From owner-freebsd-isp Sun Nov 17 01:29:59 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id BAA08596 for isp-outgoing; Sun, 17 Nov 1996 01:29:59 -0800 (PST) Received: from mail001.mediacity.com (mail001.mediacity.com [206.24.105.68]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id BAA08583 for ; Sun, 17 Nov 1996 01:29:53 -0800 (PST) From: brian@mediacity.com Received: (qmail-queue invoked from smtpd); 17 Nov 1996 09:29:48 -0000 Received: from home001.mediacity.com (HELO mediacity.com) (206.24.105.66) by mail001.mediacity.com with SMTP; 17 Nov 1996 09:29:48 -0000 Received: (qmail-queue invoked by uid 100); 17 Nov 1996 09:29:41 -0000 Message-ID: <19961117092941.19075.qmail@mediacity.com> Subject: Re: changed to: Frac T3? To: dennis@etinc.com (dennis) Date: Sun, 17 Nov 1996 01:29:41 -0800 (PST) Cc: isp@FreeBSD.org In-Reply-To: <199611152232.RAA06688@etinc.com> from dennis at "Nov 15, 96 05:32:10 pm" Reply-To: brian@mediacity.com X-Mailer: ELM [version 2.4ME+ PL22 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk dennis wrote: > Gee...what I was hoping to get is what people need.....is there a substantial > fractional T3 requirement? or does everyone need/want full T3? Would anyone > buy a 32Mbs card, or is it a waste if it doesnt to full t3? It seems that > there should > be a market for relatively low-speed fiber....increasing the clock rate as > you need > bandwidth. 20 T1s is a lot of bandwidth. I don't know of the market is substantial, but if someone would sell me a 25Mbit serial port which works under FreeBSD I would order two today and many more tommorrow. -- Brian Litzinger Powered by FreeBSD http[s]://www.mpress.com From owner-freebsd-isp Sun Nov 17 08:13:04 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA08493 for isp-outgoing; Sun, 17 Nov 1996 08:13:04 -0800 (PST) Received: from buffnet4.buffnet.net (root@buffnet4.buffnet.net [205.246.19.13]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA08475 for ; Sun, 17 Nov 1996 08:12:53 -0800 (PST) Received: from buffnet1.buffnet.net (mmdf@buffnet1.buffnet.net [205.246.19.10]) by buffnet4.buffnet.net (8.6.12/8.6.9) with SMTP id LAA11738 for ; Sun, 17 Nov 1996 11:14:30 GMT Received: from buffnet11.buffnet.net by buffnet1.buffnet.net id aa13314; 17 Nov 96 11:19 EST Date: Sun, 17 Nov 1996 11:19:46 -0500 (EST) From: Steve To: Ricardo Kleemann cc: FreeBSD ISP list Subject: Re: weird error with NFS In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Sat, 16 Nov 1996, Ricardo Kleemann wrote: > Hi, > > I have a file system mounted over NFS (/home directory). > Anyway, if I'm a user I can go into my home directory and make changes. > However, AS ROOT I keep getting "Permission Denied"! A check on permissions > reports nothing out of the ordinary. NFS will map root as nobody, unless you export it as maproot=root From owner-freebsd-isp Sun Nov 17 08:20:12 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA09315 for isp-outgoing; Sun, 17 Nov 1996 08:20:12 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA09253 for ; Sun, 17 Nov 1996 08:19:52 -0800 (PST) Received: from et.htp.com (et.htp.com [199.171.4.228]) by etinc.com (8.6.12/8.6.9) with SMTP id LAA21381; Sun, 17 Nov 1996 11:26:07 -0500 Date: Sun, 17 Nov 1996 11:26:07 -0500 Message-Id: <199611171626.LAA21381@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > Cisco IOS is hacked unix also.... > >Sorry, no, it's not. So you're saying it was written from scratch, and has no unix origins? It clearly bears little resemblance at this time, but sources who should know indicate otherwise......from that thing they sold with the vacuum cleaner motor in the early days which was much more clearly unix the evolution seems to make sense. It really doesn't matter, and we both have better things to do than argue about it...its not a general release OS (as Freebsd is) so its just not important. dennis From owner-freebsd-isp Sun Nov 17 16:11:24 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA23983 for isp-outgoing; Sun, 17 Nov 1996 16:11:24 -0800 (PST) Received: from noc.msc.edu (noc.msc.edu [137.66.12.254]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id QAA23949 for ; Sun, 17 Nov 1996 16:11:02 -0800 (PST) Received: from uc.msc.edu by noc.msc.edu (5.65/MSC/v3.0.1(920324)) id AA22693; Sun, 17 Nov 96 18:09:34 -0600 Received: from fergus-2.dialup.prtel.com by uc.msc.edu (5.65/MSC/v3.0z(901212)) id AA12920; Sun, 17 Nov 96 18:09:31 -0600 Received: (from alk@localhost) by compound.Think.COM (8.8.2/8.7.3) id SAA01198; Sun, 17 Nov 1996 18:09:27 -0600 (CST) Date: Sun, 17 Nov 1996 18:09:27 -0600 (CST) From: Tony Kimball Message-Id: <199611180009.SAA01198@compound.Think.COM> To: jgreco@brasil.moneng.mei.com Cc: dennis@etinc.com, dror@dnai.com, isp@freebsd.org Subject: Re: changed to: Frac T3? References: <199611152031.PAA05879@etinc.com> <199611152127.PAA29032@brasil.moneng.mei.com> Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Quoth Joe Greco on Fri, 15 November: : I was reliably routing 5000pps the other day on a Pentium 100... : and it did not seem particularly stressed out. Has anyone constructed a performance model for routing on x86 hardware? You only need to improve this performance by a factor of 3.4 in order to attain Dennis' magic 17 kpps. That does not seem very far out. From owner-freebsd-isp Sun Nov 17 16:16:09 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA24387 for isp-outgoing; Sun, 17 Nov 1996 16:16:09 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA24347 for ; Sun, 17 Nov 1996 16:15:45 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id SAA01511; Sun, 17 Nov 1996 18:13:30 -0600 From: Joe Greco Message-Id: <199611180013.SAA01511@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: alk@Think.COM (Tony Kimball) Date: Sun, 17 Nov 1996 18:13:30 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, dennis@etinc.com, dror@dnai.com, isp@freebsd.org In-Reply-To: <199611180009.SAA01198@compound.Think.COM> from "Tony Kimball" at Nov 17, 96 06:09:27 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Quoth Joe Greco on Fri, 15 November: > : I was reliably routing 5000pps the other day on a Pentium 100... > : and it did not seem particularly stressed out. > > Has anyone constructed a performance model for routing on x86 > hardware? You only need to improve this performance by a factor > of 3.4 in order to attain Dennis' magic 17 kpps. That does not > seem very far out. No, I have a bad habit of routing on low end equipment... But I agree... if a P100 can do 5000pps, what can a PP200 do :-) ... JG From owner-freebsd-isp Sun Nov 17 18:02:44 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA29870 for isp-outgoing; Sun, 17 Nov 1996 18:02:44 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id SAA29865 for ; Sun, 17 Nov 1996 18:02:36 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id VAA24485; Sun, 17 Nov 1996 21:07:01 -0500 Date: Sun, 17 Nov 1996 21:07:01 -0500 Message-Id: <199611180207.VAA24485@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Joe Greco From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk J. Greco writes... >No, I have a bad habit of routing on low end equipment... > >But I agree... if a P100 can do 5000pps, what can a PP200 do :-) Perhaps if Joe would describe this test it would be a good start. Anyone have a feel for the avg packet size over a typical backbone link? A T3 with an avg packet size of 500 bytes is 21000pps full duplex...I suspect the ave packet size may be smaller with lots of dialup traffic..... dennis From owner-freebsd-isp Sun Nov 17 21:42:42 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA12677 for isp-outgoing; Sun, 17 Nov 1996 21:42:42 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA12657 for ; Sun, 17 Nov 1996 21:42:25 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id XAA01714; Sun, 17 Nov 1996 23:41:20 -0600 From: Joe Greco Message-Id: <199611180541.XAA01714@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: dennis@etinc.com (dennis) Date: Sun, 17 Nov 1996 23:41:18 -0600 (CST) Cc: isp@freebsd.org In-Reply-To: <199611180207.VAA24485@etinc.com> from "dennis" at Nov 17, 96 09:07:01 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > J. Greco writes... > > > >No, I have a bad habit of routing on low end equipment... > > > >But I agree... if a P100 can do 5000pps, what can a PP200 do :-) > > Perhaps if Joe would describe this test it would be a good start. I did, briefly, already. System: ASUS P/I-P55T2P4, P100 CPU, 16MB RAM, Znyx 314 quad DE21040 ethernet, NE2000 ethernet. Normal traffic load: 400pps. trantor% netstat -I ed0 -b 10 | cut -c61-120 input (Total) output packets errs bytes packets errs bytes colls 103696372 5990 3192031736 104078666 0 3144425590 260844 3438 0 1349683 3443 0 1347715 94 3945 0 1468394 3948 0 1466061 118 3344 0 1234913 3352 0 1233600 95 3478 0 1264837 3483 0 1262795 152 4872 0 1859850 4877 0 1857370 178 3469 0 1277983 3473 0 1275461 145 3649 0 1417299 3653 0 1415398 223 3055 0 1176986 3061 0 1175475 177 4307 0 1678561 4311 0 1676535 188 5142 0 2138517 5147 0 2135524 122 Client 1: ping from an ASUS P100/DE21041 to an ASUS SP3G/DE21041 traversing two of trantor's 'de' interfaces. hummin# ping -f 206.55.64.254 (now back to trantor) 4764 0 1627137 4769 0 1624997 129 16846 0 2849899 16853 0 2847445 507 21053 0 3050225 21062 0 3048870 574 21920 0 3340778 21926 0 3337597 880 21654 0 3087022 21658 0 3085220 659 Client 2: add a ping from an ASUS SP3G to an ASUS P100/DE21041, same machines, other direction. tazenda# ping -f 204.95.172.243 (now back to trantor) 21525 0 3219253 21530 0 3217139 790 20864 0 2902915 20869 0 2900088 604 32442 0 4057497 32447 0 4055258 1664 34969 0 4610889 34974 0 4608259 2409 34630 0 4362398 34631 0 4360598 2072 36529 0 4495033 36537 0 4493280 2285 Ummm.. collisions are getting high. Unfortunately I do not have a lot more in terms of "fast machines" to hammer on this... right now I can squeeze it up to about 3900pps, with about 48% idle CPU, but also running some traffic through the NE2000 interface to get some other "fast" machines involved. 39173 0 4998716 39178 0 4996554 2666 38726 0 5052015 38730 0 5050544 2791 39024 0 5114201 39031 0 5111263 2873 40068 0 5043406 40073 0 5040965 2736 41134 0 5092456 41143 0 5089235 2677 39956 0 5046334 39961 0 5044636 2608 I would have to go set up a machine or two in order to push past this. However, considering that the NE2000 was contributing 600pps to the above numbers, I am assuming that a lot of the CPU was getting chewed by it. I am sorry I can't do any faster right now :-) This is a production network and I just don't have the hardware online to try to beat on a router right now. > Anyone have a feel for the avg packet size over a typical backbone > link? A T3 with an avg packet size of 500 bytes is 21000pps full > duplex...I suspect the ave packet size may be smaller with lots > of dialup traffic..... I tend to see an average of about 350 bytes. ... JG From owner-freebsd-isp Sun Nov 17 21:44:18 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA12787 for isp-outgoing; Sun, 17 Nov 1996 21:44:18 -0800 (PST) Received: from news.interworld.net (news.interworld.net [206.124.224.6]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA12741 for ; Sun, 17 Nov 1996 21:44:03 -0800 (PST) Received: (from pete@localhost) by news.interworld.net (8.7.5/8.7.3) id VAA06806; Sun, 17 Nov 1996 21:43:59 -0800 (PST) To: freebsd-isp@freebsd.org Path: news.interworld.net!not-for-mail From: pete@news.interworld.net (Peter Carah) Newsgroups: freebsd.isp Subject: Re: bang bang bang bang - lame lame lame lame Date: 17 Nov 1996 21:43:58 -0800 Organization: InterWorld Communications Lines: 69 Distribution: fbsd Message-ID: <56ot2u$6kh@news.interworld.net> References: <199611131751.LAA23456@brasil.moneng.mei.com> Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In article <199611131751.LAA23456@brasil.moneng.mei.com>, Joe Greco wrote: >> So, while the telcos beat their heads into the wall trying to figure >> out some way of getting their cooshie monopolies back, I was >> thinking... >Well, let's see. >16M color support would require 3 bytes per bit, and at 786432 bits >per screen and 30 frames per second that is 70,778,880 bytes per >second. The MPEG advocates will try to convince me that they can >reduce that by an order of magnitude, so at 7,077,888 bytes per >second, that is hypothetically possible from a strictly network >bandwidth point of view. OK - I happen to work in MPEG compression; we routinely do cable TV compressions at 3.5mBIT/sec (picture only, at 1/4 frame (320x240) res; full NTSC res takes only about 4-5 mbit/sec for surprisingly good quality on most material. DSS is normally running at less than that for both pix and audio combined (and can be varied at will by the uplink folks :-). Double res in both dimensions won't increase the mpeg stream bit rate by 4x for equivalent visual quality. (also for movies, consider how many folks are satisfied to rent EP VHS tapes; 4mbit 1/4 res mpeg is usually better looking :-) Much mpeg encoding does take advantage of the fact that the real frame rate often isn't 30fps; it is 24 for all (current) movies and many other non-sports programs.. (and NOT 30fps for live video; you have to encode the fields separately so you get 60fps of half-res frames. Guess why DSS charges more for good sports time...) (D1 digital video is about 280mbits/sec, but if you really only send 24fps and 720x486 with subsampled color, it comes out to 134mbits at current byte sizes; so mpeg is getting 2-3 times better than 10% of this.) >To decode it in real time, however, and display it, would probably >require a very very fast machine... Now talking of NTSC or PAL resolution - IBM has a single chip decoder and 2 or 3-chip encoder at full video rate and resolution; The max encoded rate for that one is around 40mbits (per their web site; it's a little hard for me to believe). Normal encodings are around 4-5; CDI uses 1.2 mbit mpeg1 (and looks pretty bad accordingly)... Several others make similar chipsets. If you try to decode mpeg in a gp computer, it'd better be blazing fast, though; I do sample decodes on a (Ross-equipped) sparc 20 and get just over a frame per second using the "reference" mpeg2play. The asic's do lots of things in parallel. The expensive part would be the display itself. Remember the only part of our computer systems that hasn't come down by half in the last year or two :-) Your 1024x768x16mx60hz display will be several hundred $ by itself at 15 inch, and _lots_ more if 27 inch. >Lower resolutions might be much more workable. Conventional television >is much lower resolution than 1024x768. 720x486 for component digital and 646x486 for square-pixel digitized "analog". Comes out to 700k (8 or 10 bit) bytes per frame in 4:2:2 component digital, uncompressed. (4:2:2 is a fancy code for undersampled color and interlaced luminance :-) Double that res would probably be workable in a single-chip decoder in today's asic technology; ask the folks working on HDTV. Encoders are another story. -- Pete From owner-freebsd-isp Sun Nov 17 22:22:51 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id WAA15127 for isp-outgoing; Sun, 17 Nov 1996 22:22:51 -0800 (PST) Received: from news.interworld.net (news.interworld.net [206.124.224.6]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id WAA15105 for ; Sun, 17 Nov 1996 22:22:22 -0800 (PST) Received: (from pete@localhost) by news.interworld.net (8.7.5/8.7.3) id WAA09805; Sun, 17 Nov 1996 22:22:13 -0800 (PST) To: freebsd-isp@freebsd.org Path: news.interworld.net!not-for-mail From: pete@news.interworld.net (Peter Carah) Newsgroups: freebsd.isp Subject: Re: bang bang bang bang - lame lame lame lame Date: 17 Nov 1996 22:22:12 -0800 Organization: InterWorld Communications Lines: 80 Distribution: fbsd Message-ID: <56ovak$9i8@news.interworld.net> References: <7574.847917312@time.cdrom.com> Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In article <7574.847917312@time.cdrom.com>, Jordan K. Hubbard wrote: > >Standard PAL resolution - we're not talking HDTV here, simply a way of >playing movies from a CD on your TV (and CDs take up much less >space than VHS tape, are more robust, don't stretch or get eaten >by your neighbor's mutant Croatian VCR, etc etc etc.). >I think the thing that's really blocked this technology from taking >off in the home consumer market is the fact that most movies require >two CDs, and fat, lazy american consumers don't like having to get up >in the middle of the movie and swap CDs. Now that the high density >CDs are coming in (Walnut Creek CDROM is getting some of the first >writers for them, in fact) this could change significantly and I could >easily see the entire "I Claudius" PBS special fitting onto a single >4GB CDROM. :-) 4.5 per layer, up to 4 layers... Mastering is tricky, too... Most lazy american consumers I know like EP-mode VHS (or don't know better?) Decent rate MPEG requires more than 2 cds per movie; the fairly slow rate that we used to encode ppv at was about 1/2 gig per 20 minutes. DVD should help this a bunch... >> The last I heard, most "real time MPEG" stuff worked at standard TV >> resolutions (or only mildly better) and was pricey as all heck. > >Not pricey at all, actually. You can buy MPEG decoder boards for >around $200 now, though be careful to avoid the "Real Magic" MPEG >video cards as they are complete and utter crap. I was so disgusted >with mine, not to mention their deceptive advertising practices >(nowhere do they note that the card will work with *one* and only >*one* brand of CDROM - it takes a call to their tech support >department and several hours on hold to learn that tidbit), that I >simply threw mine in the trash. Wish I'd saved it though - I'd have >taken it to the new rifle range I found which allows you to set up >your own types of targets just so long as you clean up after >yourself. :-) Most of the mpeg decoder boards for computer use, and many for TV use, only work at quarter res. You need to be careful, but it still looks pretty good... CDI uses approx a 1mbit/sec encoding at quarter res. >Thankfully, there are other cards on the market now. >> Since computational time should be proportional to the resolution of the >> display, it should be much easier to do a 320 * 200 display (64000 pixels, >> and at 16 bit depth that's 128Kbytes of data) as opposed to a 1024 * 768 >> display (786432 pixels, and at 24 bit depth that's 2.4Mbytes of data). Color depth is not handled the same way in video; depths are 18, 24 or 30 bits but the color is normally subsampled by a factor of 2 and sent as differences; this turns 24-bit depth into 16 transmitted bits; the color resolution is that of 24-bits but with a lower spacial frequency response. I've not seen 18-bit depth used in component digital; 6-bit samples used to be used in sampled composite recording but I think that is mostly gone now too in favor of 8 or 10 bit samples. (and most digital TV recording nowadays is component anyhow.) >Well, PAL is somewhat higher than this and while the frame rate of my >CD-I is unknown, there's no perceivable flicker and I'm pretty >sensitive to video refresh rates below 25FPS. Current PPV (and CDI) use 320x240, or 320x312, or 352x240 or 352x312, depending on the input system and whether NTSC or PAL... (320 from analog sources and 352 from digital; 240 for NTSC and 312 for PAL...) CDI is VERY slow mpeg (around 1mbit/sec). Since mpeg (for movies, anyhow) works in frames you won't see any flicker in the reconstruction (the pixel doubling guarantees no field-flicker). MPEG artifacts usually show up as visible contouring on 16-pixel square boundaries and generally not as motion artifacts. Cheaper decoders use less bits, which makes this effect more visible. Most of the commercial encoders use either 8 or 10 bit component samples. -- Pete From owner-freebsd-isp Mon Nov 18 00:21:03 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA21910 for isp-outgoing; Mon, 18 Nov 1996 00:21:03 -0800 (PST) Received: from cliff.fd1.uc.edu (cliff.fd1.uc.edu [129.137.244.1]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id AAA21901 for ; Mon, 18 Nov 1996 00:20:49 -0800 (PST) From: sales@aol.com Received: from email.uc.edu (max2-800-26.earthlink.net [206.149.205.77]) by cliff.fd1.uc.edu (8.7.5/8.7.1) with SMTP id DAA22281 for ; Mon, 18 Nov 1996 03:23:09 -0500 (EST) Date: Mon, 18 Nov 1996 03:23:09 -0500 (EST) Message-Id: <199611180823.DAA22281@cliff.fd1.uc.edu> SUBJECT: Special Offers To: undisclosed-recipients:; Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Why doesnt everyone come on over to AOL and try out our great new services we garuntee to beat any price or we'll refund you the difference!! From owner-freebsd-isp Mon Nov 18 05:11:13 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id FAA08610 for isp-outgoing; Mon, 18 Nov 1996 05:11:13 -0800 (PST) Received: from tag01.acnet.net (tag01.acnet.net [167.114.253.2]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id FAA08604 for ; Mon, 18 Nov 1996 05:11:09 -0800 (PST) Received: from pppgdl9.acnet.net (pppgdl9.acnet.net [167.114.28.204]) by tag01.acnet.net (8.6.12/8.6.6) with SMTP id GAA13941 for ; Mon, 18 Nov 1996 06:43:22 -0800 Received: by pppgdl9.acnet.net with Microsoft Mail id <01BBD51C.48ECCE20@pppgdl9.acnet.net>; Mon, 18 Nov 1996 06:46:54 -0600 Message-ID: <01BBD51C.48ECCE20@pppgdl9.acnet.net> From: Victor Hugo Velasco Esparza To: "'isp@freebsd.org'" Subject: 16 serial ports Date: Mon, 18 Nov 1996 06:46:44 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hi i'm lookign for a card with 16 serial ports support by freebsd, any recomendation?? From owner-freebsd-isp Mon Nov 18 05:43:38 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id FAA09973 for isp-outgoing; Mon, 18 Nov 1996 05:43:38 -0800 (PST) Received: from mirage.nlink.com.br (mirage.nlink.com.br [200.238.120.3]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id FAA09957 for ; Mon, 18 Nov 1996 05:43:00 -0800 (PST) Received: from mirage.nlink.com.br (mirage.nlink.com.br [200.238.120.3]) by mirage.nlink.com.br (8.6.12/8.6.12) with SMTP id KAA15901; Mon, 18 Nov 1996 10:44:51 -0200 Date: Mon, 18 Nov 1996 10:44:51 -0200 (EDT) From: Paulo Fragoso To: Victor Hugo Velasco Esparza cc: "'isp@freebsd.org'" Subject: Re: 16 serial ports In-Reply-To: <01BBD51C.48ECCE20@pppgdl9.acnet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hi, I'm using Cyclades 16Ye it's a good card. Paulo. On Mon, 18 Nov 1996, Victor Hugo Velasco Esparza wrote: > > Hi i'm lookign for a card with 16 serial ports support by freebsd, any recomendation?? > > From owner-freebsd-isp Mon Nov 18 06:00:23 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA13357 for isp-outgoing; Mon, 18 Nov 1996 06:00:23 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA13325 for ; Mon, 18 Nov 1996 06:00:10 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id HAA02170; Mon, 18 Nov 1996 07:59:02 -0600 From: Joe Greco Message-Id: <199611181359.HAA02170@brasil.moneng.mei.com> Subject: Re: 16 serial ports To: vvelasco@acnet.net (Victor Hugo Velasco Esparza) Date: Mon, 18 Nov 1996 07:59:01 -0600 (CST) Cc: isp@freebsd.org In-Reply-To: <01BBD51C.48ECCE20@pppgdl9.acnet.net> from "Victor Hugo Velasco Esparza" at Nov 18, 96 06:46:44 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Hi i'm lookign for a card with 16 serial ports support by freebsd, any recomendation?? Have you checked the hardware compatibility listings? ... JG From owner-freebsd-isp Mon Nov 18 06:14:07 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA15755 for isp-outgoing; Mon, 18 Nov 1996 06:14:07 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA15727 for ; Mon, 18 Nov 1996 06:13:53 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id IAA02190; Mon, 18 Nov 1996 08:12:46 -0600 From: Joe Greco Message-Id: <199611181412.IAA02190@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: dennis@etinc.com (dennis) Date: Mon, 18 Nov 1996 08:12:46 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, isp@freebsd.org In-Reply-To: <199611161656.LAA13898@etinc.com> from "dennis" at Nov 16, 96 11:56:08 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > >I don't see that happening here, at least locally. > > > >What I usually see is people going for T3, the circuit costs are not so > >terribly different, and then the upstream provider meters bandwidth or > >performs rate limiting of some sort. > > It is my understanding that the "rate-limiting" was flipping switches > on the T3 CSU/DSU,which is fractional T3 (ie, adjusting the clock > rate). That IS what I'm talking about! Rate limiting can be achieved in a number of ways. "Flipping switches on the CSU/DSU" generally increases latency. One can rate limit in software, or alternatively simply meter usage and if a threshold is exceeded, possibly raise the customer's rate. Hey, I'm not advocating it... I'm just saying what is currently done by some. > >Sure. But your ISA based product is going to get a little slow handling > >such high speeds, I would think? Maybe not. I would rather see a PCI > >based solution, but that is just personal preference. > > Im not talking about ISA...... Then what ARE you talking about? ... JG From owner-freebsd-isp Mon Nov 18 06:17:26 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA16262 for isp-outgoing; Mon, 18 Nov 1996 06:17:26 -0800 (PST) Received: from unibel.by (alice.unibel.by [195.50.0.195]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA16038 for ; Mon, 18 Nov 1996 06:15:58 -0800 (PST) Received: from brc.minsk.by (brc.minsk.by [193.232.92.36]) by unibel.by (8.8.2/8.8.2) with SMTP id NAA16632 for ; Mon, 18 Nov 1996 13:18:45 +0200 (EET) Received: by brc.minsk.by (sendmail 8.6.6/8.6.8) id m0vPRWI-001C5wC; Mon, 18 Nov 96 13:05 EET Received: from david.wvb.gomel.by (david [150.97.0.2]) by wvb.gomel.by (8.7.5/8.7.3) with SMTP id BAA03250 for ; Mon, 18 Nov 1996 01:04:52 +0200 (EET) Received: by david.wvb.gomel.by with Microsoft Mail id <01BBB8B4.BF1885A0@david.wvb.gomel.by>; Sun, 13 Oct 1996 03:15:12 +-200 Message-ID: <01BBB8B4.BF1885A0@david.wvb.gomel.by> From: David Stickney To: "'FBSD ISP'" Subject: FW: CRON freeking out on UUCICO, little voices crying "there is an answer, yeah, just jump, jump, open the window and..." Date: Sun, 13 Oct 1996 03:15:10 +-200 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk From: David Stickney Sent: Saturday, October 12, 1996 05:07 PM To: 'FBSD ISP'; 'Unibel.by' Subject: CRON freeking out on UUCICO, little voices crying "there is = an answer, yeah, just jump, jump, open the window and..." Hi, Has cron ever driven anyone to suicide? I have the entries=20 /etc/crontab=20 * 6,8,10,12,14,16,18,20, * * * root /usr/libexec/uucp/uucico = -sbrc -r1 -x all -f call every 2 hours from 6 to 8, my email host, full debuging, even with = an empty spool I stuck it in there yesterday, at about 2, then went home. I come 5 = hours later to learn my machine called long distance 180 times to get my mail. I spent all day trying = different configs, command line options thinking that UUCICO was the = problem. UUCICO exits cleanly, leaves a call completed in the status file, calls = uuxqt, and exits, uuxqt does the same.=20 at this point uustat -p shows no jobs, ps -x shows only one cron. Then = the fun starts, a second copy of cron runs, locks my modem and starts to dial again, and again, and again, = regardless of the system status. uucico is the only program that cron = does this to everything else works fine. If I take out the -f (force the call), set the failed call wait period = to 5 minutes, it will try to dial every 20-30 seconds, and uucico will = allow it to dial only after the five minutes have passed. Running this from a script works fine, the sys status file is updated = and everything is cool. But that means I have to be here if everyone wants to get their mail or let someone play with hours = of my work. Has anyone dealt with this, had a similiar problem know a fix? I was = going to just kill the process after the call, but it leaves the spool = dirty. I have worked hours try to track down my problem and it's cron, or maybe = it's just me, yeah,,, the window,, Yeah...soo easy.. ;] =20 Thanks for reading this, Dave From owner-freebsd-isp Mon Nov 18 06:43:36 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA17472 for isp-outgoing; Mon, 18 Nov 1996 06:43:36 -0800 (PST) Received: from house.multinet.net (house.multinet.net [204.138.173.37]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id GAA17467 for ; Mon, 18 Nov 1996 06:43:21 -0800 (PST) Received: from gabber.multinet.net (gabber.multinet.net [204.138.173.45]) by house.multinet.net (8.6.12/8.6.12) with SMTP id JAA09984 for ; Mon, 18 Nov 1996 09:43:13 -0500 Message-ID: <3290760F.2781E494@multinet.net> Date: Mon, 18 Nov 1996 09:43:27 -0500 From: graydon hoare X-Mailer: Mozilla 3.01 (X11; I; FreeBSD 2.2-ALPHA i386) MIME-Version: 1.0 To: freebsd-isp@freebsd.org Subject: Re: kerberos & RADIUS References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Michael Dillon wrote: > > On Sat, 16 Nov 1996, Ricardo Kleemann wrote: > > > I just need to be able to share passwd databases between Linux and > > freebsd, and I'm looking for a solution. > > RADIUS will work. Since the RADIUS stuff for Linux is further along than > FreeBSD, run radiusd on your FreeBSD box and the radlogin stuff on Linux. I haven't used RADIUS yet but I'm getting along OK with kerb. Does RADIUS use pub-key stuff too? Anyone know the major package differences? Kerberos is nitpicky at times, I'll grant that, but it seems pretty secure, and it's already built in to helpful stuff like the r-commands and my netblazers. I mean, the downside is it's so confusing that if, on the off chance, you get an intruder who knows some sneaky way through it, there's no way in hell you'll understand what they're doing ;) but I'm a big fan of the kerberos security model. From owner-freebsd-isp Mon Nov 18 06:56:11 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA18186 for isp-outgoing; Mon, 18 Nov 1996 06:56:11 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA18152 for ; Mon, 18 Nov 1996 06:56:03 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id IAA02266; Mon, 18 Nov 1996 08:54:58 -0600 From: Joe Greco Message-Id: <199611181454.IAA02266@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: alk@Think.COM (Tony Kimball) Date: Mon, 18 Nov 1996 08:54:57 -0600 (CST) Cc: isp@freebsd.org In-Reply-To: <199611180009.SAA01198@compound.Think.COM> from "Tony Kimball" at Nov 17, 96 06:09:27 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Quoth Joe Greco on Fri, 15 November: > : I was reliably routing 5000pps the other day on a Pentium 100... > : and it did not seem particularly stressed out. > > Has anyone constructed a performance model for routing on x86 > hardware? You only need to improve this performance by a factor > of 3.4 in order to attain Dennis' magic 17 kpps. That does not > seem very far out. *cough* 9000pps. Only involving two de interfaces on Trantor... % netstat -I ed0 -b 10 | cut -c61-120 input (Total) output packets errs bytes packets errs bytes colls 1692 0 496741 1692 0 491467 9 60613 0 4082655 58893 0 3415430 22236 90373 0 6071290 88007 0 5102437 33898 91345 0 6058466 90056 0 5146746 32342 91830 0 6109491 89431 0 5122133 33697 91946 0 6020587 90123 0 5034919 35137 97586 0 6361299 94241 0 5224866 35690 89598 0 5939400 88427 0 5037640 33711 I am seeing exponential CPU idle drop off though, it is running 20-40% idle. We are pumping! Ok let's go for the big finish... let's hit 10Kpps if we can... unfortunately I have to involve ISA crud machines to do this.... YES!!! This rules :-) % netstat -I ed0 -b 10 | cut -c61-120 input (Total) output packets errs bytes packets errs bytes colls 115709419 5991 1515971169 115823590 468 1410765988 391521 44890 0 3126746 44894 0 2776626 786 46338 0 3210192 46344 0 2849657 898 80950 0 5218615 70815 0 3826148 11247 105120 0 6794313 90143 0 4804222 18815 89825 0 5899932 79135 0 4345818 17300 113552 0 7247128 99339 0 5181548 22321 91177 0 5939665 80887 0 4338463 17897 113245 0 7358616 97373 0 5205285 22899 113625 0 7314844 95726 0 5054561 23281 118345 0 7654968 100091 0 5290368 22678 109026 0 7093593 92468 0 4966475 20996 127815 0 8175061 102896 0 5319967 28121 I am definitely running out of CPU cycles though.. 10% idle now. procs memory page disks faults cpu r b w avm fre flt re pi po fr sr f0 w0 in sy cs us sy id 0 0 0 31544 2860 1 0 0 0 0 0 0 0 23513 38 8 1 96 4 0 0 0 31544 2860 1 0 0 0 0 0 0 0 24700 32 7 0 88 12 1 0 0 31544 2860 1 0 0 0 0 0 0 0 23560 37 7 0 97 3 0 0 0 31544 2860 1 0 0 0 0 0 0 0 35945 47 10 0 95 5 0 0 0 31544 2860 1 0 0 0 0 0 0 0 26330 30 8 0 98 2 Conditions of the test... The packets in question were teeny UDP datagrams mainly because the collision rate grew excessively large if they were the original 1K or 256 byte packets I was playing with. The packets were blasted at an arbitrary host on one de interface, from host(s) on the other de interface(s). Note that production network traffic was still traversing this machine during these tests, and while I noticed a very moderate slowdown in my telnet traffic, it was not bad at all. Also, since most of the production traffic traverses the NE2000 interface, there is some built in performance degradation... I am thinking maybe 12000pps on a P100 is not beyond achievability. However, it would take someone with 100mbps Ethernet cards to try it with reasonable packet sizes. I like that interrupt rate though :-) ... JG From owner-freebsd-isp Mon Nov 18 07:18:48 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA21473 for isp-outgoing; Mon, 18 Nov 1996 07:18:48 -0800 (PST) Received: from americasnet.com (ricardo@americasnet.com [207.177.143.2]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA21464 for ; Mon, 18 Nov 1996 07:18:43 -0800 (PST) Received: (from ricardo@localhost) by americasnet.com (8.7/8.6.12) id HAA25298; Mon, 18 Nov 1996 07:20:40 -0800 Date: Mon, 18 Nov 1996 07:20:39 -0800 From: Ricardo Kleemann Subject: Re: kerberos To: Michael Dillon cc: FreeBSD ISP list In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Hi Michael! Thanks! Now I just need more info on radius ;-) Actually I had thought of using radiusd before, but since I never have, I was gunshy... Any pointers? thanks again, Ricardo On Sat, 16 Nov 1996, Michael Dillon wrote: > On Sat, 16 Nov 1996, Ricardo Kleemann wrote: > > > I just need to be able to share passwd databases between Linux and > > freebsd, and I'm looking for a solution. > > RADIUS will work. Since the RADIUS stuff for Linux is further along than > FreeBSD, run radiusd on your FreeBSD box and the radlogin stuff on Linux. > > Michael Dillon - ISP & Internet Consulting > Memra Software Inc. - Fax: +1-604-546-3049 > http://www.memra.com - E-mail: michael@memra.com > From owner-freebsd-isp Mon Nov 18 07:29:23 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA21913 for isp-outgoing; Mon, 18 Nov 1996 07:29:23 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA21908 for ; Mon, 18 Nov 1996 07:29:16 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id JAA02307; Mon, 18 Nov 1996 09:26:25 -0600 From: Joe Greco Message-Id: <199611181526.JAA02307@brasil.moneng.mei.com> Subject: Re: Router Purchase - the bottom line To: jsuter@intrastar.net (Jacob Suter) Date: Mon, 18 Nov 1996 09:26:25 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, jdd@vbc.net, ulf@lamb.net, dror@dnai.com, isp@FreeBSD.org In-Reply-To: <199611152310.RAA04753@intrastar.net> from "Jacob Suter" at Nov 15, 96 05:35:07 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > > If you get the ADZ variant of the Am5x86 (as opposed to the ADW), > you > > will find out that not only do you not need a fan, but you also > don't > > need a heat sink. > > I am running the ADZ here on the servers. I overclock them to 40mhz, > running them at 160 MHz instead of 133 MHz. > > Eats a P100 in most tests, but requires the systems to have heat > sink/fans. they get too hot for my liking without the fan (just the > heat sink) even at 133. Hmm.. The ones I have run at about room temperature with nothing at all on them. > Even at 160 tho, they are rock stable, run cool (with a good > fan/heatsink), and SPEEDS... > > > I put a heat sink on anyways but it does not need it. I just like > to > > be safe. > > Yeah. I'm one of those "the cooler the better" people. heat grease, > fast fans and big heat sinks are my friends :) Well I hope you don't burn them out :-( ... JG From owner-freebsd-isp Mon Nov 18 07:30:16 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA21976 for isp-outgoing; Mon, 18 Nov 1996 07:30:16 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA21960 for ; Mon, 18 Nov 1996 07:30:06 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id JAA02320; Mon, 18 Nov 1996 09:28:01 -0600 From: Joe Greco Message-Id: <199611181528.JAA02320@brasil.moneng.mei.com> Subject: Re: Router Purchase - the bottom line To: dennis@etinc.com (dennis) Date: Mon, 18 Nov 1996 09:28:01 -0600 (CST) Cc: jsuter@intrastar.net, isp@freebsd.org In-Reply-To: <199611161536.KAA13447@etinc.com> from "dennis" at Nov 16, 96 10:36:43 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > >> If you get the ADZ variant of the Am5x86 (as opposed to the ADW), > >you > >> will find out that not only do you not need a fan, but you also > >don't > >> need a heat sink. > > > >I am running the ADZ here on the servers. I overclock them to 40mhz, > >running them at 160 MHz instead of 133 MHz. > > This is really funny! We're talking about systems stability, overheating, etc > and your running your processor 20% out of spec. Talk about bad moves... > Note that running your processor over spec is not highly recommended to > ISPs who are concerned about long-term stabilty. They do run cooler if you _under_clock them... I ran a DX2/80 as a DX2/66 for a long time and noticed a bit of a difference. MB wasn't able to do a 40 MHz clock, and I had the CPU sitting around. ... JG From owner-freebsd-isp Mon Nov 18 07:56:31 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA23551 for isp-outgoing; Mon, 18 Nov 1996 07:56:31 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA23540 for ; Mon, 18 Nov 1996 07:56:27 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id LAA28913; Mon, 18 Nov 1996 11:01:07 -0500 Date: Mon, 18 Nov 1996 11:01:07 -0500 Message-Id: <199611181601.LAA28913@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Joe Greco From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >> J. Greco writes... >> >> >> >No, I have a bad habit of routing on low end equipment... >> > >> >But I agree... if a P100 can do 5000pps, what can a PP200 do :-) >> >> Perhaps if Joe would describe this test it would be a good start. > >I did, briefly, already. > >System: ASUS P/I-P55T2P4, P100 CPU, 16MB RAM, Znyx 314 quad DE21040 > ethernet, NE2000 ethernet. Well...a verbal description of what you were doing was what I was looking for..... flood pings are a pretty stinky test....the goal is to find out what it can switch on a continuous basis without packet loss...you may be chugging along at 10,000pps and someone pings the machine and you drop a flurry of packets while the ping is being processed, which is clearly unacceptable. its also a bit different with lots of different addresses being looked up (rather than the same one with a ping).....its pretty difficult to test. at 350 >> Anyone have a feel for the avg packet size over a typical backbone >> link? A T3 with an avg packet size of 500 bytes is 21000pps full >> duplex...I suspect the ave packet size may be smaller with lots >> of dialup traffic..... > >I tend to see an average of about 350 bytes. ok, thats about 28,000pps (allowing for overhead)...14,000 in one direction with a full pipe. Dennis From owner-freebsd-isp Mon Nov 18 08:11:24 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA24238 for isp-outgoing; Mon, 18 Nov 1996 08:11:24 -0800 (PST) Received: from jump.net (serv1-2.jump.net [204.238.120.20]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id IAA24225 for ; Mon, 18 Nov 1996 08:11:18 -0800 (PST) Received: from pbcustomer by jump.net (8.7.3/BERK-6.8.11) id KAA26329; Mon, 18 Nov 1996 10:11:06 -0600 (CST) Message-Id: <1.5.4.32.19961118161312.0074c710@mail.jump.net> X-Sender: adonai@mail.jump.net X-Mailer: Windows Eudora Light Version 1.5.4 (32) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Mon, 18 Nov 1996 10:13:12 -0600 To: freebsd-isp@freebsd.org From: Lee Crites Subject: Hello, World -- second try... Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk My first attempt at this message went to freebsd-isp@netrail.net. Someone still on that list told me about this one, so I'm forwarding a copy of my original message to this list. For those of you still on both, I apologize for the duplication. > ----- Original message follows ----- >Date: Sat, 16 Nov 1996 17:32:31 -0600 >To: freebsd-isp@netrail.net >From: Lee Crites >Subject: hello, world... > >I just subscribed to the list, so I thought I'd send out a general type >intro message. > >My name is Lee Crites. I own a computer consulting company in the Austin, >Texas area. I've been involved in computers since 1976. Most of my >experience is in programming, although I've done some hardware as well. > >Well I got this wild hair to start an isp business so my clients could have >access to the internet, and vice versa. What started out as little more >than vaporware in the minds of a few of us several months ago is now >starting to take shape. > >The biggest problem I have is knowledge -- I have no clue what it is like to >manage an isp. That's why I signed on to this group. I know unix, so >that's not a problem; I know some system security stuff; I know some system >administration. I know a little about all of it. I just don't know enough >to be comfortable in my 'new' position. > >So, I hope y'all don't mind me asking a lot of dumb questions, because I'm >sure I will. > >I just got the FreeBSD 2.1.5 cd's yesterday, and gave them to the guy who is >building my unix box. He's looking through the installation manual that >came with the cd's to see what hardware to put together. If you have any >suggestions, I'd be greatful if you could pass them along. > >Well, I'm going to keep this short -- something I don't do very well. I >look forward to being a part of the list. > >Lee Crites >Adonai Enterprises, Inc From owner-freebsd-isp Mon Nov 18 08:14:25 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA24508 for isp-outgoing; Mon, 18 Nov 1996 08:14:25 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id IAA24502 for ; Mon, 18 Nov 1996 08:14:22 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id KAA02381; Mon, 18 Nov 1996 10:13:18 -0600 From: Joe Greco Message-Id: <199611181613.KAA02381@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: dennis@etinc.com (dennis) Date: Mon, 18 Nov 1996 10:13:17 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, isp@freebsd.org In-Reply-To: <199611181601.LAA28913@etinc.com> from "dennis" at Nov 18, 96 11:01:07 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hi Dennis, > >I did, briefly, already. > > > >System: ASUS P/I-P55T2P4, P100 CPU, 16MB RAM, Znyx 314 quad DE21040 > > ethernet, NE2000 ethernet. > > Well...a verbal description of what you were doing was what I was looking > for..... Trying to melt down a production router. (Not too sure that's too smart, but oh well). > flood pings are a pretty stinky test....the goal is to find out what it can > switch on a > continuous basis without packet loss...you may be chugging along at 10,000pps > and someone pings the machine and you drop a flurry of packets while the > ping is being processed, which is clearly unacceptable. its also a bit > different with I do not think a router routes a ping packet any differently than it routes a TCP packet or a UDP packet. In both cases, it comes in one interface, gets routed, and goes out another interface. ping -f just happens to be a convenient traffic generator. My "udpblast" program is a little more optimized to the task simply because it generates packets to the discard port. That is how I got around the collision problem inherent on a 10baseT network. Actually I wish the damn things ran in full duplex mode because the two interfaces in question are both directly connected via crossover cables, I should "never" get a collision on them to the machines that they connect to :-/ > lots of different addresses being looked up (rather than the same one with > a ping).....its pretty difficult to test. Sorry, I just don't have the test environment to do that. There is a low level of widely variant traffic, but it accounted for less than 10% of the traffic (recall that I am doing this on production equipment). Since I only have a T1 out to the big net, that sorta limits me a little. > at 350 > > >> Anyone have a feel for the avg packet size over a typical backbone > >> link? A T3 with an avg packet size of 500 bytes is 21000pps full > >> duplex...I suspect the ave packet size may be smaller with lots > >> of dialup traffic..... > > > >I tend to see an average of about 350 bytes. > > ok, thats about 28,000pps (allowing for overhead)...14,000 in > one direction with a full pipe. So if I can do 10,000pps on a P100, possibly more... hmm.. :-) ... JG From owner-freebsd-isp Mon Nov 18 08:40:01 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA25861 for isp-outgoing; Mon, 18 Nov 1996 08:40:01 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA25853 for ; Mon, 18 Nov 1996 08:39:50 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id LAA29193; Mon, 18 Nov 1996 11:45:00 -0500 Date: Mon, 18 Nov 1996 11:45:00 -0500 Message-Id: <199611181645.LAA29193@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Joe Greco From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >> >I don't see that happening here, at least locally. >> > >> >What I usually see is people going for T3, the circuit costs are not so >> >terribly different, and then the upstream provider meters bandwidth or >> >performs rate limiting of some sort. >> >> It is my understanding that the "rate-limiting" was flipping switches >> on the T3 CSU/DSU,which is fractional T3 (ie, adjusting the clock >> rate). That IS what I'm talking about! > >Rate limiting can be achieved in a number of ways. "Flipping switches on >the CSU/DSU" generally increases latency. It changes the clock rate, which effectively is Frac T3. > >One can rate limit in software, or alternatively simply meter usage and if >a threshold is exceeded, possibly raise the customer's rate. > >Hey, I'm not advocating it... I'm just saying what is currently done by >some. I dont know who the "some" are, but clock switching is pretty popular since a lot of HSSI products can do full T3. > >> >Sure. But your ISA based product is going to get a little slow handling >> >such high speeds, I would think? Maybe not. I would rather see a PCI >> >based solution, but that is just personal preference. >> >> Im not talking about ISA...... I said our PCI product will be able to do 32Mbs without modification....ISA is only 27-40Mbs...pretty hard to do 32Mbs full duplex on it. Dennis From owner-freebsd-isp Mon Nov 18 09:20:57 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA28790 for isp-outgoing; Mon, 18 Nov 1996 09:20:57 -0800 (PST) Received: from mx.serv.net (mx.serv.net [199.201.191.10]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA28783 for ; Mon, 18 Nov 1996 09:20:52 -0800 (PST) Received: from MindBender.serv.net by mx.serv.net (8.7.5/SERV Revision: 2.30) id JAA29153; Mon, 18 Nov 1996 09:20:45 -0800 (PST) Received: from localhost.HeadCandy.com (michaelv@localhost.HeadCandy.com [127.0.0.1]) by MindBender.serv.net (8.7.5/8.7.3) with SMTP id JAA16683; Mon, 18 Nov 1996 09:20:40 -0800 (PST) Message-Id: <199611181720.JAA16683@MindBender.serv.net> X-Authentication-Warning: MindBender.serv.net: Host michaelv@localhost.HeadCandy.com [127.0.0.1] didn't use HELO protocol To: jsuter@intrastar.net (Jacob Suter), jdd@vbc.net, ulf@lamb.net, dror@dnai.com, isp@freebsd.org Subject: Re: Router Purchase - the bottom line In-reply-to: Your message of Mon, 18 Nov 96 09:26:25 -0600. <199611181526.JAA02307@brasil.moneng.mei.com> Date: Mon, 18 Nov 1996 09:20:40 -0800 From: "Michael L. VanLoon -- HeadCandy.com" Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk [running an AMD 5x86 133 at 160MHz...] >> I am running the ADZ here on the servers. I overclock them to 40mhz, >> running them at 160 MHz instead of 133 MHz. >> Eats a P100 in most tests, but requires the systems to have heat >> sink/fans. they get too hot for my liking without the fan (just the >> heat sink) even at 133. Uh, I don't think so... I don't know what tests you were running, but for real world stuff, the 5x86 at 133MHz is about a P75, just like they claim. That would put the 160MHz chip at about a P90. That is assuming you didn't have to add an extra wait state to your cache and/or your memory to run it at 40MHz, as opposed to 33MHz (which many people might have to do). >> Even at 160 tho, they are rock stable, run cool (with a good >> fan/heatsink), and SPEEDS... A good cheap fast upgrade for existing 486 systems, yes. But a decent Pentium will be faster. ----------------------------------------------------------------------------- Michael L. VanLoon michaelv@MindBender.serv.net --< Free your mind and your machine -- NetBSD free un*x >-- NetBSD working ports: 386+PC, Mac 68k, Amiga, Atari 68k, HP300, Sun3, Sun4/4c/4m, DEC MIPS, DEC Alpha, PC532, VAX, MVME68k, arm32... NetBSD ports in progress: PICA, others... ----------------------------------------------------------------------------- From owner-freebsd-isp Mon Nov 18 09:21:17 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA28831 for isp-outgoing; Mon, 18 Nov 1996 09:21:17 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA28821 for ; Mon, 18 Nov 1996 09:21:11 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id LAA02558; Mon, 18 Nov 1996 11:20:08 -0600 From: Joe Greco Message-Id: <199611181720.LAA02558@brasil.moneng.mei.com> Subject: Re: Hello, World -- second try... To: adonai@jump.net (Lee Crites) Date: Mon, 18 Nov 1996 11:20:08 -0600 (CST) Cc: freebsd-isp@freebsd.org In-Reply-To: <1.5.4.32.19961118161312.0074c710@mail.jump.net> from "Lee Crites" at Nov 18, 96 10:13:12 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > >The biggest problem I have is knowledge -- I have no clue what it is like to > >manage an isp. That's why I signed on to this group. I know unix, so > >that's not a problem; I know some system security stuff; I know some system > >administration. I know a little about all of it. I just don't know enough > >to be comfortable in my 'new' position. > > > >So, I hope y'all don't mind me asking a lot of dumb questions, because I'm > >sure I will. > > > >I just got the FreeBSD 2.1.5 cd's yesterday, and gave them to the guy who is > >building my unix box. He's looking through the installation manual that > >came with the cd's to see what hardware to put together. If you have any > >suggestions, I'd be greatful if you could pass them along. > > > >Well, I'm going to keep this short -- something I don't do very well. I > >look forward to being a part of the list. Hi, I would recommend that you thoroughly examime http://www.amazing.com/internet/ http://www.westnet.com/providers/ Hmm... where did my other ISP URL's go.. well these are two good places to start for reference purposes, and I highly suggest you spend a day or two following links and reading. :-) It is really pretty good advice. ... JG From owner-freebsd-isp Mon Nov 18 09:31:12 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA29424 for isp-outgoing; Mon, 18 Nov 1996 09:31:12 -0800 (PST) Received: from pinky.junction.net (pinky.junction.net [199.166.227.12]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id JAA29410 for ; Mon, 18 Nov 1996 09:31:07 -0800 (PST) Received: from sidhe.memra.com (sidhe.memra.com [199.166.227.105]) by pinky.junction.net (8.6.12/8.6.12) with ESMTP id JAA16286 for ; Mon, 18 Nov 1996 09:46:40 -0800 Received: from localhost (michael@localhost) by sidhe.memra.com (8.6.12/8.6.12) with SMTP id JAA08735 for ; Mon, 18 Nov 1996 09:27:34 -0800 Date: Mon, 18 Nov 1996 09:27:33 -0800 (PST) From: Michael Dillon To: FreeBSD ISP list Subject: Re: kerberos In-Reply-To: Message-ID: Organization: Memra Software Inc. - Internet consulting MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, 18 Nov 1996, Ricardo Kleemann wrote: > Thanks! > Now I just need more info on radius ;-) Actually I had thought of using > radiusd before, but since I never have, I was gunshy... > > Any pointers? When you do your web search on Altavista use "radiusd" so you don't get all the stuff about geometry and monitors, etc. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com From owner-freebsd-isp Mon Nov 18 09:38:32 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA00379 for isp-outgoing; Mon, 18 Nov 1996 09:38:32 -0800 (PST) Received: from ns2.harborcom.net (root@ns2.harborcom.net [206.158.4.4]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA00374 for ; Mon, 18 Nov 1996 09:38:30 -0800 (PST) Received: from swoosh.dunn.org (swoosh.dunn.org [206.158.7.243]) by ns2.harborcom.net (8.8.3/8.6.12) with SMTP id MAA19921; Mon, 18 Nov 1996 12:38:26 -0500 (EST) Date: Mon, 18 Nov 1996 12:35:46 -0500 () From: Bradley Dunn To: dennis cc: isp@freebsd.org Subject: Re: changed to: Frac T3? In-Reply-To: <199611181645.LAA29193@etinc.com> Message-ID: X-X-Sender: bradley@harborcom.net MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Mon, 18 Nov 1996, dennis wrote: > >One can rate limit in software, or alternatively simply meter usage and if > >a threshold is exceeded, possibly raise the customer's rate. > > > >Hey, I'm not advocating it... I'm just saying what is currently done by > >some. > > I dont know who the "some" are, but clock switching is pretty popular > since a lot of HSSI products can do full T3. UUNet. http://www.uu.net/multimeg/t3.html You can either flip the switches on the DSU, or get the full pipe and pay for what you use. MCI also charges based on what you use. http://www.ithink.com/pricer.htm#45 -BD From owner-freebsd-isp Mon Nov 18 10:52:03 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA04141 for isp-outgoing; Mon, 18 Nov 1996 10:52:03 -0800 (PST) Received: from noc.msc.edu (noc.msc.edu [137.66.12.254]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id KAA04098 for ; Mon, 18 Nov 1996 10:52:00 -0800 (PST) Received: from uc.msc.edu by noc.msc.edu (5.65/MSC/v3.0.1(920324)) id AA14901; Mon, 18 Nov 96 12:51:57 -0600 Received: from fergus-2.dialup.prtel.com by uc.msc.edu (5.65/MSC/v3.0z(901212)) id AA28322; Mon, 18 Nov 96 12:51:53 -0600 Received: (from alk@localhost) by compound.Think.COM (8.8.2/8.7.3) id MAA02873; Mon, 18 Nov 1996 12:51:50 -0600 (CST) Date: Mon, 18 Nov 1996 12:51:50 -0600 (CST) From: Tony Kimball Message-Id: <199611181851.MAA02873@compound.Think.COM> To: bradley@dunn.org Cc: dennis@etinc.com, isp@freebsd.org Subject: Re: changed to: Frac T3? References: <199611181645.LAA29193@etinc.com> Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Quoth Bradley Dunn on Mon, 18 November: : : UUNet. : http://www.uu.net/multimeg/t3.html : : You can either flip the switches on the DSU, or get the full pipe and pay : for what you use. Ouch -- that 95% sample thing must cost them a lot of lawsuits and whatnot. From owner-freebsd-isp Mon Nov 18 11:15:30 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA05454 for isp-outgoing; Mon, 18 Nov 1996 11:15:30 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA05447 for ; Mon, 18 Nov 1996 11:15:20 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id OAA00178; Mon, 18 Nov 1996 14:20:38 -0500 Date: Mon, 18 Nov 1996 14:20:38 -0500 Message-Id: <199611181920.OAA00178@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Joe Greco From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >Actually, no, you did not say that. I was trying to get you to say that. >:-) > >I am interested... do you have any details available, pricing, planned >availability, other details? > >Mainly I am looking to purchase an ET/5021-16-V.35 like the one I have, >and if I can get a PCI board instead, I would probably prefer to do so. >I am not necessarily in a "rush" however. No details...like I had said, DON'T ASK PLEASE! Dennis From owner-freebsd-isp Mon Nov 18 11:16:32 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA05597 for isp-outgoing; Mon, 18 Nov 1996 11:16:32 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA05590 for ; Mon, 18 Nov 1996 11:16:30 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id OAA00192; Mon, 18 Nov 1996 14:22:17 -0500 Date: Mon, 18 Nov 1996 14:22:17 -0500 Message-Id: <199611181922.OAA00192@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Bradley Dunn From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >On Mon, 18 Nov 1996, dennis wrote: > >> >One can rate limit in software, or alternatively simply meter usage and if >> >a threshold is exceeded, possibly raise the customer's rate. >> > >> >Hey, I'm not advocating it... I'm just saying what is currently done by >> >some. >> >> I dont know who the "some" are, but clock switching is pretty popular >> since a lot of HSSI products can do full T3. > >UUNet. >http://www.uu.net/multimeg/t3.html > >You can either flip the switches on the DSU, or get the full pipe and pay >for what you use. > >MCI also charges based on what you use. >http://www.ithink.com/pricer.htm#45 I would think that this is a dangerous option....I'd hate to have to pay for someone to flood ping me.... Dennis From owner-freebsd-isp Mon Nov 18 11:30:12 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA06615 for isp-outgoing; Mon, 18 Nov 1996 11:30:12 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA06609 for ; Mon, 18 Nov 1996 11:30:09 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.2/8.8.2) with ESMTP id LAA11420; Mon, 18 Nov 1996 11:29:32 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id LAA13795; Mon, 18 Nov 1996 11:29:24 -0800 (PST) Date: Mon, 18 Nov 1996 11:29:24 -0800 (PST) Message-Id: <199611181929.LAA13795@chimp.jnx.com> From: Tony Li To: dennis@etinc.com CC: isp@freebsd.org In-reply-to: <199611171626.LAA21381@etinc.com> (dennis@etinc.com) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Cisco IOS is hacked unix also.... > >Sorry, no, it's not. So you're saying it was written from scratch, and has no unix origins? That's correct. It clearly bears little resemblance at this time, but sources who should know indicate otherwise...... Well, I was a software engineer there for 5 years and wrote several megabytes of it myself. Your sources are highly questionable. It really doesn't matter, and we both have better things to do than argue about it...its not a general release OS (as Freebsd is) so its just not important. You're right. Market cap of $36B and they're not important... more installed machines than FreeBSD and they're not important... Good thing Microsoft isn't important either... Tony From owner-freebsd-isp Mon Nov 18 11:36:06 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA07096 for isp-outgoing; Mon, 18 Nov 1996 11:36:06 -0800 (PST) Received: from nemesis.idirect.com (root@nemesis.idirect.com [207.136.80.40]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA07087 for ; Mon, 18 Nov 1996 11:36:03 -0800 (PST) Received: from hailnet7.idirect.com (syoung@accord.idirect.com [207.136.82.45]) by nemesis.idirect.com (8.6.9/8.6.12) with SMTP id OAA26142 for ; Mon, 18 Nov 1996 14:35:54 -0500 Date: Mon, 18 Nov 1996 14:35:54 -0500 Message-Id: <1.5.4.16.19961118143608.26ffab48@idirect.com> X-Sender: syoung@idirect.com X-Mailer: Windows Eudora Light Version 1.5.4 (16) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: FreeBSD-isp@FreeBSD.ORG From: steve Subject: sliplogin troubles Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Hi Guys! I have recently installed FreeBSD and am trying (with great difficulty) to get sliplogin to work; I've read the man pages, FAQ's and doc's; tried setting up as listed, and many other trials; after two weeks I think I need help; The server answers and runs sliplogin, but any packets sent just idle to nowhere; and, after 30 or so seconds, it drops the line. Incidently, running slirp after logging in as a regular user gives no probs. The object is to allow several users to use trumpet winsock w/netscape. I have not yet tried ppp; but I'd like both to work. As this is my first posting I really didn't know how much info to send. Any ideas, or any sources of info; I have read several books on unix and tcp/ip and bbs's; and the postings from other FreeBSD newsgroups; My resources are getting seriously into the red, and any help that you may provide will be greatly appreciated. Thanks in advance, Steve From owner-freebsd-isp Mon Nov 18 11:58:59 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA08183 for isp-outgoing; Mon, 18 Nov 1996 11:58:59 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA08178 for ; Mon, 18 Nov 1996 11:58:51 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id NAA02938; Mon, 18 Nov 1996 13:57:12 -0600 From: Joe Greco Message-Id: <199611181957.NAA02938@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: dennis@etinc.com (dennis) Date: Mon, 18 Nov 1996 13:57:12 -0600 (CST) Cc: bradley@dunn.org, isp@FreeBSD.ORG In-Reply-To: <199611181922.OAA00192@etinc.com> from "dennis" at Nov 18, 96 02:22:17 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > >You can either flip the switches on the DSU, or get the full pipe and pay > >for what you use. > > > >MCI also charges based on what you use. > >http://www.ithink.com/pricer.htm#45 > > I would think that this is a dangerous option....I'd hate to have to pay for > someone to flood ping me.... I suspect that someone flood pinging you at DS3 speeds would themselves have to have a Very Large Pipe(tm) in order to cause any real damage, somehow I suspect that that would be rather unusual. Now if only some of these places that did mass marketing e-mail subscribed to this type of service... then some useful damage could be done ;-) :-) ... JG From owner-freebsd-isp Mon Nov 18 12:03:10 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA08390 for isp-outgoing; Mon, 18 Nov 1996 12:03:10 -0800 (PST) Received: from mail.calweb.com (mail.calweb.com [165.90.138.20]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA08385 for ; Mon, 18 Nov 1996 12:03:07 -0800 (PST) Received: from devnull.calweb.com (devnull.calweb.com [165.90.138.92]) by mail.calweb.com (8.8.3/8.8.3) with SMTP id MAA10531 for ; Mon, 18 Nov 1996 12:03:40 -0800 (PST) Message-Id: <3.0.32.19961118120240.007b6d10@pop.calweb.com> Warning: Unsolicited Commercial Email (UCE) will be returned to send in bulk X-Sender: jfesler@pop.calweb.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Mon, 18 Nov 1996 12:02:40 -0800 To: isp@freebsd.org From: Jason Fesler Subject: Zmailer Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Anyone take a look at, or using, zmailer http://www.funet.fi/index/zmailer as a replacement for sendmail? I looked at qmail, but it doesn't handle uucp sites efficiently in the case of multiple recipients of the same message (it sends one copy for each recipient, instead of one copy and a list of recipients). I'm interested in information on stability, ease of use, etc for zmailer.. -- Jason Fesler jfesler@calweb.com Internic: 'whois jf319' Admin, CalWeb Internet Services http://www.calweb.com Junk email returned, in bulk, back to sender; w/copies to all postmasters. You got junk mail problems? Use Eudora Pro, MSIE's mail, or 'man procmail'. From owner-freebsd-isp Mon Nov 18 12:05:01 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA08507 for isp-outgoing; Mon, 18 Nov 1996 12:05:01 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA08494 for ; Mon, 18 Nov 1996 12:04:56 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id OAA02958; Mon, 18 Nov 1996 14:02:58 -0600 From: Joe Greco Message-Id: <199611182002.OAA02958@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: tli@jnx.com (Tony Li) Date: Mon, 18 Nov 1996 14:02:58 -0600 (CST) Cc: dennis@etinc.com, isp@freebsd.org In-Reply-To: <199611181929.LAA13795@chimp.jnx.com> from "Tony Li" at Nov 18, 96 11:29:24 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Tony, > You're right. Market cap of $36B and they're not important... more > installed machines than FreeBSD and they're not important... Good thing > Microsoft isn't important either... Since the discussion was about how fast UNIX can route packets, Dennis is absolutely right... they are not important because by your own statement, IOS is not UNIX. Neither is Microsoft because I don't recall Microsoft releasing any UNIX variant OS's recently. And I don't particularly care if Gates _did_ try to assimilate UNIX into NT by decree of equivalency :-) NT ain't UNIX. (Actually, I could have sworn that I heard that IOS was developed with a UNIX model in mind (obviously not for the routing parts, but...)) ... JG From owner-freebsd-isp Mon Nov 18 12:08:04 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA08667 for isp-outgoing; Mon, 18 Nov 1996 12:08:04 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA08622 for ; Mon, 18 Nov 1996 12:08:00 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.2/8.8.2) with ESMTP id MAA13049; Mon, 18 Nov 1996 12:06:55 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id MAA13914; Mon, 18 Nov 1996 12:06:47 -0800 (PST) Date: Mon, 18 Nov 1996 12:06:47 -0800 (PST) Message-Id: <199611182006.MAA13914@chimp.jnx.com> From: Tony Li To: jgreco@brasil.moneng.mei.com CC: dennis@etinc.com, isp@freebsd.org In-reply-to: <199611182002.OAA02958@brasil.moneng.mei.com> (message from Joe Greco on Mon, 18 Nov 1996 14:02:58 -0600 (CST)) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Since the discussion was about how fast UNIX can route packets, Dennis is absolutely right... Ah, so we should not learn anything from IOS because it's not important. And thus we shouldn't improve the way that BSD forwarding works.... Sheesh. (Actually, I could have sworn that I heard that IOS was developed with a UNIX model in mind (obviously not for the routing parts, but...)) Actually, IOS derives mostly from Tops-20. ;-) But IOS _was_ written in C, and thus shares that small appearance. Tony From owner-freebsd-isp Mon Nov 18 12:11:10 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA08834 for isp-outgoing; Mon, 18 Nov 1996 12:11:10 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA08829 for ; Mon, 18 Nov 1996 12:11:07 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id OAA02975; Mon, 18 Nov 1996 14:10:06 -0600 From: Joe Greco Message-Id: <199611182010.OAA02975@brasil.moneng.mei.com> Subject: Re: sliplogin troubles To: syoung@idirect.com (steve) Date: Mon, 18 Nov 1996 14:10:05 -0600 (CST) Cc: FreeBSD-isp@FreeBSD.ORG In-Reply-To: <1.5.4.16.19961118143608.26ffab48@idirect.com> from "steve" at Nov 18, 96 02:35:54 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Hi Guys! > > I have recently installed FreeBSD and am trying (with great difficulty) to > get sliplogin to work; > > I've read the man pages, FAQ's and doc's; tried setting up as listed, and > many other trials; after two weeks I think I need help; > > The server answers and runs sliplogin, but any packets sent just idle to > nowhere; and, after 30 or so seconds, it drops the line. Incidently, > running slirp after logging in as a regular user gives no probs. > > The object is to allow several users to use trumpet winsock w/netscape. I > have not yet tried ppp; but I'd like both to work. > > As this is my first posting I really didn't know how much info to send. Any > ideas, or any sources of info; I have read several books on unix and tcp/ip > and bbs's; and the postings from other FreeBSD newsgroups; > > My resources are getting seriously into the red, and any help that you may > provide will be greatly appreciated. # sysctl -w net.inet.ip.forwarding=1 # cd /etc/sliphome # cat slip.hosts Saccount 206.55.68.1 206.55.68.2 0xfffffff8 autocomp # grep Saccount /etc/passwd Saccount:*:1000:66:Some Co. Inc. SLIP:/etc/sliphome:/usr/local/sbin/sliplogin # cat /usr/local/sbin/sliplogin #! /bin/sh - PATH=/bin:/usr/bin:/usr/local/bin; export PATH stty crtscts mesg n biff n exec /usr/sbin/sliplogin I can't think of anything else you _need_ to run sliplogin... ... JG From owner-freebsd-isp Mon Nov 18 12:18:36 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA09124 for isp-outgoing; Mon, 18 Nov 1996 12:18:36 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA09119 for ; Mon, 18 Nov 1996 12:18:34 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id OAA02995; Mon, 18 Nov 1996 14:16:56 -0600 From: Joe Greco Message-Id: <199611182016.OAA02995@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: tli@jnx.com (Tony Li) Date: Mon, 18 Nov 1996 14:16:56 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, dennis@etinc.com, isp@freebsd.org In-Reply-To: <199611182006.MAA13914@chimp.jnx.com> from "Tony Li" at Nov 18, 96 12:06:47 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Since the discussion was about how fast UNIX can route packets, Dennis is > absolutely right... > > Ah, so we should not learn anything from IOS because it's not important. > And thus we shouldn't improve the way that BSD forwarding works.... > Sheesh. No, now you're putting words in my mouth. I am simply stating that what Dennis said was correct: IOS is not particularly relevant. It is like comparing a good 100mbit Ethernet switch to a Cisco router.... they are optimized for different tasks. UNIX as a general purpose OS is not optimized the way IOS is for routing. I am not saying that FreeBSD can not learn from IOS (or maybe even vice versa, I would love to see Cisco learn how to be price competitive). If I was not interested in improvement, I would not be applying bits of pressure now and then in the form of informal benchmarks to see if someone isn't interested in improving the numbers still further. But the topic was UNIX routing. So IOS is irrelevant, as is Microsoft. Anybody who wants to make a Pentium into a DS3 capable router has my full support :-) ... JG From owner-freebsd-isp Mon Nov 18 12:40:05 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA10146 for isp-outgoing; Mon, 18 Nov 1996 12:40:05 -0800 (PST) Received: from data.nas.nasa.gov (data.nas.nasa.gov [129.99.23.20]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA10140 for ; Mon, 18 Nov 1996 12:40:03 -0800 (PST) Received: from gizmo.nas.nasa.gov (gizmo.nas.nasa.gov [129.99.36.13]) by data.nas.nasa.gov (8.7.6/NAS.5.b) with SMTP id MAA25706; Mon, 18 Nov 1996 12:33:45 -0800 (PST) X-Authentication-Warning: data.nas.nasa.gov: Host gizmo.nas.nasa.gov [129.99.36.13] didn't use HELO protocol X-Mailer: exmh version 1.6.5 12/11/95 To: David Stickney Cc: "'FBSD ISP'" Reply-To: truesdel@nas.nasa.gov Subject: Re: FW: CRON freeking out on UUCICO, little voices crying "there is an answer, yeah, just jump, jump, open the window and..." In-reply-to: Your message of "Sun, 13 Oct 1996 03:15:10." <01BBB8B4.BF1885A0@david.wvb.gomel.by> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 18 Nov 1996 12:33:35 -0800 Message-ID: <9980.848349215@nas.nasa.gov> From: "David A. Truesdell" Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Just in case no-one else has replied, the problem is NOT uucico, it is that you told cron to run uucico every minute for an hour every hour you specified. If you want uucico run once every two hours, you need to specify which minute of the hour you want it run. You had: * 6,8,10,12,14,16,18,20, * * * root /usr/libexec/uucp/uucico -sbrc -r1 -x all -f Instead try: 0 6,8,10,12,14,16,18,20 * * * root /usr/libexec/uucp/uucico -sbrc -r1 -x all -f -- T.T.F.N., Dave Truesdell truesdel@nas.nasa.gov/postmaster@nas.nasa.gov Wombat Wrestler/Software Packrat/Baby Wrangler/Newsmaster/Postmaster From owner-freebsd-isp Mon Nov 18 12:42:49 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA10310 for isp-outgoing; Mon, 18 Nov 1996 12:42:49 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id MAA10302 for ; Mon, 18 Nov 1996 12:42:45 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id PAA00745; Mon, 18 Nov 1996 15:48:01 -0500 Date: Mon, 18 Nov 1996 15:48:01 -0500 Message-Id: <199611182048.PAA00745@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Joe Greco From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk J. Greco writes... >Tony, > >> You're right. Market cap of $36B and they're not important... more >> installed machines than FreeBSD and they're not important... Good thing >> Microsoft isn't important either... > >Since the discussion was about how fast UNIX can route packets, Dennis is >absolutely right... they are not important because by your own statement, >IOS is not UNIX. Neither is Microsoft because I don't recall Microsoft >releasing any UNIX variant OS's recently. > >And I don't particularly care if Gates _did_ try to assimilate UNIX into >NT by decree of equivalency :-) NT ain't UNIX. > >(Actually, I could have sworn that I heard that IOS was developed with >a UNIX model in mind (obviously not for the routing parts, but...)) there is certainly "unix" origins in a lot of their stuff...and with the Cisco company...the IPX gateway acquisition, their investment in BSDI...their own unix products... But it has little to do with how fast a general release OS can switch packets... Dennis From owner-freebsd-isp Mon Nov 18 12:45:14 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA10471 for isp-outgoing; Mon, 18 Nov 1996 12:45:14 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id MAA10462 for ; Mon, 18 Nov 1996 12:45:11 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id PAA00784; Mon, 18 Nov 1996 15:51:41 -0500 Date: Mon, 18 Nov 1996 15:51:41 -0500 Message-Id: <199611182051.PAA00784@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > Since the discussion was about how fast UNIX can route packets, Dennis is > absolutely right... > >Ah, so we should not learn anything from IOS because it's not important. >And thus we shouldn't improve the way that BSD forwarding works.... >Sheesh. But you are misslng the point that Freebsd is a general OS and the methods used by dedicated routers are not appropriate for general OSs...using freebsd as a base for a specialized router OS and changing the way BSD routes are very different issues. Dennis From owner-freebsd-isp Mon Nov 18 12:52:14 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA10802 for isp-outgoing; Mon, 18 Nov 1996 12:52:14 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id MAA10791 for ; Mon, 18 Nov 1996 12:52:07 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id PAA00824; Mon, 18 Nov 1996 15:57:25 -0500 Date: Mon, 18 Nov 1996 15:57:25 -0500 Message-Id: <199611182057.PAA00824@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Joe Greco From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >I am not saying that FreeBSD can not learn from IOS (or maybe even vice >versa, I would love to see Cisco learn how to be price competitive). > >If I was not interested in improvement, I would not be applying bits of >pressure now and then in the form of informal benchmarks to see if someone >isn't interested in improving the numbers still further. Geeeeeeez...they spend a ton of money brainwashing the marketplace and controlling the technology to keep the numbers UP for peetes sake!, thats the idea. Selling twice as much for half the margin is a net loss. Dennis From owner-freebsd-isp Mon Nov 18 13:26:41 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA12724 for isp-outgoing; Mon, 18 Nov 1996 13:26:41 -0800 (PST) Received: from americasnet.com (ricardo@americasnet.com [207.177.143.2]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id NAA12707 for ; Mon, 18 Nov 1996 13:26:37 -0800 (PST) Received: (from ricardo@localhost) by americasnet.com (8.7/8.6.12) id NAA30796; Mon, 18 Nov 1996 13:28:37 -0800 Date: Mon, 18 Nov 1996 13:28:37 -0800 From: Ricardo Kleemann Subject: radius pkg in ports directory To: FreeBSD ISP list Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hi, I grabbed the radius pkg from the 2.1.5-RELEASE/ports/net directory and tried to make it. It fails because it's trying to fetch the radius.2.4.21.tar.gz base package... However if you go into ftp.merit.edu (where the make attempts to get it) the latest radius is radius.23c.basic.tar.gz So it seems that I can't build the radius pkg for freebsd :( Anyone out there been able to build it? Is there a previous package version I can get in ftp.freebsd.org? Thanks Ricardo From owner-freebsd-isp Mon Nov 18 13:34:30 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA13354 for isp-outgoing; Mon, 18 Nov 1996 13:34:30 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id NAA13345 for ; Mon, 18 Nov 1996 13:34:25 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.2/8.8.2) with ESMTP id NAA16289; Mon, 18 Nov 1996 13:33:53 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id NAA14036; Mon, 18 Nov 1996 13:33:45 -0800 (PST) Date: Mon, 18 Nov 1996 13:33:45 -0800 (PST) Message-Id: <199611182133.NAA14036@chimp.jnx.com> From: Tony Li To: dennis@etinc.com CC: isp@freebsd.org In-reply-to: <199611182051.PAA00784@etinc.com> (dennis@etinc.com) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk But you are misslng the point that Freebsd is a general OS and the methods used by dedicated routers are not appropriate for general OSs...using freebsd as a base for a specialized router OS and changing the way BSD routes are very different issues. Let's just agree to disagree. Tony From owner-freebsd-isp Mon Nov 18 13:49:46 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA14342 for isp-outgoing; Mon, 18 Nov 1996 13:49:46 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id NAA14336 for ; Mon, 18 Nov 1996 13:49:44 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id PAA03264; Mon, 18 Nov 1996 15:48:02 -0600 From: Joe Greco Message-Id: <199611182148.PAA03264@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: dennis@etinc.com (dennis) Date: Mon, 18 Nov 1996 15:48:02 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, isp@freebsd.org In-Reply-To: <199611182057.PAA00824@etinc.com> from "dennis" at Nov 18, 96 03:57:25 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Geeeeeeez...they spend a ton of money brainwashing the marketplace > and controlling the technology to keep the numbers UP for peetes sake!, > thats the idea. Selling twice as much for half the margin is a net loss. So is selling half as much for twice the margin, because at some point the amount sold must approach zero :-) But really price is only part of it. I hate "golden bits of hardware" and avoid them whenever possible... be it Ciscos or whatever. There are incentives beyond price alone for hacker types to go soup up a UNIX box and use it as a router... Here is a point though where Dennis will philosophically disagree with me, and that is all right. Dennis makes a big point out of the fact that a UNIX router can perform other services too... I do NOT believe in that paradigm. So for me, specializing a UNIX kernel for a router would not be a bad concept, but Dennis probably would not agree. I wonder if ipfilter's "fastroute" command would make any difference for well known destinations.. hmm ... JG From owner-freebsd-isp Mon Nov 18 14:39:16 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA18195 for isp-outgoing; Mon, 18 Nov 1996 14:39:16 -0800 (PST) Received: from gamespot.com (ns1.gamespot.com [206.169.18.2]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA18185 for ; Mon, 18 Nov 1996 14:39:12 -0800 (PST) Received: from tech-a.gamespot.com (tech-a.gamespot.com [206.169.18.66]) by gamespot.com (8.7.5/8.7.3) with SMTP id NAA22720 for ; Mon, 18 Nov 1996 13:59:59 GMT Message-Id: <199611181359.NAA22720@gamespot.com> Comments: Authenticated sender is From: "Ian Kallen" To: freebsd-isp@freebsd.org Date: Mon, 18 Nov 1996 14:40:30 +0000 Subject: scaling number of ftp users Reply-to: ian@gamespot.com Priority: normal X-mailer: Pegasus Mail for Windows (v2.23) Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I've been keeping an eye on the number of simultaneous ftp users (using wu-ftpd) and comparing it to what vmstat is reporting for free memory. While there seems to be a general downward trend for free memory as the number from ftpcount goes up, it does not seem exactly linear. How are other folks deciding where to put the limit on ftp users? BTW this is