From owner-freebsd-net@FreeBSD.ORG Sun May 4 10:37:36 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB1FF37B401 for ; Sun, 4 May 2003 10:37:36 -0700 (PDT) Received: from mwinf0404.wanadoo.fr (smtp5.wanadoo.fr [193.252.22.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 87E0C43FBF for ; Sun, 4 May 2003 10:37:33 -0700 (PDT) (envelope-from vjardin@wanadoo.fr) Received: from venus.vincentjardin.net (AVelizy-102-1-6-28.abo.wanadoo.fr [193.253.220.28]) by mwinf0404.wanadoo.fr (SMTP Server) with ESMTP id D6EBE38000DC; Sun, 4 May 2003 19:37:30 +0200 (CEST) Content-Type: text/plain; charset="iso-8859-1" From: Vincent Jardin To: Mike Tancsa Date: Sun, 4 May 2003 19:37:27 +0200 User-Agent: KMail/1.4.3 References: <_MzYgD.A.O9P._h8s-@coal.sentex.ca> <09l7bv4bp8vvngc0j85tgqob0u3b0vl7pr@4ax.com> In-Reply-To: <09l7bv4bp8vvngc0j85tgqob0u3b0vl7pr@4ax.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200305041937.27631.vjardin@wanadoo.fr> cc: freebsd-net@freebsd.org Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2003 17:37:37 -0000 Le Samedi 3 Mai 2003 16:43, Mike Tancsa a =E9crit : > It sounds a bit messy to maintain. Perhaps it would be easier to just > write wrapper programs around those that you use if really need be. e.= g. a > local copy of netstat,ifconfig and route and have those executed first = in > your path. I thought about it. However many issues remain: - SNMP still uses the FreeBSD's interface name - the kernel logs - ... they are lot of softwares that need their own patch=20 Whereas all these softwares would work fine if the interface name does no= t=20 have a unit number. Thanks, Vincent PS: For example, with Linux, the name of an ipip or gre tunnel is free: # ip tunnel add FooBar mode ipip remote 192.168.0.251 local 192.168.0.15=20 # ifconfig FooBar FooBar Lien encap:IPIP Tunnel HWaddr =20 POINTOPOINT NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0=20 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > =09---Mike > > On Sat, 3 May 2003 15:47:34 +0200, in sentex.lists.freebsd.net you wrot= e: > >I would like to rename the network interfaces. More particularly, I wo= uld > > like to control the numbers in the name and to remove the constraints= =2E > > > >For example, what are the issues about renaming my 'vr0' interface to > > eth1-3 or DSL-WAN that does not have a ifunit within its name ? > > > >I think about the following issues, what am I forgetting ? > > - update all the sockaddr_dl > > - many drivers, in fact all of them, log with %s%d, ifname, ifunit > > - (add a message on the routing socket) > > > >Regards, > > Vincent > >_______________________________________________ > >freebsd-net@freebsd.org mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-net > >To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > Mike Tancsa (mike@sentex.net) > http://www.sentex.net/mike From owner-freebsd-net@FreeBSD.ORG Sun May 4 10:50:13 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F042837B401 for ; Sun, 4 May 2003 10:50:13 -0700 (PDT) Received: from web.cs.ndsu.nodak.edu (web.cs.ndsu.NoDak.edu [134.129.125.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 422B143F75 for ; Sun, 4 May 2003 10:50:13 -0700 (PDT) (envelope-from tinguely@web.cs.ndsu.nodak.edu) Received: from web.cs.ndsu.nodak.edu (localhost [127.0.0.1]) by web.cs.ndsu.nodak.edu (8.12.9/8.11.4) with ESMTP id h44HoCWr077631; Sun, 4 May 2003 12:50:12 -0500 (CDT) (envelope-from tinguely@web.cs.ndsu.nodak.edu) Received: (from tinguely@localhost) by web.cs.ndsu.nodak.edu (8.12.9/8.12.8/Submit) id h44HoBbo077630; Sun, 4 May 2003 12:50:11 -0500 (CDT) (envelope-from tinguely) Date: Sun, 4 May 2003 12:50:11 -0500 (CDT) From: mark tinguely Message-Id: <200305041750.h44HoBbo077630@web.cs.ndsu.nodak.edu> To: net@FreeBSD.org, silby@silby.com Subject: Re: Reducing ip_id information leakage X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2003 17:50:14 -0000 on Wed, 30 Apr 2003 01:58:36 CDT, Mike Silbersack said: > It's too bad we don't have an inexpensive function we can use for the !DF > case. I'd like to make the OpenBSD function the default for frag packets, > but it seems just too heavyweight. I guess I am in the mood to beat a dead horse.... 1) Have a less global counter (limit wrap on highspeed connections) that starts with a random initial number. 2) Each DF packet in this counter group, add a relative prime number. a) can also choose a random relative prime when this counter is created. Results: Keeps the 2^16 numbering space. Less global (think per interface, or per source/destination/port as mentioned that is done in Solaris). The overhead is only 32 bits of storage and a couple accesses more. --Mark Tinguely From owner-freebsd-net@FreeBSD.ORG Sun May 4 11:21:06 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF57337B401 for ; Sun, 4 May 2003 11:21:06 -0700 (PDT) Received: from mail.parodius.com (mail.parodius.com [64.71.184.173]) by mx1.FreeBSD.org (Postfix) with ESMTP id 411F843FB1 for ; Sun, 4 May 2003 11:21:06 -0700 (PDT) (envelope-from jdc@pentarou.parodius.com) Received: from pentarou.parodius.com (jdc@localhost [127.0.0.1]) by mail.parodius.com (8.12.9/8.12.9) with ESMTP id h44IIK6G085355 for ; Sun, 4 May 2003 11:18:20 -0700 (PDT) (envelope-from jdc@pentarou.parodius.com) Received: (from jdc@localhost) by pentarou.parodius.com (8.12.9/8.12.9/Submit) id h44IIKlT085354 for freebsd-net@freebsd.org; Sun, 4 May 2003 11:18:20 -0700 (PDT) Date: Sun, 4 May 2003 11:18:20 -0700 From: Jeremy Chadwick To: freebsd-net@freebsd.org Message-ID: <20030504181820.GA84906@parodius.com> References: <_MzYgD.A.O9P._h8s-@coal.sentex.ca> <09l7bv4bp8vvngc0j85tgqob0u3b0vl7pr@4ax.com> <200305041937.27631.vjardin@wanadoo.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <200305041937.27631.vjardin@wanadoo.fr> User-Agent: Mutt/1.5.4i Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2003 18:21:07 -0000 Not to barge into an already-spurious conversation, but I must completely disagree with this methodology. I'm sorry, but Linux's implementation is incredibly ambiguous, and always has been. I knew where your recommendation was coming from (it was obvious from the start, re: eth1). This is not an anti-Linux comment as much as it is a comment supporting the concept of a clean -- and consistent -- interface to common drivers and devices. As a 7-year Linux user who "turned BSD" due to this specific reason, I've come to believe I've earned my right to speak. In BSD, each driver is represented (for the most part) by it's appropriate abbreviation. It's easy to refer to ("I use the dc driver," "Check the dc(4) manpage"), it results in a clean code-base (if_dc.c, src/sys/dev/dc), and it provides _consistency_ across the board not only in the kernel and device layer, but also as far as user-land applications go. Don't forget about fellow administrators helping one another out (either online or in person); I cannot even begin to imagine send-pr(1) forms with data consisting of interface names which don't correspond with their proper driver. If I was able to name a network interface FooBarBlat, that really doesn't tell me anything about what the actual interface _is_, nor does it make the debugging process any easier. You start having to add an extra layer of ambiguity between user-land and kernel, as well as interface code and other IP-based modules. A lookup-interface-alias-and-correspond-with-device-ID function, just adding more overhead for something that's entirely cosmetical. I fully agree with Mike Tancsa's earlier comment: this sounds tremendously messy to maintain, and (IMHO) completely goes against what I believe to be the "BSD-style" of doing things (I'm sure someone more senior in the BSD community will slap me for this, but I think people know what I'm getting at here). The day I see "eth" show up in BSD will be the day I, and many other administrators, voice our disapproval loudly. Sorry if this Email comes off as harsh -- I just grow very tired of seeing ambiguity weaselling it's way into Good Software(tm). -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. | | "Appreciate what you've got, 'cuz basically, I'm fantastic." -- Holly | On Sun, May 04, 2003 at 07:37:27PM +0200, Vincent Jardin wrote: > Le Samedi 3 Mai 2003 16:43, Mike Tancsa a écrit : > > It sounds a bit messy to maintain. Perhaps it would be easier to just > > write wrapper programs around those that you use if really need be. e.g. a > > local copy of netstat,ifconfig and route and have those executed first in > > your path. > > I thought about it. However many issues remain: > - SNMP still uses the FreeBSD's interface name > - the kernel logs > - ... they are lot of softwares that need their own patch > > Whereas all these softwares would work fine if the interface name does not > have a unit number. > > Thanks, > Vincent > > PS: > For example, with Linux, the name of an ipip or gre tunnel is free: > # ip tunnel add FooBar mode ipip remote 192.168.0.251 local 192.168.0.15 > # ifconfig FooBar > FooBar Lien encap:IPIP Tunnel HWaddr > POINTOPOINT NOARP MTU:1480 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 lg file transmission:0 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > > > > > ---Mike > > > > On Sat, 3 May 2003 15:47:34 +0200, in sentex.lists.freebsd.net you wrote: > > >I would like to rename the network interfaces. More particularly, I would > > > like to control the numbers in the name and to remove the constraints. > > > > > >For example, what are the issues about renaming my 'vr0' interface to > > > eth1-3 or DSL-WAN that does not have a ifunit within its name ? > > > > > >I think about the following issues, what am I forgetting ? > > > - update all the sockaddr_dl > > > - many drivers, in fact all of them, log with %s%d, ifname, ifunit > > > - (add a message on the routing socket) > > > > > >Regards, > > > Vincent > > >_______________________________________________ > > >freebsd-net@freebsd.org mailing list > > >http://lists.freebsd.org/mailman/listinfo/freebsd-net > > >To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > Mike Tancsa (mike@sentex.net) > > http://www.sentex.net/mike > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sun May 4 14:27:55 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BA35937B401 for ; Sun, 4 May 2003 14:27:55 -0700 (PDT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED6DA43F3F for ; Sun, 4 May 2003 14:27:54 -0700 (PDT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.12.9/8.12.9) with ESMTP id h44LRsU0021473; Sun, 4 May 2003 17:27:54 -0400 (EDT) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.12.9/8.12.9/Submit) id h44LRrBS021472; Sun, 4 May 2003 17:27:53 -0400 (EDT) (envelope-from barney) Date: Sun, 4 May 2003 17:27:53 -0400 From: Barney Wolff To: mark tinguely Message-ID: <20030504212753.GA21240@pit.databus.com> References: <200305041750.h44HoBbo077630@web.cs.ndsu.nodak.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200305041750.h44HoBbo077630@web.cs.ndsu.nodak.edu> User-Agent: Mutt/1.4.1i X-Scanned-By: MIMEDefang 2.31 (www . roaringpenguin . com / mimedefang) cc: net@freebsd.org Subject: Re: Reducing ip_id information leakage X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 May 2003 21:27:56 -0000 On Sun, May 04, 2003 at 12:50:11PM -0500, mark tinguely wrote: > Less global (think per interface, or per source/destination/port as mentioned > that is done in Solaris). Nit: you can't use port, as that will not appear in the frags and you can't afford collision. If I were writing the code, I'd do a very fast hash on src/dst/proto into say 8-10 bits, keep 256-1024 counters, and let it go at that. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. From owner-freebsd-net@FreeBSD.ORG Sun May 4 21:17:42 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3ADA637B401 for ; Sun, 4 May 2003 21:17:42 -0700 (PDT) Received: from smtp-relay.omnis.com (smtp-relay.omnis.com [216.239.128.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id C029643FB1 for ; Sun, 4 May 2003 21:17:41 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.homeunix.net (66-91-236-204.san.rr.com [66.91.236.204]) by smtp-relay.omnis.com (Postfix) with ESMTP id E34AF1B7C4; Sun, 4 May 2003 21:17:39 -0700 (PDT) From: Wes Peters Organization: Softweyr To: Jeremy Chadwick , freebsd-net@freebsd.org Date: Sun, 4 May 2003 21:17:39 -0700 User-Agent: KMail/1.5 References: <_MzYgD.A.O9P._h8s-@coal.sentex.ca> <200305041937.27631.vjardin@wanadoo.fr> <20030504181820.GA84906@parodius.com> In-Reply-To: <20030504181820.GA84906@parodius.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200305042117.39042.wes@softweyr.com> Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 04:17:42 -0000 On Sunday 04 May 2003 11:18, Jeremy Chadwick wrote: > > Sorry if this Email comes off as harsh -- I just grow very > tired of seeing ambiguity weaselling it's way into Good Software(tm). It doesn't come off as harsh, just as uninformed. You didn't bother to collect the full information before going off on a rant, even when there were prominent clues thrust into your face. For instance, Vincent's original message said: On 3 May 2003 15:47:34 +0200, Vincent Jardin wrote: > I would like to rename the network interfaces. More particularly, I > would like to control the numbers in the name and to remove the > constraints. > > For example, what are the issues about renaming my 'vr0' interface to > eth1-3 or DSL-WAN that does not have a ifunit within its name ? The "DSL-WAN" bit might have set off some bells if you'd been paying attention, or a bit more experienced. Consider my dilemma at work, where we're introducing a new hardware platform and planning for another. We're adding a third ethernet port in the new one, and the one we're still spec'ing will be offered in both 10/100 and 10/100/1000 models, so the network interfaces are: model: 1000 1100 1200 3000 Internal port fxp0 fxp1 fxp2 fxp2 or em1 External port fxp1 fxp0 fxp0 fxp0 or em0 Managment port n/a n/a fxp1 fxp1 or fxp0 All of the system startups need to refer to these ports by function, not by some silly number assigned as a side effect of the PCI bus probing order. This almost begs for some simple alias that can be programmatically (or via a command line utility) added to the interface so the association with the device type isn't lost. That bears some thought. An interface label, as it were... -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Mon May 5 02:50:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E4E637B401 for ; Mon, 5 May 2003 02:50:19 -0700 (PDT) Received: from mailhub.fokus.fraunhofer.de (mailhub.fokus.fraunhofer.de [193.174.154.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1628943F85 for ; Mon, 5 May 2003 02:50:16 -0700 (PDT) (envelope-from brandt@fokus.fraunhofer.de) Received: from beagle (beagle [193.175.132.100])h459nrE12675; Mon, 5 May 2003 11:49:55 +0200 (MEST) Date: Mon, 5 May 2003 11:49:53 +0200 (CEST) From: Harti Brandt To: Wes Peters In-Reply-To: <200305042117.39042.wes@softweyr.com> Message-ID: <20030505114756.K53365@beagle.fokus.fraunhofer.de> References: <_MzYgD.A.O9P._h8s-@coal.sentex.ca> <200305041937.27631.vjardin@wanadoo.fr> <200305042117.39042.wes@softweyr.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: Jeremy Chadwick Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 09:50:19 -0000 On Sun, 4 May 2003, Wes Peters wrote: WP>On Sunday 04 May 2003 11:18, Jeremy Chadwick wrote: WP>All of the system startups need to refer to these ports by function, not WP>by some silly number assigned as a side effect of the PCI bus probing WP>order. WP> WP>This almost begs for some simple alias that can be programmatically (or WP>via a command line utility) added to the interface so the association WP>with the device type isn't lost. That bears some thought. An interface WP>label, as it were... Perhaps an if_alias field in struct ifnet, setable via ifconfig? This would just nicely map to the alias name field in the SNMP interface MIB. harti -- harti brandt, http://www.fokus.fraunhofer.de/research/cc/cats/employees/hartmut.brandt/private brandt@fokus.fraunhofer.de, harti@freebsd.org From owner-freebsd-net@FreeBSD.ORG Mon May 5 06:12:05 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 33B0637B401; Mon, 5 May 2003 06:12:05 -0700 (PDT) Received: from mail.uni-bielefeld.de (mail2.uni-bielefeld.de [129.70.4.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id AEB0443FA3; Mon, 5 May 2003 06:12:03 -0700 (PDT) (envelope-from lars.koeller@uni-bielefeld.de) Received: from rayadm.hrz.uni-bielefeld.de (rayadm.hrz.uni-bielefeld.de [129.70.202.15]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0HEF00E8F0MWQM@mail.uni-bielefeld.de>; Mon, 5 May 2003 15:11:21 +0200 (MET DST) Received: from rayadm.hrz.uni-bielefeld.de (lkoeller@localhost) h45DBJq26003; Mon, 05 May 2003 15:11:20 +0200 (MEST) Date: Mon, 05 May 2003 15:11:19 +0200 From: Lars =?iso-8859-1?Q?K=F6ller?= X-Face: eCcoCV}FjV*O{6>[1$XP/e%]TJhEw2MF33dFh)^HM7Gfd=[/(4+0a$~ MIME-version: 1.0 X-Mailer: exmh version 2.6.1 02/18/2003 with nmh-1.0.4 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: quoted-printable cc: freebsd-bugs@freebsd.org cc: lkoeller@freebsd.org cc: lars+freebsd@koellers.net Subject: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 13:12:06 -0000 -------- Dear experts, i've discussed the reported problem with our experts here at the = computing center, and we don't have a clue for the problem reported in = PR 51586. Please can someone have a look at it and perhaps help me with some = fresh ideas? We need to go in production with this virus scanner farm! I've checked it with an simple script again, and get the same problem = with ony one rsh connect per second. The rsh timeout is set to 40sec, = and an netstat on the machines lokes like: machine1 (rsh client): Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state= ) tcp4 0 0 odie.636 vscan4.shell FIN_WA= IT_2 tcp4 0 0 odie.638 vscan4.shell TIME_W= AIT tcp4 0 0 odie.640 vscan4.shell TIME_W= AIT tcp4 0 0 odie.642 vscan4.shell TIME_W= AIT tcp4 0 0 odie.644 vscan4.shell TIME_W= AIT tcp4 0 0 odie.646 vscan4.shell TIME_W= AIT tcp4 0 0 odie.648 vscan4.shell TIME_W= AIT tcp4 0 0 odie.650 vscan4.shell TIME_W= AIT tcp4 0 0 odie.652 vscan4.shell TIME_W= AIT tcp4 0 0 odie.654 vscan4.shell TIME_W= AIT tcp4 0 0 odie.656 vscan4.shell TIME_W= AIT tcp4 0 0 odie.658 vscan4.shell TIME_W= AIT tcp4 0 0 odie.660 vscan4.shell TIME_W= AIT tcp4 0 0 odie.662 vscan4.shell TIME_W= AIT tcp4 0 0 odie.6100 odie.1277 ESTABL= ISHED tcp4 0 0 odie.1277 odie.6100 ESTABL= ISHED tcp4 196 0 odie.6100 odie.1276 ESTABL= ISHED tcp4 0 0 odie.1276 odie.6100 ESTABL= ISHED tcp4 0 0 *.6100 *.