From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 00:00:41 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4001916A41F for ; Sun, 17 Jun 2007 00:00:41 +0000 (UTC) (envelope-from ivo.vachkov@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.226]) by mx1.freebsd.org (Postfix) with ESMTP id DFDA013C44C for ; Sun, 17 Jun 2007 00:00:40 +0000 (UTC) (envelope-from ivo.vachkov@gmail.com) Received: by wx-out-0506.google.com with SMTP id h28so1033763wxd for ; Sat, 16 Jun 2007 17:00:40 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=kLBCUQJLybh71laUK9rGA6Be0LI8sDhMdf9TGjtKdIS9EjwjBQpCzZestOA5dl0Ye5Ukit8KFC9fXJQBNtjnwWE33NgcKiCuNsdMT/UG5TXHekUDMZlTgglfpVt4NEcsN50esgCBHF8ofBQjBtn6N+z3+eOBGVVS+WUGJJOAkOM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=kwd6v+gmZZ1dmctmWC2iyEiS+oWrxvXfDRVg2mZabIBLVjln0MPzAOejKP79zPzeMNq5gSR5+u8ukbCsQzt4N7p4alTsC4m86yfhPpoP4+VNCvLQEDpHIA4SoYvONGcJiTsA4Vs98CyF7h+Lo5kY+V+FTzoyxBdp3UYUuaaUGD8= Received: by 10.90.50.1 with SMTP id x1mr3291073agx.1182036979316; Sat, 16 Jun 2007 16:36:19 -0700 (PDT) Received: by 10.90.119.18 with HTTP; Sat, 16 Jun 2007 16:36:19 -0700 (PDT) Message-ID: Date: Sun, 17 Jun 2007 02:36:19 +0300 From: "Ivo Vachkov" To: freebsd-net@freebsd.org In-Reply-To: <20070616102941.GA96610@svzserv.kemerovo.su> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <1428d0e80706152321u70b5c842jd3b09341dcc717b2@mail.gmail.com> <20070616102941.GA96610@svzserv.kemerovo.su> Subject: Re: How to make freebsd updater like cvsup X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 00:00:41 -0000 or, if your systems are much alike you can export /usr/obj too and make buildworld on one server and make installworld on all. it works for me. On 6/16/07, Eugene Grosbein wrote: > On Sat, Jun 16, 2007 at 12:06:14PM +0545, Prakash Poudyal wrote: > > > I have 5 freebsd server in my system. I want to update freebsd from cvsup in > > only one server and remaining 4 server from the server where it was updated > > from cvsup. So please can you tell me how to do this process or I am waiting > > for your suggesstion or what you recommend to do it. you know I donot want > > to do update each and every server from cvsup. Thank you > > Waiting from your response > > Just deliver updated /usr/src to remaining servers using tar or NFS mount. > > Eugene Grosbein > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- "UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity." Dennis Ritchie From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 00:32:00 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0616C16A400 for ; Sun, 17 Jun 2007 00:32:00 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id D243913C448 for ; Sun, 17 Jun 2007 00:31:59 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 375F4471B6; Sat, 16 Jun 2007 20:31:59 -0400 (EDT) Date: Sun, 17 Jun 2007 01:31:59 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Ivo Vachkov In-Reply-To: Message-ID: <20070617013026.M33679@fledge.watson.org> References: <1428d0e80706152321u70b5c842jd3b09341dcc717b2@mail.gmail.com> <20070616102941.GA96610@svzserv.kemerovo.su> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: How to make freebsd updater like cvsup X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 00:32:00 -0000 On Sun, 17 Jun 2007, Ivo Vachkov wrote: > or, if your systems are much alike you can export /usr/obj too and make > buildworld on one server and make installworld on all. it works for me. If you do this, make sure your build configuration is the same on the two boxes -- i.e. make.conf/src.conf/etc. Otherwise you can run into problems when installworld tries to install conditionally unbuilt components from the build box's configuration. Robert N M Watson Computer Laboratory University of Cambridge > > On 6/16/07, Eugene Grosbein wrote: >> On Sat, Jun 16, 2007 at 12:06:14PM +0545, Prakash Poudyal wrote: >> >> > I have 5 freebsd server in my system. I want to update freebsd from cvsup >> in >> > only one server and remaining 4 server from the server where it was >> updated >> > from cvsup. So please can you tell me how to do this process or I am >> waiting >> > for your