running on a pentium 133 w/ 128 megs of ram. thanks! -- Ian Kallen ian@gamespot.com Director of Technology & Web Administration http://www.gamespot.com From owner-freebsd-isp Mon Nov 18 14:47:15 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA18525 for isp-outgoing; Mon, 18 Nov 1996 14:47:15 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA18518 for ; Mon, 18 Nov 1996 14:47:11 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id RAA01561; Mon, 18 Nov 1996 17:52:25 -0500 Date: Mon, 18 Nov 1996 17:52:25 -0500 Message-Id: <199611182252.RAA01561@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Joe Greco From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Joe says, >Here is a point though where Dennis will philosophically disagree with me, >and that is all right. Dennis makes a big point out of the fact that a >UNIX router can perform other services too... I do NOT believe in that >paradigm. So for me, specializing a UNIX kernel for a router would not >be a bad concept, but Dennis probably would not agree. I dont disagree (in fact we may have to do it to route T3), but it will be a specialized functions, not for everyone. Dennis From owner-freebsd-isp Mon Nov 18 15:16:29 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id PAA20782 for isp-outgoing; Mon, 18 Nov 1996 15:16:29 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA20769 for ; Mon, 18 Nov 1996 15:16:23 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id RAA03438; Mon, 18 Nov 1996 17:15:35 -0600 From: Joe Greco Message-Id: <199611182315.RAA03438@brasil.moneng.mei.com> Subject: Re: scaling number of ftp users To: ian@gamespot.com Date: Mon, 18 Nov 1996 17:15:35 -0600 (CST) Cc: freebsd-isp@freebsd.org In-Reply-To: <199611181359.NAA22720@gamespot.com> from "Ian Kallen" at Nov 18, 96 02:40:30 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > I've been keeping an eye on the number of simultaneous ftp users > (using wu-ftpd) and comparing it to what vmstat is reporting for > free memory. While there seems to be a general downward trend for > free memory as the number from ftpcount goes up, it does not seem > exactly linear. How are other folks deciding where to put the limit > on ftp users? > > BTW this is running on a pentium 133 w/ 128 megs of ram. When your box is swapping more than you'd like, or you are out of {CPU, network} bandwidth, that's where you draw the line :-) What you choose is somewhat arbitrary. There is a maximum practical number of users, but it is not easy to determine, and has more to do with local usage patterns, etc. ... JG From owner-freebsd-isp Mon Nov 18 17:16:02 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA02774 for isp-outgoing; Mon, 18 Nov 1996 17:16:02 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id RAA02748 for ; Mon, 18 Nov 1996 17:15:46 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id UAA02441; Mon, 18 Nov 1996 20:22:03 -0500 Date: Mon, 18 Nov 1996 20:22:03 -0500 Message-Id: <199611190122.UAA02441@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Richard Stanford From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >dennis wrote: > >> I dont disagree (in fact we may have to do it to route T3), but it will be >> a specialized functions, not for everyone. > >It could be that one of the reasons Cisco (et al) have good reps as >routers is that you CANNOT run anything else on them. Seeing that the >routers are probably some of the most important "core" components of ISP >computer rooms, I wouldn't imagine too many people would want to run >other things on their router. > >As someone else recently pointed out, hardware is cheap these days. Yes but it depends on what kind of router it is. ISPs arent the only ones using routers these days....for the corporate environment where traffic is relatively light, the ability to do other stuff is a big win. Dennis From owner-freebsd-isp Mon Nov 18 18:49:05 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA08381 for isp-outgoing; Mon, 18 Nov 1996 18:49:05 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id SAA08367 for ; Mon, 18 Nov 1996 18:49:00 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.2/8.8.2) with ESMTP id SAA28695; Mon, 18 Nov 1996 18:48:19 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id SAA14553; Mon, 18 Nov 1996 18:48:11 -0800 (PST) Date: Mon, 18 Nov 1996 18:48:11 -0800 (PST) Message-Id: <199611190248.SAA14553@chimp.jnx.com> From: Tony Li To: dennis@etinc.com (dennis) Cc: isp@freebsd.org Subject: Re: changed to: Frac T3? References: <199611180207.VAA24485@etinc.com> Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Anyone have a feel for the avg packet size over a typical backbone link? A T3 with an avg packet size of 500 bytes is 21000pps full duplex...I suspect the ave packet size may be smaller with lots of dialup traffic..... The long-term Internet backbone average packet size is 256 bytes. Things _were_ getting better a while ago, but then this damn HTTP stuff picked up and .... ;-( Tony From owner-freebsd-isp Mon Nov 18 18:53:38 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA08785 for isp-outgoing; Mon, 18 Nov 1996 18:53:38 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id SAA08780 for ; Mon, 18 Nov 1996 18:53:37 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.2/8.8.2) with ESMTP id SAA28837; Mon, 18 Nov 1996 18:53:05 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id SAA14559; Mon, 18 Nov 1996 18:52:57 -0800 (PST) Date: Mon, 18 Nov 1996 18:52:57 -0800 (PST) Message-Id: <199611190252.SAA14559@chimp.jnx.com> From: Tony Li To: dennis@etinc.com (dennis) Cc: isp@FreeBSD.org Subject: Re: changed to: Frac T3? References: <199611182252.RAA01561@etinc.com> Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk >Here is a point though where Dennis will philosophically disagree with me, >and that is all right. Dennis makes a big point out of the fact that a >UNIX router can perform other services too... I do NOT believe in that >paradigm. So for me, specializing a UNIX kernel for a router would not >be a bad concept, but Dennis probably would not agree. I dont disagree (in fact we may have to do it to route T3), but it will be a specialized functions, not for everyone. In fact, there is a _great_ deal of painful experience in dealing with routers where there isn't quite enough CPU time to get everything done. Routing protocols are basically soft real-time distributed systems. When they get delayed, they tend to collapse in spectacular ways. As a result, putting any significant non-routing load on a router is a _really_ bad idea. You MIGHT be able to get away with it by suitable modifications to the Unix scheduler, but then it wouldn't be Unix, would it? ;-) And the cost of another box to support a server is sufficiently low that it would seem to make sense not to risk the routing... Tony From owner-freebsd-isp Mon Nov 18 19:25:32 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id TAA09910 for isp-outgoing; Mon, 18 Nov 1996 19:25:32 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id TAA09905 for ; Mon, 18 Nov 1996 19:25:25 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.2/8.8.2) with ESMTP id TAA00466; Mon, 18 Nov 1996 19:24:53 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id TAA14600; Mon, 18 Nov 1996 19:24:45 -0800 (PST) Date: Mon, 18 Nov 1996 19:24:45 -0800 (PST) Message-Id: <199611190324.TAA14600@chimp.jnx.com> From: Tony Li To: dennis@etinc.com (dennis) Cc: isp@freebsd.org Subject: Re: changed to: Frac T3? References: <199611190122.UAA02441@etinc.com> Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Yes but it depends on what kind of router it is. ISPs arent the only ones using routers these days....for the corporate environment where traffic is relatively light, the ability to do other stuff is a big win. I'm not sure if you meant to imply that all corporate environments have light traffic loads. Let me be the first to assure you that it's NOT the case. Let me also point out that the corporate environment is the last place where you want to risk an unnecessary outage and the place where you really can afford more systems. It's the home environment where the budget is tight that could particularly benefit from this. But that also assumes that the cost of bandwidth to the home comes way down, ala @Home. Tony From owner-freebsd-isp Mon Nov 18 19:51:35 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id TAA11519 for isp-outgoing; Mon, 18 Nov 1996 19:51:35 -0800 (PST) Received: from ns2.harborcom.net (bradley@ns2.harborcom.net [206.158.4.4]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id TAA11512 for ; Mon, 18 Nov 1996 19:51:27 -0800 (PST) Received: from localhost (bradley@localhost) by ns2.harborcom.net (8.8.3/8.6.12) with SMTP id WAA10981; Mon, 18 Nov 1996 22:51:09 -0500 (EST) Date: Mon, 18 Nov 1996 22:51:09 -0500 (EST) From: Bradley Dunn X-Sender: bradley@ns2.harborcom.net To: Tony Li cc: isp@freebsd.org Subject: Re: changed to: Frac T3? In-Reply-To: <199611190252.SAA14559@chimp.jnx.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Mon, 18 Nov 1996, Tony Li wrote: > idea. You MIGHT be able to get away with it by suitable modifications to > the Unix scheduler, but then it wouldn't be Unix, would it? ;-) And the That reminds me of the OC3Mon. http://www.nlanr.net/NA/Oc3mon/ They used our good friend DOS because Unix didn't offer them enough control over scheduling. -BD From owner-freebsd-isp Mon Nov 18 19:59:38 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id TAA11944 for isp-outgoing; Mon, 18 Nov 1996 19:59:38 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id TAA11939 for ; Mon, 18 Nov 1996 19:59:33 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id VAA03823; Mon, 18 Nov 1996 21:57:49 -0600 From: Joe Greco Message-Id: <199611190357.VAA03823@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: tli@jnx.com (Tony Li) Date: Mon, 18 Nov 1996 21:57:49 -0600 (CST) Cc: dennis@etinc.com, isp@FreeBSD.ORG In-Reply-To: <199611190252.SAA14559@chimp.jnx.com> from "Tony Li" at Nov 18, 96 06:52:57 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > >Here is a point though where Dennis will philosophically disagree with me, > >and that is all right. Dennis makes a big point out of the fact that a > >UNIX router can perform other services too... I do NOT believe in that > >paradigm. So for me, specializing a UNIX kernel for a router would not > >be a bad concept, but Dennis probably would not agree. > > I dont disagree (in fact we may have to do it to route T3), but it will be > a specialized functions, not for everyone. > > In fact, there is a _great_ deal of painful experience in dealing with > routers where there isn't quite enough CPU time to get everything done. > Routing protocols are basically soft real-time distributed systems. When > they get delayed, they tend to collapse in spectacular ways. As a result, > putting any significant non-routing load on a router is a _really_ bad > idea. You MIGHT be able to get away with it by suitable modifications to > the Unix scheduler, but then it wouldn't be Unix, would it? ;-) And the > cost of another box to support a server is sufficiently low that it would > seem to make sense not to risk the routing... I guess I never bothered to explore this topic... I always thought packet routing was handled as a fairly high priority thing. Packet arrives, generates interrupt, kernel processes, queues for output, and sends it. User processes should have no way to compete for time spent basically dealing with an interrupt. Real time operating systems deal with this by simply flagging that an interrupt occurred and continuing with the user process until time is available to deal with the interrupt (what an oversimplification, but oh well). Traditional UNIX, from my understanding, does not have this behaviour and observation tends to support this. I have actually seen the syscons cursor's blink slow and then stop on a massively overloaded 386DX/40 router, which suggests to me that the system is extremely busy processing other things. At the time that I witnessed this, I had a "vmstat 1" running. As "sy" reached its peak value of 100, the system's interactive response became virtually dead and as the number of packets routed per second continued to grow, the vmstat "froze". I couldn't coax any response from any daemons on the system, although I was allowed to connect. When the pps being routed dropped, suddenly the system "sprang" to life again. It is quite clear to me that it is possible not to have enough CPU to perform packet routing/forwarding functions, then, based on firsthand observation. However, less clear to me is that your argument against having any "significant non-routing load" on a router applies to UNIX based routers. Maybe someone like David or Bruce could clarify this. Please do not think that I disagree with what you are saying: I agree most wholeheartedly! Routers route. Servers serve. ... JG From owner-freebsd-isp Mon Nov 18 20:22:15 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA12828 for isp-outgoing; Mon, 18 Nov 1996 20:22:15 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA12814 for ; Mon, 18 Nov 1996 20:22:06 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.2/8.8.2) with ESMTP id UAA03018; Mon, 18 Nov 1996 20:20:57 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id UAA14723; Mon, 18 Nov 1996 20:20:49 -0800 (PST) Date: Mon, 18 Nov 1996 20:20:49 -0800 (PST) Message-Id: <199611190420.UAA14723@chimp.jnx.com> From: Tony Li To: jgreco@brasil.moneng.mei.com CC: dennis@etinc.com, isp@FreeBSD.ORG In-reply-to: <199611190357.VAA03823@brasil.moneng.mei.com> (message from Joe Greco on Mon, 18 Nov 1996 21:57:49 -0600 (CST)) Subject: Re: changed to: Frac T3? Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk I always thought packet routing was handled as a fairly high priority thing. Packet arrives, generates interrupt, kernel processes, queues for output, and sends it. User processes should have no way to compete for time spent basically dealing with an interrupt. Yes, exactly. The problem is that routing protocols (e.g., routed) run as processes and exhibit this behavior: As "sy" reached its peak value of 100, the system's interactive response became virtually dead and as the number of packets routed per second continued to grow, the vmstat "froze". I couldn't coax any response from any daemons on the system, although I was allowed to connect. When the pps being routed dropped, suddenly the system "sprang" to life again. This is enough to trash most protocols. Note that ongoing competition from other process can also be a problem. However, less clear to me is that your argument against having any "significant non-routing load" on a router applies to UNIX based routers. Maybe someone like David or Bruce could clarify this. Simple to demonstrate. Take a compute bound process which generates and receives packets periodically. This emulates your routing protocol. Start a kernel build. You'll notice a non-trivial performance hit in interactive response and computation by your routing protocol. Now renice your kernel build. Things get better, but that process still consumes bus cycles, physical memory, and gets some share of the CPU. Add more load until processes start paging. You'll note that the progress of your 'routing protocol' degrades further. Pretty soon, your timers start to slip. You're now on the brink of collapse. The result is simple: routing protocols need a guaranteed minimal amount of CPU and I/O to survive. Lacking strict resource controls under Unix, the best way of delivering that guarantee is to exclude other load from the box. For a seriously robust router, you'd also need to put a cap on the amount of time spent in interrupt processing. Tony From owner-freebsd-isp Mon Nov 18 21:24:02 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA16344 for isp-outgoing; Mon, 18 Nov 1996 21:24:02 -0800 (PST) Received: from GndRsh.aac.dev.com (GndRsh.aac.dev.com [198.145.92.241]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA16301 for ; Mon, 18 Nov 1996 21:23:59 -0800 (PST) Received: (from rgrimes@localhost) by GndRsh.aac.dev.com (8.7.5/8.7.3) id VAA11415; Mon, 18 Nov 1996 21:22:02 -0800 (PST) From: "Rodney W. Grimes" Message-Id: <199611190522.VAA11415@GndRsh.aac.dev.com> Subject: Re: changed to: Frac T3? In-Reply-To: <199611182016.OAA02995@brasil.moneng.mei.com> from Joe Greco at "Nov 18, 96 02:16:56 pm" To: jgreco@brasil.moneng.mei.com (Joe Greco) Date: Mon, 18 Nov 1996 21:22:02 -0800 (PST) Cc: tli@jnx.com, jgreco@brasil.moneng.mei.com, dennis@etinc.com, isp@FreeBSD.org X-Mailer: ELM [version 2.4ME+ PL25 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk ... > > But the topic was UNIX routing. So IOS is irrelevant, as is Microsoft. > > Anybody who wants to make a Pentium into a DS3 capable router has my > full support :-) Just FYI, the D-Link 3205 ethernet _SWITCH_ is infact a Pentium with 5 DC21140 ethernet chips.... David Greenman knows the pps switching speed vs size numbers, he did a bunch of testing, and yes, using 4 FreeBSD systems he can hit the limit of the switch using small packets. The thing this does tell us though, is that a Pentium with the right hardware and software can infact do some pretty fast packet switching (I seem to recall 10K+ pps per port using 4 ports, but David would have to give the exact numbers.) -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation, Inc. Reliable computers for FreeBSD From owner-freebsd-isp Mon Nov 18 21:47:07 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA17421 for isp-outgoing; Mon, 18 Nov 1996 21:47:07 -0800 (PST) Received: from who.cdrom.com (who.cdrom.com [204.216.27.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA17400; Mon, 18 Nov 1996 21:47:03 -0800 (PST) Received: from escape.cs.ibank.ru (escape.cs.ibank.ru [194.58.131.150]) by who.cdrom.com (8.7.5/8.6.11) with ESMTP id VAA12573 ; Mon, 18 Nov 1996 21:45:59 -0800 (PST) Received: (from igor@localhost) by escape.cs.ibank.ru (8.8.3/8.8.3/Zynaps) id IAA14073; Tue, 19 Nov 1996 08:43:01 +0300 (MSK) From: Igor Vinokurov Message-Id: <199611190543.IAA14073@escape.cs.ibank.ru> Subject: sendmail_wrapper.c To: security@freebsd.org, isp@freebsd.org Date: Tue, 19 Nov 1996 08:43:00 +0300 (MSK) X-Mailer: ELM [version 2.4ME+ PL25 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk re, Where I can get sendmail wrapper code, which only accept incoming calls and queue messages? -- Igor Vinokurov From owner-freebsd-isp Mon Nov 18 22:43:41 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id WAA19735 for isp-outgoing; Mon, 18 Nov 1996 22:43:41 -0800 (PST) Received: from escape.cs.ibank.ru (igor@escape.cs.ibank.ru [194.58.131.150]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id WAA19591; Mon, 18 Nov 1996 22:39:29 -0800 (PST) Received: (from igor@localhost) by escape.cs.ibank.ru (8.8.3/8.8.3/Zynaps) id JAA14759; Tue, 19 Nov 1996 09:38:00 +0300 (MSK) From: Igor Vinokurov Message-Id: <199611190638.JAA14759@escape.cs.ibank.ru> Subject: virtual domains in sendmail 8.8.x To: questions@freebsd.org, isp@freebsd.org Date: Tue, 19 Nov 1996 09:37:59 +0300 (MSK) X-Mailer: ELM [version 2.4ME+ PL25 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk re, Anybody can explain why virtual domain function not worked in my sendmail? I use m4 for make sendmail.cf from cf/ directory and include FEATURE(virtusertable, `hash -o /etc/mail/virtual')dnl at my config. But: [escape:/etc/mail]:544# grep ^Kvirtuser sendmail.cf Kvirtuser hash -o /etc/mail/virtual [escape:/etc/mail]:544# ls -la virtual.db -rw-r--r-- 1 root wheel 32768 Nov 18 22:07 virtual.db [escape:/etc/mail]:545# telnet localhost smtp Trying 127.0.0.1... Connected to localhost.cs.ibank.ru. Escape character is '^]'. 220 escape.cs.ibank.ru ESMTP Sendmail 8.8.3/8.8.3/Zynaps; Tue, 19 Nov 1996 09:14:43 +0300 (MSK) expn zynaps 550 zynaps... User unknown quit 221 escape.cs.ibank.ru closing connection Connection closed by foreign host. zynaps - user at virtual domain. -- Igor Vinokurov From owner-freebsd-isp Tue Nov 19 04:59:08 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id EAA03180 for isp-outgoing; Tue, 19 Nov 1996 04:59:08 -0800 (PST) Received: from pino.ngonet.be (pino.ngonet.be [193.190.166.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id EAA03171 for ; Tue, 19 Nov 1996 04:59:03 -0800 (PST) Received: from koekiemonster.ngonet.be (tommie.ngonet.be [193.190.166.2]) by pino.ngonet.be (8.7.5/8.7.3) with SMTP id NAA23534; Tue, 19 Nov 1996 13:43:58 +0100 Message-Id: <1.5.4.32.19961119144204.006b3ec8@gatekeeper> X-Sender: gullist@gatekeeper X-Mailer: Windows Eudora Light Version 1.5.4 (32) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Tue, 19 Nov 1996 13:42:04 -0100 To: Joe Greco , johns@cruz.isle.net (John Scharles) From: Gunter Loos - System Administrator Subject: Re: PPP/LCP sensing getty Cc: freebsd-isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk At 12:51 14/11/96 -0600, Joe Greco wrote: >> I looked in "ftp.freebsd.sol.net/incoming/" for the pppgetty source but >> didn't see it there.....is it old enough to walk on its own? :) > >You have to do a blind fetch, it's there. > >It's been in production use for half a year, and is by far the most popular >way to log in via PPP here. > Hm: I'm still using mgetty with the AUTOPPP option. Works great for me! Gunter. -- . .__ .| NgoNet - Internet For Belgian NGO's _| _ [ __ ||Voice +32 2 5392620 Fax +32 2 5391343 (_](/, [_./(_||| mailto:Gunter.Loos@ngonet.be From owner-freebsd-isp Tue Nov 19 05:18:18 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id FAA03959 for isp-outgoing; Tue, 19 Nov 1996 05:18:18 -0800 (PST) Received: from pegasus.dlc.fi (pegasus.dlc.fi [194.251.35.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id FAA03950 for ; Tue, 19 Nov 1996 05:18:13 -0800 (PST) Received: (from raccoon@localhost) by pegasus.dlc.fi (8.8.2/8.7.3) id PAA22067 for freebsd-isp@FreeBSD.org; Tue, 19 Nov 1996 15:17:26 +0200 (EET) From: "Antti Rytsola" Message-Id: <9611191517.ZM22063@pegasus.dlc.fi> Date: Tue, 19 Nov 1996 15:17:25 +0200 In-Reply-To: "Gary Palmer" "Stupid question no 10101" (Nov 14, 8:04pm) References: <26068.848019891@orion.webspan.net> X-Mailer: Z-Mail (3.2.3 08feb96 MediaMail) To: freebsd-isp@FreeBSD.org Subject: Re: Stupid question no 10101 Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="PART-BOUNDARY=.19611191517.ZM22063.dlc.fi" Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk --PART-BOUNDARY=.19611191517.ZM22063.dlc.fi Content-Description: Text Content-Type: text/plain ; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Zm-Decoding-Hint: mimencode -q -u > spending several days coding a password exchange system that'll sync > the databases between machines, and handle add/del users, etc, but I'd > rather try and find a less labour-intensive way of doing it ... RDist works just fine for me. -- = Antti Ryts=F6l=E4 Data Link Connections raccoon@dlc.fi = = --PART-BOUNDARY=.19611191517.ZM22063.dlc.fi-- From owner-freebsd-isp Tue Nov 19 05:24:45 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id FAA04190 for isp-outgoing; Tue, 19 Nov 1996 05:24:45 -0800 (PST) Received: from pegasus.dlc.fi (pegasus.dlc.fi [194.251.35.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id FAA04180 for ; Tue, 19 Nov 1996 05:24:27 -0800 (PST) Received: (from raccoon@localhost) by pegasus.dlc.fi (8.8.2/8.7.3) id PAA22212 for isp@FreeBSD.org; Tue, 19 Nov 1996 15:24:19 +0200 (EET) From: "Antti Rytsola" Message-Id: <9611191524.ZM22208@pegasus.dlc.fi> Date: Tue, 19 Nov 1996 15:24:18 +0200 In-Reply-To: Dror Matalon "Re: Router Purchase - the bottom line" (Nov 15, 11:33am) References: X-Mailer: Z-Mail (3.2.3 08feb96 MediaMail) To: isp@FreeBSD.org Subject: Re: Router Purchase - the bottom line Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="PART-BOUNDARY=.19611191524.ZM22208.dlc.fi" Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk --PART-BOUNDARY=.19611191524.ZM22208.dlc.fi Content-Description: Text Content-Type: text/plain ; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Zm-Decoding-Hint: mimencode -q -u > My original thinking was that I've seen disk fail more than anything > on our FreeBsd servers so that I didn't feel comfortable with the > idea of having a box with a disk running as a router. If I remember right the card is installed in to the machine but it's not used by anything, just taking up some power. So why run anything impo= rtant on the machine? Just put some old 386 board on it without harddisks and e= =2Eg. leave it on the hdd controller failure prompt or something.. -- = Antti Ryts=F6l=E4 Data Link Connections raccoon@dlc.fi = = --PART-BOUNDARY=.19611191524.ZM22208.dlc.fi-- From owner-freebsd-isp Tue Nov 19 05:43:46 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id FAA04955 for isp-outgoing; Tue, 19 Nov 1996 05:43:46 -0800 (PST) Received: from irbs.irbs.com (jc@irbs.irbs.com [199.182.75.129]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id FAA04950 for ; Tue, 19 Nov 1996 05:43:44 -0800 (PST) Received: (from jc@localhost) by irbs.irbs.com (8.8.3/8.8.3) id IAA27680; Tue, 19 Nov 1996 08:40:13 -0500 (EST) Message-ID: Date: Tue, 19 Nov 1996 08:40:13 -0500 From: jc@irbs.com (John Capo) To: igor@ibank.ru (Igor Vinokurov) Cc: freebsd-isp@FreeBSD.org Subject: Re: sendmail_wrapper.c References: <199611190543.IAA14073@escape.cs.ibank.ru> X-Mailer: Mutt 0.51 Mime-Version: 1.0 X-Organization: IRBS Engineering, (954) 792-9551 In-Reply-To: <199611190543.IAA14073@escape.cs.ibank.ru>; from Igor Vinokurov on Nov 19, 1996 08:43:00 +0300 Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Quoting Igor Vinokurov (igor@ibank.ru): > re, > > Where I can get sendmail wrapper code, which only accept incoming > calls and queue messages? > After a mod or two, I used this one for a few months with no problems. Version 1.11 addresses the problems I had. http://www.obtuse.com/juniper-docs/man/smtpd.html John Capo From owner-freebsd-isp Tue Nov 19 05:50:50 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id FAA05258 for isp-outgoing; Tue, 19 Nov 1996 05:50:50 -0800 (PST) Received: from irbs.irbs.com (jc@irbs.irbs.com [199.182.75.129]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id FAA05249 for ; Tue, 19 Nov 1996 05:50:47 -0800 (PST) Received: (from jc@localhost) by irbs.irbs.com (8.8.3/8.8.3) id IAA27777; Tue, 19 Nov 1996 08:48:57 -0500 (EST) Message-ID: Date: Tue, 19 Nov 1996 08:48:57 -0500 From: jc@irbs.com (John Capo) To: igor@ibank.ru (Igor Vinokurov) Cc: freebsd-isp@FreeBSD.org Subject: Re: virtual domains in sendmail 8.8.x References: <199611190638.JAA14759@escape.cs.ibank.ru> X-Mailer: Mutt 0.51 Mime-Version: 1.0 X-Organization: IRBS Engineering, (954) 792-9551 In-Reply-To: <199611190638.JAA14759@escape.cs.ibank.ru>; from Igor Vinokurov on Nov 19, 1996 09:37:59 +0300 Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Quoting Igor Vinokurov (igor@ibank.ru): > > Anybody can explain why virtual domain function not worked > in my sendmail? I use m4 for make sendmail.cf from cf/ directory > and include > > expn zynaps > 550 zynaps... User unknown > quit As I recall, you also need to have the virtual domain in sendmail.cw or in the Cw macro. I didn't like the virtusertable for that reason. I still use and recommend a variation of the LOCAL_RULE_0 hacks from the comp.mail.sendmail FAQ. The vitrual domain appears in one file only. ftp://ftp.his.com/pub/brad/sendmail/sendmail-faq/part1 John Capo From owner-freebsd-isp Tue Nov 19 06:37:19 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA09029 for isp-outgoing; Tue, 19 Nov 1996 06:37:19 -0800 (PST) Received: from merit.edu (merit.edu [35.1.1.42]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA09024 for ; Tue, 19 Nov 1996 06:37:13 -0800 (PST) Received: from ohm.merit.edu (ohm.merit.edu [198.108.60.65]) by merit.edu (8.7.6/merit-2.0) with ESMTP id JAA24880; Tue, 19 Nov 1996 09:37:10 -0500 (EST) From: William Bulley Received: (web@localhost) by ohm.merit.edu (8.6.9/8.6.5) id JAA19571; Tue, 19 Nov 1996 09:37:06 -0500 Message-Id: <199611191437.JAA19571@ohm.merit.edu> Subject: Re: radius pkg in ports directory To: ricardo@americasnet.com (Ricardo Kleemann) Date: Tue, 19 Nov 1996 09:37:05 -0500 (EST) Cc: freebsd-isp@freebsd.org In-Reply-To: from "Ricardo Kleemann" at Nov 18, 96 01:28:37 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk According to Ricardo Kleemann: > > I grabbed the radius pkg from the 2.1.5-RELEASE/ports/net directory and > tried to make it. It fails because it's trying to fetch the > radius.2.4.21.tar.gz base package... However if you go into ftp.merit.edu > (where the make attempts to get it) the latest radius is > radius.23c.basic.tar.gz > > So it seems that I can't build the radius pkg for freebsd :( > > Anyone out there been able to build it? Is there a previous package > version I can get in ftp.freebsd.org? Anyone can grab the basic version available at: ftp://ftp,merit.edu/radius/releases/radius.*.*.*.tar.{Z,gz} It builds just fine under FreeBSD 2.1 (should work on later ones too) Just FTP the tar file and follow the instructions in the INSTALL file. One fellow who did the original port had some suggestions which I've incorporated into a later (as yet unreleased) version... Regards, web... -- William Bulley, N8NXN Senior Systems Research Programmer Merit Network, Inc. Email: web@merit.edu 4251 Plymouth Road, Suite C Phone: (313) 764-9993 Ann Arbor, Michigan 48105-2785 Fax: (313) 647-3185 From owner-freebsd-isp Tue Nov 19 06:56:55 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA10119 for isp-outgoing; Tue, 19 Nov 1996 06:56:55 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id GAA10094 for ; Tue, 19 Nov 1996 06:56:51 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id KAA06885; Tue, 19 Nov 1996 10:03:18 -0500 Date: Tue, 19 Nov 1996 10:03:18 -0500 Message-Id: <199611191503.KAA06885@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > Yes but it depends on what kind of router it is. ISPs arent the only ones > using routers these days....for the corporate environment where traffic > is relatively light, the ability to do other stuff is a big win. > >I'm not sure if you meant to imply that all corporate environments have >light traffic loads. Let me be the first to assure you that it's NOT the >case. Let me also point out that the corporate environment is the last >place where you want to risk an unnecessary outage and the place where you >really can afford more systems. Certainly large corporations have heavy traffic loads (although they tend to be largely mondirectional), but in terms of numbers the vast majority of web sites are well under capacity.....WELL under. While Microsoft and Sony obviously need serious bandwidth utilization, most companies have much lighter usage. We're not really concerned with "outages" here, its routing load, which at T1 simply isnt an issue for a low powered pentium running freebsd and a busy web and mail server. If you're implication is that a 2501 and an NT server is somehow more reliable than a freebsd box with a card, I think you'll bet a lot of disagreement on this list. Dennis From owner-freebsd-isp Tue Nov 19 07:09:47 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA11114 for isp-outgoing; Tue, 19 Nov 1996 07:09:47 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA11107 for ; Tue, 19 Nov 1996 07:09:42 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id KAA06950; Tue, 19 Nov 1996 10:16:13 -0500 Date: Tue, 19 Nov 1996 10:16:13 -0500 Message-Id: <199611191516.KAA06950@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Tony Li writes.... > However, less clear to me is that your argument against > having any "significant non-routing load" on a router applies to UNIX > based routers. Maybe someone like David or Bruce could clarify this. > >Simple to demonstrate. Take a compute bound process which generates and >receives packets periodically. This emulates your routing protocol. Start >a kernel build. You'll notice a non-trivial performance hit in interactive >response and computation by your routing protocol. Now renice your kernel >build. Things get better, but that process still consumes bus cycles, >physical memory, and gets some share of the CPU. Add more load until >processes start paging. You'll note that the progress of your 'routing >protocol' degrades further. Pretty soon, your timers start to slip. >You're now on the brink of collapse. > >The result is simple: routing protocols need a guaranteed minimal amount of >CPU and I/O to survive. Lacking strict resource controls under Unix, the >best way of delivering that guarantee is to exclude other load from the >box. For a seriously robust router, you'd also need to put a cap on the >amount of time spent in interrupt processing. I think that tony has been working on scarce resouce machines for too long. You buy time with buffer space, and buffer space in a freebsd enviroment is rather abundant. You've got hardware buffering, and OS buffering, all which need to compensate for the time needed to service the interrupts. At T1 there is no issue, because you can buffer several full timeouts worth of data. The issue with high speed is that your interpacket process time is very short, and you cant reasonably buffer 10MB (2 seconds worth of receive data at T3) without swamping the machine. I think building a freebsd box with 1 100Mbs ethernet and 1very high speed interface is fairly easy...because you can control the process flow . Its when you've got several interfaces that it gets a little hairy, particularly with multiple bus masters where its difficult or impossible to control priority. Dennis From owner-freebsd-isp Tue Nov 19 07:15:56 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA11434 for isp-outgoing; Tue, 19 Nov 1996 07:15:56 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA11423 for ; Tue, 19 Nov 1996 07:15:51 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id KAA06980; Tue, 19 Nov 1996 10:21:09 -0500 Date: Tue, 19 Nov 1996 10:21:09 -0500 Message-Id: <199611191521.KAA06980@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Joe Greco From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >> >Here is a point though where Dennis will philosophically disagree with me, >> >and that is all right. Dennis makes a big point out of the fact that a >> >UNIX router can perform other services too... I do NOT believe in that >> >paradigm. So for me, specializing a UNIX kernel for a router would not >> >be a bad concept, but Dennis probably would not agree. >> >> I dont disagree (in fact we may have to do it to route T3), but it will be >> a specialized functions, not for everyone. >> >> In fact, there is a _great_ deal of painful experience in dealing with >> routers where there isn't quite enough CPU time to get everything done. >> Routing protocols are basically soft real-time distributed systems. When >> they get delayed, they tend to collapse in spectacular ways. As a result, >> putting any significant non-routing load on a router is a _really_ bad >> idea. You MIGHT be able to get away with it by suitable modifications to >> the Unix scheduler, but then it wouldn't be Unix, would it? ;-) And the >> cost of another box to support a server is sufficiently low that it would >> seem to make sense not to risk the routing... > >I guess I never bothered to explore this topic... > >I always thought packet routing was handled as a fairly high priority >thing. Packet arrives, generates interrupt, kernel processes, queues >for output, and sends it. It kind of does work that way, except that you cant assume that every process will get its piece of the CPU in time, because there are multiple processes sharing it. As speed increases, the possibility of an overrun increases...and that is the issue. The "efficiency" of BSD is much lower than that of a router because of the way processes share CPU time, however a PP200 has 10 or more times the processing power of most dedicated routers, so it doesnt have to be as efficient. Dennis From owner-freebsd-isp Tue Nov 19 07:26:33 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA12006 for isp-outgoing; Tue, 19 Nov 1996 07:26:33 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA11998 for ; Tue, 19 Nov 1996 07:26:24 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id KAA07060; Tue, 19 Nov 1996 10:32:37 -0500 Date: Tue, 19 Nov 1996 10:32:37 -0500 Message-Id: <199611191532.KAA07060@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: "Antti Rytsola" From: dennis@etinc.com (dennis) Subject: Re: Router Purchase - the bottom line Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >Content-Description: Text >Content-Type: text/plain ; charset=iso-8859-1 >X-Zm-Decoding-Hint: mimencode -q -u > >> My original thinking was that I've seen disk fail more than anything >> on our FreeBsd servers so that I didn't feel comfortable with the >> idea of having a box with a disk running as a router. > > If I remember right the card is installed in to the machine but it's >not used by anything, just taking up some power. So why run anything important >on the machine? Just put some old 386 board on it without harddisks and e.g. >leave it on the hdd controller failure prompt or something.. Can you even BUY a '386 in the US? Dennis :-) From owner-freebsd-isp Tue Nov 19 07:29:59 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA12201 for isp-outgoing; Tue, 19 Nov 1996 07:29:59 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA12187 for ; Tue, 19 Nov 1996 07:29:48 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id KAA07083; Tue, 19 Nov 1996 10:36:28 -0500 Date: Tue, 19 Nov 1996 10:36:28 -0500 Message-Id: <199611191536.KAA07083@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > >Here is a point though where Dennis will philosophically disagree with me, > >and that is all right. Dennis makes a big point out of the fact that a > >UNIX router can perform other services too... I do NOT believe in that > >paradigm. So for me, specializing a UNIX kernel for a router would not > >be a bad concept, but Dennis probably would not agree. > > I dont disagree (in fact we may have to do it to route T3), but it will be > a specialized functions, not for everyone. > >In fact, there is a _great_ deal of painful experience in dealing with >routers where there isn't quite enough CPU time to get everything done. >Routing protocols are basically soft real-time distributed systems. When >they get delayed, they tend to collapse in spectacular ways. As a result, >putting any significant non-routing load on a router is a _really_ bad >idea. that's 'cause you've been working with machines that have stinky little CPUs :-) > You MIGHT be able to get away with it by suitable modifications to ^^^^^^ >>the Unix scheduler, but then it wouldn't be Unix, would it? ;-) And the >>cost of another box to support a server is sufficiently low that it would >>seem to make sense not to risk the routing... The point of this discussion, I believe, was to try to determine what "it" is. As machines get faster, it keeps changing. Certainly there is a limit, but its not totally clear what it is. Dennis From owner-freebsd-isp Tue Nov 19 10:54:33 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA23985 for isp-outgoing; Tue, 19 Nov 1996 10:54:33 -0800 (PST) Received: from i-gw.dalsys.com (i-gw.dalsys.com [207.42.153.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id KAA23972 for ; Tue, 19 Nov 1996 10:54:28 -0800 (PST) Received: (from smap@localhost) by i-gw.dalsys.com (8.6.9/8.6.9) id MAA10133; Tue, 19 Nov 1996 12:54:26 -0600 Received: from future.dsc.dalsys.com(199.170.161.3) by i-gw.dalsys.com via smap (V1.3) id sma010131; Tue Nov 19 12:54:24 1996 Received: from richards.dsc.dalsys.com by future.dsc.dalsys.com (AIX 3.2/UCB 5.64/8.6.12) id AA108417; Tue, 19 Nov 1996 12:59:59 -0600 Message-Id: <32921F9A.48EA@herald.net> Date: Tue, 19 Nov 1996 12:59:06 -0800 From: Richard Stanford Organization: Herald Communications X-Mailer: Mozilla 3.0 (Win16; I) Mime-Version: 1.0 To: dennis Cc: isp@FreeBSD.org Subject: Re: changed to: Frac T3? References: <199611191536.KAA07083@etinc.