* LISTEN= tcp4 0 0 odie.ssh rayadm.34459 ESTABL= ISHED tcp4 0 0 *.submission *.* LISTEN= tcp4 0 0 *.smtp *.* LISTEN= tcp4 0 0 *.ssh *.* LISTEN= tcp4 0 0 *.printer *.* LISTEN= tcp4 0 0 *.shell *.* LISTEN= tcp4 0 0 *.1022 *.* LISTEN= tcp4 0 0 *.nfsd *.* LISTEN= tcp4 0 0 *.1023 *.* LISTEN= tcp4 0 0 *.sunrpc *.* LISTEN= udp4 0 0 localhost.ntp *.* = udp4 0 0 odie.ntp *.* = udp4 0 0 *.ntp *.* = udp4 0 0 *.1011 *.* = udp4 0 0 *.nfsd *.* = udp4 0 0 *.1023 *.* = udp4 0 0 *.sunrpc *.* = udp4 0 0 *.syslog *.* = The rsh-server (machine2) stated: rshd[37900]: connect second port 635: Operation timed out Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state= ) tcp4 0 48 vscan4.ssh odie.1279 ESTABL= ISHED tcp4 0 0 vscan4.623 odie.635 SYN_SE= NT tcp4 0 0 vscan4.shell odie.636 CLOSE_= WAIT tcp4 0 0 vscan4.6100 vscan4.4628 ESTABL= ISHED tcp4 0 0 vscan4.4628 vscan4.6100 ESTABL= ISHED tcp4 0 0 vscan4.6100 vscan4.4627 ESTABL= ISHED tcp4 0 0 vscan4.4627 vscan4.6100 ESTABL= ISHED tcp4 0 0 *.6100 *.* LISTEN= tcp4 0 0 vscan4.ssh rayadm.34465 ESTABL= ISHED tcp4 0 0 *.submission *.* LISTEN= tcp4 0 0 *.smtp *.* LISTEN= tcp4 0 0 *.shell *.* LISTEN= tcp4 0 0 *.ssh *.* LISTEN= tcp4 0 0 *.printer *.* LISTEN= udp4 0 0 localhost.ntp *.* = udp4 0 0 vscan4.ntp *.* = udp4 0 0 *.ntp *.* = udp4 0 0 *.syslog *.* = udp4 0 0 vscan4.1019 odie.nfsd = Active UNIX domain sockets Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr e359ba00 stream 0 0 0 e359bb40 0 0 e359bb40 stream 0 0 0 e359ba00 0 0 e1e6e5a0 stream 0 0 0 e35778c0 0 0 e35778c0 stream 0 0 0 e1e6e5a0 0 0 e1e6eaa0 stream 0 0 0 e1e6e8c0 0 0 e1e6e8c0 stream 0 0 0 e1e6eaa0 0 0 e1e6e960 stream 0 0 0 e1e6ea00 0 0 e1e6ea00 stream 0 0 0 e1e6e960 0 0 e3577280 stream 0 0 e2f33000 0 0 0 /var/ru= n/sophie e1e6edc0 stream 0 0 e1e82f00 0 0 0 /var/ru= n/printer e1e6ebe0 dgram 0 0 0 e1e4ff00 0 e1e6ec80 e1e6ec80 dgram 0 0 0 e1e4ff00 0 e1e6ed20 e1e6ed20 dgram 0 0 0 e1e4ff00 0 e1e6ee60 e1e6ee60 dgram 0 0 0 e1e4ff00 0 e1e6ef00 e1e6ef00 dgram 0 0 0 e1e4ff00 0 0 e1e4ff00 dgram 0 0 e1e49ec0 0 e1e6ebe0 0 /var/ru= n/log All the details are like described in the PR. Thnaks and best regards Lars -- = E-Mail: Lars.Koeller@Uni-Bielefeld.DE \ Lars K=F6ller lkoeller@FreeBSD.org \ CC University of PGP: http://www.uk.pgp.net/pgpnet/wwwkeys.html \ Bielefeld, Germany = Key-ID: A430D499 \ Tel: +49 521 106 4964 ----------- FreeBSD, what else? ---- http://www.freebsd.org -------------= From owner-freebsd-net@FreeBSD.ORG Mon May 5 12:14:14 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7A65D37B401 for ; Mon, 5 May 2003 12:14:14 -0700 (PDT) Received: from bluhayz.homeunix.org (ip68-106-103-50.nv.nv.cox.net [68.106.103.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 94F6243F75 for ; Mon, 5 May 2003 12:14:13 -0700 (PDT) (envelope-from dero@bluhayz.homeunix.org) Received: from bluhayz.homeunix.org (localhost [127.0.0.1]) by bluhayz.homeunix.org (8.12.8p1/8.12.8) with ESMTP id h45JFRbG019283 for ; Mon, 5 May 2003 15:15:32 -0400 (EDT) (envelope-from dero@bluhayz.homeunix.org) Received: (from nobody@localhost) by bluhayz.homeunix.org (8.12.8p1/8.12.8/Submit) id h45JFQ1s019282; Mon, 5 May 2003 15:15:26 -0400 (EDT) X-Authentication-Warning: bluhayz.homeunix.org: nobody set sender to dero@bluhayz.homeunix.org using -f Received: from 172.176.145.237 (SquirrelMail authenticated user dero) by bluhayz.homeunix.org with HTTP; Mon, 5 May 2003 15:15:26 -0400 (EDT) Message-ID: <3379.172.176.145.237.1052162126.squirrel@bluhayz.homeunix.org> In-Reply-To: <20030505190052.128A837B405@hub.freebsd.org> References: <20030505190052.128A837B405@hub.freebsd.org> Date: Mon, 5 May 2003 15:15:26 -0400 (EDT) From: "agent dero" To: freebsd-net@freebsd.org User-Agent: SquirrelMail/1.4.0 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 Importance: Normal Subject: To DNS serve, or not to X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 19:14:14 -0000 I am setting up a home based server, that will host a couple domain names on 768k SDSL. I have the server all lined up and I am wondering what I should do about DNS serving. I figure I have three choices. a) install BIND on my web/ftp/lan server (also doubling as network firewall) b) get an old junk box, like 300Mhz w/ 64MB RAM and use it as the DNS Server. c) use a free off-location service, such as zoneedit.com to handle DNS requests, that come to my static IP. With option (a) the server is a dual CPU, high powered workhorse, but I am worried about the security, and managability of putting all those features in a single box. agent dero From owner-freebsd-net@FreeBSD.ORG Mon May 5 12:18:59 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC27737B401 for ; Mon, 5 May 2003 12:18:59 -0700 (PDT) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 48F5343FD7 for ; Mon, 5 May 2003 12:18:59 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (IDENT:brdavis@localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.12.9/8.12.3) with ESMTP id h45JItTk018917; Mon, 5 May 2003 12:18:55 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.12.9/8.12.3/Submit) id h45JIs9I018912; Mon, 5 May 2003 12:18:54 -0700 Date: Mon, 5 May 2003 12:18:54 -0700 From: Brooks Davis To: Vincent Jardin Message-ID: <20030505191853.GA25827@Odin.AC.HMC.Edu> References: <200305031547.34668.vjardin@wanadoo.fr> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS" Content-Disposition: inline In-Reply-To: <200305031547.34668.vjardin@wanadoo.fr> User-Agent: Mutt/1.5.4i X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu cc: net@freebsd.org Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 19:19:00 -0000 --qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, May 03, 2003 at 03:47:34PM +0200, Vincent Jardin wrote: > I would like to rename the network interfaces. More particularly, I would= like=20 > to control the numbers in the name and to remove the constraints. >=20 > For example, what are the issues about renaming my 'vr0' interface to eth= 1-3=20 > or DSL-WAN that does not have a ifunit within its name ? >=20 > I think about the following issues, what am I forgetting ? > - update all the sockaddr_dl > - many drivers, in fact all of them, log with %s%d, ifname, ifunit > - (add a message on the routing socket) Many issues are resolved by moving from if_name and if_unit to if_xname in ifnet. I've got a patch for that, but due to lack of time to deal with the issues involved in the ABI change I don't think I'll get it in to 5.x. It doesn't deal with sockaddr_dl or routing sockets, but it does clean up most uses if interface names. I did take a shot at interface renaming, but didn't quite get it right the first try. I was looking at what I did wrong a little while ago and I don't think renaming is all that difficult once you kill off if_name and if_unit. It's on my todo list, but I think it's a 6.x feature at this point. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+trkdXY6L6fI4GtQRAsZiAJ9Zmtjc+JSgN/wFV6CEB241qIOR0QCfeyiL O7RKGPxCdfVj9WYBBEO/ieg= =ufh2 -----END PGP SIGNATURE----- --qMm9M+Fa2AknHoGS-- From owner-freebsd-net@FreeBSD.ORG Mon May 5 12:30:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A913537B401 for ; Mon, 5 May 2003 12:30:19 -0700 (PDT) Received: from smtpout.mac.com (A17-250-248-87.apple.com [17.250.248.87]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25C4E43FBF for ; Mon, 5 May 2003 12:30:17 -0700 (PDT) (envelope-from cswiger@mac.com) Received: from asmtp02.mac.com (asmtp02-qfe3 [10.13.10.66]) by smtpout.mac.com (Xserve/MantshX 2.0) with ESMTP id h45JUHGm021089 for ; Mon, 5 May 2003 12:30:17 -0700 (PDT) Received: from mac.com ([68.161.244.25]) by asmtp02.mac.com (Netscape Messaging Server 4.15) with ESMTP id HEFI6E00.TGE for ; Mon, 5 May 2003 12:30:14 -0700 Date: Mon, 5 May 2003 15:31:59 -0400 Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v552) From: Charles Swiger To: freebsd-net@freebsd.org Content-Transfer-Encoding: 7bit In-Reply-To: <3379.172.176.145.237.1052162126.squirrel@bluhayz.homeunix.org> Message-Id: <3D285157-7F30-11D7-8414-003065ABFD92@mac.com> X-Mailer: Apple Mail (2.552) Subject: Re: To DNS serve, or not to X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 19:30:19 -0000 On Monday, May 5, 2003, at 03:15 PM, agent dero wrote: > I am setting up a home based server, that will host a couple domain > names > on 768k SDSL. I have the server all lined up and I am wondering what I > should do about DNS serving. I figure I have three choices. > a) install BIND on my web/ftp/lan server (also doubling as network > firewall) > b) get an old junk box, like 300Mhz w/ 64MB RAM and use it as the DNS > Server. > c) use a free off-location service, such as zoneedit.com to handle DNS > requests, that come to my static IP. Get and old 300MHz box per B, and use it as your network firewall. Don't run any other services on it; use your existing server to handle web, ftp, and DNS. -Chuck From owner-freebsd-net@FreeBSD.ORG Mon May 5 12:33:14 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EB3F37B401 for ; Mon, 5 May 2003 12:33:14 -0700 (PDT) Received: from jchurch.neville-neil.com (jchurch.neville-neil.com [209.157.133.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE42843FE0 for ; Mon, 5 May 2003 12:33:13 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from jchurch.neville-neil.com.neville-neil.com (localhost [127.0.0.1])h43IfUeD016995 for ; Sat, 3 May 2003 11:41:30 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Sat, 03 May 2003 11:41:30 -0700 Message-ID: <878ytnvpnp.wl@jchurch.neville-neil.com.neville-neil.com> From: "George V. Neville-Neil" To: freebsd-net@freebsd.org User-Agent: Wanderlust/2.10.0 (Venus) SEMI/1.14.4 (Hosorogi) FLIM/1.14.4 (=?ISO-8859-4?Q?Kashiharajing=FE-mae?=) APEL/10.4 Emacs/21.2 (i386--freebsd) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi") Content-Type: text/plain; charset=US-ASCII Subject: Collapsing of csum fields into tags? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 19:33:14 -0000 Howdy, I see that the MAC label stuff was just recently collapsed into a tag in the mbuf. Any possibility that the csum flags and data will go that route, thereby simplifying the pkthdr further? Thanks, George From owner-freebsd-net@FreeBSD.ORG Mon May 5 13:49:39 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9593637B401 for ; Mon, 5 May 2003 13:49:39 -0700 (PDT) Received: from sccrmhc03.attbi.com (sccrmhc03.attbi.com [204.127.202.63]) by mx1.FreeBSD.org (Postfix) with ESMTP id E40A543F85 for ; Mon, 5 May 2003 13:49:38 -0700 (PDT) (envelope-from DougB@freebsd.org) Received: from master.dougb.net (12-234-22-23.client.attbi.com[12.234.22.23]) by sccrmhc03.attbi.com (sccrmhc03) with SMTP id <2003050520493700300eivjqe>; Mon, 5 May 2003 20:49:38 +0000 Date: Mon, 5 May 2003 13:49:37 -0700 (PDT) From: Doug Barton To: agent dero In-Reply-To: <3379.172.176.145.237.1052162126.squirrel@bluhayz.homeunix.org> Message-ID: <20030505134803.B3042@znfgre.qbhto.arg> References: <20030505190052.128A837B405@hub.freebsd.org> <3379.172.176.145.237.1052162126.squirrel@bluhayz.homeunix.org> Organization: http://www.FreeBSD.org/ X-message-flag: Outlook -- Not just for spreading viruses anymore! MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: To DNS serve, or not to X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 20:49:39 -0000 On Mon, 5 May 2003, agent dero wrote: > c) use a free off-location service, such as zoneedit.com to handle DNS > requests, that come to my static IP. d) use your registrar's name servers In any case, since you need more than one name server for your domain(s), I would highly recommend using an already established service for this purpose. If you want to play with a name server, set up a resolver for your LAN. Authoritative dns is fairly boring. Doug -- This .signature sanitized for your protection From owner-freebsd-net@FreeBSD.ORG Mon May 5 14:38:21 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E15BB37B401 for ; Mon, 5 May 2003 14:38:20 -0700 (PDT) Received: from ints.mail.pike.ru (ints.mail.pike.ru [195.9.45.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id B4FDF43F75 for ; Mon, 5 May 2003 14:38:18 -0700 (PDT) (envelope-from babolo@cicuta.babolo.ru) Received: (qmail 69033 invoked from network); 5 May 2003 21:57:08 -0000 Received: from babolo.ru (HELO cicuta.babolo.ru) (194.58.226.160) by ints.mail.pike.ru with SMTP; 5 May 2003 21:57:08 -0000 Received: (nullmailer pid 1014 invoked by uid 136); Mon, 05 May 2003 21:41:32 -0000 X-ELM-OSV: (Our standard violations) hdr-charset=KOI8-R; no-hdr-encoding=1 In-Reply-To: <3D285157-7F30-11D7-8414-003065ABFD92@mac.com> To: Charles Swiger Date: Tue, 6 May 2003 01:41:32 +0400 (MSD) From: "."@babolo.ru X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Message-Id: <1052170892.180570.1013.nullmailer@cicuta.babolo.ru> cc: freebsd-net@freebsd.org Subject: Re: To DNS serve, or not to X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 21:38:22 -0000 > On Monday, May 5, 2003, at 03:15 PM, agent dero wrote: > > I am setting up a home based server, that will host a couple domain > > names > > on 768k SDSL. I have the server all lined up and I am wondering what I > > should do about DNS serving. I figure I have three choices. > > a) install BIND on my web/ftp/lan server (also doubling as network > > firewall) > > b) get an old junk box, like 300Mhz w/ 64MB RAM and use it as the DNS > > Server. > > c) use a free off-location service, such as zoneedit.com to handle DNS > > requests, that come to my static IP. > > Get and old 300MHz box per B, and use it as your network firewall. > Don't run any other services on it; use your existing server to handle > web, ftp, and DNS. .. in jails. This effectively protects from remote exploits (converts them to DOS) http://free.babolo.ru/ports/jailup/ for easy to use and adnministrate jail based services From owner-freebsd-net@FreeBSD.ORG Mon May 5 14:47:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 374E637B401 for ; Mon, 5 May 2003 14:47:19 -0700 (PDT) Received: from mwinf0103.wanadoo.fr (smtp8.wanadoo.fr [193.252.22.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5B93043FA3 for ; Mon, 5 May 2003 14:47:15 -0700 (PDT) (envelope-from vjardin@wanadoo.fr) Received: from venus.vincentjardin.net (AVelizy-102-1-4-219.abo.wanadoo.fr [80.11.204.219]) by mwinf0103.wanadoo.fr (SMTP Server) with ESMTP id 183BB1BFFF2B for ; Mon, 5 May 2003 23:47:14 +0200 (CEST) Content-Type: text/plain; charset="iso-8859-1" From: Vincent Jardin To: net@freebsd.org Date: Mon, 5 May 2003 23:47:23 +0200 User-Agent: KMail/1.4.3 References: <200305031547.34668.vjardin@wanadoo.fr> <20030505191853.GA25827@Odin.AC.HMC.Edu> In-Reply-To: <20030505191853.GA25827@Odin.AC.HMC.Edu> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200305052347.23923.vjardin@wanadoo.fr> Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 21:47:19 -0000 > Many issues are resolved by moving from if_name and if_unit to if_xname > in ifnet. I've got a patch for that, but due to lack of time to deal > with the issues involved in the ABI change I don't think I'll get it > in to 5.x. It doesn't deal with sockaddr_dl or routing sockets, but > it does clean up most uses if interface names. I had been googling about if_xname, and I found OpenBSD. According to the= ir=20 cvs history they do not use if_unit/if_name since 1996. revision 1.9 date: 1996/05/10 12:31:07; author: deraadt; state: Exp; lines: +48 -11= 2 if_name/if_unit -> if_xname/if_softc > I did take a shot at interface renaming, but didn't quite get it right > the first try. I was looking at what I did wrong a little while ago an= d > I don't think renaming is all that difficult once you kill off if_name > and if_unit. It's on my todo list, but I think it's a 6.x feature at > this point. I agree that the main issue is to remove all the if_name and if_unit. It = would=20 have been a nice 5.x feature ;-) Thanks for your comments about if_xname, Vincent From owner-freebsd-net@FreeBSD.ORG Mon May 5 14:59:21 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AF56C37B401 for ; Mon, 5 May 2003 14:59:21 -0700 (PDT) Received: from arthur.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0DC6C43F93 for ; Mon, 5 May 2003 14:59:21 -0700 (PDT) (envelope-from simon@arthur.nitro.dk) Received: by arthur.nitro.dk (Postfix, from userid 1000) id 8A6F510BF84; Mon, 5 May 2003 23:59:19 +0200 (CEST) Date: Mon, 5 May 2003 23:59:19 +0200 From: "Simon L. Nielsen" To: "."@babolo.ru Message-ID: <20030505215919.GB392@nitro.dk> References: <3D285157-7F30-11D7-8414-003065ABFD92@mac.com> <1052170892.180570.1013.nullmailer@cicuta.babolo.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="s2ZSL+KKDSLx8OML" Content-Disposition: inline In-Reply-To: <1052170892.180570.1013.nullmailer@cicuta.babolo.ru> User-Agent: Mutt/1.5.4i cc: freebsd-net@freebsd.org Subject: Re: To DNS serve, or not to X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 21:59:22 -0000 --s2ZSL+KKDSLx8OML Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.05.06 01:41:32 +0400, "."@babolo.ru wrote: > .. in jails. > This effectively protects from remote exploits > (converts them to DOS) > http://free.babolo.ru/ports/jailup/ > for easy to use and adnministrate jail based > services Looks interesting - do you have it avaible in some format which is simpler to download than getting each file from the HTTP server ? (e.g as tarballs of the dirs). --=20 Simon L. Nielsen --s2ZSL+KKDSLx8OML Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+tt638kocFXgPTRwRAkNlAJ9i3BIxcgbLbOC9UYbPi7aSx3Wf8gCfWvyt bEXR8qWfLOFAa0hi/qaxupI= =zNG7 -----END PGP SIGNATURE----- --s2ZSL+KKDSLx8OML-- From owner-freebsd-net@FreeBSD.ORG Mon May 5 19:57:25 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3DF5D37B401 for ; Mon, 5 May 2003 19:57:25 -0700 (PDT) Received: from ints.mail.pike.ru (ints.mail.pike.ru [195.9.45.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 05C1043F85 for ; Mon, 5 May 2003 19:57:24 -0700 (PDT) (envelope-from babolo@cicuta.babolo.ru) Received: (qmail 37587 invoked from network); 6 May 2003 03:16:14 -0000 Received: from babolo.ru (HELO cicuta.babolo.ru) (194.58.226.160) by ints.mail.pike.ru with SMTP; 6 May 2003 03:16:14 -0000 Received: (nullmailer pid 2251 invoked by uid 136); Tue, 06 May 2003 03:00:38 -0000 X-ELM-OSV: (Our standard violations) hdr-charset=KOI8-R; no-hdr-encoding=1 In-Reply-To: <20030505215919.GB392@nitro.dk> To: "Simon L. Nielsen" Date: Tue, 6 May 2003 07:00:38 +0400 (MSD) From: "."