From owner-freebsd-net@FreeBSD.ORG Sun Jul 13 17:11:00 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BC58F106566B; Sun, 13 Jul 2008 17:11:00 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 83C6D8FC13; Sun, 13 Jul 2008 17:11:00 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from freefall.freebsd.org (gavin@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m6DHB0ow082664; Sun, 13 Jul 2008 17:11:00 GMT (envelope-from gavin@freefall.freebsd.org) Received: (from gavin@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m6DHB0ni082660; Sun, 13 Jul 2008 17:11:00 GMT (envelope-from gavin) Date: Sun, 13 Jul 2008 17:11:00 GMT Message-Id: <200807131711.m6DHB0ni082660@freefall.freebsd.org> To: onemda@gmail.com, gavin@FreeBSD.org, gavin@FreeBSD.org, freebsd-net@FreeBSD.org From: gavin@FreeBSD.org Cc: Subject: Re: kern/125181: [ndis] [patch] with wep enters kdb.enter.unknown, panics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jul 2008 17:11:00 -0000 Old Synopsis: [ndis] with wep enters kdb.enter.unknown, panics New Synopsis: [ndis] [patch] with wep enters kdb.enter.unknown, panics State-Changed-From-To: feedback->open State-Changed-By: gavin State-Changed-When: Sun Jul 13 17:06:03 UTC 2008 State-Changed-Why: Over to maintainers for evaluation Responsible-Changed-From-To: gavin->freebsd-net Responsible-Changed-By: gavin Responsible-Changed-When: Sun Jul 13 17:06:03 UTC 2008 Responsible-Changed-Why: Submitter reports my patch fixes things for him http://www.freebsd.org/cgi/query-pr.cgi?pr=125181 From owner-freebsd-net@FreeBSD.ORG Mon Jul 14 11:07:02 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4C161065670 for ; Mon, 14 Jul 2008 11:07:02 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id AE77D8FC2C for ; Mon, 14 Jul 2008 11:07:02 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m6EB72eD014494 for ; Mon, 14 Jul 2008 11:07:02 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m6EB72wk014490 for freebsd-net@FreeBSD.org; Mon, 14 Jul 2008 11:07:02 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 14 Jul 2008 11:07:02 GMT Message-Id: <200807141107.m6EB72wk014490@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-net@FreeBSD.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 11:07:02 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/27474 net [ipf] [ppp] Interactive use of user PPP and ipfilter c o kern/35442 net [sis] [patch] Problem transmitting runts in if_sis dri a kern/38554 net changing interface ipaddress doesn't seem to work s kern/39937 net ipstealth issue s kern/77195 net [ipf] [patch] ipfilter ioctl SIOCGNATL does not match o kern/79895 net [ipf] 5.4-RC2 breaks ipfilter NAT when using netgraph s kern/81147 net [net] [patch] em0 reinitialization while adding aliase o kern/86103 net [ipf] Illegal NAT Traversal in IPFilter s kern/86920 net [ndis] ifconfig: SIOCS80211: Invalid argument [regress o kern/87521 net [ipf] [panic] using ipfilter "auth" keyword leads to k o kern/92090 net [bge] bge0: watchdog timeout -- resetting f kern/92552 net A serious bug in most network drivers from 5.X to 6.X o kern/95288 net [pppd] [tty] [panic] if_ppp panic in sys/kern/tty_subr o kern/98978 net [ipf] [patch] ipfilter drops OOW packets under 6.1-Rel o kern/101948 net [ipf] [panic] Kernel Panic Trap No 12 Page Fault - cau f kern/102344 net [ipf] Some packets do not pass through network interfa o bin/105925 net problems with ifconfig(8) and vlan(4) [regression] s kern/105943 net Network stack may modify read-only mbuf chain copies o kern/106316 net [dummynet] dummynet with multipass ipfw drops packets o kern/106438 net [ipf] ipfilter: keep state does not seem to allow repl o kern/108542 net [bce]: Huge network latencies with 6.2-RELEASE / STABL o bin/108895 net pppd(8): PPPoE dead connections on 6.2 [regression] o kern/109308 net [pppd] [panic] Multiple panics kernel ppp suspected [r o kern/109733 net [bge] bge link state issues [regression] o kern/112528 net [nfs] NFS over TCP under load hangs with "impossible p o kern/112686 net [patm] patm driver freezes System (FreeBSD 6.2-p4) i38 o kern/112722 net [udp] IP v4 udp fragmented packet reject o kern/113842 net [ip6] PF_INET6 proto domain state can't be cleared wit o kern/114714 net [gre][patch] gre(4) is not MPSAFE and does not support o kern/114839 net [fxp] fxp looses ability to speak with traffic o kern/115239 net [ipnat] panic with 'kmem_map too small' using ipnat o kern/116077 net [ip] [patch] 6.2-STABLE panic during use of multi-cast o kern/116185 net [iwi] if_iwi driver leads system to reboot o kern/116328 net [bge]: Solid hang with bge interface o kern/116747 net [ndis] FreeBSD 7.0-CURRENT crash with Dell TrueMobile o kern/116837 net [tun] [panic] [patch] ifconfig tunX destroy: panic o kern/117043 net [em] Intel PWLA8492MT Dual-Port Network adapter EEPROM o kern/117271 net [tap] OpenVPN TAP uses 99% CPU on releng_6 when if_tap o kern/117423 net [vlan] Duplicate IP on different interfaces o kern/117448 net [carp] 6.2 kernel crash [regression] o kern/118880 net [ip6] IP_RECVDSTADDR & IP_SENDSRCADDR not implemented o kern/119225 net [wi] 7.0-RC1 no carrier with Prism 2.5 wifi card [regr o kern/119345 net [ath] Unsuported Atheros 5424/2424 and CPU speedstep n o kern/119361 net [bge] bge(4) transmit performance problem o kern/119945 net [rum] [panic] rum device in hostap mode, cause kernel o kern/120130 net [carp] [panic] carp causes kernel panics in any conste o kern/120266 net [panic] gnugk causes kernel panic when closing UDP soc o kern/120304 net [netgraph] [patch] netgraph source assumes 32-bit time o kern/120966 net [rum] kernel panic with if_rum and WPA encryption o kern/121080 net [bge] IPv6 NUD problem on multi address config on bge0 o kern/121181 net [panic] Fatal trap 3: breakpoint instruction fault whi o kern/121298 net [em] [panic] Fatal trap 12: page fault while in kernel o kern/121437 net [vlan] Routing to layer-2 address does not work on VLA o kern/121555 net [panic] Fatal trap 12: current process = 12 (swi1: net o kern/121624 net [em] [regression] Intel em WOL fails after upgrade to o kern/121872 net [wpi] driver fails to attach on a fujitsu-siemens s711 o kern/121983 net [fxp] fxp0 MBUF and PAE o kern/122033 net [ral] [lor] Lock order reversal in ral0 at bootup [reg o kern/122058 net [em] [panic] Panic on em1: taskq o kern/122082 net [in_pcb] NULL pointer dereference in in_pcbdrop o kern/122195 net [ed] Alignment problems in if_ed f kern/122252 net [ipmi] [bge] IPMI problem with BCM5704 (does not work o kern/122290 net [netgraph] [panic] Netgraph related "kmem_map too smal o kern/122427 net [apm] [panic] apm and mDNSResponder cause panic during o kern/122551 net [bge] Broadcom 5715S no carrier on HP BL460c blade usi o kern/122685 net It is not visible passing packets in tcpdump o kern/122743 net [panic] vm_page_unwire: invalid wire count: 0 o kern/122772 net [em] em0 taskq panic, tcp reassembly bug causes radix f kern/122794 net [lagg] Kernel panic after brings lagg(8) up if NICs ar f conf/122858 net [nsswitch.conf] nsswitch in 7.0 is f*cked up o kern/122954 net [lagg] IPv6 EUI64 incorrectly chosen for lagg devices o kern/122989 net [swi] [panic] 6.3 kernel panic in swi1: net o kern/123066 net [ipsec] [panic] kernel trap with ipsec o kern/123160 net [ip] Panic and reboot at sysctl kern.polling.enable=0 f kern/123172 net [bce] Watchdog timeout problems with if_bce f kern/123200 net [netgraph] Server failure due to netgraph mpd and dhcp o conf/123330 net [nsswitch.conf] Enabling samba wins in nsswitch.conf c o kern/123347 net [bge] bge1: watchdog timeout -- linkstate changed to D o kern/123429 net [nfe] [hang] "ifconfig nfe up" causes a hard system lo o kern/123463 net [ipsec] [panic] repeatable crash related to ipsec-tool o bin/123465 net [ip6] route(8): route add -inet6 -interfac o kern/123559 net [iwi] iwi periodically disassociates/associates [regre o kern/123603 net [tcp] tcp_do_segment and Received duplicate SYN o kern/123617 net [tcp] breaking connection when client downloading file o bin/123633 net ifconfig(8) doesn't set inet and ether address in one o kern/123796 net [ipf] FreeBSD 6.1+VPN+ipnat+ipf: port mapping does not o kern/123881 net [tcp] Turning on TCP blackholing causes slow localhost o kern/123968 net [rum] [panic] rum driver causes kernel panic with WPA. o kern/124021 net [ip6] [panic] page fault in nd6_output() o kern/124127 net [msk] watchdog timeout (missed Tx interrupts) -- recov o kern/124753 net [ieee80211] net80211 discards power-save queue packets o kern/124904 net [fxp] EEPROM corruption with Compaq NC3163 NIC o kern/125079 net [ppp] host routes added by ppp with gateway flag (regr f kern/125195 net [fxp] fxp(4) driver failed to initialize device Intel o kern/125442 net [carp][lagg] CARP combined with LAGG causes system pan 95 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/23063 net [PATCH] for static ARP tables in rc.network o kern/34665 net [ipf] [hang] ipfilter rcmd proxy "hangs". s bin/41647 net ifconfig(8) doesn't accept lladdr along with inet addr o kern/54383 net [nfs] [patch] NFS root configurations without dynamic s kern/60293 net FreeBSD arp poison patch o kern/64556 net [sis] if_sis short cable fix problems with NetGear FA3 o kern/70904 net [ipf] ipfilter ipnat problem with h323 proxy support o kern/77273 net [ipf] ipfilter breaks ipv6 statefull filtering on 5.3 o kern/77913 net [wi] [patch] Add the APDL-325 WLAN pccard to wi(4) o kern/78090 net [ipf] ipf filtering on bridged packets doesn't work if o bin/79228 net [patch] extend arp(8) to be able to create blackhole r o kern/91594 net [em] FreeBSD > 5.4 w/ACPI fails to detect Intel Pro/10 s kern/91777 net [ipf] [patch] wrong behaviour with skip rule inside an o kern/93378 net [tcp] Slow data transfer in Postfix and Cyrus IMAP (wo o kern/95267 net packet drops periodically appear o kern/95277 net [netinet] [patch] IP Encapsulation mask_match() return o kern/100519 net [netisr] suggestion to fix suboptimal network polling o kern/102035 net [plip] plip networking disables parallel port printing o conf/102502 net [patch] ifconfig name does't rename netgraph node in n o conf/107035 net [patch] bridge interface given in rc.conf not taking a o kern/109470 net [wi] Orinoco Classic Gold PC Card Can't Channel Hop o kern/112179 net [sis] [patch] sis driver for natsemi DP83815D autonego o bin/112557 net [patch] ppp(8) lock file should not use symlink name o kern/114915 net [patch] [pcn] pcn (sys/pci/if_pcn.c) ethernet driver f o bin/116643 net [patch] [request] fstat(1): add INET/INET6 socket deta o bin/117339 net [patch] route(8): loading routing management commands o kern/118727 net [netgraph] [patch] [request] add new ng_pf module a kern/118879 net [bge] [patch] bge has checksum problems on the 5703 ch o bin/118987 net ifconfig(8): ifconfig -l (address_family) does not wor o kern/119432 net [arp] route add -host -iface causes arp e f kern/119516 net [ip6] [panic] _mtx_lock_sleep: recursed on non-recursi o kern/119617 net [nfs] nfs error on wpa network when reseting/shutdown o kern/119791 net [nfs] UDP NFS mount of aliased IP addresses from a Sol o kern/120232 net [nfe] [patch] Bring in nfe(4) to RELENG_6 o kern/120566 net [request]: ifconfig(8) make order of arguments more fr o kern/121257 net [tcp] TSO + natd -> slow outgoing tcp traffic o kern/121443 net [gif] LOR icmp6_input/nd6_lookup o kern/121706 net [netinet] [patch] "rtfree: 0xc4383870 has 1 refs" emit s kern/121774 net [swi] [panic] 6.3 kernel panic in swi1: net o kern/122068 net [ppp] ppp can not set the correct interface with pptpd o kern/122295 net [bge] bge Ierr rate increase (since 6.0R) [regression] o kern/122319 net [wi] imposible to enable ad-hoc demo mode with Orinoco o kern/122697 net [ath] Atheros card is not well supported o kern/122780 net [lagg] tcpdump on lagg interface during high pps wedge f kern/122839 net [multicast] FreeBSD 7 multicast routing problem o kern/122928 net [em] interface watchdog timeouts and stops receiving p o kern/123892 net [tap] [patch] No buffer space available p kern/123961 net [vr] [patch] Allow vr interface to handle vlans o bin/124004 net ifconfig(8): Cannot assign both an IP and a MAC addres o kern/124160 net [libc] connect(2) function loops indefinitely o kern/124341 net [ral] promiscuous mode for wireless device ral0 looses o kern/124609 net [ipsec] [panic] ipsec 'remainder too big' panic with p o kern/124767 net [iwi] Wireless connection using iwi0 driver (Intel 220 o kern/125003 net [gif] incorrect EtherIP header format. o kern/125181 net [ndis] [patch] with wep enters kdb.enter.unknown, pani o kern/125239 net [gre] kernel crash when using gre o kern/125258 net [socket] socket's SO_REUSEADDR option does not work f kern/125502 net [ral] ifconfig ral0 scan produces no output unless in 58 problems total. From owner-freebsd-net@FreeBSD.ORG Mon Jul 14 12:35:04 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1AF741065682; Mon, 14 Jul 2008 12:35:04 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from mail04.syd.optusnet.com.au (mail04.syd.optusnet.com.au [211.29.132.185]) by mx1.freebsd.org (Postfix) with ESMTP id 9C6A68FC16; Mon, 14 Jul 2008 12:35:03 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from besplex.bde.org (c220-239-252-11.carlnfd3.nsw.optusnet.com.au [220.239.252.11]) by mail04.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m6ECYkpv007809 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 14 Jul 2008 22:34:59 +1000 Date: Mon, 14 Jul 2008 22:34:46 +1000 (EST) From: Bruce Evans X-X-Sender: bde@besplex.bde.org To: Robert Watson In-Reply-To: <20080707142018.U63144@fledge.watson.org> Message-ID: <20080714212912.D885@besplex.bde.org> References: <4867420D.7090406@gtcomm.net> <486A7E45.3030902@gtcomm.net> <486A8F24.5010000@gtcomm.net> <486A9A0E.6060308@elischer.org> <486B41D5.3060609@gtcomm.net> <486B4F11.6040906@gtcomm.net> <486BC7F5.5070604@gtcomm.net> <20080703160540.W6369@delplex.bde.org> <486C7F93.7010308@gtcomm.net> <20080703195521.O6973@delplex.bde.org> <486D35A0.4000302@gtcomm.net> <486DF1A3.9000409@gtcomm.net> <486E65E6.3060301@gtcomm.net> <4871DB8E.5070903@freebsd.org> <20080707191918.B4703@besplex.bde.org> <4871FB66.1060406@freebsd.org> <20080707213356.G7572@besplex.bde.org> <20080707134036.S63144@fledge.watson.org> <20080707224659.B7844@besplex.bde.org> <20080707142018.U63144@fledge.watson.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: FreeBSD Net , Andre Oppermann , Ingo Flaschberger , Paul Subject: Re: Freebsd IP Forwarding performance (question, and some info) [7-stable, current, em, smp] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 12:35:04 -0000 On Mon, 7 Jul 2008, Robert Watson wrote: > On Mon, 7 Jul 2008, Bruce Evans wrote: > >>> (1) sendto() to a specific address and port on a socket that has been >>> bound to >>> INADDR_ANY and a specific port. >>> >>> (2) sendto() on a specific address and port on a socket that has been >>> bound to >>> a specific IP address (not INADDR_ANY) and a specific port. >>> >>> (3) send() on a socket that has been connect()'d to a specific IP address >>> and >>> a specific port, and bound to INADDR_ANY and a specific port. >>> >>> (4) send() on a socket that has been connect()'d to a specific IP address >>> and a specific port, and bound to a specific IP address (not >>> INADDR_ANY) >>> and a specific port. >>> >>> The last of these should really be quite a bit faster than the first of >>> these, but I'd be interested in seeing specific measurements for each if >>> that's possible! >> >> Not sure if I understand networking well enough to set these up quickly. >> Does netrate use one of (3) or (4) now? > > (3) and (4) are effectively the same thing, I think, since connect(2) should > force the selection of a source IP address, but I think it's not a bad idea > to confirm that. :-) > > The structure of the desired micro-benchmark here is basically: > ... I hacked netblast.c to do this: % --- /usr/src/tools/tools/netrate/netblast/netblast.c Fri Dec 16 17:02:44 2005 % +++ netblast.c Mon Jul 14 21:26:52 2008 % @@ -44,9 +44,11 @@ % { % % - fprintf(stderr, "netblast [ip] [port] [payloadsize] [duration]\n"); % - exit(-1); % + fprintf(stderr, "netblast ip port payloadsize duration bind connect\n"); % + exit(1); % } % % +static int gconnected; % static int global_stop_flag; % +static struct sockaddr_in *gsin; % % static void % @@ -116,6 +118,13 @@ % counter++; % } % - if (send(s, packet, packet_len, 0) < 0) % + if (gconnected && send(s, packet, packet_len, 0) < 0) { % send_errors++; % + usleep(1000); % + } % + if (!gconnected && sendto(s, packet, packet_len, 0, % + (struct sockaddr *)gsin, sizeof(*gsin)) < 0) { % + send_errors++; % + usleep(1000); % + } % send_calls++; % } % @@ -146,9 +155,10 @@ % struct sockaddr_in sin; % char *dummy, *packet; % - int s; % + int bind_desired, connect_desired, s; % % - if (argc != 5) % + if (argc != 7) % usage(); % % + gsin = &sin; % bzero(&sin, sizeof(sin)); % sin.sin_len = sizeof(sin); % @@ -176,4 +186,7 @@ % usage(); % % + bind_desired = (strcmp(argv[5], "b") == 0); % + connect_desired = (strcmp(argv[6], "c") == 0); % + % packet = malloc(payloadsize); % if (packet == NULL) { % @@ -189,7 +202,19 @@ % } % % - if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) < 0) { % - perror("connect"); % - return (-1); % + if (bind_desired) { % + struct sockaddr_in osin; % + % + osin = sin; % + if (inet_aton("0", &sin.sin_addr) == 0) % + perror("inet_aton(0)"); % + if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) < 0) % + err(-1, "bind"); % + sin = osin; % + } % + % + if (connect_desired) { % + if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) < 0) % + err(-1, "connect"); % + gconnected = 1; % } % This also fixes some bugs in usage() (bogus [] around non-optional args and bogus exit code) and adds a sleep after send failure. Without the sleep, netblast distorts the measurements by taking 100% CPU. This depends on kernel queues having enough buffering to not run dry during the sleep time (rounded up to a tick boundary). I use ifq_maxlen = DRIVER_TX_RING_CNT + imax(2 * tick / 4, 10000) = 10512 for DRIVER = bge and HZ = 100. This is actually wrong now. The magic 2 is to round up to a tick boundary and the magic 4 is for bge taking a minimum of 4 usec per packet on old hadware, but bge actually takes about 1.5 usec on the test hardware and I'd like it to take 0.66 usec. The queues rarely run dry in practice, but running dry just a few times for a few msec each would explain some anomalies. Old SGI ttcp uses a select timeout of 18 msec here. nttcp and netsend use more sophisticated methods that don't work unless HZ is too small. It's just impossible for a program to schedule its sleeps with a fine enough resolution to ensure waking up before the queue runs dry, unless HZ is too small or the queue is too large. select() for writing doesn't work for the queue part of socket i/o. Results: ~5.2 sendto (1): 630 kpps 98% CPU 11 cm/p (cache misses/packet (min)) -cur sendto: 590 kpps 100% CPU 10 cm/p (July 8 -current) (2): no significant difference - see below ~5.2 send (3): 620 kpps 75% CPU 9.5 cm/p -cur send: 520 kpps 60% CPU 8 cm/p (4): no significant difference - see below send() has lower CPU overheads as expected. For some reason, send() gets lower throughput than sendto(). I think the reason is just that the queue runs dry due to the lower CPU overhead making it possible for the userland sender to outrun the hardware -- userland sees more ENOBUFS and sleeps more often, so it sometimes sleeps too long due to my out of date hack for increasing the queue length. For some reason, this affects -current much more than ~5.2 (the bge drivers in each have lots of modifications which are supposed to be equivalent here). Probably the same reason. sendto() still 5-10% higher overhead in -current than in ~5.2 and runs out of CPU. It runs out under ~5.2 testing ttcp too. > If you look at the design of the higher performance UDP applications, they > will generally bind a specific IP (perhaps every IP on the host with its own > socket), and if they do sustained communication to a specific endpoint they > will use connect(2) rather than providing an address for each send(2) system > call to the kernel. I couldn't see any effect from binding. I'm only testing sending, and it doesn't seem to be possible to bind to anything except local addresses (0.0.0.0, the NIC's address and 127.0.0.1) but these seem to be equivalent (with no extra work for translation on every packet?) and seem to be used by default anyway. In the above, sin.sin_addr has to be set to the receiver's ip from the command line (else it defaults to a local address), and the above temporarily sets it back to 0.0.0.0 so as to use the same sin for the local bind()). > udp_output(2) makes the trade-offs there fairly clear: with the most recent > rev, the optimal case is one connect(2) has been called, allowing a single > inpcb read lock and no global data structure access, vs. an application > calling sendto(2) for each system call and the local binding remaining > INADDR_ANY. Middle ground applications, such as named(8) will force a local > binding using bind(2), but then still have to pass an address to each > sendto(2). In the future, this case will be further optimized in our code by > using a global read lock rather than a global write lock: we have to check > for collisions, but we don't actually have to reserve the new 4-tuple for the > UDP socket as it's an ephemeral association rather than a connect(2). The July 8 -current should have this rev. Note that I'm not testing SMP or stessing locking, or nontrivial routine tables, or forwarding, and don't plan to. UP with a direct connection is hard enough and short of CPU enough to understand and make efficient. Locking barely shows up in older tests, only partly because it is mostly inline. Bruce From owner-freebsd-net@FreeBSD.ORG Mon Jul 14 13:44:35 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3FA7C1065670 for ; Mon, 14 Jul 2008 13:44:35 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com [66.111.4.28]) by mx1.freebsd.org (Postfix) with ESMTP id 22CE68FC08 for ; Mon, 14 Jul 2008 13:44:34 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 6401013A523; Mon, 14 Jul 2008 09:44:34 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Mon, 14 Jul 2008 09:44:34 -0400 X-Sasl-enc: 8Pld3l5O9agACN/ZEY04cd/6daRtQKHsvFXeSjB/9kcH 1216043074 Received: from empiric.lon.incunabulum.net (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id D6B822CA19; Mon, 14 Jul 2008 09:44:33 -0400 (EDT) Message-ID: <487B5840.3000401@FreeBSD.org> Date: Mon, 14 Jul 2008 14:44:32 +0100 From: "Bruce M. Simpson" User-Agent: Thunderbird 2.0.0.14 (X11/20080514) MIME-Version: 1.0 To: Robin Sommer References: <20080711202737.GB27418@icir.org> In-Reply-To: <20080711202737.GB27418@icir.org> X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: BPF problems on FreeBSD 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 13:44:35 -0000 Robin Sommer wrote: > Hi all, > > we're seeing some strange effects with our libpcap-based application > (the Bro network intrusion detection system) on a FreeBSD 7-RELEASE > system. As the application has always been running fine on 6.x, > we're wondering whether this might be triggered by any of the > changes that went into 7. > ... > I'm wondering whether anybody here has seen something similar or > might have an idea where to start looking for the cause. Any ideas? > One place to start might be: netstat -B output in 7.x (I *think* this got MFCed), this will let us see what the drop count is for the Bro process, and what the flags are for the open BPF descriptors in the system. I'm not hot on current BPF internals, but I hazard a guess this is related to BPF descriptor buffering -- an area where there have been changes, some of which I've eyeballed. cheers BMS From owner-freebsd-net@FreeBSD.ORG Mon Jul 14 17:42:46 2008 Return-Path: Delivered-To: net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8A4C21065672; Mon, 14 Jul 2008 17:42:46 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from proxy.meer.net (proxy.meer.net [64.13.141.13]) by mx1.freebsd.org (Postfix) with ESMTP id 7B95D8FC17; Mon, 14 Jul 2008 17:42:46 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [64.13.141.3]) by proxy.meer.net (8.14.2/8.14.2) with ESMTP id m6EHgk2s072969; Mon, 14 Jul 2008 10:42:46 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from mail2.meer.net (mail2.meer.net [64.13.141.16]) by mail.meer.net (8.13.3/8.13.3/meer) with ESMTP id m6EHfDVv077098; Mon, 14 Jul 2008 10:41:13 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (209.249.190.254.available.above.net [209.249.190.254] (may be forged)) (authenticated bits=0) by mail2.meer.net (8.14.1/8.14.1) with ESMTP id m6EHfD78063819; Mon, 14 Jul 2008 10:41:13 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Mon, 14 Jul 2008 13:41:12 -0400 Message-ID: From: gnn@FreeBSD.org To: Robert Watson In-Reply-To: <20080710220201.K34050@fledge.watson.org> References: <20080710114028.T34050@fledge.watson.org> <20080710220201.K34050@fledge.watson.org> User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.7 Emacs/22.1.50 (i386-apple-darwin8.11.1) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Canit-CHI2: 0.50 X-Bayes-Prob: 0.5 (Score 0, tokens from: ) X-Spam-Score: 0.10 () [Tag at 5.00] COMBINED_FROM X-CanItPRO-Stream: default X-Canit-Stats-ID: 942304 - be6a7137b6a2 X-Scanned-By: CanIt (www . roaringpenguin . com) on 64.13.141.13 Cc: net@FreeBSD.org Subject: Re: What's the deal with hardware checksum and net.inet.udp.checksum? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 17:42:46 -0000 Ahhhh, thanks, George From owner-freebsd-net@FreeBSD.ORG Mon Jul 14 21:45:56 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 20EE91065672 for ; Mon, 14 Jul 2008 21:45:56 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from proxy.meer.net (proxy.meer.net [64.13.141.13]) by mx1.freebsd.org (Postfix) with ESMTP id 0FAF38FC1A for ; Mon, 14 Jul 2008 21:45:55 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [64.13.141.3]) by proxy.meer.net (8.14.2/8.14.2) with ESMTP id m6ELjsNT086857; Mon, 14 Jul 2008 14:45:55 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from mail2.meer.net (mail2.meer.net [64.13.141.16]) by mail.meer.net (8.13.3/8.13.3/meer) with ESMTP id m6ELiblm073886; Mon, 14 Jul 2008 14:44:37 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (209.249.190.254.available.above.net [209.249.190.254] (may be forged)) (authenticated bits=0) by mail2.meer.net (8.14.1/8.14.1) with ESMTP id m6ELibrq014988; Mon, 14 Jul 2008 14:44:37 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Mon, 14 Jul 2008 17:44:34 -0400 Message-ID: From: gnn@freebsd.org To: net@freebsd.org User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.7 Emacs/22.1.50 (i386-apple-darwin8.11.1) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Canit-CHI2: 0.50 X-Bayes-Prob: 0.5 (Score 0, tokens from: ) X-Spam-Score: 0.10 () [Tag at 5.00] COMBINED_FROM X-CanItPRO-Stream: default X-Canit-Stats-ID: 944742 - ea999f968eed X-Scanned-By: CanIt (www . roaringpenguin . com) on 64.13.141.13 Cc: stable@freebsd.org Subject: igb doesn't compile in STABLE? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 21:45:56 -0000 Howdy, As of today, this afternoon, I see the following: linking kernel.debug e1000_api.o(.text+0xad9): In function `e1000_setup_init_funcs': ../../../dev/em/e1000_api.c:343: undefined reference to `e1000_init_function_pointers_80003es2lan' e1000_api.o(.text+0xae8):../../../dev/em/e1000_api.c:340: undefined reference to `e1000_init_function_pointers_82571' e1000_api.o(.text+0xafa):../../../dev/em/e1000_api.c:334: undefined reference to `e1000_init_function_pointers_82541' e1000_api.o(.text+0xb0c):../../../dev/em/e1000_api.c:328: undefined reference to `e1000_init_function_pointers_82540' e1000_api.o(.text+0xb1e):../../../dev/em/e1000_api.c:321: undefined reference to `e1000_init_function_pointers_82543' e1000_api.o(.text+0xb30):../../../dev/em/e1000_api.c:316: undefined reference to `e1000_init_function_pointers_82542' e1000_ich8lan.o(.text+0x98c): In function `e1000_valid_nvm_bank_detect_ich8lan': ../../../dev/em/e1000_ich8lan.c:1032: undefined reference to `e1000_translate_register_82542' e1000_ich8lan.o(.text+0xc32): In function `e1000_acquire_swflag_ich8lan': ../../../dev/em/e1000_ich8lan.c:424: undefined reference to `e1000_translate_register_82542' e1000_ich8lan.o(.text+0xc6e):../../../dev/em/e1000_ich8lan.c:426: undefined reference to `e1000_translate_register_82542' e1000_ich8lan.o(.text+0xc9d):../../../dev/em/e1000_ich8lan.c:422: undefined reference to `e1000_translate_register_82542' e1000_ich8lan.o(.text+0xced):../../../dev/em/e1000_ich8lan.c:436: undefined reference to `e1000_translate_register_82542' e1000_ich8lan.o(.text+0x16bf):../../../dev/em/e1000_ich8lan.c:2700: more undefined references to `e1000_translate_register_82542' follow *** Error code 1 Thoughts? Later, George From owner-freebsd-net@FreeBSD.ORG Mon Jul 14 22:17:37 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AFCBC1065673 for ; Mon, 14 Jul 2008 22:17:37 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.29]) by mx1.freebsd.org (Postfix) with ESMTP id 6E6108FC0A for ; Mon, 14 Jul 2008 22:17:37 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: by yw-out-2324.google.com with SMTP id 9so2129853ywe.13 for ; Mon, 14 Jul 2008 15:17:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=fkzunWRweoG2a2txSAuJzlVGdlp8UxrQE1Iyw3Bvaak=; b=BSgbmvglnMJQK1G6QoAexL8UcCHKDtH2QUtRTtNYu8ygF+0NtgQHTHo1hJz/9jNbgg x+WyQPqbTJL5r9mSzHAo6Bxxq3HjU925cDGMSKpW97AXRvHYfj7gi9yjbuIR1KS+gj35 DTB4oIpmIpm5P7mf92C2AZtYE6WMnHr5e2ESM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=NHGZ9+pniAPYXK1PReivvW+F/D6X2UO8sY1r5xaKt1ypmSwvhEzTZum5AMzW80EcnE e+4PaxVyHKdBoFzrDiptBjFo5r39Oi+j89nN9z5jvOMxD8PFlzheLQrJbhVMUmIPdK09 CYVnsnKFChNkIbyEBFfdeXTFcoqDfm1S/ndSQ= Received: by 10.114.147.1 with SMTP id u1mr14747093wad.208.1216072396704; Mon, 14 Jul 2008 14:53:16 -0700 (PDT) Received: by 10.114.176.12 with HTTP; Mon, 14 Jul 2008 14:53:16 -0700 (PDT) Message-ID: <2a41acea0807141453s7235d894i31a744a0f673fcc0@mail.gmail.com> Date: Mon, 14 Jul 2008 14:53:16 -0700 From: "Jack Vogel" To: gnn@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Cc: stable@freebsd.org, net@freebsd.org Subject: Re: igb doesn't compile in STABLE? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 22:17:37 -0000 Just guessing, did someone change conf/files maybe?? Jack On Mon, Jul 14, 2008 at 2:44 PM, wrote: > Howdy, > > As of today, this afternoon, I see the following: > > linking kernel.debug > e1000_api.o(.text+0xad9): In function `e1000_setup_init_funcs': > ../../../dev/em/e1000_api.c:343: undefined reference to `e1000_init_function_pointers_80003es2lan' > e1000_api.o(.text+0xae8):../../../dev/em/e1000_api.c:340: undefined reference to `e1000_init_function_pointers_82571' > e1000_api.o(.text+0xafa):../../../dev/em/e1000_api.c:334: undefined reference to `e1000_init_function_pointers_82541' > e1000_api.o(.text+0xb0c):../../../dev/em/e1000_api.c:328: undefined reference to `e1000_init_function_pointers_82540' > e1000_api.o(.text+0xb1e):../../../dev/em/e1000_api.c:321: undefined reference to `e1000_init_function_pointers_82543' > e1000_api.o(.text+0xb30):../../../dev/em/e1000_api.c:316: undefined reference to `e1000_init_function_pointers_82542' > e1000_ich8lan.o(.text+0x98c): In function `e1000_valid_nvm_bank_detect_ich8lan': > ../../../dev/em/e1000_ich8lan.c:1032: undefined reference to `e1000_translate_register_82542' > e1000_ich8lan.o(.text+0xc32): In function `e1000_acquire_swflag_ich8lan': > ../../../dev/em/e1000_ich8lan.c:424: undefined reference to `e1000_translate_register_82542' > e1000_ich8lan.o(.text+0xc6e):../../../dev/em/e1000_ich8lan.c:426: undefined reference to `e1000_translate_register_82542' > e1000_ich8lan.o(.text+0xc9d):../../../dev/em/e1000_ich8lan.c:422: undefined reference to `e1000_translate_register_82542' > e1000_ich8lan.o(.text+0xced):../../../dev/em/e1000_ich8lan.c:436: undefined reference to `e1000_translate_register_82542' > e1000_ich8lan.o(.text+0x16bf):../../../dev/em/e1000_ich8lan.c:2700: more undefined references to `e1000_translate_register_82542' follow > *** Error code 1 > > > Thoughts? > > Later, > George > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 12:31:50 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7D7FC106567A for ; Tue, 15 Jul 2008 12:31:50 +0000 (UTC) (envelope-from freebsdlists@bsdunix.ch) Received: from conversation.bsdunix.ch (ns1.bsdunix.ch [82.220.1.90]) by mx1.freebsd.org (Postfix) with ESMTP id 2BA338FC1B for ; Tue, 15 Jul 2008 12:31:50 +0000 (UTC) (envelope-from freebsdlists@bsdunix.ch) Received: from localhost (localhost.bsdunix.ch [127.0.0.1]) by conversation.bsdunix.ch (Postfix) with ESMTP id D46E45D8B for ; Tue, 15 Jul 2008 14:13:13 +0200 (CEST) X-Virus-Scanned: by amavisd-new at mail.bsdunix.ch Received: from conversation.bsdunix.ch ([127.0.0.1]) by localhost (conversation.bsdunix.ch [127.0.0.1]) (amavisd-new, port 10024) with LMTP id MllkvwpoDTRR for ; Tue, 15 Jul 2008 14:13:12 +0200 (CEST) Received: from bert.mlan.solnet.ch (bert.mlan.solnet.ch [212.101.1.83]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by conversation.bsdunix.ch (Postfix) with ESMTP id CDE425D58 for ; Tue, 15 Jul 2008 14:13:11 +0200 (CEST) Message-ID: <487C9457.5080609@bsdunix.ch> Date: Tue, 15 Jul 2008 14:13:11 +0200 From: Thomas Vogt User-Agent: Thunderbird 2.0.0.14 (X11/20080609) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 12:31:50 -0000 Hello Since i updated my FreeBSD 6.3 dns server with the latest bind version in the ports (dns/bind94) my system is flooding my log with "too many open file descriptors" messages. Is there something i can do? Example: Jul 15 12:08:38 intern named[50840]: socket: too many open file descriptors Jul 15 12:09:05 intern last message repeated 68 times sysctl: kern.ipc.somaxconn=4096 kern.ipc.nmbclusters=65536 kern.ipc.maxsockets=204800 net.inet.tcp.sendspace=65535 net.inet.tcp.recvspace=65535 net.inet.udp.recvspace=65535 loder.conf userconfig_script_load="YES" kern.maxdsiz="900M" net.inet.tcp.syncache.hashsize=1024 net.inet.tcp.syncache.bucketlimit=100 System: FreeBSD intern.lan 6.3-RELEASE-p2 FreeBSD 6.3-RELEASE-p2 #4: Fri May 16 11:40:24 UTC 2008 root@intern.lan:/usr/obj/usr/src/sys/UP6 i386 netstat -m 517/773/1290 mbufs in use (current/cache/total) 513/261/774/65536 mbuf clusters in use (current/cache/total/max) 513/255 mbuf+clusters out of packet secondary zone in use (current/cache) 0/0/0/0 4k (page size) jumbo clusters in use (current/cache/total/max) 0/0/0/0 9k jumbo clusters in use (current/cache/total/max) 0/0/0/0 16k jumbo clusters in use (current/cache/total/max) 1155K/715K/1870K bytes allocated to network (current/cache/total) 0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters) 0/0/0 requests for jumbo clusters denied (4k/9k/16k) 0/7/6656 sfbufs in use (current/peak/max) 0 requests for sfbufs denied 0 requests for sfbufs delayed 0 requests for I/O initiated by sendfile 105 calls to protocol drain routines Regards, Thomas From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 13:14:25 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 143531065677 for ; Tue, 15 Jul 2008 13:14:25 +0000 (UTC) (envelope-from kris@FreeBSD.org) Received: from weak.local (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id AE6748FC1F; Tue, 15 Jul 2008 13:14:14 +0000 (UTC) (envelope-from kris@FreeBSD.org) Message-ID: <487CA29F.6080500@FreeBSD.org> Date: Tue, 15 Jul 2008 15:14:07 +0200 From: Kris Kennaway User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: Thomas Vogt References: <487C9457.5080609@bsdunix.ch> In-Reply-To: <487C9457.5080609@bsdunix.ch> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 13:14:25 -0000 Thomas Vogt wrote: > Hello > > Since i updated my FreeBSD 6.3 dns server with the latest bind version > in the ports (dns/bind94) my system is flooding my log with "too many > open file descriptors" messages. > > Is there something i can do? > > Example: > Jul 15 12:08:38 intern named[50840]: socket: too many open file descriptors > Jul 15 12:09:05 intern last message repeated 68 times Is this a busy name server handling thousands of queries per second? If so, the solution, perhaps not surprisingly, is to increase the number of file descriptors :) kern.maxfiles: 12328 kern.maxfilesperproc: 11095 Kris From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 17:04:25 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A5CE6106564A; Tue, 15 Jul 2008 17:04:25 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from proxy.meer.net (proxy.meer.net [64.13.141.13]) by mx1.freebsd.org (Postfix) with ESMTP id 866688FC15; Tue, 15 Jul 2008 17:04:25 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [64.13.141.3]) by proxy.meer.net (8.14.2/8.14.2) with ESMTP id m6FH4PPN051394; Tue, 15 Jul 2008 10:04:25 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from mail2.meer.net (mail2.meer.net [64.13.141.16]) by mail.meer.net (8.13.3/8.13.3/meer) with ESMTP id m6FH4E4g041043; Tue, 15 Jul 2008 10:04:14 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (209.249.190.254.available.above.net [209.249.190.254] (may be forged)) (authenticated bits=0) by mail2.meer.net (8.14.1/8.14.1) with ESMTP id m6FH4D3P017947; Tue, 15 Jul 2008 10:04:13 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Tue, 15 Jul 2008 13:04:13 -0400 Message-ID: From: gnn@freebsd.org To: "Jack Vogel" In-Reply-To: <2a41acea0807141453s7235d894i31a744a0f673fcc0@mail.gmail.com> References: <2a41acea0807141453s7235d894i31a744a0f673fcc0@mail.gmail.com> User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.7 Emacs/22.1.50 (i386-apple-darwin8.11.1) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Canit-CHI2: 0.50 X-Bayes-Prob: 0.5 (Score 0, tokens from: ) X-Spam-Score: 0.10 () [Tag at 5.00] COMBINED_FROM X-CanItPRO-Stream: default X-Canit-Stats-ID: 956002 - 65379517e1a7 X-Scanned-By: CanIt (www . roaringpenguin . com) on 64.13.141.13 Cc: stable@freebsd.org, net@freebsd.org Subject: Re: igb doesn't compile in STABLE? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 17:04:25 -0000 At Mon, 14 Jul 2008 14:53:16 -0700, Jack Vogel wrote: > > Just guessing, did someone change conf/files maybe?? > If you build a STABLE kernel with igb AND em then things work and the kernel uses em. I'm not sure which thing needs to be changed in conf/files or otherwise though. Later, George From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 17:07:24 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 64296106567F for ; Tue, 15 Jul 2008 17:07:24 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.30]) by mx1.freebsd.org (Postfix) with ESMTP id 1DCA98FC4A for ; Tue, 15 Jul 2008 17:07:23 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: by yx-out-2324.google.com with SMTP id 8so1400811yxb.13 for ; Tue, 15 Jul 2008 10:07:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=1859/M9gfbSJphTTtT+rWDlFzW6QY8PPOcIBKxZlpGk=; b=ofnKVQjdhzY9AeBH99OHBh6xvTqkIhpYvQztuxO71d549BoccxzxqBQPMEpak//fMV e3T++uD7lncN+tuCQY7MjMYcg9VA00oEM6YnfSIHCGTkBuZ2fWgztQGOgE8+fu6AVu0c +M6daYNuc1eujKRzpD0hivGoH9dpFQsnM2YTU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=pKRSCS9IjX4eN278DQiqxGo/Vb1BCnRpovpK8r5qICi2JRK2kWg0kEFxPMbnD/Gc1f QB4w9dn49Q3vWNwd5WRNw/yDXY4NOAyH04H+Qk3BPagBSR1LfkgswOteWZv20x0vrbT4 LUJ/HW7UPJ2ZUXZJ4tEL6eyjxyHSNbM0bb2/A= Received: by 10.114.177.1 with SMTP id z1mr19388736wae.37.1216141642470; Tue, 15 Jul 2008 10:07:22 -0700 (PDT) Received: by 10.114.176.12 with HTTP; Tue, 15 Jul 2008 10:07:22 -0700 (PDT) Message-ID: <2a41acea0807151007q29a783c4r2ae63c5a631952ba@mail.gmail.com> Date: Tue, 15 Jul 2008 10:07:22 -0700 From: "Jack Vogel" To: gnn@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <2a41acea0807141453s7235d894i31a744a0f673fcc0@mail.gmail.com> Cc: stable@freebsd.org, net@freebsd.org Subject: Re: igb doesn't compile in STABLE? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 17:07:24 -0000 Oh, so the problem is if igb alone is defined? On Tue, Jul 15, 2008 at 10:04 AM, wrote: > At Mon, 14 Jul 2008 14:53:16 -0700, > Jack Vogel wrote: >> >> Just guessing, did someone change conf/files maybe?? >> > > If you build a STABLE kernel with igb AND em then things work and the > kernel uses em. > > I'm not sure which thing needs to be changed in conf/files or > otherwise though. > > Later, > George > From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 17:32:07 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2F453106566B; Tue, 15 Jul 2008 17:32:07 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from proxy.meer.net (proxy.meer.net [64.13.141.13]) by mx1.freebsd.org (Postfix) with ESMTP id 0E4D18FC19; Tue, 15 Jul 2008 17:32:07 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [64.13.141.3]) by proxy.meer.net (8.14.2/8.14.2) with ESMTP id m6FHW1tk052975; Tue, 15 Jul 2008 10:32:06 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from mail2.meer.net (mail2.meer.net [64.13.141.16]) by mail.meer.net (8.13.3/8.13.3/meer) with ESMTP id m6FHV1jP052348; Tue, 15 Jul 2008 10:31:01 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (209.249.190.254.available.above.net [209.249.190.254] (may be forged)) (authenticated bits=0) by mail2.meer.net (8.14.1/8.14.1) with ESMTP id m6FHV1ON024680; Tue, 15 Jul 2008 10:31:01 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Tue, 15 Jul 2008 13:31:00 -0400 Message-ID: From: gnn@freebsd.org To: "Jack Vogel" In-Reply-To: <2a41acea0807151007q29a783c4r2ae63c5a631952ba@mail.gmail.com> References: <2a41acea0807141453s7235d894i31a744a0f673fcc0@mail.gmail.com> <2a41acea0807151007q29a783c4r2ae63c5a631952ba@mail.gmail.com> User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.7 Emacs/22.1.50 (i386-apple-darwin8.11.1) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Canit-CHI2: 0.50 X-Bayes-Prob: 0.5 (Score 0, tokens from: ) X-Spam-Score: 0.10 () [Tag at 5.00] COMBINED_FROM X-CanItPRO-Stream: default X-Canit-Stats-ID: 956268 - 79bd821ef23c X-Scanned-By: CanIt (www . roaringpenguin . com) on 64.13.141.13 Cc: stable@freebsd.org, net@freebsd.org Subject: Re: igb doesn't compile in STABLE? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 17:32:07 -0000 At Tue, 15 Jul 2008 10:07:22 -0700, Jack Vogel wrote: > > Oh, so the problem is if igb alone is defined? > Yes. Best, George From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 17:35:59 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 59B5C106567B for ; Tue, 15 Jul 2008 17:35:59 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.29]) by mx1.freebsd.org (Postfix) with ESMTP id 10DC78FC26 for ; Tue, 15 Jul 2008 17:35:58 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: by yx-out-2324.google.com with SMTP id 8so1406078yxb.13 for ; Tue, 15 Jul 2008 10:35:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=dcQ436JK15Tihh+JX67dqKHghFDih60T+GFG/vb1caY=; b=otGK2siImCqnR/Qdkzrh52iJ+rqySENgSIV3SXe4Jczixa7GbgLpgy//H+Co7z3cMy BhZxzrUzGg+uvEJGA+0+bOSmHdeH4e66ygvyMy0mcsimf5ljDo6k9FzTv25C3HKMR7q2 dA4AtK8+Y4U1xTV0U/GPWJ8V3+TdxOYTn3veY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=H7paaGhGcNKLQG/2ygXEm0XDd/yzIFxNmTOY4WTwSm09v8q5Klo8pmjVEKAEbLRr2+ RFihstU2BAnhsnDnuIkFOEz7qgQ209ozVbqDtNc0oq9ZiOSr4GptJ/cbN25VyQ0msN/m SQ8857NlbasbW1YxBFt+iicWUpEIKNWBQ3NXg= Received: by 10.115.109.1 with SMTP id l1mr1260913wam.90.1216143357683; Tue, 15 Jul 2008 10:35:57 -0700 (PDT) Received: by 10.114.176.12 with HTTP; Tue, 15 Jul 2008 10:35:57 -0700 (PDT) Message-ID: <2a41acea0807151035w291269abt4ed99989ae45cc8b@mail.gmail.com> Date: Tue, 15 Jul 2008 10:35:57 -0700 From: "Jack Vogel" To: gnn@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <2a41acea0807141453s7235d894i31a744a0f673fcc0@mail.gmail.com> <2a41acea0807151007q29a783c4r2ae63c5a631952ba@mail.gmail.com> Cc: stable@freebsd.org, net@freebsd.org Subject: Re: igb doesn't compile in STABLE? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 17:35:59 -0000 OK, will put on my todo list :) On Tue, Jul 15, 2008 at 10:31 AM, wrote: > At Tue, 15 Jul 2008 10:07:22 -0700, > Jack Vogel wrote: >> >> Oh, so the problem is if igb alone is defined? >> > > Yes. > > Best, > George > From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 18:12:55 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5F76F1065680 for ; Tue, 15 Jul 2008 18:12:55 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from mon.jinmei.org (mon.jinmei.org [IPv6:2001:4f8:3:36::162]) by mx1.freebsd.org (Postfix) with ESMTP id 4FAA88FC15 for ; Tue, 15 Jul 2008 18:12:55 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from jmb.jinmei.org (unknown [IPv6:2001:4f8:3:bb:217:f2ff:fee0:a91f]) by mon.jinmei.org (Postfix) with ESMTP id 0564833C2E; Tue, 15 Jul 2008 11:12:54 -0700 (PDT) Date: Tue, 15 Jul 2008 11:12:54 -0700 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: Thomas Vogt In-Reply-To: <487C9457.5080609@bsdunix.ch> References: <487C9457.5080609@bsdunix.ch> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/22.1 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: freebsd-net@freebsd.org Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 18:12:55 -0000 At Tue, 15 Jul 2008 14:13:11 +0200, Thomas Vogt wrote: > Since i updated my FreeBSD 6.3 dns server with the latest bind version > in the ports (dns/bind94) my system is flooding my log with "too many > open file descriptors" messages. > > Is there something i can do? How many sockets is named actually using while it makes this log message? Try, e.g, % sockstat | grep named | wc -l --- JINMEI, Tatuya Internet Systems Consortium, Inc. From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 20:54:15 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AB9CB106568F for ; Tue, 15 Jul 2008 20:54:15 +0000 (UTC) (envelope-from freebsdlists@bsdunix.ch) Received: from conversation.bsdunix.ch (ns1.bsdunix.ch [82.220.1.90]) by mx1.freebsd.org (Postfix) with ESMTP id 604F98FC13 for ; Tue, 15 Jul 2008 20:54:15 +0000 (UTC) (envelope-from freebsdlists@bsdunix.ch) Received: from localhost (localhost.bsdunix.ch [127.0.0.1]) by conversation.bsdunix.ch (Postfix) with ESMTP id 4ABCF5D68; Tue, 15 Jul 2008 22:54:14 +0200 (CEST) X-Virus-Scanned: by amavisd-new at mail.bsdunix.ch Received: from conversation.bsdunix.ch ([127.0.0.1]) by localhost (conversation.bsdunix.ch [127.0.0.1]) (amavisd-new, port 10024) with LMTP id gySLOfwPXh5f; Tue, 15 Jul 2008 22:54:12 +0200 (CEST) Received: from [192.168.1.101] (home.bsdunix.ch [82.220.17.23]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by conversation.bsdunix.ch (Postfix) with ESMTP id B3DF15D58; Tue, 15 Jul 2008 22:54:11 +0200 (CEST) Message-Id: <2A7CBD67-7532-4B13-82DD-A6EF5DEAA6BD@bsdunix.ch> From: Thomas Vogt To: =?UTF-8?Q?JINMEI_Tatuya_/_=E7=A5=9E=E6=98=8E=E9=81=94=E5=93=89?