From owner-freebsd-net Mon Jul 12 6:54:36 1999 Delivered-To: freebsd-net@freebsd.org Received: from is1-55.antd.nist.gov (is1-50.antd.nist.gov [129.6.50.251]) by hub.freebsd.org (Postfix) with ESMTP id C875A14C30 for ; Mon, 12 Jul 1999 06:54:22 -0700 (PDT) (envelope-from carson@antd.nist.gov) Received: from lapin.antd.nist.gov (lapin.antd.nist.gov [129.6.55.18]) by is1-55.antd.nist.gov (8.9.3/8.9.3) with ESMTP id JAA18176 for ; Mon, 12 Jul 1999 09:45:00 -0400 (EDT) Received: from localhost (carson@localhost) by lapin.antd.nist.gov (8.8.8/8.8.8) with SMTP id JAA02487 for ; Mon, 12 Jul 1999 09:51:54 -0400 (EDT) X-Authentication-Warning: lapin.antd.nist.gov: carson owned process doing -bs Date: Mon, 12 Jul 1999 09:51:54 -0400 (EDT) From: Mark Carson To: freebsd-net@freebsd.org Subject: NIST Switch version 0.1 released Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is to announce the release of the preliminary version 0.1 of our multiprotocol label switching (MPLS) research platform, NIST Switch. NIST Switch implements quality of service and explicit routing through label switching. It uses proposed extensions to RSVP to signal QoS requests and distribute labels. NIST Switch implements functionality described in a number of Internet Drafts: draft-ietf-mpls-arch-05.txt - MPLS architecture draft-ietf-mpls-label-encaps-04.txt - Label stack encoding draft-ietf-mpls-rsvp-00.txt - RSVP-mediated label exchange draft-rosen-mpls-lan-encaps-00.txt - "Shim" LAN label encapsulation draft-srinivasan-mpls-lans-label-00.txt - "MAC" LAN label encapsulation (receive only) NIST Switch runs over Ethernet (10Mb and 100Mb), with ATM support coming soon (currently under test). It is based on commodity PC hardware running on freely-available operating systems (initially, FreeBSD 2.2.6; FreeBSD 3.X and Linux 2.2.X versions to come). As an experimental platform, NIST Switch is designed to be easily altered. Each of its key components (queueing algorithms, label databases and distribution, routing algorithms, device support routines, QoS policies) are independently configurable modules which are readily replaceable. NIST Switch is free, public domain code. (More precisely, while our implementation is public domain, it is based in part on other code which is covered by BSD-style copyrights.) For more information, and access to the NIST Switch source code and documentation, see the NIST Switch web site at http://www.antd.nist.gov/itg/nistswitch/ or send email to nistswitch-dev@antd.nist.gov. Mark Carson mark.carson@nist.gov 301-975-3694 Fax 301-590-0932 Department of Computer Science University of Maryland, College Park -or- NIST Bldg 820 Room 455 Gaithersburg MD 20899 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 14 5:41:31 1999 Delivered-To: freebsd-net@freebsd.org Received: from avatar.lisp.com.au (mail.lisp.com.au [203.21.133.7]) by hub.freebsd.org (Postfix) with SMTP id 07C61153EB for ; Wed, 14 Jul 1999 05:41:21 -0700 (PDT) (envelope-from virustorm@bigfoot.com) Received: (qmail 124 invoked from network); 14 Jul 1999 12:41:10 -0000 Received: from tig02-ppp1.lithgow.lisp.com.au (HELO p6200) (203.21.133.73) by mail.lisp.com.au with SMTP; 14 Jul 1999 12:41:10 -0000 Message-ID: <007701becdf5$651f8a40$498515cb@p6200> Reply-To: "Peter Hoskin" From: "Peter Hoskin" To: Subject: Date: Wed, 14 Jul 1999 22:00:23 +1000 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0046_01BECE44.45CB4540" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2014.211 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0046_01BECE44.45CB4540 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable subscribe freebsd-net virustorm@bigfoot.com ------=_NextPart_000_0046_01BECE44.45CB4540 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
subscribe freebsd-net=20 virustorm@bigfoot.com
------=_NextPart_000_0046_01BECE44.45CB4540-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 14 9:55:20 1999 Delivered-To: freebsd-net@freebsd.org Received: from mh.acorn.co.uk (mh.acorn.co.uk [136.170.131.2]) by hub.freebsd.org (Postfix) with ESMTP id 9D01D14C97 for ; Wed, 14 Jul 1999 09:55:11 -0700 (PDT) (envelope-from kbracey@e-14.com) Received: from kbracey.acorn.co.uk (kbracey [136.170.129.213]) by mh.acorn.co.uk (8.8.6/8.8.6) with SMTP id RAA10948 for ; Wed, 14 Jul 1999 17:54:19 +0100 (BST) Date: Wed, 14 Jul 1999 17:54:46 +0100 From: Kevin Bracey To: freebsd-net@freebsd.org Subject: IGMP reports not sent if no multicast route Message-ID: X-Organization: Acorn Computers Ltd, Cambridge, United Kingdom X-Mailer: Messenger v1.40f for RISC OS MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Posting-Agent: RISC OS Newsbase 0.61b Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've just stumbled across a bug in ip_output() while testing a multicast TFTP client on a system with a FreeBSD-derived network stack. The system has no default route or route for 224.0.0.0 set up. It is not sending any multicasts, except for the IGMP reports generated by its group joins. The problem is that ip_output() will not output multicast packets if it can't find a route for the destination group, even if the caller has provided an interface in the multicast options, as igmp_sendpkt() does. The same problem would arise a user process wanted to multicast on a specified interface. And when it does work, various stats to do with the default multicast route end up being interpreted, even though that route ends up not being used! A quick fix would appear to be the following: line 214 of ip_output.c: ifp = ia->ia_ifp; ip->ip_ttl = 1; isbroadcast = in_broadcast(dst->sin_addr, ifp); ! } else { /* * If this is the case, we probably don't want to allocate * a protocol-cloned route since we didn't get one from the change to: ifp = ia->ia_ifp; ip->ip_ttl = 1; isbroadcast = in_broadcast(dst->sin_addr, ifp); ! } else if (!