for ; Mon, 11 Nov 2002 06:51:28 -0800 (PST) Received: from seraph3.grc.nasa.gov (seraph3.lerc.nasa.gov [128.156.10.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id 91D7143E6E for ; Mon, 11 Nov 2002 06:51:27 -0800 (PST) (envelope-from mallman@guns.lerc.nasa.gov) Received: from lombok-fi.lerc.nasa.gov (lombok-fi.lerc.nasa.gov [139.88.112.33]) by seraph3.grc.nasa.gov (Postfix) with ESMTP id E0AD16409B for ; Mon, 11 Nov 2002 09:51:26 -0500 (EST) Received: from guns.lerc.nasa.gov (guns.lerc.nasa.gov [139.88.87.35]) by lombok-fi.lerc.nasa.gov (NASA GRC 8.12.3/8.12.3) with ESMTP id gABEpQwg003212; Mon, 11 Nov 2002 09:51:26 -0500 (EST) Received: from guns.lerc.nasa.gov (localhost.lerc.nasa.gov [127.0.0.1]) by guns.lerc.nasa.gov with ESMTP (NASA LeRC 8.7.4.1/2.01-local) id JAA62850; Mon, 11 Nov 2002 09:51:26 -0500 (EST) Message-Id: <200211111451.JAA62850@guns.lerc.nasa.gov> To: freebsd-net@FreeBSD.ORG Cc: Fran.Lawas-Grodek@grc.nasa.gov, Cindy.Tran@grc.nasa.gov, Joseph Ishac , bdimond@grc.nasa.gov From: Mark Allman Reply-To: mallman@grc.nasa.gov Subject: Re: Problem in High Speed and Long Delay with FreeBSD Organization: BBN Technologies/NASA GRC Song-of-the-Day: Radio Gaga Date: Mon, 11 Nov 2002 09:51:26 -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > sockbuf datalen snd_time rcv_time > --------------------------------------------- > 16384 15000 0.000 0.617 > 150000 140000 0.003 4.021 > 500000 495000 0.015 14.083 > 1000000 995000 0.042 28.577 > 1500000 1490000 0.079 47.986 > 1600000 1590000 0.088 44.055 > 1800000 1790000 0.108 50.810 > 1900000 1890000 0.117 55.010 > 2000000 1990000 1.011 57.666 > 2100000 2090000 3.845 60.233 > 3000000 2990000 39.594 122.308 Folks- Thanks for all the suggestions. This is what I get for comparing apples and oranges. The results from above were hacked out late one night on my home machine (4.7) which is certainly not tuned as well as the lab machines Cindy and Fran have been using. It looks like I was limited by the number of mbuf clusters. The 4.1 machines at the lab are not. The kernel easily swallows any of the above amount of data. However... I will say that I think it is bogus that freebsd blocked my (asyncronous) write() call when it was out of mbuf clusters. I think it would be nice if that were fixed. Back to the drawing board... (Joe is digging through the TCP code and chasing a couple of things.) Thanks again! allman -- Mark Allman -- BBN/NASA GRC -- http://roland.grc.nasa.gov/~mallman/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Nov 11 11:27:38 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A553337B401 for ; Mon, 11 Nov 2002 11:27:37 -0800 (PST) Received: from great4.greatschools.net (great4.greatschools.net [199.4.104.154]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0FA5843E75 for ; Mon, 11 Nov 2002 11:27:37 -0800 (PST) (envelope-from jdd@greatschools.net) Received: from greatschools.net (dh8.office.greatschools.net [199.4.104.139]) by great4.greatschools.net (8.11.3/8.11.6) with ESMTP id gABJRXN52497 for ; Mon, 11 Nov 2002 11:27:33 -0800 (PST) (envelope-from jdd@greatschools.net) Date: Mon, 11 Nov 2002 11:27:46 -0800 Mime-Version: 1.0 (Apple Message framework v546) Content-Type: text/plain; charset=US-ASCII; format=flowed Subject: mpd & mrtg From: John David Duncan To: freebsd-net@freebsd.org Content-Transfer-Encoding: 7bit Message-Id: X-Mailer: Apple Mail (2.546) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I've built a PPTP server using mpd. Now I'd like to keep track of "total VPN utilization" -- total bits moved by all VPN users -- using SNMP or MRTG. I'm just not sure which interface or netgraph node I should try to measure. Does anyone have any suggestions that might help me get started? Thanks -- JD ------------------------------------------- John David Duncan Systems Administrator GreatSchools, Inc. (415) 977-0700 x115 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Nov 11 11:50:15 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 38D5037B407 for ; Mon, 11 Nov 2002 11:50:12 -0800 (PST) Received: from butch.idealab.com (mx2.idealab.com [64.208.8.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4AFDE43E77 for ; Mon, 11 Nov 2002 11:50:11 -0800 (PST) (envelope-from chris@new.net) Received: (qmail 96523 invoked by uid 72); 11 Nov 2002 19:50:10 -0000 Received: from chris@new.net by butch.idealab.com with qmail-scanner-1.03 (sweep: 2.6/3.49. . Clean. Processed in 1.020564 secs); 11 Nov 2002 19:50:10 -0000 X-Qmail-Scanner-Mail-From: chris@new.net via butch.idealab.com X-Qmail-Scanner: 1.03 (Clean. Processed in 1.020564 secs) Received: from unknown (HELO new.net) (64.169.212.193) by 0 with SMTP; 11 Nov 2002 19:50:09 -0000 Message-ID: <3DD009DC.9060906@new.net> Date: Mon, 11 Nov 2002 11:49:48 -0800 From: Chris Steinke User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20020829 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org, freebsd-net@freebsd.org, bind-users@new.net Subject: Strange Problems with NIS and DNS/BIND on same system. Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi I am wondering if anyone could shed some light on this problem, I have been scouring google and the FreeBSD newsgroups and found nothing in regards to an answer to his problem. It appears that several people have had this problem, but I never found any follow up messages or replies. I hope this is going to the appropriate news groups, apologies to the freebsd-net subscribers if everyone feels this is 'off topic' but then again.... I'm running a FreeBSD 4.7 server on a dual processor PIII 500 with 1GB of ram. It's configured as a DNS server and an NIS/YP master server. I am running bind 8.3.3-RELEASE and was compiled localy with gcc-3.2. I am receiving numerous messages in my system log (/var/log/messages) from ypserv Nov 10 16:35:16 samba1 ypserv[79]: DNS query failed Nov 10 16:35:16 samba1 ypserv[79]: res_mkquery failed Nov 10 16:35:47 samba1 last message repeated 43 times Nov 10 16:37:48 samba1 last message repeated 171 times Nov 10 16:47:49 samba1 last message repeated 840 times I also ran a 'truss' on named and I see the following messages: recvfrom(0x14,0xbfbfea40,0x1001,0x0,0xbfbffa50,0xbfbfea3c) ERR#35 'Resource temporarily unavailable' Any clues to what might be happening? I don't have any problems, accessing various domains and can do dns queries and lookups without any problems. Nothing seems to be amiss when doing an 'nslookup' and setting debug mode on... Funny thing is is that I have only seen these kinds of messages when running FreeBSD and Linux as an NIS master server, never when running Solaris, AIX or IRIX as an NIS master server. Thank you very much for any help! Chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Nov 11 11:55:30 2002 Delivered-To: freebsd-net@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 508) id 4AB2B37B401; Mon, 11 Nov 2002 11:55:30 -0800 (PST) To: freebsd-net@freebsd.org, jdd@greatschools.net Subject: Re: mpd & mrtg In-Reply-To: Message-Id: <20021111195530.4AB2B37B401@hub.freebsd.org> Date: Mon, 11 Nov 2002 11:55:30 -0800 (PST) From: julian@FreeBSD.ORG (Julian Elischer) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Various of the netgraph modules wil report back statisitics. Netstat gan give you stats on the ng interfaces, and standard snmpd can give you stats on a per-interface basis which is probably all you need. Also, mpd can give you stasts via the console interface. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Nov 11 22:21:28 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5285237B401 for ; Mon, 11 Nov 2002 22:21:27 -0800 (PST) Received: from out5.mx.nwbl.wi.voyager.net (out5.mx.nwbl.wi.voyager.net [169.207.3.123]) by mx1.FreeBSD.org (Postfix) with ESMTP id C369243E42 for ; Mon, 11 Nov 2002 22:21:26 -0800 (PST) (envelope-from silby@silby.com) Received: from [10.1.1.6] (d81.as6.nwbl0.wi.voyager.net [169.207.128.81]) by out5.mx.nwbl.wi.voyager.net (Postfix) with ESMTP id D42F2C6F58; Tue, 12 Nov 2002 00:21:24 -0600 (CST) Date: Tue, 12 Nov 2002 00:27:54 -0600 (CST) From: Mike Silbersack To: David Gilbert Cc: freebsd-net@freebsd.org Subject: Re: forwarded message on Source Quench Packets. In-Reply-To: <15824.4383.916763.477130@canoe.velocet.net> Message-ID: <20021112002616.I21273-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org (redirected to -net so others can review this) I can see how these source quench messages would cause problems if a DoS is being routed through a FreeBSD router, and I think that your patch makes sense. Are there any objections to me committing this in a few days? Mike "Silby" Silbersack On Mon, 11 Nov 2002, David Gilbert wrote: > I normally wouldn't forward something to such a big list, but this has > real implications (and was part of a nast DOS against dsl.ca last > week). The patch for FreeBSD (netbsd code is quoted) is trivial: > > --- /sys/netinet/ip_input.c Thu Oct 17 08:29:53 2002 > +++ ip_input.c Mon Nov 11 15:15:31 2002 > @@ -1822,9 +1822,7 @@ > break; > > case ENOBUFS: > - type = ICMP_SOURCEQUENCH; > - code = 0; > - break; > + return; > > case EACCES: /* ipfw denied packet */ > m_freem(mcopy); > > I'm submitting a PR now. > > For discussion: source quenches probably shouldn't be generated > anyways, but this patch also doesn't generate the source quench if > we're the target machine. It's probably good to go straight ahead > with this. IIRC, tcp_input.c also can generate a source quench > ... > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 1:56: 8 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B175537B401 for ; Tue, 12 Nov 2002 01:56:05 -0800 (PST) Received: from relay1.macomnet.ru (relay1.macomnet.ru [195.128.64.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 68B2943E77 for ; Tue, 12 Nov 2002 01:56:04 -0800 (PST) (envelope-from maxim@macomnet.ru) Received: from news1.macomnet.ru (news1.macomnet.ru [195.128.64.14]) by relay1.macomnet.ru (8.11.6/8.11.6) with ESMTP id gAC9twH3564860; Tue, 12 Nov 2002 12:55:59 +0300 (MSK) Date: Tue, 12 Nov 2002 12:55:58 +0300 (MSK) From: Maxim Konovalov To: Mike Silbersack Cc: David Gilbert , Subject: Re: forwarded message on Source Quench Packets. In-Reply-To: <20021112002616.I21273-100000@patrocles.silby.com> Message-ID: <20021112125358.B92456-100000@news1.macomnet.ru> References: <20021112002616.I21273-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 09:27+0300, Nov 12, 2002, Mike Silbersack wrote: > > (redirected to -net so others can review this) > > I can see how these source quench messages would cause problems if a DoS > is being routed through a FreeBSD router, and I think that your patch > makes sense. Are there any objections to me committing this in a few > days? Shouldn't we call m_freem(mcopy) before return? Here is an updated diff, a comment was stolen from NetBSD. Index: sys/netinet/ip_input.