From owner-freebsd-net Mon Sep 30 7: 6:42 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E390237B404 for ; Mon, 30 Sep 2002 07:06:40 -0700 (PDT) Received: from insomnia.spc.org (insomnia.spc.org [195.224.94.183]) by mx1.FreeBSD.org (Postfix) with SMTP id A094143E75 for ; Mon, 30 Sep 2002 07:06:39 -0700 (PDT) (envelope-from bms@insomnia.spc.org) Received: (qmail 27943 invoked by uid 1031); 30 Sep 2002 14:02:31 -0000 Date: Mon, 30 Sep 2002 15:02:30 +0100 From: Bruce M Simpson To: Marco Molteni Cc: freebsd-mobile@freebsd.org, freebsd-net@freebsd.org Subject: Re: Fw: Link Triggers on Linux Message-ID: <20020930140230.GO26352@spc.org> Mail-Followup-To: Bruce M Simpson , Marco Molteni , freebsd-mobile@freebsd.org, freebsd-net@freebsd.org References: <20020928153021.6029.qmail@cobweb.example.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020928153021.6029.qmail@cobweb.example.org> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Sounds similar to Win2k's ability to notify user-space processes of the link going up/down on Ethernet interfaces. But that's nothing that can't be achieved by polling the appropriate ifioctl. On Sat, Sep 28, 2002 at 05:30:20PM +0200, Marco Molteni wrote: > WLAN events : > o SIOCGIWAP(addr) : Successfully registered to Access Point > with address 'addr'. If 'addr' is NULL, it means that we could not > find any Access Point suitable (out of range). This is generated at > the end of the link layer handoff. > o IWEVTXDROP(addr) : Packet sent to 'addr' was dropped due to > excessive retries. > o SNR : this is not an event, but you can poll the SNR for > each peer through iwspy (updated on Rx'd packets). I think knotes might be most appropriate. Specifically, adding messages to those which would be handled by PF_ROUTE, and having the socket bound to a kqueue, so that asynchronous notification can take place. For the third, have a look at /usr/ports/net/wmwave. > IrNET events : > o Disconnected(addr) : IrDA stack closed the link connection > to peer 'addr'. May be due to link failure (12s timeout) or explicit > disconnection from one end. At this point, the IP interface is going > to be destroyed. > o Link-Blocked(addr) : Peer 'addr' failed to turnaround the > link layer. We have not heard from the peer for one second (max link > turn around time in IrDA is 500ms). However, the connection to the > peer still has not timed out. FreeBSD doesn't grok IrDA. Last I heard, someone was planning on porting a userspace IrDA stack to NetBSD. Many OEM motherboards have IrDA headers, but not the LEDs. I managed to sniff out a retail supplier of OEM backplates with the LEDs in the UK. If anyone's up for it, suggest we club together and buy them as a group. > 5) Where do events go > --------------------- > Some people have suggested that those events should go up the > IP stack. I personally don't think that this is the best approach, > because this is not where those events are needed. And also I don't > want to polute the TCP/IP higher layer interfaces with link specific > stuff (this is about layer separation). See above. BMS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 30 7:38:58 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 353F237B401 for ; Mon, 30 Sep 2002 07:38:57 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with SMTP id EB8B943E6A for ; Mon, 30 Sep 2002 07:38:55 -0700 (PDT) (envelope-from oppermann@pipeline.ch) Received: (qmail 9882 invoked from network); 30 Sep 2002 14:36:09 -0000 Received: from unknown (HELO pipeline.ch) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 30 Sep 2002 14:36:09 -0000 Message-ID: <3D9861CA.F3225DE7@pipeline.ch> Date: Mon, 30 Sep 2002 16:38:02 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Cc: jeker@n-r-g.com Subject: New natd available Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello all In the FreeBSD May-June 2002 Status Report we have announced a natd rewrite to make it's configuration options more powerful and support more ip addresses to nat to. The first functional preview is available here: http://diehard.n-r-g.com/stuff/freebsd/ Please check this out and test it with real traffic. We'd appreciate any feedback about the syntax and any bugs. It'll get some more style treatment before declaring it for full public consumption. Next in row is the tcphostcache in a couple of days. After that the new routing table is coming. -- Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 30 10:36:21 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 18FAE37B401 for ; Mon, 30 Sep 2002 10:36:20 -0700 (PDT) Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC5CD43E42 for ; Mon, 30 Sep 2002 10:36:19 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: from iguana.icir.org (localhost [127.0.0.1]) by iguana.icir.org (8.12.3/8.11.3) with ESMTP id g8UHaIIb004090; Mon, 30 Sep 2002 10:36:18 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: (from rizzo@localhost) by iguana.icir.org (8.12.3/8.12.3/Submit) id g8UHaHxa004089; Mon, 30 Sep 2002 10:36:17 -0700 (PDT) (envelope-from rizzo) Date: Mon, 30 Sep 2002 10:36:17 -0700 From: Luigi Rizzo To: Andre Oppermann Cc: freebsd-net@FreeBSD.ORG, jeker@n-r-g.com Subject: Re: New natd available Message-ID: <20020930103617.A4019@iguana.icir.org> References: <3D9861CA.F3225DE7@pipeline.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3D9861CA.F3225DE7@pipeline.ch>; from oppermann@pipeline.ch on Mon, Sep 30, 2002 at 04:38:02PM +0200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Andre, could you briefly comment how the new libalias+natd differ (or are planned to differ) from the old one -- e.g. do they implement keepalives, move-to-front of sessions in the hash chains, fixe to known bugs in the old one ? One common complaint with the old libalias is that performance tends to trash with time -- this seems to be due to the very long timeout (24hrs ?) for sessions, coupled to the fact that newly created sesssions are appended to the end of the hash chains so over time the lookup times tend to become larger and larger. One easy fix to this behaviour is to move to the front of the hash chain a session descriptor upon a successful lookup. This keeps fresh sessions near the head of the chain while stale ones drift towards the end. thanks luigi > Hello all > > In the FreeBSD May-June 2002 Status Report we have announced a natd > rewrite to make it's configuration options more powerful and support > more ip addresses to nat to. > > The first functional preview is available here: > > http://diehard.n-r-g.com/stuff/freebsd/ > > Please check this out and test it with real traffic. We'd appreciate > any feedback about the syntax and any bugs. It'll get some more style > treatment before declaring it for full public consumption. > > Next in row is the tcphostcache in a couple of days. After that the > new routing table is coming. > > -- > Andre > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 30 11:19:58 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 204A437B401 for ; Mon, 30 Sep 2002 11:19:56 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 8A4AC43E65 for ; Mon, 30 Sep 2002 11:19:54 -0700 (PDT) (envelope-from oppermann@pipeline.ch) Received: (qmail 30827 invoked from network); 30 Sep 2002 18:17:07 -0000 Received: from unknown (HELO pipeline.ch) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 30 Sep 2002 18:17:07 -0000 Message-ID: <3D989594.DA0D0497@pipeline.ch> Date: Mon, 30 Sep 2002 20:19:00 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Luigi Rizzo Cc: freebsd-net@FreeBSD.ORG, jeker@n-r-g.com Subject: Re: New natd available References: <3D9861CA.F3225DE7@pipeline.ch> <20020930103617.A4019@iguana.icir.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Luigi Rizzo wrote: > > Andre, > could you briefly comment how the new libalias+natd differ > (or are planned to differ) from the old one -- e.g. do > they implement keepalives, move-to-front of sessions in the > hash chains, fixe to known bugs in the old one ? The new one has a way more powerful configuration syntax and supports new modes like aliasing to more than one outside address. > One common complaint with the old libalias is that > performance tends to trash with time -- this seems to be > due to the very long timeout (24hrs ?) for sessions, coupled > to the fact that newly created sesssions are appended to > the end of the hash chains so over time the lookup times > tend to become larger and larger. This hasn't been fixed yet. > One easy fix to this behaviour is to move to the front of > the hash chain a session descriptor upon a successful lookup. > This keeps fresh sessions near the head of the chain while > stale ones drift towards the end. We'll do this. Could you have a more detailed look at the new natd maybe? -- Andre > thanks > luigi > > > Hello all > > > > In the FreeBSD May-June 2002 Status Report we have announced a natd > > rewrite to make it's configuration options more powerful and support > > more ip addresses to nat to. > > > > The first functional preview is available here: > > > > http://diehard.n-r-g.com/stuff/freebsd/ > > > > Please check this out and test it with real traffic. We'd appreciate > > any feedback about the syntax and any bugs. It'll get some more style > > treatment before declaring it for full public consumption. > > > > Next in row is the tcphostcache in a couple of days. After that the > > new routing table is coming. > > > > -- > > Andre > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 30 12:10:41 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AF88837B401; Mon, 30 Sep 2002 12:10:40 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id A9FC443E65; Mon, 30 Sep 2002 12:10:39 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.12.4/8.12.4) with SMTP id g8UJABOo023382; Mon, 30 Sep 2002 15:10:11 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 30 Sep 2002 15:10:10 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Bruce M Simpson Cc: Marco Molteni , freebsd-mobile@freebsd.org, freebsd-net@freebsd.org Subject: Re: Fw: Link Triggers on Linux In-Reply-To: <20020930140230.GO26352@spc.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 30 Sep 2002, Bruce M Simpson wrote: > Sounds similar to Win2k's ability to notify user-space processes of the > link going up/down on Ethernet interfaces. But that's nothing that can't > be achieved by polling the appropriate ifioctl. We have this capability already using kqueues, although I'd actually also like to see a routing socket event. Somewhere there are dhclient patches floating around to support kq interface link notifications. Note that not all of our supported ethernet interfaces support link state monitoring, they only have administrative up/down, so any application written to handle link state information needs to take that into account. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 30 12:12:18 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C920F37B401 for ; Mon, 30 Sep 2002 12:12:16 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id B33E143E4A for ; Mon, 30 Sep 2002 12:12:15 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.12.4/8.12.4) with SMTP id g8UJBmOo023396; Mon, 30 Sep 2002 15:11:48 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 30 Sep 2002 15:11:48 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Andre Oppermann Cc: freebsd-net@freebsd.org, jeker@n-r-g.com Subject: Re: New natd available In-Reply-To: <3D9861CA.F3225DE7@pipeline.ch> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 30 Sep 2002, Andre Oppermann wrote: > In the FreeBSD May-June 2002 Status Report we have announced a natd > rewrite to make it's configuration options more powerful and support > more ip addresses to nat to. > > The first functional preview is available here: > > http://diehard.n-r-g.com/stuff/freebsd/ > > Please check this out and test it with real traffic. We'd appreciate any > feedback about the syntax and any bugs. It'll get some more style > treatment before declaring it for full public consumption. > > Next in row is the tcphostcache in a couple of days. After that the new > routing table is coming. Andre -- This work is very exciting. For those of us tracking the SMPng locking of the IP stack, I'm particular interested in making sure that the new implementations are locked down using SMPng primitives, and their potential impact on removing Giant from sections of the stack. I know that the routing code is one area where we're currently deficient... Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 30 12:41:16 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC08137B401 for ; Mon, 30 Sep 2002 12:41:14 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 46B8343E7B for ; Mon, 30 Sep 2002 12:41:13 -0700 (PDT) (envelope-from oppermann@pipeline.ch) Received: (qmail 35549 invoked from network); 30 Sep 2002 19:38:26 -0000 Received: from unknown (HELO pipeline.ch) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 30 Sep 2002 19:38:26 -0000 Message-ID: <3D98A8A3.FBDA0A6D@pipeline.ch> Date: Mon, 30 Sep 2002 21:40:19 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Robert Watson Cc: freebsd-net@freebsd.org, jeker@n-r-g.com Subject: Re: New natd available References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Robert Watson wrote: > > On Mon, 30 Sep 2002, Andre Oppermann wrote: > > > In the FreeBSD May-June 2002 Status Report we have announced a natd > > rewrite to make it's configuration options more powerful and support > > more ip addresses to nat to. > > > > The first functional preview is available here: > > > > http://diehard.n-r-g.com/stuff/freebsd/ > > > > Please check this out and test it with real traffic. We'd appreciate any > > feedback about the syntax and any bugs. It'll get some more style > > treatment before declaring it for full public consumption. > > > > Next in row is the tcphostcache in a couple of days. After that the new > > routing table is coming. > > Andre -- > > This work is very exciting. For those of us tracking the SMPng locking of > the IP stack, I'm particular interested in making sure that the new > implementations are locked down using SMPng primitives, and their > potential impact on removing Giant from sections of the stack. I know > that the routing code is one area where we're currently deficient... The new routing code will untangle the pointer mess in the current stack by a great deal and as such make it far more SMP friendly as it currently is. Unfortunatly I don't know if we have enough time to put everything into 5.0R. -- Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 30 15:11:15 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 66B0D37B401 for ; Mon, 30 Sep 2002 15:11:14 -0700 (PDT) Received: from scout.networkphysics.com (fw.networkphysics.com [205.158.104.176]) by mx1.FreeBSD.org (Postfix) with ESMTP id 074A143E7B for ; Mon, 30 Sep 2002 15:11:14 -0700 (PDT) (envelope-from pavel@networkphysics.com) Received: from NetworkPhysics.COM (valiant.fractal.networkphysics.com [10.10.0.243]) by scout.networkphysics.com (8.11.5/8.11.5) with ESMTP id g8UMBDR67174 for ; Mon, 30 Sep 2002 15:11:13 -0700 (PDT) Message-Id: <200209302211.g8UMBDR67174@scout.networkphysics.com> To: freebsd-net@FreeBSD.ORG Subject: Re: Question about mbuf allocation and VM routines In-Reply-To: Message from Tom Pavel of "Fri, 27 Sep 2002 15:06:18 PDT." <200209272206.g8RM6IR43626@scout.networkphysics.com> Date: Mon, 30 Sep 2002 15:11:13 -0700 From: Tom Pavel Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> On Fri, 27 Sep 2002, Tom Pavel writes: > However, as shown in this excerpt m_mballoc() calls kmem_malloc(), > which from its comments expects to be called at splhigh (or perhaps > splvm?). Ultimately, my call chain leads me to > vm_map_entry_create(mb_map), and I fear that the resulting > zalloc()/zfree() is interrupted by something else at splvm, and > thereby corrupts the kmapentzone free list. That would be consistent > with the crash I've seen. > > So, my question is whether the above analysis makes sense, and whether > the kmem_malloc(M_NOWAIT) call in m_mballoc() should be wrapped in > splvm. I assume the M_WAITOK call should not be wrapped, but I > haven't thought that one through. Any other insights about this? Thanks to Jeffrey Hsu, I realized that I've just been suffering from a bit of versionitis. I wanted to follow up here for the benefit of the archives. This problem I posited is indeed possible in the 4.2-based systems I'm using, but it was fixed in rev 1.187.2.5 of vm_map.c in Feb 2001 (before 4.3). I was confused about whether we'd also seen this in our 4.6-based systems and it turns out that I didn't read the 4.2/4.6 diffs carefully enough. Sorry for any confusion... Tom Pavel Network Physics pavel@networkphysics.com / pavel@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 30 22:31:54 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B25637B401 for ; Mon, 30 Sep 2002 22:31:53 -0700 (PDT) Received: from guinness.syncrontech.com (guinness.syncrontech.com [62.71.8.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6F7FF43E4A for ; Mon, 30 Sep 2002 22:31:52 -0700 (PDT) (envelope-from ari.suutari@syncrontech.com) Received: from linux (coffee.syncrontech.com [62.71.8.37]) by guinness.syncrontech.com (8.12.6/8.12.6) with ESMTP id g915Voud085922; Tue, 1 Oct 2002 08:31:51 +0300 (EEST) (envelope-from ari.suutari@syncrontech.com) Content-Type: text/plain; charset="iso-8859-1" From: Ari Suutari Organization: Syncron Tech Oy To: Andre Oppermann , freebsd-net@FreeBSD.ORG Subject: Re: New natd available Date: Tue, 1 Oct 2002 08:34:35 +0300 User-Agent: KMail/1.4.2 Cc: jeker@n-r-g.com References: <3D9861CA.F3225DE7@pipeline.ch> In-Reply-To: <3D9861CA.F3225DE7@pipeline.ch> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200210010834.35064.ari.suutari@syncrontech.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Great to see natd maintained. As original author, I kind of miss the long command line options (ie. something like --daemon in addition to -d). The new code seems to use always a select-recvfrom combination to get the data. Someone complained to me about the old natd performance when that was used (the old code does not always use it). However, I must say that I'm not sure about how much it affects performance (having two syscalls instead of one).=20 =09Ari S. On Monday 30 September 2002 17:38, Andre Oppermann wrote: > Hello all > > In the FreeBSD May-June 2002 Status Report we have announced a natd > rewrite to make it's configuration options more powerful and support > more ip addresses to nat to. > > The first functional preview is available here: > > http://diehard.n-r-g.com/stuff/freebsd/ > > Please check this out and test it with real traffic. We'd appreciate > any feedback about the syntax and any bugs. It'll get some more style > treatment before declaring it for full public consumption. > > Next in row is the tcphostcache in a couple of days. After that the > new routing table is coming. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 1:35:17 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4D48D37B401 for ; Tue, 1 Oct 2002 01:35:16 -0700 (PDT) Received: from diehard.n-r-g.com (diehard.n-r-g.com [195.134.143.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 76D5F43E77 for ; Tue, 1 Oct 2002 01:35:15 -0700 (PDT) (envelope-from cjeker@diehard.n-r-g.com) Received: (qmail 13473 invoked by uid 1001); 1 Oct 2002 08:35:13 -0000 Date: Tue, 1 Oct 2002 10:35:13 +0200 From: Claudio Jeker To: Ari Suutari Cc: Andre Oppermann , freebsd-net@FreeBSD.ORG Subject: Re: New natd available Message-ID: <20021001083513.GE21579@diehard.n-r-g.com> References: <3D9861CA.F3225DE7@pipeline.ch> <200210010834.35064.ari.suutari@syncrontech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200210010834.35064.ari.suutari@syncrontech.com> User-Agent: Mutt/1.3.27i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Oct 01, 2002 at 08:34:35AM +0300, Ari Suutari wrote: > Hi, > > Great to see natd maintained. As original author, I kind of miss > the long command line options (ie. something like > --daemon in addition to -d). > I used getopt(3) to parse the commandline because I hate to reinvent the wheel all the time. > The new code seems to use always a select-recvfrom combination > to get the data. Someone complained to me about the old natd performance > when that was used (the old code does not always use it). However, > I must say that I'm not sure about how much it affects performance > (having two syscalls instead of one). > In my first test I was able to nat a single ftp transfer at almost 100Mbps (10.10 MB/s) on a VIA C3 800 MHz (using 2 onboard fxp). Snapshot of top while doing transfer: last pid: 223; load averages: 0.21, 0.06, 0.02 up 0+00:21:44 12:07:17 24 processes: 2 running, 22 sleeping CPU states: 2.7% user, 0.0% nice, 43.6% system, 24.1% interrupt, 29.6% idle Mem: 5712K Active, 6596K Inact, 10M Wired, 4K Cache, 6880K Buf, 217M Free Swap: 128M Total, 128M Free PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND 222 root 2 0 520K 284K RUN 0:21 34.89% 34.77% natd 84 root 2 0 2596K 1856K select 0:00 0.00% 0.00% sshd 223 root 28 0 1908K 1180K RUN 0:00 0.00% 0.00% top A single ftp transfer is probably not representative but shows the (top) performance. The new code uses the select-recvfrom combination because of the extended capabilities. A simple solution would be to set the divert sockets to nonblocking and do a select-recvfrom-recvfrom* loop as long as packets are received. If more speed is needed every syscall and packet copying should be avoided and natd/libalias should be merged into ipfw. -- :wq Claudio To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 5:21:34 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 45DF737B401 for ; Tue, 1 Oct 2002 05:21:33 -0700 (PDT) Received: from gvr.gvr.org (gvr.gvr.org [212.61.40.