(imo && imo->imo_multicast_ifp && ! IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) { /* * If this is the case, we probably don't want to allocate * a protocol-cloned route since we didn't get one from the Any comments? -- Kevin Bracey, Senior Software Engineer Pace Micro Technology plc Tel: +44 (0) 1223 725228 645 Newmarket Road Fax: +44 (0) 1223 725328 Cambridge, CB5 8PB, United Kingdom WWW: http://www.acorn.co.uk/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 14 12:17:25 1999 Delivered-To: freebsd-net@freebsd.org Received: from beatrice.rutgers.edu (beatrice.rutgers.edu [165.230.209.226]) by hub.freebsd.org (Postfix) with SMTP id 7B74114C17 for ; Wed, 14 Jul 1999 12:17:22 -0700 (PDT) (envelope-from easmith@beatrice.rutgers.edu) Received: (from easmith@localhost) by beatrice.rutgers.edu (950413.SGI.8.6.12/950213.SGI.AUTOCF) id PAA14495; Wed, 14 Jul 1999 15:10:39 -0400 From: "Allen Smith" Message-Id: <9907141510.ZM14493@beatrice.rutgers.edu> Date: Wed, 14 Jul 1999 15:10:39 -0400 X-Mailer: Z-Mail (3.2.3 08feb96 MediaMail) To: freebsd-net@freebsd.org, ipfilter@coombs.anu.edu.au Subject: IPFilter improvement: Kernel hacker's assistance needed Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi. I'm trying to add support for "keep state" with "fastroute" in the IPFilter code. Guido was going to be helping me with this, but he's on vacation until August 1st. Anyone willing to help? I've got code that should do it, but it keeps having kernel panics (Fatal Trap 12: page fault while in kernel mode) when it goes into the fr_check code. I suspect I'm dereferencing a null pointer or some such - not unlikely, since I'm not much of a C programmer (I far prefer Perl, and am not a professional at programming to begin with - I'm a geneticist). Thanks, -Allen -- Allen Smith easmith@beatrice.rutgers.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 14 18:49:40 1999 Delivered-To: freebsd-net@freebsd.org Received: from rodent.crp.com.au (rodent.ringtail.com.au [203.13.222.1]) by hub.freebsd.org (Postfix) with ESMTP id 70AC415081 for ; Wed, 14 Jul 1999 18:49:18 -0700 (PDT) (envelope-from pedro@crp.com.au) Received: from crp.com.au (pedro.ringtail.com.au [203.13.222.13]) by rodent.crp.com.au (8.9.3/8.9.3) with ESMTP id XAA11411 for ; Thu, 15 Jul 1999 23:40:41 +1000 (EST) (envelope-from pedro@crp.com.au) Message-ID: <378D3DA5.A073642E@crp.com.au> Date: Thu, 15 Jul 1999 11:47:17 +1000 From: pedro X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: freebsd Subject: Cron and Email Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've got a cron running every 2 minutes and it mails me every 2 minutes. Is there a switch to tell the cron not to email me? Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 14 18:54:30 1999 Delivered-To: freebsd-net@freebsd.org Received: from metriclient-2.uoregon.edu (metriclient-2.uoregon.edu [128.223.172.2]) by hub.freebsd.org (Postfix) with ESMTP id 1AAB115423 for ; Wed, 14 Jul 1999 18:54:25 -0700 (PDT) (envelope-from gurney_j@efn.org) Received: (from jmg@localhost) by metriclient-2.uoregon.edu (8.9.1/8.8.7) id SAA24371; Wed, 14 Jul 1999 18:52:26 -0700 (PDT) Message-ID: <19990714185225.61585@hydrogen.fircrest.net> Date: Wed, 14 Jul 1999 18:52:25 -0700 From: John-Mark Gurney To: pedro Cc: freebsd Subject: Re: Cron and Email References: <378D3DA5.A073642E@crp.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.69 In-Reply-To: <378D3DA5.A073642E@crp.com.au>; from pedro on Thu, Jul 15, 1999 at 11:47:17AM +1000 Reply-To: John-Mark Gurney Organization: Cu Networking X-Operating-System: FreeBSD 3.0-RELEASE i386 X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31 96 7A 22 B3 D8 56 36 F4 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org pedro scribbled this message on Jul 15: > I've got a cron running every 2 minutes and it mails me every 2 minutes. > Is there a switch > to tell the cron not to email me? how about fix your cron job so it doesn't produce any output? -- John-Mark Gurney Voice: +1 541 684 8449 Cu Networking P.O. Box 5693, 97405 "The soul contains in itself the event that shall presently befall it. The event is only the actualizing of its thought." -- Ralph Waldo Emerson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 14 22:26:59 1999 Delivered-To: freebsd-net@freebsd.org Received: from homer.web-ex.com (homer.web-ex.com [209.54.66.254]) by hub.freebsd.org (Postfix) with ESMTP id 9B1FB14FA2 for ; Wed, 14 Jul 1999 22:26:55 -0700 (PDT) (envelope-from jim@web-ex.com) Received: from localhost (jim@localhost) by homer.web-ex.com (8.9.3/8.9.3) with ESMTP id BAA05138; Thu, 15 Jul 1999 01:26:25 -0400 (EDT) (envelope-from jim@web-ex.com) X-Authentication-Warning: homer.web-ex.com: jim owned process doing -bs Date: Thu, 15 Jul 1999 01:26:25 -0400 (EDT) From: Jim Cassata To: pedro Cc: freebsd Subject: Re: Cron and Email In-Reply-To: <19990714185225.61585@hydrogen.fircrest.