From owner-freebsd-net@FreeBSD.ORG Thu Jan 1 10:40:31 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E65C616A4D0 for ; Thu, 1 Jan 2004 10:40:31 -0800 (PST) Received: from smtp004.mail.ukl.yahoo.com (smtp004.mail.ukl.yahoo.com [217.12.11.35]) by mx1.FreeBSD.org (Postfix) with SMTP id 7510B43D1D for ; Thu, 1 Jan 2004 10:40:20 -0800 (PST) (envelope-from sylvain_lemasson@yahoo.fr) Received: from unknown (HELO TOMPOUCE) (sylvain?lemasson@213.103.204.146 with login) by smtp004.mail.ukl.yahoo.com with SMTP; 1 Jan 2004 18:40:19 -0000 Message-ID: <006601c3d096$cdc3d120$0314210a@TOMPOUCE> From: "Lemasson Sylvain" To: "freebsd config" , "freebsd net" Date: Thu, 1 Jan 2004 19:40:59 +0100 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0062_01C3D09F.2E48B440" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Jan 2004 18:40:32 -0000 This is a multi-part message in MIME format. ------=_NextPart_000_0062_01C3D09F.2E48B440 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I have configured freebsd to use PPPoE but it does not work. You can found some parameter files (rc.conf/ppp.conf) and the result of = some commands such as netstat and ifconfig. The process break down at = boot time. If someone could give some help to configure properly the = PPP network. I have got another question, how could we test the PPPoE if we do not = start it at boot time. It is say in the documentation to start it with = the command 'ppp -ddial pppoe' but it seems it does not connect. And = finaly if we start it how could we stop it (disconnection). Thank you Sylvain Lemasson ------=_NextPart_000_0062_01C3D09F.2E48B440 Content-Type: application/octet-stream; name="rc.conf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="rc.conf" # -- sysinstall generated deltas -- # Sun Oct 19 19:01:31 2003 # Created: Sun Oct 19 19:01:31 2003 # Enable network daemons for user convenience. # Please make all changes to this file, not to /etc/defaults/rc.conf. # This file now contains just the overrides from /etc/defaults/rc.conf. hostname="PARIS" network_interfaces="lo0 lp0 sis0 sis1" ifconfig_sis0="inet 10.33.20.2 netmask 255.255.255.0" ifconfig_sis1="inet 10.33.20.1 netmask 255.255.255.255 -arp up" inetd_enable="YES" kern_securelevel_enable="NO" keymap="fr.iso.acc" linux_enable="YES" moused_enable="YES" ppp_enable="YES" ppp_mode="background" ppp_profile="pppoe" sendmail_enable="NONE" sendmail_outbound_enable="NO" sendmail_submit_enable="NO" sendmail_msp_queue_enable="NO" sshd_enable="YES" usbd_enable="YES" gatway_enable="YES" ------=_NextPart_000_0062_01C3D09F.2E48B440 Content-Type: text/plain; name="ifconfig.txt" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="ifconfig.txt" sis0: flags=8843 mtu 1500 inet 10.33.20.2 netmask 0xffffff00 broadcast 10.33.20.255 inet6 fe80::209:5bff:fe1d:9280%sis0 prefixlen 64 scopeid 0x1 ether 00:09:5b:1d:92:80 media: Ethernet autoselect (100baseTX ) status: active sis1: flags=88c3 mtu 1500 inet6 fe80::209:5bff:fe22:37c3%sis1 prefixlen 64 scopeid 0x2 inet 10.33.20.1 netmask 0xffffffff broadcast 10.33.20.1 ether 00:09:5b:22:37:c3 media: Ethernet autoselect (none) status: no carrier lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff000000 tun0: flags=8010 mtu 1500 ------=_NextPart_000_0062_01C3D09F.2E48B440 Content-Type: text/plain; name="netstat.txt" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="netstat.txt" Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 10.33.20.1 UGSc 0 0 sis1 10.33.20/24 link#1 UC 1 0 sis0 10.33.20.1 00:09:5b:22:37:c3 UHLW 1 0 lo0 => 10.33.20.1/32 link#2 UC 1 0 sis1 10.33.20.3 00:10:dc:85:d7:b4 UHLW 15 17848 sis0 907 localhost localhost UH 0 268 lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%sis0 link#1 UC sis0 fe80::209:5bff:fe1 00:09:5b:1d:92:80 UHL lo0 fe80::%sis1 link#2 UC sis1 fe80::209:5bff:fe2 00:09:5b:22:37:c3 UHL lo0 fe80::%lo0 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#4 UHL lo0 ff01:: ::1 U lo0 ff02::%sis0 link#1 UC sis0 ff02::%sis1 link#2 UC sis1 ff02::%lo0 ::1 UC lo0 ------=_NextPart_000_0062_01C3D09F.2E48B440 Content-Type: application/octet-stream; name="ppp.conf" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="ppp.conf" ################################################################# # PPP Sample Configuration File # Originally written by Toshiharu OHNO # Simplified 5/14/1999 by wself@cdrom.com # # See /usr/share/examples/ppp/ for some examples # # $FreeBSD: src/etc/ppp/ppp.conf,v 1.8 2001/06/21 15:42:26 brian Exp $ ################################################################# default: set log Phase Chat LCP IPCP CCP tun command # Ensure that "device" references the correct serial port # for your modem. (cuaa0 = COM1, cuaa1 = COM2) set ifaddr 10.33.20.253 10.33.20.1 255.255.255.255 0.0.0.0 pppoe: set device PPPoE:sis1: set authname myauthname set authkey mypassword set dial set login add default HISADDR ------=_NextPart_000_0062_01C3D09F.2E48B440-- From owner-freebsd-net@FreeBSD.ORG Thu Jan 1 10:46:01 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C24AC16A4CF for ; Thu, 1 Jan 2004 10:46:01 -0800 (PST) Received: from smtp003.mail.ukl.yahoo.com (smtp003.mail.ukl.yahoo.com [217.12.11.34]) by mx1.FreeBSD.org (Postfix) with SMTP id 4013543D49 for ; Thu, 1 Jan 2004 10:45:55 -0800 (PST) (envelope-from sylvain_lemasson@yahoo.fr) Received: from unknown (HELO TOMPOUCE) (sylvain?lemasson@213.103.204.146 with login) by smtp003.mail.ukl.yahoo.com with SMTP; 1 Jan 2004 18:45:53 -0000 Message-ID: <00a701c3d097$953eb620$0314210a@TOMPOUCE> From: "Lemasson Sylvain" To: "freebsd config" , "freebsd net" Date: Thu, 1 Jan 2004 19:46:33 +0100 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_00A3_01C3D09F.F5BEDE50" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Re: PPPoE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Jan 2004 18:46:01 -0000 This is a multi-part message in MIME format. ------=_NextPart_000_00A3_01C3D09F.F5BEDE50 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable In the previous mail some files are lacking. You can found them below. I have configured freebsd to use PPPoE but it does not work. You can found some parameter files (rc.conf/ppp.conf) and the result of = some commands such as netstat and ifconfig. The process break down at = boot time. If someone could give some help to configure properly the = PPP network. I have got another question, how could we test the PPPoE if we do not = start it