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 649BE43E4A for ; Tue, 1 Oct 2002 05:21:32 -0700 (PDT) (envelope-from guido@gvr.org) Received: by gvr.gvr.org (Postfix, from userid 657) id C2843AD; Tue, 1 Oct 2002 14:21:30 +0200 (CEST) Date: Tue, 1 Oct 2002 14:21:30 +0200 From: Guido van Rooij To: freebsd-net@freebsd.org Subject: non-transparent IPsec via a tun interface? Message-ID: <20021001122130.GA14155@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have a firewall system that has a dedicated interface on which nly IPsec traffic is going out and comming in. The firewall encrypts and decrypts these packets. I am using Ipfilter on that system and I would like to filter on the unencrypted content, both incoming and outgoing. The problem is that on the "IPsec interface" I only see the encrypted traffic. Is there a way to make IPsec be non-transparent? E.g: have a /dev/tun interface that is the non-encrypted variant of the dedicated ipsec interface? (I route pakets into the tun interface and they are encrypted and put out of the real dedicated interface, and vice versa: if IPsec traffic come into the real interface, they are decrypted and send thorugh the tunnel) -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 6:40:21 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 060EB37B401 for ; Tue, 1 Oct 2002 06:40:20 -0700 (PDT) Received: from sccrmhc01.attbi.com (sccrmhc01.attbi.com [204.127.202.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5B9A843E75 for ; Tue, 1 Oct 2002 06:40:19 -0700 (PDT) (envelope-from julian@elischer.org) Received: from InterJet.elischer.org ([12.232.206.8]) by sccrmhc01.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20021001134018.RVNI6431.sccrmhc01.attbi.com@InterJet.elischer.org>; Tue, 1 Oct 2002 13:40:18 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id GAA86850; Tue, 1 Oct 2002 06:34:30 -0700 (PDT) Date: Tue, 1 Oct 2002 06:34:29 -0700 (PDT) From: Julian Elischer To: Guido van Rooij Cc: freebsd-net@freebsd.org Subject: Re: non-transparent IPsec via a tun interface? In-Reply-To: <20021001122130.GA14155@gvr.gvr.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have done similar to this using teh GIF interface. Each tunnel between sites had a gif interface and I firewalled for only ESP packets to and from the correct machines on the external interface, and for correct packets for permitted protocols and ports on the unencrypted data on the gif interfaces. Since then I have stoped using th e Gif interfaces and have started tunnelling using mpd across a udp connection, which in turn is IPSEC encrypted. Instead of firewalling on the gif inerfaces I now do it on the ng interface. The reason for using mpd is to use multilink PPP for the tunnels. I have multiple unnels on differnt ISPS between sites so that if one ISP gets ill (which happens a bit), the connection suffers a bandwidth degradation but is still useable. On Tue, 1 Oct 2002, Guido van Rooij wrote: > I have a firewall system that has a dedicated interface on which nly > IPsec traffic is going out and comming in. The firewall > encrypts and decrypts these packets. > > I am using Ipfilter on that system and I would like to filter on > the unencrypted content, both incoming and outgoing. > > The problem is that on the "IPsec interface" I only see the encrypted > traffic. > > Is there a way to make IPsec be non-transparent? > > E.g: have a /dev/tun interface that is the non-encrypted variant of the > dedicated ipsec interface? (I route pakets into the tun interface > and they are encrypted and put out of the real dedicated interface, > and vice versa: if IPsec traffic come into the real interface, they > are decrypted and send thorugh the tunnel) > > -Guido > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 6:40:35 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 47ADB37B426 for ; Tue, 1 Oct 2002 06:40:34 -0700 (PDT) Received: from smtp.wineasy.se (smtp.wineasy.se [195.42.198.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id E4B8243E6E for ; Tue, 1 Oct 2002 06:40:32 -0700 (PDT) (envelope-from john@veidit.net) Received: from Sleeper (20.130.88.213.host.tele1europe.se [213.88.130.20] (may be forged)) by smtp.wineasy.se with SMTP id g91DeXe21059 for ; Tue, 1 Oct 2002 15:40:33 +0200 Date: Tue, 1 Oct 2002 15:40:27 +0200 From: John Angelmo To: net@freebsd.org Subject: unix routing Message-Id: <20021001154027.47ccd0f1.john@veidit.net> X-Mailer: Sylpheed version 0.8.3 (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello I'm looking for a good book on unix routing (from the ground up) every routingbook I seem to find only cover IOS. There are diffrent solutions, for example gated, zebra and so on, what is most used and what can you recomend and what supports both ipv6 and ipv4 thanks /John To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 9:33:20 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ABAD437B401 for ; Tue, 1 Oct 2002 09:33:19 -0700 (PDT) Received: from oak.FernUni-Hagen.de (oak.fernuni-hagen.de [132.176.114.41]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3EF3143E6A for ; Tue, 1 Oct 2002 09:33:19 -0700 (PDT) (envelope-from q5480035@bonsai.FernUni-Hagen.de) Received: from amavis by oak.FernUni-Hagen.de with scanned-ok (Exim 4.04) id 17wPxW-0002sW-00 for freebsd-net@freebsd.org; Tue, 01 Oct 2002 18:33:18 +0200 Received: from bonsai.fernuni-hagen.de ([132.176.114.21]) by oak.FernUni-Hagen.de with esmtp (Exim 4.04) id 17wPxS-0002sM-00 for freebsd-net@freebsd.org; Tue, 01 Oct 2002 18:33:14 +0200 Received: (from q5480035@localhost) by bonsai.fernuni-hagen.de (8.10.2+Sun/8.10.2) id g91GXDp24050; Tue, 1 Oct 2002 18:33:13 +0200 (MEST) Date: Tue, 1 Oct 2002 18:33:13 +0200 (MEST) Message-Id: <200210011633.g91GXDp24050@bonsai.fernuni-hagen.de> From: Marc Ernst Eddy van Woerkom To: freebsd-net@freebsd.org Subject: Intel PRO/100 S X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, yesterday I bought a network card to connect a second PC to my old machine. They had only one type of card in the store so I bought it anyway, despite its rather high price of 37 Euro. Today I took a closer look. It is an Intel PRO/100 S board packaged in plastic pack, without docs. It comes with 3 wire cable labeled "BIZLINK" and has "TRIPLE DES" on a label. As far as I can tell from a bit of Google research, it features hardware encryprtion/decryption. Questions: - Can I use it under FreeBSD? - Can I make use of that hardware acceleration? - What is the 3 wire cable for? Regards, Marc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 9:42:12 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 09DDB37B401 for ; Tue, 1 Oct 2002 09:42:10 -0700 (PDT) Received: from web40312.mail.yahoo.com (web40312.mail.yahoo.com [66.218.78.91]) by mx1.FreeBSD.org (Postfix) with SMTP id AD4A543E6A for ; Tue, 1 Oct 2002 09:42:09 -0700 (PDT) (envelope-from m_evmenkin@yahoo.com) Message-ID: <20021001164208.3690.qmail@web40312.mail.yahoo.com> Received: from [165.193.27.38] by web40312.mail.yahoo.com via HTTP; Tue, 01 Oct 2002 09:42:08 PDT Date: Tue, 1 Oct 2002 09:42:08 -0700 (PDT) From: Maksim Yevmenkin Subject: Re: Bluetooth stack for FreeBSD To: Julian Elischer Cc: current@freebsd.net, net@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello Julian, Sorry to bug you, but are you still interested in this? Not sure if you were following but the latest snapshot (2002/09/22) is available for download at http://www.geocities.com/m_evmenkin/ I asking because you are the only person who has some interest and actually looked at the code. Also NetBSD folks (Lennart Augustsson) seem to work on Bluetooth too. Is it better for FreeBSD to wait until NetBSD stack is done and then port it back? thanks, max --- Julian Elischer wrote: > what a coincidence! > > I was just discussing this with people here at USENIX and I'd like to > start the process for committing this. > > Do you think it deserves a separate directory under netgraph, > or maybe a netbluetooth directory. > > the documentation needs to be made 'commit-ready' too, as well as some > examples ready to put in /usr/share/examples/netgraph. > > > > On Thu, 13 Jun 2002, Maksim Yevmenkin wrote: > > > [cc: mobile@freebsd.org] > > > > Hackers, > > > > Another developer snapshot is available at > > > > http://www.geocities.com/m_evmenkin/ngbt-fbsd-20020613.tar.gz > > > > This release is for -current DP1 only. I had to > > downgrade back to DP1 due to huge amount of changes > > in -current. > > > > Brief list of changes > > > > - Basic support for USB devices. I got myself a > > 3Com USB Bluetooth dongle (aka ToothBrush :) > > > > - Make everything GCC 3.X friendly. > > > > - Minor bug fixes > > > > As always, i would like to get some feedback. I'm very > > interested to hear from people who familiar with FreeBSD > > kernel, Netgraph, Bluetooth and/or USB. > > > > thanks, > > max > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! - Official partner of 2002 FIFA World Cup > > http://fifaworldcup.yahoo.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > > __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 9:50:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EBB037B401 for ; Tue, 1 Oct 2002 09:50:30 -0700 (PDT) Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id A9CFB43E4A for ; Tue, 1 Oct 2002 09:50:29 -0700 (PDT) (envelope-from larse@ISI.EDU) Received: from isi.edu (nik.isi.edu [128.9.168.58]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id g91GoOC02711; Tue, 1 Oct 2002 09:50:24 -0700 (PDT) Message-ID: <3D99D24F.60907@isi.edu> Date: Tue, 01 Oct 2002 09:50:23 -0700 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, de-de MIME-Version: 1.0 To: Andre Oppermann Cc: freebsd-net@freebsd.org, jeker@n-r-g.com Subject: Re: New natd available References: <3D9861CA.F3225DE7@pipeline.ch> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms020401070307060301030608" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------ms020401070307060301030608 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Andre Oppermann wrote: > > In the FreeBSD May-June 2002 Status Report we have announced a natd > rewrite to make it's configuration options more powerful and support > more ip addresses to nat to. I haven't had time to look at the new natd yet, but the old one would easily get into a state where it ate up 100% of the CPU time (on our local ISI network, which has admittedly lots of strange packets on it from experiments.) http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/36183 says it was fixed in 4.5, but I've seen it with 4.6 still (not sure if the same reasons caused it though.) Has this been tested with the new natd? Lars -- Lars Eggert USC Information Sciences Institute --------------ms020401070307060301030608 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJtjCC AzgwggKhoAMCAQICEGZFcrfMdPXPY3ZFhNAukQEwDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkG CSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMDA4MzAwMDAw MDBaFw0wNDA4MjcyMzU5NTlaMIGSMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUQ2Vy dGlmaWNhdGUgU2VydmljZXMxKDAmBgNVBAMTH1BlcnNvbmFsIEZyZWVtYWlsIFJTQSAyMDAw LjguMzAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4zMqZjxwklRT7SbngnZ4HF2ogZ gpcO40QpimM1Km1wPPrcrvfudG8wvDOQf/k0caCjbZjxw0+iZdsN+kvx1t1hpfmFzVWaNRqd knWoJ67Ycvm6AvbXsJHeHOmr4BgDqHxDQlBRh4M88Dm0m1SKE4f/s5udSWYALQmJ7JRr6aFp AgMBAAGjTjBMMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwxLTI5NzAS BgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOBgQAxsUtH XfkBceX1U2xdedY9mMAmE2KBIqcS+CKV6BtJtyd7BDm6/ObyJOuR+r3sDSo491BVqGz3Da1M G7wD9LXrokefbKIMWI0xQgkRbLAaadErErJAXWr5edDqLiXdiuT82w0fnQLzWtvKPPZE6iZp h39Ins6ln+eE2MliYq0FxjCCAzkwggKioAMCAQICAwglQTANBgkqhkiG9w0BAQQFADCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwMB4XDTAyMDgyNDE4NTMzOVoX DTAzMDgyNDE4NTMzOVowVDEPMA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYD VQQDEwtMYXJzIEVnZ2VydDEcMBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANI2Rrt4ggaQ/IrOsDeOm2H4/R5FRIL6JjDY3StE aogp1r23WKniQ1Vj98Nu5WxlaZ3Iam3Jen5T66H8u7rtMNpK4qAeAGoBsVeyVr1+CTFeuv+m xCh7BvBJwhLdm0zDaoDT05YKYZaqtsT+F286FWJQg31Xtf+vTKLVVrHcsafnteyal2NEt7Ac yZZfjsVLwxp2Lq3cwYfRQRoo7/yCVzS7HsgM6jmbO4taEMo4yC2rpnUbWEUCDTaCYgpAXzAl oiNk7GDh0wz2s5ZSnHRvNSBMAjCmpNtSYHfXFI1ANwrrrHIJ7Ei83+XN32PWY4OPzO3iown9 VR+vM+8lNx9OX28CAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIBBAQTTDJ1TXlmZkJO VWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQEEBQADgYEAXcrIlKmPLM/r8r3oz2ZLPLaT1AyMjYTZY2qq/R7SUtFa9BNlTIFh DG78QKfJ9lo2LMzTPQqMZgNLmj95GbNPI8P8OIq2K6MeCZWz08ROackqTFP6xWbIFIfXcBVR 1dZnDDyDKBBh05KkvyTPawSQyOBUeNBfQUyO4TE+3o58U8UwggM5MIICoqADAgECAgMIJUEw DQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MDAeFw0wMjA4MjQxODUzMzlaFw0wMzA4MjQxODUzMzlaMFQxDzANBgNVBAQTBkVnZ2VydDEN MAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkqhkiG9w0BCQEWDWxh cnNlQGlzaS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSNka7eIIGkPyK zrA3jpth+P0eRUSC+iYw2N0rRGqIKda9t1ip4kNVY/fDbuVsZWmdyGptyXp+U+uh/Lu67TDa SuKgHgBqAbFXsla9fgkxXrr/psQoewbwScIS3ZtMw2qA09OWCmGWqrbE/hdvOhViUIN9V7X/ r0yi1Vax3LGn57XsmpdjRLewHMmWX47FS8Madi6t3MGH0UEaKO/8glc0ux7IDOo5mzuLWhDK OMgtq6Z1G1hFAg02gmIKQF8wJaIjZOxg4dMM9rOWUpx0bzUgTAIwpqTbUmB31xSNQDcK66xy CexIvN/lzd9j1mODj8zt4qMJ/VUfrzPvJTcfTl9vAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIB ADAaMBgCAQQEE0wydU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVk dTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBAF3KyJSpjyzP6/K96M9mSzy2k9QM jI2E2WNqqv0e0lLRWvQTZUyBYQxu/ECnyfZaNizM0z0KjGYDS5o/eRmzTyPD/DiKtiujHgmV s9PETmnJKkxT+sVmyBSH13AVUdXWZww8gygQYdOSpL8kz2sEkMjgVHjQX0FMjuExPt6OfFPF MYIDJzCCAyMCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDCCVBMAkGBSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI hvcNAQkFMQ8XDTAyMTAwMTE2NTAyNFowIwYJKoZIhvcNAQkEMRYEFH1XN9T+Ki3xvG8Gy9Gs xySBJfTHMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0G CCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0BCRACCzGB naCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZp Y2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMIJUEwDQYJ KoZIhvcNAQEBBQAEggEAPkvB3wuNvc5NNBDifUN19s/ve7kLUU64xa0MoqlkWT9oPfgmjwMl CpOW/uu3qhOeppWhiX0QWDGVecBaOqNj/Oq8itD+cF1/GWRWb8e+4BYWpZzePWehazlIhwgM QjElnFBWEamXSwg1h9gqpOrzJ9DXIUc/2xT7YmkQI3befX8q8/kT2BNsIiiYKj+RAHdRogA8 tn9pJg2v0nZxUwJH+H6mRkl+cd+6HC9Dc8Pfg3Y/t2jMO11aBofG6bJmNVobbUQaPZDxDtqT Wcxe4b7sJFrZPPRSFPUj+xoGCd9XP7lItergaS94n/FX/rdkNDT6XTJ5f5OOowblbLvfd3oh zAAAAAAAAA== --------------ms020401070307060301030608-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 10:14:35 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 16EAA37B404 for ; Tue, 1 Oct 2002 10:14:34 -0700 (PDT) Received: from genius.tao.org.uk (genius.tao.org.uk [212.135.162.51]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BE9743E81 for ; Tue, 1 Oct 2002 10:14:33 -0700 (PDT) (envelope-from joe@genius.tao.org.uk) Received: by genius.tao.org.uk (Postfix, from userid 100) id C6D7A420E; Tue, 1 Oct 2002 18:14:15 +0100 (BST) Date: Tue, 1 Oct 2002 18:14:15 +0100 From: Josef Karthauser To: Maksim Yevmenkin Cc: Julian Elischer , current@freebsd.net, net@freebsd.org Subject: Re: Bluetooth stack for FreeBSD Message-ID: <20021001171415.GA1361@genius.tao.org.uk> Mail-Followup-To: Josef Karthauser , Maksim Yevmenkin , Julian Elischer , current@freebsd.net, net@freebsd.org References: <20021001164208.3690.qmail@web40312.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="vtzGhvizbBRQ85DL" Content-Disposition: inline In-Reply-To: <20021001164208.3690.qmail@web40312.mail.yahoo.com> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --vtzGhvizbBRQ85DL Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Oct 01, 2002 at 09:42:08AM -0700, Maksim Yevmenkin wrote: > Hello Julian, >=20 > Sorry to bug you, but are you still interested in this? Not sure if you > were following but the latest snapshot (2002/09/22) is available for down= load > at http://www.geocities.com/m_evmenkin/ >=20 > I asking because you are the only person who has some interest and actual= ly > looked at the code. Also NetBSD folks (Lennart Augustsson) seem to work on > Bluetooth too. Is it better for FreeBSD to wait until NetBSD stack is done > and then port it back? >=20 I've not taken a look at the blue tooth stuff in NetBSD, but if you're working in this area you ought to take a look at their code yourself to see how far they've got. Joe --=20 "As far as the laws of mathematics refer to reality, they are not certain; and as far as they are certain, they do not refer to reality." - Albert Einstein, 1921 --vtzGhvizbBRQ85DL Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iEYEARECAAYFAj2Z1+YACgkQXVIcjOaxUBZl2gCgtJr4nSbc9u3eqBV/EKdwWftN ZasAnAxrPjni0wAHj0x/RoVht/tosvZA =Rv1+ -----END PGP SIGNATURE----- --vtzGhvizbBRQ85DL-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 10:26:36 2002 Delivered-To: freebsd-net@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 931) id 7F27E37B401; Tue, 1 Oct 2002 10:26:34 -0700 (PDT) Date: Tue, 1 Oct 2002 10:26:34 -0700 From: Juli Mallett To: Marc Ernst Eddy van Woerkom Cc: freebsd-net@freebsd.org Subject: Re: Intel PRO/100 S Message-ID: <20021001102634.A15140@FreeBSD.org> References: <200210011633.g91GXDp24050@bonsai.fernuni-hagen.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <200210011633.g91GXDp24050@bonsai.fernuni-hagen.de>; from Marc.Vanwoerkom@FernUni-Hagen.de on Tue, Oct 01, 2002 at 06:33:13PM +0200 Organisation: The FreeBSD Project X-Alternate-Addresses: , , , , X-Towel: Yes X-LiveJournal: flata, jmallett X-Negacore: Yes Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * De: Marc Ernst Eddy van Woerkom [ Data: 2002-10-01 ] [ Subjecte: Intel PRO/100 S ] > Hi, > > yesterday I bought a network card to connect a second PC > to my old machine. > They had only one type of card in the store so I bought it anyway, > despite its rather high price of 37 Euro. > > Today I took a closer look. > It is an Intel PRO/100 S board packaged in > plastic pack, without docs. > It comes with 3 wire cable labeled > "BIZLINK" and has "TRIPLE DES" on a label. > > As far as I can tell from a bit of Google > research, it features hardware encryprtion/decryption. > > Questions: > - Can I use it under FreeBSD? Yes, as an fxp(4). > - Can I make use of that hardware acceleration? Not under FreeBSD. > - What is the 3 wire cable for? For WOL. > > Regards, > Marc > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Juli Mallett | FreeBSD: The Power To Serve Will break world for fulltime employment. | finger jmallett@FreeBSD.org http://people.FreeBSD.org/~jmallett/ | Support my FreeBSD hacking! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 10:52:52 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A091D37B401 for ; Tue, 1 Oct 2002 10:52:50 -0700 (PDT) Received: from rerun.avayactc.com (rerun.avayactc.com [199.93.237.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5D9E243E3B for ; Tue, 1 Oct 2002 10:52:49 -0700 (PDT) (envelope-from mcambria@avaya.com) Received: by rerun.avayactc.com with Internet Mail Service (5.5.2653.19) id ; Tue, 1 Oct 2002 13:51:11 -0400 Message-ID: <3A6D367EA1EFD4118C9B00A0C9DD99D7E4EE06@rerun.avayactc.com> From: "Cambria, Mike" To: "'freebsd-net@freebsd.org'" Subject: IPsec & Multiple WAN links Date: Tue, 1 Oct 2002 13:51:03 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I've been running FreeBSD on 2 boxes, each with their own WAN links for over 18 months or so. Each box has its own WAN link (one uses T1 leased line to a remote site, the other uses DSL to an ISP.) The ISP link runs IPsec and racoon The other end of the IPsec tunnel is a VPN appliance. The ISP (and IPsec tunnels) is used to backup the T1. I now want to move both WAN links to one FreeBSD box (in time on Soekris HW.) I am having trouble duplicating the desired IPsec policies when both WAN links are in one box, and only one needs (should) have IPsec enabled on it. How can I define a SPD for just the interface that I need? Using setkey, spdadd doesn't let me specify which interface IPsec is to be defined for. Before: With the working config, (i.e. two boxes), since there is only one WAN link per box, the SPD (and IPsec) only exist on the box connected to the Internet. When a packet destine to a subnet routes via the T1 "leased line" box, (the normal case) things work. When this T1 is up, routing makes this the shortest path. When a packet destined to this same subnet follows the default route to the IPsec box, (e.g. T1 link is down) the SPD on the FreeBSD box applies the defined IPsec policy (e.g. tunnel & 3DES) and sends the packet to the VPN appliance at the other end of the tunnel. After: When both WAN links are in one box, the packet is always encrypted and send to the tunnel endpoint, but via the T1 link. Since the tunnel endpoint is the public side of the VPN appliance, the packet is dropped as it reaches that device via the private Ethernet port. (This is today, after I had the firewall at the remote end of the T1 stop dropping IPsec packets.) I'm running 4.6-Stable (cvsup'ed both source & ports after 4.6.2). Thanks, MikeC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 13: 7:20 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B4C937B401 for ; Tue, 1 Oct 2002 13:07:18 -0700 (PDT) Received: from mx2.nersc.gov (mx2.nersc.gov [128.55.6.