From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 06:51:48 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id A99B8106564A
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 06:51:48 +0000 (UTC)
(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
by mx1.freebsd.org (Postfix) with ESMTP id 5E0F88FC12
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 06:51:48 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
[67.180.24.15]) (authenticated bits=0)
by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q156pi74032659
(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
Sat, 4 Feb 2012 22:51:47 -0800 (PST)
(envelope-from julian@freebsd.org)
Message-ID: <4F2E274F.6000601@freebsd.org>
Date: Sat, 04 Feb 2012 22:53:03 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
rv:1.9.2.25) Gecko/20111213 Thunderbird/3.1.17
MIME-Version: 1.0
To: =?windows-1251?Q?=CA=EE=ED=FC=EA=EE=E2_=C5=E2=E3=E5=ED=E8=E9?=
<kes-kes@yandex.ru>
References: <67410574.20120202113314@yandex.ru>
In-Reply-To: <67410574.20120202113314@yandex.ru>
Content-Type: text/plain; charset=windows-1251; format=flowed
Content-Transfer-Encoding: 8bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 06:51:48 -0000
On 2/2/12 1:33 AM, Коньков Евгений wrote:
> this is the mine script which helps me keep my firewall very clean and safe.
>
> It is easy to understand even if you have a thousands rules, I think =)
>
> please comment.
>
> PS. If anybody may, please put into ports tree. thank you.
it would probably be get more response if it was in a file format we
had heard of.. like tar..
WTF is a ".rar" file?
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 07:11:58 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 730B4106566C
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 07:11:58 +0000 (UTC)
(envelope-from kob6558@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
by mx1.freebsd.org (Postfix) with ESMTP id 08A868FC13
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 07:11:57 +0000 (UTC)
Received: by wgbdq11 with SMTP id dq11so5261635wgb.31
for <multiple recipients>; Sat, 04 Feb 2012 23:11:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:cc:content-type:content-transfer-encoding;
bh=THY4H03XvMXBKl3BpvfQmRnAXqjBR+muNVoNkrblyXw=;
b=LI9dLwhSuHiGspVIZlW8kJKGNLizBsr0ht7wqGAhALLNkSmLpD+atagw/A9t5XiYf1
Ub5SsdkiQSVu4YLNUMAFxfl4SfRr8w+68uI+tau9KAiPO37/SPHPjkwGxmGkytdzpvz9
h5iA+q0xImn6LQ6LBzopo+SNKZX568d68sJ6M=
MIME-Version: 1.0
Received: by 10.181.12.106 with SMTP id ep10mr6263923wid.8.1328425916589; Sat,
04 Feb 2012 23:11:56 -0800 (PST)
Received: by 10.223.62.135 with HTTP; Sat, 4 Feb 2012 23:11:56 -0800 (PST)
In-Reply-To: <4F2E274F.6000601@freebsd.org>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
Date: Sat, 4 Feb 2012 23:11:56 -0800
Message-ID: <CAN6yY1vP2mRHWVcj6W_zEWJwqf_7=9tHZXWFbnSKKK3QbyfqKg@mail.gmail.com>
From: Kevin Oberman <kob6558@gmail.com>
To: Julian Elischer <julian@freebsd.org>
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-net@freebsd.org,
=?KOI8-R?B?68/O2MvP1yDl18fFzsnK?= <kes-kes@yandex.ru>,
freebsd-questions@freebsd.org
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 07:11:58 -0000
2012/2/4 Julian Elischer <julian@freebsd.org>:
> On 2/2/12 1:33 AM, =EB=CF=CE=D8=CB=CF=D7 =E5=D7=C7=C5=CE=C9=CA wrote:
>>
>> this is the mine script which helps me keep my firewall very clean and
>> safe.
>>
>> It is easy to understand even if you have a thousands rules, I think =3D=
)
>>
>> please comment.
>>
>> PS. If anybody may, please put into ports tree. thank you.
>
>
> it would probably be get more response if it was in a file format we had
> heard of.. like tar..
>
> WTF is a ".rar" =9Afile?
rar is a compression and archiving tool used commonly for bittorrent.
The tool to extract files is in port archivers/rar, but it's
commercial and a proprietary format. The free tool is only capable of
extracting, not compressing. It is reported that its compression is
very good, better than bzip2, xz and can even do a reasonable job of
compressing things like already compressed video formats. (Probably
why it became popular for bittorrent.)
R. Kevin Oberman, Network Engineer
E-mail: kob6558@gmail.com
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 07:14:19 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id C0953106566B;
Sun, 5 Feb 2012 07:14:19 +0000 (UTC)
(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
by mx1.freebsd.org (Postfix) with ESMTP id 9229A8FC12;
Sun, 5 Feb 2012 07:14:19 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
[67.180.24.15]) (authenticated bits=0)
by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q157EH0B032730
(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
Sat, 4 Feb 2012 23:14:18 -0800 (PST)
(envelope-from julian@freebsd.org)
Message-ID: <4F2E2C97.7000400@freebsd.org>
Date: Sat, 04 Feb 2012 23:15:35 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
rv:1.9.2.25) Gecko/20111213 Thunderbird/3.1.17
MIME-Version: 1.0
To: =?windows-1251?Q?=CA=EE=ED=FC=EA=EE=E2_=C5=E2=E3=E5=ED=E8=E9?=
<kes-kes@yandex.ru>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
In-Reply-To: <4F2E274F.6000601@freebsd.org>
Content-Type: text/plain; charset=windows-1251; format=flowed
Content-Transfer-Encoding: 8bit
Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 07:14:19 -0000
On 2/4/12 10:53 PM, Julian Elischer wrote:
> On 2/2/12 1:33 AM, Коньков Евгений wrote:
>> this is the mine script which helps me keep my firewall very clean
>> and safe.
>>
>> It is easy to understand even if you have a thousands ruBTWles, I
>> think =)
>>
>> please comment.
>>
>> PS. If anybody may, please put into ports tree. thank you.
>
> it would probably be get more response if it was in a file format we
> had heard of.. like tar..
>
> WTF is a ".rar" file?
BTW the "stuffit" expander on a Mac seems to be able to handle it..
I can see that this would allow you to manage very complex rule sets
while keeping errors under control.
I find the syntax hard to follow however
I guess that comes from it being a relatively simple perl script
doing the work.
it would be nice to get rid of the line numbers entirely in the
specifications
and allow the program to completely specify them using symbolic
definitions instead.
>
>>
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
>
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 09:48:11 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 291EB1065674;
Sun, 5 Feb 2012 09:48:11 +0000 (UTC)
(envelope-from kes-kes@yandex.ru)
Received: from forward7.mail.yandex.net (forward7.mail.yandex.net
[IPv6:2a02:6b8:0:202::2])
by mx1.freebsd.org (Postfix) with ESMTP id 084828FC17;
Sun, 5 Feb 2012 09:48:09 +0000 (UTC)
Received: from smtp6.mail.yandex.net (smtp6.mail.yandex.net [77.88.61.56])
by forward7.mail.yandex.net (Yandex) with ESMTP id 4DE0F1C10D1;
Sun, 5 Feb 2012 13:48:07 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
t=1328435287; bh=xKvRvSVjZbtpkUI6+2YQ8T11u8z+5wiColiZrU0o/HI=;
h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To:
References:MIME-Version:Content-Type;
b=kAQmGMy3EzzAMlWL51mmwjvOzS0zd19nKgHIbocgj7WIAfq53DJcC/3l/f8QPCy1p
UrSyc6Hqz8+W2UlUZ69Nkcj60ybcLsKVrL9EW7V0h0p9mcG94h/7MZk1ieUFenuyLs
Mg53D44vFhKrDm1ahEKBdXa85O3JpyFN9bqHqBUA=
Received: from smtp6.mail.yandex.net (localhost [127.0.0.1])
by smtp6.mail.yandex.net (Yandex) with ESMTP id 1AFCB1640481;
Sun, 5 Feb 2012 13:48:07 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
t=1328435287; bh=xKvRvSVjZbtpkUI6+2YQ8T11u8z+5wiColiZrU0o/HI=;
h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To:
References:MIME-Version:Content-Type;
b=kAQmGMy3EzzAMlWL51mmwjvOzS0zd19nKgHIbocgj7WIAfq53DJcC/3l/f8QPCy1p
UrSyc6Hqz8+W2UlUZ69Nkcj60ybcLsKVrL9EW7V0h0p9mcG94h/7MZk1ieUFenuyLs
Mg53D44vFhKrDm1ahEKBdXa85O3JpyFN9bqHqBUA=
Received: from unknown (unknown [77.93.52.20])
by smtp6.mail.yandex.net (nwsmtp/Yandex) with ESMTP id
m5GOkfm2-m5GCxR5c; Sun, 5 Feb 2012 13:48:05 +0400
X-Yandex-Spam: 1
Date: Sun, 5 Feb 2012 11:48:03 +0200
From: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= <kes-kes@yandex.ru>
X-Mailer: The Bat! (v4.0.24) Professional
Organization: =?windows-1251?B?188gyu7t/Oru4iwgRnJlZUxpbmU=?=
X-Priority: 3 (Normal)
Message-ID: <332302285.20120205114803@yandex.ru>
To: Julian Elischer <julian@freebsd.org>
In-Reply-To: <4F2E2C97.7000400@freebsd.org>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
<4F2E2C97.7000400@freebsd.org>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------ADB6AC35B07843"
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= <kes-kes@yandex.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 09:48:11 -0000
------------ADB6AC35B07843
Content-Type: text/plain; charset=windows-1251
Content-Transfer-Encoding: 8bit
Здравствуйте, Julian.
Вы писали 5 февраля 2012 г., 9:15:35:
JE> On 2/4/12 10:53 PM, Julian Elischer wrote:
>> On 2/2/12 1:33 AM, Коньков Евгений wrote:
>>> this is the mine script which helps me keep my firewall very clean
>>> and safe.
>>>
>>> It is easy to understand even if you have a thousands ruBTWles, I
>>> think =)
>>>
>>> please comment.
>>>
>>> PS. If anybody may, please put into ports tree. thank you.
>>
>> it would probably be get more response if it was in a file format we
>> had heard of.. like tar..
>>
>> WTF is a ".rar" file?
JE> BTW the "stuffit" expander on a Mac seems to be able to handle it..
JE> I can see that this would allow you to manage very complex rule sets
JE> while keeping errors under control.
JE> I find the syntax hard to follow however
JE> I guess that comes from it being a relatively simple perl script
JE> doing the work.
JE> it would be nice to get rid of the line numbers entirely in the
JE> specifications
JE> and allow the program to completely specify them using symbolic
JE> definitions instead.
can you give an example how it whould be better?
a documentation is weak a bit, if you have question be free to ask.
I will clear that.
In tar format as you ask.
--
С уважением,
Коньков mailto:kes-kes@yandex.ru
------------ADB6AC35B07843--
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 12:18:17 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 84115106566B
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 12:18:17 +0000 (UTC)
(envelope-from btillman99@yahoo.com)
Received: from nm36-vm2.bullet.mail.ne1.yahoo.com
(nm36-vm2.bullet.mail.ne1.yahoo.com [98.138.229.114])
by mx1.freebsd.org (Postfix) with SMTP id 4334B8FC0A
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 12:18:17 +0000 (UTC)
Received: from [98.138.90.51] by nm36.bullet.mail.ne1.yahoo.com with NNFMP;
05 Feb 2012 12:05:14 -0000
Received: from [98.138.89.246] by tm4.bullet.mail.ne1.yahoo.com with NNFMP;
05 Feb 2012 12:05:14 -0000
Received: from [127.0.0.1] by omp1060.mail.ne1.yahoo.com with NNFMP;
05 Feb 2012 12:05:14 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 307951.26888.bm@omp1060.mail.ne1.yahoo.com
Received: (qmail 42442 invoked by uid 60001); 5 Feb 2012 12:05:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024;
t=1328443513; bh=5O0Z+BW/bT6oDsPGN3I4vK5TAYSWn1pGrCW3mJmaSQs=;
h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type;
b=j77ErpiQzDghgDB5RDzcnysVStCaFUMwkYjw4uiMHlyuwyOno/U+L4m/7U279dDZvLUPVaB4PvkFk+UtUeg/gooY9tjrnRNRWeYKTk4t8tcbfflp+pyRW5jj14d0Ww3n/gl/JzOpRt2msvf7pePM3pZXEKAOv6Q1FxrjXSm9oBk=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type;
b=0dAz7fjbMLZ2GS5vyTdKghxer7NahS4qqb3nrA5ZVBQz4bfARdch0d5VuOEOsZTpx3BSOuYaj13DEcNbxBARiRfzNcebwfBuNDMCuO3VyoD6p1r8p5EdJr4PMuSu8jdcmJ+Ngn2GzhtiZBdgIkPwXDur5XeQBKAtD5zSERgTEGo=;
X-YMail-OSG: c9TAR0IVM1kRXHXqL43VzvX0XHDJ8ayr2qCzwUVDFekiL67
p6IYJfXdV62JpBbhTS6FaZZ7.QXLG9Wrc95anVvwp45ni3T1f3Urn9kL2C.m
Sw1LysW6smnP6GmoMSG3s.j3QKQ.5NXfwZL7K4HmiQTT81EBrBdkMwbUCpOG
mn4UUKWW8qyxgukiaBVdhjrvMBAE0waod9kBXu1sWl5MgsZ7WX6pMvy8d3N4
MuY_ie_N3zzSEDuFFvIKUJl2NhdM0TlC3ewGzCU7UrH2GnIYACkbzSC.m7cP
SkkKTmUZk8ftDR4096BORC.TKLbAWtlASJmCqRxIy8eXzKA3UWkLtlG72_9P
zaQYJuZUZtEY5amUFahwPLJUDCklCNvd7Br.gzaMq6RSYXoDc7zNgtbFCmZz
S23tMFKb2pq4LjiQ7JJgwB0Ovlqs7Pnr2_3iR5SQg8JKRH0EBJ8knGRjuPEt
lUx6Ql23urMBVz8QEdQeryQ--
Received: from [98.203.44.66] by web36505.mail.mud.yahoo.com via HTTP;
Sun, 05 Feb 2012 04:05:13 PST
X-Mailer: YahooMailWebService/0.8.116.331537
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
<4F2E2C97.7000400@freebsd.org>
Message-ID: <1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
Date: Sun, 5 Feb 2012 04:05:13 -0800 (PST)
From: Bill Tillman <btillman99@yahoo.com>
To: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
In-Reply-To: <4F2E2C97.7000400@freebsd.org>
MIME-Version: 1.0
X-Mailman-Approved-At: Sun, 05 Feb 2012 12:49:16 +0000
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Bill Tillman <btillman99@yahoo.com>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 12:18:17 -0000
=0A=0A=0AFrom: Julian Elischer <julian@freebsd.org>=0ATo: =D0=9A=D0=BE=D0=
=BD=D1=8C=D0=BA=D0=BE=D0=B2 =D0=95=D0=B2=D0=B3=D0=B5=D0=BD=D0=B8=D0=B9 <kes=
-kes@yandex.ru> =0ACc: freebsd-net@freebsd.org; freebsd-questions@freebsd.o=
rg =0ASent: Sunday, February 5, 2012 2:15 AM=0ASubject: Re: HowTo easy use =
IPFW=0A=0AOn 2/4/12 10:53 PM, Julian Elischer wrote:=0A> On 2/2/12 1:33 AM,=
=D0=9A=D0=BE=D0=BD=D1=8C=D0=BA=D0=BE=D0=B2 =D0=95=D0=B2=D0=B3=D0=B5=D0=BD=
=D0=B8=D0=B9 wrote:=0A>> this is the mine script which helps me keep my fir=
ewall very clean and safe.=0A>> =0A>> It is easy to understand even if you =
have a thousands ruBTWles, I think =3D)=0A>> =0A>> please comment.=0A>> =0A=
>> PS. If anybody may, please put into ports tree. thank you.=0A> =0A> it w=
ould probably be get more response if it was in a file format we had heard =
of.. like tar..=0A> =0A> WTF is a ".rar"=C2=A0 file?=0ABTW the=C2=A0 "stuff=
it" expander on a Mac seems to be able to handle it..=0A=0AI can see that t=
his would allow you to manage very complex rule sets while keeping errors u=
nder control.=0A=0AI find the syntax hard to follow however=0AI guess that =
comes from it being a relatively simple perl script doing the work.=0A=0Ait=
would be nice to get rid of the line numbers entirely in the specification=
s=0Aand allow the program to completely specify them using symbolic definit=
ions instead.=0A=0A=0A=0A> =0A>> =0A>> ____________________________________=
___________=0A>> freebsd-net@freebsd.org mailing list=0A>> http://lists.fre=
ebsd.org/mailman/listinfo/freebsd-net=0A>> To unsubscribe, send any mail to=
"freebsd-net-unsubscribe@freebsd.org"=0A> =0A> ___________________________=
____________________=0A> freebsd-net@freebsd.org mailing list=0A> http://li=
sts.freebsd.org/mailman/listinfo/freebsd-net=0A> To unsubscribe, send any m=
ail to "freebsd-net-unsubscribe@freebsd.org"=0A> =0A> =0A=0A_______________=
________________________________=0Afreebsd-questions@freebsd.org mailing li=
st=0Ahttp://lists.freebsd.org/mailman/listinfo/freebsd-questions=0ATo unsub=
scribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"=0A=0A=
=0A*.rar files have been aroung a long time. They are created by a program =
call Winrar. I never understood the need for this because every since M$ st=
arted including support for zip files built right into Windows Explorer the=
re's no need for additional compression utility. There are some studies whi=
ch show Winrar is a little more efficient with it's compression but with to=
day's 2 TB hard drive prices, disk space is not such a premium anymore. Fre=
eBSD actually has a port for it /"usr/ports/archivers/rar". I have found th=
at this program is mostly used by hackers on the bittorent sites who steal =
and distribute copyrighted software and transmit trojans and viruses so it'=
s been my habbit to avoid rar files. If someone I trust sends it I will ope=
n it but I don't plan on opening up this guy's ipfw rule set for that very =
reason. The other reason is that any rule set with 1,000 lines in it has go=
t to be over kill. The simplest advice I could offer here is this:=0A=0AThe=
only truly safe firewall ruleset consists of one rule and that is:=0A=0A=
=C2=A0deny all from any to any=0A=0AIf you must have Internet access, and w=
e all do then the next simplest rule set would be:=0A=0ABuild your kernel t=
o have IPFW deny all traffic by default=0AAllow only the ports you deem nec=
essary for your needs=0ADeny all other traffic=0A=0AAfter you've examined y=
our log files for a few weeks, turn off logging because it's usually just a=
bunch or crap from IP addresses in China, Amsterdam, or maybe an odd one h=
ere and there coming from another source, trying to hack into your computer=
. I have found over many years that it doesn't pay anything to know about a=
ll the attempted attacks. It only pays to stop them cold and the above simp=
le rule set will do just that.
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 15:14:35 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 4FB78106566B
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 15:14:35 +0000 (UTC)
(envelope-from kes-kes@yandex.ru)
Received: from forward4.mail.yandex.net (forward4.mail.yandex.net
[IPv6:2a02:6b8:0:602::4])
by mx1.freebsd.org (Postfix) with ESMTP id E7B288FC14
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 15:14:23 +0000 (UTC)
Received: from smtp1.mail.yandex.net (smtp1.mail.yandex.net [77.88.46.101])
by forward4.mail.yandex.net (Yandex) with ESMTP id EF3C4501A35;
Sun, 5 Feb 2012 19:14:21 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
t=1328454862; bh=gFEiFmqDjktwx7xVte+4y+FPPE2092+m/5WdovZS6CY=;
h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To:
References:MIME-Version:Content-Type;
b=SweMmM5vZ3LugYQxTcreu4igi2/b35LfF5Jc+cS08he+HvCVPsomx6m+5yM4ahysh
FaAZJKyoYVy2IbMXdFRwgOP/tVaZ6huKT+vh2QbLwMVuWVegf4up0tm/HcZG4iGtTZ
jCXVb4+AP3OS9zAMBRtmUsgfAWu3kpOF+cdxG/Mw=
Received: from smtp1.mail.yandex.net (localhost [127.0.0.1])
by smtp1.mail.yandex.net (Yandex) with ESMTP id BB97EAA0400;
Sun, 5 Feb 2012 19:14:21 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
t=1328454861; bh=gFEiFmqDjktwx7xVte+4y+FPPE2092+m/5WdovZS6CY=;
h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To:
References:MIME-Version:Content-Type;
b=qS1zB+FhvYOcBq3fhBtIMMHeUeMYh9YXHIT+XkeVYG4JfmsRGBdzrmGKOsl5TorfH
2w5YxBJpU+DVyCznN9cHz2alpBkGlInAxVjByyGDLGVPnrpyfna0Qwa4TTvIaUf7TU
cG5/5DTF6AufsEFqRbjemWQdq34muW60Vh2LYJ48=
Received: from unknown (unknown [77.93.52.19])
by smtp1.mail.yandex.net (nwsmtp/Yandex) with ESMTP id
EFUaRkLj-EFU4cu8i; Sun, 5 Feb 2012 19:14:15 +0400
X-Yandex-Spam: 1
Date: Sun, 5 Feb 2012 17:14:13 +0200
From: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= <kes-kes@yandex.ru>
X-Mailer: The Bat! (v4.0.24) Professional
Organization: =?utf-8?B?0KfQnyDQmtC+0L3RjNC60L7QsiwgRnJlZUxpbmU=?=
X-Priority: 3 (Normal)
Message-ID: <675283668.20120205171413@yandex.ru>
To: Bill Tillman <btillman99@yahoo.com>
In-Reply-To: <1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
<4F2E2C97.7000400@freebsd.org>
<1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------DC1E214C1A41B231"
X-Mailman-Approved-At: Sun, 05 Feb 2012 17:20:29 +0000
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?=
<kes-kes@yandex.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 15:14:35 -0000
------------DC1E214C1A41B231
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Здравствуйте, Bill.
Вы писали 5 февраля 2012 г., 14:05:13:
BT> From: Julian Elischer <julian@freebsd.org>
BT> To: Коньков Евгений <kes-kes@yandex.ru>
BT> Cc: freebsd-net@freebsd.org; freebsd-questions@freebsd.org
BT> Sent: Sunday, February 5, 2012 2:15 AM
BT> Subject: Re: HowTo easy use IPFW
BT> On 2/4/12 10:53 PM, Julian Elischer wrote:
>> On 2/2/12 1:33 AM, Коньков Евгений wrote:
>>> this is the mine script which helps me keep my firewall very clean and safe.
>>>
>>> It is easy to understand even if you have a thousands ruBTWles, I think
>>>
>>> please comment.
>>>
>>> PS. If anybody may, please put into ports tree. thank you.
>>
>> it would probably be get more response if it was in a file format we had heard of.. like tar..
>>
>> is a ".rar" file?
BT> BTW the "stuffit" expander on a Mac seems to be able to handle it..
BT> I can see that this would allow you to manage very complex rule
BT> sets while keeping errors under control.
BT> I find the syntax hard to follow however
BT> I guess that comes from it being a relatively simple perl script doing the work.
BT> it would be nice to get rid of the line numbers entirely in the specifications
BT> and allow the program to completely specify them using symbolic definitions instead.
