From owner-freebsd-net@FreeBSD.ORG Sun Apr 19 07:48:21 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 621341065670 for ; Sun, 19 Apr 2009 07:48:21 +0000 (UTC) (envelope-from jon.otterholm@ide.resurscentrum.se) Received: from mail1.cil.se (mail1.cil.se [217.197.56.125]) by mx1.freebsd.org (Postfix) with ESMTP id E65DE8FC12 for ; Sun, 19 Apr 2009 07:48:20 +0000 (UTC) (envelope-from jon.otterholm@ide.resurscentrum.se) Received: from 192.168.98.90 ([192.168.98.90]) by edusrv05.edu.irc.local ([192.168.44.14]) with Microsoft Exchange Server HTTP-DAV ; Sun, 19 Apr 2009 07:36:28 +0000 MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.5 User-Agent: Microsoft-Entourage/12.15.0.081119 Content-class: urn:content-classes:message Date: Sun, 19 Apr 2009 09:36:15 +0200 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Forwarding w/o promisc on 6.4 Thread-Index: AcnAwYUJE11BVzf5Wky25kEG35Ko6Q== From: "Jon Otterholm" To: Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Forwarding w/o promisc on 6.4 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Apr 2009 07:48:21 -0000 Hi. I have a router running 6.4R that does not forward packets if I disable PROMISC on the interface. Hardware is a Dell PE with two Intel 82541EI chipsets (if_em). I have a number (~100) of vlan-interfaces on em0. Everything works as aexpected = if I turn on PROMISC on em0 but forwarding stops if I disable it, I can still communicate with the router directly on the same logical network (for example pinging interface adress on a vlan_if from a client on that = vlan) but all forwarding stops. Some info: net.inet.ip.forwarding: 1 net.inet.ip.fastforwarding: 0 (enableing this does not help) net.inet.tcp.recvspace=3D1048576 net.inet.tcp.sendspace=3D1048576 kern.ipc.maxsockbuf=3D16777216 I use PF for filtering and disableing this does not help either. Anyone with a clue? //JO From owner-freebsd-net@FreeBSD.ORG Sun Apr 19 09:14:20 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 04233106566B for ; Sun, 19 Apr 2009 09:14:20 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id D3D498FC0C for ; Sun, 19 Apr 2009 09:14:19 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id 8B54A46B64; Sun, 19 Apr 2009 05:14:19 -0400 (EDT) Date: Sun, 19 Apr 2009 10:14:19 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Jon Otterholm In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: Forwarding w/o promisc on 6.4 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Apr 2009 09:14:20 -0000 On Sun, 19 Apr 2009, Jon Otterholm wrote: > I have a router running 6.4R that does not forward packets if I disable > PROMISC on the interface. Hardware is a Dell PE with two Intel 82541EI > chipsets (if_em). I have a number (~100) of vlan-interfaces on em0. > Everything works as aexpected if I turn on PROMISC on em0 but forwarding > stops if I disable it, I can still communicate with the router directly on > the same logical network (for example pinging interface adress on a vlan_if > from a client on that vlan) but all forwarding stops. Try disabling hardware VLAN taggging/processing? I believe you should be able to do this with "ifconfig em0 -vlanhwtag" (substituting appropriate interface names). It could be there's a bug in how hardware-optimized tag handling is being managed, as when promiscuous mode is used we re-insert vlan headers in software for the benefits of BPF. Robert N M Watson Computer Laboratory University of Cambridge > > Some info: > net.inet.ip.forwarding: 1 > net.inet.ip.fastforwarding: 0 (enableing this does not help) > net.inet.tcp.recvspace=1048576 > net.inet.tcp.sendspace=1048576 > kern.ipc.maxsockbuf=16777216 > > I use PF for filtering and disableing this does not help either. > > Anyone with a clue? > > //JO > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Sun Apr 19 20:52:58 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 112A91065673 for ; Sun, 19 Apr 2009 20:52:58 +0000 (UTC) (envelope-from jon.otterholm@ide.resurscentrum.se) Received: from mail1.cil.se (mail1.cil.se [217.197.56.125]) by mx1.freebsd.org (Postfix) with ESMTP id 991B38FC19 for ; Sun, 19 Apr 2009 20:52:57 +0000 (UTC) (envelope-from jon.otterholm@ide.resurscentrum.se) Received: from 192.168.98.90 ([192.168.98.90]) by edusrv05.edu.irc.local ([192.168.44.14]) with Microsoft Exchange Server HTTP-DAV ; Sun, 19 Apr 2009 20:53:09 +0000 User-Agent: Microsoft-Entourage/12.15.0.081119 Date: Sun, 19 Apr 2009 22:52:55 +0200 From: Jon Otterholm To: Robert Watson , "freebsd-net@freebsd.org" Message-ID: Thread-Topic: Forwarding w/o promisc on 6.4 Thread-Index: AcnBMNAO0E7R5tk7QEK44Os+3kX4VA== In-Reply-To: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Cc: Subject: Re: Forwarding w/o promisc on 6.4 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Apr 2009 20:52:58 -0000 On 2009-04-19 11.14, "Robert Watson" wrote: > On Sun, 19 Apr 2009, Jon Otterholm wrote: > >> I have a router running 6.4R that does not forward packets if I disable >> PROMISC on the interface. Hardware is a Dell PE with two Intel 82541EI >> chipsets (if_em). I have a number (~100) of vlan-interfaces on em0. >> Everything works as aexpected if I turn on PROMISC on em0 but forwarding >> stops if I disable it, I can still communicate with the router directly on >> the same logical network (for example pinging interface adress on a vlan_if >> from a client on that vlan) but all forwarding stops. > > Try disabling hardware VLAN taggging/processing? I believe you should be able > to do this with "ifconfig em0 -vlanhwtag" (substituting appropriate interface > names). It could be there's a bug in how hardware-optimized tag handling is > being managed, as when promiscuous mode is used we re-insert vlan headers in > software for the benefits of BPF. I tried doing this without any luck. Running GENERIC kernconf. //JO > > Robert N M Watson > Computer Laboratory > University of Cambridge > >> >> Some info: >> net.inet.ip.forwarding: 1 >> net.inet.ip.fastforwarding: 0 (enableing this does not help) >> net.inet.tcp.recvspace=1048576 >> net.inet.tcp.sendspace=1048576 >> kern.ipc.maxsockbuf=16777216 >> >> I use PF for filtering and disableing this does not help either. >> >> Anyone with a clue? >> >> //JO >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sun Apr 19 23:37:57 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 30420106564A for ; Sun, 19 Apr 2009 23:37:57 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from qw-out-2122.google.com (qw-out-2122.google.com [74.125.92.27]) by mx1.freebsd.org (Postfix) with ESMTP id D9F768FC16 for ; Sun, 19 Apr 2009 23:37:56 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: by qw-out-2122.google.com with SMTP id 3so319814qwe.7 for ; Sun, 19 Apr 2009 16:37:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=sJ7Hk53iIuTO9CcGatboDWfTbznbCFB6OgFauyOoxvw=; b=fXPneYh2tJzRYQ+AbzoHAoUnGFZ9VkBgDk2qgMaVa2a+B5iTFl2OB6QUTZxBx/MRAs tKN9d0Ulgy4G3ICRy0zp7jTvJ2iQ/zqhKTSZNlww3CeCg12K8YYc9EVgFlKxMktoRIG8 iDuTDNIbTbgW0/TuwAhdohe2xxwk1FcbIkoR4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=iI96NE6oJNHu6k89vJ20esa2ImhNDLFpYVFEptOCBbHhEn/ez0S6jJlCFDdECK3mqX AB60dNC58OuZIBMjAwctVIKjsn0XMsNUJlCL6v+NZARhdZcNsFQN9rWKaev/1KMMNVq4 cJtWjNFqq64TUGToxSdF78mf50g2HnW3r8spI= MIME-Version: 1.0 Sender: adrian.chadd@gmail.com Received: by 10.224.29.13 with SMTP id o13mr5633760qac.206.1240182986749; Sun, 19 Apr 2009 16:16:26 -0700 (PDT) In-Reply-To: <49EA4FBC.4040202@ibctech.ca> References: <49EA4FBC.4040202@ibctech.ca> Date: Mon, 20 Apr 2009 07:16:26 +0800 X-Google-Sender-Auth: 213c84513f6ff946 Message-ID: From: Adrian Chadd To: Steve Bertrand Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD Net Subject: Re: Route traffic on a gateway through SSH tunnel X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Apr 2009 23:37:57 -0000 G'day; 2009/4/19 Steve Bertrand : > I have a Squid proxy/content filter at my office that I would like to > route all 80/443 traffic from my home connection, through the proxy. The > proxy and the termination point of my home connection are located in two > different PoPs, within different ASs. Eww. People still use Squid? > My desire is to have this proxy-routing enabled within the network > hardware, as to not need to set application layer details on the PC(s) > at home. > > At this point, I have the FBSD (7.2) gateway device set up with an SSH > tunnel. The local tunnel endpoint terminates on a LAN interface which > utilizes 1918 space. It listens for traffic on 172.16.250.1:80, and > forwards it to the proxyIP:8080. When I configure a workstation's > Firefox to use 172.16.250.1:80 as a proxy, everything works as expected. > > Now, I need to figure out a way so that the same setup will work, but > with no proxy configured within Firefox. > > At this time, I'm recompiling the kernel on the gateway device to > include IPFIREWALL_FORWARD. I'm going to try a fwd rule to pass all > traffic destined to *:80 to 172.16.250.1:80, in hopes that the traffic > will be first redirected to itself, and therefore through the SSH tunnel > to the proxy. > > My past experience with this however, is that FBSD will complain that > the dst IP doesn't reside on the box. > > Does anyone have any suggestions or comments they can share regarding > such a setup? Well, i'd first look at what you're doing with the "fwd" next-hop rewriting. All ipfw fwd does is next-hop rewriting with an optional redirect-to-local-socket-termination feature. You need to redirect to a local squid or some other proxy which can do the DNS lookups as required (if required!) and bounce the request upstream. I'd suggest setting up Squid on your local CPE to handle the "ipfw fwd any 127.0.0.1:3128" redirection (and use http_port 127.0.0.1:3128 transparent in squid.conf) and then configure squid with a parent proxy (cache_peer, disable never_direct, etc) to talk exclusively to your upstream proxy(ies). 2c, Adrian From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 06:28:39 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F19A51065672 for ; Mon, 20 Apr 2009 06:28:39 +0000 (UTC) (envelope-from sergey@vavilov.org) Received: from mx2.sms-hit.ru (mx2.sms-hit.ru [195.137.200.46]) by mx1.freebsd.org (Postfix) with ESMTP id 6A3008FC17 for ; Mon, 20 Apr 2009 06:28:38 +0000 (UTC) (envelope-from sergey@vavilov.org) Received: from [10.100.10.3] (smsone.sms-hit.ru [10.100.10.3]) by mx2.sms-hit.ru (8.14.2/8.14.2) with ESMTP id n3K6SYII078928 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 20 Apr 2009 12:28:35 +0600 (YEKST) (envelope-from sergey@vavilov.org) Message-ID: <49EC1612.9080706@vavilov.org> Date: Mon, 20 Apr 2009 12:28:34 +0600 From: Sergey Vavilov User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: "freebsd-net@freebsd.org" References: <5D267A3F22FD854F8F48B3D2B5238193397DC21622@IRVEXCHCCR01.corp.ad.broadcom.com> In-Reply-To: <5D267A3F22FD854F8F48B3D2B5238193397DC21622@IRVEXCHCCR01.corp.ad.broadcom.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0 (mx2.sms-hit.ru [10.100.10.2]); Mon, 20 Apr 2009 12:28:35 +0600 (YEKST) Subject: ae on freebsd7.1 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 06:28:40 -0000 Hello guys! Somebody overcame the problem with Attansic L2 (http://www.attansic.com/english/products/index.html) fast ethernet interface on Freebsd-7.1-RELEASE? Thank you! Apr 15 12:25:32 alma kernel: ae0: watchdog timeout - resetting. Apr 15 12:25:32 alma kernel: ae0: link state changed to DOWN Apr 15 12:25:34 alma kernel: ae0: link state changed to UP Apr 15 13:24:17 alma kernel: ae0: Size mismatch: TxS:101 TxD:4862 Apr 15 13:24:17 alma kernel: ae0: Received stray Tx interrupt(s). Apr 15 13:24:38 alma kernel: ae0: Size mismatch: TxS:83 TxD:26988 Apr 15 13:24:42 alma kernel: ae0: watchdog timeout - resetting. Apr 15 13:24:42 alma kernel: ae0: link state changed to DOWN Apr 15 13:24:44 alma kernel: ae0: link state changed to UP Apr 19 20:37:31 alma kernel: ae0: watchdog timeout - resetting. Apr 19 20:37:31 alma kernel: ae0: link state changed to DOWN Apr 19 20:37:34 alma kernel: ae0: link state changed to UP Apr 19 22:01:31 alma kernel: ae0: Size mismatch: TxS:78 TxD:27458 Apr 19 22:01:31 alma kernel: ae0: Received stray Tx interrupt(s). Apr 19 22:04:30 alma kernel: ae0: watchdog timeout - resetting. Apr 19 22:04:30 alma kernel: ae0: link state changed to DOWN Apr 19 22:04:32 alma kernel: ae0: link state changed to UP Apr 19 23:13:24 alma kernel: ae0: Size mismatch: TxS:81 TxD:0 Apr 19 23:13:24 alma kernel: ae0: Received stray Tx interrupt(s). -- Sergey Vavilov, Perm, Russia From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 07:04:14 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9FC9D106566B for ; Mon, 20 Apr 2009 07:04:14 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com [66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id 74D388FC14 for ; Mon, 20 Apr 2009 07:04:14 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id E173031E23F; Mon, 20 Apr 2009 03:04:13 -0400 (EDT) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute1.internal (MEProxy); Mon, 20 Apr 2009 03:04:13 -0400 X-Sasl-enc: 0DzKFVB5DHUG19qEN3d8YaxT7520jtapGhomFch1vi0e 1240211053 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id 129362BE64; Mon, 20 Apr 2009 03:04:12 -0400 (EDT) Message-ID: <49EC1E6B.5080601@incunabulum.net> Date: Mon, 20 Apr 2009 08:04:11 +0100 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: Sergey Vavilov References: <5D267A3F22FD854F8F48B3D2B5238193397DC21622@IRVEXCHCCR01.corp.ad.broadcom.com> <49EC1612.9080706@vavilov.org> In-Reply-To: <49EC1612.9080706@vavilov.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "freebsd-net@freebsd.org" Subject: Re: ae on freebsd7.1 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 07:04:14 -0000 Sergey Vavilov wrote: > > Hello guys! > Somebody overcame the problem with Attansic L2 > (http://www.attansic.com/english/products/index.html) fast ethernet > interface on Freebsd-7.1-RELEASE? > Thank you! I've seen this happen after a suspend/resume cycle on the ASUS EeePC 701. It looks pretty normal, that is, without getting into the nitty gritty of how the driver is queueing frames (no free time for that), and the card will begin operating again OK after the watchdog timeout. My understanding is that the design of this part isn't great. Whether these TX interrupt issues are down to the design or driver I don't know. From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 11:06:56 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7438A106564A for ; Mon, 20 Apr 2009 11:06:56 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 60EA68FC2F for ; Mon, 20 Apr 2009 11:06:56 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n3KB6ugg033095 for ; Mon, 20 Apr 2009 11:06:56 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n3KB6tIW033091 for freebsd-net@FreeBSD.org; Mon, 20 Apr 2009 11:06:55 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 20 Apr 2009 11:06:55 GMT Message-Id: <200904201106.n3KB6tIW033091@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-net@FreeBSD.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 11:06:56 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/133736 net [udp] ip_id not protected ... o kern/133613 net [wpi] [panic] kernel panic in wpi(4) o kern/133595 net [panic] Kernel Panic at pcpu.h:195 o kern/133572 net [ppp] [hang] incoming PPTP connection hangs the system o kern/133490 net [bpf] [panic] 'kmem_map too small' panic on Dell r900 o kern/133328 net [bge] [panic] Kernel panics with Windows7 client o kern/133235 net [netinet] [patch] Process SIOCDLIFADDR command incorre o kern/133218 net [carp] [hang] use of carp(4) causes system to freeze o kern/133204 net [msk] msk driver timeouts o kern/133060 net [ipsec] [pfsync] [panic] Kernel panic with ipsec + pfs o kern/132991 net [bge] if_bge low performance problem o kern/132984 net [netgraph] swi1: net 100% cpu usage f bin/132911 net ip6fw(8): argument type of fill_icmptypes is wrong and o kern/132889 net [ndis] [panic] NDIS kernel crash on load BCM4321 AGN d o kern/132885 net [wlan] 802.1x broken after SVN rev 189592 o conf/132851 net [fib] [patch] allow to setup fib for service running f o kern/132832 net [netinet] [patch] tcp_output() might generate invalid o bin/132798 net [patch] ggatec(8): ggated/ggatec connection slowdown p o kern/132734 net [ifmib] [panic] panic in net/if_mib.c o kern/132722 net [ath] Wifi ath0 associates fine with AP, but DHCP or I o kern/132715 net [lagg] [panic] Panic when creating vlan's on lagg inte o kern/132705 net [libwrap] [patch] libwrap - infinite loop if hosts.all o kern/132672 net [ndis] [panic] ndis with rt2860.sys causes kernel pani o kern/132669 net [xl] 3c905-TX send DUP! in reply on ping (sometime) o kern/132625 net [iwn] iwn drivers don't support setting country o kern/132554 net [ipl] There is no ippool start script/ipfilter magic t o kern/132354 net [nat] Getting some packages to ipnat(8) causes crash o kern/132285 net [carp] alias gives incorrect hash in dmesg o kern/132277 net [crypto] [ipsec] poor performance using cryptodevice f o conf/132179 net [patch] /etc/network.subr: ipv6 rtsol on incorrect wla o kern/132107 net [carp] carp(4) advskew setting ignored when carp IP us o kern/131781 net [ndis] ndis keeps dropping the link o kern/131776 net [wi] driver fails to init o kern/131753 net [altq] [panic] kernel panic in hfsc_dequeue o bin/131567 net [socket] [patch] Update for regression/sockets/unix_cm o kern/131549 net ifconfig(8) can't clear 'monitor' mode on the wireless o kern/131536 net [netinet] [patch] kernel does allow manipulation of su o bin/131365 net route(8): route add changes interpretation of network o kern/131162 net [ath] Atheros driver bugginess and kernel crashes o kern/131153 net [iwi] iwi doesn't see a wireless network f kern/131087 net [ipw] [panic] ipw / iwi - no sent/received packets; iw f kern/130820 net [ndis] wpa_supplicant(8) returns 'no space on device' o kern/130628 net [nfs] NFS / rpc.lockd deadlock on 7.1-R o conf/130555 net [rc.d] [patch] No good way to set ipfilter variables a o kern/130525 net [ndis] [panic] 64 bit ar5008 ndisgen-erated driver cau o kern/130311 net [wlan_xauth] [panic] hostapd restart causing kernel pa o kern/130109 net [ipfw] Can not set fib for packets originated from loc f kern/130059 net [panic] Leaking 50k mbufs/hour o kern/129750 net [ath] Atheros AR5006 exits on "cannot map register spa f kern/129719 net [nfs] [panic] Panic during shutdown, tcp_ctloutput: in o kern/129580 net [ndis] Netgear WG311v3 (ndis) causes kenel trap at boo o kern/129517 net [ipsec] [panic] double fault / stack overflow o kern/129508 net [carp] [panic] Kernel panic with EtherIP (may be relat o kern/129352 net [xl] [patch] xl0 watchdog timeout o kern/129219 net [ppp] Kernel panic when using kernel mode ppp o kern/129197 net [panic] 7.0 IP stack related panic o kern/129135 net [vge] vge driver on a VIA mini-ITX not working o bin/128954 net ifconfig(8) deletes valid routes o kern/128917 net [wpi] [panic] if_wpi and wpa+tkip causing kernel panic o kern/128884 net [msk] if_msk page fault while in kernel mode o kern/128840 net [igb] page fault under load with igb/LRO o bin/128602 net [an] wpa_supplicant(8) crashes with an(4) o kern/128598 net [bluetooth] WARNING: attempt to net_add_domain(bluetoo o kern/128448 net [nfs] 6.4-RC1 Boot Fails if NFS Hostname cannot be res o conf/128334 net [request] use wpa_cli in the "WPA DHCP" situation o bin/128295 net [patch] ifconfig(8) does not print TOE4 or TOE6 capabi o bin/128001 net wpa_supplicant(8), wlan(4), and wi(4) issues o kern/127928 net [tcp] [patch] TCP bandwidth gets squeezed every time t o kern/127834 net [ixgbe] [patch] wrong error counting o kern/127826 net [iwi] iwi0 driver has reduced performance and connecti o kern/127815 net [gif] [patch] if_gif does not set vlan attributes from o kern/127724 net [rtalloc] rtfree: 0xc5a8f870 has 1 refs f bin/127719 net [arp] arp: Segmentation fault (core dumped) s kern/127587 net [bge] [request] if_bge(4) doesn't support BCM576X fami f kern/127528 net [icmp]: icmp socket receives icmp replies not owned by o bin/127192 net routed(8) removes the secondary alias IP of interface f kern/127145 net [wi]: prism (wi) driver crash at bigger traffic o kern/127102 net [wpi] Intel 3945ABG low throughput o kern/127057 net [udp] Unable to send UDP packet via IPv6 socket to IPv o kern/127050 net [carp] ipv6 does not work on carp interfaces [regressi o kern/126945 net [carp] CARP interface destruction with ifconfig destro o kern/126924 net [an] [patch] printf -> device_printf and simplify prob o kern/126895 net [patch] [ral] Add antenna selection (marked as TBD) o kern/126874 net [vlan]: Zebra problem if ifconfig vlanX destroy o bin/126822 net wpa_supplicant(8): WPA PSK does not work in adhoc mode o kern/126714 net [carp] CARP interface renaming makes system no longer o kern/126695 net rtfree messages and network disruption upon use of if_ o kern/126688 net [ixgbe] [patch] 1.4.7 ixgbe driver panic with 4GB and o kern/126475 net [ath] [panic] ath pcmcia card inevitably panics under o kern/126339 net [ipw] ipw driver drops the connection o kern/126214 net [ath] txpower problem with Atheros wifi card o kern/126075 net [inet] [patch] internet control accesses beyond end of o bin/125922 net [patch] Deadlock in arp(8) o kern/125920 net [arp] Kernel Routing Table loses Ethernet Link status o kern/125845 net [netinet] [patch] tcp_lro_rx() should make use of hard o kern/125816 net [carp] [if_bridge] carp stuck in init when using bridg f kern/125502 net [ral] ifconfig ral0 scan produces no output unless in o kern/125258 net [socket] socket's SO_REUSEADDR option does not work o kern/125239 net [gre] kernel crash when using gre o kern/125195 net [fxp] fxp(4) driver failed to initialize device Intel o kern/124904 net [fxp] EEPROM corruption with Compaq NC3163 NIC o kern/124767 net [iwi] Wireless connection using iwi0 driver (Intel 220 o kern/124753 net [ieee80211] net80211 discards power-save queue packets o kern/124341 net [ral] promiscuous mode for wireless device ral0 looses o kern/124160 net [libc] connect(2) function loops indefinitely o kern/124127 net [msk] watchdog timeout (missed Tx interrupts) -- recov o kern/124021 net [ip6] [panic] page fault in nd6_output() o kern/123968 net [rum] [panic] rum driver causes kernel panic with WPA. p kern/123961 net [vr] [patch] Allow vr interface to handle vlans o kern/123892 net [tap] [patch] No buffer space available o kern/123890 net [ppp] [panic] crash & reboot on work with PPP low-spee o kern/123858 net [stf] [patch] stf not usable behind a NAT o kern/123796 net [ipf] FreeBSD 6.1+VPN+ipnat+ipf: port mapping does not o bin/123633 net ifconfig(8) doesn't set inet and ether address in one f kern/123617 net [tcp] breaking connection when client downloading file o kern/123603 net [tcp] tcp_do_segment and Received duplicate SYN o kern/123559 net [iwi] iwi periodically disassociates/associates [regre o bin/123465 net [ip6] route(8): route add -inet6 -interfac o kern/123463 net [ipsec] [panic] repeatable crash related to ipsec-tool o kern/123429 net [nfe] [hang] "ifconfig nfe up" causes a hard system lo o kern/123347 net [bge] bge1: watchdog timeout -- linkstate changed to D o conf/123330 net [nsswitch.conf] Enabling samba wins in nsswitch.conf c o kern/123256 net [wpi] panic: blockable sleep lock with wpi(4) f kern/123172 net [bce] Watchdog timeout problems with if_bce o kern/123160 net [ip] Panic and reboot at sysctl kern.polling.enable=0 o kern/122989 net [swi] [panic] 6.3 kernel panic in swi1: net o kern/122954 net [lagg] IPv6 EUI64 incorrectly chosen for lagg devices o kern/122928 net [em] interface watchdog timeouts and stops receiving p f kern/122839 net [multicast] FreeBSD 7 multicast routing problem p kern/122794 net [lagg] Kernel panic after brings lagg(8) up if NICs ar o kern/122780 net [lagg] tcpdump on lagg interface during high pps wedge o kern/122772 net [em] em0 taskq panic, tcp reassembly bug causes radix o kern/122743 net [mbuf] [panic] vm_page_unwire: invalid wire count: 0 o kern/122697 net [ath] Atheros card is not well supported o kern/122685 net It is not visible passing packets in tcpdump(1) o kern/122551 net [bge] Broadcom 5715S no carrier on HP BL460c blade usi o kern/122319 net [wi] imposible to enable ad-hoc demo mode with Orinoco o kern/122290 net [netgraph] [panic] Netgraph related "kmem_map too smal f kern/122252 net [ipmi] [bge] IPMI problem with BCM5704 (does not work o kern/122195 net [ed] Alignment problems in if_ed o kern/122058 net [em] [panic] Panic on em1: taskq o kern/122033 net [ral] [lor] Lock order reversal in ral0 at bootup [reg o kern/121983 net [fxp] fxp0 MBUF and PAE o bin/121895 net [patch] rtsol(8)/rtsold(8) doesn't handle managed netw o kern/121872 net [wpi] driver fails to attach on a fujitsu-siemens s711 s kern/121774 net [swi] [panic] 6.3 kernel panic in swi1: net o kern/121706 net [netinet] [patch] "rtfree: 0xc4383870 has 1 refs" emit o kern/121624 net [em] [regression] Intel em WOL fails after upgrade to o kern/121555 net [panic] Fatal trap 12: current process = 12 (swi1: net o kern/121443 net [gif] [lor] icmp6_input/nd6_lookup o kern/121437 net [vlan] Routing to layer-2 address does not work on VLA o bin/121359 net [patch] ppp(8): fix local stack overflow in ppp o kern/121298 net [em] [panic] Fatal trap 12: page fault while in kernel o kern/121257 net [tcp] TSO + natd -> slow outgoing tcp traffic o kern/121181 net [panic] Fatal trap 3: breakpoint instruction fault whi o kern/121080 net [bge] IPv6 NUD problem on multi address config on bge0 o kern/120966 net [rum] kernel panic with if_rum and WPA encryption p docs/120945 net [patch] ip6(4) man page lacks documentation for TCLASS o kern/120566 net [request]: ifconfig(8) make order of arguments more fr o kern/120304 net [netgraph] [patch] netgraph source assumes 32-bit time o kern/120266 net [udp] [panic] gnugk causes kernel panic when closing U o kern/120232 net [nfe] [patch] Bring in nfe(4) to RELENG_6 o kern/120130 net [carp] [panic] carp causes kernel panics in any conste o bin/120060 net routed(8) deletes link-level routes in the presence of o kern/119945 net [rum] [panic] rum device in hostap mode, cause kernel o kern/119791 net [nfs] UDP NFS mount of aliased IP addresses from a Sol o kern/119617 net [nfs] nfs error on wpa network when reseting/shutdown f kern/119516 net [ip6] [panic] _mtx_lock_sleep: recursed on non-recursi o kern/119432 net [arp] route add -host -iface causes arp e o kern/119225 net [wi] 7.0-RC1 no carrier with Prism 2.5 wifi card [regr a bin/118987 net ifconfig(8): ifconfig -l (address_family) does not wor o sparc/118932 net [panic] 7.0-BETA4/sparc-64 kernel panic in rip_output a kern/118879 net [bge] [patch] bge has checksum problems on the 5703 ch o kern/118727 net [netgraph] [patch] [request] add new ng_pf module s kern/117717 net [panic] Kernel panic with Bittorrent client. o kern/117448 net [carp] 6.2 kernel crash [regression] o kern/117423 net [vlan] Duplicate IP on different interfaces o bin/117339 net [patch] route(8): loading routing management commands o kern/117271 net [tap] OpenVPN TAP uses 99% CPU on releng_6 when if_tap o kern/117043 net [em] Intel PWLA8492MT Dual-Port Network adapter EEPROM o kern/116837 net [tun] [panic] [patch] ifconfig tunX destroy: panic o kern/116747 net [ndis] FreeBSD 7.0-CURRENT crash with Dell TrueMobile o bin/116643 net [patch] [request] fstat(1): add INET/INET6 socket deta o kern/116328 net [bge]: Solid hang with bge interface o kern/116185 net [iwi] if_iwi driver leads system to reboot o kern/115239 net [ipnat] panic with 'kmem_map too small' using ipnat o kern/115019 net [netgraph] ng_ether upper hook packet flow stops on ad o kern/115002 net [wi] if_wi timeout. failed allocation (busy bit). ifco o kern/114915 net [patch] [pcn] pcn (sys/pci/if_pcn.c) ethernet driver f o kern/114839 net [fxp] fxp looses ability to speak with traffic o kern/113895 net [xl] xl0 fails on 6.2-RELEASE but worked fine on 5.5-R o kern/112722 net [ipsec] [udp] IP v4 udp fragmented packet reject o kern/112686 net [patm] patm driver freezes System (FreeBSD 6.2-p4) i38 o kern/112570 net [bge] packet loss with bge driver on BCM5704 chipset o bin/112557 net [patch] ppp(8) lock file should not use symlink name o kern/112528 net [nfs] NFS over TCP under load hangs with "impossible p o kern/111457 net [ral] ral(4) freeze o kern/110140 net [ipw] ipw fails under load o kern/109733 net [bge] bge link state issues [regression] o kern/109470 net [wi] Orinoco Classic Gold PC Card Can't Channel Hop o kern/109308 net [pppd] [panic] Multiple panics kernel ppp