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BD5D43E4A for ; Tue, 1 Oct 2002 13:07:18 -0700 (PDT) (envelope-from dart@nersc.gov) Received: from mx2.nersc.gov (localhost [127.0.0.1]) by localhost.nersc.gov (Postfix) with ESMTP id CEBF0593C for ; Tue, 1 Oct 2002 12:44:56 -0700 (PDT) Received: from gemini.nersc.gov (gemini.nersc.gov [128.55.16.111]) by mx2.nersc.gov (Postfix) with ESMTP id 970545936 for ; Tue, 1 Oct 2002 12:44:55 -0700 (PDT) Received: from gemini.nersc.gov (localhost [127.0.0.1]) by gemini.nersc.gov (Postfix) with ESMTP id 552A33B1AE for ; Tue, 1 Oct 2002 12:44:55 -0700 (PDT) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: net@freebsd.org Subject: limit to data in flight Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_1318550241P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Tue, 01 Oct 2002 12:44:55 -0700 From: Eli Dart Message-Id: <20021001194455.552A33B1AE@gemini.nersc.gov> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --==_Exmh_1318550241P Content-Type: text/plain; charset=us-ascii Hi all, I'm seeing something strange here... I have a freebsd box running iperf (4.6-RELEASE-p1, iperf 1.6.2 with pthreads patches). When attempting to use a 1MB tcp window, the box won't put more than 256kB in flight after the first connection to a given host. I seem to remember hearing/reading/whatever that freebsd keeps track of congestion stats for a route in the kernel routing table and primes the congestion window for new sockets to the same destination with the previous values (thus eliminating a congestion avoidance cycle on each new socket). High-bandwidth connections between the hosts in question (the other is a linux box of indeterminate recent version) do hit congestion the first time. However, in this particular case (since this is a test machine that we use to diagnose network problems) I'd like to be able to turn it off. I didn't see anything in sysctl that looked obvious, but I'm perfectly willing to believe I missed it. So, can this be turned off? Also, what is the timeout on this data in the kernel? Thanks! --eli ------------------------------------------------------------------------ Eli Dart Office: (510) 495-2999 NERSC Networking and Security Group Cell: (510) 703-4508 Lawrence Berkeley National Laboratory Fax: (510) 486-4316 PGP Key fingerprint = C970 F8D3 CFDD 8FFF 5486 343A 2D31 4478 5F82 B2B3 ------------------------------------------------------------------------ --==_Exmh_1318550241P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: This is a comment. iD8DBQE9mfs3LTFEeF+CsrMRApNtAJ91gjpPKcyzAbA3kP/B3rRBxvYYwACeLXPM kzNpTNjLg0sq7MdycvG++Bk= =Oe6o -----END PGP SIGNATURE----- --==_Exmh_1318550241P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 17: 6:59 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6F2A437B401 for ; Tue, 1 Oct 2002 17:06:58 -0700 (PDT) Received: from web21110.mail.yahoo.com (web21110.mail.yahoo.com [216.136.227.112]) by mx1.FreeBSD.org (Postfix) with SMTP id 2F0B843E42 for ; Tue, 1 Oct 2002 17:06:58 -0700 (PDT) (envelope-from geekvinod@yahoo.com) Message-ID: <20021002000657.55875.qmail@web21110.mail.yahoo.com> Received: from [152.15.26.29] by web21110.mail.yahoo.com via HTTP; Tue, 01 Oct 2002 17:06:57 PDT Date: Tue, 1 Oct 2002 17:06:57 -0700 (PDT) From: Vinod Subject: Dummynet Usage Problems To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org i am sorry to ask such a simple question but however hard i have tried i am not getting 'dummynet' to work. i have proxy from which i would like to throttle the bandwidth of clients.the proxy acts as a router here. i use the commands ipfw add pipe 1 ip from any to 10.0.1.0/24 ipfw pipe 1 config bw 100Kbit/s but i still dont see any reduction in bw.its the same high bw it used to be.Am i doing anything wrong? I have read the docs well and i thought the above commands should work for me. Thanks in advance, Vinod __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 17:13:41 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 79F6E37B401 for ; Tue, 1 Oct 2002 17:13:38 -0700 (PDT) Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B36343E81 for ; Tue, 1 Oct 2002 17:13:38 -0700 (PDT) (envelope-from larse@ISI.EDU) Received: from isi.edu (nik.isi.edu [128.9.168.58]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id g920DXC17785; Tue, 1 Oct 2002 17:13:33 -0700 (PDT) Message-ID: <3D9A3A2C.4090205@isi.edu> Date: Tue, 01 Oct 2002 17:13:32 -0700 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, de-de MIME-Version: 1.0 To: Vinod Cc: freebsd-net@freebsd.org Subject: Re: Dummynet Usage Problems References: <20021002000657.55875.qmail@web21110.mail.yahoo.com> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms020301040108040507060702" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------ms020301040108040507060702 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Vinod wrote: > i have proxy from which i would like to throttle the > bandwidth of clients.the proxy acts as a router here. > > i use the commands > ipfw add pipe 1 ip from any to 10.0.1.0/24 > ipfw pipe 1 config bw 100Kbit/s > > but i still dont see any reduction in bw.its the same > high bw it used to be.Am i doing anything wrong? > I have read the docs well and i thought the above > commands should work for me. What does your topology look like? What are your other firewall rules? How do you measure bandwidth? Lars -- Lars Eggert USC Information Sciences Institute --------------ms020301040108040507060702 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJtjCC AzgwggKhoAMCAQICEGZFcrfMdPXPY3ZFhNAukQEwDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkG CSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMDA4MzAwMDAw MDBaFw0wNDA4MjcyMzU5NTlaMIGSMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUQ2Vy dGlmaWNhdGUgU2VydmljZXMxKDAmBgNVBAMTH1BlcnNvbmFsIEZyZWVtYWlsIFJTQSAyMDAw LjguMzAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4zMqZjxwklRT7SbngnZ4HF2ogZ gpcO40QpimM1Km1wPPrcrvfudG8wvDOQf/k0caCjbZjxw0+iZdsN+kvx1t1hpfmFzVWaNRqd knWoJ67Ycvm6AvbXsJHeHOmr4BgDqHxDQlBRh4M88Dm0m1SKE4f/s5udSWYALQmJ7JRr6aFp AgMBAAGjTjBMMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwxLTI5NzAS BgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOBgQAxsUtH XfkBceX1U2xdedY9mMAmE2KBIqcS+CKV6BtJtyd7BDm6/ObyJOuR+r3sDSo491BVqGz3Da1M G7wD9LXrokefbKIMWI0xQgkRbLAaadErErJAXWr5edDqLiXdiuT82w0fnQLzWtvKPPZE6iZp h39Ins6ln+eE2MliYq0FxjCCAzkwggKioAMCAQICAwglQTANBgkqhkiG9w0BAQQFADCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwMB4XDTAyMDgyNDE4NTMzOVoX DTAzMDgyNDE4NTMzOVowVDEPMA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYD VQQDEwtMYXJzIEVnZ2VydDEcMBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANI2Rrt4ggaQ/IrOsDeOm2H4/R5FRIL6JjDY3StE aogp1r23WKniQ1Vj98Nu5WxlaZ3Iam3Jen5T66H8u7rtMNpK4qAeAGoBsVeyVr1+CTFeuv+m xCh7BvBJwhLdm0zDaoDT05YKYZaqtsT+F286FWJQg31Xtf+vTKLVVrHcsafnteyal2NEt7Ac yZZfjsVLwxp2Lq3cwYfRQRoo7/yCVzS7HsgM6jmbO4taEMo4yC2rpnUbWEUCDTaCYgpAXzAl oiNk7GDh0wz2s5ZSnHRvNSBMAjCmpNtSYHfXFI1ANwrrrHIJ7Ei83+XN32PWY4OPzO3iown9 VR+vM+8lNx9OX28CAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIBBAQTTDJ1TXlmZkJO VWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQEEBQADgYEAXcrIlKmPLM/r8r3oz2ZLPLaT1AyMjYTZY2qq/R7SUtFa9BNlTIFh DG78QKfJ9lo2LMzTPQqMZgNLmj95GbNPI8P8OIq2K6MeCZWz08ROackqTFP6xWbIFIfXcBVR 1dZnDDyDKBBh05KkvyTPawSQyOBUeNBfQUyO4TE+3o58U8UwggM5MIICoqADAgECAgMIJUEw DQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MDAeFw0wMjA4MjQxODUzMzlaFw0wMzA4MjQxODUzMzlaMFQxDzANBgNVBAQTBkVnZ2VydDEN MAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkqhkiG9w0BCQEWDWxh cnNlQGlzaS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSNka7eIIGkPyK zrA3jpth+P0eRUSC+iYw2N0rRGqIKda9t1ip4kNVY/fDbuVsZWmdyGptyXp+U+uh/Lu67TDa SuKgHgBqAbFXsla9fgkxXrr/psQoewbwScIS3ZtMw2qA09OWCmGWqrbE/hdvOhViUIN9V7X/ r0yi1Vax3LGn57XsmpdjRLewHMmWX47FS8Madi6t3MGH0UEaKO/8glc0ux7IDOo5mzuLWhDK OMgtq6Z1G1hFAg02gmIKQF8wJaIjZOxg4dMM9rOWUpx0bzUgTAIwpqTbUmB31xSNQDcK66xy CexIvN/lzd9j1mODj8zt4qMJ/VUfrzPvJTcfTl9vAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIB ADAaMBgCAQQEE0wydU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVk dTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBAF3KyJSpjyzP6/K96M9mSzy2k9QM jI2E2WNqqv0e0lLRWvQTZUyBYQxu/ECnyfZaNizM0z0KjGYDS5o/eRmzTyPD/DiKtiujHgmV s9PETmnJKkxT+sVmyBSH13AVUdXWZww8gygQYdOSpL8kz2sEkMjgVHjQX0FMjuExPt6OfFPF MYIDJzCCAyMCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDCCVBMAkGBSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI hvcNAQkFMQ8XDTAyMTAwMjAwMTMzMlowIwYJKoZIhvcNAQkEMRYEFMhX1sl9K+6n8HRyzJyT 9hzy/n/XMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0G CCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0BCRACCzGB naCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZp Y2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMIJUEwDQYJ KoZIhvcNAQEBBQAEggEAizbNZxjqDwrbhGb4QfajkWDVIrox+I65H+tFGL3tCk7nXlwCQGkx meK0QHBF3cmOgDo6js6+aEN5r4B5vlCyWnYV+b6G6hdEf2asTevqZUT9hy3amp2vHbgBhSul 6g7+jDNBu6CLTp5IVswIuflp1GjKZORAVbLWrqJbm0O8xBt7DlpGLVDmaPcAwfZu77lSZ8uF /Ud+NEAq9jTExtCsaL+sH34q28MAC2iPr6LJDrUGntDyf/m107iVdzwgmVzbKMt9cXL6MR51 dXSncyh7cstFGR6sJS6jz4bYss1HV8CBFoe/THz/gVV38agxWb23wFtKliaIoA0BKXHTcP8c qAAAAAAAAA== --------------ms020301040108040507060702-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 17:25:32 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A91037B401 for ; Tue, 1 Oct 2002 17:25:30 -0700 (PDT) Received: from web21110.mail.yahoo.com (web21110.mail.yahoo.com [216.136.227.112]) by mx1.FreeBSD.org (Postfix) with SMTP id C987E43E6A for ; Tue, 1 Oct 2002 17:25:29 -0700 (PDT) (envelope-from geekvinod@yahoo.com) Message-ID: <20021002002529.58579.qmail@web21110.mail.yahoo.com> Received: from [152.15.26.29] by web21110.mail.yahoo.com via HTTP; Tue, 01 Oct 2002 17:25:29 PDT Date: Tue, 1 Oct 2002 17:25:29 -0700 (PDT) From: Vinod Subject: Re: Dummynet Usage Problems To: Lars Eggert Cc: freebsd-net@freebsd.org In-Reply-To: <3D9A3A2C.4090205@isi.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org my topology loks like this: 10.0.0.8 _ _ _ Video Server | outside----switch---------proxy---------------clients 10.0.0.2 10.0.1.1 10.0.1.0/24 i dont have any other firewall rules.I am using Dummynet just as a packet filtering mechanism to throttle the bandwidth to certain clients.Its part of a research project. I play streaming videos(from the video server) at the clients using realplayer and the realplayer shows what bandwidth i am getting. Thanks, Vinod --- Lars Eggert wrote: > Vinod wrote: > > i have proxy from which i would like to throttle > the > > bandwidth of clients.the proxy acts as a router > here. > > > > i use the commands > > ipfw add pipe 1 ip from any to 10.0.1.0/24 > > ipfw pipe 1 config bw 100Kbit/s > > > > but i still dont see any reduction in bw.its the > same > > high bw it used to be.Am i doing anything wrong? > > I have read the docs well and i thought the above > > commands should work for me. > > What does your topology look like? > What are your other firewall rules? > How do you measure bandwidth? > > Lars > -- > Lars Eggert USC > Information Sciences Institute > > ATTACHMENT part 2 application/x-pkcs7-signature name=smime.p7s __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 17:27:41 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A7D2037B404 for ; Tue, 1 Oct 2002 17:27:37 -0700 (PDT) Received: from mx2.nersc.gov (mx2.nersc.gov [128.55.6.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id EEBAF43E6E for ; Tue, 1 Oct 2002 17:27:35 -0700 (PDT) (envelope-from dart@nersc.gov) Received: from mx2.nersc.gov (localhost [127.0.0.1]) by localhost.nersc.gov (Postfix) with ESMTP id 12B9B593C for ; Tue, 1 Oct 2002 17:27:35 -0700 (PDT) Received: from gemini.nersc.gov (gemini.nersc.gov [128.55.16.111]) by mx2.nersc.gov (Postfix) with ESMTP id 9D8335936 for ; Tue, 1 Oct 2002 17:27:34 -0700 (PDT) Received: from gemini.nersc.gov (localhost [127.0.0.1]) by gemini.nersc.gov (Postfix) with ESMTP id 4AF843B1AE for ; Tue, 1 Oct 2002 17:27:34 -0700 (PDT) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: net@FreeBSD.ORG Subject: Re: limit to data in flight In-Reply-To: Message from Eli Dart of "Tue, 01 Oct 2002 12:44:55 PDT." <20021001194455.552A33B1AE@gemini.nersc.gov> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_-338114542P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Tue, 01 Oct 2002 17:27:34 -0700 From: Eli Dart Message-Id: <20021002002734.4AF843B1AE@gemini.nersc.gov> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --==_Exmh_-338114542P Content-Type: text/plain; charset=us-ascii Sorry to reply to my own post, but I have some updated info... It appears that a host route is being cloned from the default route. The host route has an ssthresh value associated with it, which is picked up by subsequent connections that use this route. We attempted to lock the ssthresh value at 0 (which would prevent its being used) by configuring the default route with an ssthresh of 0 and locking ssthresh. (route add -lock -ssthresh 0 default ) The first connection created a host route to the destination with rtt, ssthresh, etc identical to the default route, including the lock on ssthresh. Subsequent connections modified the value of ssthresh, even though there is a lock on it! After first test: # route get portal.astro.sunysb.edu route to: portal.astro.sunysb.edu destination: portal.astro.sunysb.edu gateway: ernersc-128 interface: sk0 flags: recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire 0 0 0L 0 0 0 1500 0 # route monitor (now run the second test) got message of size 196 on Tue Oct 1 16:12:08 2002 RTM_GET: Report Metrics: len 196, pid: 184, seq 1, errno 0, flags: locks: inits: sockaddrs: portal.astro.sunysb.edu ernersc-128 sk0:0.0.5a.99.73.64 iperf ^C # route get portal.astro.sunysb.edu route to: portal.astro.sunysb.edu destination: portal.astro.sunysb.edu gateway: ernersc-128 interface: sk0 flags: recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire 0 0 221712L 72 2 0 1500 0 So, it appears that the lock is not being honored. Do I have this right, or am I missing something somewhere? We've found a workaround for now: edit /usr/src/sys/netinet/tcp_input.c thusly: *** tcp_input.c.cya Tue Oct 1 15:57:35 2002 --- tcp_input.c Tue Oct 1 16:17:55 2002 *************** *** 2649,2664 **** else tp->snd_cwnd = mss * ss_fltsz; ! if (rt->rt_rmx.rmx_ssthresh) { /* * There's some sort of gateway or interface * buffer limit on the path. Use this to set * the slow start threshhold, but set the * threshold to no less than 2*mss. */ ! tp->snd_ssthresh = max(2 * mss, rt->rt_rmx.rmx_ssthresh); ! tcpstat.tcps_usedssthresh++; ! } } /* --- 2649,2664 ---- else tp->snd_cwnd = mss * ss_fltsz; ! /* if (rt->rt_rmx.rmx_ssthresh) { */ /* * There's some sort of gateway or interface * buffer limit on the path. Use this to set * the slow start threshhold, but set the * threshold to no less than 2*mss. */ ! /* tp->snd_ssthresh = max(2 * mss, rt->rt_rmx.rmx_ssthresh); */ ! /* tcpstat.tcps_usedssthresh++; */ ! /* } */ } /* All this does is make the tcp socket ignore any ssthresh value set on the route....it's like cutting chopsticks with a chainsaw.... Should the lock be preventing updates to ssthresh for that route? Or, am I misinterpreting something? --eli In reply to Eli Dart : > > --==_Exmh_1318550241P > Content-Type: text/plain; charset=us-ascii > > Hi all, > > I'm seeing something strange here... I have a freebsd box running > iperf (4.6-RELEASE-p1, iperf 1.6.2 with pthreads patches). When > attempting to use a 1MB tcp window, the box won't put more than 256kB > in flight after the first connection to a given host. > > I seem to remember hearing/reading/whatever that freebsd keeps track > of congestion stats for a route in the kernel routing table and > primes the congestion window for new sockets to the same destination > with the previous values (thus eliminating a congestion avoidance > cycle on each new socket). High-bandwidth connections between the > hosts in question (the other is a linux box of indeterminate recent > version) do hit congestion the first time. > > However, in this particular case (since this is a test machine that > we use to diagnose network problems) I'd like to be able to turn it > off. I didn't see anything in sysctl that looked obvious, but I'm > perfectly willing to believe I missed it. > > So, can this be turned off? Also, what is the timeout on this data > in the kernel? > > Thanks! > > --eli --==_Exmh_-338114542P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: This is a comment. iD8DBQE9mj12LTFEeF+CsrMRAkU1AKDeLrtOve/DxN9eR+JU//HGIjjp9ACaA0Al +YwC+hNDo7zxWvi/OT8ZDUU= =f0oJ -----END PGP SIGNATURE----- --==_Exmh_-338114542P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 17:40:19 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06FAC37B401 for ; Tue, 1 Oct 2002 17:40:16 -0700 (PDT) Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64AEA43E3B for ; Tue, 1 Oct 2002 17:40:15 -0700 (PDT) (envelope-from larse@ISI.EDU) Received: from isi.edu (nik.isi.edu [128.9.168.58]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id g920eDC05456; Tue, 1 Oct 2002 17:40:13 -0700 (PDT) Message-ID: <3D9A406D.6070209@isi.edu> Date: Tue, 01 Oct 2002 17:40:13 -0700 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, de-de MIME-Version: 1.0 To: Vinod Cc: freebsd-net@freebsd.org Subject: Re: Dummynet Usage Problems References: <20021002002529.58579.qmail@web21110.mail.yahoo.com> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms080208090608010205080402" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------ms080208090608010205080402 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Vinod wrote: > my topology loks like this: > > 10.0.0.8 > _ _ _ Video Server > | > outside----switch---------proxy---------------clients > 10.0.0.2 10.0.1.1 10.0.1.0/24 > > i dont have any other firewall rules.I am using > Dummynet just as a packet filtering mechanism to > throttle the bandwidth to certain clients.Its part of > a research project. > I play streaming videos(from the video server) at the > clients using realplayer and the realplayer shows what > bandwidth i am getting. ... >> >>>i use the commands >>>ipfw add pipe 1 ip from any to 10.0.1.0/24 >>>ipfw pipe 1 config bw 100Kbit/s That looks OK. What does "ipfw show" print? Lars -- Lars Eggert USC Information Sciences Institute --------------ms080208090608010205080402 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJtjCC AzgwggKhoAMCAQICEGZFcrfMdPXPY3ZFhNAukQEwDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkG CSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMDA4MzAwMDAw MDBaFw0wNDA4MjcyMzU5NTlaMIGSMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUQ2Vy dGlmaWNhdGUgU2VydmljZXMxKDAmBgNVBAMTH1BlcnNvbmFsIEZyZWVtYWlsIFJTQSAyMDAw LjguMzAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4zMqZjxwklRT7SbngnZ4HF2ogZ gpcO40QpimM1Km1wPPrcrvfudG8wvDOQf/k0caCjbZjxw0+iZdsN+kvx1t1hpfmFzVWaNRqd knWoJ67Ycvm6AvbXsJHeHOmr4BgDqHxDQlBRh4M88Dm0m1SKE4f/s5udSWYALQmJ7JRr6aFp AgMBAAGjTjBMMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwxLTI5NzAS BgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOBgQAxsUtH XfkBceX1U2xdedY9mMAmE2KBIqcS+CKV6BtJtyd7BDm6/ObyJOuR+r3sDSo491BVqGz3Da1M G7wD9LXrokefbKIMWI0xQgkRbLAaadErErJAXWr5edDqLiXdiuT82w0fnQLzWtvKPPZE6iZp h39Ins6ln+eE2MliYq0FxjCCAzkwggKioAMCAQICAwglQTANBgkqhkiG9w0BAQQFADCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwMB4XDTAyMDgyNDE4NTMzOVoX DTAzMDgyNDE4NTMzOVowVDEPMA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYD VQQDEwtMYXJzIEVnZ2VydDEcMBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANI2Rrt4ggaQ/IrOsDeOm2H4/R5FRIL6JjDY3StE aogp1r23WKniQ1Vj98Nu5WxlaZ3Iam3Jen5T66H8u7rtMNpK4qAeAGoBsVeyVr1+CTFeuv+m xCh7BvBJwhLdm0zDaoDT05YKYZaqtsT+F286FWJQg31Xtf+vTKLVVrHcsafnteyal2NEt7Ac yZZfjsVLwxp2Lq3cwYfRQRoo7/yCVzS7HsgM6jmbO4taEMo4yC2rpnUbWEUCDTaCYgpAXzAl oiNk7GDh0wz2s5ZSnHRvNSBMAjCmpNtSYHfXFI1ANwrrrHIJ7Ei83+XN32PWY4OPzO3iown9 VR+vM+8lNx9OX28CAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIBBAQTTDJ1TXlmZkJO VWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQEEBQADgYEAXcrIlKmPLM/r8r3oz2ZLPLaT1AyMjYTZY2qq/R7SUtFa9BNlTIFh DG78QKfJ9lo2LMzTPQqMZgNLmj95GbNPI8P8OIq2K6MeCZWz08ROackqTFP6xWbIFIfXcBVR 1dZnDDyDKBBh05KkvyTPawSQyOBUeNBfQUyO4TE+3o58U8UwggM5MIICoqADAgECAgMIJUEw DQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MDAeFw0wMjA4MjQxODUzMzlaFw0wMzA4MjQxODUzMzlaMFQxDzANBgNVBAQTBkVnZ2VydDEN MAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkqhkiG9w0BCQEWDWxh cnNlQGlzaS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSNka7eIIGkPyK zrA3jpth+P0eRUSC+iYw2N0rRGqIKda9t1ip4kNVY/fDbuVsZWmdyGptyXp+U+uh/Lu67TDa SuKgHgBqAbFXsla9fgkxXrr/psQoewbwScIS3ZtMw2qA09OWCmGWqrbE/hdvOhViUIN9V7X/ r0yi1Vax3LGn57XsmpdjRLewHMmWX47FS8Madi6t3MGH0UEaKO/8glc0ux7IDOo5mzuLWhDK OMgtq6Z1G1hFAg02gmIKQF8wJaIjZOxg4dMM9rOWUpx0bzUgTAIwpqTbUmB31xSNQDcK66xy CexIvN/lzd9j1mODj8zt4qMJ/VUfrzPvJTcfTl9vAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIB ADAaMBgCAQQEE0wydU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVk dTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBAF3KyJSpjyzP6/K96M9mSzy2k9QM jI2E2WNqqv0e0lLRWvQTZUyBYQxu/ECnyfZaNizM0z0KjGYDS5o/eRmzTyPD/DiKtiujHgmV s9PETmnJKkxT+sVmyBSH13AVUdXWZww8gygQYdOSpL8kz2sEkMjgVHjQX0FMjuExPt6OfFPF MYIDJzCCAyMCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDCCVBMAkGBSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI hvcNAQkFMQ8XDTAyMTAwMjAwNDAxM1owIwYJKoZIhvcNAQkEMRYEFBE900RatWP2xK+62OMz oyiNoU+vMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0G CCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0BCRACCzGB naCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZp Y2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMIJUEwDQYJ KoZIhvcNAQEBBQAEggEArufqrXxKRSw+ZUiiZxbKfd0FqczBgVBJYdS1CcKq3yv3gEAo1IJ0 KKgcI+QCTraLlVy+EQX3jufWq3W/KwnNEPXHOSmzTS/OhQyYF6shbVt/oTezbLXbx9jkDhsD 6DPvmLMtSdqWX+Qy9eSDfoZbRuWw/EpzZrbQb/xZLPprVFhkp44FzaJbCtwjT9poUXKDZlKb d4miHw7c5nH+LLnwQZI1tsQ1LCtPl3vqtr5z8ZFecFF4WP+pePwHj0pWt/C0etfocI86i1dp V4O5nH+nnOEUZNzs10nAf1bgciRx5ejyORZs/4TWh/x5MLdrzgv6KVJBRqWJgVlw/vE/LTbh dQAAAAAAAA== --------------ms080208090608010205080402-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 17:54:27 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3CE5F37B401 for ; Tue, 1 Oct 2002 17:54:25 -0700 (PDT) Received: from web21105.mail.yahoo.com (web21105.mail.yahoo.com [216.136.227.107]) by mx1.FreeBSD.org (Postfix) with SMTP id E7BE043E77 for ; Tue, 1 Oct 2002 17:54:24 -0700 (PDT) (envelope-from geekvinod@yahoo.com) Message-ID: <20021002005424.92854.qmail@web21105.mail.yahoo.com> Received: from [152.15.26.29] by web21105.mail.yahoo.com via HTTP; Tue, 01 Oct 2002 17:54:24 PDT Date: Tue, 1 Oct 2002 17:54:24 -0700 (PDT) From: Vinod Subject: Re: Dummynet Usage Problems To: Lars Eggert Cc: freebsd-net@freebsd.org In-Reply-To: <3D9A406D.6070209@isi.