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk dennis wrote: > > > >In fact, there is a _great_ deal of painful experience in dealing with > >routers where there isn't quite enough CPU time to get everything done. > >Routing protocols are basically soft real-time distributed systems. When > >they get delayed, they tend to collapse in spectacular ways. As a result, > >putting any significant non-routing load on a router is a _really_ bad > >idea. > > that's 'cause you've been working with machines that have stinky little CPUs > :-) I would hazard a guess that having a couple of large compiles kicked off at the same time would start to cause the routing system a little stress -- no matter what cpu was in the box. Difference would be how long the stress lasted. -Richard From owner-freebsd-isp Tue Nov 19 11:25:54 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA25909 for isp-outgoing; Tue, 19 Nov 1996 11:25:54 -0800 (PST) Received: from msn.globaldialog.com (root@msn.globaldialog.com [156.46.122.10]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA25901 for ; Tue, 19 Nov 1996 11:25:51 -0800 (PST) Received: from br04 (s25a.globaldialog.com [156.46.122.89]) by msn.globaldialog.com (8.8.3/8.6.12) with SMTP id NAA05957; Tue, 19 Nov 1996 13:24:28 -0600 (CST) Date: Tue, 19 Nov 1996 13:24:28 -0600 (CST) Message-Id: <199611191924.NAA05957@msn.globaldialog.com> X-Sender: jwenger@globaldialog.com X-EUDORA-DEMO: NOT FOR RESALE - 90 DAY DEMONSTRATION COPY X-Mailer: Windows Eudora Pro Version 2.1.2 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: dennis@etinc.com (dennis) From: Jack Wenger Subject: Re: Router Purchase - the bottom line Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk At 10:32 AM 11/19/96 -0500, you wrote: > >Can you even BUY a '386 in the US? > >Dennis :-) Sure! I've got 15 or 20 motherboards laying around right now. Or go to your local used computer dealer. Most 386 systems go for around $300. (sorry couldn't resist) |~~~~~~~~~~~~~~~~~~~~~'-**-'~~~~~~~~~~~~~~~~~~~~~~~| | Jack Wenger, Owner | Bent Reality Graphics | | jwenger@bentreality.com <^> http://www.bentreality.com | | "Think of it as evolution in action"; Louis Wu | | | | ~~~~~~~~~~~~~~~~~~~~~'-**-'~~~~~~~~~~~~~~~~~~~~~~~ From owner-freebsd-isp Tue Nov 19 14:10:33 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA10240 for isp-outgoing; Tue, 19 Nov 1996 14:10:33 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA10233 for ; Tue, 19 Nov 1996 14:10:25 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id QAA05994; Tue, 19 Nov 1996 16:09:05 -0600 From: Joe Greco Message-Id: <199611192209.QAA05994@brasil.moneng.mei.com> Subject: Re: PPP/LCP sensing getty To: Gullist@ngonet.be (Gunter Loos - System Administrator) Date: Tue, 19 Nov 1996 16:09:05 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, johns@cruz.isle.net, freebsd-isp@freebsd.org In-Reply-To: <1.5.4.32.19961119144204.006b3ec8@gatekeeper> from "Gunter Loos - System Administrator" at Nov 19, 96 01:42:04 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > At 12:51 14/11/96 -0600, Joe Greco wrote: > >> I looked in "ftp.freebsd.sol.net/incoming/" for the pppgetty source but > >> didn't see it there.....is it old enough to walk on its own? :) > > > >You have to do a blind fetch, it's there. > > > >It's been in production use for half a year, and is by far the most popular > >way to log in via PPP here. > Hm: I'm still using mgetty with the AUTOPPP option. Works great for me! So...? Nobody said you couldn't do that. ... JG From owner-freebsd-isp Tue Nov 19 14:21:14 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA10828 for isp-outgoing; Tue, 19 Nov 1996 14:21:14 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA10815 for ; Tue, 19 Nov 1996 14:21:05 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id QAA06024; Tue, 19 Nov 1996 16:19:18 -0600 From: Joe Greco Message-Id: <199611192219.QAA06024@brasil.moneng.mei.com> Subject: Re: changed to: Frac T3? To: tli@jnx.com (Tony Li) Date: Tue, 19 Nov 1996 16:19:18 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, dennis@etinc.com, isp@FreeBSD.org In-Reply-To: <199611190420.UAA14723@chimp.jnx.com> from "Tony Li" at Nov 18, 96 08:20:49 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > I always thought packet routing was handled as a fairly high priority > thing. Packet arrives, generates interrupt, kernel processes, queues > for output, and sends it. > > User processes should have no way to compete for time spent basically > dealing with an interrupt. > > Yes, exactly. The problem is that routing protocols (e.g., routed) run as > processes and exhibit this behavior: > > As "sy" reached its peak value of 100, the system's interactive response > became virtually dead and as the number of packets routed per second > continued to grow, the vmstat "froze". I couldn't coax any response > from any daemons on the system, although I was allowed to connect. When > the pps being routed dropped, suddenly the system "sprang" to life > again. > > This is enough to trash most protocols. Note that ongoing competition from > other process can also be a problem. > > However, less clear to me is that your argument against > having any "significant non-routing load" on a router applies to UNIX > based routers. Maybe someone like David or Bruce could clarify this. > > Simple to demonstrate. Take a compute bound process which generates and > receives packets periodically. This emulates your routing protocol. Start > a kernel build. You'll notice a non-trivial performance hit in interactive > response and computation by your routing protocol. Now renice your kernel > build. Things get better, but that process still consumes bus cycles, > physical memory, and gets some share of the CPU. Add more load until > processes start paging. You'll note that the progress of your 'routing > protocol' degrades further. Pretty soon, your timers start to slip. > You're now on the brink of collapse. > > The result is simple: routing protocols need a guaranteed minimal amount of > CPU and I/O to survive. Lacking strict resource controls under Unix, the > best way of delivering that guarantee is to exclude other load from the > box. For a seriously robust router, you'd also need to put a cap on the > amount of time spent in interrupt processing. I can see this as a problem for routing protocols, should one choose to run gated/etc on such a box, yes. I suspect that scheduling such a process with real time priority may have some benefits, and scheduling other servers with idle time priority may be a further win. Clearly, neither would be adequate for the case where the machine is being saturated with packets, but from a "piggy process" point of view, this might be sufficient. ... JG From owner-freebsd-isp Tue Nov 19 14:33:14 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA11586 for isp-outgoing; Tue, 19 Nov 1996 14:33:14 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA11575 for ; Tue, 19 Nov 1996 14:33:04 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.3/8.8.3) with ESMTP id OAA12859; Tue, 19 Nov 1996 14:32:29 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id OAA16231; Tue, 19 Nov 1996 14:32:19 -0800 (PST) Date: Tue, 19 Nov 1996 14:32:19 -0800 (PST) Message-Id: <199611192232.OAA16231@chimp.jnx.com> From: Tony Li To: dennis@etinc.com CC: isp@freebsd.org In-reply-to: <199611191536.KAA07083@etinc.com> (dennis@etinc.com) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >In fact, there is a _great_ deal of painful experience in dealing with >routers where there isn't quite enough CPU time to get everything done. >Routing protocols are basically soft real-time distributed systems. When >they get delayed, they tend to collapse in spectacular ways. As a result, >putting any significant non-routing load on a router is a _really_ bad >idea. that's 'cause you've been working with machines that have stinky little CPUs :-) Like 150Mhz MIPS boxes. ;-) You're right. Of course, I also consider a PP200 to be a "stinky little CPU", so we still haven't gotten rid of the problem. > You MIGHT be able to get away with it by suitable modifications to ^^^^^^ >>the Unix scheduler, but then it wouldn't be Unix, would it? ;-) And the >>cost of another box to support a server is sufficiently low that it would >>seem to make sense not to risk the routing... The point of this discussion, I believe, was to try to determine what "it" is. As machines get faster, it keeps changing. Certainly there is a limit, but its not totally clear what it is. As I think I pointed out in another message, "it" is a guarantee of cycles and I/O to the routing protocols. Tony From owner-freebsd-isp Tue Nov 19 14:38:54 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA11768 for isp-outgoing; Tue, 19 Nov 1996 14:38:54 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA11761 for ; Tue, 19 Nov 1996 14:38:45 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.3/8.8.3) with ESMTP id OAA12890; Tue, 19 Nov 1996 14:38:12 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id OAA16243; Tue, 19 Nov 1996 14:38:02 -0800 (PST) Date: Tue, 19 Nov 1996 14:38:02 -0800 (PST) Message-Id: <199611192238.OAA16243@chimp.jnx.com> From: Tony Li To: dennis@etinc.com CC: isp@freebsd.org In-reply-to: <199611191516.KAA06950@etinc.com> (dennis@etinc.com) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I think that tony has been working on scarce resouce machines for too long. Well, that's certainly true. However, PC's don't have significantly more resources, so... You buy time with buffer space, and buffer space in a freebsd enviroment is rather abundant. You've got hardware buffering, and OS buffering, all which need to compensate for the time needed to service the interrupts. Sorry, this just false. Buffering allows you to trade rate mismatches for latency. Unfortunately, you have a hard latency limitation. So adding 4GBytes of buffering to your FreeBSD box does NOT make the routing protocol more stable. At T1 there is no issue, because you can buffer several full timeouts worth of data. Yes, but so what? If you queue up my protocol packets then either I can't get at them for several seconds. Alternately, if this is output buffering and my protocol packets don't get out of the box for several seconds, I'm equally toast. I think building a freebsd box with 1 100Mbs ethernet and 1very high speed interface is fairly easy...because you can control the process flow. I agree with the goal and the conclusion. I still don't believe that you've got enough process level control that you can also make the box a Web server, say and not endanger the protocols. Tony From owner-freebsd-isp Tue Nov 19 14:45:44 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA12190 for isp-outgoing; Tue, 19 Nov 1996 14:45:44 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA12170 for ; Tue, 19 Nov 1996 14:45:38 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.3/8.8.3) with ESMTP id OAA13246; Tue, 19 Nov 1996 14:45:06 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id OAA16253; Tue, 19 Nov 1996 14:44:57 -0800 (PST) Date: Tue, 19 Nov 1996 14:44:57 -0800 (PST) Message-Id: <199611192244.OAA16253@chimp.jnx.com> From: Tony Li To: dennis@etinc.com CC: isp@freebsd.org In-reply-to: <199611191503.KAA06885@etinc.com> (dennis@etinc.com) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk We're not really concerned with "outages" here, its routing load, which at T1 simply isnt an issue for a low powered pentium running freebsd and a busy web and mail server. Excuse me, but outages are paramount. They are the direct result of technology failure and are the metric of user pain and anguish. I agree that the routing load is not an issue, however, the load of a busy web and mail server may cause routing to fail. If you're implication is that a 2501 and an NT server is somehow more reliable than a freebsd box with a card, I think you'll bet a lot of disagreement on this list. I'm not trying to imply anything other than what I'm saying outright: running significant services on the same Unix box that you've got running mission-critical routing is going to be less reliable than a situation where routing does not have competition for resources. Tony From owner-freebsd-isp Tue Nov 19 15:48:52 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id PAA16671 for isp-outgoing; Tue, 19 Nov 1996 15:48:52 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id PAA16666 for ; Tue, 19 Nov 1996 15:48:49 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id SAA09938; Tue, 19 Nov 1996 18:55:07 -0500 Date: Tue, 19 Nov 1996 18:55:07 -0500 Message-Id: <199611192355.SAA09938@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk T. Li writes... > We're not really concerned with "outages" here, its routing load, which at > T1 simply isnt an issue for a low powered pentium running freebsd and a > busy web and mail server. > >Excuse me, but outages are paramount. They are the direct result of >technology failure and are the metric of user pain and anguish. I agree >that the routing load is not an issue, however, the load of a busy web and >mail server may cause routing to fail. Doesnt in practice...thats the point... A web server cant be busier than the bandwidth...its rather measurable, and one or even 2 T1s is just not enough load to justify an external router with 1/5th the horsepower. > > If you're implication is that a 2501 and an NT server is somehow more > reliable than a freebsd box with a card, I think you'll bet a lot of > disagreement on this list. > >I'm not trying to imply anything other than what I'm saying outright: >running significant services on the same Unix box that you've got running >mission-critical routing is going to be less reliable than a situation >where routing does not have competition for resources. I reject your premise based on the fact that the routing is an implicit function of the mail and web servers, and that there is no greater load routing from a serial port to a service than from an ethernet to a service. Certainly at some point you need a dedicated router with multiple external servers, but T1 is a breeze to route, and a waste of resources to dedicate a Pentium just to routing. I think that you are talking about backbone routers and we're talking about something smaller...one or 2 t1 installations. Obviously at T3 you won't be running a web server on the box! Dennis From owner-freebsd-isp Tue Nov 19 15:55:07 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id PAA16928 for isp-outgoing; Tue, 19 Nov 1996 15:55:07 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id PAA16915 for ; Tue, 19 Nov 1996 15:55:03 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id TAA09973; Tue, 19 Nov 1996 19:01:44 -0500 Date: Tue, 19 Nov 1996 19:01:44 -0500 Message-Id: <199611200001.TAA09973@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > The point of this discussion, I believe, was to try to determine what > "it" is. As machines get faster, it keeps changing. Certainly there is > a limit, but its not totally clear what it is. > >As I think I pointed out in another message, "it" is a guarantee of cycles >and I/O to the routing protocols. There is no "guarantee" in unix, so you cant answer the question with your method. The best you can do is guess. Dropping packets occasionally can't be avoided without great overexpenditure, so the best we can try for is "very infrequently".... Dennis From owner-freebsd-isp Tue Nov 19 16:03:19 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA17358 for isp-outgoing; Tue, 19 Nov 1996 16:03:19 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA17353 for ; Tue, 19 Nov 1996 16:03:17 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.3/8.8.3) with ESMTP id QAA16942; Tue, 19 Nov 1996 16:02:45 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id QAA16485; Tue, 19 Nov 1996 16:02:35 -0800 (PST) Date: Tue, 19 Nov 1996 16:02:35 -0800 (PST) Message-Id: <199611200002.QAA16485@chimp.jnx.com> From: Tony Li To: dennis@etinc.com CC: isp@freebsd.org In-reply-to: <199611192355.SAA09938@etinc.com> (dennis@etinc.com) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >Excuse me, but outages are paramount. They are the direct result of >technology failure and are the metric of user pain and anguish. I agree >that the routing load is not an issue, however, the load of a busy web and >mail server may cause routing to fail. Doesnt in practice... Your practice doesn't jive with my practice. I'll again agree to disagree. A web server cant be busier than the bandwidth... Can you say CGI? ;-) and one or even 2 T1s is just not enough load to justify an external router with 1/5th the horsepower. That depends on the routing protocols and their load, the Web server, and the criticality of the mission. >I'm not trying to imply anything other than what I'm saying outright: >running significant services on the same Unix box that you've got running >mission-critical routing is going to be less reliable than a situation >where routing does not have competition for resources. I reject your premise based on the fact that the routing is an implicit function of the mail and web servers, We have some confusion here between forwarding load, and routing load. You are correct, that forwarding load is a function of bandwidth. Forwarding is not all that a router does. I think that you are talking about backbone routers and we're talking about something smaller...one or 2 t1 installations. Obviously at T3 you won't be running a web server on the box! Modulo the above confusion, we agree. Note that a T1 installation CAN have a great deal of routing load while it's bandwidth is not stressed at all. Simply get a couple of full BGP feeds... Tony From owner-freebsd-isp Tue Nov 19 16:04:22 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA17454 for isp-outgoing; Tue, 19 Nov 1996 16:04:22 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA17446 for ; Tue, 19 Nov 1996 16:04:20 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.3/8.8.3) with ESMTP id QAA16952; Tue, 19 Nov 1996 16:03:49 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id QAA16488; Tue, 19 Nov 1996 16:03:39 -0800 (PST) Date: Tue, 19 Nov 1996 16:03:39 -0800 (PST) Message-Id: <199611200003.QAA16488@chimp.jnx.com> From: Tony Li To: dennis@etinc.com CC: isp@freebsd.org In-reply-to: <199611200001.TAA09973@etinc.com> (dennis@etinc.com) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >As I think I pointed out in another message, "it" is a guarantee of cycles >and I/O to the routing protocols. There is no "guarantee" in unix, so you cant answer the question with your method. The best you can do is guess. You can "guarantee" this by not giving the box other stuff to do.... Dropping packets occasionally can't be avoided without great overexpenditure, so the best we can try for is "very infrequently".... Umm.... yes, but that's orthogonal to the discussion. Tony From owner-freebsd-isp Tue Nov 19 16:06:22 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA17608 for isp-outgoing; Tue, 19 Nov 1996 16:06:22 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id QAA17589 for ; Tue, 19 Nov 1996 16:06:18 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id TAA10070; Tue, 19 Nov 1996 19:13:06 -0500 Date: Tue, 19 Nov 1996 19:13:06 -0500 Message-Id: <199611200013.TAA10070@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk T.Li writes... > You buy time with buffer space, and buffer space in a freebsd > enviroment is rather abundant. You've got hardware buffering, and OS > buffering, all which need to compensate for the time needed to service > the interrupts. > >Sorry, this just false. Buffering allows you to trade rate mismatches for >latency. Unfortunately, you have a hard latency limitation. So adding >4GBytes of buffering to your FreeBSD box does NOT make the routing protocol >more stable. buffering increases the inter-service time for hardware by the OS...how the OS gets the data from one interface to another is another matter. Clearly we're not talking about the same things here...Im not sure what you mean by routing protocol stablity. Are you talking about IP? BGP? or what? > > At T1 there is no issue, because you can buffer several full timeouts > worth of data. > >Yes, but so what? If you queue up my protocol packets then either I can't >get at them for several seconds. Alternately, if this is output buffering >and my protocol packets don't get out of the box for several seconds, I'm >equally toast. IP is largely self throttling, and queue management shouldnt allow for holding packets longer than the protocols allow for. > I think building a freebsd box with 1 100Mbs ethernet and 1very high > speed interface is fairly easy...because you can control the process > flow. > >I agree with the goal and the conclusion. I still don't believe that >you've got enough process level control that you can also make the box a >Web server, say and not endanger the protocols. What you fail to mention is "at what point". I dont think we're even asking that question...we're trying to figure out the capabiltiy with minimal processes running. Dennis From owner-freebsd-isp Tue Nov 19 16:28:41 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA18627 for isp-outgoing; Tue, 19 Nov 1996 16:28:41 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA18622 for ; Tue, 19 Nov 1996 16:28:38 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.3/8.8.3) with ESMTP id QAA17877; Tue, 19 Nov 1996 16:28:07 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id QAA16538; Tue, 19 Nov 1996 16:27:58 -0800 (PST) Date: Tue, 19 Nov 1996 16:27:58 -0800 (PST) Message-Id: <199611200027.QAA16538@chimp.jnx.com> From: Tony Li To: dennis@etinc.com CC: isp@freebsd.org In-reply-to: <199611200013.TAA10070@etinc.com> (dennis@etinc.com) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Clearly we're not talking about the same things here...Im not sure what you mean by routing protocol stablity. Are you talking about IP? BGP? or what? BGP, OSPF, whatever... the problem remains the same, only the constants change. IP is largely self throttling, and queue management shouldnt allow for holding packets longer than the protocols allow for. And around we go.... queue management needs to guarantee that "my packets get out in a timely fashion" (sorry, Unix doesn't). Queue management that drops protocol packets is a Bad Thing, as the protocol will fail sooner... >I agree with the goal and the conclusion. I still don't believe that >you've got enough process level control that you can also make the box a >Web server, say and not endanger the protocols. What you fail to mention is "at what point". I dont think we're even asking that question...we're trying to figure out the capabiltiy with minimal processes running. Well, that point is HIGHLY dynamic, so it's a tough call. We can clearly say that it's a function of the demands of the routing protocol and the other applications that you want to run. Roughly, we can characterize the routing protocol in terms of memory requirements, minimal CPU cycles, and I/O needs. We can obviously characterize the hardware. Now, the remainder is the budget that can be safely spent on other apps. Finding apps that will stay within this remainder is the truly hard part, and because Unix doesn't have a nice way to control these processes, most interesting apps can "blossom". If the site has some external ways of controlling things (e.g., the box can only run 5 ftpd's, their window size is X, and they are bandwidth limited by the link) then you have a reasonable solution. Tony From owner-freebsd-isp Tue Nov 19 17:01:26 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA20388 for isp-outgoing; Tue, 19 Nov 1996 17:01:26 -0800 (PST) Received: from cedb.dpcsys.com (cedb.DPCSYS.COM [165.90.143.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA20383 for ; Tue, 19 Nov 1996 17:01:23 -0800 (PST) Received: from cedb (cedb.DPCSYS.COM [165.90.143.3]) by cedb.dpcsys.com (8.8.2/DPC-1.0) with SMTP id QAA29589; Tue, 19 Nov 1996 16:57:52 -0800 (PST) Date: Tue, 19 Nov 1996 16:57:52 -0800 (PST) From: Dan Busarow X-Sender: dan@cedb To: Tony Li cc: isp@freebsd.org Subject: Re: changed to: Frac T3? In-Reply-To: <199611192238.OAA16243@chimp.jnx.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Tue, 19 Nov 1996, Tony Li wrote: > I agree with the goal and the conclusion. I still don't believe that > you've got enough process level control that you can also make the box a > Web server, say and not endanger the protocols. If you are running a web server, and maybe sendmail and popper, on this box it's probably not a real* router. I bet it'll have a default route out the serial interface and a static route pointing at the interior network. If this is the case, should a P133 have any problems, even under heavy load? I don't see how the choice between two routes would get in its way. * it's not going to be running gated or even routed Dan -- Dan Busarow 714 443 4172 DPC Systems dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 From owner-freebsd-isp Tue Nov 19 17:15:39 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA21266 for isp-outgoing; Tue, 19 Nov 1996 17:15:39 -0800 (PST) Received: from red.jnx.com (red.jnx.com [208.197.169.254]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA21249 for ; Tue, 19 Nov 1996 17:15:33 -0800 (PST) Received: from chimp.jnx.com (chimp.jnx.com [208.197.169.246]) by red.jnx.com (8.8.3/8.8.3) with ESMTP id RAA20814; Tue, 19 Nov 1996 17:15:02 -0800 (PST) Received: (from tli@localhost) by chimp.jnx.com (8.7.6/8.7.3) id RAA16629; Tue, 19 Nov 1996 17:14:52 -0800 (PST) Date: Tue, 19 Nov 1996 17:14:52 -0800 (PST) Message-Id: <199611200114.RAA16629@chimp.jnx.com> From: Tony Li To: dan@dpcsys.com CC: isp@freebsd.org In-reply-to: (message from Dan Busarow on Tue, 19 Nov 1996 16:57:52 -0800 (PST)) Subject: Re: changed to: Frac T3? Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk If you are running a web server, and maybe sendmail and popper, on this box it's probably not a real* router. I bet it'll have a default route out the serial interface and a static route pointing at the interior network. If this is the case, should a P133 have any problems, even under heavy load? I don't see how the choice between two routes would get in its way. * it's not going to be running gated or even routed Well, obviously the static routes won't fall out if the box is overloaded. So for that case, no problem. Of course, as you say, it's not a Real Router (tm) ;-) Tony From owner-freebsd-isp Tue Nov 19 17:31:07 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA22391 for isp-outgoing; Tue, 19 Nov 1996 17:31:07 -0800 (PST) Received: from etinc.com (et-gw-fr1.etinc.com [204.141.244.98]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id RAA22385 for ; Tue, 19 Nov 1996 17:31:02 -0800 (PST) Received: from ntws (ntws.etinc.com [204.141.95.142]) by etinc.com (8.6.12/8.6.9) with SMTP id UAA10562; Tue, 19 Nov 1996 20:37:21 -0500 Date: Tue, 19 Nov 1996 20:37:21 -0500 Message-Id: <199611200137.UAA10562@etinc.com> X-Sender: dennis@etinc.com X-Mailer: Windows Eudora Version 2.0.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Tony Li From: dennis@etinc.com (dennis) Subject: Re: changed to: Frac T3? Cc: isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > Clearly we're not talking about the same things here...Im not sure what > you mean by routing protocol stablity. Are you talking about IP? BGP? > or what? > >BGP, OSPF, whatever... the problem remains the same, only the constants >change. > > IP is largely self throttling, and queue management shouldnt allow for > holding packets longer than the protocols allow for. > >And around we go.... queue management needs to guarantee that "my packets >get out in a timely fashion" (sorry, Unix doesn't). Queue management that >drops protocol packets is a Bad Thing, as the protocol will fail sooner... Well, routing protocol packets are priority packets and packets never get dropped from the priority queues (well, not normally). This is a feature in our product's driver...not BSD in general. Dennis From owner-freebsd-isp Tue Nov 19 21:49:16 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA05932 for isp-outgoing; Tue, 19 Nov 1996 21:49:16 -0800 (PST) Received: from delenn.netpci.com (root@celerity.guam.net [202.128.6.9]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA05925 for ; Tue, 19 Nov 1996 21:49:09 -0800 (PST) Received: (from jbh@localhost) by delenn.netpci.com (8.7.5/8.7.3) id PAA01170; Wed, 20 Nov 1996 15:48:54 -1000 (GMT+10) Date: Wed, 20 Nov 1996 15:48:54 -1000 (GMT+10) From: Justin Harvey To: Ricardo Kleemann cc: FreeBSD ISP list Subject: Re: radius pkg in ports directory In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I downloaded mine from ftp.livingston.com and with a little tweaking it worked fine. Want the binaries? Justin On Mon, 18 Nov 1996, Ricardo Kleemann wrote: > Hi, > > I grabbed the radius pkg from the 2.1.5-RELEASE/ports/net directory and > tried to make it. It fails because it's trying to fetch the > radius.2.4.21.tar.gz base package... However if you go into ftp.merit.edu > (where the make attempts to get it) the latest radius is > radius.23c.basic.tar.gz > > So it seems that I can't build the radius pkg for freebsd :( > > Anyone out there been able to build it? Is there a previous package > version I can get in ftp.freebsd.org? > > Thanks > Ricardo > From owner-freebsd-isp Tue Nov 19 21:49:21 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA05946 for isp-outgoing; Tue, 19 Nov 1996 21:49:21 -0800 (PST) Received: from delenn.netpci.com (celerity.guam.net [202.128.6.9]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA05926 for ; Tue, 19 Nov 1996 21:49:12 -0800 (PST) Received: (from jbh@localhost) by delenn.netpci.com (8.7.5/8.7.3) id PAA01159; Wed, 20 Nov 1996 15:48:10 -1000 (GMT+10) Date: Wed, 20 Nov 1996 15:48:10 -1000 (GMT+10) From: Justin Harvey To: graydon hoare cc: freebsd-isp@freebsd.org Subject: Re: kerberos & RADIUS In-Reply-To: <3290760F.2781E494@multinet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk How is the radius stuff further along for Linux that FreeBSD? Just ftp the lastest source code from Livingston and compile it. Justin On Mon, 18 Nov 1996, graydon hoare wrote: > Michael Dillon wrote: > > > > On Sat, 16 Nov 1996, Ricardo Kleemann wrote: > > > > > I just need to be able to share passwd databases between Linux and > > > freebsd, and I'm looking for a solution. > > > > RADIUS will work. Since the RADIUS stuff for Linux is further along than > > FreeBSD, run radiusd on your FreeBSD box and the radlogin stuff on Linux. > > I haven't used RADIUS yet but I'm getting along OK with kerb. Does > RADIUS use pub-key stuff too? Anyone know the major package differences? > Kerberos is nitpicky at times, I'll grant that, but it seems pretty > secure, and it's already built in to helpful stuff like the r-commands > and my netblazers. I mean, the downside is it's so confusing that if, on > the off chance, you get an intruder who knows some sneaky way through > it, there's no way in hell you'll understand what they're doing ;) but > I'm a big fan of the kerberos security model. > From owner-freebsd-isp Tue Nov 19 22:20:56 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id WAA07578 for isp-outgoing; Tue, 19 Nov 1996 22:20:56 -0800 (PST) Received: from orion.denverweb.net (root@p22.pm-8.pm.dimensional.com [206.100.130.246]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id WAA07568 for ; Tue, 19 Nov 1996 22:20:49 -0800 (PST) Received: from orion (blaine@localhost [127.0.0.1]) by orion.denverweb.net (8.7.5/8.7.3) with SMTP id XAA01620 for ; Tue, 19 Nov 1996 23:21:03 -0700 Message-ID: <3292A34E.556B242@w3page.com> Date: Tue, 19 Nov 1996 23:21:02 -0700 From: Blaine Minazzi Organization: What, me organized? X-Mailer: Mozilla 3.01 (X11; I; Linux 2.0.25 i486) MIME-Version: 1.0 To: isp@FreeBSD.org Subject: Re: changed to: Frac T3? References: <199611192238.OAA16243@chimp.jnx.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Someone scribbled: > > I think that tony has been working on scarce resouce machines for too > long. > > Well, that's certainly true. However, PC's don't have significantly more > resources, so... > > You buy time with buffer space, and buffer space in a freebsd ~~~~~~~~~> ~~~~~~> > Yes, but so what? If you queue up my protocol packets then either I can't ~~~~~~~~~~~~~~~~~~~~~~~ deleted stuff.... Right.... _SO WHAT_? Is anyone else finding this thread getting a wee bit stale? Routers, FreeBSD, whatever. You just use the tool that does the job. If you can get by on a old 386/33 with 8 megs and FreeBSD ... GREAT! If you have to spend Mucho $$$ Squared to handle the routing on multiple T-3's , Then you have a very nice problem. You are obviously routing one hell of a lot of traffic, for which you are most likely being well paid. So you can afford the big iron, and the cost is trivial compared to your revenues. ( That, or your headed for bankruptcy. ) Most of us ISP's are content to use whatever works, and don't give a hoot in hell about anything except how we can do the job at a resonable cost. Each of us weighs the factors, reliability, performance, cost, etc... FreeBSD works great. To a point. ( a constantly upward moving point, as machines get faster. ) Beyond that, you have to spend more.. Cost at that point is not really an issue. That would be like me complaining because I needed my own Armored Car to take my deposits to the bank. What a nice problem to have. But buying one to take a few checks to the bank would be industrial strength stupid. Only an Armored Car Salesman would disagree.... My overtaxed .02 worth... :-) Blaine Minazzi From owner-freebsd-isp Tue Nov 19 23:20:11 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA10245 for isp-outgoing; Tue, 19 Nov 1996 23:20:11 -0800 (PST) Received: from mail.webspan.net (mail.webspan.net [206.154.70.7]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA10212 for ; Tue, 19 Nov 1996 23:20:06 -0800 (PST) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (8.7.5/8.7.3) with ESMTP id CAA04609; Wed, 20 Nov 1996 02:18:22 -0500 (EST) Received: from orion.webspan.net (localhost [127.0.0.1]) by orion.webspan.net (8.7.5/8.7.3) with ESMTP id CAA06952; Wed, 20 Nov 1996 02:18:22 -0500 (EST) To: Michael Dillon cc: freebsd-isp@FreeBSD.org From: "Gary Palmer" Subject: Re: Stupid question no 10101 In-reply-to: Your message of "Thu, 14 Nov 1996 18:51:16 PST." Date: Wed, 20 Nov 1996 02:18:22 -0500 Message-ID: <6950.848474302@orion.webspan.net> Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Michael Dillon wrote in message ID : > On Thu, 14 Nov 1996, Gary Palmer wrote: > > > If you're an ISP, and need to share password info between machines, > > but not keep identical info on the machines, how do you handle it? NIS > > I think the best way is to have two machines with complete password info > and run RADIUSD on them. Then use hacked versions of login, ftpd, popper > etc. on the other machines to authenticate via RADIUS. On shell account > machines, hack login to add the user to the local passwd database for the > duration of their session and hack getty to yank them out again when they > log off or get disconnected. Hmm. The question is how well does this work (say) for sendmail delivery too? Or, since the development you are talking about is taking place on linux, is it qmail? Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info From owner-freebsd-isp Tue Nov 19 23:23:21 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA10418 for isp-outgoing; Tue, 19 Nov 1996 23:23:21 -0800 (PST) Received: from mail.webspan.net (mail.webspan.net [206.154.70.7]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA10408 for ; Tue, 19 Nov 1996 23:23:19 -0800 (PST) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (8.7.5/8.7.3) with ESMTP id CAA04858; Wed, 20 Nov 1996 02:22:17 -0500 (EST) Received: from orion.webspan.net (localhost [127.0.0.1]) by orion.webspan.net (8.7.5/8.7.3) with ESMTP id CAA07067; Wed, 20 Nov 1996 02:22:12 -0500 (EST) To: Justin Harvey cc: Michael Dillon , freebsd-isp@freebsd.org From: "Gary Palmer" Subject: Re: Stupid question no 10101 In-reply-to: Your message of "Fri, 15 Nov 1996 14:56:18 -1000." Date: Wed, 20 Nov 1996 02:22:12 -0500 Message-ID: <7065.848474532@orion.webspan.net> Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Justin Harvey wrote in message ID : > Or, yet another alternative is to use NIS, I know you said it was > insecure but you need to define 'insecue'. I bet it would be more secure > than whatever kind of password exchanging mechanism you're thining of > programming. > NIS isn't exactly 'insecure', IMO I think it's had a bad rap due to > people misconfiguring it. You can also configure NIS to share files that > are not defaulted with the package. Try sharing your password file with NIS. Basically, if you use plain old NIS, it publishes your password file (or at least the passwords of your users) to anyone who cares to look (I've been told that there is some program called `ypghost' which lets people do this). I, for one, don't want my users passwords disseminated to anyone who wants an easy back-door into our system. (and, yes, I have thought of using an access list (aka packet filter) on our Cisco gateway, but access lists can be bypassed, and it still leaves it open to all our shell users). Makes it kinda stupid to use NIS in a shadowed password environment ... Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info From owner-freebsd-isp Wed Nov 20 00:10:50 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA13097 for isp-outgoing; Wed, 20 Nov 1996 00:10:50 -0800 (PST) Received: from pinky.junction.net (pinky.junction.net [199.166.227.12]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id AAA13084 for ; Wed, 20 Nov 1996 00:10:42 -0800 (PST) Received: from sidhe.memra.com (sidhe.memra.com [199.166.227.105]) by pinky.junction.net (8.6.12/8.6.12) with ESMTP id AAA13449 for ; Wed, 20 Nov 1996 00:26:16 -0800 Received: from localhost (michael@localhost) by sidhe.memra.com (8.6.12/8.6.12) with SMTP id AAA28586 for ; Wed, 20 Nov 1996 00:07:12 -0800 Date: Wed, 20 Nov 1996 00:07:10 -0800 (PST) From: Michael Dillon To: freebsd-isp@FreeBSD.org Subject: Re: Stupid question no 10101 In-Reply-To: <6950.848474302@orion.webspan.net> Message-ID: Organization: Memra Software Inc. - Internet consulting MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Wed, 20 Nov 1996, Gary Palmer wrote: > Hmm. The question is how well does this work (say) for sendmail > delivery too? Or, since the development you are talking about is > taking place on linux, is it qmail? I don't have many details about this but since sendmail can easily handle things like databases to map user names into anything you want I expect this is just a matter of tweaking sendmail.cf and maintaining a userdb. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com From owner-freebsd-isp Wed Nov 20 00:17:56 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA13637 for isp-outgoing; Wed, 20 Nov 1996 00:17:56 -0800 (PST) Received: from wizard.teksupport.net.au (wizard.teksupport.net.au [203.17.1.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id AAA13629 for ; Wed, 20 Nov 1996 00:17:48 -0800 (PST) Received: from magician.teksupport.net.au (magician.teksupport.net.au [203.17.1.98]) by wizard.teksupport.net.au (8.6.11/8.6.9) with SMTP id TAA01918 for ; Wed, 20 Nov 1996 19:17:44 +1100 Message-Id: <199611200817.TAA01918@wizard.teksupport.net.au> X-Sender: robseco1@wizard.teksupport.net.au X-Mailer: Windows Eudora Light Version 1.5.2 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Wed, 20 Nov 1996 19:17:44 +1000 To: freebsd-isp@FreeBSD.org From: Rob Secombe Subject: FreeBSD kernel disable suid scripts? Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Hi all, Does the FreeBSD kernel disable suid scripts? In the perl programming book it indicates that some unixes do this, and it would appear to be doing the same thing here. We are currently running 2.0-RELEASE and are currently preparing ourselves for the upgrade to 2.2 on its release. Thanks Rob Secombe Teksupport Pty. Ltd. 7 Warwick Avenue, Springvale, Email robseco@wizard.teksupport.net.au Melbourne 3171 Victoria Australia World Wide Web http://www.teksupport.net.au/ ************************************************************************* From owner-freebsd-isp Wed Nov 20 03:42:10 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id DAA25435 for isp-outgoing; Wed, 20 Nov 1996 03:42:10 -0800 (PST) Received: from cwbone.bsi.com.br (cwbone.bsi.com.br [200.250.250.14]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id DAA25426 for ; Wed, 20 Nov 1996 03:42:07 -0800 (PST) Received: (from jalves@localhost) by cwbone.bsi.com.br (8.6.12/8.6.9) id JAA15674; Wed, 20 Nov 1996 09:44:48 GMT Date: Wed, 20 Nov 1996 09:44:48 +0000 () From: Joao Alves Junior To: isp@freebsd.org Subject: Wais Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hello all Could anyone tell me where can I get a Wais server for FreeBSD??? Thanks in advance Joao Alves Junior From owner-freebsd-isp Wed Nov 20 03:58:11 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id DAA26430 for isp-outgoing; Wed, 20 Nov 1996 03:58:11 -0800 (PST) Received: from main.gbdata.com ([207.90.222.20]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id DAA26420; Wed, 20 Nov 1996 03:58:07 -0800 (PST) Received: (from gclarkii@localhost) by main.gbdata.com (8.7.5/8.6.9) id FAA20861; Wed, 20 Nov 1996 05:56:55 -0600 (CST) From: Gary Clark II Message-Id: <199611201156.FAA20861@main.gbdata.com> Subject: Re: Stupid question no 10101 To: gpalmer@freebsd.org (Gary Palmer) Date: Wed, 20 Nov 1996 05:56:44 -0600 (CST) Cc: jbh@netpci.com, michael@memra.com, freebsd-isp@freebsd.org In-Reply-To: <7065.848474532@orion.webspan.net> from Gary Palmer at "Nov 20, 96 02:22:12 am" X-Mailer: ELM [version 2.4ME+ PL22 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Gary Palmer wrote: --SNIP-- > Makes it kinda stupid to use NIS in a shadowed password environment ... If you are using only FreeBSD machines (like I am here) you can a a little security. Only prived apps can get the passwords. Regular users can only get passwd.byname. > > Gary > -- > Gary Palmer FreeBSD Core Team Member > FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info > Gary -- Gary Clark II (N5VMF) | I speak only for myself and "maybe" my company gclarkii@GBData.COM | Member of the FreeBSD Doc Team Providing Internet and ISP startups mail info@GBData.COM for information FreeBSD FAQ at ftp://ftp.FreeBSD.ORG/pub/FreeBSD/docs/freebsd-faq.ascii From owner-freebsd-isp Wed Nov 20 04:09:44 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id EAA27548 for isp-outgoing; Wed, 20 Nov 1996 04:09:44 -0800 (PST) Received: from free-me.marben.be (gatekeeper.marben.be [194.78.27.10]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id EAA27162 for ; Wed, 20 Nov 1996 04:08:27 -0800 (PST) Received: (from smap@localhost) by free-me.marben.be (8.7.5/8.7.3) id NAA11102; Wed, 20 Nov 1996 13:07:22 +0100 (MET) X-Authentication-Warning: free-me.marben.be: smap set sender to using -f Received: from tarifa.marben.be(172.20.0.254) by free-me.marben.be via smap (V1.3) id sma011100; Wed Nov 20 13:07:20 1996 Received: from tarifa.marben.be by tarifa via SMTP (940816.SGI.8.6.9/940406.SGI.AUTO) id NAA00442; Wed, 20 Nov 1996 13:01:02 +0100 Message-ID: <3292F2FE.52BF@marben.be> Date: Wed, 20 Nov 1996 13:01:02 +0100 From: Jean-Pierre Morant Organization: Marben SA-NV X-Mailer: Mozilla 3.0Gold (X11; I; IRIX 5.3 IP22) MIME-Version: 1.0 To: Joao Alves Junior CC: isp@freebsd.org Subject: Re: Wais References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I've used the original source from 2.0.65 and it works pretty well (just disabled the optimization params for the compiler I think). Idem for SFgate (html-wais G/W). Reference site : \http://ls6-www.informatik.uni-dortmund.de/freeWAIS-sf/fwsf_toc.html JPM -- Jean-Pierre Morant c/o MARBEN S.A./N.V. La vie serait tellement Boulevard du Souverain,400, Vorstlaan plus facile 1160 Bruxelles Si seulement Belgium nous avions les sources.... + 32 2 663 1130 (phone) + 32 2 663 1199 (fax) http://www.marben.be jpm@marben.be From owner-freebsd-isp Wed Nov 20 07:01:31 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA09469 for isp-outgoing; Wed, 20 Nov 1996 07:01:31 -0800 (PST) Received: from irbs.irbs.com (jc@irbs.irbs.com [199.182.75.129]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA09463; Wed, 20 Nov 1996 07:01:25 -0800 (PST) Received: (from jc@localhost) by irbs.irbs.com (8.8.3/8.8.3) id KAA17951; Wed, 20 Nov 1996 10:01:16 -0500 (EST) Message-ID: Date: Wed, 20 Nov 1996 10:01:16 -0500 From: jc@irbs.com (John Capo) To: gpalmer@freebsd.org (Gary Palmer) Cc: jbh@netpci.com (Justin Harvey), michael@memra.com (Michael Dillon), freebsd-isp@freebsd.org Subject: Re: Stupid question no 10101 References: <7065.848474532@orion.webspan.net> X-Mailer: Mutt 0.51 Mime-Version: 1.0 X-Organization: IRBS Engineering, (954) 792-9551 In-Reply-To: <7065.848474532@orion.webspan.net>; from Gary Palmer on Nov 20, 1996 02:22:12 -0500 Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Quoting Gary Palmer (gpalmer@freebsd.org): > > Try sharing your password file with NIS. Basically, if you use plain > old NIS, it publishes your password file (or at least the passwords of > your users) to anyone who cares to look (I've been told that there is > some program called `ypghost' which lets people do this). I, for one, > don't want my users passwords disseminated to anyone who wants an easy > back-door into our system. > ypghost works by having access to the wire via bpf. http://tachyon.mono.org/~arny/progs/ypghost/WHATISTHIS Ypxfr can snarf a password file too if it is running as root and the server is not protected via filters and/or tcp_wrappers. Access to the wire is not needed. > (and, yes, I have thought of using an access list (aka packet filter) > on our Cisco gateway, but access lists can be bypassed, and it still > leaves it open to all our shell users). FreeBSD NIS will not deliver master.passwd.* to a request from a unpriviledged port. Ypserv can be complied to use tcp_wrappers also. Your shell users would have to have root or find another hole via a setuid root program. If your wire is not secure and you are not filtering at a router then copying the password file via an encrypted link is your only option. John Capo From owner-freebsd-isp Wed Nov 20 14:26:42 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA17781 for isp-outgoing; Wed, 20 Nov 1996 14:26:42 -0800 (PST) Received: from guardian.fortress.org (fortress.org [199.84.158.128]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA17773 for ; Wed, 20 Nov 1996 14:26:35 -0800 (PST) Received: (from andrew@localhost) by guardian.fortress.org (8.6.12/8.6.12) id RAA02906; Wed, 20 Nov 1996 17:27:33 -0500 Date: Wed, 20 Nov 1996 17:27:31 -0500 (EST) From: Andrew Webster Reply-To: andrew@pubnix.net To: isp@freebsd.org Subject: News server disk Striping In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I've just started experimenting with disk striping for my news server with some good and some bad results. Here's the config: % cat /etc/ccd.conf ccd0 256 0 /dev/sd0e /dev/sd1e % df -ik Filesystem 1K-blocks Used Avail Capacity iused ifree %iused Mounted on /dev/sd0a 347647 249330 70506 78% 9202 75276 11% / procfs 4 4 0 100% 21 159 12% /proc /dev/ccd0c 3362574 2493205 600364 81% 604079 1085519 36% /usr/local/news/spool The hardware consists of a pair of 2.1 ST32151W drives on an AHA-2940UW controller. Everything works a-okay for a day or two, then the machine freezes for no apparent reason (usually during the expire), no error messages in the log or on the console, it just locks up, but... the same hardware was in use without CCD for a while, and it worked well, no freezing. The operating system: FreeBSD 2.1.5-Release was in use in both cases. Suggestions welcomed! Andrew Webster andrew@pubnix.net PubNIX Montreal Connected to the world Branche au monde P.O. Box 147 Cote Saint Luc, Quebec H4V 2Y3 tel 514.990.5911 http://www.pubnix.net fax 514.990.9443 From owner-freebsd-isp Thu Nov 21 02:24:11 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id CAA16227 for isp-outgoing; Thu, 21 Nov 1996 02:24:11 -0800 (PST) Received: from gds.de (ns.gds.de [194.77.222.14]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id CAA16201 for ; Thu, 21 Nov 1996 02:23:46 -0800 (PST) Received: from pluto.gds.de (simba.plusnet.de [194.231.79.16]) by gds.de (8.7.5/8.6.12) with SMTP id LAA02921 for ; Thu, 21 Nov 1996 11:21:21 +0100 (MET) Message-Id: <199611211021.LAA02921@gds.de> Comments: Authenticated sender is From: "Richard Gresek" Organization: Plus.Net To: freebsd-isp@freebsd.org Date: Thu, 21 Nov 1996 11:21:48 +0000 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Disk stripping? Priority: normal X-mailer: Pegasus Mail for Win32 (v2.42a) Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hallo, the 4 GB HDD on our FreeBSD news-server is running out of disk space. How can I link two or more disks together so that they appear as one partition? Is there a software in the ports-collection for that purpose? Thanks in advance Richard +-------------------------------------------------------------------+ : Plus.Net Internet PoP fuer : Oppenheimer Landstr. 55 Frankfurt & Westerwald : 60596 Frankfurt : Tel.: +49 69 61991275 http://www.plusnet.de : Fax : +49 69 610238 +-------------------------------------------------------------------+ From owner-freebsd-isp Thu Nov 21 08:37:16 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA03274 for isp-outgoing; Thu, 21 Nov 1996 08:37:16 -0800 (PST) Received: from cedar.netten.net (root@cedar.netten.net [205.244.191.3]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA03251 for ; Thu, 21 Nov 1996 08:37:10 -0800 (PST) Received: from tracyphi (d38.netten.net [205.244.191.158]) by cedar.netten.net (8.6.12/8.6.12) with SMTP id KAA24152; Thu, 21 Nov 1996 10:35:55 -0600 Message-ID: <32948512.7ABD@cedar.netten.net> Date: Thu, 21 Nov 1996 10:38:50 -0600 From: Tracy Phillips Reply-To: tphilips@cedar.netten.net Organization: redpoint.com X-Mailer: Mozilla 3.01 (Win95; I) MIME-Version: 1.0 To: Richard Gresek CC: freebsd-isp@freebsd.org Subject: Re: Disk stripping? References: <199611211021.LAA02921@gds.de> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Richard Gresek wrote: > > Hallo, > > the 4 GB HDD on our FreeBSD news-server is running out of disk space. > > How can I link two or more disks together so that they appear as one > partition? Is there a software in the ports-collection for that > purpose? hi, you might want to try: http://www.nwnet.net/technical/bsdistripe.html peace, -- ......... Tracy Phillips `:::' ....... ...... tphilips@cedar.netten.net ::: * `::. ::' ::: .:: .:.::. .:: .:: `::. :' ::: :: :: :: :: :: .::. ::: .::. .:: ::. `::::. .:' ::. ...:::.....................::' .::::.. UNIX is user friendly. It's just selective about who its friends are. From owner-freebsd-isp Thu Nov 21 09:07:27 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA05896 for isp-outgoing; Thu, 21 Nov 1996 09:07:27 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA05889 for ; Thu, 21 Nov 1996 09:07:19 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id LAA09011; Thu, 21 Nov 1996 11:05:34 -0600 From: Joe Greco Message-Id: <199611211705.LAA09011@brasil.moneng.mei.com> Subject: Re: Disk stripping? To: tphilips@cedar.netten.net Date: Thu, 21 Nov 1996 11:05:34 -0600 (CST) Cc: rg@plusnet.de, freebsd-isp@FreeBSD.org In-Reply-To: <32948512.7ABD@cedar.netten.net> from "Tracy Phillips" at Nov 21, 96 10:38:50 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > Richard Gresek wrote: > > > > Hallo, > > > > the 4 GB HDD on our FreeBSD news-server is running out of disk space. > > > > How can I link two or more disks together so that they appear as one > > partition? Is there a software in the ports-collection for that > > purpose? > > hi, > > you might want to try: > > http://www.nwnet.net/technical/bsdistripe.html > > peace, That's not particularly relevant. How about man ccd? ... JG From owner-freebsd-isp Thu Nov 21 13:46:59 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA19467 for isp-outgoing; Thu, 21 Nov 1996 13:46:59 -0800 (PST) Received: from enetis.net (enet1.enetis.net [206.31.204.1]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id NAA19462 for ; Thu, 21 Nov 1996 13:46:48 -0800 (PST) Received: from enet1 (enet1.enetis.net [206.31.204.1]) by enetis.net (8.7.5/8.6.9) with SMTP id OAA29364 for ; Thu, 21 Nov 1996 14:45:18 -0700 (MST) Date: Thu, 21 Nov 1996 14:45:16 -0700 (MST) From: Justin England X-Sender: jengland@enet1 To: isp@freebsd.org Subject: FreeBSD as a Terminal Server Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I'll be setting up a FreeBSD 2.1.5-RELEASE machine as a term server and haven't found any documentation on what needs to be done. I have read the manpages on setting up PPP etc, but it was vauge on what I need to do in order to have my users login, use PAP, and start the PPP sessions with dynamic IP address assigned. If somebody could point me to some documention that could explain this, I'd appreciate it. Thank You, Justin From owner-freebsd-isp Thu Nov 21 14:18:23 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA21043 for isp-outgoing; Thu, 21 Nov 1996 14:18:23 -0800 (PST) Received: from bifrost.novalink.com (bifrost.novalink.com [192.233.90.8]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA21021 for ; Thu, 21 Nov 1996 14:18:08 -0800 (PST) Received: from buckwheat.novalink.com ([204.166.232.105]) by bifrost.novalink.com with SMTP id <2736-8>; Thu, 21 Nov 1996 17:17:45 -0800 Message-ID: <3294D60F.355@novalink.com> Date: Thu, 21 Nov 1996 17:22:07 -0500 From: Verdell hicks Reply-To: verdell@novalink.com Organization: Novalink USA X-Mailer: Mozilla 3.0Gold (Win95; I) MIME-Version: 1.0 To: freebsd-isp@freebsd.org Subject: test Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk This is a first message to test the mailing address. From owner-freebsd-isp Thu Nov 21 14:51:52 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA23345 for isp-outgoing; Thu, 21 Nov 1996 14:51:52 -0800 (PST) Received: from bifrost.novalink.com (bifrost.novalink.com [192.233.90.8]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA23340 for ; Thu, 21 Nov 1996 14:51:46 -0800 (PST) Received: from buckwheat.novalink.com ([204.166.232.105]) by bifrost.novalink.com with SMTP id <2738-4>; Thu, 21 Nov 1996 17:52:01 -0800 Message-ID: <3294DE17.252A@novalink.com> Date: Thu, 21 Nov 1996 17:56:23 -0500 From: Verdell hicks Reply-To: verdell@novalink.com Organization: Novalink USA X-Mailer: Mozilla 3.0Gold (Win95; I) MIME-Version: 1.0 To: freebsd-isp@FreeBSD.ORG Subject: Name Server Q Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Using Named I have CNAME entries which map to an actual entry, ie somename A 192.168.12.234 news CNAME loki So at this point in time somename.novalink.com is 192.168.12.234 and news.novalink.com is an alias that points to somename.novalink.com. If you nslookup either name it hits back with the correct IP address. Problem, How do you get it to respond with both names if you nslookup the IP address. Currently it only comes back with the actual machines name and no alias. This is a problem beacause our reverse lookup file can have only one reverse entry in per ip number. So it reads like this 234 IN PTR somename.novalink.com. If i put in 234 IN PTR somename.novalink.com. 234 IN PTR news.novalink.com. it only responds with the first entry. so when you look up 192.168.12.234 it comes back with somename.novalink.com, but I need it to come back with both somename.novalink.com and news.novalink.com. Any help would be appreciated. All of of our CNAME entries are having this problem in that only name maps to the ip the ip maps only to the real machine name. Verdell Hicks Systems Administration Novalink USA verdell@novalink.com From owner-freebsd-isp Thu Nov 21 15:15:20 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id PAA24560 for isp-outgoing; Thu, 21 Nov 1996 15:15:20 -0800 (PST) Received: from nic.dataphone.se (root@nic.dataphone.se [194.23.92.66]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA24555 for ; Thu, 21 Nov 1996 15:15:17 -0800 (PST) Received: from mhome (dialup-01-51.dataphone.se [194.23.95.53]) by nic.dataphone.se (8.8.3/8.8.2/tri) with ESMTP id AAA16229 for ; Fri, 22 Nov 1996 00:15:14 +0100 (MET) Message-Id: <199611212315.AAA16229@nic.dataphone.se> Reply-To: From: "Mikael Hugo" To: Subject: Newsserver running NCR815 cards Date: Fri, 22 Nov 1996 00:10:11 +0100 X-MSMail-Priority: Normal X-Priority: 3 X-Mailer: Microsoft Internet Mail 4.70.1157 MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I got this curious error when I tried to test ccd over two three gb drives yesterday. The test was to see if the NCR cards are good enough. The modek is an ASUS PC-200. Nov 19 02:23:35 ninja /kernel: assertion "cp" failed: file "../../pci/ncr.c", line 5568 Nov 19 02:23:36 ninja /kernel: assertion "cp" failed: file "../../pci/ncr.c", line 5568 Nov 19 02:23:36 ninja /kernel: assertion "cp" failed: file "../../pci/ncr.c", line 5568 Nov 19 02:23:36 ninja /kernel: assertion "cp" failed: file "../../pci/ncr.c", line 5568 Nov 19 02:23:36 ninja /kernel: assertion "cp" failed: file "../../pci/ncr.c", line 5568 Nov 19 02:23:38 ninja /kernel: assertion "cp" failed: file "../../pci/ncr.c", line 5568 Nov 19 02:23:38 ninja /kernel: assertion "cp" failed: file "../../pci/ncr.c", line 5568 Nov 19 02:23:38 ninja /kernel: assertion "cp" failed: file "../../pci/ncr.c", line 5568 I switched the card for an AHA2940U card, and it works flawlessly. Has any of you newsadmins got any experience with this type? I was hoping that I could use several NCR based cards, and get around the expensive AHA2940 cards. :) Mikael Hugo From owner-freebsd-isp Thu Nov 21 16:02:24 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA27983 for isp-outgoing; Thu, 21 Nov 1996 16:02:24 -0800 (PST) Received: from blacksun.reef.com (blacksun.REEF.COM [199.2.91.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA27977 for ; Thu, 21 Nov 1996 16:02:22 -0800 (PST) Received: (from james@localhost) by blacksun.reef.com (8.7.5/8.7.3) id QAA06342; Thu, 21 Nov 1996 16:01:28 -0800 (PST) From: james@blacksun.reef.com (James Buszard-Welcher) Message-Id: <9611211601.ZM6340@blacksun.reef.com> Date: Thu, 21 Nov 1996 16:01:27 -0800 In-Reply-To: Verdell hicks "Name Server Q" (Nov 21, 3:26pm) References: <3294DE17.252A@novalink.com> X-Mailer: Z-Mail (3.2.1 10apr95) To: verdell@novalink.com, freebsd-isp@FreeBSD.ORG Subject: Re: Name Server Q Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Um... CNAME means "Cannonical Name". Which is to say that 'news' is an alias for a machine that is really called 'somename'. There is only ONE cannonical name for a given IP address. You need a PTR lookup to return multiple hostnames? Why? Are you trying to do some kind of reverse-round-robin or something? On Nov 21, 3:26pm, Verdell hicks wrote: > Subject: Name Server Q > Using Named I have CNAME entries which map to an actual entry, ie > > somename A 192.168.12.234 > news CNAME loki > > So at this point in time somename.novalink.com is 192.168.12.234 and > news.novalink.com is an alias that points to somename.novalink.com. > If you nslookup either name it hits back with the correct IP address. > Problem, How do you get it to respond with both names if you nslookup > the IP address. Currently it only comes back with the actual machines > name and no alias. This is a problem beacause our reverse lookup file > can have only one reverse entry in per ip number. So it reads like this > > 234 IN PTR somename.novalink.com. > > If i put in > > 234 IN PTR somename.novalink.com. > 234 IN PTR news.novalink.com. > > it only responds with the first entry. > > so when you look up 192.168.12.234 it comes back with > somename.novalink.com, but I need it to come back with both > somename.novalink.com and news.novalink.com. Any help would be > appreciated. All of of our CNAME entries are having this problem in > that only name maps to the ip the ip maps only to the real machine name. > > Verdell Hicks > Systems Administration > Novalink USA > verdell@novalink.com >-- End of excerpt from Verdell hicks -- James Buszard-Welcher | ph. (847) 729-8600 | "There is water at the bottom Silicon Reef, Inc. | FAX (847) 729-1560 | of the ocean" - David Byrne From owner-freebsd-isp Thu Nov 21 16:13:18 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA28672 for isp-outgoing; Thu, 21 Nov 1996 16:13:18 -0800 (PST) Received: from gds.de (ns.gds.de [194.77.222.14]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA28664 for ; Thu, 21 Nov 1996 16:13:14 -0800 (PST) Received: from pluto.gds.de (simba.plusnet.de [194.231.79.16]) by gds.de (8.7.5/8.6.12) with SMTP id BAA10267 for ; Fri, 22 Nov 1996 01:13:05 +0100 (MET) Message-Id: <199611220013.BAA10267@gds.de> Comments: Authenticated sender is From: "Richard Gresek" Organization: Plus.Net To: freebsd-isp@freebsd.org Date: Fri, 22 Nov 1996 01:11:56 +0000 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: ide hdd errors Priority: normal X-mailer: Pegasus Mail for Win32 (v2.42a) Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hallo, we have two machines each with two ide hdds (WD Caviar). In one machines they are configured as primary master and secondary master. In the other the disks are master/slave. On both machines we get the following messages from time to time: Nov 22 01:02:35 pluto /kernel: wd1: interrupt timeout: Nov 22 01:02:35 pluto /kernel: wd1: status 50 error 0 What can be the cause? Thanks in advance Richard Gresek +-------------------------------------------------------------------+ : Plus.Net Internet PoP fuer : Oppenheimer Landstr. 55 Frankfurt & Westerwald : 60596 Frankfurt : Tel.: +49 69 61991275 http://www.plusnet.de : Fax : +49 69 610238 +-------------------------------------------------------------------+ From owner-freebsd-isp Thu Nov 21 16:18:42 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA29028 for isp-outgoing; Thu, 21 Nov 1996 16:18:42 -0800 (PST) Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA29003 for ; Thu, 21 Nov 1996 16:18:27 -0800 (PST) Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id LAA15756; Fri, 22 Nov 1996 11:18:06 +1100 (EST) Date: Fri, 22 Nov 1996 11:18:05 +1100 (EST) From: "Daniel O'Callaghan" To: Verdell hicks cc: freebsd-isp@freebsd.org Subject: Re: Name Server Q In-Reply-To: <3294DE17.252A@novalink.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Thu, 21 Nov 1996, Verdell hicks wrote: > Using Named I have CNAME entries which map to an actual entry, ie > > somename A 192.168.12.234 > news CNAME loki I hope you mean somename IN A 192.168.12.234 > So at this point in time somename.novalink.com is 192.168.12.234 and > news.novalink.com is an alias that points to somename.novalink.com. > If you nslookup either name it hits back with the correct IP address. > Problem, How do you get it to respond with both names if you nslookup > the IP address. Currently it only comes back with the actual machines > name and no alias. This is a problem beacause our reverse lookup file > can have only one reverse entry in per ip number. So it reads like this > > 234 IN PTR somename.novalink.com. > > If i put in > > 234 IN PTR somename.novalink.com. > 234 IN PTR news.novalink.com. > > it only responds with the first entry. Yes, the PTR records only give the *real* name. You should only use one. > so when you look up 192.168.12.234 it comes back with > somename.novalink.com, but I need it to come back with both > somename.novalink.com and news.novalink.com. Any help would be > appreciated. All of of our CNAME entries are having this problem in > that only name maps to the ip the ip maps only to the real machine name. This is correct DNS behavior. If you don't like it, you'll have to modify your own behaviour, not that of the DNS. Danny From owner-freebsd-isp Thu Nov 21 16:28:02 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA29973 for isp-outgoing; Thu, 21 Nov 1996 16:28:02 -0800 (PST) Received: from linkou.trace.com.tw (ronald@[192.72.68.166]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA29961 for ; Thu, 21 Nov 1996 16:27:53 -0800 (PST) Received: from localhost (ronald@localhost) by linkou.trace.com.tw (8.7.5/8.7.3) with SMTP id IAA22690; Fri, 22 Nov 1996 08:26:55 +0800 Date: Fri, 22 Nov 1996 08:26:55 +0800 (CCT) From: Ronald Wiplinger To: Verdell hicks cc: freebsd-isp@freebsd.org Subject: Re: Name Server Q In-Reply-To: <3294DE17.252A@novalink.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Thu, 21 Nov 1996, Verdell hicks wrote: > Using Named I have CNAME entries which map to an actual entry, ie > > somename A 192.168.12.234 > news CNAME loki > > So at this point in time somename.novalink.com is 192.168.12.234 and > news.novalink.com is an alias that points to somename.novalink.com. > If you nslookup either name it hits back with the correct IP address. > Problem, How do you get it to respond with both names if you nslookup > the IP address. Currently it only comes back with the actual machines > name and no alias. This is a problem beacause our reverse lookup file > can have only one reverse entry in per ip number. So it reads like this > > 234 IN PTR somename.novalink.com. > > If i put in > > 234 IN PTR somename.novalink.com. > 234 IN PTR news.novalink.com. > > it only responds with the first entry. That is true and correct! If you don't like it, setup another machine! where you get a new rev entry. At least DNS book (O'Reilly) does not give you a better solution either. > > so when you look up 192.168.12.234 it comes back with > somename.novalink.com, but I need it to come back with both > somename.novalink.com and news.novalink.com. Any help would be > appreciated. All of of our CNAME entries are having this problem in > that only name maps to the ip the ip maps only to the real machine name. > > Verdell Hicks > Systems Administration > Novalink USA > verdell@novalink.com > From owner-freebsd-isp Thu Nov 21 16:37:06 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA00621 for isp-outgoing; Thu, 21 Nov 1996 16:37:06 -0800 (PST) Received: from linkou.trace.com.tw (ronald@[192.72.68.166]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA00605 for ; Thu, 21 Nov 1996 16:36:56 -0800 (PST) Received: from localhost (ronald@localhost) by linkou.trace.com.tw (8.7.5/8.7.3) with SMTP id IAA22730; Fri, 22 Nov 1996 08:36:22 +0800 Date: Fri, 22 Nov 1996 08:36:22 +0800 (CCT) From: Ronald Wiplinger To: James Buszard-Welcher cc: verdell@novalink.com, freebsd-isp@freebsd.org Subject: Re: Name Server Q In-Reply-To: <9611211601.ZM6340@blacksun.reef.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Thu, 21 Nov 1996, James Buszard-Welcher wrote: > Um... CNAME means "Cannonical Name". Which is to say > that 'news' is an alias for a machine that is really > called 'somename'. There is only ONE cannonical name > for a given IP address. That is not true! You can have multiple CNAME to one IP, but can only have one IP to lookup one name. Only the named.rev is limited, not the named.hosts. I don't know if it is a schame to name the news server others than "news". So why use an alias name at all? Beside this, if the news server really exist on your site, than it should get anyway a new machine soon, when the traffic starts ;-) However if the question was if you can use other ones news server to say it is yours, than you have the problem. (I saw once an entry in named.hosts like: news CNAME news.server.other_ISP. (trailing dot!!!) Worked perfect! You only find it, if you make a telnet news 119 and saved the small ISP a lot of GB harddisk. BTW, even after they have been bought from a big organization, they still use the other ones news server ;-( I just telnet them). From owner-freebsd-isp Thu Nov 21 17:11:38 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA02402 for isp-outgoing; Thu, 21 Nov 1996 17:11:38 -0800 (PST) Received: from orion.denverweb.net (root@p03.pm-4.pm.dimensional.com [206.100.130.99]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA02393 for ; Thu, 21 Nov 1996 17:11:34 -0800 (PST) Received: from orion (blaine@localhost [127.0.0.1]) by orion.denverweb.net (8.7.5/8.7.3) with SMTP id SAA03406 for ; Thu, 21 Nov 1996 18:12:57 -0700 Message-ID: <3294FE19.1C750D5A@w3page.com> Date: Thu, 21 Nov 1996 18:12:57 -0700 From: Blaine Minazzi Organization: What, me organized? X-Mailer: Mozilla 3.01 (X11; I; Linux 2.0.25 i486) MIME-Version: 1.0 To: isp@freebsd.org Subject: Re: Newsserver running NCR815 cards References: <199611212315.AAA16229@nic.dataphone.se> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Mikael Hugo wrote: > > I got this curious error when I tried to test ccd over two three gb /kernel: assertion "cp" failed: file ~~~~~~~~~~~~~~~~~~~~~ SNIP ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "../../pci/ncr.c", line 5568 > Nov 19 02:23:38 ninja /kernel: assertion "cp" failed: file > "../../pci/ncr.c", line 5568 > > I switched the card for an AHA2940U card, and it works flawlessly. > > Has any of you newsadmins got any experience with this type? > > I was hoping that I could use several NCR based cards, and get around the > expensive AHA2940 cards. :) > > Mikael Hugo Well, I have not been able to use the NCR 53C810 Cards with 2.1.0 . I think there may be something wrong with the driver. It worked well with my IBM Drive, 615E 1.2 Gig, but it would not work with my HP 2 Gig Drives at all... 2.1.5 would not work with either one. I switched to a 2940 and all is well. Put the NCR controller in my Linux box, and everyone is happy. ( Same motherboard type in both machines. ) It was not worth messing around with. Save a few bucks on an NCR card, piss away several hundred dollars worth of time. Some bargain. Blaine Minazzi From owner-freebsd-isp Thu Nov 21 17:27:38 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA03595 for isp-outgoing; Thu, 21 Nov 1996 17:27:38 -0800 (PST) Received: from intrastar.net (root@[206.136.25.12]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA03585 for ; Thu, 21 Nov 1996 17:27:34 -0800 (PST) Received: from fixed.intrastar.net (earthstar.net [206.136.25.130]) by intrastar.net (8.8.3/8.7.3) with ESMTP id SAA12722; Thu, 21 Nov 1996 18:59:51 -0600 (CST) Message-Id: <199611220059.SAA12722@intrastar.net> From: "Jacob Suter" To: "Richard Gresek" , Subject: Re: ide hdd errors Date: Thu, 21 Nov 1996 19:25:28 -0600 X-MSMail-Priority: Normal X-Priority: 3 X-Mailer: Microsoft Internet Mail 4.70.1155 Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > Hallo, > > we have two machines each with two ide hdds (WD Caviar). > > In one machines they are configured as primary master and secondary > master. In the other the disks are master/slave. > On both machines we get the following messages from time to time: > > Nov 22 01:02:35 pluto /kernel: wd1: interrupt timeout: > Nov 22 01:02:35 pluto /kernel: wd1: status 50 error 0 I get similar errors on my Maxtor 2.0GB EIDE set as slave, but I think its because I kicked the server a few months back (sliding my chair back, my foot slipped and my boot and my size 13 foot WALLOPED the case.... Ouch. ever since then it has had problems, I replaced the maxtor (it was master) with an NEC 2.0gb and its GREAT, runs like a ROCKET, but the Maxtor still screws up, even after 'newfs'ing the drive. I wish there was something like 'scandisk' that did a sector-by-sector scan.. fsck is just for the FAT basically, so its useless unless you kicked your computer when it was reading the fat... JS From owner-freebsd-isp Thu Nov 21 18:45:35 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA07490 for isp-outgoing; Thu, 21 Nov 1996 18:45:35 -0800 (PST) Received: from guardian.fortress.org (fortress.org [199.84.158.128]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id SAA07482 for ; Thu, 21 Nov 1996 18:45:27 -0800 (PST) Received: (from andrew@localhost) by guardian.fortress.org (8.6.12/8.6.12) id VAA06722; Thu, 21 Nov 1996 21:45:39 -0500 Date: Thu, 21 Nov 1996 21:45:38 -0500 (EST) From: Andrew Webster Reply-To: andrew@pubnix.net To: Ronald Wiplinger cc: Verdell hicks , freebsd-isp@FreeBSD.org Subject: Re: Name Server Q In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Ronald Wiplinger wrote: > On Thu, 21 Nov 1996, Verdell hicks wrote: > > > Using Named I have CNAME entries which map to an actual entry, ie > > > > somename A 192.168.12.234 > > news CNAME loki > > > > So at this point in time somename.novalink.com is 192.168.12.234 and > > news.novalink.com is an alias that points to somename.novalink.com. > > If you nslookup either name it hits back with the correct IP address. > > Problem, How do you get it to respond with both names if you nslookup > > the IP address. Currently it only comes back with the actual machines > > name and no alias. This is a problem beacause our reverse lookup file > > can have only one reverse entry in per ip number. So it reads like this > > > > 234 IN PTR somename.novalink.com. > > > > If i put in > > > > 234 IN PTR somename.novalink.com. > > 234 IN PTR news.novalink.com. > > > > it only responds with the first entry. > > > > That is true and correct! > If you don't like it, setup another machine! > where you get a new rev entry. I disagree, it will respond with the FIRST entry in the database. If the database contains somename before news, it will respond with somename. If news appears before somename, it will respond with news. This is especially true if the responses are comming from a secondary server. It will cause you headaches because the machine's identity if ever checked by reverse address lookup may sometimes fail. Andrew Webster andrew@pubnix.net PubNIX Montreal Connected to the world Branche au monde P.O. Box 147 Cote Saint Luc, Quebec H4V 2Y3 tel 514.990.5911 http://www.pubnix.net fax 514.990.9443 From owner-freebsd-isp Thu Nov 21 18:58:52 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA09760 for isp-outgoing; Thu, 21 Nov 1996 18:58:52 -0800 (PST) Received: from pinky.junction.net (pinky.junction.net [199.166.227.12]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id SAA09741 for ; Thu, 21 Nov 1996 18:58:49 -0800 (PST) Received: from sidhe.memra.com (sidhe.memra.com [199.166.227.105]) by pinky.junction.net (8.6.12/8.6.12) with ESMTP id TAA07137 for ; Thu, 21 Nov 1996 19:14:47 -0800 Received: from localhost (michael@localhost) by sidhe.memra.com (8.6.12/8.6.12) with SMTP id SAA09433 for ; Thu, 21 Nov 1996 18:54:44 -0800 Date: Thu, 21 Nov 1996 18:54:43 -0800 (PST) From: Michael Dillon To: freebsd-isp@freebsd.org Subject: Re: ide hdd errors In-Reply-To: <199611220013.BAA10267@gds.de> Message-ID: Organization: Memra Software Inc. - Internet consulting MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Richard Gresek wrote: > we have two machines each with two ide hdds (WD Caviar). > What can be the cause? Put in SCSI host adapters and replace all your drives with SCSI ones. It is a bad idea for an ISP to use IDE drives and it's absolutely FORBIDDEN to use two in one machine. These are supposed to be *SERVERS*. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com From owner-freebsd-isp Thu Nov 21 19:55:15 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id TAA18570 for isp-outgoing; Thu, 21 Nov 1996 19:55:15 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id TAA18564 for ; Thu, 21 Nov 1996 19:55:07 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id VAA09926; Thu, 21 Nov 1996 21:54:03 -0600 From: Joe Greco Message-Id: <199611220354.VAA09926@brasil.moneng.mei.com> Subject: Re: Newsserver running NCR815 cards To: bminazzi@w3page.com (Blaine Minazzi) Date: Thu, 21 Nov 1996 21:54:03 -0600 (CST) Cc: isp@FreeBSD.org In-Reply-To: <3294FE19.1C750D5A@w3page.com> from "Blaine Minazzi" at Nov 21, 96 06:12:57 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > Well, I have not been able to use the NCR 53C810 Cards with 2.1.0 . > I think there may be something wrong with the driver. > It worked well with my IBM Drive, 615E 1.2 Gig, but it would not > work with my HP 2 Gig Drives at all... > > 2.1.5 would not work with either one. > > I switched to a 2940 and all is well. Put the NCR controller in > my Linux box, and everyone is happy. ( Same motherboard type in both > machines. ) > It was not worth messing around with. Save a few bucks on an NCR card, > piss away several hundred dollars worth of time. That's odd, they work great here. Since many things have changed in the ~ 1 year since 2.1.0R came out, I would certainly suggest you try 2.1.6R. I am running a dozen and a half of the ASUS SC-200 cards (do not scrimp and get cheapies, they can be problematic) to run ninety three drives of various types (including Quantum ProDrive/Atlas, Seagate Hawk/Barracuda, and some older HP drives, probably some others too, I know that the HP-C3323 works great but the 3724 does not work right under 2.1.0R, but that is reportedly due to firmware bugs in the drive.) I certainly have not pissed away several hundred dollars of time, but I do think I've saved almost $3000 over an equivalent number of 2940's, for controllers that are just as high performance. YMMV of course. If you are anxious to spend lots of money, go Adaptec. They _are_ good controllers, although I have seen some SCSI devices in the past that the FreeBSD/Adaptec controller combo did not like. If you are anxious to save lots of money, go ASUS SC-200. They are also good controllers, you can get three for the price of an Adaptec, and have beer money left over. I have seen some SCSI devices in the past that the FreeBSD/NCR controller combo did not like. As much as I am not a Seacrate fan, Seagate does make some pretty good drives and I am largely a Seagate shop. I have no problems with the Hawk-2's, Hawk's, Barracuda's, or most other Seagate drives with either of these controllers. ... JG From owner-freebsd-isp Thu Nov 21 20:09:25 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA19241 for isp-outgoing; Thu, 21 Nov 1996 20:09:25 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA19232 for ; Thu, 21 Nov 1996 20:08:53 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id WAA09937; Thu, 21 Nov 1996 22:07:23 -0600 From: Joe Greco Message-Id: <199611220407.WAA09937@brasil.moneng.mei.com> Subject: Re: Name Server Q To: verdell@novalink.com Date: Thu, 21 Nov 1996 22:07:22 -0600 (CST) Cc: freebsd-isp@FreeBSD.ORG In-Reply-To: <3294DE17.252A@novalink.com> from "Verdell hicks" at Nov 21, 96 05:56:23 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Using Named I have CNAME entries which map to an actual entry, ie > > somename A 192.168.12.234 > news CNAME loki > > So at this point in time somename.novalink.com is 192.168.12.234 and > news.novalink.com is an alias that points to somename.novalink.com. > If you nslookup either name it hits back with the correct IP address. This is perfectly and absolutely correct behaviour. > somename.novalink.com, but I need it to come back with both > somename.novalink.com and news.novalink.com. Any help would be > appreciated. All of of our CNAME entries are having this problem in > that only name maps to the ip the ip maps only to the real machine name. Why do you "need" it to come back that way? Good DNS policy (until you understand the exceptions) is to have a single canonical name per address. That means one domain name maps to precisely one address, and this is implemented with both an "A" and a "PTR" record. A CNAME simply lists a convenient alias by which a machine might be known. In some cases ("news"), it might be because the machine provides a service. In some cases ("met" CNAME "metropolis") it might be because typing in the full name is a pain in the rump. If you really, really want to have a reverse mapping (and there is probably no reason to do so in this case), you assign another IP address to the machine. I do this with my DNS servers, for example. "dns1.sol.net" has a permanent IP address assigned to it, which never moves, even if the service switches from one machine to another. You can _always_ reach dns1 at 206.55.64.68. However, I did this simply for the wire-down-ability. There would be NO need for me to have a reverse entry for dns1 if it were implemented as a CNAME. In general: you should have as many A records as PTR records. ... JG From owner-freebsd-isp Thu Nov 21 20:22:10 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA19977 for isp-outgoing; Thu, 21 Nov 1996 20:22:10 -0800 (PST) Received: from soda.CSUA.Berkeley.EDU (soda.CSUA.Berkeley.EDU [128.32.43.52]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id UAA19965 for ; Thu, 21 Nov 1996 20:22:05 -0800 (PST) Received: from localhost (richardc@localhost) by soda.CSUA.Berkeley.EDU (8.6.12/8.6.12) with SMTP id UAA06479 for ; Thu, 21 Nov 1996 20:23:24 -0800 Date: Thu, 21 Nov 1996 20:23:22 -0800 (PST) From: Veggy Vinny To: isp@FreeBSD.ORG Subject: ICMP Ping Flood tracing Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Greetings everyone, Is there anyway to trace ICMP Ping Floods to see where the source machine is that is flooding your machine? Thanks. Vince GaiaNet Corporation - Unix Networking Operations - GUS Mailing Lists Admin From owner-freebsd-isp Thu Nov 21 20:27:27 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA20345 for isp-outgoing; Thu, 21 Nov 1996 20:27:27 -0800 (PST) Received: from bifrost.novalink.com (bifrost.novalink.com [192.233.90.8]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA20338 for ; Thu, 21 Nov 1996 20:27:21 -0800 (PST) Received: from buckwheat.novalink.com ([204.166.232.105]) by bifrost.novalink.com with SMTP id <2738-4>; Thu, 21 Nov 1996 23:27:22 -0800 Message-ID: <32952C9A.5AC@novalink.com> Date: Thu, 21 Nov 1996 23:31:22 -0500 From: Verdell Hicks Reply-To: verdell@novalink.com Organization: Novalink USA X-Mailer: Mozilla 3.0Gold (Win95; I) MIME-Version: 1.0 To: freebsd-isp@FreeBSD.ORG Subject: Name Server Q Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Okay, It is hard to see the logic in my original nameserver question. This is the problem. The Machines name is loki.novalink.com with a canonical name of news.novalink.com. When our news feed does a reverse lookup on news.novalink.com's IP address it denies me to post news messages. How about I show you what he said. ____________________________________________________________________________ Verdell, The problem appears to be in the PTR record in your DNS. Please observe. nslookup news.novalink.com Server: ns.pcy.mci.net Address: 204.70.138.79 Non-authoritative answer: Name: loki.novalink.com Address: 192.233.90.158 Aliases: news.novalink.com That much is perfect, BUT... nslookup 192.233.90.158 Server: ns.pcy.mci.net Address: 204.70.138.79 Name: loki.novalink.com Address: 192.233.90.158 Since the PTR record does not resolve with the alias, newsfeed is denying you access. Please correct the PTR record so that is resolves identically to the A record. Thanks, Jeremy W. Powell InternetMCI Usenet News Administrator Arlington,VA jeremy@mci.net ******************************************************************* "Laws and institutions must go hand in hand with the progress of the human mind." --Thomas Jefferson ******************************************************************* ----- Begin Included Message ----- _______________________________________________________________________________________________________________ Does it make more since now? Actually I am having even bigger problems now. I made the mistake of modfying my active file for inn and now the system keeps responding to me with cant symlink the different messages. Furthermore it seems like it only get messages the first time it connects to mci, after that everything is all zeros. Everything worked great before I modified that damn active file. I saved the original and copied it back to active and it is still screwed up. I cant get the command line right to renumber the entire active file. This is a real nightmare. News isn't working right now and I am soo tired till the answer wouldn't be apparent to me if it were right in my face. If anyone has any suggestions please send them along. Verdell From owner-freebsd-isp Thu Nov 21 20:51:28 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA21616 for isp-outgoing; Thu, 21 Nov 1996 20:51:28 -0800 (PST) Received: from linkou.trace.com.tw (ronald@[192.72.68.166]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA21597 for ; Thu, 21 Nov 1996 20:51:22 -0800 (PST) Received: from localhost (ronald@localhost) by linkou.trace.com.tw (8.7.5/8.7.3) with SMTP id MAA24460; Fri, 22 Nov 1996 12:50:07 +0800 Date: Fri, 22 Nov 1996 12:50:06 +0800 (CCT) From: Ronald Wiplinger To: Verdell Hicks cc: freebsd-isp@FreeBSD.org Subject: Re: Name Server Q In-Reply-To: <32952C9A.5AC@novalink.