suggesstion or what you recommend to do it. you know I donot >> want >> > to do update each and every server from cvsup. Thank you >> > Waiting from your response >> >> Just deliver updated /usr/src to remaining servers using tar or NFS mount. >> >> Eugene Grosbein >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> > > > -- > "UNIX is basically a simple operating system, but you have to be a > genius to understand the simplicity." Dennis Ritchie > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 09:17:55 2007 Return-Path: X-Original-To: freebsd-net@hub.freebsd.org Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0339916A41F; Sun, 17 Jun 2007 09:17:55 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id D00F013C447; Sun, 17 Jun 2007 09:17:54 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l5H9Hsdt073394; Sun, 17 Jun 2007 09:17:54 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l5H9HspY073390; Sun, 17 Jun 2007 09:17:54 GMT (envelope-from linimon) Date: Sun, 17 Jun 2007 09:17:54 GMT From: Mark Linimon Message-Id: <200706170917.l5H9HspY073390@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org Cc: Subject: Re: kern/103253: inconsistent behaviour in arp reply of a bridge X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 09:17:55 -0000 Synopsis: inconsistent behaviour in arp reply of a bridge Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Sun Jun 17 09:17:28 UTC 2007 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=103253 From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 09:40:16 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C40C116A41F for ; Sun, 17 Jun 2007 09:40:16 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 7B6A813C480 for ; Sun, 17 Jun 2007 09:40:15 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1HzrEY-0004d8-NO for freebsd-net@freebsd.org; Sun, 17 Jun 2007 11:39:46 +0200 Received: from 78-0-69-117.adsl.net.t-com.hr ([78.0.69.117]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 17 Jun 2007 11:39:46 +0200 Received: from ivoras by 78-0-69-117.adsl.net.t-com.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 17 Jun 2007 11:39:46 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Ivan Voras Date: Sun, 17 Jun 2007 11:39:28 +0200 Lines: 31 Message-ID: References: <4673B170.9020005@thedarkside.nl> <46747735.5010603@monkeybrains.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig401A8CE3CB7C9C52DD66BC96" X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: 78-0-69-117.adsl.net.t-com.hr User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) In-Reply-To: <46747735.5010603@monkeybrains.net> X-Enigmail-Version: 0.94.3.0 Sender: news Subject: Re: Quickly creating VLANs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 09:40:16 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig401A8CE3CB7C9C52DD66BC96 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Rudy Rucker wrote: >=20 > Works for me, but if you put in the 'inet' if breaks. I've noticed that too, so I split it in a separate line. > Is inet inherited from the 'vlandev' and therefore redundant? It can't be - VLANs are Ethernet-level constructs. --------------enig401A8CE3CB7C9C52DD66BC96 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGdQFVldnAQVacBcgRAlIMAKD86oO36+jtVMSw1UQGwCNGKWwrdgCg/nZe ZGKZFL3pn55YJvUUM1VnGCs= =ClVH -----END PGP SIGNATURE----- --------------enig401A8CE3CB7C9C52DD66BC96-- From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 09:41:35 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7BAE516A468; Sun, 17 Jun 2007 09:41:35 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from pobox.codelabs.ru (pobox.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 3055513C4C2; Sun, 17 Jun 2007 09:41:35 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject; b=QQutZ/76FMaDWkz3kyq5JQLLeKuwJwRvJD883GTGDCz2jhwck09pEyJkgy2thZDNkT5otSQxyKdG+50s4TQ8iWbXKn0lvjyY2lQmdDceWWYjAOOL9bmo/labj7TsPmaIWZkrhNo4rJc08XCvKAKcWzKNhe/OHlk9U9VJ5w2C6fo=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by pobox.