>>
>>>
>>> _______________________________________________
>>> freebsd-net@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>>
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>>
>>
BT> _______________________________________________
BT> freebsd-questions@freebsd.org mailing list
BT> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
BT> To unsubscribe, send any mail to
BT> "freebsd-questions-unsubscribe@freebsd.org"
BT> *.rar files have been aroung a long time. They are created by a
BT> program call Winrar. I never understood the need for this because
BT> every since M$ started including support for zip files built right
BT> into Windows Explorer there's no need for additional compression
BT> utility. There are some studies which show Winrar is a little more
BT> efficient with it's compression but with today's 2 TB hard drive
BT> prices, disk space is not such a premium anymore. FreeBSD actually
BT> has a port for it /"usr/ports/archivers/rar". I have found that
BT> this program is mostly used by hackers on the bittorent sites who
BT> steal and distribute copyrighted software and transmit trojans and
BT> viruses so it's been my habbit to avoid rar files. If someone I
BT> trust sends it I will open it but I don't plan on opening up this
BT> guy's ipfw rule set for that very reason. The other reason is that
BT> any rule set with 1,000 lines in it has got to be over kill. The
BT> simplest advice I could offer here is this:
BT> The only truly safe firewall ruleset consists of one rule and that is:
BT> deny all from any to any
BT> If you must have Internet access, and we all do then the next simplest rule set would be:
BT> Build your kernel to have IPFW deny all traffic by default
BT> Allow only the ports you deem necessary for your needs
BT> Deny all other traffic
BT> After you've examined your log files for a few weeks, turn off
BT> logging because it's usually just a bunch or crap from IP
BT> addresses in China, Amsterdam, or maybe an odd one here and there
BT> coming from another source, trying to hack into your computer. I
BT> have found over many years that it doesn't pay anything to know
BT> about all the attempted attacks. It only pays to stop them cold
BT> and the above simple rule set will do just that.
yes, and I suggest same thing: first deny all and then allow only that
packets you want to pass. so I have next default rules:
65500 deny log ip from any to any
65535 deny ip from any to any
but for the router which has many interfaces and which has flat
firewall rules it is hard to keep it clean. Mine script allow to
separate rules for each interface to its own file
Simple example:
allow any trafic through vlan153
cat f_vlan153
#################
GOSUB
099 SPLIT
#################
#IN TRAFIC (100-499)
490 allow in recv $iface
#################
#out TRAFIC (500-899)
890 allow out xmit $iface
#################
# >=900 rules are reserved for other stuff
will be expanded as:
00999 skipto 8000 ip from any to any via vlan153
08099 skipto 8100 ip from any to any in recv vlan153
08099 skipto 8500 ip from any to any out xmit vlan153
08099 deny log ip from any to any via vlan153
08099 skipto 65000 ip from any to any
08490 allow ip from any to any in recv vlan153
08499 deny log ip from any to any via vlan153
08499 skipto 65000 ip from any to any
08890 allow ip from any to any out xmit vlan153
08899 deny log ip from any to any via vlan153
08899 skipto 65000 ip from any to any
and more complex:
nat packets that are going through vlan407, queue incoming trafic so
each host in lan will be shaped to 2Mbit/s for example.
allow some subnet and host from lan to access internet:
10.12.50.0/24 and 10.11.43.58
I.N.E.T - your external IP like '155.7.43.16'
cat f_pipes
c pipe 52 config bw 2097152bit/s mask dst-ip 0xffffffff gred 0.002/10/30/0.1
c queue 52 config pipe 12 queue 50 mask dst-ip 0xffffffff gred 0.002/10/30/0.1
cat f_vlan407
NAT ip I.N.E.T unreg_only reset
#################
GOSUB
099 SPLIT
#################
#IN TRAFIC (100-499)
256 NAT all from any to I.N.E.T in recv $iface
275 queue 52 all from any to any in recv $iface
490 allow in recv $iface
#################
#out TRAFIC (500-899)
757 NAT 101 all from 10.12.50.0/24 to any out xmit $iface
758 NAT 101 all from 10.11.8.12 to any out xmit $iface
890 allow out xmit $iface
#################
# >=900 rules are reserved for other stuff
will be expanded as:
00999 skipto 23000 ip from any to any via vlan407
23099 skipto 23100 ip from any to any in recv vlan407
23099 skipto 23500 ip from any to any out xmit vlan407
23099 deny log ip from any to any via vlan407
23099 skipto 65000 ip from any to any
23256 nat 101 ip from any to I.N.E.T in recv vlan407
23275 queue 52 ip from any to any in recv vlan407
23490 allow ip from any to any in recv vlan407
23499 deny log ip from any to any via vlan407
23499 skipto 65000 ip from any to any
23757 nat 101 ip from 10.12.50.0/24 to any out xmit vlan407
23758 nat 101 ip from 10.11.8.12 to any out xmit vlan407
23890 allow ip from any to any out xmit vlan407
23899 deny log ip from any to any via vlan407
23899 skipto 65000 ip from any to any
# ipfw nat show config
ipfw nat 101 config ip I.N.E.T unreg_only reset
--
С уважением,
РљРѕРЅСЊРєРѕРІ mailto:kes-kes@yandex.ru
------------DC1E214C1A41B231--
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 18:47:02 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 34ADE106566C
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 18:47:02 +0000 (UTC)
(envelope-from lists@eitanadler.com)
Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com
[209.85.215.182])
by mx1.freebsd.org (Postfix) with ESMTP id C01FC8FC0A
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 18:47:01 +0000 (UTC)
Received: by eaan10 with SMTP id n10so2611566eaa.13
for <freebsd-net@freebsd.org>; Sun, 05 Feb 2012 10:47:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=eitanadler.com; s=0xdeadbeef;
h=mime-version:in-reply-to:references:from:date:message-id:subject:to
:cc:content-type:content-transfer-encoding;
bh=BHE2V4GK77kI/6Uxt7wMCDODJEN0oT7uKkFI9qk1mzQ=;
b=G7TPHewGCcgZDcIC2nEOUPrxbo/DZidBxYWRcIzt6qsi6uY3Pk2V5D0HUb9nks6lqX
nAw3ABUAGwLuFBhxqHcyX+lpG2d9Xn11pbznV+T2HvkLaO4T4L0VUEtjTniF6IWQhg+X
t3wikpZxmdXmrFajCB+ItfrzuUGWxLZOYz3cg=
Received: by 10.213.16.199 with SMTP id p7mr2345674eba.141.1328465825233; Sun,
05 Feb 2012 10:17:05 -0800 (PST)
MIME-Version: 1.0
Received: by 10.14.28.1 with HTTP; Sun, 5 Feb 2012 10:16:35 -0800 (PST)
In-Reply-To: <1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
<4F2E2C97.7000400@freebsd.org>
<1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
From: Eitan Adler <lists@eitanadler.com>
Date: Sun, 5 Feb 2012 13:16:35 -0500
Message-ID: <CAF6rxgnni93wChmZME-_4DxaCiBt+dsvyVd3h2V1L=xpS=+Zog@mail.gmail.com>
To: Bill Tillman <btillman99@yahoo.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 18:47:02 -0000
On Sun, Feb 5, 2012 at 7:05 AM, Bill Tillman <btillman99@yahoo.com> wrote:
> The only truly safe firewall ruleset consists of one rule and that is:
>
> =C2=A0deny all from any to any
This ruleset is potentially a denial of service attack if the system
is intended to do certain useful things. You can't talk about "only
truly safe firewall ruleset" without also talking about your threat
model (and intended functionality).
--=20
Eitan Adler
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 18:50:08 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 54BD3106566B
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 18:50:08 +0000 (UTC)
(envelope-from mkurpel@gmail.com)
Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com
[209.85.215.182])
by mx1.freebsd.org (Postfix) with ESMTP id D3CF08FC0C
for <freebsd-net@freebsd.org>; Sun, 5 Feb 2012 18:50:07 +0000 (UTC)
Received: by eaan10 with SMTP id n10so2612579eaa.13
for <freebsd-net@freebsd.org>; Sun, 05 Feb 2012 10:50:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=message-id:date:from:user-agent:mime-version:to:subject
:content-type:content-transfer-encoding;
bh=fJsl5sO7uAs6NBWasn4uJfkElRwVyoJ0iyVdrtOIRGc=;
b=s1kwZYiw9ZD8N9GefUTxWWZ6csoGYSczhPacaQRZ6z8Hp2FZeFeOgencyKC8X2I0pE
DRB8n83mn5yKrID34M/cyHFaKt/1w5SzXcKmmQ6ED5GyaMmNrq9AYhBdsADukXDJ3Uq0
u4Iy3gfny6kMzGgMbzuQ3Kjfh64RGBPiY69NE=
Received: by 10.213.4.148 with SMTP id 20mr877498ebr.143.1328465945140;
Sun, 05 Feb 2012 10:19:05 -0800 (PST)
Received: from [172.17.17.17] (dial-95-105-196-185-orange.orange.sk.
[95.105.196.185])
by mx.google.com with ESMTPS id a58sm51092047eeb.8.2012.02.05.10.19.03
(version=SSLv3 cipher=OTHER); Sun, 05 Feb 2012 10:19:04 -0800 (PST)
Message-ID: <4F2EC816.6080102@gmail.com>
Date: Sun, 05 Feb 2012 19:19:02 +0100
From: Matej Kurpel <mkurpel@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Multicast BIND error in jail
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 18:50:08 -0000
Hello all,
I have problems running programs that need to receive multicast traffic
from the network in a jailed environment.
For example, a program udpxy I wanted to use, says:
"setup_mcast_listener: bind: Can't assign requested address".
This looks like jail restriction. Unfortunately, I have no access to the
jail host but I know people who have it. They also don't know how to
solve this problem so I can tell them the solution if you provide me
with any :) - please, does somebody know how to lift this restriction?
Uname -a inside jail says (if it helps):
FreeBSD mek 8.2-RELEASE-p1 FreeBSD 8.2-RELEASE-p1 #4: Thu May 12
06:36:55 CEST 2011
(removed)@(removed).sk:/usr/obj/usr/src/sys/GENERIC i386
If any other information is needed, just ask. Thanks in advance for all
responses,
M. Kurpel
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 19:38:27 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id D38721065776;
Sun, 5 Feb 2012 19:38:27 +0000 (UTC)
(envelope-from andrey@zonov.org)
Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com
[209.85.214.54])
by mx1.freebsd.org (Postfix) with ESMTP id 7C4268FC19;
Sun, 5 Feb 2012 19:38:26 +0000 (UTC)
Received: by bkbzx1 with SMTP id zx1so5829045bkb.13
for <multiple recipients>; Sun, 05 Feb 2012 11:38:25 -0800 (PST)
Received: by 10.204.145.155 with SMTP id d27mr6729477bkv.36.1328469304406;
Sun, 05 Feb 2012 11:15:04 -0800 (PST)
Received: from [10.254.254.77] (ppp95-165-159-250.pppoe.spdop.ru.
[95.165.159.250])
by mx.google.com with ESMTPS id e17sm34493830bkz.13.2012.02.05.11.15.03
(version=SSLv3 cipher=OTHER); Sun, 05 Feb 2012 11:15:04 -0800 (PST)
Message-ID: <4F2ED535.40606@zonov.org>
Date: Sun, 05 Feb 2012 23:15:01 +0400
From: Andrey Zonov <andrey@zonov.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru;
rv:1.8.1.24) Gecko/20100228 Thunderbird/2.0.0.24 Mnenhy/0.7.6.0
MIME-Version: 1.0
To: Hiroki Sato <hrs@FreeBSD.org>
References: <20120205.033532.381149506660559829.hrs@allbsd.org>
In-Reply-To: <20120205.033532.381149506660559829.hrs@allbsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: sem@FreeBSD.org, mark@mivok.net, net@FreeBSD.org
Subject: Re: [CFT] multiple FIB support in route(8)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 19:38:27 -0000
Hi,
What do you think about adding fib support for rc.subr like we got one
for nice?
On 04.02.2012 22:35, Hiroki Sato wrote:
> Hello,
>
> Can anyone review/test the attached patch to add "-fib number" option
> to route(8)? This should simplify static route configuration across
> multiple FIBs in rc.conf. Just adding an -fib option like the
> following will do the trick without changing rc.d/routing:
>
> static_routes="foo bar"
> route_foo="10.1.1.1/24 192.168.2.1 -fib 2"
> route_bar="10.1.1.1/24 192.168.2.1 -fib 3"
>
> The -fib option is supported in all subcommands but monitor.
>
> -- Hiroki
--
Andrey Zonov
From owner-freebsd-net@FreeBSD.ORG Sun Feb 5 20:05:09 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 8A82A106566B;
Sun, 5 Feb 2012 20:05:09 +0000 (UTC)
(envelope-from 000.fbsd@quip.cz)
Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4])
by mx1.freebsd.org (Postfix) with ESMTP id 3E11F8FC1C;
Sun, 5 Feb 2012 20:05:08 +0000 (UTC)
Received: from elsa.codelab.cz (localhost [127.0.0.1])
by elsa.codelab.cz (Postfix) with ESMTP id 554C52842E;
Sun, 5 Feb 2012 20:49:33 +0100 (CET)
Received: from [192.168.1.2] (ip-86-49-61-235.net.upcbroadband.cz
[86.49.61.235])
(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
(No client certificate requested)
by elsa.codelab.cz (Postfix) with ESMTPSA id 2CADD28424;
Sun, 5 Feb 2012 20:49:32 +0100 (CET)
Message-ID: <4F2EDD4B.3010307@quip.cz>
Date: Sun, 05 Feb 2012 20:49:31 +0100
From: Miroslav Lachman <000.fbsd@quip.cz>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
rv:1.9.1.19) Gecko/20110420 Lightning/1.0b1 SeaMonkey/2.0.14
MIME-Version: 1.0
To: Andrey Zonov <andrey@zonov.org>
References: <20120205.033532.381149506660559829.hrs@allbsd.org>
<4F2ED535.40606@zonov.org>
In-Reply-To: <4F2ED535.40606@zonov.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Hiroki Sato <hrs@FreeBSD.org>, mark@mivok.net, net@FreeBSD.org,
sem@FreeBSD.org
Subject: Re: [CFT] multiple FIB support in route(8)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 20:05:09 -0000
Andrey Zonov wrote:
> Hi,
>
> What do you think about adding fib support for rc.subr like we got one
> for nice?
There are PRs with patches for rc.subr for a long time without attention.
Same as with PR's adding suport for cpuset.
I don't understand why we are having some really useful tools in base
without support in rc.conf
> On 04.02.2012 22:35, Hiroki Sato wrote:
>> Hello,
>>
>> Can anyone review/test the attached patch to add "-fib number" option
>> to route(8)? This should simplify static route configuration across
>> multiple FIBs in rc.conf. Just adding an -fib option like the
>> following will do the trick without changing rc.d/routing:
>>
>> static_routes="foo bar"
>> route_foo="10.1.1.1/24 192.168.2.1 -fib 2"
>> route_bar="10.1.1.1/24 192.168.2.1 -fib 3"
>>
>> The -fib option is supported in all subcommands but monitor.
>>
>> -- Hiroki
From owner-freebsd-net@FreeBSD.ORG Mon Feb 6 11:07:08 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 5B0E7106567A
for <freebsd-net@FreeBSD.org>; Mon, 6 Feb 2012 11:07:08 +0000 (UTC)
(envelope-from owner-bugmaster@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id 47ED18FC2A
for <freebsd-net@FreeBSD.org>; Mon, 6 Feb 2012 11:07:08 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q16B782c007891
for <freebsd-net@FreeBSD.org>; Mon, 6 Feb 2012 11:07:08 GMT
(envelope-from owner-bugmaster@FreeBSD.org)
Received: (from gnats@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q16B77lb007889
for freebsd-net@FreeBSD.org; Mon, 6 Feb 2012 11:07:07 GMT
(envelope-from owner-bugmaster@FreeBSD.org)
Date: Mon, 6 Feb 2012 11:07:07 GMT
Message-Id: <201202061107.q16B77lb007889@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: gnats set sender to
owner-bugmaster@FreeBSD.org using -f
From: FreeBSD bugmaster <bugmaster@FreeBSD.org>
To: freebsd-net@FreeBSD.org
Cc:
Subject: Current problem reports assigned to freebsd-net@FreeBSD.org
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2012 11:07:08 -0000
Note: to view an individual PR, use:
http://www.freebsd.org/cgi/query-pr.cgi?pr=(number).
The following is a listing of current problems submitted by FreeBSD users.
These represent problem reports covering all versions including
experimental development code and obsolete releases.
S Tracker Resp. Description
--------------------------------------------------------------------------------
o kern/164696 net [netinet] [patch] [panic] VIMAGE + carp panics the ker
o kern/164569 net [msk] [hang] msk network driver cause freeze in FreeBS
o kern/164495 net [igb] connect double head igb to switch cause system t
o kern/164490 net [pfil] Incorrect IP checksum on pfil pass from ip_outp
o kern/164475 net [gre] gre misses RUNNING flag after a reboot
o kern/164400 net [ipsec] immediate crash after the start of ipsec proce
o kern/164265 net [netinet] [patch] tcp_lro_rx computes wrong checksum i
o kern/163903 net [igb] "igb0:tx(0)","bpf interface lock" v2.2.5 9-STABL
o kern/163481 net freebsd do not add itself to ping route packet
o kern/162927 net [tun] Modem-PPP error ppp[1538]: tun0: Phase: Clearing
o kern/162926 net [ipfilter] Infinite loop in ipfilter with fragmented I
o kern/162558 net [dummynet] [panic] seldom dummynet panics
o kern/162509 net [re] [panic] Kernel panic may be related to if_re.c (r
o kern/162352 net [patch] Enhancement: add SO_PROTO to socket.h
o kern/162153 net [em] intel em driver 7.2.4 don't compile
o kern/162110 net [igb] [panic] RELENG_9 panics on boot in IGB driver -
o kern/162028 net [ixgbe] [patch] misplaced #endif in ixgbe.c
o kern/161899 net [route] ntpd(8): Repeating RTM_MISS packets causing hi
o kern/161381 net [re] RTL8169SC - re0: PHY write failed
o kern/161277 net [em] [patch] BMC cannot receive IPMI traffic after loa
o kern/160873 net [igb] igb(4) from HEAD fails to build on 7-STABLE
o kern/160750 net Intel PRO/1000 connection breaks under load until rebo
o kern/160693 net [gif] [em] Multicast packet are not passed from GIF0 t
o kern/160420 net [msk] phy write timeout on HP 5310m
o kern/160293 net [ieee80211] ppanic] kernel panic during network setup
o kern/160206 net [gif] gifX stops working after a while (IPv6 tunnel)
o kern/159817 net [udp] write UDPv4: No buffer space available (code=55)
o kern/159795 net [tcp] excessive duplicate ACKs and TCP session freezes
o kern/159629 net [ipsec] [panic] kernel panic with IPsec in transport m
o kern/159621 net [tcp] [panic] panic: soabort: so_count
o kern/159603 net [netinet] [patch] in_ifscrubprefix() - network route c
o kern/159601 net [netinet] [patch] in_scrubprefix() - loopback route re
o kern/159294 net [em] em watchdog timeouts
o kern/159203 net [wpi] Intel 3945ABG Wireless LAN not support IBSS
o kern/158930 net [bpf] BPF element leak in ifp->bpf_if->bif_dlist
o kern/158726 net [ip6] [patch] ICMPv6 Router Announcement flooding limi
o kern/158694 net [ix] [lagg] ix0 is not working within lagg(4)
o kern/158665 net [ip6] [panic] kernel pagefault in in6_setscope()
o kern/158635 net [em] TSO breaks BPF packet captures with em driver
f kern/157802 net [dummynet] [panic] kernel panic in dummynet
o kern/157785 net amd64 + jail + ipfw + natd = very slow outbound traffi
o kern/157429 net [re] Realtek RTL8169 doesn't work with re(4)
o kern/157418 net [em] em driver lockup during boot on Supermicro X9SCM-
o kern/157410 net [ip6] IPv6 Router Advertisements Cause Excessive CPU U
o kern/157287 net [re] [panic] INVARIANTS panic (Memory modified after f
o kern/157209 net [ip6] [patch] locking error in rip6_input() (sys/netin
o kern/157200 net [network.subr] [patch] stf(4) can not communicate betw
o kern/157182 net [lagg] lagg interface not working together with epair
o kern/156877 net [dummynet] [panic] dummynet move_pkt() null ptr derefe
o kern/156667 net [em] em0 fails to init on CURRENT after March 17
o kern/156408 net [vlan] Routing failure when using VLANs vs. Physical e
o kern/156328 net [icmp]: host can ping other subnet but no have IP from
o kern/156317 net [ip6] Wrong order of IPv6 NS DAD/MLD Report
o kern/156283 net [ip6] [patch] nd6_ns_input - rtalloc_mpath does not re
o kern/156279 net [if_bridge][divert][ipfw] unable to correctly re-injec
o kern/156226 net [lagg]: failover does not announce the failover to swi
o kern/156030 net [ip6] [panic] Crash in nd6_dad_start() due to null ptr
o kern/155772 net ifconfig(8): ioctl (SIOCAIFADDR): File exists on direc
o kern/155680 net [multicast] problems with multicast
s kern/155642 net [request] Add driver for Realtek RTL8191SE/RTL8192SE W
o kern/155597 net [panic] Kernel panics with "sbdrop" message
o kern/155420 net [vlan] adding vlan break existent vlan
o kern/155177 net [route] [panic] Panic when inject routes in kernel
o kern/155030 net [igb] igb(4) DEVICE_POLLING does not work with carp(4)
o kern/155010 net [msk] ntfs-3g via iscsi using msk driver cause kernel
o kern/154943 net [gif] ifconfig gifX create on existing gifX clears IP
s kern/154851 net [request]: Port brcm80211 driver from Linux to FreeBSD
o kern/154850 net [netgraph] [patch] ng_ether fails to name nodes when t
o kern/154679 net [em] Fatal trap 12: "em1 taskq" only at startup (8.1-R
o kern/154600 net [tcp] [panic] Random kernel panics on tcp_output
o kern/154557 net [tcp] Freeze tcp-session of the clients, if in the gat
o kern/154443 net [if_bridge] Kernel module bridgestp.ko missing after u
o kern/154286 net [netgraph] [panic] 8.2-PRERELEASE panic in netgraph
o kern/154255 net [nfs] NFS not responding
o kern/154214 net [stf] [panic] Panic when creating stf interface
o kern/154185 net race condition in mb_dupcl
o kern/154169 net [multicast] [ip6] Node Information Query multicast add
o kern/154134 net [ip6] stuck kernel state in LISTEN on ipv6 daemon whic
o kern/154091 net [netgraph] [panic] netgraph, unaligned mbuf?