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > pedro scribbled this message on Jul 15: > > I've got a cron running every 2 minutes and it mails me every 2 minutes. > > Is there a switch > > to tell the cron not to email me? > > how about fix your cron job so it doesn't produce any output? > Geez, I think that is what he is asking!! put this at the end of the executable in your crontab file: > /dev/null 2>&1 it will redirect output to /dev/null Jim Cassata 516.421.6000 jim@web-ex.com Web Express 20 Broadhollow Road Suite 3011 Melville, NY 11747 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 15 4:57: 0 1999 Delivered-To: freebsd-net@freebsd.org Received: from web4-1.ability.net (web4-1.ability.net [216.32.69.9]) by hub.freebsd.org (Postfix) with ESMTP id B59691553C for ; Thu, 15 Jul 1999 04:56:55 -0700 (PDT) (envelope-from rich@f2sys.net) Received: from ppp-rich.ari.net (ppp-rich.ari.net [198.69.193.148]) by web4-1.ability.net (8.9.1/8.9.1/Pub) with ESMTP id HAA03998; Thu, 15 Jul 1999 07:41:06 -0400 (EDT) Date: Thu, 15 Jul 1999 08:01:55 -0400 (EDT) From: Rich Fox X-Sender: rich@ppp-rich.ari.net To: pedro Cc: freebsd Subject: Re: Cron and Email In-Reply-To: <378D3DA5.A073642E@crp.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, You can use the entry MAILTO="" at the top of your crontab to instruct cron not to mail anything. Rich. On Thu, 15 Jul 1999, pedro wrote: > I've got a cron running every 2 minutes and it mails me every 2 minutes. > Is there a switch > to tell the cron not to email me? > > Dave > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 15 9:16:36 1999 Delivered-To: freebsd-net@freebsd.org Received: from lion.butya.kz (butya-gw.butya.kz [194.87.112.252]) by hub.freebsd.org (Postfix) with ESMTP id CCED5155B9 for ; Thu, 15 Jul 1999 09:16:23 -0700 (PDT) (envelope-from bp@butya.kz) Received: from bp (helo=localhost) by lion.butya.kz with local-esmtp (Exim 2.12 #1) id 114oBG-0009NE-00 for freebsd-net@freebsd.org; Thu, 15 Jul 1999 23:16:18 +0700 Date: Thu, 15 Jul 1999 23:16:18 +0700 (ALMST) From: Boris Popov To: freebsd-net@freebsd.org Subject: Announce: ncplib 1.3-release Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I'm pleased to announce the release of ncplib. It is a free NetWare client for FreeBSD. From this point I'm stop active development of 1.x branch and move all activity to 2.0 (a la -current). Of course, if there is a bugs (and I'm sure - they are) they will be fixed and minor version number will be bumped. As usually, here is a part from HISTORY file: - Fixed nasty bug with multiple mount points, which was introduced in version 1.3b8. - 'ncplist' functionality extended to list few types of bindery objects and display mounted volumes on a specified server. - Initial release of PAM module 'pam_netware' included, it may not work well and any comments/patches are welcomed. - Significantly reduced network traffic for directory lookups. - Mount point now have correct modification time instead of 1970. New version can be grabbed from next URLs: http://www.butya.kz/~bp/pub/nwlib/ncplib-1.3.tar.gz http://www.chat.ru/~rbp/pub/nwlib/ncplib-1.3.tar.gz ftp://ftp.butya.kz/pub/nwlib/ncplib-1.3.tar.gz P.S. I'm received several requests about 'announce' mailing list. Well, feel free to send line 'subscribe ncplib-news' in the body of message to majordomo@butya.kz. This list is moderated, so it should be spam-free. -- Boris Popov http://www.butya.kz/~bp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 15 12: 2:45 1999 Delivered-To: freebsd-net@freebsd.org Received: from beatrice.rutgers.edu (beatrice.rutgers.edu [165.230.209.226]) by hub.freebsd.org (Postfix) with SMTP id 9629F155D4 for ; Thu, 15 Jul 1999 12:02:39 -0700 (PDT) (envelope-from easmith@beatrice.rutgers.edu) Received: (from easmith@localhost) by beatrice.rutgers.edu (950413.SGI.8.6.12/950213.SGI.AUTOCF) id OAA01459; Thu, 15 Jul 1999 14:55:32 -0400 From: "Allen Smith" Message-Id: <9907151455.ZM1457@beatrice.rutgers.edu> Date: Thu, 15 Jul 1999 14:55:32 -0400 In-Reply-To: Darren Reed "Re: IPFilter improvement: Kernel hacker's assistance needed" (Jul 15, 6:21am) References: <199907151022.UAA29394@avalon.reed.wattle.id.au> X-Mailer: Z-Mail (3.2.3 08feb96 MediaMail) To: Darren Reed Subject: Re: IPFilter improvement: Kernel hacker's assistance needed Cc: freebsd-net@freebsd.org, ipfilter@coombs.anu.edu.au Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Jul 15, 6:21am, Darren Reed (possibly) wrote: > In some email I received from Allen Smith, sie wrote: > > > > Hi. I'm trying to add support for "keep state" with "fastroute" in the > > IPFilter code. Guido was going to be helping me with this, but he's on > > vacation until August 1st. Anyone willing to help? I've got code that > > should do it, but it keeps having kernel panics (Fatal Trap 12: page > > fault while in kernel mode) when it goes into the fr_check code. I > > suspect I'm dereferencing a null pointer or some such - not unlikely, > > since