at boot time. It is say in the documentation to start it with = the command 'ppp -ddial pppoe' but it seems it does not connect. And = finaly if we start it how could we stop it (disconnection). Thank you -- PPP.conf ################################################################# # PPP Sample Configuration File # Originally written by Toshiharu OHNO # Simplified 5/14/1999 by wself@cdrom.com # # See /usr/share/examples/ppp/ for some examples # # $FreeBSD: src/etc/ppp/ppp.conf,v 1.8 2001/06/21 15:42:26 brian Exp $ ################################################################# default: set log Phase Chat LCP IPCP CCP tun command # Ensure that "device" references the correct serial port # for your modem. (cuaa0 =3D COM1, cuaa1 =3D COM2) set ifaddr 10.33.20.253 10.33.20.1 255.255.255.255 0.0.0.0 pppoe: set device PPPoE:sis1: set authname myauthname set authkey mypassword set dial set login add default HISADDR -- rc.conf # -- sysinstall generated deltas -- # Sun Oct 19 19:01:31 2003 # Created: Sun Oct 19 19:01:31 2003 # Enable network daemons for user convenience. # Please make all changes to this file, not to /etc/defaults/rc.conf. # This file now contains just the overrides from /etc/defaults/rc.conf. hostname=3D"PARIS" network_interfaces=3D"lo0 lp0 sis0 sis1" ifconfig_sis0=3D"inet 10.33.20.2 netmask 255.255.255.0" ifconfig_sis1=3D"inet 10.33.20.1 netmask 255.255.255.255 -arp up" inetd_enable=3D"YES" kern_securelevel_enable=3D"NO" keymap=3D"fr.iso.acc" linux_enable=3D"YES" moused_enable=3D"YES" ppp_enable=3D"YES" ppp_mode=3D"background" ppp_profile=3D"pppoe" sendmail_enable=3D"NONE" sendmail_outbound_enable=3D"NO" sendmail_submit_enable=3D"NO" sendmail_msp_queue_enable=3D"NO" sshd_enable=3D"YES" usbd_enable=3D"YES" gatway_enable=3D"YES" Sylvain Lemasson ------=_NextPart_000_00A3_01C3D09F.F5BEDE50 Content-Type: text/plain; name="ifconfig.txt" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="ifconfig.txt" sis0: flags=8843 mtu 1500 inet 10.33.20.2 netmask 0xffffff00 broadcast 10.33.20.255 inet6 fe80::209:5bff:fe1d:9280%sis0 prefixlen 64 scopeid 0x1 ether 00:09:5b:1d:92:80 media: Ethernet autoselect (100baseTX ) status: active sis1: flags=88c3 mtu 1500 inet6 fe80::209:5bff:fe22:37c3%sis1 prefixlen 64 scopeid 0x2 inet 10.33.20.1 netmask 0xffffffff broadcast 10.33.20.1 ether 00:09:5b:22:37:c3 media: Ethernet autoselect (none) status: no carrier lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff000000 tun0: flags=8010 mtu 1500 ------=_NextPart_000_00A3_01C3D09F.F5BEDE50 Content-Type: text/plain; name="netstat.txt" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="netstat.txt" Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 10.33.20.1 UGSc 0 0 sis1 10.33.20/24 link#1 UC 1 0 sis0 10.33.20.1 00:09:5b:22:37:c3 UHLW 1 0 lo0 => 10.33.20.1/32 link#2 UC 1 0 sis1 10.33.20.3 00:10:dc:85:d7:b4 UHLW 15 17848 sis0 907 localhost localhost UH 0 268 lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%sis0 link#1 UC sis0 fe80::209:5bff:fe1 00:09:5b:1d:92:80 UHL lo0 fe80::%sis1 link#2 UC sis1 fe80::209:5bff:fe2 00:09:5b:22:37:c3 UHL lo0 fe80::%lo0 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#4 UHL lo0 ff01:: ::1 U lo0 ff02::%sis0 link#1 UC sis0 ff02::%sis1 link#2 UC sis1 ff02::%lo0 ::1 UC lo0 ------=_NextPart_000_00A3_01C3D09F.F5BEDE50-- From owner-freebsd-net@FreeBSD.ORG Fri Jan 2 00:36:17 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0E08216A4CE; Fri, 2 Jan 2004 00:36:17 -0800 (PST) Received: from mx02.netapp.com (mx02.netapp.com [198.95.226.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id B4C9E43D4C; Fri, 2 Jan 2004 00:36:15 -0800 (PST) (envelope-from gorski@netapp.com) Received: from frejya.corp.netapp.com (frejya [10.57.157.119]) i028aFaY005618; Fri, 2 Jan 2004 00:36:15 -0800 (PST) Received: from laptop.europe.netapp.com ([10.68.8.81])i028aEpr026266; Fri, 2 Jan 2004 00:36:14 -0800 (PST) Received: from [127.0.0.1] (localhost.europe.netapp.com [127.0.0.1]) i028aB5b001403; Fri, 2 Jan 2004 09:36:12 +0100 (CET) (envelope-from gorski@netapp.com) From: Achim Gorski To: freebsd-questions@FreeBSD.ORG, freebsd-net@FreeBSD.ORG X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 X-MS-Has-Attach: X-MS-TNEF-Correlator: X-MIME-Autoconverted: from quoted-printable to 8bit by laptop.europe.netapp.com id i028N15o000773 Content-Type: text/plain Organization: Network Appliance Message-Id: <1073032571.793.3.camel@laptop> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.0 Date: 02 Jan 2004 09:36:11 +0100 Content-Transfer-Encoding: 7bit cc: gorski@netapp.com Subject: What is wrong with pppd version 2.3.5? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jan 2004 08:36:17 -0000 Recently I installed 5.2-RC2 for testing purpose and saw an unexplainable behaviour of pppd 2.3.5. I have an old FreeBSD 4.2 running and connecting via modem with ppp to an ISP using ipfw, natd and pppd. Then I configured the 5.2-RC2 install logical identical, but it does not route any packets. I can ping ppp0 but not the default gateway. This was pppd 2.3.5. Because I did not found anything wrong, I just copied the old pppd binary version 2.3.1 from 1998 to the 5.2-RC2 test system and this works! I was really surprised, because I did not change anything except the pppd binary. Any clue what is wrong here? Is it my configuration or something in pppd? What changed in version 2.3.5? Thanks, Achim ------------------------------------------------------------------------------ Here is what I configured. $ pppd user username /dev/cuaa0 57600 connect 'my script' /etc/ppp/options: modem crtscts noipdefault defaultroute netmask 255.255.255.0 /etc/rc.conf: firewall_enable="YES" firewall_type="OPEN" firewall_logging="YES" natd_enable="YES" natd_interface="ppp0" natd_flags="-dynamic " gateway_enable="YES" Kernel: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100 options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT options TCP_DROP_SYNFIN options IPSTEALTH From owner-freebsd-net@FreeBSD.ORG Fri Jan 2 09:45:25 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D6FD016A4CE for ; Fri, 2 Jan 2004 09:45:25 -0800 (PST) Received: from hotmail.com (law10-f39.law10.hotmail.com [64.4.15.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9F02A43D1D for ; Fri, 2 Jan 2004 09:45:19 -0800 (PST) (envelope-from segr@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 2 Jan 2004 09:45:19 -0800 Received: from 142.59.20.123 by lw10fd.law10.hotmail.msn.com with HTTP; Fri, 02 Jan 2004 17:45:19 GMT X-Originating-IP: [142.59.20.123] X-Originating-Email: [segr@hotmail.com] X-Sender: segr@hotmail.com From: "Stephane Raimbault" To: "."