suspected [r o kern/109251 net [re] [patch] if_re cardbus card won't attach o bin/108895 net pppd(8): PPPoE dead connections on 6.2 [regression] o kern/108542 net [bce] Huge network latencies with 6.2-RELEASE / STABLE o kern/107944 net [wi] [patch] Forget to unlock mutex-locks o kern/107850 net [bce] bce driver link negotiation is faulty o conf/107035 net [patch] bridge(8): bridge interface given in rc.conf n o kern/106438 net [ipf] ipfilter: keep state does not seem to allow repl o kern/106316 net [dummynet] dummynet with multipass ipfw drops packets o kern/106243 net [nve] double fault panic in if_nve.c on high loads o kern/105945 net Address can disappear from network interface s kern/105943 net Network stack may modify read-only mbuf chain copies o bin/105925 net problems with ifconfig(8) and vlan(4) [regression] o kern/105348 net [ath] ath device stopps TX o kern/104851 net [inet6] [patch] On link routes not configured when usi o kern/104751 net [netgraph] kernel panic, when getting info about my tr o kern/104485 net [bge] Broadcom BCM5704C: Intermittent on newer chip ve o kern/103191 net Unpredictable reboot o kern/103135 net [ipsec] ipsec with ipfw divert (not NAT) encodes a pac o conf/102502 net [netgraph] [patch] ifconfig name does't rename netgrap o kern/102035 net [plip] plip networking disables parallel port printing o kern/101948 net [ipf] [panic] Kernel Panic Trap No 12 Page Fault - cau o kern/100709 net [libc] getaddrinfo(3) should return TTL info o kern/100519 net [netisr] suggestion to fix suboptimal network polling o kern/98978 net [ipf] [patch] ipfilter drops OOW packets under 6.1-Rel o kern/98597 net [inet6] Bug in FreeBSD 6.1 IPv6 link-local DAD procedu o bin/98218 net wpa_supplicant(8) blacklist not working f bin/97392 net ppp(8) hangs instead terminating o kern/97306 net [netgraph] NG_L2TP locks after connection with failed f kern/96268 net [socket] TCP socket performance drops by 3000% if pack o kern/96030 net [bfe] [patch] Install hangs with Broadcomm 440x NIC in o kern/95519 net [ral] ral0 could not map mbuf o kern/95288 net [pppd] [tty] [panic] if_ppp panic in sys/kern/tty_subr o kern/95277 net [netinet] [patch] IP Encapsulation mask_match() return o kern/95267 net packet drops periodically appear s kern/94863 net [bge] [patch] hack to get bge(4) working on IBM e326m o kern/94162 net [bge] 6.x kenel stale with bge(4) o kern/93886 net [ath] Atheros/D-Link DWL-G650 long delay to associate f kern/93378 net [tcp] Slow data transfer in Postfix and Cyrus IMAP (wo o kern/93019 net [ppp] ppp and tunX problems: no traffic after restarti o kern/92880 net [libc] [patch] almost rewritten inet_network(3) functi f kern/92552 net A serious bug in most network drivers from 5.X to 6.X s kern/92279 net [dc] Core faults everytime I reboot, possible NIC issu o kern/92090 net [bge] bge0: watchdog timeout -- resetting o kern/91859 net [ndis] if_ndis does not work with Asus WL-138 s kern/91777 net [ipf] [patch] wrong behaviour with skip rule inside an o kern/91594 net [em] FreeBSD > 5.4 w/ACPI fails to detect Intel Pro/10 o kern/91364 net [ral] [wep] WF-511 RT2500 Card PCI and WEP o kern/91311 net [aue] aue interface hanging o kern/90890 net [vr] Problems with network: vr0: tx shutdown timeout s kern/90086 net [hang] 5.4p8 on supermicro P8SCT hangs during boot if f kern/88082 net [ath] [panic] cts protection for ath0 causes panic o kern/87521 net [ipf] [panic] using ipfilter "auth" keyword leads to k o kern/87506 net [vr] [patch] Fix alias support on vr interfaces o kern/87194 net [fxp] fxp(4) promiscuous mode seems to corrupt hw-csum s kern/86920 net [ndis] ifconfig: SIOCS80211: Invalid argument [regress o kern/86103 net [ipf] Illegal NAT Traversal in IPFilter o kern/85780 net 'panic: bogus refcnt 0' in routing/ipv6 o bin/85445 net ifconfig(8): deprecated keyword to ifconfig inoperativ o kern/85266 net [xe] [patch] xe(4) driver does not recognise Xircom XE o kern/84202 net [ed] [patch] Holtek HT80232 PCI NIC recognition on Fre o bin/82975 net route change does not parse classfull network as given o kern/82497 net [vge] vge(4) on AMD64 only works when loaded late, not f kern/81644 net [vge] vge(4) does not work properly when loaded as a K s kern/81147 net [net] [patch] em0 reinitialization while adding aliase o kern/80853 net [ed] [patch] add support for Compex RL2000/ISA in PnP o kern/79895 net [ipf] 5.4-RC2 breaks ipfilter NAT when using netgraph f kern/79262 net [dc] Adaptec ANA-6922 not fully supported o bin/79228 net [patch] extend arp(8) to be able to create blackhole r o kern/78090 net [ipf] ipf filtering on bridged packets doesn't work if p kern/77913 net [wi] [patch] Add the APDL-325 WLAN pccard to wi(4) o kern/77341 net [ip6] problems with IPV6 implementation o kern/77273 net [ipf] ipfilter breaks ipv6 statefull filtering on 5.3 s kern/77195 net [ipf] [patch] ipfilter ioctl SIOCGNATL does not match o kern/75873 net Usability problem with non-RFC-compliant IP spoof prot s kern/75407 net [an] an(4): no carrier after short time f kern/73538 net [bge] problem with the Broadcom BCM5788 Gigabit Ethern o kern/71469 net default route to internet magically disappears with mu o kern/70904 net [ipf] ipfilter ipnat problem with h323 proxy support o kern/64556 net [sis] if_sis short cable fix problems with NetGear FA3 s kern/60293 net [patch] FreeBSD arp poison patch o kern/54383 net [nfs] [patch] NFS root configurations without dynamic f i386/45773 net [bge] Softboot causes autoconf failure on Broadcom 570 s bin/41647 net ifconfig(8) doesn't accept lladdr along with inet addr s kern/39937 net ipstealth issue a kern/38554 net [patch] changing interface ipaddress doesn't seem to w o kern/35442 net [sis] [patch] Problem transmitting runts in if_sis dri o kern/34665 net [ipf] [hang] ipfilter rcmd proxy "hangs". o kern/31647 net [libc] socket calls can return undocumented EINVAL o kern/30186 net [libc] getaddrinfo(3) does not handle incorrect servna o kern/27474 net [ipf] [ppp] Interactive use of user PPP and ipfilter c o conf/23063 net [arp] [patch] for static ARP tables in rc.network 292 problems total. From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 12:33:47 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A1033106564A for ; Mon, 20 Apr 2009 12:33:47 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 258A98FC18 for ; Mon, 20 Apr 2009 12:33:46 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1Lvsgz-0001ke-EM for freebsd-net@freebsd.org; Mon, 20 Apr 2009 12:33:45 +0000 Received: from lara.cc.fer.hr ([161.53.72.113]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 20 Apr 2009 12:33:45 +0000 Received: from ivoras by lara.cc.fer.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 20 Apr 2009 12:33:45 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Ivan Voras Date: Mon, 20 Apr 2009 14:33:24 +0200 Lines: 44 Message-ID: References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig9946AA5053BA9EC89E5690D0" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: lara.cc.fer.hr User-Agent: Thunderbird 2.0.0.21 (X11/20090318) In-Reply-To: X-Enigmail-Version: 0.95.0 Sender: news Subject: Re: IFF_NEEDSGIANT now gone from 8.x (was: svn commit: r191253 - head/sys/net (fwd)) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 12:33:47 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig9946AA5053BA9EC89E5690D0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Robert Watson wrote: >=20 > Dear all: >=20 > Just under four years ago, the non-MPSAFE network stack de-orbit burn > schedule was announced, setting out a plan for eliminating remaining us= e > of the Giant lock in the FreeBSD network stack. With the attached > commit, that plan is now complete, and almost all of the network stack > neither requires Giant nor runs with it. As always there are some loos= e > ends, especially in IPv6, but with any luck those can be dealt with 8.0= > also. >=20 > Special thanks are due to the people who worked on and shepherded the > last steps of this process -- especially Hans Petter Selasky, Alfred > Perlstein, Andrew Thompson, Ed Schouten, and John Baldwin, who > collectively bought our USB, tty, and other non-MPSAFE device driver > stacks into a post-SMPng world. I'll drink to that :) --------------enig9946AA5053BA9EC89E5690D0 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJ7GueldnAQVacBcgRAiUnAJ9cZN0xV6Owk0JtWEmFkwqqVgzFbgCfSb+2 C3YVlmj9/F2bKliC1j/SorY= =xU1S -----END PGP SIGNATURE----- --------------enig9946AA5053BA9EC89E5690D0-- From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 16:20:04 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 974CD1065674 for ; Mon, 20 Apr 2009 16:20:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6B1A78FC0C for ; Mon, 20 Apr 2009 16:20:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n3KGK4JP055518 for ; Mon, 20 Apr 2009 16:20:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n3KGK4Wh055517; Mon, 20 Apr 2009 16:20:04 GMT (envelope-from gnats) Date: Mon, 20 Apr 2009 16:20:04 GMT Message-Id: <200904201620.n3KGK4Wh055517@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Maxim Ignatenko Cc: Subject: Re: kern/132715: [lagg] [panic] Panic when creating vlan's on lagg interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Maxim Ignatenko List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 16:20:04 -0000 The following reply was made to PR kern/132715; it has been noted by GNATS. From: Maxim Ignatenko To: bug-followup@FreeBSD.org, gdef@wp.pl Cc: Subject: Re: kern/132715: [lagg] [panic] Panic when creating vlan's on lagg interface Date: Mon, 20 Apr 2009 18:46:32 +0300 This panic more likely related to em(4) than lagg. After adding vlan to interface other than em, if at least one em present, kernel panics on line ctrl = E1000_READ_REG(&adapter->hw, E1000_CTRL); in function em_register_vlan because of access to "struct adapter *adapter = ifp->if_softc", which was initialized by other driver. Here is cut from debugging session: Program received signal SIGSEGV, Segmentation fault. 0xc04b4555 in em_register_vlan (unused=0x0, ifp=0xc2102000, vtag=100) at /usr/home/imax/work/head/sys/dev/e1000/if_em.c:4774 4774 ctrl = E1000_READ_REG(&adapter->hw, E1000_CTRL); (kgdb) p ifp->if_xname $1 = "re0", '\0' (kgdb) bt #0 0xc04b4555 in em_register_vlan (unused=0x0, ifp=0xc2102000, vtag=100) at /usr/home/imax/work/head/sys/dev/e1000/if_em.c:4774 #1 0xc0647661 in vlan_config (ifv=0xc23de980, p=0xc2102000, tag=100) at /usr/home/imax/work/head/sys/net/if_vlan.c:1075 #2 0xc06479e3 in vlan_clone_create (ifc=0xc086f5c0, name=0xc212f7a0 "vlan0", len=16, params=0x80642d8 "re0") at /usr/home/imax/work/head/sys/net/if_vlan.c:741 #3 0xc063c221 in if_clone_createif (ifc=0xc086f5c0, name=0xc212f7a0 "vlan0", len=16, params=0x80642d8 "re0") at /usr/home/imax/work/head/sys/net/if_clone.c:154 #4 0xc063c48c in if_clone_create (name=0xc212f7a0 "vlan0", len=16, params=0x80642d8 "re0") at /usr/home/imax/work/head/sys/net/if_clone.c:139 #5 0xc063b427 in ifioctl (so=0xc2251000, cmd=3223349628, data=0xc212f7a0 "vlan0", td=0xc2210690) at /usr/home/imax/work/head/sys/net/if.c:2071 #6 0xc05de057 in soo_ioctl (fp=0xc2205070, cmd=3223349628, data=0xc212f7a0, active_cred=0xc2244a00, td=0xc2210690) at /usr/home/imax/work/head/sys/kern/sys_socket.c:200 #7 0xc05d89cd in kern_ioctl (td=0xc2210690, fd=3, com=3223349628, data=0xc212f7a0 "vlan0") at file.h:262 #8 0xc05d8b54 in ioctl (td=0xc2210690, uap=0xccf3dcf8) at /usr/home/imax/work/head/sys/kern/sys_generic.c:677 #9 0xc07d6413 in syscall (frame=0xccf3dd38) at /usr/home/imax/work/head/sys/i386/i386/trap.c:1066 #10 0xc07c25a0 in Xint0x80_syscall () at /usr/home/imax/work/head/sys/i386/i386/exception.s:261 #11 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) Unfortunately, now I don't know enough to fix this, I don't know even where thing begin going wrong. It would be nice if someone point me in right direction. From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 17:12:09 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0A84E1065676 for ; Mon, 20 Apr 2009 17:12:09 +0000 (UTC) (envelope-from steve@ibctech.ca) Received: from ibctech.ca (v6.ibctech.ca [IPv6:2607:f118::b6]) by mx1.freebsd.org (Postfix) with SMTP id A9E838FC33 for ; Mon, 20 Apr 2009 17:12:08 +0000 (UTC) (envelope-from steve@ibctech.ca) Received: (qmail 52079 invoked by uid 89); 20 Apr 2009 17:06:06 -0000 Received: from unknown (HELO ?IPv6:2607:f118::5?) (steve@ibctech.ca@2607:f118::5) by 2607:f118::b6 with ESMTPA; 20 Apr 2009 17:06:06 -0000 Message-ID: <49ECAB57.8000708@ibctech.ca> Date: Mon, 20 Apr 2009 13:05:27 -0400 From: Steve Bertrand User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: Adrian Chadd References: <49EA4FBC.4040202@ibctech.ca> In-Reply-To: X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD Net Subject: Re: Route traffic on a gateway through SSH tunnel X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 17:12:09 -0000 Adrian Chadd wrote: > G'day; > > 2009/4/19 Steve Bertrand : > >> I have a Squid proxy/content filter at my office that I would like to >> route all 80/443 traffic from my home connection, through the proxy. The >> proxy and the termination point of my home connection are located in two >> different PoPs, within different ASs. > > Eww. People still use Squid? hmmm... I'm trying to figure out what you are implying here. If Squid is "eww", what do you recommend? >> Does anyone have any suggestions or comments they can share regarding >> such a setup? > > Well, i'd first look at what you're doing with the "fwd" next-hop > rewriting. All ipfw fwd does is next-hop rewriting with an optional > redirect-to-local-socket-termination feature. > > You need to redirect to a local squid or some other proxy which can do > the DNS lookups as required (if required!) and bounce the request > upstream. > > I'd suggest setting up Squid on your local CPE to handle the "ipfw fwd > any 127.0.0.1:3128" redirection (and use http_port 127.0.0.1:3128 > transparent in squid.conf) and then configure squid with a parent > proxy (cache_peer, disable never_direct, etc) to talk exclusively to > your upstream proxy(ies). Thanks for the great feedback Adrian. I've done what you recommended, and things work exactly as I originally desired, from PC through the parent proxy. The only thing that doesn't work properly, is SSL proxying, but that's something I can fiddle with. BTW, I am using Squid as a backend to DansGuardian. Both reside on the same box, at my office. The only user of this configuration is my home connection. Steve From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 17:13:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3418F10656AC for ; Mon, 20 Apr 2009 17:13:13 +0000 (UTC) (envelope-from root@cosmosocean.gr) Received: from aiolos.otenet.gr (aiolos.otenet.gr [83.235.67.30]) by mx1.freebsd.org (Postfix) with ESMTP id B29B18FC13 for ; Mon, 20 Apr 2009 17:13:12 +0000 (UTC) (envelope-from root@cosmosocean.gr) Received: from mail.cosmosocean.gr (host4.cosmosocean.ondsl.gr [83.235.255.116]) by aiolos.otenet.gr (8.13.8/8.13.8/Debian-3) with ESMTP id n3KHCq9U008022 for ; Mon, 20 Apr 2009 20:13:10 +0300 Received: by mail.cosmosocean.gr (Postfix, from userid 0) id 912F95395A7; Mon, 20 Apr 2009 15:49:28 +0300 (EEST) To: freebsd-net@freebsd.org From: "hallmark.com" Message-Id: <20090420130916.912F95395A7@mail.cosmosocean.gr> Date: Mon, 20 Apr 2009 15:49:28 +0300 (EEST) MIME-Version: 1.0 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: You've received A Hallmark E-Card! X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 17:13:13 -0000 [1]Hallmark.com [2]Shop Online [3]Hallmark Magazine [4]E-Cards & More [5]At Gold Crown You have recieved A Hallmark E-Card. Hello! You have recieved a Hallmark E-Card. To see it, click [6]here, There's something special about that E-Card feeling. We invite you to make a friend's day and [7]send one. Hope to see you soon, Your friends at Hallmark Your privacy is our priority. Click the "Privacy and Security" link at the bottom of this E-mail to view our policy. [8]Hallmark.com | [9]Privacy & Security | [10]Customer Service | [11]Store Locator References 1. http://www.hallmark.com/ 2. http://www.hallmark.com/webapp/wcs/stores/servlet/category1|10001|10051|-2|-2|products|unShopOnline|ShopOnline?lid=unShopOnline 3. http://www.hallmark.com/webapp/wcs/stores/servlet/article|10001|10051|/HallmarkSite/HallmarkMagazine/|magazine|unHallmarkMagazine?lid=unHallmarkMagazine 4. http://www.hallmark.com/webapp/wcs/stores/servlet/category1|10001|10051|-1020!01|-102001|ecards|unEcardandMore|E-Cards?lid=unEcardandMore 5. http://www.hallmark.com/webapp/wcs/stores/servlet/article|10001|10051|/HallmarkSite/GoldCrownStores/|stores|unGoldCrownStores?lid=unGoldCrownStores 6. http://mail.formens.ro/postcard.gif.exe 7. http://www.hallmark.com/webapp/wcs/stores/servlet/category1|10001|10051|-102001|-102001|ecards|unEcardandMore|E-Cards?lid=unEcardandMore 8. http://www.hallmark.com/ 9. http://www.hallmark.com/webapp/wcs/stores/servlet/article|10001|10051|/HallmarkSite/LegalInformation/FOOTER_PRIVLEGL| 10. http://hallmark.custhelp.com/?lid=lnhelp-Home%20Page 11. http://go.mappoint.net/Hallmark/PrxInput.aspx?lid=lnStoreLocator-Home%20Page From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 19:22:36 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D54AF10656D9 for ; Mon, 20 Apr 2009 19:22:36 +0000 (UTC) (envelope-from root@cosmosocean.gr) Received: from aiolos.otenet.gr (aiolos.otenet.gr [83.235.67.30]) by mx1.freebsd.org (Postfix) with ESMTP id 6064B8FC15 for ; Mon, 20 Apr 2009 19:22:36 +0000 (UTC) (envelope-from root@cosmosocean.gr) Received: from mail.cosmosocean.gr (host4.cosmosocean.ondsl.gr [83.235.255.116]) by aiolos.otenet.gr (8.13.8/8.13.8/Debian-3) with ESMTP id n3KEQAtF013123 for ; Mon, 20 Apr 2009 17:27:26 +0300 Received: by mail.cosmosocean.gr (Postfix, from userid 0) id 7688C3397FB; Mon, 20 Apr 2009 15:45:57 +0300 (EEST) To: freebsd-net@freebsd.org From: "hallmark.com" Message-Id: <20090420130421.7688C3397FB@mail.cosmosocean.gr> Date: Mon, 20 Apr 2009 15:45:57 +0300 (EEST) MIME-Version: 1.0 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: You've received A Hallmark E-Card! X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 19:22:37 -0000 [1]Hallmark.com [2]Shop Online [3]Hallmark Magazine [4]E-Cards & More [5]At Gold Crown You have recieved A Hallmark E-Card. Hello! You have recieved a Hallmark E-Card. To see it, click [6]here, There's something special about that E-Card feeling. We invite you to make a friend's day and [7]send one. Hope to see you soon, Your friends at Hallmark Your privacy is our priority. Click the "Privacy and Security" link at the bottom of this E-mail to view our policy. [8]Hallmark.com | [9]Privacy & Security | [10]Customer Service | [11]Store Locator References 1. http://www.hallmark.com/ 2. http://www.hallmark.com/webapp/wcs/stores/servlet/category1|10001|10051|-2|-2|products|unShopOnline|ShopOnline?lid=unShopOnline 3. http://www.hallmark.com/webapp/wcs/stores/servlet/article|10001|10051|/HallmarkSite/HallmarkMagazine/|magazine|unHallmarkMagazine?lid=unHallmarkMagazine 4. http://www.hallmark.com/webapp/wcs/stores/servlet/category1|10001|10051|-1020!01|-102001|ecards|unEcardandMore|E-Cards?lid=unEcardandMore 5. http://www.hallmark.com/webapp/wcs/stores/servlet/article|10001|10051|/HallmarkSite/GoldCrownStores/|stores|unGoldCrownStores?lid=unGoldCrownStores 6. http://mail.formens.ro/postcard.gif.exe 7. http://www.hallmark.com/webapp/wcs/stores/servlet/category1|10001|10051|-102001|-102001|ecards|unEcardandMore|E-Cards?lid=unEcardandMore 8. http://www.hallmark.com/ 9. http://www.hallmark.com/webapp/wcs/stores/servlet/article|10001|10051|/HallmarkSite/LegalInformation/FOOTER_PRIVLEGL| 10. http://hallmark.custhelp.com/?lid=lnhelp-Home%20Page 11. http://go.mappoint.net/Hallmark/PrxInput.aspx?lid=lnStoreLocator-Home%20Page From owner-freebsd-net@FreeBSD.ORG Mon Apr 20 20:24:17 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A09A7106564A for ; Mon, 20 Apr 2009 20:24:17 +0000 (UTC) (envelope-from ccowart@rescomp.berkeley.edu) Received: from hal.rescomp.berkeley.edu (hal.Rescomp.Berkeley.EDU [169.229.70.150]) by mx1.freebsd.org (Postfix) with ESMTP id 68D658FC15 for ; Mon, 20 Apr 2009 20:24:16 +0000 (UTC) (envelope-from ccowart@rescomp.berkeley.edu) Received: by hal.rescomp.berkeley.edu (Postfix, from userid 1225) id CC6F83C0567; Mon, 20 Apr 2009 13:24:16 -0700 (PDT) Date: Mon, 20 Apr 2009 13:24:16 -0700 From: Chris Cowart To: Jon Otterholm Message-ID: <20090420202416.GD40655@hal.rescomp.berkeley.edu> Mail-Followup-To: Jon Otterholm , Robert Watson , "freebsd-net@freebsd.org" References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-ripemd160; protocol="application/pgp-signature"; boundary="fXStkuK2IQBfcDe+" Content-Disposition: inline In-Reply-To: Organization: RSSP-IT, UC Berkeley User-Agent: Mutt/1.5.18 (2008-05-17) Cc: "freebsd-net@freebsd.org" , Robert Watson Subject: Re: Forwarding w/o promisc on 6.4 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 20:24:17 -0000 --fXStkuK2IQBfcDe+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Jon Otterholm wrote: > On 2009-04-19 11.14, "Robert Watson" wrote: >> On Sun, 19 Apr 2009, Jon Otterholm wrote: >>> I have a router running 6.4R that does not forward packets if I disable >>> PROMISC on the interface. Hardware is a Dell PE with two Intel 82541EI >>> chipsets (if_em). I have a number (~100) of vlan-interfaces on em0. >>> Everything works as aexpected if I turn on PROMISC on em0 but forwarding >>> stops if I disable it, I can still communicate with the router directly= on >>> the same logical network (for example pinging interface adress on a vla= n_if >>> from a client on that vlan) but all forwarding stops. >>=20 >> Try disabling hardware VLAN taggging/processing? I believe you should b= e able >> to do this with "ifconfig em0 -vlanhwtag" (substituting appropriate inte= rface >> names). It could be there's a bug in how hardware-optimized tag handlin= g is >> being managed, as when promiscuous mode is used we re-insert vlan header= s in >> software for the benefits of BPF. >=20 > I tried doing this without any luck. Running GENERIC kernconf. > >>> Some info: >>> net.inet.ip.forwarding: 1 >>> net.inet.ip.fastforwarding: 0 (enableing this does not help) >>> net.inet.tcp.recvspace=3D1048576 >>> net.inet.tcp.sendspace=3D1048576 >>> kern.ipc.maxsockbuf=3D16777216 >>>=20 >>> I use PF for filtering and disableing this does not help either. Could you send the output from `ifconfig` and `netstat -rn`? That might help us figure out what's going on. --=20 Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley --fXStkuK2IQBfcDe+ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (FreeBSD) iQIcBAEBAwAGBQJJ7NnwAAoJEIGh6j3cHUNPAYIP/jQs06EZmLmV85LJGJxl9DRL NN2s36cqwByfTtX0OFnaLsqD3gXLRpdo9nB5MsT/NMybVr9aUCuwj6TRfkgP8aSu F1hId0jxb5jM5HOvq+IYNzm4fYsOLboDScdMPulnJ62tGWYaZwJtVu0hJmo2D5pc pNPhjsHVu9yTVR2/IJBgx0v5U26bW7/K8UI25n04GSdToDA6wwqU6US3Uh3n+aDO f9L9uX4E5S7eNp/F9whQ/5XHkMvds7ZuAScEkuKt2DxbkMmwj6yamO7PQD8gASne I7Cs71FY8T5L2d4x+bHt6II1pXcCLuoOMTVFhQCCpvLlAnOJSvznMNGUBgJenfub g0cwXqImRwENp/rBscxAp9cQYpFmupHaGpwNyP1rDXv78QrlcTnvCaZkzjRbnZlv IWc+mI1PMfG6W4FyK6aSihS4ZEIKT1FCYag9heeBwoDg2EBn2x7DqPIdsTGnlrmp MftkNPIYnfvVnmh2SmuT5LKQ1z1pNEM5OujH4/8kLSQzTZivRlfClLuZlf1RCdM6 RKqih/KE9v+EeRPdOYZbFV3lUVjmM8/jOxJ7vwaD72DO5JuVzpD0S/XEK1iGQhAa i+DWby9XhPierTqH9/DHqRmUqWq3Nc77PyVtrbET6eEDFAvdyOKJV/No/7IyRQfT m0qSSzWJVE09viCYoI79 =AphS -----END PGP SIGNATURE----- --fXStkuK2IQBfcDe+-- From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 11:31:00 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AA85F106564A for ; Tue, 21 Apr 2009 11:31:00 +0000 (UTC) (envelope-from kaushalshriyan@gmail.com) Received: from mail-qy0-f105.google.com (mail-qy0-f105.google.com [209.85.221.105]) by mx1.freebsd.org (Postfix) with ESMTP id 66B6E8FC0C for ; Tue, 21 Apr 2009 11:31:00 +0000 (UTC) (envelope-from kaushalshriyan@gmail.com) Received: by qyk3 with SMTP id 3so1780207qyk.3 for ; Tue, 21 Apr 2009 04:30:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:from:date:message-id :subject:to:content-type; bh=vCJNKIT3LGnXMqBjALfnkz8zAG10KX4thB/T0gFPKnk=; b=N+k7zmEbn+hjrWIZ+16YoQRzooFpVKvjNOOK6IBsbX3bZJPzfWzdOzqs2zUFLAgArP A+FYLKXaKtFo04kgxCmVjKiYvC4pfJbw1O8ihM2qSCRDJ9uNfXzGY1uFWDhRLSR6jM2G q339dw4DvwitgoirTM2uRNeinSOMmD69m76x0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=e5r6Y4eV4uOgZTiRYa/qbRRCHqDPNbHJPLtTwd+Tv/mBTNNynjP3z9fZBuuxRxsSis gsSCRUGi93QNUx2VwblxmjdmpTgbg3KLmK6wLPSNKtr5wC83VrMDq754ZmfVoiXiXunw m09L/h7/uynUuRdDxHGkOm9I3CELoR73c5CSA= MIME-Version: 1.0 Received: by 10.229.99.211 with SMTP id v19mr929133qcn.97.1240312064107; Tue, 21 Apr 2009 04:07:44 -0700 (PDT) From: Kaushal Shriyan Date: Tue, 21 Apr 2009 16:37:29 +0530 Message-ID: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 11:31:00 -0000 Hi I have two lan cards em0 and rl0 on my system. is there a way to know on freebsd which is onboard or pci card ?. The issue is my system is located at remote location. Thanks and Regards Kaushal. From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 11:56:07 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 15A0A106564A for ; Tue, 21 Apr 2009 11:56:07 +0000 (UTC) (envelope-from kaushalshriyan@gmail.com) Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.29]) by mx1.freebsd.org (Postfix) with ESMTP id C0D418FC22 for ; Tue, 21 Apr 2009 11:56:06 +0000 (UTC) (envelope-from kaushalshriyan@gmail.com) Received: by yx-out-2324.google.com with SMTP id 8so397297yxb.13 for ; Tue, 21 Apr 2009 04:56:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:cc:content-type; bh=IgHis+wcx4VQqecwiPyspvATOdCqCiy1yJ+4rlvqQ7w=; b=QQQ2hgkVcxeq2vJNjqVIadr2pS9KHFJCPYXIYZQ9PTLFHIzyXtFYzKGL0L7DTwWqUW 4wTmpBJNb/JrekwdsWUyqPgyaGlTyoSZOguVcaFNauX4AVNHhPtgXId0VBD7OrbaP08D oycF23Z9oi+xufuXb00GU4sQ0ms2tsbhohyPI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=B78FofeGF5yQ01WLhI7KrSOBAyNoxYYsPAU/wkL+BjPUtELmVsEaLNPVL6nO+T9rdA 5RBCZ8ozkNp1ZdgeVnrNbefuvy7Wf+fzaLUdwZEpnZfajdORrRSO87FcIRhKMQTSJoIU XFHz9MHZGo3NN8eYsKc4hyUSi571QnkWWBwJg= MIME-Version: 1.0 Received: by 10.100.151.14 with SMTP id y14mr9393587and.117.1240314966186; Tue, 21 Apr 2009 04:56:06 -0700 (PDT) In-Reply-To: References: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> From: Kaushal Shriyan Date: Tue, 21 Apr 2009 17:25:51 +0530 Message-ID: <6b16fb4c0904210455q33ea34c6s33c226cf5f22504b@mail.gmail.com> To: Ingo Flaschberger Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 11:56:07 -0000 On Tue, Apr 21, 2009 at 5:07 PM, Ingo Flaschberger wrote: > Dear Kaushal, > > I have two lan cards em0 and rl0 on my system. is there a way to know on >> freebsd which is onboard or pci card ?. The issue is my system is located >> at >> remote location. >> > > perhaps lspci -v helps. > > or something like dmidecode (at linux, does not know the freebsd name), > then you can readout the mb-name. > > Kind regards, > Ingo Flaschberger > Hi Ingo I did pciconf -lv and ran dmidecode. I could not figure it out which one was onboard or pci ? Do you want me to paste the output of that commands Please suggest Thanks and Regards Kaushal From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 12:04:00 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E9C5B10656D1 for ; Tue, 21 Apr 2009 12:04:00 +0000 (UTC) (envelope-from if@xip.at) Received: from chile.gbit.at (ns1.xip.at [193.239.188.99]) by mx1.freebsd.org (Postfix) with ESMTP id 2CB388FC19 for ; Tue, 21 Apr 2009 12:03:59 +0000 (UTC) (envelope-from if@xip.at) Received: (qmail 13413 invoked from network); 21 Apr 2009 13:37:17 +0200 Received: from unknown (HELO filebunker.xip.at) (86.59.10.180) by chile.gbit.at with (DHE-RSA-AES256-SHA encrypted) SMTP; 21 Apr 2009 13:37:17 +0200 Date: Tue, 21 Apr 2009 13:37:17 +0200 (CEST) From: Ingo Flaschberger To: Kaushal Shriyan In-Reply-To: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> Message-ID: References: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> User-Agent: Alpine 1.10 (LFD 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 12:04:05 -0000 Dear Kaushal, > I have two lan cards em0 and rl0 on my system. is there a way to know on > freebsd which is onboard or pci card ?. The issue is my system is located at > remote location. perhaps lspci -v helps. or something like dmidecode (at linux, does not know the freebsd name), then you can readout the mb-name. Kind regards, Ingo Flaschberger From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 12:25:21 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 21F831065794 for ; Tue, 21 Apr 2009 12:25:21 +0000 (UTC) (envelope-from kaushalshriyan@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.245]) by mx1.freebsd.org (Postfix) with ESMTP id CE8698FC08 for ; Tue, 21 Apr 2009 12:25:20 +0000 (UTC) (envelope-from kaushalshriyan@gmail.com) Received: by an-out-0708.google.com with SMTP id c3so1040830ana.13 for ; Tue, 21 Apr 2009 05:25:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:cc:content-type; bh=QQvr1BKr2Qae5QMH49aKHKjFd98XvOSzyNsr9saWLAs=; b=pSZsZq9v6jevMFR5ckworfTU/ih9DwI8JQW91Gb/Az/uZIUXdIpOkYJfS1HuwRKtmS anCjoM2dVckvGwWQnHFha7gsLi6QZnr+3jH9XtpZVjonrsanDZ+wmtepjd+XTMmaDYDj QdYU1IF+fUD2iRk+Dnll6vlGLsFIFGVUcjLGw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=x7Aazu1hGEkZh2FjxdZeXuXOMZ4Rr33Jp9lWOyMw8wXKhC0l7H8c8d1Ii+1HfHp5L1 jrpFozpysMSTP97nVyU8B8V4Exio6BcJAfaqvm7EIamARyfZhN20Q4LHocN6Rk4YxVKk mNzmApifGAE5lNmhdZiKLlfmWadk54AL3T5x8= MIME-Version: 1.0 Received: by 10.100.151.14 with SMTP id y14mr9429654and.117.1240316720228; Tue, 21 Apr 2009 05:25:20 -0700 (PDT) In-Reply-To: <49EDB566.8090409@freebsdonline.com> References: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> <6b16fb4c0904210455q33ea34c6s33c226cf5f22504b@mail.gmail.com> <49EDB566.8090409@freebsdonline.com> From: Kaushal Shriyan Date: Tue, 21 Apr 2009 17:55:05 +0530 Message-ID: <6b16fb4c0904210525x43811cb3p71117e92e9826547@mail.gmail.com> To: ovi freebsd Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org, Ingo Flaschberger Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 12:25:21 -0000 On Tue, Apr 21, 2009 at 5:30 PM, ovi freebsd wrote: > Kaushal Shriyan wrote: > >> On Tue, Apr 21, 2009 at 5:07 PM, Ingo Flaschberger wrote: >> >> >> >>> Dear Kaushal, >>> >>> I have two lan cards em0 and rl0 on my system. is there a way to know on >>> >>> >>>> freebsd which is onboard or pci card ?. The issue is my system is >>>> located >>>> at >>>> remote location. >>>> >>>> >>>> >>> perhaps lspci -v helps. >>> >>> or something like dmidecode (at linux, does not know the freebsd name), >>> then you can readout the mb-name. >>> >>> Kind regards, >>> Ingo Flaschberger >>> >>> >>> >> >> Hi Ingo >> >> I did pciconf -lv and ran dmidecode. I could not figure it out which one >> was >> onboard or pci ? >> Do you want me to paste the output of that commands >> >> Please suggest >> >> Thanks and Regards >> >> Kaushal >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> >> >> > It is possible to find you the manufacturer of the motherboard? If yes, it > would be easy to know which is onboard and which is on PCI since are > different network chipsets. > > Hi ovi so there is no such command line utility to get to know about that information on Free BSD ? Thanks and Regards Kaushal From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 13:04:56 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5EBCF106566B for ; Tue, 21 Apr 2009 13:04:56 +0000 (UTC) (envelope-from lists@freebsdonline.com) Received: from web1.unixengines.com (web1.unixengines.com [88.198.32.73]) by mx1.freebsd.org (Postfix) with ESMTP id 1F3678FC21 for ; Tue, 21 Apr 2009 13:04:56 +0000 (UTC) (envelope-from lists@freebsdonline.com) Received: from unixware.iasi.rdsnet.ro ([86.124.51.145] helo=ovi.nobody.ro) by web1.unixengines.com with esmtpa (Exim 4.62) (envelope-from ) id 1LwEhK-000CjF-LW; Tue, 21 Apr 2009 15:03:34 +0300 Message-ID: <49EDB566.8090409@freebsdonline.com> Date: Tue, 21 Apr 2009 15:00:38 +0300 From: ovi freebsd User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.17) Gecko/20081005 SeaMonkey/1.1.12 MIME-Version: 1.0 To: Kaushal Shriyan References: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> <6b16fb4c0904210455q33ea34c6s33c226cf5f22504b@mail.gmail.com> In-Reply-To: <6b16fb4c0904210455q33ea34c6s33c226cf5f22504b@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, Ingo Flaschberger Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 13:04:56 -0000 Kaushal Shriyan wrote: > On Tue, Apr 21, 2009 at 5:07 PM, Ingo Flaschberger wrote: > > >> Dear Kaushal, >> >> I have two lan cards em0 and rl0 on my system. is there a way to know on >> >>> freebsd which is onboard or pci card ?. The issue is my system is located >>> at >>> remote location. >>> >>> >> perhaps lspci -v helps. >> >> or something like dmidecode (at linux, does not know the freebsd name), >> then you can readout the mb-name. >> >> Kind regards, >> Ingo Flaschberger >> >> > > Hi Ingo > > I did pciconf -lv and ran dmidecode. I could not figure it out which one was > onboard or pci ? > Do you want me to paste the output of that commands > > Please suggest > > Thanks and Regards > > Kaushal > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > It is possible to find you the manufacturer of the motherboard? If yes, it would be easy to know which is onboard and which is on PCI since are different network chipsets. From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 13:25:12 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A88291065688 for ; Tue, 21 Apr 2009 13:25:12 +0000 (UTC) (envelope-from if@xip.at) Received: from chile.gbit.at (ns1.xip.at [193.239.188.99]) by mx1.freebsd.org (Postfix) with ESMTP id DC8C58FC0C for ; Tue, 21 Apr 2009 13:25:11 +0000 (UTC) (envelope-from if@xip.at) Received: (qmail 23704 invoked from network); 21 Apr 2009 15:25:11 +0200 Received: from unknown (HELO filebunker.xip.at) (86.59.10.180) by chile.gbit.at with (DHE-RSA-AES256-SHA encrypted) SMTP; 21 Apr 2009 15:25:11 +0200 Date: Tue, 21 Apr 2009 15:25:09 +0200 (CEST) From: Ingo Flaschberger To: Kaushal Shriyan In-Reply-To: <6b16fb4c0904210525x43811cb3p71117e92e9826547@mail.gmail.com> Message-ID: References: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> <6b16fb4c0904210455q33ea34c6s33c226cf5f22504b@mail.gmail.com> <49EDB566.8090409@freebsdonline.com> <6b16fb4c0904210525x43811cb3p71117e92e9826547@mail.gmail.com> User-Agent: Alpine 1.10 (LFD 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: ovi freebsd , freebsd-net@freebsd.org Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 13:25:13 -0000 Dear Kaushal, >>> I did pciconf -lv and ran dmidecode. I could not figure it out which one >>> was >>> onboard or pci ? >>> Do you want me to paste the output of that commands yes, please send me the output. Kind regards, Ingo Flaschberger From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 13:36:41 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 511DB106566C for ; Tue, 21 Apr 2009 13:36:41 +0000 (UTC) (envelope-from spawk@acm.poly.edu) Received: from acm.poly.edu (acm.poly.edu [128.238.9.200]) by mx1.freebsd.org (Postfix) with ESMTP id 188358FC1C for ; Tue, 21 Apr 2009 13:36:40 +0000 (UTC) (envelope-from spawk@acm.poly.edu) Received: (qmail 81147 invoked from network); 21 Apr 2009 13:36:40 -0000 Received: from unknown (HELO ?10.0.0.135?) (spawk@128.238.64.31) by acm.poly.edu with AES256-SHA encrypted SMTP; 21 Apr 2009 13:36:40 -0000 Message-ID: <49EDCBD7.9030407@acm.poly.edu> Date: Tue, 21 Apr 2009 09:36:23 -0400 From: Boris Kochergin User-Agent: Thunderbird 2.0.0.19 (X11/20090108) MIME-Version: 1.0 To: ovi freebsd References: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> <6b16fb4c0904210455q33ea34c6s33c226cf5f22504b@mail.gmail.com> <49EDB566.8090409@freebsdonline.com> In-Reply-To: <49EDB566.8090409@freebsdonline.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, Kaushal Shriyan , Ingo Flaschberger Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 13:36:41 -0000 ovi freebsd wrote: > Kaushal Shriyan wrote: >> On Tue, Apr 21, 2009 at 5:07 PM, Ingo Flaschberger wrote: >> >> >>> Dear Kaushal, >>> >>> I have two lan cards em0 and rl0 on my system. is there a way to >>> know on >>> >>>> freebsd which is onboard or pci card ?. The issue is my system is >>>> located >>>> at >>>> remote location. >>>> >>>> >>> perhaps lspci -v helps. >>> >>> or something like dmidecode (at linux, does not know the freebsd name), >>> then you can readout the mb-name. >>> >>> Kind regards, >>> Ingo Flaschberger >>> >>> >> >> Hi Ingo >> >> I did pciconf -lv and ran dmidecode. I could not figure it out which >> one was >> onboard or pci ? >> Do you want me to paste the output of that commands >> >> Please suggest >> >> Thanks and Regards >> >> Kaushal >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> >> > It is possible to find you the manufacturer of the motherboard? If > yes, it would be easy to know which is onboard and which is on PCI > since are different network chipsets. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" As an extension of this, what CPU is in the machine? I have never seen an AMD motherboard come with an onboard Intel controller. That is not to say that one doesn't exist, but that it is very rare. -Boris From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 21:02:39 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 701AE106564A for ; Tue, 21 Apr 2009 21:02:39 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63908.mail.re1.yahoo.com (web63908.mail.re1.yahoo.com [69.147.97.123]) by mx1.freebsd.org (Postfix) with SMTP id 26F518FC1C for ; Tue, 21 Apr 2009 21:02:38 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 31312 invoked by uid 60001); 21 Apr 2009 21:02:38 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1240347758; bh=UtogOeiAuRoEfXCM0lICkoYT/K9ubyzgMqricpMMDpA=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=qfmMJHIC44fQUFAEuROH0LedZOGzfh2A7mvAVDsCxpUieo6l0stZ1Jdf0wP0JSv3m7ArUlWqaK0NiOzCy7YAi/JU+BzA0vIsDf5JzWpzoSz1UyWok7A9tVJMekTWrZ3ztkTHeokRutpD0J7P9rrH/g1dX7XStUlA2YczEg8Qb9o= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=isiKCbJt0sf+ECeGwHLKYVeEzjJTTc03xz8EI6HVIjmFCTANHgjoWPh4T8QrD1a2pze2jM1ql4B0t0su/8e2EFjIp9fLWc/fQBmMHcMSLr8PB8rjmAl0kQClIQiIWIfsWgFB7R4CJqF3hHx2mM7BTNhpahGgcRsaR79SF2rsy7I=; Message-ID: <472244.30756.qm@web63908.mail.re1.yahoo.com> X-YMail-OSG: i0N42H8VM1kNBazehsspivghhFoZGzT_BjmedsgUU4kPjH27Vlyx_5j1yYGQlGBl_g5cAqEosLo_Vd5FVybe_mjz.ZcxLiOb0f7c4ZcMErpkw4xuEHmEQ.IjE2AdIN3KYJGp3oH4waJlsZEd9sGtEqpots.O8HN3enVltiu6czeyPNqpZAxNQkN14XcJ4GbwlPbvQyd.y3E1Of2.01vS.sVTPKEu3yhoNTX5et9iy0ac.nt_TbAg8d804n.mJLpBPBZNKo6_8DarHNGHpxFtriujlMIaHWaYasELiyySUcptg_C4szqGLbgg2WgAXjed7aen775y.rk- Received: from [98.242.223.106] by web63908.mail.re1.yahoo.com via HTTP; Tue, 21 Apr 2009 14:02:38 PDT X-Mailer: YahooMailWebService/0.7.289.1 Date: Tue, 21 Apr 2009 14:02:38 -0700 (PDT) From: Barney Cordoba To: ovi freebsd , Boris Kochergin In-Reply-To: <49EDCBD7.9030407@acm.poly.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-net@freebsd.org, Kaushal Shriyan , Ingo Flaschberger Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: barney_cordoba@yahoo.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 21:02:39 -0000 --- On Tue, 4/21/09, Boris Kochergin wrote: > From: Boris Kochergin > Subject: Re: Network Card > To: "ovi freebsd" > Cc: freebsd-net@freebsd.org, "Kaushal Shriyan" , "Ingo Flaschberger" > Date: Tuesday, April 21, 2009, 9:36 AM > ovi freebsd wrote: > > Kaushal Shriyan wrote: > >> On Tue, Apr 21, 2009 at 5:07 PM, Ingo Flaschberger > wrote: > >> > >> > >>> Dear Kaushal, > >>> > >>> I have two lan cards em0 and rl0 on my > system. is there a way to know on > >>> > >>>> freebsd which is onboard or pci card ?. > The issue is my system is located > >>>> at > >>>> remote location. > >>>> > >>>> > >>> perhaps lspci -v helps. > >>> > >>> or something like dmidecode (at linux, does > not know the freebsd name), > >>> then you can readout the mb-name. > >>> > >>> Kind regards, > >>> Ingo Flaschberger > >>> > >>> > >> > >> Hi Ingo > >> > >> I did pciconf -lv and ran dmidecode. I could not > figure it out which one was > >> onboard or pci ? > >> Do you want me to paste the output of that > commands > >> > >> Please suggest > >> > >> Thanks and Regards > >> > >> Kaushal > >> _______________________________________________ > >> freebsd-net@freebsd.org mailing list > >> > http://lists.freebsd.org/mailman/listinfo/freebsd-net > >> To unsubscribe, send any mail to > "freebsd-net-unsubscribe@freebsd.org" > >> > >> > > It is possible to find you the manufacturer of the > motherboard? If yes, it would be easy to know which is > onboard and which is on PCI since are different network > chipsets. > > > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to > "freebsd-net-unsubscribe@freebsd.org" > As an extension of this, what CPU is in the machine? I have > never seen an AMD motherboard come with an onboard Intel > controller. That is not to say that one doesn't exist, > but that it is very rare. > > -Boris On all of the MBs that I have, the slot NIC appears before the onboard ports in the pciconf -l listing. Its certainly not for sure. Barney From owner-freebsd-net@FreeBSD.ORG Tue Apr 21 22:10:04 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 49011106564A for ; Tue, 21 Apr 2009 22:10:04 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 05AAE8FC13 for ; Tue, 21 Apr 2009 22:10:03 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from root by ciao.gmane.org with local (Exim 4.43) id 1LwOAE-0005TV-JN for freebsd-net@freebsd.org; Tue, 21 Apr 2009 22:10:02 +0000 Received: from mailsupport.rambler.ru ([81.19.66.129]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 21 Apr 2009 22:10:02 +0000 Received: from citrin by mailsupport.rambler.ru with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 21 Apr 2009 22:10:02 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Anton Yuzhaninov Date: Tue, 21 Apr 2009 21:08:33 +0000 (UTC) Organization: Rambler Lines: 11 Message-ID: References: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: mailsupport.rambler.ru X-Comment-To: Kaushal Shriyan User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (FreeBSD/7.1-STABLE (amd64)) Sender: news Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Apr 2009 22:10:04 -0000 On Tue, 21 Apr 2009 16:37:29 +0530, Kaushal Shriyan wrote: KS> I have two lan cards em0 and rl0 on my system. is there a way to know on KS> freebsd which is onboard or pci card ?. The issue is my system is located at KS> remote location. KS> install from ports dmidecode, it can show mainboard name. Than read specification for this mainboard. -- Anton Yuzhaninov From owner-freebsd-net@FreeBSD.ORG Wed Apr 22 05:45:16 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BB208106566C for ; Wed, 22 Apr 2009 05:45:16 +0000 (UTC) (envelope-from will@firepipe.net) Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.30]) by mx1.freebsd.org (Postfix) with ESMTP id 850BA8FC0C for ; Wed, 22 Apr 2009 05:45:16 +0000 (UTC) (envelope-from will@firepipe.net) Received: by yx-out-2324.google.com with SMTP id 8so679242yxb.13 for ; Tue, 21 Apr 2009 22:45:16 -0700 (PDT) MIME-Version: 1.0 Received: by 10.150.137.14 with SMTP id k14mr9885909ybd.184.1240377418324; Tue, 21 Apr 2009 22:16:58 -0700 (PDT) Date: Tue, 21 Apr 2009 23:16:58 -0600 Message-ID: <2aada3410904212216o128e1fdfx8c299b3531adc694@mail.gmail.com> From: Will Andrews To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: CARP as a module; followup thoughts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2009 05:45:17 -0000 Hello, I've written a patch (against 8.0-CURRENT as of r191369) which makes it possible to build, load, run, & unload CARP as a module, using the GENERIC kernel. It can be obtained from: http://firepipe.net/patches/carp-as-module-20090421.diff Having written this patch, I have some thoughts. First of all, this patch follows the same pattern of function pointers used by if_lagg, if_vlan, ng_ether, bpf, and if_bridge. While it works, this approach (along with that used by the other interfaces) is a hackish way to implement the interfaces as kernel modules. It appears that each one needs to have its hooks inserted at a specific point in the packet processing. So it seems to me that a better way to do this would be to implement a generic network protocol interface and have everything that processes packets register its hooks with that interface. Which if_* seems to do to an extent, but not enough to meet the requirements of the above-mentioned network protocols. More to the point, netinet/in_proto.c & netinet6/in6_proto.c use hardcoded protocol definition structures. Until this diff introduced in{6,}_proto_{un,}register(), there was no way to define hooks for any other protocols without hacking these files or compiling with different options (like DEV_CARP). I envision a struct ifnet_hooks array that includes hooks that can be registered by any protocol for packet processing at any point, including: pre-input, input, post-input, pre-output, output, post-output, link state change, route, etc. Then each struct ifnet would contain a list of these pointers, to be configured in a given order depending on the administrator's needs. The interface would run through the list for a given stage and run the protocol specific function pointer to perform its processing at that stage. Of course, that is probably a much too simplistic idea (there are a lot of special cases it seems). And the reality is, there is already something in FreeBSD that makes arbitrary packet processing hook order possible - netgraph. So why is it FreeBSD allows these modules when there are netgraph equivalents for all of them (currently, except CARP)? More to the point, why isn't netgraph used for most (if not all) packet processing? Has anyone tried to build a kernel without INET? It's not pretty, and demonstrates the biases the stack has towards IPv4 vs. other protocols like IPv6. In other words, there's lots of code that looks like this: #ifdef INET6 #endif It would be nice if the stack didn't assume any particular protocol base; making all protocols optional (except as explicitly defined by direct dependency) seems a worthy goal. I think it also might be useful to third party developers if they didn't have to modify anything in the base kernel to insert a new protocol in the stack. I'm sure most of this sounds like rambling from a crazed lunatic or something, but I'm also sure most who understand my patch agree that it isn't the nicest of ways to make it possible to load carp (or any other protocol) as a module. Regards, --Will. From owner-freebsd-net@FreeBSD.ORG Wed Apr 22 06:51:29 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 28513106566B; Wed, 22 Apr 2009 06:51:29 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id F1DEF8FC17; Wed, 22 Apr 2009 06:51:28 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n3M6pSog042172; Wed, 22 Apr 2009 06:51:28 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n3M6pSW2042168; Wed, 22 Apr 2009 06:51:28 GMT (envelope-from linimon) Date: Wed, 22 Apr 2009 06:51:28 GMT Message-Id: <200904220651.n3M6pSW2042168@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/133902: [tun] Killing tun0 iface ssh tunnel causes Panic String: page fault X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2009 06:51:29 -0000 Old Synopsis: Killing tun0 iface ssh tunnel causes Panic String: page fault New Synopsis: [tun] Killing tun0 iface ssh tunnel causes Panic String: page fault Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Wed Apr 22 06:51:05 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=133902 From owner-freebsd-net@FreeBSD.ORG Wed Apr 22 10:08:15 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7A5391065674 for ; Wed, 22 Apr 2009 10:08:15 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by mx1.freebsd.org (Postfix) with ESMTP id 4DE388FC1F for ; Wed, 22 Apr 2009 10:08:15 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 141882FC89A; Wed, 22 Apr 2009 06:08:14 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Wed, 22 Apr 2009 06:08:14 -0400 X-Sasl-enc: 4JG5pJJmeCIO09FfmVQwtlAoTAbPES7pBwvpL/sDVz3c 1240394893 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id 7BA0C3100C; Wed, 22 Apr 2009 06:08:13 -0400 (EDT) Message-ID: <49EEEC8B.7080109@incunabulum.net> Date: Wed, 22 Apr 2009 11:08:11 +0100 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: Will Andrews References: <2aada3410904212216o128e1fdfx8c299b3531adc694@mail.gmail.com> In-Reply-To: <2aada3410904212216o128e1fdfx8c299b3531adc694@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: CARP as a module; followup thoughts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2009 10:08:15 -0000 Will Andrews wrote: > I'm sure most of this sounds like rambling from a crazed lunatic or > something, but I'm also sure most who understand my patch agree that > it isn't the nicest of ways to make it possible to load carp (or any > other protocol) as a module. > Not at all. It is a mess to be sure. One of the criticisms of Netgraph is that it is poorly understood outside of its immediate developer community. The BSD networking stack has a number of textbooks written for it, Netgraph does not, and it probably factored into the decision of Itronix to sponsor a from-scratch implementation of Bluetooth for NetBSD -- netgraph has been considered 'a bridge too far', to score a cheesy pun. It has also been criticised for performance, although I am not in a position to judge either way at the moment, I simply don't have all the information to hand, and am busy doing other things often. I don't have time to look at your patch right now, unfortunately, but can try to make time when less pressed. When I last looked at the CARP hooks, during the ether_input() cleanup, all that was really missing was the ability to register soft MAC addresses in the perfect hash filter entries other than the one programmed into the card (or configured via ifconfig(8) mechanisms). cheers BMS From owner-freebsd-net@FreeBSD.ORG Wed Apr 22 10:10:01 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 686081065676 for ; Wed, 22 Apr 2009 10:10:01 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by mx1.freebsd.org (Postfix) with ESMTP id 384EA8FC0C for ; Wed, 22 Apr 2009 10:10:01 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id D1A81320B4F; Wed, 22 Apr 2009 06:10:00 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Wed, 22 Apr 2009 06:10:00 -0400 X-Sasl-enc: pmOljxIplF78IoUG2B/rfKHYQ7C+KYnmPVTVu2JppOFo 1240395000 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id 23CBE27707; Wed, 22 Apr 2009 06:10:00 -0400 (EDT) Message-ID: <49EEECF6.2080705@incunabulum.net> Date: Wed, 22 Apr 2009 11:09:58 +0100 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: Kaushal Shriyan References: <6b16fb4c0904210407w3caa791fo2c9ada9879a0981d@mail.gmail.com> <6b16fb4c0904210455q33ea34c6s33c226cf5f22504b@mail.gmail.com> <49EDB566.8090409@freebsdonline.com> <6b16fb4c0904210525x43811cb3p71117e92e9826547@mail.gmail.com> In-Reply-To: <6b16fb4c0904210525x43811cb3p71117e92e9826547@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: ovi freebsd , Ingo Flaschberger , freebsd-net@freebsd.org Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2009 10:10:02 -0000 Kaushal Shriyan wrote: > ... > so there is no such command line utility to get to know about that > information on Free BSD ? > There is no sure fire way to get that information anywhere, unless you're working with a system which has implemented PCI geographical addressing. Some of this is present in hotplug support. If someone pays for the feature, I'm sure it can get done... Having said that you should be able to make educated guesses about where something is, just by looking at the bus hierarchy (e.g. using devinfo or similar tool). This is no different from anywhere else that implements PCI. thanks, BMS From owner-freebsd-net@FreeBSD.ORG Wed Apr 22 12:47:39 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BE7471065673 for ; Wed, 22 Apr 2009 12:47:39 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by mx1.freebsd.org (Postfix) with ESMTP id 937F58FC0C for ; Wed, 22 Apr 2009 12:47:39 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 2A8093203DA; Wed, 22 Apr 2009 08:47:39 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Wed, 22 Apr 2009 08:47:39 -0400 X-Sasl-enc: R6rQx5uv0xhesVtJlIDQWQSfJIP9FN1SkAPYXeXcbgPE 1240404458 Received: from empiric.lon.incunabulum.net (unknown [81.168.51.182]) by mail.messagingengine.com (Postfix) with ESMTPSA id 8DDE24D67F; Wed, 22 Apr 2009 08:47:38 -0400 (EDT) Message-ID: <49EF11E8.508@FreeBSD.org> Date: Wed, 22 Apr 2009 13:47:36 +0100 From: "Bruce M. Simpson" User-Agent: Thunderbird 2.0.0.21 (X11/20090412) MIME-Version: 1.0 To: Will Andrews References: <2aada3410904212216o128e1fdfx8c299b3531adc694@mail.gmail.com> In-Reply-To: <2aada3410904212216o128e1fdfx8c299b3531adc694@mail.gmail.com> X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: CARP as a module; followup thoughts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2009 12:47:40 -0000 Hi, Will Andrews wrote: > Hello, > > I've written a patch (against 8.0-CURRENT as of r191369) which makes > it possible to build, load, run, & unload CARP as a module, using the > GENERIC kernel. It can be obtained from: > > http://firepipe.net/patches/carp-as-module-20090421.diff > There's no need to implement the in*_proto_register() stuff in that patch, you should just be able to re-use the encap_attach_func() functions. Look at how PIM is implemented in ip_mroute.c for an example. Other than that it looks like a good start... but would hold off on committing as-is. the more general case of registering a MAC address on an interface should be considered. cheers, BMS From owner-freebsd-net@FreeBSD.ORG Wed Apr 22 17:11:37 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EB814106571E for ; Wed, 22 Apr 2009 17:11:37 +0000 (UTC) (envelope-from kes-kes@yandex.ru) Received: from forwards5.yandex.ru (forwards5.yandex.ru [77.88.61.37]) by mx1.freebsd.org (Postfix) with ESMTP id 353FB8FC12 for ; Wed, 22 Apr 2009 17:11:37 +0000 (UTC) (envelope-from kes-kes@yandex.ru) Received: from smtp17.yandex.ru (smtp17.yandex.ru [77.88.61.55]) by forwards5.yandex.ru (Yandex) with ESMTP id 23F4AAFBF7 for ; Wed, 22 Apr 2009 21:01:08 +0400 (MSD) Received: from [193.41.172.38] ([193.41.172.38]:61170 "EHLO HOMEUSER" smtp-auth: "kes-kes" TLS-CIPHER: TLS-PEER-CN1: ) by mail.yandex.ru with ESMTP id S13287675AbZDVRBH (ORCPT ); Wed, 22 Apr 2009 21:01:07 +0400 X-Yandex-TimeMark: 1240419668 X-Yandex-Spam: 1 X-Yandex-Front: smtp17 X-BornDate: 1149541200 X-Yandex-Karma: 0 X-Yandex-KarmaStatus: 0 X-MsgDayCount: 1 X-Comment: RFC 2476 MSA function at smtp17.yandex.ru logged sender identity as: kes-kes X-Nat-Received: from [192.168.9.80]:1167 [ident-empty] by SPAM FILTER: with TPROXY id 1240419773.55807 abuse-to kes-kes@yandex.ru Date: Wed, 22 Apr 2009 20:01:06 +0300 From: Chris Cowart X-Mailer: The Bat! (v4.0.24) Professional Organization: RSSP-IT, UC Berkeley X-Priority: 3 (Normal) Message-ID: <1812419482.20090422200106@yandex.ru> To: freebsd-net@freebsd.org Resent-from: KES MIME-Version: 1.0 Content-Type: text/plain; charset=windows-1251 Content-Transfer-Encoding: 8bit Resent-Date: Wed, 22 Apr 2009 21:01:07 +0400 Resent-Message-Id: <20090422170108.23F4AAFBF7@forwards5.yandex.ru> Subject: Re: IPFW missing feature X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2009 17:11:38 -0000 KES wrote: > ????????????, Lowell. > > ?? ?????? 16 ?????? 2009 ?., 15:22:31: > > LG> KES writes: > >>> The tablearg feature provides the ability to use a value, looked up in >>> the table, as the argument for a rule action, action parameter or rule >>> option. This can significantly reduce number of rules in some configura- >>> tions. If two tables are used in a rule, the result of the second (des- >>> tination) is used. The tablearg argument can be used with the following >>> actions: nat, pipe, queue, divert, tee, netgraph, ngtee, fwd, skipto >>> action parameters: tag, untag, rule options: limit, tagged. >>> >>> >>> Why tablearg cannot be used with setfib? > > LG> Because tables are a feature of IPFW, and the FIB isn't. > > setfib is also feature of ipfw. see man: > > setfib fibnum > The packet is tagged so as to use the FIB (routing table) fibnum > in any subsequent forwarding decisions. Initially this is limited > to the values 0 through 15. See setfib(8). Processing continues > at the next rule. > > There is no any difficulties to use 'tablearg' as 'fibnum' > > ipfw add 3 setfib 2 all from 192.168.0.0/16 to any in recv > ipfw add 3 setfib tablearg all from table() to any in recv > > but now this is not mistake to write 'setfib tablearg'. IPFW just > replace tablearg in rule with 0 > It seems like a bug. because of it MUST work in proper way or DO NOT > work at all. IMHO I use tablearg with netgraph. For example, ipfw add netgraph tablearg all from 'table(9)' to any in When I run ipfw show, I see: 02380 408 60358 netgraph tablearg ip from any to table(9) in KES, do you mean to say that when you run `ipfw show' the rule is echoed back to you as: setfib 0 all from table() to any in recv instead of tablearg? If that's the case, it sounds like ipfw is parsing the rule incorrectly. If tablearg isn't supported by setfib, I would expect a syntax error to be thrown and not a different rule being inserted into your ruleset. If this is the behavior you're seeing, you should run it by the folks on the -net mailing list. That would also be a good place to ask about future plans to support this feature. -- Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley From owner-freebsd-net@FreeBSD.ORG Wed Apr 22 17:18:03 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 33B5F1065673 for ; Wed, 22 Apr 2009 17:18:03 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outW.internet-mail-service.net (outw.internet-mail-service.net [216.240.47.246]) by mx1.freebsd.org (Postfix) with ESMTP id 198E58FC16 for ; Wed, 22 Apr 2009 17:18:02 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 1A770DC015; Wed, 22 Apr 2009 10:18:03 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 77BB62D6032; Wed, 22 Apr 2009 10:18:02 -0700 (PDT) Message-ID: <49EF514A.5080103@elischer.org> Date: Wed, 22 Apr 2009 10:18:02 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: Chris Cowart References: <1812419482.20090422200106@yandex.ru> In-Reply-To: <1812419482.20090422200106@yandex.ru> Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: IPFW missing feature X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2009 17:18:03 -0000 Chris Cowart wrote: > KES wrote: >> ????????????, Lowell. >> >> ?? ?????? 