From owner-freebsd-net Sun Apr 22 3:36:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailout05.sul.t-online.com (mailout05.sul.t-online.com [194.25.134.82]) by hub.freebsd.org (Postfix) with ESMTP id 38A7737B424 for ; Sun, 22 Apr 2001 03:36:48 -0700 (PDT) (envelope-from alex@cichlids.cichlids.com) Received: from fwd00.sul.t-online.com by mailout05.sul.t-online.com with smtp id 14rHER-0006Ax-00; Sun, 22 Apr 2001 12:36:43 +0200 Received: from neutron.cichlids.com (520050424122-0001@[217.1.53.28]) by fmrl00.sul.t-online.com with esmtp id 14rHEJ-28ODsuC; Sun, 22 Apr 2001 12:36:35 +0200 Received: from cichlids.cichlids.com (cichlids.cichlids.com [192.168.0.10]) by neutron.cichlids.com (Postfix) with ESMTP id 515EAAB44; Sun, 22 Apr 2001 12:38:00 +0200 (CEST) Received: by cichlids.cichlids.com (Postfix, from userid 1001) id 1EA3714A8E; Sun, 22 Apr 2001 12:36:26 +0200 (CEST) Date: Sun, 22 Apr 2001 12:36:25 +0200 From: Alexander Langer To: Jet Liang Cc: freebsd-net@freebsd.org Subject: Re: NAT implementation help. Message-ID: <20010422123625.B2208@cichlids.cichlids.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from fuzi001@hotmail.com on Sun, Apr 22, 2001 at 06:21:37AM -0000 X-PGP-Fingerprint: 44 28 CA 4C 46 5B D3 A8 A8 E3 BA F3 4E 60 7D 7F X-PGP-at: finger alex@big.endian.de X-Verwirrung: Dieser Header dient der allgemeinen Verwirrung. X-Sender: 520050424122-0001@t-dialin.net Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thus spake Jet Liang (fuzi001@hotmail.com): > Hi, I am going to implement NAT for a network > device. Can anyone tell me when can I find > out some implementation document? $(man natd) and the FreeBSD Handbook Alex -- cat: /home/alex/.sig: No such file or directory To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Apr 22 11: 9:43 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.gmx.net (pop.gmx.net [194.221.183.20]) by hub.freebsd.org (Postfix) with SMTP id AE0D037B424 for ; Sun, 22 Apr 2001 11:09:37 -0700 (PDT) (envelope-from tmoestl@gmx.net) Received: (qmail 26817 invoked by uid 0); 22 Apr 2001 18:09:36 -0000 Received: from pd900c687.dip.t-dialin.net (HELO forge.local) (217.0.198.135) by mail.gmx.net (mail06) with SMTP; 22 Apr 2001 18:09:36 -0000 Received: from tmm by forge.local with local (Exim 3.20 #1) id 14rOIm-0001LH-00; Sun, 22 Apr 2001 20:09:40 +0200 Date: Sun, 22 Apr 2001 20:09:39 +0200 From: Thomas Moestl To: freebsd-net@FreeBSD.org Cc: Robert Watson Subject: Making getsockname return sensible data for unbound AF_UNIX sockets Message-ID: <20010422200939.A4797@crow.dom2ip.de> Mail-Followup-To: Thomas Moestl , freebsd-net@FreeBSD.org, Robert Watson Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="OXfL5xGRrasGEqWY" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --OXfL5xGRrasGEqWY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, I would like to commit a really small patch that makes getsockname fill the sockaddr for non-bound PF_LOCAL sockets with sun_noname, instead of just setting the length parameter to 0 and return (without an error) like it does now. PF_INET and PF_INET6 sockets, for example, behave like this, and it is useful to get the address family of a socket, for example in the RPC library. SUSv2 says wrt getsockname: If the socket has not been bound to a local name, the value stored in the object pointed to by address is unspecified. So this does not break standard conformity (using this feature however could, of course, OTOH e.g. the RPC code is anyway specific to FreeBSD to a certain extent). From a quick glance, it seems that NetBSD implements the behaviour this patch would give use, while OpenBSD uses the other one. Patch attached. Any comments or objections? - thomas --OXfL5xGRrasGEqWY Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="unp.diff" Index: sys/kern/uipc_usrreq.c =================================================================== RCS file: /home/ncvs/src/sys/kern/uipc_usrreq.c,v retrieving revision 1.63 diff -u -r1.63 uipc_usrreq.c --- sys/kern/uipc_usrreq.c 2001/02/21 06:39:55 1.63 +++ sys/kern/uipc_usrreq.c 2001/04/22 12:51:24 @@ -420,6 +420,8 @@ return EINVAL; if (unp->unp_addr) *nam = dup_sockaddr((struct sockaddr *)unp->unp_addr, 1); + else + *nam = dup_sockaddr((struct sockaddr *)&sun_noname, 1); return 0; } --OXfL5xGRrasGEqWY-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Apr 22 17:11:26 2001 Delivered-To: freebsd-net@freebsd.org Received: from a.mx.everquick.net (a.mx.everquick.net [216.89.137.3]) by hub.freebsd.org (Postfix) with ESMTP id 1872237B423; Sun, 22 Apr 2001 17:11:23 -0700 (PDT) (envelope-from eddy+public+spam@noc.everquick.net) Received: from localhost (eddy@localhost) by a.mx.everquick.net (8.10.2/8.10.2) with ESMTP id f3N0BHC21301; Mon, 23 Apr 2001 00:11:17 GMT X-EverQuick-No-Abuse: Report any e-mail abuse to Date: Mon, 23 Apr 2001 00:11:17 +0000 (GMT) From: "E.B. Dreger" To: hackers@freebsd.org, net@freebsd.org Subject: TCP intercept? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Greetings all, I'm no kernel hacker, and trying to think of useful little projects to change that. ;-) AFAIK, FreeBSD lacks support for TCP intercept. Is anyone already working on this? Would it be of interest to anyone? My initial thoughts are that it should be implemented in the same neighborhood as stateful firewall code, as the two are rather closely related. Eddy --------------------------------------------------------------------------- Brotsman & Dreger, Inc. EverQuick Internet / EternalCommerce Division Phone: (316) 794-8922 --------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Apr 22 17:43:49 2001 Delivered-To: freebsd-net@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id A445537B422; Sun, 22 Apr 2001 17:43:43 -0700 (PDT) (envelope-from arr@watson.org) Received: from localhost (arr@localhost) by fledge.watson.org (8.11.3/8.11.3) with SMTP id f3N0aO390257; Sun, 22 Apr 2001 20:36:24 -0400 (EDT) (envelope-from arr@watson.org) Date: Sun, 22 Apr 2001 20:36:23 -0400 (EDT) From: "Andrew R. Reiter" To: "E.B. Dreger" Cc: hackers@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: TCP intercept? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org What's TCP intercept? On Mon, 23 Apr 2001, E.B. Dreger wrote: > Greetings all, > > I'm no kernel hacker, and trying to think of useful little projects to > change that. ;-) > > AFAIK, FreeBSD lacks support for TCP intercept. Is anyone already working > on this? Would it be of interest to anyone? My initial thoughts are that > it should be implemented in the same neighborhood as stateful firewall > code, as the two are rather closely related. > > > Eddy > > --------------------------------------------------------------------------- > > Brotsman & Dreger, Inc. > EverQuick Internet / EternalCommerce Division > > Phone: (316) 794-8922 > > --------------------------------------------------------------------------- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > *-------------................................................. | Andrew R. Reiter | arr@fledge.watson.org | "It requires a very unusual mind | to undertake the analysis of the obvious" -- A.N. Whitehead To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Apr 22 21:26:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from spider.pilosoft.com (p55-222.acedsl.com [160.79.55.222]) by hub.freebsd.org (Postfix) with ESMTP id 56FD837B422; Sun, 22 Apr 2001 21:26:49 -0700 (PDT) (envelope-from alex@pilosoft.com) Received: from localhost (alexmail@localhost) by spider.pilosoft.com (8.9.3/8.9.3) with ESMTP id AAA08460; Mon, 23 Apr 2001 00:32:39 -0400 (EDT) Date: Mon, 23 Apr 2001 00:32:39 -0400 (EDT) From: Alex Pilosov To: "Andrew R. Reiter" Cc: "E.B. Dreger" , hackers@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: TCP intercept? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In cisco terminology, 'tcp intercept' is what the 'ip and tcp reassembly' part of ipnat does (without port/address rewriting). For example, a router in the middle which is doing the intercept will have to buffer/reassemble tcp stream and only forward packets after they are confirmed good. Example: packets with a wrong sequence number will be bounced at the router. On ciscos, tcp-intercept can also rate-limit syn packets... I'm not sure if it can be enabled in ipnat separately, but hell, if someone wants to do it... On Sun, 22 Apr 2001, Andrew R. Reiter wrote: > > What's TCP intercept? > > On Mon, 23 Apr 2001, E.B. Dreger wrote: > > > Greetings all, > > > > I'm no kernel hacker, and trying to think of useful little projects to > > change that. ;-) > > > > AFAIK, FreeBSD lacks support for TCP intercept. Is anyone already working > > on this? Would it be of interest to anyone? My initial thoughts are that > > it should be implemented in the same neighborhood as stateful firewall > > code, as the two are rather closely related. > > > > > > Eddy > > > > --------------------------------------------------------------------------- > > > > Brotsman & Dreger, Inc. > > EverQuick Internet / EternalCommerce Division > > > > Phone: (316) 794-8922 > > > > --------------------------------------------------------------------------- > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-hackers" in the body of the message > > > > *-------------................................................. > | Andrew R. Reiter > | arr@fledge.watson.org > | "It requires a very unusual mind > | to undertake the analysis of the obvious" -- A.N. Whitehead > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Apr 22 23:17:13 2001 Delivered-To: freebsd-net@freebsd.org Received: from filk.iinet.net.au (syncopation-dns.iinet.net.au [203.59.24.29]) by hub.freebsd.org (Postfix) with SMTP id BD4EF37B43E for ; Sun, 22 Apr 2001 23:17:09 -0700 (PDT) (envelope-from julian@elischer.org) Received: (qmail 26966 invoked by uid 666); 23 Apr 2001 06:20:09 -0000 Received: from i183-222.nv.iinet.net.au (HELO elischer.org) (203.59.183.222) by mail.m.iinet.net.au with SMTP; 23 Apr 2001 06:20:09 -0000 Message-ID: <3AE3C8AF.5B2DC73C@elischer.org> Date: Sun, 22 Apr 2001 23:16:16 -0700 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: "E.B. Dreger" Cc: net@freebsd.org Subject: Re: TCP intercept? References: Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "E.B. Dreger" wrote: > > Greetings all, > > I'm no kernel hacker, and trying to think of useful little projects to > change that. ;-) > > AFAIK, FreeBSD lacks support for TCP intercept. Is anyone already working > on this? Would it be of interest to anyone? My initial thoughts are that > it should be implemented in the same neighborhood as stateful firewall > code, as the two are rather closely related. I can think of several interpretations of 'tcp intercept'.. can you give an example of which one you mean? > > Eddy > > --------------------------------------------------------------------------- > > Brotsman & Dreger, Inc. > EverQuick Internet / EternalCommerce Division > > Phone: (316) 794-8922 > > --------------------------------------------------------------------------- > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000-2001 ---> X_.---._/ v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 0:24:42 2001 Delivered-To: freebsd-net@freebsd.org Received: from softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 927E337B424; Mon, 23 Apr 2001 00:24:37 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from localhost ([127.0.0.1] helo=softweyr.com ident=110f2ac2843a6763bde34ecfd84dab8d) by softweyr.com with esmtp (Exim 3.16 #1) id 14rahi-00023w-00; Mon, 23 Apr 2001 01:24:14 -0600 Message-ID: <3AE3D89D.9ABCA7B6@softweyr.com> Date: Mon, 23 Apr 2001 01:24:13 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "E.B. Dreger" Cc: hackers@freebsd.org, net@freebsd.org Subject: Re: TCP intercept? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "E.B. Dreger" wrote: > > Greetings all, > > I'm no kernel hacker, and trying to think of useful little projects to > change that. ;-) > > AFAIK, FreeBSD lacks support for TCP intercept. Is anyone already working > on this? Would it be of interest to anyone? My initial thoughts are that > it should be implemented in the same neighborhood as stateful firewall > code, as the two are rather closely related. If you mean IP forwarding, you can do that with ipnat (part of ipfilter) or with natd. If you mean network interface monitoring, see the man page for bpf. Otherwise, you'll have to explain what you mean by "TCP intercept", it is not a terminology in common use. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 5:14:44 2001 Delivered-To: freebsd-net@freebsd.org Received: from gradient.cis.upenn.edu (GRADIENT.CIS.UPENN.EDU [158.130.67.48]) by hub.freebsd.org (Postfix) with ESMTP id 8FE4837B422 for ; Mon, 23 Apr 2001 05:14:42 -0700 (PDT) (envelope-from agoodloe@gradient.cis.upenn.edu) Received: from localhost (localhost [127.0.0.1]) by gradient.cis.upenn.edu (8.10.1/8.10.1) with ESMTP id f3NCEfp11121 for ; Mon, 23 Apr 2001 08:14:41 -0400 (EDT) Date: Mon, 23 Apr 2001 08:14:41 -0400 (EDT) From: Alwyn Goodloe To: freebsd-net@freebsd.org Subject: SYN retransmission timer Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I just need to make sure that I understand the code correctly in the TCP stack. (We are trying to see how long the system waits before a SYN gets retransmitted.) When a SYN is sent, a keepalive timer is set with using the TCPTV_KEEPALIVEINTVL = 75hz (??ms - escapes me at the moment). So an ack must be received in this time frame??? This isnot the usual dynamic tretransmission timmer which might make sense for SYN packts. It seems like a retransmission timer should be set?? That's why I'm posing the question. Alwyn Goodloe agoodloe@gradient.cis.upenn.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 8:11: 5 2001 Delivered-To: freebsd-net@freebsd.org Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by hub.freebsd.org (Postfix) with ESMTP id B177037B422; Mon, 23 Apr 2001 08:10:58 -0700 (PDT) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.11.3/8.11.3) id f3NFAlC07105; Mon, 23 Apr 2001 10:10:47 -0500 (CDT) (envelope-from dan) Date: Mon, 23 Apr 2001 10:10:47 -0500 From: Dan Nelson To: Wes Peters Cc: "E.B. Dreger" , hackers@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: TCP intercept? Message-ID: <20010423101046.A4880@dan.emsphone.com> References: <3AE3D89D.9ABCA7B6@softweyr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.17i In-Reply-To: <3AE3D89D.9ABCA7B6@softweyr.com>; from "Wes Peters" on Mon Apr 23 01:24:13 GMT 2001 X-OS: FreeBSD 5.0-CURRENT Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In the last episode (Apr 23), Wes Peters said: > > I'm no kernel hacker, and trying to think of useful little projects > > to change that. ;-) > > > > AFAIK, FreeBSD lacks support for TCP intercept. Is anyone already > > working on this? Would it be of interest to anyone? My initial > > thoughts are that it should be implemented in the same neighborhood > > as stateful firewall code, as the two are rather closely related. > > If you mean IP forwarding, you can do that with ipnat (part of > ipfilter) or with natd. If you mean network interface monitoring, > see the man page for bpf. Otherwise, you'll have to explain what you > mean by "TCP intercept", it is not a terminology in common use. It's a Cisco term. From what I can tell, it essentially proxies all TCP sessions, but solely to shorten the 3-way handshake timeout and trap SYN floods before the host sees them. It's useless for protecting modern systems, but if you have a lot of legacy OSes in your network, TCP Intercept will protect them all without forcing you to upgrade them. http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/secur_c/scprt3/scdenial.htm I don't trust a border router to proxy every TCP session going through it, though. Since the router doesn't know the capabilities of the 2nd host at the time it proxies the connection from the 1st, you can't negotiate any enhanced TCP features like SACK or rfc1323 (window scaling or timestamping). -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 9:27:58 2001 Delivered-To: freebsd-net@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id AC39E37B424; Mon, 23 Apr 2001 09:27:47 -0700 (PDT) (envelope-from arr@watson.org) Received: from localhost (arr@localhost) by fledge.watson.org (8.11.3/8.11.3) with SMTP id f3NGS3o00935; Mon, 23 Apr 2001 12:28:03 -0400 (EDT) (envelope-from arr@watson.org) Date: Mon, 23 Apr 2001 12:28:02 -0400 (EDT) From: "Andrew R. Reiter" To: Alex Pilosov Cc: "E.B. Dreger" , hackers@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: TCP intercept? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In light of this, I would say that it would be cool to put into the ipfw or ipf code seeing as how there are already hooks into the network stack in the code. I am not sure how people will take the ipfw implementation soley because I know there was alot of "hacking" being done to it in the recent months (??). Im also not sure how well Darren would take the code written if it was done for ipf. Otherwise, you'll have to add some more hooks into the stack code (tcp_{input,output}.c and perhaps others) and then handle it that way. Im not really familiar with how (un)successful TCP intercept has been with Cisco, but I would find that as a cool option :-) Take it easy, Andrew On Mon, 23 Apr 2001, Alex Pilosov wrote: > In cisco terminology, 'tcp intercept' is what the 'ip and tcp reassembly' > part of ipnat does (without port/address rewriting). For example, a router > in the middle which is doing the intercept will have to buffer/reassemble > tcp stream and only forward packets after they are confirmed good. > > Example: packets with a wrong sequence number will be bounced at the > router. On ciscos, tcp-intercept can also rate-limit syn packets... > > I'm not sure if it can be enabled in ipnat separately, but hell, if > someone wants to do it... > > On Sun, 22 Apr 2001, Andrew R. Reiter wrote: > > > > > What's TCP intercept? > > > > On Mon, 23 Apr 2001, E.B. Dreger wrote: > > > > > Greetings all, > > > > > > I'm no kernel hacker, and trying to think of useful little projects to > > > change that. ;-) > > > > > > AFAIK, FreeBSD lacks support for TCP intercept. Is anyone already working > > > on this? Would it be of interest to anyone? My initial thoughts are that > > > it should be implemented in the same neighborhood as stateful firewall > > > code, as the two are rather closely related. > > > > > > > > > Eddy > > > > > > --------------------------------------------------------------------------- > > > > > > Brotsman & Dreger, Inc. > > > EverQuick Internet / EternalCommerce Division > > > > > > Phone: (316) 794-8922 > > > > > > --------------------------------------------------------------------------- > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-hackers" in the body of the message > > > > > > > *-------------................................................. > > | Andrew R. Reiter > > | arr@fledge.watson.org > > | "It requires a very unusual mind > > | to undertake the analysis of the obvious" -- A.N. Whitehead > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > > > > > *-------------................................................. | Andrew R. Reiter | arr@fledge.watson.org | "It requires a very unusual mind | to undertake the analysis of the obvious" -- A.N. Whitehead To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 11:37:28 2001 Delivered-To: freebsd-net@freebsd.org Received: from black.purplecat.net (ns1.purplecat.net [209.16.228.148]) by hub.freebsd.org (Postfix) with ESMTP id ECBED37B423 for ; Mon, 23 Apr 2001 11:37:25 -0700 (PDT) (envelope-from peter@black.purplecat.net) Received: from localhost (peter@localhost) by black.purplecat.net (8.8.8/8.8.8) with ESMTP id OAA17765 for ; Mon, 23 Apr 2001 14:39:52 -0400 (EDT) (envelope-from peter@black.purplecat.net) Date: Mon, 23 Apr 2001 14:39:51 -0400 (EDT) From: Peter Brezny To: freebsd-net@freebsd.org Subject: dual dns box, ssh/ftp no like. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have two separate instances of named running on a system. One for internal and one for external. The dns appears to work fine. With nslookup, you can choose which ever server you desire, and it provides answers. if i try to run an application that uses dns on this machine however, it bombs. ssh and ftp both work fine to the ip but not to the FQDN. see below. Any ideas on this one? I've also copied the options section of one of the named.conf files. TIA pb %ssh user@xxx.com ssh: gk-cpa.com: Non-recoverable failure in name resolution %nslookup xxx.com Server: localhost.sysadmin-inc.com Address: 127.0.0.1 Name: xxx.com Address: 10.30.1.20 // $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.1 2000/07/15 07:49:29 kris Exp $ options { directory "/etc/namedb"; forwarders { 207.230.75.34; //ns1.deltacom.net 207.230.75.50; //ns2.deltacom.net 206.191.128.46; //c2901.wa.net 199.166.24.1; }; //ns1.vrx.net allow-transfer { 209.16.228.140; //virtual/ns2 207.230.75.34; //ns1.deltacom.net 207.230.75.50; }; //ns2.deltacom.net query-source address 209.16.228.145 port 53; transfer-source 209.16.228.145; listen-on { 209.16.228.145; 209.16.228.150; }; dump-file "s/named_dump.db"; pid-file "s/named.pid"; }; //end of options To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 12: 5:48 2001 Delivered-To: freebsd-net@freebsd.org Received: from mine.kame.net (kame195.kame.net [203.178.141.195]) by hub.freebsd.org (Postfix) with ESMTP id BABB337B423 for ; Mon, 23 Apr 2001 12:05:36 -0700 (PDT) (envelope-from sakane@ydc.co.jp) Received: from localhost ([3ffe:501:4819:1000:260:1dff:fe21:f766]) by mine.kame.net (8.11.1/3.7W) with ESMTP id f3NJKuY22747; Tue, 24 Apr 2001 04:20:56 +0900 (JST) To: snap-users@kame.net Cc: freebsd-net@freebsd.org Subject: Re: (KAME-snap 4515) Re: KAME SPD bug, please try and confirm ... In-Reply-To: Your message of "Sun, 22 Apr 2001 05:15:33 +0000" <3AE268F5.B48CC2B2@aurora.regenstrief.org> References: <3AE268F5.B48CC2B2@aurora.regenstrief.org> X-Mailer: Cue version 0.6 (010413-1707/sakane) Mime-Version: 1.0 Content-Type: Multipart/Mixed; boundary="NextPart-20010424040326-0118601" Message-Id: <20010424040539N.sakane@ydc.co.jp> Date: Tue, 24 Apr 2001 04:05:39 +0900 From: Shoichi Sakane X-Dispatcher: imput version 20000228(IM140) Lines: 313 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --NextPart-20010424040326-0118601 Content-Type: Text/Plain; charset=us-ascii > > sorry that we did not make any useful responses, some of the kame guys > > (mainly sakane) are trying to repeat the symptom. > I appreciate that very much! I have tested, but I couldn't have any error. I made the following network. And I executed flooding ping to A from both B and C. All of hosts seemed quite stable. Of course, these ICMP packet were encapsulated by ESP. Actually, I couldn't prepare three FreeBSD machine. A and C are FreeBSD4.2-RELEASE, and B is NetBSD1.5. All of them are *WITHOUT* KAME patch. A ---+--- B | +--- C Host A is powerless machine which is pentium 100MHz. just in case, I attach these configuration and results into this mail. These are: net-A: first configuration on the host A. net-A2: configuration on the host A after host C added. net-B: configuration on the host B. net-C: configuration on the host C. host-A: results of ifconfig, netstat on the host A. host-B: results of ifconfig, netstat on the host B. host-C: results of ifconfig, netstat on the host C. > > i ran a small test with slightly different setup on both NetBSD > > 1.5.1_BETA and NetBSD 1.5 + KAME SNAP 2001042x, and the problem did > > not repeat. > Hmm, may be it's a matter of FreeBSD and does not occur with NetBSD? > > is the following description correct? > > - FreeBSD 4.2-RELEASE is not affected > yes, it is affected with kernel panic (under high loads only ...) How was "high loads" ? I did flooding ping invoked "-f -s 1000" from both B and C. But kernel panic didn't happened. I haven't checked the following case. But I think the issue exists in a other place. > > - FreeBDS 4.2-RELEASE + KAME SNAP 200103xx has problem, but no kernel > > panic > right, shows the described problems but has no such kernel panics > > - FreeBSD 4.2-RELEASE + KAME SNAP 200104xx has problem, with kernel > > panic > actually I should test that. Will do tomorrow. /Shoichi Sakane @ KAME project/ --NextPart-20010424040326-0118601 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="net-A" # first host A's configuration. ifconfig ep0 inet 172.16.5.1 netmask 0xffffff00 ifconfig ep0 inet alias 10.10.10.1 netmask 0xffffff00 ifconfig lo0 inet alias 10.99.10.1 netmask 0xffffff00 route add -net 10.99.20.0/24 10.99.10.1 setkey -c < mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 inet 10.99.10.1 netmask 0xffffff00 ep0: flags=8843 mtu 1500 inet 172.16.5.1 netmask 0xffffff00 broadcast 172.16.5.255 inet6 fe80::260:8ff:fe89:b029%ep0 prefixlen 64 scopeid 0x9 inet 10.10.10.1 netmask 0xffffff00 broadcast 10.10.10.255 ether 00:60:08:89:b0:29 media: 10baseT/UTP supported media: 10base2/BNC 10baseT/UTP 10base5/AUI # netstat -nrf inet Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire 10.10.10/24 link#9 UC 0 0 ep0 => 10.10.10.1 0:60:8:89:b0:29 UHLW 0 2 lo0 10.10.10.2 0:0:f4:5f:40:61 UHLW 1 7 ep0 760 10.10.10.3 0:0:f4:42:b5:a0 UHLW 1 1 ep0 777 10.99.10.1 10.99.10.1 UH 2 0 lo0 10.99.20/24 10.99.10.1 UGSc 0 496952 lo0 10.99.30/24 10.99.10.1 UGSc 0 681251 lo0 127.0.0.1 127.0.0.1 UH 0 0 lo0 172.16.5/24 link#9 UC 0 0 ep0 => # netstat -p ipsec ipsec: 1178203 inbound packets processed successfully 0 inbound packets violated process security policy 1 inbound packet with no SA available 0 invalid inbound packets 0 inbound packets failed due to insufficient memory 0 inbound packets failed getting SPI 0 inbound packets failed on AH replay check 0 inbound packets failed on ESP replay check 0 inbound packets considered authentic 0 inbound packets failed on authentication ESP input histogram: simple: 1178203 1178203 outbound packets processed successfully 0 outbound packets violated process security policy 0 outbound packets with no SA available 0 invalid outbound packets 0 outbound packets failed due to insufficient memory 0 outbound packets with no route ESP output histogram: simple: 1178203 --NextPart-20010424040326-0118601 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="host-B" ### host B ### OS: NetBSD1.5 ### the results of ifconfig, netstat. # ifconfig -auA ne2: flags=8863 mtu 1500 address: 00:00:f4:5f:40:61 media: Ethernet autoselect (10baseT) inet 10.10.10.2 netmask 0xffffff00 broadcast 10.10.10.255 inet alias 172.16.5.2 netmask 0xffffff00 broadcast 172.16.5.255 inet6 fe80::200:f4ff:fe5f:4061%ne2 prefixlen 64 scopeid 0x2 lo0: flags=8009 mtu 33228 inet 127.0.0.1 netmask 0xff000000 inet alias 10.99.20.1 netmask 0xffffff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 # netstat -nrf inet Routing tables Internet: Destination Gateway Flags Refs Use Mtu Interface 0&0x18 10.99.20.1 UGS 3 499038 33228 lo0 10.10.10/24 link#2 UC 1 0 1500 ne2 10.10.10.1 00:60:08:89:b0:29 UHL 1 6 1500 ne2 10.99.20.1 10.99.20.1 UH 1 4 33228 lo0 127 127.0.0.1 UGRS 0 0 33228 lo0 127.0.0.1 127.0.0.1 UH 1 0 33228 lo0 172.16.5/24 link#2 UC 0 0 1500 ne2 # netstat -p ipsec ipsec: 496825 inbound packets processed successfully 0 inbound packets violated process security policy 0 inbound packets with no SA available 0 invalid inbound packets 0 inbound packets failed due to insufficient memory 0 inbound packets failed getting SPI 0 inbound packets failed on AH replay check 0 inbound packets failed on ESP replay check 0 inbound packets considered authentic 0 inbound packets failed on authentication ESP input histogram: null: 496825 499035 outbound packets processed successfully 0 outbound packets violated process security policy 0 outbound packets with no SA available 0 invalid outbound packets 0 outbound packets failed due to insufficient memory 0 outbound packets with no route ESP output histogram: null: 499035 --NextPart-20010424040326-0118601 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="host-C" ### host C ### OS: FreeBSD4.2-RELEASE ### the results of ifconfig, netstat. # ifconfig -au lo0: flags=8049 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 inet 10.99.30.1 netmask 0xffffff00 ed1: flags=8843 mtu 1500 inet 172.16.5.3 netmask 0xfffff00 broadcast 252.16.5.255 inet6 fe80::200:f4ff:fe42:b5a0%ed1 prefixlen 64 scopeid 0xa inet 10.10.10.3 netmask 0xffffff00 broadcast 10.10.10.255 ether 00:00:f4:42:b5:a0 # netstat -nrf inet Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire 10.10.10/24 link#10 UC 0 0 ed1 => 10.10.10.1 0:60:8:89:b0:29 UHLW 1 1 ed1 382 10.99.10/24 10.99.30.1 UGSc 0 681290 lo0 10.99.30.1 10.99.30.1 UH 1 0 lo0 12.16.5&0xfffff00 link#10 UC 0 0 ed1 => 127.0.0.1 127.0.0.1 UH 0 0 lo0 # netstat -p ipsec ipsec: 681184 inbound packets processed successfully 0 inbound packets violated process security policy 0 inbound packets with no SA available 0 invalid inbound packets 0 inbound packets failed due to insufficient memory 0 inbound packets failed getting SPI 0 inbound packets failed on AH replay check 0 inbound packets failed on ESP replay check 0 inbound packets considered authentic 0 inbound packets failed on authentication ESP input histogram: simple: 681184 681290 outbound packets processed successfully 0 outbound packets violated process security policy 0 outbound packets with no SA available 0 invalid outbound packets 0 outbound packets failed due to insufficient memory 0 outbound packets with no route ESP output histogram: simple: 681290 --NextPart-20010424040326-0118601-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 12:10:46 2001 Delivered-To: freebsd-net@freebsd.org Received: from mx.databus.com (p101-44.acedsl.com [160.79.101.44]) by hub.freebsd.org (Postfix) with ESMTP id 4F8BB37B423 for ; Mon, 23 Apr 2001 12:10:40 -0700 (PDT) (envelope-from barney@mx.databus.com) Received: (from barney@localhost) by mx.databus.com (8.11.3/8.11.3) id f3NJAOS05936; Mon, 23 Apr 2001 15:10:24 -0400 (EDT) (envelope-from barney) Date: Mon, 23 Apr 2001 15:10:23 -0400 From: Barney Wolff To: Peter Brezny Cc: freebsd-net@FreeBSD.ORG Subject: Re: dual dns box, ssh/ftp no like. Message-ID: <20010423151023.A5901@mx.databus.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: ; from peter@black.purplecat.net on Mon, Apr 23, 2001 at 02:39:51PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org man resolv.conf To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 12:19:26 2001 Delivered-To: freebsd-net@freebsd.org Received: from mine.kame.net (kame195.kame.net [203.178.141.195]) by hub.freebsd.org (Postfix) with ESMTP id 0147437B424 for ; Mon, 23 Apr 2001 12:19:23 -0700 (PDT) (envelope-from sakane@ydc.co.jp) Received: from localhost ([3ffe:501:4819:1000:260:1dff:fe21:f766]) by mine.kame.net (8.11.1/3.7W) with ESMTP id f3NJYhY22836; Tue, 24 Apr 2001 04:34:43 +0900 (JST) To: gunther@aurora.regenstrief.org Cc: snap-users@kame.net, freebsd-net@freebsd.org Subject: Re: (KAME-snap 4519) Re: KAME SPD bug, please try and confirm ... In-Reply-To: Your message of "Tue, 24 Apr 2001 04:05:39 +0900" <20010424040539N.sakane@ydc.co.jp> References: <20010424040539N.sakane@ydc.co.jp> X-Mailer: Cue version 0.6 (010413-1707/sakane) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Message-Id: <20010424041925C.sakane@ydc.co.jp> Date: Tue, 24 Apr 2001 04:19:25 +0900 From: Shoichi Sakane X-Dispatcher: imput version 20000228(IM140) Lines: 56 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > sorry that we did not make any useful responses, some of the kame guys > > > (mainly sakane) are trying to repeat the symptom. > > I appreciate that very much! > > I have tested, but I couldn't have any error. I made the following network. > And I executed flooding ping to A from both B and C. All of hosts seemed > quite stable. Of course, these ICMP packet were encapsulated by ESP. > > Actually, I couldn't prepare three FreeBSD machine. > A and C are FreeBSD4.2-RELEASE, and B is NetBSD1.5. > All of them are *WITHOUT* KAME patch. > > A ---+--- B > | > +--- C > > Host A is powerless machine which is pentium 100MHz. > just in case, I attach these configuration and results into this mail. > These are: > > net-A: first configuration on the host A. > net-A2: configuration on the host A after host C added. > net-B: configuration on the host B. > net-C: configuration on the host C. Note that I was guided by your description in http://orange.kame.net/dev/query-pr.cgi?pr=346 > host-A: results of ifconfig, netstat on the host A. > host-B: results of ifconfig, netstat on the host B. > host-C: results of ifconfig, netstat on the host C. > > > i ran a small test with slightly different setup on both NetBSD > > > 1.5.1_BETA and NetBSD 1.5 + KAME SNAP 2001042x, and the problem did > > > not repeat. > > Hmm, may be it's a matter of FreeBSD and does not occur with NetBSD? > > > > is the following description correct? > > > - FreeBSD 4.2-RELEASE is not affected > > yes, it is affected with kernel panic (under high loads only ...) > > How was "high loads" ? I did flooding ping invoked "-f -s 1000" > from both B and C. But kernel panic didn't happened. > > I haven't checked the following case. But I think the issue exists in > a other place. > > > > - FreeBDS 4.2-RELEASE + KAME SNAP 200103xx has problem, but no kernel > > > panic > > right, shows the described problems but has no such kernel panics > > > > - FreeBSD 4.2-RELEASE + KAME SNAP 200104xx has problem, with kernel > > > panic > > actually I should test that. Will do tomorrow. > > /Shoichi Sakane @ KAME project/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 13:33:42 2001 Delivered-To: freebsd-net@freebsd.org Received: from rgmail.regenstrief.org (rgmail.regenstrief.org [134.68.31.197]) by hub.freebsd.org (Postfix) with ESMTP id 3B37937B424 for ; Mon, 23 Apr 2001 13:33:39 -0700 (PDT) (envelope-from gunther@aurora.regenstrief.org) Received: from aurora.regenstrief.org (rgnout.regenstrief.org [134.68.31.38]) by rgmail.regenstrief.org (8.11.0/8.8.7) with ESMTP id f3NKXvA08627; Mon, 23 Apr 2001 15:33:58 -0500 Message-ID: <3AE49198.3447C8F2@aurora.regenstrief.org> Date: Mon, 23 Apr 2001 20:33:28 +0000 From: Gunther Schadow Organization: Regenstrief Institute for Health Care X-Mailer: Mozilla 4.75 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Shoichi Sakane Cc: snap-users@kame.net, freebsd-net@freebsd.org Subject: Re: (KAME-snap 4519) Re: KAME SPD bug, please try and confirm ... References: <20010424040539N.sakane@ydc.co.jp> <20010424041925C.sakane@ydc.co.jp> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Shoichi Sakane wrote: > I have tested, but I couldn't have any error. I made the following network. > And I executed flooding ping to A from both B and C. All of hosts seemed > quite stable. Of course, these ICMP packet were encapsulated by ESP. > > Actually, I couldn't prepare three FreeBSD machine. > A and C are FreeBSD4.2-RELEASE, and B is NetBSD1.5. > All of them are *WITHOUT* KAME patch. > > A ---+--- B > | > +--- C This is O.K. you really only need one machine, A, to screw with, the others can be NetBSD, OpenBSD, or any other IPsec agent. > Host A is powerless machine which is pentium 100MHz. > just in case, I attach these configuration and results into this mail. (I have seen some kind of repost of your mail, so none of the attachments made it thorugh. But I believe you.) > > > is the following description correct? > > > - FreeBSD 4.2-RELEASE is not affected > > yes, it is affected with kernel panic (under high loads only ...) > > How was "high loads" ? I did flooding ping invoked "-f -s 1000" > from both B and C. But kernel panic didn't happened. Well, "high load" means conveying a certain video conferencing application. BUT THIS IS NOT the problem. Let us NOT worry about those kernel panics which only occurred in the now obsolete 4.2 RELEASE. What worries me more is that the 20010326 KAME snap does not work with more than one tunnel. > I haven't checked the following case. But I think the issue exists in > a other place. > > > > - FreeBDS 4.2-RELEASE + KAME SNAP 200103xx has problem, but no kernel > > > panic > > right, shows the described problems but has no such kernel panics > > > > - FreeBSD 4.2-RELEASE + KAME SNAP 200104xx has problem, with kernel > > > panic > > actually I should test that. Will do tomorrow. Thanks Shoichi for testing this. Sorry I probably misled you in thinking this kernel panic issue is more important. If you have an easy way to do it, you might want to test this against KAME SNAP 20010326, but if not, don't worry for now, I will first try the 20010417 SNAP to see whether it's on there. If I do find it, I will be back! regards -Gunther PS: BTW, now that fbsd 4.3-RELEASE is out, when are you planning to put the SNAP kit on the basis of 4.3? KAME has precedence for me right now, so I won't move to 4.3 before the first SNAP kit is based on 4.3. -- Gunther Schadow, M.D., Ph.D. gschadow@regenstrief.org Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent Professor Indiana University School of Medicine tel:1(317)630-7960 http://aurora.regenstrief.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 14: 6:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from cody.jharris.com (cody.jharris.com [205.238.128.83]) by hub.freebsd.org (Postfix) with ESMTP id 2CC7837B423 for ; Mon, 23 Apr 2001 14:06:42 -0700 (PDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f3NMEmo25703 for ; Mon, 23 Apr 2001 17:14:49 -0500 (CDT) (envelope-from nick@rogness.net) Date: Mon, 23 Apr 2001 17:14:48 -0500 (CDT) From: Nick Rogness X-Sender: nick@cody.jharris.com To: freebsd-net@freebsd.org Subject: Re: Multi-Destination gif tunnel In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 7 Apr 2001, Nick Rogness wrote: > > Multi-Destination gif tunnel > > Anybody had any success at setting these things up? I have a couple of > questions...maybe someone can answer: Since noone answered the mail, I will post the solution in case someone needs this info and searches the mail archives. Maybe it could be added in the gif man page at some point. > > In gif(4) man: > > "With IFF_LINK0 interface flag, gif can be configured to implement > multi-destination tunnel. With IFF_LINK0, it is able to configure egress > point to IPv4 wildcard address (0.0.0.0) or IPv6 unspecified address > (0::0)." > > Umm ok: > > # ifconfig gif0 link0 > # gifconfig gif0 inet 10.0.0.1 0.0.0.0 > OK, 10.0.0.1 being your outside IP. > "In this case, destination address for the outer IP header is determined > based on the routing table setup." > > Ok, what about the inner header setup? The inner header is setup with ifconfig, no different than it is with a bi-directional gif tunnel. So: hadji# ifconfig gif0 172.16.1.1 172.16.1.2 172.16.1.1 being Your inside source IP and 172.16.1.2 being the inside destination IP. > > And what about the outside destination ip? How do you > configure that to go out gif0 ? With the -iface flag [tried it > didn't work]. The tricky part here is to remove the existing interface route that is added with the above ifconfig command. hadji# route delete 172.16.1.2 I'm sure there are variations on how to get this to work without removing this route, but I chose to remove the route instead. Then add the route for gif outside dest IP like so: hadji# route add 172.16.1.2 24.13.10.5 -iface 172.16.1.1 So the packet going outbound will have a header like this: 10.0.0.1 > 24.13.10.5 : 172.16.1.1 > 172.16.1.2 |____________________| |______________________| ^ ^ Outside header Inside header Now, Setup the other side with the same strategy: thunder# ifconfig gif0 link0 thunder# gifconfig gif0 inet 24.13.10.5 0.0.0.0 thunder# ifconfig gif0 172.16.1.2 172.16.1.1 thunder# route delete 172.16.1.1 thunder# route add 172.16.1.1 10.0.0.1 -iface 172.16.1.2 Nick Rogness - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 16:31:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from rgmail.regenstrief.org (rgmail.regenstrief.org [134.68.31.197]) by hub.freebsd.org (Postfix) with ESMTP id 1F63F37B42C for ; Mon, 23 Apr 2001 16:31:38 -0700 (PDT) (envelope-from gunther@aurora.regenstrief.org) Received: from aurora.regenstrief.org (rgnout.regenstrief.org [134.68.31.38]) by rgmail.regenstrief.org (8.11.0/8.8.7) with ESMTP id f3NNVwA10594; Mon, 23 Apr 2001 18:31:58 -0500 Message-ID: <3AE4BB51.FC1400BD@aurora.regenstrief.org> Date: Mon, 23 Apr 2001 23:31:29 +0000 From: Gunther Schadow Organization: Regenstrief Institute for Health Care X-Mailer: Mozilla 4.75 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Shoichi Sakane Cc: snap-users@kame.net, freebsd-net@freebsd.org Subject: Re: (KAME-snap 4519) Re: KAME SPD bug, please try and confirm ... References: <20010424040539N.sakane@ydc.co.jp> <20010424041925C.sakane@ydc.co.jp> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Shoichi, I just built and tested the latest KAME-SNAP, and it appears as if the two ipsec tunnels work together now. I will have a final word on this later tomorrow, but for now it looks as if this problem requires no further action on your part. thank you so much for looking into this, -Gunther -- Gunther Schadow, M.D., Ph.D. gschadow@regenstrief.org Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent Professor Indiana University School of Medicine tel:1(317)630-7960 http://aurora.regenstrief.