@babolo.ru Date: Fri, 02 Jan 2004 10:45:19 -0700 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 02 Jan 2004 17:45:19.0413 (UTC) FILETIME=[304C2650:01C3D158] cc: net@freebsd.org Subject: Re: VLAN MTU problem in 4.9 ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jan 2004 17:45:26 -0000 Setting the MTU to 1496 on the router vlan interfaces didn't seem to help me... however put the MTU to 1496 on the servers on the VLAN itself seems to resolve the problem. so in the current configuration the router vlan interfaces are set to 1500 and the servers on those interfaces are set to 1496. Seems to work for now. Now, this doesn't seem all that normal. Where can I go from here to troubleshoot this more and provide more information that might be able to resolve this problem... if it's a problem that is... Thanks, Stephane. >From: .@babolo.ru >To: Stephane Raimbault >CC: net@freebsd.org >Subject: Re: VLAN MTU problem in 4.9 ? >Date: Sat, 27 Dec 2003 07:54:39 +0300 (MSK) > > > Hi, > > > > I have the following setup on a freebsd box acting as a router for >multiple > > LAN's. > > > > xl0: flags=8843 mtu 1500 > > inet 10.0.0.3 netmask 0xffffffc0 broadcast 10.0.0.63 > > inet6 fe80::260:97ff:fe07:5f4b%xl0 prefixlen 64 scopeid 0x1 > > ether 00:60:97:07:5f:4b > > media: Ethernet autoselect (100baseTX ) > > status: active > > xl1: flags=8843 mtu 1500 > > inet 207.176.232.142 netmask 0xffffffe0 broadcast >207.176.232.159 > > inet6 fe80::2c0:4fff:fe9e:b9c7%xl1 prefixlen 64 scopeid 0x2 > > ether 00:c0:4f:9e:b9:c7 > > media: Ethernet autoselect (100baseTX ) > > status: active > > vlan0: flags=8843 mtu 1500 > > inet 10.0.1.3 netmask 0xffffffe0 broadcast 10.0.1.31 > > inet6 fe80::260:97ff:fe07:5f4b%vlan0 prefixlen 64 scopeid 0x4 > > ether 00:c0:4f:9e:b9:c7 > > media: Ethernet autoselect (100baseTX ) > > status: active > > vlan: 3 parent interface: xl1 > > vlan1: flags=8843 mtu 1500 > > inet 10.0.11.3 netmask 0xffffffe0 broadcast 10.0.11.31 > > inet6 fe80::260:97ff:fe07:5f4b%vlan1 prefixlen 64 scopeid 0x5 > > ether 00:c0:4f:9e:b9:c7 > > media: Ethernet autoselect (100baseTX ) > > status: active > > vlan: 4 parent interface: xl1 > > > > > > The setup is physically connected like this > > > > Switch 1 <---> (xl0) FreeBSD (xl1) <---> Switch 2 > > > > My Workstation is connected to Switch 1 on the ip network 10.0.0.0/26 > > The Server(s) I'm connecting to are on Switch 2 on the ip network > > 10.0.11.0/27 and/or 10.0.1.0/27 > > > > I seem to have some problems connecting to the above mentioned servers >on > > vlan0 and vlan1. My SSH session seems to freeze when I type a command >that > > will output quite a bit of data (top, etc...) I also seem to have some > > other large data problems between the servers communicating to each >other > > over the VLAN's. > > > > I had a working setup, but since I upgraded from 4.9-RC2 on the FreeBSD > > router to 4.9-RELEASE-p1 I've been having the above described problem. >I'm > > wondering if I left something out in my KERNEL configuration when I >upgraded > > or if I've stumbled onto a bug in 4.9-R ? > >ifconfig vlan0 mtu 1496 >ifconfig vlan1 mtu 1496 > >will restore old behavior. >But I do not know when default mtu for vlan >was changed. > _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=dept/bcomm&pgmarket=en-ca&RU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca From owner-freebsd-net@FreeBSD.ORG Fri Jan 2 09:51:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8293616A4CE for ; Fri, 2 Jan 2004 09:51:12 -0800 (PST) Received: from hotmail.com (law10-f64.law10.hotmail.com [64.4.15.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8021443D1D for ; Fri, 2 Jan 2004 09:51:11 -0800 (PST) (envelope-from segr@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 2 Jan 2004 09:51:11 -0800 Received: from 142.59.20.123 by lw10fd.law10.hotmail.msn.com with HTTP; Fri, 02 Jan 2004 17:51:11 GMT X-Originating-IP: [142.59.20.123] X-Originating-Email: [segr@hotmail.com] X-Sender: segr@hotmail.com From: "Stephane Raimbault" To: kudzu@tenebras.com Date: Fri, 02 Jan 2004 10:51:11 -0700 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 02 Jan 2004 17:51:11.0420 (UTC) FILETIME=[021C27C0:01C3D159] cc: net@freebsd.org Subject: Re: VLAN MTU problem in 4.9 ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jan 2004 17:51:12 -0000 Anything specific you want me to do while I'm doing the tcpdump? I looked at the man page for the vlan after you mentioned it... I'm not sure if it applies or not... my MTU is set to 1500 by the system for the interfaces and vlan's. I'm pretty sure when I was running 4.9-RC2 it was as well but I'm not 100% sure. Thanks, Stephane. >From: Michael Sierchio >To: Stephane Raimbault >CC: net@freebsd.org >Subject: Re: VLAN MTU problem in 4.9 ? >Date: Fri, 26 Dec 2003 15:15:03 -0800 > >Stephane Raimbault wrote: > >>So it seems that when I specify a ping of greater then 1468 the pings stop >>responding to the vlan interface on the freebsd router? >> >>I also did a tcpdump while doing these pings from the freebsd router and >>it doesn't see any packets when specifying a ping of 1469, but it sees the >>ping with pkt size specified to 1468. >> >>Any thoughts on this problem that I'm having? Any other data I can >>provider perhaps? > >DF? Size of tagged frames? Recall that "packet size" perhaps not >what you think, also. > >Have you read the vlan man page, specifically: > > Note: Unless marked as having native support for vlan, the above >drivers > don't inform the vlan driver about their long frame handling >capability. > Just increase the MTU of a vlan interface if it appears to be lower >than > 1500 bytes after attaching to a parent known to support long frames. > >But you invite speculation -- a raw tcpdump (-nqvv or so) would >be nice. > > _________________________________________________________________ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=dept/bcomm&pgmarket=en-ca&RU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca From owner-freebsd-net@FreeBSD.ORG Fri Jan 2 10:27:06 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4682416A4CE for ; Fri, 2 Jan 2004 10:27:06 -0800 (PST) Received: from ints.mail.pike.ru (ints.mail.pike.ru [195.9.45.