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ipfw pipe 1 show prints: 00001: 100.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 ->0x00000000/0x0000 Thanks, Vinod --- Lars Eggert wrote: > Vinod wrote: > > my topology loks like this: > > > > 10.0.0.8 > > _ _ _ Video Server > > | > > > outside----switch---------proxy---------------clients > > 10.0.0.2 10.0.1.1 > 10.0.1.0/24 > > > > i dont have any other firewall rules.I am using > > Dummynet just as a packet filtering mechanism to > > throttle the bandwidth to certain clients.Its part > of > > a research project. > > I play streaming videos(from the video server) at > the > > clients using realplayer and the realplayer shows > what > > bandwidth i am getting. > ... > >> > >>>i use the commands > >>>ipfw add pipe 1 ip from any to 10.0.1.0/24 > >>>ipfw pipe 1 config bw 100Kbit/s > > That looks OK. What does "ipfw show" print? > > Lars > -- > Lars Eggert USC > Information Sciences Institute > > ATTACHMENT part 2 application/x-pkcs7-signature name=smime.p7s __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 18: 0:26 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A4E937B401 for ; Tue, 1 Oct 2002 18:00:24 -0700 (PDT) Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id D3DBA43E42 for ; Tue, 1 Oct 2002 18:00:23 -0700 (PDT) (envelope-from larse@ISI.EDU) Received: from isi.edu (nik.isi.edu [128.9.168.58]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id g9210MC20388; Tue, 1 Oct 2002 18:00:22 -0700 (PDT) Message-ID: <3D9A4526.2070500@isi.edu> Date: Tue, 01 Oct 2002 18:00:22 -0700 From: Lars Eggert User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, de-de MIME-Version: 1.0 To: Vinod Cc: freebsd-net@freebsd.org Subject: Re: Dummynet Usage Problems References: <20021002005424.92854.qmail@web21105.mail.yahoo.com> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms090808020602090608080008" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------ms090808020602090608080008 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Vinod wrote: > --- Lars Eggert wrote: > >>That looks OK. What does "ipfw show" print? > > ipfw pipe 1 show prints: > > 00001: 100.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets) > droptail > mask: 0x00 0x00000000/0x0000 ->0x00000000/0x0000 *Just* "ipfw show" - I was wondering if your packets match the filter. Lars -- Lars Eggert USC Information Sciences Institute --------------ms090808020602090608080008 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJtjCC AzgwggKhoAMCAQICEGZFcrfMdPXPY3ZFhNAukQEwDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkG CSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMDA4MzAwMDAw MDBaFw0wNDA4MjcyMzU5NTlaMIGSMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUQ2Vy dGlmaWNhdGUgU2VydmljZXMxKDAmBgNVBAMTH1BlcnNvbmFsIEZyZWVtYWlsIFJTQSAyMDAw LjguMzAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4zMqZjxwklRT7SbngnZ4HF2ogZ gpcO40QpimM1Km1wPPrcrvfudG8wvDOQf/k0caCjbZjxw0+iZdsN+kvx1t1hpfmFzVWaNRqd knWoJ67Ycvm6AvbXsJHeHOmr4BgDqHxDQlBRh4M88Dm0m1SKE4f/s5udSWYALQmJ7JRr6aFp AgMBAAGjTjBMMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwxLTI5NzAS BgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOBgQAxsUtH XfkBceX1U2xdedY9mMAmE2KBIqcS+CKV6BtJtyd7BDm6/ObyJOuR+r3sDSo491BVqGz3Da1M G7wD9LXrokefbKIMWI0xQgkRbLAaadErErJAXWr5edDqLiXdiuT82w0fnQLzWtvKPPZE6iZp h39Ins6ln+eE2MliYq0FxjCCAzkwggKioAMCAQICAwglQTANBgkqhkiG9w0BAQQFADCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwMB4XDTAyMDgyNDE4NTMzOVoX DTAzMDgyNDE4NTMzOVowVDEPMA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYD VQQDEwtMYXJzIEVnZ2VydDEcMBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANI2Rrt4ggaQ/IrOsDeOm2H4/R5FRIL6JjDY3StE aogp1r23WKniQ1Vj98Nu5WxlaZ3Iam3Jen5T66H8u7rtMNpK4qAeAGoBsVeyVr1+CTFeuv+m xCh7BvBJwhLdm0zDaoDT05YKYZaqtsT+F286FWJQg31Xtf+vTKLVVrHcsafnteyal2NEt7Ac yZZfjsVLwxp2Lq3cwYfRQRoo7/yCVzS7HsgM6jmbO4taEMo4yC2rpnUbWEUCDTaCYgpAXzAl oiNk7GDh0wz2s5ZSnHRvNSBMAjCmpNtSYHfXFI1ANwrrrHIJ7Ei83+XN32PWY4OPzO3iown9 VR+vM+8lNx9OX28CAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIBBAQTTDJ1TXlmZkJO VWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQEEBQADgYEAXcrIlKmPLM/r8r3oz2ZLPLaT1AyMjYTZY2qq/R7SUtFa9BNlTIFh DG78QKfJ9lo2LMzTPQqMZgNLmj95GbNPI8P8OIq2K6MeCZWz08ROackqTFP6xWbIFIfXcBVR 1dZnDDyDKBBh05KkvyTPawSQyOBUeNBfQUyO4TE+3o58U8UwggM5MIICoqADAgECAgMIJUEw DQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MDAeFw0wMjA4MjQxODUzMzlaFw0wMzA4MjQxODUzMzlaMFQxDzANBgNVBAQTBkVnZ2VydDEN MAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkqhkiG9w0BCQEWDWxh cnNlQGlzaS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSNka7eIIGkPyK zrA3jpth+P0eRUSC+iYw2N0rRGqIKda9t1ip4kNVY/fDbuVsZWmdyGptyXp+U+uh/Lu67TDa SuKgHgBqAbFXsla9fgkxXrr/psQoewbwScIS3ZtMw2qA09OWCmGWqrbE/hdvOhViUIN9V7X/ r0yi1Vax3LGn57XsmpdjRLewHMmWX47FS8Madi6t3MGH0UEaKO/8glc0ux7IDOo5mzuLWhDK OMgtq6Z1G1hFAg02gmIKQF8wJaIjZOxg4dMM9rOWUpx0bzUgTAIwpqTbUmB31xSNQDcK66xy CexIvN/lzd9j1mODj8zt4qMJ/VUfrzPvJTcfTl9vAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIB ADAaMBgCAQQEE0wydU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVk dTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBAF3KyJSpjyzP6/K96M9mSzy2k9QM jI2E2WNqqv0e0lLRWvQTZUyBYQxu/ECnyfZaNizM0z0KjGYDS5o/eRmzTyPD/DiKtiujHgmV s9PETmnJKkxT+sVmyBSH13AVUdXWZww8gygQYdOSpL8kz2sEkMjgVHjQX0FMjuExPt6OfFPF MYIDJzCCAyMCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDCCVBMAkGBSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI hvcNAQkFMQ8XDTAyMTAwMjAxMDAyMlowIwYJKoZIhvcNAQkEMRYEFGxtpqfY4u+3iwwQ8SPl pDn6F3tuMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0G CCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0BCRACCzGB naCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZp Y2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMIJUEwDQYJ KoZIhvcNAQEBBQAEggEASH+Ew8zIbHqb0BSV6zD++k66Vwa/SO/HVYTPVtN2pIPmrqhTZEnx 56gwb7iv5ULTesCvQVaOUcqCxUdFfVafIZbKNXeIAX1LawbrxUliIOAGtKLQNMF3c61KxZmk yW7WsqW4F2MPyDz1TaWaikOkaj6rghnqgDYf8xlnHh1n7E9guwh5pMSzg+lNKO+THO9JNBHy YpCqnL5ydJ0CEEUUGyWpD21iTWNgp+j0nVnchSna7ymnCzo1PwJUSzupC5XOHX2+l3PBKueL bFO235m+GZGYmSW3dG+3hCCclEsg50aVAA+8XIwZtcgzz/u/tKaABW0ewioPqhBu5MhJ5quf 3wAAAAAAAA== --------------ms090808020602090608080008-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 20:25:13 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0BCBD37B401 for ; Tue, 1 Oct 2002 20:25:13 -0700 (PDT) Received: from out2.mx.nwbl.wi.voyager.net (out2.mx.nwbl.wi.voyager.net [169.207.3.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8355C43E6E for ; Tue, 1 Oct 2002 20:25:12 -0700 (PDT) (envelope-from silby@silby.com) Received: from pop4.nwbl.wi.voyager.net (pop4.nwbl.wi.voyager.net [169.207.2.83]) by out2.mx.nwbl.wi.voyager.net (Postfix) with ESMTP id DC35028108; Tue, 1 Oct 2002 22:25:11 -0500 (CDT) Received: from [10.1.1.6] (d106.as20.nwbl0.wi.voyager.net [169.207.138.106]) by pop4.nwbl.wi.voyager.net (8.10.2/8.10.2) with ESMTP id g923PAo84231; Tue, 1 Oct 2002 22:25:11 -0500 (CDT) Date: Tue, 1 Oct 2002 22:29:52 -0500 (CDT) From: Mike Silbersack To: Vinod Cc: freebsd-net@freebsd.org Subject: Re: Dummynet Usage Problems In-Reply-To: <20021002000657.55875.qmail@web21110.mail.yahoo.com> Message-ID: <20021001222912.T63557-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 1 Oct 2002, Vinod wrote: > i use the commands > ipfw add pipe 1 ip from any to 10.0.1.0/24 > ipfw pipe 1 config bw 100Kbit/s Make sure that you don't have ipfw allow all from any to any before the rule which adds pipe 1. If so, packets will never enter the pipe. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 1 21:13:42 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F32837B4E7 for ; Tue, 1 Oct 2002 21:13:40 -0700 (PDT) Received: from mail.ipfw.org (CPE00105a1bd83d.cpe.net.cable.rogers.com [24.112.74.128]) by mx1.FreeBSD.org (Postfix) with ESMTP id CE7C843E6A for ; Tue, 1 Oct 2002 21:13:39 -0700 (PDT) (envelope-from webbie@ipfw.org) Received: from apollo.objtech.com (apollo.objtech.com [192.168.111.5]) by mail.ipfw.org (Postfix) with ESMTP id B1663310C; Wed, 2 Oct 2002 00:13:38 -0400 (EDT) Date: Wed, 2 Oct 2002 00:13:39 -0400 From: Webbie X-Mailer: The Bat! (v1.60p) Reply-To: Webbie X-Priority: 3 (Normal) Message-ID: <324036804.20021002001339@ipfw.org> To: Andre Oppermann Cc: freebsd-net@freebsd.org, jeker@n-r-g.com Subject: Re: New natd available MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is great news, thank you guys. This is what I found during my testing. #1. Connecting from w2k behind the fbsd using VPN doesn't work. Using the original natd does not have this problem, #2. rdr, can we redirect udp as well? This is my conf file, divert port natd -> dp1 nat on dp1 from any to any -> interface xl1 rdr on dp1 from any to interface xl1 port 53 -> 192.168.222.1 port 53 and this is my command line /opt/natd/natd -dilrsvvvv -f /opt/natd/natd.conf I am happy to provide more information if required. > Hello all > > In the FreeBSD May-June 2002 Status Report we have announced a natd > rewrite to make it's configuration options more powerful and support > more ip addresses to nat to. > > The first functional preview is available here: > > http://diehard.n-r-g.com/stuff/freebsd/ > > Please check this out and test it with real traffic. We'd appreciate > any feedback about the syntax and any bugs. It'll get some more style > treatment before declaring it for full public consumption. > > Next in row is the tcphostcache in a couple of days. After that the > new routing table is coming. > > -- > Andre > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Webbie \\|// (o o) +-------------------------oOOo-(_)-oOOo-----------------------------+ EMail : mailto:webbie(at)ipfw(dot)org PGP Key : http://www.ipfw.org/pgpkey.txt PGP Fingerprint: 1379 3D8A 024E 3C0E 1962 4E12 3742 0684 C29C 3537 +-------------------------------------------------------------------+ ..disk or the processor is on fire. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 1:30:19 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0CD7637B401 for ; Wed, 2 Oct 2002 01:30:19 -0700 (PDT) Received: from mail.2com.ru (mail.2com.ru [195.98.161.18]) by mx1.FreeBSD.org (Postfix) with SMTP id 5DDDA43E42 for ; Wed, 2 Oct 2002 01:30:17 -0700 (PDT) (envelope-from eugene@2com.ru) Received: (qmail 52540 invoked from network); 2 Oct 2002 08:33:49 -0000 Received: from ws215.com2com.ru (HELO eugene) (195.98.160.215) by 0 with SMTP; 2 Oct 2002 08:33:49 -0000 Date: Wed, 2 Oct 2002 12:30:14 +0400 From: Eugene Vigovskiy X-Mailer: The Bat! (v1.53d) Reply-To: Eugene Vigovskiy Organization: 2Com X-Priority: 3 (Normal) Message-ID: <685362148.20021002123014@2com.ru> To: freebsd-net@FreeBSD.ORG Subject: Intel 82551 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello. I wonder if FreeBSD supports Intel 82551 NICs. Eugene Vigovskiy R&D Department To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 4:16: 4 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A094B37B401 for ; Wed, 2 Oct 2002 04:16:03 -0700 (PDT) Received: from lion.com.ua (lion.com.ua [213.133.161.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 68D1C43E65 for ; Wed, 2 Oct 2002 04:15:59 -0700 (PDT) (envelope-from sa@simon.org.ua) Received: from localhost (localhost [127.0.0.1]) by lion.com.ua (8.12.5/8.12.5) with ESMTP id g92BFgvI001118 for ; Wed, 2 Oct 2002 14:15:47 +0300 (EEST) (envelope-from sa@simon.org.ua) Date: Wed, 2 Oct 2002 14:15:42 +0300 (EEST) From: Andrey Simonenko X-X-Sender: sa@lion.com.ua To: freebsd-net@freebsd.org Subject: Q about sbin/ipfw2.c:list() Message-ID: <20021002141006.A1093-100000@lion.com.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, Why is it needed to check both r->rulenum and (void *)r < lim in sbin/ipfw2.c:list() ? /* * Count static rules. They have variable size so we * need to scan the list to count them. */ for (nstat = 1, r = data, lim = data + nbytes; r->rulenum < 65535 && (void *)r < lim; ++nstat, r = (void *)r + RULESIZE(r) ) ; /* nothing */ Can I simply check r->rulenum < 65535 as it is done in sbin/ipfw.c:list() ? TIA ps: please CC to my email. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 6:25:49 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ED3CC37B401 for ; Wed, 2 Oct 2002 06:25:47 -0700 (PDT) Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9DD4243E42 for ; Wed, 2 Oct 2002 06:25:47 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: from iguana.icir.org (localhost [127.0.0.1]) by iguana.icir.org (8.12.3/8.11.3) with ESMTP id g92DPkIb022434; Wed, 2 Oct 2002 06:25:46 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: (from rizzo@localhost) by iguana.icir.org (8.12.3/8.12.3/Submit) id g92DPkdE022433; Wed, 2 Oct 2002 06:25:46 -0700 (PDT) (envelope-from rizzo) Date: Wed, 2 Oct 2002 06:25:46 -0700 From: Luigi Rizzo To: Andrey Simonenko Cc: freebsd-net@FreeBSD.ORG Subject: Re: Q about sbin/ipfw2.c:list() Message-ID: <20021002062546.C22163@iguana.icir.org> References: <20021002141006.A1093-100000@lion.com.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20021002141006.A1093-100000@lion.com.ua>; from simon@simon.org.ua on Wed, Oct 02, 2002 at 02:15:42PM +0300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Oct 02, 2002 at 02:15:42PM +0300, Andrey Simonenko wrote: > Hello, > > Why is it needed to check both r->rulenum and (void *)r < lim in > sbin/ipfw2.c:list() ? because the buffer has a limited size (nbytes) and you don't want to read past it. However there is a bug in the code below, because you should swap the checks (void *)r < lim && r->rulenum < 65535 Whether ipfw1.c has the same bug or not i don't remember, but that is irrelevant anyways. cheers luigi > /* > * Count static rules. They have variable size so we > * need to scan the list to count them. > */ > for (nstat = 1, r = data, lim = data + nbytes; > r->rulenum < 65535 && (void *)r < lim; > ++nstat, r = (void *)r + RULESIZE(r) ) > ; /* nothing */ > > Can I simply check r->rulenum < 65535 as it is done in sbin/ipfw.c:list() > ? > > TIA > > ps: please CC to my email. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 6:31:35 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B472837B401 for ; Wed, 2 Oct 2002 06:31:33 -0700 (PDT) Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5E06743E4A for ; Wed, 2 Oct 2002 06:31:33 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: from iguana.icir.org (localhost [127.0.0.1]) by iguana.icir.org (8.12.3/8.11.3) with ESMTP id g92DVXIb022480; Wed, 2 Oct 2002 06:31:33 -0700 (PDT) (envelope-from rizzo@iguana.icir.org) Received: (from rizzo@localhost) by iguana.icir.org (8.12.3/8.12.3/Submit) id g92DVWXA022479; Wed, 2 Oct 2002 06:31:32 -0700 (PDT) (envelope-from rizzo) Date: Wed, 2 Oct 2002 06:31:32 -0700 From: Luigi Rizzo To: Lars Eggert Cc: Andre Oppermann , freebsd-net@FreeBSD.ORG, jeker@n-r-g.com Subject: Re: New natd available Message-ID: <20021002063132.D22163@iguana.icir.org> References: <3D9861CA.F3225DE7@pipeline.ch> <3D99D24F.60907@isi.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3D99D24F.60907@isi.edu>; from larse@ISI.EDU on Tue, Oct 01, 2002 at 09:50:23AM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Oct 01, 2002 at 09:50:23AM -0700, Lars Eggert wrote: > Andre Oppermann wrote: > > > > In the FreeBSD May-June 2002 Status Report we have announced a natd > > rewrite to make it's configuration options more powerful and support > > more ip addresses to nat to. > > I haven't had time to look at the new natd yet, but the old one would > easily get into a state where it ate up 100% of the CPU time (on our > local ISI network, which has admittedly lots of strange packets on it > from experiments.) > > http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/36183 says it was fixed > in 4.5, but I've seen it with 4.6 still (not sure if the same reasons > caused it though.) The PR you refer to probably has to do with the code looping on a write on a non-blocking socket in case of a write error. That has been fixed long ago, but because it was related to a misunderstanding of write() semantics on sockets (which are normally non-blocking unless the underlying protocol implements flow control e.g. TCP), it is not unreasonable that there might be more instances of the same problem. Another problem which might be what you are seeing is the following, which i already reported to Andre: One common complaint with the old libalias is that performance tends to trash with time -- this seems to be due to the very long timeout (24hrs ?) for sessions, coupled to the fact that newly created sesssions are appended to the end of the hash chains so over time the lookup times tend to become larger and larger. One easy fix to this behaviour is to move to the front of the hash chain a session descriptor upon a successful lookup. This keeps fresh sessions near the head of the chain while stale ones drift towards the end. according to Andre this has not been addressed in the new libalias yet. thanks luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 7:38: 8 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E400D37B401 for ; Wed, 2 Oct 2002 07:38:07 -0700 (PDT) Received: from insomnia.spc.org (insomnia.spc.org [195.224.94.183]) by mx1.FreeBSD.org (Postfix) with SMTP id D8E0843E3B for ; Wed, 2 Oct 2002 07:38:06 -0700 (PDT) (envelope-from bms@insomnia.spc.org) Received: (qmail 13017 invoked by uid 1031); 2 Oct 2002 14:33:45 -0000 Date: Wed, 2 Oct 2002 15:33:44 +0100 From: Bruce M Simpson To: Marc Ernst Eddy van Woerkom Cc: freebsd-net@freebsd.org Subject: Re: Intel PRO/100 S Message-ID: <20021002143344.GB27978@spc.org> Mail-Followup-To: Bruce M Simpson , Marc Ernst Eddy van Woerkom , freebsd-net@freebsd.org References: <200210011633.g91GXDp24050@bonsai.fernuni-hagen.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200210011633.g91GXDp24050@bonsai.fernuni-hagen.de> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Oct 01, 2002 at 06:33:13PM +0200, Marc Ernst Eddy van Woerkom wrote: > As far as I can tell from a bit of Google > research, it features hardware encryprtion/decryption. Check the BGA ASIC. If it's an 82550EY or 82550GY, it should be crypto capable. The 82559ED may also be crypto capable. There's many steppings of the chip in the D100 family... > - Can I use it under FreeBSD? Yes, as a regular fxp. > - Can I make use of that hardware acceleration? Not yet. It relies on as-yet undocumented hardware registers and TCB formats which Intel will not release documentation for without signing an NDA. > - What is the 3 wire cable for? Wake on LAN. BMS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 8:15:32 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B26337B401 for ; Wed, 2 Oct 2002 08:15:31 -0700 (PDT) Received: from scribble.fsn.hu (scribble.fsn.hu [193.224.40.95]) by mx1.FreeBSD.org (Postfix) with SMTP id 7E7C243E75 for ; Wed, 2 Oct 2002 08:15:29 -0700 (PDT) (envelope-from bra@fsn.hu) Received: (qmail 30786 invoked by uid 1000); 2 Oct 2002 15:15:33 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 2 Oct 2002 15:15:33 -0000 Date: Wed, 2 Oct 2002 17:15:33 +0200 (CEST) From: Attila Nagy To: Bruce M Simpson Cc: Marc Ernst Eddy van Woerkom , Subject: Re: Intel PRO/100 S In-Reply-To: <20021002143344.GB27978@spc.org> Message-ID: References: <200210011633.g91GXDp24050@bonsai.fernuni-hagen.de> <20021002143344.GB27978@spc.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, > > - Can I make use of that hardware acceleration? > Not yet. It relies on as-yet undocumented hardware registers and TCB > formats which Intel will not release documentation for without signing > an NDA. Just a stupid question: couldn't pdeuskar@ help on this topic? Or is it all about the source and not the docs? ----------[ Free Software ISOs - http://www.fsn.hu/?f=download ]---------- Attila Nagy e-mail: Attila.Nagy@fsn.hu Free Software Network (FSN.HU) phone @work: +361 210 1415 (194) cell.: +3630 306 6758 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 9:56:31 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 38FA637B401 for ; Wed, 2 Oct 2002 09:56:30 -0700 (PDT) Received: from tp.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9339843E3B for ; Wed, 2 Oct 2002 09:56:29 -0700 (PDT) (envelope-from barney@tp.databus.com) Received: from tp.databus.com (localhost.databus.com [127.0.0.1]) by tp.databus.com (8.12.6/8.12.6) with ESMTP id g92GuSE0075938; Wed, 2 Oct 2002 12:56:28 -0400 (EDT) (envelope-from barney@tp.databus.com) Received: (from barney@localhost) by tp.databus.com (8.12.6/8.12.6/Submit) id g92GuRgB075937; Wed, 2 Oct 2002 12:56:27 -0400 (EDT) Date: Wed, 2 Oct 2002 12:56:27 -0400 From: Barney Wolff To: Luigi Rizzo Cc: Andrey Simonenko , freebsd-net@FreeBSD.ORG Subject: Re: Q about sbin/ipfw2.c:list() Message-ID: <20021002165627.GA75843@tp.databus.com> References: <20021002141006.A1093-100000@lion.com.ua> <20021002062546.C22163@iguana.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021002062546.C22163@iguana.icir.org> User-Agent: Mutt/1.4i X-Scanned-By: MIMEDefang 2.21 (www . roaringpenguin . com / mimedefang) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hmmm. In ipfw1 there is always a rule 65535, unless I'm confused. Is that not true of ipfw2? In either case, should it or should it not be counted? Can it ever be deleted? Can one have multiple rules with the same number, as one can with ipfw1? What happens if there are multiple rules with number 65535? I know, UTSL. On Wed, Oct 02, 2002 at 06:25:46AM -0700, Luigi Rizzo wrote: > On Wed, Oct 02, 2002 at 02:15:42PM +0300, Andrey Simonenko wrote: > > Hello, > > > > Why is it needed to check both r->rulenum and (void *)r < lim in > > sbin/ipfw2.c:list() ? > > because the buffer has a limited size (nbytes) and you don't want > to read past it. However there is a bug in the code below, > because you should swap the checks (void *)r < lim && r->rulenum < 65535 > > Whether ipfw1.c has the same bug or not i don't remember, but that > is irrelevant anyways. -- Barney Wolff I'm available by contract or FT: http://www.databus.com/bwresume.pdf To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 11: 9: 0 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 18F6B37B404 for ; Wed, 2 Oct 2002 11:09:00 -0700 (PDT) Received: from gvr.gvr.org (gvr.gvr.org [212.61.40.