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 19:39:16 2001 Delivered-To: freebsd-net@freebsd.org Received: from virtual2.sysadmin-inc.com (ns2.sysadmin-inc.com [209.16.228.145]) by hub.freebsd.org (Postfix) with SMTP id 5367237B43C for ; Mon, 23 Apr 2001 19:39:11 -0700 (PDT) (envelope-from peter@sysadmin-inc.com) Received: (qmail 8086 invoked by alias); 17 Apr 2001 13:59:07 -0000 Received: from unknown (HELO w2kstest) (10.10.1.70) by virtual2.sysadmin-inc.com with SMTP; 17 Apr 2001 13:59:07 -0000 From: "Peter Brezny" To: Subject: three nics, two networks, simple routing problem...i think. Date: Tue, 17 Apr 2001 10:05:39 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The excerpt from my rc.conf mostly illustrates what I'm trying to do. I want to connect a host (10.30.1.15) to xl1 So that I can partition it's traffic from that of the lan connected to xl2. 10.30.1.1 GW----xl0 10.30.1.30 FW xl2----10.20.30.1 LAN | xl1 | | 10.30.1.15 FW ----- 10.20.15.1 LAN However, with my current conf files, I can't even ping xl1 from the box it's in. I can manually add a route, but I still can't ping the interface itself. What have I missed? TIA Peter Brezny SysAdmin Services Inc. my rc.conf looks like this. ifconfig_xl0="inet 10.30.1.30 netmask 255.255.255.0" ifconfig_xl1="inet 10.30.1.31 netmask 255.255.255.0" ifconfig_xl2="inet 10.20.30.1 netmask 255.255.255.0" xl1 is the iface giving problems. when you look at just the output of a ifconfig, things look ok. xl0: flags=8843 mtu 1500 inet 10.30.1.30 netmask 0xffffff00 broadcast 10.30.1.255 inet6 fe80::201:2ff:feed:4275%xl0 prefixlen 64 scopeid 0x1 ether 00:01:02:ed:42:75 media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 100baseTX xl1: flags=8843 mtu 1500 inet 10.30.1.31 netmask 0xffffff00 broadcast 10.30.1.255 inet6 fe80::201:2ff:feed:4225%xl1 prefixlen 64 scopeid 0x2 ether 00:01:02:ed:42:25 media: autoselect (10baseT/UTP) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 100baseTX xl2: flags=8843 mtu 1500 inet 10.20.30.1 netmask 0xffffff00 broadcast 10.20.30.255 inet6 fe80::210:4bff:fe98:52cd%xl2 prefixlen 64 scopeid 0x3 ether 00:10:4b:98:52:cd media: autoselect (none) status: no carrier supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 100baseTX However, netstat -r just gives this. Internet: Destination Gateway Flags Refs Use Netif Expire default 10.30.1.1 UGSc 1 7 xl0 10.20.30/24 link#3 UC 0 0 xl2 => 10.30.1/24 link#1 UC 0 0 xl0 => localhost localhost UH 1 106 lo0 Obviously the problem here is that the 10.30.1/24 network is routing through xl0, when I want to route just part of that network through xl1. Since the only machine that's going to be connected to xl1 has an address of 10.30.1.15, I tried adding a static route to it, without luck. First just with route add 10.30.1.15 10.30.1.31 still tries to send the packet through xl0, and although route add 10.30.1.15 -interface xl1 does put in the correct interface in the routing table, It doesn't work. Any Ideas? Thanks again. Peter Brezny SysAdmin Services Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Apr 23 21:57:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from cody.jharris.com (cody.jharris.com [205.238.128.83]) by hub.freebsd.org (Postfix) with ESMTP id C470E37B43C for ; Mon, 23 Apr 2001 21:57:37 -0700 (PDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f3O65mA28245; Tue, 24 Apr 2001 01:05:48 -0500 (CDT) (envelope-from nick@rogness.net) Date: Tue, 24 Apr 2001 01:05:47 -0500 (CDT) From: Nick Rogness X-Sender: nick@cody.jharris.com To: Peter Brezny Cc: freebsd-net@FreeBSD.ORG Subject: Re: three nics, two networks, simple routing problem...i think. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 17 Apr 2001, Peter Brezny wrote: > The excerpt from my rc.conf mostly illustrates what I'm trying to do. > I want to connect a host (10.30.1.15) to xl1 So that I can partition > it's traffic from that of the lan connected to xl2. > > 10.30.1.1 GW----xl0 10.30.1.30 FW xl2----10.20.30.1 LAN > | > xl1 > | > | > 10.30.1.15 FW ----- 10.20.15.1 LAN > > However, with my current conf files, I can't even ping xl1 from the > box it's in. I can manually add a route, but I still can't ping the > interface itself. > > What have I missed? xl0 and xl1 are part of the same network...that is a no-no unless you are bridging. Nick Rogness - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 0:51:28 2001 Delivered-To: freebsd-net@freebsd.org Received: from imo-m04.mx.aol.com (imo-m04.mx.aol.com [64.12.136.7]) by hub.freebsd.org (Postfix) with ESMTP id 1DDF137B424 for ; Tue, 24 Apr 2001 00:51:27 -0700 (PDT) (envelope-from raviprasad20@netscape.net) Received: from raviprasad20@netscape.net by imo-m04.mx.aol.com (mail_out_v30.9.) id n.3.14e52c2 (16218) for ; Tue, 24 Apr 2001 03:51:24 -0400 (EDT) Received: from netscape.com (aimmail11.aim.aol.com [205.188.144.203]) by air-in01.mx.aol.com (v77_r1.37) with ESMTP; Tue, 24 Apr 2001 03:51:24 -0400 Date: Tue, 24 Apr 2001 03:51:24 -0400 From: raviprasad20@netscape.net To: freebsd-net@freebsd.org Subject: if_index ( index in the kernel datastructure) Mime-Version: 1.0 Message-ID: <319837D4.1D2FA72E.9513E96F@netscape.net> X-Mailer: Franklin Webmailer 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, this is with reference to the free BSD networking code for ipv6. Could any body tell why in link local addresses & other link local related things they are storing if_index in the second 16bits of the address. for eg there will be statement like ia->ia_addr.sa_addr.sin_add16[1] = ifp->if_index. Please tell me its significance & how it is useful & why u have chosen to use as such. regards ravi prasad __________________________________________________________________ Get your own FREE, personal Netscape Webmail account today at http://webmail.netscape.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 1: 2:31 2001 Delivered-To: freebsd-net@freebsd.org Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (Postfix) with ESMTP id 159BE37B43F for ; Tue, 24 Apr 2001 01:02:30 -0700 (PDT) (envelope-from itojun@itojun.org) Received: from itojun.org (localhost [127.0.0.1]) by coconut.itojun.org (Postfix) with ESMTP id DAC104B0B; Tue, 24 Apr 2001 17:02:23 +0900 (JST) To: raviprasad20@netscape.net Cc: freebsd-net@freebsd.org In-reply-to: raviprasad20's message of Tue, 24 Apr 2001 03:51:24 -0400. <319837D4.1D2FA72E.9513E96F@netscape.net> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: if_index ( index in the kernel datastructure) From: itojun@iijlab.net Date: Tue, 24 Apr 2001 17:02:23 +0900 Message-ID: <17877.988099343@itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >this is with reference to the free BSD networking code for ipv6. >Could any body tell why in link local addresses & other link local related things they are storing if_index in the second 16bits of the address. for eg there will be statement like >ia->ia_addr.sa_addr.sin_add16[1] = ifp->if_index. >Please tell me its significance & how it is useful & why u have chosen to use as such. http://orange.kame.net/dev/cvsweb.cgi/kame/IMPLEMENTATION (see section 1.3) itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 2:59: 3 2001 Delivered-To: freebsd-net@freebsd.org Received: from bassia.wanadoo.fr (smtp-rt-5.wanadoo.fr [193.252.19.159]) by hub.freebsd.org (Postfix) with ESMTP id CA03037B422 for ; Tue, 24 Apr 2001 02:59:00 -0700 (PDT) (envelope-from z.wang@sysium.com) Received: from citronier.wanadoo.fr (193.252.19.222) by bassia.wanadoo.fr; 24 Apr 2001 11:58:58 +0200 Received: from intra-sysium.fr (193.253.182.49) by citronier.wanadoo.fr; 24 Apr 2001 11:58:45 +0200 Received: from larine [192.168.1.88] by intra-sysium.fr (FTGate 2, 2, 0, 1); Tue, 24 Apr 01 11:52:06 +0200 Message-ID: <005801c0cca4$38a871c0$5801a8c0@larine> From: "Zixiong WANG" To: Subject: NEEDED: Source code (C or C++) for fetching MAC Address ? Date: Tue, 24 Apr 2001 11:52:06 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.3018.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I need source code for fetching MAC address on a FreeBSD 4.2/PC/Ethernet platform. Where can I find it ? Thanks in advance. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 3:42:39 2001 Delivered-To: freebsd-net@freebsd.org Received: from imo-m06.mx.aol.com (imo-m06.mx.aol.com [64.12.136.161]) by hub.freebsd.org (Postfix) with ESMTP id 9037737B422 for ; Tue, 24 Apr 2001 03:42:37 -0700 (PDT) (envelope-from raviprasad20@netscape.net) Received: from raviprasad20@netscape.net by imo-m06.mx.aol.com (mail_out_v30.9.) id n.2.14e1874 (16242) for ; Tue, 24 Apr 2001 06:42:31 -0400 (EDT) Received: from netscape.com (aimmail03.aim.aol.com [205.188.144.195]) by air-in03.mx.aol.com (v77_r1.37) with ESMTP; Tue, 24 Apr 2001 06:42:31 -0400 Date: Tue, 24 Apr 2001 06:42:31 -0400 From: raviprasad20@netscape.net To: freebsd-net@freebsd.org Subject: IOCTL's During address formation & deletion. Mime-Version: 1.0 Message-ID: <7516E293.211067B8.9513E96F@netscape.net> X-Mailer: Franklin Webmailer 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I noticed that whenever a new multicast address is formed or in general any address (IPV6) is formed there is a call to ioctl through (*ifp->if_ioctl). Kindly mail me regarding the following doubts. 1) Whether IOCTL's must be done each & every time IP addresses are formed. 2) Whether IOCTL's are necessary for each & every multicast link local address formed to add to the interface. 3) Whether adding new ipv6 addresses to the in6_ifaddr list or ifnet address list requires IOCTL's each & every time it is added. 4) Once after ifnet structure is initialized each & every cahnge of it requires an IOCTL. 5) Whether for adding the first ipv6 address only IOCTL is needed? 6) Wether IOCTL's are needed to be performed for pseudo devices added? Waiting for your comment. regards ravi prasad __________________________________________________________________ Get your own FREE, personal Netscape Webmail account today at http://webmail.netscape.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 5:23:51 2001 Delivered-To: freebsd-net@freebsd.org Received: from Awfulhak.org (awfulhak.demon.co.uk [194.222.196.252]) by hub.freebsd.org (Postfix) with ESMTP id 75D2F37B42C for ; Tue, 24 Apr 2001 05:23:48 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [172.16.0.12]) by Awfulhak.org (8.11.3/8.11.3) with ESMTP id f3OCNI306178; Tue, 24 Apr 2001 13:23:18 +0100 (BST) (envelope-from brian@lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.3/8.11.3) with ESMTP id f3OCOX612742; Tue, 24 Apr 2001 13:24:33 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200104241224.f3OCOX612742@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 To: "Zixiong WANG" Cc: freebsd-net@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: NEEDED: Source code (C or C++) for fetching MAC Address ? In-Reply-To: Message from "Zixiong WANG" of "Tue, 24 Apr 2001 11:52:06 +0200." <005801c0cca4$38a871c0$5801a8c0@larine> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 24 Apr 2001 13:24:33 +0100 From: Brian Somers Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Hi, > > I need source code for fetching MAC address on a FreeBSD 4.2/PC/Ethernet > platform. > > Where can I find it ? Have a look at src/usr.sbin/ppp/arp.c - get_ether_addr(). > Thanks in advance. -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 5:37:50 2001 Delivered-To: freebsd-net@freebsd.org Received: from earth.inco.com.lb (earth.inco.com.lb [193.188.135.5]) by hub.freebsd.org (Postfix) with ESMTP id 2BF2237B43C for ; Tue, 24 Apr 2001 05:37:42 -0700 (PDT) (envelope-from djt2000@inco.com.lb) Received: from hamster ([194.126.31.136]) by earth.inco.com.lb (8.11.1/8.11.1) with SMTP id f3OCdDF29497 for ; Tue, 24 Apr 2001 10:39:14 -0200 (GMT) Message-ID: <000901c0ccc2$6da49c00$881f7ec2@hamster> From: "Toni SOUEID" To: Subject: Selective Acknowledgments ? Date: Tue, 24 Apr 2001 15:27:57 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, Please can anyone tell me if the TCP protocol in FreeBSD 4.2 supports Selective Acknowledgments (SACK). If so how can I compile it into the kernel ? Many thanks To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 6: 0:44 2001 Delivered-To: freebsd-net@freebsd.org Received: from imo-m02.mx.aol.com (imo-m02.mx.aol.com [64.12.136.5]) by hub.freebsd.org (Postfix) with ESMTP id E235737B43C for ; Tue, 24 Apr 2001 06:00:42 -0700 (PDT) (envelope-from raviprasad20@netscape.net) Received: from raviprasad20@netscape.net by imo-m02.mx.aol.com (mail_out_v30.9.) id n.5d.17a88d (16246) for ; Tue, 24 Apr 2001 09:00:39 -0400 (EDT) Received: from netscape.com (aimmail03.aim.aol.com [205.188.144.195]) by air-in03.mx.aol.com (v77_r1.37) with ESMTP; Tue, 24 Apr 2001 09:00:39 -0400 Date: Tue, 24 Apr 2001 09:00:39 -0400 From: raviprasad20@netscape.net To: freebsd-net@freebsd.org Subject: Struct ifaddr initialization. Mime-Version: 1.0 Message-ID: <0FE8E703.73B8EB68.9513E96F@netscape.net> X-Mailer: Franklin Webmailer 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, Please refer if_attach() of . Iam unable to understand why you are constructing a string from interface name & interface unit number ( ifnet structure members ifp->if_unit & ifp->if_name) & storing in the data member of sockaddr_dl structure. Iam also confused why you are storing the hardware address in the sockaddr_dl structure after the above string. I feel that hardware address can be accessed through the ifnet structure. Kindly tell me the significance of the ifaddr structure initialization for ipv6 since it does not store any ip addresses. How other modules benifit from this? Where it is used? Waiting for your reply. regards ravi prasad __________________________________________________________________ Get your own FREE, personal Netscape Webmail account today at http://webmail.netscape.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 6:11:36 2001 Delivered-To: freebsd-net@freebsd.org Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (Postfix) with ESMTP id 3184237B59E for ; Tue, 24 Apr 2001 06:11:34 -0700 (PDT) (envelope-from itojun@itojun.org) Received: by coconut.itojun.org (Postfix, from userid 1001) id 1CA1A4B0B; Tue, 24 Apr 2001 22:11:25 +0900 (JST) To: raviprasad20@netscape.net Cc: freebsd-net@freebsd.org Subject: Re: Struct ifaddr initialization. In-Reply-To: Your message of "Tue, 24 Apr 2001 09:00:39 -0400" <0FE8E703.73B8EB68.9513E96F@netscape.net> References: <0FE8E703.73B8EB68.9513E96F@netscape.net> X-Mailer: Cue version 0.6 (010413-1335/itojun) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Message-Id: <20010424131125.1CA1A4B0B@coconut.itojun.org> Date: Tue, 24 Apr 2001 22:11:25 +0900 (JST) From: itojun@itojun.org (Jun-ichiro itojun Hagino) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Please refer if_attach() of . > Iam unable to understand why you are constructing a string from interface name & interface unit number ( ifnet structure members ifp->if_unit & ifp->if_name) & storing in the data member of sockaddr_dl structure. Iam also confused why you are storing the hardware address in the sockaddr_dl structure after the above string. I feel that hardware address can be accessed through the ifnet structure. > > Kindly tell me the significance of the ifaddr structure initialization for ipv6 since it does not store any ip addresses. How other modules benifit from this? Where it is used? I strongly suggest you to get a copy of "TCP/IP illustrated volume II" by Richard Stevens. FreeBSD IPv6 code (integrated from KAME project) follows 4.4BSD network stack design. the above questions are not specific to IPv6, but is a question against 4.4BSD network stack. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 8: 9: 7 2001 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (adam042-060.resnet.wisc.edu [146.151.42.60]) by hub.freebsd.org (Postfix) with ESMTP id 782A137B423 for ; Tue, 24 Apr 2001 08:09:04 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 4404 invoked by uid 1000); 24 Apr 2001 15:09:03 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 24 Apr 2001 15:09:03 -0000 Date: Tue, 24 Apr 2001 10:09:03 -0500 (CDT) From: Mike Silbersack To: Toni SOUEID Cc: Subject: Re: Selective Acknowledgments ? In-Reply-To: <000901c0ccc2$6da49c00$881f7ec2@hamster> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 24 Apr 2001, Toni SOUEID wrote: > Hello, > Please can anyone tell me if the TCP protocol in > FreeBSD 4.2 supports Selective Acknowledgments > (SACK). SACK is not supported in any version of FreeBSD at this time. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 8:41:57 2001 Delivered-To: freebsd-net@freebsd.org Received: from or1.inktomi.com (or1.inktomi.com [209.131.48.34]) by hub.freebsd.org (Postfix) with ESMTP id 793D237B422; Tue, 24 Apr 2001 08:41:40 -0700 (PDT) (envelope-from arvindg@inktomi.com) Received: from inbox1.inktomi.com (inbox1.inktomi.com [209.131.48.26]) by or1.inktomi.com (Pro-8.9.3/Pro-8.9.3) with ESMTP id IAA16467; Tue, 24 Apr 2001 08:41:47 -0700 (PDT) Received: from arvindgdp866 ([209.131.52.111]) by inbox1.inktomi.com (Netscape Messaging Server 4.1) with SMTP id GC9GT800.29L; Mon, 23 Apr 2001 12:58:20 -0700 From: "Arvind Gopalan" To: , , "freebsd-net" Cc: "Arvind Gopalan" Subject: RE: FreeBSD Mail Archives Date: Mon, 23 Apr 2001 12:58:19 -0700 Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_002D_01C0CBF5.11EDD840" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_002D_01C0CBF5.11EDD840 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit FreeBSD Mail ArchivesAdding Freebsd-net to the thread . Any response on the SACK question appreciated. If SACK has not been integrated, it would help if someone could help me understand the issues against why this hasnt been done as of yet. Thanks -Arvind -----Original Message----- From: Arvind Gopalan [mailto:Arvindg@inktomi.com] Sent: Monday, April 23, 2001 10:23 AM To: paul@mu.org; freebsd-questions@FreeBSD.ORG Subject: RE: FreeBSD Mail Archives I was forwarded the following mail from the FreeBSD mail archives, and I was wondering if as of todays date, SACK has been integrated into any of the recent BSD builds. I plan to install FreeBSD 4.3 and would specifically be interested in knowing if SACK is supported on this release. Thanks -Arvind -----Original Message----- From: Chris Berry [mailto:cberry@inktomi.com] Sent: Saturday, April 21, 2001 7:09 PM To: arvindg Subject: FreeBSD Mail Archives Date: Wed, 12 Jul 2000 14:21:51 -0700 From: Paul Saab To: Joao Pagaime Cc: Dan Nelson , freebsd-questions@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Subject: Re: Enable SACK Message-ID: <20000712142151.A68469@elvis.mu.org> In-Reply-To: ; from jpsp@rccn.net on Wed, Jul 12, 2000 at 05:31:54PM +0100 References: <20000712092015.A17517@dan.emsphone.com> ---------------------------------------------------------------------------- Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help ---------------------------------------------------------------------------- Joao Pagaime (jpsp@rccn.net) wrote: > Why not? Does anyone happen to know if there's any plans for supporting > it in the future? Yes. There is work going on to support this and patches will probably be available sometime in the near future. We actually have a working implementation and I believe it just needs to be tested more before it is unleashed upon the world. -- Paul Saab Technical Yahoo paul@mu.org - ps@yahoo-inc.com - ps@freebsd.org Do You .. uhh .. Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message ---------------------------------------------------------------------------- www@FreeBSD.org ------=_NextPart_000_002D_01C0CBF5.11EDD840 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable FreeBSD Mail Archives
Adding=20 Freebsd-net to the thread . Any response on the SACK question = appreciated.=20 If SACK has not been integrated, it would help if someone could help me=20 understand the issues against why this hasnt been done as of=20 yet.
 