o conf/154062 net [vlan] [patch] change to way of auto-generatation of v
o kern/153937 net [ral] ralink panics the system (amd64 freeBSDD 8.X) wh
o kern/153936 net [ixgbe] [patch] MPRC workaround incorrectly applied to
o kern/153816 net [ixgbe] ixgbe doesn't work properly with the Intel 10g
o kern/153772 net [ixgbe] [patch] sysctls reference wrong XON/XOFF varia
o kern/153497 net [netgraph] netgraph panic due to race conditions
o kern/153454 net [patch] [wlan] [urtw] Support ad-hoc and hostap modes
o kern/153308 net [em] em interface use 100% cpu
o kern/153244 net [em] em(4) fails to send UDP to port 0xffff
o kern/152893 net [netgraph] [panic] 8.2-PRERELEASE panic in netgraph
o kern/152853 net [em] tftpd (and likely other udp traffic) fails over e
o kern/152828 net [em] poor performance on 8.1, 8.2-PRE
o kern/152569 net [net]: Multiple ppp connections and routing table prob
o kern/152235 net [arp] Permanent local ARP entries are not properly upd
o kern/152141 net [vlan] [patch] encapsulate vlan in ng_ether before out
o kern/152036 net [libc] getifaddrs(3) returns truncated sockaddrs for n
o kern/151690 net [ep] network connectivity won't work until dhclient is
o kern/151681 net [nfs] NFS mount via IPv6 leads to hang on client with
o kern/151593 net [igb] [panic] Kernel panic when bringing up igb networ
o kern/150920 net [ixgbe][igb] Panic when packets are dropped with heade
o kern/150557 net [igb] igb0: Watchdog timeout -- resetting
o kern/150251 net [patch] [ixgbe] Late cable insertion broken
o kern/150249 net [ixgbe] Media type detection broken
o bin/150224 net ppp(8) does not reassign static IP after kill -KILL co
f kern/149969 net [wlan] [ral] ralink rt2661 fails to maintain connectio
o kern/149937 net [ipfilter] [patch] kernel panic in ipfilter IP fragmen
o kern/149643 net [rum] device not sending proper beacon frames in ap mo
o kern/149609 net [panic] reboot after adding second default route
o kern/149117 net [inet] [patch] in_pcbbind: redundant test
o kern/149086 net [multicast] Generic multicast join failure in 8.1
o kern/148018 net [flowtable] flowtable crashes on ia64
o kern/147912 net [boot] FreeBSD 8 Beta won't boot on Thinkpad i1300 11
o kern/147894 net [ipsec] IPv6-in-IPv4 does not work inside an ESP-only
o kern/147155 net [ip6] setfb not work with ipv6
o kern/146845 net [libc] close(2) returns error 54 (connection reset by
f kern/146792 net [flowtable] flowcleaner 100% cpu's core load
o kern/146719 net [pf] [panic] PF or dumynet kernel panic
o kern/146534 net [icmp6] wrong source address in echo reply
o kern/146427 net [mwl] Additional virtual access points don't work on m
o kern/146426 net [mwl] 802.11n rates not possible on mwl
o kern/146425 net [mwl] mwl dropping all packets during and after high u
f kern/146394 net [vlan] IP source address for outgoing connections
o bin/146377 net [ppp] [tun] Interface doesn't clear addresses when PPP
o kern/146358 net [vlan] wrong destination MAC address
o kern/146165 net [wlan] [panic] Setting bssid in adhoc mode causes pani
o kern/146082 net [ng_l2tp] a false invaliant check was performed in ng_
o kern/146037 net [panic] mpd + CoA = kernel panic
o kern/145825 net [panic] panic: soabort: so_count
o kern/145728 net [lagg] Stops working lagg between two servers.
p kern/145600 net TCP/ECN behaves different to CE/CWR than ns2 reference
f kern/144917 net [flowtable] [panic] flowtable crashes system [regressi
o kern/144882 net MacBookPro =>4.1 does not connect to BSD in hostap wit
o kern/144874 net [if_bridge] [patch] if_bridge frees mbuf after pfil ho
o conf/144700 net [rc.d] async dhclient breaks stuff for too many people
o kern/144616 net [nat] [panic] ip_nat panic FreeBSD 7.2
f kern/144315 net [ipfw] [panic] freebsd 8-stable reboot after add ipfw
o kern/144231 net bind/connect/sendto too strict about sockaddr length
o kern/143846 net [gif] bringing gif3 tunnel down causes gif0 tunnel to
s kern/143673 net [stf] [request] there should be a way to support multi
s kern/143666 net [ip6] [request] PMTU black hole detection not implemen
o kern/143622 net [pfil] [patch] unlock pfil lock while calling firewall
o kern/143593 net [ipsec] When using IPSec, tcpdump doesn't show outgoin
o kern/143591 net [ral] RT2561C-based DLink card (DWL-510) fails to work
o kern/143208 net [ipsec] [gif] IPSec over gif interface not working
o kern/143034 net [panic] system reboots itself in tcp code [regression]
o kern/142877 net [hang] network-related repeatable 8.0-STABLE hard hang
o kern/142774 net Problem with outgoing connections on interface with mu
o kern/142772 net [libc] lla_lookup: new lle malloc failed
o kern/142018 net [iwi] [patch] Possibly wrong interpretation of beacon-
o kern/141861 net [wi] data garbled with WEP and wi(4) with Prism 2.5
f kern/141741 net Etherlink III NIC won't work after upgrade to FBSD 8,
o kern/140742 net rum(4) Two asus-WL167G adapters cannot talk to each ot
o kern/140682 net [netgraph] [panic] random panic in netgraph
o kern/140634 net [vlan] destroying if_lagg interface with if_vlan membe
o kern/140619 net [ifnet] [patch] refine obsolete if_var.h comments desc
o kern/140346 net [wlan] High bandwidth use causes loss of wlan connecti
o kern/140142 net [ip6] [panic] FreeBSD 7.2-amd64 panic w/IPv6
o kern/140066 net [bwi] install report for 8.0 RC 2 (multiple problems)
o kern/139565 net [ipfilter] ipfilter ioctl SIOCDELST broken
o kern/139387 net [ipsec] Wrong lenth of PF_KEY messages in promiscuous
o bin/139346 net [patch] arp(8) add option to remove static entries lis
o kern/139268 net [if_bridge] [patch] allow if_bridge to forward just VL
p kern/139204 net [arp] DHCP server replies rejected, ARP entry lost bef
o kern/139117 net [lagg] + wlan boot timing (EBUSY)
o kern/139058 net [ipfilter] mbuf cluster leak on FreeBSD 7.2
o kern/138850 net [dummynet] dummynet doesn't work correctly on a bridge
o kern/138782 net [panic] sbflush_internal: cc 0 || mb 0xffffff004127b00
o kern/138688 net [rum] possibly broken on 8 Beta 4 amd64: able to wpa a
o kern/138678 net [lo] FreeBSD does not assign linklocal address to loop
o kern/138620 net [lagg] [patch] lagg port bpf-writes blocked
o kern/138407 net [gre] gre(4) interface does not come up after reboot
o kern/138332 net [tun] [lor] ifconfig tun0 destroy causes LOR if_adata/
o kern/138266 net [panic] kernel panic when udp benchmark test used as r
o kern/138177 net [ipfilter] FreeBSD crashing repeatedly in ip_nat.c:257
f kern/138029 net [bpf] [panic] periodically kernel panic and reboot
o kern/137881 net [netgraph] [panic] ng_pppoe fatal trap 12
p bin/137841 net [patch] wpa_supplicant(8) cannot verify SHA256 signed
p kern/137776 net [rum] panic in rum(4) driver on 8.0-BETA2
o bin/137641 net ifconfig(8): various problems with "vlan_device.vlan_i
o kern/137392 net [ip] [panic] crash in ip_nat.c line 2577
o kern/137372 net [ral] FreeBSD doesn't support wireless interface from
o kern/137089 net [lagg] lagg falsely triggers IPv6 duplicate address de
o bin/136994 net [patch] ifconfig(8) print carp mac address
o kern/136911 net [netgraph] [panic] system panic on kldload ng_bpf.ko t
o kern/136618 net [pf][stf] panic on cloning interface without unit numb
o kern/135502 net [periodic] Warning message raised by rtfree function i
o kern/134583 net [hang] Machine with jail freezes after random amount o
o kern/134531 net [route] [panic] kernel crash related to routes/zebra
o kern/134157 net [dummynet] dummynet loads cpu for 100% and make a syst
o kern/133969 net [dummynet] [panic] Fatal trap 12: page fault while in
o kern/133968 net [dummynet] [panic] dummynet kernel panic
o kern/133736 net [udp] ip_id not protected ...
o kern/133595 net [panic] Kernel Panic at pcpu.h:195
o kern/133572 net [ppp] [hang] incoming PPTP connection hangs the system
o kern/133490 net [bpf] [panic] 'kmem_map too small' panic on Dell r900
o kern/133235 net [netinet] [patch] Process SIOCDLIFADDR command incorre
f kern/133213 net arp and sshd errors on 7.1-PRERELEASE
o kern/133060 net [ipsec] [pfsync] [panic] Kernel panic with ipsec + pfs
o kern/132889 net [ndis] [panic] NDIS kernel crash on load BCM4321 AGN d
o conf/132851 net [patch] rc.conf(5): allow to setfib(1) for service run
o kern/132734 net [ifmib] [panic] panic in net/if_mib.c
o kern/132705 net [libwrap] [patch] libwrap - infinite loop if hosts.all
o kern/132672 net [ndis] [panic] ndis with rt2860.sys causes kernel pani
o kern/132554 net [ipl] There is no ippool start script/ipfilter magic t
o kern/132354 net [nat] Getting some packages to ipnat(8) causes crash
o kern/132277 net [crypto] [ipsec] poor performance using cryptodevice f
o kern/131781 net [ndis] ndis keeps dropping the link
o kern/131776 net [wi] driver fails to init
o kern/131753 net [altq] [panic] kernel panic in hfsc_dequeue
o kern/131601 net [ipfilter] [panic] 7-STABLE panic in nat_finalise (tcp
o bin/131567 net [socket] [patch] Update for regression/sockets/unix_cm
o bin/131365 net route(8): route add changes interpretation of network
f kern/130820 net [ndis] wpa_supplicant(8) returns 'no space on device'
o kern/130628 net [nfs] NFS / rpc.lockd deadlock on 7.1-R
o conf/130555 net [rc.d] [patch] No good way to set ipfilter variables a
o kern/130525 net [ndis] [panic] 64 bit ar5008 ndisgen-erated driver cau
o kern/130311 net [wlan_xauth] [panic] hostapd restart causing kernel pa
o kern/130109 net [ipfw] Can not set fib for packets originated from loc
f kern/130059 net [panic] Leaking 50k mbufs/hour
f kern/129719 net [nfs] [panic] Panic during shutdown, tcp_ctloutput: in
o kern/129517 net [ipsec] [panic] double fault / stack overflow
f kern/129508 net [carp] [panic] Kernel panic with EtherIP (may be relat
o kern/129219 net [ppp] Kernel panic when using kernel mode ppp
o kern/129197 net [panic] 7.0 IP stack related panic
o bin/128954 net ifconfig(8) deletes valid routes
o bin/128602 net [an] wpa_supplicant(8) crashes with an(4)
o kern/128448 net [nfs] 6.4-RC1 Boot Fails if NFS Hostname cannot be res
o bin/128295 net [patch] ifconfig(8) does not print TOE4 or TOE6 capabi
o bin/128001 net wpa_supplicant(8), wlan(4), and wi(4) issues
o kern/127826 net [iwi] iwi0 driver has reduced performance and connecti
o kern/127815 net [gif] [patch] if_gif does not set vlan attributes from
o kern/127724 net [rtalloc] rtfree: 0xc5a8f870 has 1 refs
f bin/127719 net [arp] arp: Segmentation fault (core dumped)
f kern/127528 net [icmp]: icmp socket receives icmp replies not owned by
p kern/127360 net [socket] TOE socket options missing from sosetopt()
o bin/127192 net routed(8) removes the secondary alias IP of interface
f kern/127145 net [wi]: prism (wi) driver crash at bigger traffic
o kern/126895 net [patch] [ral] Add antenna selection (marked as TBD)
o kern/126874 net [vlan]: Zebra problem if ifconfig vlanX destroy
o kern/126695 net rtfree messages and network disruption upon use of if_
o kern/126339 net [ipw] ipw driver drops the connection
o kern/126075 net [inet] [patch] internet control accesses beyond end of
o bin/125922 net [patch] Deadlock in arp(8)
o kern/125920 net [arp] Kernel Routing Table loses Ethernet Link status
o kern/125845 net [netinet] [patch] tcp_lro_rx() should make use of hard
o kern/125258 net [socket] socket's SO_REUSEADDR option does not work
o kern/125239 net [gre] kernel crash when using gre
o kern/124341 net [ral] promiscuous mode for wireless device ral0 looses
o kern/124225 net [ndis] [patch] ndis network driver sometimes loses net
o kern/124160 net [libc] connect(2) function loops indefinitely
o kern/124021 net [ip6] [panic] page fault in nd6_output()
o kern/123968 net [rum] [panic] rum driver causes kernel panic with WPA.
o kern/123892 net [tap] [patch] No buffer space available
o kern/123890 net [ppp] [panic] crash & reboot on work with PPP low-spee
o kern/123858 net [stf] [patch] stf not usable behind a NAT
o kern/123796 net [ipf] FreeBSD 6.1+VPN+ipnat+ipf: port mapping does not
o kern/123758 net [panic] panic while restarting net/freenet6
o bin/123633 net ifconfig(8) doesn't set inet and ether address in one
o kern/123559 net [iwi] iwi periodically disassociates/associates [regre
o bin/123465 net [ip6] route(8): route add -inet6 <ipv6_addr> -interfac
o kern/123463 net [ipsec] [panic] repeatable crash related to ipsec-tool
o conf/123330 net [nsswitch.conf] Enabling samba wins in nsswitch.conf c
o kern/123160 net [ip] Panic and reboot at sysctl kern.polling.enable=0
o kern/122989 net [swi] [panic] 6.3 kernel panic in swi1: net
o kern/122954 net [lagg] IPv6 EUI64 incorrectly chosen for lagg devices
f kern/122780 net [lagg] tcpdump on lagg interface during high pps wedge
o kern/122685 net It is not visible passing packets in tcpdump(1)
o kern/122319 net [wi] imposible to enable ad-hoc demo mode with Orinoco
o kern/122290 net [netgraph] [panic] Netgraph related "kmem_map too smal
o kern/122033 net [ral] [lor] Lock order reversal in ral0 at bootup ieee
o bin/121895 net [patch] rtsol(8)/rtsold(8) doesn't handle managed netw
s kern/121774 net [swi] [panic] 6.3 kernel panic in swi1: net
o kern/121555 net [panic] Fatal trap 12: current process = 12 (swi1: net
o kern/121443 net [gif] [lor] icmp6_input/nd6_lookup
o kern/121437 net [vlan] Routing to layer-2 address does not work on VLA
o bin/121359 net [patch] [security] ppp(8): fix local stack overflow in
o kern/121257 net [tcp] TSO + natd -> slow outgoing tcp traffic
o kern/121181 net [panic] Fatal trap 3: breakpoint instruction fault whi
o kern/120966 net [rum] kernel panic with if_rum and WPA encryption
o kern/120566 net [request]: ifconfig(8) make order of arguments more fr
o kern/120304 net [netgraph] [patch] netgraph source assumes 32-bit time
o kern/120266 net [udp] [panic] gnugk causes kernel panic when closing U
o bin/120060 net routed(8) deletes link-level routes in the presence of
o kern/119945 net [rum] [panic] rum device in hostap mode, cause kernel
o kern/119791 net [nfs] UDP NFS mount of aliased IP addresses from a Sol
o kern/119617 net [nfs] nfs error on wpa network when reseting/shutdown
f kern/119516 net [ip6] [panic] _mtx_lock_sleep: recursed on non-recursi
o kern/119432 net [arp] route add -host <host> -iface <nic> causes arp e
o kern/119225 net [wi] 7.0-RC1 no carrier with Prism 2.5 wifi card [regr
o kern/118727 net [netgraph] [patch] [request] add new ng_pf module
o kern/117423 net [vlan] Duplicate IP on different interfaces
o bin/117339 net [patch] route(8): loading routing management commands
o kern/117271 net [tap] OpenVPN TAP uses 99% CPU on releng_6 when if_tap
o bin/116643 net [patch] [request] fstat(1): add INET/INET6 socket deta
o kern/116185 net [iwi] if_iwi driver leads system to reboot
o kern/115239 net [ipnat] panic with 'kmem_map too small' using ipnat
o kern/115019 net [netgraph] ng_ether upper hook packet flow stops on ad
o kern/115002 net [wi] if_wi timeout. failed allocation (busy bit). ifco
o kern/114915 net [patch] [pcn] pcn (sys/pci/if_pcn.c) ethernet driver f
o kern/113432 net [ucom] WARNING: attempt to net_add_domain(netgraph) af
o kern/112722 net [ipsec] [udp] IP v4 udp fragmented packet reject
o kern/112686 net [patm] patm driver freezes System (FreeBSD 6.2-p4) i38
o bin/112557 net [patch] ppp(8) lock file should not use symlink name
o kern/112528 net [nfs] NFS over TCP under load hangs with "impossible p
o kern/111537 net [inet6] [patch] ip6_input() treats mbuf cluster wrong
o kern/111457 net [ral] ral(4) freeze
o kern/110284 net [if_ethersubr] Invalid Assumption in SIOCSIFADDR in et
o kern/110249 net [kernel] [regression] [patch] setsockopt() error regre
o kern/109470 net [wi] Orinoco Classic Gold PC Card Can't Channel Hop
o bin/108895 net pppd(8): PPPoE dead connections on 6.2 [regression]
o kern/107944 net [wi] [patch] Forget to unlock mutex-locks
o conf/107035 net [patch] bridge(8): bridge interface given in rc.conf n
o kern/106444 net [netgraph] [panic] Kernel Panic on Binding to an ip to
o kern/106438 net [ipf] ipfilter: keep state does not seem to allow repl
o kern/106316 net [dummynet] dummynet with multipass ipfw drops packets
o kern/105945 net Address can disappear from network interface
s kern/105943 net Network stack may modify read-only mbuf chain copies
o bin/105925 net problems with ifconfig(8) and vlan(4) [regression]
o kern/104851 net [inet6] [patch] On link routes not configured when usi
o kern/104751 net [netgraph] kernel panic, when getting info about my tr
o kern/103191 net Unpredictable reboot
o kern/103135 net [ipsec] ipsec with ipfw divert (not NAT) encodes a pac
o kern/102540 net [netgraph] [patch] supporting vlan(4) by ng_fec(4)
o conf/102502 net [netgraph] [patch] ifconfig name does't rename netgrap
o kern/102035 net [plip] plip networking disables parallel port printing
o kern/101948 net [ipf] [panic] Kernel Panic Trap No 12 Page Fault - cau
o kern/100709 net [libc] getaddrinfo(3) should return TTL info
o kern/100519 net [netisr] suggestion to fix suboptimal network polling
o kern/98978 net [ipf] [patch] ipfilter drops OOW packets under 6.1-Rel
o kern/98597 net [inet6] Bug in FreeBSD 6.1 IPv6 link-local DAD procedu
o bin/98218 net wpa_supplicant(8) blacklist not working
o kern/97306 net [netgraph] NG_L2TP locks after connection with failed
o conf/97014 net [gif] gifconfig_gif? in rc.conf does not recognize IPv
f kern/96268 net [socket] TCP socket performance drops by 3000% if pack
o kern/95519 net [ral] ral0 could not map mbuf
o kern/95288 net [pppd] [tty] [panic] if_ppp panic in sys/kern/tty_subr
o kern/95277 net [netinet] [patch] IP Encapsulation mask_match() return
o kern/95267 net packet drops periodically appear
f kern/93378 net [tcp] Slow data transfer in Postfix and Cyrus IMAP (wo
o kern/93019 net [ppp] ppp and tunX problems: no traffic after restarti
o kern/92880 net [libc] [patch] almost rewritten inet_network(3) functi
s kern/92279 net [dc] Core faults everytime I reboot, possible NIC issu
o kern/91859 net [ndis] if_ndis does not work with Asus WL-138
s kern/91777 net [ipf] [patch] wrong behaviour with skip rule inside an
o kern/91364 net [ral] [wep] WF-511 RT2500 Card PCI and WEP
o kern/91311 net [aue] aue interface hanging
s kern/90086 net [hang] 5.4p8 on supermicro P8SCT hangs during boot if
o kern/87521 net [ipf] [panic] using ipfilter "auth" keyword leads to k
o kern/87421 net [netgraph] [panic]: ng_ether + ng_eiface + if_bridge
s kern/86920 net [ndis] ifconfig: SIOCS80211: Invalid argument [regress
o kern/86871 net [tcp] [patch] allocation logic for PCBs in TIME_WAIT s
o kern/86427 net [lor] Deadlock with FASTIPSEC and nat
o kern/86103 net [ipf] Illegal NAT Traversal in IPFilter
o kern/85780 net 'panic: bogus refcnt 0' in routing/ipv6
o bin/85445 net ifconfig(8): deprecated keyword to ifconfig inoperativ
p kern/85320 net [gre] [patch] possible depletion of kernel stack in ip
o bin/82975 net route change does not parse classfull network as given
o kern/82881 net [netgraph] [panic] ng_fec(4) causes kernel panic after
o kern/82468 net Using 64MB tcp send/recv buffers, trafficflow stops, i
o bin/82185 net [patch] ndp(8) can delete the incorrect entry
o kern/81095 net IPsec connection stops working if associated network i
o kern/78968 net FreeBSD freezes on mbufs exhaustion (network interface
o kern/78090 net [ipf] ipf filtering on bridged packets doesn't work if
o kern/77341 net [ip6] problems with IPV6 implementation
o kern/77273 net [ipf] ipfilter breaks ipv6 statefull filtering on 5.3
s kern/77195 net [ipf] [patch] ipfilter ioctl SIOCGNATL does not match
o kern/75873 net Usability problem with non-RFC-compliant IP spoof prot
s kern/75407 net [an] an(4): no carrier after short time
a kern/71474 net [route] route lookup does not skip interfaces marked d
o kern/71469 net default route to internet magically disappears with mu
o kern/70904 net [ipf] ipfilter ipnat problem with h323 proxy support
o kern/68889 net [panic] m_copym, length > size of mbuf chain
o kern/66225 net [netgraph] [patch] extend ng_eiface(4) control message
o kern/65616 net IPSEC can't detunnel GRE packets after real ESP encryp
s kern/60293 net [patch] FreeBSD arp poison patch
a kern/56233 net IPsec tunnel (ESP) over IPv6: MTU computation is wrong
s bin/41647 net ifconfig(8) doesn't accept lladdr along with inet addr
s kern/39937 net ipstealth issue
a kern/38554 net [patch] changing interface ipaddress doesn't seem to w
o kern/34665 net [ipf] [hang] ipfilter rcmd proxy "hangs".
o kern/31940 net ip queue length too short for >500kpps
o kern/31647 net [libc] socket calls can return undocumented EINVAL
o kern/30186 net [libc] getaddrinfo(3) does not handle incorrect servna
o kern/27474 net [ipf] [ppp] Interactive use of user PPP and ipfilter c
f kern/24959 net [patch] proper TCP_NOPUSH/TCP_CORK compatibility
o conf/23063 net [arp] [patch] for static ARP tables in rc.network
o kern/21998 net [socket] [patch] ident only for outgoing connections
o kern/5877 net [socket] sb_cc counts control data as well as data dat
387 problems total.
From owner-freebsd-net@FreeBSD.ORG Mon Feb 6 11:50:09 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id BF264106566B
for <freebsd-net@hub.freebsd.org>; Mon, 6 Feb 2012 11:50:09 +0000 (UTC)
(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id AE47A8FC08
for <freebsd-net@hub.freebsd.org>; Mon, 6 Feb 2012 11:50:09 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q16Bo9tP051684
for <freebsd-net@freefall.freebsd.org>; Mon, 6 Feb 2012 11:50:09 GMT
(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q16Bo9Op051683;
Mon, 6 Feb 2012 11:50:09 GMT (envelope-from gnats)
Date: Mon, 6 Feb 2012 11:50:09 GMT
Message-Id: <201202061150.q16Bo9Op051683@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Gleb Smirnoff <glebius@FreeBSD.org>
Cc:
Subject: Re: kern/164696: VIMAGE + carp panics the kernel
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Gleb Smirnoff <glebius@FreeBSD.org>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2012 11:50:09 -0000
The following reply was made to PR kern/164696; it has been noted by GNATS.