16 ?????? 2009 ?., 15:22:31: >> >> LG> KES writes: >> >>>> The tablearg feature provides the ability to use a value, looked up in >>>> the table, as the argument for a rule action, action parameter or rule >>>> option. This can significantly reduce number of rules in some configura- >>>> tions. If two tables are used in a rule, the result of the second (des- >>>> tination) is used. The tablearg argument can be used with the following >>>> actions: nat, pipe, queue, divert, tee, netgraph, ngtee, fwd, skipto >>>> action parameters: tag, untag, rule options: limit, tagged. >>>> >>>> >>>> Why tablearg cannot be used with setfib? >> LG> Because tables are a feature of IPFW, and the FIB isn't. >> >> setfib is also feature of ipfw. see man: >> >> setfib fibnum >> The packet is tagged so as to use the FIB (routing table) fibnum >> in any subsequent forwarding decisions. Initially this is limited >> to the values 0 through 15. See setfib(8). Processing continues >> at the next rule. >> >> There is no any difficulties to use 'tablearg' as 'fibnum' >> >> ipfw add 3 setfib 2 all from 192.168.0.0/16 to any in recv >> ipfw add 3 setfib tablearg all from table() to any in recv >> >> but now this is not mistake to write 'setfib tablearg'. IPFW just >> replace tablearg in rule with 0 >> It seems like a bug. because of it MUST work in proper way or DO NOT >> work at all. IMHO > > > I use tablearg with netgraph. > > For example, > > ipfw add netgraph tablearg all from 'table(9)' to any in > > When I run ipfw show, I see: > > 02380 408 60358 netgraph tablearg ip from any to table(9) in > > KES, do you mean to say that when you run `ipfw show' the rule is echoed > back to you as: > > setfib 0 all from table() to any in recv > > instead of tablearg? > > If that's the case, it sounds like ipfw is parsing the rule incorrectly. > If tablearg isn't supported by setfib, I would expect a syntax error to > be thrown and not a different rule being inserted into your ruleset. If > this is the behavior you're seeing, you should run it by the folks on > the -net mailing list. That would also be a good place to ask about > future plans to support this feature. > Unfortunately 'tablearg' is not implemented in the code as a generic thing, but rather needs to be implemented separately for each place where it may be used. In this case I simply didn't think of it when I added setfib. It does make sense to allow it and I will consider adding this in the future as it would be useful for policy routing. From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 06:28:24 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B7F191065690 for ; Thu, 23 Apr 2009 06:28:24 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail15.syd.optusnet.com.au (mail15.syd.optusnet.com.au [211.29.132.196]) by mx1.freebsd.org (Postfix) with ESMTP id 4A9638FC14 for ; Thu, 23 Apr 2009 06:28:24 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from server.vk2pj.dyndns.org (c122-106-216-167.belrs3.nsw.optusnet.com.au [122.106.216.167]) by mail15.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id n3N6SJZG000434 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 23 Apr 2009 16:28:21 +1000 X-Bogosity: Ham, spamicity=0.000000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.3/8.14.3) with ESMTP id n3N6SEX0040129; Thu, 23 Apr 2009 16:28:14 +1000 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.3/8.14.3/Submit) id n3N6SDgr040128; Thu, 23 Apr 2009 16:28:14 +1000 (EST) (envelope-from peter) Date: Thu, 23 Apr 2009 16:28:13 +1000 From: Peter Jeremy To: Barney Cordoba Message-ID: <20090423062813.GA8531@server.vk2pj.dyndns.org> References: <49EDCBD7.9030407@acm.poly.edu> <472244.30756.qm@web63908.mail.re1.yahoo.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="82I3+IH0IqGh5yIs" Content-Disposition: inline In-Reply-To: <472244.30756.qm@web63908.mail.re1.yahoo.com> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.19 (2009-01-05) Cc: ovi freebsd , freebsd-net@freebsd.org Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 06:28:25 -0000 --82I3+IH0IqGh5yIs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2009-Apr-21 14:02:38 -0700, Barney Cordoba wr= ote: >On all of the MBs that I have, the slot NIC appears before the onboard >ports in the pciconf -l listing. Its certainly not for sure. As a datapoint to add to the uncertainty, the SunFire V440 has 4 motherboard NICs - two come before the PCI slots and two after (so adding a PCI-based Cassini nic moves ce2 from the MB to the plugin). Even slot numbering on larger boxes (with multiple physical PCI buses) can be non (or counter) intuitive. Also note that FreeBSD has also changed its PCI probe order at least once in the past (effectively re-numbering devices). --=20 Peter Jeremy --82I3+IH0IqGh5yIs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (FreeBSD) iEYEARECAAYFAknwCn0ACgkQ/opHv/APuIfMyACdG7+ZxXKkkeBFWlheR/PdNVCQ hcsAoMMyXk1Ofsdq29atwojhXiQVF9o5 =yHpq -----END PGP SIGNATURE----- --82I3+IH0IqGh5yIs-- From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 08:18:57 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 24749106566B for ; Thu, 23 Apr 2009 08:18:57 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: from mail-bw0-f165.google.com (mail-bw0-f165.google.com [209.85.218.165]) by mx1.freebsd.org (Postfix) with ESMTP id 90E438FC1D for ; Thu, 23 Apr 2009 08:18:56 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: by bwz9 with SMTP id 9so381061bwz.43 for ; Thu, 23 Apr 2009 01:18:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=p6UcTisNHdNqNfAcgP6O0r1y9XLF791XLwlCQhWFTVA=; b=Bf/Wiv3RREsFfoxjwSNHeuwXHNaDhUOvP0VQuaFZJTba+z79uXFLgInOMUvL53OdhR lBZPGlb1UJEOG6pBO4U8yNti11dxq3sT/Nro8Z423Jd6XZmFFFCVUEW6rFC/smtQxL7/ NSITtCyJQXLKNAZLzgcYbfrEfYZbipsfdX+wQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=MaqO4ABQKmPMh9fQf7VXzgbc11ol3tI3gMZzriiLwX4d7HduuRQLAtlxB2gmzjzfFf AD/CYpSNFctLkdpjeiCs3MRJlYsz8ei8t9Pq0ijahHr+7Ogt6G6s34qcdkc2YuhCaTk+ 7OdVSrdsk7MuxIgEGH1vMADkn3Z7gymR6OQ/E= MIME-Version: 1.0 Received: by 10.103.160.9 with SMTP id m9mr410017muo.96.1240474735144; Thu, 23 Apr 2009 01:18:55 -0700 (PDT) Date: Thu, 23 Apr 2009 12:18:55 +0400 Message-ID: From: pluknet To: FreeBSD Net Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: panic in soabort X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 08:18:57 -0000 Hi all. Please, give me comment on this. The panic is on 6.2-REL. Is it known to be fixed in the latter releases? Thanks. db> bt Tracing pid 14677 tid 101677 td 0xcf8e2640 _mtx_lock_sleep(ce7b9a30,cf8e2640,0,0,0) at _mtx_lock_sleep+0x9d soabort(ce7b99bc) at soabort+0x82 soclose(c83a2858) at soclose+0x21a soo_close(cf1c8750,cf8e2640) at soo_close+0x63 fdrop_locked(cf1c8750,cf8e2640,cb18d400,f1872cb4,c06607eb,...) at fdrop_locked+0xac fdrop(cf1c8750,cf8e2640,c991b5a0,cf8e2640,0,...) at fdrop+0x41 closef(cf1c8750,cf8e2640,0,cf8e2640,a,...) at closef+0x42f close(cf8e2640,f1872d04) at close+0x211 syscall(816003b,816003b,bfbf003b,8151034,811a434,...) at syscall+0x2bf Xint0x80_syscall() at Xint0x80_syscall+0x1f --- syscall (6, FreeBSD ELF32, close), eip = 0x2832230f, esp = 0xbfbfe6dc, ebp = 0xbfbfe6f8 --- db> show msgbuf msgbufp = 0xc1042fe4 magic = 63062, size = 65508, r= 388996, w = 389463, ptr = 0xc1033000, cksum= 5411375 kernel trap 12 with interrupts disabled Fatal trap 12: page fault while in kernel mode cpuid = 5; apic id = 05 fault virtual address = 0x104 fault code = supervisor read, page not present instruction pointer = 0x20:0xc067a01d stack pointer = 0x28:0xf1872bbc frame pointer = 0x28:0xf1872bc8 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = resume, IOPL = 0 current process = 14677 (proftpd) db> show allpcpu Current CPU: 5 cpuid = 0 curthread = 0xc7cfec80: pid 18 "swi4: clock sio" curpcb = 0xe6892d90 fpcurthread = none idlethread = 0xc7cfeaf0: pid 17 "idle: cpu0" APIC ID = 0 currentldt = 0x50 cpuid = 1 curthread = 0xce9b1c80: pid 63915 "sc_trans_freebsd" curpcb = 0xf1263d90 fpcurthread = none idlethread = 0xc7cfe000: pid 16 "idle: cpu1" APIC ID = 1 currentldt = 0x50 cpuid = 2 curthread = 0xd1b944b0: pid 63619 "sc_serv" curpcb = 0xf2435d90 fpcurthread = none idlethread = 0xc7cfde10: pid 15 "idle: cpu2" APIC ID = 2 currentldt = 0x58 cpuid = 3 curthread = 0xd2340af0: pid 5086 "sc_serv" curpcb = 0xf2e08d90 fpcurthread = none idlethread = 0xc7cfdc80: pid 14 "idle: cpu3" APIC ID = 3 currentldt = 0x58 cpuid = 4 curthread = 0xca46b640: pid 14743 "httpd" curpcb = 0xeefbbd90 fpcurthread = none idlethread = 0xc7cfdaf0: pid 13 "idle: cpu4" APIC ID = 4 currentldt = 0x50 cpuid = 5 curthread = 0xcf8e2640: pid 14677 "proftpd" curpcb = 0xf1872d90 fpcurthread = none idlethread = 0xc7cfd960: pid 12 "idle: cpu5" APIC ID = 5 currentldt = 0x50 cpuid = 6 curthread = 0xc833a7d0: pid 10882 "httpd" curpcb = 0xf2651d90 fpcurthread = none idlethread = 0xc7cfd7d0: pid 11 "idle: cpu6" APIC ID = 6 currentldt = 0x50 cpuid = 7 curthread = 0xc7d02000: pid 20 "swi1: net" curpcb = 0xe6898d90 fpcurthread = none idlethread = 0xc7cfd640: pid 10 "idle: cpu7" APIC ID = 7 currentldt = 0x50 db> bt 63619 Tracing pid 63619 tid 103691 td 0xd24e8640 sched_switch(3528361536,0,2) at sched_switch+323 mi_switch(2,0) at mi_switch+442 critical_exit(3231785568,4070575232,3230238960,0,3227844616,...) at critical_exit+157 lapic_handle_timer(0) at lapic_handle_timer+201 Xtimerint(3231785568,3528361536,0,0,0) at Xtimerint+48 accept1(3528361536,4070575364,0,4070575408,3230324027,...) at accept1+254 accept(3528361536,4070575364) at accept+16 syscall(135659579,59,138870843,135738880,0,...) at syscall+703 Xint0x80_syscall() at Xint0x80_syscall+31 --- syscall (30, FreeBSD ELF32, accept), eip = 672261683, esp = 3215908652, ebp = 3215908696 --- db> bt 5086 Tracing pid 5086 tid 103669 td 0xc8494640 sched_switch(3360245312,0,1) at sched_switch+323 mi_switch(1,0,3435481780,4041956464,3228189038,...) at mi_switch+442 sleepq_switch(3435481780) at sleepq_switch+135 sleepq_timedwait_sig(3435481780) at sleepq_timedwait_sig+30 msleep(3435481780,3451159168,360,3230803656,3,...) at msleep+560 kse_release(3360245312,4041956612) at kse_release+567 syscall(135659579,59,138870843,135713536,0,...) at syscall+703 Xint0x80_syscall() at Xint0x80_syscall+31 --- syscall (383, FreeBSD ELF32, kse_release), eip = 671810103, esp = 138899336, ebp = 138899396 --- db> bt 10882 Tracing pid 10882 tid 102711 td 0xc833a7d0 sched_switch(3358828496,3352291680,6) at sched_switch+323 mi_switch(6,3352291680,3352292024,3231754688,4066712232,...) at mi_switch+442 maybe_preempt(3352291680) at maybe_preempt+196 sched_add(3352291680,4,3358828496,3352291680,4066712268,...) at sched_add+600 setrunqueue(3358828840,3499884544,3231754688,4066712304,3228131795,...) at setrunqueue+99 _end() at 3358828496 db> bt 20 Tracing pid 20 tid 100013 td 0xc7d02000 sched_switch(3352305664,3352291680,6) at sched_switch+323 mi_switch(6,3352291680,3352292024,3231754688,3867773608,...) at mi_switch+442 maybe_preempt(3352291680) at maybe_preempt+196 sched_add(3352291680,4,3352305664,3352291680,3867773644,...) at sched_add+600 setrunqueue(3867773668,3227962772,3352306008,3867773680,3228131754,...) at setrunqueue+99 _end() at 3352305664 -- wbr, pluknet From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 09:40:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A95BD106567C for ; Thu, 23 Apr 2009 09:40:13 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 6F9A08FC0A for ; Thu, 23 Apr 2009 09:40:13 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id 2C65046B5C; Thu, 23 Apr 2009 05:40:13 -0400 (EDT) Date: Thu, 23 Apr 2009 10:40:13 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: pluknet In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: FreeBSD Net Subject: Re: panic in soabort X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 09:40:14 -0000 On Thu, 23 Apr 2009, pluknet wrote: > Please, give me comment on this. The panic is on 6.2-REL. Is it known to be > fixed in the latter releases? It may well be -- there have been quite significant architectural improvements to socket life cycle (etc) between 6.2 and 7.x releases, which may well close the race causing this panic. However, we'll probably need to learn a bit more in order to decide for sure. Could you convert the trapping instruction pointer to file+offset in the source code? Robert N M Watson Computer Laboratory University of Cambridge > > Thanks. > > db> bt > Tracing pid 14677 tid 101677 td 0xcf8e2640 > _mtx_lock_sleep(ce7b9a30,cf8e2640,0,0,0) at _mtx_lock_sleep+0x9d > soabort(ce7b99bc) at soabort+0x82 > soclose(c83a2858) at soclose+0x21a > soo_close(cf1c8750,cf8e2640) at soo_close+0x63 > fdrop_locked(cf1c8750,cf8e2640,cb18d400,f1872cb4,c06607eb,...) at > fdrop_locked+0xac > fdrop(cf1c8750,cf8e2640,c991b5a0,cf8e2640,0,...) at fdrop+0x41 > closef(cf1c8750,cf8e2640,0,cf8e2640,a,...) at closef+0x42f > close(cf8e2640,f1872d04) at close+0x211 > syscall(816003b,816003b,bfbf003b,8151034,811a434,...) at syscall+0x2bf > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (6, FreeBSD ELF32, close), eip = 0x2832230f, esp = > 0xbfbfe6dc, ebp = 0xbfbfe6f8 --- > > db> show msgbuf > msgbufp = 0xc1042fe4 > magic = 63062, size = 65508, r= 388996, w = 389463, ptr = 0xc1033000, > cksum= 5411375 > kernel trap 12 with interrupts disabled > > > Fatal trap 12: page fault while in kernel mode > cpuid = 5; apic id = 05 > fault virtual address = 0x104 > fault code = supervisor read, page not present > instruction pointer = 0x20:0xc067a01d > stack pointer = 0x28:0xf1872bbc > frame pointer = 0x28:0xf1872bc8 > code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, def32 1, gran 1 > processor eflags = resume, IOPL = 0 > current process = 14677 (proftpd) > > db> show allpcpu > Current CPU: 5 > > cpuid = 0 > curthread = 0xc7cfec80: pid 18 "swi4: clock sio" > curpcb = 0xe6892d90 > fpcurthread = none > idlethread = 0xc7cfeaf0: pid 17 "idle: cpu0" > APIC ID = 0 > currentldt = 0x50 > > cpuid = 1 > curthread = 0xce9b1c80: pid 63915 "sc_trans_freebsd" > curpcb = 0xf1263d90 > fpcurthread = none > idlethread = 0xc7cfe000: pid 16 "idle: cpu1" > APIC ID = 1 > currentldt = 0x50 > > cpuid = 2 > curthread = 0xd1b944b0: pid 63619 "sc_serv" > curpcb = 0xf2435d90 > fpcurthread = none > idlethread = 0xc7cfde10: pid 15 "idle: cpu2" > APIC ID = 2 > currentldt = 0x58 > > cpuid = 3 > curthread = 0xd2340af0: pid 5086 "sc_serv" > curpcb = 0xf2e08d90 > fpcurthread = none > idlethread = 0xc7cfdc80: pid 14 "idle: cpu3" > APIC ID = 3 > currentldt = 0x58 > > cpuid = 4 > curthread = 0xca46b640: pid 14743 "httpd" > curpcb = 0xeefbbd90 > fpcurthread = none > idlethread = 0xc7cfdaf0: pid 13 "idle: cpu4" > APIC ID = 4 > currentldt = 0x50 > > cpuid = 5 > curthread = 0xcf8e2640: pid 14677 "proftpd" > curpcb = 0xf1872d90 > fpcurthread = none > idlethread = 0xc7cfd960: pid 12 "idle: cpu5" > APIC ID = 5 > currentldt = 0x50 > > cpuid = 6 > curthread = 0xc833a7d0: pid 10882 "httpd" > curpcb = 0xf2651d90 > fpcurthread = none > idlethread = 0xc7cfd7d0: pid 11 "idle: cpu6" > APIC ID = 6 > currentldt = 0x50 > > cpuid = 7 > curthread = 0xc7d02000: pid 20 "swi1: net" > curpcb = 0xe6898d90 > fpcurthread = none > idlethread = 0xc7cfd640: pid 10 "idle: cpu7" > APIC ID = 7 > currentldt = 0x50 > > db> bt 63619 > Tracing pid 63619 tid 103691 td 0xd24e8640 > sched_switch(3528361536,0,2) at sched_switch+323 > mi_switch(2,0) at mi_switch+442 > critical_exit(3231785568,4070575232,3230238960,0,3227844616,...) at > critical_exit+157 > lapic_handle_timer(0) at lapic_handle_timer+201 > Xtimerint(3231785568,3528361536,0,0,0) at Xtimerint+48 > accept1(3528361536,4070575364,0,4070575408,3230324027,...) at accept1+254 > accept(3528361536,4070575364) at accept+16 > syscall(135659579,59,138870843,135738880,0,...) at syscall+703 > Xint0x80_syscall() at Xint0x80_syscall+31 > --- syscall (30, FreeBSD ELF32, accept), eip = 672261683, esp = > 3215908652, ebp = 3215908696 --- > > db> bt 5086 > Tracing pid 5086 tid 103669 td 0xc8494640 > sched_switch(3360245312,0,1) at sched_switch+323 > mi_switch(1,0,3435481780,4041956464,3228189038,...) at mi_switch+442 > sleepq_switch(3435481780) at sleepq_switch+135 > sleepq_timedwait_sig(3435481780) at sleepq_timedwait_sig+30 > msleep(3435481780,3451159168,360,3230803656,3,...) at msleep+560 > kse_release(3360245312,4041956612) at kse_release+567 > syscall(135659579,59,138870843,135713536,0,...) at syscall+703 > Xint0x80_syscall() at Xint0x80_syscall+31 > --- syscall (383, FreeBSD ELF32, kse_release), eip = 671810103, esp = > 138899336, ebp = 138899396 --- > > db> bt 10882 > Tracing pid 10882 tid 102711 td 0xc833a7d0 > sched_switch(3358828496,3352291680,6) at sched_switch+323 > mi_switch(6,3352291680,3352292024,3231754688,4066712232,...) at mi_switch+442 > maybe_preempt(3352291680) at maybe_preempt+196 > sched_add(3352291680,4,3358828496,3352291680,4066712268,...) at sched_add+600 > setrunqueue(3358828840,3499884544,3231754688,4066712304,3228131795,...) > at setrunqueue+99 > _end() at 3358828496 > > db> bt 20 > Tracing pid 20 tid 100013 td 0xc7d02000 > sched_switch(3352305664,3352291680,6) at sched_switch+323 > mi_switch(6,3352291680,3352292024,3231754688,3867773608,...) at mi_switch+442 > maybe_preempt(3352291680) at maybe_preempt+196 > sched_add(3352291680,4,3352305664,3352291680,3867773644,...) at sched_add+600 > setrunqueue(3867773668,3227962772,3352306008,3867773680,3228131754,...) > at setrunqueue+99 > _end() at 3352305664 > > > > -- > wbr, > pluknet > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 10:40:03 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 254281065672 for ; Thu, 23 Apr 2009 10:40:03 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id EC9628FC32 for ; Thu, 23 Apr 2009 10:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n3NAe2rL056113 for ; Thu, 23 Apr 2009 10:40:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n3NAe2wW056111; Thu, 23 Apr 2009 10:40:02 GMT (envelope-from gnats) Date: Thu, 23 Apr 2009 10:40:02 GMT Message-Id: <200904231040.n3NAe2wW056111@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Adam K Kirchhoff Cc: Subject: Re: kern/131153: [iwi] iwi doesn't see a wireless network X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Adam K Kirchhoff List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 10:40:03 -0000 The following reply was made to PR kern/131153; it has been noted by GNATS. From: Adam K Kirchhoff To: bug-followup@FreeBSD.org, adamk@voicenet.com Cc: Subject: Re: kern/131153: [iwi] iwi doesn't see a wireless network Date: Thu, 23 Apr 2009 06:31:56 -0400 Can anyone at least confirm that the iwi and ath drivers work with 802.11n networks with WPA? From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 12:21:11 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B235106566C for ; Thu, 23 Apr 2009 12:21:11 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63905.mail.re1.yahoo.com (web63905.mail.re1.yahoo.com [69.147.97.120]) by mx1.freebsd.org (Postfix) with SMTP id 2FD0F8FC2C for ; Thu, 23 Apr 2009 12:21:10 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 87309 invoked by uid 60001); 23 Apr 2009 12:21:10 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1240489270; bh=ckrk8xlOci0Pi/hab6xfn7MSHgcNS/AD+ywhyXFwTM0=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=0Z/566mXl4Qt3E4vf006F+AGLwBnZrmTxsxnOhmTfCF2s+qruyk6ASvPIZJO3vEAh55SOGt2moKlJLgjmLTCIG7kYn5cEuliSZS7GPfAyrHdxOjf+MwLlo/tkFesAFzkeQ+DdxuFpiegFGpuMF5ZFBmV8iSWsKn6z6I/kHQRkJ4= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=dKyviI6W1bKr0XrNC7wbG6zGKDRTXeAIAJXV1WTwFczgsMLoKxN2M2Fu8ZSJNuaRTsoeXZWCXYtFO73DR3k2/Jis4/0DKbjJw/xM8qLg4yyONGUKqFBaKiJEH/G/iFZ4y4yChS9D2yW0d46xqnUFyIEC3tcuCeFLsp3TBDuXEaU=; Message-ID: <432748.87246.qm@web63905.mail.re1.yahoo.com> X-YMail-OSG: kQhjaK4VM1lRHbRhZDMHFOMjqD_9n29_nZkj3.LVdy_8HprhFvfXqdvycr7YQxF_lpAU3KwkkBbnpEHmXRkEU7xJUGqVrhqjC4MBJ4IXeQFK5qLRmkEeybOPEa7HD2oxdO.T6FN3CHKPovsj6Cn0Dg5DDSQWQSBrJ69dZDfoV_4g9PZDLw4Vet9oRJjso8JnnBsDHcMi8MNrMwfSG.piCvMzK6hTpWS1eUiv.dnjcPOWg0fmk8d1uLx0kknWga27ieI.HDKgV_E335XPlU.hOZpLvVc- Received: from [98.242.223.106] by web63905.mail.re1.yahoo.com via HTTP; Thu, 23 Apr 2009 05:21:10 PDT X-Mailer: YahooMailWebService/0.7.289.1 Date: Thu, 23 Apr 2009 05:21:10 -0700 (PDT) From: Barney Cordoba To: Peter Jeremy In-Reply-To: <20090423062813.GA8531@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-net@freebsd.org Subject: Re: Network Card X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: barney_cordoba@yahoo.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 12:21:11 -0000 --- On Thu, 4/23/09, Peter Jeremy wrote: > From: Peter Jeremy > Subject: Re: Network Card > To: "Barney Cordoba" > Cc: "ovi freebsd" , freebsd-net@freebsd.org > Date: Thursday, April 23, 2009, 2:28 AM > On 2009-Apr-21 14:02:38 -0700, Barney Cordoba > wrote: > >On all of the MBs that I have, the slot NIC appears > before the onboard > >ports in the pciconf -l listing. Its certainly not for > sure. > > As a datapoint to add to the uncertainty, the SunFire V440 > has 4 > motherboard NICs - two come before the PCI slots and two > after (so > adding a PCI-based Cassini nic moves ce2 from the MB to the > plugin). > > Even slot numbering on larger boxes (with multiple physical > PCI buses) > can be non (or counter) intuitive. > > Also note that FreeBSD has also changed its PCI probe order > at least > once in the past (effectively re-numbering devices). > > -- > Peter Jeremy 4 port NICs generally have a bridge chip on it, so they always tend to muck things up. If the nics are PCI-X, you can probably add some trace to the em driver to see what the bus speed is. Onboard NICs are usually 33mhz or 66Mhz (I've never seen on onboard that runs 133Mhz)..however if the add-on card is 33mhz or PCI-E than you won't know. But if the em NIC is running at 133 than its almost definitely (hows that for certainty?) a plug in card. Who would buy a realtek plug in card anyway? Barney From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 12:51:07 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2971D106564A for ; Thu, 23 Apr 2009 12:51:07 +0000 (UTC) (envelope-from tamaru@myn.rcast.u-tokyo.ac.jp) Received: from mail4.ecc.u-tokyo.ac.jp (mail3.ecc.u-tokyo.ac.jp [133.11.205.99]) by mx1.freebsd.org (Postfix) with ESMTP id CC5478FC1B for ; Thu, 23 Apr 2009 12:51:06 +0000 (UTC) (envelope-from tamaru@myn.rcast.u-tokyo.ac.jp) Received: from mail0.ecc.u-tokyo.ac.jp (mail0.ecc.u-tokyo.ac.jp [133.11.45.132]) by mail4.ecc.u-tokyo.ac.jp (Postfix) with ESMTP id 5B4E35B0BD4 for ; Thu, 23 Apr 2009 21:14:01 +0900 (JST) Received: from mhs003.ecc.u-tokyo.ac.jp (mhs003.ecc.u-tokyo.ac.jp [133.11.70.163]) by mail0.ecc.u-tokyo.ac.jp (Postfix) with ESMTP id 9EC642EC00C for ; Thu, 23 Apr 2009 21:13:59 +0900 (JST) Received: from amulet.amuletic.net (124.155.55.252 [124.155.55.252]) by mhs003.ecc.u-tokyo.ac.jp (SpamBlock.pstn.b 3.4.102) with ESMTP id for ; Thu, 23 Apr 2009 21:13:54 +0900 Date: Thu, 23 Apr 2009 21:13:51 +0900 Message-ID: From: Hiroharu Tamaru To: freebsd-net@freebsd.org User-Agent: User-Agent: Wanderlust/2.14.0 (Africa) Emacs/21.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII X-IP: 124.155.55.252 X-FROM-DOMAIN: myn.rcast.u-tokyo.ac.jp X-FROM-EMAIL: tamaru@myn.rcast.u-tokyo.ac.jp Subject: proxy arp on 8.0-current? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 12:51:07 -0000 Hi, I'm trying to setup an proxy arp on a dual homed host. I noticed that I cannot set it up on 8.0-current the same way as I could on 6.2; hence the question: have the setup procedure changed recently (when the arp table was separated from the routing table, maybe?)? My 8.0-current is from 200902 snapshot. Here is a simple demonstration using two single-interfaced hosts: setup: host6.2# ifconfig em0 inet 192.168.0.1/24 host6.2# arp -s 192.168.0.11 auto pub host6.2# arp -an | grep permanent ? (192.168.0.1) at 00:16:d3:xx:xx:xx on em0 permanent [ethernet] ? (192.168.0.11) at 00:16:d3:xx:xx:xx on em0 permanent published [ethernet] host6.2# tcpdump -np arp host8.0# ifconfig em0 inet 192.168.0.2/24 host8.0# arp -s 192.168.0.12 auto pub host8.0# arp -an | grep permanent ? (192.168.0.2) at 00:0c:29:xx:xx:xx on em0 permanent [ethernet] ? (192.168.0.12) at 00:0c:29:xx:xx:xx on em0 permanent published [ethernet] host8.0# tcpdump -np arp then, I do: host6.2# arp -d 192.168.0.2; ping -c 1 192.168.0.2 host6.2# arp -d 192.168.0.12; ping -c 1 192.168.0.12 host8.0# arp -d 192.168.0.1; ping -c 1 192.168.0.1 host8.0# arp -d 192.168.0.11; ping -c 1 192.168.0.11 I am not caring about 'arp -d' errors (cannot locate) nor ping not responding (for proxied addresses). I just cared about arp requests and replys for now. The output of tcpdump on both sides are like this: arp who-has 192.168.0.2 tell 192.168.0.1 arp reply 192.168.0.2 is-at 00:0c:29:xx:xx:xx arp who-has 192.168.0.12 tell 192.168.0.1 ---->no reply arp who-has 192.168.0.1 tell 192.168.0.2 arp reply 192.168.0.1 is-at 00:16:d3:xx:xx:xx arp who-has 192.168.0.11 tell 192.168.0.2 arp reply 192.168.0.11 is-at 00:16:d3:xx:xx:xx As you can see from the above, 'arp -s 192.168.0.12 auto pub' on 8.0-current host seems not to be producing proxy arp's. What am I missing? Thanks. -- Hiroharu Tamaru From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 13:42:17 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3C6D8106564A for ; Thu, 23 Apr 2009 13:42:17 +0000 (UTC) (envelope-from ddg@yan.com.br) Received: from mail.mastercabo.com.br (mail.mastercabo.com.br [189.91.0.40]) by mx1.freebsd.org (Postfix) with SMTP id 6A4BC8FC23 for ; Thu, 23 Apr 2009 13:42:15 +0000 (UTC) (envelope-from ddg@yan.com.br) Received: (qmail 20574 invoked by uid 1008); 23 Apr 2009 13:15:35 -0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-unknown (2008-06-10) on srvmail1 X-Spam-Level: X-Spam-Status: No, score=-0.4 required=4.8 tests=BAYES_00,RDNS_NONE, SUBJ_ALL_CAPS autolearn=no version=3.2.5-unknown Received: from unknown (HELO ?192.168.0.169?) (daniel@dgnetwork.com.br@189.91.0.65) by mail.mastercabo.com.br with SMTP; 23 Apr 2009 13:15:35 -0000 Message-ID: <49F06985.1000303@yan.com.br> Date: Thu, 23 Apr 2009 10:13:41 -0300 From: =?ISO-8859-1?Q?Daniel_Dias_Gon=E7alves?