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v retrieving revision 1.215 diff -u -r1.215 ip_input.c --- sys/netinet/ip_input.c 20 Oct 2002 22:52:06 -0000 1.215 +++ sys/netinet/ip_input.c 12 Nov 2002 09:51:48 -0000 @@ -1970,9 +1970,14 @@ break; case ENOBUFS: - type = ICMP_SOURCEQUENCH; - code = 0; - break; + /* + * A router should not generate ICMP_SOURCEQUENCH as + * required in RFC1812 Requirements for IP Version 4 Routers. + * Source quench could be a big problem under DoS attacks, + * or if the underlying interface is rate-limited. + */ + m_freem(mcopy); + return; case EACCES: /* ipfw denied packet */ m_freem(mcopy); %%% > Mike "Silby" Silbersack > > On Mon, 11 Nov 2002, David Gilbert wrote: > > > I normally wouldn't forward something to such a big list, but this has > > real implications (and was part of a nast DOS against dsl.ca last > > week). The patch for FreeBSD (netbsd code is quoted) is trivial: > > > > --- /sys/netinet/ip_input.c Thu Oct 17 08:29:53 2002 > > +++ ip_input.c Mon Nov 11 15:15:31 2002 > > @@ -1822,9 +1822,7 @@ > > break; > > > > case ENOBUFS: > > - type = ICMP_SOURCEQUENCH; > > - code = 0; > > - break; > > + return; > > > > case EACCES: /* ipfw denied packet */ > > m_freem(mcopy); > > > > I'm submitting a PR now. > > > > For discussion: source quenches probably shouldn't be generated > > anyways, but this patch also doesn't generate the source quench if > > we're the target machine. It's probably good to go straight ahead > > with this. IIRC, tcp_input.c also can generate a source quench > > ... > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > -- Maxim Konovalov, MAcomnet, Internet Dept., system engineer phone: +7 (095) 796-9079, mailto:maxim@macomnet.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 5:47:49 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC30837B401 for ; Tue, 12 Nov 2002 05:47:48 -0800 (PST) Received: from silver.he.iki.fi (silver.he.iki.fi [193.64.42.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id 99A6A43E77 for ; Tue, 12 Nov 2002 05:47:47 -0800 (PST) (envelope-from pete@he.iki.fi) Received: from PHE (silver.he.iki.fi [193.64.42.241]) by silver.he.iki.fi (8.12.6/8.11.4) with SMTP id gACDlYuO042093; Tue, 12 Nov 2002 15:47:36 +0200 (EET) (envelope-from pete@he.iki.fi) Message-ID: <05cc01c28a52$0f0fa4b0$a230a8c0@PHE> From: "Petri Helenius" To: "Noritoshi Demizu" Cc: References: <03fe01c28386$186fed80$862a40c1@PHE><20021103225402.GA28812@tp.databus.com><05af01c2856a$f103c960$862a40c1@PHE> <20021107.011746.41626604.noritosi@demizu.org> Subject: Re: bpf Date: Tue, 12 Nov 2002 15:47:33 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > How about to call ioctl(fd, BIOCSRTIMEOUT, &timeval) ? > I think select(2) sets the fd for the bpf if the bpf buffer is full, > or if the bpf buffer is not empty after timed out. > This worked for me, thanks. I must have missed it on the documentation for some reason. Pete To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 7:28: 4 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D94B437B401 for ; Tue, 12 Nov 2002 07:28:03 -0800 (PST) Received: from chiark.greenend.org.uk (chiark.greenend.org.uk [193.201.200.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 24A2743E6E for ; Tue, 12 Nov 2002 07:28:03 -0800 (PST) (envelope-from fanf@chiark.greenend.org.uk) Received: from fanf by chiark.greenend.org.uk with local (Exim 3.12 #1) id 18BcxO-0000fM-00 (Debian); Tue, 12 Nov 2002 15:28:02 +0000 To: silby@silby.com From: Tony Finch Cc: freebsd-net@freebsd.org Subject: Re: forwarded message on Source Quench Packets. In-Reply-To: <20021112002616.I21273-100000@patrocles.silby.com> References: <15824.4383.916763.477130@canoe.velocet.net> Message-Id: Date: Tue, 12 Nov 2002 15:28:02 +0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Mike Silbersack wrote: > >I can see how these source quench messages would cause problems if a DoS >is being routed through a FreeBSD router, and I think that your patch >makes sense. Are there any objections to me committing this in a few >days? Doesn't FreeBSD rate-limit ICMP as required by the RFC? If there is a but it's that the rate-limiting isn't happening, not that source-quench packets are being generated. If it's important that FreeBSD routers not generate them then it should be a sysctl option. Tony. -- f.a.n.finch http://dotat.at/ SELSEY BILL TO LYME REGIS: SOUTHWEST 5 OR 6 LOCALLY 7. CLOUDY, SHOWERS OR LONGER PERIODS OF RAIN. GOOD FALLING MODERATE IN SHOWERS OR RAIN. ROUGH TO VERY ROUGH. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 13: 1:36 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B331037B401 for ; Tue, 12 Nov 2002 13:01:35 -0800 (PST) Received: from aaz.links.ru (aaz.links.ru [193.125.152.37]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9115743E91 for ; Tue, 12 Nov 2002 13:01:34 -0800 (PST) (envelope-from babolo@aaz.links.ru) Received: from aaz.links.ru (aaz.links.ru [193.125.152.37]) by aaz.links.ru (8.12.6/8.12.6) with ESMTP id gACL37Dh054513; Wed, 13 Nov 2002 00:03:07 +0300 (MSK) (envelope-from babolo@aaz.links.ru) Received: (from babolo@localhost) by aaz.links.ru (8.12.6/8.12.6/Submit) id gACL36X3054512; Wed, 13 Nov 2002 00:03:06 +0300 (MSK) Message-Id: <200211122103.gACL36X3054512@aaz.links.ru> Subject: Re: forwarded message on Source Quench Packets. X-ELM-OSV: (Our standard violations) hdr-charset=KOI8-R; no-hdr-encoding=1 In-Reply-To: To: Tony Finch Date: Wed, 13 Nov 2002 00:03:06 +0300 (MSK) From: "."@babolo.ru Cc: silby@silby.com, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Mike Silbersack wrote: > > > >I can see how these source quench messages would cause problems if a DoS > >is being routed through a FreeBSD router, and I think that your patch > >makes sense. Are there any objections to me committing this in a few > >days? > > Doesn't FreeBSD rate-limit ICMP as required by the RFC? If there is a > but it's that the rate-limiting isn't happening, not that source-quench > packets are being generated. If it's important that FreeBSD routers not > generate them then it should be a sysctl option. I am second for a sysctl option. One of requirements when licensing networks in Russia is source-quench support. > Tony. > -- -- @BABOLO http://links.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 13: 9:54 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4741B37B401 for ; Tue, 12 Nov 2002 13:09:53 -0800 (PST) Received: from maild.telia.com (maild.telia.com [194.22.190.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id C441D43E77 for ; Tue, 12 Nov 2002 13:09:51 -0800 (PST) (envelope-from john@veidit.net) Received: from d1o1000.telia.com (d1o1000.telia.com [217.208.12.241]) by maild.telia.com (8.12.5/8.12.5) with ESMTP id gACL9o5t025843 for ; Tue, 12 Nov 2002 22:09:50 +0100 (CET) X-Original-Recipient: Received: from veidit.net (h162n2fls35o1000.telia.com [217.210.235.162]) by d1o1000.telia.com (8.10.2/8.10.1) with ESMTP id gACL9oR04666 for ; Tue, 12 Nov 2002 22:09:50 +0100 (CET) Message-ID: <3DD16E1A.8020400@veidit.net> Date: Tue, 12 Nov 2002 22:09:46 +0100 From: John Angelmo User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.2b) Gecko/20021031 X-Accept-Language: sv, en, en-us MIME-Version: 1.0 To: net@freebsd.org Subject: Killing SPAM Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello I just wonder what port/package you have found most usefull for fighting spam in a FreeBSD/Sendmail enviorment. I seem to have two good options: http://www.roaringpenguin.com/mimedefang/ http://savannah.gnu.org/projects/spamass-milt/ The users simply connect with a pop3/imap4 client to read their mail, when they do that I would love to have their spam filterd out, would that be possible with any of those two programs and are there any good examples? Thanks To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 13:17:14 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0281B37B401 for ; Tue, 12 Nov 2002 13:17:13 -0800 (PST) Received: from nic.vetx.com (nic.vetx.com [209.123.51.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F49343E4A for ; Tue, 12 Nov 2002 13:17:12 -0800 (PST) (envelope-from rsmith@vetx.com) MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.0.4712.0 content-class: urn:content-classes:message Subject: RE: Killing SPAM Date: Tue, 12 Nov 2002 16:15:35 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Killing SPAM Thread-Index: AcKKj7lZ8G3CVYACRYiAApWQ5LJPOgAAFfgA From: "Smith, Rick" To: "John Angelmo" , Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I use the following with great success on 30,000 emails / day I haven't used Sendmail in 5 yrs. Too damn complicated, and way too insecure. Qmail. http://www.qmail.org Qmail-Scanner. http://qmail-scanner.sourceforge.net SpamAssassin. http://www.spamassassin.org Antivir. http://www.hbedv.com -----Original Message----- From: John Angelmo [mailto:john@veidit.net] Sent: Tuesday, November 12, 2002 4:10 PM To: net@freebsd.org Subject: Killing SPAM Hello I just wonder what port/package you have found most usefull for fighting spam in a FreeBSD/Sendmail enviorment. I seem to have two good options: http://www.roaringpenguin.com/mimedefang/ http://savannah.gnu.org/projects/spamass-milt/ The users simply connect with a pop3/imap4 client to read their mail,=20 when they do that I would love to have their spam filterd out, would=20 that be possible with any of those two programs and are there any good=20 examples? Thanks To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 13:27:42 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C1C7A37B401 for ; Tue, 12 Nov 2002 13:27:40 -0800 (PST) Received: from venus.vincentjardin.net (AVelizy-102-1-5-239.abo.wanadoo.fr [80.13.229.239]) by mx1.FreeBSD.org (Postfix) with ESMTP id E368B43E3B for ; Tue, 12 Nov 2002 13:27:34 -0800 (PST) (envelope-from jardin@venus.vincentjardin.net) Received: by venus.vincentjardin.net (Postfix, from userid 501) id F200E10339E; Tue, 12 Nov 2002 22:44:36 +0100 (CET) Content-Type: text/plain; charset="iso-8859-15" From: Vincent Jardin To: net@freebsd.org Subject: rn_walktree_from bug or feature ? Date: Tue, 12 Nov 2002 22:44:36 +0100 X-Mailer: KMail [version 1.3.2] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <20021112214436.F200E10339E@venus.vincentjardin.net> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The function rn_walktree_from() accesses to the array xm, however when a default IPv4 route is removed (RTM_DELETE), rn has the following values: rn->rn_bmask = 0x80h xm = { 0, 0, 0, 0 } rn->offset = 4 Then, sometimes the following test: if (!(rn->rn_bmask & xm[rn->rn_offset])) break; could lead to a panic when xm[4] is out of the 4KB pages. It happens very rarely. I am wondering if it is a well-known bug or if our analyse is wrong. static int rn_walktree_from(h, a, m, f, w) [...] for (rn = h->rnh_treetop; rn->rn_bit >= 0; ) { last = rn; /* printf("rn_bit %d, rn_bmask %x, xm[rn_offset] %x\n", rn->rn_bit, rn->rn_bmask, xm[rn->rn_offset]); */ if (!(rn->rn_bmask & xm[rn->rn_offset])) { /* XXX: panic ??? */ break; } if (rn->rn_bmask & xa[rn->rn_offset]) { rn = rn->rn_right; } else { rn = rn->rn_left; } } [ ... ] Regards, Vincent To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 13:35:38 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4002D37B401 for ; Tue, 12 Nov 2002 13:35:37 -0800 (PST) Received: from tp.