@babolo.ru X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Message-Id: <1052190038.108778.2250.nullmailer@cicuta.babolo.ru> cc: freebsd-net@freebsd.org Subject: Re: To DNS serve, or not to X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 02:57:25 -0000 Checking application/pgp-signature: FAILURE -- Start of PGP signed section. > On 2003.05.06 01:41:32 +0400, "."@babolo.ru wrote: > > > .. in jails. > > This effectively protects from remote exploits > > (converts them to DOS) > > http://free.babolo.ru/ports/jailup/ > > for easy to use and adnministrate jail based > > services > > Looks interesting - do you have it avaible in some format which is > simpler to download than getting each file from the HTTP server ? (e.g > as tarballs of the dirs). cd /usp/ports env CVSROOT=anoncvs@cvs.pike.ru:/repo/ports cvs get devel/babolo-libmake env CVSROOT=anoncvs@cvs.pike.ru:/repo/ports cvs get jailup There are ports, they work as usual ports (depends on each other and another ports) actual distfiles can be found from ports above or env CVSROOT=anoncvs@cvs.pike.ru:/repo/jailup cvs get . in development. Usage: dedicate some file system for jail, mount it to /jail (or change in /usr/local/etc/jailup.conf) then to build jail: jailup bind8 relative-path hostname-for-jail ip-addr inspect and de-comment /etc/rc.conf, /etc/fstab, /usr/local/etc/jailup.rc mount and /usr/local/etc/rc.d/jailup.sh start named another jails controlled in the same manner. some jailups (ssh based or innd) instals strings in /etc/rc.local command 'jailup' without parameters just lists possible kinds and 'jailup kind' lists short help. Every string to control files installed commented. oh, sorry - patch: http://free.babolo.ru/patch/src.usr.sbin.jail.patch for jail(1) - base system has very primitive jail(1) You can not to replace system jail by patched command, but place it somewhere and change in /usr/local/etc/jailup.conf string jail=/usr/bin/jail for jail=/somewhere/jail I build, rebild and control hundrids different jails on 11 different servers - and jailup gives me time for life :-) From owner-freebsd-net@FreeBSD.ORG Mon May 5 21:41:57 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7580137B401 for ; Mon, 5 May 2003 21:41:57 -0700 (PDT) Received: from bilver.wjv.com (user38.net339.fl.sprint-hsd.net [65.40.24.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3AABD43FB1 for ; Mon, 5 May 2003 21:41:56 -0700 (PDT) (envelope-from bv@wjv.com) Received: from bilver.wjv.com (localhost.wjv.com [127.0.0.1]) by bilver.wjv.com (8.12.9/8.12.9) with ESMTP id h464fjVd017103; Tue, 6 May 2003 00:41:45 -0400 (EDT) (envelope-from bv@wjv.com) Received: (from bv@localhost) by bilver.wjv.com (8.12.9/8.12.9/Submit) id h464fi34017102; Tue, 6 May 2003 00:41:44 -0400 (EDT) Date: Tue, 6 May 2003 00:41:44 -0400 From: Bill Vermillion To: agent dero Message-ID: <20030506044144.GH9349@wjv.com> References: <20030505190052.128A837B405@hub.freebsd.org> <3379.172.176.145.237.1052162126.squirrel@bluhayz.homeunix.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3379.172.176.145.237.1052162126.squirrel@bluhayz.homeunix.org> Organization: W.J.Vermillion / Orlando - Winter Park ReplyTo: bv@wjv.com User-Agent: Mutt/1.5.1i X-Spam-Status: No, hits=-26.2 required=5.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT version=2.53 X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp) cc: freebsd-net@freebsd.org Subject: Re: To DNS serve, or not to X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bv@wjv.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 04:41:57 -0000 Throwing caution to the wind and speaking without thinking about what was being said on Mon, May 05, 2003 at 15:15 , agent dero blurted this: > I am setting up a home based server, that will host a couple > domain names on 768k SDSL. I have the server all lined up and > I am wondering what I should do about DNS serving. I figure I > have three choices. > a) install BIND on my web/ftp/lan server (also doubling as > network firewall) > b) get an old junk box, like 300Mhz w/ 64MB RAM and use it as > the DNS Server. > c) use a free off-location service, such as zoneedit.com to > handle DNS requests, that come to my static IP. > With option (a) the server is a dual CPU, high powered > workhorse, but I am worried about the security, and > managability of putting all those features in a single box. I'd go with a) and make sure there was a secondary server somewhere else if you have a DSL problem or failure. The plus is also that it will store all lookups and thus you won't have to go off-site for things which have been looked up before until their expiration date. I run a cacheing only DNS on my mail/news machine - all text mode - and it's only a 166Mhz with 64MB RAM. Doesn't take up much space at all. But DO have at least two working DNS servers and not from one of the places that puts two IPs on one box. Bill -- Bill Vermillion - bv @ wjv . com From owner-freebsd-net@FreeBSD.ORG Tue May 6 05:18:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A9A737B401 for ; Tue, 6 May 2003 05:18:52 -0700 (PDT) Received: from hotmail.com (bay2-dav32.bay2.hotmail.com [65.54.246.89]) by mx1.FreeBSD.org (Postfix) with ESMTP id B4BE243F93 for ; Tue, 6 May 2003 05:18:51 -0700 (PDT) (envelope-from dsnofe@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 6 May 2003 05:18:51 -0700 Received: from 202.199.66.11 by bay2-dav32.bay2.hotmail.com with DAV; Tue, 06 May 2003 12:18:51 +0000 X-Originating-IP: [202.199.66.11] X-Originating-Email: [dsnofe@hotmail.com] Date: Tue, 06 May 2003 20:19:53 +0800 From: Snofe Deng To: freebsd-net@freebsd.org Message-Id: <20030506200419.D011.DSNOFE@hotmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Becky! ver. 2.05.10 X-OriginalArrivalTime: 06 May 2003 12:18:51.0633 (UTC) FILETIME=[A7845E10:01C313C9] Subject: Problem about kqueue. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 12:18:52 -0000 If I register: {ident, EVFILT_READ} {ident, EVFILT_WRITE} {ident, EVFILT_TIMER} pairs to kq;and all the piar with same ident which is a socket descriptor. then I close(2) ident. Does this mean that all these three {ident, filter} pairs will be removed just after the descriptor isclosed? or should I use: EV_SET(&evs, ident, EVFILT_READ, EV_DELETE, 0, 0, NULL) EV_SET(&evs, ident, EVFILT_WRITE, EV_DELETE, 0, 0, NULL) EV_SET(&evs, ident, EVFILT_TIMER, EV_DELETE, 0, 0, NULL) to delete these three pairs? when I just closed the socket descriptor, the {ident, EVFILT_READ/EVFILT_WRITE} are removed. but {ident, EVFILT_TIMER} is still returned at next kevent(2) loop. Is it a bug? or why should this happend? when I use the second way, things worked ok. Any one can help me? thanks a lot! -- Snofe Deng From owner-freebsd-net@FreeBSD.ORG Tue May 6 08:42:37 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F45637B401 for ; Tue, 6 May 2003 08:42:37 -0700 (PDT) Received: from smtp-relay.omnis.com (smtp-relay.omnis.com [216.239.128.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF62E43FB1 for ; Tue, 6 May 2003 08:42:36 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from softweyr.homeunix.net (66-91-236-204.san.rr.com [66.91.236.204]) by smtp-relay.omnis.com (Postfix) with ESMTP id C6C401C1CF; Tue, 6 May 2003 08:41:41 -0700 (PDT) From: Wes Peters Organization: Softweyr To: Harti Brandt Date: Tue, 6 May 2003 08:41:40 -0700 User-Agent: KMail/1.5 References: <_MzYgD.A.O9P._h8s-@coal.sentex.ca> <200305042117.39042.wes@softweyr.com> <20030505114756.K53365@beagle.fokus.fraunhofer.de> In-Reply-To: <20030505114756.K53365@beagle.fokus.fraunhofer.de> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200305060841.40502.wes@softweyr.com> cc: freebsd-net@freebsd.org cc: Jeremy Chadwick Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 15:42:37 -0000 On Monday 05 May 2003 02:49, Harti Brandt wrote: > On Sun, 4 May 2003, Wes Peters wrote: > > >On Sunday 04 May 2003 11:18, Jeremy Chadwick wrote: > > > All of the system startups need to refer to these ports by function, > > not by some silly number assigned as a side effect of the PCI bus > > probing order. > > > > This almost begs for some simple alias that can be programmatically > > (or via a command line utility) added to the interface so the > > association with the device type isn't lost. That bears some > > thought. An interface label, as it were... > > Perhaps an if_alias field in struct ifnet, setable via ifconfig? This > would just nicely map to the alias name field in the SNMP interface > MIB. That's what I was thinking, but that's just the beginning of the project. The next step is to make references to the alias, i.e. from ifconfig, ipfw, ipfilter, etc. recognize the alias or label as well as the device name. I'll ask the boss if I can do this on St. Bernard's ticket. ;^) -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Tue May 6 09:21:59 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC1F437B401 for ; Tue, 6 May 2003 09:21:59 -0700 (PDT) Received: from mail1.psconsult.nl (mail1.psconsult.nl [213.222.19.243]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2709543FA3 for ; Tue, 6 May 2003 09:21:58 -0700 (PDT) (envelope-from paul@pop3.psconsult.nl) Received: from pop3.psconsult.nl (ps227.psconsult.nl [213.222.19.227]) by mail1.psconsult.nl (8.12.6p2/8.12.6) with ESMTP id h46GLnwU055156; Tue, 6 May 2003 18:21:50 +0200 (CEST) (envelope-from paul@pop3.psconsult.nl) Received: (from paul@localhost) by pop3.psconsult.nl (8.9.2/8.9.2) id SAA58089; Tue, 6 May 2003 18:21:49 +0200 (CEST) (envelope-from paul) Date: Tue, 6 May 2003 18:21:49 +0200 From: Paul Schenkeveld To: Wes Peters Message-ID: <20030506182149.A57876@psconsult.nl> References: <_MzYgD.A.O9P._h8s-@coal.sentex.ca> <200305042117.39042.wes@softweyr.com> <20030505114756.K53365@beagle.fokus.fraunhofer.de> <200305060841.40502.wes@softweyr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <200305060841.40502.wes@softweyr.com>; from wes@softweyr.com on Tue, May 06, 2003 at 08:41:40AM -0700 cc: freebsd-net@freebsd.org cc: Jeremy Chadwick Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 16:22:00 -0000 Hi All, On Tue, May 06, 2003 at 08:41:40AM -0700, Wes Peters wrote: > On Monday 05 May 2003 02:49, Harti Brandt wrote: > > On Sun, 4 May 2003, Wes Peters wrote: > > > > >On Sunday 04 May 2003 11:18, Jeremy Chadwick wrote: > > > > > All of the system startups need to refer to these ports by function, > > > not by some silly number assigned as a side effect of the PCI bus > > > probing order. > > > > > > This almost begs for some simple alias that can be programmatically > > > (or via a command line utility) added to the interface so the > > > association with the device type isn't lost. That bears some > > > thought. An interface label, as it were... > > > > Perhaps an if_alias field in struct ifnet, setable via ifconfig? This > > would just nicely map to the alias name field in the SNMP interface > > MIB. > > That's what I was thinking, but that's just the beginning of the project. > The next step is to make references to the alias, i.e. from ifconfig, > ipfw, ipfilter, etc. recognize the alias or label as well as the device > name. I'll ask the boss if I can do this on St. Bernard's ticket. ;^) Ok, ifconfig, ipfw, ipfilter and many others can be changed to understand both the original interface name and the alias when specified on the commandline. But what would ifconfig -l, ifconfig -a, netstat -i and others output and what would ipmon log about blocked packets? The original name, the alias or both? I am not really against interface aliases and I can see the benefits for simplified configuration of similar machines (I'm facing the same issues with many multi-homes machines I manage that are conceptually the same but have slightly different mixes of interfaces that you described a few messages ago). But being able to have aliases so configuration scripts can use the logical name does not solve all problems. Perhaps commands reporting interface names should have a flag to choose for physical names or logical names (eg. 'ifconfig -l -P' or 'ifconfig -l -L') and messages that get logged somewhere could output both the physical and logical names like this: May 6 18:16:50 firewall ipmon[54]: 18:16:49.563047 dc7/ext0 @0:17 b xx.xx.xx.xx,1030 -> xx.xx.xx.xx,1434 PR udp len 20 404 IN I separated the physical name and logical names by a slash and not a space so that it still counts as a single word for compatibility. > -- > > Where am I, and what am I doing in this handbasket? > > Wes Peters wes@softweyr.com My $0.02. Paul Schenkeveld, Consultant PSconsult ICT Services BV From owner-freebsd-net@FreeBSD.ORG Tue May 6 11:34:05 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6920B37B401 for ; Tue, 6 May 2003 11:34:05 -0700 (PDT) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 73DF843FA3 for ; Tue, 6 May 2003 11:34:04 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (IDENT:brdavis@localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.12.9/8.12.3) with ESMTP id h46IY1UO023933; Tue, 6 May 2003 11:34:02 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.12.9/8.12.3/Submit) id h46IY1pL023931; Tue, 6 May 2003 11:34:01 -0700 Date: Tue, 6 May 2003 11:34:01 -0700 From: Brooks Davis To: Vincent Jardin Message-ID: <20030506183400.GA6840@Odin.AC.HMC.Edu> References: <200305031547.34668.vjardin@wanadoo.fr> <20030505191853.GA25827@Odin.AC.HMC.Edu> <200305052347.23923.vjardin@wanadoo.fr> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="bp/iNruPH9dso1Pn" Content-Disposition: inline In-Reply-To: <200305052347.23923.vjardin@wanadoo.fr> User-Agent: Mutt/1.5.4i X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu cc: net@freebsd.org Subject: Re: Howto rename an interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 18:34:05 -0000 --bp/iNruPH9dso1Pn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, May 05, 2003 at 11:47:23PM +0200, Vincent Jardin wrote: > > Many issues are resolved by moving from if_name and if_unit to if_xname > > in ifnet. I've got a patch for that, but due to lack of time to deal > > with the issues involved in the ABI change I don't think I'll get it > > in to 5.x. It doesn't deal with sockaddr_dl or routing sockets, but > > it does clean up most uses if interface names. >=20 > I had been googling about if_xname, and I found OpenBSD. According to the= ir=20 > cvs history they do not use if_unit/if_name since 1996. >=20 > revision 1.9 > date: 1996/05/10 12:31:07; author: deraadt; state: Exp; lines: +48 -112 > if_name/if_unit -> if_xname/if_softc That's basicly what my patches do. > > I did take a shot at interface renaming, but didn't quite get it right > > the first try. I was looking at what I did wrong a little while ago and > > I don't think renaming is all that difficult once you kill off if_name > > and if_unit. It's on my todo list, but I think it's a 6.x feature at > > this point. >=20 > I agree that the main issue is to remove all the if_name and > if_unit. It would have been a nice 5.x feature ;-) Yes it would have, but RE never approved my commit before 5.0 and I haven't had time since then so it's probably going to be a 6.0 feature. If the people wanting to add an if_alias member get that approved, if_xname should go in as well since the ABI will be trashed anyway. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --bp/iNruPH9dso1Pn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+uAARXY6L6fI4GtQRAnsIAJ4j3Y88Oz/oasOEupqBc5ppoogGJQCeOppG FAye+Us5WE7Dwq6feeS+RLs= =VbI5 -----END PGP SIGNATURE----- --bp/iNruPH9dso1Pn-- From owner-freebsd-net@FreeBSD.ORG Tue May 6 16:12:38 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3AB6537B404 for ; Tue, 6 May 2003 16:12:38 -0700 (PDT) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3585E43F3F for ; Tue, 6 May 2003 16:12:37 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id RAA08595 for ; Tue, 6 May 2003 17:12:29 -0600 (MDT) X-message-flag: Warning! Use of Microsoft Outlook renders your system susceptible to Internet worms. Message-Id: <4.3.2.7.2.20030506171152.0271cf00@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Tue, 06 May 2003 17:12:23 -0600 To: freebsd-net@freebsd.org From: Brett Glass Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: (Userland) PPPoE problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2003 23:12:38 -0000 I'm having odd problems with FreeBSD's userland PPPoE. A 4.8-RELEASE client is attempting to contact a server running an older version of FreeBSD (circa 4.6, with patches) that also handles several other PPPoE clients. The first four connect (using virtually identical ppp.conf files), but the fifth client does not. Instead, I see constant log messages from pppoed which say: May 6 11:51:34 server pppoed[1105]: Creating a new socket node May 6 11:51:34 server pppoed[1105]: Sending CONNECT from .:exec-1105 -> fxp0:orphans.exec-1105 May 6 11:51:34 server pppoed[1105]: Sending NGM_SOCK_CMD_NOLINGER to socket May 6 11:51:34 server pppoed[1105]: Offering to .:exec-1105 as access concentrator lariat May 6 11:51:34 server pppoed[1105]: adding to .:exec-1105 as offered service lariat May 6 11:51:34 server pppoed[1105]: Sending original request to .:exec-1105 (60 bytes) May 6 11:51:34 server pppoed[1105]: Waiting for a SUCCESS reply .:exec-1105 And then, a long time later... May 6 11:51:50 server pppoed[1105]: .:exec-1105: Client timed out The original pppoed process on the host, invoked via the line /usr/libexec/pppoed -d -P /var/run/pppoed.pid -a server -p server fxp0 spawns multiple children which go through this simultaneously. None actually allow a connection. The /etc/ppp.conf file is very standard for a PPPoE host: server: allow mode direct # Only for use on server-side set mru 1492 # Max allowed by the PPPoE spec set mtu 1492 # Max allowed by the PPPoE spec set speed sync # PPPoE is always synchronous enable proxy # Proxy ARP enable chap # Force client authentication disable pap # Don't send password in the clear # Control the compression protocol used by disabling anything we DON'T want disable mppe # Disable mppe to ensure compression deny mppe # Also deny it if they ask for it disable deflate # Disable deflate compression deny deflate # Also deny it if they ask for it