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 78B4743E7B for ; Wed, 2 Oct 2002 11:08:58 -0700 (PDT) (envelope-from guido@gvr.org) Received: by gvr.gvr.org (Postfix, from userid 657) id E32B4D3; Wed, 2 Oct 2002 20:08:56 +0200 (CEST) Date: Wed, 2 Oct 2002 20:08:56 +0200 From: Guido van Rooij To: Julian Elischer Cc: freebsd-net@freebsd.org Subject: Re: non-transparent IPsec via a tun interface? Message-ID: <20021002180856.GA20868@gvr.gvr.org> References: <20021001122130.GA14155@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Oct 01, 2002 at 06:34:29AM -0700, Julian Elischer wrote: > I have done similar to this using teh GIF interface. > > Each tunnel between sites had a gif interface and I firewalled > for only ESP packets to and from the correct machines on the external > interface, and for correct packets for permitted protocols > and ports on the unencrypted data on the gif interfaces. Thanks. That worked. I already thought it should be possible with a gif interface, yet I always get confused with tunnels. -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 11:27:23 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A45A337B401 for ; Wed, 2 Oct 2002 11:27:22 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 47E0843E3B for ; Wed, 2 Oct 2002 11:27:20 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.12.4/8.12.4) with SMTP id g92IQoOo049024 for ; Wed, 2 Oct 2002 14:26:50 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Wed, 2 Oct 2002 14:26:49 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: net@FreeBSD.org Subject: NFS client code calls sosend() directly... Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I was groping around through the socket code today looking for more places to sprinkle mandatory access control magic, and noticed that in most parts of the system call and protocol-independent socket implementation, sosend() is never invoked directly: instead, pru_sosend() is invoked, and protocols have the option of implementing pru_sosend() using the central sosend(), or providing their own optimized implementation. However, the exception to this appears to be in the nfsclient code, where sosend is invoked directly on the socket: bootp_subr.c- bootp_subr.c: error = sosend(so, (struct sockaddr *) &dst, bootp_subr.c- &auio, NULL, NULL, 0, td); bootp_subr.c- if (error != 0) { ... krpc_subr.c- } krpc_subr.c: error = sosend(so, (struct sockaddr *)sa, NULL, m, krpc_subr.c- NULL, 0, td); krpc_subr.c- if (error) { It strikes me that instead it should be calling: error = so->so_proto->pr_usrreqs->pru_sosend(...) So that protocols can implement sosend as they see fit. The NFS server code appears to do this fine. Is this interpretation correct? Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 11:34:27 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 77F5E37B401 for ; Wed, 2 Oct 2002 11:34:25 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id EB0E343E6A for ; Wed, 2 Oct 2002 11:34:23 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.12.4/8.12.4) with SMTP id g92IXuOo049103 for ; Wed, 2 Oct 2002 14:33:56 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Wed, 2 Oct 2002 14:33:56 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: net@FreeBSD.org Subject: Re: NFS client code calls sosend() directly... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org While I was reviewing the rest of the kernel tree, I also found... /cboss/p4/rwatson/trustedbsd/mac/sys/fs/fifofs/fifo_vnops.c: error = sosend(wso, (struct sockaddr *)0, ap->a_uio, 0, /cboss/p4/rwatson/trustedbsd/mac/sys/fs/portalfs/portal_vnops.c: error = sosend(so, (struct sockaddr *) 0, &auio, These also strike me as similarly incorrect and fixable. Of course, fifofs and portalfs are both home to much evil, so... Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories On Wed, 2 Oct 2002, Robert Watson wrote: > > I was groping around through the socket code today looking for more places > to sprinkle mandatory access control magic, and noticed that in most parts > of the system call and protocol-independent socket implementation, > sosend() is never invoked directly: instead, pru_sosend() is invoked, and > protocols have the option of implementing pru_sosend() using the central > sosend(), or providing their own optimized implementation. However, the > exception to this appears to be in the nfsclient code, where sosend is > invoked directly on the socket: > > bootp_subr.c- > bootp_subr.c: error = sosend(so, (struct sockaddr *) &dst, > bootp_subr.c- &auio, NULL, NULL, 0, td); > bootp_subr.c- if (error != 0) { > > ... > > krpc_subr.c- } > krpc_subr.c: error = sosend(so, (struct sockaddr *)sa, NULL, m, > krpc_subr.c- NULL, 0, td); > krpc_subr.c- if (error) { > > It strikes me that instead it should be calling: > > error = so->so_proto->pr_usrreqs->pru_sosend(...) > > So that protocols can implement sosend as they see fit. The NFS server > code appears to do this fine. Is this interpretation correct? > > Robert N M Watson FreeBSD Core Team, TrustedBSD Projects > robert@fledge.watson.org Network Associates Laboratories > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 12:14:44 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 91C8537B401 for ; Wed, 2 Oct 2002 12:14:42 -0700 (PDT) Received: from lion.com.ua (lion.com.ua [213.133.161.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2686643E42 for ; Wed, 2 Oct 2002 12:14:38 -0700 (PDT) (envelope-from sa@simon.org.ua) Received: from localhost (localhost [127.0.0.1]) by lion.com.ua (8.12.5/8.12.5) with ESMTP id g92JEQvI002831; Wed, 2 Oct 2002 22:14:27 +0300 (EEST) (envelope-from sa@simon.org.ua) Date: Wed, 2 Oct 2002 22:14:26 +0300 (EEST) From: Andrey Simonenko X-X-Sender: sa@lion.com.ua To: Barney Wolff Cc: Luigi Rizzo , Subject: Re: Q about sbin/ipfw2.c:list() In-Reply-To: <20021002165627.GA75843@tp.databus.com> Message-ID: <20021002213926.T2737-100000@lion.com.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 2 Oct 2002, Barney Wolff wrote: > Hmmm. In ipfw1 there is always a rule 65535, unless I'm confused. > Is that not true of ipfw2? In either case, should it or should it > not be counted? Can it ever be deleted? Can one have multiple > rules with the same number, as one can with ipfw1? What happens > if there are multiple rules with number 65535? I know, UTSL. According to the ipfw manual page, there is always a rule 65535. I made some experiments and ipfw and ipfw2 don't allow to add or delete 65535 rule. But I'm interesting if there is such comparison in the ipfw2.c code, then should we expect that in some cases "ipfw l" command will not show some last rules, not only last rule 65535 but some rules before it? Another thing that is not clear for me is src/ip6fw/ip6fw.c:list() function, according to code of this function ip6fw command can read no more than 65536 rules. May be I should ask question about ip6fw.c:list() in another mail, but now I'm interesting about ipfw2.c:list() code. > > On Wed, Oct 02, 2002 at 06:25:46AM -0700, Luigi Rizzo wrote: > > On Wed, Oct 02, 2002 at 02:15:42PM +0300, Andrey Simonenko wrote: > > > Hello, > > > > > > Why is it needed to check both r->rulenum and (void *)r < lim in > > > sbin/ipfw2.c:list() ? > > > > because the buffer has a limited size (nbytes) and you don't want > > to read past it. However there is a bug in the code below, > > because you should swap the checks (void *)r < lim && r->rulenum < 65535 > > > > Whether ipfw1.c has the same bug or not i don't remember, but that > > is irrelevant anyways. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 12:48:11 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF66537B401; Wed, 2 Oct 2002 12:48:10 -0700 (PDT) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id E694643E4A; Wed, 2 Oct 2002 12:48:09 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.3/8.12.5) with ESMTP id g92JlugQ000916 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Wed, 2 Oct 2002 15:47:57 -0400 (EDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.3/8.12.5/Submit) id g92Jlu4D000913; Wed, 2 Oct 2002 15:47:56 -0400 (EDT) (envelope-from wollman) Date: Wed, 2 Oct 2002 15:47:56 -0400 (EDT) From: Garrett Wollman Message-Id: <200210021947.g92Jlu4D000913@khavrinen.lcs.mit.edu> To: Robert Watson Cc: net@FreeBSD.org Subject: NFS client code calls sosend() directly... In-Reply-To: References: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > protocols have the option of implementing pru_sosend() using the central > sosend(), or providing their own optimized implementation. However, the > exception to this appears to be in the nfsclient code, where sosend is > invoked directly on the socket: The NFS code is hairy and evil and since I don't use it I didn't want to touch it when I made that change several years ago. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 13:18:42 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 513C537B401 for ; Wed, 2 Oct 2002 13:18:41 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 643A243E75 for ; Wed, 2 Oct 2002 13:18:40 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.12.4/8.12.4) with SMTP id g92KICOo050378; Wed, 2 Oct 2002 16:18:12 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Wed, 2 Oct 2002 16:18:11 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Garrett Wollman Cc: net@FreeBSD.org Subject: Re: NFS client code calls sosend() directly... In-Reply-To: <200210021947.g92Jlu4D000913@khavrinen.lcs.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 2 Oct 2002, Garrett Wollman wrote: > < said: > > > protocols have the option of implementing pru_sosend() using the central > > sosend(), or providing their own optimized implementation. However, the > > exception to this appears to be in the nfsclient code, where sosend is > > invoked directly on the socket: > > The NFS code is hairy and evil and since I don't use it I didn't want to > touch it when I made that change several years ago. I guess my question then is: I'd like to clean this up. Is the approach I'm suggesting correct? Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 23:38:34 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6990737B401 for ; Wed, 2 Oct 2002 23:38:33 -0700 (PDT) Received: from web14605.mail.yahoo.com (web14605.mail.yahoo.com [216.136.224.85]) by mx1.FreeBSD.org (Postfix) with SMTP id 3E15C43E4A for ; Wed, 2 Oct 2002 23:38:33 -0700 (PDT) (envelope-from shubha_mr@yahoo.com) Message-ID: <20021003063833.24835.qmail@web14605.mail.yahoo.com> Received: from [12.151.32.25] by web14605.mail.yahoo.com via HTTP; Thu, 03 Oct 2002 07:38:33 BST Date: Thu, 3 Oct 2002 07:38:33 +0100 (BST) From: =?iso-8859-1?q?shubha=20mr?= Subject: multicast ftp? To: freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Does freeBSD support ftp for a multicast address? Thanks shubha __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 2 23:40:53 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3400437B401 for ; Wed, 2 Oct 2002 23:40:52 -0700 (PDT) Received: from cecov.masternet.it (cecov.masternet.it [194.184.65.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id CBBBE43E42 for ; Wed, 2 Oct 2002 23:40:48 -0700 (PDT) (envelope-from gmarco@scotty.masternet.it) Received: from usul.scotty.masternet.it (freebsd.giovannelli.com [194.184.65.139]) by cecov.masternet.it (8.12.5/8.12.5) with ESMTP id g936msY5030421; Thu, 3 Oct 2002 08:49:02 +0200 (CEST) (envelope-from gmarco@scotty.masternet.it) Message-Id: <5.1.1.6.2.20021003083237.022d9008@194.184.65.7> X-Sender: gmarco@194.184.65.7 X-Mailer: QUALCOMM Windows Eudora Version 5.1.1 Date: Thu, 03 Oct 2002 08:40:04 +0200 To: Eric Brunner-Williams in Portland Maine From: Gianmarco Giovannelli Subject: Re: Token Ring - Ethernet bridge Cc: net@freebsd.org In-Reply-To: <200209161736.g8GHa2KY003921@nic-naa.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 16/09/2002, you wrote: >uhh... wakeup(&me->ibm_4.3bsd) > >What are people using for token-ring now a days? I have a box which acts as firewall with ipfw and dummynet on a public company that still uses token ring for its intranet. oltr0: port 0xd000-0xd03f irq 10 at device 10.0 on pci0 oltr0: MAC address 00:00:83:2b:63:db freebsd:/home/gmarco> ifconfig -a oltr0: flags=143 mtu 1500 inet 172.16.16.239 netmask 0xfffff000 broadcast 172.16.31.255 lladdr .0.83.2b.63.db media: Token ring UTP/16Mbit ed0: flags=8843 mtu 1500 inet xxx.xxx.xxx.xxx netmask 0xffffffe0 broadcast xxx.xxx.xxx.xxx ether 00:50:ba:ee:58:38 The "plain" oltr driver is fine, even if it has some oddities on it and too much verbose messages that "scare" the customer :-) Oct 3 08:41:21 freebsd /kernel: oltr0: tx queue full Oct 3 08:41:21 freebsd /kernel: oltr0: queue restart Oct 3 08:41:22 freebsd /kernel: oltr0: tx queue full Oct 3 08:41:22 freebsd /kernel: oltr0: queue restart The Olicom cards seems to me the only one supported by the driver of Larry Lile. It's a pity because I am full of IBM card that I can't use :-) Best Regards, Gianmarco Giovannelli , "Unix expert since yesterday" http://www.gufi.org/~gmarco To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 3: 2:56 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 27AE137B401; Thu, 3 Oct 2002 03:02:50 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F99C43E77; Thu, 3 Oct 2002 03:02:49 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id UAA06810; Thu, 3 Oct 2002 20:02:47 +1000 Date: Thu, 3 Oct 2002 20:12:26 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Robert Watson Cc: net@FreeBSD.ORG Subject: Re: NFS client code calls sosend() directly... In-Reply-To: Message-ID: <20021003200757.K3283-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 2 Oct 2002, Robert Watson wrote: > While I was reviewing the rest of the kernel tree, I also found... > > /cboss/p4/rwatson/trustedbsd/mac/sys/fs/fifofs/fifo_vnops.c: > > error = sosend(wso, (struct sockaddr *)0, ap->a_uio, 0, > > /cboss/p4/rwatson/trustedbsd/mac/sys/fs/portalfs/portal_vnops.c: > > error = sosend(so, (struct sockaddr *) 0, &auio, > > These also strike me as similarly incorrect and fixable. Of course, > fifofs and portalfs are both home to much evil, so... What evil is that, in the case of fifofs? fifofs is fairly simple and clean. It needs particular socket semantics (simple ones which it has set up), so it can know that sosend() does the right thing for it. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 3: 5:39 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 23DA637B401 for ; Thu, 3 Oct 2002 03:05:39 -0700 (PDT) Received: from insomnia.spc.org (insomnia.spc.org [195.224.94.183]) by mx1.FreeBSD.org (Postfix) with SMTP id 6E50F43E81 for ; Thu, 3 Oct 2002 03:05:38 -0700 (PDT) (envelope-from bms@insomnia.spc.org) Received: (qmail 18857 invoked by uid 1031); 3 Oct 2002 10:01:11 -0000 Date: Thu, 3 Oct 2002 11:01:10 +0100 From: Bruce M Simpson To: shubha mr Cc: freebsd-net@FreeBSD.org Subject: Re: multicast ftp? Message-ID: <20021003100110.GD27978@spc.org> Mail-Followup-To: Bruce M Simpson , shubha mr , freebsd-net@FreeBSD.org References: <20021003063833.24835.qmail@web14605.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021003063833.24835.qmail@web14605.mail.yahoo.com> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 03, 2002 at 07:38:33AM +0100, shubha mr wrote: > Does freeBSD support ftp for a multicast address? ftp is a unicast, not a multicast protocol. If what you *really* mean is are there multicast file transfer protocols out there, yes there are; please be more specific... BMS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 5:43:12 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D2C8837B401 for ; Thu, 3 Oct 2002 05:43:11 -0700 (PDT) Received: from whizzo.transsys.com (whizzo.TransSys.COM [144.202.42.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 360A243E3B for ; Thu, 3 Oct 2002 05:43:11 -0700 (PDT) (envelope-from louie@whizzo.transsys.com) Received: from whizzo.transsys.com (#6@localhost.transsys.com [127.0.0.1]) by whizzo.transsys.com (8.12.5/8.12.5) with ESMTP id g93Ch2kM006311; Thu, 3 Oct 2002 08:43:02 -0400 (EDT) (envelope-from louie@whizzo.transsys.com) Message-Id: <200210031243.g93Ch2kM006311@whizzo.transsys.com> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: =?iso-8859-1?q?shubha=20mr?= Cc: freebsd-net@FreeBSD.ORG X-Image-URL: http://www.transsys.com/louie/images/louie-mail.jpg From: "Louis A. Mamakos" Subject: Re: multicast ftp? References: <20021003063833.24835.qmail@web14605.mail.yahoo.com> In-reply-to: Your message of "Thu, 03 Oct 2002 07:38:33 BST." <20021003063833.24835.qmail@web14605.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 03 Oct 2002 08:43:02 -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Does freeBSD support ftp for a multicast address? It would be really hard for any OS to support FTP to a multicast address, as TCP doesn't work with multicast addresses. FTP uses TCP as the transport protocol for it's control connection and the data connection that's used to move data between two points. louie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 6:25:27 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DA0037B401 for ; Thu, 3 Oct 2002 06:25:26 -0700 (PDT) Received: from garbo.lodgenet.com (garbo.lodgenet.com [204.124.122.252]) by mx1.FreeBSD.org (Postfix) with ESMTP id C5B6E43E65 for ; Thu, 3 Oct 2002 06:25:25 -0700 (PDT) (envelope-from lmckenna@lodgenet.com) Received: from hardy.lodgenet.com (hardy.lodgenet.com [10.0.104.235]) by garbo.lodgenet.com (8.11.6/8.11.6) with ESMTP id g93DPOU23401; Thu, 3 Oct 2002 08:25:24 -0500 Received: from chaplin.lodgenet.com (not verified[10.0.104.215]) by hardy.lodgenet.com with MailMarshal (4,2,5,0) id ; Thu, 03 Oct 2002 08:25:24 -0500 Received: by chaplin.lodgenet.com with Internet Mail Service (5.5.2653.19) id ; Thu, 3 Oct 2002 08:26:08 -0500 Message-ID: <3EA88113DE92D211807300805FA799420914A1F7@chaplin.lodgenet.com> From: "McKenna, Lee" To: "'shubha mr'" , freebsd-net@freebsd.org Subject: RE: multicast ftp? Date: Thu, 3 Oct 2002 08:25:29 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Does freeBSD support ftp for a multicast address? > > Thanks > shubha It sounds like maybe you are looking for multicast file transfer. Not sure about the status of any open source projects to do this, but there are a couple of commercial implementations - Kencast and Talarian are two I've evaluated. Kencast supports linux and freebsd clients, but their "sender" is a Win2K server (no big deal, its been reliable for us 2+ years running). We use Kencast to distribute huge multi-gigabyte files via one-way satellite and it is incredibly reliable, due to the excellent forward error correction methodology. Good luck, --Lee PS -- As far as open source, search google for "multicast file transfer" and you'll come up with things like: "xtp": http://www.ca.sandia.gov/xtp/xtp.html "xftp": http://www.cc.gatech.edu/computing/Telecomm/playground/SCE/xftp.html "ftp-m": http://www.cs.ucsd.edu/Dienst/UI/2.0/Describe/ncstrl.ucsd_cse/CS2001-0684 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 7:59: 0 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 88A6737B404 for ; Thu, 3 Oct 2002 07:58:57 -0700 (PDT) Received: from nero.doit.wisc.edu (nero.doit.wisc.edu [128.104.17.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF8F043E65 for ; Thu, 3 Oct 2002 07:58:56 -0700 (PDT) (envelope-from jleu@nero.doit.wisc.edu) Received: (from jleu@localhost) by nero.doit.wisc.edu (8.11.6/8.11.6) id g93G1mA22433; Thu, 3 Oct 2002 11:01:48 -0500 Date: Thu, 3 Oct 2002 11:01:47 -0500 From: "James R. Leu" To: zebra@zebra.org Cc: net@FreeBSD.ORG Subject: Re: [zebra 15605] BGP/MPLS VPN using the mpls-linux patch and zebra ldp patch Message-ID: <20021003110147.B22387@nero.doit.wisc.edu> Reply-To: jleu@mindspring.com References: <7C545DDB428BD611865C00062938ECF40117FEB8@ent37ex00.ind.zensar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <7C545DDB428BD611865C00062938ECF40117FEB8@ent37ex00.ind.zensar.com>; from S.Manish@zensar.com on Thu, Oct 03, 2002 at 05:05:37PM +0530 Organization: none Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm currently working on exactly work your refering to. It is going to take a lot more work before it is realized, but it is my end goal. Here are the pieces I have: MPLS forwarding (linux only, in theory the work from NIST could be used for FreeBSD) LDP signaling integrated with zebra (this should work on any platform, but it is pretty reliant on the linux mpls stack right now) Kernel support for VRFs (linux only, http://sf.net/projects/linux-vrf/) BGP next hop resolution to LDP LSPs (infrastruture is platform indepedent) I still need: zebra CLI for configuring VRFs (just checked into zebra CVS?) BGP code to propogate IPv4-VPN NLRI (might already be in zebra?) Plateform independent MPLS LSR infrastructure (this will allow LDP signalling, static LSPs, and BGP learn label mappings to be "installed" into a plateform independent layer. This layer will then handle the details of how to install labels into a plateform specific forwarding plan. This will also be a perfect place for a label manager) PE-CE routing protocols (start with static routing built on linux-vrf, but linux-vrf has the ability to bind sockets to VRFs, so in theory a entire routing daemon could be attached to a VRF like ospfd, bgpd or ripd) I've overly simplified much of what is here, and I'm sure I've missing items. So as you can see there is still a lot of work to do. If anyone else is working on related items, please let me know. Jim On Thu, Oct 03, 2002 at 05:05:37PM +0530, Sapariya Manish.j wrote: > Hi List, > > I was wondering if I can setup linux/freebsd router as defined in 2547bis > (MPLS/BGP VPN) > using the mpls linux patch and ldp zebra patch for implementing VPNs. > > If it is possible I want to know how to configure various VRFs on the linux > router > like we configured on cisco, assigning rd and other things. > > Or this is stuff is taken care by zebra-bgp(ldp). > > If it is not possible, any idea how I can do this using my linux/freebsd > router??? > > Thanks a lot for any help/links. > Regards, > Manish > > > " > > Zensar Technologies Ltd. Mail Disclaimer: This e-mail and any files > transmitted with it are confidential and the views expressed in the same are > not necessarily the views of Zensar Technologies Ltd., and its directors, > management or employees. This communication represents the originator's > personal views and opinions. If you are not the intended recipient or the > person responsible for delivering the e-mail to the intended recipient, be > advised that you have received this e-mail by error, and that any use, > dissemination, forwarding, printing, or copying of this e-mail is strictly > prohibited. You shall be under obligation to keep the contents of this > e-mail, strictly confidential and shall not disclose, disseminate or divulge > the same to any Person, Company, Firm or Entity. Please ensure you have > adequate virus protection before you open or detach any documents from this > transmission. ZenSar Technologies Ltd. does not accept any liability for > viruses. If you received this e-mail in error, please immediately notify > administrator@zensar.com. The rights to monitor all e-mail communication > through our network are reserved with us. > > " -- James R. Leu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 8:58:11 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 16C2137B404; Thu, 3 Oct 2002 08:58:10 -0700 (PDT) Received: from wall.polstra.com (wall-gw.polstra.com [206.213.73.