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9AF8D43E4A for ; Tue, 12 Nov 2002 13:35:36 -0800 (PST) (envelope-from barney@tp.databus.com) Received: from tp.databus.com (localhost.databus.com [127.0.0.1]) by tp.databus.com (8.12.6/8.12.6) with ESMTP id gACLZUrI063858; Tue, 12 Nov 2002 16:35:30 -0500 (EST) (envelope-from barney@tp.databus.com) Received: (from barney@localhost) by tp.databus.com (8.12.6/8.12.6/Submit) id gACLZURc063857; Tue, 12 Nov 2002 16:35:30 -0500 (EST) Date: Tue, 12 Nov 2002 16:35:30 -0500 From: Barney Wolff To: John Angelmo Cc: net@FreeBSD.ORG Subject: Re: Killing SPAM Message-ID: <20021112213530.GA63776@tp.databus.com> References: <3DD16E1A.8020400@veidit.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DD16E1A.8020400@veidit.net> User-Agent: Mutt/1.4i X-Scanned-By: MIMEDefang 2.24 (www . roaringpenguin . com / mimedefang) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org mimedefang uses spamassassin. I also use spambnc. All combined are very effective. The idea is to block/classify messages when they arrive at the server, so the clients can avoid the nasties. One problem, unavoidable, is false positives, where a message that is desired looks like spam. With some tuning this can be gotten very rare, but never perfectly eliminated. So I put rejected messages into a spam file rather than just dropping them, and do a quick scan once in a while to catch things incorrectly blocked. But the tuning probably needs to be done per-user, by the user, so is not practical for non-technical users. mimedefang does perfectly its main job of removing executable attachments without any tuning. But that's not blocking spam. On Tue, Nov 12, 2002 at 10:09:46PM +0100, John Angelmo wrote: > Hello > > I just wonder what port/package you have found most usefull for fighting > spam in a FreeBSD/Sendmail enviorment. > > I seem to have two good options: > http://www.roaringpenguin.com/mimedefang/ > http://savannah.gnu.org/projects/spamass-milt/ > > The users simply connect with a pop3/imap4 client to read their mail, > when they do that I would love to have their spam filterd out, would > that be possible with any of those two programs and are there any good > examples? -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 15:30: 4 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F15F037B407 for ; Tue, 12 Nov 2002 15:30:02 -0800 (PST) Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6776143E77 for ; Tue, 12 Nov 2002 15:30:02 -0800 (PST) (envelope-from archie@dellroad.org) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id PAA11706 for ; Tue, 12 Nov 2002 15:16:50 -0800 (PST) Received: from arch20m.dellroad.org (localhost [127.0.0.1]) by arch20m.dellroad.org (8.12.6/8.12.6) with ESMTP id gACNGqOS017441 for ; Tue, 12 Nov 2002 15:16:52 -0800 (PST) (envelope-from archie@arch20m.dellroad.org) Received: (from archie@localhost) by arch20m.dellroad.org (8.12.6/8.12.6/Submit) id gACNGqWC017440 for freebsd-net@freebsd.org; Tue, 12 Nov 2002 15:16:52 -0800 (PST) From: Archie Cobbs Message-Id: <200211122316.gACNGqWC017440@arch20m.dellroad.org> Subject: Sockets and changing IP addresses To: freebsd-net@freebsd.org Date: Tue, 12 Nov 2002 15:16:52 -0800 (PST) X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm curious what -net's opinion is on PR kern/38544: http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/38554 In summary: if you have a connected socket whose local IP address is X, and then change the interface IP address from X to Y, then packets written out by the socket will continue to be transmitted with source IP address X. Do people agree that this is a bug and should be fixed? Do people agree that my suggestion of returning ENETDOWN is reasonable? If so, what would be the most efficient way to implement this? Obviously we'd like to avoid searching the entire IP address list for every outgoing packet. Would it work to only do that search if the socket's cached route is invalid? Etc. Thanks, -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 19: 6:21 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BDBCD37B401 for ; Tue, 12 Nov 2002 19:06:20 -0800 (PST) Received: from out3.mx.nwbl.wi.voyager.net (out3.mx.nwbl.wi.voyager.net [169.207.3.121]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4706143E75 for ; Tue, 12 Nov 2002 19:06:20 -0800 (PST) (envelope-from silby@silby.com) Received: from [10.1.1.6] (d102.as9.nwbl0.wi.voyager.net [169.207.132.230]) by out3.mx.nwbl.wi.voyager.net (Postfix) with ESMTP id 864F377BC6; Tue, 12 Nov 2002 21:06:11 -0600 (CST) Date: Tue, 12 Nov 2002 21:11:43 -0600 (CST) From: Mike Silbersack To: Tony Finch Cc: freebsd-net@freebsd.org Subject: Re: forwarded message on Source Quench Packets. In-Reply-To: Message-ID: <20021112210823.U5029-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 12 Nov 2002, Tony Finch wrote: > Mike Silbersack wrote: > > > >I can see how these source quench messages would cause problems if a DoS > >is being routed through a FreeBSD router, and I think that your patch > >makes sense. Are there any objections to me committing this in a few > >days? > > Doesn't FreeBSD rate-limit ICMP as required by the RFC? If there is a > but it's that the rate-limiting isn't happening, not that source-quench > packets are being generated. If it's important that FreeBSD routers not > generate them then it should be a sysctl option. > > Tony. FreeBSD the host rate limits some ICMP packets. FreeBSD the router doesn't have any rate limiting implemented. Using the same function to limit both would be easy, but seperate buckets and limits would have to be created, as the limits for a router would presumably need to be higher. What I'm going to do is make the source quench packets a sysctl which defaults to off. If you want to investigate the possibility of ratelimiting other responses, you're quite welcome to do so; only minor modifications to badport_bandlim will be necessary. The concerns I have are that some responses (such as need frag) might be harmful to rate limit, so examine every case carefully. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 19:44:48 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 859AE37B401 for ; Tue, 12 Nov 2002 19:44:47 -0800 (PST) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED9CA43E3B for ; Tue, 12 Nov 2002 19:44:46 -0800 (PST) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id <42S9WCC2>; Tue, 12 Nov 2002 22:44:46 -0500 Message-ID: From: Don Bowman To: "'freebsd-net@freebsd.org'" Subject: RE: bug in bge driver with ENOBUFS on 4.7 Date: Tue, 12 Nov 2002 22:44:45 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > From: Don Bowman [mailto:don@sandvine.com] > In bge_rxeof(), there can end up being a condition which causes > the driver to endlessly interrupt. > > if (bge_newbuf_std(sc, sc->bge_std, NULL) == ENOBUFS) { > ifp->if_ierrors++; > bge_newbuf_std(sc, sc->bge_std, m); > continue; > } > > happens. Now, bge_newbuf_std returns ENOBUFS. 'm' is also NULL. > This causes the received packet to not be dequeued, and the driver > will then go straight back into interrupt as the chip will > reassert the interrupt as soon as we return. More information... It would appear that we're looping here in the rx interrupt, the variable 'stdcnt' which counts the number of standard-sized packets pulled off per iteration is huge (indicating we've overrun the ring multiple times). while(sc->bge_rx_saved_considx != sc->bge_rdata->bge_status_block.bge_idx[0].bge_rx_prod_idx) { is the construct that controls when we exit the loop. Clearly in my case this is never becoming false. I see 'sc->bge_rx_saved_considx' as 201, and the RHS of the expression as 38442. This doesn't seem correct, I think that both numbers must be <= BGE_SSLOTS. (kgdb) p/x *cur_rx $10 = {bge_addr = {bge_addr_hi = 0x0, bge_addr_lo = 0xca2d802}, bge_len = 0x4a, bge_idx = 0xc8, bge_flags = 0x7004, bge_type = 0x0, bge_tcp_udp_csum = 0x9992, bge_ip_csum = 0xffff, bge_vlan_tag = 0x0, bge_error_flag = 0x0, bge_rsvd = 0x0, bge_opaque = 0x0} Any suggestions anyone? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 12 23:12:48 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DEEA137B401 for ; Tue, 12 Nov 2002 23:12:46 -0800 (PST) Received: from smtp.inode.at (smtp-01.inode.at [62.99.194.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id D6FA843E4A for ; Tue, 12 Nov 2002 23:12:45 -0800 (PST) (envelope-from mbretter@inode.at) Received: from line-c-197.adsl-dynamic.inode.at ([62.99.151.197]:1066 helo=inode.at) by smtp.inode.at with esmtp (Exim 4.05) id 18BrhW-0005AX-00 for freebsd-net@freebsd.org; Wed, 13 Nov 2002 08:12:38 +0100 Message-ID: <3DD1FAAC.6060707@inode.at> Date: Wed, 13 Nov 2002 08:09:32 +0100 From: Michael Bretterklieber User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; de-AT; rv:1.2b) Gecko/20021016 X-Accept-Language: de-at, de-de, de, en, en-us MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: struct sockaddr_in - question Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, the struct sockaddr_in (netinet/in.h) of FreeBSD has the member sin_len, but other OS's don't have this structure-member. The sockaddr_in structure declared on many systems like this: struct sockkaddr_in { short int sin_family; unsigned short int sin_port; struct in_addr sin_addr; } My question is do I realy need to fill this? Or is it there just for future use? bye, -- ------------------------------- ---------------------------------- Michael Bretterklieber - Michael.Bretterklieber@jawa.at JAWA Management Software GmbH - http://www.jawa.at Liebenauer Hauptstr. 200 -------------- privat ------------ A-8041 GRAZ GSM: ++43-(0)676-93 96 698 Tel: ++43-(0)316-403274-12 E-mail: mbretter@inode.at Fax: ++43-(0)316-403274-10 http://www.inode.at/mbretter ------------------------------- ---------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 13 9:52:43 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8257F37B401 for ; Wed, 13 Nov 2002 09:52:41 -0800 (PST) Received: from silver.he.iki.fi (silver.he.iki.fi [193.64.42.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3A5D343E88 for ; Wed, 13 Nov 2002 09:52:40 -0800 (PST) (envelope-from pete@he.iki.fi) Received: from he.iki.fi (localhost.he.iki.fi [127.0.0.1]) by silver.he.iki.fi (8.12.6/8.11.4) with ESMTP id gADHqbuO036141 for ; Wed, 13 Nov 2002 19:52:38 +0200 (EET) (envelope-from pete@he.iki.fi) Message-ID: <3DD29165.8010904@he.iki.fi> Date: Wed, 13 Nov 2002 19:52:37 +0200 From: Petri Helenius User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:0.9.4) Gecko/20011126 Netscape6/6.2.1 X-Accept-Language: English [en],Finnish [fi] MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: em0 under CURRENT Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Just for the sake of it, I tried if the performance of em would be different under -CURRENT and it is. Initially when I had: options INVARIANTS #Enable calls of extra sanity checking options INVARIANT_SUPPORT #Extra sanity checks of internal structures, required by INVARIANTS options WITNESS #Enable checks to detect deadlocks and cycles options WITNESS_SKIPSPIN #Don't run witness on spinlocks for speed The performance was not much better than 100Mbps ethernet. Dropping these options upped the performance to ~300Mbps:ish while 4.7-STABLE gives twice that using the same application. The machine is 2.4GHz Dual P4. At 300Mbps the other CPU seems to be spending almost all it's time on interrupt context while the stuff on other CPU is waiting for *Giant. Are all network drivers still under Giant on 5.0? Is there any other parameters I should tune? Increase allowed mbuf clusters? mbuf usage: GEN list: 0/0 (in use/in pool) CPU #0 list: 232/528 (in use/in pool) CPU #1 list: 282/416 (in use/in pool) Total: 514/944 (in use/in pool) Maximum number allowed on each CPU list: 512 Maximum possible: 51200 Allocated mbuf types: 514 mbufs allocated to data 1% of mbuf map consumed mbuf cluster usage: GEN list: 1/30 (in use/in pool) CPU #0 list: 205/248 (in use/in pool) CPU #1 list: 306/392 (in use/in pool) Total: 512/670 (in use/in pool) Maximum number allowed on each CPU list: 128 Maximum possible: 25600 2% of cluster map consumed 1576 KBytes of wired memory reserved (73% in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines Pete To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 13 10:51:50 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF7E537B401; Wed, 13 Nov 2002 10:51:49 -0800 (PST) Received: from hub.org (hub.org [64.49.215.