set timeout 0 # No idle timeout for PPP! accept dns # Allow DNS negotiation set cd 5 # PPPoE uses "carrier" detect enable lqr # Re-establish broken connections set lqrperiod 15 # Check the link often set log +ccp # Log compression negotiations I'm wondering (this is speculative) whether I'm running up against some non-obvious limit, perhaps on the number of netgraph nodes or sockets, the number of sessions that can run through one Ethernet interface. There are 10 tun devices, so the system does not seem to be running out of those. What's the best way to diagnose and/or fix this problem? --Brett From owner-freebsd-net@FreeBSD.ORG Tue May 6 17:05:57 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 75B6337B404 for ; Tue, 6 May 2003 17:05:57 -0700 (PDT) Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E76043F75 for ; Tue, 6 May 2003 17:05:56 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org (12-232-168-4.client.attbi.com[12.232.168.4]) by attbi.com (rwcrmhc52) with ESMTP id <2003050700055605200qh95te>; Wed, 7 May 2003 00:05:56 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id RAA39990; Tue, 6 May 2003 17:05:54 -0700 (PDT) Date: Tue, 6 May 2003 17:05:53 -0700 (PDT) From: Julian Elischer To: Brett Glass In-Reply-To: <4.3.2.7.2.20030506171152.0271cf00@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: (Userland) PPPoE problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 00:05:57 -0000 On Tue, 6 May 2003, Brett Glass wrote: [...] > > What's the best way to diagnose and/or fix this problem? tcpdump on the ethernet interface in question.. From owner-freebsd-net@FreeBSD.ORG Tue May 6 17:12:41 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D911737B407 for ; Tue, 6 May 2003 17:12:41 -0700 (PDT) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0582143F3F for ; Tue, 6 May 2003 17:12:39 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id SAA09121; Tue, 6 May 2003 18:12:30 -0600 (MDT) X-message-flag: Warning! Use of Microsoft Outlook renders your system susceptible to Internet worms. Message-Id: <4.3.2.7.2.20030506180837.026f97d0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Tue, 06 May 2003 18:12:27 -0600 To: Julian Elischer From: Brett Glass In-Reply-To: References: <4.3.2.7.2.20030506171152.0271cf00@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" cc: freebsd-net@freebsd.org Subject: Re: (Userland) PPPoE problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 00:12:42 -0000 At 06:05 PM 5/6/2003, Julian Elischer wrote: >> What's the best way to diagnose and/or fix this problem? > >tcpdump on the ethernet interface in question.. I'm rebuilding the kernel now, with bpf, so I can do that. What sort of rule do I use to see PPPoE packets? I know that tcpdump isn't limited to TCP (despite the name), but I'm not sure how to set up the filter. (I'm also not sure exactly what to look for yet; ideas?) --Brett From owner-freebsd-net@FreeBSD.ORG Tue May 6 17:46:24 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1657337B40B for ; Tue, 6 May 2003 17:46:24 -0700 (PDT) Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1191443F85 for ; Tue, 6 May 2003 17:46:23 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org (12-232-168-4.client.attbi.com[12.232.168.4]) by attbi.com (rwcrmhc52) with ESMTP id <2003050700462205200qgo9ge>; Wed, 7 May 2003 00:46:22 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id RAA40237; Tue, 6 May 2003 17:46:21 -0700 (PDT) Date: Tue, 6 May 2003 17:46:21 -0700 (PDT) From: Julian Elischer To: Brett Glass In-Reply-To: <4.3.2.7.2.20030506180837.026f97d0@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: (Userland) PPPoE problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 00:46:24 -0000 if the interface you are using is (say) fxp0 then tcpdump -i fxp0 will be enough.. On Tue, 6 May 2003, Brett Glass wrote: > At 06:05 PM 5/6/2003, Julian Elischer wrote: > > >> What's the best way to diagnose and/or fix this problem? > > > >tcpdump on the ethernet interface in question.. > > I'm rebuilding the kernel now, with bpf, so I can do that. > > What sort of rule do I use to see PPPoE packets? I know > that tcpdump isn't limited to TCP (despite the name), but > I'm not sure how to set up the filter. (I'm also not sure > exactly what to look for yet; ideas?) > > --Brett > > > From owner-freebsd-net@FreeBSD.ORG Wed May 7 02:58:35 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8AB5E37B401 for ; Wed, 7 May 2003 02:58:35 -0700 (PDT) Received: from hotmail.com (bay8-dav17.bay8.hotmail.com [64.4.26.121]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25D8843FB1 for ; Wed, 7 May 2003 02:58:35 -0700 (PDT) (envelope-from littlepig9394@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 7 May 2003 02:58:35 -0700 Received: from 203.184.192.193 by bay8-dav17.bay8.hotmail.com with DAV; Wed, 07 May 2003 09:58:35 +0000 X-Originating-IP: [203.184.192.193] X-Originating-Email: [littlepig9394@hotmail.com] From: "Little Pig" To: Date: Wed, 7 May 2003 17:56:08 +0800 MIME-Version: 1.0 Content-Type: text/plain; charset="big5" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Message-ID: X-OriginalArrivalTime: 07 May 2003 09:58:35.0069 (UTC) FILETIME=[39445ED0:01C3147F] Subject: Disabling VLAN support on Intel GbE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 09:58:35 -0000 Dear all, One interesting question - would it be possible to disable the VLAN support in the Intel em driver? So, instead of calling VLAN_INPUT_TAG, the packet is forwarded to ether_input() with ETHERTYPE_VLAN (0x8100) ? Will this allow me to capture all VLAN information into netgraph's ng_ether and so some processing there. The reason for this is a need to handle a few hundred VLANs, but I read some comments that the chip support only 64 hardware VLANs. I do not any documentation on the chip so any help is appreciated. rgds, From owner-freebsd-net@FreeBSD.ORG Wed May 7 05:06:17 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E9D437B401 for ; Wed, 7 May 2003 05:06:17 -0700 (PDT) Received: from hotmail.com (bay2-dav31.bay2.hotmail.com [65.54.246.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 413F843FAF for ; Wed, 7 May 2003 05:06:17 -0700 (PDT) (envelope-from dsnofe@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 7 May 2003 05:06:17 -0700 Received: from 202.199.66.11 by bay2-dav31.bay2.hotmail.com with DAV; Wed, 07 May 2003 12:06:17 +0000 X-Originating-IP: [202.199.66.11] X-Originating-Email: [dsnofe@hotmail.com] Date: Wed, 07 May 2003 20:07:21 +0800 From: Snofe Deng To: freebsd-net@freebsd.org Message-Id: <20030507200628.85F7.DSNOFE@hotmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable X-Mailer: Becky! ver. 2.05.10 X-OriginalArrivalTime: 07 May 2003 12:06:17.0131 (UTC) FILETIME=[10363FB0:01C31491] Subject: I write a POP3 server, use kqueue/kevent and sendfile. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 12:06:17 -0000 Can be Download at http://snofe.dot66.net/missey/ Bugs report and patches is welcomed.:-) I have a benchmark about it. it can handle about 8000 connections on my machine(CR366, 256RAM) =2E..... FEATURES: Only suport FreeBSD now(4.8 and 5.x have tested), Other *BSD haven't test. Only support Maildir format. Only Support system user now, virtual user support will be add. Use a single process serve more clients. Use kqueue(2)/kevent(2) for polling. Use sendfile(2) to transfer mail. No temporary file used. Very fast and few memory used. Caching mail info.... More...... --=20 Snofe Deng From owner-freebsd-net@FreeBSD.ORG Wed May 7 10:37:45 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8760837B407 for ; Wed, 7 May 2003 10:37:45 -0700 (PDT) Received: from fesrv02.fe.unl.pt (fesrv02.fe.unl.pt [193.136.112.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id AA77143FDD for ; Wed, 7 May 2003 10:37:38 -0700 (PDT) (envelope-from Alvaro.Seco@fe.unl.pt) Received: from ZEON ([193.136.112.101]) by fesrv02.fe.unl.pt (Lotus Domino Release 5.0.8) with SMTP id 2003050718350978:2066 ; Wed, 7 May 2003 18:35:09 +0100 Message-ID: <003001c314bf$02c79850$0101a8c0@fe.unl.pt> From: "Alvaro Seco" To: Date: Wed, 7 May 2003 18:35:11 +0100 Organization: Faculdade de Economia da UNL MIME-Version: 1.0 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-MIMETrack: Itemize by SMTP Server on fesrv02/Nova(Release 5.0.8 |June 18, 2001) at 07-05-2003 18:35:09,07-05-2003 18:35:15, Serialize complete at 07-05-2003 18:35:15 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: dummynet & bridging problems with MAC OS X X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Alvaro Seco List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 17:37:45 -0000 Hi, I was trying to use ipfw, bridging and dummynet to control bandwidth = usage. The machine was installed between the outside router and the = switch where all the internal computers are connected.=20 =20 Everything is working fine, except for the computers with Mac OS X = installed. For them it's almost impossible to access a web page, because = the connection is very slow. For all the other computers with Windows = and Unix's OS, the connection speed is normal to the bandwidth = limitations caused by the bridging firewall. =20 The configuration of the bridging firewall is very simple, I only = created two pipes, one for outgoing and other to incoming traffic with = bandwidth limitations. =20 I will appreciate any help on the subject. =20 Thanks, Alvaro Seco =20 From owner-freebsd-net@FreeBSD.ORG Wed May 7 11:41:41 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 03DB237B401 for ; Wed, 7 May 2003 11:41:41 -0700 (PDT) Received: from hubsch.org (as1-3-6.ars.s.bonet.se [194.236.5.112]) by mx1.FreeBSD.org (Postfix) with SMTP id 919DD43FA3 for ; Wed, 7 May 2003 11:41:39 -0700 (PDT) (envelope-from nisse@hubsch.org) Received: (qmail 41521 invoked by uid 204); 7 May 2003 18:41:33 -0000 Received: from unknown (HELO snaps.home) (172.16.1.3) by 0 with SMTP; 7 May 2003 18:41:33 -0000 Date: Wed, 7 May 2003 20:41:33 +0200 (CEST) From: nisse@hubsch.org X-X-Sender: micke@snaps.home To: freebsd-net@freebsd.org Message-ID: <20030507203714.E41411-100000@snaps.home> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: ipfw2: Detecting packets without incoming interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 May 2003 18:41:41 -0000 In ipfw1 I could use "recv any" to indicate that a packet originated on a remote host. To for example prevent tcp traffic from being forwarded trough the host but still allow traffic to/from the host on all interfaces it was possible to say ipfw add deny tcp from any to any out recv any ipfw add allow tcp from any to any How do I do this with ipfw2? I want to detect locally generated packets. netinet/ip_fw2.c does't seem to handle the "any" case and ipfw2.c has the following code: /* Parse the interface or address */ if (!strcmp(arg, "any")) cmd->o.len = 0; /* effectively ignore this command */ -- Mikael Hubsch From owner-freebsd-net@FreeBSD.ORG Wed May 7 22:21:02 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB60B37B401 for ; Wed, 7 May 2003 22:21:02 -0700 (PDT) Received: from web14204.mail.yahoo.com (web14204.mail.yahoo.com [216.136.172.146]) by mx1.FreeBSD.org (Postfix) with SMTP id 6516743FB1 for ; Wed, 7 May 2003 22:21:02 -0700 (PDT) (envelope-from neelnatu@yahoo.com) Message-ID: <20030508052102.14548.qmail@web14204.mail.yahoo.com> Received: from [67.112.203.175] by web14204.mail.yahoo.com via HTTP; Wed, 07 May 2003 22:21:02 PDT Date: Wed, 7 May 2003 22:21:02 -0700 (PDT) From: Neelkanth Natu To: Snofe Deng , freebsd-net@freebsd.org In-Reply-To: <20030506200419.D011.DSNOFE@hotmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: Problem about kqueue. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 05:21:03 -0000 --- Snofe Deng wrote: > If I register: > {ident, EVFILT_READ} > {ident, EVFILT_WRITE} > {ident, EVFILT_TIMER} > pairs to kq;and all the piar with same ident which is a socket descriptor. > then I close(2) ident. Does this mean that all these three > {ident, filter} pairs will be removed just after the descriptor isclosed? No. The EVFILT_TIMER ident has a different namespace than the file descriptor namespace. The fact that the ident value for TIMER is the same as the socket fd is of no significance. > or should I use: > EV_SET(&evs, ident, EVFILT_READ, EV_DELETE, 0, 0, NULL) > EV_SET(&evs, ident, EVFILT_WRITE, EV_DELETE, 0, 0, NULL) > EV_SET(&evs, ident, EVFILT_TIMER, EV_DELETE, 0, 0, NULL) > to delete these three pairs? > > when I just closed the socket descriptor, the {ident, > EVFILT_READ/EVFILT_WRITE} are removed. but {ident, EVFILT_TIMER} > is still returned at next kevent(2) loop. Is it a bug? or why should > this happend? It is not a bug. Calling a close on a file descriptor will remove all kevents associated with that fd. So you don't have to explicitly delete them. However if you want to remove the EVFILT_TIMER event too, you have two choices: - Use EV_ONESHOT to automatically delete the kevent once it is delivered. - Explicitly delete it as you are doing above. best Neel > > when I use the second way, things worked ok. > Any one can help me? > thanks a lot! > > -- > Snofe Deng > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com From owner-freebsd-net@FreeBSD.ORG Wed May 7 22:30:07 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 19B8337B401 for ; Wed, 7 May 2003 22:30:07 -0700 (PDT) Received: from hotmail.com (bay2-f122.bay2.hotmail.com [65.54.247.122]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9771343FDF for ; Wed, 7 May 2003 22:30:06 -0700 (PDT) (envelope-from dsnofe@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 7 May 2003 22:30:06 -0700 Received: from 202.199.66.121 by by2fd.bay2.hotmail.msn.com with HTTP; Thu, 08 May 2003 05:30:05 GMT X-Originating-IP: [202.199.66.121] X-Originating-Email: [dsnofe@hotmail.com] From: "Snofe Deng" To: neelnatu@yahoo.com, freebsd-net@freebsd.org Date: Thu, 08 May 2003 05:30:05 +0000 Mime-Version: 1.0 Content-Type: text/plain; charset=gb2312; format=flowed Message-ID: X-OriginalArrivalTime: 08 May 2003 05:30:06.0492 (UTC) FILETIME=[E23855C0:01C31522] Subject: Re: Problem about kqueue. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 05:30:07 -0000 thanks. and another problem is that: if i register: {ident, EVFILT_READ} {ident, EVFILT_WRITE} {ident, EVFILT_TIMER} to kq; than I register: {newident, EV_DELETE} , I do not set the filter's value, just set the flags. does this action will remove all pairs which ident equal the newident? thanks! >From: Neelkanth Natu >To: Snofe Deng , freebsd-net@freebsd.org >Subject: Re: Problem about kqueue. >Date: Wed, 7 May 2003 22:21:02 -0700 (PDT) >MIME-Version: 1.0 >Received: from web14204.mail.yahoo.com ([216.136.172.146]) by mc8-f18.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Wed, 7 May 2003 22:21:03 -0700 >Received: from [67.112.203.175] by web14204.mail.yahoo.com via HTTP; Wed, 07 May 2003 22:21:02 PDT >X-Message-Info: JGTYoYF78jEHjJx36Oi8+Q1OJDRSDidP >Message-ID: <20030508052102.14548.qmail@web14204.mail.yahoo.com> >In-Reply-To: <20030506200419.D011.DSNOFE@hotmail.com> >Return-Path: neelnatu@yahoo.com >X-OriginalArrivalTime: 08 May 2003 05:21:03.0101 (UTC) FILETIME=[9E5572D0:01C31521] > > >--- Snofe Deng wrote: > > If I register: > > {ident, EVFILT_READ} > > {ident, EVFILT_WRITE} > > {ident, EVFILT_TIMER} > > pairs to kq;and all the piar with same ident which is a socket descriptor. > > then I close(2) ident. Does this mean that all these three > > {ident, filter} pairs will be removed just after the descriptor isclosed? > >No. The EVFILT_TIMER ident has a different namespace than the >file descriptor namespace. The fact that the ident value for TIMER >is the same as the socket fd is of no significance. > > > or should I use: > > EV_SET(&evs, ident, EVFILT_READ, EV_DELETE, 0, 0, NULL) > > EV_SET(&evs, ident, EVFILT_WRITE, EV_DELETE, 0, 0, NULL) > > EV_SET(&evs, ident, EVFILT_TIMER, EV_DELETE, 0, 0, NULL) > > to delete these three pairs? > > > > when I just closed the socket descriptor, the {ident, > > EVFILT_READ/EVFILT_WRITE} are removed. but {ident, EVFILT_TIMER} > > is still returned at next kevent(2) loop. Is it a bug? or why should > > this happend? > >It is not a bug. Calling a close on a file descriptor will remove >all kevents associated with that fd. So you don't have to explicitly >delete them. > >However if you want to remove the EVFILT_TIMER event too, you have >two choices: >- Use EV_ONESHOT to automatically delete the kevent once it is > delivered. >- Explicitly delete it as you are doing above. > >best >Neel > > > > > when I use the second way, things worked ok. > > Any one can help me? > > thanks a lot! > > > > -- > > Snofe Deng > > > > > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > >__________________________________ >Do you Yahoo!? >The New Yahoo! Search - Faster. Easier. Bingo. >http://search.yahoo.com _________________________________________________________________ ÓëÁª»úµÄÅóÓѽøÐн»Á÷£¬ÇëʹÓà MSN Messenger: http://messenger.msn.com/cn From owner-freebsd-net@FreeBSD.ORG Wed May 7 22:51:30 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 34AA037B401 for ; Wed, 7 May 2003 22:51:30 -0700 (PDT) Received: from web14205.mail.yahoo.com (web14205.mail.yahoo.com [216.136.172.151]) by mx1.FreeBSD.org (Postfix) with SMTP id AFAC043FBD for ; Wed, 7 May 2003 22:51:29 -0700 (PDT) (envelope-from neelnatu@yahoo.com) Message-ID: <20030508055129.37892.qmail@web14205.mail.yahoo.com> Received: from [67.112.203.175] by web14205.mail.yahoo.com via HTTP; Wed, 07 May 2003 22:51:29 PDT Date: Wed, 7 May 2003 22:51:29 -0700 (PDT) From: Neelkanth Natu To: Snofe Deng , freebsd-net@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: Problem about kqueue. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 05:51:30 -0000 --- Snofe Deng wrote: > thanks. and another problem is that: > if i register: > {ident, EVFILT_READ} > {ident, EVFILT_WRITE} > {ident, EVFILT_TIMER} > to kq; > > than I register: > {newident, EV_DELETE} , I do not set the filter's value, just set the > flags. > does this action will remove all pairs which ident equal the newident? No. I don't think so. Looking at the code, it seems you should get back an EINVAL. I don't have a machine handy to validate this though. best Neel > > > thanks! > > > > > > > > >From: Neelkanth Natu > >To: Snofe Deng , freebsd-net@freebsd.org > >Subject: Re: Problem about kqueue. > >Date: Wed, 7 May 2003 22:21:02 -0700 (PDT) > >MIME-Version: 1.0 > >Received: from web14204.mail.yahoo.com ([216.136.172.146]) by > mc8-f18.