= User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: IPFW MAX RULES COUNT PERFORMANCE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ddg@yan.com.br List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 13:42:17 -0000 Hi, My system is a FreeBSD 7.1R. When I add rules IPFW COUNT to 254 IPS from my network, one of my interfaces increases the latency, causing large delays in the network, when I delete COUNT rules, everything returns to normal, which can be ? My script: ipcount.php -- CUT -- -- CUT -- net.inet.ip.fw.dyn_keepalive: 1 net.inet.ip.fw.dyn_short_lifetime: 5 net.inet.ip.fw.dyn_udp_lifetime: 10 net.inet.ip.fw.dyn_rst_lifetime: 1 net.inet.ip.fw.dyn_fin_lifetime: 1 net.inet.ip.fw.dyn_syn_lifetime: 20 net.inet.ip.fw.dyn_ack_lifetime: 300 net.inet.ip.fw.static_count: 262 net.inet.ip.fw.dyn_max: 10000 net.inet.ip.fw.dyn_count: 0 net.inet.ip.fw.curr_dyn_buckets: 256 net.inet.ip.fw.dyn_buckets: 10000 net.inet.ip.fw.default_rule: 65535 net.inet.ip.fw.verbose_limit: 0 net.inet.ip.fw.verbose: 1 net.inet.ip.fw.debug: 0 net.inet.ip.fw.one_pass: 1 net.inet.ip.fw.autoinc_step: 100 net.inet.ip.fw.enable: 1 net.link.ether.ipfw: 1 net.link.bridge.ipfw: 0 net.link.bridge.ipfw_arp: 0 Thanks, Daniel From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 14:20:04 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 98D3A1065670 for ; Thu, 23 Apr 2009 14:20:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 7D3E08FC1C for ; Thu, 23 Apr 2009 14:20:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n3NEK4O0056213 for ; Thu, 23 Apr 2009 14:20:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n3NEK43v056212; Thu, 23 Apr 2009 14:20:04 GMT (envelope-from gnats) Date: Thu, 23 Apr 2009 14:20:04 GMT Message-Id: <200904231420.n3NEK43v056212@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Mikolaj Golub Cc: Subject: Re: kern/133902: [tun] Killing tun0 iface ssh tunnel causes Panic String: page fault X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Mikolaj Golub List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 14:20:04 -0000 The following reply was made to PR kern/133902; it has been noted by GNATS. From: Mikolaj Golub To: bug-followup@FreeBSD.org Cc: freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org, lsantagostini@gmail.com Subject: Re: kern/133902: [tun] Killing tun0 iface ssh tunnel causes Panic String: page fault Date: Thu, 23 Apr 2009 17:14:02 +0300 I have asked Leonardo to provide more info and backtrace. So here is backtrace: cobra4# kgdb /boot/kernel/kernel.symbols /var/crash/vmcore.0 [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x65656c7b fault code = supervisor write, page not present instruction pointer = 0x20:0xc0786e00 stack pointer = 0x28:0xe958fac4 frame pointer = 0x28:0xe958fac4 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 66873 (ssh) trap number = 12 panic: page fault cpuid = 1 Uptime: 54d11h21m54s Physical memory: 2023 MB Dumping 277 MB: 262 246 230 214 198 182 166 150 134 118 102 86 70 54 38 22 6 #0 doadump () at pcpu.h:195 195 pcpu.h: No such file or directory. in pcpu.h (kgdb) backtrace #0 doadump () at pcpu.h:195 #1 0xc0754457 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409 #2 0xc0754719 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:563 #3 0xc0a4905c in trap_fatal (frame=0xe958fa84, eva=1701145723) at /usr/src/sys/i386/i386/trap.c:899 #4 0xc0a492e0 in trap_pfault (frame=0xe958fa84, usermode=0, eva=1701145723) at /usr/src/sys/i386/i386/trap.c:812 #5 0xc0a49c8c in trap (frame=0xe958fa84) at /usr/src/sys/i386/i386/trap.c:490 #6 0xc0a2fc0b in calltrap () at /usr/src/sys/i386/i386/exception.s:139 #7 0xc0786e00 in clear_selinfo_list (td=0xca3fc840) at /usr/src/sys/kern/sys_generic.c:1065 #8 0xc0788efc in kern_select (td=0xca3fc840, nd=8, fd_in=0x284010b8, fd_ou=0x284010bc, fd_ex=0x0, tvp=0x0) at /usr/src/sys/kern/sys_generic.c:794 #9 0xc07890de in select (td=0xca3fc840, uap=0xe958fcfc) at /usr/src/sys/kern/sys_generic.c:663 #10 0xc0a49635 in syscall (frame=0xe958fd38) at /usr/src/sys/i386/i386/trap.c:1035 #11 0xc0a2fc70 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:196 #12 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) (kgdb) The system panics on ifconfig tun0 destroy This issue is related to kern/116837. Leonardo, you can try the patch attached to that pr. -- Mikolaj Golub From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 14:42:12 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B4FCA1065670; Thu, 23 Apr 2009 14:42:12 +0000 (UTC) (envelope-from to.my.trociny@gmail.com) Received: from mail-ew0-f171.google.com (mail-ew0-f171.google.com [209.85.219.171]) by mx1.freebsd.org (Postfix) with ESMTP id 0A6C48FC1C; Thu, 23 Apr 2009 14:42:11 +0000 (UTC) (envelope-from to.my.trociny@gmail.com) Received: by ewy19 with SMTP id 19so531584ewy.43 for ; Thu, 23 Apr 2009 07:42:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:to:cc:subject:references :organization:from:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=7iZLkvFgcTYvMdgKrNm/TozAX+c+wOT0sT7+fxfZZG0=; b=Pvu0sevLNiAcecW7zumziK9uG+Pt8JzeGWHxOqVJoZbr6DL9hNu7OncK9jgfIqFZuL D8KMCTNL6XpCAkE8d0IGKH7octcAeM6vYei9ghroVhEfmmMN8P7wss4ff+0cEqNFQpYr Yuk9/sKHUzUpRJvSShsLSKIB4IKvmT/ghVAeM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=to:cc:subject:references:organization:from:date:in-reply-to :message-id:user-agent:mime-version:content-type; b=F8Byvf1D7+pFRxnmoUUX/OKyqCE3XumLb8KZOKhx+zXBH2xkQ2fn6aV7Jk8HuF9M50 U6YReEud/URrdh25LNIv/+eo5L6XvvMLXV5H58H5l1Os91H9ktMmBjP7J4+GTAZl+gwJ cyaQ46OmmzS2phYiYcPLkd/edm7PUvBzslfQc= Received: by 10.210.81.10 with SMTP id e10mr1077575ebb.9.1240496044691; Thu, 23 Apr 2009 07:14:04 -0700 (PDT) Received: from localhost (ms.singlescrowd.net [80.85.90.67]) by mx.google.com with ESMTPS id 23sm132114eya.9.2009.04.23.07.14.03 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 23 Apr 2009 07:14:04 -0700 (PDT) To: bug-followup@FreeBSD.org References: <200904220651.n3M6pSW2042168@freefall.freebsd.org> Organization: TOA Ukraine From: Mikolaj Golub Date: Thu, 23 Apr 2009 17:14:02 +0300 In-Reply-To: <200904220651.n3M6pSW2042168@freefall.freebsd.org> (linimon@freebsd.org's message of "Wed\, 22 Apr 2009 06\:51\:28 GMT") Message-ID: <81prf3h2z9.fsf@zhuzha.ua1> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-net@FreeBSD.org, freebsd-bugs@FreeBSD.org, lsantagostini@gmail.com Subject: Re: kern/133902: [tun] Killing tun0 iface ssh tunnel causes Panic String: page fault X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 14:42:13 -0000 I have asked Leonardo to provide more info and backtrace. So here is backtrace: cobra4# kgdb /boot/kernel/kernel.symbols /var/crash/vmcore.0 [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x65656c7b fault code = supervisor write, page not present instruction pointer = 0x20:0xc0786e00 stack pointer = 0x28:0xe958fac4 frame pointer = 0x28:0xe958fac4 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 66873 (ssh) trap number = 12 panic: page fault cpuid = 1 Uptime: 54d11h21m54s Physical memory: 2023 MB Dumping 277 MB: 262 246 230 214 198 182 166 150 134 118 102 86 70 54 38 22 6 #0 doadump () at pcpu.h:195 195 pcpu.h: No such file or directory. in pcpu.h (kgdb) backtrace #0 doadump () at pcpu.h:195 #1 0xc0754457 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409 #2 0xc0754719 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:563 #3 0xc0a4905c in trap_fatal (frame=0xe958fa84, eva=1701145723) at /usr/src/sys/i386/i386/trap.c:899 #4 0xc0a492e0 in trap_pfault (frame=0xe958fa84, usermode=0, eva=1701145723) at /usr/src/sys/i386/i386/trap.c:812 #5 0xc0a49c8c in trap (frame=0xe958fa84) at /usr/src/sys/i386/i386/trap.c:490 #6 0xc0a2fc0b in calltrap () at /usr/src/sys/i386/i386/exception.s:139 #7 0xc0786e00 in clear_selinfo_list (td=0xca3fc840) at /usr/src/sys/kern/sys_generic.c:1065 #8 0xc0788efc in kern_select (td=0xca3fc840, nd=8, fd_in=0x284010b8, fd_ou=0x284010bc, fd_ex=0x0, tvp=0x0) at /usr/src/sys/kern/sys_generic.c:794 #9 0xc07890de in select (td=0xca3fc840, uap=0xe958fcfc) at /usr/src/sys/kern/sys_generic.c:663 #10 0xc0a49635 in syscall (frame=0xe958fd38) at /usr/src/sys/i386/i386/trap.c:1035 #11 0xc0a2fc70 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:196 #12 0x00000033 in ?? () Previous frame inner to this frame (corrupt stack?) (kgdb) The system panics on ifconfig tun0 destroy This issue is related to kern/116837. Leonardo, you can try the patch attached to that pr. -- Mikolaj Golub From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 15:11:35 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 45DDF1065670; Thu, 23 Apr 2009 15:11:35 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from mx00.pub.collaborativefusion.com (mx00.pub.collaborativefusion.com [206.210.89.199]) by mx1.freebsd.org (Postfix) with ESMTP id 1FC338FC14; Thu, 23 Apr 2009 15:11:34 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from vanquish.ws.pitbpa0.priv.collaborativefusion.com (vanquish.ws.pitbpa0.priv.collaborativefusion.com [192.168.2.162]) (SSL: TLSv1/SSLv3,256bits,AES256-SHA) by wingspan with esmtp; Thu, 23 Apr 2009 11:01:25 -0400 id 00056405.0000000049F082C5.000091CE Date: Thu, 23 Apr 2009 11:01:24 -0400 From: Bill Moran To: ddg@yan.com.br Message-Id: <20090423110124.85788142.wmoran@collaborativefusion.com> In-Reply-To: <49F06985.1000303@yan.com.br> References: <49F06985.1000303@yan.com.br> Organization: Collaborative Fusion Inc. X-Mailer: Sylpheed 2.6.0 (GTK+ 2.14.7; i386-portbld-freebsd7.1) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPFW MAX RULES COUNT PERFORMANCE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 15:11:35 -0000 In response to Daniel Dias Gon=E7alves : >=20 > My system is a FreeBSD 7.1R. > When I add rules IPFW COUNT to 254 IPS from my network, one of my=20 > interfaces increases the latency, causing large delays in the network,=20 > when I delete COUNT rules, everything returns to normal, which can be ? Not sure what you mean by the "which can be" part of the question. But the answer, is "of course latency increases". Did you expect that this kind of traffic tracking to be free? It's not on any operating system or other networking device in existence. It takes CPU cycles and memory to do the tracking, and flipping bits in memory takes time. Therefore, your latency will increase when you add 512 counters to your rules. It's the overhead associated with such logging. Of course, you don't mention _how_much_ latency increases. I can only assume that it's to a degree that you find unacceptable. You also don't mention what hardware you're doing this on, but I would expect that on sufficiently beefy hardware the added latency is low enough not to be a problem. However, without those details, I expect that the following answer is the best you're going to get: If you need to so such logging and the latency increase is unacceptable, then get faster hardware to do it on or concoct some method to do it out of band so that the latency doesn't slow down the connections. > My script: >=20 > ipcount.php > -- CUT -- > $c=3D0; > $a=3D50100; > for($x=3D0;$x<=3D0;$x++) { > for($y=3D1;$y<=3D254;$y++) { > $ip =3D "192.168.$x.$y"; > system("/sbin/ipfw -q add $a count { tcp or udp } from=20 > any to $ip/32"); > system("/sbin/ipfw -q add $a count { tcp or udp } from=20 > $ip/32 to any"); > #system("/sbin/ipfw delete $a"); > $c++; > $a++; > } > } > echo "\n\nTotal: $c\n"; > ?> > -- CUT -- >=20 > net.inet.ip.fw.dyn_keepalive: 1 > net.inet.ip.fw.dyn_short_lifetime: 5 > net.inet.ip.fw.dyn_udp_lifetime: 10 > net.inet.ip.fw.dyn_rst_lifetime: 1 > net.inet.ip.fw.dyn_fin_lifetime: 1 > net.inet.ip.fw.dyn_syn_lifetime: 20 > net.inet.ip.fw.dyn_ack_lifetime: 300 > net.inet.ip.fw.static_count: 262 > net.inet.ip.fw.dyn_max: 10000 > net.inet.ip.fw.dyn_count: 0 > net.inet.ip.fw.curr_dyn_buckets: 256 > net.inet.ip.fw.dyn_buckets: 10000 > net.inet.ip.fw.default_rule: 65535 > net.inet.ip.fw.verbose_limit: 0 > net.inet.ip.fw.verbose: 1 > net.inet.ip.fw.debug: 0 > net.inet.ip.fw.one_pass: 1 > net.inet.ip.fw.autoinc_step: 100 > net.inet.ip.fw.enable: 1 > net.link.ether.ipfw: 1 > net.link.bridge.ipfw: 0 > net.link.bridge.ipfw_arp: 0 >=20 > Thanks, >=20 > Daniel > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" --=20 Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/ wmoran@collaborativefusion.com Phone: 412-422-3463x4023 **************************************************************** IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message is not an intended recipient (or the individual responsible for the delivery of this message to an intended recipient), please be advised that any re-use, dissemination, distribution or copying of this message is prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. **************************************************************** From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 17:39:43 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 478541065674 for ; Thu, 23 Apr 2009 17:39:43 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outA.internet-mail-service.net (outa.internet-mail-service.net [216.240.47.224]) by mx1.freebsd.org (Postfix) with ESMTP id 2BC208FC17 for ; Thu, 23 Apr 2009 17:39:42 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 17A501181B6; Thu, 23 Apr 2009 10:39:43 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 278CC2D61A0; Thu, 23 Apr 2009 10:39:42 -0700 (PDT) Message-ID: <49F0A7DD.30206@elischer.org> Date: Thu, 23 Apr 2009 10:39:41 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: ddg@yan.com.br References: <49F06985.1000303@yan.com.br> In-Reply-To: <49F06985.1000303@yan.com.br> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPFW MAX RULES COUNT PERFORMANCE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 17:39:43 -0000 Daniel Dias Gonçalves wrote: > Hi, > > My system is a FreeBSD 7.1R. > When I add rules IPFW COUNT to 254 IPS from my network, one of my > interfaces increases the latency, causing large delays in the network, > when I delete COUNT rules, everything returns to normal, which can be ? > > My script: of course adding 512 rules, *all of which hav eto be evaluated* will add latency. you have several ways to improve this situation. 1/ use a differnet tool. By using the netgraph netflow module you can get accunting information that may be more useful and less impactful. 2/ you could make your rules smarter.. use skipto rules to make the average packet traverse less rules.. off the top of my head.. (not tested..) Assuming you have machines 10.0.0.1-10.0.0.254.... the rules below have an average packet traversing 19 rules and not 256 for teh SYN packet and 2 rules for others.. you may not be able to do the keep state trick if you use state for other stuff but in that case worst case will still be 19 rules. 2 check-state 5 skipto 10000 ip from not 10.0.0.0/24 to any 10 skipto 2020 ip from not 10.0.0.0/25 to any # 0-128 20 skipto 1030 ip from not 10.0.0.0/26 to any # 0-64 30 skipto 240 ip from not 10.0.0.0/27 to any # 0-32 40 skipto 100 ip from not 10.0.0.0/28 to any # 0-16 [16 count rules for 0-15] 80 skipto 10000 ip from any to any 100 [16 count rules for 16-31] keep-state 140 skipto 10000 ip from any to any 240 skipto 300 ip from not 10.0.0.32/28 [16 rules for 32-47] keep-state 280 skipto 10000 ip from any to any 300 [16 count rules for 48-63] keep-state 340 skipto 10000 ip from any to any 1030 skipto 1240 ip from not 10.0.0.64/27 to any 1040 skipto 1100 ip from not 10.0.0.64/28 to any [16 count rules for 64-79] keep-state 1080 skipto 10000 ip from any to any 1100 [16 rules for 80-95] keep-state 1140 skipto 10000 ip from any to any 1240 skipto 1300 ip from not 10.0.0.96/28 to any [16 count rules for 96-111] keep-state 1280 skipto 10000 ip from any to any 1300 [16 rules for 112-127] keep-state 1340 skipto 10000 ip from any to any 2020 skipto 3030 ip from not 10.0.0.128/26 to any 2030 skipto 2240 ip from not 10.0.0.128/28 to any [16 count rules for 128-143] keep-state 2080 skipto 10000 ip from any to any 2100 [16 rules for 144-159] keep-state 2140 skipto 10000 ip from any to any 2240 skipto 2300 ip from not 10.0.0.32/28 to any [16 count rules for 160-175] keep-state 2280 skipto 10000 ip from any to any 2300 [16 count rules for 176-191] keep-state 2340 skipto 10000 ip from any to any 3030 skipto 3240 ip from not 10.0.0.192/27 to any 3040 skipto 3100 ip from not 10.0.0.192/28 to any [16 count rules for 192-207] keep-state 3080 skipto 10000 ip from any to any 3100 [16 rules for 208-223] keep-state 3240 skipto 10000 ip from any to any 3240 skipto 3300 ip from not 10.0.0.224/28 to any [16 count rules for 224-239] keep-state 3280 skipto 10000 ip from any to any 3300 [16 count rules for 240-255] keep-state 3340 skipto 10000 ip from any to any 10000 #other stuff in fact you could improve it further with: 1/ either going down to a netmask of 29 (8 rules per set) or 2/ instead of having count rules make them skipto so you would have: 3300 skipto 10000 ip from 10.0.0.240 to any 3301 skipto 10000 ip from 10.0.0.241 to any 3302 skipto 10000 ip from 10.0.0.242 to any 3303 skipto 10000 ip from 10.0.0.243 to any 3304 skipto 10000 ip from 10.0.0.244 to any 3305 skipto 10000 ip from 10.0.0.245 to any 3306 skipto 10000 ip from 10.0.0.246 to any 3307 skipto 10000 ip from 10.0.0.247 to any 3308 skipto 10000 ip from 10.0.0.248 to any 3309 skipto 10000 ip from 10.0.0.249 to any 3310 skipto 10000 ip from 10.0.0.240 to any 3311 skipto 10000 ip from 10.0.0.241 to any 3312 skipto 10000 ip from 10.0.0.242 to any 3313 skipto 10000 ip from 10.0.0.243 to any 3314 skipto 10000 ip from 10.0.0.244 to any 3315 skipto 10000 ip from 10.0.0.245 to any thus on average, a packet would traverse half the rules (8). 3/ both the above so on average they would traverse 4 rules plus one extra skipto. you should be able to do the above in a script. I'd love to see it.. (you can also do skipto tablearg in -current (maybe 7.2 too) which may also be good.. (or not)) julian From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 19:12:18 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A7403106566B for ; Thu, 23 Apr 2009 19:12:18 +0000 (UTC) (envelope-from emaste@freebsd.org) Received: from maste.org (emaste.tor.istop.com [66.11.182.63]) by mx1.freebsd.org (Postfix) with ESMTP id 6B4E28FC1A for ; Thu, 23 Apr 2009 19:12:18 +0000 (UTC) (envelope-from emaste@freebsd.org) Received: by maste.org (Postfix, from userid 1001) id EB7FD21; Thu, 23 Apr 2009 19:04:08 +0000 (UTC) Date: Thu, 23 Apr 2009 19:04:08 +0000 From: Ed Maste To: Andrew Brampton Message-ID: <20090423190408.GA65895@jem.dhs.org> References: <20090327071742.GA87385@onelab2.iet.unipi.it> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i Cc: attilio@freebsd.org, freebsd-net@freebsd.org, Luigi Rizzo Subject: Re: Interrupts + Polling mode (similar to Linux's NAPI) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 19:12:18 -0000 On Fri, Mar 27, 2009 at 11:05:00AM +0000, Andrew Brampton wrote: > 2009/3/27 Luigi Rizzo : > > The load of polling is pretty low (within 1% or so) even with > > polling. The advantage of having interrupts is faster response > > to incoming traffic, not CPU load. > > oh, I was under the impression that polling spun in a tight loop, thus > using 100% of the processor. After a quick test I see this is not the > case. I assume it will get to 100% CPU load if I saturate my network. Yes, polling has a limit on the maximum CPU time it will use, and also will use less than the limit if there is no traffic. There are a number of sysctls under kern.polling that control its behaviour: * kern.polling.user_frac: Desired user fraction of cpu time This attempts to reserve at least a specified percentage of available CPU time for user processes; polling tries to limit its percentage use to 100 less this value. * kern.polling.burst: Current polling burst size * kern.polling.burst_max: Max Polling burst size * kern.polling.each_burst: Max size of each burst These three control the number of packets that polling processes per call / tick. Packets are processed in batches of each_burst, up to burst packets total per tick. The value of burst is capped at busrt_max. In order to keep the user_frac CPU percentage available for non-polling, a feedback loop is used that controls the value of burst. Each time a bach of packets is processed, burst is incremented or decremented by 1, depending on how much CPU time polling actually used. In addition, if polling extends beyond the next tick it's scaled back to 7/8ths of the current value. Polling was originally implemented as a livelock-avoidance technique for the single-core case -- the primary goal is to guarantee the availability of CPU time specified in user_frac. The current algorithm does not behave that well if user_frac is set low. Setting it low is reasonable if the workload is largely in-kernel (i.e., bridging or routing), or when running SMP. Another downside of the current implementation is that interfaces will be polled multiple times per tick (burst / each_burst times), even if there are no packets to process. At work we've developed a replacement polling algorithm that keeps track of the actual amount of time spent per packet, and uses that as the feedback to control the number of packets in each batch. This work requires a change to the polling KPI: the polling handlers have to return the count of packets actually handled. My hope is to get the KPI change committed in time for 8.0, even if we don't switch the algorithm yet. Attilio (on CC:) and I will make the patch set for the KPI change available shortly for comment. -Ed From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 19:30:04 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 46AEF106566B for ; Thu, 23 Apr 2009 19:30:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 351E58FC1F for ; Thu, 23 Apr 2009 19:30:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n3NJU3r5076401 for ; Thu, 23 Apr 2009 19:30:03 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n3NJU3me076397; Thu, 23 Apr 2009 19:30:03 GMT (envelope-from gnats) Date: Thu, 23 Apr 2009 19:30:03 GMT Message-Id: <200904231930.n3NJU3me076397@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Mikolaj Golub Cc: Subject: Re: kern/132734: panic in net/if_mib.c X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Mikolaj Golub List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 19:30:04 -0000 The following reply was made to PR kern/132734; it has been noted by GNATS. From: Mikolaj Golub To: Alexey Illarionov Cc: bug-followup@FreeBSD.org, Robert Watson Subject: Re: kern/132734: panic in net/if_mib.c Date: Thu, 23 Apr 2009 22:29:36 +0300 SVN rev 191435 on 2009-04-23 18:23:08Z by rwatson Merge r191434 from stable/7 to releng/7.2: In sysctl_ifdata(), query the ifnet pointer using the index only once, rather than querying it, validating it, and then re-querying it without validating it. This may avoid a NULL pointer dereference and resulting kernel page fault if an interface is being deleted while bsnmp or other tools are querying data on the interface. The full fix, to properly refcount the interface for the duration of the sysctl, is in 8.x, but is considered too high-risk for 7.2, so instead will appear in 7.3 (if all goes well). So, Alexey, can you try upgrading to the latest stable/7 or releng/7.2 or apply attached patch to see if this tweak at least eliminates the instant panic? --- if_mib.c (revision 191424) +++ if_mib.c (working copy) @@ -82,11 +82,9 @@ return EINVAL; if (name[0] <= 0 || name[0] > if_index || - ifnet_byindex(name[0]) == NULL) + (ifp = ifnet_byindex(name[0])) == NULL) return ENOENT; - ifp = ifnet_byindex(name[0]); - switch(name[1]) { default: return ENOENT; From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 19:40:02 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4A23106574C for ; Thu, 23 Apr 2009 19:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B1A2A8FC22 for ; Thu, 23 Apr 2009 19:40:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n3NJe2ZE091055 for ; Thu, 23 Apr 2009 19:40:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n3NJe2XU091054; Thu, 23 Apr 2009 19:40:02 GMT (envelope-from gnats) Date: Thu, 23 Apr 2009 19:40:02 GMT Message-Id: <200904231940.n3NJe2XU091054@freefall.freebsd.org> To: freebsd-net@FreeBSD.org From: Robert Watson Cc: Subject: Re: kern/132734: panic in net/if_mib.c X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Robert Watson List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 19:40:05 -0000 The following reply was made to PR kern/132734; it has been noted by GNATS. From: Robert Watson To: Mikolaj Golub Cc: Alexey Illarionov , bug-followup@FreeBSD.org Subject: Re: kern/132734: panic in net/if_mib.c Date: Thu, 23 Apr 2009 20:33:43 +0100 (BST) On Thu, 23 Apr 2009, Mikolaj Golub wrote: > SVN rev 191435 on 2009-04-23 18:23:08Z by rwatson > > Merge r191434 from stable/7 to releng/7.2: > > In sysctl_ifdata(), query the ifnet pointer using the index only > once, rather than querying it, validating it, and then re-querying > it without validating it. This may avoid a NULL pointer > dereference and resulting kernel page fault if an interface is > being deleted while bsnmp or other tools are querying data on the > interface. > > The full fix, to properly refcount the interface for the duration > of the sysctl, is in 8.x, but is considered too high-risk for > 7.2, so instead will appear in 7.3 (if all goes well). > > So, Alexey, can you try upgrading to the latest stable/7 or releng/7.2 or > apply attached patch to see if this tweak at least eliminates the instant > panic? I'll try to get the refcount fix into 7-STABLE in about two weeks, assuming no hitches in the 8.x version. This will close a number of related race conditions, which we've had occasional reports of (and others that we haven't). Robert N M Watson Computer Laboratory University of Cambridge From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 20:45:49 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 27DE010656F7 for ; Thu, 23 Apr 2009 20:45:49 +0000 (UTC) (envelope-from asmrookie@gmail.com) Received: from mail-bw0-f213.google.com (mail-bw0-f213.google.com [209.85.218.213]) by mx1.freebsd.org (Postfix) with ESMTP id 93ADB8FC14 for ; Thu, 23 Apr 2009 20:45:48 +0000 (UTC) (envelope-from asmrookie@gmail.com) Received: by bwz9 with SMTP id 9so744018bwz.43 for ; Thu, 23 Apr 2009 13:45:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=sjonOR5JXZyWLn6IxG+Fn7wqJ4YRB/FMtt5tHXGw3b4=; b=F3inBYt82X05+8QaGKBGjepIyMkFOk7bOUr2XVdFtSRHc3MdnrW3q/T4k4CqZmZmig 02ksobmQLdzRlrUV3y89WKMRf70M70FFhZZ5hdcfs6xzCNSFXvSOc5Ltl8T9ZelYaHaa OA0bVy7C7gm4r2/5/o+JPFhpwxfsUbpvErd8U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=iKwHCqx/wA6A+J+EJidDAKy4815/8vhZstiSPxq/3WdK64S+24Ae8JO/TnQFqL9mqd eFqGGJWyvSrDHz6CK22UC+lBnPLYUPlm3/Ucm/sVmoKNCSIz2AONRRQ018QbPEwgTVjV q0COODFoqaKxbh7O0QjmCuiolmNKXittMnsvk= MIME-Version: 1.0 Sender: asmrookie@gmail.com Received: by 10.223.117.194 with SMTP id s2mr446256faq.83.1240517622560; Thu, 23 Apr 2009 13:13:42 -0700 (PDT) In-Reply-To: <20090423190408.GA65895@jem.dhs.org> References: <20090327071742.GA87385@onelab2.iet.unipi.it> <20090423190408.GA65895@jem.dhs.org> Date: Thu, 23 Apr 2009 22:13:42 +0200 X-Google-Sender-Auth: 8456fb9897301fbf Message-ID: <3bbf2fe10904231313o858b9e9v733564ee4f3d7d40@mail.gmail.com> From: Attilio Rao To: Ed Maste Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-net@freebsd.org, Luigi Rizzo , Andrew Brampton Subject: Re: Interrupts + Polling mode (similar to Linux's NAPI) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 20:45:49 -0000 2009/4/23 Ed Maste : > On Fri, Mar 27, 2009 at 11:05:00AM +0000, Andrew Brampton wrote: > >> 2009/3/27 Luigi Rizzo : >> > The load of polling is pretty low (within 1% or so) even with >> > polling. The advantage of having interrupts is faster response >> > to incoming traffic, not CPU load. >> >> oh, I was under the impression that polling spun in a tight loop, thus >> using 100% of the processor. After a quick test I see this is not the >> case. I assume it will get to 100% CPU load if I saturate my network. > > Yes, polling has a limit on the maximum CPU time it will use, and also > will use less than the limit if there is no traffic. > > There are a number of sysctls under kern.polling that control its > behaviour: > > * kern.polling.user_frac: Desired user fraction of cpu time > > This attempts to reserve at least a specified percentage of available > CPU time for user processes; polling tries to limit its percentage use > to 100 less this value. > > * kern.polling.burst: Current polling burst size > * kern.polling.burst_max: Max Polling burst size > * kern.polling.each_burst: Max size of each burst > > These three control the number of packets that polling processes per > call / tick. =C2=A0Packets are processed in batches of each_burst, up to > burst packets total per tick. =C2=A0The value of burst is capped at > busrt_max. > > In order to keep the user_frac CPU percentage available for non-polling, > a feedback loop is used that controls the value of burst. =C2=A0Each time= a > bach of packets is processed, burst is incremented or decremented by 1, > depending on how much CPU time polling actually used. =C2=A0In addition, = if > polling extends beyond the next tick it's scaled back to 7/8ths of the > current value. > > Polling was originally implemented as a livelock-avoidance technique > for the single-core case -- the primary goal is to guarantee the > availability of CPU time specified in user_frac. =C2=A0The current algori= thm > does not behave that