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Thu, 21 Nov 1996, Verdell Hicks wrote: > Okay, > It is hard to see the logic in my original nameserver question. This > is the problem. The Machines name is loki.novalink.com with a canonical > name of news.novalink.com. When our news feed does a reverse lookup on > news.novalink.com's IP address it denies me to post news messages. How > about I show you what he said. > How about just to swap the real and the alias name in the name.hosts? > > ____________________________________________________________________________ > Verdell, > > The problem appears to be in the PTR record in your DNS. Please > observe. > > nslookup news.novalink.com > Server: ns.pcy.mci.net > Address: 204.70.138.79 > > Non-authoritative answer: > Name: loki.novalink.com > Address: 192.233.90.158 > Aliases: news.novalink.com > > That much is perfect, BUT... > > nslookup 192.233.90.158 > Server: ns.pcy.mci.net > Address: 204.70.138.79 > > Name: loki.novalink.com > Address: 192.233.90.158 > > Since the PTR record does not resolve with the alias, newsfeed is > denying you > access. Please correct the PTR record so that is resolves identically > to > the A record. > > Thanks, > > Jeremy W. Powell > InternetMCI Usenet News Administrator > Arlington,VA > jeremy@mci.net > ******************************************************************* > "Laws and institutions must go hand in hand with the > progress of the human mind." --Thomas Jefferson > ******************************************************************* > > ----- Begin Included Message ----- > > _______________________________________________________________________________________________________________ > > Does it make more since now? Actually I am having even bigger problems > now. I made the mistake of modfying my active file for inn and now the > system keeps responding to me with cant symlink the different messages. > Furthermore it seems like it only get messages the first time it > connects to mci, after that everything is all zeros. Everything worked > great before I modified that damn active file. I saved the original and > copied it back to active and it is still screwed up. I cant get the > command line right to renumber the entire active file. This is a real > nightmare. News isn't working right now and I am soo tired till the > answer wouldn't be apparent to me if it were right in my face. If > anyone has any suggestions please send them along. > > > Verdell > From owner-freebsd-isp Thu Nov 21 21:21:40 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA23499 for isp-outgoing; Thu, 21 Nov 1996 21:21:40 -0800 (PST) Received: from orion.denverweb.net (root@p03.pm-4.pm.dimensional.com [206.100.130.99]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA23478 for ; Thu, 21 Nov 1996 21:21:30 -0800 (PST) Received: from orion (blaine@localhost [127.0.0.1]) by orion.denverweb.net (8.7.5/8.7.3) with SMTP id WAA03549 for ; Thu, 21 Nov 1996 22:23:08 -0700 Message-ID: <329538BC.53BBB886@w3page.com> Date: Thu, 21 Nov 1996 22:23:08 -0700 From: Blaine Minazzi Organization: What, me organized? X-Mailer: Mozilla 3.01 (X11; I; Linux 2.0.25 i486) MIME-Version: 1.0 To: isp@FreeBSD.org Subject: Re: Newsserver running NCR815 cards References: <199611220354.VAA09926@brasil.moneng.mei.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Joe Greco quothe Blaine Minazzi: > > > Well, I have not been able to use the NCR 53C810 Cards with 2.1.0 . > > I think there may be something wrong with the driver. > > It worked well with my IBM Drive, 615E 1.2 Gig, but it would not > > work with my HP 2 Gig Drives at all... > > > > 2.1.5 would not work with either one. > > > > I switched to a 2940 and all is well. Put the NCR controller in > > my Linux box, and everyone is happy. ( Same motherboard type in both > > machines. ) > > It was not worth messing around with. Save a few bucks on an NCR card, > > piss away several hundred dollars worth of time. > Joe Greco Expoundeth: > That's odd, they work great here. > > Since many things have changed in the ~ 1 year since 2.1.0R came out, I > would certainly suggest you try 2.1.6R. 2.1.6??? I am running 2.1.5R... > I am running a dozen and a half of the ASUS SC-200 cards (do not scrimp and get cheapies, they can be problematic) to run ninety three drives of > various types (including Quantum ProDrive/Atlas, Seagate Hawk/Barracuda, > and some older HP drives, probably some others too, I know that the > HP-C3323 works great but the 3724 does not work right under 2.1.0R, but > that is reportedly due to firmware bugs in the drive.) I have some of the 3725 (?) methinks. If it is a firmware bug in the _DRIVE_ , why does it work like a champ with the 2940. or, on the same note, why does the same card and drive work fine under Linux? ( exact same drive, Card, MB type... ) Maybe it is the drive... But the IBM 615 E 1.2 Gig that I have, which Did work with 2.1.0 R quit working with 2.1.5 and the Same controller card. Both Drives will work with these cards under Linux, no problem. ( At first, I suspected the card, so I got another one. Same results.) Kinda leads me to suspect the FreeBSD code. But, It matters not, as I need something that works *today*... So, you get a 2940 and life goes on. The $120 per controller is chicken feed where each server is worth thousands per month in revenue. I am not bashing the NCR stuff, I run it on my Linux workstation, and it works like a champ... And, if it DID work for me under FreeBSD I would certainly run them. They have a great reputation, and they are cheaper to buy initially, and performance is similar. No desire to spend money needlessly! I am curious about the "cheapies" you mention. These cards are only $45 - $60 wholesale... What is a cheapie? Do I have to spend more than that... I only pay $175 on the 2940's. To me that is appx $120 price diff. I figure that the 4 - 5 hours I spent when doing the upgrade from 2.1.0 to 2.1.5 trying to figure out why my hard drives wouldn't work anymore is about $500 worth of my time. ( If I was billing it out. ) or, put another way, that is about 4 controllers worth. Anyway, my logic is thus... ( Standard disclamer, YMMV. IMHO, CYA, RTFM, TTYL. ) 1: My HP Drives DO work with the 2940. 2: My HP drives do NOT work with the NCR. 3: I cannot fix the above problem. 4: Beating head against wall for hours will not fix problem. 5: Spending a couple extra bucks for 2940 will fix problem. ( I found answer by using DeJa News. Others had reported exact same problem. ) Therefore, since I have limited time, I will wait for someone else who is a far better programmer than I, ( most anyone ? :-) to fix the problem. In the meantime. my servers run fine with the Adaptec cards, and life goes on.... Servers serve, hard drives drive hard, lights flash, modems squeel and all is well in my corner of the universe. Blaine Minazzi From owner-freebsd-isp Thu Nov 21 21:51:32 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA26085 for isp-outgoing; Thu, 21 Nov 1996 21:51:32 -0800 (PST) Received: from delenn.netpci.com (root@celerity.guam.net [202.128.6.9]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id VAA26074 for ; Thu, 21 Nov 1996 21:51:20 -0800 (PST) Received: (from jbh@localhost) by delenn.netpci.com (8.7.5/8.7.3) id PAA16645; Fri, 22 Nov 1996 15:50:09 -1000 (GMT+10) Date: Fri, 22 Nov 1996 15:50:08 -1000 (GMT+10) From: JBH To: Justin England cc: isp@freebsd.org Subject: Re: FreeBSD as a Terminal Server In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Get a livingston portmaster :) On Thu, 21 Nov 1996, Justin England wrote: > > I'll be setting up a FreeBSD 2.1.5-RELEASE machine as a term server and > haven't found any documentation on what needs to be done. > > I have read the manpages on setting up PPP etc, but it was vauge on what > I need to do in order to have my users login, use PAP, and start the PPP > sessions with dynamic IP address assigned. > > If somebody could point me to some documention that could explain this, > I'd appreciate it. > > Thank You, > > Justin > From owner-freebsd-isp Thu Nov 21 22:28:06 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id WAA27628 for isp-outgoing; Thu, 21 Nov 1996 22:28:06 -0800 (PST) Received: from ns.kconline.com (ns.kconline.com [207.51.167.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id WAA27615 for ; Thu, 21 Nov 1996 22:27:54 -0800 (PST) Received: from localhost (jriffle@localhost) by ns.kconline.com (8.8.2/8.7.3) with SMTP id BAA00792; Fri, 22 Nov 1996 01:27:46 -0500 (EST) Date: Fri, 22 Nov 1996 01:27:46 -0500 (EST) From: Jim Riffle To: Veggy Vinny cc: isp@FreeBSD.ORG Subject: Re: ICMP Ping Flood tracing In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Thu, 21 Nov 1996, Veggy Vinny wrote: > Greetings everyone, > > Is there anyway to trace ICMP Ping Floods to see where the source > machine is that is flooding your machine? Thanks. Yes, there is. I don't know how to tell after the fact, but during it, you can tell when it is coming from. You will want to add "pseudo-device bpfilter 4" into your kernel configuration file, then config, compile, and reboot. After you have that running in your kernel, you can use the tcpdump program to show what is going over your network. Or better yet, you can get trafshow from the ports tree and run that. Jim From owner-freebsd-isp Thu Nov 21 23:17:29 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA00155 for isp-outgoing; Thu, 21 Nov 1996 23:17:29 -0800 (PST) Received: from pinky.junction.net (pinky.junction.net [199.166.227.12]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id XAA00150 for ; Thu, 21 Nov 1996 23:17:24 -0800 (PST) Received: from sidhe.memra.com (sidhe.memra.com [199.166.227.105]) by pinky.junction.net (8.6.12/8.6.12) with ESMTP id XAA10741 for ; Thu, 21 Nov 1996 23:33:23 -0800 Received: from localhost (michael@localhost) by sidhe.memra.com (8.6.12/8.6.12) with SMTP id XAA11487 for ; Thu, 21 Nov 1996 23:13:19 -0800 Date: Thu, 21 Nov 1996 23:13:18 -0800 (PST) From: Michael Dillon To: isp@freebsd.org Subject: Re: ICMP Ping Flood tracing In-Reply-To: Message-ID: Organization: Memra Software Inc. - Internet consulting MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Thu, 21 Nov 1996, Veggy Vinny wrote: > Is there anyway to trace ICMP Ping Floods to see where the source > machine is that is flooding your machine? Thanks. If they all have the same source address that is likely to be their origin so contact the admin's of the site containing that address. Otherwise you may have to track it back one hop at a time with the help of your service provider. They *WILL* do this for ping flood attacks and for SYN flood attacks but you may have to hammer them over the head to get to talk to the right people. In other words, if you get a tech support droid that says "Huh?" tell them it is an emergency and that your site is under attack and that you need to talk to their security department NOW! Time is usually of the essence in tracking these attacks back to source when they are using forged source addresses. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com From owner-freebsd-isp Fri Nov 22 00:19:33 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA05054 for isp-outgoing; Fri, 22 Nov 1996 00:19:33 -0800 (PST) Received: from soda.CSUA.Berkeley.EDU (soda.CSUA.Berkeley.EDU [128.32.43.52]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id AAA05046 for ; Fri, 22 Nov 1996 00:19:26 -0800 (PST) Received: from localhost (richardc@localhost) by soda.CSUA.Berkeley.EDU (8.6.12/8.6.12) with SMTP id AAA19639; Fri, 22 Nov 1996 00:20:44 -0800 Date: Fri, 22 Nov 1996 00:20:42 -0800 (PST) From: Veggy Vinny To: Jim Riffle cc: isp@FreeBSD.ORG Subject: Re: ICMP Ping Flood tracing In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Jim Riffle wrote: > On Thu, 21 Nov 1996, Veggy Vinny wrote: > > > Is there anyway to trace ICMP Ping Floods to see where the source > > machine is that is flooding your machine? Thanks. > > Yes, there is. I don't know how to tell after the fact, but during it, > you can tell when it is coming from. Really? I tried netstat and can't find any ip addresses or hostnames. > You will want to add "pseudo-device bpfilter 4" into your kernel > configuration file, then config, compile, and reboot. Okay... > After you have that running in your kernel, you can use the tcpdump > program to show what is going over your network. Or better yet, you can > get trafshow from the ports tree and run that. Sounds good, is there any way to also limit ping's to 64 bytes and not larger than that? Vince GaiaNet Corporation - Unix Networking Operations - GUS Mailing Lists Admin From owner-freebsd-isp Fri Nov 22 00:39:33 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA06174 for isp-outgoing; Fri, 22 Nov 1996 00:39:33 -0800 (PST) Received: from soda.CSUA.Berkeley.EDU (soda.CSUA.Berkeley.EDU [128.32.43.52]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id AAA06169 for ; Fri, 22 Nov 1996 00:39:31 -0800 (PST) Received: from localhost (richardc@localhost) by soda.CSUA.Berkeley.EDU (8.6.12/8.6.12) with SMTP id AAA20585; Fri, 22 Nov 1996 00:40:46 -0800 Date: Fri, 22 Nov 1996 00:40:45 -0800 (PST) From: Veggy Vinny To: Michael Dillon cc: isp@freebsd.org Subject: Re: ICMP Ping Flood tracing In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASFrom owner-freebsd-isp Fri Nov 22 04:20:53 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id EAA16689 for isp-outgoing; Fri, 22 Nov 1996 04:20:53 -0800 (PST) Received: from unibel.by (alice.unibel.by [195.50.0.195]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id EAA16678 for ; Fri, 22 Nov 1996 04:20:40 -0800 (PST) Received: from brc.minsk.by (brc.minsk.by [193.232.92.36]) by unibel.by (8.8.2/8.8.2) with ESMTP id OAA20665 for ; Fri, 22 Nov 1996 14:20:21 +0200 (EET) Received: (from uucp@localhost) by brc.minsk.by (8.8.2/8.8.2) with UUCP id OAA26733 for freebsd-isp@freebsd.org; Fri, 22 Nov 1996 14:09:17 +0200 (EET) Received: from david.wvb.gomel.by (david [150.97.0.2]) by wvb.gomel.by (8.7.5/8.7.3) with SMTP id NAA00957 for ; Fri, 22 Nov 1996 13:27:55 +0200 (EET) Received: by david.wvb.gomel.by with Microsoft Mail id <01BBBC02.185B1740@david.wvb.gomel.by>; Thu, 17 Oct 1996 08:06:26 +-200 Message-ID: <01BBBC02.185B1740@david.wvb.gomel.by> From: David Stickney To: "'FBSD ISP'" Subject: The best way to allow users to access a WWW directory Date: Thu, 17 Oct 1996 08:05:28 +-200 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hello,=20 I loaded the Apache www server up, and it works and everything.. My = question is how would I go about letting users add their own WWW pages = with out letting them thrash the syetem? There is a comment "UserDir public_html" where does it go? The only = Documentation I have found is the README for the Icons?... If you help me, Send me your address, I pay. ;> Thanks, Dave From owner-freebsd-isp Fri Nov 22 05:46:26 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id FAA19331 for isp-outgoing; Fri, 22 Nov 1996 05:46:26 -0800 (PST) Received: from buffnet4.buffnet.net (root@buffnet4.buffnet.net [205.246.19.13]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id FAA19326 for ; Fri, 22 Nov 1996 05:46:23 -0800 (PST) Received: from buffnet1.buffnet.net (mmdf@buffnet1.buffnet.net [205.246.19.10]) by buffnet4.buffnet.net (8.6.12/8.6.9) with SMTP id IAA10862; Fri, 22 Nov 1996 08:46:32 GMT Received: from buffnet11.buffnet.net by buffnet1.buffnet.net id aa15481; 22 Nov 96 8:52 EST Date: Fri, 22 Nov 1996 08:52:00 -0500 (EST) From: Steve To: David Stickney cc: "'FBSD ISP'" Subject: Re: The best way to allow users to access a WWW directory In-Reply-To: <01BBBC02.185B1740@david.wvb.gomel.by> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In srm.conf you put UserDir public_html Then all each user must do is create a subdirectory in their home directory called public_html and place their files in that subdirectory. The URL uses ~userid - example: http://www.sompeplace.com/~david/Welcome.html Would pull up Welcome.html from public_html unde ryour home directory. All files my be world readable (I think read and executeable) -ie chmod 755 On Thu, 17 Oct 1996, David Stickney wrote: > Hello, > > I loaded the Apache www server up, and it works and everything.. My question is how would I go about letting users add their own WWW pages with out letting them thrash the syetem? > > There is a comment "UserDir public_html" where does it go? The only Documentation I have found is the README for the Icons?... > > If you help me, Send me your address, I pay. ;> > > Thanks, > Dave > From owner-freebsd-isp Fri Nov 22 06:40:11 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA21197 for isp-outgoing; Fri, 22 Nov 1996 06:40:11 -0800 (PST) Received: from ns2.harborcom.net (root@ns2.harborcom.net [206.158.4.4]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA21179 for ; Fri, 22 Nov 1996 06:40:05 -0800 (PST) Received: from swoosh.dunn.org (swoosh.dunn.org [206.158.7.243]) by ns2.harborcom.net (8.8.3/8.8.3) with SMTP id JAA21238; Fri, 22 Nov 1996 09:39:41 -0500 (EST) Date: Fri, 22 Nov 1996 09:36:56 -0500 () From: Bradley Dunn To: Verdell Hicks cc: freebsd-isp@freebsd.org Subject: Re: Name Server Q In-Reply-To: <32952C9A.5AC@novalink.com> Message-ID: X-X-Sender: bradley@harborcom.net MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Ummm...correct me if I am wrong, but I think INN looks up the names in hosts.nntp at startup. After that it just compares the IP of incoming connection requests to the IPs it has stored from the lookup of the names in hosts.nntp. IOW, no reverse lookup is done. -BD PS-If I am right does that mean I can be an MCI news admin...oooohhhh woooooowwwww! :-) > The problem appears to be in the PTR record in your DNS. Please > observe. > > nslookup news.novalink.com > Server: ns.pcy.mci.net > Address: 204.70.138.79 > > Non-authoritative answer: > Name: loki.novalink.com > Address: 192.233.90.158 > Aliases: news.novalink.com > > That much is perfect, BUT... > > nslookup 192.233.90.158 > Server: ns.pcy.mci.net > Address: 204.70.138.79 > > Name: loki.novalink.com > Address: 192.233.90.158 > > Since the PTR record does not resolve with the alias, newsfeed is > denying you > access. Please correct the PTR record so that is resolves identically > to > the A record. > > Thanks, > > Jeremy W. Powell > InternetMCI Usenet News Administrator From owner-freebsd-isp Fri Nov 22 07:01:29 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA22516 for isp-outgoing; Fri, 22 Nov 1996 07:01:29 -0800 (PST) Received: from bureau-de-poste.utcc.utoronto.ca (bureau-de-poste.utcc.utoronto.ca [128.100.132.11]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA22467; Fri, 22 Nov 1996 07:01:09 -0800 (PST) Received: from mainserver ([24.112.2.23]) by bureau-de-poste.utcc.utoronto.ca with SMTP id <795662(8)>; Fri, 22 Nov 1996 09:47:09 -0500 Message-ID: <32957576.2CE5@utoronto.ca> Date: Fri, 22 Nov 1996 04:42:14 -0500 From: Edward Ing X-Mailer: Mozilla 3.0 (WinNT; I) MIME-Version: 1.0 To: isp@freebsd.org CC: questions@freebsd.org Subject: IP routing thoery: ping pong effect. Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk The following is my theoretical network. H's are hosts, N's are networks. x.x.n.n are the interface IPs. Ha is the highest node. N1 is like the backbone. So the internetwork is asymmetrical, and not quite like the picture. |---Ha --------| x.x.3.1 | | x.x.1.4 | | N3---------- -----------N1 | | | | x.x.3.5 | | x.x.1.5 Hc Hd x.x.4.1 | | x.x.2.1 | | N4------------ ------------N2 | | | | x.x.4.5 | x.x.2.5 | He Hb Assume that these hosts are only a fraction of the hosts on each network so no fix networking table is used for routing because it would be too complicated. Defautroute (0.0.0.0) for He is x.x.4.1, for Hc is x.x.3.1, for Hb is x.x.2.1 for Hd is x.x.1.4. If Ha is given a default route, we will get a ping-pong effect. E.g. If default route of Ha is x.x.3.5 (Hc) and if He sends packet to Hb this effect shows up. He routes to Hc on defaultroute, Hc routes to Ha on defaultroute. Ha routes back to Hc on its default route and thus the hosts play ping-pong. A packet from He will never find Hb. Nor can Ha have default to Hd, otherwise the same effect occurs on the other side. Thus, Ha cannot have a defaultroute. But if that is the case, Hb and He can never send packets to each other in anycase. My question is: how is it possible for Hb and He to route packages to each other? Obviously theoretically they can because it happens on the Internet. Thus, how can this theoretically be accomplished. The answer I think must have to do with dynamic routing tables in Ha. Or is it done with distributed routing tables (like DNS)? Is this why Ha is a router rather than a mere gateway? How would this work? I would appreciate a concise answer. Edward Ing. From owner-freebsd-isp Fri Nov 22 07:15:40 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA23103 for isp-outgoing; Fri, 22 Nov 1996 07:15:40 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA23097 for ; Fri, 22 Nov 1996 07:15:34 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id JAA10818; Fri, 22 Nov 1996 09:14:27 -0600 From: Joe Greco Message-Id: <199611221514.JAA10818@brasil.moneng.mei.com> Subject: Re: Name Server Q To: verdell@novalink.com Date: Fri, 22 Nov 1996 09:14:27 -0600 (CST) Cc: freebsd-isp@freebsd.org In-Reply-To: <32952C9A.5AC@novalink.com> from "Verdell Hicks" at Nov 21, 96 11:31:22 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Okay, > It is hard to see the logic in my original nameserver question. This > is the problem. The Machines name is loki.novalink.com with a canonical > name of news.novalink.com. When our news feed does a reverse lookup on > news.novalink.com's IP address it denies me to post news messages. How > about I show you what he said. I have a suspicion that this so called "problem" is an MCI brain/code fart. They probably have a mechanism that handles inbound feeds with a different mechanism than INN. This may be contributing to the confusion, and I wrote a little note to both Verdell and Jeremy at MCI about it... ... JG From owner-freebsd-isp Fri Nov 22 07:23:49 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA23375 for isp-outgoing; Fri, 22 Nov 1996 07:23:49 -0800 (PST) Received: from i-gw.dalsys.com (i-gw.dalsys.com [207.42.153.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA23369 for ; Fri, 22 Nov 1996 07:23:35 -0800 (PST) Received: (from smap@localhost) by i-gw.dalsys.com (8.6.9/8.6.9) id JAA25621; Fri, 22 Nov 1996 09:17:26 -0600 Received: from future.dsc.dalsys.com(199.170.161.3) by i-gw.dalsys.com via smap (V1.3) id sma025619; Fri Nov 22 09:17:24 1996 Received: by future.dsc.dalsys.com (AIX 3.2/UCB 5.64/8.6.12) id AA121703; Fri, 22 Nov 1996 09:23:03 -0600 Date: Fri, 22 Nov 1996 09:23:03 -0600 (CST) From: Richard Stanford X-Sender: richards@future.dsc.dalsys.com To: Steve Cc: David Stickney , The FreeBSD ISP Mailing list Subject: Re: The best way to allow users to access a WWW directory In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Steve wrote: > > > In srm.conf you put > > UserDir public_html Or alternatively, set up a dedicated (slow/dumb) machine for users to login to, specifically one that they can crash without bringing down any of your essential services. Next, create a place on the webserver for users to put their pages (ie: /www/users/ ) and create their directories underneath it. The users must be in the /etc/passwd file for the webserver, but their password may be * or something else so that they can never log in. Now NFS mount the /www/users directory from the webserver over to the telnet/ftp client mentioned earlier. Users add their pages to the apparently-local drive, and they never interfere with your webserver. Oh, almost forgot -- on the webserver, you can set UserDir to /www/users/ which tells the engine to look here for user webpages. Even on a non-dedicated box, this would allow you to put all webpages onto a seperate drive, rather than having them intermingled with user's home directories. If you like, you can always execute as part of your user-setup stcript a: ln -s /www/users/u/username /home/u/username/public_html or something like that. > Then all each user must do is create a subdirectory in their home > directory called public_html and place their files in that subdirectory. > The URL uses ~userid - example: > > http://www.sompeplace.com/~david/Welcome.html > > Would pull up Welcome.html from public_html unde ryour home directory. Or wherever else specified in UserDir, but yes. > All files my be world readable (I think read and executeable) -ie > chmod 755 Executable? All files should be at least 444, but that's all -- If files are 644 and directories are 755, that enhances security and allows indexing to be performed on directorys with no index file. If the directory is 711, that enhances user-privacy at the expense of indexing. > On Thu, 17 Oct 1996, David Stickney wrote: > > > Hello, Hey there. > > I loaded the Apache www server up, and it works and everything.. My question is how would I go about letting users add their own WWW pages with out letting them thrash the syetem? In my opinion -- this is the safest way. The users are never ON your webserver. > > There is a comment "UserDir public_html" where does it go? The only Documentation I have found is the README for the Icons?... There is documentation and a FAQ at http://www.apache.org/ > > If you help me, Send me your address, I pay. ;> Don't bother -- just help the next person. It all evens out, everyone is happy, and we can all pretend that this is the internet of a few years ago. > > Thanks, > > Dave De nada - Richard -------------------------------------------------------------------------------- Contrary to popular belief, Unix is user friendly. It just happens to be very selective about who it decides to make friends with. From owner-freebsd-isp Fri Nov 22 08:02:12 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA25454 for isp-outgoing; Fri, 22 Nov 1996 08:02:12 -0800 (PST) Received: from nemesis.idirect.com (root@nemesis.idirect.com [207.136.80.40]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA25448 for ; Fri, 22 Nov 1996 08:02:04 -0800 (PST) Received: from hometown.idirect.com (carrera@hometown.idirect.com [207.136.66.27]) by nemesis.idirect.com (8.6.9/8.6.12) with ESMTP id LAA17536 for ; Fri, 22 Nov 1996 11:01:53 -0500 Received: from localhost (carrera@localhost) by hometown.idirect.com (8.7.4/8.6.9) with SMTP id KAA14513 for ; Fri, 22 Nov 1996 10:45:02 -0500 (EST) X-Authentication-Warning: hometown.idirect.com: carrera owned process doing -bs Date: Fri, 22 Nov 1996 10:45:02 -0500 (EST) From: Jason Lixfeld To: freebsd-isp@freebsd.org Subject: FreeBSD Craaaaaaash.. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I think I broke soemthing! :) Bootup: karma sendmail[91]: KAA00087: SYSERR(UID1): Cannot exec /usr/lib/exec/mail.local This message repeats itself, fluctuating between [95], [110], [111], [130], [139], [146], [154], [155], and [156] errors, aswell as fluctuation in KAA00087 to KAA00106, KAA00090, CAA00089, CAA00092, KAB00106, CAA01800. I think this is all of them.. This is not very good, because I can only login as root. if I try to login as a user, it tells me /usr/local/bin/tcsh: permission denied, and throws me back into a login prompt. I checked the permissions: -r-xr-xr-x 1 bin bin Strange.. it just kicked out another error too: karma sendmail[367]: /etc/pwd.db: permission denied. Keep in mind that these messages are just going sick all down my terminal.. on whatever terminal I am on at the time.. Any assistance would be appreciated! :) Regards, Jason A. Lixfeld -=- IDBS Administration System Administrator Client Services Representative Systems Liason -=- Internet Direct o/a ComputerLink Online Inc. 5415 Dundas Street West Suite 301 Etobicoke, ON M9B 1B5 CANADA [416] 233.7150 {V} [416] 233.6970 {F} -=- carrera@idirect.com From owner-freebsd-isp Fri Nov 22 08:27:31 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA26882 for isp-outgoing; Fri, 22 Nov 1996 08:27:31 -0800 (PST) Received: from dec.acnit.ac.ru ([193.233.113.20]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id IAA26708 for ; Fri, 22 Nov 1996 08:24:01 -0800 (PST) Received: (from root@localhost) by dec.acnit.ac.ru (8.7.5/8.7.3) id TAA00458 for freebsd-isp@freebsd.org; Fri, 22 Nov 1996 19:20:26 +0300 (MSK) Date: Fri, 22 Nov 96 16:20:25 +0000 From: root@dec.acnit.ac.ru (Charlie &) To: freebsd-isp@freebsd.org Message-ID: X-Mailer: BML [UNIX Beauty Mail v.1.39] Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I have FreeBSD 2.1.5 internet gateway and 2 class C subnets : 193.233.113.0 and 193.233.113.16(netmask .240), WWW server on NetWare 4.1 in .0 subnet. First problem: from .16 subnet I can't do any action to WWW (ping , lynx , ... ) Second problem: in .16 subnet don't works reverse DNS lookups from outside world , not from subnet .0 . From owner-freebsd-isp Fri Nov 22 08:41:16 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA27711 for isp-outgoing; Fri, 22 Nov 1996 08:41:16 -0800 (PST) Received: from ns2.harborcom.net (root@ns2.harborcom.net [206.158.4.4]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id IAA27680; Fri, 22 Nov 1996 08:41:05 -0800 (PST) Received: from swoosh.dunn.org (swoosh.dunn.org [206.158.7.243]) by ns2.harborcom.net (8.8.3/8.8.3) with SMTP id LAA10531; Fri, 22 Nov 1996 11:41:02 -0500 (EST) Date: Fri, 22 Nov 1996 11:38:17 -0500 () From: Bradley Dunn To: Edward Ing cc: isp@freebsd.org, questions@freebsd.org Subject: Re: IP routing thoery: ping pong effect. In-Reply-To: <32957576.2CE5@utoronto.ca> Message-ID: X-X-Sender: bradley@harborcom.net MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Edward Ing wrote: [big network diagram deleted] > My question is: how is it possible for Hb and He to route packages to > each > other? Obviously theoretically they can because it happens on the > Internet. > Thus, how can this theoretically be accomplished. Routing protocols. See: http://www.cisco.com/public/technotes/tech_protocol.shtml -BD From owner-freebsd-isp Fri Nov 22 10:32:24 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA08680 for isp-outgoing; Fri, 22 Nov 1996 10:32:24 -0800 (PST) Received: from nemesis.idirect.com (root@nemesis.idirect.com [207.136.80.40]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id KAA08633 for ; Fri, 22 Nov 1996 10:31:52 -0800 (PST) Received: from hometown.idirect.com (carrera@hometown.idirect.com [207.136.66.27]) by nemesis.idirect.com (8.6.9/8.6.12) with ESMTP id NAA03286; Fri, 22 Nov 1996 13:31:41 -0500 Received: from localhost (carrera@localhost) by hometown.idirect.com (8.7.4/8.6.9) with SMTP id NAA17486; Fri, 22 Nov 1996 13:14:50 -0500 (EST) X-Authentication-Warning: hometown.idirect.com: carrera owned process doing -bs Date: Fri, 22 Nov 1996 13:14:50 -0500 (EST) From: Jason Lixfeld To: graydon hoare cc: freebsd-isp@freebsd.org Subject: Re: FreeBSD Craaaaaaash.. In-Reply-To: <3295E3AC.15FB7483@multinet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, graydon hoare wrote: > > karma sendmail[91]: KAA00087: SYSERR(UID1): Cannot exec > > /usr/lib/exec/mail.local > > > > This message repeats itself, fluctuating between [95], [110], [111], > > [130], [139], [146], [154], [155], and [156] errors, aswell as fluctuation > > in KAA00087 to KAA00106, KAA00090, CAA00089, CAA00092, KAB00106, CAA01800. > > those are just PIDs and sendail job numbers which are all trying to use > your local mail delivery program. If /usr/lib/exec/mail.local is busted, > you'll have a hard time getting any mail. sounds more like your pwd.db > is corrupted. > what did you do? you can get your pwd.db back by doing pwd_mkdb > well, I'm not too sure what I was doing.. I was messing around with sending the .history file of each user to root, and the .histroy file from root, to me. Right now, this system is only connected cua a dialup 28.8 so.. I dunno.. Holy Molie.. I just got another massive screen dump on all 3 screens that I have open here in X. here is the contents: Nov 22 13:30:08 karma sendmail[877]: /etc/pwd.db: Permission denied Nov 22 13:30:08 karma sendmail[877]: CAA01815: SYSERR(UID1): Cannot exec /usr/libexec/mail.local: Permission denied Nov 22 13:30:08 karma sendmail[877]: CAA01815: SYSERR(UID1): Cannot exec /usr/libexec/mail.local: Permission denied Nov 22 13:30:08 karma sendmail[878]: /etc/pwd.db: Permission denied Nov 22 13:30:08 karma sendmail[878]: /etc/pwd.db: Permission denied Nov 22 13:30:08 karma sendmail[878]: CAA01800: SYSERR(UID1): Cannot exec /usr/libexec/mail.local: Permission denied Nov 22 13:30:08 karma sendmail[878]: CAA01800: SYSERR(UID1): Cannot exec /usr/libexec/mail.local: Permission denied Nov 22 13:30:08 karma sendmail[879]: /etc/pwd.db: Permission denied Nov 22 13:30:08 karma sendmail[879]: /etc/pwd.db: Permission denied Nov 22 13:30:08 karma sendmail[879]: CAA00089: SYSERR(UID1): Cannot exec /usr/libexec/mail.local: Permission denied Nov 22 13:30:08 karma sendmail[879]: CAA00089: SYSERR(UID1): Cannot exec /usr/libexec/mail.local: Permission denied Nov 22 13:30:09 karma sendmail[880]: /etc/pwd.db: Permission denied Nov 22 13:30:09 karma sendmail[880]: /etc/pwd.db: Permission denied Nov 22 13:30:09 karma sendmail[880]: CAA00092: SYSERR(UID1): Cannot exec /usr/libexec/mail.local: Permission denied Nov 22 13:30:09 karma sendmail[880]: CAA00092: SYSERR(UID1): Cannot exec /usr/libexec/mail.local: Permission denied Mind you that is all that I could get.. I'm sure that there is more on top.. [root@karma.idirect.com]:[/root]:(1012)//> telnet localhost Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. FreeBSD (karma.idirect.com) (ttyp4) login: carrera Password: Nov 22 13:31:38 karma login: login from localhost as carrera Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 2.1.5-RELEASE (GENERIC) #0: Wed Jul 17 03:09:31 1996 login: /usr/local/bin/tcsh: Permission denied Connection closed by foreign host. [root@karma.idirect.com]:[/root]:(1013)//> There.. that is what happens if I try to just login as a normaal user.. Any ideas.. BTW: pwd_mkdb didn't work!:) do I have to reboot the machine first? Regards, Jason A. Lixfeld -=- IDBS Administration System Administrator Client Services Representative Systems Liason -=- Internet Direct o/a ComputerLink Online Inc. 5415 Dundas Street West Suite 301 Etobicoke, ON M9B 1B5 CANADA [416] 233.7150 {V} [416] 233.6970 {F} -=- carrera@idirect.com From owner-freebsd-isp Fri Nov 22 10:47:47 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA09507 for isp-outgoing; Fri, 22 Nov 1996 10:47:47 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA09463 for ; Fri, 22 Nov 1996 10:47:21 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id MAA11034; Fri, 22 Nov 1996 12:44:28 -0600 From: Joe Greco Message-Id: <199611221844.MAA11034@brasil.moneng.mei.com> Subject: Re: The best way to allow users to access a WWW directory To: richards@herald.net (Richard Stanford) Date: Fri, 22 Nov 1996 12:44:27 -0600 (CST) Cc: shovey@buffnet.net, david@wvb.gomel.by, freebsd-isp@freebsd.org In-Reply-To: from "Richard Stanford" at Nov 22, 96 09:23:03 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hi, Well, I was not going to start discussing Web servers that had better planning and engineering... :-) But that is not an inappropriate topic, I guess. > On Fri, 22 Nov 1996, Steve wrote: > > In srm.conf you put > > > > UserDir public_html > > Or alternatively, set up a dedicated (slow/dumb) machine for users to login > to, specifically one that they can crash without bringing down any of your > essential services. Next, create a place on the webserver for users to put > their pages (ie: /www/users/ ) and create their directories underneath it. The > users must be in the /etc/passwd file for the webserver, but their password may > be * or something else so that they can never log in. Note you will want to prevent mail delivery, etc., as well. > Oh, almost forgot -- on the webserver, you can set UserDir to /www/users/ which > tells the engine to look here for user webpages. Even on a non-dedicated box, > this would allow you to put all webpages onto a seperate drive, rather than > having them intermingled with user's home directories. DOH! Can you really do that? I suppose it makes sense... I usually did that the hard way :-) (Ok, ok, I am not an Apache god) > Don't bother -- just help the next person. It all evens out, everyone is > happy, and we can all pretend that this is the internet of a few years ago. Is that why I spend so much time writing people messages... hhmmm.. :-) A word to the wise: Potential ISP's really need to plan for future growth. Now. A tale of one local ISP... we will call them mumble.com. Started small. Had a single UNIX box. Told customers.. "Yeah, set your DNS server, your SMTP mail host, your POP mail host, everything to be mumble.com. When you need to get to your shell account, telnet to mumble.com. When you need FTP, it's mumble.com. Your mail address is user@mumble.com. Your Web address is http://mumble.com/~user." Every single one of those backfired on them. Their mail system swamped the machine, first. They moved mail services to another machine, NFS mounting the mail spool from the new machine, and NFS mounting the user directories from the old machine for .forward files. This caused endless problems, because people tried to break into the mail machine via forward file tricks, etc. Many people ignored the instructions to switch to "pop.mumble.com" for POP mail, and continued to use "mumble.com". Eventually Mumble Co. also decided to provide a "mailhost.mumble.com" for outbound mail, because of load problems. Their refusal to re-engineer things so that forward files would not have to be mounted off their primary (original, "mumble.com") machine has caused endless stress and irritation. Their lack of foresight in providing CNAME's for POP mail and outbound mail means that even today, "mumble.com" does lots of unnecessary mail work. They are terrified to disable those services on "mumble.com" due to the sheer volume of support calls they would get. Their DNS servers were not too hard to split off. Still, they had real problems maintaining the discipline to nail down an IP address for people to use. Web services are another mess. Even when they got a clue and set up "www.mumble.com" as a CNAME for "mumble.com", they botched it by telling dial-up users to FTP into "www.mumble.com" to update their Web content. The use of "ftp.mumble.com" for both shell and general FTP has also essentially locked this into being located on "mumble.com" as well. Uuuuugggggh. Then, when they did manage to separate "www.mumble.com" onto a separate machine, they insisted on NFS mounting "mumble.com"'s drives, so that they would not need to re-educate their users about where the Web home page data was supposed to go. This was accomplished with Solaris and its nifty CacheFS, and was a whole lot more effort than it should have been. Of course, they got a boatload of calls when people tried to ftp to www.mumble.com to upload their content - and couldn't, because they did not have an account. Their internal networking architecture is based on Ethernet switches, because no one realistically paid any attention to network architecture issues. They don't really have a clue about how to fix it, now. Their excuses are good enough that even I can't see a good way to do it without causing quite a bit of havoc. That wasn't true two years ago when I first started yelling at them about their (at that time, small, and still bad) network architecture. Lessons? People, service names such as "www.