I'm not much of a C programmer (I far prefer Perl, and am not a > > professional at programming to begin with - I'm a geneticist). > > My idea on how this should work: > - implement a reference count for rules > - increase it by one each time a keep state matches it (and decrease each > time state is lost, 0'ing on a state flush) > - orphan but don't free rules if they have a > 0 reference count > - return a pointer to the rule via fr_checkstate() rather than `pass' and > assign to fr, and set pass to the value of the rule. > > How's that match up with what you're doing ? :) A different approach, but I'll try it out (for one thing, it'll enable the use by "keep state" of future options)... note that I'll also need to do this to the frags code to enable keeping frags with fastroute/to. I'm using the existing fr_ref for the reference count (with some modifications to accomodate the current group usage - I also did some changes that should enable the use of multiple heads to groups, _if_ I've figured out what fr_grp and fg_start do properly; more info on those would be very desirable). One twist in this regard is the reverse packet setup - in other words, setting things up so that packets coming in in reverse are fastrouted in the same way. You don't want to do this if the packet was originally outgoing, since in that case the reverse packets should go to the firewall machine itself (they were originally coming out of it), but you do for the ones that were originally incoming. This necessitates setting up a reverse rule, or at least enough to match the other information. -Allen -- Allen Smith easmith@beatrice.rutgers.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 15 16:44: 7 1999 Delivered-To: freebsd-net@freebsd.org Received: from queasy.outpost.co.nz (outpost2.inspire.net.nz [203.96.157.26]) by hub.freebsd.org (Postfix) with SMTP id 751451562C for ; Thu, 15 Jul 1999 16:44:01 -0700 (PDT) (envelope-from crh@outpost.co.nz) Received: (qmail 58069 invoked from network); 15 Jul 1999 23:42:29 -0000 Received: from officedonkey.outpost.co.nz (HELO officedonkey) (192.168.1.3) by outpost2.inspire.net.nz with SMTP; 15 Jul 1999 23:42:29 -0000 Comments: Authenticated sender is From: "Craig Harding" Organization: Outpost Digital Media Ltd To: freebsd-net@freebsd.org Date: Fri, 16 Jul 1999 11:42:29 +1200 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: ICMP Redirect Floods Reply-To: crh@outpost.co.nz X-mailer: Pegasus Mail for Windows (v2.52) Message-Id: <19990715234403.751451562C@hub.freebsd.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm having a weird problem with our ISP's router that they seem unable to fix and I can't quite follow what's happening. We've got a small LAN, running NATD'd via a FreeBSD gateway server which connects through a centrex (and hence permanent) ISDN link to our ISP. The server has a real, static IP number. Earlier this week we started having problems with the ISDN TA hanging up and reconnecting. I've got LQR monitoring enabled on the PPP link (using usermode PPP), and it turns out PPP was hanging up because occasional floods of ICMP redirect messages from the ISPs router were saturating the PPP link and preventing sufficient LQR packets from getting through. I do mean saturating - 1MB of ICMP redirects received at up to 20kB/s on a 128kb/s ISDN link. The ICMP redirect floods are some side effect of the transparent proxy cache the ISP runs which intercepts all HTTP traffic. They only occur when attempting to access the web from one of the PCs on our LAN, running Win98 and Netscape 4.06. The salient point is that this PC alone has also been allocated a real IP address, while all other PCs here are on 192.168.1.x. HTTP traffic from any other PC (or the Mac, or the FreeBSD gateway server via Lynx) causes no untoward effects. The PC with the real address actually has a private IP, with the static address given to it by a static 1-1 translation link in NATD. The ISP has been particularly unsuccessful at even beginning to resolve the problem, so in the first instance I turned off LQR monitoring on the PPP link to keep the line up. I then blocked ICMP redirects at my firewall on the gateway FreeBSD box, and here's where the wierdness starts - bingo, no more floods. I don't mean they're just now being blocked, I mean the floods no longer happen at all. And this is where we come up against my limited experience with IP. I can't understand how, if IPFW is blocking ICMP redirects and silently dropping them on the floor instead of passing them on to the Windows PC, the router at the ISP is somehow finding out about this change of behaviour and doing something different as a result? I've run tcpdumps and I can't see any traffic flowing back from the gateway server or he Windows PC that would alert the router that something's changed - the only thing going out are the HTTP requests from the PC. Does anyone have any idea what's going on, I'm stumped? Is there some characteristic of the PPP link that passes information about the blocked traffic back to their terminal server which then informs the router? Is there something really obvious that I've missed because I'm a stupid goombah? And what's causing those redirect floods in the