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 473AE43D46 for ; Fri, 2 Jan 2004 10:27:04 -0800 (PST) (envelope-from babolo@cicuta.babolo.ru) Received: (qmail 55999 invoked from network); 2 Jan 2004 18:42:14 -0000 Received: from babolo.ru (HELO cicuta.babolo.ru) (194.58.226.160) by ints.mail.pike.ru with SMTP; 2 Jan 2004 18:42:14 -0000 Received: (nullmailer pid 13523 invoked by uid 136); Fri, 02 Jan 2004 18:29:43 -0000 X-ELM-OSV: (Our standard violations) hdr-charset=KOI8-R; no-hdr-encoding=1 In-Reply-To: To: Stephane Raimbault Date: Fri, 2 Jan 2004 21:29:43 +0300 (MSK) From: "."@babolo.ru X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Message-Id: <1073068183.380806.13522.nullmailer@cicuta.babolo.ru> cc: net@freebsd.org Subject: Re: VLAN MTU problem in 4.9 ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jan 2004 18:27:06 -0000 > Setting the MTU to 1496 on the router vlan interfaces didn't seem to help > me... however put the MTU to 1496 on the servers on the VLAN itself seems to > resolve the problem. so in the current configuration the router vlan > interfaces are set to 1500 and the servers on those interfaces are set to > 1496. Seems to work for now. > > Now, this doesn't seem all that normal. Where can I go from here to > troubleshoot this more and provide more information that might be able to > resolve this problem... if it's a problem that is... You can't be free from tune all your net for vlan mtu: - all switches involved must be at least verifyed not to drop long frames or right route vlans if it can work with tag based vlans - all interfaces in selected vlan must support the same common mtu I know now, that xl interface can't pass 1504 frames and most 1G interfaces can don't know about another 100M interfaces From owner-freebsd-net@FreeBSD.ORG Fri Jan 2 12:59:24 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4FF0F16A4CF for ; Fri, 2 Jan 2004 12:59:24 -0800 (PST) Received: from da.mailomat.net (bn.mailomat.net [212.63.50.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C12643D53 for ; Fri, 2 Jan 2004 12:59:20 -0800 (PST) (envelope-from ap@bnc.net) Received: This line has been intentionally left blank. Received: from bnc.net (3s8j2avmbd2otqjd@port-212-202-6-74.reverse.qsc.de [212.202.6.74]) (user=bnc.mail mech=LOGIN bits=0) i02KxCwG037568 for ; Fri, 2 Jan 2004 21:59:16 +0100 (CET) (envelope-from ap@bnc.net) Received: by bnc.net (CommuniGate Pro PIPE 4.1.3) with PIPE id 445447; Fri, 02 Jan 2004 21:59:12 +0100 Received: from [194.39.192.154] (account ap HELO [194.39.192.154]) by bnc.net (CommuniGate Pro SMTP 4.1.3) with ESMTP-TLS id 445446 for freebsd-net@freebsd.org; Fri, 02 Jan 2004 21:58:34 +0100 Mime-Version: 1.0 (Apple Message framework v609) X-Priority: 3 Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <7DB2A89E-3D66-11D8-A68D-000A95A0BB90@bnc.net> Content-Transfer-Encoding: 7bit From: Achim Patzner Date: Fri, 2 Jan 2004 21:59:01 +0100 To: freebsd-net@freebsd.org X-Mailer: Apple Mail (2.609) X-MailScanner-Information: Please contact info@mailomat.net for more information X-MailScanner: Found to be clean X-Virus-Scanned: by AMaViS perl-11 Subject: joining multicast groups correctly X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jan 2004 20:59:24 -0000 (Please show some mercy if I'm looking too stupid...) Hi! As I'm running a number of subnets connected by a router on FreeBSD 4.9 certain people started annoying me about Rendezvous not crossing broadcast domains' borders (they didn't dare to complain that they couldn't broadcast their iTunes stuff all over the place. Well. It was around christmas so I didn't want to look like the asshole^nice person I usually seem to be and found a (Python) program that seemed to be exactly the nail to my hammer: mDNS Reflector (found at http://grahame.angrygoats.net/mdns.shtml). After BSDifying it a bit (actually adding an s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1) where Linux seems to be satisfied by s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) alone I got it to run on Darwin 7.2 and on FreeBSD. But while it was doing its job quite nicely on Darwin it never returned from the select call waiting for incoming packets on FreeBSD. As Macs are obviously lousy routers (I could just as well buy Ciscos - if I found someone to pay for them) is there anyone with deep enough insight into the networking code to tell me how to modify said program? Happy new year... Achim From owner-freebsd-net@FreeBSD.ORG Fri Jan 2 19:27:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 996B916A4CE for ; Fri, 2 Jan 2004 19:27:12 -0800 (PST) Received: from alicia.nttmcl.com (alicia.nttmcl.com [216.69.69.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 81BD843D48 for ; Fri, 2 Jan 2004 19:27:08 -0800 (PST) (envelope-from kelly@nttmcl.com) Received: from alicia.nttmcl.com (localhost [127.0.0.1]) by alicia.nttmcl.com (8.12.9/8.12.5) with ESMTP id i033R8HB045957 for ; Fri, 2 Jan 2004 19:27:08 -0800 (PST) (envelope-from kelly@nttmcl.com) Received: from localhost (kelly@localhost)i033R8MG045954 for ; Fri, 2 Jan 2004 19:27:08 -0800 (PST) (envelope-from kelly@nttmcl.com) X-Authentication-Warning: alicia.nttmcl.com: kelly owned process doing -bs Date: Fri, 2 Jan 2004 19:27:08 -0800 (PST) From: Kelly Yancey To: net@freebsd.org Message-ID: <20040102185125.B45340-100000@alicia.nttmcl.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: 1168 octets payload and bad TCP checksums X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2004 03:27:12 -0000 We've got Broadcom BCM5701 cards configured for vlan tagging on a FreeBSD 4.7 based router; a vlan switch then terminates the trunked segment and splits it into separate physical subnets. It turns out that hosts on those segments cannot receive TCP packets with precisely 1168 octets of payload (ethernet frame size 1222 octets) as the checksum is always incorrect. We've manually backported all of the bge driver updates from 4-stable, but to no avail. What is particularly odd is that the checksums are always wrong by the same amount: 0xAC48 (the dump below only shows retries of the same packet, but the difference is the same even for other packets). Furthermore, it appears only TCP packets with 1168 octets of data are affected. I cannot easily create an environment without the vlans to determine whether or not tagging is related. Note also, that the IP checksum is correct. Has anyone