Thanks
-Arvind
-----Original Message-----
From: Arvind Gopalan=20 [mailto:Arvindg@inktomi.com]
Sent: Monday, April 23, 2001 = 10:23=20 AM
To: paul@mu.org; = freebsd-questions@FreeBSD.ORG
Subject:=20 RE: FreeBSD Mail Archives

 
I=20 was forwarded the following mail from the FreeBSD mail archives, and I = was=20 wondering if as of todays date, SACK has been integrated into any of = the recent BSD builds. I plan to install = FreeBSD=20 4.3 and would specifically be interested in knowing if SACK is=20 supported on this release.
 
Thanks
-Arvind
-----Original Message-----
From: Chris Berry=20 [mailto:cberry@inktomi.com]
Sent: Saturday, April 21, 2001 = 7:09=20 PM
To: arvindg
Subject: FreeBSD Mail=20 Archives
Date:      Wed, 12 =
Jul 2000 14:21:51 -0700
From:      Paul Saab <paul@mu.org>
To:        Joao Pagaime <jpsp@rccn.net>
Cc:        Dan Nelson <dnelson@emsphone.com>, =
freebsd-questions@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
Subject:   Re: Enable SACK
Message-ID:  <200=
00712142151.A68469@elvis.mu.org>
In-Reply-To: <Pine.BSF.4.21.0007121729390.29263-100000@atlas.rccn.net=
>; from jpsp@rccn.net on Wed, Jul 12, 2000 at 05:31:54PM +0100
References:  <20000712092015.A17517@dan.emsphone.com> <Pine.BSF.4.21.0007121729390.29263-100000@atlas.rccn.net=
>
Nex= t in=20 thread | Previous=20 in thread | Raw=20 E-Mail | Index=20 | Archive=20 | Help=20 

Joao Pagaime (jpsp@rccn.net) wrote:
> Why not?  Does anyone happen to know if there's any plans for =
supporting
> it in the future?

Yes.  There is work going on to support this and patches will probably
be available sometime in the near future.  We actually have a working
implementation and I believe it just needs to be tested more before it
is unleashed upon the world.

--=20
Paul Saab
Technical Yahoo
paul@mu.org - ps@yahoo-inc.com - ps@freebsd.org
Do You .. uhh .. Yahoo!?


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
www@FreeBSD.org
------=_NextPart_000_002D_01C0CBF5.11EDD840-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 8:46:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from or1.inktomi.com (or1.inktomi.com [209.131.48.34]) by hub.freebsd.org (Postfix) with ESMTP id 0093937B424; Tue, 24 Apr 2001 08:45:57 -0700 (PDT) (envelope-from arvindg@inktomi.com) Received: from inbox1.inktomi.com (inbox1.inktomi.com [209.131.48.26]) by or1.inktomi.com (Pro-8.9.3/Pro-8.9.3) with ESMTP id IAA18868; Tue, 24 Apr 2001 08:46:04 -0700 (PDT) Received: from arvindgdp866 ([209.131.52.111]) by inbox1.inktomi.com (Netscape Messaging Server 4.1) with SMTP id GC9SYU00.5DR; Mon, 23 Apr 2001 17:20:54 -0700 From: "Arvind Gopalan" To: , "freebsd-net" Cc: Subject: RE: FreeBSD Mail Archives Date: Mon, 23 Apr 2001 17:20:52 -0700 Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0073_01C0CC19.BFB34720" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0073_01C0CC19.BFB34720 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit FreeBSD Mail ArchivesAdding Freebsd-net to the thread . Any response on the SACK question appreciated. If SACK has not been integrated, it would help if someone could help me understand the issues against why this hasnt been done as of yet. Thanks -Arvind -----Original Message----- From: Arvind Gopalan [mailto:Arvindg@inktomi.com] Sent: Monday, April 23, 2001 10:23 AM To: paul@mu.org; freebsd-questions@FreeBSD.ORG Subject: RE: FreeBSD Mail Archives I was forwarded the following mail from the FreeBSD mail archives, and I was wondering if as of todays date, SACK has been integrated into any of the recent BSD builds. I plan to install FreeBSD 4.3 and would specifically be interested in knowing if SACK is supported on this release. Thanks -Arvind -----Original Message----- From: Chris Berry [mailto:cberry@inktomi.com] Sent: Saturday, April 21, 2001 7:09 PM To: arvindg Subject: FreeBSD Mail Archives Date: Wed, 12 Jul 2000 14:21:51 -0700 From: Paul Saab To: Joao Pagaime Cc: Dan Nelson , freebsd-questions@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Subject: Re: Enable SACK Message-ID: <20000712142151.A68469@elvis.mu.org> In-Reply-To: ; from jpsp@rccn.net on Wed, Jul 12, 2000 at 05:31:54PM +0100 References: <20000712092015.A17517@dan.emsphone.com> -------------------------------------------------------------------------- Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help -------------------------------------------------------------------------- Joao Pagaime (jpsp@rccn.net) wrote: > Why not? Does anyone happen to know if there's any plans for supporting > it in the future? Yes. There is work going on to support this and patches will probably be available sometime in the near future. We actually have a working implementation and I believe it just needs to be tested more before it is unleashed upon the world. -- Paul Saab Technical Yahoo paul@mu.org - ps@yahoo-inc.com - ps@freebsd.org Do You .. uhh .. Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message -------------------------------------------------------------------------- www@FreeBSD.org ------=_NextPart_000_0073_01C0CC19.BFB34720 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable FreeBSD Mail Archives
Adding=20 Freebsd-net to the thread . Any response on the SACK question = appreciated.=20 If SACK has not been integrated, it would help if someone could help me=20 understand the issues against why this hasnt been done as of=20 yet.

Thanks
-Arvind
-----Original Message-----
From: Arvind Gopalan=20 [mailto:Arvindg@inktomi.com]
Sent: Monday, April 23, 2001 = 10:23=20 AM
To: paul@mu.org;=20 freebsd-questions@FreeBSD.ORG
Subject: RE: FreeBSD Mail=20 Archives

 
I=20 was forwarded the following mail from the FreeBSD mail archives, and = I was=20 wondering if as of todays date, SACK has been integrated into any of = the recent BSD builds. I plan to = install FreeBSD=20 4.3 and would specifically be interested in knowing if SACK is=20 supported on this release.
 
Thanks
-Arvind
-----Original Message-----
From: Chris Berry=20 [mailto:cberry@inktomi.com]
Sent: Saturday, April 21, = 2001 7:09=20 PM
To: arvindg
Subject: FreeBSD Mail=20 Archives
Date:      Wed, 12 =
Jul 2000 14:21:51 -0700
From:      Paul Saab <paul@mu.org>
To:        Joao Pagaime <jpsp@rccn.net>
Cc:        Dan Nelson <dnelson@emsphone.com>, =
freebsd-questions@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
Subject:   Re: Enable SACK
Message-ID:  <200=
00712142151.A68469@elvis.mu.org>
In-Reply-To: <Pine.BSF.4.21.0007121729390.29263-100000@atlas.rccn.net=
>; from jpsp@rccn.net on Wed, Jul 12, 2000 at 05:31:54PM +0100
References:  <20000712092015.A17517@dan.emsphone.com> <Pine.BSF.4.21.0007121729390.29263-100000@atlas.rccn.net=
>
Nex= t in=20 thread | Previous=20 in thread | Raw=20 E-Mail | Index=20 | Archive=20 | Help=20 

Joao Pagaime (jpsp@rccn.net) wrote:
> Why not?  Does anyone happen to know if there's any plans for =
supporting
> it in the future?

Yes.  There is work going on to support this and patches will probably
be available sometime in the near future.  We actually have a working
implementation and I believe it just needs to be tested more before it
is unleashed upon the world.

--=20
Paul Saab
Technical Yahoo
paul@mu.org - ps@yahoo-inc.com - ps@freebsd.org
Do You .. uhh .. Yahoo!?