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id B6CCE43E3B; Wed, 13 Nov 2002 10:51:49 -0800 (PST) (envelope-from scrappy@hub.org) Received: from hub.org (hub.org [64.49.215.141]) by hub.org (Postfix) with ESMTP id 614568A51CA; Wed, 13 Nov 2002 14:51:47 -0400 (AST) Date: Wed, 13 Nov 2002 14:51:47 -0400 (AST) From: "Marc G. Fournier" To: freebsd-net@freebsd.org Cc: freebsd-stable@freebsd.org Subject: if_ef doesn't work with if_fxp? Message-ID: <20021113144921.G72890-100000@hub.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Morning ... Been trying to get ncp* to work with FreeBSD 4.7-STABLE, and finally found some docs that refer to the if_ef device for doing this ... but when I try to do: ifconfig fxp0f2 ipx 0x#### and it gives me back an 'interface does not exist' message ... I have ef configured into the kernel, as well as fxp, so kernel modules aren't involved here ... Help? Thanks ... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 13 11:26:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3AF9B37B401; Wed, 13 Nov 2002 11:26:32 -0800 (PST) Received: from zibbi.icomtek.csir.co.za (zibbi.icomtek.csir.co.za [146.64.24.58]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B42C43E3B; Wed, 13 Nov 2002 11:26:30 -0800 (PST) (envelope-from jhay@zibbi.icomtek.csir.co.za) Received: from zibbi.icomtek.csir.co.za (localhost [IPv6:::1]) by zibbi.icomtek.csir.co.za (8.12.6/8.12.6) with ESMTP id gADJQPD8011483; Wed, 13 Nov 2002 21:26:25 +0200 (SAT) (envelope-from jhay@zibbi.icomtek.csir.co.za) Received: (from jhay@localhost) by zibbi.icomtek.csir.co.za (8.12.6/8.12.6/Submit) id gADJQMFo011478; Wed, 13 Nov 2002 21:26:22 +0200 (SAT) (envelope-from jhay) From: John Hay Message-Id: <200211131926.gADJQMFo011478@zibbi.icomtek.csir.co.za> Subject: Re: if_ef doesn't work with if_fxp? In-Reply-To: <20021113144921.G72890-100000@hub.org> from "Marc G. Fournier" at "Nov 13, 2002 02:51:47 pm" To: scrappy@hub.org (Marc G. Fournier) Date: Wed, 13 Nov 2002 21:26:22 +0200 (SAT) Cc: freebsd-net@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > Been trying to get ncp* to work with FreeBSD 4.7-STABLE, and finally > found some docs that refer to the if_ef device for doing this ... but when > I try to do: > > ifconfig fxp0f2 ipx 0x#### > > and it gives me back an 'interface does not exist' message ... I have ef > configured into the kernel, as well as fxp, so kernel modules aren't > involved here ... > I don't know if it will help, but I have never been able to get if_ef working when it is compiled into the kernel. I just kldload it. And I do use it with fxp devices. John -- John Hay -- John.Hay@icomtek.csir.co.za / jhay@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 13 11:37:51 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 362F537B404; Wed, 13 Nov 2002 11:37:50 -0800 (PST) Received: from hub.org (hub.org [64.49.215.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id E927B43E75; Wed, 13 Nov 2002 11:37:49 -0800 (PST) (envelope-from scrappy@hub.org) Received: from hub.org (hub.org [64.49.215.141]) by hub.org (Postfix) with ESMTP id E818C8A51C4; Wed, 13 Nov 2002 15:37:26 -0400 (AST) Date: Wed, 13 Nov 2002 15:37:13 -0400 (AST) From: "Marc G. Fournier" To: John Hay Cc: freebsd-net@FreeBSD.ORG, Subject: Re: if_ef doesn't work with if_fxp? In-Reply-To: <200211131926.gADJQMFo011478@zibbi.icomtek.csir.co.za> Message-ID: <20021113153708.C72890-100000@hub.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org 'K, will try that out ... On Wed, 13 Nov 2002, John Hay wrote: > > > > Been trying to get ncp* to work with FreeBSD 4.7-STABLE, and finally > > found some docs that refer to the if_ef device for doing this ... but when > > I try to do: > > > > ifconfig fxp0f2 ipx 0x#### > > > > and it gives me back an 'interface does not exist' message ... I have ef > > configured into the kernel, as well as fxp, so kernel modules aren't > > involved here ... > > > > I don't know if it will help, but I have never been able to get if_ef > working when it is compiled into the kernel. I just kldload it. And > I do use it with fxp devices. > > John > -- > John Hay -- John.Hay@icomtek.csir.co.za / jhay@FreeBSD.org > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 13 11:43:13 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC1BC37B401 for ; Wed, 13 Nov 2002 11:43:12 -0800 (PST) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1D3FD43E4A for ; Wed, 13 Nov 2002 11:43:12 -0800 (PST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.3/8.12.5) with ESMTP id gADJhBen066436 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Wed, 13 Nov 2002 14:43:11 -0500 (EST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.3/8.12.5/Submit) id gADJhAeF066433; Wed, 13 Nov 2002 14:43:10 -0500 (EST) (envelope-from wollman) Date: Wed, 13 Nov 2002 14:43:10 -0500 (EST) From: Garrett Wollman Message-Id: <200211131943.gADJhAeF066433@khavrinen.lcs.mit.edu> To: Michael Bretterklieber Cc: freebsd-net@FreeBSD.ORG Subject: struct sockaddr_in - question In-Reply-To: <3DD1FAAC.6060707@inode.at> References: <3DD1FAAC.6060707@inode.at> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > My question is do I realy need to fill this? Or is it there just for > future use? That depends on what you will be using the length for. Some interfaces require that it be present; other interfaces (e.g., those system calls which already take a separate length argument) do not. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 13 12:11:31 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A2AE37B401 for ; Wed, 13 Nov 2002 12:11:30 -0800 (PST) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 8B79B43E42 for ; Wed, 13 Nov 2002 12:11:29 -0800 (PST) (envelope-from kudzu@tenebras.com) Received: (qmail 2798 invoked from network); 13 Nov 2002 20:11:28 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 13 Nov 2002 20:11:28 -0000 Message-ID: <3DD2B1EF.4020603@tenebras.com> Date: Wed, 13 Nov 2002 12:11:27 -0800 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en, fr-fr, ru MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: natd woes with 4.7-RELEASE-p2 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I am running 4.7 on a firewall, with an extremely simple nat setup -- not all packets are passed through nat, as some services such as ntp and dnswall are handled on the firewall -- but for those packets that are nat'd, there are only static (redirect_address) rules. What happens is that, over time, natd starts to use more cycles and memory, even without any network traffic through the box. When the latency to outside increases by about 4x, I kill and restart natd, and all works fine. This isn't ideal, however. Any suggestions? contents of my natd config follow. # rc.natd # # external interface interface sis0 # use_sockets same_ports unregistered_only # redirect_address 192.168.188.18 66.92.188.18 redirect_address 192.168.188.165 66.92.188.165 redirect_address 192.168.188.175 66.92.188.175 redirect_address 192.168.188.241 66.92.188.241 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 13 17:36:14 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B1FD37B407 for ; Wed, 13 Nov 2002 17:36:13 -0800 (PST) Received: from stono.cs.cofc.edu (stono.cs.cofc.edu [153.9.17.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 065D643E97 for ; Wed, 13 Nov 2002 17:36:13 -0800 (PST) (envelope-from jimmy@cs.cofc.edu) Received: from [153.9.17.27] (burton.cs.cofc.edu [153.9.17.27]) by stono.cs.cofc.edu (8.11.6/8.11.6) with ESMTP id gAE0hnm14974 for ; Wed, 13 Nov 2002 19:43:49 -0500 Mime-Version: 1.0 X-Sender: jimmy@stono.cs.cofc.edu Message-Id: Date: Wed, 13 Nov 2002 20:35:39 -0500 To: freebsd-net@freebsd.org From: "James B. Wilkinson" Subject: can't get trpt to run Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org When I try to run trpt, it reports "no namelist". If I do "nm /kernel" I get an extensive namelist. At this point I have no idea where else to look. Does anybody here have any ideas? Kernel is 4.6.1-RC2. Thanks -- ------------------------------------------------------------- Jimmy Wilkinson | Perfesser of Computer Science jimmy@cs.CofC.edu | The College of Charleston (843) 953-8160 | Charleston SC 29424 If there is one word to describe me, that word would have to be "profectionist". Any form of incompitence is an athema to me. Metathesis??? Don't ax me. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 0:46:49 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 70D7837B476 for ; Thu, 14 Nov 2002 00:46:44 -0800 (PST) Received: from mailhub.fokus.gmd.de (mailhub.fokus.gmd.de [193.174.154.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0065543E75 for ; Thu, 14 Nov 2002 00:46:43 -0800 (PST) (envelope-from brandt@fokus.gmd.de) Received: from beagle (beagle [193.175.132.100]) by mailhub.fokus.gmd.de (8.11.6/8.11.6) with ESMTP id gAE8kJl01009; Thu, 14 Nov 2002 09:46:19 +0100 (MET) Date: Thu, 14 Nov 2002 09:46:19 +0100 (CET) From: Harti Brandt To: "James B. Wilkinson" Cc: freebsd-net@FreeBSD.ORG Subject: Re: can't get trpt to run In-Reply-To: Message-ID: <20021114094223.F43479-100000@beagle.fokus.gmd.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 13 Nov 2002, James B. Wilkinson wrote: JBW>When I try to run trpt, it reports "no namelist". If I do "nm JBW>/kernel" I get an extensive namelist. At this point I have no idea JBW>where else to look. Does anybody here have any ideas? Kernel is JBW>4.6.1-RC2. Did you build the kernel with the TCPDEBUG option. Even if you get trpt to find the namelist, you will get no usefull output, because the TCPDEBUG option is utterly screwed up. All the people patching around in tcp_input and tcp_output didn't care about TCPDEBUG so there are a lot of cases where you don't get a debug record. I have a patch for current, that let you at least trace normal TCP connections and use dbsd. If I get some spare time, I may make a bug report. harti -- harti brandt, http://www.fokus.gmd.de/research/cc/cats/employees/hartmut.brandt/private brandt@fokus.gmd.de, brandt@fokus.fhg.