From owner-freebsd-net Sun Nov 1 02:20:35 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA08185 for freebsd-net-outgoing; Sun, 1 Nov 1998 02:20:35 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from cs.Technion.AC.IL (csa.cs.technion.ac.il [132.68.32.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA08178 for ; Sun, 1 Nov 1998 02:20:30 -0800 (PST) (envelope-from chen@csd.cs.technion.ac.il) Received: from csd.csa (csd [132.68.32.8]) by cs.Technion.AC.IL (8.9.0/8.9.0) with SMTP id MAA03010 for ; Sun, 1 Nov 1998 12:20:48 +0200 (IST) Received: from localhost by csd.csa (SMI-8.6/SMI-SVR4) id MAA08612; Sun, 1 Nov 1998 12:20:40 +0200 Date: Sun, 1 Nov 1998 12:20:40 +0200 (MMT) From: Genossar Chen X-Sender: chen@csd To: freebsd-net@FreeBSD.ORG Subject: interfaces + routing questions Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi All, I have some questions on routing and interfaces : Interfaces question: Maybe some know what is the maximum number of interface I can open ? What is the parameter that I need to change in order to get the Max number of interfaces ? Routing table: I need to know the routing table + updating it from a remote host. Can someone recommend me on a good way of doing getting this ? Thanks in Advance Chen Genossar Computer Science Department Technion - Israel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 15:39:50 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA04570 for freebsd-net-outgoing; Tue, 3 Nov 1998 15:39:50 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from abused.com (abused.com [204.216.142.63]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA04565 for ; Tue, 3 Nov 1998 15:39:48 -0800 (PST) (envelope-from gvb@tns.net) Received: from gvb (gvb.tns.net [204.216.245.137]) by abused.com (8.9.1a/I feel abused.) with SMTP id PAA13534 for ; Tue, 3 Nov 1998 15:39:44 -0800 (PST) Message-Id: <199811032339.PAA13534@abused.com> X-Sender: gvb@abused.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.2 Date: Tue, 03 Nov 1998 15:46:48 -0800 To: freebsd-net@FreeBSD.ORG From: GVB Subject: IPX Routing Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello. We have a Novell Server here using IPX. I have a FreeBSD machine plugged into the IPX Network, as well as TCP/IP. The machine has another network card in it which uses DHCP and a reserved network for another set of machines. I would like to route IPX through the network cards to allow the machines on the reserved network to be able to talk to the Novell Server. I have not found much documentation on this, where do I start? Thanks. GVB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 17:43:53 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA23918 for freebsd-net-outgoing; Tue, 3 Nov 1998 17:43:53 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from mail.webspan.net (mail.webspan.net [206.154.70.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA23911 for ; Tue, 3 Nov 1998 17:43:50 -0800 (PST) (envelope-from opsys@mail.webspan.net) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (WEBSPAN/970608) with SMTP id UAA00401 for ; Tue, 3 Nov 1998 20:43:47 -0500 (EST) Date: Tue, 3 Nov 1998 20:43:41 -0500 (EST) From: Open Systems Networking X-Sender: opsys@orion.webspan.net To: freebsd-net@FreeBSD.ORG Subject: NATD error question. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org natd: failed to write packet back (permission denied) Besides the obvious, what could be causing this. And is it anything to worry about? NATD is apparently working fine: 00100 202585 55784707 divert 8668 ip from any to any via ed0 So I'm not sure what is causing these errors and why. I looked at natd.c and it might be because of lack of buffer space. Chris -- "You both seem to be ignoring the fact that the networking market is driven by so-called 'IT professionals' these days, most of whom can't tell the difference between an ARP and a carp." --Wes Peters ===================================| Open Systems FreeBSD Consulting. FreeBSD 3.0 is available now! | Phone: (402)573-9124 / ICQ # 20016186 -----------------------------------| 3335 N. 103 Plaza, Omaha, NE 68134 FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net http://www.freebsd.org | Consulting, Network Engineering, Security ===================================| http://open-systems.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 18:16:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA27608 for freebsd-net-outgoing; Tue, 3 Nov 1998 18:16:47 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from ricc.alma-ata.su (ns.ricc.alma-ata.su [194.87.112.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA27599 for ; Tue, 3 Nov 1998 18:16:39 -0800 (PST) (envelope-from bp@butya.kz) Received: from lion.butya.kz (butya-gw.butya.kz [194.87.112.252]) by ricc.alma-ata.su (8.8.8/8.8.8) with ESMTP id IAA21282; Wed, 4 Nov 1998 08:10:13 +0600 (ALMT) Received: from localhost (bp@localhost) by lion.butya.kz (8.8.8/8.8.8) with SMTP id IAA04067; Wed, 4 Nov 1998 08:16:22 +0600 (ALMT) Date: Wed, 4 Nov 1998 08:16:22 +0600 (ALMT) From: Boris Popov To: GVB cc: freebsd-net@FreeBSD.ORG Subject: Re: IPX Routing In-Reply-To: <199811032339.PAA13534@abused.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, On Tue, 3 Nov 1998, GVB wrote: > Hello. We have a Novell Server here using IPX. I have a FreeBSD machine > plugged into the IPX Network, as well as TCP/IP. The machine has another > network card in it which uses DHCP and a reserved network for another set > of machines. I would like to route IPX through the network cards to allow > the machines on the reserved network to be able to talk to the Novell > Server. I have not found much documentation on this, where do I start? Try to use /usr/sbin/IPXrouted and don't forget to set ipxgateway_enable="YES" option in rc.conf file. But note, that FreeBSD supports only Ethernet_II frame. > GVB -- Boris Popov To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 19:33:50 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA06289 for freebsd-net-outgoing; Tue, 3 Nov 1998 19:33:50 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from srv1.thuntek.net (srv1.thuntek.net [206.206.98.18]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA06284 for ; Tue, 3 Nov 1998 19:33:48 -0800 (PST) (envelope-from freaker@null.net) Received: from shell1.thuntek.net (freaker@shell1.thuntek.net [206.206.98.21]) by srv1.thuntek.net (8.9.1/8.6.12TNT1.0) with ESMTP id UAA00500 for ; Tue, 3 Nov 1998 20:33:18 -0700 (MST) Received: from localhost by shell1.thuntek.net (8.8.8/client-1.3) id UAA28783; Tue, 3 Nov 1998 20:33:17 -0700 (MST) Date: Tue, 3 Nov 1998 20:33:17 -0700 (MST) From: Jason Schwab X-Sender: freaker@shell1.thuntek.net To: freebsd-net@FreeBSD.ORG Subject: At home networking... Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Yes, I am sorta enw to freebsd I have to ethernet cards, both 100BT, cat5 cable, and one freebsd machine and one win95 machine... how can i get them netoworked? I have the net card enabled in the FBSD kernel... so? - __________________________________ &&&&> FreaKeR <&&&& ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ freaker@null.net | www.freaker.net Why is windows like an used car? It comes preowned. ---------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 20:04:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA10537 for freebsd-net-outgoing; Tue, 3 Nov 1998 20:04:20 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from orcas.foghead.com (orcas.foghead.com [205.238.52.43]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA10529 for ; Tue, 3 Nov 1998 20:04:18 -0800 (PST) (envelope-from junkins@foghead.com) Received: from localhost (junkins@localhost) by orcas.foghead.com (8.8.8/8.8.8) with SMTP id UAA23754; Tue, 3 Nov 1998 20:04:17 -0800 (PST) Date: Tue, 3 Nov 1998 20:04:17 -0800 (PST) From: Doug Junkins X-Sender: junkins@orcas To: Open Systems Networking cc: freebsd-net@FreeBSD.ORG Subject: Re: NATD error question. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org When natd finishes translating the addresses the packet is filtered through the ipfw rules again -- check to make sure the packet will be allowed through the firewall after the address has changed... -Doug On Tue, 3 Nov 1998, Open Systems Networking wrote: > > natd: failed to write packet back (permission denied) > > Besides the obvious, what could be causing this. > And is it anything to worry about? > NATD is apparently working fine: > > 00100 202585 55784707 divert 8668 ip from any to any via ed0 > > So I'm not sure what is causing these errors and why. > I looked at natd.c and it might be because of lack of buffer space. > > Chris > > -- > "You both seem to be ignoring the fact that the networking market is > driven by so-called 'IT professionals' these days, most of whom can't > tell the difference between an ARP and a carp." --Wes Peters > > ===================================| Open Systems FreeBSD Consulting. > FreeBSD 3.0 is available now! | Phone: (402)573-9124 / ICQ # 20016186 > -----------------------------------| 3335 N. 103 Plaza, Omaha, NE 68134 > FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net > http://www.freebsd.org | Consulting, Network Engineering, Security > ===================================| http://open-systems.net > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 20:11:59 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA11869 for freebsd-net-outgoing; Tue, 3 Nov 1998 20:11:59 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from mail.webspan.net (mail.webspan.net [206.154.70.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA11860 for ; Tue, 3 Nov 1998 20:11:56 -0800 (PST) (envelope-from opsys@mail.webspan.net) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (WEBSPAN/970608) with SMTP id XAA07201; Tue, 3 Nov 1998 23:11:53 -0500 (EST) Date: Tue, 3 Nov 1998 23:11:46 -0500 (EST) From: Open Systems Networking X-Sender: opsys@orion.webspan.net To: Doug Junkins cc: freebsd-net@FreeBSD.ORG Subject: Re: NATD error question. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 3 Nov 1998, Doug Junkins wrote: > When natd finishes translating the addresses the packet is filtered > through the ipfw rules again -- check to make sure the packet will be > allowed through the firewall after the address has changed... I am considering this. If thats the case then it is probably netbios. On a network of windows machines that would acount for the large ammount of those messages to appear, I hate netbios and I want that crap off this lan, but im making some progress in getting this client to start disabling netbios on the machines. I also see in the src though that this message comes from lack of buffer space so I increased it in a new kernel, and well see if it helps, if it does then it is buffer space, if it doesnt then its probably the netbios trash. Either way it seems harmless since all normal traffic is getting in and out fine. So well see. Thanks for the tip though. Chris -- "You both seem to be ignoring the fact that the networking market is driven by so-called 'IT professionals' these days, most of whom can't tell the difference between an ARP and a carp." --Wes Peters ===================================| Open Systems FreeBSD Consulting. FreeBSD 3.0 is available now! | Phone: (402)573-9124 / ICQ # 20016186 -----------------------------------| 3335 N. 103 Plaza, Omaha, NE 68134 FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net http://www.freebsd.org | Consulting, Network Engineering, Security ===================================| http://open-systems.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 22:24:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA28351 for freebsd-net-outgoing; Tue, 3 Nov 1998 22:24:37 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA28345 for ; Tue, 3 Nov 1998 22:24:35 -0800 (PST) (envelope-from archie@whistle.com) Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id WAA22295; Tue, 3 Nov 1998 22:24:25 -0800 (PST) Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3) id sma022293; Tue Nov 3 22:24:24 1998 Received: (from archie@localhost) by bubba.whistle.com (8.8.7/8.6.12) id WAA20698; Tue, 3 Nov 1998 22:24:24 -0800 (PST) From: Archie Cobbs Message-Id: <199811040624.WAA20698@bubba.whistle.com> Subject: Re: NATD error question. In-Reply-To: from Open Systems Networking at "Nov 3, 98 08:43:41 pm" To: opsys@mail.webspan.net (Open Systems Networking) Date: Tue, 3 Nov 1998 22:24:24 -0800 (PST) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Open Systems Networking writes: > natd: failed to write packet back (permission denied) The only way to get an EPERM error when writing a packet (as far as I know) is by hitting an ipfw rule. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 22:33:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA29177 for freebsd-net-outgoing; Tue, 3 Nov 1998 22:33:37 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from mail.webspan.net (mail.webspan.net [206.154.70.7]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA29171 for ; Tue, 3 Nov 1998 22:33:34 -0800 (PST) (envelope-from opsys@mail.webspan.net) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (WEBSPAN/970608) with SMTP id BAA03694; Wed, 4 Nov 1998 01:33:24 -0500 (EST) Date: Wed, 4 Nov 1998 01:33:24 -0500 (EST) From: Open Systems Networking X-Sender: opsys@orion.webspan.net To: Archie Cobbs cc: freebsd-net@FreeBSD.ORG Subject: Re: NATD error question. In-Reply-To: <199811040624.WAA20698@bubba.whistle.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 3 Nov 1998, Archie Cobbs wrote: > The only way to get an EPERM error when writing a packet > (as far as I know) is by hitting an ipfw rule. Thats almost for certain what it is. Is netbios hitting my IP rules and getting denied at the end. And thats what is causing this error. I suppose to prove it 100% I could add a deny netbios rule and see if the packet count matches the ammount of errors im getting. I think ill just work on the client to remove the netbios garbage off his lan. 65534 697 56848 deny log ip from any to any Chris -- "You both seem to be ignoring the fact that the networking market is driven by so-called 'IT professionals' these days, most of whom can't tell the difference between an ARP and a carp." --Wes Peters ===================================| Open Systems FreeBSD Consulting. FreeBSD 3.0 is available now! | Phone: (402)573-9124 / ICQ # 20016186 -----------------------------------| 3335 N. 103 Plaza, Omaha, NE 68134 FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net http://www.freebsd.org | Consulting, Network Engineering, Security ===================================| http://open-systems.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Nov 3 23:39:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA09899 for freebsd-net-outgoing; Tue, 3 Nov 1998 23:39:47 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from SIMULTAN.CH (eunet-gw.simultan.ch [194.191.191.82] (may be forged)) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA09886 for ; Tue, 3 Nov 1998 23:39:44 -0800 (PST) (envelope-from tseidmann@simultan.ch) Received: from simultan.ch (wsaltis-053.SIMULTAN.CH [192.92.128.53]) by SIMULTAN.CH (8.9.1a/8.9.1) with ESMTP id IAA18787; Wed, 4 Nov 1998 08:39:09 +0100 (CET) Message-ID: <3640049D.ABC8E3D6@simultan.ch> Date: Wed, 04 Nov 1998 08:39:09 +0100 From: Thomas Seidmann X-Mailer: Mozilla 4.5 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: GVB CC: freebsd-net@FreeBSD.ORG Subject: Re: IPX Routing References: <199811032339.PAA13534@abused.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org GVB wrote: > > Hello. We have a Novell Server here using IPX. I have a FreeBSD machine > plugged into the IPX Network, as well as TCP/IP. The machine has another > network card in it which uses DHCP and a reserved network for another set > of machines. I would like to route IPX through the network cards to allow > the machines on the reserved network to be able to talk to the Novell > Server. I have not found much documentation on this, where do I start? > Thanks. Take a look at ifconfig(8), it has an option for specifying IPX network addresses. Next, take a look at IPXrouted(8). Beware: the FreeBSD networking code supports only ETHERNET_II frames. I've hacked if_ethersubr.c to support ETHERNET_802.3 instead, it;s easy (you can have the hacked version if you want). Supporting more than one frame type for the IPX protocol is a no-no in FreeBSD. Hope it helps. Thomas > GVB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 05:47:03 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA24907 for freebsd-net-outgoing; Wed, 4 Nov 1998 05:47:03 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from ns1.seidata.com (ns1.seidata.com [208.10.211.