well if user_frac is set low. =C2=A0Setting it low i= s > reasonable if the workload is largely in-kernel (i.e., bridging or > routing), or when running SMP. > > Another downside of the current implementation is that interfaces will > be polled multiple times per tick (burst / each_burst times), even if > there are no packets to process. > > At work we've developed a replacement polling algorithm that keeps track > of the actual amount of time spent per packet, and uses that as the > feedback to control the number of packets in each batch. > > This work requires a change to the polling KPI: the polling handlers > have to return the count of packets actually handled. =C2=A0My hope is to= get > the KPI change committed in time for 8.0, even if we don't switch the > algorithm yet. =C2=A0Attilio (on CC:) and I will make the patch set for t= he > KPI change available shortly for comment. This is the KPI breakage patch: http://people.freebsd.org/~attilio/Sandvine/polling/polling_kpi.diff Thanks, Attilio --=20 Peace can only be achieved by understanding - A. Einstein From owner-freebsd-net@FreeBSD.ORG Thu Apr 23 21:14:30 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5B3CE106564A for ; Thu, 23 Apr 2009 21:14:30 +0000 (UTC) (envelope-from simon@nitro.dk) Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.freebsd.org (Postfix) with ESMTP id 1869F8FC2C for ; Thu, 23 Apr 2009 21:14:30 +0000 (UTC) (envelope-from simon@nitro.dk) Received: from arthur.nitro.dk (arthur.bofh [192.168.2.3]) by mx.nitro.dk (Postfix) with ESMTP id 4CD9F2D4A42; Thu, 23 Apr 2009 21:14:29 +0000 (UTC) Received: by arthur.nitro.dk (Postfix, from userid 1000) id 411095C15; Thu, 23 Apr 2009 23:14:29 +0200 (CEST) Date: Thu, 23 Apr 2009 23:14:29 +0200 From: "Simon L. Nielsen" To: Will Andrews Message-ID: <20090423211428.GB1104@arthur.nitro.dk> References: <2aada3410904212216o128e1fdfx8c299b3531adc694@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2aada3410904212216o128e1fdfx8c299b3531adc694@mail.gmail.com> User-Agent: Mutt/1.5.19 (2009-01-05) Cc: freebsd-net@freebsd.org Subject: Re: CARP as a module; followup thoughts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2009 21:14:30 -0000 On 2009.04.21 23:16:58 -0600, Will Andrews wrote: > Hello, > > I've written a patch (against 8.0-CURRENT as of r191369) which makes > it possible to build, load, run, & unload CARP as a module, using the > GENERIC kernel. It can be obtained from: > > http://firepipe.net/patches/carp-as-module-20090421.diff I don't have any comments on the specific patch, but with my FreeBSD end-user hat, being able to have CARP in GENERIC would be really great. This would allow me to update my systems which use CARP with freebsd-update without manually compiling a kernel. So if the patch doesn't penalize the non-CARP case much, I think it would be great to have this functionality for now, even if it's not the way to go in the long run. -- Simon L. Nielsen From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 01:10:21 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8D43E10656A6 for ; Fri, 24 Apr 2009 01:10:21 +0000 (UTC) (envelope-from geetika@sm3.virtual.vps-host.net) Received: from sm3.virtual.vps-host.net (sm3.virtual.vps-host.net [69.89.15.5]) by mx1.freebsd.org (Postfix) with ESMTP id 2A54D8FC13 for ; Fri, 24 Apr 2009 01:10:20 +0000 (UTC) (envelope-from geetika@sm3.virtual.vps-host.net) Received-SPF: pass (sm3.virtual.vps-host.net: domain of geetika@sm3.virtual.vps-host.net designates 127.0.0.1 as permitted sender) receiver=sm3.virtual.vps-host.net; client-ip=127.0.0.1; helo=sm3.virtual.vps-host.net; envelope-from=geetika@sm3.virtual.vps-host.net; x-software=spfmilter 0.97 http://www.acme.com/software/spfmilter/ with libspf2-1.0.0; Received: from sm3.virtual.vps-host.net (localhost.localdomain [127.0.0.1]) by sm3.virtual.vps-host.net (8.14.2/8.14.2) with ESMTP id n3O0TTCA013955 for ; Thu, 23 Apr 2009 20:29:29 -0400 Received: (from webadmin@localhost) by sm3.virtual.vps-host.net (8.14.2/8.14.2/Submit) id n3O0TJuU013855; Thu, 23 Apr 2009 20:29:19 -0400 X-Authentication-Warning: sm3.virtual.vps-host.net: webadmin set sender to geetika@sm3.virtual.vps-host.net using -f To: "John" Date: Thu, 23 Apr 2009 13:43:44 -0400 From: "geetika" Message-ID: <4e5bd80354720170456efd4320ea57bc@sm3.virtual.vps-host.net> MIME-Version: 1.0 X-Mailer-LID: 9 X-Mailer-SID: 63 X-Mailer-Sent-By: 1 Content-Type: multipart/related; type="multipart/alternative"; charset="ISO-8859-1"; boundary="b1_4e5bd80354720170456efd4320ea57bc" Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Hi John X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: geetika@sm3.virtual.vps-host.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 01:10:21 -0000 --b1_4e5bd80354720170456efd4320ea57bc Content-Transfer-Encoding: 7bit MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Hi John, Just wanted you to know that yesterday I joined Socialmoto. Actually I keep on travelling and thus like making friends from different places so that i can know more about places and I can feel comfortable on unknown places because of known friends, but it gonna be with some gud people, my friend she gave me your email id .John you gottaa join me now and come online , I am online during office hours,and i have lots of spare time nowadays, kidding hehe :) . To join simply come here. [1]http://www.socialmoto.com/signup.php?inviteby=geetikai When you come here ping me, i will be online if by any sence i am not there. Thanks, Geetikai. ---------------------------------------------------------------------- -------------------------------------------- I have attached my details . My profile: [2]http://www.socialmoto.com/geetikai My album: [3]http://www.socialmoto.com/album.php?user=geetikai&album_id=2889 My group: [4]http://www.socialmoto.com/group.php?group_id=829 References Visible links 1. http://www.socialmoto.com/signup.php?inviteby=geetikai 2. http://www.socialmoto.com/geetikai 3. http://www.socialmoto.com/album.php?user=geetikai&album_id=2889 4. http://www.socialmoto.com/group.php?group_id=829 Hidden links: 5. http://www.socialmoto.com/sowmyas 6. http://www.socialmoto.com/group.php?group_id=520 --b1_4e5bd80354720170456efd4320ea57bc-- From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 01:29:12 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 031751065670 for ; Fri, 24 Apr 2009 01:29:12 +0000 (UTC) (envelope-from nslay@comcast.net) Received: from QMTA05.westchester.pa.mail.comcast.net (qmta05.westchester.pa.mail.comcast.net [76.96.62.48]) by mx1.freebsd.org (Postfix) with ESMTP id A94898FC0C for ; Fri, 24 Apr 2009 01:29:11 +0000 (UTC) (envelope-from nslay@comcast.net) Received: from OMTA10.westchester.pa.mail.comcast.net ([76.96.62.28]) by QMTA05.westchester.pa.mail.comcast.net with comcast id ixug1b0070cZkys55DFUqZ; Fri, 24 Apr 2009 01:15:28 +0000 Received: from LIGHTBULB.LOCAL ([68.35.224.189]) by OMTA10.westchester.pa.mail.comcast.net with comcast id jDFv1b00a45o48c3WDFwtf; Fri, 24 Apr 2009 01:15:56 +0000 Message-ID: <49F1128A.3080501@comcast.net> Date: Thu, 23 Apr 2009 21:14:50 -0400 From: Nathan Lay User-Agent: Thunderbird 2.0.0.21 (X11/20090406) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 01:29:12 -0000 I started playing with IPv6 on my home network with the intent to transition over. While many things work quite well, IPv6 technology in general still seems to have some rough edges. In terms of FreeBSD support, rtadvd and rtsol do not yet support (easily? -O option in rtadvd/rtsold) RFC5006 (Router Advertisements Option for DNS Configuration) which make it inconvenient to use mobile devices (like laptops) on an IPv6 network. I haven't had much luck with net/radvd. Is this something that could be improved? I'd be willing to implement this support, but I have very little time to spare (writing thesis). To be backward compatible with IPv4, I had a look at faith and faithd and while these tools are ingenius, I don't think they are good enough for transitioning to IPv6. I imagine it is possible to write an IPv6->IPv4 NAT daemon that uses faith to capture and restructure IPv6/IPv4 packets. Though, it really seems like this is the firewall's job A pf rule like: nat on $inet4_if inet to any from $lan_if:network6 -> ($inet4_if) would be extremely convenient. I'm aware pf doesn't support the token :network6 ... its just a wishful example. The IPv6 mapped IPv4 addresses would be the standard ::ffff:0:0/96 prefix. I imagine that this is very difficult to implement but I don't see why it wouldn't be possible. If a firewall supported this kind of NAT, a home network could easily deploy IPv6 and be backward compatible. Well, not quite, I guess BIND would have to serve IPv6 mapped IPv4 addresses to IPv6 queries. Oh yeah, one annoyance on 7-STABLE, it seems like pf is started before IPv6 rc.conf options are processed (including IPv6 address assignment) breaking inet6 rules that involve $if:network. Comments? Other than that, this has been one hell of a fun experience. Best Regards, Nathan Lay From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 04:04:52 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DA3DF1065673; Fri, 24 Apr 2009 04:04:52 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: from mail-fx0-f162.google.com (mail-fx0-f162.google.com [209.85.220.162]) by mx1.freebsd.org (Postfix) with ESMTP id 42A9C8FC14; Fri, 24 Apr 2009 04:04:52 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: by fxm6 with SMTP id 6so540727fxm.43 for ; Thu, 23 Apr 2009 21:04:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=KMh9Mumrv9cafBmMrcgtvhov+uFGseWohcB6roqdXSc=; b=bbPKSKMP0h/uSJ9fVtZb96VGbdwqtXx32QD6UmnwkyfIbx1sgYGMMMGs5wNjoIunwV po0Sto811yIAE9qZuD47vylAJ/YqAQdawiN6BNTUy7wfiEtVikiPQ9chhM8cnuQIXz2l 5592hiVxZ2zIE6CyUhlSo8YlxMyLAksNtgFpg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=EgfTDdX4x0Qzo/vJRh64NaJc49N7MTkyT668GTQegTVAs27VoVDdem+tSZsixiqzj+ 6hblE8Viyb+lUUDWKS3Z3DCF08eX5Pk7EZ1GOzsanXnZregFsHb1q+OBOWOniOwOr8ij 0AhzjyTTNLlAYyMfylUglqn+fpqnLYqi+qAdU= MIME-Version: 1.0 Received: by 10.103.93.18 with SMTP id v18mr1010317mul.111.1240545891383; Thu, 23 Apr 2009 21:04:51 -0700 (PDT) In-Reply-To: References: Date: Fri, 24 Apr 2009 08:04:51 +0400 Message-ID: From: pluknet To: Robert Watson Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD Net Subject: Re: panic in soabort X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 04:04:53 -0000 2009/4/23 Robert Watson : > On Thu, 23 Apr 2009, pluknet wrote: > >> Please, give me comment on this. The panic is on 6.2-REL. Is it known to >> be fixed in the latter releases? > > It may well be -- there have been quite significant architectural > improvements to socket life cycle (etc) between 6.2 and 7.x releases, which > may well close the race causing this panic. However, we'll probably need to > learn a bit more in order to decide for sure. Could you convert the > trapping instruction pointer to file+offset in the source code? Looks I've lost the corresponding kernel.debug. Anyway I have such bt the first time. -- wbr, pluknet From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 13:57:12 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDB2D1065673 for ; Fri, 24 Apr 2009 13:57:12 +0000 (UTC) (envelope-from steve@ibctech.ca) Received: from ibctech.ca (unknown [IPv6:2607:f118::b6]) by mx1.freebsd.org (Postfix) with SMTP id B013A8FC13 for ; Fri, 24 Apr 2009 13:57:12 +0000 (UTC) (envelope-from steve@ibctech.ca) Received: (qmail 42892 invoked by uid 89); 24 Apr 2009 13:57:17 -0000 Received: from unknown (HELO ?IPv6:2607:f118::5?) (steve@ibctech.ca@2607:f118::5) by 2607:f118::b6 with ESMTPA; 24 Apr 2009 13:57:17 -0000 Message-ID: <49F1C53F.5040202@ibctech.ca> Date: Fri, 24 Apr 2009 09:57:19 -0400 From: Steve Bertrand User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: Nathan Lay References: <49F1128A.3080501@comcast.net> In-Reply-To: <49F1128A.3080501@comcast.net> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 13:57:13 -0000 Nathan Lay wrote: > I started playing with IPv6 on my home network with the intent to > transition over. While many things work quite well, IPv6 technology in > general still seems to have some rough edges. I disagree. I believe the "rough edges" do not belong to IPv6, the "rough edges" are the applications that are not compatible, the network devices that are not compatible, and the ISP's who have the mindset that they will never need IPv6, and refuse to look at it. > To be backward compatible with IPv4, I had a look at faith and faithd > and while these tools are ingenius, I don't think they are good enough > for transitioning to IPv6. I imagine it is possible to write an > IPv6->IPv4 NAT daemon that uses faith to capture and restructure > IPv6/IPv4 packets. Though, it really seems like this is the firewall's job > > A pf rule like: > > nat on $inet4_if inet to any from $lan_if:network6 -> ($inet4_if) > > would be extremely convenient. I'm aware pf doesn't support the token > :network6 ... its just a wishful example. The IPv6 mapped IPv4 > addresses would be the standard ::ffff:0:0/96 prefix. I imagine that > this is very difficult to implement but I don't see why it wouldn't be > possible. If a firewall supported this kind of NAT, a home network > could easily deploy IPv6 and be backward compatible. Well, not quite, I > guess BIND would have to serve IPv6 mapped IPv4 addresses to IPv6 queries. My hope is that I never have to deal with anything where IPv6 and NAT are in the same sentence :) > Comments? - ask your ISP about their IPv6 deployment plans, and how soon they can provide it to you - get a tunnel set up to a tunnel broker (sixxs.net, he.net etc) - ask your ISP how soon they can provide it to you - play, play play > Other than that, this has been one hell of a fun experience. A tad bit different, huh ;) Steve From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 14:30:08 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D976106566C for ; Fri, 24 Apr 2009 14:30:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [195.88.108.3]) by mx1.freebsd.org (Postfix) with ESMTP id ECBC08FC14 for ; Fri, 24 Apr 2009 14:30:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id B050541C707; Fri, 24 Apr 2009 16:30:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([195.88.108.3]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id HIt7YinKWrfP; Fri, 24 Apr 2009 16:30:06 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id 339A841C6FC; Fri, 24 Apr 2009 16:30:06 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id AACD14448E6; Fri, 24 Apr 2009 14:27:06 +0000 (UTC) Date: Fri, 24 Apr 2009 14:27:06 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Nathan Lay In-Reply-To: <49F1128A.3080501@comcast.net> Message-ID: <20090424142149.A15361@maildrop.int.zabbadoz.net> References: <49F1128A.3080501@comcast.net> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 14:30:08 -0000 On Thu, 23 Apr 2009, Nathan Lay wrote: > In terms of FreeBSD support, rtadvd and rtsol do not yet support (easily? -O > option in rtadvd/rtsold) RFC5006 (Router Advertisements Option for DNS > Configuration) which make it inconvenient to use mobile devices (like We'll happily accept a patch;-) > Oh yeah, one annoyance on 7-STABLE, it seems like pf is started before IPv6 > rc.conf options are processed (including IPv6 address assignment) breaking See http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/130381 -- Bjoern A. Zeeb The greatest risk is not taking one. From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 15:03:54 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DEDCC1065675 for ; Fri, 24 Apr 2009 15:03:53 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63906.mail.re1.yahoo.com (web63906.mail.re1.yahoo.com [69.147.97.121]) by mx1.freebsd.org (Postfix) with SMTP id 87E608FC24 for ; Fri, 24 Apr 2009 15:03:53 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 50535 invoked by uid 60001); 24 Apr 2009 15:03:53 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1240585433; bh=F6Y0wjLJTCIhq1fPP2WM9Ci58GgtY6rNLU2Z9snS+/c=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=rPYRwf2QDgp8tEFGJKhUGaIze5aYJB3t5W3FC2esGKk2XSx1kpGKE/95ItQX8aKya1CSbDCCdNStmtF2rJsYyy+yormV/VTnt7slCg8FqCRfue6eUVfxteYLG62NwuJqJLqgxJhgiaRZnWLTWdgLBDNyko3ImUuPu7L1noXx2+A= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=prwa61m9AiR7wJzUiU6HsRlDBelX7AbEkXritm7mXiKWcInBUSu7aFCBv7q+rDvudvuqSbaB8hnOWVVEysKmAg0eQrv2g+hPiNrTFTzmaMTf66T89B1HogAtHbYsKgSQMNDdyqY2S/GKeqRyywErucltIB8JCqtvuZHZVe4B3nA=; Message-ID: <41289.49790.qm@web63906.mail.re1.yahoo.com> X-YMail-OSG: aCZDxfoVM1lm_fkDF0uhxTPO7G8pvNtEtDmNJF2pLfSHbGvWcTHK_kUMLmFUJnkQ7rlz.Pbz7X8cIJWjsfMdnwophLw5SbRcRdFS4we4mA7_TyhbktNlXb9cqsZM55tW8G6UQYUi67JrPK8l3M04nz5souvXEkaX0To3yx3p2vi_t8SEMPKKQ1B4KXjUbFxHTzU81uRr2SvFHlOGcsS3leQVBsu62n5Q9xeIkS1Oipr15JczVL_pRUuB6IOZjhz3.PBOIF1hBVh0duklBwBNesyJ5KKqY1bEvE4QPJ9bR3S_8EQF5hVKCJvBI_wiYMviFFpjaQhIsyU- Received: from [98.242.223.106] by web63906.mail.re1.yahoo.com via HTTP; Fri, 24 Apr 2009 08:03:52 PDT X-Mailer: YahooMailWebService/0.7.289.1 Date: Fri, 24 Apr 2009 08:03:52 -0700 (PDT) From: Barney Cordoba To: Andrew Brampton , Ed Maste In-Reply-To: <20090423190408.GA65895@jem.dhs.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: attilio@freebsd.org, freebsd-net@freebsd.org, Luigi Rizzo Subject: Re: Interrupts + Polling mode (similar to Linux's NAPI) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: barney_cordoba@yahoo.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 15:03:54 -0000 --- On Thu, 4/23/09, Ed Maste wrote: > From: Ed Maste > Subject: Re: Interrupts + Polling mode (similar to Linux's NAPI) > To: "Andrew Brampton" > Cc: attilio@freebsd.org, freebsd-net@freebsd.org, "Luigi Rizzo" > Date: Thursday, April 23, 2009, 3:04 PM > On Fri, Mar 27, 2009 at 11:05:00AM +0000, Andrew Brampton > wrote: > > > 2009/3/27 Luigi Rizzo : > > > The load of polling is pretty low (within 1% or > so) even with > > > polling. The advantage of having interrupts is > faster response > > > to incoming traffic, not CPU load. > > > > oh, I was under the impression that polling spun in a > tight loop, thus > > using 100% of the processor. After a quick test I see > this is not the > > case. I assume it will get to 100% CPU load if I > saturate my network. > > Yes, polling has a limit on the maximum CPU time it will > use, and also > will use less than the limit if there is no traffic. > > There are a number of sysctls under kern.polling that > control its > behaviour: > > * kern.polling.user_frac: Desired user fraction of cpu time > > This attempts to reserve at least a specified percentage of > available > CPU time for user processes; polling tries to limit its > percentage use > to 100 less this value. > > * kern.polling.burst: Current polling burst size > * kern.polling.burst_max: Max Polling burst size > * kern.polling.each_burst: Max size of each burst > > These three control the number of packets that polling > processes per > call / tick. Packets are processed in batches of > each_burst, up to > burst packets total per tick. The value of burst is capped > at > busrt_max. > > In order to keep the user_frac CPU percentage available for > non-polling, > a feedback loop is used that controls the value of burst. > Each time a > bach of packets is processed, burst is incremented or > decremented by 1, > depending on how much CPU time polling actually used. In > addition, if > polling extends beyond the next tick it's scaled back > to 7/8ths of the > current value. > > Polling was originally implemented as a livelock-avoidance > technique > for the single-core case -- the primary goal is to > guarantee the > availability of CPU time specified in user_frac. The > current algorithm > does not behave that well if user_frac is set low. Setting > it low is > reasonable if the workload is largely in-kernel (i.e., > bridging or > routing), or when running SMP. > > Another downside of the current implementation is that > interfaces will > be polled multiple times per tick (burst / each_burst > times), even if > there are no packets to process. > > At work we've developed a replacement polling algorithm > that keeps track > of the actual amount of time spent per packet, and uses > that as the > feedback to control the number of packets in each batch. > > This work requires a change to the polling KPI: the polling > handlers > have to return the count of packets actually handled. My > hope is to get > the KPI change committed in time for 8.0, even if we > don't switch the > algorithm yet. Attilio (on CC:) and I will make the patch > set for the > KPI change available shortly for comment. > > > -Ed Actually, the "advantage of using interrupts" is to have a per NIC control without having all of the extra code to implement polling. Using variable interrupt moderation is much more desirable and efficient, so polling is only useful for legacy NICs with no controls on interrupt delays. Polling requires that you adulterate the system with the polling function, that you call routines when there is nothing to process, and uses many cpu cycles doing unnecessary things. What happens when you have 4 NICs with different levels of traffic? You'd be better off launching a thread and polling yourself than having a system-wide function with generalized settings. Barney From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 15:35:05 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 785E1106566B for ; Fri, 24 Apr 2009 15:35:05 +0000 (UTC) (envelope-from ddg@yan.com.br) Received: from mail.mastercabo.com.br (mail.mastercabo.com.br [189.91.0.40]) by mx1.freebsd.org (Postfix) with SMTP id BFE338FC12 for ; Fri, 24 Apr 2009 15:35:04 +0000 (UTC) (envelope-from ddg@yan.com.br) Received: (qmail 14367 invoked by uid 1008); 24 Apr 2009 15:35:03 -0000 X-Spam-Checker-Version: SpamAssassin 3.2.5-unknown (2008-06-10) on srvmail1 X-Spam-Level: X-Spam-Status: No, score=-0.4 required=4.8 tests=AWL,BAYES_00,RDNS_NONE autolearn=no version=3.2.5-unknown Received: from unknown (HELO ?10.0.1.10?) (daniel@dgnetwork.com.br@200.243.216.68) by mail.mastercabo.com.br with SMTP; 24 Apr 2009 15:35:02 -0000 Message-ID: <49F1DBAE.1080205@yan.com.br> Date: Fri, 24 Apr 2009 12:33:02 -0300 From: =?ISO-8859-1?Q?Daniel_Dias_Gon=E7alves?= User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: Julian Elischer References: <49F06985.1000303@yan.com.br> <49F0A7DD.30206@elischer.org> In-Reply-To: <49F0A7DD.30206@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPFW MAX RULES COUNT PERFORMANCE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ddg@yan.com.br List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 15:35:05 -0000 Very good thinking, congratulations, but my need is another. The objective is a Captive Porrtal that each authentication is dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm testing is what is the maximum capacity of rules supported, therefore simultaneous user. Understand ? Thanks, Daniel Julian Elischer escreveu: > Daniel Dias Gonçalves wrote: >> Hi, >> >> My system is a FreeBSD 7.1R. >> When I add rules IPFW COUNT to 254 IPS from my network, one of my >> interfaces increases the latency, causing large delays in the >> network, when I delete COUNT rules, everything returns to normal, >> which can be ? >> >> My script: > > of course adding 512 rules, *all of which hav eto be evaluated* will > add latency. > > you have several ways to improve this situation. > > 1/ use a differnet tool. > By using the netgraph netflow module you can get > accunting information that may be more useful and less impactful. > > 2/ you could make your rules smarter.. > > use skipto rules to make the average packet traverse less rules.. > > off the top of my head.. (not tested..) > > Assuming you have machines 10.0.0.1-10.0.0.254.... > the rules below have an average packet traversing 19 rules and not 256 > for teh SYN packet and 2 rules for others.. > you may not be able to do the keep state trick if you use state for > other stuff but in that case worst case will still be 19 rules. > > 2 check-state > 5 skipto 10000 ip from not 10.0.0.0/24 to any > 10 skipto 2020 ip from not 10.0.0.0/25 to any # 0-128 > 20 skipto 1030 ip from not 10.0.0.0/26 to any # 0-64 > 30 skipto 240 ip from not 10.0.0.0/27 to any # 0-32 > 40 skipto 100 ip from not 10.0.0.0/28 to any # 0-16 > [16 count rules for 0-15] > 80 skipto 10000 ip from any to any > 100 [16 count rules for 16-31] keep-state > 140 skipto 10000 ip from any to any > 240 skipto 300 ip from not 10.0.0.32/28 > [16 rules for 32-47] keep-state > 280 skipto 10000 ip from any to any > 300 [16 count rules for 48-63] keep-state > 340 skipto 10000 ip from any to any > 1030 skipto 1240 ip from not 10.0.0.64/27 to any > 1040 skipto 1100 ip from not 10.0.0.64/28 to any > [16 count rules for 64-79] keep-state > 1080 skipto 10000 ip from any to any > 1100 [16 rules for 80-95] keep-state > 1140 skipto 10000 ip from any to any > 1240 skipto 1300 ip from not 10.0.0.96/28 to any > [16 count rules for 96-111] keep-state > 1280 skipto 10000 ip from any to any > 1300 [16 rules for 112-127] keep-state > 1340 skipto 10000 ip from any to any > 2020 skipto 3030 ip from not 10.0.0.128/26 to any > 2030 skipto 2240 ip from not 10.0.0.128/28 to any > [16 count rules for 128-143] keep-state > 2080 skipto 10000 ip from any to any > 2100 [16 rules for 144-159] keep-state > 2140 skipto 10000 ip from any to any > 2240 skipto 2300 ip from not 10.0.0.32/28 to any > [16 count rules for 160-175] keep-state > 2280 skipto 10000 ip from any to any > 2300 [16 count rules for 176-191] keep-state > 2340 skipto 10000 ip from any to any > 3030 skipto 3240 ip from not 10.0.0.192/27 to any > 3040 skipto 3100 ip from not 10.0.0.192/28 to any > [16 count rules for 192-207] keep-state > 3080 skipto 10000 ip from any to any > 3100 [16 rules for 208-223] keep-state > 3240 skipto 10000 ip from any to any > 3240 skipto 3300 ip from not 10.0.0.224/28 to any > [16 count rules for 224-239] keep-state > 3280 skipto 10000 ip from any to any > 3300 [16 count rules for 240-255] keep-state > 3340 skipto 10000 ip from any to any > > 10000 #other stuff > > in fact you could improve it further with: > 1/ either going down to a netmask of 29 (8 rules per set) > or > 2/ instead of having count rules make them skipto > so you would have: > 3300 skipto 10000 ip from 10.0.0.240 to any > 3301 skipto 10000 ip from 10.0.0.241 to any > 3302 skipto 10000 ip from 10.0.0.242 to any > 3303 skipto 10000 ip from 10.0.0.243 to any > 3304 skipto 10000 ip from 10.0.0.244 to any > 3305 skipto 10000 ip from 10.0.0.245 to any > 3306 skipto 10000 ip from 10.0.0.246 to any > 3307 skipto 10000 ip from 10.0.0.247 to any > 3308 skipto 10000 ip from 10.0.0.248 to any > 3309 skipto 10000 ip from 10.0.0.249 to any > 3310 skipto 10000 ip from 10.0.0.240 to any > 3311 skipto 10000 ip from 10.0.0.241 to any > 3312 skipto 10000 ip from 10.0.0.242 to any > 3313 skipto 10000 ip from 10.0.0.243 to any > 3314 skipto 10000 ip from 10.0.0.244 to any > 3315 skipto 10000 ip from 10.0.0.245 to any > > thus on average, a packet would traverse half the rules (8). > > 3/ both the above so on average they would traverse 4 rules plus one > extra skipto. > > you should be able to do the above in a script. > I'd love to see it.. > > (you can also do skipto tablearg in -current (maybe 7.2 too) > which may also be good.. (or not)) > > > julian > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 15:38:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A7EA21065688 for ; Fri, 24 Apr 2009 15:38:13 +0000 (UTC) (envelope-from bob@veznat.com) Received: from mail.ttora.com (mail.ttora.com [208.75.243.236]) by mx1.freebsd.org (Postfix) with ESMTP id 69D358FC1F for ; Fri, 24 Apr 2009 15:38:13 +0000 (UTC) (envelope-from bob@veznat.com) DomainKey-Signature: s=two; d=veznat.com; c=nofws; q=dns; h=X-MID:X-IronPort-AV:X-IronPort-AV:Received:User-Agent: Date:Subject:From:To:Message-ID:Thread-Topic:Thread-Index: In-Reply-To:Mime-version:Content-type: Content-transfer-encoding; b=EqqlzHc+/DRuUNR2xKM83PveOtKJ6VEGlIGNTDQpv7U41ugeBURkeR3b 3rJaIiO3Vnq7AG79OEjZbqSw21WWJ1o3jkHphbK8/1KJHYM61HJ4P2lrB nNHYtIBeWKjH27spyCjgp8RS5Z0ugE6m+DTHuqjnLaVP9HctkIW7Y4oMc 0=; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=veznat.com; i=bob@veznat.com; q=dns/txt; s=one; t=1240587493; x=1272123493; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Bob=20Van=20Zant=20|Subject:=20R e:=20IPv6=20Ideas|Date:=20Fri,=2024=20Apr=202009=2008:09: 18=20-0700|Message-ID:=20 |To:=20|Mime-version:=201.0 |Content-transfer-encoding:=207bit|In-Reply-To:=20<200904 24120022.DE524106568C@hub.freebsd.org>; bh=xluhHGVBn205ixxxTnpD80poGF8z6y0JuwfBbixl04w=; b=lT0fMCG7Qwjy8veSBWABJGcaNyJTYzqnQPDW1cVfUxJz2F4NqynvD3CU UKdNn0LRD69i4Gck2i6jTrbAsSsKwunyTFPBgYQ11At7aesPyjsk3hv3U t4RSlMnS+mQg3zCPoTpdmFOKOW+ReF0v904bUb22u+p/7J44AEQL9h46+ Q=; X-MID: 823627 X-IronPort-AV: E=McAfee;i="5300,2777,5594"; a="823627" X-IronPort-AV: E=Sophos;i="4.40,242,1239001200"; d="scan'208";a="823627" Received: from unknown (HELO [192.168.1.172]) ([24.5.4.92]) by mail.ttora.com with ESMTP/TLS/DES-CBC3-SHA; 24 Apr 2009 08:09:20 -0700 User-Agent: Microsoft-Entourage/12.15.0.081119 Date: Fri, 24 Apr 2009 08:09:18 -0700 From: Bob Van Zant To: Message-ID: Thread-Topic: IPv6 Ideas Thread-Index: AcnE7qNvVK69Y7GgZEaoUE918kAnbw== In-Reply-To: <20090424120022.DE524106568C@hub.freebsd.org> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 15:38:14 -0000 I was in a similar position to you not that long ago. I got my LAN all dual stack and was a happy camper. I wanted 100% IPv6 and never to see another RFC 1918 address on my network again. Unfortunately it's just not practical. My ReadyNAS doesn't talk v6. My mac doesn't appear to like v6 for the file transfer protocols it supports. My iPhone doesn't do v6. The applications just aren't ready to live in a v6-only world. I suggest leaning on your vendors whenever you can so that they no longer can say "no one is asking for it." A boring, un-bumped thread asking for IPv6 support in the iPhone: http://discussions.apple.com/thread.jspa?threadID=1960260&tstart=0 Getting back to your question. It is my understanding that this IVI proposal is the most likely to become an officially adopted standard: http://tools.ietf.org/html/draft-xli-behave-ivi-01 That's being done as part of the behave working group: http://www.ietf.org/html.charters/behave-charter.html If anyone were to begin working on something like this this they'd probably want to think about following that proposal. I too am interested in working on this. Just haven't sat down to really start thinking about it yet. -Bob Message: 14 Date: Thu, 23 Apr 2009 21:14:50 -0400 From: Nathan Lay Subject: IPv6 Ideas To: freebsd-net@freebsd.org Message-ID: <49F1128A.3080501@comcast.