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1HzrGF-0007h7-CS; Sun, 17 Jun 2007 13:41:31 +0400 Date: Sun, 17 Jun 2007 13:41:26 +0400 From: Eygene Ryabinkin To: Max Laier Message-ID: <20070617094126.GT3779@void.codelabs.ru> References: <200706160347.33331.max@love2party.net> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <200706160347.33331.max@love2party.net> Sender: rea-fbsd@codelabs.ru X-Spam-Status: No, score=-2.8 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_00 Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org, freebsd-pf@freebsd.org Subject: Re: pf 4.1 Update available for testing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 09:41:35 -0000 Max, good day. Sat, Jun 16, 2007 at 03:47:24AM +0200, Max Laier wrote: > $subject at: http://people.freebsd.org/~mlaier/PF41/ I glanced over the new code and found that no changes were introduced to the altq_subr.c. And there was rather old issue I found in April: non-initialised callback due to Nate Lawson's changes in handling the changing CPU frequencies. Looks like it is still living in the code. My original posting is at http://lists.freebsd.org/pipermail/freebsd-current/2007-April/071652.html Could you please take a look? Thank you! -- Eygene From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 10:23:07 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A135716A41F for ; Sun, 17 Jun 2007 10:23:07 +0000 (UTC) (envelope-from miroslav@svishtov.net) Received: from mail.svishtov.net (mail.svishtov.net [85.217.192.3]) by mx1.freebsd.org (Postfix) with ESMTP id EA04113C484 for ; Sun, 17 Jun 2007 10:23:06 +0000 (UTC) (envelope-from miroslav@svishtov.net) X-Spam-Status: No, hits=5.2 required=7.5 tests=AWL: -0.903,BAYES_99: 4.07,FORGED_RCVD_HELO: 0.135, HTML_40_50: 0.496,HTML_MESSAGE: 0.001,RCVD_NUMERIC_HELO: 1.5, SUBJECT_EXCESS_QP: 0,TOTAL_SCORE: 5.299 X-Spam-Level: ***** Received: from 85.217.222.2 ([85.217.222.2]) by mail.svishtov.net for freebsd-net@freebsd.org; Sun, 17 Jun 2007 11:05:38 +0300 To: freebsd-net@freebsd.org From: "Miroslav Slavkov" In-Reply-To: 46747735.5010603@monkeybrains.net Message-ID: <20070617080538.93f72c53@mail.svishtov.net> Date: Sun, 17 Jun 2007 11:05:38 +0300 X-User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; bg; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Quickly creating VLANs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 10:23:07 -0000 # ifconfig vlan100 create inet 1.2.3.4/24 vlan 100 vlandev xl0 # ifconfig vlan100 vlan100: flags=8843 mtu 1500 inet 1.2.3.4 netmask 0xffffff00 broadcast 1.2.3.255 ether 00:10:5a:48:ce:a4 media: Ethernet autoselect (100baseTX ) status: active vlan: 100 parent interface: xl0 _____ From: Rudy Rucker [mailto:crapsh@monkeybrains.net] To: freebsd-net@freebsd.org Sent: Sun, 17 Jun 2007 02:50:13 +0300 Subject: Re: Quickly creating VLANs? Works for me, but if you put in the 'inet' if breaks. # ifconfig vlan600 create vlan 600 vlandev fxp1 inet 10.20.0.1/24 ifconfig: inet: bad value man ifconfig: Since an interface can receive transmissions in differing protocols with different naming schemes, specifying the address family is recommended. either needs to be revised to: except when creating a vlan, 'cause that causes sh*t to break or, the ifconfig command needs to accept 'inet' when creating a vlan. Is inet inherited from the 'vlandev' and therefore redundant? Rudy Pieter de Boer wrote: > Ivan Voras wrote: > >> ifconfig vlan600 destroy >> ifconfig vlan600 create >> ifconfig vlan600 vlan 600 vlandev fxp1 >> ifconfig vlan600 inet 10.20.0.1 netmask 255.255.255.0 > Try ifconfig vlan600 create vlan 600 vlandev fxp1 10.20.0.1/24 > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 11:28:33 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0E0F116A41F for ; Sun, 17 Jun 2007 11:28:33 +0000 (UTC) (envelope-from matteo@freebsd.org) Received: from vsmtp3.tin.it (vsmtp3.tin.it [212.216.176.223]) by mx1.freebsd.org (Postfix) with ESMTP id BD2BD13C484 for ; Sun, 17 Jun 2007 11:28:32 +0000 (UTC) (envelope-from matteo@freebsd.org) Received: from localhost.krapfengeist (82.56.124.243) by vsmtp3.tin.it (7.3.122) id 4672B77B00070E10; Sun, 17 Jun 2007 13:14:05 +0200 Received: from localhost.krapfengeist (rionda@localhost [127.0.0.1]) by localhost.krapfengeist (8.14.1/8.14.1) with ESMTP id l5HBE4R3001197; Sun, 17 Jun 2007 13:14:04 +0200 (CEST) (envelope-from matteo@freebsd.org) Received: (from rionda@localhost) by localhost.krapfengeist (8.14.1/8.14.1/Submit) id l5HBE3PC001196; Sun, 17 Jun 2007 13:14:03 +0200 (CEST) (envelope-from matteo@freebsd.org) X-Authentication-Warning: localhost.krapfengeist: rionda set sender to matteo@freebsd.org using -f Date: Sun, 17 Jun 2007 13:14:03 +0200 From: Matteo Riondato To: Jeremie Le Hen Message-ID: <20070617111403.GA1128@krapfengeist.dei.unipd.it> References: <20070615072734.GC8093@obiwan.tataz.chchile.org> <20070616054005.GU96936@elvis.mu.org> <20070616200956.GA63387@obiwan.tataz.chchile.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5vNYLRcllDrimb99" Content-Disposition: inline In-Reply-To: <20070616200956.GA63387@obiwan.tataz.chchile.org> User-Agent: Mutt/1.4.2.3i Cc: freebsd-net@freebsd.org, Alfred Perlstein Subject: Re: Firewalling NFS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 11:28:33 -0000 --5vNYLRcllDrimb99 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jun 16, 2007 at 10:09:56PM +0200, Jeremie Le Hen wrote: > Sorry, I checked RELENG_6. I've been told that rpc.lockd(8) and > rpc.statd(8) now have the "-p" option in -CURRENT. It seems that > nfsd(8)'s port number is assigned in recorded in services(5). > Therefore my question will be totally pointless once rpc.lockd(8) > and rpc.statd(8) "-p" option will be MFC'd to RELENG_6. They were MFC'd to RELENG_6 in April... Best regards --=20 Matteo Riondato FreeBSD Committer (http://www.freebsd.org) G.U.F.I. Staff Member (http://www.gufi.org) FreeSBIE Developer (http://www.freesbie.org) --5vNYLRcllDrimb99 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFGdRd72Mp4pR7Fa+wRAhL0AJ9Te4nchFATcjs8aijdy14W1NNzgwCfVV5y XT9vE8ZrWsW8H6uEH463Ato= =Tj7z -----END PGP SIGNATURE----- --5vNYLRcllDrimb99-- From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 14:35:28 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B1DAE16A46C for ; Sun, 17 Jun 2007 14:35:28 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mrout1-b.corp.dcn.yahoo.com (mrout1-b.corp.dcn.yahoo.com [216.109.112.27]) by mx1.freebsd.org (Postfix) with ESMTP id 652D013C480 for ; Sun, 17 Jun 2007 14:35:28 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (proxy8.corp.yahoo.com [216.145.48.13]) by mrout1-b.corp.dcn.yahoo.com (8.13.8/8.13.8/y.out) with ESMTP id l5HEPCH5059486; Sun, 17 Jun 2007 07:25:13 -0700 (PDT) Date: Sun, 17 Jun 2007 22:24:55 +0800 Message-ID: From: gnn@freebsd.org To: net@freebsd.org User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (=?ISO-8859-4?Q?Shij=F2?=) APEL/10.7 Emacs/22.0.95 (i386-apple-darwin8.8.2) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: re@freebsd.org Subject: RFC: Latest FAST_IPSEC + IPv6 patch X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 14:35:28 -0000 Howdy, In preparation for changes in CURRENT, aka 7.0, I have produced a patch that removes Kame IPsec and adds support for IPv6 to FAST_IPSEC. I have produced a patch which applies and compiles here: http://people.freebsd.org/~gnn/fast_ipv6.20070617.diff I am still testing the kernel I built in p4, before generating the patch. The TAHI test suite has 180 or so tests for IPsec on IPv6 and so it takes a while, hours, to execute. Please try this patch, and please send comments. I have a long backlog of other bugs to fix in the IPv6 and IPsec code so if you've been waiting for those, my apologies, I felt that it was necessary to get this big lump moving up hill first. Best, George From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 17:39:02 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id CB88616A400 for ; Sun, 17 Jun 2007 17:39:02 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from harmony.bsdimp.com (bsdimp.com [199.45.160.85]) by mx1.freebsd.org (Postfix) with ESMTP id 6EB8213C489 for ; Sun, 17 Jun 2007 17:39:02 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from localhost (localhost [127.0.0.1]) by harmony.bsdimp.com (8.13.8/8.13.4) with ESMTP id l5HHc0Fl043686 for ; Sun, 17 Jun 2007 11:38:01 -0600 (MDT) (envelope-from imp@bsdimp.com) Date: Sun, 17 Jun 2007 11:38:32 -0600 (MDT) Message-Id: <20070617.113832.87763558.imp@bsdimp.com> To: net@freebsd.org From: "M. Warner Losh" X-Mailer: Mew version 5.2 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0 (harmony.bsdimp.com [127.0.0.1]); Sun, 17 Jun 2007 11:38:01 -0600 (MDT) Cc: Subject: tcp connections hanging X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 17:39:02 -0000 OK. I'm getting very frustrated with my TCP connections hanging. It happens when I log into remote sites, when I try to encode dvds, etc. It is driving me nuts. This is with current from today. Current from 5 or 6 weeks ago doesn't seem to be bothered by this issue. Has anybody else seen it? Is there a fix being tested? I can trigger it trivially here... Warner From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 17:42:02 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 96E5E16A468 for ; Sun, 17 Jun 2007 17:42:02 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from harmony.bsdimp.com (bsdimp.com [199.45.160.85]) by mx1.freebsd.org (Postfix) with ESMTP id 37C1013C447 for ; Sun, 17 Jun 2007 17:42:02 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from localhost (localhost [127.0.0.1]) by harmony.bsdimp.com (8.13.8/8.13.4) with ESMTP id l5HHf2da043718 for ; Sun, 17 Jun 2007 11:41:02 -0600 (MDT) (envelope-from imp@bsdimp.com) Date: Sun, 17 Jun 2007 11:41:33 -0600 (MDT) Message-Id: <20070617.114133.778151882.imp@bsdimp.com> To: net@freebsd.org From: "M. Warner Losh" X-Mailer: Mew version 5.2 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0 (harmony.bsdimp.com [127.0.0.1]); Sun, 17 Jun 2007 11:41:02 -0600 (MDT) Cc: Subject: Issue with huge numbers of connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 17:42:02 -0000 Greetings, I have a friend who is having problems with a service he's running. He gets billions and billions of connections to this service a day. Somewhere between 10^8 and 10^9 connections, he notices that his servers lose the ability to accept new connections. These are TCP connections. This is with FreeBSD 6.1R. My first question is: does anybody know if the fixes to -current/7.0 have fixed this? Is there a fix that can be back ported? He's currently working around the problem by having a number of different machines that reboot in a round robin fashion, but would like a better solution. Warner From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 18:22:25 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0D93A16A41F for ; Sun, 17 Jun 2007 18:22:25 +0000 (UTC) (envelope-from joe@joeholden.co.uk) Received: from scarlett.lon.rewt.org.uk (scarlett.lon.rewt.org.uk [62.84.188.34]) by mx1.freebsd.org (Postfix) with ESMTP id CD30113C44C for ; Sun, 17 Jun 2007 18:22:24 +0000 (UTC) (envelope-from joe@joeholden.co.uk) Received: from [172.16.10.59] (87-194-76-190.bethere.co.uk [87.194.76.190]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by scarlett.lon.rewt.org.uk (Postfix) with ESMTP id 2ED2639848; Sun, 17 Jun 2007 19:07:22 +0100 (BST) Message-ID: <46757818.5030005@joeholden.co.uk> Date: Sun, 17 Jun 2007 19:06:16 +0100 From: Joe Holden User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: "M. Warner Losh" References: <20070617.114133.778151882.imp@bsdimp.com> In-Reply-To: <20070617.114133.778151882.imp@bsdimp.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: net@freebsd.org Subject: Re: Issue with huge numbers of connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 18:22:25 -0000 M. Warner Losh wrote: > Greetings, > > I have a friend who is having problems with a service he's running. > He gets billions and billions of connections to this service a day. > Somewhere between 10^8 and 10^9 connections, he notices that his > servers lose the ability to accept new connections. These are TCP > connections. > > This is with FreeBSD 6.1R. My first question is: does anybody know if > the fixes to -current/7.0 have fixed this? Is there a fix that can be > back ported? He's currently working around the problem by having a > number of different machines that reboot in a round robin fashion, but > would like a better solution. > > Warner > _______________________________________________ Warner, if he hasn't done so already, have you suggested tweaking the sysctl variables, such as: kern.maxfilesperproc kern.ipc.nmbclusters kern.maxprocperuid kern.maxfiles kern.ipc.somaxconn kern.maxvnodes Tweaking those may help, or he may just be exhausting available resources, IIRC its limited to 65k connections per interface, someone correct me if I am wrong. -- Joe Holden T: (UK) 02071009593 (AU) 282442321 E: joe@joeholden.co.uk From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 18:44:49 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 266B616A47A for ; Sun, 17 Jun 2007 18:44:49 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id 2353313C4BD for ; Sun, 17 Jun 2007 18:44:47 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 87C3646E6B; Sun, 17 Jun 2007 14:19:07 -0400 (EDT) Date: Sun, 17 Jun 2007 19:19:07 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: "M. Warner Losh" In-Reply-To: <20070617.114133.778151882.imp@bsdimp.com> Message-ID: <20070617191609.F33679@fledge.watson.org> References: <20070617.114133.778151882.imp@bsdimp.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: net@freebsd.org Subject: Re: Issue with huge numbers of connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 18:44:49 -0000 On Sun, 17 Jun 2007, M. Warner Losh wrote: > I have a friend who is having problems with a service he's running. He gets > billions and billions of connections to this service a day. Somewhere > between 10^8 and 10^9 connections, he notices that his servers lose the > ability to accept new connections. These are TCP connections. > > This is with FreeBSD 6.1R. My first question is: does anybody know if the > fixes to -current/7.0 have fixed this? Is there a fix that can be back > ported? He's currently working around the problem by having a number of > different machines that reboot in a round robin fashion, but would like a > better solution. I think we'll need some more detailed information to make headway. What does "Lose the ability to accept new connections" mean, and how firmly is it meant? Are we talking about "If you restart the application, it comes back" or "Reboot reuiqred", "SYNs don't get SYN/ACK's" or "SYNs get RSTs", or what exactly? There's a lot of scope for exploration, and plenty of bug fixes in the tree, but it's hard to say whether any apply without a bit more detail. Robert N M Watson Computer Laboratory University of Cambridge From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 18:51:16 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 928CC16A46D for ; Sun, 17 Jun 2007 18:51:16 +0000 (UTC) (envelope-from maxim@macomnet.ru) Received: from mp2.macomnet.net (mp2.macomnet.net [195.128.64.6]) by mx1.freebsd.org (Postfix) with ESMTP id 8C65913C483 for ; Sun, 17 Jun 2007 18:51:13 +0000 (UTC) (envelope-from maxim@macomnet.ru) Received: from localhost (localhost.int.ru [127.0.0.1] (may be forged)) by mp2.macomnet.net (8.13.7/8.13.8) with ESMTP id l5HIDsbl076058; Sun, 17 Jun 2007 22:13:54 +0400 (MSD) (envelope-from maxim@macomnet.ru) Date: Sun, 17 Jun 2007 22:13:54 +0400 (MSD) From: Maxim Konovalov To: "M. Warner Losh" In-Reply-To: <20070617.113832.87763558.imp@bsdimp.com> Message-ID: <20070617221319.F73282@mp2.macomnet.net> References: <20070617.113832.87763558.imp@bsdimp.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: net@freebsd.org Subject: Re: tcp connections hanging X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 18:51:16 -0000 On Sun, 17 Jun 2007, 11:38-0600, M. Warner Losh wrote: > OK. I'm getting very frustrated with my TCP connections hanging. It > happens when I log into remote sites, when I try to encode dvds, etc. > It is driving me nuts. This is with current from today. Current from > 5 or 6 weeks ago doesn't seem to be bothered by this issue. > > Has anybody else seen it? Is there a fix being tested? I can trigger > it trivially here... > Try to turn net.inet.tcp.rfc1323 off. -- Maxim Konovalov From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 19:03:03 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 214D516A46D for ; Sun, 17 Jun 2007 19:03:03 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from harmony.bsdimp.com (bsdimp.com [199.45.160.85]) by mx1.freebsd.org (Postfix) with ESMTP id AF21113C48C for ; Sun, 17 Jun 2007 19:03:02 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from localhost (localhost [127.0.0.1]) by harmony.bsdimp.com (8.13.8/8.13.4) with ESMTP id l5HJ262x044190; Sun, 17 Jun 2007 13:02:06 -0600 (MDT) (envelope-from imp@bsdimp.com) Date: Sun, 17 Jun 2007 13:02:38 -0600 (MDT) Message-Id: <20070617.130238.