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA24902 for ; Wed, 4 Nov 1998 05:47:00 -0800 (PST) (envelope-from mike@seidata.com) From: mike@seidata.com Received: from localhost (mike@localhost) by ns1.seidata.com (8.8.8/8.8.5) with ESMTP id IAA27924; Wed, 4 Nov 1998 08:46:47 -0500 (EST) Date: Wed, 4 Nov 1998 08:46:47 -0500 (EST) To: Open Systems Networking cc: freebsd-net@FreeBSD.ORG Subject: Re: NATD error question. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 3 Nov 1998, Open Systems Networking wrote: > natd: failed to write packet back (permission denied) I've got a similar question... I recently setup a fbsd box doing NAT for an internal (Windows/Mac-based) LAN. I want to eventually implement IPFW rules, but for now I'm just running an 'open' configuration to make adressing NAT misconfigurations easier for me. I see a similar message, natd: failed to write packet back (host is down) It sounds like this could be ipfw-related (misconfiguration) as well, but as I said above, I'm currently running an 'open' policy. Is there something I need to specifically allow from my internal net (I've seen NetBIOS mentioned) that the typical 'pass all from any to any' open policy does not address? Later, -mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 06:50:25 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA05483 for freebsd-net-outgoing; Wed, 4 Nov 1998 06:50:25 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from hp9000.chc-chimes.com (hp9000.chc-chimes.com [206.67.97.84]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA05463 for ; Wed, 4 Nov 1998 06:50:22 -0800 (PST) (envelope-from billf@chc-chimes.com) Received: from localhost by hp9000.chc-chimes.com with SMTP (1.39.111.2/16.2) id AA106170940; Wed, 4 Nov 1998 09:49:00 -0500 Date: Wed, 4 Nov 1998 09:49:00 -0500 (EST) From: Bill Fumerola To: GVB Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPX Routing In-Reply-To: <199811032339.PAA13534@abused.com> Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org There are several ports in /usr/ports/net that will help you. for a nice interactive viewing of them check out http://www.freebsd.org/ports/net.html On Tue, 3 Nov 1998, GVB wrote: > Hello. We have a Novell Server here using IPX. I have a FreeBSD machine > plugged into the IPX Network, as well as TCP/IP. The machine has another > network card in it which uses DHCP and a reserved network for another set > of machines. I would like to route IPX through the network cards to allow > the machines on the reserved network to be able to talk to the Novell > Server. I have not found much documentation on this, where do I start? > Thanks. > > GVB > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > - bill fumerola [root/billf]@chc-chimes.com - computer horizons corp - - ph:(800)252.2421 x128 / bfumerol@computerhorizons.com - BF1560 - "Logic, like whiskey, loses its beneficial effect when taken in too large quantities" -Lord Dunsany To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 06:51:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA05677 for freebsd-net-outgoing; Wed, 4 Nov 1998 06:51:05 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from www.stv.ee (www.stv.ee [195.50.193.34]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA05661 for ; Wed, 4 Nov 1998 06:50:59 -0800 (PST) (envelope-from dima@stv.ee) Received: from stv.ee (dima [192.168.196.132]) by www.stv.ee (8.8.8/8.8.8) with ESMTP id RAA24351 for ; Wed, 4 Nov 1998 17:48:02 GMT (envelope-from dima@stv.ee) Message-ID: <36406A35.E270D07E@stv.ee> Date: Wed, 04 Nov 1998 16:52:37 +0200 From: Dmitry Baranov X-Mailer: Mozilla 4.5 [en] (Win95; I) X-Accept-Language: en MIME-Version: 1.0 To: "freebsd-net@FreeBSD.ORG" Subject: 3.0R and ipfw FWD directive Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello. I try to make transparent http proxy on my subnet. Here my situation: 1.FreeBSD 3.0 box as router at xxx.xxx.xxx.xxx with the following line in rc.firewall ipfw add fwd yyy.yyy.yyy.yyy, 3128 tcp from any to any 80 2. where yyy.yyy.yyy.yyy is another FreeBSD box with squid configured as transparent http proxy. This thing seems not to work. squid shows that there are no packets are coming in but ipfw -a l indicate that some actions has been taken. So the question are : how can I correctly tune up this fwd directive in 3.0R? WBR -- ------------------------------------------------------------- Dmitry Baranov Phone: +(372) 6 352 002 STV Internet Fax: +(372) 6 380 355 Koorti 18 Mobile: +(372) 5 012 825 Tallinn, Estonia ----------snake looks like rope till you get her tied-------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 08:49:36 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA21409 for freebsd-net-outgoing; Wed, 4 Nov 1998 08:49:36 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from xylan.com (postal.xylan.com [208.8.0.248]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA21395 for ; Wed, 4 Nov 1998 08:49:32 -0800 (PST) (envelope-from wes@softweyr.com) Received: from mailhub.xylan.com by xylan.com (8.8.7/SMI-SVR4 (xylan-mgw 2.2 [OUT])) id IAA25955; Wed, 4 Nov 1998 08:45:52 -0800 (PST) Received: from utah.XYLAN.COM by mailhub.xylan.com (SMI-8.6/SMI-SVR4 (mailhub 2.1 [HUB])) id IAA04955; Wed, 4 Nov 1998 08:45:52 -0800 Received: from softweyr.com by utah.XYLAN.COM (SMI-8.6/SMI-SVR4 (xylan utah [SPOOL])) id JAA08561; Wed, 4 Nov 1998 09:45:51 -0700 Message-ID: <364084BF.703C7023@softweyr.com> Date: Wed, 04 Nov 1998 09:45:51 -0700 From: Wes Peters Reply-To: freebsd-questions@FreeBSD.ORG Organization: Softweyr LLC X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 2.2.6-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Jason Schwab CC: freebsd-net@FreeBSD.ORG Subject: Re: At home networking... References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Jason Schwab wrote: > > > Yes, I am sorta enw to freebsd I have to ethernet cards, both > 100BT, cat5 cable, and one freebsd machine and one win95 machine... how > can i get them netoworked? I have the net card enabled in the FBSD > kernel... so? Jason, this sort of question is more appropriate for the freebsd-questions mailing list, so I've directed replies there. To connect your FreeBSD and Win95 machines, you'll need either a "cross over" cable, or a hub and a second cat5 cable. My recommendation would be to purchase an inexpensive 4- or 5-port hub and another cable; hubs are really quite inexpensive these days. Plug both of your network cards into the hub et voila: network (as opposed to NOTwork). -- Where am I, and what am I doing in this handbasket? Wes Peters +1.801.915.2061 Softweyr LLC wes@softweyr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 11:00:34 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA12394 for freebsd-net-outgoing; Wed, 4 Nov 1998 11:00:34 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from ninbox.ml.org (hsv1-135.airnet.net [207.242.81.135]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA12384 for ; Wed, 4 Nov 1998 11:00:29 -0800 (PST) (envelope-from kris@airnet.net) Received: from airnet.net (localhost [127.0.0.1]) by ninbox.ml.org (8.9.1/8.8.5) with ESMTP id MAA12544; Wed, 4 Nov 1998 12:57:55 -0600 (CST) Message-ID: <3640A3B2.72268322@airnet.net> Date: Wed, 04 Nov 1998 12:57:54 -0600 From: Kris Kirby Organization: Absolutely None! X-Mailer: Mozilla 4.07 [en] (X11; U; FreeBSD 3.0-RELEASE i386) MIME-Version: 1.0 To: Thomas Seidmann CC: freebsd-net@FreeBSD.ORG Subject: Re: IPX Routing References: <199811032339.PAA13534@abused.com> <3640049D.ABC8E3D6@simultan.ch> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thomas Seidmann wrote: > addresses. Next, take a look at IPXrouted(8). Beware: the FreeBSD > networking code supports only ETHERNET_II frames. I've hacked This is interesting. The Beame and Whiteside TCP/IP stack for DOS also only works with Ethernet_II frames. It sends the TCP/IP through an ODI. -- Kris Kirby UAH Mail UAH CS Home WWW ------------------------------------------- TGIFreeBSD... 