else experienced similar problems? Does anyone have a clue where to begin to track down the problem? Currently I'm looking at the tcp checksum calculation (tcp_fillheaders), but I don't really see how that could be the culprit as if such a bug existed there, it would affect all interfaces and surely would have been noticed by now. At the same time, I don't see anywhere else offhand the problem could be. Again, if anyone has any advice, I would greatly appreciate it. Thanks, Kelly bge0: flags=8843 mtu 1504 options=3 inet 10.30.3.254 netmask 0xfffffff8 broadcast 10.30.3.255 ether 00:00:5e:00:01:4b media: Ethernet autoselect (100baseTX ) status: active vlan9: flags=8843 mtu 1500 inet 10.30.3.1 netmask 0xfffffff8 broadcast 10.30.3.7 ether 00:00:5e:00:01:4b vlan: 9 parent interface: bge0 vlan10: flags=8843 mtu 1500 inet 10.30.3.9 netmask 0xfffffff8 broadcast 10.30.3.15 ether 00:00:5e:00:01:4b vlan: 10 parent interface: bge0 Extract from tcpdump -vvv taken on host 216.69.90.56 connected to FreeBSD router via vlan10 interface: 11:38:55.665425 216.69.68.198.22 > 216.69.90.56.3335: . [tcp sum ok] 561:2021(1460) ack 432 win 14352 (DF) [tos 0x10] (ttl 59, id 57881, len 1500) 11:38:55.666782 216.69.68.198.22 > 216.69.90.56.3335: P [tcp sum ok] 2021:2049(28) ack 432 win 14352 (DF) [tos 0x10] (ttl 59, id 57882, len 68) 11:38:55.666839 216.69.90.56.3335 > 216.69.68.198.22: . [tcp sum ok] 432:432(0) ack 2049 win 17520 (DF) (ttl 128, id 57057, len 40) 11:38:55.668899 216.69.68.198.22 > 216.69.90.56.3335: P [bad tcp cksum 1de3!] 2049:3217(1168) ack 432 win 14352 (DF) [tos 0x10] (ttl 59, id 57883, len 1208) 11:38:55.920110 216.69.68.198.22 > 216.69.90.56.3335: P [bad tcp cksum 1de3!] 2049:3217(1168) ack 432 win 14352 (DF) [tos 0x10] (ttl 59, id 57884, len 1208) 11:38:56.419788 216.69.68.198.22 > 216.69.90.56.3335: P [bad tcp cksum 1de3!] 2049:3217(1168) ack 432 win 14352 (DF) [tos 0x10] (ttl 59, id 57885, len 1208) 11:38:56.442824 216.69.224.134 > 216.69.90.56: icmp: echo request (ttl 108, id 24195, len 92) 11:38:57.419622 216.69.68.198.22 > 216.69.90.56.3335: P [bad tcp cksum 1de3!] 2049:3217(1168) ack 432 win 14352 (DF) [tos 0x10] (ttl 59, id 57886, len 1208) 11:38:58.098535 216.69.90.56.3337 > 216.69.68.197.53: [udp sum ok] 12575+ PTR? 56.90.69.216.in-addr.arpa. (43) (ttl 128, id 57060, len 71) 11:38:58.098868 216.69.90.56.3337 > 216.69.68.197.53: [udp sum ok] 12576+ PTR? 1.90.69.216.in-addr.arpa. (42) (ttl 128, id 57061, len 70) 11:38:58.102453 216.69.68.197.53 > 216.69.90.56.3337: [udp sum ok] 12575 NXDomain* q: PTR? 56.90.69.216.in-addr.arpa. 0/1/0 ns: 90.69.216.in-addr.arpa. SOA ns.nttmcl.com. hostmaster.nttmcl.com. 2002111000 7200 3600 1209600 432000 (103) (ttl 59, id 43147, len 131) 11:38:58.103689 216.69.68.197.53 > 216.69.90.56.3337: [udp sum ok] 12576 NXDomain* q: PTR? 1.90.69.216.in-addr.arpa. 0/1/0 ns: 90.69.216.in-addr.arpa. SOA ns.nttmcl.com. hostmaster.nttmcl.com. 2002111000 7200 3600 1209600 432000 (102) (ttl 59, id 63562, len 130) 11:38:59.419902 216.69.68.198.22 > 216.69.90.56.3335: P [bad tcp cksum 1de3!] 2049:3217(1168) ack 432 win 14352 (DF) [tos 0x10] (ttl 59, id 57887, len 1208) 11:39:03.419776 216.69.68.198.22 > 216.69.90.56.3335: P [bad tcp cksum 1de3!] 2049:3217(1168) ack 432 win 14352 (DF) [tos 0x10] (ttl 59, id 57888, len 1208) 11:39:06.305954 216.69.90.56.3335 > 216.69.68.198.22: P [tcp sum ok] 432:480(48) ack 2049 win 17520 (DF) (ttl 128, id 57062, len 88) 11:39:06.344820 216.69.68.198.22 > 216.69.90.56.3335: . [tcp sum ok] 3217:3217(0) ack 480 win 14352 (DF) [tos 0x10] (ttl 59, id 57889, len 40) 11:39:07.031807 216.69.90.56.3335 > 216.69.68.198.22: P [tcp sum ok] 480:528(48) ack 2049 win 17520 (DF) (ttl 128, id 57065, len 88) 11:39:07.035322 216.69.68.198.22 > 216.69.90.56.3335: . [tcp sum ok] 3217:3217(0) ack 528 win 14352 (DF) [tos 0x10] (ttl 59, id 57890, len 40) From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 03:34:35 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 679C116A4CE for ; Sat, 3 Jan 2004 03:34:35 -0800 (PST) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 580F143D1F for ; Sat, 3 Jan 2004 03:34:33 -0800 (PST) (envelope-from glebius@cell.sick.ru) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.9/8.12.8) with ESMTP id i03BYUAB035520 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 3 Jan 2004 14:34:30 +0300 (MSK) (envelope-from glebius@cell.sick.ru) Received: (from glebius@localhost) by cell.sick.ru (8.12.9/8.12.6/Submit) id i03BYSo2035519; Sat, 3 Jan 2004 14:34:28 +0300 (MSK) Date: Sat, 3 Jan 2004 14:34:28 +0300 From: Gleb Smirnoff To: Nguyen Tam Chinh Message-ID: <20040103113428.GD35298@cell.sick.ru> Mail-Followup-To: Gleb Smirnoff , Nguyen Tam Chinh , freebsd-net@freebsd.org References: <20031231051118.V6209@chinhngt.b.gz.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20031231051118.V6209@chinhngt.b.gz.ru> User-Agent: Mutt/1.5.4i cc: freebsd-net@freebsd.org Subject: Re: inetd[]: warning: can't get client address: Connection reset by peer X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2004 11:34:35 -0000 On Wed, Dec 31, 2003 at 05:26:46AM +0300, Nguyen Tam Chinh wrote: N> I get tons of messages with syntax like my line, all has N> begun after I set up a qpopper/tsl and a smbd, but i seems not to be the N> deal. I've searched through google and found some messages saying about N> kind of attacking. I now just can't find any detail logs in my freebsd 4.9 N> box. Please tell me where can i find more info about this, take and N> read the inetd source-code is not a good idea :). Any comment is great. I should look into src/contrib/tcp_wrappers/socket.c, function sock_host(), and analyze in what cases this message happens. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 08:19:33 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F12F16A4CE; Sat, 3 Jan 2004 08:19:33 -0800 (PST) Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA55143D49; Sat, 3 Jan 2004 08:19:12 -0800 (PST) (envelope-from smithi@nimnet.asn.au) Received: from localhost (smithi@localhost) by gaia.nimnet.asn.au (8.8.8/8.8.8R1.2) with SMTP id DAA29335; Sun, 4 Jan 2004 03:19:10 +1100 (EST) (envelope-from smithi@nimnet.asn.au) Date: Sun, 4 Jan 2004 03:19:10 +1100 (EST) From: Ian Smith To: "Bruce A. Mah" In-Reply-To: <20031225205212.GA64786@intruder.kitchenlab.