first place? -- C. -- Craig Harding crh@outpost.co.nz "I don't know about God, I Outpost Digital Media Ltd crh@inspire.net.nz just think we're handmade" http://www.outpost.co.nz ICQ# 26701833 - Polly To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 16 0: 5:51 1999 Delivered-To: freebsd-net@freebsd.org Received: from itp.ac.ru (itp.ac.ru [193.233.32.4]) by hub.freebsd.org (Postfix) with ESMTP id F379E14CE5 for ; Fri, 16 Jul 1999 00:05:24 -0700 (PDT) (envelope-from ks@itp.ac.ru) Received: from speecart.chg.ru (speecart.chg.ru [193.233.46.2]) by itp.ac.ru (8.9.1/8.9.1) with ESMTP id LAA08152; Fri, 16 Jul 1999 11:04:43 +0400 (MSD) Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Fri, 16 Jul 1999 11:01:48 +0400 (MSD) Organization: Landau Institute for Theoretical Physics From: "Sergey S. Kosyakov" To: freebsd-net@freebsd.org, freebsd-questions@freebsd-org.FreeBSD.ORG Subject: PPP over TCP Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, does anybody use ppp(8) over TCP (as described in man) for IP tunneling? I had Lotus Notes server with WWW server on NT and FreeBSD box which provides IP tunnel. It seems that only relatively small TCP packets carried across tunnel: e.g., HTML page are loaded without images. With "telnet 80" I found that for images only HTTP header is delivered, without body. Locally (without tunnel) the WWW server works as expected, so I believe the cause is in tunnel. Setting MTU to the values from 2000 to 300 did not solve the problem. Can anybody help? PS. FreeBSD-3.2-RELEASE on the one hand, route add -net a.b.c.d -netmask 255.255.255.252 10.0.4.2 FreeBSD 3.0-RELEASE on the other, ipfw add fwd 10.0.4.1 ip from a.b.c.d/30 Sergey. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 16 9:48:43 1999 Delivered-To: freebsd-net@freebsd.org Received: from sbridge.highvoltage.com (voltage.high-voltage.com [205.243.158.175]) by hub.freebsd.org (Postfix) with SMTP id C1F4F14D3F for ; Fri, 16 Jul 1999 09:48:37 -0700 (PDT) (envelope-from BMCGROARTY@high-voltage.com) Date: Fri, 16 Jul 1999 11:40 -0600 From: "Brian McGroarty" To: freebsd-net@freebsd.org Subject: VPN / Transparent proxy access? Message-ID: <09DDCBC4F939D31186D20008C7333C82@high-voltage.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We're behind a Wingate firewall at work. There are no NAT services, just standard proxy services plus socks. I want to add a FreeBSD machine to my desk, but I'd like to use standard services. How can I do this? Thought 1: Could I create a ppp tunnel to my home network? How would I reach through socks? Thought 2: I saw a package which uses ipfw to capture external web requests and route them via a web proxy. Would it be conceivable to route all external traffic via socks? ----------------------------------------------------------------- "Dignity is the quality that enables a man who says nothing and knows nothing, to command a great deal of respect." -- J. Raper To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 16 10:46:35 1999 Delivered-To: freebsd-net@freebsd.org Received: from the.oneinsane.net (the.oneinsane.net [207.113.133.228]) by hub.freebsd.org (Postfix) with ESMTP id 2835614D80 for ; Fri, 16 Jul 1999 10:46:32 -0700 (PDT) (envelope-from insane@lunatic.oneinsane.net) Received: from lunatic.oneinsane.net (insane@lunatic.oneinsane.net [207.113.133.231]) by the.oneinsane.net (8.9.3/8.9.3) with ESMTP id KAA14414 for ; Fri, 16 Jul 1999 10:43:52 -0700 (PDT) Received: (from insane@localhost) by lunatic.oneinsane.net (8.9.3/8.9.3) id KAA59176 for freebsd-net@freebsd.org; Fri, 16 Jul 1999 10:43:52 -0700 (PDT) (envelope-from insane) Date: Fri, 16 Jul 1999 10:43:52 -0700 From: "Ron 'The InSaNe One' Rosson" To: freebsd-net@freebsd.org Subject: Re: VPN / Transparent proxy access? Message-ID: <19990716104352.A58592@lunatic.oneinsane.net> Reply-To: Ron Rosson References: <09DDCBC4F939D31186D20008C7333C82@high-voltage.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.5i In-Reply-To: <09DDCBC4F939D31186D20008C7333C82@high-voltage.com>; from Brian McGroarty on Fri, Jul 16, 1999 at 11:40:00AM -0600 X-Operating-System: FreeBSD lunatic.oneinsane.net 3.2-STABLE X-Opinion: What you read here is my IMHO X-Disclaimer: I am a firm believer in RTFM X-WWW: http://www.oneinsane.net X-PGP-KEY: http://www.oneinsane.net/~insane/insane-pgp5i.txt X-Uptime: 10:35AM up 1 day, 18:13, 2 users, load averages: 0.16, 0.11, 0.07 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 16 Jul 1999, Brian McGroarty was heard blurting out: > We're behind a Wingate firewall at work. There are no NAT services, just > standard proxy services plus socks. > > I want to add a FreeBSD machine to my desk, but I'd like to use standard > services. How can I do this? > > Thought 1: Could I create a ppp tunnel to my home network? How would I reach > through socks? > > Thought 2: I saw a package which uses ipfw to capture external web requests > and route them via a web proxy. Would it be conceivable to route all external > traffic via socks? > > I just have replaced a wingate machine with a 486 running FreeBSD 3.2-STABLE. The client likes it more due to the fact that control to that machine from the outside world can be set anyway at anytime to either allow an outsider in or to close a port that does not need to be accessed from the outside. Plus the license is alot cheaper. Machine Configuration: 486 DX2-66 16Megs of RAM 540 and 850 HD Running DHCP, XNTPD, DNS With a FreeBSD doing the chore it would be awhole lot easier to try and get a tunnel going. -- ------------------------------------------------------------------- Ron Rosson ... and a UNIX user said ... The InSaNe One rm -rf * insane@oneinsane.net and all was null and void ------------------------------------------------------------------- Everyone is someone else's weirdo. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 16 11:43: 4 1999 Delivered-To: freebsd-net@freebsd.org Received: from sbridge.highvoltage.com (voltage.high-voltage.com [205.243.158.175]) by hub.freebsd.org (Postfix) with SMTP id 0728314C80 for ; Fri, 16 Jul 1999 11:42:58 -0700 (PDT) (envelope-from BMCGROARTY@high-voltage.com) Date: Fri, 16 Jul 1999 12:57 -0600 From: "Brian McGroarty" To: "Ron 'The InSaNe One' Rosson" , "freebsd-net" Subject: RE: Re: VPN / Transparent proxy access? Message-ID: <69DDCBC4F939D31186D20008C7333C82@high-voltage.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org You don't need to sell me on FreeBSD as a gateway/nat machine. I've got that at home already, that with just a 386/16 and 8 megs of RAM. It keeps up with cablemodem just fine. The problem is we're required to use all Microsoft products. This one's out of my hands. -----Original Message----- From: Ron 'The InSaNe One' Rosson [mailto:insane@lunatic.oneinsane.net] Sent: Friday, July 16, 1999 11:43 AM To: Brian McGroarty; freebsd-net Subject: Re: VPN / Transparent proxy access? I just have replaced a wingate machine with a 486 running FreeBSD 3.2-STABLE. The client likes it more due to the fact that control to that machine from the outside world can be set anyway at anytime to either allow an outsider in or to close a port that does not need to be accessed from the outside. Plus the license is alot cheaper. Machine Configuration: 486 DX2-66 16Megs of RAM 540 and 850 HD Running DHCP, XNTPD, DNS With a FreeBSD doing the chore it would be awhole lot easier to try and get a tunnel going. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 17 0:51: 1 1999 Delivered-To: freebsd-net@freebsd.org Received: from netserv1.chg.ru (netserv1.chg.ru [193.233.46.3]) by hub.freebsd.org (Postfix) with ESMTP id 3238814C49; Sat, 17 Jul 1999 00:50:45 -0700 (PDT) (envelope-from ks@chg.ru) Received: from speecart.chg.ru (speecart.chg.ru [193.233.46.2]) by netserv1.chg.ru (8.9.3/8.9.1) with ESMTP id LAA06789; Sat, 17 Jul 1999 11:50:34 +0400 (MSD) Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Sat, 17 Jul 1999 11:47:37 +0400 (MSD) Organization: Landau Institute for Theoretical Physics From: "Sergey S. Kosyakov" To: freebsd-questions@freebsd.org, freebsd-net@freebsd.org Subject: IP over UDP - may be it will be usefull for somebody Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org tund - simple IP over UDP tunnel assistant. I wrote it for connecting remote network behind NAT firewall on FreeBSD. Fast enough. ftp://ftp.chg.ru/pub/networking/freebsd/tund-0.1.tgz Sergey. --- ---------------------------------- Sergey Kosyakov Laboratory of Distributed Computing Department of High-Performance Computing and Applied Network Research Landau Institute for Theoretical Physics E-Mail: ks@chg.ru Date: 17-Jul-99 Time: 11:42:26 ---------------------------------- --- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 17 11:11:12 1999 Delivered-To: freebsd-net@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 7CF4A14BD3 for ; Sat, 17 Jul 1999 11:11:09 -0700 (PDT) (envelope-from des@flood.ping.uio.no) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.1) id UAA22067; Sat, 17 Jul 1999 20:10:29 +0200 (CEST) (envelope-from des) To: net@freebsd.org Subject: dummynet -> rate limiting From: Dag-Erling Smorgrav Date: 17 Jul 1999 20:10:29 +0200 Message-ID: Lines: 11 X-Mailer: Gnus v5.5/Emacs 19.34 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org What do people think about adding rate limiting to dummynet? It would work just like bandwidth limiting, except the limit would be in packets or kilopackets per second (pps, kpps) instead of bits or bytes per second. I'd also love to be able to type 'kbps' or 'kBps' instead of 'Kbit/s' or 'KByte/s', respectively. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 17 11:41:21 1999 Delivered-To: freebsd-net@freebsd.org Received: from mgo.iij.ad.jp (mgo.iij.ad.jp [202.232.15.6]) by hub.freebsd.org (Postfix) with ESMTP id 4B82814BD5 for ; Sat, 17 Jul 1999 11:41:17 -0700 (PDT) (envelope-from nagao@iij.ad.jp) Received: from ns.iij.ad.jp (root@ns.iij.ad.jp [192.168.2.8]) by mgo.iij.ad.jp (8.8.8/MGO1.0) with ESMTP id DAA16077; Sun, 18 Jul 1999 03:41:15 +0900 (JST) Received: from localhost (yuzu.iij.ad.jp [192.168.4.215]) by ns.iij.ad.jp (8.8.5/3.5Wpl7) with ESMTP id DAA10351; Sun, 18 Jul 1999 03:41:15 +0900 (JST) To: des@flood.ping.uio.no Cc: net@freebsd.org Subject: Re: dummynet -> rate limiting In-Reply-To: References: X-Mailer: Mew version 1.94b37 on Emacs 20.3 / Mule 4.0 (HANANOEN) Mime-Version: 1.0 Content-Type: Multipart/Mixed; boundary="--Next_Part(Sun_Jul_18_03:40:17_1999_595)--" Content-Transfer-Encoding: 