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 6:25:45 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F81737B401; Thu, 14 Nov 2002 06:25:43 -0800 (PST) Received: from hub.org (hub.org [64.49.215.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id 48A7043E7B; Thu, 14 Nov 2002 06:25:43 -0800 (PST) (envelope-from scrappy@hub.org) Received: from hub.org (hub.org [64.49.215.141]) by hub.org (Postfix) with ESMTP id 46C4E8A72B5; Thu, 14 Nov 2002 10:25:28 -0400 (AST) Date: Thu, 14 Nov 2002 10:25:18 -0400 (AST) From: "Marc G. Fournier" To: John Hay Cc: freebsd-net@FreeBSD.ORG, Subject: Re: if_ef doesn't work with if_fxp? In-Reply-To: <200211131926.gADJQMFo011478@zibbi.icomtek.csir.co.za> Message-ID: <20021114101959.E72890-100000@hub.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 13 Nov 2002, John Hay wrote: > > > > Been trying to get ncp* to work with FreeBSD 4.7-STABLE, and finally > > found some docs that refer to the if_ef device for doing this ... but when > > I try to do: > > > > ifconfig fxp0f2 ipx 0x#### > > > > and it gives me back an 'interface does not exist' message ... I have ef > > configured into the kernel, as well as fxp, so kernel modules aren't > > involved here ... > > > > I don't know if it will help, but I have never been able to get if_ef > working when it is compiled into the kernel. I just kldload it. And > I do use it with fxp devices. Woo hoo ... okay, now we are slowly getting somewhere ... I checked with our network/netware guy, and he's told me that we're running "0 interface with an Ethernet_II frame", so I've got fxp0f0 configured with our network number, which he's given me as 0x83a2c800 ... *but* ... and here is where I'm potentially getting things screwed up ... Our network is a B-Class, with from x.x.128.x up being divided into subnets of 8 C-classes each ... so subnet 128, 136, 144, etc ... our netware server is on subnet 200, which is the 83a2c800 that he's given me ... the computer I'm working on is a laptop, so will be on several different subnets, but never on subnet 200 ... is 83a2c800 the netnum I want to use, or is there something else I should be using? With everything apparenty configured right, if I do: ncplogin -T DOMAIN -U user -S server it comes back with: Warning: no cfg files found. ncplogin: can't find server SERVER: syserr = Network is down IP wise, I can ping the server no problem, so I'm missing one step here for the IPX stuff ... ? Thanks ... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 7:12: 1 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A001337B401 for ; Thu, 14 Nov 2002 07:12:00 -0800 (PST) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 540C343E3B for ; Thu, 14 Nov 2002 07:12:00 -0800 (PST) (envelope-from kudzu@tenebras.com) Received: (qmail 5350 invoked from network); 14 Nov 2002 15:11:59 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 14 Nov 2002 15:11:59 -0000 Message-ID: <3DD3BD3F.7070506@tenebras.com> Date: Thu, 14 Nov 2002 07:11:59 -0800 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en, fr-fr, ru MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re: natd woes with 4.7-RELEASE-p2 References: <3DD2B1EF.4020603@tenebras.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org As it stands, on a system with almost no network traffic, natd climbs to about 95% CPU, latency through the firewall quadruples, and killing and restarting natd always cures the problem. I'd like to find a better way, but as it stands it needs to be restarted about every 10 hours or so. Any insight would be welcome. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 8:44:29 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 77B8E37B401 for ; Thu, 14 Nov 2002 08:44:28 -0800 (PST) Received: from fep07-app.kolumbus.fi (fep07-0.kolumbus.fi [193.229.0.51]) by mx1.FreeBSD.org (Postfix) with ESMTP id EB23A43E4A for ; Thu, 14 Nov 2002 08:44:24 -0800 (PST) (envelope-from pasi.savanain@kolumbus.fi) Received: from kolumbus.fi ([80.186.22.134]) by fep07-app.kolumbus.fi with ESMTP id <20021114164411.GMPV16201.fep07-app.kolumbus.fi@kolumbus.fi> for ; Thu, 14 Nov 2002 18:44:11 +0200 Message-ID: <3DD3D2DB.70401@kolumbus.fi> Date: Thu, 14 Nov 2002 18:44:11 +0200 From: Pasi Savanainen User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20021024 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@FreeBSD.org Subject: Network driver IOCTL Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I am implementing a redundant LAN pseudo-driver. I had to hack a /netinet/if_ether.c file so that arpinput will update arp cache. I tried to use SIOCGIFGENERIC ioctl, but vlan seems to be use the same command. The problem is that ifconfig use that generic command and core dumps. I think that ifconfig should asks vlan status only from the vlan interfaces. If I can't use SIOCGIFGENERIC, I have to define a new ioctl command. Are /sys/sockio.h and /net/if.c the correct files to new command? All hints are helpfull? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 10:46:39 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE5D037B401 for ; Thu, 14 Nov 2002 10:46:36 -0800 (PST) Received: from out8.mx.nwbl.wi.voyager.net (out8.mx.nwbl.wi.voyager.net [169.207.3.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 34BD943E4A for ; Thu, 14 Nov 2002 10:46:36 -0800 (PST) (envelope-from silby@silby.com) Received: from [10.1.1.6] (d155.as12.nwbl0.wi.voyager.net [169.207.136.157]) by out8.mx.nwbl.wi.voyager.net (Postfix) with ESMTP id E58AE3BFB9; Thu, 14 Nov 2002 12:45:51 -0600 (CST) Date: Thu, 14 Nov 2002 12:51:25 -0600 (CST) From: Mike Silbersack To: "."@babolo.ru Cc: Tony Finch , Subject: Re: forwarded message on Source Quench Packets. In-Reply-To: <200211122103.gACL36X3054512@aaz.links.ru> Message-ID: <20021114124957.D521-200000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-1421922239-1037299873=:521" Content-ID: <20021114125121.I521@patrocles.silby.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-1421922239-1037299873=:521 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Content-ID: <20021114125121.Y521@patrocles.silby.com> On Wed, 13 Nov 2002 .@babolo.ru wrote: > > Mike Silbersack wrote: > > > > > >I can see how these source quench messages would cause problems if a DoS > > >is being routed through a FreeBSD router, and I think that your patch > > >makes sense. Are there any objections to me committing this in a few > > >days? > > > > Doesn't FreeBSD rate-limit ICMP as required by the RFC? If there is a > > but it's that the rate-limiting isn't happening, not that source-quench > > packets are being generated. If it's important that FreeBSD routers not > > generate them then it should be a sysctl option. > I am second for a sysctl option. > One of requirements when licensing networks > in Russia is source-quench support. Ok, here's the patch I intend to commit; please give it a quick lookover to see if I made any mistakes. This should provde the sysctl functionality requested. Thanks, Mike "Silby" Silbersack --0-1421922239-1037299873=:521 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; NAME="ip_input.c-disablesourcequench.patch" Content-Transfer-Encoding: BASE64 Content-ID: <20021114125113.P521@patrocles.silby.com> Content-Description: Content-Disposition: ATTACHMENT; FILENAME="ip_input.c-disablesourcequench.patch" ZGlmZiAtdSAtciAvdXNyL3NyYy9zeXMub2xkL25ldGluZXQvaXBfaW5wdXQu YyAvdXNyL3NyYy9zeXMvbmV0aW5ldC9pcF9pbnB1dC5jDQotLS0gL3Vzci9z cmMvc3lzLm9sZC9uZXRpbmV0L2lwX2lucHV0LmMJVGh1IE5vdiAxNCAxMjoz Nzo0MyAyMDAyDQorKysgL3Vzci9zcmMvc3lzL25ldGluZXQvaXBfaW5wdXQu YwlUaHUgTm92IDE0IDEyOjQ1OjIxIDIwMDINCkBAIC0xMjUsNiArMTI1LDEx IEBADQogCSZpcF9tYXhmcmFncGFja2V0cywgMCwNCiAJIk1heGltdW0gbnVt YmVyIG9mIElQdjQgZnJhZ21lbnQgcmVhc3NlbWJseSBxdWV1ZSBlbnRyaWVz Iik7DQogDQorc3RhdGljIGludAlpcF9zZW5kc291cmNlcXVlbmNoID0gMDsN CitTWVNDVExfSU5UKF9uZXRfaW5ldF9pcCwgT0lEX0FVVE8sIHNlbmRzb3Vy Y2VxdWVuY2gsIENUTEZMQUdfUlcsDQorCSZpcF9zZW5kc291cmNlcXVlbmNo LCAwLA0KKwkiRW5hYmxlIHRoZSB0cmFuc21pc3Npb24gb2Ygc291cmNlIHF1 ZW5jaCBwYWNrZXRzIik7DQorDQogLyoNCiAgKiBYWFggLSBTZXR0aW5nIGlw X2NoZWNraW50ZXJmYWNlIG1vc3RseSBpbXBsZW1lbnRzIHRoZSByZWNlaXZl IHNpZGUgb2YNCiAgKiB0aGUgU3Ryb25nIEVTIG1vZGVsIGRlc2NyaWJlZCBp biBSRkMgMTEyMiwgYnV0IHNpbmNlIHRoZSByb3V0aW5nIHRhYmxlDQpAQCAt MTk3MCw4ICsxOTc1LDIxIEBADQogCQlicmVhazsNCiANCiAJY2FzZSBFTk9C VUZTOg0KLQkJdHlwZSA9IElDTVBfU09VUkNFUVVFTkNIOw0KLQkJY29kZSA9 IDA7DQorCQkvKg0KKwkJICogQSByb3V0ZXIgc2hvdWxkIG5vdCBnZW5lcmF0 ZSBJQ01QX1NPVVJDRVFVRU5DSCBhcw0KKwkJICogcmVxdWlyZWQgaW4gUkZD MTgxMiBSZXF1aXJlbWVudHMgZm9yIElQIFZlcnNpb24gNCBSb3V0ZXJzLg0K KwkJICogU291cmNlIHF1ZW5jaCBjb3VsZCBiZSBhIGJpZyBwcm9ibGVtIHVu ZGVyIERvUyBhdHRhY2tzLA0KKwkJICogb3IgaWYgdGhlIHVuZGVybHlpbmcg aW50ZXJmYWNlIGlzIHJhdGUtbGltaXRlZC4NCisJCSAqIFRob3NlIHdobyBu ZWVkIHNvdXJjZSBxdWVuY2ggcGFja2V0cyBtYXkgcmUtZW5hYmxlIHRoZW0N CisJCSAqIHZpYSB0aGUgbmV0LmluZXQuaXAuc2VuZHNvdXJjZXF1ZW5jaCBz eXNjdGwuDQorCQkgKi8NCisJCWlmIChpcF9zZW5kc291cmNlcXVlbmNoID09 IDApIHsNCisJCQltX2ZyZWVtKG1jb3B5KTsNCisJCQlyZXR1cm47DQorCQl9 IGVsc2Ugew0KKwkJCXR5cGUgPSBJQ01QX1NPVVJDRVFVRU5DSDsNCisJCQlj b2RlID0gMDsNCisJCX0NCiAJCWJyZWFrOw0KIA0KIAljYXNlIEVBQ0NFUzoJ CQkvKiBpcGZ3IGRlbmllZCBwYWNrZXQgKi8NCg== --0-1421922239-1037299873=:521-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 11:59: 4 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7D8BA37B401 for ; Thu, 14 Nov 2002 11:59:02 -0800 (PST) Received: from smtp.inode.at (smtp-02.inode.at [62.99.194.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2BF2A43E7B for ; Thu, 14 Nov 2002 11:58:55 -0800 (PST) (envelope-from mbretter@inode.at) Received: from line-c-129.adsl-dynamic.inode.at ([62.99.151.129]:1049 helo=inode.at) by smtp.inode.at with esmtp (Exim 4.10) id 18CQ8N-0003Tb-00; Thu, 14 Nov 2002 20:58:39 +0100 Message-ID: <3DD3FFC0.1040008@inode.at> Date: Thu, 14 Nov 2002 20:55:44 +0100 From: Michael Bretterklieber User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; de-AT; rv:1.2b) Gecko/20021016 X-Accept-Language: de-at, de-de, de, en, en-us MIME-Version: 1.0 To: Garrett Wollman Cc: freebsd-net@FreeBSD.ORG Subject: Re: struct sockaddr_in - question References: <3DD1FAAC.6060707@inode.at> <200211131943.gADJhAeF066433@khavrinen.lcs.mit.edu> In-Reply-To: <3DD1FAAC.6060707@inode.at> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Garrett Wollman wrote: > < said: > > > >My question is do I realy need to fill this? Or is it there just for > >future use? > > > That depends on what you will be using the length for. Some > interfaces require that it be present; other interfaces (e.g., those > system calls which already take a separate length argument) do not. thanx, I got already this answer: here's basically what steven's ``UNIX Network Programming, Vol. 1, 2nd edition'' says: - the length field was added in 4.3BSD-Reno when OSI protocol support was added. makes it easier in handling of variable-length socket address structures. says not all vendors support it and it's not required by posix.1g. and the following is verbatim: - even if the length field is present, we need never set it and need never examine it, unless we're dealing with routing sockets. it is used within the kernel by the routine that deal with socket address structures from various protocol families. bye, -- ------------------------------- ---------------------------------- Michael Bretterklieber - Michael.Bretterklieber@jawa.at JAWA Management Software GmbH - http://www.jawa.at Liebenauer Hauptstr. 