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2229343E3B; Thu, 3 Oct 2002 08:58:09 -0700 (PDT) (envelope-from jdp@polstra.com) Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13]) by wall.polstra.com (8.11.3/8.11.3) with ESMTP id g93Fw8x17832; Thu, 3 Oct 2002 08:58:08 -0700 (PDT) (envelope-from jdp@vashon.polstra.com) Received: (from jdp@localhost) by vashon.polstra.com (8.12.5/8.12.5/Submit) id g93Fw8ER001397; Thu, 3 Oct 2002 08:58:08 -0700 (PDT) (envelope-from jdp) Date: Thu, 3 Oct 2002 08:58:08 -0700 (PDT) Message-Id: <200210031558.g93Fw8ER001397@vashon.polstra.com> To: net@freebsd.org From: John Polstra Cc: rwatson@freebsd.org Subject: Re: NFS client code calls sosend() directly... In-Reply-To: References: Organization: Polstra & Co., Seattle, WA Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article , Robert Watson wrote: > On Wed, 2 Oct 2002, Garrett Wollman wrote: > > > < said: > > > > > protocols have the option of implementing pru_sosend() using the central > > > sosend(), or providing their own optimized implementation. However, the > > > exception to this appears to be in the nfsclient code, where sosend is > > > invoked directly on the socket: > > > > The NFS code is hairy and evil and since I don't use it I didn't want to > > touch it when I made that change several years ago. > > I guess my question then is: I'd like to clean this up. Is the approach > I'm suggesting correct? FWIW, your approach is what the ng_ksocket node does. I've used it before and it worked fine for me. John -- John Polstra John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 9:32:21 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BBD5737B404; Thu, 3 Oct 2002 09:32:20 -0700 (PDT) Received: from hotmail.com (f49.law9.hotmail.com [64.4.9.49]) by mx1.FreeBSD.org (Postfix) with ESMTP id 840D843E75; Thu, 3 Oct 2002 09:32:20 -0700 (PDT) (envelope-from soheil_h_y@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 3 Oct 2002 09:32:20 -0700 Received: from 213.29.70.131 by lw9fd.law9.hotmail.msn.com with HTTP; Thu, 03 Oct 2002 16:32:20 GMT X-Originating-IP: [213.29.70.131] From: "soheil hassas yeganeh" To: freebsd-net@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: PASSING PARAMETERS TO KERNEL Date: Thu, 03 Oct 2002 20:02:20 +0330 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 03 Oct 2002 16:32:20.0449 (UTC) FILETIME=[71DD4510:01C26AFA] Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi list How can i pass some parameters to kernel from userlan or... some files .. or etc. after i compile and install the kernel Thanx _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 12: 5: 0 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB0CE37B401 for ; Thu, 3 Oct 2002 12:04:58 -0700 (PDT) Received: from lion.com.ua (lion.com.ua [213.133.161.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id D1AF843E42 for ; Thu, 3 Oct 2002 12:04:53 -0700 (PDT) (envelope-from sa@simon.org.ua) Received: from localhost (localhost [127.0.0.1]) by lion.com.ua (8.12.5/8.12.5) with ESMTP id g93J4fvI007155; Thu, 3 Oct 2002 22:04:43 +0300 (EEST) (envelope-from sa@simon.org.ua) Date: Thu, 3 Oct 2002 22:04:41 +0300 (EEST) From: Andrey Simonenko X-X-Sender: sa@lion.com.ua To: Luigi Rizzo Cc: freebsd-net@FreeBSD.ORG Subject: Re: Q about sbin/ipfw2.c:list() In-Reply-To: <20021002062546.C22163@iguana.icir.org> Message-ID: <20021003215546.M7110-100000@lion.com.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 2 Oct 2002, Luigi Rizzo wrote: > On Wed, Oct 02, 2002 at 02:15:42PM +0300, Andrey Simonenko wrote: > > Hello, > > > > Why is it needed to check both r->rulenum and (void *)r < lim in > > sbin/ipfw2.c:list() ? > > because the buffer has a limited size (nbytes) and you don't want > to read past it. However there is a bug in the code below, > because you should swap the checks (void *)r < lim && r->rulenum < 65535 > > Whether ipfw1.c has the same bug or not i don't remember, but that > is irrelevant anyways. ipfw1.c:list() doesn't check address boundary, it checks only a rule 65535. Why is it possible that getsockopt(IP_FW_GET) can return not all IPFW2 rules? According to ipfw(8) manual page there is always a rule 65535, so this rule should be always present after getsockopt(IP_FW_GET) call (of course there should be enought memory in a buffer, but it is checked in the code of list() function): /* get rules or pipes from kernel, resizing array as necessary */ nbytes = nalloc; while (nbytes >= nalloc) { nalloc = nalloc * 2 + 200; nbytes = nalloc; if ((data = realloc(data, nbytes)) == NULL) err(EX_OSERR, "realloc"); if (getsockopt(s, IPPROTO_IP, ocmd, data, &nbytes) < 0) err(EX_OSERR, "getsockopt(IP_%s_GET)", do_pipe ? "DUMMYNET" : "FW"); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 3 13:22:41 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 55C1F37B401 for ; Thu, 3 Oct 2002 13:22:40 -0700 (PDT) Received: from carp.icir.org (carp.icir.org [192.150.187.71]) by mx1.FreeBSD.org (Postfix) with ESMTP id 02C6243E42 for ; Thu, 3 Oct 2002 13:22:40 -0700 (PDT) (envelope-from rizzo@carp.icir.org) Received: from carp.icir.org (localhost [127.0.0.1]) by carp.icir.org (8.12.3/8.11.3) with ESMTP id g93KMdvv064844; Thu, 3 Oct 2002 13:22:39 -0700 (PDT) (envelope-from rizzo@carp.icir.org) Received: (from rizzo@localhost) by carp.icir.org (8.12.3/8.12.3/Submit) id g93KMdFB064843; Thu, 3 Oct 2002 13:22:39 -0700 (PDT) (envelope-from rizzo) Date: Thu, 3 Oct 2002 13:22:39 -0700 From: Luigi Rizzo To: Andrey Simonenko Cc: freebsd-net@FreeBSD.ORG Subject: Re: Q about sbin/ipfw2.c:list() Message-ID: <20021003132239.B64754@carp.icir.org> References: <20021002062546.C22163@iguana.icir.org> <20021003215546.M7110-100000@lion.com.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20021003215546.M7110-100000@lion.com.ua>; from simon@simon.org.ua on Thu, Oct 03, 2002 at 10:04:41PM +0300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org indeed you are right -- then one can probably remove the additional check. cheers luigi On Thu, Oct 03, 2002 at 10:04:41PM +0300, Andrey Simonenko wrote: ... > Why is it possible that getsockopt(IP_FW_GET) can return not all IPFW2 > rules? According to ipfw(8) manual page there is always a rule 65535, so > this rule should be always present after getsockopt(IP_FW_GET) call (of > course there should be enought memory in a buffer, but it is checked in > the code of list() function): > > /* get rules or pipes from kernel, resizing array as necessary */ > nbytes = nalloc; > > while (nbytes >= nalloc) { > nalloc = nalloc * 2 + 200; > nbytes = nalloc; > if ((data = realloc(data, nbytes)) == NULL) > err(EX_OSERR, "realloc"); > if (getsockopt(s, IPPROTO_IP, ocmd, data, &nbytes) < 0) > err(EX_OSERR, "getsockopt(IP_%s_GET)", > do_pipe ? "DUMMYNET" : "FW"); > } > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 2:25:56 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9759737B401 for ; Fri, 4 Oct 2002 02:25:55 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 6F7A443E6A for ; Fri, 4 Oct 2002 02:25:54 -0700 (PDT) (envelope-from oppermann@pipeline.ch) Received: (qmail 38479 invoked from network); 4 Oct 2002 09:23:02 -0000 Received: from unknown (HELO pipeline.ch) ([62.48.0.54]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 4 Oct 2002 09:23:02 -0000 Message-ID: <3D9D5E66.92C0F443@pipeline.ch> Date: Fri, 04 Oct 2002 11:24:54 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Anyone T/TCP? Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Does someone actually use T/TCP in any application or does someone know someone else using or having an application for it? -- Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 6:51:52 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C55B737B401; Fri, 4 Oct 2002 06:51:50 -0700 (PDT) Received: from vbook.express.ru (asplinux.ru [195.133.213.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id E0EBD43E6E; Fri, 4 Oct 2002 06:51:49 -0700 (PDT) (envelope-from vova@express.ru) Received: from vova by vbook.express.ru with local (Exim 3.36 #1) id 17xSrq-0000Lx-00; Fri, 04 Oct 2002 17:51:46 +0400 Subject: zebra interface flags problem on 4.7-RC2 (IFF_PROMISC) From: "Vladimir B. " Grebenschikov To: sumikawa@FreeBSD.org Cc: freebsd-net@freebsd.org, sobomax@freebsd.org Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.7 Date: 04 Oct 2002 17:51:46 +0400 Message-Id: <1033739506.1060.16.camel@vbook.express.ru> Mime-Version: 1.0 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi I have tried to install fresh zebra (from ports) on 4.7-RC2 have a problem - zebra turns on promiscuity mode on interface, it is completely unacceptable when interface connected to HUB (not switch) - router begins resend all packets. # ifconfig fxp1 fxp1: flags=8843 mtu 1500 inet 193.125.143.129 netmask 0xffffff00 broadcast 193.125.143.255 ether 00:a0:c9:41:a3:a3 media: Ethernet autoselect (10baseT/UTP) status: active # zebra -d 2002/10/04 16:33:42 ZEBRA: can't get ip6forwarding value # ifconfig fxp1 fxp1: flags=8943 mtu 1500 inet 193.125.143.129 netmask 0xffffff00 broadcast 193.125.143.255 ether 00:a0:c9:41:a3:a3 media: Ethernet autoselect (10baseT/UTP) status: active Nothing special in zebra config, just installed 4.7-RC2, just upgraded zebra. I am not sure is it Zebra-related or FreeBSD-related problem digging into zebra code do not show any abnormal interface flags installed. May be problem related to following commit: date: 2002/08/30 14:23:38; author: sobomax; state: Exp; lines: +25 -4 MFC: user-setable promisc mode. The code is slightly diffrent (and uglier) than in HEAD, because we have had to preserve kernel ABI, so that increasing if_flags to 32 bits was not an option. -- Vladimir B. Grebenschikov vova@sw.ru, SWsoft, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 7: 7: 7 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9BB6237B401; Fri, 4 Oct 2002 07:07:05 -0700 (PDT) Received: from baraca.united.net.ua (ns.united.net.ua [193.111.8.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id E187543E42; Fri, 4 Oct 2002 07:07:03 -0700 (PDT) (envelope-from max@vega.com) Received: from vega.vega.com (xDSL-2-2.united.net.ua [193.111.9.226]) by baraca.united.net.ua (8.11.6/8.11.6) with ESMTP id g94E6rp32708; Fri, 4 Oct 2002 17:06:53 +0300 (EEST) (envelope-from max@vega.com) Received: from vega.vega.com (max@localhost [127.0.0.1]) by vega.vega.com (8.12.6/8.12.5) with ESMTP id g94E6nTs061885; Fri, 4 Oct 2002 17:06:49 +0300 (EEST) (envelope-from sobomax@FreeBSD.org) Received: (from max@localhost) by vega.vega.com (8.12.6/8.12.5/Submit) id g94E6ihY061884; Fri, 4 Oct 2002 17:06:44 +0300 (EEST) Date: Fri, 4 Oct 2002 17:06:44 +0300 From: Maxim Sobolev To: "Vladimir B. Grebenschikov" Cc: sumikawa@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: zebra interface flags problem on 4.7-RC2 (IFF_PROMISC) Message-ID: <20021004140644.GB61661@vega.vega.com> References: <1033739506.1060.16.camel@vbook.express.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <1033739506.1060.16.camel@vbook.express.ru> User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Oct 04, 2002 at 05:51:46PM +0400, Vladimir B. Grebenschikov wrote: > > Hi > > I have tried to install fresh zebra (from ports) on 4.7-RC2 > > have a problem - zebra turns on promiscuity mode on interface, > it is completely unacceptable when interface connected to HUB (not > switch) - router begins resend all packets. > > # ifconfig fxp1 > fxp1: flags=8843 mtu 1500 > inet 193.125.143.129 netmask 0xffffff00 broadcast > 193.125.143.255 > ether 00:a0:c9:41:a3:a3 > media: Ethernet autoselect (10baseT/UTP) > status: active > # zebra -d > 2002/10/04 16:33:42 ZEBRA: can't get ip6forwarding value > # ifconfig fxp1 > fxp1: flags=8943 mtu > 1500 > inet 193.125.143.129 netmask 0xffffff00 broadcast > 193.125.143.255 > ether 00:a0:c9:41:a3:a3 > media: Ethernet autoselect (10baseT/UTP) > status: active > > > Nothing special in zebra config, just installed 4.7-RC2, just upgraded > zebra. > > I am not sure is it Zebra-related or FreeBSD-related problem > digging into zebra code do not show any abnormal interface flags > installed. This is probably a bug in zebra - I guess that it's doesn't clear 'struct ifreq' properly before SIOCSIFFLAGS ioctl(2). -Maxim > > May be problem related to following commit: > > date: 2002/08/30 14:23:38; author: sobomax; state: Exp; lines: +25 -4 > MFC: user-setable promisc mode. The code is slightly diffrent (and > uglier) > than in HEAD, because we have had to preserve kernel ABI, so that > increasing > if_flags to 32 bits was not an option. > > > -- > Vladimir B. Grebenschikov > vova@sw.ru, SWsoft, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 7:10:32 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7C7EB37B401 for ; Fri, 4 Oct 2002 07:10:31 -0700 (PDT) Received: from obsidian.sentex.ca (obsidian.sentex.ca [64.7.128.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id E11BD43E42 for ; Fri, 4 Oct 2002 07:10:30 -0700 (PDT) (envelope-from freebsd@coal.sentex.ca) Received: from pegmatite (pyroxene.sentex.ca [199.212.134.18]) (authenticated bits=0) by obsidian.sentex.ca (8.12.6/8.12.6) with ESMTP id g94EATvN055275 for ; Fri, 4 Oct 2002 10:10:29 -0400 (EDT) (envelope-from freebsd@coal.sentex.ca) Date: Fri, 4 Oct 2002 10:09:47 -0400 From: freebsd@coal.sentex.ca X-Mailer: The Bat! (v1.61) Organization: Sentex Data Communications X-Priority: 3 (Normal) Message-ID: <16552555060.20021004100947@sentex.net> To: freebsd-net@freebsd.org Subject: Linux <-> FreeBSD ipip/gre tunnel MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: By Sentex Communications (obsidian/20020517) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org (Originally posted to -questions, no responses yet.) I haven't been able to turn up anything under Google... Has anyone ever successfully gotten an IP-IP or GRE tunnel working between a FreeBSD machine (4-STABLE) and a Linux machine (2.4.x)? I can get a tunnel up between two FreeeBSD machines no problem, but not between the two OSes. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 7:21:52 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 25B8137B401; Fri, 4 Oct 2002 07:21:50 -0700 (PDT) Received: from vbook.express.ru (asplinux.ru [195.133.213.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9667943E4A; Fri, 4 Oct 2002 07:21:49 -0700 (PDT) (envelope-from vova@express.ru) Received: from vova by vbook.express.ru with local (Exim 3.36 #1) id 17xTKu-0000NV-00; Fri, 04 Oct 2002 18:21:48 +0400 Subject: Re: zebra interface flags problem on 4.7-RC2 (IFF_PROMISC) From: "Vladimir B. " Grebenschikov To: Maxim Sobolev Cc: sumikawa@FreeBSD.ORG, freebsd-net@FreeBSD.ORG In-Reply-To: <20021004140644.GB61661@vega.vega.com> References: <1033739506.1060.16.camel@vbook.express.ru> <20021004140644.GB61661@vega.vega.com> Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: quoted-printable X-Mailer: Ximian Evolution 1.0.7 Date: 04 Oct 2002 18:21:47 +0400 Message-Id: <1033741307.1060.22.camel@vbook.express.ru> Mime-Version: 1.0 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org =F7 Fri, 04.10.2002, =D7 18:06, Maxim Sobolev =CE=C1=D0=C9=D3=C1=CC: > On Fri, Oct 04, 2002 at 05:51:46PM +0400, Vladimir B. Grebenschikov wrot= e: > >=20 > > Hi > >=20 > > I have tried to install fresh zebra (from ports) on 4.7-RC2 > >=20 > > have a problem - zebra turns on promiscuity mode on interface, > > it is completely unacceptable when interface connected to HUB (not > > switch) - router begins resend all packets. > >=20 > > # ifconfig fxp1 > > fxp1: flags=3D8843 mtu 1500 > > inet 193.125.143.129 netmask 0xffffff00 broadcast > > 193.125.143.255 > > ether 00:a0:c9:41:a3:a3 > > media: Ethernet autoselect (10baseT/UTP) > > status: active > > # zebra -d > > 2002/10/04 16:33:42 ZEBRA: can't get ip6forwarding value > > # ifconfig fxp1 > > fxp1: flags=3D8943 mtu=20 > > 1500 > > inet 193.125.143.129 netmask 0xffffff00 broadcast > > 193.125.143.255 > > ether 00:a0:c9:41:a3:a3 > > media: Ethernet autoselect (10baseT/UTP) > > status: active > >=20 > >=20 > > Nothing special in zebra config, just installed 4.7-RC2, just upgraded > > zebra. > >=20 > > I am not sure is it Zebra-related or FreeBSD-related problem > > digging into zebra code do not show any abnormal interface flags > > installed. >=20 > This is probably a bug in zebra - I guess that it's doesn't clear > 'struct ifreq' properly before SIOCSIFFLAGS ioctl(2). Zebra explicitly sets flags like this: ioctl.c: ifreq.ifr_flags =3D ifp->flags; ioctl.c: ifreq.ifr_flags |=3D flags; and I have tried to change code: ioctl.c: ifreq.ifr_flags =3D ifp->flags; ioctl.c: ifreq.ifr_flags |=3D flags; ioctl.c: ifreq.ifr_flags &=3D ~(IFF_PROMISC); - does not help. > -Maxim >=20 > >=20 > > May be problem related to following commit: > >=20 > > date: 2002/08/30 14:23:38; author: sobomax; state: Exp; lines: +25 -= 4 > > MFC: user-setable promisc mode. The code is slightly diffrent (and > > uglier) > > than in HEAD, because we have had to preserve kernel ABI, so that > > increasing > > if_flags to 32 bits was not an option. > >=20 > >=20 > > --=20 > > Vladimir B. Grebenschikov > > vova@sw.ru, SWsoft, Inc. >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message >=20 --=20 Vladimir B. Grebenschikov vova@sw.ru, SWsoft, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 8:20:12 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0F9C037B401 for ; Fri, 4 Oct 2002 08:20:11 -0700 (PDT) Received: from sccrmhc03.attbi.com (sccrmhc03.attbi.com [204.127.202.63]) by mx1.FreeBSD.org (Postfix) with ESMTP id 85A0D43E4A for ; Fri, 4 Oct 2002 08:20:10 -0700 (PDT) (envelope-from julian@elischer.org) Received: from InterJet.elischer.org ([12.232.206.8]) by sccrmhc03.