7bit Message-Id: <19990718034115X.nagao@iij.ad.jp> Date: Sun, 18 Jul 1999 03:41:15 +0900 (JST) From: NAGAO Tadaaki X-Dispatcher: imput version 990623(IM117) Lines: 163 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ----Next_Part(Sun_Jul_18_03:40:17_1999_595)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, In message , Dag-Erling Smorgrav wrote: > What do people think about adding rate limiting to dummynet? It would > work just like bandwidth limiting, except the limit would be in > packets or kilopackets per second (pps, kpps) instead of bits or bytes > per second. I've done that and posted a patch to this mailing list a while back on March. (But, sorry, the patch had a bug and although it's been fixed I've forgotten to post and/or send-pr it...) The most up-to-date patch to -stable branch is attached to this mail. No manpage patches yet, sorry. Please use it as a starting point if you are interested in. BTW, though I think it would be obvious if you read my patch, the usage is: ipfw pipe NNN config pps S where S is the allowed number of packets per second. Cheers, NAGAO Tadaaki Applied Technology Division, Internet Initiative Japan Inc. ----Next_Part(Sun_Jul_18_03:40:17_1999_595)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="dummynet-pps.patch" Index: sys/netinet/ip_dummynet.c =================================================================== RCS file: /usr/ncvs/src/sys/netinet/ip_dummynet.c,v retrieving revision 1.7.2.5 diff -u -r1.7.2.5 ip_dummynet.c --- ip_dummynet.c 1999/05/04 16:23:57 1.7.2.5 +++ ip_dummynet.c 1999/05/05 13:26:37 @@ -148,6 +148,15 @@ int len = pkt->dn_m->m_pkthdr.len ; /* + * limit the number of packets per second (pps). + */ + if (pipe->pps) { + if (pipe->pps_counter < hz) + break; + pipe->pps_counter -= hz; + } + + /* * queue limitation: pass packets down if the len is * such that the pkt would go out before the next tick. */ @@ -266,6 +275,8 @@ s = splimp(); if (p->r.head != NULL || p->numbytes < p->bandwidth ) p->numbytes += p->bandwidth ; + if (p->pps && (p->r.head != NULL || p->pps_counter < hz )) + p->pps_counter += p->pps ; dn_move(p, 0); /* is it really 0 (also below) ? */ splx(s); } @@ -524,10 +535,10 @@ if (p->queue_size_bytes > 1024*1024) p->queue_size_bytes = 1024*1024 ; #if 0 - printf("ip_dn: config pipe %d %d bit/s %d ms %d bufs\n", + printf("ip_dn: config pipe %d %d bit/s %d ms %d bufs %d pps\n", p->pipe_nr, p->bandwidth * 8 * hz , - p->delay * 1000 / hz , p->queue_size); + p->delay * 1000 / hz , p->queue_size, p->pps); #endif for (a = NULL , b = all_pipes ; b && b->pipe_nr < p->pipe_nr ; a = b , b = b->next) ; @@ -539,6 +550,7 @@ b->queue_size = p->queue_size ; b->queue_size_bytes = p->queue_size_bytes ; b->plr = p->plr ; + b->pps = p->pps ; } else { int s ; x = malloc(sizeof(struct dn_pipe), M_IPFW, M_DONTWAIT) ; @@ -555,6 +567,7 @@ x->queue_size = p->queue_size ; x->queue_size_bytes = p->queue_size_bytes ; x->plr = p->plr ; + x->pps = p->pps ; s = splnet() ; x->next = b ; Index: sys/netinet/ip_dummynet.h =================================================================== RCS file: /usr/ncvs/src/sys/netinet/ip_dummynet.h,v retrieving revision 1.2.2.2 diff -u -r1.2.2.2 ip_dummynet.h --- ip_dummynet.h 1999/05/04 07:47:45 1.2.2.2 +++ ip_dummynet.h 1999/05/04 15:21:09 @@ -74,6 +74,7 @@ int queue_size_bytes ; int delay ; /* really, ticks */ int plr ; /* pkt loss rate (2^31-1 means 100%) */ + int pps; /* packets per sec */ struct dn_queue r; int r_len; /* elements in r_queue */ @@ -82,6 +83,7 @@ struct dn_queue p ; int ticks_from_last_insert; long numbytes; /* which can send or receive */ + long pps_counter; }; /* Index: sbin/ipfw/ipfw.c =================================================================== RCS file: /usr/ncvs/src/sbin/ipfw/ipfw.c,v retrieving revision 1.64.2.6 diff -u -r1.64.2.6 ipfw.c --- ipfw.c 1999/06/17 13:03:39 1.64.2.6 +++ ipfw.c 1999/06/17 17:56:28 @@ -462,6 +462,7 @@ char buf[30] ; char qs[30] ; char plr[30] ; + char pps[30] ; int l ; if (rulenum != 0 && rulenum != p->pipe_nr) @@ -486,9 +487,13 @@ sprintf(plr,"plr %f", 1.0*p->plr/(double)(0x7fffffff)); else plr[0]='\0'; + if (p->pps) + sprintf(pps, "%d pkts/s", p->pps); + else + pps[0] = '\0'; - printf("%05d: %s %4d ms %s %s -- %d pkts (%d B) %d drops\n", - p->pipe_nr, buf, p->delay, qs, plr, + printf("%05d: %s %s %4d ms %s %s -- %d pkts (%d B) %d drops\n", + p->pipe_nr, buf, pps, p->delay, qs, plr, p->r_len, p->r_len_bytes, p->r_drops); } free(data); @@ -1005,6 +1010,9 @@ pipe.queue_size_bytes = pipe.queue_size ; pipe.queue_size = 0 ; } + av+=2; ac-=2; + } else if (!strncmp(*av,"pps",strlen(*av)) ) { + pipe.pps = strtoul(av[1], NULL, 0); av+=2; ac-=2; } else show_usage("unrecognised option ``%s''", *av); ----Next_Part(Sun_Jul_18_03:40:17_1999_595)---- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 17 12:40:55 1999 Delivered-To: freebsd-net@freebsd.org Received: from labinfo.iet.unipi.it (labinfo.iet.unipi.it [131.114.9.5]) by hub.freebsd.org (Postfix) with SMTP id B6FBD14F46 for ; Sat, 17 Jul 1999 12:40:39 -0700 (PDT) (envelope-from luigi@labinfo.iet.unipi.it) Received: from localhost (luigi@localhost) by labinfo.iet.unipi.it (8.6.5/8.6.5) id TAA16969; Sat, 17 Jul 1999 19:13:29 +0200 From: Luigi