'Nuff said. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 12:49:02 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA02017 for freebsd-net-outgoing; Wed, 4 Nov 1998 12:49:02 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA01910 for ; Wed, 4 Nov 1998 12:48:54 -0800 (PST) (envelope-from archie@whistle.com) Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id MAA29854; Wed, 4 Nov 1998 12:48:45 -0800 (PST) Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3) id sma029852; Wed Nov 4 12:48:24 1998 Received: (from archie@localhost) by bubba.whistle.com (8.8.7/8.6.12) id MAA00677; Wed, 4 Nov 1998 12:48:24 -0800 (PST) From: Archie Cobbs Message-Id: <199811042048.MAA00677@bubba.whistle.com> Subject: Re: NATD error question. In-Reply-To: from "mike@seidata.com" at "Nov 4, 98 08:46:47 am" To: mike@seidata.com Date: Wed, 4 Nov 1998 12:48:24 -0800 (PST) Cc: opsys@mail.webspan.net, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org mike@seidata.com writes: > I see a similar message, > > natd: failed to write packet back (host is down) > > It sounds like this could be ipfw-related (misconfiguration) as well, Doubt it.. this usually means the machine can't be reached via ARP on a local Ethernet segment. That is, the host is down :-) -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 14:14:40 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA16369 for freebsd-net-outgoing; Wed, 4 Nov 1998 14:14:40 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from smtp05.wxs.nl (smtp05.wxs.nl [195.121.6.57]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA16356 for ; Wed, 4 Nov 1998 14:14:39 -0800 (PST) (envelope-from asmodai@wxs.nl) Received: from chronias.ninth-circle.org ([195.121.59.135]) by smtp05.wxs.nl (Netscape Messaging Server 3.6) with ESMTP id AAA2D5A for ; Wed, 4 Nov 1998 22:14:19 +0100 Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Wed, 04 Nov 1998 23:17:57 +0100 (CET) Organization: Ninth Circle Enterprises From: Jeroen Ruigrok/Asmodai To: FreeBSD Networking Subject: IPX maintainer(s) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, just two fast questions: Who are the maintainers for the IPX networking stuff? And is NLSP supported? thanks, --- Jeroen Ruigrok van der Werven/Asmodai asmodai(at)wxs.nl Junior Network/Security Specialist FreeBSD & picoBSD: The Power to Serve... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 22:29:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA21617 for freebsd-net-outgoing; Wed, 4 Nov 1998 22:29:05 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from SIMULTAN.CH (eunet-gw.simultan.ch [194.191.191.82] (may be forged)) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA21612 for ; Wed, 4 Nov 1998 22:29:03 -0800 (PST) (envelope-from tseidmann@simultan.ch) Received: from simultan.ch (wsaltis-053.SIMULTAN.CH [192.92.128.53]) by SIMULTAN.CH (8.9.1a/8.9.1) with ESMTP id HAA22714; Thu, 5 Nov 1998 07:28:51 +0100 (CET) Message-ID: <364145A3.9F09D220@simultan.ch> Date: Thu, 05 Nov 1998 07:28:51 +0100 From: Thomas Seidmann X-Mailer: Mozilla 4.5 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Kris Kirby CC: freebsd-net@FreeBSD.ORG Subject: Re: IPX Routing References: <199811032339.PAA13534@abused.com> <3640049D.ABC8E3D6@simultan.ch> <3640A3B2.72268322@airnet.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Kris Kirby wrote: > > Thomas Seidmann wrote: > > addresses. Next, take a look at IPXrouted(8). Beware: the FreeBSD > > networking code supports only ETHERNET_II frames. I've hacked > > This is interesting. The Beame and Whiteside TCP/IP stack for DOS also > only works with Ethernet_II frames. It sends the TCP/IP through an ODI. TCP/IP over Ethernet packets are _always_ carried over ETHERNET_II frames (aka blue book Ethernet). IPX packets, on the contrary, are carried over Ethernet in up to three kinds of frames: ETHERNET_II, 802.3 an so called 802.2. This is some kind of confusion Novell created. Note that the different frame types don't exhibit any contriburtion to fuctionality nor performance. Blue book Ethernet frames would have sufficed. Regards, Thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 23:24:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA26865 for freebsd-net-outgoing; Wed, 4 Nov 1998 23:24:14 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from mail.gtn.com (mail.gtn.com [194.77.0.15]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA26849; Wed, 4 Nov 1998 23:24:06 -0800 (PST) (envelope-from andreas@klemm.gtn.com) Received: (from uucp@localhost) by mail.gtn.com (8.8.6/8.8.6) with UUCP id IAA12639; Thu, 5 Nov 1998 08:15:11 +0100 (MET) Received: (from andreas@localhost) by klemm.gtn.com (8.8.8/8.8.8) id IAA29699; Thu, 5 Nov 1998 08:01:24 +0100 (CET) (envelope-from andreas) Message-ID: <19981105080123.B29177@klemm.gtn.com> Date: Thu, 5 Nov 1998 08:01:23 +0100 From: Andreas Klemm To: Mike Tancsa , Juergen Nickelsen Cc: freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG Subject: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) References: <3624BD9F.112F47BA@tellique.de> <36254a2e.380781835@mail.sentex.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <36254a2e.380781835@mail.sentex.net>; from Mike Tancsa on Thu, Oct 15, 1998 at 01:06:30AM +0000 X-Disclaimer: A free society is one where it is safe to be unpopular X-Operating-System: FreeBSD 2.2.7-STABLE SMP Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Oct 15, 1998 at 01:06:30AM +0000, Mike Tancsa wrote: > On Wed, 14 Oct 1998 17:05:03 +0200, in sentex.lists.freebsd.misc you > wrote: > > >Hello, > > > >is there any software for FreeBSD that can connect two private networks > >over an encrypted IP tunnel through a public network? > > Either in questions or in stable, someone mentioned a port of IPSEC. > Wait, you are in luck, I did bookmark it after all... > > http://www.r4k.net/ipsec/ Looks really interesting ;-) And a set of complete patches it's availabe for -current and -stable ... ------------------------------------------ >From the webpage: This is release 0.04b of an ipsec implementaion for FreeBSD for ipv4 only. It was ported from OpenBSD which again was ported from BSD/OS. [...] Software -------- The patches are now available for the following FreeBSD versions: FreeBSD 2.2.7-RELEASE(right now only v0.01b) FreeBSD 3.0-RELEASE ------------------------------------------ OpenBSD seems to have it ... well, would it be possible to import this stuff and test it under -current ? Andreas /// -- Andreas Klemm http://www.FreeBSD.ORG/~andreas What gives you 90% more speed, for example, in kernel compilation ? http://www.FreeBSD.ORG/~fsmp/SMP/akgraph-a/graph1.html "NT = Not Today" (Maggie Biggs) ``powered by FreeBSD SMP'' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 23:29:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA27592 for freebsd-net-outgoing; Wed, 4 Nov 1998 23:29:20 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from time.cdrom.com (time.cdrom.com [204.216.27.226]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA27574; Wed, 4 Nov 1998 23:29:12 -0800 (PST) (envelope-from jkh@time.cdrom.com) Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1]) by time.cdrom.com (8.8.8/8.8.8) with ESMTP id XAA18098; Wed, 4 Nov 1998 23:29:23 -0800 (PST) (envelope-from jkh@time.cdrom.com) To: Andreas Klemm cc: Mike Tancsa , Juergen Nickelsen , freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-reply-to: Your message of "Thu, 05 Nov 1998 08:01:23 +0100." <19981105080123.B29177@klemm.gtn.com> Date: Wed, 04 Nov 1998 23:29:22 -0800 Message-ID: <18094.910250962@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > OpenBSD seems to have it ... well, would it be possible to > import this stuff and test it under -current ? Stephanie Wehner has already done this, though I don't know when she'll be ready to have it committed; I got mail from her yesterday saying she had some updates. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Nov 4 23:53:43 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA00383 for freebsd-net-outgoing; Wed, 4 Nov 1998 23:53:43 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA00361; Wed, 4 Nov 1998 23:53:34 -0800 (PST) (envelope-from itojun@itojun.org) Received: from localhost (itojun@localhost.itojun.org [127.0.0.1]) by coconut.itojun.org (8.9.1+3.1W/3.7W/smtpfeed 0.89) with ESMTP id QAA21130; Thu, 5 Nov 1998 16:53:18 +0900 (JST) To: "Jordan K. Hubbard" cc: Andreas Klemm , Mike Tancsa , Juergen Nickelsen , freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG In-reply-to: jkh's message of Wed, 04 Nov 1998 23:29:22 PST. <18094.910250962@time.cdrom.com> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) From: Jun-ichiro itojun Itoh Date: Thu, 05 Nov 1998 16:53:18 +0900 Message-ID: <21126.910252398@coconut.itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >> OpenBSD seems to have it ... well, would it be possible to >> import this stuff and test it under -current ? >Stephanie Wehner has already done this, though I don't know when >she'll be ready to have it committed; I got mail from her yesterday >saying she had some updates. mmm, if it gets committed, what happens to IPsec part of KAME stack? if core team wishes to get IPsec is from OpenBSD and IPv6 from KAME, who will take care about merging? It will be a hard job. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 00:15:46 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA02488 for freebsd-net-outgoing; Thu, 5 Nov 1998 00:15:46 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from time.cdrom.com (time.cdrom.com [204.216.27.226]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA02482; Thu, 5 Nov 1998 00:15:41 -0800 (PST) (envelope-from jkh@time.cdrom.com) Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1]) by time.cdrom.com (8.8.8/8.8.8) with ESMTP id AAA18273; Thu, 5 Nov 1998 00:15:46 -0800 (PST) (envelope-from jkh@time.cdrom.com) To: Jun-ichiro itojun Itoh cc: Andreas Klemm , Mike Tancsa , Juergen Nickelsen , freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-reply-to: Your message of "Thu, 05 Nov 1998 16:53:18 +0900." <21126.910252398@coconut.itojun.org> Date: Thu, 05 Nov 1998 00:15:46 -0800 Message-ID: <18269.910253746@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > mmm, if it gets committed, what happens to IPsec part of KAME stack? I was going to ask you that, actually. Do you guys have it decoupled, or is it tightly integrated, or...? Also, is IPsec in KAME finished at this time or is it a longer-term project? I guess we could tell Stephanie to find something else to do, but she's using the code actively at her ISP now and is apparently fairly keen on the technology getting into FreeBSD for the next release. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 00:33:44 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA04823 for freebsd-net-outgoing; Thu, 5 Nov 1998 00:33:44 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA04806; Thu, 5 Nov 1998 00:33:38 -0800 (PST) (envelope-from itojun@itojun.org) Received: from localhost (itojun@localhost.itojun.org [127.0.0.1]) by coconut.itojun.org (8.9.1+3.1W/3.7W/smtpfeed 0.89) with ESMTP id RAA21755; Thu, 5 Nov 1998 17:33:28 +0900 (JST) To: "Jordan K. Hubbard" cc: Andreas Klemm , Mike Tancsa , Juergen Nickelsen , freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG In-reply-to: jkh's message of Thu, 05 Nov 1998 00:15:46 PST. <18269.910253746@time.cdrom.com> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) From: Jun-ichiro itojun Itoh Date: Thu, 05 Nov 1998 17:33:28 +0900 Message-ID: <21751.910254808@coconut.itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >> mmm, if it gets committed, what happens to IPsec part of KAME stack? >I was going to ask you that, actually. Do you guys have it decoupled, >or is it tightly integrated, or...? Also, is IPsec in KAME finished >at this time or is it a longer-term project? I guess we could tell >Stephanie to find something else to do, but she's using the code >actively at her ISP now and is apparently fairly keen on the >technology getting into FreeBSD for the next release. KAME IPsec is stably working and tested with other implementations in various test events. It comes with home-brew IKE daemon "racoon". (note: automatic keying with IKE daemon needs some time to get stable, especially key renewing when key gets expired) You can configure "options IPSEC" and "options INET6" independently, so IPsec part and IPv6 part is decoupled to some degree (IPsec support code is plugged into ip_output.c, socket manipulation, and other places). Therefore, you can test IPsec alone by configuring kernel properly. The key differences are: - OpenBSD IPsec uses PF_ENCAP kernel interface, which has no standard as far as I know. KAME IPsec uses PF_KEY v2 defined in RFC2367. - OpenBSD IPsec does not support IPv6. KAME IPsec supports IPv6. Therefore, if OpenBSD IPsec and KAME IPv6 get imported, somebody has to modify OpenBSD IPsec to support IPv6. - OpenBSD uses PlutoPlus, and KAME uses racoon for IKE daemon. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 00:43:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA06072 for freebsd-net-outgoing; Thu, 5 Nov 1998 00:43:30 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from time.cdrom.com (time.cdrom.com [204.216.27.226]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA06067; Thu, 5 Nov 1998 00:43:25 -0800 (PST) (envelope-from jkh@time.cdrom.com) Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1]) by time.cdrom.com (8.8.8/8.8.8) with ESMTP id AAA18420; Thu, 5 Nov 1998 00:43:23 -0800 (PST) (envelope-from jkh@time.cdrom.com) To: Jun-ichiro itojun Itoh cc: Andreas Klemm , Mike Tancsa , Juergen Nickelsen , freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-reply-to: Your message of "Thu, 05 Nov 1998 17:33:28 +0900." <21751.910254808@coconut.itojun.org> Date: Thu, 05 Nov 1998 00:43:23 -0800 Message-ID: <18416.910255403@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > - OpenBSD uses PlutoPlus, and KAME uses racoon for IKE daemon. Can you perhaps say a few words on the differences between these two? Thanks.. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 01:02:24 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA08460 for freebsd-net-outgoing; Thu, 5 Nov 1998 01:02:24 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from banshee.cs.uow.edu.au (banshee.cs.uow.edu.au [130.130.188.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA08442; Thu, 5 Nov 1998 01:02:15 -0800 (PST) (envelope-from ncb05@banshee.cs.uow.edu.au) Received: (from ncb05@localhost) by banshee.cs.uow.edu.au (8.9.1a/8.9.1) id TAA14852; Thu, 5 Nov 1998 19:50:38 +1100 (EST) Date: Thu, 5 Nov 1998 19:50:37 +1100 (EST) From: Nicholas Charles Brawn X-Sender: ncb05@banshee.cs.uow.edu.au To: Jun-ichiro itojun Itoh cc: "Jordan K. Hubbard" , Andreas Klemm , Mike Tancsa , Juergen Nickelsen , freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-Reply-To: <21126.910252398@coconut.itojun.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 5 Nov 1998, Jun-ichiro itojun Itoh wrote: : : >> OpenBSD seems to have it ... well, would it be possible to : >> import this stuff and test it under -current ? : >Stephanie Wehner has already done this, though I don't know when : >she'll be ready to have it committed; I got mail from her yesterday : >saying she had some updates. : : mmm, if it gets committed, what happens to IPsec part of KAME stack? : if core team wishes to get IPsec is from OpenBSD and IPv6 from KAME, : who will take care about merging? It will be a hard job. Let's also not forget about the added effort we'll need to add hooks for export-level encryption (56 bits), but making strong-level encryption available as a package from an international site. We don't want to have the problem of being unable to export FreeBSD due to ITAR/EAR restrictions. Thankfully the photuris port is currently located outside of the US, as is the great work being done with KAME. :) : itojun Nick -- Email: ncb05@uow.edu.au - http://rabble.uow.edu.au/~nick Key fingerprint = DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 01:23:52 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA10438 for freebsd-net-outgoing; Thu, 5 Nov 1998 01:23:52 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from rgate2.ricochet.net (rgate2.ricochet.net [204.179.143.