200 -------------- privat ------------ A-8041 GRAZ GSM: ++43-(0)676-93 96 698 Tel: ++43-(0)316-403274-12 E-mail: mbretter@inode.at Fax: ++43-(0)316-403274-10 http://www.inode.at/mbretter ------------------------------- ---------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 12:52:34 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 03DD237B401 for ; Thu, 14 Nov 2002 12:52:33 -0800 (PST) Received: from smtp.inode.at (smtp-02.inode.at [62.99.194.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC59943E88 for ; Thu, 14 Nov 2002 12:52:31 -0800 (PST) (envelope-from mbretter@inode.at) Received: from line-c-129.adsl-dynamic.inode.at ([62.99.151.129]:1026 helo=inode.at) by smtp.inode.at with esmtp (Exim 4.10) id 18CQyB-0002De-00 for freebsd-net@freebsd.org; Thu, 14 Nov 2002 21:52:12 +0100 Message-ID: <3DD40C4D.3040101@inode.at> Date: Thu, 14 Nov 2002 21:49:17 +0100 From: Michael Bretterklieber Organization: JAWA Management Software GmbH User-Agent: Mozilla/5.0 (X11; U; Linux i386; de-AT; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: libradius problem Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I found a problem in libradius. The structure-member req_len is in rad_auth_open() not initialized with 0. I'm writing a php-module for this lib and I found that this value was not zero after rad_auth_open() and therfore I got "Maximum message length exceeded" calling rad_put_string() the first time. Maybe its better to initialize this with 0. bye, -- ------------------------------- ---------------------------------- Michael Bretterklieber - Michael.Bretterklieber@jawa.at JAWA Management Software GmbH - http://www.jawa.at Liebenauer Hauptstr. 200 -------------- privat ------------ A-8041 GRAZ GSM: ++43-(0)676-93 96 698 Tel: ++43-(0)316-403274-12 E-mail: mbretter@inode.at Fax: ++43-(0)316-403274-10 http://www.inode.at/mbretter ------------------------------- ---------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 13:51:25 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 252BA37B401 for ; Thu, 14 Nov 2002 13:51:24 -0800 (PST) Received: from smtp.inode.at (smtp-01.inode.at [62.99.194.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id A453E43E88 for ; Thu, 14 Nov 2002 13:51:23 -0800 (PST) (envelope-from mbretter@inode.at) Received: from line-c-129.adsl-dynamic.inode.at ([62.99.151.129]:1041 helo=inode.at) by smtp.inode.at with esmtp (Exim 4.05) id 18CRtR-0004TP-00 for freebsd-net@freebsd.org; Thu, 14 Nov 2002 22:51:21 +0100 Message-ID: <3DD41A1E.6060800@inode.at> Date: Thu, 14 Nov 2002 22:48:14 +0100 From: Michael Bretterklieber User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; de-AT; rv:1.2b) Gecko/20021016 X-Accept-Language: de-at, de-de, de, en, en-us MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re: libradius problem References: <3DD40C4D.3040101@inode.at> In-Reply-To: <3DD40C4D.3040101@inode.at> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Michael Bretterklieber wrote: > Hi, > > I found a problem in libradius. > > The structure-member req_len is in rad_auth_open() not initialized with 0. > > I'm writing a php-module for this lib and I found that this value was > not zero after rad_auth_open() and therfore I got "Maximum message > length exceeded" calling rad_put_string() the first time. > > Maybe its better to initialize this with 0. I finaly found the reason, I called rad_put_string() without creating a request before with rad_create_request(). Maybe it will be better to let rad_put_string() fail with an error message saying something like "rad_create_request" not called. bye, -- ------------------------------- ---------------------------------- Michael Bretterklieber - Michael.Bretterklieber@jawa.at JAWA Management Software GmbH - http://www.jawa.at Liebenauer Hauptstr. 200 -------------- privat ------------ A-8041 GRAZ GSM: ++43-(0)676-93 96 698 Tel: ++43-(0)316-403274-12 E-mail: mbretter@inode.at Fax: ++43-(0)316-403274-10 http://www.inode.at/mbretter ------------------------------- ---------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 14: 8:16 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB29137B401 for ; Thu, 14 Nov 2002 14:08:14 -0800 (PST) Received: from 66-162-33-178.gen.twtelecom.net (66-162-33-178.gen.twtelecom.net [66.162.33.178]) by mx1.FreeBSD.org (Postfix) with ESMTP id F000243E9C for ; Thu, 14 Nov 2002 14:08:13 -0800 (PST) (envelope-from jeff@expertcity.com) Received: from [10.4.1.134] (helo=expertcity.com) by 66-162-33-178.gen.twtelecom.net with esmtp (Exim 3.22 #4) id 18CS9f-0004iR-00 for freebsd-net@freebsd.org; Thu, 14 Nov 2002 14:08:07 -0800 Message-ID: <3DD41EC5.7060707@expertcity.com> Date: Thu, 14 Nov 2002 14:08:05 -0800 From: Jeff Behl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2a) Gecko/20020910 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: polling on 4.7 crash... Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org FreeBSD rack1-5.nwk 4.7-RELEASE-p1 FreeBSD 4.7-RELEASE-p1 #1: Tue Nov 12 10:37:37 PST 2002 root@rack1-5.nwk:/usr/src/sys/compile/GENERIC2 i386 Has anyone had problems with polling on a 4.7 box? It worked for about 24 hours then blew up with the below. While it worked it worked fantastically, dropping cpu time spent in interrupt from ~%40 to %0. The system was using the fxp driver and was sniffing a fully saturated 100mb line while doing very little trasnmitting of data itself. I don't see how HUPing syslogd could have caused it, but it did happen at the same time. Anyone experienced this or know of a fix? I'd be more than happy to help out in any testing. If this code works reliably it will be of great use to us; props to Luigi for writing it! -jeff Nov 14 12:15:00 rack1-5 syslogd: restart Nov 14 12:15:00 rack1-5 /kernel: rent process = Idle Nov 14 12:15:00 rack1-5 /kernel: interrupt mask = net bio cam Nov 14 12:15:00 rack1-5 /kernel: trap number = 12 Nov 14 12:15:00 rack1-5 /kernel: panic: page fault Nov 14 12:15:00 rack1-5 /kernel: Uptime: 2d1h32m36s Nov 14 12:15:00 rack1-5 /kernel: Nov 14 12:15:00 rack1-5 /kernel: Nov 14 12:15:00 rack1-5 /kernel: Fatal trap 12: page fault while in kernel mode Nov 14 12:15:00 rack1-5 /kernel: fault virtual address = 0xc1e14c10 Nov 14 12:15:00 rack1-5 /kernel: fault code = supervisor write, page not present Nov 14 12:15:00 rack1-5 /kernel: instruction pointer = 0x8:0xc0172797 Nov 14 12:15:00 rack1-5 /kernel: stack pointer = 0x10:0xc027f5d0 Nov 14 12:15:00 rack1-5 /kernel: frame pointer = 0x10:0xc027f5e4 Nov 14 12:15:00 rack1-5 /kernel: code segment = base 0x0, limit 0xfffff, type 0x1b Nov 14 12:15:00 rack1-5 /kernel: = DPL 0, pres 1, def32 1, gran 1 Nov 14 12:15:00 rack1-5 /kernel: processor eflags = interrupt enabled, resume, IOPL = 0 Nov 14 12:15:00 rack1-5 /kernel: current process = Idle Nov 14 12:15:00 rack1-5 /kernel: interrupt mask = net bio cam Nov 14 12:15:00 rack1-5 /kernel: trap number = 12 Nov 14 12:15:00 rack1-5 /kernel: panic: page fault Nov 14 12:15:00 rack1-5 /kernel: Uptime: 2d1h32m37s Nov 14 12:15:00 rack1-5 /kernel: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 18:58: 0 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 604BB37B401 for ; Thu, 14 Nov 2002 18:57:59 -0800 (PST) Received: from magellan.palisadesys.com (magellan.palisadesys.com [192.188.162.211]) by mx1.FreeBSD.org (Postfix) with ESMTP id A501D43E4A for ; Thu, 14 Nov 2002 18:57:58 -0800 (PST) (envelope-from ghelmer@palisadesys.com) Received: from spencer (desmdslgw5poolD254.desm.uswest.net [63.230.51.254]) (authenticated (0 bits)) by magellan.palisadesys.com (8.11.6/8.11.6) with ESMTP id gAF2vkI01044 (using TLSv1/SSLv3 with cipher RC4-MD5 (128 bits) verified NO); Thu, 14 Nov 2002 20:57:55 -0600 From: "Guy Helmer" To: "'Jeff Behl'" , Subject: RE: polling on 4.7 crash... Date: Thu, 14 Nov 2002 20:58:02 -0600 Organization: Palisade Systems, Inc Message-ID: <001301c28c52$d69bb210$0200000a@spencer> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal In-Reply-To: <3DD41EC5.7060707@expertcity.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Jeff Behl wrote: > FreeBSD rack1-5.nwk 4.7-RELEASE-p1 FreeBSD 4.7-RELEASE-p1 #1: Tue Nov 12 > 10:37:37 PST 2002 > root@rack1-5.nwk:/usr/src/sys/compile/GENERIC2 i386 > > Has anyone had problems with polling on a 4.7 box? It worked > for about > 24 hours then blew up with the below. While it worked it worked > fantastically, dropping cpu time spent in interrupt from ~%40 to %0. > > The system was using the fxp driver and was sniffing a fully saturated > 100mb line while doing very little trasnmitting of data > itself. I don't > see how HUPing syslogd could have caused it, but it did happen at the > same time. Yes, Ian Dowse just committed a fix to if_fxp.c in 4.7-stable (and previously, to -current) that solved this problem with the fxp driver. Look for rev. 1.110.2.27 of if_fxp.c (http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/fxp/if_fxp.c) or cvsup the updates. Hope this helps, Guy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 14 21:44:47 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3BD2B37B401; Thu, 14 Nov 2002 21:44:46 -0800 (PST) Received: from ns.mmk.ru (ns1.mmk.ru [195.54.3.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 671EB43E77; Thu, 14 Nov 2002 21:44:42 -0800 (PST) (envelope-from freebsd@mmk.ru) Received: from antivirus.mmk.ru (sinful [161.8.100.3]) by ns.mmk.ru (8.12.6/8.12.6) with ESMTP id gAF5gVAf087334; Fri, 15 Nov 2002 10:42:31 +0500 (YEKT) (envelope-from freebsd@mmk.ru) Received: from wall.mmk.ru (localhost [127.0.0.1]) by antivirus.mmk.ru (8.11.6/8.11.6) with ESMTP id gAF5bJs09907; Fri, 15 Nov 2002 10:37:19 +0500 (ESK) Received: from wall (localhost [127.0.0.1]) by wall.mmk.ru (8.12.6/8.12.6) with SMTP id gAF5gNDx022558; Fri, 15 Nov 2002 10:42:23 +0500 (YEKT) (envelope-from freebsd@mmk.ru) Message-ID: <004501c28c6a$920a5d50$02010101@wall> From: "Dmitry A. Bondareff" To: , Subject: Bug on an0 ?? Date: Fri, 15 Nov 2002 10:48:05 +0500 MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi! I have Aironet PCI4800. All works fine. But if I make tcpdump on this interface connection lost to master arlan. Only system reboot can help to restore connect. Is it bug ?? Best regards, Dmitry. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 15 0:40:25 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06CFC37B401 for ; Fri, 15 Nov 2002 00:40:24 -0800 (PST) Received: from wattres.Watt.COM (dsl093-133-130.sfo2.dsl.speakeasy.net [66.93.133.