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
www@FreeBSD.org
------=_NextPart_000_0073_01C0CC19.BFB34720-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 11:31:23 2001 Delivered-To: freebsd-net@freebsd.org Received: from web14105.mail.yahoo.com (web14105.mail.yahoo.com [216.136.172.135]) by hub.freebsd.org (Postfix) with SMTP id 699EA37B423 for ; Tue, 24 Apr 2001 11:31:21 -0700 (PDT) (envelope-from rampal01801@yahoo.com) Message-ID: <20010424182607.61133.qmail@web14105.mail.yahoo.com> Received: from [193.65.100.100] by web14105.mail.yahoo.com; Tue, 24 Apr 2001 11:26:07 PDT Date: Tue, 24 Apr 2001 11:26:07 -0700 (PDT) From: Ram Pal Subject: Debugger To: freebsd-net@FreeBSD.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi I installed the 4.4 Free BSD including source.... i wanted to know DDB (Kernel Debugger ) i could not find in the system is this part of the system or do i have to install something specific. Ram Pal __________________________________________________ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Apr 24 11:45:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 2A9FC37B423; Tue, 24 Apr 2001 11:45:03 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id OAA98132; Tue, 24 Apr 2001 14:44:52 -0400 (EDT) (envelope-from wollman) Date: Tue, 24 Apr 2001 14:44:52 -0400 (EDT) From: Garrett Wollman Message-Id: <200104241844.OAA98132@khavrinen.lcs.mit.edu> To: Thomas Moestl Cc: freebsd-net@FreeBSD.ORG, Robert Watson Subject: Making getsockname return sensible data for unbound AF_UNIX sockets In-Reply-To: <20010422200939.A4797@crow.dom2ip.de> References: <20010422200939.A4797@crow.dom2ip.de> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org < said: > I would like to commit a really small patch that makes getsockname > fill the sockaddr for non-bound PF_LOCAL sockets with sun_noname, > instead of just setting the length parameter to 0 and return (without > an error) like it does now. I'm OK with this. I'm not sure why I didn't do so originally. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 0:24:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from imo-m09.mx.aol.com (imo-m09.mx.aol.com [64.12.136.164]) by hub.freebsd.org (Postfix) with ESMTP id B894837B424 for ; Wed, 25 Apr 2001 00:24:56 -0700 (PDT) (envelope-from raviprasad20@netscape.net) Received: from raviprasad20@netscape.net by imo-m09.mx.aol.com (mail_out_v30.9.) id n.5e.19a39c (16229) for ; Wed, 25 Apr 2001 03:24:48 -0400 (EDT) Received: from netscape.com (aimmail10.aim.aol.com [205.188.144.202]) by air-in02.mx.aol.com (v77_r1.37) with ESMTP; Wed, 25 Apr 2001 03:24:48 -0400 Date: Wed, 25 Apr 2001 03:24:48 -0400 From: raviprasad20@netscape.net To: freebsd-net@freebsd.org Subject: Struct ifnet initialization. Mime-Version: 1.0 Message-ID: <740649CE.28ABEAA0.9513E96F@netscape.net> X-Mailer: Franklin Webmailer 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, Can any body mail me the functions that are called to initialize ifnet structure & who calls them. I know only 2 functions ether_ifattach () ifattach() regards ravi prasad __________________________________________________________________ Get your own FREE, personal Netscape Webmail account today at http://webmail.netscape.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 2:33: 3 2001 Delivered-To: freebsd-net@freebsd.org Received: from imo-m05.mx.aol.com (imo-m05.mx.aol.com [64.12.136.8]) by hub.freebsd.org (Postfix) with ESMTP id 8EF2437B422 for ; Wed, 25 Apr 2001 02:33:01 -0700 (PDT) (envelope-from raviprasad20@netscape.net) Received: from raviprasad20@netscape.net by imo-m05.mx.aol.com (mail_out_v30.9.) id n.af.1b39d5 (16229) for ; Wed, 25 Apr 2001 05:32:53 -0400 (EDT) Received: from netscape.com (aimmail02.aim.aol.com [205.188.144.194]) by air-in02.mx.aol.com (v77_r1.37) with ESMTP; Wed, 25 Apr 2001 05:32:53 -0400 Date: Wed, 25 Apr 2001 05:32:53 -0400 From: raviprasad20@netscape.net To: freebsd-net@freebsd.org Subject: Struct ifnet initalization. Mime-Version: 1.0 Message-ID: <02D6ECDE.0C382BA7.9513E96F@netscape.net> X-Mailer: Franklin Webmailer 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I have the following questions. Whether any special initialization fo the ifnet structure is required for ipv6? Some of the structures like ifaddr, sockaddr_dl are initialized in the same way as is done for ipv4. Whether this won't affect the performance? Iam unable to follow the correct control flow in the ifnet structure initialization. If any body has already done this kindly mail me the flow. I have gone through the TCP/IP illustrated by Richard Stevens. But the control flow that he has presented differs from that of the order in which functions are called in the free BSD available in your site. Kindly update me in this regard. ravi prasad __________________________________________________________________ Get your own FREE, personal Netscape Webmail account today at http://webmail.netscape.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 7:31: 3 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.elender.hu (bendeguz.elender.hu [212.108.200.75]) by hub.freebsd.org (Postfix) with ESMTP id 4C5B337B423; Wed, 25 Apr 2001 07:30:57 -0700 (PDT) (envelope-from acca007@freemail.hu) Received: from acca (pc65.skytech.hu [194.143.233.65]) by mail.elender.hu with SMTP id QAA17105; Wed, 25 Apr 2001 16:30:53 +0200 (MET DST) From: "Baranyai Attila" To: , Subject: netperf with IPv6 support on KAME Date: Wed, 25 Apr 2001 16:28:37 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----Original Message----- From: Baranyai Attila [mailto:acca007@freemail.hu] Sent: Wednesday, April 25, 2001 4:15 PM To: netperf-talk@netperf.org Subject: netperf with IPv6 support on KAME Hi! I tried to do NetPerf IPv6 benchmarks between two machines. Both machines have FreeBSD 4.1.1 installed on them with KAME IPv6 stack. I downloaded Netperf binary package from the following site: ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4.2-stable/All/netperf -2.1.3_1.tgz It's said, that this version supports IPv6. Despite, I got an error message, when I tried to run the following: netperf -t UDP_STREAM -H fec0::4:2a0:c9ff:fe9f:2d4f -f k -l 5 I got this message: "Could not resolve the destination fec0::4:2a0:c9ff:fe9f:2d4f". However, I could ping the node on that address. What could be the problem? Thanks, Attila Baranyai e-mail: acca007@freemail.hu Budapest University of Technology and Economics, HUNGARY To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 11:55: 2 2001 Delivered-To: freebsd-net@freebsd.org Received: from rgmail.regenstrief.org (rgmail.regenstrief.org [134.68.31.197]) by hub.freebsd.org (Postfix) with ESMTP id 47E6937B422; Wed, 25 Apr 2001 11:54:57 -0700 (PDT) (envelope-from gunther@aurora.regenstrief.org) Received: from aurora.regenstrief.org (rgnout.regenstrief.org [134.68.31.38]) by rgmail.regenstrief.org (8.11.0/8.8.7) with ESMTP id f3PItCA31666; Wed, 25 Apr 2001 13:55:12 -0500 Message-ID: <3AE71D7F.14ECB429@aurora.regenstrief.org> Date: Wed, 25 Apr 2001 18:54:55 +0000 From: Gunther Schadow Organization: Regenstrief Institute for Health Care X-Mailer: Mozilla 4.75 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org, freebsd-small@freebsd.org Subject: DHCP vulnerabilities ... Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I'm just about configuring a PicoBSD-based VPN gateway settop box kind of thing :-). I am dealing with cable modem ISPs and decided to do it the right way, i.e. DHCP. I discovered some problems with DHCP during the setup phase, where the machine is in a weird state, the firewall may not be configured right and neither are the IPsec policies. During that short time frame after DHCP has assigned a new address and the completion of the IPsec ipf stuff called from /etc/dhclinent-exit-hooks the interface is up and may be unprotected. It would be nice if there was a way to keep the re-configured interface down and only bring it up after all is well in /etc/dhclient-exit-hooks. Sure I can (and will) do that in my dhclient-script ("ifconfig if0 down" "ifconfig if0 up",) but just wanted folks to know about this. regards -Gunther -- Gunther Schadow, M.D., Ph.D. gschadow@regenstrief.org Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent Professor Indiana University School of Medicine tel:1(317)630-7960 http://aurora.regenstrief.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 13:15: 4 2001 Delivered-To: freebsd-net@freebsd.org Received: from rgmail.regenstrief.org (rgmail.regenstrief.org [134.68.31.197]) by hub.freebsd.org (Postfix) with ESMTP id 33AD737B424; Wed, 25 Apr 2001 13:14:58 -0700 (PDT) (envelope-from gunther@aurora.regenstrief.org) Received: from aurora.regenstrief.org (rgnout.regenstrief.org [134.68.31.38]) by rgmail.regenstrief.org (8.11.0/8.8.7) with ESMTP id f3PKFCA32650; Wed, 25 Apr 2001 15:15:12 -0500 Message-ID: <3AE7303F.957DE6DC@aurora.regenstrief.org> Date: Wed, 25 Apr 2001 20:14:55 +0000 From: Gunther Schadow Organization: Regenstrief Institute for Health Care X-Mailer: Mozilla 4.75 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org, freebsd-small@freebsd.org, snap-users@kame.net Subject: VPN tunnel with DHCP ... Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, about my SOHO router project, I came accross a tough problem, may be I overlook that there is a solution already? The VPN gateway at the small office / home office (SOHO) has an IPsec tunnel connecting it to its headquarter: setkey -c <; Wed, 25 Apr 2001 13:46:36 -0700 (PDT) (envelope-from matt@gsicomp.on.ca) Received: from hermes (cr677933-a.ktchnr1.on.wave.home.com [24.43.230.149]) by skippyii.compar.com (8.11.3/8.11.3) with SMTP id f3PKoH035861; Wed, 25 Apr 2001 16:50:17 -0400 (EDT) (envelope-from matt@gsicomp.on.ca) Message-ID: <003101c0cdc8$64f8bcb0$1200a8c0@gsicomp.on.ca> From: "Matthew Emmerton" To: "Gunther Schadow" , References: <3AE7303F.957DE6DC@aurora.regenstrief.org> Subject: Re: VPN tunnel with DHCP ... Date: Wed, 25 Apr 2001 16:43:32 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Hi, > > about my SOHO router project, I came accross a tough problem, may > be I overlook that there is a solution already? The VPN gateway > at the small office / home office (SOHO) has an IPsec tunnel > connecting it to its headquarter: > > setkey -c < spdadd ${sohonet} ${homenet} -P out ipsec > esp/tunnel/${sohoip}-${homeip}/require; > spdadd ${homenet} ${sohonet} -P in ipsec > esp/tunnel/${homeip}-${sohoip}/require; > END > > now, the problem is that the ${sohoip} is dynamically assigned > with DHCP. How can the gateway at the headquarter know that > ${sohoip} address? I had a similar situation which I had to work with a while ago, although I used ssh tunnels instead of IPSec. I'm not sure if my method will work, but it's worth an try. Here's what I did: 1) Set the headquarters machine up with static IP and DNS. 2) Configure headquarters machine to allow PPP over TCP 3) Have remote hosts (with dynamic addresses) connect to headquarters machine (static address) using PPP over TCP. The endpoints of this PPP connection use "private" IPs, say 10.x.x.x or 192.168.x.x. Note that once the connection is established, the addresses of both endpoints are known. 4) Create SSH tunnels in each direction 5) Forward all traffic over the SSH tunnel In your case, you could probably use IPsec over the PPP connection instead of SSH. -- matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 14:25:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 0C0B937B424 for ; Wed, 25 Apr 2001 14:25:50 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id RAA12766; Wed, 25 Apr 2001 17:25:29 -0400 (EDT) (envelope-from wollman) Date: Wed, 25 Apr 2001 17:25:29 -0400 (EDT) From: Garrett Wollman Message-Id: <200104252125.RAA12766@khavrinen.lcs.mit.edu> To: "Gunther Schadow" Cc: Subject: Re: VPN tunnel with DHCP ... In-Reply-To: <003101c0cdc8$64f8bcb0$1200a8c0@gsicomp.on.ca> References: <3AE7303F.957DE6DC@aurora.regenstrief.org> <003101c0cdc8$64f8bcb0$1200a8c0@gsicomp.on.ca> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [Original attribution lost.] >> now, the problem is that the ${sohoip} is dynamically assigned >> with DHCP. How can the gateway at the headquarter know that >> ${sohoip} address? I don't know whether this is actually possible to do yet. But, you should be able to configure racoon to use a public-key certificate for authentication, and identify your SOHO users by their names rather than the random DHCP address. However, it looks like you will still lose because racoon does not appear to have a mechanism to automatically add SPD entries based on the authenticated identity of an ``anonymous'' connection. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 15:33:25 2001 Delivered-To: freebsd-net@freebsd.org Received: from privatecube.privatelabs.com (privatecube.privatelabs.com [63.114.185.254]) by hub.freebsd.org (Postfix) with ESMTP id D1C5837B422; Wed, 25 Apr 2001 15:33:20 -0700 (PDT) (envelope-from mi@misha.privatelabs.com) Received: from misha.privatelabs.com (root@misha.plten [10.0.0.106]) by privatecube.privatelabs.com (8.9.3/8.9.2) with ESMTP id RAA05178; Wed, 25 Apr 2001 17:54:00 -0400 Received: (from mi@localhost) by misha.privatelabs.com (8.11.3/8.11.1) id f3PMXHp62268; Wed, 25 Apr 2001 18:33:17 -0400 (EDT) (envelope-from mi) From: Mikhail Teterin Message-Id: <200104252233.f3PMXHp62268@misha.privatelabs.com> Subject: maxing out the 100Mb TX (full duplex) To: questions@freebsd.org, luigi@iet.unipi.it, net@freebsd.org Date: Wed, 25 Apr 2001 18:33:17 -0400 (EDT) Cc: rmolchon@privatelabs.com, jonathan@privatelabs.com MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello! In our load tests we seem to be maxing out the 100Mb full duplex network card (fxp0). The machine has two such cards on the motherboard. How can we use both of them transparently? I connected the other one (fxp1) to the switch and enabled bridging: sysctl -w net.link.ether.bridge_cfg=fxp0:0,fxp1:1 sysctl -w net.link.ether.bridge=1 Both cards are active (fxp1 does not have an IP): media: autoselect (100baseTX ) status: active but judging by the throughput and the (non-)blinking lights, still only the first one (fxp0) is being used... Any suggestions? Thanks! -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 15:38:13 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 24DC937B422; Wed, 25 Apr 2001 15:38:08 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f3PMbo819009; Wed, 25 Apr 2001 15:37:50 -0700 Date: Wed, 25 Apr 2001 15:37:50 -0700 From: Brooks Davis To: Mikhail Teterin Cc: questions@FreeBSD.ORG, luigi@iet.unipi.it, net@FreeBSD.ORG, rmolchon@privatelabs.com, jonathan@privatelabs.com Subject: Re: maxing out the 100Mb TX (full duplex) Message-ID: <20010425153750.A16285@Odin.AC.HMC.Edu> References: <200104252233.f3PMXHp62268@misha.privatelabs.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="mYCpIKhGyMATD0i+" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200104252233.f3PMXHp62268@misha.privatelabs.com>; from mi@misha.privatelabs.com on Wed, Apr 25, 2001 at 06:33:17PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --mYCpIKhGyMATD0i+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Apr 25, 2001 at 06:33:17PM -0400, Mikhail Teterin wrote: > In our load tests we seem to be maxing out the 100Mb full duplex network > card (fxp0). >=20 > The machine has two such cards on the motherboard. How can we use both > of them transparently? If you have a switch that supports EtherChannel you can use Bill Pauls netgraph module. Otherwise, I don't think there's any reliable way to do it. http://people.freebsd.org/~wpaul/FEC/ Alternativly, if you have an appropriate switch, you could use gigabit ethernet. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --mYCpIKhGyMATD0i+ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE651G9XY6L6fI4GtQRArCwAJ4g8fWOhOZhp05fi7ORE3NYcxjakwCg2yQB RTZS4drCFk4W1hxoVmDcJU4= =omIq -----END PGP SIGNATURE----- --mYCpIKhGyMATD0i+-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 19:12:13 2001 Delivered-To: freebsd-net@freebsd.org Received: from Awfulhak.org (awfulhak.demon.co.uk [194.222.196.252]) by hub.freebsd.org (Postfix) with ESMTP id E2A1D37B422 for ; Wed, 25 Apr 2001 19:12:05 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [172.16.0.12]) by Awfulhak.org (8.11.3/8.11.3) with ESMTP id f3Q2Bg316156; Thu, 26 Apr 2001 03:11:43 +0100 (BST) (envelope-from brian@lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.3/8.11.3) with ESMTP id f3Q2CxM08889; Thu, 26 Apr 2001 03:12:59 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200104260212.f3Q2CxM08889@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 To: "Matthew Emmerton" Cc: "Gunther Schadow" , freebsd-net@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: VPN tunnel with DHCP ... In-Reply-To: Message from "Matthew Emmerton" of "Wed, 25 Apr 2001 16:43:32 EDT." <003101c0cdc8$64f8bcb0$1200a8c0@gsicomp.on.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 26 Apr 2001 03:12:59 +0100 From: Brian Somers Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > Hi, > > > > about my SOHO router project, I came accross a tough problem, may > > be I overlook that there is a solution already? The VPN gateway > > at the small office / home office (SOHO) has an IPsec tunnel > > connecting it to its headquarter: > > > > setkey -c < > spdadd ${sohonet} ${homenet} -P out ipsec > > esp/tunnel/${sohoip}-${homeip}/require; > > spdadd ${homenet} ${sohonet} -P in ipsec > > esp/tunnel/${homeip}-${sohoip}/require; > > END > > > > now, the problem is that the ${sohoip} is dynamically assigned > > with DHCP. How can the gateway at the headquarter know that > > ${sohoip} address? > > I had a similar situation which I had to work with a while ago, although I > used ssh tunnels instead of IPSec. I'm not sure if my method will work, but > it's worth an try. > > Here's what I did: > 1) Set the headquarters machine up with static IP and DNS. > 2) Configure headquarters machine to allow PPP over TCP > 3) Have remote hosts (with dynamic addresses) connect to headquarters > machine (static address) using PPP over TCP. The endpoints of this PPP > connection use "private" IPs, say 10.x.x.x or 192.168.x.x. Note that once > the connection is established, the addresses of both endpoints are known. > 4) Create SSH tunnels in each direction > 5) Forward all traffic over the SSH tunnel > > In your case, you could probably use IPsec over the PPP connection instead > of SSH. This is a good solution because (as you say) ppp will negotiate an address with the other side and the setkey stuff can be done in ppp.linkup. Of course it's a bad solution because of the per-packet overhead and the two layers of tcp you'll get with any tcp connection through your tunnel (I really must write a udp mux program for ppp). You need to be careful however. The ppp.linkup on the side with the static IP number should blow away any other ppp sessions that are active with the peer (it's ok to do this in ppp.linkup as you've authenticated the client at that point). The problem is that ppp will never bring the link fully up if there's a stale connection via the previous dynamic IP if the negotiated IP numbers are the same. So make sure that the side with the static IP has something like this in it's config: set ifaddr x.x.x.x a.a.a.a-b.b.b.b where x.x.x.x doesn't matter much (it's what the other end will route packets to) and a.a.a.a-b.b.b.b is a range of IP numbers that can be used by the side with the dynamic IP (for the top-side of the tunnel). > -- > matt Emmerton -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 20:23:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from skippyii.compar.com (mail.compar.com [216.208.38.130]) by hub.freebsd.org (Postfix) with ESMTP id 3E4B437B422 for ; Wed, 25 Apr 2001 20:23:13 -0700 (PDT) (envelope-from matt@gsicomp.on.ca) Received: from hermes (kwppp49.enoreo.on.ca [216.94.25.196]) by skippyii.compar.com (8.11.3/8.11.3) with SMTP id f3Q3RW040224; Wed, 25 Apr 2001 23:27:32 -0400 (EDT) (envelope-from matt@gsicomp.on.ca) Message-ID: <008101c0cdff$e7185520$1200a8c0@gsicomp.on.ca> From: "Matthew Emmerton" To: "Brian Somers" Cc: "Gunther Schadow" , , References: <200104260212.f3Q2CxM08889@hak.lan.Awfulhak.org> Subject: Re: VPN tunnel with DHCP ... Date: Wed, 25 Apr 2001 23:15:06 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > Hi, > > > > > > about my SOHO router project, I came accross a tough problem, may > > > be I overlook that there is a solution already? The VPN gateway > > > at the small office / home office (SOHO) has an IPsec tunnel > > > connecting it to its headquarter: > > > > > > setkey -c < > > spdadd ${sohonet} ${homenet} -P out ipsec > > > esp/tunnel/${sohoip}-${homeip}/require; > > > spdadd ${homenet} ${sohonet} -P in ipsec > > > esp/tunnel/${homeip}-${sohoip}/require; > > > END > > > > > > now, the problem is that the ${sohoip} is dynamically assigned > > > with DHCP. How can the gateway at the headquarter know that > > > ${sohoip} address? > > > > I had a similar situation which I had to work with a while ago, although I > > used ssh tunnels instead of IPSec. I'm not sure if my method will work, but > > it's worth an try. > > > > Here's what I did: > > 1) Set the headquarters machine up with static IP and DNS. > > 2) Configure headquarters machine to allow PPP over TCP > > 3) Have remote hosts (with dynamic addresses) connect to headquarters > > machine (static address) using PPP over TCP. The endpoints of this PPP > > connection use "private" IPs, say 10.x.x.x or 192.168.x.x. Note that once > > the connection is established, the addresses of both endpoints are known. > > 4) Create SSH tunnels in each direction > > 5) Forward all traffic over the SSH tunnel > > > > In your case, you could probably use IPsec over the PPP connection instead > > of SSH. > > This is a good solution because (as you say) ppp will negotiate an > address with the other side and the setkey stuff can be done in > ppp.linkup. > > Of course it's a bad solution because of the per-packet overhead and > the two layers of tcp you'll get with any tcp connection through your > tunnel (I really must write a udp mux program for ppp). The plan was designed for 4 remote sites using 1Mbit DSL terminating at an HQ with 2.2Mbit DSL, all for running a character-based app and pushing email out to these remote sites of ~5 users. With this in mind, the overhead wasn't a concern. > You need to be careful however. The ppp.linkup on the side with > the static IP number should blow away any other ppp sessions that are > active with the peer (it's ok to do this in ppp.linkup as you've > authenticated the client at that point). The problem is that ppp > will never bring the link fully up if there's a stale connection via > the previous dynamic IP if the negotiated IP numbers are the same. > > So make sure that the side with the static IP has something like this > in it's config: > > set ifaddr x.x.x.x a.a.a.a-b.b.b.b > > where x.x.x.x doesn't matter much (it's what the other end will route > packets to) and a.a.a.a-b.b.b.b is a range of IP numbers that can be > used by the side with the dynamic IP (for the top-side of the tunnel). Ahh, yes, I can see how this would have been a problem. I think I got around this by having the "server" accepting PPP over TCP connection on 4 different ports, with each remote site assigned a different port, hence keeping everyone in line. In addition, I must say that I never did implement this although I was really looking forward to it. (My boss felt it neccessary to describe the technical intricacies of it to the client, who just got confused and dropped the project.) However, this was the defining moment in time where I truly began to appreciate the cool stuff that FreeBSD can do for me. Now, back to Gunther's request - could you do IPSec over PPP over TCP? -- Matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 20:55: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from cody.jharris.com (cody.jharris.com [205.238.128.83]) by hub.freebsd.org (Postfix) with ESMTP id E825437B423; Wed, 25 Apr 2001 20:54:59 -0700 (PDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f3Q53Ex44782; Thu, 26 Apr 2001 00:03:14 -0500 (CDT) (envelope-from nick@rogness.net) Date: Thu, 26 Apr 2001 00:03:14 -0500 (CDT) From: Nick Rogness X-Sender: nick@cody.jharris.com To: Gunther Schadow Cc: freebsd-net@FreeBSD.ORG, freebsd-small@FreeBSD.ORG, snap-users@kame.net Subject: Re: VPN tunnel with DHCP ... In-Reply-To: <3AE7303F.957DE6DC@aurora.regenstrief.