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Wed, 7 May > 2003 22:21:03 -0700 > >Received: from [67.112.203.175] by web14204.mail.yahoo.com via HTTP; Wed, > 07 May 2003 22:21:02 PDT > >X-Message-Info: JGTYoYF78jEHjJx36Oi8+Q1OJDRSDidP > >Message-ID: <20030508052102.14548.qmail@web14204.mail.yahoo.com> > >In-Reply-To: <20030506200419.D011.DSNOFE@hotmail.com> > >Return-Path: neelnatu@yahoo.com > >X-OriginalArrivalTime: 08 May 2003 05:21:03.0101 (UTC) > FILETIME=[9E5572D0:01C31521] > > > > > >--- Snofe Deng wrote: > > > If I register: > > > {ident, EVFILT_READ} > > > {ident, EVFILT_WRITE} > > > {ident, EVFILT_TIMER} > > > pairs to kq;and all the piar with same ident which is a socket > descriptor. > > > then I close(2) ident. Does this mean that all these three > > > {ident, filter} pairs will be removed just after the descriptor > isclosed? > > > >No. The EVFILT_TIMER ident has a different namespace than the > >file descriptor namespace. The fact that the ident value for TIMER > >is the same as the socket fd is of no significance. > > > > > or should I use: > > > EV_SET(&evs, ident, EVFILT_READ, EV_DELETE, 0, 0, NULL) > > > EV_SET(&evs, ident, EVFILT_WRITE, EV_DELETE, 0, 0, NULL) > > > EV_SET(&evs, ident, EVFILT_TIMER, EV_DELETE, 0, 0, NULL) > > > to delete these three pairs? > > > > > > when I just closed the socket descriptor, the {ident, > > > EVFILT_READ/EVFILT_WRITE} are removed. but {ident, EVFILT_TIMER} > > > is still returned at next kevent(2) loop. Is it a bug? or why should > > > this happend? > > > >It is not a bug. Calling a close on a file descriptor will remove > >all kevents associated with that fd. So you don't have to explicitly > >delete them. > > > >However if you want to remove the EVFILT_TIMER event too, you have > >two choices: > >- Use EV_ONESHOT to automatically delete the kevent once it is > > delivered. > >- Explicitly delete it as you are doing above. > > > >best > >Neel > > > > > > > > when I use the second way, things worked ok. > > > Any one can help me? > > > thanks a lot! > > > > > > -- > > > Snofe Deng > > > > > > > > > _______________________________________________ > > > freebsd-net@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > > > >__________________________________ > >Do you Yahoo!? > >The New Yahoo! Search - Faster. Easier. Bingo. > >http://search.yahoo.com > > _________________________________________________________________ > ÓëÁª»úµÄÅóÓѽøÐн»Á÷£¬ÇëʹÓà MSN Messenger: http://messenger.msn.com/cn > __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com From owner-freebsd-net@FreeBSD.ORG Thu May 8 03:02:24 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 584DF37B401 for ; Thu, 8 May 2003 03:02:24 -0700 (PDT) Received: from pasmtp.tele.dk (pasmtp.tele.dk [193.162.159.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1AD8B43FD7 for ; Thu, 8 May 2003 03:02:20 -0700 (PDT) (envelope-from krask@isupport.dk) Received: from pc100 (0x50a3814c.unknown.tele.dk [80.163.129.76]) by pasmtp.tele.dk (Postfix) with SMTP id CE838B5CC for ; Thu, 8 May 2003 12:02:14 +0200 (CEST) Message-ID: <001301c31548$0b7436a0$0a01a8c0@example.org> From: "Kristian Rask" To: Date: Thu, 8 May 2003 11:55:55 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Subject: Problem : MPD 3.10 on 5.0-R and Win. clients X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 10:02:24 -0000 Hi I have a 5.0-R w. MPD 3.10 installed from packages I have copied and modified (in terms of actual IP's) 10 different = configuration examples from the web. I have tried using the working scripts from a 4.x-R w. MPD-3.8 nomatter what i do, the clients can connect to the server. The log files shows rejects of MP MRRU 1640 and CALLBACK The final messages is about "NOT CONVERGING" I have read a few places that MPD is very picky on client settings.. Any pointers would be much appreciated Any references to websites that features both server and client side = configuration would be nice. The Windows clients used are: Windows 2000 Windows 2000 Server, fully upgraded Windows XP ? fully upgraded regards and tia Kristian "The eternal newbie" From owner-freebsd-net@FreeBSD.ORG Thu May 8 04:00:49 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A6BC37B401 for ; Thu, 8 May 2003 04:00:49 -0700 (PDT) Received: from beast.jawa.at (jawa.at [213.229.17.146]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0660743F3F for ; Thu, 8 May 2003 04:00:48 -0700 (PDT) (envelope-from mbretter@jawa.at) Received: from jawa.at (beast.jawa.at [192.168.200.10]) by beast.jawa.at (Postfix) with ESMTP id ECFAF2D6D4; Thu, 8 May 2003 13:00:45 +0200 (CEST) Message-ID: <3EBA38DE.3030506@jawa.at> Date: Thu, 08 May 2003 13:00:46 +0200 From: Michael Bretterklieber Organization: JAWA Management Software GmbH User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de-AT; rv:1.3) Gecko/20030312 X-Accept-Language: de, en MIME-Version: 1.0 To: Kristian Rask References: <001301c31548$0b7436a0$0a01a8c0@example.org> In-Reply-To: <001301c31548$0b7436a0$0a01a8c0@example.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Problem : MPD 3.10 on 5.0-R and Win. clients X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 11:00:49 -0000 Hi, Kristian Rask schrieb: > Hi > > I have a 5.0-R w. MPD 3.10 installed from packages > > I have copied and modified (in terms of actual IP's) 10 different configuration examples from the web. > I have tried using the working scripts from a 4.x-R w. MPD-3.8 > > nomatter what i do, the clients can connect to the server. > The log files shows rejects of MP MRRU 1640 and CALLBACK CALLBACK is currently not implemented. What kind of link do you use (PPTP, Modem) ? > The final messages is about "NOT CONVERGING" > this usualy means, that it wasn't possible to assign an IP-Adress to the client. can you please provide a full log and your configuration? bye, -- ------------------------------- ---------------------------------- Michael Bretterklieber - http://www.bretterklieber.com JAWA Management Software GmbH - http://www.jawa.at Tel: ++43-(0)316-403274-12 - GSM: ++43-(0)676-84 03 15 712 ------------------------------- ---------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 From owner-freebsd-net@FreeBSD.ORG Thu May 8 04:05:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7AA3F37B401 for ; Thu, 8 May 2003 04:05:52 -0700 (PDT) Received: from mailspool.ops.uunet.co.za (mailspool.ops.uunet.co.za [196.7.0.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 95AFF43FA3 for ; Thu, 8 May 2003 04:05:48 -0700 (PDT) (envelope-from ianf@wcom.com) Received: from copernicus.so.cpt1.za.uu.net ([196.30.72.32]) by mailspool.ops.uunet.co.za with esmtp (Exim 3.36 #1) id 19DjDJ-000Jbm-00; Thu, 08 May 2003 13:05:25 +0200 Received: from localhost ([127.0.0.1] helo=wcom.com) by copernicus.so.cpt1.za.uu.net with esmtp (Exim 3.36 #1) id 19DjDH-000ARV-00; Thu, 08 May 2003 13:05:23 +0200 To: Lars =?iso-8859-1?Q?K=F6ller?= References: <200305051311.h45DBJq26003@rayadm.hrz.uni-bielefeld.de> From: "Ian Freislich" X-image-url: http://www.digs.iafrica.com/gallery/ian-small.gif X-BOFH: true X-LART: Depleted uranium X-No-Junk-Mail: I do not want to get *any* junk mail. You have been deleted Date: Thu, 08 May 2003 13:05:23 +0200 Message-ID: <40144.1052391923@wcom.com> Sender: ianf@wcom.com cc: freebsd-net@freebsd.org Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 11:05:52 -0000 Lars =?iso-8859-1?Q?K=F6ller?= wrote: > -------- > > Dear experts, > > i've discussed the reported problem with our experts here at the = > computing center, and we don't have a clue for the problem reported in = > PR 51586. It seems that your problem relates to rshd using privileged ports to create the stderr socket back to the originating rsh client. The interesting log message is in the messages file of the server running the remote shell daemon: May 8 12:45:11 brane rshd[13988]: can't get stderr port: Can't assign requested address rresvport_af(3) returns this error because I suspect that it thinks this address is already in use, perhaps because the address/port pair is in TIME_WAIT, although I don't have time to test this suspicion and my network programming and protocol experience is not good enough to say this is the case outright without testing. It seems that this problem is further compounded by inetd terminating the shell service when one of the rshd programs it ran returns an exit status other than 0, which rshd does when it encounters this error. This simple patch to rshd.c (which is an unholy cludge until someone can fix the rresvport_af(3) function) makes rshd return an exit status of 0 on this particular error so at least inetd doesn't stop the service requiring a SIGHUP to restart it. You can then test the return status of your rsh ($?) for a value of 1 and 'select: protocol failure in circuit setup' on stderr and retry that test. (/usr/src/libexec/rshd, apply this, make and make install the patched rshd) --- rshd.c.orig Thu May 8 12:55:46 2003 +++ rshd.c Thu May 8 12:43:31 2003 @@ -296,7 +296,7 @@ s = rresvport_af(&lport, af); if (s < 0) { syslog(LOG_ERR, "can't get stderr port: %m"); - exit(1); + exit(0); } if (port >= IPPORT_RESERVED || port < IPPORT_RESERVED/2) { I know this is a horrible solution and shouldn't be committed, but at least you have a work-around so you can get your virus scanner farm up in the mean time while someone fixes this propperly. Ian From owner-freebsd-net@FreeBSD.ORG Thu May 8 04:49:05 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E949B37B401; Thu, 8 May 2003 04:49:04 -0700 (PDT) Received: from mail.uni-bielefeld.de (mail2.uni-bielefeld.de [129.70.4.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6983043FEA; Thu, 8 May 2003 04:49:03 -0700 (PDT) (envelope-from lars.koeller@uni-bielefeld.de) Received: from rayadm.hrz.uni-bielefeld.de (rayadm.hrz.uni-bielefeld.de [129.70.202.15]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0HEK007SYGP5PE@mail.uni-bielefeld.de>; Thu, 8 May 2003 13:46:19 +0200 (MET DST) Received: from rayadm.hrz.uni-bielefeld.de (lkoeller@localhost) h48BkHP13996; Thu, 08 May 2003 13:46:17 +0200 (MEST) Date: Thu, 08 May 2003 13:46:16 +0200 From: Lars =?iso-8859-1?Q?K=F6ller?= X-Face: eCcoCV}FjV*O{6>[1$XP/e%]TJhEw2MF33dFh)^HM7Gfd=[/(4+0a$~ "of Thu, 08 May 2003 13:05:23 +0200." <40144.1052391923@wcom.com> Sender: lars.koeller@uni-bielefeld.de To: Ian Freislich Message-id: <200305081146.h48BkHP13996@rayadm.hrz.uni-bielefeld.de> MIME-version: 1.0 X-Mailer: exmh version 2.6.1 02/18/2003 with nmh-1.0.4 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: quoted-printable cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org cc: Lars =?iso-8859-1?Q?K=F6ller?= Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 11:49:05 -0000 ---------- Hi! In reply to Ian Freislich who wrote: = > Lars =3D?iso-8859-1?Q?K=3DF6ller?=3D wrote: > > -------- > > = > > Dear experts, > > = > > i've discussed the reported problem with our experts here at the =3D > > computing center, and we don't have a clue for the problem reported i= n =3D > > PR 51586. > = > It seems that your problem relates to rshd using privileged ports > to create the stderr socket back to the originating rsh client. > The interesting log message is in the messages file of the server > running the remote shell daemon: > = > May 8 12:45:11 brane rshd[13988]: can't get stderr port: Can't assign = requested address > = > rresvport_af(3) returns this error because I suspect that it thinks > this address is already in use, perhaps because the address/port > pair is in TIME_WAIT, although I don't have time to test this > suspicion and my network programming and protocol experience is not > good enough to say this is the case outright without testing. NO,NO! Netstat says nothing about that. Even I tune msl time to go out = of TIME_WAIT very fast (only intranet connection on same switch!). The ethereal dump in the PR shown, that an initial communication takes = place, but the final ACK to establish the connection fails! > It seems that this problem is further compounded by inetd terminating > the shell service when one of the rshd programs it ran returns an > exit status other than 0, which rshd does when it encounters this > error. This simple patch to rshd.c (which is an unholy cludge until > someone can fix the rresvport_af(3) function) makes rshd return an > exit status of 0 on this particular error so at least inetd doesn't > stop the service requiring a SIGHUP to restart it. You can then > test the return status of your rsh ($?) for a value of 1 and 'select: > protocol failure in circuit setup' on stderr and retry that test. > = > (/usr/src/libexec/rshd, apply this, make and make install the patched r= shd) > --- rshd.c.orig Thu May 8 12:55:46 2003 > +++ rshd.c Thu May 8 12:43:31 2003 > @@ -296,7 +296,7 @@ > s =3D rresvport_af(&lport, af); > if (s < 0) { > syslog(LOG_ERR, "can't get stderr port: %m"); > - exit(1); > + exit(0); > } > if (port >=3D IPPORT_RESERVED || > port < IPPORT_RESERVED/2) { > = > I know this is a horrible solution and shouldn't be committed, but > at least you have a work-around so you can get your virus scanner > farm up in the mean time while someone fixes this propperly. This dosen't help, cause the port can be reserved by the rshd. The = problem is the establishing of the connection, so this is not the right = place in the source. However, the mailserver, which calls the rsh client is a solaris 8 machine :-( A better solution was the possibility to disable the backport on the = client side with a flag. But I don't know if the protocol works in this = state, cause signaling is also send over this connection. Many thanks for your suggestions Lars -- = E-Mail: Lars.Koeller@Uni-Bielefeld.DE \ Lars K=F6ller lkoeller@FreeBSD.org \ CC University of PGP: http://www.uk.pgp.net/pgpnet/wwwkeys.html \ Bielefeld, Germany = Key-ID: A430D499 \ Tel: +49 521 106 4964 ----------- FreeBSD, what else? ---- http://www.freebsd.org -------------= From owner-freebsd-net@FreeBSD.ORG Thu May 8 06:39:23 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC43E37B401; Thu, 8 May 2003 06:39:23 -0700 (PDT) Received: from mailspool.ops.uunet.co.za (mailspool.ops.uunet.co.za [196.7.0.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id E8ECA43F75; Thu, 8 May 2003 06:39:18 -0700 (PDT) (envelope-from ianf@wcom.com) Received: from copernicus.so.cpt1.za.uu.net ([196.30.72.32]) by mailspool.ops.uunet.co.za with esmtp (Exim 3.36 #1) id 19Dlc7-000Peh-00; Thu, 08 May 2003 15:39:11 +0200 Received: from localhost ([127.0.0.1] helo=wcom.com) by copernicus.so.cpt1.za.uu.net with esmtp (Exim 3.36 #1) id 19Dlc4-000BDX-00; Thu, 08 May 2003 15:39:08 +0200 To: Lars =?iso-8859-1?Q?K=F6ller?= In-reply-to: Your message of "Thu, 08 May 2003 13:46:16 +0200." <200305081146.h48BkHP13996@rayadm.hrz.uni-bielefeld.de> References: <200305081146.h48BkHP13996@rayadm.hrz.uni-bielefeld.de> From: "Ian Freislich" X-image-url: http://www.digs.iafrica.com/gallery/ian-small.gif X-BOFH: true X-LART: Depleted uranium X-No-Junk-Mail: I do not want to get *any* junk mail. You have been deleted Date: Thu, 08 May 2003 15:39:08 +0200 Message-ID: <43122.1052401148@wcom.com> Sender: ianf@wcom.com cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 13:39:24 -0000 Lars wrote: > > rresvport_af(3) returns this error because I suspect that it thinks > > this address is already in use, perhaps because the address/port > > pair is in TIME_WAIT, although I don't have time to test this > > suspicion and my network programming and protocol experience is not > > good enough to say this is the case outright without testing. > > NO,NO! Netstat says nothing about that. Even I tune msl time to go out = > of TIME_WAIT very fast (only intranet connection on same switch!). > The ethereal dump in the PR shown, that an initial communication takes = > place, but the final ACK to establish the connection fails! Interesting. I setup rshd and inet exactly like you did and ran your test script and it broke in almost exactly the same way it did for you: while true do /usr/bin/rsh brane -l ianf pwd; ret=$? if [ "$ret" != "0" ] then echo "Return Code: $ret" break fi done Loops several hundred times and the immediately prints: /usr/home/ianf /usr/home/ianf /usr/home/ianf select: protocol failure in circuit setup Return Code: 1 At this point on the server 'brane' I get the following in /var/log/messages: May 8 14:23:10 brane rshd[16886]: can't get stderr port: Can't assign requested address This message is logged by rshd when it is unable to open the connection for stderr back to the originating rsh client. Have you turned on net.inet.tcp.blackhole=2 which would result in ICMP port unreachable messages not being sent? What is the output of 'netstat -anf inet |grep -v TIME_WAIT' on machine2 after you get the timeout connecting to machine2? Is the tcp *.514 LISTEN line missing after you get the timeout. What do you get in your messages file on machine2 (the one running the rsh server)? I suspect that you're not getting ICMP port unreachable after inetd silently terminated the shell service because of rshd's exit code so your connection timed out. > > (/usr/src/libexec/rshd, apply this, make and make install the patched r= > shd) > > --- rshd.c.orig Thu May 8 12:55:46 2003 > > +++ rshd.c Thu May 8 12:43:31 2003 > > @@ -296,7 +296,7 @@ > > s =3D rresvport_af(&lport, af); > > if (s < 0) { > > syslog(LOG_ERR, "can't get stderr port: %m"); > > - exit(1); > > + exit(0); > > } > > if (port >=3D IPPORT_RESERVED || > > port < IPPORT_RESERVED/2) { > > = > > > I know this is a horrible solution and shouldn't be committed, but > > at least you have a work-around so you can get your virus scanner > > farm up in the mean time while someone fixes this propperly. > > This dosen't help, cause the port can be reserved by the rshd. The > problem is the establishing of the connection, so this is not the right > place in the source. Which port is reserved by rshd? An incoming connection is established on 514. rshd reads a port number off that connection and initiates a connection back to the originator on the specified port. Both these connections need to be established for the shell service to come up. I'm not sure that I trust the tcpdump in your PR becuase I tried to dump the entire run from the script on both my test servers and the two dumps didn't match