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 84D8143E42 for ; Fri, 15 Nov 2002 00:40:23 -0800 (PST) (envelope-from steve@Watt.COM) Received: (from steve@localhost) by wattres.Watt.COM (8.12.6/8.12.6) id gAF8eNri047989 for net@freebsd.org; Fri, 15 Nov 2002 00:40:23 -0800 (PST) (envelope-from steve) Message-Id: <200211150840.gAF8eNri047989@wattres.Watt.COM> From: steve@Watt.COM (Steve Watt) Date: Fri, 15 Nov 2002 00:40:23 -0800 X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: net@freebsd.org Subject: MPD UDP setup Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Everyone's favorite, I know. :) I'm trying to set up an MPD-based configuration that does the same thing as my current userland-ppp setup. The current setup is that the remote network is connected to a FreeBSD-Ancient (3-STABLE) box, which is then running a userland ppp over udp to the local network. The remote always initiates the connection. My box is a 4-STABLE, and I'm currently using "ppp -direct vpn-in" started from inetd to field the packets. What I'd like to do is use mpd instead of inetd, but I'm having a bit of an argument getting the link set up correctly. What I have on the local end is: (bit of mpd.conf) netremote: new -i ng0 netremote netremote set bundle disable multilink set iface disable on-demand set iface route 192.168.242.0/24 set link enable acfcomp protocomp set link enable chap set link keep-alive 10 60 set link mtu 1460 set ipcp yes vjcomp set ipcp ranges 192.168.241.10/32 192.168.242.0/24 set ipcp dns 192.168.241.10 open iface and in the mpd.links file: netremote: set link type udp set udp self [my-global-ip-address] 3141 set udp peer [their-global-ip-addr] 3141 When I try to start mpd, I get the following in my error log, and don't see anything bound to UDP:3141... Nov 14 23:57:59 wattres mpd: [netremote] can't bind ksocket node: Invalid argument I'm puzzled. Thanks, (p.s. Not subscribed to freebsd-net, so include me in replies. Yes, I did search the archives first.) -- Steve Watt KD6GGD PP-ASEL-IA ICBM: 121W 56' 57.8" / 37N 20' 14.9" Internet: steve @ Watt.COM Whois: SW32 Free time? There's no such thing. It just comes in varying prices... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 15 4:17:59 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E857A37B401; Fri, 15 Nov 2002 04:17:58 -0800 (PST) Received: from hotmail.com (f113.law15.hotmail.com [64.4.23.113]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF6DB43E8A; Fri, 15 Nov 2002 04:17:58 -0800 (PST) (envelope-from soheil_hh@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 15 Nov 2002 04:17:53 -0800 Received: from 195.146.53.185 by lw15fd.law15.hotmail.msn.com with HTTP; Fri, 15 Nov 2002 12:17:53 GMT X-Originating-IP: [195.146.53.185] From: "soheil soheil" To: freebsd-net@freebsd.org Subject: PEP ( performance inhanced proxy ) Date: Fri, 15 Nov 2002 12:17:53 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 15 Nov 2002 12:17:53.0593 (UTC) FILETIME=[05DF2A90:01C28CA1] Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dear All I want to know if there is any free source PEP ( performance enhanced proxy ) implemented on FreeBSD or other UnixBased systems ? THANX _________________________________________________________________ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 15 10: 6:37 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9CDE537B404 for ; Fri, 15 Nov 2002 10:06:36 -0800 (PST) Received: from duke.cs.duke.edu (duke.cs.duke.edu [152.3.140.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 92A0243E75 for ; Fri, 15 Nov 2002 10:06:32 -0800 (PST) (envelope-from gallatin@cs.duke.edu) Received: from grasshopper.cs.duke.edu (grasshopper.cs.duke.edu [152.3.145.30]) by duke.cs.duke.edu (8.9.3/8.9.3) with ESMTP id NAA22651; Fri, 15 Nov 2002 13:06:31 -0500 (EST) Received: (from gallatin@localhost) by grasshopper.cs.duke.edu (8.11.6/8.9.1) id gAFI61U54811; Fri, 15 Nov 2002 13:06:01 -0500 (EST) (envelope-from gallatin@cs.duke.edu) From: Andrew Gallatin MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15829.14217.577949.84752@grasshopper.cs.duke.edu> Date: Fri, 15 Nov 2002 13:06:01 -0500 (EST) To: Petri Helenius Cc: freebsd-net@freebsd.org Subject: Re: em0 under CURRENT In-Reply-To: <3DD29165.8010904@he.iki.fi> References: <3DD29165.8010904@he.iki.fi> X-Mailer: VM 6.75 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Petri Helenius writes: > options upped the performance to ~300Mbps:ish while 4.7-STABLE gives twice > that using the same application. The machine is 2.4GHz Dual P4. > Yes, -current is much, much slower for networking than -STABLE. This is because at this point, network drivers have paid all the cost for medium-grained locking (interrupts as kernel threads, mutexes all over the place, etc), but network drivers cannot take advantage of any of this yet. I think the last bottleneck to get network drivers out from under Giant is the VM system. Currently, when a network driver allocates an mbuf or mbuf cluster, it must hold Giant. This is because the mbuf allocator may need to call into the VM system to allocate more memory. If this could be solved (via either bringing the VM system out from under Giant, or by having some sort of thread to handle mbuf allocations asynchronously in a different context), I think -current would be almost as fast as -stable for networking. FWIW, I see 1875Mb/sec on 4.5-STABLE and 1200Mb/sec on -current with my Myrinet GM driver on Dual 1GHz PIIIs. This is with zero-copy sends enabled on -current. Since P4's have gobs of memory bandwidth, I doubt zero-copy sends would help you very much. Drew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 15 10:36:53 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B285837B401 for ; Fri, 15 Nov 2002 10:36:51 -0800 (PST) Received: from 66-162-33-178.gen.twtelecom.net (66-162-33-178.gen.twtelecom.net [66.162.33.178]) by mx1.FreeBSD.org (Postfix) with ESMTP id 65FBE43E6E for ; Fri, 15 Nov 2002 10:36:51 -0800 (PST) (envelope-from jeff@expertcity.com) Received: from [10.4.1.134] (helo=expertcity.com) by 66-162-33-178.gen.twtelecom.net with esmtp (Exim 3.22 #4) id 18ClKf-0001hz-00; Fri, 15 Nov 2002 10:36:45 -0800 Message-ID: <3DD53EBC.4040204@expertcity.com> Date: Fri, 15 Nov 2002 10:36:44 -0800 From: Jeff Behl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2a) Gecko/20020910 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Guy Helmer Cc: freebsd-net@FreeBSD.ORG Subject: Re: polling on 4.7 crash... References: <001301c28c52$d69bb210$0200000a@spencer> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Great! I've instaleld rev. 1.110.2.27 so we'll see how it fares. Thanks much! Jeff Guy Helmer wrote: > Jeff Behl wrote: > >>FreeBSD rack1-5.nwk 4.7-RELEASE-p1 FreeBSD 4.7-RELEASE-p1 #1: Tue Nov > > 12 > >>10:37:37 PST 2002 >>root@rack1-5.nwk:/usr/src/sys/compile/GENERIC2 i386 >> >>Has anyone had problems with polling on a 4.7 box? It worked >>for about >>24 hours then blew up with the below. While it worked it worked >>fantastically, dropping cpu time spent in interrupt from ~%40 to %0. >> >>The system was using the fxp driver and was sniffing a fully saturated >>100mb line while doing very little trasnmitting of data >>itself. I don't >>see how HUPing syslogd could have caused it, but it did happen at the >>same time. > > > Yes, Ian Dowse just committed a fix to if_fxp.c in 4.7-stable (and > previously, to -current) that solved this problem with the fxp driver. > Look for rev. 1.110.2.27 of if_fxp.c > (http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/fxp/if_fxp.c) or > cvsup the updates. > > Hope this helps, > Guy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 15 11:45: 7 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A2C237B401 for ; Fri, 15 Nov 2002 11:45:06 -0800 (PST) Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id D978343E3B for ; Fri, 15 Nov 2002 11:45:05 -0800 (PST) (envelope-from archie@dellroad.org) Received: from arch20m.dellroad.org (arch20m.dellroad.org [10.1.1.20]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id LAA36112; Fri, 15 Nov 2002 11:42:33 -0800 (PST) Received: from arch20m.dellroad.org (localhost [127.0.0.1]) by arch20m.dellroad.org (8.12.6/8.12.6) with ESMTP id gAFJgXOS036124; Fri, 15 Nov 2002 11:42:33 -0800 (PST) (envelope-from archie@arch20m.dellroad.org) Received: (from archie@localhost) by arch20m.dellroad.org (8.12.6/8.12.6/Submit) id gAFJgX1H036123; Fri, 15 Nov 2002 11:42:33 -0800 (PST) From: Archie Cobbs Message-Id: <200211151942.gAFJgX1H036123@arch20m.dellroad.org> Subject: Re: MPD UDP setup In-Reply-To: <200211150840.gAF8eNri047989@wattres.Watt.COM> To: Steve Watt Date: Fri, 15 Nov 2002 11:42:32 -0800 (PST) Cc: net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Steve Watt wrote: > When I try to start mpd, I get the following in my error > log, and don't see anything bound to UDP:3141... > > Nov 14 23:57:59 wattres mpd: [netremote] can't bind ksocket node: Invalid argument Are your netgraph modules up-to-date and kernel in sync? What happens when you run ngctl(8) and enter these commands? Replace "X.X.X.X" with your globally visible address. + mkpeer ksocket sock inet/dgram/udp + msg sock bind inet/X.X.X.X:3141 If that works, then try enabling netgraph debugging in mpd and ngctl and compare the messages going back & forth. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 15 12:28:51 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4DF5937B401 for ; Fri, 15 Nov 2002 12:28:47 -0800 (PST) Received: from wattres.Watt.COM (dsl093-133-130.sfo2.dsl.speakeasy.net [66.93.133.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id C2EB243E42 for ; Fri, 15 Nov 2002 12:28:46 -0800 (PST) (envelope-from steve@Watt.COM) Received: (from steve@localhost) by wattres.Watt.COM (8.12.6/8.12.6) id gAFKSjbq030789; Fri, 15 Nov 2002 12:28:45 -0800 (PST) (envelope-from steve) Message-Id: <200211152028.gAFKSjbq030789@wattres.Watt.COM> From: steve@Watt.COM (Steve Watt) Date: Fri, 15 Nov 2002 12:28:45 -0800 In-Reply-To: Archie Cobbs "Re: MPD UDP setup" (Nov 15, 11:42) X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Archie Cobbs Subject: Re: MPD UDP setup Cc: net@FreeBSD.ORG Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Nov 15, 11:42, Archie Cobbs wrote: } Subject: Re: MPD UDP setup } Steve Watt wrote: } > When I try to start mpd, I get the following in my error } > log, and don't see anything bound to UDP:3141... } > } > Nov 14 23:57:59 wattres mpd: [netremote] can't bind ksocket node: Invalid argument } } Are your netgraph modules up-to-date and kernel in sync? Yup. Did a full upgrade yesterday afternoon, including mpd 3.10. } What happens when you run ngctl(8) and enter these commands? } Replace "X.X.X.X" with your globally visible address. } } + mkpeer ksocket sock inet/dgram/udp } + msg sock bind inet/X.X.X.X:3141 That looks like it works. Can't figure out how to delete the new node, though. Oh, nevermind, it went away with the ngctl session. } If that works, then try enabling netgraph debugging in mpd } and ngctl and compare the messages going back & forth. Well, they're different, but I'm not good enough friends with netgraph to figure out what's making it unhappy. ngctl sayeth: - - - 8< - - - + mkpeer ksocket sock inet/dgram/udp ngctl: SENDING MESSAGE: ngctl: SOCKADDR: { fam=32 len=4 addr="." } ngctl: NG_MESG : ngctl: vers 2 ngctl: arglen 48 ngctl: flags 0 ngctl: token 1 ngctl: cookie GENERIC (851672668) ngctl: cmd 2 ngctl: args (48 bytes) ngctl: 0000: 6b 73 6f 63 6b 65 74 00 00 aa 04 08 dc cd bf bf ksocket......... ngctl: 0010: 73 6f 63 6b 00 32 06 28 04 00 00 00 9c c5 bf bf sock.2.