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 25 Apr 2001, Gunther Schadow wrote: > Hi, > > about my SOHO router project, I came accross a tough problem, may > be I overlook that there is a solution already? The VPN gateway > at the small office / home office (SOHO) has an IPsec tunnel > connecting it to its headquarter: > > setkey -c < spdadd ${sohonet} ${homenet} -P out ipsec > esp/tunnel/${sohoip}-${homeip}/require; > spdadd ${homenet} ${sohonet} -P in ipsec > esp/tunnel/${homeip}-${sohoip}/require; > END > > now, the problem is that the ${sohoip} is dynamically assigned > with DHCP. How can the gateway at the headquarter know that > ${sohoip} address? > > Options I can see are: > > A DNS (provided that the SOHO endpoint has a reliable name assigned > by the ISP ... doesn't work for intermittent/dialup lines.) > > B an authenticated message from the SOHO endpoint to headquarter > stating that the network ${sohonet} is reachable through the > tunnel with endpoint ${sohoip}. > > Is there anything like B defined in IPsec / ISAKMP or something? I had a similar problem but I had 1 static server and the tunnels were between several DHCP machines...not between the DHCP machines and the server. I ended up writing a client/server perl program in which the server held information about the client interconnecting gif tunnels. The clients would login and receive tunnel endpoints, routing info, updates and such. I'm sure this won't suffice but I will send it to you for your own hacking pleasure if you wish. Or hell, I'll even modify it so it fits your needs. Nick Rogness - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 21:54:27 2001 Delivered-To: freebsd-net@freebsd.org Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124]) by hub.freebsd.org (Postfix) with ESMTP id 94E3C37B424 for ; Wed, 25 Apr 2001 21:54:24 -0700 (PDT) (envelope-from jinmei@isl.rdc.toshiba.co.jp) Received: from localhost ([3ffe:501:100f:13ff::e]) by shuttle.wide.toshiba.co.jp (8.9.1+3.1W/8.9.1) with ESMTP id NAA20796; Thu, 26 Apr 2001 13:56:36 +0900 (JST) Date: Thu, 26 Apr 2001 13:53:20 +0900 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: raviprasad20@netscape.net Cc: freebsd-net@FreeBSD.ORG Subject: Re: Struct ifnet initalization. In-Reply-To: <02D6ECDE.0C382BA7.9513E96F@netscape.net> References: <02D6ECDE.0C382BA7.9513E96F@netscape.net> User-Agent: Wanderlust/2.5.8 (Smooth) Emacs/21.0 Mule/5.0 (SAKAKI) Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan. MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu") Content-Type: text/plain; charset=US-ASCII X-Dispatcher: imput version 980905(IM100) Lines: 17 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>>>> On Wed, 25 Apr 2001 05:32:53 -0400, >>>>> raviprasad20@netscape.net said: > I have the following questions. > Whether any special initialization fo the ifnet structure is required for ipv6? > Some of the structures like ifaddr, sockaddr_dl are initialized in the same way as is done for ipv4. Whether this won't affect the performance? Sorry, but I don't understand your point. What do you mean by "initialization"? Are you talking about the ifnet structure, (in6_)ifaddr structure, or both? Why do you think it can ever affect performance? JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Apr 25 22:48:44 2001 Delivered-To: freebsd-net@freebsd.org Received: from mine.kame.net (kame195.kame.net [203.178.141.195]) by hub.freebsd.org (Postfix) with ESMTP id 98FC537B422 for ; Wed, 25 Apr 2001 22:48:39 -0700 (PDT) (envelope-from sakane@ydc.co.jp) Received: from localhost ([3ffe:501:481d:4000:260:1dff:fe21:f766]) by mine.kame.net (8.11.1/3.7W) with ESMTP id f3Q64lY37923; Thu, 26 Apr 2001 15:04:47 +0900 (JST) To: wollman@khavrinen.lcs.mit.edu Cc: gunther@aurora.regenstrief.org, freebsd-net@FreeBSD.ORG Subject: Re: VPN tunnel with DHCP ... In-Reply-To: Your message of "Wed, 25 Apr 2001 17:25:29 -0400 (EDT)" <200104252125.RAA12766@khavrinen.lcs.mit.edu> References: <200104252125.RAA12766@khavrinen.lcs.mit.edu> X-Mailer: Cue version 0.6 (010413-1707/sakane) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Message-Id: <20010426144828V.sakane@ydc.co.jp> Date: Thu, 26 Apr 2001 14:48:28 +0900 From: Shoichi Sakane X-Dispatcher: imput version 20000228(IM140) Lines: 19 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org # This tread is being at three mailing list... > >> now, the problem is that the ${sohoip} is dynamically assigned > >> with DHCP. How can the gateway at the headquarter know that > >> ${sohoip} address? > I don't know whether this is actually possible to do yet. But, you > should be able to configure racoon to use a public-key certificate for > authentication, and identify your SOHO users by their names rather > than the random DHCP address. However, it looks like you will still > lose because racoon does not appear to have a mechanism to > automatically add SPD entries based on the authenticated identity of > an ``anonymous'' connection. racoon-20010418a can do it experimentally if you specify "generate_policy" in server's racoon.conf. racoon generates SP entries from ID payloads in IKE phase 2 negotiation, then adds these SPs after SA negotiation will be finished. In this case, all you have to do is to configure SPD in the client. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 1:51: 4 2001 Delivered-To: freebsd-net@freebsd.org Received: from Awfulhak.org (awfulhak.demon.co.uk [194.222.196.252]) by hub.freebsd.org (Postfix) with ESMTP id B96BF37B423 for ; Thu, 26 Apr 2001 01:51:01 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [172.16.0.12]) by Awfulhak.org (8.11.3/8.11.3) with ESMTP id f3Q8oQ317537; Thu, 26 Apr 2001 09:50:26 +0100 (BST) (envelope-from brian@lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.3/8.11.3) with ESMTP id f3Q8pfM50159; Thu, 26 Apr 2001 09:51:41 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200104260851.f3Q8pfM50159@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 To: "Matthew Emmerton" Cc: "Brian Somers" , "Gunther Schadow" , freebsd-net@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: VPN tunnel with DHCP ... In-Reply-To: Message from "Matthew Emmerton" of "Wed, 25 Apr 2001 23:15:06 EDT." <008101c0cdff$e7185520$1200a8c0@gsicomp.on.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 26 Apr 2001 09:51:40 +0100 From: Brian Somers Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Now, back to Gunther's request - could you do IPSec over PPP over TCP? But of course :-) You can even do NAT in this scenario if required - as the NAT will happen before the data is encapsulated in the tcp stream that ipsec's policies are mangling. > -- > Matt Emmerton -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 2:14: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from prince.don.to (cj3098036-a.sagam1.kn.home.ne.jp [210.20.109.78]) by hub.freebsd.org (Postfix) with ESMTP id 23E5B37B423 for ; Thu, 26 Apr 2001 02:14:05 -0700 (PDT) (envelope-from sumikawa@ebina.hitachi.co.jp) Received: from localhost (localhost [127.0.0.1]) by prince.don.to (8.11.3/3.7W) with ESMTP id f3Q7d8800786; Thu, 26 Apr 2001 16:39:08 +0900 (JST) Date: Thu, 26 Apr 2001 16:39:08 +0900 (JST) Message-Id: <20010426.163908.407438065.sumikawa@ebina.hitachi.co.jp> To: snap-users@kame.net Cc: sakane@ydc.co.jp, freebsd-net@freebsd.org, gunther@aurora.regenstrief.org Cc: sumikawa@ebina.hitachi.co.jp Subject: Re: (KAME-snap 4521) Re: KAME SPD bug, please try and confirm ... From: Munechika SUMIKAWA In-Reply-To: <3AE49198.3447C8F2@aurora.regenstrief.org> References: <20010424040539N.sakane@ydc.co.jp> <20010424041925C.sakane@ydc.co.jp> <3AE49198.3447C8F2@aurora.regenstrief.org> X-Mailer: xcite1.39> Mew version 1.95b120 on XEmacs 21.2.47 (Zephir) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org gunther> PS: BTW, now that fbsd 4.3-RELEASE is out, when are you gunther> planning to put the SNAP kit on the basis of 4.3? KAME has gunther> precedence for me right now, so I won't move to 4.3 before gunther> the first SNAP kit is based on 4.3. Next SNAP will be based on 4.3-RELEASE. We've already synced it up and commited into our repositry. --- Munechika SUMIKAWA @ KAME Project / FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 8:27:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id EF54A37B423 for ; Thu, 26 Apr 2001 08:27:48 -0700 (PDT) (envelope-from mike@sentex.net) Received: from simoeon.sentex.net (simeon.sentex.ca [209.112.4.47]) by smtp1.sentex.ca (8.11.2/8.11.1) with ESMTP id f3QFRhi57244 for ; Thu, 26 Apr 2001 11:27:43 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20010424145602.05c353a0@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 26 Apr 2001 11:21:17 -0400 To: freebsd-net@freebsd.org From: Mike Tancsa Subject: number of interfaces and performance ? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have the need to put together a somewhat largish VLAN router (larger than I have done before) with about 35 interfaces. Has anyone put anything like this together ? The box would be routing about 25-30Mb at peak rate. I recall reading something about LINUX being very inefficient when it comes to multiple interfaces. Does FreeBSD suffer from the same fate ? I also recall someone running into problems with 16 physical interfaces (4 x 4 multiport nics). Not sure how much of that was an hardware resource issue and how much a software resource issue . Will it work OK in theory, or should I spend the $8K on a 3640 ? The largest I have right now is one with 8 active VLANs and it works very well, but nothing over 10 and nothing pushing 30+. I have built the box and it works well enough in the lab, but I dont know of course how it will work in production. ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 9:13:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 1932137B423 for ; Thu, 26 Apr 2001 09:13:45 -0700 (PDT) (envelope-from bright@fw.wintelcom.net) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f3QGDh600270; Thu, 26 Apr 2001 09:13:43 -0700 (PDT) Date: Thu, 26 Apr 2001 09:13:43 -0700 From: Alfred Perlstein To: Mike Tancsa Cc: freebsd-net@FreeBSD.ORG Subject: Re: number of interfaces and performance ? Message-ID: <20010426091343.F18676@fw.wintelcom.net> References: <5.1.0.14.0.20010424145602.05c353a0@marble.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <5.1.0.14.0.20010424145602.05c353a0@marble.sentex.ca>; from mike@sentex.net on Thu, Apr 26, 2001 at 11:21:17AM -0400 X-all-your-base: are belong to us. Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * Mike Tancsa [010426 08:27] wrote: > > I have the need to put together a somewhat largish VLAN router (larger than > I have done before) with about 35 interfaces. Has anyone put anything like > this together ? The box would be routing about 25-30Mb at peak rate. I > recall reading something about LINUX being very inefficient when it comes > to multiple interfaces. Does FreeBSD suffer from the same fate ? I also > recall someone running into problems with 16 physical interfaces (4 x 4 > multiport nics). Not sure how much of that was an hardware resource issue > and how much a software resource issue . Will it work OK in theory, or > should I spend the $8K on a 3640 ? The largest I have right now is one with > 8 active VLANs and it works very well, but nothing over 10 and nothing > pushing 30+. I have built the box and it works well enough in the lab, but > I dont know of course how it will work in production. I remeber there being some sort of issue with large number of interfaces, however I think it was trivial to fix and may have already been. Sorry if this isn't so helpful, but I can't remeber anyone recently popping up and complaining about the perf with lotsa NICs in machine. -- -Alfred Perlstein - [alfred@freebsd.org] Daemon News Magazine in your snail-mail! http://magazine.daemonnews.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 10:32:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id 9973B37B422 for ; Thu, 26 Apr 2001 10:32:40 -0700 (PDT) (envelope-from sthaug@nethelp.no) Received: (qmail 81012 invoked by uid 1001); 26 Apr 2001 17:32:36 +0000 (GMT) To: mike@sentex.net Cc: freebsd-net@freebsd.org Subject: Re: number of interfaces and performance ? From: sthaug@nethelp.no In-Reply-To: Your message of "Thu, 26 Apr 2001 11:21:17 -0400" References: <5.1.0.14.0.20010424145602.05c353a0@marble.sentex.ca> X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Thu, 26 Apr 2001 19:32:36 +0200 Message-ID: <81010.988306356@verdi.nethelp.no> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I have the need to put together a somewhat largish VLAN router (larger than > I have done before) with about 35 interfaces. Has anyone put anything like > this together ? The box would be routing about 25-30Mb at peak rate. I > recall reading something about LINUX being very inefficient when it comes > to multiple interfaces. Does FreeBSD suffer from the same fate ? I also > recall someone running into problems with 16 physical interfaces (4 x 4 > multiport nics). Not sure how much of that was an hardware resource issue > and how much a software resource issue . Will it work OK in theory, or > should I spend the $8K on a 3640 ? As long as you're just doing Ethernet, you might want to consider the 2948G-L3 as an alternative to a 3640. IP routing in hardware, 48 10/100 ports and 2 Gigabit ports. *Way* more backplane bandwidth and pps than the 3640. Con: No access lists on the 10/100 ports. We're using these as pure routers (no bridging), and they're working very well. (We used to have the 2948G-L3 do bridging also, that did *not* work very well.) Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 10:53:46 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id A0A6337B423 for ; Thu, 26 Apr 2001 10:53:44 -0700 (PDT) (envelope-from mike@sentex.net) Received: from simoeon.sentex.net (simeon.sentex.ca [209.112.4.47]) by smtp1.sentex.ca (8.11.2/8.11.1) with ESMTP id f3QHrVA83769; Thu, 26 Apr 2001 13:53:31 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20010426134003.040f2b60@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 26 Apr 2001 13:47:04 -0400 To: sthaug@nethelp.no From: Mike Tancsa Subject: Re: number of interfaces and performance ? Cc: freebsd-net@freebsd.org In-Reply-To: <81010.988306356@verdi.nethelp.no> References: <5.1.0.14.0.20010424145602.05c353a0@marble.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 07:32 PM 4/26/01 +0200, sthaug@nethelp.no wrote: >As long as you're just doing Ethernet, you might want to consider the >2948G-L3 as an alternative to a 3640. IP routing in hardware, 48 10/100 >ports and 2 Gigabit ports. *Way* more backplane bandwidth and pps than >the 3640. Con: No access lists on the 10/100 ports. > >We're using these as pure routers (no bridging), and they're working very >well. (We used to have the 2948G-L3 do bridging also, that did *not* work >very well.) Hmmm.. This does look interesting. Note that there is way more bandwidth than I need. Like I said, I am only going to push tops 30Mb/s through the thing. The cisco would certainly do the job, but I am still looking at 10 times the cost. If I need to spend the money I will, I just hate spending the money needlessly. ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 11:18:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id 1EBA437B422 for ; Thu, 26 Apr 2001 11:18:17 -0700 (PDT) (envelope-from sthaug@nethelp.no) Received: (qmail 81649 invoked by uid 1001); 26 Apr 2001 18:16:49 +0000 (GMT) To: mike@sentex.net Cc: freebsd-net@freebsd.org Subject: Re: number of interfaces and performance ? From: sthaug@nethelp.no In-Reply-To: Your message of "Thu, 26 Apr 2001 13:47:04 -0400" References: <5.1.0.14.0.20010426134003.040f2b60@marble.sentex.ca> X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Thu, 26 Apr 2001 20:16:49 +0200 Message-ID: <81646.988309009@verdi.nethelp.no> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Hmmm.. This does look interesting. Note that there is way more bandwidth > than I need. Like I said, I am only going to push tops 30Mb/s through the > thing. The cisco would certainly do the job, but I am still looking at 10 > times the cost. If I need to spend the money I will, I just hate spending > the money needlessly. I'm quite sure that you could get a FreeBSD box to perform adequately with 30 Mbps through the box. You may have less hassle with a Cisco box, but as you have noticed it'll cost you. I mentioned the 2948G-L3 simply as an alternative to the 3640. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 11:27:10 2001 Delivered-To: freebsd-net@freebsd.org Received: from amc.isi.edu (amc.isi.edu [128.9.160.102]) by hub.freebsd.org (Postfix) with ESMTP id 7784A37B423 for ; Thu, 26 Apr 2001 11:27:08 -0700 (PDT) (envelope-from yushunwa@amc.isi.edu) Received: from localhost (yushunwa@localhost) by amc.isi.edu (8.11.1/8.11.1) with ESMTP id f3QIR7L00937 for ; Thu, 26 Apr 2001 11:27:08 -0700 (PDT) (envelope-from yushunwa@amc.isi.edu) Date: Thu, 26 Apr 2001 11:27:07 -0700 (PDT) From: Yu-Shun Wang To: Subject: Re: number of interfaces and performance ? Message-ID: <20010426110258.D851-100000@amc.isi.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, > I remeber there being some sort of issue with large number of > interfaces, however I think it was trivial to fix and may have > already been. Actually no; at least not in 4.2-R. See the following PR: http://www.FreeBSD.org/cgi/query-pr.cgi?pr=11525 Those issues weren't exactly related to performance (bandwidth), but they can cause a lot of network functions (rpc, mrouted, etc.) to either not working correctly, or not working at all when you have dynamically attached Ethernet interfaces (PCMCIA NICs) plus a lot ( > 32) of virtual interfaces (gif, tun). > Sorry if this isn't so helpful, but I can't remeber > anyone recently popping up and complaining about the perf with > lotsa NICs in machine. We emailed a follow-up to the list a few months back regarding the PR, but didn't hear anything. Guess people don't use that many gifs in their notebooks. :-) yushun. ____________________________________________________________________________ Yu-Shun Wang Information Sciences Institute University of Southern California To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 11:59:50 2001 Delivered-To: freebsd-net@freebsd.org Received: from flounder.jimking.net (flounder.jimking.net [209.205.176.18]) by hub.freebsd.org (Postfix) with ESMTP id B738837B423 for ; Thu, 26 Apr 2001 11:59:45 -0700 (PDT) (envelope-from jim@jimking.net) Received: from jking (jking.lgc.com [134.132.76.82]) (authenticated) by flounder.jimking.net (8.11.3/8.11.2) with ESMTP id f3QIxiD47505 (using TLSv1/SSLv3 with cipher RC4-MD5 (128 bits) verified NO) for ; Thu, 26 Apr 2001 13:59:45 -0500 (CDT) (envelope-from jim@jimking.net) Message-ID: <010701c0ce83$0f00eb50$524c8486@jking> From: "Jim King" To: Subject: 802.11b ad hoc configuration Date: Thu, 26 Apr 2001 13:59:44 -0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0104_01C0CE59.25C20F60" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2462.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0104_01C0CE59.25C20F60 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I have a laptop and a desktop, each with a Cisco Aironet 350 802.11b = wireless NIC. I'm trying to get them talking to each other in ad hoc = mode. The laptop runs Win2000 and the desktop dual boots Win2000 and = FreeBSD 4.3-stable. With both boxes running Win2000 things work fine. = When I boot the desktop in FreeBSD I use ifconfig to assign an IP = address to the wireless NIC, and use ancontrol to set ad hoc mode, turn = off WEP, set the SSID, set the node name, set authorization type to = none, and set the radio channel. ancontrol's status/config displays = show that these are being set, and the settings match the laptop, and = after updating to 4.3-stable I'm not seeing any an(4) error messages on = the console. The status displays on both boxes are showing "beacons = received" and "beacons transmitted" counters increasing, so I guess = they're hearing each other at the radio level. However, nothing gets = through at the network level - no ping, etc. Is there some other knob I = need to tweak to get these two to talk to each other? Jim ------=_NextPart_000_0104_01C0CE59.25C20F60 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I have a laptop and a desktop, each = with a Cisco=20 Aironet 350 802.11b wireless NIC.  I'm trying to get them talking = to each=20 other in ad hoc mode.  The laptop runs Win2000 and the desktop dual = boots=20 Win2000 and FreeBSD 4.3-stable.  With both boxes running Win2000 = things=20 work fine.  When I boot the desktop in FreeBSD I use ifconfig to = assign an=20 IP address to the wireless NIC, and use ancontrol to set ad hoc mode, = turn off=20 WEP, set the SSID, set the node name, set authorization type to none, = and set=20 the radio channel.  ancontrol's status/config displays show that = these are=20 being set, and the settings match the laptop, and after updating to = 4.3-stable=20 I'm not seeing any an(4) error messages on the console.  The status = displays on both boxes are showing "beacons received" and "beacons = transmitted"=20 counters increasing, so I guess they're hearing each other at the radio=20 level.  However, nothing gets through at the network level - no = ping,=20 etc.  Is there some other knob I need to tweak to get these two to = talk to=20 each other?
 