and some sequences were out of order. Only when I dumped the packets to a file and used tcpdump to read the file did the dumps from each server match. Here's a good rsh session: 15:04:31.944902 196.7.162.26.1001 > 196.7.162.25.514: S 242763540:242763540(0) win 65535 (DF) 15:04:31.944965 196.7.162.25.514 > 196.7.162.26.1001: S 1769914383:1769914383(0) ack 242763541 win 57344 (DF) 15:04:31.945271 196.7.162.26.1001 > 196.7.162.25.514: . ack 1 win 33304 (DF) 15:04:31.945572 196.7.162.26.1001 > 196.7.162.25.514: P 1:6(5) ack 1 win 33304 (DF) 15:04:31.945600 196.7.162.25.514 > 196.7.162.26.1001: . ack 6 win 57915 (DF) 15:04:31.952264 196.7.162.25.929 > 196.7.162.26.1000: S 206573132:206573132(0) win 57344 (DF) 15:04:31.952525 196.7.162.26.1000 > 196.7.162.25.929: S 740063972:740063972(0) ack 206573133 win 65535 (DF) 15:04:31.952560 196.7.162.25.929 > 196.7.162.26.1000: . ack 1 win 57920 (DF) 15:04:31.953030 196.7.162.26.1001 > 196.7.162.25.514: P 6:11(5) ack 1 win 33304 (DF) 15:04:31.953064 196.7.162.25.514 > 196.7.162.26.1001: . ack 11 win 57915 (DF) 15:04:31.953316 196.7.162.26.1001 > 196.7.162.25.514: P 11:20(9) ack 1 win 33304 (DF) 15:04:31.953334 196.7.162.25.514 > 196.7.162.26.1001: . ack 20 win 57911 (DF) 15:04:31.954560 196.7.162.25.514 > 196.7.162.26.1001: P 1:2(1) ack 20 win 57920 (DF) 15:04:31.954787 196.7.162.26.1001 > 196.7.162.25.514: . ack 2 win 33303 (DF) 15:04:31.958429 196.7.162.25.514 > 196.7.162.26.1001: P 2:17(15) ack 20 win 57920 (DF) 15:04:31.958516 196.7.162.25.514 > 196.7.162.26.1001: F 17:17(0) ack 20 win 57920 (DF) 15:04:31.958697 196.7.162.26.1001 > 196.7.162.25.514: . ack 17 win 33296 (DF) 15:04:31.958795 196.7.162.26.1001 > 196.7.162.25.514: . ack 18 win 33296 (DF) 15:04:31.959146 196.7.162.25.929 > 196.7.162.26.1000: F 1:1(0) ack 1 win 57920 (DF) 15:04:31.959440 196.7.162.26.1000 > 196.7.162.25.929: . ack 2 win 33304 (DF) 15:04:31.961198 196.7.162.26.1001 > 196.7.162.25.514: F 20:20(0) ack 18 win 33304 (DF) 15:04:31.961239 196.7.162.25.514 > 196.7.162.26.1001: . ack 21 win 57920 (DF) 15:04:31.961303 196.7.162.26.1000 > 196.7.162.25.929: F 1:1(0) ack 2 win 33304 (DF) 15:04:31.961321 196.7.162.25.929 > 196.7.162.26.1000: . ack 2 win 57919 (DF) And here's the last one that failed: 15:04:31.984458 196.7.162.26.999 > 196.7.162.25.514: S 3911362959:3911362959(0) win 65535 (DF) 15:04:31.984514 196.7.162.25.514 > 196.7.162.26.999: S 834974100:834974100(0) ack 3911362960 win 57344 (DF) 15:04:31.984863 196.7.162.26.999 > 196.7.162.25.514: . ack 1 win 33304 (DF) 15:04:31.985141 196.7.162.26.999 > 196.7.162.25.514: P 1:5(4) ack 1 win 33304 (DF) 15:04:31.985165 196.7.162.25.514 > 196.7.162.26.999: . ack 5 win 57916 (DF) 15:04:31.992888 196.7.162.25.514 > 196.7.162.26.999: F 1:1(0) ack 5 win 57920 (DF) 15:04:31.993164 196.7.162.26.999 > 196.7.162.25.514: . ack 2 win 33304 (DF) 15:04:31.993698 196.7.162.26.999 > 196.7.162.25.514: F 5:5(0) ack 2 win 33304 (DF) 15:04:31.993737 196.7.162.25.514 > 196.7.162.26.999: . ack 6 win 57920 (DF) You'll notice the absence of the second SYN from 196.7.162.25 to 196.7.162.26 and instead 196.7.162.25 immediately sends a FIN. It was at this point that rshd couldn't get the second port and terminated the connection. > However, the mailserver, which calls the rsh client is a solaris > 8 machine :-( That's not a problem because I believe the problem to be in rshd and most likely in libc in rresvport_af(3). Ian From owner-freebsd-net@FreeBSD.ORG Thu May 8 07:49:22 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 388BB37B401; Thu, 8 May 2003 07:49:22 -0700 (PDT) Received: from mail.uni-bielefeld.de (mail2.uni-bielefeld.de [129.70.4.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9A9D643F93; Thu, 8 May 2003 07:49:20 -0700 (PDT) (envelope-from lars.koeller@uni-bielefeld.de) Received: from rayadm.hrz.uni-bielefeld.de (rayadm.hrz.uni-bielefeld.de [129.70.202.15]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0HEK00DD3P4P66@mail.uni-bielefeld.de>; Thu, 8 May 2003 16:48:27 +0200 (MET DST) Received: from rayadm.hrz.uni-bielefeld.de (lkoeller@localhost) h48EmO628174; Thu, 08 May 2003 16:48:24 +0200 (MEST) Date: Thu, 08 May 2003 16:48:24 +0200 From: Lars =?iso-8859-1?Q?K=F6ller?= X-Face: eCcoCV}FjV*O{6>[1$XP/e%]TJhEw2MF33dFh)^HM7Gfd=[/(4+0a$~ "of Thu, 08 May 2003 15:39:08 +0200." <43122.1052401148@wcom.com> Sender: lars.koeller@uni-bielefeld.de To: Ian Freislich Message-id: <200305081448.h48EmO628174@rayadm.hrz.uni-bielefeld.de> MIME-version: 1.0 X-Mailer: exmh version 2.6.1 02/18/2003 with nmh-1.0.4 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: quoted-printable cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org cc: Lars =?iso-8859-1?Q?K=F6ller?= Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 14:49:22 -0000 ---------- In reply to Ian Freislich who wrote: = > Lars wrote: > Interesting. I setup rshd and inet exactly like you did and ran > your test script and it broke in almost exactly the same way it did > for you: Fine, that are good news ;-) > while true > do > /usr/bin/rsh brane -l ianf pwd; ret=3D$? > if [ "$ret" !=3D "0" ] > then > echo "Return Code: $ret" > break > fi > done > = > Loops several hundred times and the immediately prints: > = > /usr/home/ianf > /usr/home/ianf > /usr/home/ianf > select: protocol failure in circuit setup > Return Code: 1 > = > At this point on the server 'brane' I get the following in /var/log/mes= sages: > May 8 14:23:10 brane rshd[16886]: can't get stderr port: Can't assign = requested address > = > This message is logged by rshd when it is unable to open the > connection for stderr back to the originating rsh client. Have you > turned on net.inet.tcp.blackhole=3D2 which would result in ICMP port No. > unreachable messages not being sent? What is the output of 'netstat 73660 : netstat -anf inet |grep -v TIME_WAIT = Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state= ) tcp4 0 0 129.70.4.47.623 129.70.4.48.927 SYN_SE= NT tcp4 0 0 129.70.4.47.514 129.70.4.48.928 ESTABL= ISHED tcp4 0 0 129.70.4.47.6100 129.70.4.47.4755 ESTABL= ISHED tcp4 0 0 129.70.4.47.4755 129.70.4.47.6100 ESTABL= ISHED tcp4 0 0 129.70.4.47.6100 129.70.4.47.4628 ESTABL= ISHED tcp4 0 0 129.70.4.47.4628 129.70.4.47.6100 ESTABL= ISHED tcp4 0 32 129.70.4.47.6100 129.70.4.47.4627 ESTABL= ISHED tcp4 0 0 129.70.4.47.4627 129.70.4.47.6100 ESTABL= ISHED tcp4 0 0 *.6100 *.* LISTEN= tcp4 0 0 129.70.4.47.22 129.70.202.15.34465 ESTABL= ISHED tcp4 0 0 *.587 *.* LISTEN= tcp4 0 0 *.25 *.* LISTEN= tcp4 0 0 *.514 *.* LISTEN= tcp4 0 0 *.22 *.* LISTEN= tcp4 0 0 *.515 *.* LISTEN= udp4 0 0 127.0.0.1.123 *.* = udp4 0 0 129.70.4.47.123 *.* = udp4 0 0 *.123 *.* = udp4 0 0 *.514 *.* = udp4 0 0 129.70.4.47.1019 129.70.4.48.2049 = > -anf inet |grep -v TIME_WAIT' on machine2 after you get the timeout > connecting to machine2? Is the tcp *.514 LISTEN line missing after No, as you can see above. It's possibe to connect from a third machine = to machine2 during the timeout/hang. > you get the timeout. What do you get in your messages file on > machine2 (the one running the rsh server)? I suspect that you're rshd[83865]: connect second port 927: Operation timed out > not getting ICMP port unreachable after inetd silently terminated > the shell service because of rshd's exit code so your connection > timed out. > = > -snip- >....... > -snip- > > That's not a problem because I believe the problem to be in rshd > and most likely in libc in rresvport_af(3). Best regards Lars -- = E-Mail: Lars.Koeller@Uni-Bielefeld.DE \ Lars K=F6ller lkoeller@FreeBSD.org \ CC University of PGP: http://www.uk.pgp.net/pgpnet/wwwkeys.html \ Bielefeld, Germany = Key-ID: A430D499 \ Tel: +49 521 106 4964 ----------- FreeBSD, what else? ---- http://www.freebsd.org -------------= From owner-freebsd-net@FreeBSD.ORG Thu May 8 08:04:21 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC4F837B401 for ; Thu, 8 May 2003 08:04:21 -0700 (PDT) Received: from inception.quiecom.com (inception.quiecom.com [216.127.82.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 19CF743FBF for ; Thu, 8 May 2003 08:04:17 -0700 (PDT) (envelope-from fish@fish-mail.com) Received: from [10.1.130.14] (internet-user.jwt.com [208.44.60.32]) (authenticated) by inception.quiecom.com (8.11.6/8.11.6) with ESMTP id h48EuFB23782 for ; Thu, 8 May 2003 10:56:15 -0400 From: Fish To: freebsd-net@freebsd.org Content-Type: text/plain Organization: Message-Id: <1052406094.760.26.camel@current> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.4 Date: 08 May 2003 11:01:35 -0400 Content-Transfer-Encoding: 7bit Subject: CheckPoint vpn connectivity with FreeBSD as a Client X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 15:04:22 -0000 I'm not subscribed, so please CC me on any responses. Failing that, I'll just check the archives periodically. We have a CheckPoint VPN-1 box at the office, and can use SecuRemote for W2K to VPN in. I would like to set up my FreeBSD -Current laptop to connect when I do not have access to make changes at the firewall level. That means I can't set up a shared secret and do it nice and easy that way. I've read some documentation, including what I thought to be most relevant at the following addresses, and these are the questions I still have for anyone who knows. http://www.deathstar.ch/security/fw1/Encryption/FAQ0271.htm http://www.daemonnews.org/200101/ipsec-howto.html http://www.freebsd.org/doc/en_US.ISO8859-1/articles/checkpoint/index.html 1. Without any access to the firewall/VPN server, is it possible to set up my laptop with racoon to authenticate to the server? Also please note that the SecuRemote client setup prompts you for a username and password which I can't seem to find any info on how to provide on the client-side. 2. One of the first things you have to do on the FreeBSD client side is to set up the policy for what traffic should and should not be encrypted, but one of the first things that happens with the SecuRemote client is that it sends you the policy for which hosts are to have encrypted communications et cetera. How can this be dealt with? 3. Is this even possible? In retrospect, question three probably should have been first. Any information is greatly appreciated. Thanks, Fish From owner-freebsd-net@FreeBSD.ORG Thu May 8 08:24:10 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8EE3837B405; Thu, 8 May 2003 08:24:10 -0700 (PDT) Received: from mailspool.ops.uunet.co.za (mailspool.ops.uunet.co.za [196.7.0.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id E758543FBF; Thu, 8 May 2003 08:24:08 -0700 (PDT) (envelope-from ianf@wcom.com) Received: from copernicus.so.cpt1.za.uu.net ([196.30.72.32]) by mailspool.ops.uunet.co.za with esmtp (Exim 3.36 #1) id 19DnFX-0003H3-00; Thu, 08 May 2003 17:23:59 +0200 Received: from localhost ([127.0.0.1] helo=wcom.com) by copernicus.so.cpt1.za.uu.net with esmtp (Exim 3.36 #1) id 19DnFJ-000Caz-00; Thu, 08 May 2003 17:23:45 +0200 To: Lars =?iso-8859-1?Q?K=F6ller?= In-reply-to: Your message of "Thu, 08 May 2003 16:48:24 +0200." <200305081448.h48EmO628174@rayadm.hrz.uni-bielefeld.de> References: <200305081448.h48EmO628174@rayadm.hrz.uni-bielefeld.de> From: "Ian Freislich" X-image-url: http://www.digs.iafrica.com/gallery/ian-small.gif X-BOFH: true X-LART: Depleted uranium X-No-Junk-Mail: I do not want to get *any* junk mail. You have been deleted Date: Thu, 08 May 2003 17:23:45 +0200 Message-ID: <48420.1052407425@wcom.com> Sender: ianf@wcom.com cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 15:24:11 -0000 Lars =?iso-8859-1?Q?K=F6ller?= wrote: > > -anf inet |grep -v TIME_WAIT' on machine2 after you get the timeout > > connecting to machine2? Is the tcp *.514 LISTEN line missing after > > No, as you can see above. It's possibe to connect from a third machine > to machine2 during the timeout/hang. Hmm, I can't seem to reproduce the inetd service termination any more so that may be a red herring. > > you get the timeout. What do you get in your messages file on > > machine2 (the one running the rsh server)? I suspect that you're > > rshd[83865]: connect second port 927: Operation timed out That is definitely different to what I get, so I guess there is quite a difference between 4.8-STABLE Sun Apr 27 and 4.8-RELEASE in the networking code. I've traced where it fails in the -STABLE code - line 123 of /usr/src/lib/libc/rpc/bindresvport.c (rev 1.12). It's a bind with sin_addr=INADDR_ANY and ports in IP_PORTRANGE_LOW. The kernel "Can't assign requested address" because it probably thinks none are available they're all in TIME_WAIT. Not that that helps you very much. Perhaps -STABLE is slightly better because you get an immediate fail when there are "no" ports and it starts working again when there are. Also if you set net.inet.tcp.msl=300, the connections leave TIME_WAIT a lot sooner and where it would die after about 30 seconds, I haven't yet seen had a failure after several minutes. Ian From owner-freebsd-net@FreeBSD.ORG Thu May 8 13:57:17 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E77B237B401 for ; Thu, 8 May 2003 13:57:17 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id C1C8B43FAF for ; Thu, 8 May 2003 13:57:16 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 67116 invoked from network); 8 May 2003 20:57:16 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 8 May 2003 20:57:16 -0000 X-pair-Authenticated: 209.68.2.70 Date: Thu, 8 May 2003 15:56:58 -0500 (CDT) From: Mike Silbersack To: Lars =?iso-8859-1?Q?K=F6ller?= In-Reply-To: <200305081146.h48BkHP13996@rayadm.hrz.uni-bielefeld.de> Message-ID: <20030508155325.A1103@odysseus.silby.com> References: <200305081146.h48BkHP13996@rayadm.hrz.uni-bielefeld.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=iso-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 20:57:18 -0000 On Thu, 8 May 2003, Lars [iso-8859-1] K=F6ller wrote: > NO,NO! Netstat says nothing about that. Even I tune msl time to go out > of TIME_WAIT very fast (only intranet connection on same switch!). > > The ethereal dump in the PR shown, that an initial communication takes > place, but the final ACK to establish the connection fails! Could you get a tcpdump -v of that problem occuring? I find what your logs are showing hard to believe, there must be something really strange occuring. Can you also show the output of netstat for the ports in question to show what state the sockets on either end are in during that time period? Also, does netstat -s show any counters increasing that talk about listen queue overflows or any packets being dropped? Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Thu May 8 21:44:58 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 89FFC37B401; Thu, 8 May 2003 21:44:58 -0700 (PDT) Received: from silver.he.iki.fi (silver.he.iki.fi [193.64.42.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id C61BC43FA3; Thu, 8 May 2003 21:44:56 -0700 (PDT) (envelope-from pete@he.iki.fi) Received: from he.iki.fi (localhost.he.iki.fi [127.0.0.1]) by silver.he.iki.fi (8.12.9/8.11.4) with ESMTP id h494irk8036955; Fri, 9 May 2003 07:44:54 +0300 (EEST) (envelope-from pete@he.iki.fi) Message-ID: <3EBB3245.50809@he.iki.fi> Date: Fri, 09 May 2003 07:44:53 +0300 From: Petri Helenius User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3) Gecko/20030501 X-Accept-Language: English [en],Finnish [fi] MIME-Version: 1.0 To: freebsd-net@freebsd.org, freebsd-current@freebsd.org Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Subject: 5.1-BETA em X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2003 04:44:58 -0000 I installed 5.0-RELEASE on an X31 IBM laptop and em0 worked. (1.4.x driver) Then I cvsupped -CURRENT two days ago and now the em0 probe only displays: em0: port 0x8000-0x803f mem 0xc0200000-0xc020ffff, 0xc0220000-0xc023ffff irq 11 at device 1.0 on pci2 em0: The EEPROM Checksum Is Not Valid em0: Unable to initialize the hardware The chip is supposedly Intel mobile GE, and the machine has Win XP as dual booth with FreeBSD. Pete From owner-freebsd-net@FreeBSD.ORG Fri May 9 01:36:38 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A9FE37B401 for ; Fri, 9 May 2003 01:36:38 -0700 (PDT) Received: from pasmtp.tele.dk (pasmtp.tele.dk [193.162.159.