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Nikos Vassiliadis <nvass@gmx.com>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/164696: VIMAGE + carp panics the kernel
Date: Mon, 6 Feb 2012 15:47:41 +0400
--TakKZr9L6Hm6aLOc
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Hi, Nikos!
On Wed, Feb 01, 2012 at 10:40:35PM +0000, Nikos Vassiliadis wrote:
N> >Description:
N> Trying to use a carp interface in a VIMAGE enabled kernel, panics the kernel.
Can you please test another patch, that is attached?
--
Totus tuus, Glebius.
--TakKZr9L6Hm6aLOc
Content-Type: text/x-diff; charset=koi8-r
Content-Disposition: attachment; filename="164696.diff"
Index: ip_carp.c
===================================================================
--- ip_carp.c (revision 231067)
+++ ip_carp.c (working copy)
@@ -707,19 +707,24 @@
LIST_FOREACH(sc, &carp_list, sc_next)
if (sc->sc_state == MASTER) {
CARP_LOCK(sc);
+ CURVNET_SET(sc->sc_carpdev->if_vnet);
carp_send_ad_locked(sc);
+ CURVNET_RESTORE();
CARP_UNLOCK(sc);
}
mtx_unlock(&carp_mtx);
}
+/* Send a periodic advertisement, executed in callout context. */
static void
carp_send_ad(void *v)
{
struct carp_softc *sc = v;
CARP_LOCK_ASSERT(sc);
+ CURVNET_SET(sc->sc_carpdev->if_vnet);
carp_send_ad_locked(sc);
+ CURVNET_RESTORE();
CARP_UNLOCK(sc);
}
@@ -1090,6 +1095,7 @@
return (0);
}
+/* Master down timeout event, executed in callout context. */
static void
carp_master_down(void *v)
{
@@ -1097,12 +1103,14 @@
CARP_LOCK_ASSERT(sc);
+ CURVNET_SET(sc->sc_carpdev->if_vnet);
if (sc->sc_state == BACKUP) {
CARP_LOG("VHID %u@%s: BACKUP -> MASTER (master down)\n",
sc->sc_vhid,
sc->sc_carpdev->if_xname);
carp_master_down_locked(sc);
}
+ CURVNET_RESTORE();
CARP_UNLOCK(sc);
}
--TakKZr9L6Hm6aLOc--
From owner-freebsd-net@FreeBSD.ORG Tue Feb 7 08:50:11 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id D52D6106564A
for <freebsd-net@hub.freebsd.org>; Tue, 7 Feb 2012 08:50:11 +0000 (UTC)
(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id A2CFF8FC15
for <freebsd-net@hub.freebsd.org>; Tue, 7 Feb 2012 08:50:11 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q178oBDB051459
for <freebsd-net@freefall.freebsd.org>; Tue, 7 Feb 2012 08:50:11 GMT
(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q178oBpN051457;
Tue, 7 Feb 2012 08:50:11 GMT (envelope-from gnats)
Date: Tue, 7 Feb 2012 08:50:11 GMT
Message-Id: <201202070850.q178oBpN051457@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Nikos Vassiliadis <nvass@gmx.com>
Cc:
Subject: Re: kern/164696: VIMAGE + carp panics the kernel
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Nikos Vassiliadis <nvass@gmx.com>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 08:50:11 -0000
The following reply was made to PR kern/164696; it has been noted by GNATS.
From: Nikos Vassiliadis <nvass@gmx.com>
To: Gleb Smirnoff <glebius@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/164696: VIMAGE + carp panics the kernel
Date: Tue, 07 Feb 2012 10:46:57 +0200
On 2/6/2012 1:47 PM, Gleb Smirnoff wrote:
> Hi, Nikos!
>
> On Wed, Feb 01, 2012 at 10:40:35PM +0000, Nikos Vassiliadis wrote:
> N> >Description:
> N> Trying to use a carp interface in a VIMAGE enabled kernel, panics the kernel.
>
> Can you please test another patch, that is attached?
>
Yes, it works. Please, commit it.
Thanks!
From owner-freebsd-net@FreeBSD.ORG Tue Feb 7 14:41:00 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id E8E79106566C
for <freebsd-net@freebsd.org>; Tue, 7 Feb 2012 14:41:00 +0000 (UTC)
(envelope-from tmulkar@sandvine.com)
Received: from mail1.sandvine.com (Mail1.sandvine.com [64.7.137.134])
by mx1.freebsd.org (Postfix) with ESMTP id 8EF148FC19
for <freebsd-net@freebsd.org>; Tue, 7 Feb 2012 14:41:00 +0000 (UTC)
Received: from blr-exch-1.sandvine.com (10.30.4.60) by WTL-EXCH-1.sandvine.com
(192.168.196.31) with Microsoft SMTP Server (TLS) id 14.1.339.1;
Tue, 7 Feb 2012 09:30:11 -0500
Received: from BLR-EXCH-1.sandvine.com ([fe80::b896:bd62:3a8d:e51d]) by
blr-exch-1.sandvine.com ([fe80::b896:bd62:3a8d:e51d%16]) with mapi id
14.01.0289.001; Tue, 7 Feb 2012 20:00:09 +0530
From: Tushar Mulkar <tmulkar@sandvine.com>
To: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Thread-Topic: [PATCH] if_lagg driver enhancements.
Thread-Index: AczlpP1OgZtGvpS8Rw6M7AAnxRmPvA==
Date: Tue, 7 Feb 2012 14:30:08 +0000
Message-ID: <26E6BFB8942F2949A1501D4878FAEA152CD50451@blr-exch-1.sandvine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.30.10.51]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [PATCH] if_lagg driver enhancements.
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 14:41:01 -0000
Hello,
A patch is developed that has following enhancements in lagg driver
- Sending a gratuitous ARP when link state changes on primary port of=20
lag (kern/156226)
- Support of new ioctl command to change primary port of the lag
These enhancements are quite handy and useful. Please check if it can=20
be added to FreeBSD
------------------------------------------------------------------
--- /vobs/fw-bsd/src/sys/net/if_lagg.c 2012-01-24 05:28:25.000000000 -0=
500
+++ /vobs/fw-bsd/src/sys/net/if_lagg.c 2012-02-03 09:11:50.000000000 -0=
500
@@ -54,13 +54,19 @@
#ifdef INET
#include <netinet/in.h>
+#include <netinet/in_var.h>
#include <netinet/in_systm.h>
#include <netinet/if_ether.h>
#include <netinet/ip.h>
#endif
#ifdef INET6
+#include <netinet/icmp6.h>
#include <netinet/ip6.h>
+#include <netinet6/ip6_var.h>
+#include <netinet6/in6_var.h>
+#include <netinet6/scope6_var.h>
+#include <netinet6/nd6.h>
#endif
#include <net/if_vlan_var.h>
@@ -746,6 +752,7 @@
switch (dst->sa_family) {
case pseudo_AF_HDRCMPLT:
+ return ((*lp->lp_output)(ifp, m, dst, ro));
case AF_UNSPEC:
eh =3D (struct ether_header *)dst->sa_data;
type =3D eh->ether_type;
@@ -1053,7 +1060,38 @@
error =3D EINVAL;
break;
- default:
+ case SIOCSPLAGGPORT:
+
+ if (rp->rp_portname[0] =3D=3D '\0' ||
+ (tpif =3D ifunit(rp->rp_portname)) =3D=3D NULL) {
+ error =3D EINVAL;
+ break;
+ }
+
+ LAGG_WLOCK(sc);
+ if ((lp =3D (struct lagg_port *)tpif->if_lagg) =3D=3D NULL=
||
+ lp->lp_softc !=3D sc) {
+ error =3D ENOENT;
+ LAGG_WUNLOCK(sc);
+ break;
+ }
+ /* This port is already primary port no need to do any thi=
ng */=20
+ if(SLIST_FIRST(&sc->sc_ports)=3D=3D lp){
+ LAGG_WUNLOCK(sc);
+ return (error);
+ }
+ else{
+ SLIST_REMOVE(&sc->sc_ports, lp, lagg_port, lp_entries);
+ SLIST_INSERT_HEAD(&sc->sc_ports, lp, lp_entries);
+ sc->sc_primary =3D lp;=20
+ lagg_lladdr(sc, lp->lp_lladdr);
+ sc->sc_ifp->if_mtu =3D tpif->if_mtu;
+ SLIST_FOREACH(lp, &sc->sc_ports, lp_entries)
+ lagg_port_lladdr(lp, IF_LLADDR(ifp));
+ LAGG_WUNLOCK(sc);
+ }=20
+ break; =20
+ default:
error =3D ether_ioctl(ifp, cmd, data);
break;
}
@@ -1309,17 +1347,47 @@
{
struct lagg_port *lp =3D (struct lagg_port *)ifp->if_lagg;
struct lagg_softc *sc =3D NULL;
+ struct ifaddr *ifa ;=20
+ struct in6_ifaddr *ia =3D NULL;=20
+ struct in6_addr *in6 =3D NULL;=20
+ struct ifaddrhead ifaddrh;
+ struct in_ifaddr *laddr =3D NULL;=20
=20
if (lp !=3D NULL)
sc =3D lp->lp_softc;
if (sc =3D=3D NULL)
return;
-
+ =20
LAGG_WLOCK(sc);
lagg_linkstate(sc);
+ =20
if (sc->sc_linkstate !=3D NULL)
(*sc->sc_linkstate)(lp);
+ =20
LAGG_WUNLOCK(sc);
+ =20
+ /* If status changed on primary port send gratuitous ARP */
+
+ if(sc->sc_primary =3D=3D lp){
+ IFP_TO_IA(sc->sc_ifp, laddr);
+ if (laddr =3D=3D NULL)
+ return;
+ ifaddrh =3D sc->sc_ifp->if_addrhead;
+ TAILQ_FOREACH(ifa, &ifaddrh, ifa_link) {
+#ifdef INET
+ if(ifa->ifa_addr->sa_family =3D=3D AF_INET)
+ arp_ifinit(sc->sc_ifp,(struct ifaddr *) laddr);
+#endif
+
+#ifdef INET6
+ if (ifa->ifa_addr->sa_family =3D=3D AF_INET6){
+ ia =3D in6ifa_ifpforlinklocal(sc->sc_ifp, 0);
+ in6 =3D &ifatoia6(ifa)->ia_addr.sin6_addr;
+ nd6_ns_output(sc->sc_ifp, NULL,in6, 0, 1);
+ } =20
+#endif
+ }
+ }
}
struct lagg_port *
--- /vobs/fw-bsd/src/sys/net/if_lagg.h 2012-02-03 03:45:32.000000000 -0=
500
+++ /vobs/fw-bsd/src/sys/net/if_lagg.h 2012-02-03 03:53:18.000000000 -0=
500
@@ -119,6 +119,7 @@
#define SIOCGLAGG _IOWR('i', 143, struct lagg_reqall)
#define SIOCSLAGG _IOW('i', 144, struct lagg_reqall)
+#define SIOCSPLAGGPORT _IOWR('i', 145, struct lagg_reqport)
#ifdef _KERNEL
/*
--- /vobs/fw-bsd/src/sbin/ifconfig/iflagg.c 2012-02-03 00:48:38.0000000=
00 -0500
+++ /vobs/fw-bsd/src/sbin/ifconfig/iflagg.c 2012-02-03 01:41:34.0000000=
00 -0500
@@ -43,6 +43,18 @@
if (ioctl(s, SIOCSLAGGPORT, &rp))
err(1, "SIOCSLAGGPORT");
}
+static void=20
+setlaggpport(const char *val, int d, int s, const struct afswtch *afp)
+{
+ struct lagg_reqport rp;
+
+ bzero(&rp, sizeof(rp));
+ strlcpy(rp.rp_ifname, name, sizeof(rp.rp_ifname));
+ strlcpy(rp.rp_portname, val, sizeof(rp.rp_portname));
+
+ if (ioctl(s, SIOCSLAGGPPORT, &rp))
+ err(1, "SIOCSLAGPPORT");
+}
static void
unsetlaggport(const char *val, int d, int s, const struct afswtch *afp)
@@ -174,6 +186,7 @@
DEF_CMD_ARG("laggport", setlaggport),
DEF_CMD_ARG("-laggport", unsetlaggport),
DEF_CMD_ARG("laggproto", setlaggproto),
+ DEF_CMD_ARG("laggpport", setlaggpport),
};
static struct afswtch af_lagg =3D {
.af_name =3D "af_lagg",
---------------------------------------------------------------------------=
-----------------------------
Tushar Mulkar
Senior Software Engineer , Sandvine India
Mobile: +91-9845146601
Skype: tushar.mulkar
www.sandvine.com
From owner-freebsd-net@FreeBSD.ORG Tue Feb 7 20:30:18 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 5FFFF106568B
for <freebsd-net@hub.freebsd.org>; Tue, 7 Feb 2012 20:30:18 +0000 (UTC)
(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id 31DDA8FC13
for <freebsd-net@hub.freebsd.org>; Tue, 7 Feb 2012 20:30:18 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q17KUIXU002955
for <freebsd-net@freefall.freebsd.org>; Tue, 7 Feb 2012 20:30:18 GMT
(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q17KUIZk002951;
Tue, 7 Feb 2012 20:30:18 GMT (envelope-from gnats)
Date: Tue, 7 Feb 2012 20:30:18 GMT
Message-Id: <201202072030.q17KUIZk002951@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: "Steven Hartland" <killing@multiplay.co.uk>
Cc:
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets
causing high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Steven Hartland <killing@multiplay.co.uk>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 20:30:18 -0000
The following reply was made to PR kern/161899; it has been noted by GNATS.
From: "Steven Hartland" <killing@multiplay.co.uk>
To: <bug-followup@freebsd.org>
Cc:
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
Date: Tue, 7 Feb 2012 09:24:47 -0000
Any update on this, would have been nice to see a fix hit before
9.0. If you need any more information please let me know.
From owner-freebsd-net@FreeBSD.ORG Tue Feb 7 23:27:12 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 3C20E106567A
for <freebsd-net@freebsd.org>; Tue, 7 Feb 2012 23:27:12 +0000 (UTC)
(envelope-from adrian.chadd@gmail.com)
Received: from mail-we0-f182.google.com (mail-we0-f182.google.com
[74.125.82.182])
by mx1.freebsd.org (Postfix) with ESMTP id CCC838FC16
for <freebsd-net@freebsd.org>; Tue, 7 Feb 2012 23:27:11 +0000 (UTC)
Received: by werm13 with SMTP id m13so8610779wer.13
for <freebsd-net@freebsd.org>; Tue, 07 Feb 2012 15:27:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=mime-version:sender:date:x-google-sender-auth:message-id:subject
:from:to:content-type;
bh=ScnBwPefZs5kj5GrExJWONjAFoHhERww9iz6A66z1fw=;
b=jYyiFPPputNwblH2lXRWpq2Hzfpwx0+6tQiB55pEOCLIU4SHd+JHNHlae1nuY6LG7O
igUQmkASVVkQwVy2N/OYycSB4kmCa5T4kikLiHNLn3l9ki1vecBuIQDi0nIWjtwGmgb2
NeUdt3VTKbxxqhL6pLyNzGQ6dphF+cntGW/6k=
MIME-Version: 1.0
Received: by 10.181.11.227 with SMTP id el3mr37089297wid.18.1328657230766;
Tue, 07 Feb 2012 15:27:10 -0800 (PST)
Sender: adrian.chadd@gmail.com
Received: by 10.216.175.136 with HTTP; Tue, 7 Feb 2012 15:27:10 -0800 (PST)
Date: Tue, 7 Feb 2012 15:27:10 -0800
X-Google-Sender-Auth: ypk7U1RfRyZN9yX5PbuRQ3xfPQY
Message-ID: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
From: Adrian Chadd <adrian@freebsd.org>
To: FreeBSD Net <freebsd-net@freebsd.org>, "rozhuk.im" <rozhuk.im@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc:
Subject: call for review: 802.11q QinQ netgraph support
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 23:27:12 -0000
Hi,
I've been working with the patch author on this and although I haven't
yet had time to test it out myself, he's taken my suggestions on board
and continued improving things.
The patch can be found in the PR:
http://www.freebsd.org/cgi/query-pr.cgi?pr=161908
In summary, he's added the ability to support q-in-q tags, as well as
maintaining backwards compatibility for existing users.
I'd like to commit this at the end of the week.
He's indicated that he will take care of any issues it may break. I'll
back it out if it breaks things and isn't fixed.
Ivan - thank you for being so patient!
I would appreciate further review from network/netgraph related
people. I'm going to borrow a term from gnn and say "Silence implies
consent." :-)
Adrian
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 01:01:53 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 11CA41065690;
Wed, 8 Feb 2012 01:01:53 +0000 (UTC)
(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
by mx1.freebsd.org (Postfix) with ESMTP id D805A8FC15;
Wed, 8 Feb 2012 01:01:52 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
[67.180.24.15]) (authenticated bits=0)
by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q1811o0o050463
(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
Tue, 7 Feb 2012 17:01:51 -0800 (PST)
(envelope-from julian@freebsd.org)
Message-ID: <4F31C9D0.6030904@freebsd.org>
Date: Tue, 07 Feb 2012 17:03:12 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
rv:1.9.2.26) Gecko/20120129 Thunderbird/3.1.18
MIME-Version: 1.0
To: Adrian Chadd <adrian@freebsd.org>
References: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
In-Reply-To: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: FreeBSD Net <freebsd-net@freebsd.org>
Subject: Re: call for review: 802.11q QinQ netgraph support
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 01:01:53 -0000
On 2/7/12 3:27 PM, Adrian Chadd wrote:
> Hi,
>
> I've been working with the patch author on this and although I haven't
> yet had time to test it out myself, he's taken my suggestions on board
> and continued improving things.
>
> The patch can be found in the PR:
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=161908
>
> In summary, he's added the ability to support q-in-q tags, as well as
> maintaining backwards compatibility for existing users.
>
> I'd like to commit this at the end of the week.
>
> He's indicated that he will take care of any issues it may break. I'll
> back it out if it breaks things and isn't fixed.
>
> Ivan - thank you for being so patient!
>
> I would appreciate further review from network/netgraph related
> people. I'm going to borrow a term from gnn and say "Silence implies
> consent." :-)
>
looks good though s/2011/2012/
> Adrian
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 09:13:29 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id BCD79106564A;
Wed, 8 Feb 2012 09:13:29 +0000 (UTC)
(envelope-from egrosbein@rdtc.ru)
Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13::5])
by mx1.freebsd.org (Postfix) with ESMTP id 241C88FC0A;
Wed, 8 Feb 2012 09:13:28 +0000 (UTC)
Received: from eg.sd.rdtc.ru (localhost [127.0.0.1])
by eg.sd.rdtc.ru (8.14.5/8.14.5) with ESMTP id q189DRit099782;
Wed, 8 Feb 2012 16:13:27 +0700 (NOVT)
(envelope-from egrosbein@rdtc.ru)
Message-ID: <4F323CB7.3000609@rdtc.ru>
Date: Wed, 08 Feb 2012 16:13:27 +0700
From: Eugene Grosbein <egrosbein@rdtc.ru>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; ru-RU;
rv:1.9.2.13) Gecko/20110112 Thunderbird/3.1.7
MIME-Version: 1.0
To: Steven Hartland <killing@multiplay.co.uk>
References: <201202072030.q17KUIZk002951@freefall.freebsd.org>
In-Reply-To: <201202072030.q17KUIZk002951@freefall.freebsd.org>
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: 8bit
Cc: freebsd-net@freebsd.org, bug-followup@freebsd.org
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing
high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 09:13:29 -0000
08.02.2012 03:30, Steven Hartland РЙЫЕФ:
> The following reply was made to PR kern/161899; it has been noted by GNATS.
>
> From: "Steven Hartland" <killing@multiplay.co.uk>
> To: <bug-followup@freebsd.org>
> Cc:
> Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
> Date: Tue, 7 Feb 2012 09:24:47 -0000
>
> Any update on this, would have been nice to see a fix hit before
> 9.0. If you need any more information please let me know.
This is known problem. You should remove "options FLOWTABLE"
from your kernel configuration, as it was removed from GENERIC
for such misbehaviours. That had fixed same problem for me.
Eugene Grosbein
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 09:20:06 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 72F2C1065670
for <freebsd-net@hub.freebsd.org>; Wed, 8 Feb 2012 09:20:06 +0000 (UTC)
(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id 5892C8FC0C
for <freebsd-net@hub.freebsd.org>; Wed, 8 Feb 2012 09:20:06 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q189K5O6058681
for <freebsd-net@freefall.freebsd.org>; Wed, 8 Feb 2012 09:20:05 GMT
(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q189K5Bq058680;
Wed, 8 Feb 2012 09:20:05 GMT (envelope-from gnats)
Date: Wed, 8 Feb 2012 09:20:05 GMT
Message-Id: <201202080920.q189K5Bq058680@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Eugene Grosbein <egrosbein@rdtc.ru>
Cc:
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing
high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Eugene Grosbein <egrosbein@rdtc.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 09:20:06 -0000
The following reply was made to PR kern/161899; it has been noted by GNATS.
From: Eugene Grosbein <egrosbein@rdtc.ru>
To: Steven Hartland <killing@multiplay.co.uk>
Cc: freebsd-net@freebsd.org, bug-followup@freebsd.org
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing
high CPU load for ntpd
Date: Wed, 08 Feb 2012 16:13:27 +0700
08.02.2012 03:30, Steven Hartland РЙЫЕФ:
> The following reply was made to PR kern/161899; it has been noted by GNATS.
>
> From: "Steven Hartland" <killing@multiplay.co.uk>
> To: <bug-followup@freebsd.org>
> Cc:
> Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
> Date: Tue, 7 Feb 2012 09:24:47 -0000
>
> Any update on this, would have been nice to see a fix hit before
> 9.0. If you need any more information please let me know.
This is known problem. You should remove "options FLOWTABLE"
from your kernel configuration, as it was removed from GENERIC
for such misbehaviours. That had fixed same problem for me.
Eugene Grosbein
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 10:03:37 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id BFC881065673;
Wed, 8 Feb 2012 10:03:37 +0000 (UTC)
(envelope-from prvs=1385245108=killing@multiplay.co.uk)
Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
by mx1.freebsd.org (Postfix) with ESMTP id 12AED8FC16;
Wed, 8 Feb 2012 10:03:36 +0000 (UTC)
X-Spam-Processed: mail1.multiplay.co.uk, Wed, 08 Feb 2012 09:52:05 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
mail1.multiplay.co.uk
X-Spam-Level:
X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST
shortcircuit=ham autolearn=disabled version=3.2.5
Received: from r2d2 ([188.220.16.49])
by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
(MDaemon PRO v10.0.4) with ESMTP id md50017940128.msg;
Wed, 08 Feb 2012 09:52:04 +0000
X-MDRemoteIP: 188.220.16.49
X-Return-Path: prvs=1385245108=killing@multiplay.co.uk
X-Envelope-From: killing@multiplay.co.uk
Message-ID: <81B748092F3A413D84F6262C4B9AB146@multiplay.co.uk>
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Eugene Grosbein" <egrosbein@rdtc.ru>
References: <201202072030.q17KUIZk002951@freefall.freebsd.org>
<4F323CB7.3000609@rdtc.ru>
Date: Wed, 8 Feb 2012 09:53:03 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="KOI8-R"; reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Cc: freebsd-net@freebsd.org, bug-followup@freebsd.org
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets
causing high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 10:03:37 -0000
----- Original Message -----
From: "Eugene Grosbein" <egrosbein@rdtc.ru>
> This is known problem. You should remove "options FLOWTABLE"
> from your kernel configuration, as it was removed from GENERIC
> for such misbehaviours. That had fixed same problem for me.