= In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v926) Date: Tue, 15 Jul 2008 22:54:11 +0200 References: <487C9457.5080609@bsdunix.ch> X-Mailer: Apple Mail (2.926) Cc: freebsd-net@freebsd.org Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 20:54:15 -0000 Hello Am 15.07.2008 um 20:12 schrieb JINMEI Tatuya / =E7=A5=9E=E6=98=8E=E9=81=94= =E5=93=89: > At Tue, 15 Jul 2008 14:13:11 +0200, > Thomas Vogt wrote: > >> Since i updated my FreeBSD 6.3 dns server with the latest bind =20 >> version >> in the ports (dns/bind94) my system is flooding my log with "too many >> open file descriptors" messages. >> >> Is there something i can do? > > How many sockets is named actually using while it makes this log > message? Try, e.g, > % sockstat | grep named | wc -l Not that many: sockstat | grep named | wc -l 996 Regards, Thomas Thomas Vogt From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 20:59:07 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 829A81065679 for ; Tue, 15 Jul 2008 20:59:07 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from mon.jinmei.org (mon.jinmei.org [IPv6:2001:4f8:3:36::162]) by mx1.freebsd.org (Postfix) with ESMTP id 6B2838FC15 for ; Tue, 15 Jul 2008 20:59:07 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from jmb.jinmei.org (unknown [IPv6:2001:4f8:3:bb:217:f2ff:fee0:a91f]) by mon.jinmei.org (Postfix) with ESMTP id 8297833C2E; Tue, 15 Jul 2008 13:59:06 -0700 (PDT) Date: Tue, 15 Jul 2008 13:59:06 -0700 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: Thomas Vogt In-Reply-To: <2A7CBD67-7532-4B13-82DD-A6EF5DEAA6BD@bsdunix.ch> References: <487C9457.5080609@bsdunix.ch> <2A7CBD67-7532-4B13-82DD-A6EF5DEAA6BD@bsdunix.ch> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/22.1 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: freebsd-net@freebsd.org Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 20:59:07 -0000 At Tue, 15 Jul 2008 22:54:11 +0200, Thomas Vogt wrote: > >> Since i updated my FreeBSD 6.3 dns server with the latest bind > >> version > >> in the ports (dns/bind94) my system is flooding my log with "too many > >> open file descriptors" messages. > >> > >> Is there something i can do? > > > > How many sockets is named actually using while it makes this log > > message? Try, e.g, > > % sockstat | grep named | wc -l > > Not that many: > sockstat | grep named | wc -l > 996 Ah, it's actually quite a lot in this context:-) If that's regularly happening, I'm afraid recent P1 versions don't handle that well, and recommend you try 9.4.3b2 ore 9.5.1b1. --- JINMEI, Tatuya Internet Systems Consortium, Inc. From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 21:09:28 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 820B01065672 for ; Tue, 15 Jul 2008 21:09:28 +0000 (UTC) (envelope-from kris@FreeBSD.org) Received: from weak.local (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 9FB798FC17; Tue, 15 Jul 2008 21:09:27 +0000 (UTC) (envelope-from kris@FreeBSD.org) Message-ID: <487D120A.6010001@FreeBSD.org> Date: Tue, 15 Jul 2008 23:09:30 +0200 From: Kris Kennaway User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: =?UTF-8?B?SklOTUVJIFRhdHV5YSAvIOelnuaYjumBlOWTiQ==?= References: <487C9457.5080609@bsdunix.ch> <2A7CBD67-7532-4B13-82DD-A6EF5DEAA6BD@bsdunix.ch> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-net@freebsd.org, Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 21:09:28 -0000 JINMEI Tatuya / 神明達哉 wrote: > At Tue, 15 Jul 2008 22:54:11 +0200, > Thomas Vogt wrote: > >>>> Since i updated my FreeBSD 6.3 dns server with the latest bind >>>> version >>>> in the ports (dns/bind94) my system is flooding my log with "too many >>>> open file descriptors" messages. >>>> >>>> Is there something i can do? >>> How many sockets is named actually using while it makes this log >>> message? Try, e.g, >>> % sockstat | grep named | wc -l >> Not that many: >> sockstat | grep named | wc -l >> 996 > > Ah, it's actually quite a lot in this context:-) > > If that's regularly happening, I'm afraid recent P1 versions don't > handle that well, and recommend you try 9.4.3b2 ore 9.5.1b1. Or increase the number of file descriptors as a workaround, per my email :) Kris From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 21:18:41 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF712106567E; Tue, 15 Jul 2008 21:18:41 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from mon.jinmei.org (mon.jinmei.org [IPv6:2001:4f8:3:36::162]) by mx1.freebsd.org (Postfix) with ESMTP id A62A78FC1D; Tue, 15 Jul 2008 21:18:41 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from jmb.jinmei.org (unknown [IPv6:2001:4f8:3:bb:217:f2ff:fee0:a91f]) by mon.jinmei.org (Postfix) with ESMTP id 411A633C2E; Tue, 15 Jul 2008 14:18:41 -0700 (PDT) Date: Tue, 15 Jul 2008 14:18:41 -0700 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: Kris Kennaway In-Reply-To: <487D120A.6010001@FreeBSD.org> References: <487C9457.5080609@bsdunix.ch> <2A7CBD67-7532-4B13-82DD-A6EF5DEAA6BD@bsdunix.ch> <487D120A.6010001@FreeBSD.org> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/22.1 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: freebsd-net@freebsd.org, Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 21:18:41 -0000 At Tue, 15 Jul 2008 23:09:30 +0200, Kris Kennaway wrote: > > If that's regularly happening, I'm afraid recent P1 versions don't > > handle that well, and recommend you try 9.4.3b2 ore 9.5.1b1. > > Or increase the number of file descriptors as a workaround, per my email :) Does FreeBSD allow an application to increase FD_SETSIZE (at its compilation time)? I thought FD_SETSIZE defaults to 1024. Any 9.x.y-P1 versions can only open FD_SETSIZE sockets, regardless of the # FDs limit. Besides, I guess that the P1 versions severely suffer from heavy overhead of select(2) when it regularly opens more than 1000 sockets. Even if 'too many open file' messages are gone, many users won't accept the increased load due to the overhead. Beta versions use kqueue, eliminating the fundamental overhead as well as the (too low) limitation of # of descriptors. --- JINMEI, Tatuya Internet Systems Consortium, Inc. From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 21:20:13 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C63441065679; Tue, 15 Jul 2008 21:20:13 +0000 (UTC) (envelope-from robin@icir.org) Received: from fruitcake.ICSI.Berkeley.EDU (fruitcake.ICSI.Berkeley.EDU [192.150.186.11]) by mx1.freebsd.org (Postfix) with ESMTP id A9D318FC1B; Tue, 15 Jul 2008 21:20:13 +0000 (UTC) (envelope-from robin@icir.org) Received: from empire.ICSI.Berkeley.EDU (empire.ICSI.Berkeley.EDU [192.150.186.169]) by fruitcake.ICSI.Berkeley.EDU (8.12.11.20060614/8.12.11) with ESMTP id m6FLKDCb017358; Tue, 15 Jul 2008 14:20:13 -0700 (PDT) Received: by empire.ICSI.Berkeley.EDU (Postfix, from userid 502) id 55192E28809; Tue, 15 Jul 2008 14:20:13 -0700 (PDT) Date: Tue, 15 Jul 2008 14:20:13 -0700 From: Robin Sommer To: "Bruce M. Simpson" Message-ID: <20080715212013.GA91123@icir.org> References: <20080711202737.GB27418@icir.org> <487B5840.3000401@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <487B5840.3000401@FreeBSD.org> User-Agent: Mutt/1.5.17 (2007-11-01) Cc: freebsd-net@FreeBSD.org Subject: Re: BPF problems on FreeBSD 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 21:20:13 -0000 On Mon, Jul 14, 2008 at 14:44 +0100, Bruce M. Simpson wrote: > One place to start might be: netstat -B output in 7.x (I *think* this got > MFCed), this will let us see what the drop count is for the Bro process, > and what the flags are for the open BPF descriptors in the system. Thanks for the suggestion. Here's the netstat -B output at the time it has stalled (after about 6 hours of working normally): Pid Netif Flags Recv Drop Match Sblen Hblen Command 14557 nxge0 p--s--- 2162189525 32514465 42815457 4194248 4194258 bro Top shows: PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND 14557 bro 1 -58 0 272M 267M 5 25:53 0.00% bro A few minutes after starting the process, when Bro was still working fine, a netstat -B output was: # netstat -B Pid Netif Flags Recv Drop Match Sblen Hblen Command 14557 nxge0 p--s--- 4779235 0 94967 0 0 bro Thanks, Robin -- Robin Sommer * Phone +1 (510) 666-2886 * robin@icir.org ICSI/LBNL * Fax +1 (510) 666-2956 * www.icir.org From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 21:27:36 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 61CAF1065675 for ; Tue, 15 Jul 2008 21:27:36 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outS.internet-mail-service.net (outs.internet-mail-service.net [216.240.47.242]) by mx1.freebsd.org (Postfix) with ESMTP id 418AF8FC08 for ; Tue, 15 Jul 2008 21:27:36 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 2F8F9246D; Tue, 15 Jul 2008 14:27:36 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id B01872D600D; Tue, 15 Jul 2008 14:27:35 -0700 (PDT) Message-ID: <487D15C7.3040700@elischer.org> Date: Tue, 15 Jul 2008 14:25:27 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: Robin Sommer References: <20080711202737.GB27418@icir.org> <487B5840.3000401@FreeBSD.org> <20080715212013.GA91123@icir.org> In-Reply-To: <20080715212013.GA91123@icir.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@FreeBSD.org, "Bruce M. Simpson" Subject: Re: BPF problems on FreeBSD 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 21:27:36 -0000 Robin Sommer wrote: > On Mon, Jul 14, 2008 at 14:44 +0100, Bruce M. Simpson wrote: > >> One place to start might be: netstat -B output in 7.x (I *think* this got >> MFCed), this will let us see what the drop count is for the Bro process, >> and what the flags are for the open BPF descriptors in the system. > > Thanks for the suggestion. Here's the netstat -B output at the time > it has stalled (after about 6 hours of working normally): > > Pid Netif Flags Recv Drop Match Sblen Hblen Command > 14557 nxge0 p--s--- 2162189525 32514465 42815457 4194248 4194258 br the Recv number is JUST past 2^31. at your rate of receiving packets, it passed that value about 2 minutes before this snapshot was taken.. > > Top shows: > > PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND > 14557 bro 1 -58 0 272M 267M 5 25:53 0.00% bro > > > > A few minutes after starting the process, when Bro was still working > fine, a netstat -B output was: > > # netstat -B > Pid Netif Flags Recv Drop Match Sblen Hblen Command > 14557 nxge0 p--s--- 4779235 0 94967 0 0 bro > > Thanks, > > Robin > From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 21:28:21 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D18951065674 for ; Tue, 15 Jul 2008 21:28:21 +0000 (UTC) (envelope-from kris@FreeBSD.org) Received: from weak.local (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id EDE518FC27; Tue, 15 Jul 2008 21:28:20 +0000 (UTC) (envelope-from kris@FreeBSD.org) Message-ID: <487D1677.8010900@FreeBSD.org> Date: Tue, 15 Jul 2008 23:28:23 +0200 From: Kris Kennaway User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: =?UTF-8?B?SklOTUVJIFRhdHV5YSAvIOelnuaYjumBlOWTiQ==?= References: <487C9457.5080609@bsdunix.ch> <2A7CBD67-7532-4B13-82DD-A6EF5DEAA6BD@bsdunix.ch> <487D120A.6010001@FreeBSD.org> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-net@freebsd.org, Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 21:28:21 -0000 JINMEI Tatuya / 神明達哉 wrote: > At Tue, 15 Jul 2008 23:09:30 +0200, > Kris Kennaway wrote: > >>> If that's regularly happening, I'm afraid recent P1 versions don't >>> handle that well, and recommend you try 9.4.3b2 ore 9.5.1b1. >> Or increase the number of file descriptors as a workaround, per my email :) > > Does FreeBSD allow an application to increase FD_SETSIZE (at its > compilation time)? I thought FD_SETSIZE defaults to 1024. Any > 9.x.y-P1 versions can only open FD_SETSIZE sockets, regardless of the > # FDs limit. > > Besides, I guess that the P1 versions severely suffer from heavy > overhead of select(2) when it regularly opens more than 1000 sockets. > Even if 'too many open file' messages are gone, many users won't > accept the increased load due to the overhead. Beta versions use > kqueue, eliminating the fundamental overhead as well as the (too low) > limitation of # of descriptors. Ah yes, I hadnt thought about select limitations. Kris From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 21:51:21 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 997791065670; Tue, 15 Jul 2008 21:51:21 +0000 (UTC) (envelope-from robin@icir.org) Received: from fruitcake.ICSI.Berkeley.EDU (fruitcake.ICSI.Berkeley.EDU [192.150.186.11]) by mx1.freebsd.org (Postfix) with ESMTP id 757A18FC0C; Tue, 15 Jul 2008 21:51:21 +0000 (UTC) (envelope-from robin@icir.org) Received: from empire.ICSI.Berkeley.EDU (empire.ICSI.Berkeley.EDU [192.150.186.169]) by fruitcake.ICSI.Berkeley.EDU (8.12.11.20060614/8.12.11) with ESMTP id m6FLpK34022859; Tue, 15 Jul 2008 14:51:20 -0700 (PDT) Received: by empire.ICSI.Berkeley.EDU (Postfix, from userid 502) id D3473E29005; Tue, 15 Jul 2008 14:51:20 -0700 (PDT) Date: Tue, 15 Jul 2008 14:51:20 -0700 From: Robin Sommer To: Julian Elischer Message-ID: <20080715215120.GB92009@icir.org> References: <20080711202737.GB27418@icir.org> <487B5840.3000401@FreeBSD.org> <20080715212013.GA91123@icir.org> <487D15C7.3040700@elischer.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <487D15C7.3040700@elischer.org> User-Agent: Mutt/1.5.17 (2007-11-01) Cc: freebsd-net@FreeBSD.org, "Bruce M. Simpson" Subject: Re: BPF problems on FreeBSD 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 21:51:21 -0000 On Tue, Jul 15, 2008 at 14:25 -0700, you wrote: >> Thanks for the suggestion. Here's the netstat -B output at the time >> it has stalled (after about 6 hours of working normally): [...] > at your rate of receiving packets, it passed that value about > 2 minutes before this snapshot was taken.. Sorry, I wasn't precise: the process stalled after about 6 hours but the netstat output is actually from much later (the next day in fact, because it stalled latet a night) when it was still in that state. Robin -- Robin Sommer * Phone +1 (510) 666-2886 * robin@icir.org ICSI/LBNL * Fax +1 (510) 666-2956 * www.icir.org From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 22:12:32 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E3A47106567A; Tue, 15 Jul 2008 22:12:32 +0000 (UTC) (envelope-from bakul@bitblocks.com) Received: from mail.bitblocks.com (ns1.bitblocks.com [64.142.15.60]) by mx1.freebsd.org (Postfix) with ESMTP id B5F158FC15; Tue, 15 Jul 2008 22:12:32 +0000 (UTC) (envelope-from bakul@bitblocks.com) Received: from bitblocks.com (localhost.bitblocks.com [127.0.0.1]) by mail.bitblocks.com (Postfix) with ESMTP id E087C5B46; Tue, 15 Jul 2008 15:12:31 -0700 (PDT) To: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= In-reply-to: Your message of "Tue, 15 Jul 2008 14:18:41 PDT." Date: Tue, 15 Jul 2008 15:12:31 -0700 From: Bakul Shah Message-Id: <20080715221231.E087C5B46@mail.bitblocks.com> Cc: freebsd-net@freebsd.org, Kris Kennaway , Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 22:12:33 -0000 On Tue, 15 Jul 2008 14:18:41 PDT JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= wrote: > At Tue, 15 Jul 2008 23:09:30 +0200, > Kris Kennaway wrote: > > > > If that's regularly happening, I'm afraid recent P1 versions don't > > > handle that well, and recommend you try 9.4.3b2 ore 9.5.1b1. > > > > Or increase the number of file descriptors as a workaround, per my email :) > > Does FreeBSD allow an application to increase FD_SETSIZE (at its > compilation time)? I thought FD_SETSIZE defaults to 1024. Any > 9.x.y-P1 versions can only open FD_SETSIZE sockets, regardless of the > # FDs limit. $ cvs log /sys/kern/kern_generic.c ... revision 1.19 date: 1996/08/20 07:17:48; author: smpatel; state: Exp; lines: +43 -15 Remove the kernel FD_SETSIZE limit for select(). ... Unless things have changed, you can completely ignore FD_SETSIZE (& struct fd_set) and decide at runtime how many fds you want in a select read/write set (subject to the openfiles limit). Hmm... things have reverted back.... cvs blame -r1.71 /sys/kern/kern_generic.c # the earliest reversal I can find ... 1.71 (peter 07-Feb-01): * This is kinda bogus. We have fd limi ts, but that doesn't 1.71 (peter 07-Feb-01): * map too well to the size of the pfd[] array. Make sure 1.71 (peter 07-Feb-01): * we let the process use at least FD_SETSIZE entries. 1.71 (peter 07-Feb-01): * The specs say we only have to support OPEN_MAX entries (64). 1.71 (peter 07-Feb-01): */ 1.71 (peter 07-Feb-01): lim = min((int)p->p_rlimit[RLIMIT_NOFILE].rlim_cur, maxfilesperproc); 1.71 (peter 07-Feb-01): lim = min(lim, FD_SETSIZE); 1.71 (peter 07-Feb-01): if (nfds > lim) 1.71 (peter 07-Feb-01): return (EINVAL); Sigh.... This is a mistake. I don't see why a user is not allowed to select on all the fds he can open. The corresponding log indicates perhaps the author didn't know select used to work for # of fds > FD_SETSIZE. revision 1.71 date: 2001/02/07 23:28:01; author: peter; state: Exp; lines: +16 -8 The code I picked up from NetBSD in '97 had a nasty bug. It limited the index of the pollfd array to the number of fd's currently open, not the maximum number of fd's. ie: if you had 0,1,2 open, you could not use pollfd slots higher than 20. The specs say we only have to support OPEN_MAX [64] entries but we allow way more than that. > Besides, I guess that the P1 versions severely suffer from heavy > overhead of select(2) when it regularly opens more than 1000 sockets. > Even if 'too many open file' messages are gone, many users won't > accept the increased load due to the overhead. Beta versions use > kqueue, eliminating the fundamental overhead as well as the (too low) > limitation of # of descriptors. Or more portably you can use poll(2). From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 22:39:10 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 158361065670; Tue, 15 Jul 2008 22:39:10 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from mon.jinmei.org (mon.jinmei.org [IPv6:2001:4f8:3:36::162]) by mx1.freebsd.org (Postfix) with ESMTP id ED8898FC17; Tue, 15 Jul 2008 22:39:09 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from jmb.jinmei.org (unknown [IPv6:2001:4f8:3:bb:217:f2ff:fee0:a91f]) by mon.jinmei.org (Postfix) with ESMTP id B4E5E33C2E; Tue, 15 Jul 2008 15:39:09 -0700 (PDT) Date: Tue, 15 Jul 2008 15:39:09 -0700 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: Bakul Shah In-Reply-To: <20080715221231.E087C5B46@mail.bitblocks.com> References: <20080715221231.E087C5B46@mail.bitblocks.com> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/22.1 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: freebsd-net@freebsd.org, Kris Kennaway , Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 22:39:10 -0000 At Tue, 15 Jul 2008 15:12:31 -0700, Bakul Shah wrote: > > Besides, I guess that the P1 versions severely suffer from heavy > > overhead of select(2) when it regularly opens more than 1000 sockets. > > Even if 'too many open file' messages are gone, many users won't > > accept the increased load due to the overhead. Beta versions use > > kqueue, eliminating the fundamental overhead as well as the (too low) > > limitation of # of descriptors. > > Or more portably you can use poll(2). I've not played with poll(2) in BIND9, but as far as I understand it, it doesn't solve the fundamental overhead issue here. For example, the application should examine all possible descriptors even if only a few of them are readable. Anyway, since this is a FreeBSD specific list, I believe we can safely assume the existence of kqueue, unless we are talking about a very old version:-) --- JINMEI, Tatuya Internet Systems Consortium, Inc. From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 23:09:19 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 459A31065674; Tue, 15 Jul 2008 23:09:19 +0000 (UTC) (envelope-from bakul@bitblocks.com) Received: from mail.bitblocks.com (bitblocks.com [64.142.15.60]) by mx1.freebsd.org (Postfix) with ESMTP id 0BE058FC21; Tue, 15 Jul 2008 23:09:18 +0000 (UTC) (envelope-from bakul@bitblocks.com) Received: from bitblocks.com (localhost.bitblocks.com [127.0.0.1]) by mail.bitblocks.com (Postfix) with ESMTP id DAC3B5B46; Tue, 15 Jul 2008 16:09:17 -0700 (PDT) To: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= In-reply-to: Your message of "Tue, 15 Jul 2008 15:39:09 PDT." Date: Tue, 15 Jul 2008 16:09:17 -0700 From: Bakul Shah Message-Id: <20080715230917.DAC3B5B46@mail.bitblocks.com> Cc: freebsd-net@freebsd.org, Kris Kennaway , Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 23:09:19 -0000 On Tue, 15 Jul 2008 15:39:09 PDT JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= wrote: > At Tue, 15 Jul 2008 15:12:31 -0700, > Bakul Shah wrote: > > > > Besides, I guess that the P1 versions severely suffer from heavy > > > overhead of select(2) when it regularly opens more than 1000 sockets. > > > Even if 'too many open file' messages are gone, many users won't > > > accept the increased load due to the overhead. Beta versions use > > > kqueue, eliminating the fundamental overhead as well as the (too low) > > > limitation of # of descriptors. > > > > Or more portably you can use poll(2). > > I've not played with poll(2) in BIND9, but as far as I understand it, > it doesn't solve the fundamental overhead issue here. For example, > the application should examine all possible descriptors even if only a > few of them are readable. IIRC, when poll() returns n, you only look at the first n values in the pollfd array so it is a win when you expect a very small number of fds to be ready. In the select case you have to test the bit array until you see the last ready fd. > Anyway, since this is a FreeBSD specific list, I believe we can safely > assume the existence of kqueue, unless we are talking about a very old > version:-) Presumably kqueue has a lower cpu usage until the system gets loaded at which point polling might win. From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 23:19:15 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 713921065679 for ; Tue, 15 Jul 2008 23:19:15 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outO.internet-mail-service.net (outo.internet-mail-service.net [216.240.47.238]) by mx1.freebsd.org (Postfix) with ESMTP id 4AC008FC14 for ; Tue, 15 Jul 2008 23:19:15 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 29BB92481; Tue, 15 Jul 2008 16:19:15 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 7EED32D6028; Tue, 15 Jul 2008 16:19:14 -0700 (PDT) Message-ID: <487D2FF0.7000706@elischer.org> Date: Tue, 15 Jul 2008 16:17:04 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: Bakul Shah References: <20080715230917.DAC3B5B46@mail.bitblocks.com> In-Reply-To: <20080715230917.DAC3B5B46@mail.bitblocks.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Cc: =?windows-1252?Q?JINMEI_Tatuya_/_=3F=3F=3F=3F?= , Kris Kennaway , Thomas Vogt , freebsd-net@freebsd.org Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 23:19:15 -0000 Bakul Shah wrote: > On Tue, 15 Jul 2008 15:39:09 PDT JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= wrote: >> At Tue, 15 Jul 2008 15:12:31 -0700, >> Bakul Shah wrote: >> >>>> Besides, I guess that the P1 versions severely suffer from heavy >>>> overhead of select(2) when it regularly opens more than 1000 sockets. >>>> Even if 'too many open file' messages are gone, many users won't >>>> accept the increased load due to the overhead. Beta versions use >>>> kqueue, eliminating the fundamental overhead as well as the (too low) >>>> limitation of # of descriptors. >>> Or more portably you can use poll(2). >> I've not played with poll(2) in BIND9, but as far as I understand it, >> it doesn't solve the fundamental overhead issue here. For example, >> the application should examine all possible descriptors even if only a >> few of them are readable. > > IIRC, when poll() returns n, you only look at the first n > values in the pollfd array so it is a win when you expect a > very small number of fds to be ready. In the select case you > have to test the bit array until you see the last ready fd. > >> Anyway, since this is a FreeBSD specific list, I believe we can safely >> assume the existence of kqueue, unless we are talking about a very old >> version:-) > > Presumably kqueue has a lower cpu usage until the system gets > loaded at which point polling might win. I don't think so, since kqueue only runs code associated with events that have actually happened, and then only once until it's processed where las I looked poll had more to do on each call. also kqueue allows you to associate arbitrary identification informnation with each event so you don't have to have extra code to go from the fd to the event.. It's just way more efficient. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 23:37:01 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3F8EA1065676; Tue, 15 Jul 2008 23:37:01 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from mon.jinmei.org (mon.jinmei.org [IPv6:2001:4f8:3:36::162]) by mx1.freebsd.org (Postfix) with ESMTP id 21AF98FC15; Tue, 15 Jul 2008 23:37:00 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from jmb.jinmei.org (unknown [IPv6:2001:4f8:3:bb:217:f2ff:fee0:a91f]) by mon.jinmei.org (Postfix) with ESMTP id 44AAF33C2E; Tue, 15 Jul 2008 16:37:00 -0700 (PDT) Date: Tue, 15 Jul 2008 16:37:00 -0700 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: Bakul Shah In-Reply-To: <20080715230917.DAC3B5B46@mail.bitblocks.com> References: <20080715230917.DAC3B5B46@mail.bitblocks.com> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/22.1 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: freebsd-net@freebsd.org, Kris Kennaway , Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 23:37:01 -0000 At Tue, 15 Jul 2008 16:09:17 -0700, Bakul Shah wrote: > IIRC, when poll() returns n, you only look at the first n > values in the pollfd array so it is a win when you expect a > very small number of fds to be ready. In the select case you > have to test the bit array until you see the last ready fd. % uname -a FreeBSD opt1.jinmei.org 7.0-RC1 FreeBSD 7.0-RC1 #0: Fri Jan 25 15:17:04 PST 2008 root@opt1.jinmei.org:/usr/src/sys/amd64/compile/GENERIC_NOSMP amd64 (please ignore "RC1":-) % cat polltest.c (omitted here, see below) % cc -o polltest polltest.c % ./polltest poll returned: 1 999th socket is ready (fd=1002) Perhaps You're probably confused poll(2) with /dev/poll. The latter behaves as you described (but is not portable as poll(2)). --- JINMEI, Tatuya Internet Systems Consortium, Inc. out put of polltest.c #include #include #include #include #include #include #include main() { int i, n; struct pollfd pfds[1000]; struct sockaddr_in sin; socklen_t sin_len; char buf[16]; memset(pfds, 0, sizeof(pfds)); memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; sin.sin_len = sizeof(sin); inet_pton(AF_INET, "127.0.0.1", &sin.sin_addr); for (i = 0; i < 1000; i ++) { if ((pfds[i].fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) { perror("socket"); exit(1); } if (bind(pfds[i].fd, (struct sockaddr *)&sin, sizeof(sin)) < 0) { perror("bind"); exit(1); } pfds[i].events = POLLIN; } sin_len = sizeof(sin); if (getsockname(pfds[999].fd, (struct sockaddr *)&sin, &sin_len) < 0) { perror("getsockname"); exit(1); } if (sendto(pfds[999].fd, buf, sizeof(buf), 0, (struct sockaddr *)&sin, sizeof(sin)) < 0) { perror("sendto"); exit(1); } n = poll(pfds, 1000, -1); printf("poll returned: %d\n", n); for (i = 0; i < 1000; i++) { if ((pfds[i].revents & POLLIN) != 0) { printf("%dth socket is ready (fd=%d)\n", i, pfds[i].fd); } } exit(0); } From owner-freebsd-net@FreeBSD.ORG Tue Jul 15 23:43:15 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CC7B11065671 for ; Tue, 15 Jul 2008 23:43:15 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail10.syd.optusnet.com.au (mail10.syd.optusnet.com.au [211.29.132.191]) by mx1.freebsd.org (Postfix) with ESMTP id 531998FC13 for ; Tue, 15 Jul 2008 23:43:15 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from server.vk2pj.dyndns.org (c122-106-215-175.belrs3.nsw.optusnet.com.au [122.106.215.175]) by mail10.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m6FNgu5Z030687 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 16 Jul 2008 09:43:00 +1000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.2/8.14.2) with ESMTP id m6FNguHZ099160; Wed, 16 Jul 2008 09:42:56 +1000 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.2/8.14.2/Submit) id m6FNgsg5099159; Wed, 16 Jul 2008 09:42:54 +1000 (EST) (envelope-from peter) Date: Wed, 16 Jul 2008 09:42:54 +1000 From: Peter Jeremy To: Bakul Shah Message-ID: <20080715234254.GZ62764@server.vk2pj.dyndns.org> References: <20080715230917.DAC3B5B46@mail.bitblocks.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="FoibaoN3dya3u5fy" Content-Disposition: inline In-Reply-To: <20080715230917.DAC3B5B46@mail.bitblocks.com> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.18 (2008-05-17) Cc: "JINMEI Tatuya / ?$B?@L@C#:H" , Thomas Vogt , freebsd-net@freebsd.org Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2008 23:43:15 -0000 --FoibaoN3dya3u5fy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2008-Jul-15 16:09:17 -0700, Bakul Shah wrote: >IIRC, when poll() returns n, you only look at the first n >values in the pollfd array so it is a win when you expect a >very small number of fds to be ready. In the select case you >have to test the bit array until you see the last ready fd. No. Both poll(2) and select(2) return the number of FDs ready for I/O. You need to scan the pollfd or fd_set array until you find that many FDs ready. poll(2) is a win if you only need to test a small number of FDs compared to the number of FDs that the process has open. In the case of bind, you have a large number of FDs to test, of which you are only expecting a very small number to be ready - if you don't treat fd_set as opaque, select(2) allows you to quickly skip large (roughly wordsize) chunks of un-interesting FDs. Note that, based on sys_generic.c in 7.x and -CURRENT, poll(2) is limited to checking FD_SETSIZE descriptors, whilst select(2) has no upper limit. --=20 Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. --FoibaoN3dya3u5fy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkh9Nf4ACgkQ/opHv/APuIdj8QCcDoK8GqnIVYsXpwhO2Gb57jW1 0dEAnjPKIwfegANc3GRD19L3wMJfWfEp =AhqU -----END PGP SIGNATURE----- --FoibaoN3dya3u5fy-- From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 03:40:48 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CD78F1065672 for ; Wed, 16 Jul 2008 03:40:48 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143]) by mx1.freebsd.org (Postfix) with ESMTP id D21018FC13 for ; Wed, 16 Jul 2008 03:40:46 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (smithi@localhost) by gaia.nimnet.asn.au (8.8.8/8.8.8R1.5) with SMTP id NAA07865; Wed, 16 Jul 2008 13:40:44 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Wed, 16 Jul 2008 13:40:43 +1000 (EST) From: Ian Smith To: Kris Kennaway In-Reply-To: <487CA29F.6080500@FreeBSD.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: freebsd-net@freebsd.org, Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 03:40:48 -0000 On Tue, 15 Jul 2008, Kris Kennaway wrote: > Thomas Vogt wrote: > > Hello > > > > Since i updated my FreeBSD 6.3 dns server with the latest bind version > > in the ports (dns/bind94) my system is flooding my log with "too many > > open file descriptors" messages. > > > > Is there something i can do? > > > > Example: > > Jul 15 12:08:38 intern named[50840]: socket: too many open file descriptors > > Jul 15 12:09:05 intern last message repeated 68 times > > Is this a busy name server handling thousands of queries per second? > > If so, the solution, perhaps not surprisingly, is to increase the number > of file descriptors :) > > kern.maxfiles: 12328 > kern.maxfilesperproc: 11095 Can you disclose the magic incantation for those particular numbers? cheers, Ian From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 06:10:49 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3A9971065686 for ; Wed, 16 Jul 2008 06:10:49 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id 2AFE18FC0C for ; Wed, 16 Jul 2008 06:10:49 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1192) id 3C4501A4D83; Tue, 15 Jul 2008 22:53:22 -0700 (PDT) Date: Tue, 15 Jul 2008 22:53:22 -0700 From: Alfred Perlstein To: Peter Jeremy Message-ID: <20080716055322.GQ95574@elvis.mu.org> References: <20080715230917.DAC3B5B46@mail.bitblocks.com> <20080715234254.GZ62764@server.vk2pj.dyndns.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080715234254.GZ62764@server.vk2pj.dyndns.org> User-Agent: Mutt/1.4.2.3i Cc: Bakul Shah , "JINMEI Tatuya / ?$B?@L@C#:H" , freebsd-net@freebsd.org, Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 06:10:49 -0000 FWIW, the userland scan of the files is not nearly as bad as what happens in the kernel when hundreds or thousands of objects are accessed that blow out the cache, oh and the locking that occurs as well. * Peter Jeremy [080715 16:43] wrote: > On 2008-Jul-15 16:09:17 -0700, Bakul Shah wrote: > >IIRC, when poll() returns n, you only look at the first n > >values in the pollfd array so it is a win when you expect a > >very small number of fds to be ready. In the select case you > >have to test the bit array until you see the last ready fd. > > No. Both poll(2) and select(2) return the number of FDs ready for > I/O. You need to scan the pollfd or fd_set array until you find that > many FDs ready. > > poll(2) is a win if you only need to test a small number of FDs > compared to the number of FDs that the process has open. In the case > of bind, you have a large number of FDs to test, of which you are > only expecting a very small number to be ready - if you don't > treat fd_set as opaque, select(2) allows you to quickly skip large > (roughly wordsize) chunks of un-interesting FDs. > > Note that, based on sys_generic.c in 7.x and -CURRENT, poll(2) is > limited to checking FD_SETSIZE descriptors, whilst select(2) has > no upper limit. > > -- > Peter Jeremy > Please excuse any delays as the result of my ISP's inability to implement > an MTA that is either RFC2821-compliant or matches their claimed behaviour. -- - Alfred Perlstein From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 07:19:26 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 308A91065682; Wed, 16 Jul 2008 07:19:26 +0000 (UTC) (envelope-from bakul@bitblocks.com) Received: from mail.bitblocks.com (mail.bitblocks.com [64.142.15.60]) by mx1.freebsd.org (Postfix) with ESMTP id 179448FC15; Wed, 16 Jul 2008 07:19:25 +0000 (UTC) (envelope-from bakul@bitblocks.com) Received: from bitblocks.com (localhost.bitblocks.com [127.0.0.1]) by mail.bitblocks.com (Postfix) with ESMTP id 2F8145B4D; Wed, 16 Jul 2008 00:19:25 -0700 (PDT) To: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= In-reply-to: Your message of "Tue, 15 Jul 2008 16:37:00 PDT." Date: Wed, 16 Jul 2008 00:19:25 -0700 From: Bakul Shah Message-Id: <20080716071925.2F8145B4D@mail.bitblocks.com> Cc: freebsd-net@freebsd.org, Kris Kennaway , Thomas Vogt Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 07:19:26 -0000 On Tue, 15 Jul 2008 16:37:00 PDT JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= wrote: > > Perhaps You're probably confused poll(2) with /dev/poll. The latter > behaves as you described (but is not portable as poll(2)). Indeed I am confused. Not sure where I got that idea. On Tue, 15 Jul 2008 16:17:04 PDT Julian Elischer wrote: > Bakul Shah wrote: > > ... > > Presumably kqueue has a lower cpu usage until the system gets > > loaded at which point polling might win. > > I don't think so, since kqueue only runs code associated with events > that have actually happened, and then only once until it's processed > where las I looked poll had more to do on each call. Yes. poll/select overhead of scanning the entire list is incurred on each system call + the kernel overhead (as Alfred pointed out later). On Wed, 16 Jul 2008 09:42:54 +1000 Peter Jeremy wrote: > Note that, based on sys_generic.c in 7.x and -CURRENT, poll(2) is > limited to checking FD_SETSIZE descriptors, whilst select(2) has > no upper limit. I strike out here as well. I should've read the code much more carefully or tested select() before opening my mouth. All in all it was not a good idea to post anything. My apologies for wasting everyone's time. And thanks all for correcting me without any flaming! From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 08:08:56 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2FD821065701 for ; Wed, 16 Jul 2008 08:08:56 +0000 (UTC) (envelope-from eitans@mellanox.co.il) Received: from mellanox.co.il (mail.mellanox.co.il [194.90.237.43]) by mx1.freebsd.org (Postfix) with ESMTP id 69ACD8FC17 for ; Wed, 16 Jul 2008 08:08:55 +0000 (UTC) (envelope-from eitans@mellanox.co.il) Received: from Internal Mail-Server by MTLPINE1 (envelope-from eitans@mellanox.co.il) with SMTP; 16 Jul 2008 10:42:13 +0300 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Wed, 16 Jul 2008 10:41:57 +0300 Message-ID: <5D49E7A8952DC44FB38C38FA0D758EAD196E6F@mtlexch01.mtl.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: "ping" with packets larger then 25152 bytes fails. Thread-Index: AcjnF2yGMnBeiWj5STGUn4SErf7kgA== From: "Eitan Shefi" To: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Eitan Shefi Subject: "ping" with packets larger then 25152 bytes fails. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 08:08:56 -0000 When I run "ping" between 2 identical FreeBSD hosts, with packets larger then 25152 bytes, "ping" fails. =20 Does someone has an idea what might cause this failure ? =20 Thanks, Eitan =20 From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 11:55:53 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F0D4E106564A for ; Wed, 16 Jul 2008 11:55:53 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail18.syd.optusnet.com.au (mail18.syd.optusnet.com.au [211.29.132.199]) by mx1.freebsd.org (Postfix) with ESMTP id 8B0398FC16 for ; Wed, 16 Jul 2008 11:55:53 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from server.vk2pj.dyndns.org (c122-106-215-175.belrs3.nsw.optusnet.com.au [122.106.215.175]) by mail18.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m6GBtodW003560 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 16 Jul 2008 21:55:51 +1000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.2/8.14.2) with ESMTP id m6GBtnbl044038; Wed, 16 Jul 2008 21:55:49 +1000 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.2/8.14.2/Submit) id m6GBtnT0044037; Wed, 16 Jul 2008 21:55:49 +1000 (EST) (envelope-from peter) Date: Wed, 16 Jul 2008 21:55:49 +1000 From: Peter Jeremy To: Eitan Shefi Message-ID: <20080716115548.GJ62764@server.vk2pj.dyndns.org> References: <5D49E7A8952DC44FB38C38FA0D758EAD196E6F@mtlexch01.mtl.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="CpBQqYjq/d0HQTAP" Content-Disposition: inline In-Reply-To: <5D49E7A8952DC44FB38C38FA0D758EAD196E6F@mtlexch01.mtl.com> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.18 (2008-05-17) Cc: freebsd-net@freebsd.org Subject: Re: "ping" with packets larger then 25152 bytes fails. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 11:55:54 -0000 --CpBQqYjq/d0HQTAP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2008-Jul-16 10:41:57 +0300, Eitan Shefi wrote: >When I run "ping" between 2 identical FreeBSD hosts, with packets larger >then 25152 bytes, "ping" fails. Intriguing. =20 >Does someone has an idea what might cause this failure ? No, but a few more datapoints: - it only affects real network connections - localhost is unaffected - The problem also occurs when pinging FreeBSD 7.x from linux but not when the same linux system pings a Winbloze box. - Pinging either linux or winbloze from FreeBSD 7.x fails. --=20 Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. --CpBQqYjq/d0HQTAP Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkh94cQACgkQ/opHv/APuIeuwACdG5508jNBAgINmXxgI9bG5ZmS F4kAn36jRss0DvTBpgcZMQs7xQ5Y4c7O =YjEY -----END PGP SIGNATURE----- --CpBQqYjq/d0HQTAP-- From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 15:23:54 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 745B01065673; Wed, 16 Jul 2008 15:23:54 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from proxy.meer.net (proxy.meer.net [64.13.141.13]) by mx1.freebsd.org (Postfix) with ESMTP id 552348FC12; Wed, 16 Jul 2008 15:23:54 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [64.13.141.3]) by proxy.meer.net (8.14.2/8.14.2) with ESMTP id m6GFNr5B021598; Wed, 16 Jul 2008 08:23:53 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from mail2.meer.net (mail2.meer.net [64.13.141.16]) by mail.meer.net (8.13.3/8.13.3/meer) with ESMTP id m6GFMWHW071576; Wed, 16 Jul 2008 08:22:32 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (209.249.190.254.available.above.net [209.249.190.254] (may be forged)) (authenticated bits=0) by mail2.meer.net (8.14.1/8.14.1) with ESMTP id m6GFMVPr049650; Wed, 16 Jul 2008 08:22:31 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Wed, 16 Jul 2008 11:22:30 -0400 Message-ID: From: gnn@freebsd.org To: "Jack Vogel" In-Reply-To: <2a41acea0807151035w291269abt4ed99989ae45cc8b@mail.gmail.com> References: <2a41acea0807141453s7235d894i31a744a0f673fcc0@mail.gmail.com> <2a41acea0807151007q29a783c4r2ae63c5a631952ba@mail.gmail.com> <2a41acea0807151035w291269abt4ed99989ae45cc8b@mail.gmail.com> User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.7 Emacs/22.1.50 (i386-apple-darwin8.11.1) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-Canit-CHI2: 0.50 X-Bayes-Prob: 0.5 (Score 0, tokens from: ) X-Spam-Score: 0.10 () [Tag at 5.00] COMBINED_FROM X-CanItPRO-Stream: default X-Canit-Stats-ID: 965709 - e8e27001439b X-Scanned-By: CanIt (www . roaringpenguin . com) on 64.13.141.13 Cc: stable@freebsd.org, net@freebsd.org Subject: Re: igb doesn't compile in STABLE? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 15:23:54 -0000 At Tue, 15 Jul 2008 10:35:57 -0700, Jack Vogel wrote: > > OK, will put on my todo list :) > Thanks. A kernel built that way (i.e. with igb and em) does actually work, which is good, but if you're going to split them up we should get this right before 7.1. Best, George From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 16:50:37 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1BAE410656A0 for ; Wed, 16 Jul 2008 16:50:37 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id C901F8FC2A for ; Wed, 16 Jul 2008 16:50:36 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1KJAD0-0001Tm-ES for freebsd-net@freebsd.org; Wed, 16 Jul 2008 16:50:30 +0000 Received: from mulderlab.f5.com ([205.229.151.151]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 16 Jul 2008 16:50:30 +0000 Received: from atkin901 by mulderlab.f5.com with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 16 Jul 2008 16:50:30 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Mark Atkinson Date: Wed, 16 Jul 2008 09:50:22 -0700 Lines: 13 Message-ID: References: <5D49E7A8952DC44FB38C38FA0D758EAD196E6F@mtlexch01.mtl.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7Bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: mulderlab.f5.com User-Agent: KNode/0.10.5 Sender: news Subject: Re: "ping" with packets larger then 25152 bytes fails. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 16:50:37 -0000 Eitan Shefi wrote: > When I run "ping" between 2 identical FreeBSD hosts, with packets larger > then 25152 bytes, "ping" fails. > > Does someone has an idea what might cause this failure ?[ My first guess is you're probably hitting the fragment limit for maximum fragments per packet. Which is like 16/packet by default. -- Mark Atkinson atkin901@yahoo.com (!wired)?(coffee++):(wired); From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 17:34:35 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BC6461065674 for ; Wed, 16 Jul 2008 17:34:35 +0000 (UTC) (envelope-from davidch@broadcom.com) Received: from mms1.broadcom.com (mms1.broadcom.com [216.31.210.17]) by mx1.freebsd.org (Postfix) with ESMTP id 860378FC0C for ; Wed, 16 Jul 2008 17:34:35 +0000 (UTC) (envelope-from davidch@broadcom.com) Received: from [10.11.16.99] by mms1.broadcom.com with ESMTP (Broadcom SMTP Relay (Email Firewall v6.3.2)); Wed, 16 Jul 2008 10:34:25 -0700 X-Server-Uuid: 02CED230-5797-4B57-9875-D5D2FEE4708A Received: by mail-irva-10.broadcom.com (Postfix, from userid 47) id 113072B1; Wed, 16 Jul 2008 10:34:25 -0700 (PDT) Received: from mail-irva-8.broadcom.com (mail-irva-8 [10.11.18.52]) by mail-irva-10.broadcom.com (Postfix) with ESMTP id F25432B0 for ; Wed, 16 Jul 2008 10:34:24 -0700 (PDT) Received: from mail-irva-13.broadcom.com (mail-irva-13.broadcom.com [10.11.16.103]) by mail-irva-8.broadcom.com (MOS 3.7.5a-GA) with ESMTP id GZX93239; Wed, 16 Jul 2008 10:34:24 -0700 (PDT) Received: from NT-IRVA-0751.brcm.ad.broadcom.com (nt-irva-0751 [10.8.194.65]) by mail-irva-13.broadcom.com (Postfix) with ESMTP id C192574CFE for ; Wed, 16 Jul 2008 10:34:24 -0700 (PDT) Received: from IRVEXCHHUB01.corp.ad.broadcom.com ([10.9.200.131]) by NT-IRVA-0751.brcm.ad.broadcom.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 16 Jul 2008 10:34:24 -0700 Received: from IRVEXCHCCR01.corp.ad.broadcom.com ([10.252.49.30]) by IRVEXCHHUB01.corp.ad.broadcom.com ([10.9.200.131]) with mapi; Wed, 16 Jul 2008 10:34:24 -0700 From: "David Christensen" To: "freebsd-net@freebsd.org" Date: Wed, 16 Jul 2008 10:35:13 -0700 Thread-Topic: Enabling MSI-X on -CURRENT for New Network Driver Thread-Index: AcjnakrJ6d8VEBUpSmyKmnlDSl7HyQ== Message-ID: <5D267A3F22FD854F8F48B3D2B52381932677F1A0C3@IRVEXCHCCR01.corp.ad.broadcom.com> Accept-Language: en-US Content-Language: en-US acceptlanguage: en-US MIME-Version: 1.0 X-OriginalArrivalTime: 16 Jul 2008 17:34:24.0687 (UTC) FILETIME=[3088A3F0:01C8E76A] X-WSS-ID: 6460EEAB4E084755343-01-01 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: Enabling MSI-X on -CURRENT for New Network Driver X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 17:34:35 -0000 I'm working on adding MSI-X support for a new network driver and having some difficulty in actually getting an interrupt. Does this look right? /* Select and configure the IRQ. */ sc->bxe_msix_count =3D pci_msix_count(dev); rid =3D 1; /* Try allocating MSI-X interrupts. */ if ((sc->bxe_cap_flags & BXE_MSIX_CAPABLE_FLAG) && (bxe_msi_enable >=3D 2) && (sc->bxe_msix_count > 0)) { int msix_needed =3D sc->bxe_msix_count; if (pci_alloc_msix(dev, &sc->bxe_msix_count) =3D=3D 0) { if (sc->bxe_msix_count =3D=3D msix_needed) { DBPRINT(sc, BXE_INFO_LOAD, "%s(): Using %d = MSI-X " "vector(s).\n", __FUNCTION__, sc->b= xe_msix_count); sc->bxe_flags |=3D BXE_USING_MSIX_FLAG; } else { pci_release_msi(dev); sc->bxe_flags &=3D ~BXE_USING_MSIX_FLAG; sc->bxe_msix_count =3D 0; } } } /* Try allocating MSI interrupts if we didn't get MSI-X. */ ... /* Try legacy interrupt. */ ... /* Allocate the interrupt and report any errors. */ sc->bxe_res_irq =3D bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid, RF_ACTIVE); /* Report any IRQ allocation errors. */ if (sc->bxe_res_irq =3D=3D NULL) { BXE_PRINTF("%s(%d): PCI map interrupt failed!\n", __FILE__, __LINE__); rc =3D ENXIO; goto bxe_attach_fail; } sc->bxe_irq_rid =3D rid; sc->bxe_intr =3D bxe_intr; The allocation doesn't fail and I usually see an IRQ allocated to the driver using "vmstat -i" (though not always): =3D=3D=3D[root] /usr/src/sys/modules/bxe # vmstat -i interrupt total rate irq1: atkbd0 1 0 irq4: sio0 46432 6 irq6: fdc0 10 0 irq14: ata0 58 0 irq17: atapci1 42684 5 cpu0: timer 15331063 1999 irq256: em0 917 0 cpu3: timer 15330811 1999 cpu1: timer 15330808 1999 cpu2: timer 15330811 1999 cpu5: timer 15330811 1999 cpu6: timer 15330810 1999 cpu4: timer 15330806 1999 cpu7: timer 15330811 1999 irq258: bxe0 2 0 Total 122736835 16010 But my interrupt handler doesn't seem to be called. The goal is to get a single interrupt working first, multiple queue support comes next. Any ideas? Dave From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 20:04:41 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 338B2106566C for ; Wed, 16 Jul 2008 20:04:41 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63912.mail.re1.yahoo.com (web63912.mail.re1.yahoo.com [69.147.97.127]) by mx1.freebsd.org (Postfix) with SMTP id B69678FC1C for ; Wed, 16 Jul 2008 20:04:40 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 41640 invoked by uid 60001); 16 Jul 2008 19:37:59 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Message-ID; b=RISdyzLXkq1sKmcAxC3mTKPL6WZ5lV1t1tExQgBovd7iMNsC7FQ2OXybSDpXNPY3fqUbwYABgkHucHSV2NcitZR4BW/lkRpe1ZHYJViXuuQ8MDzqyyzGexao7gsaLbk7YMS9VnvU7zW6Sv1S4Lf9EA46wg1bCdMfleoDKCyRWSc=; Received: from [98.203.28.38] by web63912.mail.re1.yahoo.com via HTTP; Wed, 16 Jul 2008 12:37:59 PDT X-Mailer: YahooMailWebService/0.7.218 Date: Wed, 16 Jul 2008 12:37:59 -0700 (PDT) From: Barney Cordoba To: Peter Jeremy In-Reply-To: <20080716115548.GJ62764@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-ID: <813740.41559.qm@web63912.mail.re1.yahoo.com> Cc: net@freebsd.org Subject: Re: "ping" with packets larger then 25152 bytes fails. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: barney_cordoba@yahoo.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 20:04:41 -0000 --- On Wed, 7/16/08, Peter Jeremy wrote: > From: Peter Jeremy > Subject: Re: "ping" with packets larger then 25152 bytes fails. > To: "Eitan Shefi" > Cc: freebsd-net@freebsd.org > Date: Wednesday, July 16, 2008, 7:55 AM > On 2008-Jul-16 10:41:57 +0300, Eitan Shefi > wrote: > >When I run "ping" between 2 identical FreeBSD > hosts, with packets larger > >then 25152 bytes, "ping" fails. > > Intriguing. > > >Does someone has an idea what might cause this failure > ? > > No, but a few more datapoints: > - it only affects real network connections - localhost is > unaffected > - The problem also occurs when pinging FreeBSD 7.x from > linux but not > when the same linux system pings a Winbloze box. > - Pinging either linux or winbloze from FreeBSD 7.x fails. > > -- > Peter Jeremy > Please excuse any delays as the result of my ISP's > inability to implement > an MTA that is either RFC2821-compliant or matches their > claimed behaviour. Isn't this sort of like going to your auto dealer and complaining that you get vibration at 240mph? From owner-freebsd-net@FreeBSD.ORG Wed Jul 16 21:35:31 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0A9B7106564A for ; Wed, 16 Jul 2008 21:35:31 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail36.syd.optusnet.com.au (mail36.syd.optusnet.com.au [211.29.133.76]) by mx1.freebsd.org (Postfix) with ESMTP id 0B94C8FC1B for ; Wed, 16 Jul 2008 21:35:29 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from server.vk2pj.dyndns.org (c122-106-215-175.belrs3.nsw.optusnet.com.au [122.106.215.175]) by mail36.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m6GLIG19012559 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 17 Jul 2008 07:18:16 +1000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.2/8.14.2) with ESMTP id m6GLIFpU048851; Thu, 17 Jul 2008 07:18:15 +1000 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.2/8.14.2/Submit) id m6GLIFB8048850; Thu, 17 Jul 2008 07:18:15 +1000 (EST) (envelope-from peter) Date: Thu, 17 Jul 2008 07:18:15 +1000 From: Peter Jeremy To: Barney Cordoba Message-ID: <20080716211815.GW62764@server.vk2pj.dyndns.org> References: <20080716115548.GJ62764@server.vk2pj.dyndns.org> <813740.41559.qm@web63912.mail.re1.yahoo.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="8D1TCnBmjJJF2KCx" Content-Disposition: inline In-Reply-To: <813740.41559.qm@web63912.mail.re1.yahoo.com> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.18 (2008-05-17) Cc: Eitan Shefi , net@freebsd.org Subject: Re: "ping" with packets larger then 25152 bytes fails. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2008 21:35:31 -0000 --8D1TCnBmjJJF2KCx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2008-Jul-16 12:37:59 -0700, Barney Cordoba wr= ote: >> >When I run "ping" between 2 identical FreeBSD hosts, with packets larger >> >then 25152 bytes, "ping" fails. =2E.. >Isn't this sort of like going to your auto dealer and complaining that you= get vibration at 240mph? I don't think so. There are no specific limits on the size of ICMP ECHO REQUEST or ICMP ECHO REPLY packets, therefore the only limit should be the IP packet limit (64KB). It does work with other IP stacks and with the loopback interface on FreeBSD. Poking around a bit more, the culprit looks like net.inet.ip.maxfragsperpacket - which is set to 16 by default. --=20 Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. --8D1TCnBmjJJF2KCx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkh+ZZcACgkQ/opHv/APuIeI/gCguOSfaGz2jga6wpiC7fdeCiJA Gd4An2WU3TX01gHp6m38+/+io5dALjFw =3YIb -----END PGP SIGNATURE----- --8D1TCnBmjJJF2KCx-- From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 02:38:15 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CD925106564A for ; Thu, 17 Jul 2008 02:38:15 +0000 (UTC) (envelope-from linxiaosong@keynet.com.cn) Received: from mail.keynet.com.cn (keynet.com.cn [218.78.217.105]) by mx1.freebsd.org (Postfix) with ESMTP id 380C98FC12 for ; Thu, 17 Jul 2008 02:38:15 +0000 (UTC) (envelope-from linxiaosong@keynet.com.cn) Received: from localhost (localhost [127.0.0.1]) by mail.keynet.com.cn (Postfix) with SMTP id D396B313 for ; Thu, 17 Jul 2008 10:22:10 +0800 (CST) Received: from r00t.keynet.com.cn (cybertro-9c2753.keynet.com.cn [172.18.30.198]) by mail.keynet.com.cn (Postfix) with ESMTPSA id 4F0EB311 for ; Thu, 17 Jul 2008 10:21:57 +0800 (CST) Message-ID: <487EACC5.1060109@keynet.com.cn> Date: Thu, 17 Jul 2008 10:21:57 +0800 From: Wasily Lin User-Agent: Thunderbird 2.0.0.9 (X11/20080213) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DSPAM-Result: Innocent X-DSPAM-Processed: Thu Jul 17 10:22:10 2008 X-DSPAM-Confidence: 1.0000 X-DSPAM-Probability: 0.0023 X-DSPAM-Signature: 487eacd27993450375810 X-DSPAM-Factors: 27, What's, 0.40000, but, 0.40000, but, 0.40000, operator+set, 0.40000, 47, 0.40000, user+user, 0.40000, 5+1, 0.40000, fine+for, 0.40000, 1(0), 0.40000, 1(0), 0.40000, incoming+radius, 0.40000, 4700375, 0.40000, 4700375, 0.40000, 09+44, 0.40000, 09+44, 0.40000, netflow+in, 0.40000, , 0.40000, 1+xxxxxxxx, 0.40000, 10, 0.40000, 10, 0.40000, 0xffffffff+PPPoE, 0.40000 Subject: mpd5.1 MTU problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 02:38:15 -0000 Hello, I set up a PPPoE server on FreeBSD 7.0(amd64) with mpd 5.1 and it works fine for all clients except for my FreeBSD 7.0(i386) Notebook. Connecting has no problem and I get ip but all website can not be access even on PPPoE server itself(Apache installed), so can not ftp site. I've used mpd 5.1_1 and pppoe(built-in) as pppoe client but the problem was same - can not access http/ftp..., only icmp works. I think the problem is MTU then changed that but no effects. Now my configuration: PPPoE Server: startup: set netflow peer 127.0.0.1 1813 set user admin xxxxx admin set user operator xxxxx operator set user user xxxxx user set console open default: load pppoe_server pppoe_server: create bundle template B set ippool add pool 10.0.0.100 10.0.0.200 set iface enable netflow-in set iface enable netflow-out set iface enable ipacct set iface enable proxy-arp set iface mtu 1460 <-----------------------! set ipcp ranges 10.0.0.1/32 ippool pool set ipcp dns 172.18.30.125 create link template common pppoe set link enable pap set link disable chap set link enable multilink set link action bundle B load radius create link template em0 common set link max-children 1000 set pppoe iface em0 set link enable incoming radius: set radius server 127.0.0.1 xxxxxxxx 1812 1813 set radius retries 3 set radius timeout 3 set radius me 127.0.0.1 set auth max-logins 1 set auth acct-update 300 set auth enable radius-auth set auth enable radius-acct set radius enable message-authentic PPPoE client: startup: set user admin xxxxx admin set console open default: load pppoe_client pppoe_client: create bundle static B1 set iface route default set ipcp ranges 0.0.0.0/0 0.0.0.0/0 create link static L1 pppoe set link action bundle B1 set auth authname xxxxxx set auth password xxxxxx set link max-redial 0 set link keep-alive 10 60 set pppoe iface em0 set pppoe service "" open After connected: PPPoE server: ng15: flags=88d1 metric 0 mtu 1460 inet 10.0.0.1 --> 10.0.0.115 netmask 0xffffffff PPPoE client: ng0: flags=88d1 metric 0 mtu 1460 inet 10.0.0.115 --> 10.0.0.1 netmask 0xffffffff tcpdump output: PPPoE server: pppoe# tcpdump -i ng15 -ln host 10.0.0.1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ng15, link-type NULL (BSD loopback), capture size 96 bytes 10:08:44.469993 IP 10.0.0.115.60331 > 10.0.0.1.80: S 2092758811:2092758811(0) win 65535 10:08:44.470056 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:08:47.469997 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:08:53.469978 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:09:05.469918 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:09:44.972709 IP 10.0.0.115.60331 > 10.0.0.1.80: F 1:1(0) ack 1 win 8272 10:09:44.972744 IP 10.0.0.1.80 > 10.0.0.115.60331: R 687014729:687014729(0) win 0 PPPoE client: r00t# tcpdump -i ng0 -ln host 10.0.0.1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ng0, link-type NULL (BSD loopback), capture size 96 bytes 10:12:06.792399 IP 10.0.0.115.60331 > 10.0.0.1.80: S 2092758811:2092758811(0) win 65535 10:12:06.793151 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:12:06.793178 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 10:12:09.793385 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:12:09.793414 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 10:12:15.793331 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:12:15.793358 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 10:12:27.793227 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:12:27.793255 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 10:13:07.294273 IP 10.0.0.115.60331 > 10.0.0.1.80: F 1:1(0) ack 1 win 8272 10:13:07.295358 IP 10.0.0.1.80 > 10.0.0.115.60331: R 687014729:687014729(0) win 0 As you can see, tcp/ack from client can not go through but tcp/syn, tcp/fin are fine. What's the reason? I've used the same client to connect to ISP's ADSL and work fine so what I am sure is the server refused my tcp/ack. But why? Thanks all. BSD4LZX !DSPAM:487eacd27993450375810! From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 03:15:33 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 80A5A1065693 for ; Thu, 17 Jul 2008 03:15:33 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from mail08.syd.optusnet.com.au (mail08.syd.optusnet.com.au [211.29.132.189]) by mx1.freebsd.org (Postfix) with ESMTP id 00E398FC0C for ; Thu, 17 Jul 2008 03:15:32 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from besplex.bde.org (c220-239-252-11.carlnfd3.nsw.optusnet.com.au [220.239.252.11]) by mail08.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m6H3FPCl003149 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 17 Jul 2008 13:15:26 +1000 Date: Thu, 17 Jul 2008 13:15:24 +1000 (EST) From: Bruce Evans X-X-Sender: bde@besplex.bde.org To: David Christensen In-Reply-To: <5D267A3F22FD854F8F48B3D2B52381932677F1A0C3@IRVEXCHCCR01.corp.ad.broadcom.com> Message-ID: <20080717131000.K2693@besplex.bde.org> References: <5D267A3F22FD854F8F48B3D2B52381932677F1A0C3@IRVEXCHCCR01.corp.ad.broadcom.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: "freebsd-net@freebsd.org" Subject: Re: Enabling MSI-X on -CURRENT for New Network Driver X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 03:15:33 -0000 On Wed, 16 Jul 2008, David Christensen wrote: > I'm working on adding MSI-X support for a new network driver > and having some difficulty in actually getting an interrupt. > Does this look right? I don't know, but on FreeBSD cluster machines running RELENG_8 bce generates too many interrupts -- approx. 46000/second to deliver approx. 2 packets/second. bce works normally on FreeBSD cluster machines running RELENG_7 and earlier (2 interrupts/second to deliver systat -v output). Bruce From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 03:47:07 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5C9471065670 for ; Thu, 17 Jul 2008 03:47:07 +0000 (UTC) (envelope-from sepherosa@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.242]) by mx1.freebsd.org (Postfix) with ESMTP id 100338FC1C for ; Thu, 17 Jul 2008 03:47:06 +0000 (UTC) (envelope-from sepherosa@gmail.com) Received: by an-out-0708.google.com with SMTP id b33so135926ana.13 for ; Wed, 16 Jul 2008 20:47:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=CtdQEN1f8Cmbr3iy6AIgAB40Lrs7z7Xr3hAXnzZUldQ=; b=vo5ThikVye2pzCe9FFzrDC21G51g8qrzLJFZaKURTgS7W33X2dq7R5rm9j/vcxSDzD PTHKxRRFZl3lU7s3pU6kAvGkDHht+fL67Gi6sqzG4204MiEncVBrencNoEgmhbe6x9bT 8iy12+0R+oStxVzPOP0AB5zXH4LyH1OnCw4Lg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=IF62SSvWKYwwYTBRiq8zl953Q71vIWMfNfqWXcBT/5q4SvvPvrPeeEH89jAFC47W1A E0jenOhxLuYGX8860JVVB5wSbShoNy1sMh8eUA3c7gro5qeFG9yl4iqmscwcYLyR9HJK kb8KAwsocSkzlXs5pIq+7hBjd4LotdrE/eiys= Received: by 10.100.126.19 with SMTP id y19mr3394471anc.106.1216266426158; Wed, 16 Jul 2008 20:47:06 -0700 (PDT) Received: by 10.100.107.6 with HTTP; Wed, 16 Jul 2008 20:47:06 -0700 (PDT) Message-ID: Date: Thu, 17 Jul 2008 11:47:06 +0800 From: "Sepherosa Ziehau" To: "Bruce Evans" In-Reply-To: <20080717131000.K2693@besplex.bde.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <5D267A3F22FD854F8F48B3D2B52381932677F1A0C3@IRVEXCHCCR01.corp.ad.broadcom.com> <20080717131000.K2693@besplex.bde.org> Cc: "freebsd-net@freebsd.org" , David Christensen Subject: Re: Enabling MSI-X on -CURRENT for New Network Driver X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 03:47:07 -0000 On Thu, Jul 17, 2008 at 11:15 AM, Bruce Evans wrote: > On Wed, 16 Jul 2008, David Christensen wrote: > >> I'm working on adding MSI-X support for a new network driver >> and having some difficulty in actually getting an interrupt. >> Does this look right? > > I don't know, but on FreeBSD cluster machines running RELENG_8 bce > generates too many interrupts -- approx. 46000/second to deliver On dfly, I set the bce_rx_quick_cons_trip to 24 and bce_rx_ticks to 125, else live lock (>40000/sec) is promised when sinking packets @800kpps. I think bce uses the same coal logic as bge, so bce_rx_quick_cons_trip probably could be set to a larger value like 128; didn't have time to test 128 yet. Best Regards, sephe -- Live Free or Die From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 04:10:20 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ED9CB1065670 for ; Thu, 17 Jul 2008 04:10:20 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from ebb.errno.com (ebb.errno.com [69.12.149.25]) by mx1.freebsd.org (Postfix) with ESMTP id BBD3A8FC22 for ; Thu, 17 Jul 2008 04:10:20 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from trouble.errno.com (trouble.errno.com [10.0.0.248]) (authenticated bits=0) by ebb.errno.com (8.13.6/8.12.6) with ESMTP id m6H4AI9F087923 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 16 Jul 2008 21:10:18 -0700 (PDT) (envelope-from sam@freebsd.org) Message-ID: <487EC62A.3070301@freebsd.org> Date: Wed, 16 Jul 2008 21:10:18 -0700 From: Sam Leffler Organization: FreeBSD Project User-Agent: Thunderbird 2.0.0.9 (X11/20071125) MIME-Version: 1.0 To: freebsd-net@freebsd.org References: <20080630040103.94730.qmail@mailgate.gta.com> <486A45AB.2080609@freebsd.org> In-Reply-To: <486A45AB.2080609@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC--Metrics: ebb.errno.com; whitelist Cc: vanhu_bsd@zeninc.net, Larry Baird Subject: Re: FreeBSD NAT-T patch integration [CFR/CFT] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 04:10:21 -0000 Sam Leffler wrote: > Larry Baird wrote: >>> And how do I know that it works ? >>> Well, when it doesn't work, I do know it, quite quickly most of the >>> time ! >>> >> I have to chime in here. I did most of the initial porting of the >> NAT-T patches from Kame IPSec to FAST_IPSEC. I did look at every >> line of code during this process. I found no security problems during >> the port. Like Yvan, my company uses the NAT-T patches commercially. >> Like he says, if it had problems, we would hear about it. If the >> patches >> don't get commited, I highly suspect Yvan or myself would try to keep >> the >> patches up todate. So far I have done FAST_IPSEC pacthes for FreeBSD >> 4,5,6. Yvan did 7 and 8 by himself. Keeping up gets to be a pain >> after a while. I do plan to look at the FreeBSD 7 patches soon, but >> it sure would be nice >> to see it commited. >> Please test/review the following patch against HEAD: http://people.freebsd.org/~sam/nat_t-20080616.patch This adds only the kernel portion of the NAT-T support; you must provide the user-level code from another place. The main difference from the patches floating around are in the ctloutput path (adding proper locking for HEAD) and decap of ESP-in-UDP frames. Assuming folks are ok w/ these changes I'll commit to HEAD. Once this stuff goes in we can look at getting the user-mode mods into the tree. Sam PS. Thanks especially to Matthew Grooms who tested an earlier version and fixed a bug. From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 04:44:31 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A9B8C1065674 for ; Thu, 17 Jul 2008 04:44:31 +0000 (UTC) (envelope-from andrew@modulus.org) Received: from email.octopus.com.au (host-122-100-2-232.octopus.com.au [122.100.2.232]) by mx1.freebsd.org (Postfix) with ESMTP id 649AC8FC1B for ; Thu, 17 Jul 2008 04:44:31 +0000 (UTC) (envelope-from andrew@modulus.org) Received: by email.octopus.com.au (Postfix, from userid 1002) id 0BFB917369; Thu, 17 Jul 2008 14:44:30 +1000 (EST) X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on email.octopus.com.au X-Spam-Level: X-Spam-Status: No, score=-1.4 required=10.0 tests=ALL_TRUSTED autolearn=failed version=3.2.3 Received: from [10.1.50.60] (138.21.96.58.exetel.com.au [58.96.21.138]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: admin@email.octopus.com.au) by email.octopus.com.au (Postfix) with ESMTP id CB953170FA for ; Thu, 17 Jul 2008 14:44:25 +1000 (EST) Message-ID: <487ECDD7.2050901@modulus.org> Date: Thu, 17 Jul 2008 14:43:03 +1000 From: Andrew Snow User-Agent: Thunderbird 2.0.0.14 (X11/20080523) MIME-Version: 1.0 To: FreeBSD Net References: <20080716162042.GA27666@svzserv.kemerovo.su> <487E312E.9090307@infracaninophile.co.uk> <20080717035155.GA81536@svzserv.kemerovo.su> <8DFF6DCD-6619-4251-9944-59CED8DF1B19@mac.com> <20080717044106.GA53681@eos.sc1.parodius.com> In-Reply-To: <20080717044106.GA53681@eos.sc1.parodius.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: named.conf: query-source address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 04:44:31 -0000 Don't forget the souls who find themselves using jails. In this case it is common to want a name server on the parent host but not on any of the jail IPs. From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 06:19:44 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 501A01065675 for ; Thu, 17 Jul 2008 06:19:44 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143]) by mx1.freebsd.org (Postfix) with ESMTP id 275E88FC17 for ; Thu, 17 Jul 2008 06:19:40 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (smithi@localhost) by gaia.nimnet.asn.au (8.8.8/8.8.8R1.5) with SMTP id QAA20446; Thu, 17 Jul 2008 16:18:58 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Thu, 17 Jul 2008 16:18:57 +1000 (EST) From: Ian Smith To: Wasily Lin In-Reply-To: <487EACC5.1060109@keynet.com.cn> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: freebsd-net@freebsd.org Subject: Re: mpd5.1 MTU problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 06:19:44 -0000 On Thu, 17 Jul 2008, Wasily Lin wrote: > Hello, > I set up a PPPoE server on FreeBSD 7.0(amd64) with mpd 5.1 and it works > fine for all clients except for my FreeBSD 7.0(i386) Notebook. > Connecting has no problem and I get ip but all website can not be access > even on PPPoE server itself(Apache installed), so can not ftp site. > I've used mpd 5.1_1 and pppoe(built-in) as pppoe client but the > problem was same - can not access http/ftp..., only icmp works. I think > the problem is MTU then changed that but no effects. Now my configuration: > > PPPoE Server: > startup: > set netflow peer 127.0.0.1 1813 > set user admin xxxxx admin > set user operator xxxxx operator > set user user xxxxx user > set console open > > default: > load pppoe_server > > pppoe_server: > > create bundle template B > set ippool add pool 10.0.0.100 10.0.0.200 > set iface enable netflow-in > set iface enable netflow-out > set iface enable ipacct > set iface enable proxy-arp > set iface mtu 1460 <-----------------------! > set ipcp ranges 10.0.0.1/32 ippool pool > set ipcp dns 172.18.30.125 > > create link template common pppoe > set link enable pap > set link disable chap > set link enable multilink > set link action bundle B > load radius > > create link template em0 common > set link max-children 1000 > set pppoe iface em0 > set link enable incoming > > radius: > set radius server 127.0.0.1 xxxxxxxx 1812 1813 > set radius retries 3 > set radius timeout 3 > set radius me 127.0.0.1 > set auth max-logins 1 > set auth acct-update 300 > set auth enable radius-auth > set auth enable radius-acct > set radius enable message-authentic > > PPPoE client: > startup: > set user admin xxxxx admin > set console open > > default: > load pppoe_client > > pppoe_client: > create bundle static B1 > set iface route default > set ipcp ranges 0.0.0.0/0 0.0.0.0/0 > > create link static L1 pppoe > set link action bundle B1 > set auth authname xxxxxx > set auth password xxxxxx > set link max-redial 0 > set link keep-alive 10 60 > set pppoe iface em0 > set pppoe service "" For the same apparent problem, from my working mpd 4.1 client config: # needed? seems so, t23 had trouble with large tcp pkts .. yep, fixed .. set iface enable tcpmssfix which I see is still in http://mpd.sourceforge.net/doc5/mpd28.html cheers, Ian > open > > After connected: > > PPPoE server: > ng15: flags=88d1 metric > 0 mtu 1460 > inet 10.0.0.1 --> 10.0.0.115 netmask 0xffffffff > > PPPoE client: > ng0: flags=88d1 metric 0 > mtu 1460 > inet 10.0.0.115 --> 10.0.0.1 netmask 0xffffffff > > tcpdump output: > > PPPoE server: > pppoe# tcpdump -i ng15 -ln host 10.0.0.1 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on ng15, link-type NULL (BSD loopback), capture size 96 bytes > 10:08:44.469993 IP 10.0.0.115.60331 > 10.0.0.1.80: S > 2092758811:2092758811(0) win 65535 3,sackOK,timestamp 4639873 0> > 10:08:44.470056 IP 10.0.0.1.80 > 10.0.0.115.60331: S > 687014728:687014728(0) ack 2092758812 win 65535 3,sackOK,timestamp 1602770998 4639873> > 10:08:47.469997 IP 10.0.0.1.80 > 10.0.0.115.60331: S > 687014728:687014728(0) ack 2092758812 win 65535 3,sackOK,timestamp 1602770998 4639873> > 10:08:53.469978 IP 10.0.0.1.80 > 10.0.0.115.60331: S > 687014728:687014728(0) ack 2092758812 win 65535 3,sackOK,timestamp 1602770998 4639873> > 10:09:05.469918 IP 10.0.0.1.80 > 10.0.0.115.60331: S > 687014728:687014728(0) ack 2092758812 win 65535 3,sackOK,timestamp 1602770998 4639873> > 10:09:44.972709 IP 10.0.0.115.60331 > 10.0.0.1.80: F 1:1(0) ack 1 win > 8272 > 10:09:44.972744 IP 10.0.0.1.80 > 10.0.0.115.60331: R > 687014729:687014729(0) win 0 > > PPPoE client: > r00t# tcpdump -i ng0 -ln host 10.0.0.1 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on ng0, link-type NULL (BSD loopback), capture size 96 bytes > 10:12:06.792399 IP 10.0.0.115.60331 > 10.0.0.1.80: S > 2092758811:2092758811(0) win 65535 3,sackOK,timestamp 4639873 0> > 10:12:06.793151 IP 10.0.0.1.80 > 10.0.0.115.60331: S > 687014728:687014728(0) ack 2092758812 win 65535 3,sackOK,timestamp 1602770998 4639873> > 10:12:06.793178 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 > > 10:12:09.793385 IP 10.0.0.1.80 > 10.0.0.115.60331: S > 687014728:687014728(0) ack 2092758812 win 65535 3,sackOK,timestamp 1602770998 4639873> > 10:12:09.793414 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 > > 10:12:15.793331 IP 10.0.0.1.80 > 10.0.0.115.60331: S > 687014728:687014728(0) ack 2092758812 win 65535 3,sackOK,timestamp 1602770998 4639873> > 10:12:15.793358 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 > > 10:12:27.793227 IP 10.0.0.1.80 > 10.0.0.115.60331: S > 687014728:687014728(0) ack 2092758812 win 65535 3,sackOK,timestamp 1602770998 4639873> > 10:12:27.793255 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 > > 10:13:07.294273 IP 10.0.0.115.60331 > 10.0.0.1.80: F 1:1(0) ack 1 win > 8272 > 10:13:07.295358 IP 10.0.0.1.80 > 10.0.0.115.60331: R > 687014729:687014729(0) win 0 > > As you can see, tcp/ack from client can not go through but tcp/syn, > tcp/fin are fine. > > What's the reason? I've used the same client to connect to ISP's ADSL > and work fine so what I am sure is the server refused my tcp/ack. But why? > > Thanks all. > > BSD4LZX From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 06:52:19 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 870DB106566C for ; Thu, 17 Jul 2008 06:52:19 +0000 (UTC) (envelope-from freebsdlists@bsdunix.ch) Received: from conversation.bsdunix.ch (ns1.bsdunix.ch [82.220.1.90]) by mx1.freebsd.org (Postfix) with ESMTP id 39C448FC1C for ; Thu, 17 Jul 2008 06:52:19 +0000 (UTC) (envelope-from freebsdlists@bsdunix.ch) Received: from localhost (localhost.bsdunix.ch [127.0.0.1]) by conversation.bsdunix.ch (Postfix) with ESMTP id 97D545D7E; Thu, 17 Jul 2008 08:52:17 +0200 (CEST) X-Virus-Scanned: by amavisd-new at mail.bsdunix.ch Received: from conversation.bsdunix.ch ([127.0.0.1]) by localhost (conversation.bsdunix.ch [127.0.0.1]) (amavisd-new, port 10024) with LMTP id YTVYBZ6QYq6R; Thu, 17 Jul 2008 08:52:16 +0200 (CEST) Received: from [192.168.1.101] (home.bsdunix.ch [82.220.17.23]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by conversation.bsdunix.ch (Postfix) with ESMTP id 058225D63; Thu, 17 Jul 2008 08:52:15 +0200 (CEST) Message-Id: From: Thomas Vogt To: =?UTF-8?Q?JINMEI_Tatuya_/_=E7=A5=9E=E6=98=8E=E9=81=94=E5=93=89?