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA10421; Thu, 5 Nov 1998 01:23:42 -0800 (PST) (envelope-from enkhyl@scient.com) Received: from mg130-010.ricochet.net (mg130-010.ricochet.net [204.179.130.10]) by rgate2.ricochet.net (8.8.8/8.8.8) with ESMTP id DAA29134; Thu, 5 Nov 1998 03:22:01 -0600 (CST) Date: Thu, 5 Nov 1998 01:21:00 -0800 (PST) From: Christopher Nielsen X-Sender: enkhyl@ender.sf.scient.com Reply-To: enkhyl@hayseed.net To: "Jordan K. Hubbard" cc: Jun-ichiro itojun Itoh , Andreas Klemm , Mike Tancsa , Juergen Nickelsen , freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-Reply-To: <18269.910253746@time.cdrom.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 5 Nov 1998, Jordan K. Hubbard wrote: > > mmm, if it gets committed, what happens to IPsec part of KAME stack? > > I was going to ask you that, actually. Do you guys have it decoupled, > or is it tightly integrated, or...? Also, is IPsec in KAME finished > at this time or is it a longer-term project? I guess we could tell > Stephanie to find something else to do, but she's using the code > actively at her ISP now and is apparently fairly keen on the > technology getting into FreeBSD for the next release. > > - Jordan IPsec is still an evolving standard, so I don't think there is a single implementation that's "finished", per se. There will continue to be additions and changes for some time. Maybe what what you mean, Jordan, is "is it in working order"? BTW, I'm fairly keen on the technology getting into FreeBSD, too. :-) AND it looks like I may be able to contribute some spare cycles to the effort, if needed. -- Christopher Nielsen Scient: The eBusiness Systems Innovator cnielsen@scient.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 01:42:17 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA13994 for freebsd-net-outgoing; Thu, 5 Nov 1998 01:42:17 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA13870; Thu, 5 Nov 1998 01:41:59 -0800 (PST) (envelope-from itojun@itojun.org) Received: from localhost (itojun@localhost.itojun.org [127.0.0.1]) by coconut.itojun.org (8.9.1+3.1W/3.7W/smtpfeed 0.89) with ESMTP id SAA22945; Thu, 5 Nov 1998 18:41:48 +0900 (JST) To: "Jordan K. Hubbard" cc: Andreas Klemm , Mike Tancsa , Juergen Nickelsen , freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG In-reply-to: jkh's message of Thu, 05 Nov 1998 00:43:23 PST. <18416.910255403@time.cdrom.com> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) From: Jun-ichiro itojun Itoh Date: Thu, 05 Nov 1998 18:41:48 +0900 Message-ID: <22941.910258908@coconut.itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >> - OpenBSD uses PlutoPlus, and KAME uses racoon for IKE daemon. >Can you perhaps say a few words on the differences between these two? Pluto was originally written by Angelos Keromytis, and maintained in several places separately. OpenBSD, NIST (nist.gov), and FreeS/WAN use Pluto-variant IKE daemon. Since they are maintained by separate people, and seems to be heavily modified by each party (to fit with kernel API used by each party), they should be considered as different programs. I dunno much about internals (supported crypto algorithms, negotiations and so forth) about PlutoPlus that is bundled with OpenBSD. KAME IKE daemon (racoon) was tested with FreeS/WAN Pluto variant and NIST Pluto variant and worked fine with them. I have never tested with OpenBSD guys, but I think I can try that soon if needed. There is NO standard IKE codebase, there is NO mature IKE program, IMHO. Interop test still has big troubles. I think it is still too early to recommend some IKE daemon over some others. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 04:07:48 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA01025 for freebsd-net-outgoing; Thu, 5 Nov 1998 04:07:48 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from ninbox.ml.org (hsv1-55.airnet.net [207.242.81.55]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA01013 for ; Thu, 5 Nov 1998 04:07:45 -0800 (PST) (envelope-from kris@airnet.net) Received: from airnet.net (localhost [127.0.0.1]) by ninbox.ml.org (8.9.1/8.8.5) with ESMTP id GAA01676; Thu, 5 Nov 1998 06:04:43 -0600 (CST) Message-ID: <36419458.EB13C43@airnet.net> Date: Thu, 05 Nov 1998 06:04:41 -0600 From: Kris Kirby Organization: Absolutely None! X-Mailer: Mozilla 4.07 [en] (X11; U; FreeBSD 3.0-RELEASE i386) MIME-Version: 1.0 To: Thomas Seidmann CC: freebsd-net@FreeBSD.ORG Subject: Re: IPX Routing References: <199811032339.PAA13534@abused.com> <3640049D.ABC8E3D6@simultan.ch> <3640A3B2.72268322@airnet.net> <364145A3.9F09D220@simultan.ch> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thomas Seidmann wrote: > TCP/IP over Ethernet packets are _always_ carried over ETHERNET_II > frames (aka blue book Ethernet). IPX packets, on the contrary, are > carried over Ethernet in up to three kinds of frames: ETHERNET_II, 802.3 > an so called 802.2. This is some kind of confusion Novell created. Note > that the different frame types don't exhibit any contriburtion to > fuctionality nor performance. Blue book Ethernet frames would have > sufficed. I was completely unaware of this fact. My home lan runs Ethernet_II for the Novell stuff (which stays turned off unless I need to play quake :-) whereas another lan in the house uses the Novell default of 802.3. Which is the longest or has the most carrying capacity? -- Kris Kirby UAH Mail UAH CS Home WWW ------------------------------------------- TGIFreeBSD... 'Nuff said. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 04:16:11 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA02283 for freebsd-net-outgoing; Thu, 5 Nov 1998 04:16:11 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from SIMULTAN.CH (eunet-gw.simultan.ch [194.191.191.82] (may be forged)) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA02278 for ; Thu, 5 Nov 1998 04:16:09 -0800 (PST) (envelope-from tseidmann@simultan.ch) Received: from simultan.ch (wsaltis-053.SIMULTAN.CH [192.92.128.53]) by SIMULTAN.CH (8.9.1a/8.9.1) with ESMTP id NAA23983; Thu, 5 Nov 1998 13:15:52 +0100 (CET) Message-ID: <364196F3.711CE7DF@simultan.ch> Date: Thu, 05 Nov 1998 13:15:47 +0100 From: Thomas Seidmann X-Mailer: Mozilla 4.5 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Kris Kirby CC: freebsd-net@FreeBSD.ORG Subject: Re: IPX Routing References: <199811032339.PAA13534@abused.com> <3640049D.ABC8E3D6@simultan.ch> <3640A3B2.72268322@airnet.net> <364145A3.9F09D220@simultan.ch> <36419458.EB13C43@airnet.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Kris Kirby wrote: > I was completely unaware of this fact. My home lan runs Ethernet_II for > the Novell stuff (which stays turned off unless I need to play quake :-) > whereas another lan in the house uses the Novell default of 802.3. Which > is the longest or has the most carrying capacity? They are almost equal, except the 802.3 frame contains the size of payload in the frame in place of the frame ID. The maximum length and carrying capacity are exactly the same. 802.2 presents some loss compared to those two, because it caontains another additional header in each packet. > Kris Kirby Cheers, Thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 05:27:18 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA11037 for freebsd-net-outgoing; Thu, 5 Nov 1998 05:27:18 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from inner.net (avarice.inner.net [199.33.248.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA11025 for ; Thu, 5 Nov 1998 05:27:16 -0800 (PST) (envelope-from cmetz@inner.net) Received: from inner.net (cmetz.cstone.net [205.197.102.217]) by inner.net (8.9.1/8.9.1) with ESMTP id NAA21643; Thu, 5 Nov 1998 13:12:10 GMT Message-Id: <199811051312.NAA21643@inner.net> To: enkhyl@hayseed.net cc: "Jordan K. Hubbard" , freebsd-net@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-reply-to: Your message of "Thu, 05 Nov 1998 01:21:00 PST." X-Copyright: Copyright 1998, Craig Metz, All Rights Reserved. X-Reposting: With explicit permission only Date: Thu, 05 Nov 1998 03:26:37 -0500 From: Craig Metz Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message , you wr ite: >IPsec is still an evolving standard, so I don't think there is a single >implementation that's "finished", per se. The next release of NRL's IPv6+IPsec (due in order days) also supports FreeBSD 3.0. All the implementations I know of have their strengths and their weaknesses. -Craig To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 05:30:21 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA11410 for freebsd-net-outgoing; Thu, 5 Nov 1998 05:30:21 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from inner.net (avarice.inner.net [199.33.248.