We already have this removed due to the issues it causes with IP
changes, unfortunately it has no impact on this behaviour here.
Regards
Steve
================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it.
In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 10:10:10 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 30CE21065676
for <freebsd-net@hub.freebsd.org>; Wed, 8 Feb 2012 10:10:10 +0000 (UTC)
(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id 1B2C18FC08
for <freebsd-net@hub.freebsd.org>; Wed, 8 Feb 2012 10:10:10 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18AA90d004386
for <freebsd-net@freefall.freebsd.org>; Wed, 8 Feb 2012 10:10:09 GMT
(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18AA9Tt004385;
Wed, 8 Feb 2012 10:10:09 GMT (envelope-from gnats)
Date: Wed, 8 Feb 2012 10:10:09 GMT
Message-Id: <201202081010.q18AA9Tt004385@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: "Steven Hartland" <killing@multiplay.co.uk>
Cc:
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets
causing high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Steven Hartland <killing@multiplay.co.uk>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 10:10:10 -0000
The following reply was made to PR kern/161899; it has been noted by GNATS.
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Eugene Grosbein" <egrosbein@rdtc.ru>
Cc: <freebsd-net@freebsd.org>,
<bug-followup@freebsd.org>
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
Date: Wed, 8 Feb 2012 09:53:03 -0000
----- Original Message -----
From: "Eugene Grosbein" <egrosbein@rdtc.ru>
> This is known problem. You should remove "options FLOWTABLE"
> from your kernel configuration, as it was removed from GENERIC
> for such misbehaviours. That had fixed same problem for me.
We already have this removed due to the issues it causes with IP
changes, unfortunately it has no impact on this behaviour here.
Regards
Steve
================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it.
In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 10:42:15 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id A6AB71065675;
Wed, 8 Feb 2012 10:42:15 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
by mx1.freebsd.org (Postfix) with ESMTP id 28A978FC0C;
Wed, 8 Feb 2012 10:42:14 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18AgDMx021393;
Wed, 8 Feb 2012 14:42:13 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18AgDwc021392;
Wed, 8 Feb 2012 14:42:13 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 14:42:13 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Adrian Chadd <adrian@FreeBSD.org>, "rozhuk.im" <rozhuk.im@gmail.com>
Message-ID: <20120208104213.GD13554@FreeBSD.org>
References: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: FreeBSD Net <freebsd-net@FreeBSD.org>
Subject: Re: call for review: 802.11q QinQ netgraph support
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 10:42:15 -0000
On Tue, Feb 07, 2012 at 03:27:10PM -0800, Adrian Chadd wrote:
A> I've been working with the patch author on this and although I haven't
A> yet had time to test it out myself, he's taken my suggestions on board
A> and continued improving things.
A>
A> The patch can be found in the PR:
A>
A> http://www.freebsd.org/cgi/query-pr.cgi?pr=161908
A>
A> In summary, he's added the ability to support q-in-q tags, as well as
A> maintaining backwards compatibility for existing users.
A>
A> I'd like to commit this at the end of the week.
A>
A> He's indicated that he will take care of any issues it may break. I'll
A> back it out if it breaks things and isn't fixed.
A>
A> Ivan - thank you for being so patient!
A>
A> I would appreciate further review from network/netgraph related
A> people. I'm going to borrow a term from gnn and say "Silence implies
A> consent." :-)
I have only minor comments:
1.1) According to style(9) new code should use uintXX_t instead of u_intXX_t.
1.2) Some lines are really loooong, they need to be broken into shorter ones
accoording to style(9).
1.3) Operators at beginning of a line - also style(9) violation.
2) NETGRAPH_DEBUG wasn't designed for the things the patch is doing. But
the KASSERT was. So it'll be better to change the code under NETGRAPH_DEBUG
to KASSERTs. For example in the chunk '@@ -262,35 +322,143 @@':
KASSERT(priv->vlan_hook[EVL_VLANOFTAG(hook_data)] == hook,
("%s: NGM_VLAN_DEL_FILTER: Invalid VID for Hook = %s\n",
__func__, (char *)msg->data));
and
KASSERT(EVL_VLANOFTAG(hook_data) == vid,
("%s: NGM_VLAN_DEL_VID_FLT: Invalid VID Hook = %us, must be: %us\n",
__func__, (uint16_t )EVL_VLANOFTAG(hook_data), vid));
--
Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 10:50:11 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 9EF91106566C
for <freebsd-net@hub.freebsd.org>; Wed, 8 Feb 2012 10:50:11 +0000 (UTC)
(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id 8A16D8FC08
for <freebsd-net@hub.freebsd.org>; Wed, 8 Feb 2012 10:50:11 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18AoBIR042113
for <freebsd-net@freefall.freebsd.org>; Wed, 8 Feb 2012 10:50:11 GMT
(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18AoBwY042112;
Wed, 8 Feb 2012 10:50:11 GMT (envelope-from gnats)
Date: Wed, 8 Feb 2012 10:50:11 GMT
Message-Id: <201202081050.q18AoBwY042112@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Dmitrij Tejblum <tejblum@yandex-team.ru>
Cc:
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing
high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Dmitrij Tejblum <tejblum@yandex-team.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 10:50:11 -0000
The following reply was made to PR kern/161899; it has been noted by GNATS.
From: Dmitrij Tejblum <tejblum@yandex-team.ru>
To: bug-followup@freebsd.org
Cc:
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing
high CPU load for ntpd
Date: Wed, 08 Feb 2012 14:30:51 +0400
I would suggest to remove RTM_MISS messages at all. I believe that there
is no sofware that actually use it. OTOH, in some cases RTM_MISS
messages are really disturbing.
E.g., a router without default route (e.g. runnung BGP) will always
generate some amount of RTM_MISS messages. They have no use, but require
daemons to parse them, and could result in overflow on routing socket
queue and, in turn, cause some important routing messages to be dropped.
I have a patch that add a sysctl to turn off RTM_MISS messages, but
since no one use them, it would be easier to just remove them entirely.
--
Dmitry
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:00:32 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 7D7201065672
for <freebsd-net@hub.freebsd.org>; Wed, 8 Feb 2012 13:00:32 +0000 (UTC)
(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id 68D5F8FC13
for <freebsd-net@hub.freebsd.org>; Wed, 8 Feb 2012 13:00:32 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18D0Wmi067565
for <freebsd-net@freefall.freebsd.org>; Wed, 8 Feb 2012 13:00:32 GMT
(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18D0Wnc067564;
Wed, 8 Feb 2012 13:00:32 GMT (envelope-from gnats)
Date: Wed, 8 Feb 2012 13:00:32 GMT
Message-Id: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Gleb Smirnoff <glebius@FreeBSD.org>
Cc:
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Gleb Smirnoff <glebius@FreeBSD.org>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:00:32 -0000
The following reply was made to PR kern/161899; it has been noted by GNATS.
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Steven Hartland <killing@multiplay.co.uk>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
Date: Wed, 8 Feb 2012 16:59:44 +0400
> Any update on this, would have been nice to see a fix hit before
> 9.0. If you need any more information please let me know.
AFAIK, this is no longer a problem in 9.0-RELEASE or in HEAD.
The cause for this number of misses is absense of a route for
IPv4 mapped block in IPv6 routing table.
Here it is:
# netstat -rn -f inet6
Routing tables
Internet6:
Destination Gateway Flags Netif Expire
::/96 ::1 UGRS lo0
Some rc.d script installs this prefix in 9.0 and 10.0. If it hasn't
been merged to stable/8, then it needs to be found and merged.
--
Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:01:48 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 13543106566B
for <freebsd-net@FreeBSD.org>; Wed, 8 Feb 2012 13:01:48 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
by mx1.freebsd.org (Postfix) with ESMTP id 8BF4B8FC14
for <freebsd-net@FreeBSD.org>; Wed, 8 Feb 2012 13:01:47 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18D1klP022747;
Wed, 8 Feb 2012 17:01:46 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18D1kIs022746;
Wed, 8 Feb 2012 17:01:46 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:01:46 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Dmitrij Tejblum <tejblum@yandex-team.ru>
Message-ID: <20120208130146.GH13554@FreeBSD.org>
References: <201202081050.q18AoBwY042112@freefall.freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <201202081050.q18AoBwY042112@freefall.freebsd.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net@FreeBSD.org
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing
high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:01:48 -0000
Dmitrij,
On Wed, Feb 08, 2012 at 10:50:11AM +0000, Dmitrij Tejblum wrote:
D> I would suggest to remove RTM_MISS messages at all. I believe that there
D> is no sofware that actually use it. OTOH, in some cases RTM_MISS
D> messages are really disturbing.
D>
D> E.g., a router without default route (e.g. runnung BGP) will always
D> generate some amount of RTM_MISS messages. They have no use, but require
D> daemons to parse them, and could result in overflow on routing socket
D> queue and, in turn, cause some important routing messages to be dropped.
D>
D> I have a patch that add a sysctl to turn off RTM_MISS messages, but
D> since no one use them, it would be easier to just remove them entirely.
Sounds reasonable. A patch that adds a sysctl is definitely a commit candidate.
But we can't be sure that no one uses these messages, so we can't remove them
entirely.
--
Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:26:50 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id CF2A3106564A
for <freebsd-net@FreeBSD.org>; Wed, 8 Feb 2012 13:26:50 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
by mx1.freebsd.org (Postfix) with ESMTP id 5225F8FC13
for <freebsd-net@FreeBSD.org>; Wed, 8 Feb 2012 13:26:50 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18DQnhX022986;
Wed, 8 Feb 2012 17:26:49 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18DQmQI022985;
Wed, 8 Feb 2012 17:26:48 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:26:48 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Tushar Mulkar <tmulkar@sandvine.com>
Message-ID: <20120208132648.GI13554@FreeBSD.org>
References: <26E6BFB8942F2949A1501D4878FAEA152CD50451@blr-exch-1.sandvine.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <26E6BFB8942F2949A1501D4878FAEA152CD50451@blr-exch-1.sandvine.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: "freebsd-net@freebsd.org" <freebsd-net@FreeBSD.org>
Subject: Re: [PATCH] if_lagg driver enhancements.
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:26:50 -0000
On Tue, Feb 07, 2012 at 02:30:08PM +0000, Tushar Mulkar wrote:
T> Hello,
T> A patch is developed that has following enhancements in lagg driver
T>
T> - Sending a gratuitous ARP when link state changes on primary port of
T> lag (kern/156226)
T> - Support of new ioctl command to change primary port of the lag
T>
T> These enhancements are quite handy and useful. Please check if it can
T> be added to FreeBSD
IMHO, the patch introduces a layering violation, which is bad. This would
lead to problems in future. From a quick look I don't see any right now,
and patch is compatible with carp(4) just accidentially :)
I would suggest the following approach:
1) Network protocols should register theirselves on the ifnet_link_event
EVENTHANDLER(9).
2) The inet4 should send gratutious ARP on this event.
3) The inet6 should send NA.
As you see the patch would be entirely not about lagg(4) :)
We've got some minor obstacles on the suggested way:
- The if_link_state_change() function suppresses any processing if the link
hasn't changed, for example UP -> UP event.
We can overcome this by adding a new pseudo state LINK_STATE_UPAGAIN (or
LINK_STATE_UPCHANGED or LINK_STATE_UPANOTHER or any better name you can
imagine). This pseudo state can't be stored in the ifp->if_link_state, but
it can be used to keep the state LINK_STATE_UP, but force triggering link
state hooks.
I think this approach is more clean and error prone. It can lead only to
extraneous gratutious ARP sent in some cases, which is not critical.
--
Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:32:00 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id BE05F106564A;
Wed, 8 Feb 2012 13:32:00 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
by mx1.freebsd.org (Postfix) with ESMTP id 4152A8FC13;
Wed, 8 Feb 2012 13:32:00 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18DVw1K023042;
Wed, 8 Feb 2012 17:31:58 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18DVwOL023041;
Wed, 8 Feb 2012 17:31:58 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:31:58 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: rozhuk.im@gmail.com
Message-ID: <20120208133158.GJ13554@FreeBSD.org>
References: <4f298d95.82b7cc0a.49b2.5d24@mx.google.com>
<4F2A2C1F.1060609@freebsd.org>
<4f2b0826.10cbcc0a.5660.ffff8aa9@mx.google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <4f2b0826.10cbcc0a.5660.ffff8aa9@mx.google.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net@FreeBSD.org, 'Julian Elischer' <julian@FreeBSD.org>
Subject: Re: m_pullup - fail
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:32:00 -0000
On Fri, Feb 03, 2012 at 07:03:11AM +0900, rozhuk.im@gmail.com wrote:
r> I am writing a netgraph node for processing UDP packets passing through the
r> router / bridge.
r> Node must fully inspect the entire contents of the package, in some cases,
r> change them.
In this case you need something like m_megapullup() that can be found in
sys/netinet/libalias/alias.c
--
Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:36:01 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id A421C106564A;
Wed, 8 Feb 2012 13:36:01 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
by mx1.freebsd.org (Postfix) with ESMTP id 2161C8FC0C;
Wed, 8 Feb 2012 13:36:00 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18Da0G3023112;
Wed, 8 Feb 2012 17:36:00 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18DZx4R023109;
Wed, 8 Feb 2012 17:35:59 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:35:59 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Luigi Rizzo <rizzo@iet.unipi.it>
Message-ID: <20120208133559.GK13554@FreeBSD.org>
References: <CAPBZQG32iyzkec4PG+qay9bKfd0GiffKyRBapLkATKvHr7cVww@mail.gmail.com>
<20120131110204.GA95472@onelab2.iet.unipi.it>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <20120131110204.GA95472@onelab2.iet.unipi.it>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: Ermal Lu?i <eri@FreeBSD.org>, freebsd-net <freebsd-net@FreeBSD.org>,
freebsd-hackers@FreeBSD.org
Subject: Re: [PATCH] multiple instances of ipfw(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:36:01 -0000
On Tue, Jan 31, 2012 at 12:02:04PM +0100, Luigi Rizzo wrote:
L> if i understand what the patch does, i think it makes sense to be
L> able to hook ipfw instances to specific interfaces/sets of interfaces,
L> as it permits the writing of more readable rulesets. Right now the
L> workaround is start the ruleset with skipto rules matching on
L> interface names, and then use some discipline in "reserving" a range
L> of rule numbers to each interface.
This is definitely a desired feature, but it should be implemented
on level of pfil(9). However, that would still require multiple
instances of ipfw(4).
--
Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:39:46 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 8D33910657A2;
Wed, 8 Feb 2012 13:39:46 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id 52B488FC13;
Wed, 8 Feb 2012 13:39:46 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18DdkNl005750;
Wed, 8 Feb 2012 13:39:46 GMT
(envelope-from glebius@freefall.freebsd.org)
Received: (from glebius@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18DdjmA005746;
Wed, 8 Feb 2012 13:39:45 GMT (envelope-from glebius)
Date: Wed, 8 Feb 2012 13:39:45 GMT
Message-Id: <201202081339.q18DdjmA005746@freefall.freebsd.org>
To: nvass@gmx.com, glebius@FreeBSD.org, freebsd-net@FreeBSD.org,
glebius@FreeBSD.org
From: glebius@FreeBSD.org
Cc:
Subject: Re: kern/164696: [netinet] [patch] [panic] VIMAGE + carp panics the
kernel
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:39:46 -0000
Synopsis: [netinet] [patch] [panic] VIMAGE + carp panics the kernel
State-Changed-From-To: open->closed
State-Changed-By: glebius
State-Changed-When: Wed Feb 8 13:38:23 UTC 2012
State-Changed-Why:
Fixed.
Responsible-Changed-From-To: freebsd-net->glebius
Responsible-Changed-By: glebius
Responsible-Changed-When: Wed Feb 8 13:38:23 UTC 2012
Responsible-Changed-Why:
Fixed.
http://www.freebsd.org/cgi/query-pr.cgi?pr=164696
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:44:34 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id A78FB106566B
for <freebsd-net@FreeBSD.org>; Wed, 8 Feb 2012 13:44:34 +0000 (UTC)
(envelope-from prvs=1385245108=killing@multiplay.co.uk)
Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
by mx1.freebsd.org (Postfix) with ESMTP id ED8868FC1A
for <freebsd-net@FreeBSD.org>; Wed, 8 Feb 2012 13:44:33 +0000 (UTC)
X-Spam-Processed: mail1.multiplay.co.uk, Wed, 08 Feb 2012 13:44:04 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
mail1.multiplay.co.uk
X-Spam-Level:
X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST
shortcircuit=ham autolearn=disabled version=3.2.5
Received: from r2d2 ([188.220.16.49])
by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
(MDaemon PRO v10.0.4) with ESMTP id md50017942426.msg;
Wed, 08 Feb 2012 13:44:03 +0000
X-MDRemoteIP: 188.220.16.49
X-Return-Path: prvs=1385245108=killing@multiplay.co.uk
X-Envelope-From: killing@multiplay.co.uk
Message-ID: <F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Gleb Smirnoff" <glebius@FreeBSD.org>,
<freebsd-net@FreeBSD.org>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
Date: Wed, 8 Feb 2012 13:44:56 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="Windows-1252";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Cc:
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:44:34 -0000
----- Original Message -----
From: "Gleb Smirnoff" <glebius@FreeBSD.org>
> > Any update on this, would have been nice to see a fix hit before
> > 9.0. If you need any more information please let me know.
>
> AFAIK, this is no longer a problem in 9.0-RELEASE or in HEAD.
>
> The cause for this number of misses is absense of a route for
> IPv4 mapped block in IPv6 routing table.
>
> Here it is:
>
> # netstat -rn -f inet6
> Routing tables
>
> Internet6:
> Destination Gateway Flags Netif Expire
> ::/96 ::1 UGRS lo0
>
> Some rc.d script installs this prefix in 9.0 and 10.0. If it hasn't
> been merged to stable/8, then it needs to be found and merged.
Thanks Gleb!
Running the following commands does indeed stop this
route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
I found these in /etc/rc.d/network_ipv6 but I can't see why
these wouldnt be run on a machine that doesn't have an IPv6
address, they seem to be added correctly on machines that do.
So any pointers are to how to get this fix setup correctly in
8.2 would appreciated.
Regards
Steve
================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it.
In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:55:02 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 8CC9A106564A
for <freebsd-net@FreeBSD.org>; Wed, 8 Feb 2012 13:55:02 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
by mx1.freebsd.org (Postfix) with ESMTP id 0C7438FC15
for <freebsd-net@FreeBSD.org>; Wed, 8 Feb 2012 13:55:01 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18Dt0UN023315;
Wed, 8 Feb 2012 17:55:00 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18Dt0GH023314;
Wed, 8 Feb 2012 17:55:00 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:55:00 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Steven Hartland <killing@multiplay.co.uk>
Message-ID: <20120208135500.GL13554@FreeBSD.org>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
<F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net@FreeBSD.org
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:55:02 -0000
On Wed, Feb 08, 2012 at 01:44:56PM -0000, Steven Hartland wrote:
S> ----- Original Message -----
S> From: "Gleb Smirnoff" <glebius@FreeBSD.org>
S> > > Any update on this, would have been nice to see a fix hit before
S> > > 9.0. If you need any more information please let me know.
S> >
S> > AFAIK, this is no longer a problem in 9.0-RELEASE or in HEAD.
S> >
S> > The cause for this number of misses is absense of a route for
S> > IPv4 mapped block in IPv6 routing table.
S> >
S> > Here it is:
S> >
S> > # netstat -rn -f inet6
S> > Routing tables
S> >
S> > Internet6:
S> > Destination Gateway Flags Netif Expire
S> > ::/96 ::1 UGRS lo0
S> >
S> > Some rc.d script installs this prefix in 9.0 and 10.0. If it hasn't
S> > been merged to stable/8, then it needs to be found and merged.
S>
S> Thanks Gleb!
S>
S> Running the following commands does indeed stop this
S> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
S> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
S>
S> I found these in /etc/rc.d/network_ipv6 but I can't see why
S> these wouldnt be run on a machine that doesn't have an IPv6
S> address, they seem to be added correctly on machines that do.
S>
S> So any pointers are to how to get this fix setup correctly in
S> 8.2 would appreciated.
I don't have any 8.2 where I can play already :) All test boxes
are either head or 9.0.
So it'll be easier to you than to me, to find the exact revision
that is already in stable/9, but not yet in stable/8, that adds
these routes to kernel in startup. Once found, I can do merging.
Meanwhile, I can bounce the PR to freebsd-rc@, and may be someone
from there can find out what needs to be merged.
--
Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 13:55:34 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id E0587106566B;
Wed, 8 Feb 2012 13:55:34 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
[IPv6:2001:4f8:fff6::28])
by mx1.freebsd.org (Postfix) with ESMTP id B31378FC1B;
Wed, 8 Feb 2012 13:55:34 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18DtY9m022790;
Wed, 8 Feb 2012 13:55:34 GMT
(envelope-from glebius@freefall.freebsd.org)
Received: (from glebius@localhost)
by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18DtYJ7022786;
Wed, 8 Feb 2012 13:55:34 GMT (envelope-from glebius)
Date: Wed, 8 Feb 2012 13:55:34 GMT
Message-Id: <201202081355.q18DtYJ7022786@freefall.freebsd.org>
To: glebius@FreeBSD.org, freebsd-net@FreeBSD.org, freebsd-rc@FreeBSD.org
From: glebius@FreeBSD.org
Cc:
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets
causing high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:55:35 -0000
Synopsis: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
Responsible-Changed-From-To: freebsd-net->freebsd-rc
Responsible-Changed-By: glebius
Responsible-Changed-When: Wed Feb 8 13:55:07 UTC 2012
Responsible-Changed-Why:
I think, that solution to the problem lives somewhere in th rc-land.
http://www.freebsd.org/cgi/query-pr.cgi?pr=161899
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 14:04:10 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 1CE33106564A;
Wed, 8 Feb 2012 14:04:10 +0000 (UTC)
(envelope-from ermal.luci@gmail.com)
Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com
[209.85.210.182])
by mx1.freebsd.org (Postfix) with ESMTP id C23928FC1D;
Wed, 8 Feb 2012 14:04:09 +0000 (UTC)
Received: by iaeo4 with SMTP id o4so1256087iae.13
for <multiple recipients>; Wed, 08 Feb 2012 06:04:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:cc:content-type;
bh=+J0xlP6I1mhPtm6JmLkzX/MN5IuuYy8GGNP+ZtNP1Kg=;
b=IcivfqBr1JdiPJTEbuhNzxbMoy0aPAGOXDihScdkTJl+EJJe4gSjJAyxiQ4Lwiphbx
4PKQM9TNS56QNSlMr89Ra2KehIAr3kf+Mih1iJn2pmFz+a7nkgW66YsVf1y0kHuqWO3H
OxAXXJz5HETWCSfWxVMZwtxrYIBGs7vRRP0b0=
MIME-Version: 1.0
Received: by 10.42.144.69 with SMTP id a5mr27139143icv.45.1328709849420; Wed,
08 Feb 2012 06:04:09 -0800 (PST)
Sender: ermal.luci@gmail.com
Received: by 10.231.134.198 with HTTP; Wed, 8 Feb 2012 06:04:09 -0800 (PST)
In-Reply-To: <20120208133559.GK13554@FreeBSD.org>
References: <CAPBZQG32iyzkec4PG+qay9bKfd0GiffKyRBapLkATKvHr7cVww@mail.gmail.com>
<20120131110204.GA95472@onelab2.iet.unipi.it>
<20120208133559.GK13554@FreeBSD.org>
Date: Wed, 8 Feb 2012 15:04:09 +0100
X-Google-Sender-Auth: 0aFIRkQDzHRwTd5nBZ_gaj2_wVQ
Message-ID: <CAPBZQG0edS3sru=D_iGMsNDC5EA8H=A=wwRUDOGZi9DtU5-CkQ@mail.gmail.com>
From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org>
To: Gleb Smirnoff <glebius@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-net <freebsd-net@freebsd.org>, Luigi Rizzo <rizzo@iet.unipi.it>,
freebsd-hackers@freebsd.org
Subject: Re: [PATCH] multiple instances of ipfw(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 14:04:10 -0000
2012/2/8 Gleb Smirnoff <glebius@freebsd.org>:
> On Tue, Jan 31, 2012 at 12:02:04PM +0100, Luigi Rizzo wrote:
> L> if i understand what the patch does, i think it makes sense to be
> L> able to hook ipfw instances to specific interfaces/sets of interfaces,
> L> as it permits the writing of more readable rulesets. Right now the
> L> workaround is start the ruleset with skipto rules matching on
> L> interface names, and then use some discipline in "reserving" a range
> L> of rule numbers to each interface.