Jim
------=_NextPart_000_0104_01C0CE59.25C20F60-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 12:17: 5 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id D7E5237B423 for ; Thu, 26 Apr 2001 12:17:02 -0700 (PDT) (envelope-from mike@sentex.net) Received: from simoeon.sentex.net (simeon.sentex.ca [209.112.4.47]) by smtp1.sentex.ca (8.11.2/8.11.1) with ESMTP id f3QJH0M98954; Thu, 26 Apr 2001 15:17:00 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20010426141648.0223c030@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 26 Apr 2001 15:10:34 -0400 To: sthaug@nethelp.no From: Mike Tancsa Subject: Re: number of interfaces and performance ? Cc: freebsd-net@freebsd.org In-Reply-To: <81646.988309009@verdi.nethelp.no> References: <5.1.0.14.0.20010426134003.040f2b60@marble.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 08:16 PM 4/26/01 +0200, sthaug@nethelp.no wrote: > > Hmmm.. This does look interesting. Note that there is way more bandwidth > > than I need. Like I said, I am only going to push tops 30Mb/s through the > > thing. The cisco would certainly do the job, but I am still looking at 10 > > times the cost. If I need to spend the money I will, I just hate spending > > the money needlessly. > >I'm quite sure that you could get a FreeBSD box to perform adequately >with 30 Mbps through the box. You may have less hassle with a Cisco box, >but as you have noticed it'll cost you. I mentioned the 2948G-L3 simply >as an alternative to the 3640. Thanks. Actually, once I add a couple of FastEs to the 3640, its about the same price for the switch! So this is very helpful and would do better for me than the 3640. (Both are about $10K CDN). I guess my main concern with the FreeBSD solution is if having 30+ interfaces will slow it down in production. I have a couple of boxes routing more this level of traffic through a couple of fxps and an OC-3 interface with great results. But will having 30+ interfaces mean that the box will route significantly slower or add a lot of latency. ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 13:29:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from canudos.ufba.br (canudos.ufba.br [200.18.228.128]) by hub.freebsd.org (Postfix) with ESMTP id 4AAE737B422 for ; Thu, 26 Apr 2001 13:29:10 -0700 (PDT) (envelope-from mercia@ufba.br) Received: from uiara ([200.128.59.151]) by canudos.ufba.br (8.11.1/8.11.1) with SMTP id f3QKTBn101916 for ; Thu, 26 Apr 2001 17:29:16 -0300 Message-Id: <1.5.4.32.20010426203158.008cf6a4@ufba.br> X-Sender: mercia@ufba.br (Unverified) X-Mailer: Windows Eudora Light Version 1.5.4 (32) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 26 Apr 2001 17:31:58 -0300 To: freebsd-net@FreeBSD.ORG From: Mercia Eliane Bittencourt Figueredo Subject: forerunner LE drive Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I have some NICs Forerunner LE 25 and I need a drive for Freebsd, does Anyone know where I can find it? Thanks, Mercia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 14:54:18 2001 Delivered-To: freebsd-net@freebsd.org Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1]) by hub.freebsd.org (Postfix) with ESMTP id 0A93637B422 for ; Thu, 26 Apr 2001 14:54:13 -0700 (PDT) (envelope-from mike@sentex.net) Received: (from root@localhost) by cage.simianscience.com (8.11.3/8.11.2) id f3QLsCf48196; Thu, 26 Apr 2001 17:54:12 -0400 (EDT) (envelope-from mike@sentex.net) Received: from chimp (fcage [192.168.0.2]) by cage.simianscience.com (8.11.3/8.11.2av) with ESMTP id f3QLs7L48188; Thu, 26 Apr 2001 17:54:07 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <4.2.2.20010426175244.02fc8668@192.168.0.12> X-Sender: mdtancsa@192.168.0.12 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Thu, 26 Apr 2001 17:54:06 -0400 To: "Vladimir B. Grebenschikov" From: Mike Tancsa Subject: Re: number of interfaces and performance ? Cc: freebsd-net@freebsd.org In-Reply-To: <15080.36064.716054.787473@vbook.express.ru> References: <20010426091343.F18676@fw.wintelcom.net> <5.1.0.14.0.20010424145602.05c353a0@marble.sentex.ca> <20010426091343.F18676@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 01:02 AM 4/27/2001 +0400, Vladimir B. Grebenschikov wrote: >I have machine vith 18 running interfaces, most of them VLAN >interfaces, but there are some LAN and WAN. It successful transfer >about 60-80Mbit/s (~90 in peak). Most of traffic goes throug Intel >EtherExpress ethernet NICs. Thanks for the data point. Have you ever tried increasing the interface count above 18 to say 33 ? >For VLANs I use patch to allow passing IP packets 1500byte size. Yes, I use that one as well. ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Network Administration, mike@sentex.net Sentex Communications www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 14:56:46 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id B65F537B422 for ; Thu, 26 Apr 2001 14:56:42 -0700 (PDT) (envelope-from mike@sentex.net) Received: from chimp.simianscience.com (cage.simianscience.com [64.7.134.1]) by smtp1.sentex.ca (8.11.2/8.11.1) with SMTP id f3QLuep27221; Thu, 26 Apr 2001 17:56:40 -0400 (EDT) (envelope-from mike@sentex.net) From: Mike Tancsa To: yushunwa@isi.edu (Yu-Shun Wang) Cc: freebsd-net@freebsd.org Subject: Re: number of interfaces and performance ? Date: Thu, 26 Apr 2001 17:56:40 -0400 Message-ID: References: In-Reply-To: X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 26 Apr 2001 14:29:23 -0400, in sentex.lists.freebsd.net you wrote: > >Hi, > >> I remeber there being some sort of issue with large number of >> interfaces, however I think it was trivial to fix and may have >> already been. > >Actually no; at least not in 4.2-R. See the following PR: > > http://www.FreeBSD.org/cgi/query-pr.cgi?pr=3D11525 > >Those issues weren't exactly related to performance (bandwidth), >but they can cause a lot of network functions (rpc, mrouted, etc.) >to either not working correctly, or not working at all when you >have dynamically attached Ethernet interfaces (PCMCIA NICs) plus >a lot ( > 32) of virtual interfaces (gif, tun). Thanks! These are the sorts of issues I was worried about! Actually, I could probably live with a 30 interface box. It would still be 80% = cheaper for me to build two 30VLAN FreeBSD boxes than one equiv Cisco router or switch.... Cheaper to maintain as well. ---Mike Mike Tancsa (mdtancsa@sentex.net) =09 Sentex Communications Corp, =09 Waterloo, Ontario, Canada "Given enough time, 100 monkeys on 100 routers=20 could setup a national IP network." (KDW2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 16: 9:31 2001 Delivered-To: freebsd-net@freebsd.org Received: from privatecube.privatelabs.com (privatecube.privatelabs.com [63.114.185.254]) by hub.freebsd.org (Postfix) with ESMTP id 3E7E237B424; Thu, 26 Apr 2001 16:09:22 -0700 (PDT) (envelope-from mi@misha.privatelabs.com) Received: from misha.privatelabs.com (root@misha.plten [10.0.0.106]) by privatecube.privatelabs.com (8.9.3/8.9.2) with ESMTP id SAA21076; Thu, 26 Apr 2001 18:29:48 -0400 Received: from misha.privatelabs.com (mi@localhost [127.0.0.1]) by misha.privatelabs.com (8.11.1/8.11.1) with ESMTP id f3QN8mC73561; Thu, 26 Apr 2001 19:08:50 -0400 (EDT) (envelope-from mi@misha.privatelabs.com) Message-Id: <200104262308.f3QN8mC73561@misha.privatelabs.com> Date: Thu, 26 Apr 2001 19:08:47 -0400 (EDT) From: mi@aldan.algebra.com Subject: Re: maxing out the 100Mb TX (full duplex) To: Brooks Davis Cc: questions@FreeBSD.ORG, luigi@iet.unipi.it, net@FreeBSD.ORG, rmolchon@privatelabs.com, jonathan@privatelabs.com, wpaul@FreeBSD.ORG In-Reply-To: <20010425153750.A16285@Odin.AC.HMC.Edu> MIME-Version: 1.0 Content-Type: TEXT/plain; CHARSET=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 25 Apr, Brooks Davis wrote: = On Wed, Apr 25, 2001 at 06:33:17PM -0400, Mikhail Teterin wrote: = > In our load tests we seem to be maxing out the 100Mb full duplex = > network card (fxp0). = > = > The machine has two such cards on the motherboard. How can we use = > both of them transparently? = = If you have a switch that supports EtherChannel you can use Bill Pauls = netgraph module. Otherwise, I don't think there's any reliable way to = do it. = = http://people.freebsd.org/~wpaul/FEC/ Well, we have Intel's Express 510T switch... I tried to grep the manual for "EtherChannel", it is not there... But the switch looks impressive, so may be it is just called something else? = Alternativly, if you have an appropriate switch, you could use gigabit = ethernet. We don't have another slot on this server's motherboard, but the two fxp-cards are on-board... We would like to, of course, use what we already have first. Thanks! -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 16:21:32 2001 Delivered-To: freebsd-net@freebsd.org Received: from nameserver.austclear.com.au (nameserver.austclear.com.au [192.83.119.132]) by hub.freebsd.org (Postfix) with ESMTP id 9801C37B422; Thu, 26 Apr 2001 16:21:25 -0700 (PDT) (envelope-from ahl@austclear.com.au) Received: from tungsten.austclear.com.au (tungsten.austclear.com.au [192.168.70.1]) by nameserver.austclear.com.au (8.9.3/8.9.3) with ESMTP id JAA93513; Fri, 27 Apr 2001 09:21:24 +1000 (EST) Received: from tungsten (tungsten [192.168.70.1]) by tungsten.austclear.com.au (8.9.3/8.9.3) with ESMTP id JAA17337; Fri, 27 Apr 2001 09:21:23 +1000 (EST) Message-Id: <200104262321.JAA17337@tungsten.austclear.com.au> X-Mailer: exmh version 2.1.1 10/15/1999 To: mi@aldan.algebra.com Cc: questions@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: maxing out the 100Mb TX (full duplex) In-Reply-To: Message from mi@aldan.algebra.com of "Thu, 26 Apr 2001 19:08:47 -0400." <200104262308.f3QN8mC73561@misha.privatelabs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 27 Apr 2001 09:21:23 +1000 From: Tony Landells Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org mi@aldan.algebra.com said: > Well, we have Intel's Express 510T switch... I tried to grep the > manual for "EtherChannel", it is not there... But the switch looks > impressive, so may be it is just called something else? I know that Sun call this concept "trunking". Other things you might look for are, say, "port aggregation" or "bandwidth aggregation". Perhaps the easiest thing to do is to talk to your reseller or to Intel support. Be aware though that there are two models (that I know of) for doing this--one just cycles through the interfaces sending one packet on each in turn (such as ng_one2many does); the other performs an XOR of the last n bits of the source and destination MAC addresses to select the interface the packet should travel through (this is the one most Cisco equipment supports). Sun support either. Cisco generally support only the second, though the switches they acquired from Kalpana only support the first (so yes, you can have two Cisco switches that can't EtherChannel). The last time I looked FreeBSD could only support the first (through ng_one2many). Cheers, Tony -- Tony Landells Senior Network Engineer Ph: +61 3 9677 9319 Australian Clearing Services Pty Ltd Fax: +61 3 9677 9355 Level 4, Rialto North Tower 525 Collins Street Melbourne VIC 3000 Australia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 16:45:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from marble.fbcc.com (ns2.fbcc.com [216.54.252.3]) by hub.freebsd.org (Postfix) with SMTP id 2A6B137B422 for ; Thu, 26 Apr 2001 16:45:34 -0700 (PDT) (envelope-from jim@jimking.net) Received: (qmail 22416 invoked from network); 26 Apr 2001 23:56:06 -0000 Received: from 216-52-255-8.fbcc.com (HELO bluto.jimking.net) (216.54.255.8) by ns2.fbcc.com with SMTP; 26 Apr 2001 23:56:06 -0000 Received: from marble (marble.lgc.com [134.132.228.4]) by bluto.jimking.net (8.11.3/8.11.1) with SMTP id f3QNjPx54496; Thu, 26 Apr 2001 18:45:26 -0500 (CDT) (envelope-from jim@jimking.net) Message-ID: <002201c0ceaa$f7efe470$04e48486@marble> From: "Jim King" To: "Wesley Morgan" Cc: References: <20010426154923.J57796-100000@volatile.chemikals.org> Subject: Re: 802.11b ad hoc configuration Date: Thu, 26 Apr 2001 18:45:25 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Is BSS actually a different mode, or a synonym for something else? For the Aironet both ancontrol(8) and the Windows driver configuration use the terms "ad-hoc" and "infrastructure" for the two available modes. Jim "Wesley Morgan" wrote: > If the aironet drivers are anything like the Wavelan drivers, > windows doesnt use ad-hoc mode any more. I find that the BSS mode works > fine for me BSD-BSD and Windows-BSD (with no access points either). This > is wavelan though. > > On Thu, 26 Apr 2001, Jim King wrote: > > > I have a laptop and a desktop, each with a Cisco Aironet 350 802.11b wireless NIC. I'm trying to get them talking to each other in ad hoc mode. The laptop runs Win2000 and the desktop dual boots Win2000 and FreeBSD 4.3-stable. With both boxes running Win2000 things work fine. When I boot the desktop in FreeBSD I use ifconfig to assign an IP address to the wireless NIC, and use ancontrol to set ad hoc mode, turn off WEP, set the SSID, set the node name, set authorization type to none, and set the radio channel. ancontrol's status/config displays show that these are being set, and the settings match the laptop, and after updating to 4.3-stable I'm not seeing any an(4) error messages on the console. The status displays on both boxes are showing "beacons received" and "beacons transmitted" counters increasing, so I guess they're hearing each other at the radio level. However, nothing gets through at the network level - no ping, etc. Is there some other knob I need to t! > weak to get these two to talk to each other? > > > > Jim > > > > -- > _ __ ___ ____ ___ ___ ___ > Wesley N Morgan _ __ ___ | _ ) __| \ > morganw@chemikals.org _ __ | _ \._ \ |) | > FreeBSD: The Power To Serve _ |___/___/___/ > 6bone: 3ffe:1ce3:7::b4ff:fe53:c297 > Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread! > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 17:45:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id D8CA437B422 for ; Thu, 26 Apr 2001 17:45:44 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f3R0jON02828; Thu, 26 Apr 2001 17:45:24 -0700 Date: Thu, 26 Apr 2001 17:45:24 -0700 From: Brooks Davis To: Jim King Cc: Wesley Morgan , freebsd-net@FreeBSD.ORG Subject: Re: 802.11b ad hoc configuration Message-ID: <20010426174524.C13558@Odin.AC.HMC.Edu> References: <20010426154923.J57796-100000@volatile.chemikals.org> <002201c0ceaa$f7efe470$04e48486@marble> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="8NvZYKFJsRX2Djef" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <002201c0ceaa$f7efe470$04e48486@marble>; from jim@jimking.net on Thu, Apr 26, 2001 at 06:45:25PM -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --8NvZYKFJsRX2Djef Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Apr 26, 2001 at 06:45:25PM -0500, Jim King wrote: > Is BSS actually a different mode, or a synonym for something else? For t= he > Aironet both ancontrol(8) and the Windows driver configuration use the te= rms > "ad-hoc" and "infrastructure" for the two available modes. Most people are using BSS to refer to infrastucture mode. I really wish they would stick to "ad-hoc" and "infrastructure" because the majority of uses of the technical terms I've seen have been wrong or at least highly misleading. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --8NvZYKFJsRX2Djef Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE66MEjXY6L6fI4GtQRAirMAJ96HSF0pMo2Hdp77dNWT+1mjLR+PgCfUNHc ggfeaPygpK3PkUxhwhzm49o= =Qh+2 -----END PGP SIGNATURE----- --8NvZYKFJsRX2Djef-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 19: 2:23 2001 Delivered-To: freebsd-net@freebsd.org Received: from farley.org (farley.org [216.140.158.72]) by hub.freebsd.org (Postfix) with ESMTP id 46CE737B423 for ; Thu, 26 Apr 2001 19:02:10 -0700 (PDT) (envelope-from sean-freebsd@farley.org) Received: from thor.farley.org ([192.168.1.5]) by farley.org with esmtp (Exim 3.03 #1) id 14sxaC-0000KI-00 for freebsd-net@freebsd.org; Thu, 26 Apr 2001 21:02:08 -0500 Date: Thu, 26 Apr 2001 21:02:08 -0500 (CDT) From: Sean Farley X-X-Sender: To: Subject: Sendmail outgoing bind() fails on PPP Message-ID: <20010426205613.L28093-100000@thor.farley.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I previously posted this on comp.mail.sendmail and freebsd-questions. After no answer and some extra testing, I believe this probably belongs here. -------- I need some help debugging a problem I am having with setting up Sendmail. Previously, I have been using Exim, but I have decided to try my hand with a different MTA. :) Here is the error I just cannot seem to get around (with indenting): Apr 21 16:10:14 gw sendmail[1985]: starting daemon (8.11.2): SMTP+queueing@00:30:00 Apr 21 16:10:15 gw sendmail[1986]: f3LK0XL00702: SYSERR(root): makeconnection: cannot bind socket [216.140.158.72]: Invalid argument Apr 21 16:10:15 gw sendmail[1986]: f3LK0XL00702: to, delay1:09:42, xdelay0:00:01, maileresmtp, priR80326, relaymail.blackhat.net. [216.140.158.10], dsn4.0.0, stat=Deferred: Invalid argument My setup consists of FreeBSD-4.2, Sendmail v8.11.2, a multi-home system with a cable modem, analog modem, and a LAN. I only wish it to receive on the LAN (192.168.1.0) and the analog modem (216.140.158.72). This is easy to change (DAEMON_OPTIONS), but I just can't get confCLIENT_OPTIONS to work. From looking at sendmail.cf, I can see that it is being set: # SMTP client options O ClientPortOptions=Family=inet, Addr=216.140.158.72 Here are my files, interfaces, and routing tables. I have Exim working with this, but I would like to get sendmail running. Also, I use IP Filter to actually route the packets from the cable modem over to the analog modem, but this is not the problem. sendmail.mc: divert(-1) # Lots of comments. :) divert(0)dnl VERSIONID(`@(#)freebsd.mc $Revision: 1.4.2.1 $') OSTYPE(bsd4.4) DOMAIN(generic) FEATURE(relay_entire_domain) FEATURE(`dnsbl') FEATURE(`always_add_domain') define(`confCLIENT_OPTIONS', `Addr=216.140.158.72') define(`confNO_RCPT_ACTION', `add-to-undisclosed') define(`confPRIVACY_FLAGS', `authwarnings,novrfy') define(`confDONT_PROBE_INTERFACES', `true') MODIFY_MAILER_FLAGS(`LOCAL', `+S') dnl Mailers. MAILER(local) MAILER(smtp) ifconfig -a: vx0: flags=8843 mtu 1500 inet6 fe80::220:afff:fef0:e85d%vx0 prefixlen 64 scopeid 0x1 inet 66.25.132.129 netmask 0xfffffc00 broadcast 255.255.255.255 ether 00:20:af:f0:e8:5d ed0: flags=8843 mtu 1500 inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::200:c0ff:fec2:cfdd%ed0 prefixlen 64 scopeid 0x2 inet6 fec0::1:200:c0ff:fec2:cfdd prefixlen 64 inet6 fec0:0:0:1:: prefixlen 64 anycast ether 00:00:c0:c2:cf:dd faith0: flags=8041 mtu 1500 inet6 fe80::220:afff:fef0:e85d%faith0 prefixlen 64 scopeid 0x3 gif0: flags=8010 mtu 1280 gif1: flags=8010 mtu 1280 gif2: flags=8010 mtu 1280 gif3: flags=8010 mtu 1280 lo0: flags=8049 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 ppp0: flags=8010 mtu 1500 stf0: flags1 mtu 1280 tun0: flags=8051 mtu 1500 inet6 fe80::220:afff:fef0:e85d%tun0 --> :: prefixlen 64 scopeid 0xb inet 216.140.158.72 --> 216.140.158.15 netmask 0xffffff00 Opened by PID 139 netstat -nr: Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 66.25.132.1 UGSc 21 1303 vx0 66.25.132/22 link#1 UC 0 0 vx0 > 66.25.132.1 0:30:7b:f8:3c:8c UHLW 19 0 vx0 1175 127.0.0.1 127.0.0.1 UH 3 1456 lo0 192.168.1 link#2 UC 0 0 ed0 > 192.168.1.2 0:0:c0:c2:cf:dd UHLW 0 22511 lo0 192.168.1.5 0:a0:cc:53:1:43 UHLW 2 3873 ed0 686 192.168.1.255 ff:ff:ff:ff:ff:ff UHLWb 3 81 ed0 216.140.158.15 216.140.158.72 UH 0 0 tun0 Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRSc lo0 ::1 ::1 UH lo0 ::ffff:0.0.0.0/96 ::1 UGRSc lo0 fe80::/10 ::1 UGRSc lo0 fe80::%vx0/64 link#1 UC vx0 fe80::%ed0/64 link#2 UC ed0 fe80::%faith0/64 link#3 UC faith0 fe80::%lo0/64 fe80::1%lo0 Uc lo0 fe80::%tun0/64 link#11 UC tun0 fe80::220:afff:fef0:e85d%tun0 ::1 UH lo0 fec0:0:0:1::/64 link#2 UC ed0 fec0::1:200:c0ff:fec2:cfdd 0:0:c0:c2:cf:dd UHLW lo0 fec0::1:2a0:ccff:fe53:143 0:a0:cc:53:1:43 UHLW ed0 ff01::/32 ::1 U lo0 ff02::/16 link#1 UCS vx0 ff02::%vx0/32 link#1 UC vx0 ff02::%ed0/32 link#2 UC ed0 ff02::%faith0/32 link#3 UC faith0 ff02::%lo0/32 fe80::1%lo0 UC lo0 ff02::%tun0/32 link#11 UC tun0 I am now using FreeBSD-4.3 with Sendmail v8.11.3 without any change. I even wrote a little program to see if everything was going alright. With my test program I am able to bind a random port with a problem. It just appears Sendmail does not want to. Using GDB I compared the two sockaddr_in structures in my program and Sendmail (daemon.c:2095). The values were exactly the same. I just don't see why this bind would fail on the PPP device and not the ethernet cards. Hopefully, this problem is user-oversight and someone sees what it is. . :) TIA, Sean ----------------------- sean-freebsd@farley.org PGP key: http://www.farley.org/~sean/pgp.key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 20:36:58 2001 Delivered-To: freebsd-net@freebsd.org Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (Postfix) with ESMTP id DCE3B37B422 for ; Thu, 26 Apr 2001 20:36:55 -0700 (PDT) (envelope-from itojun@itojun.org) Received: from itojun.org (localhost [127.0.0.1]) by coconut.itojun.org (Postfix) with ESMTP id 4AA0B4B10; Fri, 27 Apr 2001 12:36:53 +0900 (JST) To: Sean Farley Cc: freebsd-net@freebsd.org In-reply-to: sean-freebsd's message of Thu, 26 Apr 2001 21:02:08 EST. <20010426205613.L28093-100000@thor.farley.org> X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: Sendmail outgoing bind() fails on PPP From: itojun@iijlab.net Date: Fri, 27 Apr 2001 12:36:53 +0900 Message-ID: <6627.988342613@itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >I only wish it to receive on the LAN (192.168.1.0) and the analog modem >(216.140.158.72). This is easy to change (DAEMON_OPTIONS), but I just >can't get confCLIENT_OPTIONS to work. From looking at sendmail.cf, I can >see that it is being set: > ># SMTP client options >O ClientPortOptions=Family=inet, Addr=216.140.158.72 so, 216.140.158.72 is on your local interface, and you would like to receive emails toward the address. then, i guess you should be using DaemonPortOptions instead. note that, if you are running on-demand dialup, DaemonPortOptions will choke while your modem line is not connected. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Apr 26 20:43: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from farley.org (farley.org [216.140.158.72]) by hub.freebsd.org (Postfix) with ESMTP id E601737B423 for ; Thu, 26 Apr 2001 20:42:56 -0700 (PDT) (envelope-from sean-freebsd@farley.org) Received: from thor.farley.org ([192.168.1.5]) by farley.org with esmtp (Exim 3.03 #1) id 14sz9f-0001Cj-00; Thu, 26 Apr 2001 22:42:51 -0500 Date: Thu, 26 Apr 2001 22:42:51 -0500 (CDT) From: Sean Farley X-X-Sender: To: Cc: Subject: Re: Sendmail outgoing bind() fails on PPP In-Reply-To: <6627.988342613@itojun.org> Message-ID: <20010426223903.F28292-100000@thor.farley.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 27 Apr 2001 12:36, itojun@iijlab.net wrote: > >I only wish it to receive on the LAN (192.168.1.0) and the analog modem > >(216.140.158.72). This is easy to change (DAEMON_OPTIONS), but I just > >can't get confCLIENT_OPTIONS to work. From looking at sendmail.cf, I can > >see that it is being set: > > > ># SMTP client options > >O ClientPortOptions=Family=inet, Addr=216.140.158.72 > > so, 216.140.158.72 is on your local interface, and you would like to > receive emails toward the address. then, i guess you should be using > DaemonPortOptions instead. > > note that, if you are running on-demand dialup, DaemonPortOptions > will choke while your modem line is not connected. Actually, Sendmail works with on-demand PPP whether it is up or not. Also, DaemonPortOptions only affects incoming connections. I am trying to force the outgoing connections on to a specific interface. This does work with Exim, so I believe it should work with Sendmail using ClientPortOptions. Sean ----------------------- sean-freebsd@farley.org PGP key: http://www.farley.org/~sean/pgp.key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 0: 0:44 2001 Delivered-To: freebsd-net@freebsd.org Received: from relay1.macomnet.ru (relay1.macomnet.ru [195.128.64.10]) by hub.freebsd.org (Postfix) with ESMTP id A3E4137B422 for ; Fri, 27 Apr 2001 00:00:35 -0700 (PDT) (envelope-from maxim@macomnet.ru) Received: from news1.macomnet.ru (news1.macomnet.ru [195.128.64.14]) by relay1.macomnet.ru (8.11.3/8.11.3) with ESMTP id f3R72JH8817918; Fri, 27 Apr 2001 11:02:19 +0400 (MSD) Date: Fri, 27 Apr 2001 10:59:12 +0400 (MSD) From: Maxim Konovalov To: Sean Farley Cc: Subject: Re: Sendmail outgoing bind() fails on PPP In-Reply-To: <20010426205613.L28093-100000@thor.farley.