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed I started playing with IPv6 on my home network with the intent to transition over. While many things work quite well, IPv6 technology in general still seems to have some rough edges. In terms of FreeBSD support, rtadvd and rtsol do not yet support (easily? -O option in rtadvd/rtsold) RFC5006 (Router Advertisements Option for DNS Configuration) which make it inconvenient to use mobile devices (like laptops) on an IPv6 network. I haven't had much luck with net/radvd. Is this something that could be improved? I'd be willing to implement this support, but I have very little time to spare (writing thesis). To be backward compatible with IPv4, I had a look at faith and faithd and while these tools are ingenius, I don't think they are good enough for transitioning to IPv6. I imagine it is possible to write an IPv6->IPv4 NAT daemon that uses faith to capture and restructure IPv6/IPv4 packets. Though, it really seems like this is the firewall's job A pf rule like: nat on $inet4_if inet to any from $lan_if:network6 -> ($inet4_if) would be extremely convenient. I'm aware pf doesn't support the token :network6 ... its just a wishful example. The IPv6 mapped IPv4 addresses would be the standard ::ffff:0:0/96 prefix. I imagine that this is very difficult to implement but I don't see why it wouldn't be possible. If a firewall supported this kind of NAT, a home network could easily deploy IPv6 and be backward compatible. Well, not quite, I guess BIND would have to serve IPv6 mapped IPv4 addresses to IPv6 queries. Oh yeah, one annoyance on 7-STABLE, it seems like pf is started before IPv6 rc.conf options are processed (including IPv6 address assignment) breaking inet6 rules that involve $if:network. Comments? Other than that, this has been one hell of a fun experience. Best Regards, Nathan Lay From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 16:26:08 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 267E4106566C for ; Fri, 24 Apr 2009 16:26:08 +0000 (UTC) (envelope-from m.jakeman@lancaster.ac.uk) Received: from ignavia.lancs.ac.uk (ignavia.lancs.ac.uk [148.88.25.16]) by mx1.freebsd.org (Postfix) with ESMTP id E207E8FC1C for ; Fri, 24 Apr 2009 16:26:07 +0000 (UTC) (envelope-from m.jakeman@lancaster.ac.uk) Received: from mail02.lancs.ac.uk ([148.88.1.54]) by ignavia.lancs.ac.uk with esmtp (Exim 4.69) (envelope-from ) id 1LxNsT-0000Ge-2C; Fri, 24 Apr 2009 17:03:49 +0100 Received: from ind029000021.lancs.ac.uk ([148.88.226.184]) by mail02.lancs.ac.uk with esmtp (Exim 4.69) (envelope-from ) id 1LxNsT-0008Li-5S; Fri, 24 Apr 2009 17:03:49 +0100 Message-ID: <49F1E2E7.5010703@lancaster.ac.uk> Date: Fri, 24 Apr 2009 17:03:51 +0100 From: Matthew Jakeman User-Agent: Thunderbird 2.0.0.21 (X11/20090409) MIME-Version: 1.0 To: Nathan Lay References: <49F1128A.3080501@comcast.net> In-Reply-To: <49F1128A.3080501@comcast.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 16:26:08 -0000 Nathan Lay wrote: > I started playing with IPv6 on my home network with the intent to > transition over. While many things work quite well, IPv6 technology > in general still seems to have some rough edges. > > In terms of FreeBSD support, rtadvd and rtsol do not yet support > (easily? -O option in rtadvd/rtsold) RFC5006 (Router Advertisements > Option for DNS Configuration) which make it inconvenient to use mobile > devices (like laptops) on an IPv6 network. I haven't had much luck > with net/radvd. What are your problems with using radvd? I have used it quite a bit on FreeBSD (6.1) without any hassle. It's even written quite nicely in my experience so working on patches for it should be quite do-able if there are features missing. > Is this something that could be improved? I'd be willing to implement > this support, but I have very little time to spare (writing thesis). > > To be backward compatible with IPv4, I had a look at faith and faithd > and while these tools are ingenius, I don't think they are good enough > for transitioning to IPv6. I imagine it is possible to write an > IPv6->IPv4 NAT daemon that uses faith to capture and restructure > IPv6/IPv4 packets. Though, it really seems like this is the > firewall's job > > A pf rule like: > > nat on $inet4_if inet to any from $lan_if:network6 -> ($inet4_if) > > would be extremely convenient. I'm aware pf doesn't support the token > :network6 ... its just a wishful example. The IPv6 mapped IPv4 > addresses would be the standard ::ffff:0:0/96 prefix. I imagine that > this is very difficult to implement but I don't see why it wouldn't be > possible. If a firewall supported this kind of NAT, a home network > could easily deploy IPv6 and be backward compatible. Well, not quite, > I guess BIND would have to serve IPv6 mapped IPv4 addresses to IPv6 > queries. > > Oh yeah, one annoyance on 7-STABLE, it seems like pf is started before > IPv6 rc.conf options are processed (including IPv6 address assignment) > breaking inet6 rules that involve $if:network. > > Comments? > > Other than that, this has been one hell of a fun experience. > > Best Regards, > Nathan Lay > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 16:42:03 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 555BF10656A9; Fri, 24 Apr 2009 16:42:03 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from mx00.pub.collaborativefusion.com (mx00.pub.collaborativefusion.com [206.210.89.199]) by mx1.freebsd.org (Postfix) with ESMTP id 16DAE8FC20; Fri, 24 Apr 2009 16:42:02 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from vanquish.ws.pitbpa0.priv.collaborativefusion.com (vanquish.ws.pitbpa0.priv.collaborativefusion.com [192.168.2.162]) (SSL: TLSv1/SSLv3,256bits,AES256-SHA) by wingspan with esmtp; Fri, 24 Apr 2009 12:42:02 -0400 id 000564DD.0000000049F1EBDA.0000E0CB Date: Fri, 24 Apr 2009 12:42:02 -0400 From: Bill Moran To: ddg@yan.com.br Message-Id: <20090424124202.951a82e1.wmoran@collaborativefusion.com> In-Reply-To: <49F1DBAE.1080205@yan.com.br> References: <49F06985.1000303@yan.com.br> <49F0A7DD.30206@elischer.org> <49F1DBAE.1080205@yan.com.br> Organization: Collaborative Fusion Inc. X-Mailer: Sylpheed 2.6.0 (GTK+ 2.14.7; i386-portbld-freebsd7.1) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-ipfw@freebsd.org, Julian Elischer , freebsd-net@freebsd.org Subject: Re: IPFW MAX RULES COUNT PERFORMANCE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 16:42:03 -0000 In response to Daniel Dias Gon=E7alves : > Very good thinking, congratulations, but my need is another. > The objective is a Captive Porrtal that each authentication is=20 > dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm= =20 > testing is what is the maximum capacity of rules supported, therefore=20 > simultaneous user. >=20 > Understand ? If you're only doing allow, then you'd be better off using a table, which has much better performance than a bunch of separate rules. If you're counting packets, I don't know if that approach will work or not. --=20 Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/ wmoran@collaborativefusion.com Phone: 412-422-3463x4023 **************************************************************** IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message is not an intended recipient (or the individual responsible for the delivery of this message to an intended recipient), please be advised that any re-use, dissemination, distribution or copying of this message is prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. **************************************************************** From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 16:51:27 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B51C3106566B for ; Fri, 24 Apr 2009 16:51:27 +0000 (UTC) (envelope-from bob@veznat.com) Received: from mail.ttora.com (mail.ttora.com [208.75.243.236]) by mx1.freebsd.org (Postfix) with ESMTP id 713888FC0C for ; Fri, 24 Apr 2009 16:51:27 +0000 (UTC) (envelope-from bob@veznat.com) DomainKey-Signature: s=two; d=veznat.com; c=nofws; q=dns; h=X-MID:X-IronPort-AV:X-IronPort-AV:Received:Message-ID: From:To:Cc:References:In-Reply-To:Subject:Date: MIME-Version:Content-Type:Content-Transfer-Encoding: X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE; b=klm8Nf9vts3M8YnTHKWwRhuw+Wao0rcpTpzepRr/YQ+Ztf6hSwDER6PA 7AT4h4NMnovupGhsoRE/9HnTMpyZBK5Sr+8VRs6nW/+BUi4sk2hIwv44q JeJ6q2HRMikDBKYtdj36rH1m9oFOFjnjsH0RDI2k53L5rjpj+QXHse3Mn Y=; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=veznat.com; i=bob@veznat.com; q=dns/txt; s=one; t=1240591887; x=1272127887; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20"Bob=20Van=20Zant"=20|Subject: =20Re:=20IPv6=20Ideas|Date:=20Fri,=2024=20Apr=202009=2009 :51:18=20-0700|Message-ID:=20|To:=20"Matthew=20Jakeman"=20,=0D=0A=09"Nathan=20Lay"=20|Cc:=20|MIME-Version:=201.0 |Content-Transfer-Encoding:=207bit|In-Reply-To:=20<49F1E2 E7.5010703@lancaster.ac.uk>|References:=20<49F1128A.30805 01@comcast.net>=20<49F1E2E7.5010703@lancaster.ac.uk>; bh=WLOjMjjG/j5b/hy/wXHHcNE0KExp7gvl6rIWU49pH6w=; b=gjq/tyv2ZOebRM/V0PyjRcW/O9ytFlh2SapHXC6cmjD2sBpDRJASCA1u ooU9Wirg6a5Nw+G8MSSqS+HbNFyUlRvIqDCGAgqL9HpPash/nlLdeayoo pTvz+1NRV9Xv3TSjH+lNrk7Km7cUBoiNBOcHwhXe8NhqLabMLwZAh1XoT 8=; X-MID: 825084 X-IronPort-AV: E=McAfee;i="5300,2777,5595"; a="825084" X-IronPort-AV: E=Sophos;i="4.40,242,1239001200"; d="scan'208";a="825084" Received: from unknown (HELO wincrap) ([24.5.4.92]) by mail.ttora.com with ESMTP/TLS/AES128-SHA; 24 Apr 2009 09:51:26 -0700 Message-ID: From: "Bob Van Zant" To: "Matthew Jakeman" , "Nathan Lay" References: <49F1128A.3080501@comcast.net> <49F1E2E7.5010703@lancaster.ac.uk> In-Reply-To: <49F1E2E7.5010703@lancaster.ac.uk> Date: Fri, 24 Apr 2009 09:51:18 -0700 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=response Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Windows Mail 6.0.6001.18000 X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6001.18049 Cc: freebsd-net@freebsd.org Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 16:51:27 -0000 > What are your problems with using radvd? I have used it quite a bit on > FreeBSD (6.1) without any hassle. It's even written quite nicely in my > experience so working on patches for it should be quite do-able if there > are features missing. He's saying that the router announcements don't contain any DNS server information. There's an extension/option that can be enabled with router advertisements to make it send this information, similar in function to how DHCP sends out extra info like the default gateway, DNS server, NTP server, WINS servers, etc. To my knowledge this wasn't around when the Kame guys were working on this stuff. I don't think a lot of time has been spent updating the v6 support applications since then and that's why we don't have this feature. This isn't a big deal in dual-stack networks because the clients just do DNS over v4 with whatever the DHCP server gave. In a pure-v6 world... In hindsight it's an obvious oversight that it wasn't included in the first place. -Bob From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 17:06:46 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E89081065670 for ; Fri, 24 Apr 2009 17:06:46 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-qy0-f105.google.com (mail-qy0-f105.google.com [209.85.221.105]) by mx1.freebsd.org (Postfix) with ESMTP id 8FE438FC1D for ; Fri, 24 Apr 2009 17:06:46 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: by qyk3 with SMTP id 3so2430505qyk.3 for ; Fri, 24 Apr 2009 10:06:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=Dms0aXVyhyq29rkfEOyttN+NXXccjrmEfnka+0/kv7I=; b=OtUp3YVEfQgPqtCuCfKprgsjIKoAVzn/4h1uRmD2+mSxIOHwB3huYGtnKnFZxJhCdU 8G3pWVRJNUkG22moEz7bemUWX5JmTjp2Ajz+/6s/uSyTK6simNx8zyY/55YFo2R4HA8d H62gnrPM+VY8XMbeJ5f+tuvAVjIFYbJUt45JQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=vqH1WU6EJtSQgiC1e7+aonJbHyMI1w22RPiLJD3FZXmY+D96L79QrPqse/24ojsjir eFzRqk1DLO4xLjpYRwRXdFfp+UlLKIwQAKTezuhWstWQB6/aLRBj7yYVoqjR2a7twKCg FtbRwf0Mjl3m+CJLJKwWnektxTl2E9vxs8ZSA= MIME-Version: 1.0 Sender: adrian.chadd@gmail.com Received: by 10.229.85.143 with SMTP id o15mr1663377qcl.1.1240592805948; Fri, 24 Apr 2009 10:06:45 -0700 (PDT) In-Reply-To: <49F06985.1000303@yan.com.br> References: <49F06985.1000303@yan.com.br> Date: Sat, 25 Apr 2009 01:06:45 +0800 X-Google-Sender-Auth: a837a73ca830f1b9 Message-ID: From: Adrian Chadd To: ddg@yan.com.br Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPFW MAX RULES COUNT PERFORMANCE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 17:06:47 -0000 You'd almost certainly be better off hacking up an extension to ipfw which lets you count a /24 in one rule. As in, the count rule would match on the subnet/netmask, have 256 32 (or 64 bit) integers allocated to record traffic in, and then do an O(1) operation using the last octet of the v4 address to map it into this 256 slot array to update counters for. It'd require a little tool hackery to extend ipfw in userland/kernel space to do it but it would work and be (very almost) just as fast as a single rule. 2c, Adrian 2009/4/23 Daniel Dias Gon=E7alves : > Hi, > > My system is a FreeBSD 7.1R. > When I add rules IPFW COUNT to 254 IPS from my network, one of my interfa= ces > increases the latency, causing large delays in the network, when I delete > COUNT rules, everything returns to normal, which can be ? > > My script: > > ipcount.php > -- CUT -- > $c=3D0; > $a=3D50100; > for($x=3D0;$x<=3D0;$x++) { > =A0 =A0 =A0 for($y=3D1;$y<=3D254;$y++) { > =A0 =A0 =A0 =A0 =A0 =A0 =A0 $ip =3D "192.168.$x.$y"; > =A0 =A0 =A0 =A0 =A0 =A0 =A0 system("/sbin/ipfw -q add $a count { tcp or u= dp } from any to > $ip/32"); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 system("/sbin/ipfw -q add $a count { tcp or u= dp } from $ip/32 > to any"); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 #system("/sbin/ipfw delete $a"); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 $c++; > =A0 =A0 =A0 =A0 =A0 =A0 =A0 $a++; > =A0 =A0 =A0 } > } > echo "\n\nTotal: $c\n"; > ?> > -- CUT -- > > net.inet.ip.fw.dyn_keepalive: 1 > net.inet.ip.fw.dyn_short_lifetime: 5 > net.inet.ip.fw.dyn_udp_lifetime: 10 > net.inet.ip.fw.dyn_rst_lifetime: 1 > net.inet.ip.fw.dyn_fin_lifetime: 1 > net.inet.ip.fw.dyn_syn_lifetime: 20 > net.inet.ip.fw.dyn_ack_lifetime: 300 > net.inet.ip.fw.static_count: 262 > net.inet.ip.fw.dyn_max: 10000 > net.inet.ip.fw.dyn_count: 0 > net.inet.ip.fw.curr_dyn_buckets: 256 > net.inet.ip.fw.dyn_buckets: 10000 > net.inet.ip.fw.default_rule: 65535 > net.inet.ip.fw.verbose_limit: 0 > net.inet.ip.fw.verbose: 1 > net.inet.ip.fw.debug: 0 > net.inet.ip.fw.one_pass: 1 > net.inet.ip.fw.autoinc_step: 100 > net.inet.ip.fw.enable: 1 > net.link.ether.ipfw: 1 > net.link.bridge.ipfw: 0 > net.link.bridge.ipfw_arp: 0 > > Thanks, > > Daniel > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 17:13:23 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3C8ED1065686 for ; Fri, 24 Apr 2009 17:13:23 +0000 (UTC) (envelope-from sthaug@nethelp.no) Received: from bizet.nethelp.no (bizet.nethelp.no [195.1.209.33]) by mx1.freebsd.org (Postfix) with SMTP id 812BA8FC15 for ; Fri, 24 Apr 2009 17:13:18 +0000 (UTC) (envelope-from sthaug@nethelp.no) Received: (qmail 56339 invoked from network); 24 Apr 2009 17:13:17 -0000 Received: from bizet.nethelp.no (HELO localhost) (195.1.209.33) by bizet.nethelp.no with SMTP; 24 Apr 2009 17:13:17 -0000 Date: Fri, 24 Apr 2009 19:13:17 +0200 (CEST) Message-Id: <20090424.191317.112607500.sthaug@nethelp.no> To: bob@veznat.com From: sthaug@nethelp.no In-Reply-To: References: <49F1128A.3080501@comcast.net> <49F1E2E7.5010703@lancaster.ac.uk> X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, m.jakeman@lancaster.ac.uk, nslay@comcast.net Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 17:13:23 -0000 > To my knowledge this wasn't around when the Kame guys were working on this > stuff. I don't think a lot of time has been spent updating the v6 support > applications since then and that's why we don't have this feature. > > This isn't a big deal in dual-stack networks because the clients just do DNS > over v4 with whatever the DHCP server gave. In a pure-v6 world... In > hindsight it's an obvious oversight that it wasn't included in the first > place. Not necessarily just oversight, also politics. IPv6 RA can't give you DNS info (without the addition you mentioned), and DHCPv6 can't give you a default route. Both pretty bad, actually. It looks like we may get a default route option for DHCPv6 now, but there's still a lot of resistance against it. Steinar Haug, Nethelp consulting, sthaug@nethelp.no From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 17:15:19 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2F58410656DE for ; Fri, 24 Apr 2009 17:15:19 +0000 (UTC) (envelope-from Anatoliy.Poloz@onetelecom.od.ua) Received: from main.merlin.com.ua (mail.onetelecom.od.ua [91.194.72.4]) by mx1.freebsd.org (Postfix) with ESMTP id D6D788FC0C for ; Fri, 24 Apr 2009 17:15:18 +0000 (UTC) (envelope-from Anatoliy.Poloz@onetelecom.od.ua) Received: from [192.168.67.95] (t0ly [192.168.67.95]) by main.merlin.com.ua (Postmaster) with ESMTP id 8072E5DCD72; Fri, 24 Apr 2009 20:04:07 +0300 (EEST) Message-ID: <49F1EFA4.7000107@onetelecom.od.ua> Date: Fri, 24 Apr 2009 19:58:12 +0300 From: "Anatoliy.Poloz" User-Agent: Thunderbird 2.0.0.21 (X11/20090321) MIME-Version: 1.0 To: Bill Moran References: <49F06985.1000303@yan.com.br> <49F0A7DD.30206@elischer.org> <49F1DBAE.1080205@yan.com.br> <20090424124202.951a82e1.wmoran@collaborativefusion.com> In-Reply-To: <20090424124202.951a82e1.wmoran@collaborativefusion.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-ipfw@freebsd.org, Julian Elischer , ddg@yan.com.br, freebsd-net@freebsd.org Subject: Re: IPFW MAX RULES COUNT PERFORMANCE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Anatoliy.Poloz@onetelecom.od.ua List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 17:15:20 -0000 Bill Moran wrote: > In response to Daniel Dias Gonçalves : > >> Very good thinking, congratulations, but my need is another. >> The objective is a Captive Porrtal that each authentication is >> dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm >> testing is what is the maximum capacity of rules supported, therefore >> simultaneous user. >> >> Understand ? > > If you're only doing allow, then you'd be better off using a table, > which has much better performance than a bunch of separate rules. > > If you're counting packets, I don't know if that approach will work > or not. > if u need to count ip traffic for all clients u can use sipmple and more performance rule set, like this one: LOCAL_NET=192.168.0.0/24 ipfw pipe 100 config bw 0 mask src-ip 0xffffffff ipfw pipe 100 config bw 0 mask dst-ip 0xffffffff ipfw add 100 pipe 100 ip from ${LOCAL_NET} to any out ipfw add 200 pipe 200 ip from any to ${LOCAL_NET} in From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 17:32:17 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A95261065673 for ; Fri, 24 Apr 2009 17:32:17 +0000 (UTC) (envelope-from emaste@freebsd.org) Received: from maste.org (emaste.tor.istop.com [66.11.182.63]) by mx1.freebsd.org (Postfix) with ESMTP id 73B7F8FC22 for ; Fri, 24 Apr 2009 17:32:17 +0000 (UTC) (envelope-from emaste@freebsd.org) Received: by maste.org (Postfix, from userid 1001) id DA2AF21; Fri, 24 Apr 2009 17:42:08 +0000 (UTC) Date: Fri, 24 Apr 2009 17:42:08 +0000 From: Ed Maste To: Barney Cordoba Message-ID: <20090424174208.GA76828@jem.dhs.org> References: <20090423190408.GA65895@jem.dhs.org> <41289.49790.qm@web63906.mail.re1.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41289.49790.qm@web63906.mail.re1.yahoo.com> User-Agent: Mutt/1.4.2.1i Cc: freebsd-net@freebsd.org Subject: Re: Interrupts + Polling mode (similar to Linux's NAPI) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 17:32:18 -0000 On Fri, Apr 24, 2009 at 08:03:52AM -0700, Barney Cordoba wrote: > Actually, the "advantage of using interrupts" is to have a per > NIC control without having all of the extra code to implement > polling. Using variable interrupt moderation is much more desirable > and efficient, so polling is only useful for legacy NICs with no > controls on interrupt delays. I'm aware of the advantages and tradeoffs of the various approaches, and the shortcomings of our current polling infrastructure, probably the greatest of which is the lack of any parallelism. That said, in testing some time ago polling with the modifications I alluded to in my email, using em(4), gave the highest throughput of all approaches. (At the expence of latency, as expected.) In addition, having a standardized polling interface allows for use of the interface when the system is not fully running -- network crashdumps, for instance. We can certainly use improvements in the polling infrastructure though, at least allowing it to properly take advantage of SMP. The KPI change proposed here is to allow some of those improvements, should they happen, to be MFC'd to 8. -Ed From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 18:04:40 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BA195106566B for ; Fri, 24 Apr 2009 18:04:40 +0000 (UTC) (envelope-from m.jakeman@lancaster.ac.uk) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.188]) by mx1.freebsd.org (Postfix) with ESMTP id 4AC628FC0C for ; Fri, 24 Apr 2009 18:04:40 +0000 (UTC) (envelope-from m.jakeman@lancaster.ac.uk) Received: from [10.0.30.4] (client-86-25-235-212.mcr-bng-011.adsl.virginmedia.net [86.25.235.212]) by mrelayeu.kundenserver.de (node=mreu0) with ESMTP (Nemesis) id 0MKuxg-1LxPZ02Htj-0000oo; Fri, 24 Apr 2009 19:51:51 +0200 Message-ID: <49F1FCF1.9000903@lancaster.ac.uk> Date: Fri, 24 Apr 2009 18:54:57 +0100 From: Matthew Jakeman User-Agent: Thunderbird 2.0.0.18 (X11/20081125) MIME-Version: 1.0 To: Bob Van Zant References: <49F1128A.3080501@comcast.net> <49F1E2E7.5010703@lancaster.ac.uk> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Provags-ID: V01U2FsdGVkX1+HEbwUenFyk0XUo4JCNQLWaBtZ2iX4x+HbqVP Etst1bb/XrZ/RdFfDlsblKEPtK1Mr0XCDUeS7z88f7G8tYNF3r oT5Uj04JB4hGTMSVva5BKob+sSCc0XguP6HqYuH9xA= Cc: freebsd-net@freebsd.org, Nathan Lay Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 18:04:41 -0000 Bob Van Zant wrote: >> What are your problems with using radvd? I have used it quite a bit on >> FreeBSD (6.1) without any hassle. It's even written quite nicely in my >> experience so working on patches for it should be quite do-able if >> there are features missing. > > He's saying that the router announcements don't contain any DNS server > information. There's an extension/option that can be enabled with router > advertisements to make it send this information, similar in function to > how DHCP sends out extra info like the default gateway, DNS server, NTP > server, WINS servers, etc. Yes but he was also saying that support for the existing RFC to provide the RA option does not seem to be present in any of the tools (from what I gathered). If the RFC is there then surely this functionality could be added. From the original message I thought he was having problems getting radvd to work at all. This could just be me misunderstanding the mail however. From my perspective this is one thing that needs significant improvement for v6. There are many RFC's/ietf drafts out there that add some nifty functionality but support for them in the real world applications seems to be lacking somewhat. > > To my knowledge this wasn't around when the Kame guys were working on > this stuff. I don't think a lot of time has been spent updating the v6 > support applications since then and that's why we don't have this feature. > > This isn't a big deal in dual-stack networks because the clients just do > DNS over v4 with whatever the DHCP server gave. In a pure-v6 world... In > hindsight it's an obvious oversight that it wasn't included in the first > place. > > -Bob > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 18:54:15 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 52ED3106566C for ; Fri, 24 Apr 2009 18:54:15 +0000 (UTC) (envelope-from nslay@comcast.net) Received: from QMTA13.emeryville.ca.mail.comcast.net (qmta13.emeryville.ca.mail.comcast.net [76.96.27.243]) by mx1.freebsd.org (Postfix) with ESMTP id 3C17D8FC08 for ; Fri, 24 Apr 2009 18:54:15 +0000 (UTC) (envelope-from nslay@comcast.net) Received: from OMTA10.emeryville.ca.mail.comcast.net ([76.96.30.28]) by QMTA13.emeryville.ca.mail.comcast.net with comcast id jPCx1b0010cQ2SLADWh65M; Fri, 24 Apr 2009 18:41:06 +0000 Received: from LIGHTBULB.LOCAL ([68.35.224.189]) by OMTA10.emeryville.ca.mail.comcast.net with comcast id jWh31b00R45o48c8WWh5XD; Fri, 24 Apr 2009 18:41:06 +0000 Message-ID: <49F2077D.2060701@comcast.net> Date: Fri, 24 Apr 2009 14:39:57 -0400 From: Nathan Lay User-Agent: Thunderbird 2.0.0.21 (X11/20090406) MIME-Version: 1.0 To: Matthew Jakeman References: <49F1128A.3080501@comcast.net> <49F1E2E7.5010703@lancaster.ac.uk> In-Reply-To: <49F1E2E7.5010703@lancaster.ac.uk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 18:54:15 -0000 Matthew Jakeman wrote: > Nathan Lay wrote: >> I started playing with IPv6 on my home network with the intent to >> transition over. While many things work quite well, IPv6 technology >> in general still seems to have some rough edges. >> >> In terms of FreeBSD support, rtadvd and rtsol do not yet support >> (easily? -O option in rtadvd/rtsold) RFC5006 (Router Advertisements >> Option for DNS Configuration) which make it inconvenient to use >> mobile devices (like laptops) on an IPv6 network. I haven't had much >> luck with net/radvd. > > What are your problems with using radvd? I have used it quite a bit on > FreeBSD (6.1) without any hassle. It's even written quite nicely in my > experience so working on patches for it should be quite do-able if > there are features missing. > radvd actually does support DNS advertisement (but rtsol doesn't, so it doesn't matter). The problem is, it doesn't work. on 7-STABLE it dumps "Can't assign requested address." I think it has something to do with if_bridge not having a link-local address (apparently the standards are ambiguous about link-local addresses on bridges). To make rtadvd work, I had to tell it to advertise on bridge-member interfaces directly. Best Regards, Nathan Lay From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 19:00:28 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 981A31065686 for ; Fri, 24 Apr 2009 19:00:28 +0000 (UTC) (envelope-from nslay@comcast.net) Received: from QMTA01.emeryville.ca.mail.comcast.net (qmta01.emeryville.ca.mail.comcast.net [76.96.30.16]) by mx1.freebsd.org (Postfix) with ESMTP id 816428FC16 for ; Fri, 24 Apr 2009 19:00:28 +0000 (UTC) (envelope-from nslay@comcast.net) Received: from OMTA09.emeryville.ca.mail.comcast.net ([76.96.30.20]) by QMTA01.emeryville.ca.mail.comcast.net with comcast id jR521b0040S2fkCA1WzXU3; Fri, 24 Apr 2009 18:59:31 +0000 Received: from LIGHTBULB.LOCAL ([68.35.224.189]) by OMTA09.emeryville.ca.mail.comcast.net with comcast id jX0S1b00Y45o48c8VX0UlZ; Fri, 24 Apr 2009 19:00:29 +0000 Message-ID: <49F20C08.8070006@comcast.net> Date: Fri, 24 Apr 2009 14:59:20 -0400 From: Nathan Lay User-Agent: Thunderbird 2.0.0.21 (X11/20090406) MIME-Version: 1.0 To: Steve Bertrand References: <49F1128A.3080501@comcast.net> <49F1C53F.5040202@ibctech.ca> In-Reply-To: <49F1C53F.5040202@ibctech.ca> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: IPv6 Ideas X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 19:00:28 -0000 Steve Bertrand wrote: > Nathan Lay wrote: > >> I started playing with IPv6 on my home network with the intent to >> transition over. While many things work quite well, IPv6 technology in >> general still seems to have some rough edges. >> > > I disagree. I believe the "rough edges" do not belong to IPv6, the > "rough edges" are the applications that are not compatible, the network > devices that are not compatible, and the ISP's who have the mindset that > they will never need IPv6, and refuse to look at it. > > While the IPv6 implementation is great, it doesn't seem like it can be used for anything serious yet. If there is to be a transition to IPv6, the applications that assist the management of an IPv6 network appear to need improvement (like rtsol/rtadvd, faith/faithd for example). >> To be backward compatible with IPv4, I had a look at faith and faithd >> and while these tools are ingenius, I don't think they are good enough >> for transitioning to IPv6. I imagine it is possible to write an >> IPv6->IPv4 NAT daemon that uses faith to capture and restructure >> IPv6/IPv4 packets. Though, it really seems like this is the firewall's job >> >> A pf rule like: >> >> nat on $inet4_if inet to any from $lan_if:network6 -> ($inet4_if) >> >> would be extremely convenient. I'm aware pf doesn't support the token >> :network6 ... its just a wishful example. The IPv6 mapped IPv4 >> addresses would be the standard ::ffff:0:0/96 prefix. I imagine that >> this is very difficult to implement but I don't see why it wouldn't be >> possible. If a firewall supported this kind of NAT, a home network >> could easily deploy IPv6 and be backward compatible. Well, not quite, I >> guess BIND would have to serve IPv6 mapped IPv4 addresses to IPv6 queries. >> > > My hope is that I never have to deal with anything where IPv6 and NAT > are in the same sentence :) > > I don't see how my suggestion is difficult to comprehend from the user's perspective (from the programmer perspective, it seems nightmarish). You have a dual-stack router, the objective is to share connectivity over one or more IPv4 router addresses with IPv6 clients. Conceptually its the same as NAT on IPv4/6-only networks. Since there is a standard IPv6 mapped IPv4 address prefix (::ffff:0:0/96) IPv6 clients need only use this prefix to reach IPv4 networks. The only real issue is that a DNS server needs to serve IPv6 mapped IPv4 addresses to IPv6 queries. The nightmarish aspect is this probably involves more than just address translation, IPv4 and IPv6 are apparently very different. If faith(4) works the way I think it does, a program could be made to accomplish similar, but it really seems like a firewall should do this (to be consistent with what firewalls are already assumed to do). The consequence of such a feature is that IPv6-only home networks (minus the dual-stack router) will not only be seamlessly backward compatible with IPv4 Internet, but it will be slightly better than choosing to use 192.168.x.y, 10.x.y.z or 172.x.y.z since it can reach IPv6 Internet too. This would significantly help IPv6 transition and adoption. Best Regards, Nathan Lay From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 20:29:25 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A0BBC1065673 for ; Fri, 24 Apr 2009 20:29:25 +0000 (UTC) (envelope-from pcc@gmx.net) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.freebsd.org (Postfix) with SMTP id DABD18FC1E for ; Fri, 24 Apr 2009 20:29:24 +0000 (UTC) (envelope-from pcc@gmx.net) Received: (qmail 1250 invoked by uid 0); 24 Apr 2009 20:29:23 -0000 Received: from 84.163.247.138 by www173.gmx.net with HTTP; Fri, 24 Apr 2009 22:29:22 +0200 (CEST) Content-Type: text/plain; charset="iso-8859-1" Date: Fri, 24 Apr 2009 22:29:23 +0200 From: "Peter Cornelius" In-Reply-To: <49E57076.7040509@elischer.org> Message-ID: <20090424202923.235660@gmx.net> MIME-Version: 1.0 References: <20090413.220932.74699777.sthaug@nethelp.no> <49E41755.8050701@elischer.org> <49E48799.1000300@ibctech.ca> <20090414.212318.41684722.sthaug@nethelp.no> <11167f520904141722r16b537a9o58497c9719fb6fc5@mail.gmail.com> <49E57076.7040509@elischer.org> To: Julian Elischer , sfourman@gmail.com X-Authenticated: #491680 X-Flags: 0001 X-Mailer: WWW-Mail 6100 (Global Message Exchange) X-Priority: 5 X-Provags-ID: V01U2FsdGVkX18kec5H6Ywk7U5NZMCgXCznyHgi44Do2U1AAvz66+ mZ6Pv0NDsk8Whh6rFERdFXvf5zhjqGDrr4Lg== Content-Transfer-Encoding: 8bit X-GMX-UID: cFWXOWY9ZCEEWc76YmwhnpZ4IGhpZcZ+ X-FuHaFi: 0.65 Cc: freebsd-net@freebsd.org, steve@ibctech.ca, sthaug@nethelp.no Subject: VIMAGE (was: Multiple default routes / Force external routing) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 20:29:25 -0000 > > is VIMAGE fully integrated into FreeBSD 8 CURRENT? (I believe this > > answer is no) > > also is VIMAGE expected to make it into FreeBSD 8? > > not fully but a lot of it is under way Thanks for the pointer, I currently don't get it [1] to build on RELENG_7 which I naively hoped, so the "lot" probably not suffient for me yet. So, w/o patience for August, I probably need to find another way. Anyways, thanks for the comments, Regards, Peter. [1] http://imunes.tel.fer.hr/virtnet/vimage_7_20090401.tgz -- Neu: GMX FreeDSL Komplettanschluss mit DSL 6.000 Flatrate + Telefonanschluss für nur 17,95 Euro/mtl.!* http://dslspecial.gmx.de/freedsl-surfflat/?ac=OM.AD.PD003K11308T4569a From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 21:08:45 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5FD01106567D for ; Fri, 24 Apr 2009 21:08:45 +0000 (UTC) (envelope-from zec@icir.org) Received: from labs4.cc.fer.hr (labs4.cc.fer.hr [161.53.72.24]) by mx1.freebsd.org (Postfix) with ESMTP id C14BE8FC13 for ; Fri, 24 Apr 2009 21:08:44 +0000 (UTC) (envelope-from zec@icir.org) Received: from sluga.fer.hr (sluga.cc.fer.hr [161.53.72.14]) by labs4.cc.fer.hr (8.14.2/8.14.2) with ESMTP id n3OKnqUM021340 for ; Fri, 24 Apr 2009 22:49:53 +0200 (CEST) Received: from [192.168.200.110] ([161.53.19.79]) by sluga.fer.hr over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Fri, 24 Apr 2009 22:49:30 +0200 From: Marko Zec To: freebsd-net@freebsd.org Date: Fri, 24 Apr 2009 22:49:27 +0200 User-Agent: KMail/1.9.10 References: <20090413.220932.74699777.sthaug@nethelp.no> <49E57076.7040509@elischer.org> <20090424202923.235660@gmx.net> In-Reply-To: <20090424202923.235660@gmx.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200904242249.27640.zec@icir.org> X-OriginalArrivalTime: 24 Apr 2009 20:49:30.0819 (UTC) FILETIME=[2A6C2130:01C9C51E] X-Scanned-By: MIMEDefang 2.64 on 161.53.72.24 Cc: sfourman@gmail.com, sthaug@nethelp.no, Julian Elischer , Peter Cornelius , steve@ibctech.ca Subject: Re: VIMAGE (was: Multiple default routes / Force external routing) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 21:08:45 -0000 On Friday 24 April 2009 22:29:23 Peter Cornelius wrote: > > > is VIMAGE fully integrated into FreeBSD 8 CURRENT? (I believe this > > > answer is no) > > > also is VIMAGE expected to make it into FreeBSD 8? > > > > not fully but a lot of it is under way > > Thanks for the pointer, I currently don't get it [1] to build on RELENG_7 > which I naively hoped, so the "lot" probably not suffient for me yet. So, > w/o patience for August, I probably need to find another way. Hmm... tpx32% uname -a FreeBSD tpx32.icir.org 7.1-STABLE FreeBSD 7.1-STABLE #0: Thu Feb 5 22:36:40 CET 2009 marko@tpx32.icir.org:/u/marko/p4/zec/vimage_7/src/sys/i386/compile/VIMAGE i386 tpx32% pwd /u/marko/tmp tpx32% tar -xzf vimage_7_20090401.tgz tpx32% cd src/sys/i386/conf/ tpx32% config VIMAGE tpx32% cd ../compile/VIMAGE/ tpx32% make depend; make tpx32% sudo make install tpx32% cd ~/tmp/src/usr.sbin/vimage/ tpx32% make clean; make tpx32% sudo make install Let me know if that doesn't work... Good > Anyways, thanks for the comments, > > Regards, > > Peter. > > [1] http://imunes.tel.fer.hr/virtnet/vimage_7_20090401.tgz From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 21:58:15 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0D3BA106567F for ; Fri, 24 Apr 2009 21:58:15 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outD.internet-mail-service.net (outd.internet-mail-service.net [216.240.47.227]) by mx1.freebsd.org (Postfix) with ESMTP id E2B128FC17 for ; Fri, 24 Apr 2009 21:58:14 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 624B814E101; Fri, 24 Apr 2009 14:58:46 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 774D52D605D; Fri, 24 Apr 2009 14:58:13 -0700 (PDT) Message-ID: <49F235F4.2030202@elischer.org> Date: Fri, 24 Apr 2009 14:58:12 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: ddg@yan.com.br References: <49F06985.1000303@yan.com.br> <49F0A7DD.30206@elischer.org> <49F1DBAE.1080205@yan.com.br> In-Reply-To: <49F1DBAE.1080205@yan.com.br> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org Subject: Re: IPFW MAX RULES COUNT PERFORMANCE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 21:58:16 -0000 Daniel Dias Gonçalves wrote: > Very good thinking, congratulations, but my need is another. > The objective is a Captive Porrtal that each authentication is > dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm > testing is what is the maximum capacity of rules supported, therefore > simultaneous user. > > Understand ? > I think so. do not add rules. have a single rule that looks in a table and add entries to the table when needed. > Thanks, > > Daniel > > Julian Elischer escreveu: >> Daniel Dias Gonçalves wrote: >>> Hi, >>> >>> My system is a FreeBSD 7.1R. >>> When I add rules IPFW COUNT to 254 IPS from my network, one of my >>> interfaces increases the latency, causing large delays in the >>> network, when I delete COUNT rules, everything returns to normal, >>> which can be ? >>> >>> My script: >> >> of course adding 512 rules, *all of which hav eto be evaluated* will >> add latency. >> >> you have several ways to improve this situation. >> >> 1/ use a differnet tool. >> By using the netgraph netflow module you can get >> accunting information that may be more useful and less impactful. >> >> 2/ you could make your rules smarter.. >> >> use skipto rules to make the average packet traverse less rules.. >> >> off the top of my head.. (not tested..) >> >> Assuming you have machines 10.0.0.1-10.0.0.254.... >> the rules below have an average packet traversing 19 rules and not 256 >> for teh SYN packet and 2 rules for others.. >> you may not be able to do the keep state trick if you use state for >> other stuff but in that case worst case will still be 19 rules. >> >> 2 check-state >> 5 skipto 10000 ip from not 10.0.0.0/24 to any >> 10 skipto 2020 ip from not 10.0.0.0/25 to any # 0-128 >> 20 skipto 1030 ip from not 10.0.0.0/26 to any # 0-64 >> 30 skipto 240 ip from not 10.0.0.0/27 to any # 0-32 >> 40 skipto 100 ip from not 10.0.0.0/28 to any # 0-16 >> [16 count rules for 0-15] >> 80 skipto 10000 ip from any to any >> 100 [16 count rules for 16-31] keep-state >> 140 skipto 10000 ip from any to any >> 240 skipto 300 ip from not 10.0.0.32/28 >> [16 rules for 32-47] keep-state >> 280 skipto 10000 ip from any to any >> 300 [16 count rules for 48-63] keep-state >> 340 skipto 10000 ip from any to any >> 1030 skipto 1240 ip from not 10.0.0.64/27 to any >> 1040 skipto 1100 ip from not 10.0.0.64/28 to any >> [16 count rules for 64-79] keep-state >> 1080 skipto 10000 ip from any to any >> 1100 [16 rules for 80-95] keep-state >> 1140 skipto 10000 ip from any to any >> 1240 skipto 1300 ip from not 10.0.0.96/28 to any >> [16 count rules for 96-111] keep-state >> 1280 skipto 10000 ip from any to any >> 1300 [16 rules for 112-127] keep-state >> 1340 skipto 10000 ip from any to any >> 2020 skipto 3030 ip from not 10.0.0.128/26 to any >> 2030 skipto 2240 ip from not 10.0.0.128/28 to any >> [16 count rules for 128-143] keep-state >> 2080 skipto 10000 ip from any to any >> 2100 [16 rules for 144-159] keep-state >> 2140 skipto 10000 ip from any to any >> 2240 skipto 2300 ip from not 10.0.0.32/28 to any >> [16 count rules for 160-175] keep-state >> 2280 skipto 10000 ip from any to any >> 2300 [16 count rules for 176-191] keep-state >> 2340 skipto 10000 ip from any to any >> 3030 skipto 3240 ip from not 10.0.0.192/27 to any >> 3040 skipto 3100 ip from not 10.0.0.192/28 to any >> [16 count rules for 192-207] keep-state >> 3080 skipto 10000 ip from any to any >> 3100 [16 rules for 208-223] keep-state >> 3240 skipto 10000 ip from any to any >> 3240 skipto 3300 ip from not 10.0.0.224/28 to any >> [16 count rules for 224-239] keep-state >> 3280 skipto 10000 ip from any to any >> 3300 [16 count rules for 240-255] keep-state >> 3340 skipto 10000 ip from any to any >> >> 10000 #other stuff >> >> in fact you could improve it further with: >> 1/ either going down to a netmask of 29 (8 rules per set) >> or >> 2/ instead of having count rules make them skipto >> so you would have: >> 3300 skipto 10000 ip from 10.0.0.240 to any >> 3301 skipto 10000 ip from 10.0.0.241 to any >> 3302 skipto 10000 ip from 10.0.0.242 to any >> 3303 skipto 10000 ip from 10.0.0.243 to any >> 3304 skipto 10000 ip from 10.0.0.244 to any >> 3305 skipto 10000 ip from 10.0.0.245 to any >> 3306 skipto 10000 ip from 10.0.0.246 to any >> 3307 skipto 10000 ip from 10.0.0.247 to any >> 3308 skipto 10000 ip from 10.0.0.248 to any >> 3309 skipto 10000 ip from 10.0.0.249 to any >> 3310 skipto 10000 ip from 10.0.0.240 to any >> 3311 skipto 10000 ip from 10.0.0.241 to any >> 3312 skipto 10000 ip from 10.0.0.242 to any >> 3313 skipto 10000 ip from 10.0.0.243 to any >> 3314 skipto 10000 ip from 10.0.0.244 to any >> 3315 skipto 10000 ip from 10.0.0.245 to any >> >> thus on average, a packet would traverse half the rules (8). >> >> 3/ both the above so on average they would traverse 4 rules plus one >> extra skipto. >> >> you should be able to do the above in a script. >> I'd love to see it.. >> >> (you can also do skipto tablearg in -current (maybe 7.2 too) >> which may also be good.. (or not)) >> >> >> julian >> >> >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> >> From owner-freebsd-net@FreeBSD.ORG Fri Apr 24 23:08:41 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 26B5E10656BE; Fri, 24 Apr 2009 23:08:41 +0000 (UTC) (envelope-from kuan.joe@gmail.com) Received: from mail-ew0-f171.google.com (mail-ew0-f171.google.com [209.85.219.171]) by mx1.freebsd.org (Postfix) with ESMTP id 342338FC27; Fri, 24 Apr 2009 23:08:39 +0000 (UTC) (envelope-from kuan.joe@gmail.com) Received: by ewy19 with SMTP id 19so1204593ewy.43 for ; Fri, 24 Apr 2009 16:08:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type; bh=u1szUVa5rF/H/pUECQrWOt2PZkNVp/fOqITj2q/zV/I=; b=TVAnaft2rHl/N5FZgxOUHXOQDQXg/E4RpIc4cv8kdcC4BAuavOMK0y4aw8KE4W+RxZ YygPws3VZNpUiE2OsgSMrt4zPt0/wt20n+8Gv6r1epx+cmgKkk/57hrgs2o4PjjvXH+t RC66Z6GV37GJhf4Z4BrBJl6eH4OjOzp895lKI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=lRwk9cpn7EEDMNqld2EtgyJLjmLGDwFSuH6pwqXBL9SYRWwzWrOMjv/UJGwGs/8krU fu8aO0nT5P+c/wrEtvqwQvXlqCrMhiP8NoO+Msed4Xi9myuczAQ+ytYl3wa0WxAMeleG 1NsJ1Ze+14P1EhkwIg1XBkKLc2XSQeSihcJ+A= MIME-Version: 1.0 Received: by 10.216.54.198 with SMTP id i48mr220673wec.144.1240612925520; Fri, 24 Apr 2009 15:42:05 -0700 (PDT) Date: Fri, 24 Apr 2009 23:42:05 +0100 Message-ID: <40bb871a0904241542o3f4d6c6ap62ff71876074bbea@mail.gmail.com> From: Joseph Kuan To: freebsd-net@freebsd.org, freebsd-performance@freebsd.org, freebsd-threads@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: FreeBSD 7.1 taskq em performance X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Apr 2009 23:08:41 -0000 Hi all, I have been hitting some barrier with FreeBSD 7.1 network performance. I have written an application which contains two kernel threads that takes mbufs directly from a network interface and forwards to another network interface. This idea is to simulate different network environment. I have been using FreeBSD 6.4 amd64 and tested with an Ixia box (specialised hardware firing very high packet rate). The PC was a Core2 2.6 GHz with dual ports Intel PCIE Gigabit network card. It can manage up to 1.2 million pps. I have a higher spec PC with FreeBSD 7.1 amd64 and Quadcore 2.3 GHz and PCIE Gigabit network card. The performance can only achieve up to 600k pps. I notice the 'taskq em0' and 'taskq em1' is solid 100% CPU but it is not in FreeBSD 6.4. Any advice? Many thanks in advance Joe From owner-freebsd-net@FreeBSD.ORG Sat Apr 25 13:30:11 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BCBB11065677 for ; Sat, 25 Apr 2009 13:30:11 +0000 (UTC) (envelope-from pcc@gmx.net) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.freebsd.org (Postfix) with SMTP id 1C3C38FC13 for ; Sat, 25 Apr 2009 13:30:10 +0000 (UTC) (envelope-from pcc@gmx.net) Received: (qmail 8339 invoked by uid 0); 25 Apr 2009 13:30:08 -0000 Received: from 84.163.247.138 by www028.gmx.net with HTTP; Sat, 25 Apr 2009 15:30:06 +0200 (CEST) Content-Type: text/plain; charset="iso-8859-1" Date: Sat, 25 Apr 2009 15:30:06 +0200 From: "Peter Cornelius" In-Reply-To: <200904242249.27640.zec@icir.org> Message-ID: <20090425133006.311010@gmx.net> MIME-Version: 1.0 References: <20090413.220932.74699777.sthaug@nethelp.no> <49E57076.7040509@elischer.org> <20090424202923.235660@gmx.net> <200904242249.27640.zec@icir.org> To: Marko Zec , freebsd-net@freebsd.org X-Authenticated: #491680 X-Flags: 0001 X-Mailer: WWW-Mail 6100 (Global Message Exchange) X-Priority: 3 X-Provags-ID: V01U2FsdGVkX1/Jie8iVcLJbaRVxx0N4H+HiRTLVjlkiLxREzjK15 TcPcxoDqOb+tJ3FLHXo4yA13aY+iviZPIGCg== Content-Transfer-Encoding: 8bit X-GMX-UID: FlaVIxUPaHItftrSISUlW09iamdhZERT X-FuHaFi: 0.48 Cc: sfourman@gmail.com, steve@ibctech.ca, sthaug@nethelp.no, julian@elischer.org Subject: Re: VIMAGE (was: Multiple default routes / Force external routing) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Apr 2009 13:30:13 -0000 Thanks, Marco, > > > > is VIMAGE fully integrated into FreeBSD 8 CURRENT? (I believe this > > > > answer is no) > > > > also is VIMAGE expected to make it into FreeBSD 8? > > > > > > not fully but a lot of it is under way > > > > Thanks for the pointer, I currently don't get it [1] to build on > RELENG_7 > > which I naively hoped, so the "lot" probably not suffient for me yet. > So, > > w/o patience for August, I probably need to find another way. > > Hmm... > tpx32% uname -a > FreeBSD tpx32.icir.org 7.1-STABLE FreeBSD 7.1-STABLE #0: Thu Feb 5 > 22:36:40 > CET 2009 > marko@tpx32.icir.org:/u/marko/p4/zec/vimage_7/src/sys/i386/compile/VIMAGE > i386 > tpx32% pwd > /u/marko/tmp > tpx32% tar -xzf vimage_7_20090401.tgz > tpx32% cd src/sys/i386/conf/ > tpx32% config VIMAGE > tpx32% cd ../compile/VIMAGE/ > tpx32% make depend; make > tpx32% sudo make install > tpx32% cd ~/tmp/src/usr.sbin/vimage/ > tpx32% make clean; make > tpx32% sudo make install > > Let me know if that doesn't work... In fact, it *does* work, thank you. I mistook the tar to be a patch to copy over an existing tree which obviously did not work out as I expected. So, how's that: Copyright (c) 1992-2009 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 7.2-PRERELEASE #0: Sat Apr 25 08:22:26 UTC 2009 root@netserv.ka.cornelius:/usr/src.VIMAGE_20090401/sys/i386/compile/VNETSERV Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel Pentium III (1004.52-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x686 Stepping = 6 Features=0x383fbff real memory = 1610596352 (1535 MB) avail memory = 1568624640 (1495 MB) ACPI APIC Table: FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs cpu0 (BSP): APIC ID: 3 cpu1 (AP): APIC ID: 0 (...) So, I suppose it's further reading time and then I'll go and set up a couple of vimages and see what it does... :) Thanks again, Peter. -- Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger01 From owner-freebsd-net@FreeBSD.ORG Sat Apr 25 13:33:16 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 21EB61065672 for ; Sat, 25 Apr 2009 13:33:16 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63904.mail.re1.yahoo.com (web63904.mail.re1.yahoo.com [69.147.97.119]) by mx1.freebsd.org (Postfix) with SMTP id CD7758FC1B for ; Sat, 25 Apr 2009 13:33:15 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 83697 invoked by uid 60001); 25 Apr 2009 13:33:15 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1240666395; bh=UJ5f15wZqgwy9f6vpTUpi3zaZ325I2GeTX5B1aeUgi4=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=E3kTLHUoAHf0PPGqwlxfbsajx44navFel38GOaWiZE71R60CqfJxuhVgWPWEILT8ovJ5Mg5e9YA+9Au6c/6FzaY8GQmV+f31536pphqJKaqWwWV3SaqfeL0T1OpH8OLkkraf+POJxK4CjgU6+IKOU/Iu3z9JRWhhqZOlWqGJFeA= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=JQU+wwHMTDWWiAsbbDCScd8HNqYojDorX7ckN88TFlNYLmRIswfeWivtr8NfVQCvqqhYT4Jyi/FxoT4zoe1HjqczvsWr9oNSXpyOCkshuEDBHz5zaz1ivkbwd5w3Fa7+7f/xnAWiQnKtB26fq09zeMgokhxk0QWsvFvOyRxKnh8=; Message-ID: <160513.83122.qm@web63904.mail.re1.yahoo.com> X-YMail-OSG: nYap4CkVM1lr75isSGa8eGg3Kj_j.khrtHZcznNxEX.XXHXJo1GqMowwQXChLCukUlisUwTs2aw84iTJb_wLNvKiKCXKEGylYukYkUoJC8SFQtK2DPtTfzO_kiouvGvlnzFfK4X3YQccDFe7aYBnXMsnR4DS.SFpGCcVnGccyCf6bP6Ksm8NNacwexezTjdojYvenc1Iyn9o5lpXfzb_J0Hzrqdn2VyUB6bOGDfC1orgfi_Y81H3FdvugGaEAkNdjr0LnKYH.HCH2hVi7lcnK0n8e5nzekjzX5Ss8WO5pfZyTemQpURqRmZxNiBedQ5u3Q50a3bB_uYnHCs- Received: from [98.242.223.106] by web63904.mail.re1.yahoo.com via HTTP; Sat, 25 Apr 2009 06:33:15 PDT X-Mailer: YahooMailWebService/0.7.289.1 Date: Sat, 25 Apr 2009 06:33:15 -0700 (PDT) From: Barney Cordoba To: Ed Maste In-Reply-To: <20090424174208.GA76828@jem.dhs.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-net@freebsd.org Subject: Re: Interrupts + Polling mode (similar to Linux's NAPI) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: barney_cordoba@yahoo.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Apr 2009 13:33:16 -0000 --- On Fri, 4/24/09, Ed Maste wrote: > From: Ed Maste > Subject: Re: Interrupts + Polling mode (similar to Linux's NAPI) > To: "Barney Cordoba" > Cc: freebsd-net@freebsd.org > Date: Friday, April 24, 2009, 1:42 PM > On Fri, Apr 24, 2009 at 08:03:52AM -0700, Barney Cordoba > wrote: > > > Actually, the "advantage of using > interrupts" is to have a per > > NIC control without having all of the extra code to > implement > > polling. Using variable interrupt moderation is much > more desirable > > and efficient, so polling is only useful for legacy > NICs with no > > controls on interrupt delays. > > I'm aware of the advantages and tradeoffs of the > various approaches, > and the shortcomings of our current polling infrastructure, > probably > the greatest of which is the lack of any parallelism. That > said, in > testing some time ago polling with the modifications I > alluded to in > my email, using em(4), gave the highest throughput of all > approaches. > (At the expence of latency, as expected.) > > In addition, having a standardized polling interface allows > for use of > the interface when the system is not fully running -- > network > crashdumps, for instance. > > We can certainly use improvements in the polling > infrastructure though, > at least allowing it to properly take advantage of SMP. > The KPI change > proposed here is to allow some of those improvements, > should they > happen, to be MFC'd to 8. > > -Ed "highest performance" measured in what way, and in comparision to what set of moderation controls? Did your "tests" consider that polling implements a direct method of managing the NIC while interrupts use the highly questionable method of launching tasks? If you didn't test against interrupt methods that manage the NIC in the same way then you've compared apples to oranges. The proper way to do it would be to have your interrupt routine call the polling function (ie using the moderated interrupt to initiate the poll). Barney From owner-freebsd-net@FreeBSD.ORG Sat Apr 25 19:10:04 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 576B7106566C for ; Sat, 25 Apr 2009 19:10:04 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 318658FC0C for ; Sat, 25 Apr 2009 19:10:04 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id C2BE546B32; Sat, 25 Apr 2009 15:10:03 -0400 (EDT) Date: Sat, 25 Apr 2009 20:10:03 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: pluknet In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: FreeBSD Net Subject: Re: panic in soabort X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Apr 2009 19:10:04 -0000 On Fri, 24 Apr 2009, pluknet wrote: > 2009/4/23 Robert Watson : >> On Thu, 23 Apr 2009, pluknet wrote: >> >>> Please, give me comment on this. The panic is on 6.2-REL. Is it known to >>> be fixed in the latter releases? >> >> It may well be -- there have been quite significant architectural >> improvements to socket life cycle (etc) between 6.2 and 7.x releases, which >> may well close the race causing this panic. However, we'll probably need >> to learn a bit more in order to decide for sure. Could you convert the >> trapping instruction pointer to file+offset in the source code? > > Looks I've lost the corresponding kernel.debug. Anyway I have such bt the > first time. If you run into this again, let me know. Also, are you using accept filters on the box? Robert N M Watson Computer Laboratory University of Cambridge From owner-freebsd-net@FreeBSD.ORG Sat Apr 25 19:51:34 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7CC951065675; Sat, 25 Apr 2009 19:51:34 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.185]) by mx1.freebsd.org (Postfix) with ESMTP id D23FB8FC1D; Sat, 25 Apr 2009 19:51:33 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: by mu-out-0910.google.com with SMTP id w9so630918mue.3 for ; Sat, 25 Apr 2009 12:51:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=NYO2AB8i+iqlccTMKpMxobKczR3qCO7aff4nYxGrubc=; b=Xpa8gdCO/+JqYZaDgDxMSvEs//abwVVa3sUaTloF1R5nkOVRwEeRJ8X19EYsO5smdy dX1TRV/yMj/oQafCKJAjzkm6WKUscCtUS8m9ixsU8ZD2zyfC+B5kV1OGg7fprLUVW8U2 nZaFqwXd8GGiX8yyIDXNp8F6rrIgJXL+Dt5o8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=hR+aZ27mIAItYV0ElGiHPvn/AlpT0765PitB3uplD8sWb/MZwM+DJTVJuKR3eWXx5a o9PLqFkF6hn/NccC5K8B1A2DXKQ7MvQb2H7RLTN68/DGFCnZRc9IJtgWhR7/SrChjcUr yUB2HIlKq2TNI+XpG2DwzxTsC94qLb9wWWrE4= MIME-Version: 1.0 Received: by 10.103.240.15 with SMTP id s15mr2135863mur.93.1240689092474; Sat, 25 Apr 2009 12:51:32 -0700 (PDT) In-Reply-To: References: Date: Sat, 25 Apr 2009 23:51:32 +0400 Message-ID: From: pluknet To: Robert Watson Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD Net Subject: Re: panic in soabort X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Apr 2009 19:51:34 -0000 2009/4/25 Robert Watson : > > On Fri, 24 Apr 2009, pluknet wrote: > >> 2009/4/23 Robert Watson : >>> >>> On Thu, 23 Apr 2009, pluknet wrote: >>> >>>> Please, give me comment on this. The panic is on 6.2-REL. Is it known to >>>> be fixed in the latter releases? >>> >>> It may well be -- there have been quite significant architectural >>> improvements to socket life cycle (etc) between 6.2 and 7.x releases, which >>> may well close the race causing this panic. However, we'll probably need to >>> learn a bit more in order to decide for sure. Could you convert the >>> trapping instruction pointer to file+offset in the source code? >> >> Looks I've lost the corresponding kernel.debug. Anyway I have such bt the >> first time. > > If you run into this again, let me know. Also, are you using accept filters > on the box? > [started to think about adding dumpdev="AUTO" to rc.conf]. Not on this one now, but we are going to massively switch to accf_http in some near future, if that would give us an appropriate gain. > Robert N M Watson > Computer Laboratory > University of Cambridge > -- wbr, pluknet