>
> This is definitely a desired feature, but it should be implemented
> on level of pfil(9). However, that would still require multiple
> instances of ipfw(4).
>
This opens a discussion of architecture design.
I do not think presently pfil(9) is designed to handle such thing!
Regards,
Ermal
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 14:09:23 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 6AD3D1065781;
Wed, 8 Feb 2012 14:09:23 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
by mx1.freebsd.org (Postfix) with ESMTP id E54448FC14;
Wed, 8 Feb 2012 14:09:22 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18E9Lil023577;
Wed, 8 Feb 2012 18:09:21 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18E9Lfq023576;
Wed, 8 Feb 2012 18:09:21 +0400 (MSK)
(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 18:09:21 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Ermal Lu?i <eri@FreeBSD.org>
Message-ID: <20120208140921.GM13554@glebius.int.ru>
References: <CAPBZQG32iyzkec4PG+qay9bKfd0GiffKyRBapLkATKvHr7cVww@mail.gmail.com>
<20120131110204.GA95472@onelab2.iet.unipi.it>
<20120208133559.GK13554@FreeBSD.org>
<CAPBZQG0edS3sru=D_iGMsNDC5EA8H=A=wwRUDOGZi9DtU5-CkQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <CAPBZQG0edS3sru=D_iGMsNDC5EA8H=A=wwRUDOGZi9DtU5-CkQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net <freebsd-net@FreeBSD.org>, Luigi Rizzo <rizzo@iet.unipi.it>,
freebsd-hackers@FreeBSD.org
Subject: Re: [PATCH] multiple instances of ipfw(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 14:09:23 -0000
On Wed, Feb 08, 2012 at 03:04:09PM +0100, Ermal Lu?i wrote:
E> 2012/2/8 Gleb Smirnoff <glebius@freebsd.org>:
E> > On Tue, Jan 31, 2012 at 12:02:04PM +0100, Luigi Rizzo wrote:
E> > L> if i understand what the patch does, i think it makes sense to be
E> > L> able to hook ipfw instances to specific interfaces/sets of interfaces,
E> > L> as it permits the writing of more readable rulesets. Right now the
E> > L> workaround is start the ruleset with skipto rules matching on
E> > L> interface names, and then use some discipline in "reserving" a range
E> > L> of rule numbers to each interface.
E> >
E> > This is definitely a desired feature, but it should be implemented
E> > on level of pfil(9). However, that would still require multiple
E> > instances of ipfw(4).
E> >
E> This opens a discussion of architecture design.
E> I do not think presently pfil(9) is designed to handle such thing!
Several years ago, I guess around 2005, a discussion on a per-interface
packet filtering was taken on the net@ mailing list. In that time, it lead
to nothing, several people were against the idea.
Recently on IRC I had raised the discussion again. Today more people liked
the idea and found it a desired feature.
Many kinds of high end networking equipment have per-interface ACLs. I know
that networking sysadmins would be happy if FreeBSD packet filters would
get this feature, since maintaing such ACLs is much easier on a router with
dozens of interfaces.
--
Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 16:53:48 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id E41A0106564A;
Wed, 8 Feb 2012 16:53:48 +0000 (UTC)
(envelope-from adrian.chadd@gmail.com)
Received: from mail-ww0-f42.google.com (mail-ww0-f42.google.com [74.125.82.42])
by mx1.freebsd.org (Postfix) with ESMTP id 495EC8FC14;
Wed, 8 Feb 2012 16:53:47 +0000 (UTC)
Received: by wgbgn7 with SMTP id gn7so5445121wgb.1
for <multiple recipients>; Wed, 08 Feb 2012 08:53:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:cc:content-type
:content-transfer-encoding;
bh=3Bt1p2WgEfVCw+a9p2HRYww/5ShIpfbtlPkn3tFIoFI=;
b=HUJyNFAP7h64bx0V2gdlNo2kgILoS6bklRZ2wFWlxJ066t/U0Wb0hXJ6izTW9RNw9F
goBHTfw28wwpfYCHNXZ7gwHs9zKbU7dg0G0xT4n6jRfA3xkjdjLRJXVf0YR11MkuRSLr
ESrTISnHiFHN74s1uAx+t1oO9HQ6AXHyHNe0w=
MIME-Version: 1.0
Received: by 10.216.135.76 with SMTP id t54mr11003490wei.14.1328720027188;
Wed, 08 Feb 2012 08:53:47 -0800 (PST)
Sender: adrian.chadd@gmail.com
Received: by 10.216.175.136 with HTTP; Wed, 8 Feb 2012 08:53:47 -0800 (PST)
In-Reply-To: <20120208104213.GD13554@FreeBSD.org>
References: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
<20120208104213.GD13554@FreeBSD.org>
Date: Wed, 8 Feb 2012 08:53:47 -0800
X-Google-Sender-Auth: bnglK4tXeo4hK85xl1tgke5FUwM
Message-ID: <CAJ-VmokBHkyRC5mAnQkFFL9w-ETwppo_6Ofb8YGa11vEKMcygg@mail.gmail.com>
From: Adrian Chadd <adrian@freebsd.org>
To: Gleb Smirnoff <glebius@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: FreeBSD Net <freebsd-net@freebsd.org>
Subject: Re: call for review: 802.11q QinQ netgraph support
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 16:53:49 -0000
2012/2/8 Gleb Smirnoff <glebius@freebsd.org>:
> A> I would appreciate further review from network/netgraph related
> A> people. I'm going to borrow a term from gnn and say "Silence implies
> A> consent." :-)
>
> I have only minor comments:
Thanks for your feedback!
Ivan, can you please review these?
Adrian
>
> 1.1) According to style(9) new code should use uintXX_t instead of u_intX=
X_t.
> 1.2) Some lines are really loooong, they need to be broken into shorter o=
nes
> =A0 =A0 accoording to style(9).
> 1.3) Operators at beginning of a line - also style(9) violation.
>
> 2) NETGRAPH_DEBUG wasn't designed for the things the patch is doing. But
> =A0 the KASSERT was. So it'll be better to change the code under NETGRAPH=
_DEBUG
> =A0 to KASSERTs. For example in the chunk '@@ -262,35 +322,143 @@':
>
> =A0 =A0 =A0 =A0KASSERT(priv->vlan_hook[EVL_VLANOFTAG(hook_data)] =3D=3D h=
ook,
> =A0 =A0 =A0 =A0 =A0 =A0("%s: NGM_VLAN_DEL_FILTER: Invalid VID for Hook =
=3D %s\n",
> =A0 =A0 =A0 =A0 =A0 =A0__func__, (char *)msg->data));
>
> =A0 =A0 =A0 =A0and
>
> =A0 =A0 =A0 =A0KASSERT(EVL_VLANOFTAG(hook_data) =3D=3D vid,
> =A0 =A0 =A0 =A0 =A0 =A0("%s: NGM_VLAN_DEL_VID_FLT: Invalid VID Hook =3D %=
us, must be: %us\n",
> =A0 =A0 =A0 =A0 =A0 =A0__func__, (uint16_t )EVL_VLANOFTAG(hook_data), vid=
));
>
> --
> Totus tuus, Glebius.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 18:23:45 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 054D3106564A;
Wed, 8 Feb 2012 18:23:45 +0000 (UTC)
(envelope-from gpalmer@freebsd.org)
Received: from noop.in-addr.com (mail.in-addr.com [IPv6:2001:470:8:162::1])
by mx1.freebsd.org (Postfix) with ESMTP id CB48B8FC0C;
Wed, 8 Feb 2012 18:23:44 +0000 (UTC)
Received: from gjp by noop.in-addr.com with local (Exim 4.77 (FreeBSD))
(envelope-from <gpalmer@freebsd.org>)
id 1RvCAz-000G2v-ID; Wed, 08 Feb 2012 13:23:29 -0500
Date: Wed, 8 Feb 2012 13:23:29 -0500
From: Gary Palmer <gpalmer@freebsd.org>
To: Steven Hartland <killing@multiplay.co.uk>
Message-ID: <20120208182329.GC10082@in-addr.com>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
<F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: gpalmer@freebsd.org
X-SA-Exim-Scanned: No (on noop.in-addr.com); SAEximRunCond expanded to false
Cc: freebsd-net@FreeBSD.org, Gleb Smirnoff <glebius@FreeBSD.org>
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 18:23:45 -0000
On Wed, Feb 08, 2012 at 01:44:56PM -0000, Steven Hartland wrote:
> ----- Original Message -----
> From: "Gleb Smirnoff" <glebius@FreeBSD.org>
> >> Any update on this, would have been nice to see a fix hit before
> >> 9.0. If you need any more information please let me know.
> >
> >AFAIK, this is no longer a problem in 9.0-RELEASE or in HEAD.
> >
> >The cause for this number of misses is absense of a route for
> >IPv4 mapped block in IPv6 routing table.
> >
> >Here it is:
> >
> ># netstat -rn -f inet6
> >Routing tables
> >
> >Internet6:
> >Destination Gateway Flags
> >Netif Expire
> >::/96 ::1 UGRS
> >lo0
> >
> >Some rc.d script installs this prefix in 9.0 and 10.0. If it hasn't
> >been merged to stable/8, then it needs to be found and merged.
>
> Thanks Gleb!
>
> Running the following commands does indeed stop this
> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
>
> I found these in /etc/rc.d/network_ipv6 but I can't see why
> these wouldnt be run on a machine that doesn't have an IPv6
> address, they seem to be added correctly on machines that do.
Speculation: the machine(s) which didn't have the routes maybe
didn't have
ipv6_enable="YES"
in /etc/rc.conf?
Gary
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 19:13:05 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 4E4731065673;
Wed, 8 Feb 2012 19:13:05 +0000 (UTC)
(envelope-from prvs=1385245108=killing@multiplay.co.uk)
Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
by mx1.freebsd.org (Postfix) with ESMTP id 63E188FC1D;
Wed, 8 Feb 2012 19:13:03 +0000 (UTC)
X-Spam-Processed: mail1.multiplay.co.uk, Wed, 08 Feb 2012 19:13:00 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
mail1.multiplay.co.uk
X-Spam-Level:
X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST
shortcircuit=ham autolearn=disabled version=3.2.5
Received: from r2d2 ([188.220.16.49])
by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
(MDaemon PRO v10.0.4) with ESMTP id md50017949032.msg;
Wed, 08 Feb 2012 19:13:00 +0000
X-MDRemoteIP: 188.220.16.49
X-Return-Path: prvs=1385245108=killing@multiplay.co.uk
X-Envelope-From: killing@multiplay.co.uk
Message-ID: <7033DB091C8A46E0A14C7C2F52929C95@multiplay.co.uk>
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Gary Palmer" <gpalmer@freebsd.org>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
<F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
<20120208182329.GC10082@in-addr.com>
Date: Wed, 8 Feb 2012 19:12:38 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Cc: freebsd-net@FreeBSD.org, Gleb Smirnoff <glebius@FreeBSD.org>
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 19:13:05 -0000
----- Original Message -----
From: "Gary Palmer" <gpalmer@freebsd.org>
>> Running the following commands does indeed stop this
>> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
>> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
>>
>> I found these in /etc/rc.d/network_ipv6 but I can't see why
>> these wouldnt be run on a machine that doesn't have an IPv6
>> address, they seem to be added correctly on machines that do.
>
> Speculation: the machine(s) which didn't have the routes maybe
> didn't have
>
> ipv6_enable="YES"
>
> in /etc/rc.conf?
Doh!
Indeed they don't so of course /etc/rc.d/network_ipv6 doesnt
start but IPv6 is in the kernel and ipv6 is configured on lo0 via
/etc/rc.d/auto_linklocal so it looks like ipv6 is enabled even
though it isnt.
Given this would a reasonable patch be to move the internal routing
to auto_linklocal i.e. these lines:-
# disallow "internal" addresses to appear on the wire
route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
Seems the relavent fix was part of a much bigger commit:-
http://svnweb.freebsd.org/base?view=revision&revision=197139
So it may not be easy to patch this into 8.x
Regards
Steve
================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it.
In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 21:08:51 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 51C0F106566B
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:08:51 +0000 (UTC)
(envelope-from lists@rewt.org.uk)
Received: from abby.lhr1.as41113.net (unknown [IPv6:2001:b70:201:2::20])
by mx1.freebsd.org (Postfix) with ESMTP id 1609B8FC16
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:08:51 +0000 (UTC)
Received: from jasmine.internethq (unknown [91.208.177.192])
by abby.lhr1.as41113.net (Postfix) with ESMTP id E1B3B22853
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:08:49 +0000 (UTC)
Received: from [172.16.11.44] (jwh-laptop.internethq [172.16.11.44])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by jasmine.internethq (Postfix) with ESMTPS id BD9FE10751240
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:08:24 +0000 (GMT)
Message-ID: <4F32E45F.9030504@rewt.org.uk>
Date: Wed, 08 Feb 2012 21:08:47 +0000
From: Joe Holden <lists@rewt.org.uk>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 21:08:51 -0000
Hey guys,
The maximum fibs is currently 16 due to an mbuf limitation I believe? Is
there any scope for the number being increased?
Ta,
J
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 21:25:56 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id EC09D1065674
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:25:56 +0000 (UTC)
(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
by mx1.freebsd.org (Postfix) with ESMTP id C05DE8FC12
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:25:56 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
[67.180.24.15]) (authenticated bits=0)
by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q18LPtSR057498
(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
Wed, 8 Feb 2012 13:25:55 -0800 (PST)
(envelope-from julian@freebsd.org)
Message-ID: <4F32E8B6.8050409@freebsd.org>
Date: Wed, 08 Feb 2012 13:27:18 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
rv:1.9.2.26) Gecko/20120129 Thunderbird/3.1.18
MIME-Version: 1.0
To: Joe Holden <lists@rewt.org.uk>
References: <4F32E45F.9030504@rewt.org.uk>
In-Reply-To: <4F32E45F.9030504@rewt.org.uk>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 21:25:57 -0000
On 2/8/12 1:08 PM, Joe Holden wrote:
> Hey guys,
>
> The maximum fibs is currently 16 due to an mbuf limitation I
> believe? Is there any scope for the number being increased?
it was designed to be able to be expanable... there is only the one place.
there are upcoming FIB changes and it may be a good oportunity to
change this in 10..
>
> Ta,
> J
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 21:28:16 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 2315E1065676
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:28:16 +0000 (UTC)
(envelope-from lists@rewt.org.uk)
Received: from abby.lhr1.as41113.net (unknown [IPv6:2001:b70:201:2::20])
by mx1.freebsd.org (Postfix) with ESMTP id B35BD8FC1D
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:28:15 +0000 (UTC)
Received: from jasmine.internethq (unknown [91.208.177.192])
by abby.lhr1.as41113.net (Postfix) with ESMTP id 1AF4F22853
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:28:15 +0000 (UTC)
Received: from [172.16.11.44] (jwh-laptop.internethq [172.16.11.44])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by jasmine.internethq (Postfix) with ESMTPS id C451A1019F9E5;
Wed, 8 Feb 2012 21:27:49 +0000 (GMT)
Message-ID: <4F32E8EC.4070206@rewt.org.uk>
Date: Wed, 08 Feb 2012 21:28:12 +0000
From: Joe Holden <lists@rewt.org.uk>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Julian Elischer <julian@freebsd.org>
References: <4F32E45F.9030504@rewt.org.uk> <4F32E8B6.8050409@freebsd.org>
In-Reply-To: <4F32E8B6.8050409@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 21:28:16 -0000
Julian Elischer wrote:
> On 2/8/12 1:08 PM, Joe Holden wrote:
>> Hey guys,
>>
>> The maximum fibs is currently 16 due to an mbuf limitation I believe?
>> Is there any scope for the number being increased?
> it was designed to be able to be expanable... there is only the one place.
>
> there are upcoming FIB changes and it may be a good oportunity to change
> this in 10..
>
aha, I was under the impression that it was limited due to mbuf size,
not sure where I read that - think it was a commit from a while back.
>>
>> Ta,
>> J
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>>
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 21:53:12 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 169B01065670
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:53:12 +0000 (UTC)
(envelope-from kes-kes@yandex.ru)
Received: from forward10.mail.yandex.net (forward10.mail.yandex.net
[IPv6:2a02:6b8:0:202::5])
by mx1.freebsd.org (Postfix) with ESMTP id 81E148FC13
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 21:53:11 +0000 (UTC)
Received: from smtp9.mail.yandex.net (smtp9.mail.yandex.net [77.88.61.35])
by forward10.mail.yandex.net (Yandex) with ESMTP id A2E501021936
for <freebsd-net@freebsd.org>; Thu, 9 Feb 2012 01:53:09 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
t=1328737989; bh=17KfxzQtBmSqhBRSwzx3YFckLQ0WAlZV8u5JW9mYa/8=;
h=Date:From:Reply-To:Message-ID:To:Subject:MIME-Version:
Content-Type:Content-Transfer-Encoding;
b=sF57xrGMPfH1tRxNyCm8uNZtXWMpp5mTa4kGaZJyNWWAuv28crmfg7lBlRlpPiIpV
0nHxoT8Lmpm+4zqhVYVVc0epyI7f1e5sI1g7AGujCq1bVNyGDWOYn2fxuUYQlNcTq6
otfisGOe/MPc8Ciau0qCGY9Bmd43xDdsiaXrQs24=
Received: from smtp9.mail.yandex.net (localhost [127.0.0.1])
by smtp9.mail.yandex.net (Yandex) with ESMTP id 896FA15201CC
for <freebsd-net@freebsd.org>; Thu, 9 Feb 2012 01:53:09 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
t=1328737989; bh=17KfxzQtBmSqhBRSwzx3YFckLQ0WAlZV8u5JW9mYa/8=;
h=Date:From:Reply-To:Message-ID:To:Subject:MIME-Version:
Content-Type:Content-Transfer-Encoding;
b=sF57xrGMPfH1tRxNyCm8uNZtXWMpp5mTa4kGaZJyNWWAuv28crmfg7lBlRlpPiIpV
0nHxoT8Lmpm+4zqhVYVVc0epyI7f1e5sI1g7AGujCq1bVNyGDWOYn2fxuUYQlNcTq6
otfisGOe/MPc8Ciau0qCGY9Bmd43xDdsiaXrQs24=
Received: from unknown (unknown [77.93.52.20])
by smtp9.mail.yandex.net (nwsmtp/Yandex) with ESMTP id
r8EaS4qs-r9Eix3sv; Thu, 9 Feb 2012 01:53:09 +0400
X-Yandex-Spam: 1
Date: Wed, 8 Feb 2012 23:53:07 +0200
From: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= <kes-kes@yandex.ru>
X-Mailer: The Bat! (v4.0.24) Professional
Organization: =?windows-1251?B?188gyu7t/Oru4iwgRnJlZUxpbmU=?=
X-Priority: 3 (Normal)
Message-ID: <15210117711.20120208235307@yandex.ru>
To: freebsd-net@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1251
Content-Transfer-Encoding: 8bit
Subject: security issue!!
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= <kes-kes@yandex.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 21:53:12 -0000
some host on LAN can send packets to MAC address of FreeBSD server
and server accept packets even if frame is not in its subnet and pass them further %-)
details here
http://www.freebsd.org/cgi/query-pr.cgi?pr=164914
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 22:06:02 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 74A5B1065674
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 22:06:02 +0000 (UTC)
(envelope-from cswiger@mac.com)
Received: from asmtpout030.mac.com (asmtpout030.mac.com [17.148.16.105])
by mx1.freebsd.org (Postfix) with ESMTP id 5B4F68FC1F
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 22:06:02 +0000 (UTC)
MIME-version: 1.0
Content-type: text/plain; charset=koi8-r
Received: from cswiger1.apple.com (unknown [17.209.4.71])
by asmtp030.mac.com (Oracle Communications Messaging Server 7u4-23.01
(7.0.4.23.0) 64bit (built Aug 10 2011))
with ESMTPSA id <0LZ300MU8HDEVD80@asmtp030.mac.com> for
freebsd-net@freebsd.org; Wed, 08 Feb 2012 14:05:39 -0800 (PST)
X-Proofpoint-Virus-Version: vendor=fsecure
engine=2.50.10432:5.6.7361,1.0.260,0.0.0000
definitions=2012-02-08_08:2012-02-08, 2012-02-08,
1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0
ipscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0
classifier=spam
adjust=0 reason=mlx scancount=1 engine=6.0.2-1012030000
definitions=main-1202080239
From: Chuck Swiger <cswiger@mac.com>
X-Priority: 3 (Normal)
In-reply-to: <15210117711.20120208235307@yandex.ru>
Date: Wed, 08 Feb 2012 14:05:38 -0800
Content-transfer-encoding: quoted-printable
Message-id: <2BF9EFDB-C52E-4842-9754-66357AD3EBA5@mac.com>
References: <15210117711.20120208235307@yandex.ru>
To: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= <kes-kes@yandex.ru>
X-Mailer: Apple Mail (2.1084)
Cc: freebsd-net@freebsd.org
Subject: Re: security issue!!
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 22:06:02 -0000
On Feb 8, 2012, at 1:53 PM, =EB=CF=CE=D8=CB=CF=D7 =E5=D7=C7=C5=CE=C9=CA =
wrote:
> some host on LAN can send packets to MAC address of FreeBSD server
>=20
> and server accept packets even if frame is not in its subnet and pass =
them further %-)
>=20
> details here
> http://www.freebsd.org/cgi/query-pr.cgi?pr=3D164914
Um, what were you expecting to have happen?
It's not that unusual for someone to setup a bridge or VPN/proxy-arp =
configuration where an interface doesn't have an IP, but still receives =
and forwards (or otherwise processes) the traffic which it sees, because =
the traffic is addressed to the MAC address of that interface....