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE4F743F3F for ; Fri, 9 May 2003 01:36:36 -0700 (PDT) (envelope-from krask@isupport.dk) Received: from pc100 (0x50a3814c.unknown.tele.dk [80.163.129.76]) by pasmtp.tele.dk (Postfix) with SMTP id E7DC7B5CC for ; Fri, 9 May 2003 10:36:34 +0200 (CEST) Message-ID: <001201c31605$3c667120$0a01a8c0@example.org> From: "Kristian Rask" To: Date: Fri, 9 May 2003 10:29:57 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Subject: Problem ver. 2 : VPN using MPD 3.10 on 5.0-R and Win. VPN clients X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2003 08:36:38 -0000 Hi Here's the setup and the logs for the dysfunctional VPN setup [/usr/local/etc/mpd/mpd.conf] default: load pptp pptp: new -i ng0 pptp pptp set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set iface mtu 1350 set bundle enable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set link mtu 1460 set ipcp yes vjcomp set ipcp ranges 192.168.1.1/32 192.168.1.32/27 set ipcp dns 192.168.1.102 set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless set bundle enable crypt-reqd [END] [/usr/local/etc/mpd/mpd.links] pptp: set link type pptp set pptp self a.b.c.d set pptp enable incoming set pptp disable originate [END] [/usr/local/etc/mpd/mpd.secret] someuser "somepass" fixipuser "fixippass" 192.168.1.40 [END] note: a.b.c.d is the public IP of the machine. note: There is no mpd.script as this is a VPN server, not a modem server [/var/log/mpd.log] May 9 10:20:57 dmz4 mpd: mpd: pid 3775, version 3.10 = (root@gohan10.freebsd.org 08:13 3-Jan-2003) May 9 10:20:57 dmz4 mpd: [pptp] ppp node is "mpd3775-pptp" May 9 10:20:57 dmz4 mpd: mpd: local IP address for PPTP is a.b.c.d May 9 10:20:57 dmz4 mpd: [pptp] using interface ng0 May 9 10:21:17 dmz4 mpd: mpd: PPTP connection from a.b.c.e:1046 May 9 10:21:17 dmz4 mpd: pptp0: attached to connection with = a.b.c.e:1046 May 9 10:21:17 dmz4 mpd: [pptp] IFACE: Open event May 9 10:21:17 dmz4 mpd: [pptp] IPCP: Open event May 9 10:21:17 dmz4 mpd: [pptp] IPCP: state change Initial --> Starting May 9 10:21:17 dmz4 mpd: [pptp] IPCP: LayerStart May 9 10:21:17 dmz4 mpd: [pptp] IPCP: Open event May 9 10:21:17 dmz4 mpd: [pptp] bundle: OPEN event in state CLOSED May 9 10:21:17 dmz4 mpd: [pptp] opening link "pptp"... May 9 10:21:17 dmz4 mpd: [pptp] link: OPEN event May 9 10:21:17 dmz4 mpd: [pptp] LCP: Open event May 9 10:21:17 dmz4 mpd: [pptp] LCP: state change Initial --> Starting May 9 10:21:17 dmz4 mpd: [pptp] LCP: LayerStart May 9 10:21:17 dmz4 mpd: [pptp] device: OPEN event in state DOWN May 9 10:21:17 dmz4 mpd: [pptp] attaching to peer's outgoing call May 9 10:21:17 dmz4 mpd: [pptp] device is now in state OPENING May 9 10:21:17 dmz4 mpd: [pptp] device: UP event in state OPENING May 9 10:21:17 dmz4 mpd: [pptp] device is now in state UP May 9 10:21:17 dmz4 mpd: [pptp] link: UP event May 9 10:21:17 dmz4 mpd: [pptp] link: origination is remote May 9 10:21:17 dmz4 mpd: [pptp] LCP: Up event May 9 10:21:17 dmz4 mpd: [pptp] LCP: state change Starting --> Req-Sent May 9 10:21:17 dmz4 mpd: [pptp] LCP: phase shift DEAD --> ESTABLISH May 9 10:21:17 dmz4 mpd: [pptp] LCP: SendConfigReq #1 May 9 10:21:17 dmz4 mpd: ACFCOMP May 9 10:21:17 dmz4 mpd: PROTOCOMP May 9 10:21:17 dmz4 mpd: MRU 1500 May 9 10:21:17 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:17 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:17 dmz4 mpd: MP MRRU 1600 May 9 10:21:17 dmz4 mpd: MP SHORTSEQ May 9 10:21:17 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:17 dmz4 mpd: pptp0-0: ignoring SetLinkInfo May 9 10:21:17 dmz4 mpd: [pptp] LCP: rec'd Configure Request #0 link 0 = (Req-Sent) May 9 10:21:17 dmz4 mpd: MAGICNUM 0bff7dca May 9 10:21:17 dmz4 mpd: PROTOCOMP May 9 10:21:17 dmz4 mpd: ACFCOMP May 9 10:21:17 dmz4 mpd: CALLBACK May 9 10:21:17 dmz4 mpd: Not supported May 9 10:21:17 dmz4 mpd: [pptp] LCP: SendConfigRej #0 May 9 10:21:17 dmz4 mpd: CALLBACK May 9 10:21:19 dmz4 mpd: [pptp] LCP: SendConfigReq #2 May 9 10:21:19 dmz4 mpd: ACFCOMP May 9 10:21:19 dmz4 mpd: PROTOCOMP May 9 10:21:19 dmz4 mpd: MRU 1500 May 9 10:21:19 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:19 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:19 dmz4 mpd: MP MRRU 1600 May 9 10:21:19 dmz4 mpd: MP SHORTSEQ May 9 10:21:19 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:19 dmz4 mpd: [pptp] LCP: rec'd Configure Request #1 link 0 = (Req-Sent) May 9 10:21:19 dmz4 mpd: MAGICNUM 0bff7dca May 9 10:21:19 dmz4 mpd: PROTOCOMP May 9 10:21:19 dmz4 mpd: ACFCOMP May 9 10:21:19 dmz4 mpd: CALLBACK May 9 10:21:19 dmz4 mpd: Not supported May 9 10:21:19 dmz4 mpd: [pptp] LCP: SendConfigRej #1 May 9 10:21:19 dmz4 mpd: CALLBACK May 9 10:21:21 dmz4 mpd: [pptp] LCP: SendConfigReq #3 May 9 10:21:21 dmz4 mpd: ACFCOMP May 9 10:21:21 dmz4 mpd: PROTOCOMP May 9 10:21:21 dmz4 mpd: MRU 1500 May 9 10:21:21 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:21 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:21 dmz4 mpd: MP MRRU 1600 May 9 10:21:21 dmz4 mpd: MP SHORTSEQ May 9 10:21:21 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:22 dmz4 mpd: [pptp] LCP: rec'd Configure Request #2 link 0 = (Req-Sent) May 9 10:21:22 dmz4 mpd: MAGICNUM 0bff7dca May 9 10:21:22 dmz4 mpd: PROTOCOMP May 9 10:21:22 dmz4 mpd: ACFCOMP May 9 10:21:22 dmz4 mpd: CALLBACK May 9 10:21:22 dmz4 mpd: Not supported May 9 10:21:22 dmz4 mpd: [pptp] LCP: SendConfigRej #2 May 9 10:21:22 dmz4 mpd: CALLBACK May 9 10:21:23 dmz4 mpd: [pptp] LCP: SendConfigReq #4 May 9 10:21:23 dmz4 mpd: ACFCOMP May 9 10:21:23 dmz4 mpd: PROTOCOMP May 9 10:21:23 dmz4 mpd: MRU 1500 May 9 10:21:23 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:23 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:23 dmz4 mpd: MP MRRU 1600 May 9 10:21:23 dmz4 mpd: MP SHORTSEQ May 9 10:21:23 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:25 dmz4 mpd: [pptp] LCP: SendConfigReq #5 May 9 10:21:25 dmz4 mpd: ACFCOMP May 9 10:21:25 dmz4 mpd: PROTOCOMP May 9 10:21:25 dmz4 mpd: MRU 1500 May 9 10:21:25 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:25 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:25 dmz4 mpd: MP MRRU 1600 May 9 10:21:25 dmz4 mpd: MP SHORTSEQ May 9 10:21:25 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:26 dmz4 mpd: [pptp] LCP: rec'd Configure Request #3 link 0 = (Req-Sent) May 9 10:21:26 dmz4 mpd: MAGICNUM 0bff7dca May 9 10:21:26 dmz4 mpd: PROTOCOMP May 9 10:21:26 dmz4 mpd: ACFCOMP May 9 10:21:26 dmz4 mpd: CALLBACK May 9 10:21:26 dmz4 mpd: Not supported May 9 10:21:26 dmz4 mpd: [pptp] LCP: SendConfigRej #3 May 9 10:21:26 dmz4 mpd: CALLBACK May 9 10:21:27 dmz4 mpd: [pptp] LCP: SendConfigReq #6 May 9 10:21:27 dmz4 mpd: ACFCOMP May 9 10:21:27 dmz4 mpd: PROTOCOMP May 9 10:21:27 dmz4 mpd: MRU 1500 May 9 10:21:27 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:27 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:27 dmz4 mpd: MP MRRU 1600 May 9 10:21:27 dmz4 mpd: MP SHORTSEQ May 9 10:21:27 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:29 dmz4 mpd: [pptp] LCP: SendConfigReq #7 May 9 10:21:29 dmz4 mpd: ACFCOMP May 9 10:21:29 dmz4 mpd: PROTOCOMP May 9 10:21:29 dmz4 mpd: MRU 1500 May 9 10:21:29 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:29 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:29 dmz4 mpd: MP MRRU 1600 May 9 10:21:29 dmz4 mpd: MP SHORTSEQ May 9 10:21:29 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:30 dmz4 mpd: [pptp] LCP: rec'd Configure Request #4 link 0 = (Req-Sent) May 9 10:21:30 dmz4 mpd: MAGICNUM 0bff7dca May 9 10:21:30 dmz4 mpd: PROTOCOMP May 9 10:21:30 dmz4 mpd: ACFCOMP May 9 10:21:30 dmz4 mpd: CALLBACK May 9 10:21:30 dmz4 mpd: Not supported May 9 10:21:30 dmz4 mpd: [pptp] LCP: SendConfigRej #4 May 9 10:21:30 dmz4 mpd: CALLBACK May 9 10:21:31 dmz4 mpd: [pptp] LCP: SendConfigReq #8 May 9 10:21:31 dmz4 mpd: ACFCOMP May 9 10:21:31 dmz4 mpd: PROTOCOMP May 9 10:21:31 dmz4 mpd: MRU 1500 May 9 10:21:31 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:31 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:31 dmz4 mpd: MP MRRU 1600 May 9 10:21:31 dmz4 mpd: MP SHORTSEQ May 9 10:21:31 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:33 dmz4 mpd: [pptp] LCP: SendConfigReq #9 May 9 10:21:33 dmz4 mpd: ACFCOMP May 9 10:21:33 dmz4 mpd: PROTOCOMP May 9 10:21:33 dmz4 mpd: MRU 1500 May 9 10:21:33 dmz4 mpd: MAGICNUM a5aa6217 May 9 10:21:33 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 May 9 10:21:33 dmz4 mpd: MP MRRU 1600 May 9 10:21:33 dmz4 mpd: MP SHORTSEQ May 9 10:21:33 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 May 9 10:21:34 dmz4 mpd: [pptp] LCP: rec'd Configure Request #5 link 0 = (Req-Sent) May 9 10:21:34 dmz4 mpd: MAGICNUM 0bff7dca May 9 10:21:34 dmz4 mpd: PROTOCOMP May 9 10:21:34 dmz4 mpd: ACFCOMP May 9 10:21:34 dmz4 mpd: CALLBACK May 9 10:21:34 dmz4 mpd: Not supported May 9 10:21:34 dmz4 mpd: [pptp] LCP: not converging May 9 10:21:34 dmz4 mpd: [pptp] LCP: parameter negotiation failed May 9 10:21:34 dmz4 mpd: [pptp] LCP: state change Req-Sent --> Stopped May 9 10:21:34 dmz4 mpd: [pptp] LCP: LayerFinish May 9 10:21:34 dmz4 mpd: [pptp] device: CLOSE event in state UP May 9 10:21:34 dmz4 mpd: pptp0-0: clearing call May 9 10:21:34 dmz4 mpd: pptp0-0: killing channel May 9 10:21:34 dmz4 mpd: [pptp] PPTP call terminated May 9 10:21:34 dmz4 mpd: [pptp] IFACE: Close event May 9 10:21:34 dmz4 mpd: [pptp] IPCP: Close event May 9 10:21:34 dmz4 mpd: [pptp] IPCP: state change Starting --> Initial May 9 10:21:34 dmz4 mpd: [pptp] IPCP: LayerFinish May 9 10:21:34 dmz4 mpd: [pptp] IFACE: Close event May 9 10:21:34 dmz4 mpd: pptp0: closing connection with a.b.c.e:1046 May 9 10:21:34 dmz4 mpd: [pptp] IFACE: Close event May 9 10:21:34 dmz4 mpd: [pptp] device is now in state CLOSING May 9 10:21:34 dmz4 mpd: [pptp] bundle: CLOSE event in state OPENED May 9 10:21:34 dmz4 mpd: [pptp] closing link "pptp"... May 9 10:21:34 dmz4 mpd: [pptp] device: DOWN event in state CLOSING May 9 10:21:34 dmz4 mpd: [pptp] device is now in state DOWN May 9 10:21:34 dmz4 mpd: [pptp] link: CLOSE event May 9 10:21:34 dmz4 mpd: [pptp] LCP: Close event May 9 10:21:34 dmz4 mpd: [pptp] LCP: state change Stopped --> Closed May 9 10:21:34 dmz4 mpd: [pptp] device: DOWN event in state DOWN May 9 10:21:34 dmz4 mpd: [pptp] device is now in state DOWN May 9 10:21:34 dmz4 mpd: [pptp] link: DOWN event May 9 10:21:34 dmz4 mpd: [pptp] LCP: Down event May 9 10:21:34 dmz4 mpd: [pptp] LCP: state change Closed --> Initial May 9 10:21:34 dmz4 mpd: [pptp] LCP: phase shift ESTABLISH --> DEAD May 9 10:21:34 dmz4 mpd: [pptp] link: DOWN event May 9 10:21:34 dmz4 mpd: [pptp] LCP: Down event May 9 10:21:34 dmz4 mpd: pptp0: killing connection with a.b.c.e:1046 [END] note: the a.b.c.e in the last line is another public ip. pointers to working setups, especially ones that documents the exact = clients and parameters.. such as "Windows 2000 sp1, require encryption, = allow chap, etc, etc" would be much appreciated..=20 I have tried google, it contains a lot of supposedly working scripts.. = however they dont work for me.. regards Kristian From owner-freebsd-net@FreeBSD.ORG Fri May 9 02:39:04 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5576F37B401 for ; Fri, 9 May 2003 02:39:04 -0700 (PDT) Received: from jawa.at (jawa.at [213.229.17.146]) by mx1.FreeBSD.org (Postfix) with ESMTP id C663C43FA3 for ; Fri, 9 May 2003 02:39:02 -0700 (PDT) (envelope-from mbretter@jawa.at) Received: from jawa.at (dings.jawa.at [192.168.200.60]) by jawa.at (8.12.6p2/8.12.6) with ESMTP id h499cxFa031018; Fri, 9 May 2003 11:38:59 +0200 (CEST) (envelope-from mbretter@jawa.at) Message-ID: <3EBB7734.7020402@jawa.at> Date: Fri, 09 May 2003 11:39:00 +0200 From: Michael Bretterklieber Organization: JAWA Management Software GmbH User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de-AT; rv:1.3) Gecko/20030312 X-Accept-Language: de, en MIME-Version: 1.0 To: Kristian Rask References: <001201c31605$3c667120$0a01a8c0@example.org> In-Reply-To: <001201c31605$3c667120$0a01a8c0@example.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-milter (http://amavis.org/) X-Spam-Status: No, hits=-25.6 required=5.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MOZILLA_UA version=2.53 X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp) cc: freebsd-net@freebsd.org Subject: Re: Problem ver. 2 : VPN using MPD 3.10 on 5.0-R and Win. VPN clients X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2003 09:39:04 -0000 Hi, Kristian Rask schrieb: > Hi > > May 9 10:21:30 dmz4 mpd: [pptp] LCP: SendConfigRej #4 > May 9 10:21:30 dmz4 mpd: CALLBACK > May 9 10:21:31 dmz4 mpd: [pptp] LCP: SendConfigReq #8 > May 9 10:21:31 dmz4 mpd: ACFCOMP > May 9 10:21:31 dmz4 mpd: PROTOCOMP > May 9 10:21:31 dmz4 mpd: MRU 1500 > May 9 10:21:31 dmz4 mpd: MAGICNUM a5aa6217 > May 9 10:21:31 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 > May 9 10:21:31 dmz4 mpd: MP MRRU 1600 > May 9 10:21:31 dmz4 mpd: MP SHORTSEQ > May 9 10:21:31 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 > May 9 10:21:33 dmz4 mpd: [pptp] LCP: SendConfigReq #9 > May 9 10:21:33 dmz4 mpd: ACFCOMP > May 9 10:21:33 dmz4 mpd: PROTOCOMP > May 9 10:21:33 dmz4 mpd: MRU 1500 > May 9 10:21:33 dmz4 mpd: MAGICNUM a5aa6217 > May 9 10:21:33 dmz4 mpd: AUTHPROTO CHAP MSOFTv2 > May 9 10:21:33 dmz4 mpd: MP MRRU 1600 > May 9 10:21:33 dmz4 mpd: MP SHORTSEQ > May 9 10:21:33 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2 > May 9 10:21:34 dmz4 mpd: [pptp] LCP: rec'd Configure Request #5 link 0 (Req-Sent) > May 9 10:21:34 dmz4 mpd: MAGICNUM 0bff7dca > May 9 10:21:34 dmz4 mpd: PROTOCOMP > May 9 10:21:34 dmz4 mpd: ACFCOMP > May 9 10:21:34 dmz4 mpd: CALLBACK > May 9 10:21:34 dmz4 mpd: Not supported > May 9 10:21:34 dmz4 mpd: [pptp] LCP: not converging it looks like that the peer insists on CALLBACK. a wild guess: Is your windows 2000 client member of a windows-domain (ActiveDirectory)? If yes, has the user you are logged in into the windows 2000 box the callback option set in the user-settings in the active directory? bye, -- ------------------------------- ---------------------------------- Michael Bretterklieber - http://www.bretterklieber.com JAWA Management Software GmbH - http://www.jawa.at Tel: ++43-(0)316-403274-12 - GSM: ++43-(0)676-84 03 15 712 ------------------------------- ---------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 From owner-freebsd-net@FreeBSD.ORG Fri May 9 05:23:39 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A612037B401; Fri, 9 May 2003 05:23:39 -0700 (PDT) Received: from mail.uni-bielefeld.de (mail2.uni-bielefeld.de [129.70.4.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 52EB343FBD; Fri, 9 May 2003 05:23:36 -0700 (PDT) (envelope-from lars.koeller@uni-bielefeld.de) Received: from rayadm.hrz.uni-bielefeld.de (RAYADM.hrz.uni-bielefeld.de [129.70.202.15]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0HEM00ILID0ZBW@mail.uni-bielefeld.de>; Fri, 9 May 2003 14:22:20 +0200 (MET DST) Received: from rayadm.hrz.uni-bielefeld.de (lkoeller@localhost) h49CM9j29360; Fri, 09 May 2003 14:22:10 +0200 (MEST) Date: Fri, 09 May 2003 14:22:09 +0200 From: Lars =?iso-8859-1?Q?K=F6ller?= X-Face: eCcoCV}FjV*O{6>[1$XP/e%]TJhEw2MF33dFh)^HM7Gfd=[/(4+0a$~ "of Thu, 08 May 2003 15:56:58 CDT." <20030508155325.A1103@odysseus.silby.com> Sender: lars.koeller@uni-bielefeld.de To: Mike Silbersack , mark tinguely Message-id: <200305091222.h49CM9j29360@rayadm.hrz.uni-bielefeld.de> MIME-version: 1.0 X-Mailer: exmh version 2.6.1 02/18/2003 with nmh-1.0.4 Content-type: MULTIPART/MIXED; BOUNDARY="Boundary_(ID_XuLPbd9RjP+esBa2DGboOg)" X-Content-Filtered-By: Mailman/MimeDel 2.1.1 cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org cc: Lars =?iso-8859-1?Q?K=F6ller?= Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2003 12:23:40 -0000 This is a multipart MIME message. --Boundary_(ID_XuLPbd9RjP+esBa2DGboOg) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: quoted-printable ---------- Dear experts, first of all thanks for the help. However the problem is not solved. Attaches are the tcpdum od machine1 (rsh-Client) and machin2 (rshd). Both are FreeBSD4.8-RELEASE. In reply to Mike Silbersack who wrote: = > = > On Thu, 8 May 2003, Lars [iso-8859-1] K=F6ller wrote: > = > > NO,NO! Netstat says nothing about that. Even I tune msl time to go ou= t > > of TIME_WAIT very fast (only intranet connection on same switch!). > > > > The ethereal dump in the PR shown, that an initial communication take= s > > place, but the final ACK to establish the connection fails! > = > Could you get a tcpdump -v of that problem occuring? I find what your > logs are showing hard to believe, there must be something really strang= e > occuring. Can you also show the output of netstat for the ports in > question to show what state the sockets on either end are in during tha= t > time period? > = > Also, does netstat -s show any counters increasing that talk about list= en > queue overflows or any packets being dropped? No, they are always 0. Here are the netstat during the hang of machine1(rsh): 75148 : netstat -an Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state= ) tcp4 0 0 *.961 *.* LISTEN= tcp4 0 0 129.70.4.48.962 129.70.4.44.514 ESTABL= ISHED tcp4 0 0 129.70.4.48.6100 129.70.4.48.1588 ESTABL= ISHED tcp4 0 0 129.70.4.48.1588 129.70.4.48.6100 ESTABL= ISHED tcp4 0 0 129.70.4.48.6100 129.70.4.48.1587 ESTABL= ISHED tcp4 0 0 129.70.4.48.1587 129.70.4.48.6100 ESTABL= ISHED tcp4 0 0 129.70.4.48.6100 129.70.4.48.1586 ESTABL= ISHED tcp4 0 20 129.70.4.48.1586 129.70.4.48.6100 ESTABL= ISHED tcp4 0 0 129.70.4.48.22 129.70.4.48.1585 ESTABL= ISHED tcp4 0 0 129.70.4.48.1585 129.70.4.48.22 ESTABL= ISHED tcp4 0 0 129.70.4.48.6100 129.70.4.48.1025 ESTABL= ISHED tcp4 0 0 129.70.4.48.1025 129.70.4.48.6100 ESTABL= ISHED tcp4 0 0 129.70.4.48.6100 129.70.4.48.1024 ESTABL= ISHED tcp4 0 0 129.70.4.48.1024 129.70.4.48.6100 ESTABL= ISHED tcp4 0 0 *.6100 *.* LISTEN= tcp4 0 68 129.70.4.48.22 129.70.202.15.43763 ESTABL= ISHED tcp4 0 0 *.587 *.* LISTEN= tcp4 0 0 *.25 *.* LISTEN= tcp4 0 0 *.22 *.* LISTEN= tcp4 0 0 *.515 *.* LISTEN= tcp4 0 0 *.514 *.* LISTEN= tcp4 0 0 *.1022 *.* LISTEN= tcp4 0 0 *.2049 *.* LISTEN= tcp4 0 0 *.1023 *.* LISTEN= tcp4 0 0 *.111 *.* LISTEN= udp4 0 0 *.1011 *.* = udp4 0 0 *.2049 *.* = udp4 0 0 *.1023 *.* = udp4 0 0 *.111 *.* = udp4 0 0 127.0.0.1.123 *.* = udp4 0 0 129.70.4.48.123 *.* = udp4 0 0 *.123 *.* = udp4 0 0 *.514 *.* = Active UNIX domain sockets Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr e1e6d320 stream 0 0 0 e1e6d640 0 0 e1e6d640 stream 0 0 0 e1e6d320 0 0 e1e6d5a0 stream 0 0 0 e1e6d280 0 0 e1e6d280 stream 0 0 0 e1e6d5a0 0 0 e1e6daa0 stream 0 0 e206a740 0 0 0 /var/ru= n/sophie e1e6d780 stream 0 0 0 e1e6d820 0 0 e1e6d820 stream 0 0 0 e1e6d780 0 0 e1e6d960 stream 0 0 0 e1e6d8c0 0 0 e1e6d8c0 stream 0 0 0 e1e6d960 0 0 e1e6dd20 stream 0 0 e1ea69c0 0 0 0 /var/ru= n/printer e1e6db40 dgram 0 0 0 e1e4ef00 0 e1e6dbe0 e1e6dbe0 dgram 0 0 0 e1e4ef00 0 e1e6dc80 e1e6dc80 dgram 0 0 0 e1e4ef00 0 e1e6ddc0 e1e6ddc0 dgram 0 0 0 e1e4ef00 0 e1e6de60 e1e6de60 dgram 0 0 0 e1e4ef00 0 e1e6df00 e1e6df00 dgram 0 0 0 e1e4ef00 0 0 e1e4ef00 dgram 0 0 e1e4b880 0 e1e6db40 0 /var/ru= n/log netstat of machine2 (rshd): 74977 : netstat -an Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state= ) tcp4 0 0 129.70.4.44.623 129.70.4.48.961 SYN_SE= NT tcp4 0 0 129.70.4.44.514 129.70.4.48.962 ESTABL= ISHED tcp4 0 0 129.70.4.44.6100 129.70.4.44.1432 ESTABL= ISHED tcp4 0 0 129.70.4.44.1432 129.70.4.44.6100 ESTABL= ISHED tcp4 0 0 129.70.4.44.6100 129.70.4.44.1431 ESTABL= ISHED tcp4 0 0 129.70.4.44.1431 129.70.4.44.6100 ESTABL= ISHED tcp4 0 0 129.70.4.44.6100 129.70.4.44.4805 ESTABL= ISHED tcp4 0 20 129.70.4.44.4805 129.70.4.44.6100 ESTABL= ISHED tcp4 0 0 *.6100 *.* LISTEN= tcp4 0 68 129.70.4.44.22 129.70.202.15.34461 ESTABL= ISHED tcp4 0 0 *.587 *.* LISTEN= tcp4 0 0 *.25 *.* LISTEN= tcp4 0 0 *.514 *.* LISTEN= tcp4 0 0 *.22 *.* LISTEN= tcp4 0 0 *.515 *.* LISTEN= udp4 0 0 127.0.0.1.123 *.* = udp4 0 0 129.70.4.44.123 *.* = udp4 0 0 *.123 *.* = udp4 0 0 *.514 *.* = udp4 0 0 129.70.4.44.1019 129.70.4.48.2049 = Active UNIX domain sockets Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr e1e6ea00 stream 0 0 0 0 0 0 e1e6e820 stream 0 0 0 0 0 0 e1e6eb40 stream 0 0 e2262840 0 0 0 /var/ru= n/sophie e1e6eaa0 stream 0 0 0 e1e6e6e0 0 0 e1e6e6e0 stream 0 0 0 e1e6eaa0 0 0 e1e6e640 stream 0 0 0 e1e6e780 0 0 e1e6e780 stream 0 0 0 e1e6e640 0 0 e1e6edc0 stream 0 0 e1e82e40 0 0 0 /var/ru= n/printer e1e6ed20 dgram 0 0 0 e1e4ff00 0 e1e6ebe0 e1e6ebe0 dgram 0 0 0 e1e4ff00 0 e1e6ec80 e1e6ec80 dgram 0 0 0 e1e4ff00 0 e1e6ee60 e1e6ee60 dgram 0 0 0 e1e4ff00 0 e1e6ef00 e1e6ef00 dgram 0 0 0 e1e4ff00 0 0 e1e4ff00 dgram 0 0 e1e49e00 0 e1e6ed20 0 /var/ru= n/log Best regards Lars -- = E-Mail: Lars.Koeller@Uni-Bielefeld.DE \ Lars K=F6ller lkoeller@FreeBSD.org \ CC University of PGP: http://www.uk.pgp.net/pgpnet/wwwkeys.html \ Bielefeld, Germany = Key-ID: A430D499 \ Tel: +49 521 106 4964 ----------- FreeBSD, what else? ---- http://www.freebsd.org -------------= --Boundary_(ID_XuLPbd9RjP+esBa2DGboOg)-- From owner-freebsd-net@FreeBSD.ORG Fri May 9 07:14:43 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9FC7D37B401 for ; Fri, 9 May 2003 07:14:43 -0700 (PDT) Received: from bluhayz.homeunix.org (ip68-106-103-50.nv.nv.cox.net [68.106.103.