= In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v926) Date: Thu, 17 Jul 2008 08:52:15 +0200 References: <487C9457.5080609@bsdunix.ch> <2A7CBD67-7532-4B13-82DD-A6EF5DEAA6BD@bsdunix.ch> X-Mailer: Apple Mail (2.926) Cc: freebsd-net@freebsd.org Subject: Re: too many open file descriptors messages since bind 9.4.2-P1 (port dns94) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 06:52:19 -0000 Hello Am 15.07.2008 um 22:59 schrieb JINMEI Tatuya / =E7=A5=9E=E6=98=8E=E9=81=94= =E5=93=89: > At Tue, 15 Jul 2008 22:54:11 +0200, > Thomas Vogt wrote: > >>>> Since i updated my FreeBSD 6.3 dns server with the latest bind >>>> version >>>> in the ports (dns/bind94) my system is flooding my log with "too =20= >>>> many >>>> open file descriptors" messages. >>>> >>>> Is there something i can do? >>> >>> How many sockets is named actually using while it makes this log >>> message? Try, e.g, >>> % sockstat | grep named | wc -l >> >> Not that many: >> sockstat | grep named | wc -l >> 996 > > Ah, it's actually quite a lot in this context:-) > > If that's regularly happening, I'm afraid recent P1 versions don't > handle that well, and recommend you try 9.4.3b2 ore 9.5.1b1. I installed 9.4.3b2. I haven't seen any "too many open file =20 descriptors" messages so far. "sockstat | grep named | wc -l" shows me much less listen bind =20 versions. During the whole night and at this early time in the morning =20= we just have 40-150 open binds. Maybe all our customers are enjoying =20= their summer hollydays or 9.4.3b2 handels it much better. Regads, Thomas From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 08:14:31 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 84F7D106566C for ; Thu, 17 Jul 2008 08:14:31 +0000 (UTC) (envelope-from mav@FreeBSD.org) Received: from cmail.optima.ua (cmail.optima.ua [195.248.191.121]) by mx1.freebsd.org (Postfix) with ESMTP id F14928FC08 for ; Thu, 17 Jul 2008 08:14:30 +0000 (UTC) (envelope-from mav@FreeBSD.org) X-Spam-Flag: SKIP X-Spam-Yversion: Spamooborona-2.1.0 Received: from orphanage.alkar.net (account mav@alkar.net [212.86.226.11] verified) by cmail.optima.ua (CommuniGate Pro SMTP 5.1.14) with ESMTPA id 169862789; Thu, 17 Jul 2008 10:14:29 +0300 Message-ID: <487EF154.5070808@FreeBSD.org> Date: Thu, 17 Jul 2008 10:14:28 +0300 From: Alexander Motin User-Agent: Thunderbird 2.0.0.14 (X11/20080612) MIME-Version: 1.0 To: freebsd-net@freebsd.org References: <1216275783.00099216.1216262401@10.7.7.3> In-Reply-To: <1216275783.00099216.1216262401@10.7.7.3> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Wasily Lin Subject: Re: mpd5.1 MTU problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 08:14:31 -0000 Wasily Lin wrote: > set iface enable netflow-in > set iface enable netflow-out > set iface enable ipacct Strange combination. > set iface enable proxy-arp Are you sure you need it? > set iface mtu 1460 <-----------------------! That's not a problem, but usually 1492 used for PPPoE. Also in some situation 'set iface enable tcpmssfix' could help. > As you can see, tcp/ack from client can not go through but tcp/syn, > tcp/fin are fine. > > What's the reason? I've used the same client to connect to ISP's ADSL > and work fine so what I am sure is the server refused my tcp/ack. But why? As soon as all packets are very small I don't think it is an MTU problem. I would recommend you to use tcpdump on Ethernet interface to understand which side actually drops the packets and probably why. Also check that you are not using any firewall and try to disable some features on server side like ipacct. -- Alexander Motin From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 16:02:15 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F03251065671 for ; Thu, 17 Jul 2008 16:02:15 +0000 (UTC) (envelope-from biancalana@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.225]) by mx1.freebsd.org (Postfix) with ESMTP id D0EE48FC12 for ; Thu, 17 Jul 2008 16:02:15 +0000 (UTC) (envelope-from biancalana@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so7389870rvf.43 for ; Thu, 17 Jul 2008 09:02:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=ghi8h+fPNN7KoQ9POviP55TqUPaOR9/R90Abmug0+5E=; b=Xms2vsc1TRr+L+b81gzrpl+hwMbVKbKmhfhH9guKG4GLqhgaW2PXg+R3a3CDP4Zuq2 sYt24C0NoLMfj1V8REXCz+AVRjlwrN+RubWn1jTQMuG8Gc98t39rSqPGBqc6M1i8AyuR QA/KjEdOpYdXjvxLhgduyepzFwClkDsgOwknY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=MOSKiVy3Npku3IC3u9F+IqLMEkXvSbDmdAxIf44s2PzEpTHmFjYeuUUBvkqyGtsr92 b6wOW96E5W4ovKruqDh+w3zCQl+gVoQH/BcMXsb3M+F5oawxxJttKiUgEQo1aL9y0O8F nibPs4b/uMGqfHoApMqzYiXYUWuX1GdQV5U84= Received: by 10.141.116.17 with SMTP id t17mr1238624rvm.251.1216310535294; Thu, 17 Jul 2008 09:02:15 -0700 (PDT) Received: by 10.141.114.16 with HTTP; Thu, 17 Jul 2008 09:02:15 -0700 (PDT) Message-ID: <8e10486b0807170902l4a3db309we7f143af6b79235b@mail.gmail.com> Date: Thu, 17 Jul 2008 13:02:15 -0300 From: "Alexandre Biancalana" To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: openospfd+carp X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 16:02:16 -0000 Hi list, I'm deploying a new structure between our company and our datacenter that is composed of two L2L (lan-to-lan) 100Mbit links and two redudant gateway/firewall at each side. I configured one vlan per 100Mbit link and used carp (with Max's carpdev patch) to do the failover between machines on each side, the vlan interfaces are configured without ip address, only carp interfaces have ips. I want to use OpenOSPFD to do automatic failover+loadbalance of this L2L links. This works ? Someone have a similar setup ? Any hints ? I'm using FreeBSD 7, OpenOSPFD 4 (from ports) and Max's carpdev patch. Best Regards, Alexandre From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 16:30:03 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4BAD51065673 for ; Thu, 17 Jul 2008 16:30:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 42E978FC17 for ; Thu, 17 Jul 2008 16:30:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m6HGU3Fq015804 for ; Thu, 17 Jul 2008 16:30:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m6HGU3IZ015801; Thu, 17 Jul 2008 16:30:03 GMT (envelope-from gnats) Date: Thu, 17 Jul 2008 16:30:03 GMT Message-Id: <200807171630.m6HGU3IZ015801@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Coleman Kane Cc: Subject: Re: kern/125181: [ndis] [patch] with wep enters kdb.enter.unknown, panics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Coleman Kane List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 16:30:03 -0000 The following reply was made to PR kern/125181; it has been noted by GNATS. From: Coleman Kane To: bug-followup@FreeBSD.org, onemda@gmail.com Cc: thompsa@FreeBSD.org Subject: Re: kern/125181: [ndis] [patch] with wep enters kdb.enter.unknown, panics Date: Thu, 17 Jul 2008 12:09:52 -0400 --=-soKy1PZEAkA40vAIl1Y1 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Andrew, I got directed to this PR by onemda@gmail.com (Paul D. Mahol), who's been helping me track down some edge cases in the if_ndis locking rewrite. I am not 100% familiar with the locking semantics in play here (IEEE80211 and VAPs), so I wanted to run it by you before I determine that it seems to be working well for me. --=20 Coleman Kane --=-soKy1PZEAkA40vAIl1Y1 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkh/bs8ACgkQcMSxQcXat5cPdQCfbs4UgSOx8VZ7wJOu9H1bYdxA h7sAnRJA4UxSvjdNCGG7tm95Jedhz/Ae =vNY9 -----END PGP SIGNATURE----- --=-soKy1PZEAkA40vAIl1Y1-- From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 16:50:05 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 601A51065679 for ; Thu, 17 Jul 2008 16:50:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 5681E8FC0A for ; Thu, 17 Jul 2008 16:50:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m6HGo41i018240 for ; Thu, 17 Jul 2008 16:50:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m6HGo4aK018239; Thu, 17 Jul 2008 16:50:04 GMT (envelope-from gnats) Date: Thu, 17 Jul 2008 16:50:04 GMT Message-Id: <200807171650.m6HGo4aK018239@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Andrew Thompson Cc: Subject: Re: kern/125181: [ndis] [patch] with wep enters kdb.enter.unknown, panics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Andrew Thompson List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 16:50:05 -0000 The following reply was made to PR kern/125181; it has been noted by GNATS. From: Andrew Thompson To: Coleman Kane Cc: bug-followup@FreeBSD.org, onemda@gmail.com Subject: Re: kern/125181: [ndis] [patch] with wep enters kdb.enter.unknown, panics Date: Thu, 17 Jul 2008 09:43:42 -0700 On Thu, Jul 17, 2008 at 12:09:52PM -0400, Coleman Kane wrote: > Andrew, > > I got directed to this PR by onemda@gmail.com (Paul D. Mahol), who's > been helping me track down some edge cases in the if_ndis locking > rewrite. I am not 100% familiar with the locking semantics in play here > (IEEE80211 and VAPs), so I wanted to run it by you before I determine > that it seems to be working well for me. I dont think ndis should be reaching into the net80211 lock. Now that ndis uses a regular mutex its a good chance to add mtx_asserts in the right places and get the locking up to speed. I will try to post a patch soon unless someone beats be to it. Andrew From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 17:09:18 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 74920106564A for ; Thu, 17 Jul 2008 17:09:18 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outM.internet-mail-service.net (outm.internet-mail-service.net [216.240.47.236]) by mx1.freebsd.org (Postfix) with ESMTP id 667E28FC1B for ; Thu, 17 Jul 2008 17:09:18 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 104D82486 for ; Thu, 17 Jul 2008 10:09:19 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 0F4022D6023 for ; Thu, 17 Jul 2008 10:09:17 -0700 (PDT) Message-ID: <487F7C0C.8090303@elischer.org> Date: Thu, 17 Jul 2008 10:06:20 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: FreeBSD Net Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Requesting comments on Multi-routing table usage X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 17:09:18 -0000 The current code in -current will add a new interface to all FIBs. So for example when you add a gre interface irt shows up everywhere. This behaviour is probbaly correct for the base NICs on the system when you boot, but it is probably wrong in other cases. For example, when mpd makes tunnels it probably (but not always) wants to add that set of routes into one FIB. Similarly for other apps that can create tunnels. What is needed is a way to allow the caller to somehow specify the behaviour wanted whenever new interfaces are added. various things crossed my minds.. ------------- Maybe real hardware shoudl go everywhere and virtual should go to the FIB of the creator Maybe P2P interfaces should not go everywhere. Maybe a sysctl can be used to 'flip' teh mode from "everywhere" to "specific fib" after boot has completed. (I have code for this but it's not the perfect solution). Maybe ifconfig can set a new flag somewhere somehow. Maybe a process can set a flag for itself saying what its mode is.. ---------- The trouble is that there is not an "always correct" answer. some people may want to see a tunnel turn up on all FIBs and others may not. From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 17:54:54 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B811A106568A for ; Thu, 17 Jul 2008 17:54:54 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143]) by mx1.freebsd.org (Postfix) with ESMTP id 43D668FC2D for ; Thu, 17 Jul 2008 17:54:52 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (smithi@localhost) by gaia.nimnet.asn.au (8.8.8/8.8.8R1.5) with SMTP id DAA09966; Fri, 18 Jul 2008 03:54:43 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Fri, 18 Jul 2008 03:54:42 +1000 (EST) From: Ian Smith To: Julian Elischer In-Reply-To: <487F7C0C.8090303@elischer.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: FreeBSD Net Subject: Re: Requesting comments on Multi-routing table usage X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 17:54:54 -0000 On Thu, 17 Jul 2008, Julian Elischer wrote: > The current code in -current will add a new interface to all > FIBs. Consider yanking/reinserting cardbus NICs as one source of fun. > So for example when you add a gre interface irt shows up everywhere. > > This behaviour is probbaly correct for the base NICs on the system > when you boot, but it is probably wrong in other cases. > > For example, when mpd makes tunnels it probably > (but not always) wants to add that set of routes into one > FIB. Similarly for other apps that can create tunnels. > > What is needed is a way to allow the caller to somehow > specify the behaviour wanted whenever new interfaces are added. > > various things crossed my minds.. I'm of two minds myself .. but you seem to have lots more :) > ------------- > Maybe real hardware shoudl go everywhere and virtual should go to > the FIB of the creator > > Maybe P2P interfaces should not go everywhere. > > Maybe a sysctl can be used to 'flip' teh mode from "everywhere" > to "specific fib" after boot has completed. (I have code for this but > it's not the perfect solution). Yes in addition to 'setfib N command' it would be likely useful to have a more global 'setfibto' type command, so you could run whole scripts or shells in a known fib context, to which scripts etc could be oblivious? Tuning by sysctl/s would seem most useful, at least for development? > Maybe ifconfig can set a new flag somewhere somehow. > > Maybe a process can set a flag for itself saying what its mode is.. > ---------- > > > The trouble is that there is not an "always correct" answer. > some people may want to see a tunnel turn up on all FIBs > and others may not. It's the options that drive ya crazy .. but being able to set/tune the forwarding context - one fib, all fibs, or a set of fibs? - may allow flexibility in view of the large set of maybes you (so far) mentioned. Just some popcorn from the peanut gallery .. cheers, Ian From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 19:25:20 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B87DF106566C for ; Thu, 17 Jul 2008 19:25:20 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outR.internet-mail-service.net (outr.internet-mail-service.net [216.240.47.241]) by mx1.freebsd.org (Postfix) with ESMTP id 9A2678FC27 for ; Thu, 17 Jul 2008 19:25:20 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 8ECC223F8; Thu, 17 Jul 2008 12:25:20 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 2D9B12D6042; Thu, 17 Jul 2008 12:25:20 -0700 (PDT) Message-ID: <487F9BED.90402@elischer.org> Date: Thu, 17 Jul 2008 12:22:21 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: Ian Smith References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Net Subject: Re: Requesting comments on Multi-routing table usage X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 19:25:20 -0000 Ian Smith wrote: > On Thu, 17 Jul 2008, Julian Elischer wrote: > > The current code in -current will add a new interface to all > > FIBs. > > Consider yanking/reinserting cardbus NICs as one source of fun. > > > So for example when you add a gre interface irt shows up everywhere. > > > > This behaviour is probbaly correct for the base NICs on the system > > when you boot, but it is probably wrong in other cases. > > > > For example, when mpd makes tunnels it probably > > (but not always) wants to add that set of routes into one > > FIB. Similarly for other apps that can create tunnels. > > > > What is needed is a way to allow the caller to somehow > > specify the behaviour wanted whenever new interfaces are added. > > > > various things crossed my minds.. > > I'm of two minds myself .. but you seem to have lots more :) > > > ------------- > > Maybe real hardware shoudl go everywhere and virtual should go to > > the FIB of the creator > > > > Maybe P2P interfaces should not go everywhere. > > > > Maybe a sysctl can be used to 'flip' teh mode from "everywhere" > > to "specific fib" after boot has completed. (I have code for this but > > it's not the perfect solution). > > Yes in addition to 'setfib N command' it would be likely useful to have > a more global 'setfibto' type command, so you could run whole scripts or > shells in a known fib context, to which scripts etc could be oblivious? that's already possible with setfib.. setfib N sh script is going to do that.. The issue I have is with the routes that are added to routing tables when an interface is added.. It's a specific instance that is tricky because it's a side effect rather than a directly requested action. what some people have asked to do is have multiple tunnels to the same place but have different routing tables specify different tunnels to get to that place.. e.g. gre0 1.1.1.1 2.2.2.2 gre1 3.3.3.3 2.2.2.2 gre2 4.4.4.4 2.2.2.2 where in fib 0 the route to 2.2.2.2 is via gre0 and in fib1 it is via gre1 and in fib2 it is via gre2 then you can use setfib in ipfw and pf to use different tunnels to get selected traffic to 2.2.2.2.. This is what is being asked for, but you can only add the interfaces like that if ifconfig only effects differnet FIBS for each interface. > > Tuning by sysctl/s would seem most useful, at least for development? > > > Maybe ifconfig can set a new flag somewhere somehow. > > > > Maybe a process can set a flag for itself saying what its mode is.. > > ---------- > > > > > > The trouble is that there is not an "always correct" answer. > > some people may want to see a tunnel turn up on all FIBs > > and others may not. > > It's the options that drive ya crazy .. but being able to set/tune the > forwarding context - one fib, all fibs, or a set of fibs? - may allow > flexibility in view of the large set of maybes you (so far) mentioned. > > Just some popcorn from the peanut gallery .. > > cheers, Ian From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 19:29:51 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4D2D71065673 for ; Thu, 17 Jul 2008 19:29:51 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outE.internet-mail-service.net (oute.internet-mail-service.net [216.240.47.228]) by mx1.freebsd.org (Postfix) with ESMTP id 2E1B38FC1B for ; Thu, 17 Jul 2008 19:29:51 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id ECE8F2461; Thu, 17 Jul 2008 12:29:51 -0700 (PDT) Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id A5CB72D6044; Thu, 17 Jul 2008 12:29:50 -0700 (PDT) Message-ID: <487F9CFB.2080901@elischer.org> Date: Thu, 17 Jul 2008 12:26:51 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421) MIME-Version: 1.0 To: Ian Smith References: <487F9BED.90402@elischer.org> In-Reply-To: <487F9BED.90402@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Net Subject: Re: Requesting comments on Multi-routing table usage X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 19:29:51 -0000 Julian Elischer wrote: > Ian Smith wrote: >> On Thu, 17 Jul 2008, Julian Elischer wrote: >> > The current code in -current will add a new interface to all >> > FIBs. >> >> Consider yanking/reinserting cardbus NICs as one source of fun. >> >> > So for example when you add a gre interface irt shows up everywhere. >> > > This behaviour is probbaly correct for the base NICs on the >> system > when you boot, but it is probably wrong in other cases. >> > >> > For example, when mpd makes tunnels it probably >> > (but not always) wants to add that set of routes into one >> > FIB. Similarly for other apps that can create tunnels. >> > > What is needed is a way to allow the caller to somehow >> > specify the behaviour wanted whenever new interfaces are added. >> > > various things crossed my minds.. >> >> I'm of two minds myself .. but you seem to have lots more :) >> >> > ------------- >> > Maybe real hardware shoudl go everywhere and virtual should go to >> > the FIB of the creator >> > > Maybe P2P interfaces should not go everywhere. >> > > Maybe a sysctl can be used to 'flip' teh mode from "everywhere" >> > to "specific fib" after boot has completed. (I have code for this >> but > it's not the perfect solution). >> >> Yes in addition to 'setfib N command' it would be likely useful to have >> a more global 'setfibto' type command, so you could run whole scripts or >> shells in a known fib context, to which scripts etc could be oblivious? > > that's already possible with setfib.. > setfib N sh script is going to do that.. > > The issue I have is with the routes that are added to routing tables > when an interface is added.. It's a specific instance that is tricky > because it's a side effect rather than a directly requested action. > > what some people have asked to do is have multiple tunnels to the same > place but have different routing tables specify different tunnels to get > to that place.. > > e.g. > > gre0 1.1.1.1 2.2.2.2 > gre1 3.3.3.3 2.2.2.2 > gre2 4.4.4.4 2.2.2.2 > > where in fib 0 the route to 2.2.2.2 is via gre0 > and in fib1 it is via gre1 > and in fib2 it is via gre2 > then you can use setfib in ipfw and pf to use different tunnels to get > selected traffic to 2.2.2.2.. > > This is what is being asked for, but you can only add the > interfaces like that if ifconfig only effects differnet FIBS for each > interface. hmmm that makes me think that maybe an ifconfig command to associate a FIB with an interface might do the trick... if it's not associated with a FIB it get to all of them, but if you have previously associated it wit a FIB, then only that FIB is affected. That may just be a good enough answer. > > > >> >> Tuning by sysctl/s would seem most useful, at least for development? >> >> > Maybe ifconfig can set a new flag somewhere somehow. >> > > Maybe a process can set a flag for itself saying what its mode is.. >> > ---------- >> > > > The trouble is that there is not an "always correct" answer. >> > some people may want to see a tunnel turn up on all FIBs >> > and others may not. >> >> It's the options that drive ya crazy .. but being able to set/tune the >> forwarding context - one fib, all fibs, or a set of fibs? - may allow >> flexibility in view of the large set of maybes you (so far) mentioned. >> >> Just some popcorn from the peanut gallery .. >> >> cheers, Ian > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 20:21:42 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5B5A7106564A for ; Thu, 17 Jul 2008 20:21:42 +0000 (UTC) (envelope-from lab@gta.com) Received: from mailgate.gta.com (mailgate.gta.com [199.120.225.20]) by mx1.freebsd.org (Postfix) with SMTP id D75B58FC17 for ; Thu, 17 Jul 2008 20:21:41 +0000 (UTC) (envelope-from lab@gta.com) Received: (qmail 69891 invoked by uid 1000); 17 Jul 2008 20:21:41 -0000 Date: Thu, 17 Jul 2008 16:21:41 -0400 From: Larry Baird To: Sam Leffler Message-ID: <20080717202141.GA65940@gta.com> References: <20080630040103.94730.qmail@mailgate.gta.com> <486A45AB.2080609@freebsd.org> <487EC62A.3070301@freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <487EC62A.3070301@freebsd.org> User-Agent: Mutt/1.4.2.3i Cc: freebsd-net@freebsd.org, vanhu_bsd@zeninc.net Subject: Re: FreeBSD NAT-T patch integration [CFR/CFT] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 20:21:42 -0000 Sam, > Please test/review the following patch against HEAD: > > http://people.freebsd.org/~sam/nat_t-20080616.patch > > This adds only the kernel portion of the NAT-T support; you must provide > the user-level code from another place. > > The main difference from the patches floating around are in the > ctloutput path (adding proper locking for HEAD) and decap of ESP-in-UDP > frames. Assuming folks are ok w/ these changes I'll commit to HEAD. > Once this stuff goes in we can look at getting the user-mode mods into > the tree. I should have time to begin to look at this tomorrow. I also have an additional patch that needs adding. In sys/netipsec/ipsec_mbuf.c the function m_makespace() has an assert/comment stating "code doesn't handle clusters". If using NAT-T with crypto acceleration you can hit this case. I'll email this patch to you within the next couple of days. Larry -- ------------------------------------------------------------------------ Larry Baird | http://www.gta.com Global Technology Associates, Inc. | Orlando, FL Email: lab@gta.com | TEL 407-380-0220, FAX 407-380-6080 From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 20:22:29 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A50AB1065672 for ; Thu, 17 Jul 2008 20:22:29 +0000 (UTC) (envelope-from danger@FreeBSD.org) Received: from mailhub.rulez.sk (mailhub.rulez.sk [IPv6:2001:15c0:6672::2]) by mx1.freebsd.org (Postfix) with ESMTP id 509AD8FC24 for ; Thu, 17 Jul 2008 20:22:29 +0000 (UTC) (envelope-from danger@FreeBSD.org) Received: from localhost (localhost [127.0.0.1]) by mailhub.rulez.sk (Postfix) with ESMTP id AD8735C04E for ; Thu, 17 Jul 2008 22:22:27 +0200 (CEST) X-Virus-Scanned: amavisd-new at rulez.sk Received: from mailhub.rulez.sk ([78.47.53.106]) by localhost (genesis.rulez.sk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 443CnX89nYTh for ; Thu, 17 Jul 2008 22:22:27 +0200 (CEST) Received: from DANGER-PC (danger.mcrn.sk [84.16.37.254]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: danger@rulez.sk) by mailhub.rulez.sk (Postfix) with ESMTPSA id 2450A5C04D for ; Thu, 17 Jul 2008 22:22:27 +0200 (CEST) Date: Thu, 17 Jul 2008 22:22:10 +0200 From: Daniel Gerzo X-Mailer: The Bat! (v3.99.3) Professional Organization: The FreeBSD Project X-Priority: 3 (Normal) Message-ID: <743720911.20080717222210@rulez.sk> To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: etc/rc.firewall6 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Gerzo List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 20:22:29 -0000 Hello freebsd-net, would somebody more knowledgeable then I am in ip6 review this [1] small patch for /etc/rc.firewall6? May I get an approval from some src/ committer to commit this (please keep me in the CC: list)? Thank you. [1] http://cvsup.sk.freebsd.org/~danger/rc.ipfw6.diff -- Best regards, Daniel mailto:danger@FreeBSD.org From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 21:48:17 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8580D1065670; Thu, 17 Jul 2008 21:48:17 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4EDA18FC17; Thu, 17 Jul 2008 21:48:17 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from freefall.freebsd.org (hrs@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m6HLmHfD043763; Thu, 17 Jul 2008 21:48:17 GMT (envelope-from hrs@freefall.freebsd.org) Received: (from hrs@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m6HLmHl9043759; Thu, 17 Jul 2008 21:48:17 GMT (envelope-from hrs) Date: Thu, 17 Jul 2008 21:48:17 GMT Message-Id: <200807172148.m6HLmHl9043759@freefall.freebsd.org> To: hrs@FreeBSD.org, freebsd-net@FreeBSD.org, hrs@FreeBSD.org From: hrs@FreeBSD.org Cc: Subject: Re: kern/125003: [gif] incorrect EtherIP header format. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 21:48:17 -0000 Synopsis: [gif] incorrect EtherIP header format. Responsible-Changed-From-To: freebsd-net->hrs Responsible-Changed-By: hrs Responsible-Changed-When: Thu Jul 17 21:47:32 UTC 2008 Responsible-Changed-Why: I will handle this. http://www.freebsd.org/cgi/query-pr.cgi?pr=125003 From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 23:00:04 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 287321065674 for ; Thu, 17 Jul 2008 23:00:04 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx23.fluidhosting.com [204.14.89.6]) by mx1.freebsd.org (Postfix) with ESMTP id 88F688FC1A for ; Thu, 17 Jul 2008 23:00:03 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 30206 invoked by uid 399); 17 Jul 2008 22:33:22 -0000 Received: from localhost (HELO lap.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTPAM; 17 Jul 2008 22:33:22 -0000 X-Originating-IP: 127.0.0.1 X-Sender: dougb@dougbarton.us Message-ID: <487FC8B1.4070003@FreeBSD.org> Date: Thu, 17 Jul 2008 15:33:21 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.14 (X11/20080606) MIME-Version: 1.0 To: Daniel Gerzo References: <743720911.20080717222210@rulez.sk> In-Reply-To: <743720911.20080717222210@rulez.sk> X-Enigmail-Version: 0.95.6 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: etc/rc.firewall6 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 23:00:04 -0000 Daniel Gerzo wrote: > Hello freebsd-net, > > would somebody more knowledgeable then I am in ip6 review this [1] > small patch for /etc/rc.firewall6? May I get an approval from some > src/ committer to commit this (please keep me in the CC: list)? > > Thank you. > > [1] http://cvsup.sk.freebsd.org/~danger/rc.ipfw6.diff > Looks like the right direction to go in for the DNS stuff, yes. About the ntp stuff, 2 questions. First, you did not make the same changes in the NTP section in the second hunk as you did in the first, is that intentional? Second, wouldn't it be better to specify the port number (123) on both sides? NTP uses that same port for sending and receiving queries, and I've always built firewalls that way successfully. Doug -- This .signature sanitized for your protection From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 23:21:31 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 44BF71065672 for ; Thu, 17 Jul 2008 23:21:31 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from asmtpout016.mac.com (asmtpout016.mac.com [17.148.16.91]) by mx1.freebsd.org (Postfix) with ESMTP id 203258FC16 for ; Thu, 17 Jul 2008 23:21:30 +0000 (UTC) (envelope-from cswiger@mac.com) MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Received: from cswiger1.apple.com ([17.227.140.124]) by asmtp016.mac.com (Sun Java(tm) System Messaging Server 6.3-6.03 (built Mar 14 2008; 32bit)) with ESMTPSA id <0K4600HRXBJTEGX3@asmtp016.mac.com>; Thu, 17 Jul 2008 16:21:30 -0700 (PDT) Sender: cswiger@mac.com Message-id: <615CAFFA-48AF-4207-A838-B8AB58B6EE76@mac.com> From: Chuck Swiger To: Doug Barton In-reply-to: <487FC8B1.4070003@FreeBSD.org> Date: Thu, 17 Jul 2008 16:21:28 -0700 References: <743720911.20080717222210@rulez.sk> <487FC8B1.4070003@FreeBSD.org> X-Mailer: Apple Mail (2.928.1) Cc: freebsd-net@freebsd.org, Daniel Gerzo Subject: Re: etc/rc.firewall6 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 23:21:31 -0000 On Jul 17, 2008, at 3:33 PM, Doug Barton wrote: [ ... ] > About the ntp stuff, 2 questions. First, you did not make the same > changes in the NTP section in the second hunk as you did in the > first, is that intentional? Second, wouldn't it be better to > specify the port number (123) on both sides? NTP uses that same port > for sending and receiving queries, and I've always built firewalls > that way successfully. David Mills' ntpd uses port 123 on both sides, true. Other NTP implementations tend to use ephemeral ports; a quick histogram of 30 seconds or so of traffic to a stratum-2 NTP server suggests about half of the NTP traffic out there uses other ports. Regards, -- -Chuck # tcpdump -w ntp_packets.dump udp port 123 tcpdump: listening on fxp0, link-type EN10MB (Ethernet), capture size 96 bytes ^C 615 packets captured 897 packets received by filter 0 packets dropped by kernel # tcpdump -nr ntp_packets.dump | wc -l reading from file ntp_packets.dump, link-type EN10MB (Ethernet) 615 # tcpdump -nr ntp_packets.dump | grep '.123 >' | wc -l reading from file ntp_packets.dump, link-type EN10MB (Ethernet) 347 Most of these above were packets sent by my server. The rest have quite an assortment of source ports being used: # tcpdump -nr ntp_packets.dump | grep -v '.123 >' | head reading from file ntp_packets.dump, link-type EN10MB (Ethernet) 19:06:41.598527 IP 69.144.236.104.3186 > 199.103.21.227.123: NTPv4, Client, length 48 19:06:41.620732 IP 70.169.250.10.297 > 199.103.21.227.123: NTPv3, symmetric active, length 48 19:06:41.755699 IP 63.118.102.151.47817 > 199.103.21.227.123: NTPv4, Client, length 48 19:06:41.932513 IP 65.7.131.67.61897 > 199.103.21.227.123: NTPv3, Client, length 48 19:06:42.041643 IP 69.48.55.134.6 > 199.103.21.227.123: NTPv3, Client, length 48 19:06:42.098282 IP 64.211.94.227.32839 > 199.103.21.227.123: NTPv4, Client, length 48 19:06:42.248041 IP 74.234.132.214.49846 > 199.103.21.227.123: NTPv3, Client, length 48 19:06:42.263930 IP 66.134.96.79.50420 > 199.103.21.227.123: NTPv3, symmetric active, length 48 19:06:42.338483 IP 38.115.128.242.12709 > 199.103.21.227.123: NTPv3, symmetric active, length 48 19:06:42.764847 IP 70.169.250.10.429 > 199.103.21.227.123: NTPv3, symmetric active, length 48 # tcpdump -nr ntp_packets.dump | grep -v '.123 >' | tail reading from file ntp_packets.dump, link-type EN10MB (Ethernet) 19:07:09.302753 IP 170.235.223.10.47601 > 199.103.21.227.123: NTPv3, symmetric active, length 48 19:07:09.355610 IP 38.105.187.251.278 > 199.103.21.227.123: NTPv3, symmetric active, length 48 19:07:09.360286 IP 70.148.188.206.59640 > 199.103.21.227.123: NTPv4, Client, length 48 19:07:09.502241 IP 138.210.238.176.26487 > 199.103.21.227.123: NTPv3, Client, length 48 19:07:09.838130 IP 66.89.121.68.13587 > 199.103.21.227.123: NTPv3, symmetric active, length 48 19:07:10.064838 IP 76.201.148.100.2050 > 199.103.21.227.123: NTPv3, Client, length 48 19:07:10.121137 IP 217.96.91.6.37920 > 199.103.21.227.123: NTPv4, Client, length 48 19:07:10.124784 IP 70.169.250.10.24 > 199.103.21.227.123: NTPv3, symmetric active, length 48 19:07:10.203358 IP 24.154.104.34.40289 > 199.103.21.227.123: NTPv4, Client, length 48 19:07:10.234026 IP 64.178.45.44.1 > 199.103.21.227.123: NTPv4, Client, length 48 From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 23:35:39 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6070E1065670 for ; Thu, 17 Jul 2008 23:35:39 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.171]) by mx1.freebsd.org (Postfix) with ESMTP id D4D688FC16 for ; Thu, 17 Jul 2008 23:35:38 +0000 (UTC) (envelope-from max@love2party.net) Received: from vampire.homelinux.org (dslb-088-066-030-033.pools.arcor-ip.net [88.66.30.33]) by mrelayeu.kundenserver.de (node=mrelayeu5) with ESMTP (Nemesis) id 0ML25U-1KJd0a3r83-0000hy; Fri, 18 Jul 2008 01:35:37 +0200 Received: (qmail 64305 invoked from network); 17 Jul 2008 23:35:36 -0000 Received: from myhost.laiers.local (192.168.4.151) by router.laiers.local with SMTP; 17 Jul 2008 23:35:36 -0000 From: Max Laier Organization: FreeBSD To: freebsd-net@freebsd.org Date: Fri, 18 Jul 2008 01:35:35 +0200 User-Agent: KMail/1.9.9 References: <743720911.20080717222210@rulez.sk> <487FC8B1.4070003@FreeBSD.org> <615CAFFA-48AF-4207-A838-B8AB58B6EE76@mac.com> In-Reply-To: <615CAFFA-48AF-4207-A838-B8AB58B6EE76@mac.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200807180135.35912.max@love2party.net> X-Provags-ID: V01U2FsdGVkX19phQuCjBm/8tPbuGRijI4HfDay+l1Z594K86g 3B3DokptgjXeREedx4F3Xvj0ms3iwE8v1i78pJMcvrvGwGq+BS WLdAhc2mb+OYOhiQrySjA== Cc: Daniel Gerzo , Doug Barton Subject: Re: etc/rc.firewall6 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 23:35:39 -0000 On Friday 18 July 2008 01:21:28 Chuck Swiger wrote: > On Jul 17, 2008, at 3:33 PM, Doug Barton wrote: > [ ... ] > > > About the ntp stuff, 2 questions. First, you did not make the same > > changes in the NTP section in the second hunk as you did in the > > first, is that intentional? Second, wouldn't it be better to > > specify the port number (123) on both sides? NTP uses that same port > > for sending and receiving queries, and I've always built firewalls > > that way successfully. > > David Mills' ntpd uses port 123 on both sides, true. Other NTP > implementations tend to use ephemeral ports; a quick histogram of 30 > seconds or so of traffic to a stratum-2 NTP server suggests about half > of the NTP traffic out there uses other ports. Don't forget PNAT. I'd also argue that the rc.firewall6 in base is supposed to work with the ntpd in base. We should, however, not forget about ntpdate, which seems to use ephemeral ports. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News From owner-freebsd-net@FreeBSD.ORG Fri Jul 18 00:07:26 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A8C591065674 for ; Fri, 18 Jul 2008 00:07:26 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from asmtpout022.mac.com (asmtpout022.mac.com [17.148.16.97]) by mx1.freebsd.org (Postfix) with ESMTP id 82B798FC33 for ; Fri, 18 Jul 2008 00:07:26 +0000 (UTC) (envelope-from cswiger@mac.com) MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Received: from cswiger1.apple.com ([17.227.140.124]) by asmtp022.mac.com (Sun Java(tm) System Messaging Server 6.3-6.03 (built Mar 14 2008; 32bit)) with ESMTPSA id <0K4600DOWCOWW863@asmtp022.mac.com> for freebsd-net@freebsd.org; Thu, 17 Jul 2008 16:46:09 -0700 (PDT) Sender: cswiger@mac.com Message-id: <7CD8CD0E-0150-438C-BD50-D2A8C2210280@mac.com> From: Chuck Swiger To: Max Laier In-reply-to: <200807180135.35912.max@love2party.net> Date: Thu, 17 Jul 2008 16:46:08 -0700 References: <743720911.20080717222210@rulez.sk> <487FC8B1.4070003@FreeBSD.org> <615CAFFA-48AF-4207-A838-B8AB58B6EE76@mac.com> <200807180135.35912.max@love2party.net> X-Mailer: Apple Mail (2.928.1) Cc: freebsd-net@freebsd.org Subject: Re: etc/rc.firewall6 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2008 00:07:26 -0000 On Jul 17, 2008, at 4:35 PM, Max Laier wrote: >> David Mills' ntpd uses port 123 on both sides, true. Other NTP >> implementations tend to use ephemeral ports; a quick histogram of 30 >> seconds or so of traffic to a stratum-2 NTP server suggests about >> half >> of the NTP traffic out there uses other ports. > > Don't forget PNAT. I'd also argue that the rc.firewall6 in base is > supposed to work with the ntpd in base. We should, however, not > forget > about ntpdate, which seems to use ephemeral ports. Certainly some forms of NAT might also "scrub" ntpd's use of port 123 to some random higher port, true enough. It's not recommended that machines providing time service to others have NAT in the way, though, so that circumstance wasn't at the top of my mind. :-) -- -Chuck From owner-freebsd-net@FreeBSD.ORG Fri Jul 18 08:28:38 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BEEF6106567B for ; Fri, 18 Jul 2008 08:28:38 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: from smtp.zeninc.net (smtp.zeninc.net [80.67.176.25]) by mx1.freebsd.org (Postfix) with ESMTP id 436E28FC18 for ; Fri, 18 Jul 2008 08:28:37 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: by smtp.zeninc.net (smtpd, from userid 1000) id E6A603F7B; Fri, 18 Jul 2008 10:28:34 +0200 (CEST) Date: Fri, 18 Jul 2008 10:28:34 +0200 From: VANHULLEBUS Yvan To: freebsd-net@freebsd.org Message-ID: <20080718082834.GA11096@zen.inc> References: <20080630040103.94730.qmail@mailgate.gta.com> <486A45AB.2080609@freebsd.org> <487EC62A.3070301@freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <487EC62A.3070301@freebsd.org> User-Agent: All mail clients suck. This one just sucks less. Subject: Re: FreeBSD NAT-T patch integration [CFR/CFT] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2008 08:28:38 -0000 On Wed, Jul 16, 2008 at 09:10:18PM -0700, Sam Leffler wrote: [...] > Please test/review the following patch against HEAD: > > http://people.freebsd.org/~sam/nat_t-20080616.patch For those who may be interested,I ported Sam's changes to FreeBSD7, the patch is here: http://people.freebsd.org/~vanhu/patch-natt-test-releng7-20080717.diff Please note that this patch has NOT been pushed to the "official" location for NAT-T patches, as I did NOT test it for now (kernel has been compiled successfully, but I'll only be able to switch to it tomorrow, as I actually use the tunnel to that gate to access it). > This adds only the kernel portion of the NAT-T support; you must provide > the user-level code from another place. Note for people who are interested: user-level code comes from ipsec-tools, as for previous versions of the NAT-T patch. Sam's changes have only impacts on the kernel itself, so if you are already running a FreeBSD kernel+userland with NAT-T patchset, you'll only need to repatch/rebuild your kernel, rebuilding world (at least includes) and ipsec-tools is NOT needed. Of course, if you're running a FreeBSD host which actually does know NOTHING about NAT-T, you'll need to apply the patch, rebuild your kernel, at least rebuild includes (or ipsec-tools won't detect NAT-T support), then rebuild ipsec-tools. But that was already the procedure with previous versions of the patch. > The main difference from the patches floating around are in the > ctloutput path (adding proper locking for HEAD) and decap of ESP-in-UDP > frames. Assuming folks are ok w/ these changes I'll commit to HEAD. > Once this stuff goes in we can look at getting the user-mode mods into > the tree. I reported your changes on locking system (and just changed INP_WLOCKS to INP_LOCKS) on the RELENG7 version, is that ok ? While I'm here, a few words about authors and contributors of the patch, just to ensure it has been told at least once :-) Original authors of the patch are Emmanuel Dreyfus (manu at NetBSD.org, for the NetBSD version) and me (for the FreeBSD version), when patches for both BSDs were very similar. Larry ported the patch to FAST_IPSEC stack (Larry, I'm quite sure you also reported other patches, but I don't remember exactly what). Bjoern reported some fixes. I ported the patch to FreeBSD7 and to actual HEAD, and also made some other various things on it. Sam made the changes we're talking about in that thread. Matthew did a LOT of tests with various implementations and reported bugs. I would also like to thanks Julien VANHERZEELE, which is the guy at my works who does IPSec qualification, and who also set up lots of tests related to NAT-T for years. If some other people reported me some patches / bugs and have not been cited here, please accept my apologies for such a bad memory. If some other people have some patches, bug reports, etc... related to that patch, please report them as soon as possible ! Yvan. -- NETASQ http://www.netasq.com From owner-freebsd-net@FreeBSD.ORG Fri Jul 18 11:23:28 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 59AB51065675 for ; Fri, 18 Jul 2008 11:23:28 +0000 (UTC) (envelope-from onemda@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.228]) by mx1.freebsd.org (Postfix) with ESMTP id 1CBEB8FC13 for ; Fri, 18 Jul 2008 11:23:28 +0000 (UTC) (envelope-from onemda@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so346476rvf.43 for ; Fri, 18 Jul 2008 04:23:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=95ZibD323pHnmdtc18lUz4wS5m/D2B8OlrHsw06e6nA=; b=nE8qhQHaLf3Zs8Zl6bRnXSaE/Ey5T9DWqPYsaNu0donRqfLdbChFbekvh1vG+w3lSe wVwuRr+aTcBKSwcGBD3563GCAciHjbQ8tkj1BPuv+HVho3qiYrTy1ZlHi3I5toKM+4iP S5q3uSQbTH03iO7013kJGNJVm6b5t6NTb2v6w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=TTDOX1DotgD0/ZZJwUHF9Ew28cA3icYcZ8cvocQWwcqhiDTQGvALI5EJfNowLPr/SM b/AxuN6fSoP167TrAmhtK3pmLK0LkU9kp36vANtkV6hrgaKO6tvO1256VaRPTfnU4q03 8zhW1nSarR71Xw/7Mc27yojEAegxZNxM12SAs= Received: by 10.141.89.13 with SMTP id r13mr1820361rvl.88.1216378697407; Fri, 18 Jul 2008 03:58:17 -0700 (PDT) Received: by 10.141.86.19 with HTTP; Fri, 18 Jul 2008 03:58:17 -0700 (PDT) Message-ID: <3a142e750807180358i4e3baa3m9ebe7cad357fe2cf@mail.gmail.com> Date: Fri, 18 Jul 2008 12:58:17 +0200 From: "Paul B. Mahol" To: "Andrew Thompson" In-Reply-To: <200807171650.m6HGo4aK018239@freefall.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200807171650.m6HGo4aK018239@freefall.freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: kern/125181: [ndis] [patch] with wep enters kdb.enter.unknown, panics X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2008 11:23:28 -0000 On 7/17/08, Andrew Thompson wrote: > The following reply was made to PR kern/125181; it has been noted by GNATS. > > From: Andrew Thompson > To: Coleman Kane > Cc: bug-followup@FreeBSD.org, onemda@gmail.com > Subject: Re: kern/125181: [ndis] [patch] with wep enters kdb.enter.unknown, > panics > Date: Thu, 17 Jul 2008 09:43:42 -0700 > > On Thu, Jul 17, 2008 at 12:09:52PM -0400, Coleman Kane wrote: > > Andrew, > > > > I got directed to this PR by onemda@gmail.com (Paul D. Mahol), who's > > been helping me track down some edge cases in the if_ndis locking > > rewrite. I am not 100% familiar with the locking semantics in play here > > (IEEE80211 and VAPs), so I wanted to run it by you before I determine > > that it seems to be working well for me. > > I dont think ndis should be reaching into the net80211 lock. Now that > ndis uses a regular mutex its a good chance to add mtx_asserts in the > right places and get the locking up to speed. I will try to post a patch > soon unless someone beats be to it. Patch impact on performance is marginal if not completely irrelevant. The only way to improve code in that file is rewritting offending functions. And at end net80211 lock would be still there (called via some other function). From owner-freebsd-net@FreeBSD.ORG Fri Jul 18 14:08:29 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A77B6106564A for ; Fri, 18 Jul 2008 14:08:29 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from shrew.net (shrew.net [206.223.169.85]) by mx1.freebsd.org (Postfix) with ESMTP id 68F2B8FC1C for ; Fri, 18 Jul 2008 14:08:29 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from localhost (wm-ca.hub.org [206.223.169.82]) by shrew.net (Postfix) with ESMTP id 7941D79E30A for ; Fri, 18 Jul 2008 09:08:29 -0500 (CDT) Received: from shrew.net ([206.223.169.85]) by localhost (mx1.hub.org [206.223.169.82]) (amavisd-new, port 10024) with ESMTP id 43529-06 for ; Fri, 18 Jul 2008 14:08:29 +0000 (UTC) Received: from hole.shrew.net (cpe-70-113-206-103.austin.res.rr.com [70.113.206.103]) by shrew.net (Postfix) with ESMTP id BCF4A79E26A for ; Fri, 18 Jul 2008 09:08:28 -0500 (CDT) Received: from [10.22.200.30] ([10.22.200.30]) by hole.shrew.net (8.14.2/8.14.2) with ESMTP id m6IE8QIl044015 for ; Fri, 18 Jul 2008 09:08:26 -0500 (CDT) (envelope-from mgrooms@shrew.net) Message-ID: <4880A3D7.5020300@shrew.net> Date: Fri, 18 Jul 2008 09:08:23 -0500 From: Matthew Grooms User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: freebsd-net@freebsd.org References: <4880973B.2010200@shrew.net> In-Reply-To: <4880973B.2010200@shrew.net> Content-Type: multipart/mixed; boundary="------------020802050609030006070708" Subject: Re: FreeBSD NAT-T patch integration [CFR/CFT] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2008 14:08:29 -0000 This is a multi-part message in MIME format. --------------020802050609030006070708 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit > On Wed, Jul 16, 2008 at 09:10:18PM -0700, Sam Leffler wrote: > > > This adds only the kernel portion of the NAT-T support; you must provide > > the user-level code from another place. > > Note for people who are interested: > user-level code comes from ipsec-tools, as for previous versions of > the NAT-T patch. > > Sam's changes have only impacts on the kernel itself, so if you are > already running a FreeBSD kernel+userland with NAT-T patchset, you'll > only need to repatch/rebuild your kernel, rebuilding world (at least > includes) and ipsec-tools is NOT needed. > > Of course, if you're running a FreeBSD host which actually does know > NOTHING about NAT-T, you'll need to apply the patch, rebuild your > kernel, at least rebuild includes (or ipsec-tools won't detect NAT-T > support), then rebuild ipsec-tools. > For anyone trying to install ipsec-tools to test this patch, its worth mentioning that the port has a build issues on CURRENT. This has been corrected in cvs and the 7-branch of ipsec-tools. As a quick remedy, a patch is attached that can be applied to the port work sources. -Matthew --------------020802050609030006070708 Content-Type: text/plain; name="ipsec-tools-fbsd8.