Regards,
--=20
-Chuck
From owner-freebsd-net@FreeBSD.ORG Wed Feb 8 23:24:46 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 97632106566B
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 23:24:46 +0000 (UTC)
(envelope-from lacombar@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
by mx1.freebsd.org (Postfix) with ESMTP id 2B71D8FC12
for <freebsd-net@freebsd.org>; Wed, 8 Feb 2012 23:24:45 +0000 (UTC)
Received: by wgbdq11 with SMTP id dq11so1187843wgb.31
for <freebsd-net@freebsd.org>; Wed, 08 Feb 2012 15:24:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=mime-version:date:message-id:subject:from:to:cc:content-type;
bh=TbbUesCmA0JRe1ToH2a27VCv1BPv0YeJUQrapi9kcuw=;
b=LaWAzMivG3mCm75Ihx+T9vaKK5+TiUnmqprB+utGjuKp/iERKcTCNO5ryDj4qvGA2a
Z6/pjsztJZetjdTmHmSTNjN+MVIQqn19iw+BrEvHcfOkyIKtZf14Wo5YbN9/c3T+pfaC
i4LnP4oXjJ1JWo31exaOF1gKzu9hNYuYriidg=
MIME-Version: 1.0
Received: by 10.180.103.68 with SMTP id fu4mr40603665wib.7.1328743485100; Wed,
08 Feb 2012 15:24:45 -0800 (PST)
Received: by 10.216.58.201 with HTTP; Wed, 8 Feb 2012 15:24:45 -0800 (PST)
Date: Wed, 8 Feb 2012 18:24:45 -0500
Message-ID: <CACqU3MWLcURFL4k3-Athcvd5TwtodqA5=vryE-wxgFFp8-wnrw@mail.gmail.com>
From: Arnaud Lacombe <lacombar@gmail.com>
To: Jack Vogel <jack.vogel@intel.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-net@freebsd.org
Subject: Missed packet on recent em(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 23:24:46 -0000
Hi Jack,
For the record, on the following hardware:
em3@pci0:5:0:0: class=0x020000 card=0x150415bb chip=0x150c8086 rev=0x00 hdr=0x00
and the following version of em(4):
em3: <Intel(R) PRO/1000 Network Connection 7.2.3> port 0xec00-0xec1f
mem 0xfebe0000-0xfebfffff,0xfebdc000-0xfebdffff irq 19 at device 0.0
on pci5
em3: Using an MSI interrupt
em3: [FILTER]
em3: Ethernet address: 00:90:fb:35:18:b1
backported to 7-STABLE, I am still getting `missed_packets' increment,
without any obvious mbuf allocation denial. These increments do not
translate into complete hang of the driver, just crazy frame loss.
# sysctl dev.em.3
dev.em.3.%desc: Intel(R) PRO/1000 Network Connection 7.2.3
dev.em.3.%driver: em
dev.em.3.%location: slot=0 function=0
dev.em.3.%pnpinfo: vendor=0x8086 device=0x150c subvendor=0x15bb
subdevice=0x1504 class=0x020000
dev.em.3.%parent: pci5
dev.em.3.rx_int_delay: 0
dev.em.3.tx_int_delay: 66
dev.em.3.rx_abs_int_delay: 66
dev.em.3.tx_abs_int_delay: 66
dev.em.3.rx_processing_limit: 100
dev.em.3.flow_control: 3
dev.em.3.eee_control: 0
dev.em.3.link_irq: 0
dev.em.3.mbuf_alloc_fail: 0
dev.em.3.cluster_alloc_fail: 0
dev.em.3.dropped: 0
dev.em.3.tx_dma_fail: 0
dev.em.3.rx_overruns: 78
dev.em.3.watchdog_timeouts: 0
dev.em.3.device_control: 1477444168
dev.em.3.rx_control: 67141634
dev.em.3.fc_high_water: 18432
dev.em.3.fc_low_water: 16932
dev.em.3.queue0.txd_head: 703
dev.em.3.queue0.txd_tail: 703
dev.em.3.queue0.tx_irq: 0
dev.em.3.queue0.no_desc_avail: 0
dev.em.3.queue0.rxd_head: 692
dev.em.3.queue0.rxd_tail: 691
dev.em.3.queue0.rx_irq: 0
dev.em.3.mac_stats.excess_coll: 0
dev.em.3.mac_stats.single_coll: 0
dev.em.3.mac_stats.multiple_coll: 0
dev.em.3.mac_stats.late_coll: 0
dev.em.3.mac_stats.collision_count: 0
dev.em.3.mac_stats.symbol_errors: 0
dev.em.3.mac_stats.sequence_errors: 0
dev.em.3.mac_stats.defer_count: 0
dev.em.3.mac_stats.missed_packets: 1135790
dev.em.3.mac_stats.recv_no_buff: 555763
dev.em.3.mac_stats.recv_undersize: 0
dev.em.3.mac_stats.recv_fragmented: 0
dev.em.3.mac_stats.recv_oversize: 0
dev.em.3.mac_stats.recv_jabber: 0
dev.em.3.mac_stats.recv_errs: 0
dev.em.3.mac_stats.crc_errs: 0
dev.em.3.mac_stats.alignment_errs: 0
dev.em.3.mac_stats.coll_ext_errs: 0
dev.em.3.mac_stats.xon_recvd: 6806
dev.em.3.mac_stats.xon_txd: 253
dev.em.3.mac_stats.xoff_recvd: 7583
dev.em.3.mac_stats.xoff_txd: 742908
dev.em.3.mac_stats.total_pkts_recvd: 3904354
dev.em.3.mac_stats.good_pkts_recvd: 2761900
[...]
This happened with about 1000 short-lived TCP connection filling about
100Mbps of traffic.
I saw you made updates to the driver recently. I'll attempt a backport
and let you know. This might not be trivial given the netmap mess
which appeared in -current...
- Arnaud
From owner-freebsd-net@FreeBSD.ORG Thu Feb 9 00:43:52 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 52D0A106566C
for <freebsd-net@freebsd.org>; Thu, 9 Feb 2012 00:43:52 +0000 (UTC)
(envelope-from jack.vogel@intel.com)
Received: from mga03.intel.com (mga03.intel.com [143.182.124.21])
by mx1.freebsd.org (Postfix) with ESMTP id 249F98FC0C
for <freebsd-net@freebsd.org>; Thu, 9 Feb 2012 00:43:51 +0000 (UTC)
Received: from azsmga001.ch.intel.com ([10.2.17.19])
by azsmga101.ch.intel.com with ESMTP; 08 Feb 2012 16:15:27 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="4.71,315,1320652800"; d="scan'208";a="104711010"
Received: from orsmsx603.amr.corp.intel.com ([10.22.226.49])
by azsmga001.ch.intel.com with ESMTP; 08 Feb 2012 16:15:27 -0800
Received: from orsmsx102.amr.corp.intel.com (10.22.225.129) by
orsmsx603.amr.corp.intel.com (10.22.226.49) with Microsoft SMTP Server
(TLS) id 8.2.255.0; Wed, 8 Feb 2012 16:15:19 -0800
Received: from orsmsx104.amr.corp.intel.com ([169.254.3.48]) by
ORSMSX102.amr.corp.intel.com ([169.254.1.143]) with mapi id
14.01.0355.002; Wed, 8 Feb 2012 16:15:19 -0800
From: "Vogel, Jack" <jack.vogel@intel.com>
To: Arnaud Lacombe <lacombar@gmail.com>
Thread-Topic: Missed packet on recent em(4)
Thread-Index: AQHM5rjg46GNePr+F0CWTzh5R+6cFZYzsi+w
Date: Thu, 9 Feb 2012 00:15:18 +0000
Message-ID: <BC1B13FD0226B0479C795193AC1B25720445A7@ORSMSX104.amr.corp.intel.com>
References: <CACqU3MWLcURFL4k3-Athcvd5TwtodqA5=vryE-wxgFFp8-wnrw@mail.gmail.com>
In-Reply-To: <CACqU3MWLcURFL4k3-Athcvd5TwtodqA5=vryE-wxgFFp8-wnrw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.22.254.138]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: RE: Missed packet on recent em(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 00:43:52 -0000
The NETMAP code is all self-contained, just delete what's inside the ifdef'=
s=20
Jack
-----Original Message-----
From: Arnaud Lacombe [mailto:lacombar@gmail.com]=20
Sent: Wednesday, February 08, 2012 3:25 PM
To: Vogel, Jack
Cc: freebsd-net@freebsd.org
Subject: Missed packet on recent em(4)
Hi Jack,
For the record, on the following hardware:
em3@pci0:5:0:0: class=3D0x020000 card=3D0x150415bb chip=3D0x150c8086 rev=3D=
0x00 hdr=3D0x00
and the following version of em(4):
em3: <Intel(R) PRO/1000 Network Connection 7.2.3> port 0xec00-0xec1f
mem 0xfebe0000-0xfebfffff,0xfebdc000-0xfebdffff irq 19 at device 0.0
on pci5
em3: Using an MSI interrupt
em3: [FILTER]
em3: Ethernet address: 00:90:fb:35:18:b1
backported to 7-STABLE, I am still getting `missed_packets' increment,
without any obvious mbuf allocation denial. These increments do not
translate into complete hang of the driver, just crazy frame loss.
# sysctl dev.em.3
dev.em.3.%desc: Intel(R) PRO/1000 Network Connection 7.2.3
dev.em.3.%driver: em
dev.em.3.%location: slot=3D0 function=3D0
dev.em.3.%pnpinfo: vendor=3D0x8086 device=3D0x150c subvendor=3D0x15bb
subdevice=3D0x1504 class=3D0x020000
dev.em.3.%parent: pci5
dev.em.3.rx_int_delay: 0
dev.em.3.tx_int_delay: 66
dev.em.3.rx_abs_int_delay: 66
dev.em.3.tx_abs_int_delay: 66
dev.em.3.rx_processing_limit: 100
dev.em.3.flow_control: 3
dev.em.3.eee_control: 0
dev.em.3.link_irq: 0
dev.em.3.mbuf_alloc_fail: 0
dev.em.3.cluster_alloc_fail: 0
dev.em.3.dropped: 0
dev.em.3.tx_dma_fail: 0
dev.em.3.rx_overruns: 78
dev.em.3.watchdog_timeouts: 0
dev.em.3.device_control: 1477444168
dev.em.3.rx_control: 67141634
dev.em.3.fc_high_water: 18432
dev.em.3.fc_low_water: 16932
dev.em.3.queue0.txd_head: 703
dev.em.3.queue0.txd_tail: 703
dev.em.3.queue0.tx_irq: 0
dev.em.3.queue0.no_desc_avail: 0
dev.em.3.queue0.rxd_head: 692
dev.em.3.queue0.rxd_tail: 691
dev.em.3.queue0.rx_irq: 0
dev.em.3.mac_stats.excess_coll: 0
dev.em.3.mac_stats.single_coll: 0
dev.em.3.mac_stats.multiple_coll: 0
dev.em.3.mac_stats.late_coll: 0
dev.em.3.mac_stats.collision_count: 0
dev.em.3.mac_stats.symbol_errors: 0
dev.em.3.mac_stats.sequence_errors: 0
dev.em.3.mac_stats.defer_count: 0
dev.em.3.mac_stats.missed_packets: 1135790
dev.em.3.mac_stats.recv_no_buff: 555763
dev.em.3.mac_stats.recv_undersize: 0
dev.em.3.mac_stats.recv_fragmented: 0
dev.em.3.mac_stats.recv_oversize: 0
dev.em.3.mac_stats.recv_jabber: 0
dev.em.3.mac_stats.recv_errs: 0
dev.em.3.mac_stats.crc_errs: 0
dev.em.3.mac_stats.alignment_errs: 0
dev.em.3.mac_stats.coll_ext_errs: 0
dev.em.3.mac_stats.xon_recvd: 6806
dev.em.3.mac_stats.xon_txd: 253
dev.em.3.mac_stats.xoff_recvd: 7583
dev.em.3.mac_stats.xoff_txd: 742908
dev.em.3.mac_stats.total_pkts_recvd: 3904354
dev.em.3.mac_stats.good_pkts_recvd: 2761900
[...]
This happened with about 1000 short-lived TCP connection filling about
100Mbps of traffic.
I saw you made updates to the driver recently. I'll attempt a backport
and let you know. This might not be trivial given the netmap mess
which appeared in -current...
- Arnaud
From owner-freebsd-net@FreeBSD.ORG Thu Feb 9 16:14:19 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 5BEC51065678;
Thu, 9 Feb 2012 16:14:19 +0000 (UTC)
(envelope-from qing.li@bluecoat.com)
Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28])
by mx1.freebsd.org (Postfix) with ESMTP id 077C78FC0A;
Thu, 9 Feb 2012 16:14:18 +0000 (UTC)
Received: from PWSVL-EXCHTS-02.internal.cacheflow.com (sai-rp.bluecoat.com
[10.2.2.126] (may be forged))
by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id q19G42Oa011312
(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL);
Thu, 9 Feb 2012 08:04:03 -0800 (PST)
Received: from PWSVL-EXCMBX-01.internal.cacheflow.com
([fe80::15bc:12e2:4676:340f]) by PWSVL-EXCHTS-02.internal.cacheflow.com
([fe80::4910:317f:407:6ecc%14]) with mapi id 14.01.0289.001;
Thu, 9 Feb 2012 08:04:08 -0800
From: "Li, Qing" <qing.li@bluecoat.com>
To: Steven Hartland <killing@multiplay.co.uk>, Gary Palmer
<gpalmer@freebsd.org>
Thread-Topic: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
Thread-Index: AQHM5pWffl/Cu3mx7EyaNXcGWApqBZY0u4gg
Date: Thu, 9 Feb 2012 16:04:07 +0000
Message-ID: <B143A8975061C446AD5E29742C53172321BFD6@PWSVL-EXCMBX-01.internal.cacheflow.com>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
<F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
<20120208182329.GC10082@in-addr.com>
<7033DB091C8A46E0A14C7C2F52929C95@multiplay.co.uk>
In-Reply-To: <7033DB091C8A46E0A14C7C2F52929C95@multiplay.co.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [216.52.23.68]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: RE: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 16:14:19 -0000
Hmm... I don't see this problem until multiple FIBs are enabled.
--Qing
> -----Original Message-----
> From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-
> net@freebsd.org] On Behalf Of Steven Hartland
> Sent: Wednesday, February 08, 2012 11:13 AM
> To: Gary Palmer
> Cc: freebsd-net@freebsd.org; Gleb Smirnoff
> Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU
> load for ntpd
>=20
> ----- Original Message -----
> From: "Gary Palmer" <gpalmer@freebsd.org>
> >> Running the following commands does indeed stop this
> >> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
> >> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
> >>
> >> I found these in /etc/rc.d/network_ipv6 but I can't see why
> >> these wouldnt be run on a machine that doesn't have an IPv6
> >> address, they seem to be added correctly on machines that do.
> >
> > Speculation: the machine(s) which didn't have the routes maybe
> > didn't have
> >
> > ipv6_enable=3D"YES"
> >
> > in /etc/rc.conf?
>=20
> Doh!
>=20
> Indeed they don't so of course /etc/rc.d/network_ipv6 doesnt
> start but IPv6 is in the kernel and ipv6 is configured on lo0 via
> /etc/rc.d/auto_linklocal so it looks like ipv6 is enabled even
> though it isnt.
>=20
> Given this would a reasonable patch be to move the internal routing
> to auto_linklocal i.e. these lines:-
> # disallow "internal" addresses to appear on the wire
> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
>=20
> Seems the relavent fix was part of a much bigger commit:-
> http://svnweb.freebsd.org/base?view=3Drevision&revision=3D197139
>=20
> So it may not be easy to patch this into 8.x
>=20
> Regards
> Steve
>=20
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> This e.mail is private and confidential between Multiplay (UK) Ltd. and
> the person or entity to whom it is addressed. In the event of
> misdirection, the recipient is prohibited from using, copying, printing
> or otherwise disseminating it or any information contained in it.
>=20
> In the event of misdirection, illegible or incomplete transmission
> please telephone +44 845 868 1337
> or return the E.mail to postmaster@multiplay.co.uk.
>=20
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
From owner-freebsd-net@FreeBSD.ORG Thu Feb 9 16:55:04 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id DB920106566B
for <freebsd-net@freebsd.org>; Thu, 9 Feb 2012 16:55:04 +0000 (UTC)
(envelope-from lacombar@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
by mx1.freebsd.org (Postfix) with ESMTP id 628FA8FC0A
for <freebsd-net@freebsd.org>; Thu, 9 Feb 2012 16:55:03 +0000 (UTC)
Received: by wgbdq11 with SMTP id dq11so2037603wgb.31
for <freebsd-net@freebsd.org>; Thu, 09 Feb 2012 08:55:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:cc:content-type:content-transfer-encoding;
bh=NTTSvwemYmLCIAYQhSbh+U6MSoYi5pn40+ULmBBGiw8=;
b=lbfqBn2Fz79+rxZVr3QTHn5EK59Aqg5DEBG+zBdKs8XR7IzP/3NK6YdFi7br/N2VhI
S1tLOyDZQNmmQNUFewv4LxcNpvmAFdj/LqsblzkSonwv6kBshuyJA3YoqD/XkNGiR0bN
WVkyA4DCky+JrBgZWY0PM/C0W6vA//DqXFd48=
MIME-Version: 1.0
Received: by 10.180.101.165 with SMTP id fh5mr4021787wib.10.1328806502445;
Thu, 09 Feb 2012 08:55:02 -0800 (PST)
Received: by 10.216.58.201 with HTTP; Thu, 9 Feb 2012 08:55:02 -0800 (PST)
In-Reply-To: <BC1B13FD0226B0479C795193AC1B25720445A7@ORSMSX104.amr.corp.intel.com>
References: <CACqU3MWLcURFL4k3-Athcvd5TwtodqA5=vryE-wxgFFp8-wnrw@mail.gmail.com>
<BC1B13FD0226B0479C795193AC1B25720445A7@ORSMSX104.amr.corp.intel.com>
Date: Thu, 9 Feb 2012 11:55:02 -0500
Message-ID: <CACqU3MXBjFk8L5vY-MTRtqFkOdT-7zECVzBTRR2d+mBu-3dtiw@mail.gmail.com>
From: Arnaud Lacombe <lacombar@gmail.com>
To: "Vogel, Jack" <jack.vogel@intel.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: Missed packet on recent em(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 16:55:05 -0000
Hi,
On Wed, Feb 8, 2012 at 7:15 PM, Vogel, Jack <jack.vogel@intel.com> wrote:
> The NETMAP code is all self-contained, just delete what's inside the ifde=
f's
>
not exactly, the allocator stuff from r229939 is not that self
contained, but beside that my problem is more to get the patches to
apply to our internal 7-STABLE tree.
My generic workflow is to mindlessly use git-format-patch to generate
the set of patches, slightly reformat commit log to our internal
standard, and apply that on top of the target tree. I then let git
figures out eventual conflicts and fix them. I do not want to have to
think about all the things we changed internally which might conflict,
but also want to keep record of who made what change in which
commit/revision. To some extend, I want to avoid the mess which
happened in `sys/dev/e1000/' where you blew luigi@ and other
committers changes by blindly committing stuff and letting them fix
the damage afterward. These few commits were just wonderful, I must
admit you made my day a little less sad ;-)
- Arnaud
> Jack
>
>
> -----Original Message-----
> From: Arnaud Lacombe [mailto:lacombar@gmail.com]
> Sent: Wednesday, February 08, 2012 3:25 PM
> To: Vogel, Jack
> Cc: freebsd-net@freebsd.org
> Subject: Missed packet on recent em(4)
>
> Hi Jack,
>
> For the record, on the following hardware:
>
> em3@pci0:5:0:0: class=3D0x020000 card=3D0x150415bb chip=3D0x150c8086 rev=
=3D0x00 hdr=3D0x00
>
> and the following version of em(4):
>
> em3: <Intel(R) PRO/1000 Network Connection 7.2.3> port 0xec00-0xec1f
> mem 0xfebe0000-0xfebfffff,0xfebdc000-0xfebdffff irq 19 at device 0.0
> on pci5
> em3: Using an MSI interrupt
> em3: [FILTER]
> em3: Ethernet address: 00:90:fb:35:18:b1
>
> backported to 7-STABLE, I am still getting `missed_packets' increment,
> without any obvious mbuf allocation denial. These increments do not
> translate into complete hang of the driver, just crazy frame loss.
>
> # sysctl dev.em.3
> dev.em.3.%desc: Intel(R) PRO/1000 Network Connection 7.2.3
> dev.em.3.%driver: em
> dev.em.3.%location: slot=3D0 function=3D0
> dev.em.3.%pnpinfo: vendor=3D0x8086 device=3D0x150c subvendor=3D0x15bb
> subdevice=3D0x1504 class=3D0x020000
> dev.em.3.%parent: pci5
> dev.em.3.rx_int_delay: 0
> dev.em.3.tx_int_delay: 66
> dev.em.3.rx_abs_int_delay: 66
> dev.em.3.tx_abs_int_delay: 66
> dev.em.3.rx_processing_limit: 100
> dev.em.3.flow_control: 3
> dev.em.3.eee_control: 0
> dev.em.3.link_irq: 0
> dev.em.3.mbuf_alloc_fail: 0
> dev.em.3.cluster_alloc_fail: 0
> dev.em.3.dropped: 0
> dev.em.3.tx_dma_fail: 0
> dev.em.3.rx_overruns: 78
> dev.em.3.watchdog_timeouts: 0
> dev.em.3.device_control: 1477444168
> dev.em.3.rx_control: 67141634
> dev.em.3.fc_high_water: 18432
> dev.em.3.fc_low_water: 16932
> dev.em.3.queue0.txd_head: 703
> dev.em.3.queue0.txd_tail: 703
> dev.em.3.queue0.tx_irq: 0
> dev.em.3.queue0.no_desc_avail: 0
> dev.em.3.queue0.rxd_head: 692
> dev.em.3.queue0.rxd_tail: 691
> dev.em.3.queue0.rx_irq: 0
> dev.em.3.mac_stats.excess_coll: 0
> dev.em.3.mac_stats.single_coll: 0
> dev.em.3.mac_stats.multiple_coll: 0
> dev.em.3.mac_stats.late_coll: 0
> dev.em.3.mac_stats.collision_count: 0
> dev.em.3.mac_stats.symbol_errors: 0
> dev.em.3.mac_stats.sequence_errors: 0
> dev.em.3.mac_stats.defer_count: 0
> dev.em.3.mac_stats.missed_packets: 1135790
> dev.em.3.mac_stats.recv_no_buff: 555763
> dev.em.3.mac_stats.recv_undersize: 0
> dev.em.3.mac_stats.recv_fragmented: 0
> dev.em.3.mac_stats.recv_oversize: 0
> dev.em.3.mac_stats.recv_jabber: 0
> dev.em.3.mac_stats.recv_errs: 0
> dev.em.3.mac_stats.crc_errs: 0
> dev.em.3.mac_stats.alignment_errs: 0
> dev.em.3.mac_stats.coll_ext_errs: 0
> dev.em.3.mac_stats.xon_recvd: 6806
> dev.em.3.mac_stats.xon_txd: 253
> dev.em.3.mac_stats.xoff_recvd: 7583
> dev.em.3.mac_stats.xoff_txd: 742908
> dev.em.3.mac_stats.total_pkts_recvd: 3904354
> dev.em.3.mac_stats.good_pkts_recvd: 2761900
> [...]
>
> This happened with about 1000 short-lived TCP connection filling about
> 100Mbps of traffic.
>
> I saw you made updates to the driver recently. I'll attempt a backport
> and let you know. This might not be trivial given the netmap mess
> which appeared in -current...