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@FreeBSD.org Subject: Re: bridge with access on both interfaces - reprise X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2004 16:19:33 -0000 On Thu, 25 Dec 2003, Bruce A. Mah sent me a useful Christmas present: > In 4-STABLE, there's a bug that prevents ARP from working correctly on > unnumbered bridge interfaces when bridging is enabled using the > bridge.ko module. Basically, there are some checks in the ARP code > that decide when to accept inbound ARP packets. These checks are a > little different when the inbound interface is part of a bridge group. > Some of these tests are conditional on the BRIDGE preprocessor symbol; > this symbol gets defined if "options BRIDGE" is compiled into the > kernel but not if you use the bridge.ko module. As a result, ARP > packets on unnumbered interfaces get thrown away. > > The workaround for this problem is just to compile BRIDGE into the > kernel. Manuel Kasper and I spent a few cycles working on this trying > to make a m0n0wall box into a filtering bridge. Your advice was of course right on, and I can't believe I've waited till now to look over m0n0wall; dead cute. Running a kernel with 'options BRIDGE' appears indeed to have solved the problem mentioned, and I can't say the earlier struggle didn't have some educational value. Only one noticeable issue is defying comprehension, concerning rwhod, although I suspect that other UDP services communicating via broadcasts might? have the same problem. I'll try to be succinct, more detailed info and logging if this doesn't ring any bells for anyone .. Test rig, all boxes running rwhod (denied to/from outside our net, OC) and all within a.b.c.168/29 subnet currently, broadcast a.b.c.175 nuvo (4.5-RELEASE GENERIC) 'outside' proxy server for the exercise ex0 a.b.c.169/29 ether :1d | ed1 no IP, ether :3d blackstump (4.8-RELEASE with BRIDGE kernel, bridge + ipfw) ed0 a.b.c.172/29 ether :a5 | ed1 a.b.c.171/29 ether :db gaia (gateway/router/firewall) -> ed0 a.b.c.d/28 -- local LAN tun0 ppp -ddial | world blackstump# sysctl -a|grep bridge net.link.ether.bridge_cfg: ed0,ed1 net.link.ether.bridge: 1 net.link.ether.bridge_ipfw: 1 net.link.ether.bridge_ipfw_drop: 0 net.link.ether.bridge_ipfw_collisions: 0 Now rwho -a and ruptime on both gaia and nuvo, either side of the bridge (which is working fine for everything else, afaik), show all three boxes rwho data correctly: gaia# rwho -a # 'inside' the bridge smithi blackstump:ttyp1 Jan 3 23:16 :04 smithi gaia:ttyd2 Jan 3 23:11 smithi gaia:ttyp0 Jan 3 23:30 smithi nuvo:ttyp0 Jan 3 23:15 gaia# ruptime blackstump up 14:01, 1 user, load 0.00, 0.00, 0.00 gaia up 66+12:25, 2 users, load 0.06, 0.04, 0.05 nuvo up 58+03:19, 1 user, load 0.00, 0.00, 0.00 tubi down 1+06:45 smithi on nuvo% ruptime # 'outside' the bridge, rwho -a ok too blackstump up 13:55, 1 user, load 0.00, 0.00, 0.00 gaia up 66+12:19, 1 user, load 0.01, 0.03, 0.06 nuvo up 58+03:13, 1 user, load 0.00, 0.00, 0.00 tubi down 1+06:39 However, on the bridge box itself, rwho info for nuvo ('outside', on the second bridged interface ed1) is simply never used, though tcpdump shows nuvo's broadcast rwho packets in transit, viewing EITHER ed0 or ed1: smithi on blackstump% ll -rt /var/rwho total 4 -rw-r--r-- 1 daemon daemon 108 Jan 4 00:32 whod.gaia -rw-r--r-- 1 daemon daemon 84 Jan 4 00:33 whod.blackstump smithi on blackstump% rwho -a smithi blackstump:ttyp1 Jan 3 23:16 :55 smithi gaia:ttyd2 Jan 3 23:11 smithi gaia:ttyp0 Jan 3 23:30 smithi on blackstump% ruptime blackstump up 15:01, 1 user, load 0.00, 0.00, 0.00 gaia up 66+13:25, 2 users, load 0.10, 0.16, 0.11 blackstump# tcpdump -en -i ed0 not tcp port 22 # 'inside' 00:41:38.129758 0:aa:0:b7:6c:1d ff:ff:ff:ff:ff:ff 0800 126: a.b.c.169.513 > a.b.c.175.513: udp 84 [nb these being seen ok on the 'opposite' interface as well as below] 00:41:51.185141 0:80:48:9e:b:db ff:ff:ff:ff:ff:ff 0800 150: a.b.c.171.513 > a.b.c.175.513: udp 108 00:42:16.693267 52:54:5:e3:d9:a5 ff:ff:ff:ff:ff:ff 0800 126: a.b.c.172.513 > a.b.c.175.513: udp 84 00:42:16.693319 52:54:5:e3:d9:a5 ff:ff:ff:ff:ff:ff 0800 126: a.b.c.172.513 > a.b.c.175.513: udp 84 blackstump# tcpdump -en -i ed1 not tcp port 22 # 'outside' tcpdump: WARNING: ed1: no IPv4 address assigned 00:54:16.744205 52:54:5:e3:d9:a5 ff:ff:ff:ff:ff:ff 0800 126: a.b.c.172.513 > a.b.c.175.513: udp 84 [from us, broadcast out our non-IP configured interface, ok] 00:54:17.681051 0:80:48:9e:b:db ff:ff:ff:ff:ff:ff 0806 60: arp who-has a.b.c.172 tell a.b.c.171 [is-at a.b.c.172 responses are only seen (appropriately) on ed0] 00:56:38.176140 0:aa:0:b7:6c:1d ff:ff:ff:ff:ff:ff 0800 126: a.b.c.169.513 > a.b.c.175.513: udp 84 [ie from the 'outside' box that is showing our rwho info, but that we're not seeing - or at least accepting? from ed1] 00:56:51.391045 0:80:48:9e:b:db ff:ff:ff:ff:ff:ff 0800 150: a.b.c.171.513 > a.b.c.175.513: udp 108 00:57:16.756941 52:54:5:e3:d9:a5 ff:ff:ff:ff:ff:ff 0800 126: a.b.c.172.513 > a.b.c.175.513: udp 84 00:59:38.185421 0:aa:0:b7:6c:1d ff:ff:ff:ff:ff:ff 0800 126: a.b.c.169.513 > a.b.c.175.513: udp 84 00:59:51.432268 0:80:48:9e:b:db ff:ff:ff:ff:ff:ff 0800 150: a.b.c.171.513 > a.b.c.175.513: udp 108 01:00:16.769642 52:54:5:e3:d9:a5 ff:ff:ff:ff:ff:ff 0800 126: a.b.c.172.513 > a.b.c.175.513: udp 84 01:00:36.625568 0:80:48:9e:b:db ff:ff:ff:ff:ff:ff 0806 60: arp who-has a.b.c.169 tell a.b.c.171 01:00:36.625890 0:aa:0:b7:6c:1d 0:80:48:9e:b:db 0806 60: arp reply a.b.c.169 is-at 0:aa:0:b7:6c:1d blackstump has specific firewall rules allowing (& counting) ournet/29 to ournet/29 513 bridged via either interface; happens anyway without fw Any idea why the bridge box itself isn't seeing (or at least, accepting) rwho data for the 'outside' box on the ed1 segment (which, as above, it also sees broadcast on its 'inside' interface as well?) Same result when it had an alias /32 IP assigned to ed1, both addresses being pingable. > For more specifics, see src/sys/netinet/if_ether.c (grep for BRIDGE in > this file). Only as a last resort this time :) This box needs to be put into its production environment this week, and its main function, bridging and firewalling a satellite feed to a bunch of misconfigured and insecure winXPs, seems to getting along just fine, so this is no show-stopper. Thanks again Bruce, and thanks in advance to anyone who has a clue to beat me with. Cheers, Ian From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 10:07:02 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6C35816A4CE