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="ipsec-tools-fbsd8.diff" Index: src/racoon/crypto_openssl.c =================================================================== RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c,v retrieving revision 1.11.6.1 diff -u -r1.11.6.1 crypto_openssl.c --- src/racoon/crypto_openssl.c 18 Dec 2006 10:18:10 -0000 1.11.6.1 +++ src/racoon/crypto_openssl.c 18 Jul 2008 13:45:05 -0000 @@ -675,7 +675,7 @@ { plog(LLV_ERROR, LOCATION, NULL, "data is not terminated by NUL."); - hexdump(gen->d.ia5->data, gen->d.ia5->length + 1); + racoon_hexdump(gen->d.ia5->data, gen->d.ia5->length + 1); goto end; } Index: src/racoon/eaytest.c =================================================================== RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/eaytest.c,v retrieving revision 1.7.6.1 diff -u -r1.7.6.1 eaytest.c --- src/racoon/eaytest.c 6 Jun 2007 15:36:38 -0000 1.7.6.1 +++ src/racoon/eaytest.c 18 Jul 2008 13:45:05 -0000 @@ -65,7 +65,7 @@ #include "package_version.h" -#define PVDUMP(var) hexdump((var)->v, (var)->l) +#define PVDUMP(var) racoon_hexdump((var)->v, (var)->l) /*#define CERTTEST_BROKEN */ Index: src/racoon/misc.c =================================================================== RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/misc.c,v retrieving revision 1.4 diff -u -r1.4 misc.c --- src/racoon/misc.c 9 Sep 2006 16:22:09 -0000 1.4 +++ src/racoon/misc.c 18 Jul 2008 13:45:05 -0000 @@ -73,7 +73,7 @@ #endif int -hexdump(buf0, len) +racoon_hexdump(buf0, len) void *buf0; size_t len; { Index: src/racoon/misc.h =================================================================== RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/misc.h,v retrieving revision 1.4 diff -u -r1.4 misc.h --- src/racoon/misc.h 9 Sep 2006 16:22:09 -0000 1.4 +++ src/racoon/misc.h 18 Jul 2008 13:45:05 -0000 @@ -42,7 +42,7 @@ #define LOCATION debug_location(__FILE__, __LINE__, NULL) #endif -extern int hexdump __P((void *, size_t)); +extern int racoon_hexdump __P((void *, size_t)); extern char *bit2str __P((int, int)); extern void *get_newbuf __P((void *, size_t)); extern const char *debug_location __P((const char *, int, const char *)); Index: src/racoon/racoonctl.c =================================================================== RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/racoonctl.c,v retrieving revision 1.7 diff -u -r1.7 racoonctl.c --- src/racoon/racoonctl.c 2 Oct 2006 07:12:26 -0000 1.7 +++ src/racoon/racoonctl.c 18 Jul 2008 13:45:06 -0000 @@ -303,7 +303,7 @@ err(1, "kmpstat"); if (loglevel) - hexdump(combuf, ((struct admin_com *)combuf)->ac_len); + racoon_hexdump(combuf, ((struct admin_com *)combuf)->ac_len); com_init(); --------------020802050609030006070708-- From owner-freebsd-net@FreeBSD.ORG Fri Jul 18 14:32:53 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 864371065675 for ; Fri, 18 Jul 2008 14:32:53 +0000 (UTC) (envelope-from ticso@cicely7.cicely.de) Received: from raven.bwct.de (raven.bwct.de [85.159.14.73]) by mx1.freebsd.org (Postfix) with ESMTP id C89678FC12 for ; Fri, 18 Jul 2008 14:32:52 +0000 (UTC) (envelope-from ticso@cicely7.cicely.de) Received: from cicely5.cicely.de ([10.1.1.7]) by raven.bwct.de (8.13.4/8.13.4) with ESMTP id m6IDxaao029101 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 18 Jul 2008 15:59:37 +0200 (CEST) (envelope-from ticso@cicely7.cicely.de) Received: from cicely7.cicely.de (cicely7.cicely.de [10.1.1.9]) by cicely5.cicely.de (8.14.2/8.14.2) with ESMTP id m6IDxWbi026162 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 18 Jul 2008 15:59:32 +0200 (CEST) (envelope-from ticso@cicely7.cicely.de) Received: from cicely7.cicely.de (localhost [127.0.0.1]) by cicely7.cicely.de (8.14.2/8.14.2) with ESMTP id m6IDxW51048121; Fri, 18 Jul 2008 15:59:32 +0200 (CEST) (envelope-from ticso@cicely7.cicely.de) Received: (from ticso@localhost) by cicely7.cicely.de (8.14.2/8.14.2/Submit) id m6IDxWjT048120; Fri, 18 Jul 2008 15:59:32 +0200 (CEST) (envelope-from ticso) Date: Fri, 18 Jul 2008 15:59:31 +0200 From: Bernd Walter To: freebsd-net@freebsd.org Message-ID: <20080718135931.GA48087@cicely7.cicely.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Operating-System: FreeBSD cicely7.cicely.de 7.0-STABLE i386 User-Agent: Mutt/1.5.11 X-Spam-Status: No, score=-4.3 required=5.0 tests=ALL_TRUSTED=-1.8, AWL=0.146, BAYES_00=-2.599 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on spamd.cicely.de Cc: Bernd Walter Subject: TCP zombie connections with 7-RELEASE and STABLE from 15th june X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ticso@cicely.de List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2008 14:32:53 -0000 14:45:58.109631 IP 213.83.6.106.3270 > 85.159.14.110.443: S 470580731:470580731(0) win 32768 14:45:58.109753 IP 85.159.14.110.443 > 213.83.6.106.3270: S 1364510055:1364510055(0) ack 470580732 win 65535 14:45:58.114324 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 1 win 33304 14:45:59.816810 IP 213.83.6.106.3270 > 85.159.14.110.443: F 1:1(0) ack 1 win 33304 14:45:59.816900 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 2 win 8326 14:45:59.818445 IP 85.159.14.110.443 > 213.83.6.106.3270: F 1:1(0) ack 2 win 8326 14:45:59.822859 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.415401 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 1 win 0 14:46:00.420082 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.420139 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.424772 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.424847 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.429065 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.429089 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.433247 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.433305 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.437641 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.437700 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.442408 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.442445 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.447231 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.447291 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.451525 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.451587 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.455957 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.456024 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.460666 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.460732 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:00.465092 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:00.465150 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 [...] 14:46:31.182624 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:31.182978 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.183006 IP 85.159.14.110.443 > 213.83.6.106.3270: . ack 1 win 65535 14:46:31.183146 IP 85.159.14.110.443 > 213.83.6.106.3270: F 1:1(0) ack 1 win 65535 14:46:31.183173 IP 85.159.14.110.443 > 213.83.6.106.3270: F 1:1(0) ack 1 win 65535 14:46:31.184038 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.184124 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.184157 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.184740 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.185174 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.186762 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.187366 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.187380 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 14:46:31.187573 IP 213.83.6.106.3270 > 85.159.14.110.443: . ack 2 win 33303 443 is a self written server, but it also happens with port 80 and sslproxy. The client is a telnet, which disconnects directly after connecting, so the disconnect is initiated from the client, which seems to be important for this problem to trigger. You can see that the FIN handshake completes and netstat on the client box shows the connection in TIME_WAIT. The server however has the connection still in ESTABLISHED state. What happens in the application code looks quite silly. I do a typical accept loop and then I process the data in a new thread. After my thread terminates and closes it's filedescriptor the select loop accepts the old connection again. This doesn't happen in every case but almost always. Finally after 30 seconds without data to read my newly created thread closes the zombie connection again. The question is why accept returns me a filedescriptor for a connection which was already returned and should have been closed? -- B.Walter http://www.bwct.de Modbus/TCP Ethernet I/O Baugruppen, ARM basierte FreeBSD Rechner uvm. From owner-freebsd-net@FreeBSD.ORG Fri Jul 18 19:43:54 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B46F2106566B for ; Fri, 18 Jul 2008 19:43:54 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from shrew.net (shrew.net [206.223.169.85]) by mx1.freebsd.org (Postfix) with ESMTP id 9299F8FC17 for ; Fri, 18 Jul 2008 19:43:54 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from localhost (wm-ca.hub.org [206.223.169.82]) by shrew.net (Postfix) with ESMTP id 5C28179E30A for ; Fri, 18 Jul 2008 14:43:53 -0500 (CDT) Received: from shrew.net ([206.223.169.85]) by localhost (mx1.hub.org [206.223.169.82]) (amavisd-new, port 10024) with ESMTP id 86393-10 for ; Fri, 18 Jul 2008 19:43:53 +0000 (UTC) Received: from hole.shrew.net (cpe-70-113-206-103.austin.res.rr.com [70.113.206.103]) by shrew.net (Postfix) with ESMTP id B4E0979E26A for ; Fri, 18 Jul 2008 14:43:52 -0500 (CDT) Received: from [10.22.200.30] ([10.22.200.30]) by hole.shrew.net (8.14.2/8.14.2) with ESMTP id m6IJhnB5046162 for ; Fri, 18 Jul 2008 14:43:49 -0500 (CDT) (envelope-from mgrooms@shrew.net) Message-ID: <4880F273.1090802@shrew.net> Date: Fri, 18 Jul 2008 14:43:47 -0500 From: Matthew Grooms User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Help with tap device configuration oddity X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2008 19:43:54 -0000 All, I noticed a problem with some software I wrote for FreeBSD using tap devices. It would appear that you get inconsistent results from ioctl calls SIOCSIFADDR and SIOCSIFNETMASK when used with tap than when used with a real Ethernet device. I wrote a quick test program to demonstrate this which can be found at the following url ... http://hole.shrew.net/~mgrooms/files/taptest.cpp g++ taptest.cpp -o taptest USAGE : taptest
[ifname] Specify the ifname parameter to configure an existing adapter. Omit the ifname paramter to create a tap device and configure it instead. When I use this with an Ethernet device on CURRENT, I get normal results ... # ./taptest 10.1.2.3 255.255.255.0 1350 le1 ii : configured adapter le1 [10.1.2.3/255.255.255.0 MTU 1350] le1: flags=8843 metric 0 mtu 1350 options=8 ether 00:0c:29:bd:60:2b inet 10.1.2.3 netmask 0xffffff00 broadcast 10.1.2.255 media: Ethernet autoselect status: active # netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 10.aa.bbb.c UGS 0 89 le0 10.1.2.0/24 link#2 UC 0 0 le1 ... When I use this with a tap device on CURRENT, I always get a wacky 10/8 route added and no 10.2.3/24 route like you would expect ... # ./taptest 10.2.3.4 255.255.255.0 1350 creating tap device ii : opened tap device /dev/tap0 ii : configured adapter tap0 [10.2.3.4/255.255.255.0 MTU 1350] tap0: flags=8843 metric 0 mtu 1350 ether 00:bd:59:d2:02:00 inet 10.1.2.3 netmask 0xffffff00 broadcast 10.1.2.255 Opened by PID 1497 # netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 10.aa.bbb.c UGS 0 89 le0 10.0.0.0/8 link#5 UC 0 0 tap0 This really messes with traffic that should go out the default route. I tested this on 6.2-RELEASE as well and got similar results ... # netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 10.a.b.c UGS 0 5940 lnc0 10 link#7 UC 0 0 tap0 Can someone please explain this to me? Thanks in advance, -Matthew From owner-freebsd-net@FreeBSD.ORG Sat Jul 19 01:40:53 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A2AC21065670 for ; Sat, 19 Jul 2008 01:40:53 +0000 (UTC) (envelope-from lab@gta.com) Received: from mailgate.gta.com (mailgate.gta.com [199.120.225.20]) by mx1.freebsd.org (Postfix) with SMTP id D7BC38FC15 for ; Sat, 19 Jul 2008 01:40:51 +0000 (UTC) (envelope-from lab@gta.com) Received: (qmail 90733 invoked by uid 1000); 19 Jul 2008 01:40:51 -0000 Date: Fri, 18 Jul 2008 21:40:51 -0400 From: Larry Baird To: Sam Leffler Message-ID: <20080719014051.GA80850@gta.com> References: <20080630040103.94730.qmail@mailgate.gta.com> <486A45AB.2080609@freebsd.org> <487EC62A.3070301@freebsd.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="YZ5djTAD1cGYuMQK" Content-Disposition: inline In-Reply-To: <487EC62A.3070301@freebsd.org> User-Agent: Mutt/1.4.2.3i X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org, vanhu_bsd@zeninc.net Subject: Re: FreeBSD NAT-T patch integration [CFR/CFT] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2008 01:40:53 -0000 --YZ5djTAD1cGYuMQK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sam, > The main difference from the patches floating around are in the > ctloutput path (adding proper locking for HEAD) and decap of ESP-in-UDP > frames. Assuming folks are ok w/ these changes I'll commit to HEAD. > Once this stuff goes in we can look at getting the user-mode mods into > the tree. Didn't get the free time I thought I would have today. Hopefully over the weekend I will get time to finish reviewing the patch. I have attached the patch against head for ipsec_mbuf.c. Now that FreeBSD has a svn respository, creating diffs against head is trivial. (-: Larry -- ------------------------------------------------------------------------ Larry Baird | http://www.gta.com Global Technology Associates, Inc. | Orlando, FL Email: lab@gta.com | TEL 407-380-0220, FAX 407-380-6080 --YZ5djTAD1cGYuMQK-- From owner-freebsd-net@FreeBSD.ORG Sat Jul 19 03:39:51 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6765A106566B for ; Sat, 19 Jul 2008 03:39:51 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143]) by mx1.freebsd.org (Postfix) with ESMTP id D3EB18FC0C for ; Sat, 19 Jul 2008 03:39:49 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (smithi@localhost) by gaia.nimnet.asn.au (8.8.8/8.8.8R1.5) with SMTP id NAA04862; Sat, 19 Jul 2008 13:39:37 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Sat, 19 Jul 2008 13:39:35 +1000 (EST) From: Ian Smith To: Julian Elischer In-Reply-To: <487F9CFB.2080901@elischer.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: FreeBSD Net Subject: Re: Requesting comments on Multi-routing table usage X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2008 03:39:51 -0000 On Thu, 17 Jul 2008, Julian Elischer wrote: > Julian Elischer wrote: > > Ian Smith wrote: > >> On Thu, 17 Jul 2008, Julian Elischer wrote: > >> > The current code in -current will add a new interface to all > >> > FIBs. [..] > >> Yes in addition to 'setfib N command' it would be likely useful to have > >> a more global 'setfibto' type command, so you could run whole scripts or > >> shells in a known fib context, to which scripts etc could be oblivious? > > > > that's already possible with setfib.. > > setfib N sh script is going to do that.. Yeah, guess I was thinking more of setting fixed FIB context 'from now on' which I think your ifconfig solution below probably best addresses. > > The issue I have is with the routes that are added to routing tables > > when an interface is added.. It's a specific instance that is tricky > > because it's a side effect rather than a directly requested action. > > > > what some people have asked to do is have multiple tunnels to the same > > place but have different routing tables specify different tunnels to get > > to that place.. > > > > e.g. > > > > gre0 1.1.1.1 2.2.2.2 > > gre1 3.3.3.3 2.2.2.2 > > gre2 4.4.4.4 2.2.2.2 > > > > where in fib 0 the route to 2.2.2.2 is via gre0 > > and in fib1 it is via gre1 > > and in fib2 it is via gre2 > > then you can use setfib in ipfw and pf to use different tunnels to get > > selected traffic to 2.2.2.2.. > > > > This is what is being asked for, but you can only add the > > interfaces like that if ifconfig only effects differnet FIBS for each > > interface. > > hmmm that makes me think that maybe an ifconfig command to associate > a FIB with an interface might do the trick... > if it's not associated with a FIB it get to all of them, but if > you have previously associated it wit a FIB, then only that FIB is > affected. > > That may just be a good enough answer. Do you have some suggested syntax for the ifconfig command? I may well just be blowing smoke here, and only lightly browsed this stuff earlier (with interest) but I wonder whether a choice between all FIBs and just one is too, well, binary for all possible situations, and whether some situations might wish to refer to some set of FIBs? And if so, rather than any complicated set manipulation, this could be accomplished - if needed - by having a '-option' syntax as is common to ifconfig arguments, to remove a particular FIB(s) from the ALL set? Just till someone equipped with proper net-fu turns up to comment :) cheers, Ian From owner-freebsd-net@FreeBSD.ORG Sat Jul 19 13:24:24 2008 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 644DA1065670; Sat, 19 Jul 2008 13:24:24 +0000 (UTC) (envelope-from gonzo@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 236CA8FC08; Sat, 19 Jul 2008 13:24:24 +0000 (UTC) (envelope-from gonzo@FreeBSD.org) Received: from freefall.freebsd.org (gonzo@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m6JDOOHu019877; Sat, 19 Jul 2008 13:24:24 GMT (envelope-from gonzo@freefall.freebsd.org) Received: (from gonzo@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m6JDONgi019873; Sat, 19 Jul 2008 13:24:23 GMT (envelope-from gonzo) Date: Sat, 19 Jul 2008 13:24:23 GMT Message-Id: <200807191324.m6JDONgi019873@freefall.freebsd.org> To: steve.jones@codeweavers.net, gonzo@FreeBSD.org, freebsd-net@FreeBSD.org, gonzo@FreeBSD.org From: gonzo@FreeBSD.org Cc: Subject: Re: kern/125442: [carp][lagg] CARP combined with LAGG causes system panic - 7.0/amd64 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2008 13:24:24 -0000 Synopsis: [carp][lagg] CARP combined with LAGG causes system panic - 7.0/amd64 State-Changed-From-To: open->feedback State-Changed-By: gonzo State-Changed-When: Sat Jul 19 13:23:55 UTC 2008 State-Changed-Why: I'll take it. Responsible-Changed-From-To: freebsd-net->gonzo Responsible-Changed-By: gonzo Responsible-Changed-When: Sat Jul 19 13:23:55 UTC 2008 Responsible-Changed-Why: I'll take it. http://www.freebsd.org/cgi/query-pr.cgi?pr=125442 From owner-freebsd-net@FreeBSD.ORG Sat Jul 19 19:08:22 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DBFC106564A for ; Sat, 19 Jul 2008 19:08:22 +0000 (UTC) (envelope-from kungfujesus06@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.233]) by mx1.freebsd.org (Postfix) with ESMTP id D04158FC0C for ; Sat, 19 Jul 2008 19:08:21 +0000 (UTC) (envelope-from kungfujesus06@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so929239rvf.43 for ; Sat, 19 Jul 2008 12:08:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=k5uzXURb2uDFN9172pskehnI64BOw9fUiRdNbTVQ6Lg=; b=UVNxmXJ3Rivz+Hrvey0ypGmnSXDleD+jtQR0m0IRaOpE5pJDJk0YliizLvJYlIUz0B 8mBhLidhzt7uli5AWYX8fiybBq3zFl56FiDUNDDbV7f1lkl7N/OvzY0w4lrT890vME5s X08Jh7vBcBjCUvPj2Dn16V+GaWOHZrLcPgWqU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=MjcV0bzMtzV/Z8wno5FVRK10wRl8FzeC4z/tnEzMZQeXwsUb8kEPiSIDZEIZKuNyIw WOxTwXt2QoQJPJ+mwW5NH9UWWdEwa64EoJmrJJto201kJ1cX+QlQ6zd3RsB+JZY9eqm8 Zp6rRwO3GQc5Tm0Q/AbCPYU8HG/p+uhC8ngGc= Received: by 10.141.86.14 with SMTP id o14mr845619rvl.227.1216493042231; Sat, 19 Jul 2008 11:44:02 -0700 (PDT) Received: by 10.141.160.20 with HTTP; Sat, 19 Jul 2008 11:44:02 -0700 (PDT) Message-ID: <96af083b0807191144p38d49087kdfd3979f9c155ae8@mail.gmail.com> Date: Sat, 19 Jul 2008 14:44:02 -0400 From: "Adam Stylinski" To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: nfe driver X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2008 19:08:22 -0000 I have an mcp67 nforce networking controller using the nfe driver. I currently cannot set my MTU to anything higher than 1500. The controller definitely supports jumbo frames. Is there any hope of the BSD driver supporting it? I'm more than willing to test things out. I guess another question to ask would be if the newer kernel sources in freebsd-stable have support for jumbo frames on the MCP67 in the nfe driver. From owner-freebsd-net@FreeBSD.ORG Sat Jul 19 19:28:04 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6FB531065671 for ; Sat, 19 Jul 2008 19:28:04 +0000 (UTC) (envelope-from brad@comstyle.com) Received: from mail.comstyle.com (speedy.comstyle.com [IPv6:2001:470:1f07:471::2]) by mx1.freebsd.org (Postfix) with ESMTP id 171438FC15 for ; Sat, 19 Jul 2008 19:28:03 +0000 (UTC) (envelope-from brad@comstyle.com) Received: from [192.168.3.30] (toronto-hs-216-138-195-228.s-ip.magma.ca [216.138.195.228]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: brad) by mail.comstyle.com (Postfix) with ESMTPSA id 8823B98436; Sat, 19 Jul 2008 15:27:54 -0400 (EDT) From: Brad To: freebsd-net@freebsd.org Date: Sat, 19 Jul 2008 15:27:52 -0400 User-Agent: KMail/1.9.9 References: <96af083b0807191144p38d49087kdfd3979f9c155ae8@mail.gmail.com> In-Reply-To: <96af083b0807191144p38d49087kdfd3979f9c155ae8@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200807191527.53302.brad@comstyle.com> X-comstyle-MailScanner-Information: Please contact the ISP for more information X-MailScanner-ID: 8823B98436.09FCF X-comstyle-MailScanner: Found to be clean X-comstyle-MailScanner-From: brad@comstyle.com X-Spam-Status: No Cc: Adam Stylinski Subject: Re: nfe driver X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2008 19:28:04 -0000 On Saturday 19 July 2008 14:44:02 Adam Stylinski wrote: > The controller definitely supports jumbo frames. What proof do you have of this? > I guess another question to ask would be if the newer kernel sources in > freebsd-stable have support for jumbo frames on the MCP67 in the nfe > driver. No. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.