>
> =A0- Arnaud
From owner-freebsd-net@FreeBSD.ORG Thu Feb 9 22:45:39 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id A7A8E106566C;
Thu, 9 Feb 2012 22:45:39 +0000 (UTC)
(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
by mx1.freebsd.org (Postfix) with ESMTP id 5A29B8FC08;
Thu, 9 Feb 2012 22:45:38 +0000 (UTC)
Received: from julian-mac.elischer.org (64.1.209.194.ptr.us.xo.net
[64.1.209.194]) (authenticated bits=0)
by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q19MjZmu063692
(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
Thu, 9 Feb 2012 14:45:36 -0800 (PST)
(envelope-from julian@freebsd.org)
Message-ID: <4F344CE4.301@freebsd.org>
Date: Thu, 09 Feb 2012 14:47:00 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
rv:1.9.2.26) Gecko/20120129 Thunderbird/3.1.18
MIME-Version: 1.0
To: Gleb Smirnoff <glebius@freebsd.org>
References: <CAPBZQG32iyzkec4PG+qay9bKfd0GiffKyRBapLkATKvHr7cVww@mail.gmail.com> <20120131110204.GA95472@onelab2.iet.unipi.it> <20120208133559.GK13554@FreeBSD.org> <CAPBZQG0edS3sru=D_iGMsNDC5EA8H=A=wwRUDOGZi9DtU5-CkQ@mail.gmail.com>
<20120208140921.GM13554@glebius.int.ru>
In-Reply-To: <20120208140921.GM13554@glebius.int.ru>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Ermal Lu?i <eri@freebsd.org>, freebsd-net <freebsd-net@freebsd.org>,
Luigi Rizzo <rizzo@iet.unipi.it>, freebsd-hackers@freebsd.org
Subject: Re: [PATCH] multiple instances of ipfw(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 22:45:39 -0000
On 2/8/12 6:09 AM, Gleb Smirnoff wrote:
> On Wed, Feb 08, 2012 at 03:04:09PM +0100, Ermal Lu?i wrote:
> E> 2012/2/8 Gleb Smirnoff<glebius@freebsd.org>:
> E> > On Tue, Jan 31, 2012 at 12:02:04PM +0100, Luigi Rizzo wrote:
> E> > L> if i understand what the patch does, i think it makes sense to be
> E> > L> able to hook ipfw instances to specific interfaces/sets of interfaces,
> E> > L> as it permits the writing of more readable rulesets. Right now the
> E> > L> workaround is start the ruleset with skipto rules matching on
> E> > L> interface names, and then use some discipline in "reserving" a range
> E> > L> of rule numbers to each interface.
> E> >
> E> > This is definitely a desired feature, but it should be implemented
> E> > on level of pfil(9). However, that would still require multiple
> E> > instances of ipfw(4).
> E> >
> E> This opens a discussion of architecture design.
> E> I do not think presently pfil(9) is designed to handle such thing!
>
> Several years ago, I guess around 2005, a discussion on a per-interface
> packet filtering was taken on the net@ mailing list. In that time, it lead
> to nothing, several people were against the idea.
>
> Recently on IRC I had raised the discussion again. Today more people liked
> the idea and found it a desired feature.
>
> Many kinds of high end networking equipment have per-interface ACLs. I know
> that networking sysadmins would be happy if FreeBSD packet filters would
> get this feature, since maintaing such ACLs is much easier on a router with
> dozens of interfaces.
I think it is a good idea. not only for interfaces but certain routing
and bridging paths too.
From owner-freebsd-net@FreeBSD.ORG Fri Feb 10 00:43:28 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 745381065676;
Fri, 10 Feb 2012 00:43:28 +0000 (UTC)
(envelope-from prvs=1387bf0264=killing@multiplay.co.uk)
Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
by mx1.freebsd.org (Postfix) with ESMTP id 903148FC1C;
Fri, 10 Feb 2012 00:43:27 +0000 (UTC)
X-Spam-Processed: mail1.multiplay.co.uk, Fri, 10 Feb 2012 00:31:38 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
mail1.multiplay.co.uk
X-Spam-Level:
X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST
shortcircuit=ham autolearn=disabled version=3.2.5
Received: from r2d2 ([188.220.16.49])
by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
(MDaemon PRO v10.0.4) with ESMTP id md50017980317.msg;
Fri, 10 Feb 2012 00:31:37 +0000
X-MDRemoteIP: 188.220.16.49
X-Return-Path: prvs=1387bf0264=killing@multiplay.co.uk
X-Envelope-From: killing@multiplay.co.uk
Message-ID: <926CBEDBBCCE44E998B05C11D2C0C621@multiplay.co.uk>
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Li, Qing" <qing.li@bluecoat.com>,
"Gary Palmer" <gpalmer@freebsd.org>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org><F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk><20120208182329.GC10082@in-addr.com>
<7033DB091C8A46E0A14C7C2F52929C95@multiplay.co.uk>
<B143A8975061C446AD5E29742C53172321BFD6@PWSVL-EXCMBX-01.internal.cacheflow.com>
Date: Fri, 10 Feb 2012 00:30:46 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Cc: freebsd-net@freebsd.org
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Feb 2012 00:43:28 -0000
----- Original Message -----
From: "Li, Qing" <qing.li@bluecoat.com>
> Hmm... I don't see this problem until multiple FIBs are enabled.
I have a bog standard box here one default route and one
active nic, which exhibits this issue so there shouldn't be
multiple FIB's unless the fact that IPv6 is compiled in and
active on lo0 making this so?
Regards
Steve
================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it.
In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.
From owner-freebsd-net@FreeBSD.ORG Sat Feb 11 08:34:21 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 7A5A8106566B
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 08:34:21 +0000 (UTC)
(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
by mx1.freebsd.org (Postfix) with ESMTP id 4D1D48FC0C
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 08:34:21 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
[67.180.24.15]) (authenticated bits=0)
by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q1B8YJNW072001
(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
Sat, 11 Feb 2012 00:34:20 -0800 (PST)
(envelope-from julian@freebsd.org)
Message-ID: <4F362861.7090801@freebsd.org>
Date: Sat, 11 Feb 2012 00:35:45 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
rv:1.9.2.26) Gecko/20120129 Thunderbird/3.1.18
MIME-Version: 1.0
To: Joe Holden <lists@rewt.org.uk>
References: <4F32E45F.9030504@rewt.org.uk> <4F32E8B6.8050409@freebsd.org>
<4F32E8EC.4070206@rewt.org.uk>
In-Reply-To: <4F32E8EC.4070206@rewt.org.uk>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 08:34:21 -0000
On 2/8/12 1:28 PM, Joe Holden wrote:
> Julian Elischer wrote:
>> On 2/8/12 1:08 PM, Joe Holden wrote:
>>> Hey guys,
>>>
>>> The maximum fibs is currently 16 due to an mbuf limitation I
>>> believe? Is there any scope for the number being increased?
>> it was designed to be able to be expanable... there is only the one
>> place.
>>
>> there are upcoming FIB changes and it may be a good oportunity to
>> change this in 10..
>>
> aha, I was under the impression that it was limited due to mbuf
> size, not sure where I read that - think it was a commit from a
> while back.
you are correct.. the one limitation is the mbufs
but we can maybe change the mbuf layout a little in 10
which will allow for more FIBs
>
>>>
>>> Ta,
>>> J
>>> _______________________________________________
>>> freebsd-net@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>>> To unsubscribe, send any mail to
>>> "freebsd-net-unsubscribe@freebsd.org"
>>>
>>
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
>
From owner-freebsd-net@FreeBSD.ORG Sat Feb 11 08:41:04 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id D0A4B1065672;
Sat, 11 Feb 2012 08:41:04 +0000 (UTC)
(envelope-from bzeeb-lists@lists.zabbadoz.net)
Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25])
by mx1.freebsd.org (Postfix) with ESMTP id 862158FC0C;
Sat, 11 Feb 2012 08:41:04 +0000 (UTC)
Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587])
(using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
(No client certificate requested)
by mx1.sbone.de (Postfix) with ESMTPS id 47FA025D37C0;
Sat, 11 Feb 2012 08:41:03 +0000 (UTC)
Received: from content-filter.sbone.de (content-filter.sbone.de
[IPv6:fde9:577b:c1a9:31::2013:2742])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.sbone.de (Postfix) with ESMTPS id 674E6BDB1D3;
Sat, 11 Feb 2012 08:41:02 +0000 (UTC)
X-Virus-Scanned: amavisd-new at sbone.de
Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587])
by content-filter.sbone.de (content-filter.sbone.de
[fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024)
with ESMTP id wmG5g06cSfVr; Sat, 11 Feb 2012 08:41:01 +0000 (UTC)
Received: from orange-en1.sbone.de (orange-en1.sbone.de
[IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3])
(using TLSv1 with cipher AES128-SHA (128/128 bits))
(No client certificate requested)
by mail.sbone.de (Postfix) with ESMTPSA id 18C9DBDB1D2;
Sat, 11 Feb 2012 08:41:00 +0000 (UTC)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=us-ascii
From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
In-Reply-To: <4F362861.7090801@freebsd.org>
Date: Sat, 11 Feb 2012 08:41:00 +0000
Content-Transfer-Encoding: quoted-printable
Message-Id: <E55332B4-F2B4-42DA-9231-0B3F56FAD750@lists.zabbadoz.net>
References: <4F32E45F.9030504@rewt.org.uk> <4F32E8B6.8050409@freebsd.org>
<4F32E8EC.4070206@rewt.org.uk> <4F362861.7090801@freebsd.org>
To: Julian Elischer <julian@freebsd.org>
X-Mailer: Apple Mail (2.1084)
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>,
Joe Holden <lists@rewt.org.uk>
Subject: Re: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 08:41:04 -0000
On 11. Feb 2012, at 08:35 , Julian Elischer wrote:
> On 2/8/12 1:28 PM, Joe Holden wrote:
>> Julian Elischer wrote:
>>> On 2/8/12 1:08 PM, Joe Holden wrote:
>>>> Hey guys,
>>>>=20
>>>> The maximum fibs is currently 16 due to an mbuf limitation I =
believe? Is there any scope for the number being increased?
>>> it was designed to be able to be expanable... there is only the one =
place.
>>>=20
>>> there are upcoming FIB changes and it may be a good oportunity to =
change this in 10..
>>>=20
>> aha, I was under the impression that it was limited due to mbuf size, =
not sure where I read that - think it was a commit from a while back.
>=20
> you are correct.. the one limitation is the mbufs
> but we can maybe change the mbuf layout a little in 10
> which will allow for more FIBs
We are basically waiting for someone to touch mbufs for real and to be =
able
to do the full performance re-evaluation but I guess we'd also like to =
have
the secondary zone to die etc all in the same go...
Meanwhile updating the limit locally isn't too hard; it's a couple of =
line
change.
/bz
--=20
Bjoern A. Zeeb You have to have visions!
It does not matter how good you are. It matters what good you do!
From owner-freebsd-net@FreeBSD.ORG Sat Feb 11 15:38:28 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 7B96D106566B
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 15:38:28 +0000 (UTC)
(envelope-from stalker2174@yandex.ru)
Received: from me10436d0.tmodns.net (me10436d0.tmodns.net [208.54.4.225])
by mx1.freebsd.org (Postfix) with SMTP id 4978B8FC14
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 15:38:26 +0000 (UTC)
Received: from unknown (HELO 7jvin1) ([27.29.33.113])
by me10436d0.tmodns.net with ESMTP; Sat, 11 Feb 2012 08:32:25 -0700
Message-ID: <001c01cce8d1$c756dfb0$1b1d2171@OwnerPC7jvin1>
From: "Rolf Rangel" <stalker2174@yandex.ru>
To: <freebsd-net@freebsd.org>
Date: Sat, 11 Feb 2012 08:22:46 -0700
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="windows-1250";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1158
Subject: Microsoft OEM Software
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 15:38:28 -0000
We sell industry leading software at the lowest prices(90% discount),
with free fast shipping!
Windows Pro 7 SP1 Full oem 64-Bit DVD version - 15.99$
Office 2010 Home and Business for 1 PC Full - 19.99$
Adobe Acrobat X Professional - 21.99$
and more...
Mail to order: stalker2174@yandex.ru or just click Reply.
From owner-freebsd-net@FreeBSD.ORG Sat Feb 11 18:19:40 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 86E16106564A;
Sat, 11 Feb 2012 18:19:40 +0000 (UTC)
(envelope-from alexey@kouznetsov.com)
Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com
[209.85.214.54])
by mx1.freebsd.org (Postfix) with ESMTP id DF3788FC08;
Sat, 11 Feb 2012 18:19:39 +0000 (UTC)
Received: by bkcjg1 with SMTP id jg1so3333233bkc.13
for <multiple recipients>; Sat, 11 Feb 2012 10:19:38 -0800 (PST)
Received: by 10.204.154.14 with SMTP id m14mr2866675bkw.38.1328984378389;
Sat, 11 Feb 2012 10:19:38 -0800 (PST)
Received: from your89ebba6db9 ([77.41.97.165])
by mx.google.com with ESMTPS id o26sm28924945bko.14.2012.02.11.10.19.36
(version=SSLv3 cipher=OTHER); Sat, 11 Feb 2012 10:19:37 -0800 (PST)
From: "Alexey Kouznetsov" <alexey@kouznetsov.com>
To: <zi@FreeBSD.org>,
<net@FreeBSD.org>
Date: Sat, 11 Feb 2012 22:19:33 +0400
Message-ID: <D1BB55D7D7404898AD10C68C27F0EB25@your89ebba6db9>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
Thread-Index: Aczo6TDC5mkYPw7sTNOizM7GCkH49QAACwgg
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
X-Gm-Message-State: ALoCoQkYpeOBBJBoF8A20cJPrx/V9Vr6zmKX0J4r7I2TKavlRygJ9d+5fdhc9/O/Z58l+xJyKPzd
Cc:
Subject: FW: [ net-snmp-Bugs-3480541 ] Wrong index of disk (dskIndex)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 18:19:40 -0000
Hello!
Could you, please look at this also?
Explanation bellow at SF bug track
--- work/net-snmp-5.7.1/agent/mibgroup/ucd-snmp/disk_hw.c.orig 2011-09-@@
+++ work/net-snmp-5.7.1/agent/mibgroup/ucd-snmp/disk_hw.c 2012-02-11
21:55:16.000000000 +0400-322,7 +321,7 @@
switch (vp->magic) {
case MIBINDEX:
+ long_ret = disknum + 1;
- long_ret = disknum;
return ((u_char *) (&long_ret));
case ERRORNAME: /* DISKPATH */
*var_len = strlen(entry->path);
Thank you!
-----Original Message-----
From: SourceForge.net [mailto:noreply@sourceforge.net]
Sent: Saturday, February 11, 2012 10:16 PM
To: SourceForge.net
Subject: [ net-snmp-Bugs-3480541 ] Wrong index of disk (dskIndex)
Bugs item #3480541, was opened at 2012-01-27 05:47
Message generated for change (Comment added) made by st-da
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=3480541&group_i
d=12694
Please note that this message will contain a full copy of the comment
thread,
including the initial issue submission, for this request,
not just the latest update.
Category: agent
Group: freeBSD
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Alexey (st-da)
Assigned to: Nobody/Anonymous (nobody)
Summary: Wrong index of disk (dskIndex)
Initial Comment:
# snmpwalk -c public 127.0.0.1 dskIndex
UCD-SNMP-MIB::dskIndex.1 = INTEGER: 0
UCD-SNMP-MIB::dskIndex.2 = INTEGER: 1
UCD-SNMP-MIB::dskIndex.3 = INTEGER: 2
UCD-SNMP-MIB::dskIndex.4 = INTEGER: 3
UCD-SNMP-MIB::dskIndex.5 = INTEGER: 4
UCD-SNMP-MIB::dskIndex.6 = INTEGER: 5
UCD-SNMP-MIB::dskIndex.7 = INTEGER: 6
In my mind it have to be same mumbers in OID and in index
UCD-SNMP-MIB::dskIndex.1 = INTEGER: 1
UCD-SNMP-MIB::dskIndex.2 = INTEGER: 2
UCD-SNMP-MIB::dskIndex.3 = INTEGER: 3
UCD-SNMP-MIB::dskIndex.4 = INTEGER: 4
UCD-SNMP-MIB::dskIndex.5 = INTEGER: 5
UCD-SNMP-MIB::dskIndex.6 = INTEGER: 6
UCD-SNMP-MIB::dskIndex.7 = INTEGER: 7
# /usr/local/sbin/snmpd -v
NET-SNMP version: 5.7.1
Web: http://www.net-snmp.org/
Email: net-snmp-coders@lists.sourceforge.net
recenly built from ports on FreeBSD 8.2 stable. Looks lite it started from
5.7 and was correctly before.
----------------------------------------------------------------------
>Comment By: Alexey (st-da)
Date: 2012-02-11 10:15
Message:
ops reverse + and - at last patch...
----------------------------------------------------------------------
Comment By: Alexey (st-da)
Date: 2012-02-11 10:07
Message:
disk index fixed for me by small path:
--- work/net-snmp-5.7.1/agent/mibgroup/ucd-snmp/disk_hw.c 2012-02-11
21:55:16.000000000 +0400
+++ work/net-snmp-5.7.1/agent/mibgroup/ucd-snmp/disk_hw.c.orig 2011-09-@@
-322,7 +321,7 @@
switch (vp->magic) {
case MIBINDEX:
- long_ret = disknum + 1;
+ long_ret = disknum;
return ((u_char *) (&long_ret));
case ERRORNAME: /* DISKPATH */
*var_len = strlen(entry->path);
----------------------------------------------------------------------
Comment By: Alexey (st-da)
Date: 2012-02-02 06:09
Message:
there are same requets sfter we clean up the disk
UCD-SNMP-MIB::dskTotal.4 = INTEGER: 50777034
UCD-SNMP-MIB::dskAvail.4 = INTEGER: 36894232
UCD-SNMP-MIB::dskUsed.4 = INTEGER: 9820640
----------------------------------------------------------------------
Comment By: Alexey (st-da)
Date: 2012-02-02 05:53
Message:
There are some more problem:
df -k | egrep logs
/dev/aacd0s1g 50777034 46745456 -30584 100% /logs
/usr/local/bin/snmpwalk -c public xxxxxx dsk| egrep '\.4 = '
UCD-SNMP-MIB::dskIndex.4 = INTEGER: 3
UCD-SNMP-MIB::dskPath.4 = STRING: /logs
UCD-SNMP-MIB::dskDevice.4 = STRING: /dev/aacd0s1g
UCD-SNMP-MIB::dskMinimum.4 = INTEGER: 524288
UCD-SNMP-MIB::dskMinPercent.4 = INTEGER: -1
UCD-SNMP-MIB::dskTotal.4 = INTEGER: 50777034
UCD-SNMP-MIB::dskAvail.4 = INTEGER: 2147483647
UCD-SNMP-MIB::dskUsed.4 = INTEGER: 46745264
UCD-SNMP-MIB::dskPercent.4 = INTEGER: 92
UCD-SNMP-MIB::dskPercentNode.4 = INTEGER: 1
UCD-SNMP-MIB::dskTotalLow.4 = Gauge32: 50777034
UCD-SNMP-MIB::dskTotalHigh.4 = Gauge32: 0
UCD-SNMP-MIB::dskAvailLow.4 = Gauge32: 4294936904
UCD-SNMP-MIB::dskAvailHigh.4 = Gauge32: 4294967295
UCD-SNMP-MIB::dskUsedLow.4 = Gauge32: 46745264
UCD-SNMP-MIB::dskUsedHigh.4 = Gauge32: 0
UCD-SNMP-MIB::dskErrorFlag.4 = INTEGER: noError(0)
UCD-SNMP-MIB::dskErrorMsg.4 = STRING:
some unrealistic unavailable value
dskAvail.4 = INTEGER: 2147483647
Somethiong like unsigned where we save negative value ?
FreeBSD 8.2-STABLE #9: Tue Oct 11 07:07:46 UTC 2011
pkg_info -aI | egrep snmp
net-snmp-5.7_4 An extendable SNMP implementation
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=3480541&group_i
d=12694
From owner-freebsd-net@FreeBSD.ORG Sat Feb 11 19:41:55 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id E698B106566B
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 19:41:55 +0000 (UTC)
(envelope-from kudzu@tenebras.com)
Received: from mail-tul01m020-f182.google.com (mail-tul01m020-f182.google.com
[209.85.214.182])
by mx1.freebsd.org (Postfix) with ESMTP id B80B28FC13
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 19:41:54 +0000 (UTC)
Received: by obcwo16 with SMTP id wo16so6850256obc.13
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 11:41:54 -0800 (PST)
MIME-Version: 1.0
Received: by 10.60.29.228 with SMTP id n4mr2110387oeh.32.1328987925559; Sat,
11 Feb 2012 11:18:45 -0800 (PST)
Received: by 10.60.25.99 with HTTP; Sat, 11 Feb 2012 11:18:45 -0800 (PST)
Date: Sat, 11 Feb 2012 11:18:45 -0800
Message-ID: <CAHu1Y73N=2Kr4D3NNDVsGTokhqOxE=mhMtERw_ULGvsGO9QuZw@mail.gmail.com>
From: Michael Sierchio <kudzu@tenebras.com>
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Subject: MPD5 L2TP question
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 19:41:56 -0000
[if there's a more appropriate place to pose this, please direct me]
I'm trying to use mpd5 to build an L2TP server. It generally works as
expected, except I cannot figure out how to push the route to an
attached network to the PPP client. If I manually add a route on the
client (to the ppp0 interface), things work as expected. This won't
work for deploying this to users, though.
I should point out that for OS X users of the L2TP client, we
generally discourage routing all traffic over the tunnel - if we told
them to put the L2TP pseudo-interface above the Ethernet interface,
this would probably work. However, I'd like to push a route to my
local net.
A sample config would be most welcome. Thanks.
- M
From owner-freebsd-net@FreeBSD.ORG Sat Feb 11 20:36:43 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 58EB2106566B
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 20:36:43 +0000 (UTC)
(envelope-from adrian.minta@gmail.com)
Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com
[209.85.215.182])
by mx1.freebsd.org (Postfix) with ESMTP id D4B608FC1A
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 20:36:42 +0000 (UTC)
Received: by eaan10 with SMTP id n10so1498301eaa.13
for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 12:36:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=message-id:date:from:user-agent:mime-version:to:subject:references
:in-reply-to:content-type:content-transfer-encoding;
bh=75YPT17GQymOyK2oH/q9OJAUzzAzlZE75wiKOl4YHwU=;
b=YZcg6Ab/e8joJ3kdQE5MhP5NOAF34tkBsUKsx7p1xXHrXFLzUwf3M5Yy9xIDiEkM26
9EoVFQcMfyIBluy+OHwNTSoaDk5urTP5IN5mJrrg3gF7gcUORDu2B6IMRGAfPCNsznZs
vojqX1v9uB9lpLe+4H5tCeWBPbRLkpgHJC2Z0=
Received: by 10.14.120.74 with SMTP id o50mr706834eeh.18.1328992601910;
Sat, 11 Feb 2012 12:36:41 -0800 (PST)
Received: from [192.168.10.10] ([86.120.82.165])
by mx.google.com with ESMTPS id o49sm39630710eeb.7.2012.02.11.12.36.40
(version=TLSv1/SSLv3 cipher=OTHER);
Sat, 11 Feb 2012 12:36:41 -0800 (PST)
Message-ID: <4F36D157.3060908@gmail.com>
Date: Sat, 11 Feb 2012 22:36:39 +0200
From: Adrian Minta <adrian.minta@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
rv:1.9.2.24) Gecko/20111114 Icedove/3.1.16
MIME-Version: 1.0
To: freebsd-net@freebsd.org
References: <CAHu1Y73N=2Kr4D3NNDVsGTokhqOxE=mhMtERw_ULGvsGO9QuZw@mail.gmail.com>
In-Reply-To: <CAHu1Y73N=2Kr4D3NNDVsGTokhqOxE=mhMtERw_ULGvsGO9QuZw@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: MPD5 L2TP question
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 20:36:43 -0000
On 02/11/12 21:18, Michael Sierchio wrote:
> I'm trying to use mpd5 to build an L2TP server. It generally works as
> expected, except I cannot figure out how to push the route to an
> attached network to the PPP client. If I manually add a route on the
> client (to the ppp0 interface), things work as expected. This won't
> work for deploying this to users, though.
Make a nice app with a big colorful icon, that brings up the session and
then add the route.