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id D182B43F85 for ; Fri, 9 May 2003 07:14:42 -0700 (PDT) (envelope-from dero@bluhayz.homeunix.org) Received: from bluhayz.homeunix.org (localhost.homeunix.org [127.0.0.1]) by bluhayz.homeunix.org (8.12.8p1/8.12.8) with ESMTP id h49EFrAb001572 for ; Fri, 9 May 2003 10:15:54 -0400 (EDT) (envelope-from dero@bluhayz.homeunix.org) Received: (from nobody@localhost) by bluhayz.homeunix.org (8.12.8p1/8.12.8/Submit) id h49EFrXp001571; Fri, 9 May 2003 10:15:53 -0400 (EDT) X-Authentication-Warning: bluhayz.homeunix.org: nobody set sender to dero@bluhayz.homeunix.org using -f Received: from 172.181.44.146 (SquirrelMail authenticated user dero) by bluhayz.homeunix.org with HTTP; Fri, 9 May 2003 10:15:52 -0400 (EDT) Message-ID: <4684.172.181.44.146.1052489752.squirrel@bluhayz.homeunix.org> In-Reply-To: <20030508190122.AA1C737B401@hub.freebsd.org> References: <20030508190122.AA1C737B401@hub.freebsd.org> Date: Fri, 9 May 2003 10:15:52 -0400 (EDT) From: "agent dero" To: freebsd-net@freebsd.org User-Agent: SquirrelMail/1.4.0 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 Importance: Normal Subject: Re: freebsd-net Digest, Vol 7, Issue 4 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2003 14:14:43 -0000 This is a small, unimportant question. But is anybody familiar with a POP3 mailbox server that has a similar context to apache, with virtual hosts and whatnot. I mean, or something that allows for multiple domains to be served from one IP address. So dero@userx.com and dero@usery.com are completely different mailboxes etc. thanks a lot! From owner-freebsd-net@FreeBSD.ORG Fri May 9 07:24:15 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6716537B401; Fri, 9 May 2003 07:24:15 -0700 (PDT) Received: from web.cs.ndsu.nodak.edu (web.cs.ndsu.NoDak.edu [134.129.125.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86AB443FBD; Fri, 9 May 2003 07:24:14 -0700 (PDT) (envelope-from tinguely@web.cs.ndsu.nodak.edu) Received: from web.cs.ndsu.nodak.edu (localhost [127.0.0.1]) by web.cs.ndsu.nodak.edu (8.12.9/8.11.4) with ESMTP id h49EODWr022226; Fri, 9 May 2003 09:24:13 -0500 (CDT) (envelope-from tinguely@web.cs.ndsu.nodak.edu) Received: (from tinguely@localhost) by web.cs.ndsu.nodak.edu (8.12.9/8.12.8/Submit) id h49EOCVe022225; Fri, 9 May 2003 09:24:12 -0500 (CDT) (envelope-from tinguely) Date: Fri, 9 May 2003 09:24:12 -0500 (CDT) From: mark tinguely Message-Id: <200305091424.h49EOCVe022225@web.cs.ndsu.nodak.edu> To: Lars.Koeller@uni-bielefeld.de, silby@silby.com, tinguely@web.cs.ndsu.nodak.edu In-Reply-To: <200305091222.h49CM9j29360@rayadm.hrz.uni-bielefeld.de> cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2003 14:24:15 -0000 It is interesting that your original problem report bin/51586 has problem with the same port (623) that is giving problems in this trace.: machine1 trace: 14:13:08.046004 vscan1.623 > odie.961: S 3379784543:3379784543(0) 14:13:08.046030 odie.961 > vscan1.623: S 2648818122:2648818122(0) ack 3379784544 (missing tcpdump entry of a SYN from vscan?) 14:13:11.038115 odie.961 > vscan1.623: S 2648818122:2648818122(0) ack 3379784544 14:13:11.044130 vscan1.623 > odie.961: S 3379784543:3379784543(0) 14:13:11.044147 odie.961 > vscan1.623: S 2648818122:2648818122(0) ack 3379784544 14:13:14.244139 vscan1.623 > odie.961: S 3379784543:3379784543(0) 14:13:14.244163 odie.961 > vscan1.623: S 2648818122:2648818122(0) ack 3379784544 and so on machine2 trace: 14:13:08.047366 vscan1623 > odie.961: S 3379784543:3379784543(0) 14:13:11.045502 vscan1623 > odie.961: S 3379784543:3379784543(0) 14:13:14.245542 vscan1623 > odie.961: S 3379784543:3379784543(0) and so on could there be something in your network that is eatting the port 623 packets? I would suggest crafting a connection from vscan1 port 623 to a port on odie and see if it can connect. A network analyzer or tcpdump from machine on the networks that vscan1 and odie are locate upon to see if the traffic made it over the router/switch/hub that is between these two devices. --Mark Tinguely. From owner-freebsd-net@FreeBSD.ORG Fri May 9 07:31:07 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 13A4E37B401 for ; Fri, 9 May 2003 07:31:07 -0700 (PDT) Received: from server2.stileproject.com (server2-a.dragondata.com [64.202.112.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9BACE43F3F for ; Fri, 9 May 2003 07:31:05 -0700 (PDT) (envelope-from toasty@dragondata.com) Received: from KEVIN-AW.dragondata.com (localhost [127.0.0.1]) h44JKeZ8059412 for ; Sun, 4 May 2003 14:20:40 -0500 (CDT) (envelope-from toasty@dragondata.com) Message-Id: <5.2.0.9.2.20030504141435.0385ed58@127.0.0.1> X-Sender: toasty@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Sun, 04 May 2003 14:19:34 -0500 To: freebsd-net@freebsd.org From: Kevin Day Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by amavisd-new Subject: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2003 14:31:07 -0000 I've got a FreeBSD system acting as a router, it's passing 250-600mbps of traffic through it most of the time. Yesterday it was running 4.6-RELEASE without polling. I've upgraded it to 4.8 and enabled polling. Before it was showing 30-50% CPU use in interrupt and system combined. Now it's showing 0-1% (99% idle). Is this because it's polling in the idle loop, and time spent doing this isn't getting accounted for anywhere, or is polling THAT much more efficient? If it's the former, is it supposed to work this way? Now I've got no clear way of knowing how busy the system is. (It's just routing packets, really nothing more) -- Kevin From owner-freebsd-net@FreeBSD.ORG Fri May 9 08:28:03 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E6FAB37B404 for ; Fri, 9 May 2003 08:28:03 -0700 (PDT) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 8E00C43F3F for ; Fri, 9 May 2003 08:28:02 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 72402 invoked from network); 9 May 2003 15:28:01 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 9 May 2003 15:28:01 -0000 X-pair-Authenticated: 209.68.2.70 Date: Fri, 9 May 2003 10:27:40 -0500 (CDT) From: Mike Silbersack To: mark tinguely In-Reply-To: <200305091424.h49EOCVe022225@web.cs.ndsu.nodak.edu> Message-ID: <20030509102446.U3984@odysseus.silby.com> References: <200305091424.h49EOCVe022225@web.cs.ndsu.nodak.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org cc: Lars.Koeller@uni-bielefeld.de Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 May 2003 15:28:04 -0000 On Fri, 9 May 2003, mark tinguely wrote: > could there be something in your network that is eatting the port 623 > packets? I would suggest crafting a connection from vscan1 port 623 > to a port on odie and see if it can connect. > > A network analyzer or tcpdump from machine on the networks that > vscan1 and odie are locate upon to see if the traffic made it over > the router/switch/hub that is between these two devices. > > --Mark Tinguely. I agree completely, this is why I asked for tcpdumps on both ends. I can't figure out why 623 would be special in any way, so it must be a firewall or packet filter interfering. If it's not, something _really_ weird is going on! Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Fri May 9 21:16:17 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0AFDF37B401 for ; Fri, 9 May 2003 21:16:17 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 98D7943FB1 for ; Fri, 9 May 2003 21:16:15 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from katana.zip.com.au (katana.zip.com.au [61.8.7.246]) by mailman.zeta.org.au (8.9.3p2/8.8.7) with ESMTP id OAA22274; Sat, 10 May 2003 14:16:01 +1000 Date: Sat, 10 May 2003 14:15:59 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Kevin Day In-Reply-To: <5.2.0.9.2.20030504141435.0385ed58@127.0.0.1> Message-ID: <20030510133635.C2849@gamplex.bde.org> References: <5.2.0.9.2.20030504141435.0385ed58@127.0.0.1> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 May 2003 04:16:17 -0000 On Sun, 4 May 2003, Kevin Day wrote: > I've got a FreeBSD system acting as a router, it's passing 250-600mbps of > traffic through it most of the time. > > Yesterday it was running 4.6-RELEASE without polling. I've upgraded it to > 4.8 and enabled polling. Before it was showing 30-50% CPU use in interrupt > and system combined. Now it's showing 0-1% (99% idle). > > Is this because it's polling in the idle loop, and time spent doing this > isn't getting accounted for anywhere, or is polling THAT much more efficient? > > If it's the former, is it supposed to work this way? Now I've got no clear > way of knowing how busy the system is. (It's just routing packets, really > nothing more) The former. It's hard for it to work better without wasting too many cycles for the accounting. In RELENG_4, everything done in the "idle" loop is counted as idle time using the single counter cp_time[CP_IDLE]. This is very efficient. This is "fixed" in -current by wasting too many cycles for the accounting. -current can't do anything that might block on a mutex in its pure idle routine. This means that it can do very little in its pure idle routine, since even polling-like things that don't want to block tend to need mutexes for synchronization. So -current uses idle priority kernel threads instead of the idle loop for polling. Since all threads are heavyweight, normal accounting for threads (processes) gives their CPU usage very accurately for "free" (once you have paid for their weight). Context switching and accounting for even idle priority threads isn't free even if there is idle time to spare, since the time to switch back to non-idle priority threads is taken from non-idle time. Hack for getting more useful idle time statistics in RELENG_4: - in the idle loop, set a flag while calling _idle_poll and _vm_page_zero_idle. - in hardclock(), bump cp_time[CP_SYS] instead of cp_time[CP_IDLE] when the flag is set. A new counter would give more detail but wouldn't be reported automatically by utilities. Bruce From owner-freebsd-net@FreeBSD.ORG Sat May 10 10:18:26 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4271C37B401; Sat, 10 May 2003 10:18:26 -0700 (PDT) Received: from mta5.snfc21.pbi.net (mta5.snfc21.pbi.net [206.13.28.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id B052B43FDF; Sat, 10 May 2003 10:18:25 -0700 (PDT) (envelope-from hsu@FreeBSD.org) Received: from FreeBSD.org ([63.193.112.125]) by mta5.snfc21.pbi.net (iPlanet Messaging Server 5.1 HotFix 1.6 (built Oct 18 2002)) with ESMTP id <0HEO00C7SLEPTC@mta5.snfc21.pbi.net>; Sat, 10 May 2003 10:18:25 -0700 (PDT) Date: Sat, 10 May 2003 10:31:57 -0700 From: Jeffrey Hsu In-reply-to: Message from Mike Silbersack "of Fri, 09 May 2003 10:27:40 CDT." <20030509102446.U3984@odysseus.silby.com> To: Mike Silbersack , mark tinguely Message-id: <0HEO00C7TLEPTC@mta5.snfc21.pbi.net> MIME-version: 1.0 X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT cc: freebsd-net@freebsd.org cc: freebsd-questions@freebsd.org cc: Lars.Koeller@uni-bielefeld.de Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 May 2003 17:18:26 -0000 This has all the signs of a bug in rsh or one of the libraries it uses. I asked Lars to try it with ssh instead and he reports that it works with ssh. We should probably concentrate our search on rsh code. Jeffrey From owner-freebsd-net@FreeBSD.ORG Sat May 10 10:48:37 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F27037B401; Sat, 10 May 2003 10:48:37 -0700 (PDT) Received: from web.cs.ndsu.nodak.edu (web.cs.ndsu.NoDak.edu [134.129.125.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id CA2D943FE1; Sat, 10 May 2003 10:48:36 -0700 (PDT) (envelope-from tinguely@web.cs.ndsu.nodak.edu) Received: from web.cs.ndsu.nodak.edu (localhost [127.0.0.1]) by web.cs.ndsu.nodak.edu (8.12.9/8.11.4) with ESMTP id h4AHmZWr031719; Sat, 10 May 2003 12:48:35 -0500 (CDT) (envelope-from tinguely@web.cs.ndsu.nodak.edu) Received: (from tinguely@localhost) by web.cs.ndsu.nodak.edu (8.12.9/8.12.8/Submit) id h4AHmZY5031718; Sat, 10 May 2003 12:48:35 -0500 (CDT) (envelope-from tinguely) Date: Sat, 10 May 2003 12:48:35 -0500 (CDT) From: mark tinguely Message-Id: <200305101748.h4AHmZY5031718@web.cs.ndsu.nodak.edu> To: hsu@FreeBSD.org, silby@silby.com, tinguely@web.cs.ndsu.nodak.edu In-Reply-To: <0HEO00C7TLEPTC@mta5.snfc21.pbi.net> cc: freebsd-net@FreeBSD.org cc: freebsd-questions@FreeBSD.org cc: Lars.Koeller@uni-bielefeld.de Subject: Re: Please, Urgent: Need ideas/help to solve PR bin/51586 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 May 2003 17:48:37 -0000 > This has all the signs of a bug in rsh or one of the libraries it > uses. I asked Lars to try it with ssh instead and he reports that > it works with ssh. We should probably concentrate our search on rsh > code. ssh will not create second connection, nor will the local port be a restricted port (especially port 623). We can see the vscan1 host make an attempt to respond to the remote machine using local port 623 but that packet does not make it to the other machine. Either something happens to that packet after it goes through the BPF (ie, the interface transmission part of the device driver), or somewhere in the network. That is why I suggest another host on the same network as one of the other machines or a protocol analyzer on the network to see if that packet make it through the network. W. Richard Steven has sample networking programs that can be used if he does not want to write one (sock from TCP Illustrated Vol 1 comes to mind http://www.kohala.com/start/unpv12e/unpv12e.tar.gz). --Mark Tinguely From owner-freebsd-net@FreeBSD.ORG Sat May 10 13:01:14 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CE55237B401 for ; Sat, 10 May 2003 13:01:14 -0700 (PDT) Received: from lakecmmtar01.coxmail.com (lakecmmtar01.coxmail.com [68.99.120.48]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD3AD43FCB for ; Sat, 10 May 2003 13:01:13 -0700 (PDT) (envelope-from steve@freeslacker.net) Received: from lakecmmtab02 ([68.99.120.42]) by lakecmmtar01.coxmail.com (InterMail vM.5.01.04.05 201-253-122-122-105-20011231) with SMTP id <20030510200112.BEHA1278.lakecmmtar01.coxmail.com@lakecmmtab02> for ; Sat, 10 May 2003 16:01:12 -0400 From: To: freebsd-net@freebsd.org Date: Sat, 10 May 2003 13:01:09 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20030510200112.BEHA1278.lakecmmtar01.coxmail.com@lakecmmtab02> Subject: mult public conn/mult private conn routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 May 2003 20:01:15 -0000 Hello, I am having a problem with setting up a box I just built for the dedicated purpose of being a freebsd router. Below is a diagram describing my physical setup: ISP conn #1 ISP conn #2 | | \ 68.x.x.x/26 24.x.x.x/26 / -----------------_____------------------- fxp0| |fxp1 | | em0| ____|em1 / \ 192.168.0.1/24____| |_____192.168.100.1/24 fxp0 is 3.2Mb/s down 256Kbp/s up and will be used by all normal hosts on em0 fxp1 is 3.2Mb/s down 450Kbp/s up and will be used by servers on em1 What I want to achieve is having all outbound traffic from em0 (192.168.0.1/24) use fxp0, and all outbound traffic from em1 (192.168.100.1/24) use fxp1. em0 and em1 should be able to talk to each other. The problem is that since defaultrouter="68.x.x.x" is specified in /etc/rc.conf all traffic gets routed out through fxp0. Also, since natd_interface="fxp0" is specified, all packets are nat'ed from either em0 or em1 through fxp0. Is it possible to have natd on both fxp0 *and* fxp1 (i tried putting both natd_interface="fxp0" and natd_interface="fxp1" in /etc/rc.conf but this did not work)? Once a packet gets routed to fxp1, it just times out since the default route is atached to only fxp0. I've read up on routed and ipfw, but do not see a way to tell fxp0 to use defaultrouter A, and tell fxp1 to use defaultrouter B. Do I have to run a routing daemon for this? (examples/suggestions would be appreciated) Any ideas? Steve Stremciuc From owner-freebsd-net@FreeBSD.ORG Sat May 10 16:52:34 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1579F37B401 for ; Sat, 10 May 2003 16:52:34 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6408E43FDD for ; Sat, 10 May 2003 16:52:33 -0700 (PDT) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Sat, 10 May 2003 19:52:32 -0400 Message-ID: From: Don Bowman To: 'Bruce Evans' , Kevin Day Date: Sat, 10 May 2003 19:52:31 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" cc: freebsd-net@freebsd.org Subject: RE: polling(4) and idle time/cpu usage percentages X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 May 2003 23:52:34 -0000 From: Bruce Evans [mailto:bde@zeta.org.au] > On Sun, 4 May 2003, Kevin Day wrote: > > > I've got a FreeBSD system acting as a router, it's passing > 250-600mbps of > > traffic through it most of the time. > > > > Yesterday it was running 4.6-RELEASE without polling. I've > upgraded it to > > 4.8 and enabled polling. Before it was showing 30-50% CPU > use in interrupt > > and system combined. Now it's showing 0-1% (99% idle). > > > > Is this because it's polling in the idle loop, and time > spent doing this > > isn't getting accounted for anywhere, or is polling THAT > much more efficient? > > > > If it's the former, is it supposed to work this way? Now > I've got no clear > > way of knowing how busy the system is. (It's just routing > packets, really > > nothing more) > > The former. It's hard for it to work better without wasting too many > cycles for the accounting. In RELENG_4, everything done in the "idle" > loop is counted as idle time using the single counter > cp_time[CP_IDLE]. > This is very efficient. I tried this on my system, but I still end up with 0 system time. Does the machdep.cpu_idle_hlt=1 have any affect on this? I'm passing 1Gbps each way through a bridge (e.g. 1Gbps in and 1Gbps out each of 2 interfaces), and I have 88.4% idle. This is admittedly on a pretty fast processor, a 2x2.8GHz XEON.