*" and "ftp.*" are MAGIC names. Once you give them up to users, they are extremely hard to reclaim! If you do not PLAN to grow, when you DO grow, you will be in pain! If you refuse to inconvenience your users a bit in order to re-engineer your systems when you DO mess up, you will pay the price, forever. And if you fail to consider all this now... well, there are many folks (myself included) who can repair your problems for you, but the cost is MUCH more expensive than doing it right to begin with would have been. ... JG From owner-freebsd-isp Fri Nov 22 11:40:47 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA12721 for isp-outgoing; Fri, 22 Nov 1996 11:40:47 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA12615; Fri, 22 Nov 1996 11:40:04 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id NAA11099; Fri, 22 Nov 1996 13:39:20 -0600 From: Joe Greco Message-Id: <199611221939.NAA11099@brasil.moneng.mei.com> Subject: Re: IP routing thoery: ping pong effect. To: edward.ing@utoronto.ca (Edward Ing) Date: Fri, 22 Nov 1996 13:39:20 -0600 (CST) Cc: isp@freebsd.org, questions@freebsd.org In-Reply-To: <32957576.2CE5@utoronto.ca> from "Edward Ing" at Nov 22, 96 04:42:14 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk You need a routing protocol. Or you need a lot of static routing. Each node needs to know where to send packets. If you have two wires out of a box, you need to explain to the box which packets you want going out each wire. It is okay to have default going out one way, and static routes the other. In your sample network: He points default to x.x.4.1. Hc knows to reach He (x.x.4.5) implicitly, because it is on a directly connected network. This is, nevertheless, routing, and you MUST think of it as such. Ha knows how to reach Hc (x.x.3.5) by the same "implicit" rule, but does not know how to reach Hc (x.x.4.1) or He (x.x.4.5). Ha needs to be told "route -net x.x.4.0 -netmask 0xffffff00 x.x.3.5", which instructs Ha to forward all packets for x.x.4.* to x.x.3.5. This is static routing. Hd knows how to reach Ha (x.x.1.4) but not Ha (x.x.3.1) or Hc (x.x.3.5) or anything further down that chain. Now if Ha is your "main" router, you can solve this by telling Hd that the default route is "x.x.1.4", because Ha already knows how to reach all the way to He. Static routing is generally acceptable up to a certain point. I maintain two tiered routing (I have a "main" router and other routers, the main router maintains a full list of static routes, the others only know their local routes) but it is mildly annoying after a while. The disadvantage to this is that in many cases your packets will traverse the "main" router even if there is a slightly more efficient path between two routers on your backbone "without" going through that main router. You can avoid this by more completely calculating your routes; I consider this to be a pain in the ***. It is a pain in the *** anyways because you have to maintain the "main" router in addition to your other routers. Dynamic routing (via a routing protocol) is nicer because you (hopefully!) do not have to maintain the same routing information in multiple places (you have no designated "main" router that has an authoritative list of routes). I am in the midst of deploying OSPF for this purpose. OSPF will automatically maintain knowledge of the state of each internal link in my network, and knows about external links from my network to other places. With this knowledge, OSPF works to calculate the most efficient route from one point to the next. This also allows for redundancy in your internal networking structure, so that there is more than one path from point to point. Static routing generally is very poor at that. I suggest the routing protocol will be easier, long term. See "Routing in the Internet", a good reference book on the topic. > The following is my theoretical network. H's are hosts, N's are > networks. > x.x.n.n are the interface IPs. Ha is the highest node. N1 is like the > backbone. > So the internetwork is asymmetrical, and not quite like the > picture. > > > |---Ha --------| > x.x.3.1 | | x.x.1.4 > | | > N3---------- -----------N1 > | | > | | > x.x.3.5 | | x.x.1.5 > Hc Hd > x.x.4.1 | | x.x.2.1 > | | > N4------------ ------------N2 > | | > | | > x.x.4.5 | x.x.2.5 | > He Hb > > > Assume that these hosts are only a fraction of the hosts on each network > so > no fix networking table is used for routing because it would be > too complicated. Defautroute (0.0.0.0) for He is > x.x.4.1, for Hc is x.x.3.1, for Hb is x.x.2.1 for Hd is x.x.1.4. > > If Ha is given a default route, we will get a ping-pong effect. > > E.g. If default route of Ha is x.x.3.5 (Hc) and if He sends packet to Hb > this effect shows up. He routes to Hc on defaultroute, Hc routes to Ha > on defaultroute. Ha routes back to Hc on its default route and thus the > hosts > play ping-pong. A packet from He will never find Hb. Nor can Ha have > default > to Hd, otherwise the same effect occurs on the other side. > > Thus, Ha cannot have a defaultroute. But if that is the case, Hb and He > can > never send packets to each other in anycase. > > My question is: how is it possible for Hb and He to route packages to > each > other? Obviously theoretically they can because it happens on the > Internet. > Thus, how can this theoretically be accomplished. > > The answer I think must have to do with dynamic routing tables in Ha. > Or is it done with distributed routing tables (like DNS)? > > Is this why Ha is a router rather than a mere gateway? > > How would this work? I would appreciate a concise answer. > > Edward Ing. > From owner-freebsd-isp Fri Nov 22 11:52:25 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA13528 for isp-outgoing; Fri, 22 Nov 1996 11:52:25 -0800 (PST) Received: from i-gw.dalsys.com (i-gw.dalsys.com [207.42.153.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA13505 for ; Fri, 22 Nov 1996 11:52:05 -0800 (PST) Received: (from smap@localhost) by i-gw.dalsys.com (8.6.9/8.6.9) id NAA29799 for ; Fri, 22 Nov 1996 13:51:31 -0600 Received: from future.dsc.dalsys.com(199.170.161.3) by i-gw.dalsys.com via smap (V1.3) id sma029797; Fri Nov 22 13:51:21 1996 Received: from richards.dsc.dalsys.com by future.dsc.dalsys.com (AIX 3.2/UCB 5.64/8.6.12) id AA161123; Fri, 22 Nov 1996 13:56:53 -0600 Message-Id: <32962121.644B@herald.net> Date: Fri, 22 Nov 1996 13:54:41 -0800 From: Richard Stanford Organization: Herald Communications X-Mailer: Mozilla 3.0 (Win16; I) Mime-Version: 1.0 To: FreeBSD ISP Mailing List Subject: Re: FreeBSD Craaaaaaash.. Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > > FreeBSD (karma.idirect.com) (ttyp4) > > login: carrera > Password: > Nov 22 13:31:38 karma login: login from localhost as carrera > Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 > The Regents of the University of California. All rights > reserved. The fact that you got this message shows that you logged in correctly... > FreeBSD 2.1.5-RELEASE (GENERIC) #0: Wed Jul 17 03:09:31 1996 > > login: /usr/local/bin/tcsh: Permission denied > Connection closed by foreign host. > [root@karma.idirect.com]:[/root]:(1013)//> This means just what it says, permission to execute tcsh as a user denied. Do an ls -al on /usr/local/bin and see what the permissions and ownership are -- should be: -r-xr-xr-x 1 bin bin .... At least, make sure that a normal user has r-x on it. After that, if there are no problems logging in, check the permissions of the rest of your system as well. You said you were doing pwd_mkdb's -- I'd also check the user's groups, etc (do an id as that user)... Although if the shell is 555 it shouldn't make a difference. Check anyway. HTH -Richard From owner-freebsd-isp Fri Nov 22 12:09:03 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA14344 for isp-outgoing; Fri, 22 Nov 1996 12:09:03 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA14336 for ; Fri, 22 Nov 1996 12:08:54 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id OAA11148; Fri, 22 Nov 1996 14:07:14 -0600 From: Joe Greco Message-Id: <199611222007.OAA11148@brasil.moneng.mei.com> Subject: Re: FreeBSD as a Terminal Server To: jbh@netpci.com (JBH) Date: Fri, 22 Nov 1996 14:07:13 -0600 (CST) Cc: jengland@enetis.net, isp@FreeBSD.ORG In-Reply-To: from "JBH" at Nov 22, 96 03:50:08 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Get a livingston portmaster :) > > On Thu, 21 Nov 1996, Justin England wrote: > > > I'll be setting up a FreeBSD 2.1.5-RELEASE machine as a term server and > > haven't found any documentation on what needs to be done. > > > > I have read the manpages on setting up PPP etc, but it was vauge on what > > I need to do in order to have my users login, use PAP, and start the PPP > > sessions with dynamic IP address assigned. > > > > If somebody could point me to some documention that could explain this, > > I'd appreciate it. Get a DOS box. This really isn't all that hard! You need a ppp-aware getty. There are changes committed to -current on 11/13 that add a "pp=" capability to getty that can be used for this purpose, they appear to be derived from the changes I published last summer to 2.1.0R/2.1.5R getty. To do this, you will also need a script called "ppplogin" to properly invoke pppd or iij-ppp, as you wish. You can also use mgetty for this, from what I am told. It ain't rocket science. One of my very first uses for FreeBSD was as a terminal server; it's why I switched from NetBSD. (NetBSD's com driver sucked). That was way back before FreeBSD 1.0R. ... JG From owner-freebsd-isp Fri Nov 22 12:13:32 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA14514 for isp-outgoing; Fri, 22 Nov 1996 12:13:32 -0800 (PST) Received: from i-gw.dalsys.com (i-gw.dalsys.com [207.42.153.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id MAA14504 for ; Fri, 22 Nov 1996 12:13:23 -0800 (PST) Received: (from smap@localhost) by i-gw.dalsys.com (8.6.9/8.6.9) id OAA00384; Fri, 22 Nov 1996 14:13:21 -0600 Received: from future.dsc.dalsys.com(199.170.161.3) by i-gw.dalsys.com via smap (V1.3) id sma000380; Fri Nov 22 14:13:18 1996 Received: from richards.dsc.dalsys.com by future.dsc.dalsys.com (AIX 3.2/UCB 5.64/8.6.12) id AA64045; Fri, 22 Nov 1996 14:18:50 -0600 Message-Id: <32962647.781A@herald.net> Date: Fri, 22 Nov 1996 14:16:39 -0800 From: Richard Stanford Organization: Herald Communications X-Mailer: Mozilla 3.0 (Win16; I) Mime-Version: 1.0 To: Joe Greco Cc: shovey@buffnet.net, david@wvb.gomel.by, freebsd-isp@freebsd.org Subject: Re: The best way to allow users to access a WWW directory References: <199611221844.MAA11034@brasil.moneng.mei.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk [ Note : Non FreeBSD specific thread below - delete if feeling incenedary ] Joe Greco wrote: > Well, I was not going to start discussing Web servers that had better > planning and engineering... :-) But that is not an inappropriate topic, > I guess. Never an inappropriate topic, I'd say. > > Or alternatively, set up a dedicated (slow/dumb) machine for users to login > > to, specifically one that they can crash without bringing down any of your > > essential services. Next, create a place on the webserver for users to put > > their pages (ie: /www/users/ ) and create their directories underneath it. The > > users must be in the /etc/passwd file for the webserver, but their password may > > be * or something else so that they can never log in. > > Note you will want to prevent mail delivery, etc., as well. Agreed -- one of the points here is that the webserver would do one thing: serve HTTP requests. That's it. You could double up with something like FTP, but there'd have to be a good reason, IMO. The box wouldn't even have to run most of the inetd services -- I'd leave telnetd, but not a lot else. And telnetd could be moved off of port 23 for security reasons -- just have something sitting on port 23 displaying a happy little: "Please telnet to telnet.example.com for telnet access" or whatever :) Now if you're doing a box strictly for virtual servers, you may want to have each box handle SMTP, FTP and HTTP traffic for the domains it hosts -- (assume approx. 254) -- I'm of two minds about this. Opinions, anyone? > > Oh, almost forgot -- on the webserver, you can set UserDir to /www/users/ which > > tells the engine to look here for user webpages. Even on a non-dedicated box, > > this would allow you to put all webpages onto a seperate drive, rather than > > having them intermingled with user's home directories. > > DOH! Can you really do that? I suppose it makes sense... I usually did > that the hard way :-) (Ok, ok, I am not an Apache god) The hard way? I'm curious. But yes, you can. Assuming it's a dedicated webserver, you can even have it look in /www/u/s/username/ without any hacks to the code -- simply define /www/u/s/username as the user's home directory, and have apache serve ~username files from there. Not a good idea usually, but since the only reason the user's even IN /etc/passwd for the webserver is to allow permission setting and they'll never log in ... not a problem. > > Don't bother -- just help the next person. It all evens out, everyone is > > happy, and we can all pretend that this is the internet of a few years ago. > > Is that why I spend so much time writing people messages... hhmmm.. :-) Maybe so. You (JG) certainly help a lot of folk -- and we appreciate it. > A word to the wise: > > Potential ISP's really need to plan for future growth. Now. Very true. > A tale of one local ISP... we will call them mumble.com. > > Started small. Had a single UNIX box. Told customers.. > > "Yeah, set your DNS server, your SMTP mail host, your POP mail host, > everything to be mumble.com. When you need to get to your shell account, > telnet to mumble.com. When you need FTP, it's mumble.com. Your mail > address is user@mumble.com. Your Web address is http://mumble.com/~user." > > Every single one of those backfired on them. [good examples clipped] A good first step would be to have CNAMES for mail, www, etc pointing to the same box, if needed. Some people are too smart for their own good though -- they use the IP address. Not a problem -- alias several IPs to your single UNIX box and have one for mail, one for www, etc ... when you get seperate boxes, move them to that real IP. Nobody will ever know :) Another useful thing to do is to assign (through IP aliasing) RFC1918 addresses (such as 192.1.1.x) to all of your internal services as above. Remember, your router should be configured never to send these to the outside net anyway. Then, you tell your customers, for instance: Gateway - 192.1.1.1 DNS - 192.1.1.2 Secondary DNS - 192.1.1.3 Mail - mail.example.com (resolves locally to 192.1.1.4) News - news.example.com (resolves locally to 192.1.1.5 or someother ISPs news server) Shell acct - telnet.example.com ... you get the idea. This way, renumbering your internal networks should be transparant to all end users without dedicated external IP addresses. Your virtual domain customers won't like it, but most of your customers will never notice. Just my US$0.02 -- YMMV. > Lessons? > > People, service names such as "www.*" and "ftp.*" are MAGIC names. Once > you give them up to users, they are extremely hard to reclaim! I'm not really sure what you're getting at here ... can you explain? > If you do not PLAN to grow, when you DO grow, you will be in pain! [Nod] Very true. Plan to hit 100,000 accounts, and do everything you can to fit that model without sabotaging your current setup. It's an oldie, but: "If you fail to plan, plan to fail." > If you refuse to inconvenience your users a bit in order to re-engineer > your systems when you DO mess up, you will pay the price, forever. And it would be better to do it when small than large. -Richard From owner-freebsd-isp Fri Nov 22 12:21:29 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA14891 for isp-outgoing; Fri, 22 Nov 1996 12:21:29 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA14881 for ; Fri, 22 Nov 1996 12:21:11 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id OAA11196; Fri, 22 Nov 1996 14:19:51 -0600 From: Joe Greco Message-Id: <199611222019.OAA11196@brasil.moneng.mei.com> Subject: Re: Newsserver running NCR815 cards To: bminazzi@w3page.com (Blaine Minazzi) Date: Fri, 22 Nov 1996 14:19:51 -0600 (CST) Cc: isp@FreeBSD.org In-Reply-To: <329538BC.53BBB886@w3page.com> from "Blaine Minazzi" at Nov 21, 96 10:23:08 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > > Since many things have changed in the ~ 1 year since 2.1.0R came out, I > > would certainly suggest you try 2.1.6R. > > 2.1.6??? I am running 2.1.5R... Whoever started this claimed to be running 2.1.0R. > > I am running a dozen and a half of the ASUS SC-200 cards (do not scrimp and get cheapies, they can be problematic) to run ninety three drives of > > various types (including Quantum ProDrive/Atlas, Seagate Hawk/Barracuda, > > and some older HP drives, probably some others too, I know that the > > HP-C3323 works great but the 3724 does not work right under 2.1.0R, but > > that is reportedly due to firmware bugs in the drive.) > > I have some of the 3725 (?) methinks. If it is a firmware bug in the > _DRIVE_ , why does it work like a champ with the 2940. or, on the same > note, why does the same card and drive work fine under Linux? ( exact > same drive, Card, MB type... ) Probably because the 2940 does not support tagged queueing (or at least, did not by default, with the previous FreeBSD drivers for the Adaptec), and the NCR does. That is a problem. (And if that is indeed the problem, it is the fault of the drive, not FreeBSD). Reports of problems under Solaris with tagged queueing and the 372X drives makes me suspicious of them in general, as do a lot of firmware bugs in the younger cousin, the C3323. Therefore, I would tend to suspect that the NCR controller's default of using tagged queueing (a performance feature) is what is causing the problem, and is therefore not really a FreeBSD "bug" per se. It is something that FreeBSD could probably work around, however. > Maybe it is the drive... But the IBM 615 E 1.2 Gig that I have, which > Did work with 2.1.0 R quit working with 2.1.5 and the Same controller > card. Both Drives will work with these cards under Linux, no problem. ( > At first, I suspected the card, so I got another one. Same results.) Dunno. I have not seen that happen to me. > Kinda leads me to suspect the FreeBSD code. But, It matters not, > as I need something that works *today*... So, you get a 2940 and life > goes on. The $120 per controller is chicken feed where each server > is worth thousands per month in revenue. Sure. Personally I would want to pick up a faster drive that worked correctly... but that is just my opinion. Tagged queueing is particularly desirable on anything where lots and lots of stuff is going on. > I am not bashing the NCR stuff, I run it on my Linux workstation, > and it works like a champ... And, if it DID work for me under FreeBSD > I would certainly run them. They have a great reputation, and they are > cheaper to buy initially, and performance is similar. No desire to spend > money needlessly! Agreed. > I am curious about the "cheapies" you mention. These cards are only > $45 - $60 wholesale... What is a cheapie? Do I have to spend more than The ASUS SC-200's are about $60-$65 wholesale. The cheapies (I could probably come up with Curt's source if I needed to) are $30-$45. > that... I only pay $175 on the 2940's. To me that is appx $120 price > diff. I figure that the 4 - 5 hours I spent when doing the upgrade from > 2.1.0 to 2.1.5 trying to figure out why my hard drives wouldn't work > anymore is about $500 worth of my time. ( If I was billing it out. ) or, > put another way, that is about 4 controllers worth. Or two drives worth. > Anyway, my logic is thus... > ( Standard disclamer, YMMV. IMHO, CYA, RTFM, TTYL. ) > > 1: My HP Drives DO work with the 2940. > 2: My HP drives do NOT work with the NCR. > 3: I cannot fix the above problem. > 4: Beating head against wall for hours will not fix problem. > 5: Spending a couple extra bucks for 2940 will fix problem. 6: Spending a couple extra bucks for better drives will fix problem and also get you tagged queueing if you usr NCR controllers. Better fix. > ( I found answer by using DeJa News. Others had reported exact same > problem. ) > > Therefore, since I have limited time, I will wait for someone else > who is a far better programmer than I, ( most anyone ? :-) > to fix the problem. In the meantime. my servers run fine with the > Adaptec cards, and life goes on.... Servers serve, hard drives drive > hard, > lights flash, modems squeel and all is well in my corner of the > universe. Here too, ... JG From owner-freebsd-isp Fri Nov 22 13:14:50 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA17982 for isp-outgoing; Fri, 22 Nov 1996 13:14:50 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id NAA17959 for ; Fri, 22 Nov 1996 13:14:28 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id PAA11253; Fri, 22 Nov 1996 15:09:38 -0600 From: Joe Greco Message-Id: <199611222109.PAA11253@brasil.moneng.mei.com> Subject: Re: The best way to allow users to access a WWW directory To: richards@herald.net (Richard Stanford) Date: Fri, 22 Nov 1996 15:09:37 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, shovey@buffnet.net, david@wvb.gomel.by, freebsd-isp@freebsd.org In-Reply-To: <32962647.781A@herald.net> from "Richard Stanford" at Nov 22, 96 02:16:39 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > [ Note : Non FreeBSD specific thread below - delete if feeling > incenedary ] > > Joe Greco wrote: > > > Well, I was not going to start discussing Web servers that had better > > planning and engineering... :-) But that is not an inappropriate topic, > > I guess. > > Never an inappropriate topic, I'd say. I guess that depends :-) It is certainly OK for the ISP list though. > > Note you will want to prevent mail delivery, etc., as well. > > Agreed -- one of the points here is that the webserver would do one > thing: serve HTTP requests. That's it. You could double up with > something like FTP, but there'd have to be a good reason, IMO. The box > wouldn't even have to run most of the inetd services -- I'd leave > telnetd, but not a lot else. Good point, Richard. Actually that leads into one of my favorite things to bash people over the head with... separate the concept of services as much as possible onto independent machines. > And telnetd could be moved off of port 23 for security reasons -- just > have something sitting on port 23 displaying a happy little: "Please > telnet to telnet.example.com for telnet access" or whatever :) That's only a mild precaution. You can use a banner message for that, or you can simply toss up a nastygram like I do... % telnet smyrno.sol.net. Trying 206.55.64.117... Connected to smyrno.sol.net. Escape character is '^]'. sol.net Network Services - Milwaukee, WI This is a restricted access system. Unauthorized access is prohibited. For technical support or problems, please contact . FreeBSD 2.0.5R UNIX (smyrno.sol.net) (ttyp2) login: > Now if you're doing a box strictly for virtual servers, you may want to > have each box handle SMTP, FTP and HTTP traffic for the domains it hosts > -- (assume approx. 254) -- I'm of two minds about this. Opinions, > anyone? My opinion? I do handle all three on the box. FTP and HTTP clearly both belong on the box. SMTP is less obvious: it is simply easier to administer. Since my virtual box does not allow local mail delivery, and simply rewrites/forwards all mail (mainly intended to handle mail sent to "Webmaster@www.xyz.com") I did not consider it enough of an issue to be more complex and set up the aliasing on my mail hubs. A bigger operation, maybe afraid of a mail bomb, would definitely want to do SMTP on a different box. A rare example of how I do not always follow my own advice. :-) However, I will point this out: IT IS TRIVIAL TO CHANGE THE BEHAVIOUR WITHOUT DISRUPTION IN THE FUTURE. In those cases - and those cases alone - are compromises sometimes acceptable. > > DOH! Can you really do that? I suppose it makes sense... I usually did > > that the hard way :-) (Ok, ok, I am not an Apache god) > > The hard way? I'm curious. But yes, you can. Assuming it's a > dedicated webserver, you can even have it look in /www/u/s/username/ > without any hacks to the code -- simply define /www/u/s/username as the Code hacks... guess it dates back to the days before Apache. :-) I sometimes have a bad habit of perpetuating old sins. > user's home directory, and have apache serve ~username files from > there. Not a good idea usually, but since the only reason the user's > even IN /etc/passwd for the webserver is to allow permission setting and > they'll never log in ... not a problem. As long as you take appropriate precautions this is probably fine. > > > Don't bother -- just help the next person. It all evens out, everyone is > > > happy, and we can all pretend that this is the internet of a few years ago. > > > > Is that why I spend so much time writing people messages... hhmmm.. :-) > > Maybe so. You (JG) certainly help a lot of folk -- and we appreciate > it. Sorry, possibly a too-cryptic reference to the fact that I think in many ways this still _is_ the Internet of a few years ago :-) ... For all the commercialization, etc., that has gone on, there is still a lot of good will and projects such as FreeBSD seem to have drawn some of the best and brightest people I know of. > [good examples clipped] > > A good first step would be to have CNAMES for mail, www, etc pointing to > the same box, if needed. No, not "if needed". "Just Do It". I forgot {,to mention} that the same ISP I described used to use their upstream connection's NNTP server... well when they had to run a sed script on 10,000 home directories looking for all references to the news server in question.. ugh. Not to mention all the grief that they went through getting people to switch. A simple CNAME "news.mumble.com" would have saved them a day's worth of effort. > Some people are too smart for their own good > though -- they use the IP address. Not a problem -- alias several IPs > to your single UNIX box and have one for mail, one for www, etc ... when > you get seperate boxes, move them to that real IP. Nobody will ever > know :) Actually I do that :-) Mostly because some software (mostly DOS/Novell stuff) is too dumb to know how to resolve the name of a forwarding mail host, etc. Or you can be a mean, cruel, sadistic BOFH and move the IP number from time to time, I have been known to do that too and take very little pity on people who use IP's for things like Web server addresses. Both are good policies for various reasons. :-) > Another useful thing to do is to assign (through IP aliasing) RFC1918 > addresses (such as 192.1.1.x) to all of your internal services as > above. Remember, your router should be configured never to send these > to the outside net anyway. > > Then, you tell your customers, for instance: > > Gateway - 192.1.1.1 > DNS - 192.1.1.2 > Secondary DNS - 192.1.1.3 > Mail - mail.example.com (resolves locally to 192.1.1.4) > News - news.example.com (resolves locally to 192.1.1.5 > or someother ISPs news server) > Shell acct - telnet.example.com > > ... you get the idea. > > This way, renumbering your internal networks should be transparant to > all end users without dedicated external IP addresses. Your virtual > domain customers won't like it, but most of your customers will never > notice. > > Just my US$0.02 -- YMMV. Now that is a trick I had not heard of - or thought of! I do not like for one simple reason: it means that your customers break if they connect through some off-site ISP (or if you contract with some other ISP to provide remote Point-Of-Presence services for you) Other than that, it is a pretty interesting suggestion. > > Lessons? > > > > People, service names such as "www.*" and "ftp.*" are MAGIC names. Once > > you give them up to users, they are extremely hard to reclaim! > > I'm not really sure what you're getting at here ... can you explain? Sure. This is much more subtle, and is more a matter of preference. You have three basic kinds of non-virtual Web service typically provided by a host: 1) Your own corporate web pages 2) Business customer web pages and 3) Personal web pages. Typically personal Web pages are distinguished by tilde... the other two can, for most intents and purposes, be considered to be the same thing. There will (!) come a time when even the load on a dedicated Web server becomes too much. This is the basis for yet one further division that allows you to separate out business Web services (generally lucrative) from personal Web services (generally freebies accompanying a shell account). You do NOT want the business Web services to suffer when (!) some idiot decides to post nudie pix on his Web page. You may also want to provide for redundant servers, etc., for business Web services while not wasting the resources on your personal Web pages. I also believe that there is "prime real estate" in domain names, and "www.*" is "prime real estate". Once you give someone a Web page at "http://www.mumble.com/~user", they are camped there forever. You will never be able to get them off of that address. I generally recommend that business Web pages be published as "http://www.mumble.com/company" and personal Web pages be published as "http://web.mumble.com/~user" (or s/web/users/, etc). This allows the two to be completely separate, and easily separated at a future date onto two machines. (It's also probably a bit more secure.) Users will gripe about "web" instead of "www", but they will accept it if it is the option you provide from Day #1. You can install an intercept on http://www.mumble.com to catch URL's starting with a tilde to point them to the "Web" box and a little scolding message. Now you have two separate operations, which are easier to manage and maintain. The business customers get a P166 with 128MB RAM, the personal customers get a 386DX/40 with 4MB RAM :-) (Is that all clear, why I suggest doing that?) The same thing is true of ftp.. if your users are used to being able to put things on "ftp://ftp.mumble.com/pub/users/{username}", and that changes, they will be irate. Yet you may wish to have a separate, secure machine for your "main" FTP site... Basically: It is particularly hard to break these services off from your shell machine if people are used to them being tied to the machine. Cut the strings now, not later. Make sure your users never get used to doing something that you can not support in the long term. That is really the basic principle. > > If you do not PLAN to grow, when you DO grow, you will be in pain! > > [Nod] Very true. Plan to hit 100,000 accounts, and do everything you > can to fit that model without sabotaging your current setup. > > It's an oldie, but: "If you fail to plan, plan to fail." > > > If you refuse to inconvenience your users a bit in order to re-engineer > > your systems when you DO mess up, you will pay the price, forever. > > And it would be better to do it when small than large. And failing that, if you have to do it when large, FOR CRYING OUT LOUD, DO IT IMMEDIATELY. If you sit and wait six months, you will be twice the size and it will be even harder to do. Of course by that time they all think they know better and don't need to follow that advice... and then six months later they are sorry. THAT I have seen too many times. ... JG From owner-freebsd-isp Fri Nov 22 14:08:32 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA20716 for isp-outgoing; Fri, 22 Nov 1996 14:08:32 -0800 (PST) Received: from ns.kconline.com (ns.kconline.com [207.51.167.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA20706 for ; Fri, 22 Nov 1996 14:08:18 -0800 (PST) Received: from localhost (jriffle@localhost) by ns.kconline.com (8.8.2/8.7.3) with SMTP id RAA11078; Fri, 22 Nov 1996 17:08:14 -0500 (EST) Date: Fri, 22 Nov 1996 17:08:12 -0500 (EST) From: Jim Riffle To: Veggy Vinny cc: isp@FreeBSD.ORG Subject: Re: ICMP Ping Flood tracing In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Veggy Vinny wrote: > > > Is there anyway to trace ICMP Ping Floods to see where the source > > > machine is that is flooding your machine? Thanks. > > > > Yes, there is. I don't know how to tell after the fact, but during it, > > you can tell when it is coming from. > > Really? I tried netstat and can't find any ip addresses or > hostnames. You would have to use tcpdump or trafshow during to see those. > Sounds good, is there any way to also limit ping's to 64 bytes and > not larger than that? This, I am unsure of, anyone else know about this one? Jim From owner-freebsd-isp Fri Nov 22 14:10:26 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA20884 for isp-outgoing; Fri, 22 Nov 1996 14:10:26 -0800 (PST) Received: from soda.CSUA.Berkeley.EDU (soda.CSUA.Berkeley.EDU [128.32.43.52]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA20852 for ; Fri, 22 Nov 1996 14:10:08 -0800 (PST) Received: from localhost (richardc@localhost) by soda.CSUA.Berkeley.EDU (8.6.12/8.6.12) with SMTP id OAA27715; Fri, 22 Nov 1996 14:11:20 -0800 Date: Fri, 22 Nov 1996 14:11:18 -0800 (PST) From: Veggy Vinny To: Jim Riffle cc: isp@FreeBSD.ORG Subject: Re: ICMP Ping Flood tracing In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Jim Riffle wrote: > > Really? I tried netstat and can't find any ip addresses or > > hostnames. > > You would have to use tcpdump or trafshow during to see those. Oh I see. > > Sounds good, is there any way to also limit ping's to 64 bytes and > > not larger than that? > > This, I am unsure of, anyone else know about this one? Hmmm, I know that some systems have ping only working at 64 bytes and nothing higher but not sure if the system being ping'ed can ignore everything above 64 bytes or not. Cheers, Vince GaiaNet Corporation - Unix Networking Operations - GUS Mailing Lists Admin From owner-freebsd-isp Fri Nov 22 14:32:08 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA22279 for isp-outgoing; Fri, 22 Nov 1996 14:32:08 -0800 (PST) Received: from smople.thehub.com.au (smople.thehub.com.au [203.17.162.10]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA22262 for ; Fri, 22 Nov 1996 14:32:00 -0800 (PST) Received: (from richard@localhost) by smople.thehub.com.au (8.6.12/8.6.9) id IAA00497; Sat, 23 Nov 1996 08:29:45 +1000 Date: Sat, 23 Nov 1996 08:29:45 +1000 (EST) From: Richard J Uren To: Jason Lixfeld cc: freebsd-isp@freebsd.org Subject: Re: FreeBSD Craaaaaaash.. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Fri, 22 Nov 1996, Jason Lixfeld wrote: > I think I broke soemthing! :) > > Bootup: > > karma sendmail[91]: KAA00087: SYSERR(UID1): Cannot exec > /usr/lib/exec/mail.local > > This message repeats itself, fluctuating between [95], [110], [111], > [130], [139], [146], [154], [155], and [156] errors, aswell as fluctuation > in KAA00087 to KAA00106, KAA00090, CAA00089, CAA00092, KAB00106, CAA01800. > > I think this is all of them.. This is not very good, because I can only > login as root. if I try to login as a user, it tells me > /usr/local/bin/tcsh: permission denied, and throws me back into a login > prompt. I checked the permissions: -r-xr-xr-x 1 bin bin > > Strange.. it just kicked out another error too: > > karma sendmail[367]: /etc/pwd.db: permission denied. > > Keep in mind that these messages are just going sick all down my > terminal.. on whatever terminal I am on at the time.. > > Any assistance would be appreciated! :) > This happened (for the first time) last weekend on our main mail box. Im not sure how this happened but rebuilding the pwd.db file fixed things. Do a man pwd_mkdb for the details. Cheers Richard From owner-freebsd-isp Fri Nov 22 14:34:35 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA22049 for isp-outgoing; Fri, 22 Nov 1996 14:28:18 -0800 (PST) Received: from pollux.or.signature.nl (root@pollux.or.signature.nl [194.229.138.194]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA22041 for ; Fri, 22 Nov 1996 14:28:13 -0800 (PST) Received: from pc03.or.signature.nl (pc03.or.signature.nl [194.229.138.197]) by pollux.or.signature.nl (8.7.6/bs) with SMTP id XAA07123; Fri, 22 Nov 1996 23:27:57 +0100 (MET) Message-Id: <1.5.4.16.19961122222731.215f3afa@pollux.or.signature.nl> X-Sender: bit@pollux.or.signature.nl X-Mailer: Windows Eudora Light Version 1.5.4 (16) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Fri, 22 Nov 1996 22:27:31 +0000 To: Ronald Wiplinger From: Bart Smit Subject: Re: Name Server Q Cc: freebsd-isp@freebsd.org Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk At 08:36 AM 11/22/96 +0800, Ronald Wiplinger wrote: > >On Thu, 21 Nov 1996, James Buszard-Welcher wrote: > >> Um... CNAME means "Cannonical Name". Which is to say >> that 'news' is an alias for a machine that is really >> called 'somename'. There is only ONE cannonical name >> for a given IP address. > > >That is not true! You can have multiple CNAME to one IP, but can only have >one IP to lookup one name. Only the named.rev is limited, not the >named.hosts. > oops... There is a rather persistent misconception about CNAME records that I see and hear all too often. Let me try to explain: A CNAME record allows you to look up the canonical name for an alias host name. So, in the example above 'news' is the alias, and 'somename' is the canonical name. Many people I know think & talk about 'news' BEING the canonical name but that's not correct. After all, we also don't call 'somename' an IP address just because it's in the first field of an A (address) record, do we? Of course you can have multiple CNAME records all pointing to the same canonical name, but there's only one canonical name for each IP. -- Bart From owner-freebsd-isp Fri Nov 22 14:50:22 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA23425 for isp-outgoing; Fri, 22 Nov 1996 14:50:22 -0800 (PST) Received: from i-gw.dalsys.com (i-gw.dalsys.com [207.42.153.