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20021004152009.WMCI22381.sccrmhc03.attbi.com@InterJet.elischer.org>; Fri, 4 Oct 2002 15:20:09 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id IAA16994; Fri, 4 Oct 2002 08:06:42 -0700 (PDT) Date: Fri, 4 Oct 2002 08:06:41 -0700 (PDT) From: Julian Elischer To: Andre Oppermann Cc: freebsd-net@freebsd.org Subject: Re: Anyone T/TCP? In-Reply-To: <3D9D5E66.92C0F443@pipeline.ch> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Richard Stevens was the great T/TCP proponent. Since his untimely demise, it has been languishig.. I think many firewalls now routinely block packets with both SYN and FIN which is what T/TCP does. On Fri, 4 Oct 2002, Andre Oppermann wrote: > > Does someone actually use T/TCP in any application or does someone know > someone else using or having an application for it? > > -- > Andre > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 8:30:40 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A92037B401 for ; Fri, 4 Oct 2002 08:30:38 -0700 (PDT) Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id A45B243E65 for ; Fri, 4 Oct 2002 08:30:37 -0700 (PDT) (envelope-from larse@ISI.EDU) Received: from isi.edu (c1-vpn5.isi.edu [128.9.176.35]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id g94FUYC16126; Fri, 4 Oct 2002 08:30:35 -0700 (PDT) Message-ID: <3D9DA645.9050307@isi.edu> Date: Fri, 04 Oct 2002 07:31:33 -0700 From: Lars Eggert Organization: USC Information Sciences Institute User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Andre Oppermann Cc: freebsd-net@freebsd.org Subject: Re: Anyone T/TCP? References: <3D9D5E66.92C0F443@pipeline.ch> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms020607010301020902060905" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------ms020607010301020902060905 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Andre Oppermann wrote: > Does someone actually use T/TCP in any application or does someone know > someone else using or having an application for it? I don't think it's in wide production use. For research purposes, however, it's quiet useful sometimes. Is is a candidate for removal from the tree? Lars -- Lars Eggert USC Information Sciences Institute --------------ms020607010301020902060905 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJtjCC AzgwggKhoAMCAQICEGZFcrfMdPXPY3ZFhNAukQEwDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkG CSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMDA4MzAwMDAw MDBaFw0wNDA4MjcyMzU5NTlaMIGSMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUQ2Vy dGlmaWNhdGUgU2VydmljZXMxKDAmBgNVBAMTH1BlcnNvbmFsIEZyZWVtYWlsIFJTQSAyMDAw LjguMzAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4zMqZjxwklRT7SbngnZ4HF2ogZ gpcO40QpimM1Km1wPPrcrvfudG8wvDOQf/k0caCjbZjxw0+iZdsN+kvx1t1hpfmFzVWaNRqd knWoJ67Ycvm6AvbXsJHeHOmr4BgDqHxDQlBRh4M88Dm0m1SKE4f/s5udSWYALQmJ7JRr6aFp AgMBAAGjTjBMMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwxLTI5NzAS BgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOBgQAxsUtH XfkBceX1U2xdedY9mMAmE2KBIqcS+CKV6BtJtyd7BDm6/ObyJOuR+r3sDSo491BVqGz3Da1M G7wD9LXrokefbKIMWI0xQgkRbLAaadErErJAXWr5edDqLiXdiuT82w0fnQLzWtvKPPZE6iZp h39Ins6ln+eE2MliYq0FxjCCAzkwggKioAMCAQICAwglQTANBgkqhkiG9w0BAQQFADCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwMB4XDTAyMDgyNDE4NTMzOVoX DTAzMDgyNDE4NTMzOVowVDEPMA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYD VQQDEwtMYXJzIEVnZ2VydDEcMBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANI2Rrt4ggaQ/IrOsDeOm2H4/R5FRIL6JjDY3StE aogp1r23WKniQ1Vj98Nu5WxlaZ3Iam3Jen5T66H8u7rtMNpK4qAeAGoBsVeyVr1+CTFeuv+m xCh7BvBJwhLdm0zDaoDT05YKYZaqtsT+F286FWJQg31Xtf+vTKLVVrHcsafnteyal2NEt7Ac yZZfjsVLwxp2Lq3cwYfRQRoo7/yCVzS7HsgM6jmbO4taEMo4yC2rpnUbWEUCDTaCYgpAXzAl oiNk7GDh0wz2s5ZSnHRvNSBMAjCmpNtSYHfXFI1ANwrrrHIJ7Ei83+XN32PWY4OPzO3iown9 VR+vM+8lNx9OX28CAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIBBAQTTDJ1TXlmZkJO VWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQEEBQADgYEAXcrIlKmPLM/r8r3oz2ZLPLaT1AyMjYTZY2qq/R7SUtFa9BNlTIFh DG78QKfJ9lo2LMzTPQqMZgNLmj95GbNPI8P8OIq2K6MeCZWz08ROackqTFP6xWbIFIfXcBVR 1dZnDDyDKBBh05KkvyTPawSQyOBUeNBfQUyO4TE+3o58U8UwggM5MIICoqADAgECAgMIJUEw DQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MDAeFw0wMjA4MjQxODUzMzlaFw0wMzA4MjQxODUzMzlaMFQxDzANBgNVBAQTBkVnZ2VydDEN MAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkqhkiG9w0BCQEWDWxh cnNlQGlzaS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSNka7eIIGkPyK zrA3jpth+P0eRUSC+iYw2N0rRGqIKda9t1ip4kNVY/fDbuVsZWmdyGptyXp+U+uh/Lu67TDa SuKgHgBqAbFXsla9fgkxXrr/psQoewbwScIS3ZtMw2qA09OWCmGWqrbE/hdvOhViUIN9V7X/ r0yi1Vax3LGn57XsmpdjRLewHMmWX47FS8Madi6t3MGH0UEaKO/8glc0ux7IDOo5mzuLWhDK OMgtq6Z1G1hFAg02gmIKQF8wJaIjZOxg4dMM9rOWUpx0bzUgTAIwpqTbUmB31xSNQDcK66xy CexIvN/lzd9j1mODj8zt4qMJ/VUfrzPvJTcfTl9vAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIB ADAaMBgCAQQEE0wydU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVk dTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBAF3KyJSpjyzP6/K96M9mSzy2k9QM jI2E2WNqqv0e0lLRWvQTZUyBYQxu/ECnyfZaNizM0z0KjGYDS5o/eRmzTyPD/DiKtiujHgmV s9PETmnJKkxT+sVmyBSH13AVUdXWZww8gygQYdOSpL8kz2sEkMjgVHjQX0FMjuExPt6OfFPF MYIDJzCCAyMCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDCCVBMAkGBSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI hvcNAQkFMQ8XDTAyMTAwNDE0MzEzM1owIwYJKoZIhvcNAQkEMRYEFLe+4egGn8jkPE9Xa04A xoW8NlYAMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0G CCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0BCRACCzGB naCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZp Y2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMIJUEwDQYJ KoZIhvcNAQEBBQAEggEAY0HG2hX94sNN6jOCkFIs2Dv+Wo1+uEeUpQtB5oFX7pmVlGBR2epo 4Pg6wzGDARZR5J0XI3v1DI7ebGhJdd7R5qrhf56P8ef4c2ldGlqVF8cdrwY9IK7/LrqErqw5 armDfRhGCl9BHsSaJwsfvnhqI6B9woFsZQopEyFT7iumd9ltO/ILl+is5xkeWDaNI6heOyiw vh2XU0xzdRFS6NuKN+sZOzPYNHc9FmBDLSsO86nxBoVIQUxZr9lJhSLUY7qLlrrDaCRi6xYI hEIjAQsJH6tG0H8Ihtz4qpYd00qE39paxDe7JITlUB1r6Skm+3t0g55JFPf6kCbW0Gs/3N7J 0QAAAAAAAA== --------------ms020607010301020902060905-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 8:32:27 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 230C937B401 for ; Fri, 4 Oct 2002 08:32:25 -0700 (PDT) Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id A771143E42 for ; Fri, 4 Oct 2002 08:32:24 -0700 (PDT) (envelope-from larse@ISI.EDU) Received: from isi.edu (c1-vpn5.isi.edu [128.9.176.35]) by boreas.isi.edu (8.11.6/8.11.2) with ESMTP id g94FWMC17571; Fri, 4 Oct 2002 08:32:22 -0700 (PDT) Message-ID: <3D9DA6B1.7010609@isi.edu> Date: Fri, 04 Oct 2002 07:33:21 -0700 From: Lars Eggert Organization: USC Information Sciences Institute User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd@coal.sentex.ca Cc: freebsd-net@freebsd.org, Yu-Shun Wang Subject: Re: Linux <-> FreeBSD ipip/gre tunnel References: <16552555060.20021004100947@sentex.net> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms090104030408090609080705" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------ms090104030408090609080705 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit freebsd@coal.sentex.ca wrote: > (Originally posted to -questions, no responses yet.) > > I haven't been able to turn up anything under Google... > > Has anyone ever successfully gotten an IP-IP or GRE tunnel working > between a FreeBSD machine (4-STABLE) and a Linux machine (2.4.x)? I > can get a tunnel up between two FreeeBSD machines no problem, but not > between the two OSes. Yes, we've been using IPIP tunnels between the two systems without problems since at least 1998. (No idea about GRE.) What's the problem? Lars -- Lars Eggert USC Information Sciences Institute --------------ms090104030408090609080705 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJtjCC AzgwggKhoAMCAQICEGZFcrfMdPXPY3ZFhNAukQEwDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vydmlj ZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkG CSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMDA4MzAwMDAw MDBaFw0wNDA4MjcyMzU5NTlaMIGSMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUQ2Vy dGlmaWNhdGUgU2VydmljZXMxKDAmBgNVBAMTH1BlcnNvbmFsIEZyZWVtYWlsIFJTQSAyMDAw LjguMzAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4zMqZjxwklRT7SbngnZ4HF2ogZ gpcO40QpimM1Km1wPPrcrvfudG8wvDOQf/k0caCjbZjxw0+iZdsN+kvx1t1hpfmFzVWaNRqd knWoJ67Ycvm6AvbXsJHeHOmr4BgDqHxDQlBRh4M88Dm0m1SKE4f/s5udSWYALQmJ7JRr6aFp AgMBAAGjTjBMMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwxLTI5NzAS BgNVHRMBAf8ECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOBgQAxsUtH XfkBceX1U2xdedY9mMAmE2KBIqcS+CKV6BtJtyd7BDm6/ObyJOuR+r3sDSo491BVqGz3Da1M G7wD9LXrokefbKIMWI0xQgkRbLAaadErErJAXWr5edDqLiXdiuT82w0fnQLzWtvKPPZE6iZp h39Ins6ln+eE2MliYq0FxjCCAzkwggKioAMCAQICAwglQTANBgkqhkiG9w0BAQQFADCBkjEL MAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYD VQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwMB4XDTAyMDgyNDE4NTMzOVoX DTAzMDgyNDE4NTMzOVowVDEPMA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYD VQQDEwtMYXJzIEVnZ2VydDEcMBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBANI2Rrt4ggaQ/IrOsDeOm2H4/R5FRIL6JjDY3StE aogp1r23WKniQ1Vj98Nu5WxlaZ3Iam3Jen5T66H8u7rtMNpK4qAeAGoBsVeyVr1+CTFeuv+m xCh7BvBJwhLdm0zDaoDT05YKYZaqtsT+F286FWJQg31Xtf+vTKLVVrHcsafnteyal2NEt7Ac yZZfjsVLwxp2Lq3cwYfRQRoo7/yCVzS7HsgM6jmbO4taEMo4yC2rpnUbWEUCDTaCYgpAXzAl oiNk7GDh0wz2s5ZSnHRvNSBMAjCmpNtSYHfXFI1ANwrrrHIJ7Ei83+XN32PWY4OPzO3iown9 VR+vM+8lNx9OX28CAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIBBAQTTDJ1TXlmZkJO VWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1UdEwEB/wQCMAAwDQYJ KoZIhvcNAQEEBQADgYEAXcrIlKmPLM/r8r3oz2ZLPLaT1AyMjYTZY2qq/R7SUtFa9BNlTIFh DG78QKfJ9lo2LMzTPQqMZgNLmj95GbNPI8P8OIq2K6MeCZWz08ROackqTFP6xWbIFIfXcBVR 1dZnDDyDKBBh05KkvyTPawSQyOBUeNBfQUyO4TE+3o58U8UwggM5MIICoqADAgECAgMIJUEw DQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MDAeFw0wMjA4MjQxODUzMzlaFw0wMzA4MjQxODUzMzlaMFQxDzANBgNVBAQTBkVnZ2VydDEN MAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkqhkiG9w0BCQEWDWxh cnNlQGlzaS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSNka7eIIGkPyK zrA3jpth+P0eRUSC+iYw2N0rRGqIKda9t1ip4kNVY/fDbuVsZWmdyGptyXp+U+uh/Lu67TDa SuKgHgBqAbFXsla9fgkxXrr/psQoewbwScIS3ZtMw2qA09OWCmGWqrbE/hdvOhViUIN9V7X/ r0yi1Vax3LGn57XsmpdjRLewHMmWX47FS8Madi6t3MGH0UEaKO/8glc0ux7IDOo5mzuLWhDK OMgtq6Z1G1hFAg02gmIKQF8wJaIjZOxg4dMM9rOWUpx0bzUgTAIwpqTbUmB31xSNQDcK66xy CexIvN/lzd9j1mODj8zt4qMJ/VUfrzPvJTcfTl9vAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIB ADAaMBgCAQQEE0wydU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVk dTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBAF3KyJSpjyzP6/K96M9mSzy2k9QM jI2E2WNqqv0e0lLRWvQTZUyBYQxu/ECnyfZaNizM0z0KjGYDS5o/eRmzTyPD/DiKtiujHgmV s9PETmnJKkxT+sVmyBSH13AVUdXWZww8gygQYdOSpL8kz2sEkMjgVHjQX0FMjuExPt6OfFPF MYIDJzCCAyMCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZp Y2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDCCVBMAkGBSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI hvcNAQkFMQ8XDTAyMTAwNDE0MzMyMVowIwYJKoZIhvcNAQkEMRYEFHz5BOa4MB2fFZ76Ya46 h+eo8mNmMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0G CCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0BCRACCzGB naCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ Q2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZp Y2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMIJUEwDQYJ KoZIhvcNAQEBBQAEggEAeGJeATQtODoeBfVXlNPidNxWZq9kJ1O5rJjeZlG7TzuAgigmMvVg UrrunQJ5V/Hs+Qy0NnNMpV2MtP/y2/KWTDuTe7WdF4WLV9ngGQ/EinUprIKLDFuBkXBknyRc prbOtE1PrsSt2aPn6fwNrnPR5dw6/z/rzv9YPxFK83uaeoCty6cUcYAeStHYDBRjzWCvLS68 45QERMOb6/egldrhk8A/grwrWsATwWX1ii3nSmEAYTAgWnlDv6BMwt3IVZ0m3Q5Ne+CIc0xo u+JA+HHkeEUb4LU6jVFeOX18MKnYaGjBDv5Mod9bXp03w3NWfnrXNeJHrFTNcYJ1E/fh8oUv WAAAAAAAAA== --------------ms090104030408090609080705-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 9: 8:51 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8AE0A37B401 for ; Fri, 4 Oct 2002 09:08:50 -0700 (PDT) Received: from web9501.mail.yahoo.com (web9501.mail.yahoo.com [216.136.129.131]) by mx1.FreeBSD.org (Postfix) with SMTP id 4187343E42 for ; Fri, 4 Oct 2002 09:08:50 -0700 (PDT) (envelope-from yat_33@yahoo.com) Message-ID: <20021004160850.25674.qmail@web9501.mail.yahoo.com> Received: from [65.207.163.130] by web9501.mail.yahoo.com via HTTP; Fri, 04 Oct 2002 09:08:50 PDT Date: Fri, 4 Oct 2002 09:08:50 -0700 (PDT) From: yatin chalke Subject: Parsing route dump received using sysctl To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I am currently trying to get a route dump in freebsd4.4 using sysctl with NET_RT_DUMP. I am running into problems while parsing the returned rt_msghdr structures. The sockaddr structures returned after the rt_msghdr are messed up and it is not giving correct gateway or netmask. For ex: when I am parsing the received route dump the netmask received is nonzero(random value) for a default route (which it returns as 0.0.0.0) and also netmask doesnt appear to be a sockaddr structure. Also for further routes gateway and netmasks are 0.0.0.0. I am parsing the received sockaddr structures to get all the values depending on flag bits set in rt_msghdr structure. If anyone can help me in this matter it will be a great help. Thanks, --Yatin __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 9:22:30 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4715C37B401 for ; Fri, 4 Oct 2002 09:22:29 -0700 (PDT) Received: from venus.vincentjardin.net (AVelizy-102-1-1-238.abo.wanadoo.fr [193.253.255.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7482543E42 for ; Fri, 4 Oct 2002 09:22:28 -0700 (PDT) (envelope-from jardin@venus.vincentjardin.net) Received: by venus.vincentjardin.net (Postfix, from userid 501) id B4BF81503A1; Fri, 4 Oct 2002 18:37:50 +0200 (CEST) Content-Type: text/plain; charset="iso-8859-1" From: Vincent Jardin To: jleu@mindspring.com, zebra@zebra.org Subject: Re: [zebra 15605] BGP/MPLS VPN using the mpls-linux patch and zebra ldp patch Date: Fri, 4 Oct 2002 18:37:50 +0200 X-Mailer: KMail [version 1.3.1] Cc: net@FreeBSD.ORG References: <7C545DDB428BD611865C00062938ECF40117FEB8@ent37ex00.ind.zensar.com> <20021003110147.B22387@nero.doit.wisc.edu> In-Reply-To: <20021003110147.B22387@nero.doit.wisc.edu> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <20021004163750.B4BF81503A1@venus.vincentjardin.net> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > I've overly simplified much of what is here, and I'm sure I've missing > items. So as you can see there is still a lot of work to do. If anyone > else is working on related items, please let me know. Did you check the AYAME's work on MPLS ? They have a MPLS stack for NetBSD. Moreover they have many Zebra patches that are related to their MPLS stack. see: http://www.isoc.org/isoc/conferences/inet/00/cdproceedings/1h/1h_2.htm http://www.ayame.org/ Vincent To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 9:28: 9 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E14D937B401 for ; Fri, 4 Oct 2002 09:28:06 -0700 (PDT) Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5190A43E65 for ; Fri, 4 Oct 2002 09:27:59 -0700 (PDT) (envelope-from ru@whale.sunbay.crimea.ua) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g94GQvN00949; Fri, 4 Oct 2002 19:26:57 +0300 (EEST) (envelope-from ru) Date: Fri, 4 Oct 2002 19:26:57 +0300 From: Ruslan Ermilov To: yatin chalke Cc: freebsd-net@FreeBSD.ORG Subject: Re: Parsing route dump received using sysctl Message-ID: <20021004162657.GB91159@sunbay.com> References: <20021004160850.25674.qmail@web9501.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="tjCHc7DPkfUGtrlw" Content-Disposition: inline In-Reply-To: <20021004160850.25674.qmail@web9501.mail.yahoo.com> User-Agent: Mutt/1.3.99i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --tjCHc7DPkfUGtrlw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 04, 2002 at 09:08:50AM -0700, yatin chalke wrote: > Hi, >=20 > I am currently trying to get a route dump in > freebsd4.4 using sysctl with NET_RT_DUMP. >=20 > I am running into problems while parsing the returned > rt_msghdr structures. >=20 > The sockaddr structures returned after the rt_msghdr > are messed up and it is not giving correct gateway or > netmask. >=20 > For ex: when I am parsing the received route dump the > netmask received is nonzero(random value) for a > default route (which it returns as 0.0.0.0) and also > netmask doesnt appear to be a sockaddr structure. >=20 > Also for further routes gateway and netmasks are > 0.0.0.0. > I am parsing the received sockaddr structures to get > all the values depending on flag bits set in rt_msghdr > structure. >=20 > If anyone can help me in this matter it will be a > great help. >=20 Look at the route(8) code, you're probably missing the necessary alignments (with the ROUNDUP() macro). Cheers, --=20 Ruslan Ermilov Sysadmin and DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --tjCHc7DPkfUGtrlw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9ncFRUkv4P6juNwoRAgnVAJ9kNPjMibQbduU01bjYKC8nUnL+hgCfbOes yaI3HgpbSwZyT5sJ0itXwnM= =Nby+ -----END PGP SIGNATURE----- --tjCHc7DPkfUGtrlw-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 9:33:47 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E67537B401 for ; Fri, 4 Oct 2002 09:33:46 -0700 (PDT) Received: from www.example.org (dhcp-nic-val-26-92.cisco.com [64.103.26.92]) by mx1.FreeBSD.org (Postfix) with SMTP id F2C3643E75 for ; Fri, 4 Oct 2002 09:33:39 -0700 (PDT) (envelope-from molter@tin.it) Received: (qmail 21198 invoked by uid 1000); 4 Oct 2002 16:33:36 -0000 Message-ID: <20021004163336.21197.qmail@cobweb.example.org> Date: Fri, 4 Oct 2002 18:33:36 +0200 From: Marco Molteni To: freebsd-net@freebsd.org Subject: Re: Anyone T/TCP? In-Reply-To: References: <3D9D5E66.92C0F443@pipeline.ch> X-Mailer: Sylpheed version 0.8.2 (GTK+ 1.2.10; i386-portbld-freebsd4.6) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 4 Oct 2002, Julian Elischer wrote: > Richard Stevens was the great T/TCP proponent. Together with Bob Braden (RFC1644), who is alive and kicking at ISI. Marco > Since his untimely demise, it has been languishig.. > I think many firewalls now routinely > block packets with both SYN and FIN which is what T/TCP does. > > On Fri, 4 Oct 2002, Andre Oppermann wrote: > > > > Does someone actually use T/TCP in any application or does someone > > know someone else using or having an application for it? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 9:47:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 97B4D37B401 for ; Fri, 4 Oct 2002 09:47:32 -0700 (PDT) Received: from brainlink.com (mail.brainlink.com [66.228.0.129]) by mx1.FreeBSD.org (Postfix) with ESMTP id E368043E77 for ; Fri, 4 Oct 2002 09:47:31 -0700 (PDT) (envelope-from anthonyv@brainlink.com) Received: from [24.189.7.159] (HELO brainlink.com) by brainlink.com (CommuniGate Pro SMTP 3.5.3) with SMTP id 15954922; Fri, 04 Oct 2002 12:34:37 -0400 Message-ID: <3D9DC61E.1010702@brainlink.com> Date: Fri, 04 Oct 2002 12:47:26 -0400 From: Anthony Volodkin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.2a) Gecko/20020910 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd@coal.sentex.ca Cc: net@freebsd.org Subject: Re: Linux <-> FreeBSD ipip/gre tunnel References: <16552555060.20021004100947@sentex.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org freebsd@coal.sentex.ca wrote: >(Originally posted to -questions, no responses yet.) > >I haven't been able to turn up anything under Google... > >Has anyone ever successfully gotten an IP-IP or GRE tunnel working >between a FreeBSD machine (4-STABLE) and a Linux machine (2.4.x)? I >can get a tunnel up between two FreeeBSD machines no problem, but not >between the two OSes. > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > > >with "unsubscribe freebsd-net" in the body of the message > > Hey, I've had a setup where a FreeBSD 4.6.2-RELEASE machine was the server, and Linux 2.4.* machines were clients. I used ppp on the server side and a patched pppd / kernel on the client side. I used mppe encryption so I had to patch the linux kernel and the ppp daemon under linux for mppe support. There was also a MSCHAPv2 patch of some sort for the linux pppd. Regards, Anthony Volodkin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 9:53:24 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D569937B407; Fri, 4 Oct 2002 09:53:14 -0700 (PDT) Received: from baraca.united.net.ua (ns.united.net.ua [193.111.8.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A0B743E6A; Fri, 4 Oct 2002 09:53:13 -0700 (PDT) (envelope-from sobomax@FreeBSD.org) Received: from vega.vega.com (xDSL-2-2.united.net.ua [193.111.9.226]) by baraca.united.net.ua (8.11.6/8.11.6) with ESMTP id g94Gr5p39555; Fri, 4 Oct 2002 19:53:07 +0300 (EEST) (envelope-from sobomax@FreeBSD.org) Received: from FreeBSD.org (big_brother.vega.com [192.168.1.1]) by vega.vega.com (8.12.6/8.12.5) with ESMTP id g94Gr2Ts062472; Fri, 4 Oct 2002 19:53:02 +0300 (EEST) (envelope-from sobomax@FreeBSD.org) Message-ID: <3D9DC7F3.7B966349@FreeBSD.org> Date: Fri, 04 Oct 2002 19:55:15 +0300 From: Maxim Sobolev Organization: Vega International Capital X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en,uk,ru MIME-Version: 1.0 To: "Vladimir B. Grebenschikov" Cc: sumikawa@FreeBSD.org, freebsd-net@FreeBSD.org Subject: Re: zebra interface flags problem on 4.7-RC2 (IFF_PROMISC) References: <1033739506.1060.16.camel@vbook.express.ru> <20021004140644.GB61661@vega.vega.com> <1033741307.1060.22.camel@vbook.express.ru> Content-Type: multipart/mixed; boundary="------------4E39E42B7C27B4B2B6476BD6" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. --------------4E39E42B7C27B4B2B6476BD6 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Closer look at zebra's code revealed that my initial guess was entirely correct. The problem is that it doesn't bother to zero out ifreq structure allocated on stack, which leads to this misbehaviour. Attached patch should fix the problem - unfortunately due to code freeze I can't commit it immediately. -Maxim "Vladimir B. Grebenschikov" wrote: > > ÷ Fri, 04.10.2002, × 18:06, Maxim Sobolev ÎÁÐÉÓÁÌ: > > On Fri, Oct 04, 2002 at 05:51:46PM +0400, Vladimir B. Grebenschikov wrote: > > > > > > Hi > > > > > > I have tried to install fresh zebra (from ports) on 4.7-RC2 > > > > > > have a problem - zebra turns on promiscuity mode on interface, > > > it is completely unacceptable when interface connected to HUB (not > > > switch) - router begins resend all packets. > > > > > > # ifconfig fxp1 > > > fxp1: flags=8843 mtu 1500 > > > inet 193.125.143.129 netmask 0xffffff00 broadcast > > > 193.125.143.255 > > > ether 00:a0:c9:41:a3:a3 > > > media: Ethernet autoselect (10baseT/UTP) > > > status: active > > > # zebra -d > > > 2002/10/04 16:33:42 ZEBRA: can't get ip6forwarding value > > > # ifconfig fxp1 > > > fxp1: flags=8943 mtu > > > 1500 > > > inet 193.125.143.129 netmask 0xffffff00 broadcast > > > 193.125.143.255 > > > ether 00:a0:c9:41:a3:a3 > > > media: Ethernet autoselect (10baseT/UTP) > > > status: active > > > > > > > > > Nothing special in zebra config, just installed 4.7-RC2, just upgraded > > > zebra. > > > > > > I am not sure is it Zebra-related or FreeBSD-related problem > > > digging into zebra code do not show any abnormal interface flags > > > installed. > > > > This is probably a bug in zebra - I guess that it's doesn't clear > > 'struct ifreq' properly before SIOCSIFFLAGS ioctl(2). > > Zebra explicitly sets flags like this: > ioctl.c: ifreq.ifr_flags = ifp->flags; > ioctl.c: ifreq.ifr_flags |= flags; > > and I have tried to change code: > > ioctl.c: ifreq.ifr_flags = ifp->flags; > ioctl.c: ifreq.ifr_flags |= flags; > ioctl.c: ifreq.ifr_flags &= ~(IFF_PROMISC); > > - does not help. > > > -Maxim > > > > > > > > May be problem related to following commit: > > > > > > date: 2002/08/30 14:23:38; author: sobomax; state: Exp; lines: +25 -4 > > > MFC: user-setable promisc mode. The code is slightly diffrent (and > > > uglier) > > > than in HEAD, because we have had to preserve kernel ABI, so that > > > increasing > > > if_flags to 32 bits was not an option. > > > > > > > > > -- > > > Vladimir B. Grebenschikov > > > vova@sw.ru, SWsoft, Inc. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > > -- > Vladimir B. Grebenschikov > vova@sw.ru, SWsoft, Inc. --------------4E39E42B7C27B4B2B6476BD6 Content-Type: text/plain; charset=koi8-r; name="diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="diff" Index: Makefile =================================================================== RCS file: /home/ncvs/ports/net/zebra/Makefile,v retrieving revision 1.64 diff -d -u -r1.64 Makefile --- Makefile 13 Sep 2002 07:57:25 -0000 1.64 +++ Makefile 4 Oct 2002 16:50:07 -0000 @@ -7,6 +7,7 @@ PORTNAME= zebra PORTVERSION= 0.93b +PORTREVISION= 1 CATEGORIES= net ipv6 MASTER_SITES= ftp://ftp.zebra.org/pub/zebra/ \ ftp://ftp.ripe.net/mirrors/sites/ftp.zebra.org/pub/zebra/ \ Index: files/patch-ioctl.c =================================================================== RCS file: /home/ncvs/ports/net/zebra/files/patch-ioctl.c,v retrieving revision 1.1 diff -d -u -r1.1 patch-ioctl.c --- files/patch-ioctl.c 12 Dec 2001 18:08:55 -0000 1.1 +++ files/patch-ioctl.c 4 Oct 2002 16:50:07 -0000 @@ -1,6 +1,25 @@ ---- zebra/ioctl.c.orig Wed Dec 12 18:02:16 2001 -+++ zebra/ioctl.c Wed Dec 12 18:02:30 2001 -@@ -478,6 +478,9 @@ + +$FreeBSD$ + +--- zebra/ioctl.c.orig Tue Oct 23 11:31:29 2001 ++++ zebra/ioctl.c Fri Oct 4 19:45:04 2002 +@@ -349,6 +349,7 @@ + int ret; + struct ifreq ifreq; + ++ bzero(&ifreq, sizeof(struct ifreq)); + ifreq_set_name (&ifreq, ifp); + + ifreq.ifr_flags = ifp->flags; +@@ -371,6 +372,7 @@ + int ret; + struct ifreq ifreq; + ++ bzero(&ifreq, sizeof(struct ifreq)); + ifreq_set_name (&ifreq, ifp); + + ifreq.ifr_flags = ifp->flags; +@@ -473,6 +475,9 @@ mask.sin6_len = sizeof (struct sockaddr_in6); #endif memcpy (&addreq.ifra_prefixmask, &mask, sizeof (struct sockaddr_in6)); @@ -8,5 +27,5 @@ + addreq.ifra_lifetime.ia6t_vltime = 0xffffffff; + addreq.ifra_lifetime.ia6t_pltime = 0xffffffff; - ret = if_ioctl_ipv6 (SIOCAIFADDR_IN6, (caddr_t) &addreq); - if (ret < 0) + addreq.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; + addreq.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; --------------4E39E42B7C27B4B2B6476BD6-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 10: 9:49 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFEB937B404; Fri, 4 Oct 2002 10:09:46 -0700 (PDT) Received: from venus.vincentjardin.net (AVelizy-102-1-1-238.abo.wanadoo.fr [193.253.255.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id D611943E3B; Fri, 4 Oct 2002 10:09:45 -0700 (PDT) (envelope-from jardin@venus.vincentjardin.net) Received: by venus.vincentjardin.net (Postfix, from userid 501) id B4FE41503A0; Fri, 4 Oct 2002 17:39:03 +0200 (CEST) Content-Type: text/plain; charset="iso-8859-1" From: Vincent Jardin To: "Vladimir B. " Grebenschikov , sumikawa@FreeBSD.org Subject: Re: zebra interface flags problem on 4.7-RC2 (IFF_PROMISC) Date: Fri, 4 Oct 2002 17:39:03 +0200 X-Mailer: KMail [version 1.3.1] Cc: freebsd-net@freebsd.org, sobomax@freebsd.org References: <1033739506.1060.16.camel@vbook.express.ru> In-Reply-To: <1033739506.1060.16.camel@vbook.express.ru> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <20021004153903.B4FE41503A0@venus.vincentjardin.net> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org It looks like your BSD kernel is not compiled with the IPv6 support. Le Vendredi 4 Octobre 2002 15:51, "Vladimir B. " Grebenschikov a écrit : > Hi > > I have tried to install fresh zebra (from ports) on 4.7-RC2 > > have a problem - zebra turns on promiscuity mode on interface, > it is completely unacceptable when interface connected to HUB (not > switch) - router begins resend all packets. > > # ifconfig fxp1 > fxp1: flags=8843 mtu 1500 > inet 193.125.143.129 netmask 0xffffff00 broadcast > 193.125.143.255 > ether 00:a0:c9:41:a3:a3 > media: Ethernet autoselect (10baseT/UTP) > status: active You do not have any link-local address on this interface. > # zebra -d > 2002/10/04 16:33:42 ZEBRA: can't get ip6forwarding value If you do not need any IPv6 support, you can compile zebra without the IPv6 support: --disable-ipv6 > # ifconfig fxp1 > fxp1: flags=8943 mtu > 1500 > inet 193.125.143.129 netmask 0xffffff00 broadcast > 193.125.143.255 > ether 00:a0:c9:41:a3:a3 > media: Ethernet autoselect (10baseT/UTP) > status: active > > > Nothing special in zebra config, just installed 4.7-RC2, just upgraded > zebra. > > I am not sure is it Zebra-related or FreeBSD-related problem > digging into zebra code do not show any abnormal interface flags > installed. > > May be problem related to following commit: > > date: 2002/08/30 14:23:38; author: sobomax; state: Exp; lines: +25 -4 > MFC: user-setable promisc mode. The code is slightly diffrent (and > uglier) > than in HEAD, because we have had to preserve kernel ABI, so that > increasing > if_flags to 32 bits was not an option. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 10:22:59 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9CB1837B401 for ; Fri, 4 Oct 2002 10:22:58 -0700 (PDT) Received: from wall.polstra.com (wall-gw.polstra.com [206.213.73.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id C1E5943E65 for ; Fri, 4 Oct 2002 10:22:57 -0700 (PDT) (envelope-from jdp@polstra.com) Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13]) by wall.polstra.com (8.11.3/8.11.3) with ESMTP id g94HMsx24794; Fri, 4 Oct 2002 10:22:54 -0700 (PDT) (envelope-from jdp@vashon.polstra.com) Received: (from jdp@localhost) by vashon.polstra.com (8.12.5/8.12.5/Submit) id g94HMrbG002976; Fri, 4 Oct 2002 10:22:53 -0700 (PDT) (envelope-from jdp) Date: Fri, 4 Oct 2002 10:22:53 -0700 (PDT) Message-Id: <200210041722.g94HMrbG002976@vashon.polstra.com> To: net@freebsd.org From: John Polstra Cc: julian@elischer.org Subject: Re: Anyone T/TCP? In-Reply-To: References: Organization: Polstra & Co., Seattle, WA Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article , Julian Elischer wrote: > Richard Stevens was the great T/TCP proponent. Since his untimely > demise, it has been languishig.. I think many firewalls now routinely > block packets with both SYN and FIN which is what T/TCP does. Accepting incoming T/TCP creates a pretty serious DoS vulnerability, doesn't it? The very first packet contains the request, which the server must act upon and reply to without further delay. There is no 3-way handshake, so a simple attack using spoofed source addresses can impose a huge load on the victim. John -- John Polstra John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 10:34: 4 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 23A5F37B401 for ; Fri, 4 Oct 2002 10:34:04 -0700 (PDT) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id AE28E43E4A for ; Fri, 4 Oct 2002 10:34:03 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 21437 invoked from network); 4 Oct 2002 17:34:02 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (66.92.188.241) by 0 with SMTP; 4 Oct 2002 17:34:02 -0000 Message-ID: <3D9DD109.6030105@tenebras.com> Date: Fri, 04 Oct 2002 10:34:01 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en, fr-fr, ru MIME-Version: 1.0 To: John Polstra Cc: net@freebsd.org, julian@elischer.org Subject: Re: Anyone T/TCP? References: <200210041722.g94HMrbG002976@vashon.polstra.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org John Polstra wrote: > Accepting incoming T/TCP creates a pretty serious DoS vulnerability, > doesn't it? The very first packet contains the request, which the > server must act upon and reply to without further delay. There is no > 3-way handshake, so a simple attack using spoofed source addresses can > impose a huge load on the victim. Right. It's reasonable to use T/TCP when the transactions contain an authenticator, and in a VPN. For public access, it's subject to attacks for which there are no adequate countermeasures. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 11: 1:43 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C4B4C37B401 for ; Fri, 4 Oct 2002 11:01:42 -0700 (PDT) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 856DA43E3B for ; Fri, 4 Oct 2002 11:01:41 -0700 (PDT) (envelope-from oppermann@pipeline.ch) Received: (qmail 98421 invoked from network); 4 Oct 2002 17:58:50 -0000 Received: from unknown (HELO pipeline.ch) ([62.48.0.54]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 4 Oct 2002 17:58:50 -0000 Message-ID: <3D9DD749.598CE2D@pipeline.ch> Date: Fri, 04 Oct 2002 20:00:41 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Lars Eggert Cc: freebsd-net@freebsd.org Subject: Re: Anyone T/TCP? References: <3D9D5E66.92C0F443@pipeline.ch> <3D9DA645.9050307@isi.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Lars Eggert wrote: > > Andre Oppermann wrote: > > Does someone actually use T/TCP in any application or does someone know > > someone else using or having an application for it? > > I don't think it's in wide production use. For research purposes, > however, it's quiet useful sometimes. > > Is is a candidate for removal from the tree? I was stumbling over it because it covertly uses the fillers in the rmx_metrics structure for its TAO counts. But actually yes, I was thinking about axing it and decomplicating a great deal of code. Anyway I can't axe it for myself cos I don't have commit privilidges :-) Considering JDP's comment it's not useful at all in an Internet environment. So practically it doesn't matter if it's gone. -- Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 11: 9:31 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 24CEE37B401 for ; Fri, 4 Oct 2002 11:09:30 -0700 (PDT) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 91F5343E65 for ; Fri, 4 Oct 2002 11:09:29 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.3/8.12.5) with ESMTP id g94I9SgQ015078 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Fri, 4 Oct 2002 14:09:29 -0400 (EDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.3/8.12.5/Submit) id g94I9Sbm015075; Fri, 4 Oct 2002 14:09:28 -0400 (EDT) (envelope-from wollman) Date: Fri, 4 Oct 2002 14:09:28 -0400 (EDT) From: Garrett Wollman Message-Id: <200210041809.g94I9Sbm015075@khavrinen.lcs.mit.edu> To: John Polstra Cc: net@FreeBSD.ORG Subject: Re: Anyone T/TCP? In-Reply-To: <200210041722.g94HMrbG002976@vashon.polstra.com> References: <200210041722.g94HMrbG002976@vashon.polstra.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > Accepting incoming T/TCP creates a pretty serious DoS vulnerability, > doesn't it? The very first packet contains the request, which the > server must act upon and reply to without further delay. There is no > 3-way handshake, so a simple attack using spoofed source addresses can > impose a huge load on the victim. None of these assertions are correct. There is a serious vulnerability in T/TCP, but it has to do with how the connection counts are chosen and validated. The initial connection between two hosts always falls back to the three-way handshake; the second and later connections use the accelerated-open feature. However, the connection count used to implement accelerated open can be spoofed with a probability of 0.5 per attempt (or even more easily if the attacker can open a connection to the target beforehand). As a result, T/TCP can only be enabled safely if all the connections to a machine can be authenticated (either embedded in the request or below the transport layer). T/TCP is classified as an Experimental protocol. This means that it is not considered adequate for widespread deployment in the Internet, and implementations are not supposed to enable it without explicit configuration. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 12: 8:46 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6312737B401 for ; Fri, 4 Oct 2002 12:08:45 -0700 (PDT) Received: from chiark.greenend.org.uk (chiark.greenend.org.uk [212.135.138.206]) by mx1.FreeBSD.org (Postfix) with ESMTP id A3CCF43E42 for ; Fri, 4 Oct 2002 12:08:44 -0700 (PDT) (envelope-from fanf@chiark.greenend.org.uk) Received: from fanf by chiark.greenend.org.uk with local (Exim 3.12 #1) id 17xXoZ-0006ZP-00 (Debian); Fri, 04 Oct 2002 20:08:43 +0100 To: oppermann@pipeline.ch From: Tony Finch Cc: freebsd-net@freebsd.org Subject: Re: Anyone T/TCP? In-Reply-To: <3D9DD749.598CE2D@pipeline.ch> References: <3D9D5E66.92C0F443@pipeline.ch> <3D9DA645.9050307@isi.edu> Message-Id: Date: Fri, 04 Oct 2002 20:08:43 +0100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Andre Oppermann wrote: > >Considering JDP's comment it's not useful at all in an Internet >environment. So practically it doesn't matter if it's gone. I think it may be useful in the back end of a server cluster. Tony. -- f.a.n.finch http://dotat.at/ SOLE: VARIABLE BECOMING EASTERLY 3 OR 4. FAIR. GOOD. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 18:50:29 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2712737B401 for ; Fri, 4 Oct 2002 18:50:28 -0700 (PDT) Received: from mail.wrs.com (unknown-1-11.windriver.com [147.11.1.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id AFCC543E4A for ; Fri, 4 Oct 2002 18:50:27 -0700 (PDT) (envelope-from neeraj.bhatia@windriver.com) Received: from alasilvretta (ala-silvretta [147.11.48.37]) by mail.wrs.com (8.9.3/8.9.1) with SMTP id SAA01848 for ; Fri, 4 Oct 2002 18:49:40 -0700 (PDT) From: "Neeraj Bhatia" To: Subject: IPv6 neighbor discovery question Date: Fri, 4 Oct 2002 19:04:15 -0700 Message-ID: <008601c26c13$83cddb80$25300b93@alasilvretta> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) In-Reply-To: Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The stack should send out a neighbor solicitation for a global source address of a received Echo request when there are no default routers present on the link.I believe such addresses should be considered on link wrt RFC 2461 Section 5.2. Currently ip6_output will drop such a packet since there won't be a prefix route in the routing table.Is this correct behavior? Thx. -N =========================== Neeraj Bhatia IP group, Core Networking Wind River Networks (o)510.749.4633 (m)509.475.7106 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 4 20:56:52 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E266037B401; Fri, 4 Oct 2002 20:56:51 -0700 (PDT) Received: from warspite.cnchost.com (warspite.concentric.net [207.155.248.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C76C43E6E; Fri, 4 Oct 2002 20:56:51 -0700 (PDT) (envelope-from bakul@bitblocks.com) Received: from bitblocks.com (adsl-209-204-185-216.sonic.net [209.204.185.216]) by warspite.cnchost.com id XAA19951; Fri, 4 Oct 2002 23:56:48 -0400 (EDT) [ConcentricHost SMTP Relay 1.14] Message-ID: <200210050356.XAA19951@warspite.cnchost.com> To: Koroush Saraf Cc: rizzo@icir.org, ru@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Consistency of cached routes In-reply-to: Your message of "Fri, 04 Oct 2002 11:27:23 PDT." <00ca01c26bd3$af7e32b0$6317c581@BSDWIN2KKOROUSH> Date: Fri, 04 Oct 2002 20:56:46 -0700 From: Bakul Shah Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I saw your thread on Consistency of cached routes, and I'm having the same pr > oblem with my setup of bsd machines. When a new route is discovered, the out > dated cached route is still in the table and it doesn't expire fast enough. If your problem is a cached route used for forwarding, you ought to run something more recent than 19-Mar-2002 (which is when Ruslan put in the fix in sys/netinet/in_rmx.c). If you _are_ running something more recent, you have a different problem or there is a bug in the fix. More details would be helpful. If you can describe the problem as precisely as possible, may be someone can figure out the solution. Can you construct a test scenario? > Have you guys come up with a solution on how to turn off route coloning. I f > eel that my 1Ghz machines are fast enough to do a route lookup for every pack > et. You can't turn off route cloning in the current scheme. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Oct 5 1:57:38 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4C77F37B401 for ; Sat, 5 Oct 2002 01:57:37 -0700 (PDT) Received: from sasami.jurai.net (sasami.jurai.net [66.92.160.223]) by mx1.FreeBSD.org (Postfix) with ESMTP id A6DBB43E42 for ; Sat, 5 Oct 2002 01:57:36 -0700 (PDT) (envelope-from winter@jurai.net) Received: from sasami.jurai.net (sasami.jurai.net [66.92.160.223]) by sasami.jurai.net (8.12.5/8.12.5) with ESMTP id g958vTVu037055; Sat, 5 Oct 2002 04:57:30 -0400 (EDT) (envelope-from winter@jurai.net) Date: Sat, 5 Oct 2002 04:57:29 -0400 (EDT) From: "Matthew N. Dodd" To: Gianmarco Giovannelli Cc: Eric Brunner-Williams in Portland Maine , Subject: Re: Token Ring - Ethernet bridge In-Reply-To: <5.1.1.6.2.20021003083237.022d9008@194.184.65.7> Message-ID: <20021005045657.V30311-100000@sasami.jurai.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 3 Oct 2002, Gianmarco Giovannelli wrote: > The Olicom cards seems to me the only one supported by the driver of Larry > Lile. > It's a pity because I am full of IBM card that I can't use :-) I've got an IBM LanStreamer driver thats about 85% done that I need to finish up... -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | winter@jurai.net | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | For Great Justice! | ISO8802.5 4ever | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Oct 5 4:18:28 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BEA7637B401 for ; Sat, 5 Oct 2002 04:18:27 -0700 (PDT) Received: from hotmail.com (f60.law9.hotmail.com [64.4.9.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8815743E65 for ; Sat, 5 Oct 2002 04:18:27 -0700 (PDT) (envelope-from soheil_h_y@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 5 Oct 2002 04:18:27 -0700 Received: from 213.29.70.163 by lw9fd.law9.hotmail.msn.com with HTTP; Sat, 05 Oct 2002 11:18:27 GMT X-Originating-IP: [213.29.70.163] From: "soheil hassas yeganeh" To: freebsd-net@FreeBSD.ORG Subject: The synchronized card for routers Date: Sat, 05 Oct 2002 14:48:27 +0330 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 05 Oct 2002 11:18:27.0286 (UTC) FILETIME=[ED402760:01C26C60] Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi list does freeBSD support synchron card for pc routers Thanx _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Oct 5 10:26:36 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 37E7F37B401; Sat, 5 Oct 2002 10:26:35 -0700 (PDT) Received: from rodney.cnchost.com (rodney.concentric.net [207.155.252.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC25243E75; Sat, 5 Oct 2002 10:26:34 -0700 (PDT) (envelope-from bakul@bitblocks.com) Received: from bitblocks.com (adsl-209-204-185-216.sonic.net [209.204.185.216]) by rodney.cnchost.com id NAA27565; Sat, 5 Oct 2002 13:26:32 -0400 (EDT) [ConcentricHost SMTP Relay 1.14] Message-ID: <200210051726.NAA27565@rodney.cnchost.com> To: Koroush Saraf Cc: rizzo@icir.org, ru@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Consistency of cached routes In-reply-to: Your message of "Fri, 04 Oct 2002 20:56:46 PDT." Date: Sat, 05 Oct 2002 10:26:32 -0700 From: Bakul Shah Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I said: > If your problem is a cached route used for forwarding, you > ought to run something more recent than 19-Mar-2002 (which is > when Ruslan put in the fix in sys/netinet/in_rmx.c). I didn't look carefully enough. This bug fix was put in in_rmx.c rev 1.39. It didn't get merged back to -stable until 9-Aug (in_rmx.c rev 1.37.2.3), which is unfortunately *after* the last release. If you're running a released version of FreeBSD, your choices are: a. Wait for the next release b. Uprgade to -stable c. Apply the below patch to /sys/netinet/in_rmx.c and recompile. @@ -54,6 +54,7 @@ #include #include #include +extern struct route ipforward_rt; /* ip forwarding cached route */ extern int in_inithead __P((void **head, int off)); @@ -135,6 +136,17 @@ RTFREE(rt2); } } + + /* + * If the new route created successfully, and we are forwarding, + * and there is a cached route, free it. Otherwise, we may end + * up using the wrong route. + */ + if (ret != NULL && ipforwarding && ipforward_rt.ro_rt) { + RTFREE(ipforward_rt.ro_rt); + ipforward_rt.ro_rt = 0; + } + return ret; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Oct 5 17:11:29 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E9CC37B401 for ; Sat, 5 Oct 2002 17:11:28 -0700 (PDT) Received: from csmail.commserv.ucsb.edu (cspdc.commserv.ucsb.edu [128.111.251.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id EBBC243E4A for ; Sat, 5 Oct 2002 17:11:27 -0700 (PDT) (envelope-from steve@expertcity.com) Received: from expertcity.com ([68.6.35.15]) by csmail.commserv.ucsb.edu (Netscape Messaging Server 3.62) with ESMTP id 587 for ; Sat, 5 Oct 2002 17:11:25 -0700 Message-ID: <3D9F8002.70500@expertcity.com> Date: Sat, 05 Oct 2002 17:12:50 -0700 From: Steve Francis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Help with net.inet.ip.intr_queue_maxlen Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Can someone help me with net.inet.ip.intr_queue_maxlen tuning? Firstly, its the "size of the IP input queue", per the source. So does that mean after the NIC has received the packet, the interupt from the NIC has been processed and the packet retrieved from the NIC, then the packet is placed in this queue, before the IP stack looks at it? i.e. its unrelated to interupt coalescing or polling, or NIC performance, as they have already occurred in order to put the packet into the queue. Yes? I am getting incrementing net.inet.ip.intr_queue_drops at around 8,000 pps (increasing drops at rate of 10 or so per second.) Yet, if my statement above about what the queue is, is correct, then it just means that the system was busy doing stuff before it had a chance to process the incoming packets, so there was no room for new ones to enter the queue. But as the system was only 50% busy, then if I increase the input queue, I should be able to avoid these drops, correct? At least until the system gets a lot busier. Is there a sane upper recommended limit to the queue length? Or am I way off base here? Thanks To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message