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA11394 for ; Thu, 5 Nov 1998 05:30:17 -0800 (PST) (envelope-from cmetz@inner.net) Received: from inner.net (cmetz.cstone.net [205.197.102.217]) by inner.net (8.9.1/8.9.1) with ESMTP id NAA21647; Thu, 5 Nov 1998 13:15:26 GMT Message-Id: <199811051315.NAA21647@inner.net> To: Jun-ichiro itojun Itoh cc: "Jordan K. Hubbard" , freebsd-net@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-reply-to: Your message of "Thu, 05 Nov 1998 18:41:48 +0900." <22941.910258908@coconut.itojun.org> X-Copyright: Copyright 1998, Craig Metz, All Rights Reserved. X-Reposting: With explicit permission only Date: Thu, 05 Nov 1998 03:29:54 -0500 From: Craig Metz Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <22941.910258908@coconut.itojun.org>, you write: > Pluto was originally written by Angelos Keromytis, and maintained > in several places separately. OpenBSD, NIST (nist.gov), and > FreeS/WAN use Pluto-variant IKE daemon. If I am not mistaken, Pluto is the ground-up work of the Free S/WAN people and is GPL. I believe that there is a history of preferring BSD-license to GPL in FreeBSD if a reasonable BSD-license version is available. > There is NO standard IKE codebase, there is NO mature IKE program, > IMHO. Interop test still has big troubles. I think it is still too > early to recommend some IKE daemon over some others. Yeah, IKE's a mess right now. -Craig To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 05:36:40 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA12422 for freebsd-net-outgoing; Thu, 5 Nov 1998 05:36:40 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from inner.net (avarice.inner.net [199.33.248.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA12417 for ; Thu, 5 Nov 1998 05:36:37 -0800 (PST) (envelope-from cmetz@inner.net) Received: from inner.net (cmetz.cstone.net [205.197.102.217]) by inner.net (8.9.1/8.9.1) with ESMTP id NAA21656; Thu, 5 Nov 1998 13:21:46 GMT Message-Id: <199811051321.NAA21656@inner.net> To: Jun-ichiro itojun Itoh cc: jkh@time.cdrom.com, freebsd-net@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-reply-to: Your message of "Thu, 05 Nov 1998 17:33:28 +0900." <21751.910254808@coconut.itojun.org> X-Copyright: Copyright 1998, Craig Metz, All Rights Reserved. X-Reposting: With explicit permission only Date: Thu, 05 Nov 1998 03:36:14 -0500 From: Craig Metz Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <21751.910254808@coconut.itojun.org>, you write: > The key differences are: > - OpenBSD IPsec uses PF_ENCAP kernel interface, which has no standard > as far as I know. KAME IPsec uses PF_KEY v2 defined in RFC2367. > - OpenBSD IPsec does not support IPv6. KAME IPsec supports IPv6. > Therefore, if OpenBSD IPsec and KAME IPv6 get imported, somebody > has to modify OpenBSD IPsec to support IPv6. The OpenBSD folks plan to merge the next NRL release and thus will have PF_KEYv2 and IPv6 support (which implies IPsec-for-IPv6, as it is a mandatory part of IPv6). This also means that there are some significant improvements coming soon in the OpenBSD IPsec support. It might not be sensible to integrate the OpenBSD IPsec code until after these are done. -Craig To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 09:22:43 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA04610 for freebsd-net-outgoing; Thu, 5 Nov 1998 09:22:43 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from roma.coe.ufrj.br (roma.coe.ufrj.br [146.164.53.65]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA04069 for ; Thu, 5 Nov 1998 09:17:07 -0800 (PST) (envelope-from jonny@jonny.eng.br) Received: (from jonny@localhost) by roma.coe.ufrj.br (8.8.8/8.8.8) id OAA25155; Thu, 5 Nov 1998 14:07:38 -0200 (EDT) (envelope-from jonny) From: Joao Carlos Mendes Luis Message-Id: <199811051607.OAA25155@roma.coe.ufrj.br> Subject: Re: IPX Routing In-Reply-To: <364145A3.9F09D220@simultan.ch> from Thomas Seidmann at "Nov 5, 98 07:28:51 am" To: tseidmann@simultan.ch (Thomas Seidmann) Date: Thu, 5 Nov 1998 14:07:38 -0200 (EDT) Cc: kris@airnet.net, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL40 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org #define quoting(Thomas Seidmann) // Kris Kirby wrote: // > // > Thomas Seidmann wrote: // > > addresses. Next, take a look at IPXrouted(8). Beware: the FreeBSD // > > networking code supports only ETHERNET_II frames. I've hacked // > // > This is interesting. The Beame and Whiteside TCP/IP stack for DOS also // > only works with Ethernet_II frames. It sends the TCP/IP through an ODI. // // TCP/IP over Ethernet packets are _always_ carried over ETHERNET_II // frames (aka blue book Ethernet). IPX packets, on the contrary, are // carried over Ethernet in up to three kinds of frames: ETHERNET_II, 802.3 // an so called 802.2. This is some kind of confusion Novell created. Note Ethernet_snap also. // that the different frame types don't exhibit any contriburtion to // fuctionality nor performance. Blue book Ethernet frames would have // sufficed. IIRC, IPX over 802.3 does not support checksum. I use ethernet_ii on every IPX network, even if it does not need IP. Jonny -- Joao Carlos Mendes Luis M.Sc. Student jonny@jonny.eng.br Universidade Federal do Rio de Janeiro "This .sig is not meant to be politically correct." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 10:18:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA09552 for freebsd-net-outgoing; Thu, 5 Nov 1998 10:18:23 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA09547 for ; Thu, 5 Nov 1998 10:18:21 -0800 (PST) (envelope-from julian@whistle.com) Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id KAA26558; Thu, 5 Nov 1998 10:16:50 -0800 (PST) Received: from current1.whistle.com(207.76.205.22) via SMTP by alpo.whistle.com, id smtpdm26541; Thu Nov 5 18:16:43 1998 Date: Thu, 5 Nov 1998 10:16:11 -0800 (PST) From: Julian Elischer To: Craig Metz cc: enkhyl@hayseed.net, "Jordan K. Hubbard" , freebsd-net@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-Reply-To: <199811051312.NAA21643@inner.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Maybe the first step is to ask ALL the groups to present us with a set of include files that they can ALL live with. it should be possible for someone to generate include files that specify all the RFC specified values and constants, that ALL the groups can use. julian On Thu, 5 Nov 1998, Craig Metz wrote: > In message , you wr > ite: > >IPsec is still an evolving standard, so I don't think there is a single > >implementation that's "finished", per se. > > The next release of NRL's IPv6+IPsec (due in order days) also supports > FreeBSD 3.0. > > All the implementations I know of have their strengths and their weaknesses. > > -Craig > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Nov 5 23:22:45 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA27605 for freebsd-net-outgoing; Thu, 5 Nov 1998 23:22:45 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA27568; Thu, 5 Nov 1998 23:22:36 -0800 (PST) (envelope-from archie@whistle.com) Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id XAA17682; Thu, 5 Nov 1998 23:22:21 -0800 (PST) Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3) id sma017680; Thu Nov 5 23:21:55 1998 Received: (from archie@localhost) by bubba.whistle.com (8.8.7/8.6.12) id XAA20702; Thu, 5 Nov 1998 23:21:54 -0800 (PST) From: Archie Cobbs Message-Id: <199811060721.XAA20702@bubba.whistle.com> Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-Reply-To: <19981105080123.B29177@klemm.gtn.com> from Andreas Klemm at "Nov 5, 98 08:01:23 am" To: andreas@klemm.gtn.com (Andreas Klemm) Date: Thu, 5 Nov 1998 23:21:54 -0800 (PST) Cc: mike@sentex.net, ni@tellique.de, freebsd-net@FreeBSD.ORG, jkh@FreeBSD.ORG, joerg@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andreas Klemm writes: > > >is there any software for FreeBSD that can connect two private networks > > >over an encrypted IP tunnel through a public network? > > > > Either in questions or in stable, someone mentioned a port of IPSEC. > > Wait, you are in luck, I did bookmark it after all... > > > > http://www.r4k.net/ipsec/ As another simpler (but less current-standards based), there is a port of SKIP that works on FreeBSD 2.2.x. It hasn't been fixed for 3.0 yet though.. the port is security/skip. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 6 07:00:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA07935 for freebsd-net-outgoing; Fri, 6 Nov 1998 07:00:09 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from hp9000.chc-chimes.com (hp9000.chc-chimes.com [206.67.97.84]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA07929 for ; Fri, 6 Nov 1998 07:00:07 -0800 (PST) (envelope-from billf@chc-chimes.com) Received: from localhost by hp9000.chc-chimes.com with SMTP (1.39.111.2/16.2) id AA208564251; Fri, 6 Nov 1998 09:57:31 -0500 Date: Fri, 6 Nov 1998 09:57:30 -0500 (EST) From: Bill Fumerola To: Archie Cobbs Cc: ni@tellique.de, freebsd-net@FreeBSD.ORG Subject: Re: ipsec (VPN) for -current ? (Re: VPN through encrypted IP tunnel for FreeBSD? ) In-Reply-To: <199811060721.XAA20702@bubba.whistle.com> Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 5 Nov 1998, Archie Cobbs wrote: > As another simpler (but less current-standards based), there > is a port of SKIP that works on FreeBSD 2.2.x. It hasn't > been fixed for 3.0 yet though.. the port is security/skip. In my experiences with SKIP, it is rather difficult to work with in it's current state. Something that is in the kernel might be easier to work with. - bill fumerola [root/billf]@chc-chimes.com - computer horizons corp - - ph:(800)252.2421 x128 / bfumerol@computerhorizons.com - BF1560 - "Logic, like whiskey, loses its beneficial effect when taken in too large quantities" -Lord Dunsany To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 6 11:00:31 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA13376 for freebsd-net-outgoing; Fri, 6 Nov 1998 11:00:31 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from zibbi.mikom.csir.co.za (zibbi.mikom.csir.co.za [146.64.24.58]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA13370 for ; Fri, 6 Nov 1998 11:00:24 -0800 (PST) (envelope-from jhay@zibbi.mikom.csir.co.za) Received: (from jhay@localhost) by zibbi.mikom.csir.co.za (8.9.1/8.9.1) id UAA04998; Fri, 6 Nov 1998 20:59:53 +0200 (SAT) From: John Hay Message-Id: <199811061859.UAA04998@zibbi.mikom.csir.co.za> Subject: Re: IPX maintainer(s) In-Reply-To: from Jeroen Ruigrok/Asmodai at "Nov 4, 98 11:17:57 pm" To: asmodai@wxs.nl (Jeroen Ruigrok/Asmodai) Date: Fri, 6 Nov 1998 20:59:53 +0200 (SAT) Cc: net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL32 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > just two fast questions: > > Who are the maintainers for the IPX networking stuff? I am. > > And is NLSP supported? > Nope and I don't plan to, but contributions are welcome. :-) John -- John Hay -- John.Hay@mikom.csir.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Nov 6 11:53:42 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA20805 for freebsd-net-outgoing; Fri, 6 Nov 1998 11:53:42 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from smtp03.wxs.nl (smtp03.wxs.nl [195.121.6.37]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA20797 for ; Fri, 6 Nov 1998 11:53:37 -0800 (PST) (envelope-from asmodai@wxs.nl) Received: from chronias.ninth-circle.org ([195.121.58.164]) by smtp03.wxs.nl (Netscape Messaging Server 3.6) with ESMTP id AAA2805; Fri, 6 Nov 1998 20:53:24 +0100 Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <199811061859.UAA04998@zibbi.mikom.csir.co.za> Date: Fri, 06 Nov 1998 20:57:25 +0100 (CET) Organization: Ninth Circle Enterprises From: Jeroen Ruigrok/Asmodai To: John Hay Subject: Re: IPX maintainer(s) Cc: net@FreeBSD.ORG Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 06-Nov-98 John Hay wrote: >> >> Who are the maintainers for the IPX networking stuff? > > I am. nice to meet ye's =) >> And is NLSP supported? >> > > Nope and I don't plan to, but contributions are welcome. :-) Cool, as soon as I am able too =) What ye got implemented thus far? --- Jeroen Ruigrok van der Werven/Asmodai asmodai(at)wxs.nl Junior Network/Security Specialist FreeBSD & picoBSD: The Power to Serve... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 7 09:55:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA20732 for freebsd-net-outgoing; Sat, 7 Nov 1998 09:55:15 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from jlf0.jlf.es (h026165.nexo.es [195.235.26.165]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA20722 for ; Sat, 7 Nov 1998 09:54:47 -0800 (PST) (envelope-from jlfreniche@acm.org) Received: from acm.org (localhost.jlf.es [127.0.0.1]) by jlf0.jlf.es (8.8.8/8.8.8) with ESMTP id TAA00513 for ; Sat, 7 Nov 1998 19:04:23 +0100 (CET) (envelope-from jlfreniche@acm.org) Message-ID: <36448BA6.8EAC6999@acm.org> Date: Sat, 07 Nov 1998 19:04:22 +0100 From: "Juan L. Freniche" X-Mailer: Mozilla 4.05 [en] (X11; I; FreeBSD 2.2.7-RELEASE i386) MIME-Version: 1.0 To: FreeBSD NET Subject: Support for Diamond SupraExpress 56/i PRO (PCI) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I don't know if this is the correct place for this question (if not, I present apologies!): I am using FreeBSD 2.2.7 and just installed a modem card from Diamond (SupraExpress PCI 56/i PRO). However, it is not seen by the kernel, I couldn't find any driver for it. Is there any support for this modem board or it is better if I change it for the ISA version? -- Juan L. Freniche To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 7 10:29:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA24141 for freebsd-net-outgoing; Sat, 7 Nov 1998 10:29:08 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from jlf0.jlf.es (h026165.nexo.es [195.235.26.165]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA24131 for ; Sat, 7 Nov 1998 10:28:54 -0800 (PST) (envelope-from jlfreniche@acm.org) Received: from acm.org (localhost.jlf.es [127.0.0.1]) by jlf0.jlf.es (8.8.8/8.8.8) with ESMTP id TAA00557 for ; Sat, 7 Nov 1998 19:39:21 +0100 (CET) (envelope-from jlfreniche@acm.org) Message-ID: <364493D8.7D2C8EB3@acm.org> Date: Sat, 07 Nov 1998 19:39:20 +0100 From: "Juan L. Freniche" X-Mailer: Mozilla 4.05 [en] (X11; I; FreeBSD 2.2.7-RELEASE i386) MIME-Version: 1.0 To: freebsd-net@FreeBSD.ORG Subject: freebsd-net@FreeBSD.ORGSupport for Diamond SupraExpress 56/i PRO (PCI) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I don't know if this is the correct place for this question (if not, I present apologies!): I am using FreeBSD 2.2.7 and just installed a modem card from Diamond (SupraExpress PCI 56/i PRO). However, it is not seen by the kernel, I couldn't find any driver for it. Is there any support for this modem board or it is better if I change it by the ISA version? -- Juan L. Freniche To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Nov 7 10:58:18 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA27774 for freebsd-net-outgoing; Sat, 7 Nov 1998 10:58:18 -0800 (PST) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from abby.skypoint.net (abby.skypoint.net [199.86.32.252]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA27769 for ; Sat, 7 Nov 1998 10:58:17 -0800 (PST) (envelope-from bruce@zuhause.mn.org) Received: (from uucp@localhost) by abby.skypoint.net (8.8.7/jl 1.3) with UUCP id MAA27852 for freebsd-net@freebsd.org; Sat, 7 Nov 1998 12:58:04 -0600 (CST) Received: (from bruce@localhost) by zuhause.mn.org (8.9.1/8.9.1) id MAA21457; Sat, 7 Nov 1998 12:36:59 -0600 (CST) (envelope-from bruce) From: Bruce Albrecht MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <13892.37693.738551.462846@zuhause.zuhause.mn.org> Date: Sat, 7 Nov 1998 12:36:45 -0600 (CST) To: freebsd-net@FreeBSD.ORG Subject: ISA EtherExpress Pro/100 supported? X-Mailer: VM 6.62 under 20.4 "Emerald" XEmacs Lucid Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Is this NIC supported by FreeBSD? If so, which driver. If not, does anyone have any suggestions as to which driver would be a good choice to use as a base? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message