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA23409 for ; Fri, 22 Nov 1996 14:50:15 -0800 (PST) Received: (from smap@localhost) by i-gw.dalsys.com (8.6.9/8.6.9) id QAA02571; Fri, 22 Nov 1996 16:50:13 -0600 Received: from future.dsc.dalsys.com(199.170.161.3) by i-gw.dalsys.com via smap (V1.3) id sma002569; Fri Nov 22 16:50:09 1996 Received: from richards.dsc.dalsys.com by future.dsc.dalsys.com (AIX 3.2/UCB 5.64/8.6.12) id AA148713; Fri, 22 Nov 1996 16:55:42 -0600 Message-Id: <32964B0F.3C88@herald.net> Date: Fri, 22 Nov 1996 16:53:35 -0800 From: Richard Stanford Organization: Herald Communications X-Mailer: Mozilla 3.0 (Win16; I) Mime-Version: 1.0 To: Joe Greco Cc: freebsd-isp@freebsd.org Subject: Re: The best way to allow users to access a WWW directory References: <199611222109.PAA11253@brasil.moneng.mei.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk [ Non FreeBSD specific thread ] Joe Greco wrote: > Actually that leads into one of my favorite things > to bash people over the head with... separate the concept of services as > much as possible onto independent machines. Amen to that. Many small, even underpowered boxes are, IMO, superior. And after all, how much CPU /does/ it take to run sendmail and pop3d (for instance)? Not a lot, and if they're the only processes getting time, so much the better. > > And telnetd could be moved off of port 23 for security reasons -- just > > have something sitting on port 23 displaying a happy little: "Please > > telnet to telnet.example.com for telnet access" or whatever :) > > That's only a mild precaution. You can use a banner message for that, > or you can simply toss up a nastygram like I do... I was thinking more along the lines of: % telnet www.example.com Trying 192.1.1.1 Connected to www.example.com. Escape character is '^]'. Thank you for choosing Example. Please telnet to telnet.example.com for telnet access. Connection closed% % % telnet www.example.com 3232 Trying 192.1.1.1 Connected to www.example.com. Escape character is '^]'. Welcome to Example Webserver (nala.example.com). login: > > Now if you're doing a box strictly for virtual servers, you may want to > > have each box handle SMTP, FTP and HTTP traffic for the domains it hosts > > -- (assume approx. 254) -- I'm of two minds about this. Opinions, > > anyone? > > My opinion? I do handle all three on the box. FTP and HTTP clearly > both belong on the box. I would tend to agree -- assuming that FTP is a minor load. These days, it seems that most vanity-domain customers don't even care about it anyway -- it's a service that you have to ask for to get. > SMTP is less obvious: it is simply easier to > administer. Since my virtual box does not allow local mail delivery, > and simply rewrites/forwards all mail (mainly intended to handle mail > sent to "Webmaster@www.xyz.com") I did not consider it enough of an > issue to be more complex and set up the aliasing on my mail hubs. Good point -- it's mainly for ifwhen a central mail hub starts to become congested. Anyone know when this point is, btw? Assume PP200 with gobs of memory and disk, not even sure what the bottlenecks would be. I'd be willing to bet that it would run out of network-speed before anything else, though. > A bigger operation, maybe afraid of a mail bomb, would definitely > want to do SMTP on a different box. A rare example of how I do not > always follow my own advice. :-) However, I will point this out: > IT IS TRIVIAL TO CHANGE THE BEHAVIOUR WITHOUT DISRUPTION IN THE FUTURE. This is the real point. Seperating services allows some invulnerability to attacks that exploit a particular service. For instance, if you run a seperate FTP server (useful for mirrors, etc...) and someone finds a way to exploit your ftpd, the /only/ machine affected is your FTP server. Beware: next point may induce disagreement. One point this brings up, though. If you don't have services on a particular machine, really disable them. For instance, if you have a dedicated FTP server, none of your other boxen should even listen to ports 20, 21, 47, 69, 115, 152 or 215 unless there's a darn good reason for them to do so. Yes, this makes file transfers from, say, your shell account box to your DNS server more difficult for you (you /have/ disabled rcp/rlogin, right?) But the extra steps (FTP to your FTP server, then telnet to the target box and FTP from your FTP server, deleting the files afterward) don't really happen all that often. Security can be a real pain in the *** up until the point you or someone you know gets hacked. Then it becomes real (IMpersonalO) > > user's home directory, and have apache serve ~username files from > > there. Not a good idea usually, but since the only reason the user's > > even IN /etc/passwd for the webserver is to allow permission setting and > > they'll never log in ... not a problem. > > As long as you take appropriate precautions this is probably fine. Well, since the users will NEVER log onto the webserver, the home directory in /etc/passwd is more for convenience in this case. > For all the commercialization, etc., that has gone on, there is still a > lot of good will and projects such as FreeBSD seem to have drawn some of > the best and brightest people I know of. Yay FreeBSD! > > A good first step would be to have CNAMES for mail, www, etc pointing to > > the same box, if needed. > > No, not "if needed". "Just Do It". Good point. > > Some people are too smart for their own good > > though -- they use the IP address. Not a problem -- alias several IPs > > to your single UNIX box and have one for mail, one for www, etc ... when > > you get seperate boxes, move them to that real IP. Nobody will ever > > know :) > > Actually I do that :-) Mostly because some software (mostly DOS/Novell > stuff) is too dumb to know how to resolve the name of a forwarding mail > host, etc. [Sigh] This does happen. As a side benefit to the small ISP, you look bigger than you are to the moderately-clueful. > Or you can be a mean, cruel, sadistic BOFH and move the IP number from > time to time, I have been known to do that too and take very little pity > on people who use IP's for things like Web server addresses. [Grin] That's just too much work :) > > Another useful thing to do is to assign (through IP aliasing) RFC1918 > > addresses (such as 192.1.1.x) to all of your internal services as > > above. Remember, your router should be configured never to send these > > to the outside net anyway. [Snip] > > This way, renumbering your internal networks should be transparant to > > all end users without dedicated external IP addresses. Your virtual > > domain customers won't like it, but most of your customers will never > > notice. > > Now that is a trick I had not heard of - or thought of! I do not like > for one simple reason: it means that your customers break if they > connect through some off-site ISP (or if you contract with some other > ISP to provide remote Point-Of-Presence services for you) No problem at all! These names only translate to RFC1918 addresses on your INTERNAL DNS servers. What's an internal DNS server? Let me explain... You, as an ISP, generally provide two distinct forms of DNS, usually from the same box without caring about the distinction (which is fine). These are: 1) Resolve /any/ name into an IP address This is used mainly by your internal staff and dialup customers. It may also be used by people with broken DNS servers, unless you restrict its use to internal machines only (good idea). And as long as you've done that, why not throw it off on a subnet that the outside world can't even get to? When it's used only by people inside your network, the RFC1918 IPs that it resolves will work and be correctly routed. 2) Resolve any of your internal machine names (and custom domains, et cetera) to an IP address. This is used by people outside your network (ie: the rest of us) to retrieve information about domains you're authoratative for. The number of times this happens will be a lot less than the number of times internal people resolve external names (unless you're heavily into content providing) and you can easily estimate the maximum size of this process and rightsize it on its own box (2 boxes rather). Once these functions are seperated, as long as each machine (mail, dns, whatever) for instance has a routable IP address and an internal one, you can use both fearlessly. This way, should you ever change it, your internal customers won't have to change a thing and people outside your net will suffer for the TTL of your DNS records (which would happen anyway). > Other than that, it is a pretty interesting suggestion. Does this answer your "other than that"? > You have three basic kinds of non-virtual Web service typically provided > by a host: 1) Your own corporate web pages 2) Business customer web > pages and 3) Personal web pages. > > Typically personal Web pages are distinguished by tilde... the other two > can, for most intents and purposes, be considered to be the same thing. > > There will (!) come a time when even the load on a dedicated Web server > becomes too much. This is the basis for yet one further division that > allows you to separate out business Web services (generally lucrative) > from personal Web services (generally freebies accompanying a shell > account). Agreed. We split webpages up into personal (no guarantees) and commercial (full vanity names, etc). While this makes me wary of renumbering and having to change all the InterNIC records for the vanity domains (unless we keep say a /28 to put our DNS servers on from the same people ... hmm ...) that's the only problem I see. And one thing we're looking to put into place is a seperation of connection and name -- for instance, setup screen/conversation will go something like: ... Well, there are the phone numbers, IP addresses, and username/password and you're connected up. Now, for email, how would you like your email address and personal webspace listed? We can offer you names under: a) herald.net b) coolname.com c) othercoolname.com ... This is just an idea right now, but it would allow us to offer addresses to people as buffy@domain.com (I hear so many people bitch about @computer.domain.com addresses, for some reason (Vanity?)) but keep the names within limits. When one starts to get full (one domain per nice-sized mailserver/webserver too) we just discontinue selling it. > You do NOT want the business Web services to suffer when (!) some idiot > decides to post nudie pix on his Web page. You may also want to provide > for redundant servers, etc., for business Web services while not wasting > the resources on your personal Web pages. Agreed -- you do not want ANY service you offer to suffer when ANY other service you offer gets hit - this includes mailbombing, attention-flooding as above, hacker-exploited weaknesses ... > I also believe that there is "prime real estate" in domain names, and > "www.*" is "prime real estate". Once you give someone a Web page at > "http://www.mumble.com/~user", they are camped there forever. You will > never be able to get them off of that address. Agreed -- if you serve a supply of domains (anti- nice-internet -standards, I know, but...) that all mean you, this may not become a problem. In fact, give each domain you serve its own access phonenumber off of your hunt group, remove any identification from your login scripts, and you can even advertise as competitive ISPs. This could let you sell a cheapie service ($10-20 a month, whatever your area standard is) AND a $25/30 (or whatever) a month premium service using the same hardware. Few people might go for the $25/30 but it doesn't cost you anything other than minor advertising to offer it, and you make more money from it. People who won't pay that much would just go to the cheap service (you also :) Just a thought. You could also target advertising differently, ie: use the pricey service to donate time/accounts to PBS stations, etc... use the cheaper one if you decide to advertise at a tractor pull. Hmm... > I generally recommend that business Web pages be published as > "http://www.mumble.com/company" and personal Web pages be published as > "http://web.mumble.com/~user" (or s/web/users/, etc). This allows the > two to be completely separate, and easily separated at a future date > onto two machines. (It's also probably a bit more secure.) Users will > gripe about "web" instead of "www", but they will accept it if it is > the option you provide from Day #1. You can install an intercept on > http://www.mumble.com to catch URL's starting with a tilde to point them > to the "Web" box and a little scolding message. Agreed -- just not applicable to our business accounts. > Now you have two separate operations, which are easier to manage and > maintain. The business customers get a P166 with 128MB RAM, the personal > customers get a 386DX/40 with 4MB RAM :-) Er, well, whatever. They should be different, in all probability... the pricier accounts tend to be less accepting of downtime, for instance. I would suggest, once you host some high-dollar virtual-domain or business accounts, to consider mirroring your server. Round-robin DNS is one way to do this, and works well (see DNS docs for instructions). Mirror the 2 machines however you like (nightly, realtime, whatever). When one goes down (and it will) simply add an IP alias to the other for the address of the first (assuming they're on the same segment) and you're in business. You'll have to alias any virtual domains over too. A pain, but relatively fast and it lets you repair the down box in peace. Note: Round robin DNS like this can cause problems for CGI scripts that aren't stateless -- for these, you may want to consider a very robust CGI server. But if you're in the position where you care enough about this problem to need to fix it, you probably already have one :) > (Is that all clear, why I suggest doing that?) Yes. > The same thing is true of ftp.. if your users are used to being able > to put things on "ftp://ftp.mumble.com/pub/users/{username}", and that > changes, they will be irate. Yet you may wish to have a separate, secure > machine for your "main" FTP site... [Grins] This assumes you even offer ftp to your users. If you do, I'd suggest a different box for sure, maybe even use the custom domains talked about up above (I think I'll pull herald.net from that list, that way the corporate stuff is fully seperate ... big links from www.cooldomainname.com -> www.herald.net should work ... still working this idea out :) > Basically: It is particularly hard to break these services off from > your shell machine if people are used to them being tied to the machine. Agreed. Ideally, your shell machine should do one thing only -- be a shell machine. A shell machine is the easiest thing to crash or get CPU-Maxed, and you don't want any of your other services impacted when (not if) that happens. Get a cheap box (expensive and good if you can, cheap if not) and let the users play there. Reboot it every night at 3am or something (make this plain) and nobody should have any problems with it. > Make sure your users never get used to doing something that you can not > support in the long term. That is really the basic principle. So very true. This is why many sysadmins find themselves doing maintenance work. The best one I ever worked with (at a previous job :( ) spent the whole day doing nothing, and the machines just worked. This is the sign of a good admin. -Richard From owner-freebsd-isp Sat Nov 23 06:13:18 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA27696 for isp-outgoing; Sat, 23 Nov 1996 06:13:18 -0800 (PST) Received: from unibel.by (alice.unibel.by [195.50.0.195]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA27688 for ; Sat, 23 Nov 1996 06:13:04 -0800 (PST) Received: from brc.minsk.by (brc.minsk.by [193.232.92.36]) by unibel.by (8.8.2/8.8.2) with ESMTP id QAA00762 for ; Sat, 23 Nov 1996 16:12:40 +0200 (EET) Received: (from uucp@localhost) by brc.minsk.by (8.8.2/8.8.2) with UUCP id PAA16540 for freebsd-isp@freebsd.org; Sat, 23 Nov 1996 15:58:26 +0200 (EET) Received: from david.wvb.gomel.by (david [150.97.0.2]) by wvb.gomel.by (8.7.5/8.7.3) with SMTP id PAA00392 for ; Sat, 23 Nov 1996 15:35:43 +0200 (EET) Received: by david.wvb.gomel.by with Microsoft Mail id <01BBD927.1C7FA560@david.wvb.gomel.by>; Sat, 23 Nov 1996 10:14:28 +-200 Message-ID: <01BBD927.1C7FA560@david.wvb.gomel.by> From: David Stickney To: "'FBSD ISP'" Subject: What is the monthly volume for FreeBSD-ISP? Date: Sat, 23 Nov 1996 10:14:26 +-200 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk My Mail cost me $50 a month plus a long distance phone call, But I have seen some threads and think I am missing a lot of good stuff. If it's under a meg or so.., I may sign up.. Dave From owner-freebsd-isp Sat Nov 23 06:13:22 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA27710 for isp-outgoing; Sat, 23 Nov 1996 06:13:22 -0800 (PST) Received: from unibel.by (alice.unibel.by [195.50.0.195]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id GAA27687 for ; Sat, 23 Nov 1996 06:13:03 -0800 (PST) Received: from brc.minsk.by (brc.minsk.by [193.232.92.36]) by unibel.by (8.8.2/8.8.2) with ESMTP id QAA00775 for ; Sat, 23 Nov 1996 16:12:44 +0200 (EET) Received: (from uucp@localhost) by brc.minsk.by (8.8.2/8.8.2) with UUCP id PAA16532 for freebsd-isp@freebsd.org; Sat, 23 Nov 1996 15:57:54 +0200 (EET) Received: from david.wvb.gomel.by (david [150.97.0.2]) by wvb.gomel.by (8.7.5/8.7.3) with SMTP id PAA00362 for ; Sat, 23 Nov 1996 15:12:51 +0200 (EET) Received: by david.wvb.gomel.by with Microsoft Mail id <01BBD923.EAECF0A0@david.wvb.gomel.by>; Sat, 23 Nov 1996 09:51:37 +-200 Message-ID: <01BBD923.EAECF0A0@david.wvb.gomel.by> From: David Stickney To: "'FBSD ISP'" Subject: WWW PPP, POP, UUCP, SAMBA and a ZIllion or two other questions... Date: Sat, 23 Nov 1996 09:51:34 +-200 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Dear ISP'ers, First, Thanks to everyone who has written me, you guys have been a big = help, the line or 2 (or more) that many of you have written has made a = big difference. Thanks Again. I am not connected to the net, aside from a UUCP feed that cost me $50 a = Meg,.. I can't even sign up to lists because almost all of them run over = a meg or 2 every month.. I have written a few times, so I don't want you = guys to think I am just lazy, I just don't have any other source. By the way, everything I figure out, is going to be replicated on six = other servers in a month or so, when I do get an IP feed. It will be = heaven. ( Noboby has installed Internet in the Chernobyl Zone guys, I = can stick a router up an go home, but thats not any fun is it?) Here is what I have I have a 9 node LAN, all machines running Windows 95, Novell 3.11, and = FBSD. (11 Computers) there are 2 Modems on the BSD box and 4 laptops = with modems floating around, I have a UUCP feed to the net, = (*.wvb.gomel.by) with 5 subdomains, I also have about $12,000 to connect = my town to the internet. So... I set up wvb.gomel.by on FBSD (I was using UUPCex before). connected it = to the LAN. I then loaded IP on all the nodes, and started running = named, then I set up Samba, POP, Apache, UUCP, and Microsoft Exchange as = well as a dozen or so other little tweaks, made it all work in Russian.=20 Again, Thanks, Many of you have filled the wholes in the handbook and = Faq.. Now I have to set up PPP so the laptoppers can call in for their mail. = and I have a few more questions.. I have sucessfully called and downloaded the mail, but, There is no login prompt, it connects and starts the PPP, It also does = not give IP addresses and DNS. although I have put Login and all the IP = comments in the /etc/ppp/options file, does this all need to be on the = command line? I have added the -d debug option to the command line but I get no file, = There is no mention of it in syslog.conf, should there be?=20 PPPD exits after the first call, does it need to be reloaded after every = call? I am using the scripts from the handbook. Is there a PPPD FAQ somewhere? If someone has it, is it BIG? (I have a = 100k limit on the feed) What is the REAL meaning of life? Anyways, Thanks for reading this, and as always, I am willing to pay the = poeple who help me, Please include your ground address. I am in the = former soviet union, so you'll get 50 former soviet rubles for helping. = Yours, Dave From owner-freebsd-isp Sat Nov 23 10:26:26 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA06688 for isp-outgoing; Sat, 23 Nov 1996 10:26:26 -0800 (PST) Received: from agora.rdrop.com (root@agora.rdrop.com [199.2.210.241]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id KAA06682 for ; Sat, 23 Nov 1996 10:26:23 -0800 (PST) Received: by agora.rdrop.com (Smail3.1.29.1 #17) id m0vRMmQ-0008rOC; Sat, 23 Nov 96 10:26 PST Message-Id: From: batie@agora.rdrop.com (Alan Batie) Subject: Re: The best way to allow users to access a WWW directory To: david@wvb.gomel.by (David Stickney) Date: Sat, 23 Nov 1996 10:26:18 -0800 (PST) Cc: freebsd-isp@freebsd.org In-Reply-To: <01BBBC02.185B1740@david.wvb.gomel.by> from "David Stickney" at Oct 17, 96 08:05:28 am X-Mailer: ELM [version 2.4 PL24 ME8a] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > There is a comment "UserDir public_html" where does it go? Rather than using UserDir, which puts the subdirectory in a user's home directory, I use Alias for /~ and /users to put them in /home/web. The reasoning is that I have a lot of novice users who don't know Unix from Eunuchs. To protect them, by default their directories are not readable by anyone except for them. The also are going to have no clue about setting permissions, so the only way to get their web pages to work is to move them out of their home dirs. -- Alan Batie ______ batie@agora.rdrop.com \ / Assimilate this! +1 503 452-0960 \ / --Worf, First Contact DE 3C 29 17 C0 49 7A 27 \/ 40 A5 3C 37 4A DA 52 B9 It is my policy to avoid purchase of any products from companies which use unrequested email advertisements or telephone solicitation. From owner-freebsd-isp Sat Nov 23 11:38:23 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA09478 for isp-outgoing; Sat, 23 Nov 1996 11:38:23 -0800 (PST) Received: from shadows.aeon.net (bsdisp@shadows.aeon.net [194.100.41.1]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA09470 for ; Sat, 23 Nov 1996 11:38:14 -0800 (PST) Received: (from bsdisp@localhost) by shadows.aeon.net (8.7.5/8.6.9) id VAA29347; Sat, 23 Nov 1996 21:35:04 +0200 (EET) From: mika ruohotie Message-Id: <199611231935.VAA29347@shadows.aeon.net> Subject: Re: The best way to allow users to access a WWW directory To: richards@herald.net (Richard Stanford) Date: Sat, 23 Nov 1996 21:35:04 +0200 (EET) Cc: jgreco@brasil.moneng.mei.com, freebsd-isp@freebsd.org In-Reply-To: <32964B0F.3C88@herald.net> from Richard Stanford at "Nov 22, 96 04:53:35 pm" X-Mailer: ELM [version 2.4ME+ PL22 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk while we are on the subject, allow me to ask few questions i've been thinking lately... we're about to start isping in few weeks time. now, the way i've thought to run the webserver is that the users who want to make their pages themselves indeed go under http://www.soap.bar/~luser and the pages we make for the customers go under http://www.soap.bar/customer or just the http://www.customer.bar now, those lusers need to update their pages, and i'm not about to give out _any_ shell accounts. nada. actually the machine will not even have any telnetd. i'm planning to use other methods for connecting into it over the network... anyway, so i have to let them ftp into the machine. BUT, there's few probs i've realized i will still have... first, does anyone use this with any success/problems? now, how do i prevent the users from uploading pirated stuff there? i _will_ quota their space usage. i have no way, right? and i'm not sure if i've figured out a way to make it that when a lusers ftp's in the machine they are already in their home directory, but that should not be nothing more than just trivia... also, i believe it's another "trivial" thing to make, when the time comes, that www.soap.bar/~luser to point another machine from the server's configurations... (i'm using either apache or roxen, anyone have an opinion which one is better?) so, my question is, how vulnerable the machine is while it's still allowing the ftp access from dualup side of the network? (no way i will allow non local network ips ftp in) or am i being overly paranoid? i seem to forgotten any other questions i had about the subject... oooooh yes. will i get into the troubles with file permissions with my scheme? (running a script that sets them right every several minutes should not eat too much cpu, right?) and another thing, i am planning to let people have several email accounts under their address (that being luser.soap.bar, static ip too), am i digging myself into a any kind of hole with that setup? mickey -- mika ruohotie mika@aeon.net From owner-freebsd-isp Sat Nov 23 12:45:19 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA12675 for isp-outgoing; Sat, 23 Nov 1996 12:45:19 -0800 (PST) Received: from ns2.harborcom.net (root@ns2.harborcom.net [206.158.4.4]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA12659 for ; Sat, 23 Nov 1996 12:45:12 -0800 (PST) Received: from swoosh.dunn.org (swoosh.dunn.org [206.158.7.243]) by ns2.harborcom.net (8.8.3/8.8.3) with SMTP id PAA08804; Sat, 23 Nov 1996 15:44:40 -0500 (EST) Date: Sat, 23 Nov 1996 15:41:47 -0500 () From: Bradley Dunn To: mika ruohotie cc: freebsd-isp@FreeBSD.org Subject: Re: The best way to allow users to access a WWW directory In-Reply-To: <199611231935.VAA29347@shadows.aeon.net> Message-ID: X-X-Sender: bradley@harborcom.net MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Sat, 23 Nov 1996, mika ruohotie wrote: > we're about to start isping in few weeks time. Good luck! > now, the way i've thought to run the webserver is that the users who > want to make their pages themselves indeed go under http://www.soap.bar/~luser > and the pages we make for the customers go under http://www.soap.bar/customer > or just the http://www.customer.bar Sounds fine, but as has been pointed out here before, you are going to want to separate your business customers from your dialup customers. > now, those lusers need to update their pages, and i'm not about to > give out _any_ shell accounts. nada. That's your call. Don't let it give you a false sense of security, though. It will also up your administration overhead, because instead of telling the users to login and do chmod 755, you have to do it yourself. > actually the machine will not even have any telnetd. i'm planning to use > other methods for connecting into it over the network... Be judicious in your use of public-key crypto, it is patented in the US and Canada you know. > anyway, so i have to let them ftp into the machine. BUT, there's few probs > i've realized i will still have... first, does anyone use this with any > success/problems? We find people want shell access. We are a business, we do what the customer wants. > now, how do i prevent the users from uploading pirated stuff there? i _will_ > quota their space usage. i have no way, right? Put a clause in your user agreement that says they can't do it, and do a find for large files with a .zip or .exe extension every once and a while. > and i'm not sure if i've figured out a way to make it that when a lusers > ftp's in the machine they are already in their home directory, but that > should not be nothing more than just trivia... Ftpd takes care of this for you. > also, i believe it's another "trivial" thing to make, when the time comes, > that www.soap.bar/~luser to point another machine from the server's > configurations.... (i'm using either apache or roxen, anyone have an opinion > which one is better?) Apache is better. You can use the Redirect command in the apache config files. > so, my question is, how vulnerable the machine is while it's still allowing > the ftp access from dualup side of the network? (no way i will allow > non local network ips ftp in) Depends on a lot of things. Your goal should be to make it so that people could get root on this machine and not do much more than take down your member web sites. That means everything else should be on a different machine. > or am i being overly paranoid? As an admin you have to be paranoid, nothing wrong with that. You should stay paranoid too, don't be lulled into a false sense of security. BUT...remember what the S in ISP stands for. There is a downward sloping curve that represents the tradeoffs between usability and security. Pick your point on that curve carefully. > oooooh yes. will i get into the troubles with file permissions with my > scheme? (running a script that sets them right every several minutes should > not eat too much cpu, right?) What is "right"? How can a script guess what a user wants the permissions to be? For example, some may have a guestbook that needs to be written to. > and another thing, i am planning to let people have several email accounts > under their address (that being luser.soap.bar, static ip too), am i > digging myself into a any kind of hole with that setup? Having static IPs may prevent you from convincing your upstream to give you more address space. -BD From owner-freebsd-isp Sat Nov 23 18:19:59 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA23461 for isp-outgoing; Sat, 23 Nov 1996 18:19:59 -0800 (PST) Received: from guardian.fortress.org (fortress.org [199.84.158.128]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id SAA23456 for ; Sat, 23 Nov 1996 18:19:55 -0800 (PST) Received: (from andrew@localhost) by guardian.fortress.org (8.6.12/8.6.12) id VAA14726; Sat, 23 Nov 1996 21:21:17 -0500 Date: Sat, 23 Nov 1996 21:21:16 -0500 (EST) From: Andrew Webster Reply-To: andrew@pubnix.net To: isp@freebsd.org Subject: News server disk Striping (more) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I had posted this about a week ago, but no suggestions, I did notice however that when it locks up a drive and SCSI controller both have their activity lights lit. Bugs in the SCSI code under heavy load? -- The hardware consists of a pair of 2.1 ST32151W drives on an AHA-2940UW controller. Everything works a-okay for a day or two, then the machine freezes for no apparent reason (usually during the expire), no error messages in the log or on the console, it just locks up, but... the same hardware was in use without CCD for a while, and it worked well, no freezing. The operating system: FreeBSD 2.1.5-Release was in use in both cases. Suggestions welcomed! Andrew Webster andrew@pubnix.net PubNIX Montreal Connected to the world Branche au monde P.O. Box 147 Cote Saint Luc, Quebec H4V 2Y3 tel 514.990.5911 http://www.pubnix.net fax 514.990.9443 From owner-freebsd-isp Sat Nov 23 18:51:18 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA24214 for isp-outgoing; Sat, 23 Nov 1996 18:51:18 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id SAA24205 for ; Sat, 23 Nov 1996 18:51:15 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id UAA12755; Sat, 23 Nov 1996 20:50:07 -0600 From: Joe Greco Message-Id: <199611240250.UAA12755@brasil.moneng.mei.com> Subject: Re: News server disk Striping (more) To: andrew@pubnix.net Date: Sat, 23 Nov 1996 20:50:07 -0600 (CST) Cc: isp@freebsd.org In-Reply-To: from "Andrew Webster" at Nov 23, 96 09:21:16 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > I had posted this about a week ago, but no suggestions, I did notice > however that when it locks up a drive and SCSI controller both have their > activity lights lit. > > Bugs in the SCSI code under heavy load? > > The hardware consists of a pair of 2.1 ST32151W drives on an AHA-2940UW > controller. I have (very!) intermittently seen the same thing happen with ST-31055N's and NCR-810 controllers - the drive appears to "wedge". The machine in question is certainly under heavy load, and seems to develop stuck drive syndrome about once a month. Since the 31055N and 32151W's are cousins, and the NCR-810 and AHA-2940UW are totally different drivers (at least pre-2.2), this tends to confirm my suspicion that this may be some sort of obscure drive firmware bug. An additional data point may be that I have _only_ seen this on heterogeneous drive chains; i.e. I have not seen a 31055N that is on a chain with a 32550N and 15150N lock up. The lock ups only seem to happen on a homogeneous drive chain. (Sample set is three dozen drives, soon two dozen more). I think it is some low level SCSI drive bogon, probably not (strictly) a FreeBSDism. It may be possible that FreeBSD could "work around" this with some sort of timeout and recovery strategy that may not currently exist. ... JG From owner-freebsd-isp Sat Nov 23 20:55:42 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA27999 for isp-outgoing; Sat, 23 Nov 1996 20:55:42 -0800 (PST) Received: from sdev.usn.blaze.net.au (sdev.usn.blaze.net.au [203.17.53.19]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA27986 for ; Sat, 23 Nov 1996 20:55:25 -0800 (PST) Received: (from davidn@localhost) by sdev.usn.blaze.net.au (8.8.2/8.6.9) id PAA12882; Sun, 24 Nov 1996 15:54:08 +1100 (EST) Message-ID: Date: Sun, 24 Nov 1996 15:54:07 +1100 From: davidn@sdev.usn.blaze.net.au (David Nugent) To: bsdisp@shadows.aeon.net (mika ruohotie) Cc: freebsd-isp@freebsd.org Subject: Re: The best way to allow users to access a WWW directory References: <32964B0F.3C88@herald.net> <199611231935.VAA29347@shadows.aeon.net> X-Mailer: Mutt 0.50 Mime-Version: 1.0 In-Reply-To: <199611231935.VAA29347@shadows.aeon.net>; from mika ruohotie on Nov 23, 1996 21:35:04 +0200 Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk mika ruohotie writes: > now, those lusers need to update their pages, and i'm not about to > give out _any_ shell accounts. nada. I think this may well turn some customers away. Of course, that is ultimately your choice, but there's no way I'd personally touch an ISP that doesn't let me into my account on their system. I find it far too useful, especially if I was having problems getting a PPP or SLIP connection up, or if for some reason I couldn't. Many people will be happy enough without it though, so its no big deal. > anyway, so i have to let them ftp into the machine. BUT, there's > few probs i've realized i will still have... first, does anyone > use this with any success/problems? Yes. And no major problems. Just place instructions where your customers will see them (a link from your home page is good), express them in terms of the software they're using (which means multiple sets of instructions if you want to cover things outside of win* etc.) and they'll use it if they want to. > now, how do i prevent the users from uploading pirated stuff there? > i _will_ quota their space usage. i have no way, right? Monitor uploads. Easily done with grep on the xferlog, and add diff if you want a daily report on activities (always a good idea). Add it to /etc/daily. Make "do not upload pirated software" part of your conditions of use, and revoke an account immediately if you find out about it happening, and make it known that you monitor uploads to your machine. Most folks are pretty reasonable about this if the consequences are made clear to start with (although I'd be surprised if anyone seriously did think it would be allowed even without notice). > so, my question is, how vulnerable the machine is while it's > still allowing the ftp access from dualup side of the network? > (no way i will allow non local network ips ftp in) or am i > being overly paranoid? Yes, I think you are. But it depends on what your requirements are. If there is precious data to be protected on the machine in question, then you should not allow external parties on it AT ALL, and that includes building firewalls and whatever else it takes to limit access to your system from outside. But if the machine is intended to run a service, then you need grant access. Let's face it - even if some idiot does take the machine down, you can recover within a couple of hours from a backup, right? There is a tradeoff between security and service provision, and while you don't want to make it easy for crackers to get in and do their thing just for the hell of it (especially interfering with other users, their accounts and using time you charge for etc), you can also be overly paraoid about what you're protecting. The point is that you need to tailor the level of security you implement according to the requirements. If your system is simply an internet service, then it is ultimately replaceable and quickly recovered should something fail and if you're taking the correct procedures for backup. It isn't as though there's anything on the machine that's worth stealing or could not be gotten elsewhere on the internet. The thing you need to protect in that case is your accounting system, or whatever data it is you use to charge your customers, and that includes taking whatever protection is reasonable to prevent external parties from breaking into your users' accounts (although protecting those users from themselves is another issue :-(). The funny thing about security is that it usually gets either too much emphasis or too little, or too little in the wrong areas. > oooooh yes. will i get into the troubles with file permissions > with my scheme? (running a script that sets them right every > several minutes should not eat too much cpu, right?) If you need to do this, once a day should be ample. And make sure either that (a) each user is placed into their own unique group - adduser does this by default, or (b) making sure that ftpd's default umask is 002. The user can of course change this if their ftp client allows them to, but in that case it is intentional, and their problem if they lose their data. > and another thing, i am planning to let people have several > email accounts under their address (that being luser.soap.bar, > static ip too), am i digging myself into a any kind of hole > with that setup? For 2-3 user accounts (such as a family) where privacy isn't an issue, this is fine. But just use aliases on your system to forward the additional name to the real mailbox. Don't worry about setting up domains. Otherwise, create a subdomain and allow for delivery via SMTP or UUCP, depending on what software they have available on their end. The static ip is required for SMTP, but not for UUCP (over tcpip - a free version of a suitable package is available for Win* too). DON'T place the entire domain's mail into a mailbox for delivery using POP. It can easily be done, but you lose the delivery envelope, which only makes for problems for your user which cannot be easily resolved. Use the proper tools for the job. If your customer is serious about supporting multiple users on their system, then they need to be serious about it too. Regards, David Nugent, Unique Computing Pty Ltd - Melbourne, Australia Voice +61-3-9791-9547 Data/BBS +61-3-9792-3507 3:632/348@fidonet davidn@blaze.net.au http://www.blaze.net.au/~davidn