Rizzo Message-Id: <199907171713.TAA16969@labinfo.iet.unipi.it> Subject: Re: dummynet -> rate limiting To: nagao@iij.ad.jp (NAGAO Tadaaki) Date: Sat, 17 Jul 1999 19:13:29 +0200 (MET DST) Cc: des@flood.ping.uio.no, net@FreeBSD.ORG In-Reply-To: <19990718034115X.nagao@iij.ad.jp> from "NAGAO Tadaaki" at Jul 18, 99 03:40:56 am X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 1310 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ok, i have no objections in principle, but i fail to see the use of pps limiting. What does it model in a context (IP) where packets for sure are not constant size ? And does it make any sense when at the level where dummynet operates there is no knowledge whether or not packets will be fragmented by the interface ? Further, when i read the subject i was totally confused -- maybe it's just me but i have always used "bandwidth" and "rate" (without further specifications) as synonims. cheers luigi > In message , > Dag-Erling Smorgrav wrote: > > What do people think about adding rate limiting to dummynet? It would > > work just like bandwidth limiting, except the limit would be in > > packets or kilopackets per second (pps, kpps) instead of bits or bytes > > per second. -----------------------------------+------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56126 PISA (Italy) http://www.iet.unipi.it/~luigi/ngc99/ ==== First International Workshop on Networked Group Communication ==== -----------------------------------+------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 17 15:42:47 1999 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 43D4314FA9 for ; Sat, 17 Jul 1999 15:42:33 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.1/8.9.1) id SAA24085; Sat, 17 Jul 1999 18:41:08 -0400 (EDT) (envelope-from wollman) Date: Sat, 17 Jul 1999 18:41:08 -0400 (EDT) From: Garrett Wollman Message-Id: <199907172241.SAA24085@khavrinen.lcs.mit.edu> To: Luigi Rizzo Cc: nagao@iij.ad.jp (NAGAO Tadaaki), des@flood.ping.uio.no, net@FreeBSD.ORG Subject: Re: dummynet -> rate limiting In-Reply-To: <199907171713.TAA16969@labinfo.iet.unipi.it> References: <19990718034115X.nagao@iij.ad.jp> <199907171713.TAA16969@labinfo.iet.unipi.it> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > Ok, i have no objections in principle, but i fail to see the use of > pps limiting. What does it model in a context (IP) where packets for sure > are not constant size ? Surely I shouldn't need to give this lesson to you, in particular, Luigi. As we all know, performance of network elements can be broken down into two components: per-packet cost, and per-bit (mostly serialization) cost. It may be necessary to protect a part of the network with high per-packet costs from an attacker intent on denying service from that network or device -- think ping floods. My network used to go down like clockwork every time some Linux machine got cracked, because the switches we had melted down under the load of processing 20,000 64-byte packets per second. (We have since managed to replace the losing hardware, but keep in mind that this is not an option open to everyone.) Cisco added a packet-rate-limiting feature in their ISP train some time ago, and it made it into 12.0 on certain platforms, so at least one big Cisco customer must think it's useful. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 17 17:11:37 1999 Delivered-To: freebsd-net@freebsd.org Received: from gw.caamora.com.au (jonath5.lnk.telstra.net [139.130.41.237]) by hub.freebsd.org (Postfix) with ESMTP id 55B6714C32 for ; Sat, 17 Jul 1999 17:11:31 -0700 (PDT) (envelope-from jon@gw.caamora.com.au) Received: (from jon@localhost) by gw.caamora.com.au (8.8.8/8.8.8) id KAA00974; Sun, 18 Jul 1999 10:11:20 +1000 (EST) (envelope-from jon) Message-ID: <19990718101120.A961@caamora.com.au> Date: Sun, 18 Jul 1999 10:11:20 +1000 From: jonathan michaels To: Dag-Erling Smorgrav Cc: freebsd-net@freebsd.org Subject: Re: dummynet -> rate limiting Mail-Followup-To: Dag-Erling Smorgrav , freebsd-net@freebsd.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: ; from Dag-Erling Smorgrav on Sat, Jul 17, 1999 at 08:10:29PM +0200 X-Operating-System: FreeBSD gw.caamora.com.au 2.2.7-RELEASE i386 X-Mood: i'm alive, if it counts Organisation: Caamora, PO Box 144, Rosebery NSW 1445 Australia Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Jul 17, 1999 at 08:10:29PM +0200, Dag-Erling Smorgrav wrote: > What do people think about adding rate limiting to dummynet? It would > work just like bandwidth limiting, except the limit would be in > packets or kilopackets per second (pps, kpps) instead of bits or bytes > per second. as i understand the difference twix bandwidth and rate limiting, i think it would be a really good idea and wirth the adding, only probelm is that i'm not a programmer. > I'd also love to be able to type 'kbps' or 'kBps' instead of 'Kbit/s' > or 'KByte/s', respectively. both would be great, then its a matter of personal preferance, mine is for the kbit/kbytes per sec regards jonathan -- =============================================================================== Jonathan Michaels PO Box 144, Rosebery, NSW 1445 Australia =========================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message