for ; Sat, 3 Jan 2004 10:07:02 -0800 (PST) Received: from web10705.mail.yahoo.com (web10705.mail.yahoo.com [216.136.130.213]) by mx1.FreeBSD.org (Postfix) with SMTP id 8BA3943D58 for ; Sat, 3 Jan 2004 10:07:01 -0800 (PST) (envelope-from freebsdguru2002@yahoo.com) Message-ID: <20040103180701.17356.qmail@web10705.mail.yahoo.com> Received: from [12.33.198.143] by web10705.mail.yahoo.com via HTTP; Sat, 03 Jan 2004 10:07:01 PST Date: Sat, 3 Jan 2004 10:07:01 -0800 (PST) From: Jeremy Lamb To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: NIS passwd error X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2004 18:07:02 -0000 Hi, I recently setup NIS on 2 FreeBSD 5.1 machines. venus is the nis master server, and jupiter is the nis client. When i log on to jupiter, with the NIS login (jlamb2) and try to change my passwd i get this error: $ passwd Changing NIS password for jlamb2 Old Password: New Password: Retype New Password: passwd: pam_chauthtok(): error in service module $ What do i need to do to fix this error? --------------------------------- Do you Yahoo!? Find out what made the Top Yahoo! Searches of 2003 From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 11:42:43 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE32B16A4CE for ; Sat, 3 Jan 2004 11:42:43 -0800 (PST) Received: from web10709.mail.yahoo.com (web10709.mail.yahoo.com [216.136.130.115]) by mx1.FreeBSD.org (Postfix) with SMTP id F323A43D70 for ; Sat, 3 Jan 2004 11:42:26 -0800 (PST) (envelope-from freebsdguru2002@yahoo.com) Message-ID: <20040103194226.93566.qmail@web10709.mail.yahoo.com> Received: from [12.33.198.162] by web10709.mail.yahoo.com via HTTP; Sat, 03 Jan 2004 11:42:26 PST Date: Sat, 3 Jan 2004 11:42:26 -0800 (PST) From: Jeremy Lamb To: freebsd-net@freebsd.org In-Reply-To: <20040103180701.17356.qmail@web10705.mail.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Re: NIS passwd error X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2004 19:42:43 -0000 ypwhich: can't find the master of master.passwd.byuid: reason: YP server error ypwhich: can't find the master of master.passwd.byname: reason: YP server error I also get these errors, when i run 'ypwhich -m'. every other map check out fine. Jeremy Lamb wrote: Hi, I recently setup NIS on 2 FreeBSD 5.1 machines. venus is the nis master server, and jupiter is the nis client. When i log on to jupiter, with the NIS login (jlamb2) and try to change my passwd i get this error: $ passwd Changing NIS password for jlamb2 Old Password: New Password: Retype New Password: passwd: pam_chauthtok(): error in service module $ What do i need to do to fix this error? --------------------------------- Do you Yahoo!? Find out what made the Top Yahoo! Searches of 2003 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" --------------------------------- Do you Yahoo!? Find out what made the Top Yahoo! Searches of 2003 From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 12:07:57 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 97EF816A4CE for ; Sat, 3 Jan 2004 12:07:57 -0800 (PST) Received: from web10709.mail.yahoo.com (web10709.mail.yahoo.com [216.136.130.115]) by mx1.FreeBSD.org (Postfix) with SMTP id BDCEA43D66 for ; Sat, 3 Jan 2004 12:06:53 -0800 (PST) (envelope-from freebsdguru2002@yahoo.com) Message-ID: <20040103200653.95511.qmail@web10709.mail.yahoo.com> Received: from [12.33.198.162] by web10709.mail.yahoo.com via HTTP; Sat, 03 Jan 2004 12:06:53 PST Date: Sat, 3 Jan 2004 12:06:53 -0800 (PST) From: Jeremy Lamb To: freebsd-net@freebsd.org In-Reply-To: <20040103194226.93566.qmail@web10709.mail.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Re: NIS passwd error X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2004 20:07:57 -0000 in /var/log/messages, i get: Jan 3 19:44:06 venus ypserv[283]: access to master.passwd.byuid denied -- client 192.168.1.105:49167 not privileged Jan 3 19:44:06 venus ypserv[283]: access to master.passwd.byname denied -- client 192.168.1.105:49167 not privileged Obviously, the problem is that the NIS lookup request is coming from a non-priveleged (> 1024) port, and ypserv won't honor it. What's not so obvious is why/how this is happening. I found this reply, to someone who has had the same problems: That message gets printed whenever a remote NIS client tries to access master.passwd.* over a non-privileged port. Only root should have access to the master maps, so a remote process has to bind to a port < 1024 before doing the lookup, to prove that it's root. It looks like for some reason you have a process that's running as root but is using a port over 1024. I can't see anyplace in the NIS client code that binds the socket, though, so I must be looking in the wrong place. It has to work, or else you wouldn't be able to log in using NIS at all. Jeremy Lamb wrote: ypwhich: can't find the master of master.passwd.byuid: reason: YP server error ypwhich: can't find the master of master.passwd.byname: reason: YP server error I also get these errors, when i run 'ypwhich -m'. every other map check out fine. Jeremy Lamb wrote: Hi, I recently setup NIS on 2 FreeBSD 5.1 machines. venus is the nis master server, and jupiter is the nis client. When i log on to jupiter, with the NIS login (jlamb2) and try to change my passwd i get this error: $ passwd Changing NIS password for jlamb2 Old Password: New Password: Retype New Password: passwd: pam_chauthtok(): error in service module $ What do i need to do to fix this error? --------------------------------- Do you Yahoo!? Find out what made the Top Yahoo! Searches of 2003 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" --------------------------------- Do you Yahoo!? Find out what made the Top Yahoo! Searches of 2003 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" --------------------------------- Do you Yahoo!? Find out what made the Top Yahoo! Searches of 2003 From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 13:29:18 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 68B1216A4CE for ; Sat, 3 Jan 2004 13:29:18 -0800 (PST) Received: from web60804.mail.yahoo.com (web60804.mail.yahoo.com [216.155.196.67]) by mx1.FreeBSD.org (Postfix) with SMTP id 4A1D043D2F for ; Sat, 3 Jan 2004 13:29:15 -0800 (PST) (envelope-from richard_bejtlich@yahoo.com) Message-ID: <20040103212914.13796.qmail@web60804.mail.yahoo.com> Received: from [68.84.6.72] by web60804.mail.yahoo.com via HTTP; Sat, 03 Jan 2004 13:29:14 PST Date: Sat, 3 Jan 2004 13:29:14 -0800 (PST) From: Richard Bejtlich To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Tcpreplay on single system? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2004 21:29:18 -0000 Hello, I've been trying to find the best way to replay traffic with tcpreplay and have various tools on the same system listen for that traffic. In other words, I'd like a single box traffic replay and analysis system. This is the way I have tools that can't read libpcap files process libpcap data. Note I'm trying to do this with a virtual interface, not a physical interface. Tcpreplay relies on libnet, which according to the tcpreplay FAQ *does* allow sending traffic using lo0 in the very latest release (libnet 1.1.1). I haven't tried that yet. I've gotten the following to work and I was hoping for comments. I use a tap0 interface, thanks to this thread: http://unix.derkeiler.com/Mailing-Lists/FreeBSD/net/2003-09/0176.html I use a FreeBSD 4.9 STABLE system. Can anyone comment on why I have to do an 'ifconfig tap0' before the second line works? /dev/tap0 exists already. janney# uname -a FreeBSD janney.taosecurity.com 4.9-STABLE FreeBSD 4.9-STABLE #0: Tue Dec 23 10:28:02 EST 2003 root@janney.taosecurity.com:/usr/obj/usr/src/sys/janney i386 janney# ls -al /dev/tap* crw------- 1 root network 149, 0 Jan 3 16:09 /dev/tap0 crw------- 1 root network 149, 1 Jan 3 16:05 /dev/tap1 crw------- 1 root network 149, 2 Dec 23 08:41 /dev/tap2 crw------- 1 root network 149, 3 Dec 23 08:41 /dev/tap3 janney# dd if=/dev/tap0 of=/dev/null bs=1500 & [1] 213 janney# dd: /dev/tap0: Device not configured [1] Exit 1 dd if=/dev/tap0 of=/dev/null bs=1500 janney# ifconfig tap0 ifconfig: interface tap0 does not exist janney# dd if=/dev/tap0 of=/dev/null bs=1500 & [1] 215 janney# ifconfig tap0 tap0: flags=8802 mtu 1500 ether 00:bd:cd:09:01:00 Opened by PID 215 >From here I can use tcpreplay to send traffic to tap0 and also listen on tap0. I've tried creating ngeth0 but tcpreplay can't seem to find it. Is there a better way to do this? Thank you, Richard http://www.taosecurity.com __________________________________ Do you Yahoo!? Free Pop-Up Blocker - Get it now http://companion.yahoo.com/ From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 15:59:12 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 87E1216A4CE for ; Sat, 3 Jan 2004 15:59:12 -0800 (PST) Received: from thong.s2s.msu.ru (thong.s2s.msu.ru [193.232.119.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 35B2B43D2D for ; Sat, 3 Jan 2004 15:59:08 -0800 (PST) (envelope-from chinhngt@sectorb.msk.ru) Received: from hq.sectorb.msk.ru (petaflop.lcm.msu.ru [193.232.113.220]) by thong.s2s.msu.ru (Postfix) with ESMTP id 0C6B12B6E; Sun, 4 Jan 2004 02:59:04 +0300 (MSK) Received: from unix.local (unix.local [172.16.12.120]) by hq.sectorb.msk.ru (Postfix) with ESMTP id 5A87E19E8; Sun, 4 Jan 2004 02:59:03 +0300 (MSK) Date: Sun, 4 Jan 2004 02:59:48 +0300 (MSK) From: Nguyen Tam Chinh X-X-Sender: chinhngt@chinhngt.b.gz.ru To: Gleb Smirnoff In-Reply-To: <20040103113428.GD35298@cell.sick.ru> Message-ID: <20040104024459.V98499@chinhngt.b.gz.ru> References: <20031231051118.V6209@chinhngt.b.gz.ru> <20040103113428.GD35298@cell.sick.ru> Website: http://chinhngt.hotmail.ru Home-addr: Vietnam_SR:Hue-city:45-Le_Huan-st Current-addr: Russian_Federation:Moscow:119234:Main_Building-MSU:Sector_B:Room_539 Keywords: 216091683 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: inetd[]: warning: can't get clientaddress: Connection reset by peer X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2004 23:59:12 -0000 On Sat, 3 Jan 2004, Gleb Smirnoff wrote: > On Wed, Dec 31, 2003 at 05:26:46AM +0300, Nguyen Tam Chinh wrote: > N> I get tons of messages with syntax like my line, all has > N> begun after I set up a qpopper/tsl and a smbd, but i seems not to be the > N> deal. I've searched through google and found some messages saying about > N> kind of attacking. I now just can't find any detail logs in my freebsd 4.9 > N> box. Please tell me where can i find more info about this, take and > N> read the inetd source-code is not a good idea :). Any comment is great. > > I should look into src/contrib/tcp_wrappers/socket.c, function sock_host(), > and analyze in what cases this message happens. That's right. I see it, the messages is created due to inpropper udp packets. Offtop: for AF_INET, getsockname() and getpeername() should act as the same, yes? ----- With best regards. Nguyen Tam Chinh chinhngt@sectorb.msk.ru From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 19:36:55 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2695D16A4CE for ; Sat, 3 Jan 2004 19:36:55 -0800 (PST) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 080EC43D7C for ; Sat, 3 Jan 2004 19:36:53 -0800 (PST) (envelope-from wes@softweyr.com) Received: from homer.softweyr.com (66-91-236-204.san.rr.com [66.91.236.204]) by smtp-relay.omnis.com (Postfix) with ESMTP id A551572E13; Sat, 3 Jan 2004 19:36:52 -0800 (PST) From: Wes Peters Organization: Softweyr To: afshin , freebsd-net@freebsd.org Date: Sat, 3 Jan 2004 18:42:00 -0800 User-Agent: KMail/1.5.2 References: <20031230200106.24025.qmail@web21504.mail.yahoo.com> In-Reply-To: <20031230200106.24025.qmail@web21504.mail.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200401031842.01076.wes@softweyr.com> Subject: Re: outdoor Wireless-indoor access X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Jan 2004 03:36:55 -0000 On Tuesday 30 December 2003 12:01, afshin wrote: > Dear Helpers, > I want to know if there is a solution for wireless > Network in a 2 KM circle? > In Other words I want to if the Below Situation would > work or not: > Installing an Access Point 802.11b with an omni > anthena in 20 Meter high from the earth. > and then I want to know can an indoor wireless LAN > card 802.11b can access the AP or not. With the standard built-in antenna, or a card-mounted "rubber ducky" antenna, not likely. At that distance, you will need a directed antenna carefully aimed at the AP. I've used such a setup across distances up to 7 miles (about 10 km) with a 24db "fruit basket" antenna and no amplifier. The good news is the antennas are really cheap. The bad news is the Low-Loss coaxial cable you'll need to connect your system to the antennas is very expensive. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/