(........ ngctl: 0020: 69 6e 65 74 2f 64 67 72 61 6d 2f 75 64 70 00 bf inet/dgram/udp.. + msg sock bind inet/66.93.133.130:3141 ngctl: SENDING MESSAGE: ngctl: SOCKADDR: { fam=32 len=7 addr="sock" } ngctl: NG_MESG : ngctl: vers 2 ngctl: arglen 60 ngctl: flags 0 ngctl: token 2 ngctl: cookie GENERIC (851672668) ngctl: cmd 13 ngctl: args (60 bytes) ngctl: 0000: 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ ngctl: 0010: 00 00 00 00 62 69 6e 64 00 00 00 00 00 00 00 00 ....bind........ ngctl: 0020: 00 00 00 00 69 6e 65 74 2f 36 36 2e 39 33 2e 31 ....inet/66.93.1 ngctl: 0030: 33 33 2e 31 33 30 3a 33 31 34 31 00 33.130:3141. ngctl: RECEIVED RESPONSE: ngctl: SOCKADDR: { fam=32 len=7 addr="sock" } ngctl: NG_MESG : ngctl: vers 2 ngctl: arglen 52 ngctl: flags 1 ngctl: token 2 ngctl: cookie GENERIC (851672668) ngctl: cmd 13 ngctl: args (52 bytes) ngctl: 0000: 00 00 10 00 00 00 00 00 00 00 00 00 8d 9f 30 38 ..............08 ngctl: 0010: 01 00 00 00 62 69 6e 64 00 00 00 00 00 00 00 00 ....bind........ ngctl: 0020: 00 00 00 00 10 02 0c 45 42 5d 85 82 00 00 00 00 .......EB]...... ngctl: 0030: 00 00 00 00 .... ngctl: SENDING MESSAGE: ngctl: SOCKADDR: { fam=32 len=7 addr="sock" } ngctl: NG_MESG : ngctl: vers 0 ngctl: arglen 16 ngctl: flags 0 ngctl: token 3 ngctl: cookie KSOCKET (942710669) ngctl: cmd 1 ngctl: args (16 bytes) ngctl: 0000: 10 02 0c 45 42 5d 85 82 00 00 00 00 00 00 00 00 ...EB].......... + quit - - - >8 - - - And mpd says: - - - 8< - - - [netremote:netremote] set debug 5 [netremote:netremote] open [netremote] IFACE: Open event [netremote] IPCP: Open event [netremote] IPCP: state change Initial --> Starting [netremote] IPCP: LayerStart [netremote:netremote] [netremote] bundle: OPEN event in state CLOSED [netremote] opening link "netremote"... [netremote] link: OPEN event [netremote] LCP: Open event [netremote] LCP: state change Initial --> Starting [netremote] LCP: LayerStart [netremote] device: OPEN event in state DOWN [netremote] netgraph: SENDING MESSAGE: [netremote] netgraph: SOCKADDR: { fam=32 len=9 addr="bypass" } [netremote] netgraph: NG_MESG : [netremote] netgraph: vers 2 [netremote] netgraph: arglen 48 [netremote] netgraph: flags 0 [netremote] netgraph: token 63 [netremote] netgraph: cookie GENERIC (851672668) [netremote] netgraph: cmd 2 [netremote] netgraph: args (48 bytes) [netremote] netgraph: 0000: 6b 73 6f 63 6b 65 74 00 4e 27 07 08 00 00 00 00 ksocket.N'...... [netremote] netgraph: 0010: 6c 69 6e 6b 30 00 00 00 81 e0 06 08 00 00 00 00 link0........... [netremote] netgraph: 0020: 69 6e 65 74 2f 64 67 72 61 6d 2f 75 64 70 00 00 inet/dgram/udp.. [netremote] netgraph: SENDING MESSAGE: [netremote] netgraph: SOCKADDR: { fam=32 len=15 addr="bypass.link0" } [netremote] netgraph: NG_MESG : [netremote] netgraph: vers 2 [netremote] netgraph: arglen 16 [netremote] netgraph: flags 0 [netremote] netgraph: token 64 [netremote] netgraph: cookie KSOCKET (942710669) [netremote] netgraph: cmd 1 [netremote] netgraph: args (16 bytes) [netremote] netgraph: 0000: 00 02 0c 45 42 5d 85 82 00 00 00 00 00 00 00 00 ...EB].......... [netremote] netgraph: sendto(bypass.link0): Invalid argument [netremote] can't bind ksocket node: Invalid argument *** aha! Maybe... [netremote] netgraph: SENDING MESSAGE: [netremote] netgraph: SOCKADDR: { fam=32 len=9 addr="bypass" } [netremote] netgraph: NG_MESG : [netremote] netgraph: vers 2 [netremote] netgraph: arglen 16 [netremote] netgraph: flags 0 [netremote] netgraph: token 65 [netremote] netgraph: cookie GENERIC (851672668) [netremote] netgraph: cmd 5 [netremote] netgraph: args (16 bytes) [netremote] netgraph: 0000: 6c 69 6e 6b 30 00 04 08 6c ef bf bf 10 00 00 00 link0...l....... [netremote] device is now in state OPENING [netremote] device: DOWN event in state OPENING [netremote] device is now in state DOWN [netremote] link: DOWN event [netremote] LCP: Down event [netremote] device: OPEN event in state DOWN [netremote] pausing 9 seconds before open [netremote] device is now in state DOWN close [netremote] IFACE: Close event [netremote] IPCP: Close event [netremote] IPCP: state change Starting --> Initial [netremote] IPCP: LayerFinish [netremote:netremote] [netremote] bundle: CLOSE event in state OPENED [netremote] closing link "netremote"... [netremote] link: CLOSE event [netremote] LCP: Close event [netremote] LCP: state change Starting --> Initial [netremote] LCP: LayerFinish [netremote] device: CLOSE event in state DOWN [netremote] device is now in state DOWN - - - >8 - - - My *** aha! is that the sin_len in the sockaddr_in being sent with the bind request is 0. Lemme go hack and see if that's the problem. Steve -- Steve Watt KD6GGD PP-ASEL-IA ICBM: 121W 56' 57.8" / 37N 20' 14.9" Internet: steve @ Watt.COM Whois: SW32 Free time? There's no such thing. It just comes in varying prices... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 15 12:39:22 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CDFD837B404 for ; Fri, 15 Nov 2002 12:39:21 -0800 (PST) Received: from wattres.Watt.COM (dsl093-133-130.sfo2.dsl.speakeasy.net [66.93.133.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 746DA43E42 for ; Fri, 15 Nov 2002 12:39:21 -0800 (PST) (envelope-from steve@Watt.COM) Received: (from steve@localhost) by wattres.Watt.COM (8.12.6/8.12.6) id gAFKdKYs032114; Fri, 15 Nov 2002 12:39:20 -0800 (PST) (envelope-from steve) Message-Id: <200211152039.gAFKdKYs032114@wattres.Watt.COM> From: steve@Watt.COM (Steve Watt) Date: Fri, 15 Nov 2002 12:39:20 -0800 In-Reply-To: steve@wattres.Watt.COM (Steve Watt) "Re: MPD UDP setup" (Nov 15, 12:28) X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Archie Cobbs Subject: Re: MPD UDP setup Cc: net@FreeBSD.ORG Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Nov 15, 12:28, Steve Watt wrote: } } My *** aha! is that the sin_len in the sockaddr_in being sent with the } bind request is 0. Lemme go hack and see if that's the problem. Setting the sin_len in both the bind request and the connect call made it get a hair farther -- now I get [netremote] can't connect ksocket node: Operation now in progress But I still don't see anything on port 3141 with netstat. Hmph. -- Steve Watt KD6GGD PP-ASEL-IA ICBM: 121W 56' 57.8" / 37N 20' 14.9" Internet: steve @ Watt.COM Whois: SW32 Free time? There's no such thing. It just comes in varying prices... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 16 10:24:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B3F137B401 for ; Sat, 16 Nov 2002 10:24:31 -0800 (PST) Received: from cygnus.theblackmoor.net (theblackmoor.net [63.170.133.254]) by mx1.FreeBSD.org (Postfix) with ESMTP id A12A843E4A for ; Sat, 16 Nov 2002 10:24:24 -0800 (PST) (envelope-from drogoh@necessary-evil.org) Received: from deception.hax0red.us (drogoh@dsl19.wk.net [208.137.160.22]) by cygnus.theblackmoor.net (8.12.1/8.12.1) with SMTP id gAGIOCWt020856 for ; Sat, 16 Nov 2002 13:24:16 -0500 Date: Sat, 16 Nov 2002 12:24:10 -0600 From: drogoh To: net@freebsd.org Subject: ping6 ::1 -> No route to host Message-Id: <20021116122410.17819bfc.drogoh@necessary-evil.org> X-Mailer: Sylpheed version 0.8.5 (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I've been trying to setup an IPv6 tunnel and I believe I have everything setup for the tunnel, but I keep getting no route to host when I use ping6/traceroute6. I first thought it was something wrong with ppp, but I investigated further and I'm unable to ping6 ::1. Here are the outputs from uname -a, ifconfig -a, and netstat -rn -f inet6. Please pardon the long mail. :-) FreeBSD deception 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Thu Nov 7 06:34:32 CST 2002 drogoh@deception:/usr/obj/usr/src/sys/DECEPTION i386 dc0: flags=8843 mtu 1500 inet6 fe80::204:5aff:fe71:759b%dc0 prefixlen 64 scopeid 0x1 inet6 3ffe:b80:1056:1::1 prefixlen 64 inet 0.0.0.0 netmask 0xff000000 broadcast 0.255.255.255 ether 00:04:5a:71:75:9b media: Ethernet autoselect (10baseT/UTP) status: active lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 tun0: flags=8051 mtu 1492 inet 208.137.160.22 --> 208.137.160.1 netmask 0xffffff00 Opened by PID 26848 tun1: flags=8010 mtu 1500 gif0: flags=8051 mtu 1280 tunnel inet 208.137.160.22 --> 206.123.31.114 inet6 3ffe:b80:2:bfd5::2 --> 3ffe:b80:2:bfd5::1 prefixlen 128 inet6 fe80::204:5aff:fe71:759b%gif0 prefixlen 64 scopeid 0x5 gif1: flags=8051 mtu 1280 tunnel inet 208.137.160.22 --> 213.253.1.201 inet6 2001:618:4:2000::a4b --> 2001:618:4:2000::a4c prefixlen 128 inet6 fe80::204:5aff:fe71:759b%gif1 prefixlen 64 scopeid 0x7 Routing tables Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRSc lo0 => default 3ffe:b80:2:bfd5::1 UGSc gif0 ::1 ::1 UH lo0 ::ffff:0.0.0.0/96 ::1 UGRSc lo0 2001:618:4:2000::a4b link#7 UHL lo0 2001:618:4:2000::a4c 2001:618:4:2000::a4b UH gif1 3ffe:b80:2:bfd5::1 3ffe:b80:2:bfd5::2 UH gif0 3ffe:b80:2:bfd5::2 link#5 UHL lo0 3ffe:b80:1056::/48 lo0 USc lo0 3ffe:b80:1056:1::/64 link#1 UC dc0 3ffe:b80:1056:1::1 00:04:5a:71:75:9b UHL lo0 fe80::/10 ::1 UGRSc lo0 fe80::%dc0/64 link#1 UC dc0 fe80::204:5aff:fe71:759b%dc0 00:04:5a:71:75:9b UHL lo0 fe80::%lo0/64 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%gif0/64 link#5 UC gif0 fe80::204:5aff:fe71:759b%gif0 link#5 UHL lo0 fe80::%gif1/64 link#7 UC gif1 fe80::204:5aff:fe71:759b%gif1 link#7 UHL lo0 ff01::/32 ::1 U lo0 ff02::/16 ::1 UGRS lo0 ff02::%dc0/32 link#1 UC dc0 ff02::%lo0/32 ::1 UC lo0 ff02::%tun0/32 fe80::204:5aff:fe71:759b%tun0 UC tun0 ff02::%gif0/32 link#5 UC gif0 ff02::%tun1/32 fe80::204:5aff:fe71:759b%tun1 UC tun1 ff02::%gif1/32 link#7 UC gif1 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 16 12:38:16 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 26B5337B401 for ; Sat, 16 Nov 2002 12:38:16 -0800 (PST) Received: from kirk.rvdp.org (node147c0.a2000.nl [24.132.71.192]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7C6BA43E3B for ; Sat, 16 Nov 2002 12:38:06 -0800 (PST) (envelope-from rvdp@rvdp.org) Received: (from rvdp@localhost) by kirk.rvdp.org (8.11.6/8.11.6) id gAGKbo608599; Sat, 16 Nov 2002 21:37:50 +0100 (CET) Date: Sat, 16 Nov 2002 21:37:50 +0100 From: Ronald van der Pol To: drogoh Cc: net@FreeBSD.ORG Subject: Re: ping6 ::1 -> No route to host Message-ID: <20021116203750.GA8450@rvdp.org> References: <20021116122410.17819bfc.drogoh@necessary-evil.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021116122410.17819bfc.drogoh@necessary-evil.org> User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Nov 16, 2002 at 12:24:10 -0600, drogoh wrote: > I've been trying to setup an IPv6 tunnel and I believe I have everything setup for the tunnel, but I keep getting no route to host when I use ping6/traceroute6. I first thought it was something wrong with ppp, but I investigated further and I'm unable to ping6 ::1. Here are the outputs from uname -a, ifconfig -a, and netstat -rn -f inet6. Please pardon the long mail. :-) > > FreeBSD deception 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Thu Nov 7 06:34:32 CST 2002 drogoh@deception:/usr/obj/usr/src/sys/DECEPTION i386 Check firewalling. I think IPv6 ipfilter is blocking by default. rvdp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message