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, On Thu, 26 Apr 2001, Sean Farley wrote: > I previously posted this on comp.mail.sendmail and freebsd-questions. > After no answer and some extra testing, I believe this probably belongs > here. > > -------- > > I need some help debugging a problem I am having with setting up Sendmail. > Previously, I have been using Exim, but I have decided to try my hand with > a different MTA. :) > > Here is the error I just cannot seem to get around (with indenting): > > Apr 21 16:10:14 gw sendmail[1985]: starting daemon (8.11.2): > SMTP+queueing@00:30:00 > Apr 21 16:10:15 gw sendmail[1986]: f3LK0XL00702: SYSERR(root): > makeconnection: cannot bind socket [216.140.158.72]: > Invalid argument > Apr 21 16:10:15 gw sendmail[1986]: f3LK0XL00702: to, > delay1:09:42, xdelay0:00:01, maileresmtp, priR80326, > relaymail.blackhat.net. [216.140.158.10], dsn4.0.0, > stat=Deferred: Invalid argument > > My setup consists of FreeBSD-4.2, Sendmail v8.11.2, a multi-home system > with a cable modem, analog modem, and a LAN. > > I only wish it to receive on the LAN (192.168.1.0) and the analog modem > (216.140.158.72). This is easy to change (DAEMON_OPTIONS), but I just > can't get confCLIENT_OPTIONS to work. From looking at sendmail.cf, I can > see that it is being set: > > # SMTP client options > O ClientPortOptions=Family=inet, Addr=216.140.158.72 > > Here are my files, interfaces, and routing tables. I have Exim working > with this, but I would like to get sendmail running. Also, I use IP > Filter to actually route the packets from the cable modem over to the > analog modem, but this is not the problem. > > > sendmail.mc: > divert(-1) > # Lots of comments. :) > divert(0)dnl > VERSIONID(`@(#)freebsd.mc $Revision: 1.4.2.1 $') > OSTYPE(bsd4.4) > DOMAIN(generic) > FEATURE(relay_entire_domain) > FEATURE(`dnsbl') > FEATURE(`always_add_domain') > > define(`confCLIENT_OPTIONS', `Addr=216.140.158.72') > define(`confNO_RCPT_ACTION', `add-to-undisclosed') > define(`confPRIVACY_FLAGS', `authwarnings,novrfy') > define(`confDONT_PROBE_INTERFACES', `true') > MODIFY_MAILER_FLAGS(`LOCAL', `+S') > > dnl Mailers. > MAILER(local) > MAILER(smtp) > > > ifconfig -a: > vx0: flags=8843 mtu 1500 > inet6 fe80::220:afff:fef0:e85d%vx0 prefixlen 64 scopeid 0x1 > inet 66.25.132.129 netmask 0xfffffc00 broadcast 255.255.255.255 > ether 00:20:af:f0:e8:5d > ed0: flags=8843 mtu 1500 > inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255 > inet6 fe80::200:c0ff:fec2:cfdd%ed0 prefixlen 64 scopeid 0x2 > inet6 fec0::1:200:c0ff:fec2:cfdd prefixlen 64 > inet6 fec0:0:0:1:: prefixlen 64 anycast > ether 00:00:c0:c2:cf:dd > faith0: flags=8041 mtu 1500 > inet6 fe80::220:afff:fef0:e85d%faith0 prefixlen 64 scopeid 0x3 > gif0: flags=8010 mtu 1280 > gif1: flags=8010 mtu 1280 > gif2: flags=8010 mtu 1280 > gif3: flags=8010 mtu 1280 > lo0: flags=8049 mtu 16384 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 > inet6 ::1 prefixlen 128 > inet 127.0.0.1 netmask 0xff000000 > ppp0: flags=8010 mtu 1500 > stf0: flags1 mtu 1280 > tun0: flags=8051 mtu 1500 > inet6 fe80::220:afff:fef0:e85d%tun0 --> :: prefixlen 64 scopeid 0xb > inet 216.140.158.72 --> 216.140.158.15 netmask 0xffffff00 > Opened by PID 139 > Well, I have had the same problem. The solution was in removing IPv6 support. I have not done any futher investigations. HTH - -maxim -- Maxim Konovalov, MAcomnet, Internet-Intranet Dept., system engineer phone: +7 (095) 796-9079, mailto: maxim@macomnet.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 2:33:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from vbook.express.ru (vbook.express.ru [212.24.37.106]) by hub.freebsd.org (Postfix) with ESMTP id 2347B37B424 for ; Fri, 27 Apr 2001 02:33:31 -0700 (PDT) (envelope-from vova@vbook.express.ru) Received: (from vova@localhost) by vbook.express.ru (8.9.3/8.9.3) id BAA22373; Fri, 27 Apr 2001 01:02:25 +0400 (MSD) (envelope-from vova) From: "Vladimir B. Grebenschikov" MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15080.36064.716054.787473@vbook.express.ru> Date: Fri, 27 Apr 2001 01:02:24 +0400 (MSD) To: Alfred Perlstein Cc: Mike Tancsa , freebsd-net@FreeBSD.ORG Subject: Re: number of interfaces and performance ? In-Reply-To: <20010426091343.F18676@fw.wintelcom.net> References: <5.1.0.14.0.20010424145602.05c353a0@marble.sentex.ca> <20010426091343.F18676@fw.wintelcom.net> X-Mailer: VM 6.72 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Alfred Perlstein writes: > > I have the need to put together a somewhat largish VLAN router (larger than > > I have done before) with about 35 interfaces. Has anyone put anything like > > this together ? The box would be routing about 25-30Mb at peak rate. I > > recall reading something about LINUX being very inefficient when it comes > > to multiple interfaces. Does FreeBSD suffer from the same fate ? I also > > recall someone running into problems with 16 physical interfaces (4 x 4 > > multiport nics). Not sure how much of that was an hardware resource issue > > and how much a software resource issue . Will it work OK in theory, or > > should I spend the $8K on a 3640 ? The largest I have right now is one with > > 8 active VLANs and it works very well, but nothing over 10 and nothing > > pushing 30+. I have built the box and it works well enough in the lab, but > > I dont know of course how it will work in production. > > I remeber there being some sort of issue with large number of > interfaces, however I think it was trivial to fix and may have > already been. Sorry if this isn't so helpful, but I can't remeber > anyone recently popping up and complaining about the perf with > lotsa NICs in machine. I have machine vith 18 running interfaces, most of them VLAN interfaces, but there are some LAN and WAN. It successful transfer about 60-80Mbit/s (~90 in peak). Most of traffic goes throug Intel EtherExpress ethernet NICs. For VLANs I use patch to allow passing IP packets 1500byte size. Even not tried to use zero-copy network patches, may be it will grow preformance. This router have more than 20K interrupts per second, so picture on 'systat -vm' 1 looks like: 2.3%Sys 34.4%Intr 3.1%User 0.0%Nice 60.3%Idl Besides doing ip-forwarding and ipfw-firewalling, router do full-traffic accounting dividing all traffic into categories got from FullView BGP table. CPU: Pentium III/Pentium III Xeon/Celeron (799.62-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x686 Stepping = 6 > -Alfred Perlstein - [alfred@freebsd.org] > Daemon News Magazine in your snail-mail! http://magazine.daemonnews.org/ -- TSB Russian Express, Moscow Vladimir B. Grebenschikov, vova@express.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 7:15:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from coconut.itojun.org (coconut.itojun.org [210.160.95.97]) by hub.freebsd.org (Postfix) with ESMTP id F30C137B423 for ; Fri, 27 Apr 2001 07:15:38 -0700 (PDT) (envelope-from itojun@itojun.org) Received: from itojun.org (localhost [127.0.0.1]) by coconut.itojun.org (Postfix) with ESMTP id 99A224B10; Fri, 27 Apr 2001 23:15:33 +0900 (JST) To: Maxim Konovalov Cc: Sean Farley , freebsd-net@FreeBSD.ORG In-reply-to: maxim's message of Fri, 27 Apr 2001 10:59:12 +0400. X-Template-Reply-To: itojun@itojun.org X-Template-Return-Receipt-To: itojun@itojun.org X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2 Subject: Re: Sendmail outgoing bind() fails on PPP From: itojun@iijlab.net Date: Fri, 27 Apr 2001 23:15:33 +0900 Message-ID: <13414.988380933@itojun.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Well, I have had the same problem. The solution was in removing IPv6 >support. I have not done any futher investigations. please file a bug report to sendmail.org. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 7:46:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from imo-m04.mx.aol.com (imo-m04.mx.aol.com [64.12.136.7]) by hub.freebsd.org (Postfix) with ESMTP id E91BF37B423 for ; Fri, 27 Apr 2001 07:46:52 -0700 (PDT) (envelope-from raviprasad20@netscape.net) Received: from raviprasad20@netscape.net by imo-m04.mx.aol.com (mail_out_v30.10.) id n.101.142d394 (16230) for ; Fri, 27 Apr 2001 10:46:45 -0400 (EDT) Received: from netscape.com (aimmail10.aim.aol.com [205.188.144.202]) by air-in02.mx.aol.com (v77_r1.37) with ESMTP; Fri, 27 Apr 2001 10:46:45 -0400 Date: Fri, 27 Apr 2001 10:46:45 -0400 From: raviprasad20@netscape.net To: freebsd-net@freebsd.org Subject: Ioctl Mime-Version: 1.0 Message-ID: <4E1AF986.16707F2F.9513E96F@netscape.net> X-Mailer: Franklin Webmailer 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, Ihave a doubt regarding if->if_ioctl. My doubt is with reference to ipv6. Whenever a solicited node multicast address is formed it is put the multicast address list by calling in6_addmulti(). The in6_addmulti in turn calls if_addmulti() ( net/if.c ). The if addmulti after putting the address to the ifnet ifmultiaddr (multicast address list) call ifp->if_ioctl. My doubt is about ifp->if_ioctl in general. The above thing is an example. My doubt is a) Under what circumstances this ioctl needs to be called. b) Whether after each ip addresses are put to the ifnet structure's ip list ifp->if_ioctl needs to be called. c)Whether after any modifications that are done to the ifnet structure this ifp->if_ioctl needs to be called. Kindly mail me regading this ifioctl in detail. Regards ravi prasad __________________________________________________________________ Get your own FREE, personal Netscape Webmail account today at http://webmail.netscape.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 8:15:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from web.cs.ndsu.NoDak.edu (web.cs.ndsu.NoDak.edu [134.129.125.7]) by hub.freebsd.org (Postfix) with ESMTP id D25A937B422; Fri, 27 Apr 2001 08:15:34 -0700 (PDT) (envelope-from tinguely@web.cs.ndsu.NoDak.edu) Received: (from tinguely@localhost) by web.cs.ndsu.NoDak.edu (8.11.1/8.11.1) id f3RFECC75048; Fri, 27 Apr 2001 10:14:12 -0500 (CDT) (envelope-from tinguely) Date: Fri, 27 Apr 2001 10:14:12 -0500 (CDT) From: mark tinguely Message-Id: <200104271514.f3RFECC75048@web.cs.ndsu.NoDak.edu> To: freebsd-net@FreeBSD.ORG, mercia@ufba.br Subject: Re: forerunner LE drive Cc: freebsd-atm@FreeBSD.ORG In-Reply-To: <1.5.4.32.20010426203158.008cf6a4@ufba.br> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I have some NICs Forerunner LE 25 and I need a drive for Freebsd, does > Anyone know where I can find it? ftp://ftp.cs.ndsu.nodak.edu/pub/freebsd/atm/nicstar.tgz Others discovered that the NICStAR runs out of large buffers with Fore Switches running SPANS protocol. Another person found it to be that the SPANS protocol PDUs do not not send end of packet flag. It is my belief that the SPANS VCC (0/14 and/or 0/15 ?) should be set for Raw cell (or AAL0) processing and not AAL5. The above driver supports Raw cell processing, but it has not been enabled on those VCC in the driver. --mark tinguely. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 12:27:16 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail-blue.research.att.com (mail-blue.research.att.com [135.207.30.102]) by hub.freebsd.org (Postfix) with ESMTP id AC64E37B422 for ; Fri, 27 Apr 2001 12:27:13 -0700 (PDT) (envelope-from fenner@research.att.com) Received: from alliance.research.att.com (alliance.research.att.com [135.207.26.26]) by mail-blue.research.att.com (Postfix) with ESMTP id 11EE24DCAB for ; Fri, 27 Apr 2001 15:27:13 -0400 (EDT) Received: from windsor.research.att.com (windsor.research.att.com [135.207.26.46]) by alliance.research.att.com (8.8.7/8.8.7) with ESMTP id PAA02661 for ; Fri, 27 Apr 2001 15:27:11 -0400 (EDT) From: Bill Fenner Received: (from fenner@localhost) by windsor.research.att.com (8.8.8+Sun/8.8.5) id MAA07009; Fri, 27 Apr 2001 12:27:10 -0700 (PDT) Message-Id: <200104271927.MAA07009@windsor.research.att.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII To: net@freebsd.org Subject: if_simloop() and BPF Date: Fri, 27 Apr 2001 12:27:09 -0700 Versions: dmail (solaris) 2.2g/makemail 2.9a Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org BPF handling in if_simloop() is broken for every use except for from looutput(). Why? BPF write: BPF writes go through if_output, and if_simloop() is not an if_output routine. This code should be in looutput(). BPF tap: if_simloop() prepends the header that BPF expects when it's capturing on a DLT_NULL interface. This is only correct behavior when the interface being looped is a DLT_NULL interface type, which is pretty rare. In addition, it's often not appropriate to tap a copy of the packet that is going through if_simloop(), e.g. looping back a broadcast on a simplex link -- bpf is going to see the output copy as well. I summarized each caller to if_simloop() and its behavior at: http://people.freebsd.org/~fenner/if_simloop_callers.html . The No/No/No lines are obvious, they don't want the bpf_tap at all. The Yes/No/No lines point at problems that the current if_simloop() doesn't handle, and we need more infrastructure to deal with it. Right now, I'm tempted to move the BPF tap back to looutput() also, which fixes the cases where the if_simloop() caller sholdn't have the copy sent to bpf, and breaks all of the already-broken cases where if_simloop()'s caller wants the copy sent to bpf but that copy will almost definitely have the wrong header prepended. Another option is to add a few more arguments to if_simloop(), indicating things like tap or don't, and what the BPF header should look like if you tap. Note that netatalk/ddp_output.c would have trouble coming up with that, unless it was simply a property of the interface. Any comments? Thanks, Bill P.S. Historically, callers to looutput() got their packets bpf'd on the loopback interface. Thus they would show up on the wrong and somewhat unexpected interface, but their BPF headers would be right. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 12:31:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from farley.org (farley.org [216.140.158.72]) by hub.freebsd.org (Postfix) with ESMTP id 1B3F837B422 for ; Fri, 27 Apr 2001 12:31:32 -0700 (PDT) (envelope-from sean-freebsd@farley.org) Received: from thor.farley.org ([192.168.1.5]) by farley.org with esmtp (Exim 3.03 #1) id 14tDxa-0000Ee-00; Fri, 27 Apr 2001 14:31:22 -0500 Date: Fri, 27 Apr 2001 14:31:21 -0500 (CDT) From: Sean Farley X-X-Sender: To: , Subject: Solution: Sendmail outgoing bind() fails only PPP Message-ID: <20010427142517.K747-200000@thor.farley.org> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-960944695-988399842=:819" Content-ID: <20010427143057.X819@thor.farley.org> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-960944695-988399842=:819 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Content-ID: <20010427143057.S819@thor.farley.org> I found the bug. The socket was IPv6, but the bind used an IPv4 sockaddr struct. Patch attached. Sean ----------------------- sean-freebsd@farley.org PGP key: http://www.farley.org/~sean/pgp.key --0-960944695-988399842=:819 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; NAME=patch Content-Transfer-Encoding: BASE64 Content-ID: <20010427143042.K819@thor.farley.org> Content-Description: Patch Content-Disposition: ATTACHMENT; FILENAME=patch LS0tIGRhZW1vbi5jLm9yaWcJRnJpIEFwciAyNyAxNDoyNzo1MSAyMDAxDQor KysgZGFlbW9uLmMJRnJpIEFwciAyNyAxNDoyODoxNCAyMDAxDQpAQCAtMjAx Miw3ICsyMDEyLDcgQEANCiAJCX0NCiAJCWVsc2UNCiAJCXsNCi0JCQlzID0g c29ja2V0KGFkZHIuc2Euc2FfZmFtaWx5LCBTT0NLX1NUUkVBTSwgMCk7DQor CQkJcyA9IHNvY2tldChjbHRfYWRkci5zYS5zYV9mYW1pbHksIFNPQ0tfU1RS RUFNLCAwKTsNCiAJCX0NCiAJCWlmIChzIDwgMCkNCiAJCXsNCg== --0-960944695-988399842=:819-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 15:17:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from privatecube.privatelabs.com (privatecube.privatelabs.com [63.114.185.254]) by hub.freebsd.org (Postfix) with ESMTP id 6A47A37B423; Fri, 27 Apr 2001 15:17:34 -0700 (PDT) (envelope-from mi@misha.privatelabs.com) Received: from misha.privatelabs.com (root@misha.plten [10.0.0.106]) by privatecube.privatelabs.com (8.9.3/8.9.2) with ESMTP id RAA03209; Fri, 27 Apr 2001 17:38:11 -0400 Received: from misha.privatelabs.com (mi@localhost [127.0.0.1]) by misha.privatelabs.com (8.11.1/8.11.1) with ESMTP id f3RMHOC77541; Fri, 27 Apr 2001 18:17:25 -0400 (EDT) (envelope-from mi@misha.privatelabs.com) Message-Id: <200104272217.f3RMHOC77541@misha.privatelabs.com> Date: Fri, 27 Apr 2001 18:17:23 -0400 (EDT) From: mi@aldan.algebra.com Subject: Re: maxing out the 100Mb TX (full duplex) To: Jonathan Fortin , ahl@austclear.com.au, brooks@one-eyed-alien.net Cc: questions@freebsd.org, net@freebsd.org In-Reply-To: <002d01c0cedf$76c932e0$0200320a@node00> MIME-Version: 1.0 Content-Type: TEXT/plain; CHARSET=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 27 Apr, Jonathan Fortin wrote: = Hello, = = You can do etherchannel on freebsd with ng_one2many. Man it for more = information, but briefly, = = It is used to load balance incoming and outgoing data in a round robin = fashion across the interfaces that are added on the "hook". Ok, the switch does support EtherChannel (calling it "aggregation"). Now, should we try the wpaul's fec or the ng_one2many? And what's the difference? Thanks a lot for your time, gentlemen! -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Apr 27 23:24:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from relay1.macomnet.ru (relay1.macomnet.ru [195.128.64.10]) by hub.freebsd.org (Postfix) with ESMTP id C129237B422 for ; Fri, 27 Apr 2001 23:24:08 -0700 (PDT) (envelope-from maxim@macomnet.ru) Received: from news1.macomnet.ru (news1.macomnet.ru [195.128.64.14]) by relay1.macomnet.ru (8.11.3/8.11.3) with ESMTP id f3S6PwH8545513; Sat, 28 Apr 2001 10:25:59 +0400 (MSD) Date: Sat, 28 Apr 2001 10:22:42 +0400 (MSD) From: Maxim Konovalov To: Cc: Sean Farley , Subject: Re: Sendmail outgoing bind() fails on PPP In-Reply-To: <13414.988380933@itojun.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, On Fri, 27 Apr 2001 itojun@iijlab.net wrote: > >Well, I have had the same problem. The solution was in removing IPv6 > >support. I have not done any futher investigations. > > please file a bug report to sendmail.org. It seems Sean Farley has already done the patch. Thank you Sean. > itojun - -maxim -- Maxim Konovalov, MAcomnet, Internet-Intranet Dept., system engineer phone: +7 (095) 796-9079, mailto: maxim@macomnet.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Apr 28 9:12:54 2001 Delivered-To: freebsd-net@freebsd.org Received: from chmls06.mediaone.net (chmls06.mediaone.net [24.147.1.144]) by hub.freebsd.org (Postfix) with ESMTP id 129DA37B423 for ; Sat, 28 Apr 2001 09:12:51 -0700 (PDT) (envelope-from cambria@mediaone.net) Received: from mediaone.net (mcambria.ne.mediaone.net [66.31.112.176]) by chmls06.mediaone.net (8.11.1/8.11.1) with ESMTP id f3SGCX826124; Sat, 28 Apr 2001 12:12:34 -0400 (EDT) Message-ID: <3AEAEE6A.8AEAD76F@mediaone.net> Date: Sat, 28 Apr 2001 12:23:06 -0400 From: "Michael C. Cambria" X-Mailer: Mozilla 4.75 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Tunnels & Route Advertisements Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I have a few FreeBSD 4.3-Stable systems being used to connect small sites over the Internet. One site will be expanding to have more than one subnet. I'm interested to know what to expect when these systems run routing protocols in the presense of tunnels. I am curious about both IPSec tunnels and IPIP tunnels. Should a tunnel endpoint show up in route advertisements sent from rip/gated/zebra running on the FreeBSD 4.3-Stable system? My guess is that for IPIP (e.g. gif interfaces), both remote endpoints (outer IP address & inner IP address) are added to the local route table since FreeBSD sees them as 2 interfaces. It seems that ifconfig should (or at least could) just add the route for gif0 just as it would for xl0. Is this the case? I'm assuming that given an interface, the route deamon chosen can be configured to use the tunnel interface as any other. For _IPSec_ tunnels, I'm not as sure. I don't see any existing mechinism that I'm familiar with such as ifconfig. Any ideas? I prefer IPSec tunnels for encryption of the internet, but can live (for now) with IPIP if it does the job. Thanks, MikeC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Apr 28 9:31:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp4.hushmail.com (smtp4.hushmail.com [64.40.111.32]) by hub.freebsd.org (Postfix) with ESMTP id EC94B37B424 for ; Sat, 28 Apr 2001 09:31:12 -0700 (PDT) (envelope-from topaz5@hushmail.com) Received: from user8.hushmail.com (user8.hushmail.com [64.40.111.48]) by smtp4.hushmail.com (Postfix) with ESMTP id 84DFF2FA4 for ; Sat, 28 Apr 2001 09:30:06 -0700 (PDT) Received: (from root@localhost) by user8.hushmail.com (8.9.3/8.9.3) id JAA05514; Sat, 28 Apr 2001 09:29:56 -0700 From: topaz5@hushmail.com Message-Id: <200104281629.JAA05514@user8.hushmail.com> Date: Sat, 28 Apr 2001 09:14:31 -0800 (PDT) To: freebsd-net@freebsd.org Mime-version: 1.0 Content-type: multipart/mixed; boundary="Hushpart_boundary_yEbNuhMFPwYHKUlglyjgSlXMHIXvrciR" Subject: Dumb question Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --Hushpart_boundary_yEbNuhMFPwYHKUlglyjgSlXMHIXvrciR Content-type: text/plain First, I'd like to apologize in advance for making a fool of myself. I know this is something I should be able to figure out myself, but I've tried to RTFM and didn't get very far.... I have a small FreeBSD server that I recently upgraded from 3.4 to 4.2. Due to hardware problems, this took about two weeks :). The server is behind a firewall, but it had been on a special IP address the firewall was set up to ignore. While the server was down for upgrading/fixing, a friend of mine set up an NT server in the same building to respond to the firewall-less IP address, and put up a simple web page saying the real server was down. The transition went smoothly. But when I finally got the FreeBSD server running and put it back on its old address, it wouldn't connect to the network! With a subnet mask of 255.255.0.0 (what we usually use in this building, long story), it could ping the router but not get outside the firewall; connections to hosts on the local network didn't work either. The really bizarre thing is that when I set up the machine to use our DHCP server, it got exactly the same network settings and worked perfectly - except, of course, that it couldn't use our reserved IP address to get outside the network. So there must be something different in the way NT /FreeBSD 3.4 and FreeBSD 4.2 handle network settings that makes the former work and the latter not. But I really can't think of what that might be. Can anyone give any insight into the situation? Thanks a lot, -- Dan P.S.: This is a network in a high school that is severely convoluted. I realize that's probably half the problem, but I can't do anything about it.... (sorry for the advertisement below) Free, encrypted, secure Web-based email at www.hushmail.com --Hushpart_boundary_yEbNuhMFPwYHKUlglyjgSlXMHIXvrciR-- IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages. Get your FREE, totally secure email address at http://www.hushmail.com. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message