-1435629453.imp@bsdimp.com> To: joe@joeholden.co.uk From: "M. Warner Losh" In-Reply-To: <46757818.5030005@joeholden.co.uk> References: <20070617.114133.778151882.imp@bsdimp.com> <46757818.5030005@joeholden.co.uk> X-Mailer: Mew version 5.2 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0 (harmony.bsdimp.com [127.0.0.1]); Sun, 17 Jun 2007 13:02:07 -0600 (MDT) Cc: net@freebsd.org Subject: Re: Issue with huge numbers of connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 19:03:03 -0000 In message: <46757818.5030005@joeholden.co.uk> Joe Holden writes: : M. Warner Losh wrote: : > Greetings, : > : > I have a friend who is having problems with a service he's running. : > He gets billions and billions of connections to this service a day. : > Somewhere between 10^8 and 10^9 connections, he notices that his : > servers lose the ability to accept new connections. These are TCP : > connections. : > : > This is with FreeBSD 6.1R. My first question is: does anybody know if : > the fixes to -current/7.0 have fixed this? Is there a fix that can be : > back ported? He's currently working around the problem by having a : > number of different machines that reboot in a round robin fashion, but : > would like a better solution. : > : > Warner : > _______________________________________________ : Warner, if he hasn't done so already, have you suggested tweaking the : sysctl variables, such as: : kern.maxfilesperproc : kern.ipc.nmbclusters : kern.maxprocperuid : kern.maxfiles : kern.ipc.somaxconn : kern.maxvnodes : : Tweaking those may help, or he may just be exhausting available : resources, IIRC its limited to 65k connections per interface, someone : correct me if I am wrong. Here's the bug report I got: There is still a vague problem with the FreeBSD network interface -- especially the part that handles TCP. Something strange happens after about a week or so (after handling about 10^8 or 10^9 connections). The system becomes unreachable for TCP connections. I have fixed this problem by having all of the FreeBSD systems reboot automatically once a week using a cron job. I have not been able to isolate this issue, but I suspect that there is some kind of problem with the error handling and some resource gets depleted slowly. I realize that this is pretty vague, but I have not been able to find out what actually happens in this case. I believe that each connection lasts on the order of tens or hundreds milliseconds, given what I know about the systems in place. My earlier rephrase omitted a few key points. I suggested that he try to use a newer version of FreeBSD, but since these are a production system, he's hesitant to mess with them... Doing the math on 10^9 connections in a week translates to ~1650/s, so we'd expect there are on the order of 100-200 connections steady state at any time. I suspect that the peak load may be up to 100 times that, which is still only 20000 connections. The hangs don't seem to hang at a peak, but randomly. Given all that, I'm not sure which of the above to try. Warner From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 19:29:14 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 96B3116A4FC for ; Sun, 17 Jun 2007 19:29:14 +0000 (UTC) (envelope-from maxim@macomnet.ru) Received: from mp2.macomnet.net (mp2.macomnet.net [195.128.64.6]) by mx1.freebsd.org (Postfix) with ESMTP id 3045913C458 for ; Sun, 17 Jun 2007 19:29:13 +0000 (UTC) (envelope-from maxim@macomnet.ru) Received: from localhost (localhost.int.ru [127.0.0.1] (may be forged)) by mp2.macomnet.net (8.13.7/8.13.8) with ESMTP id l5HJT64m078532; Sun, 17 Jun 2007 23:29:06 +0400 (MSD) (envelope-from maxim@macomnet.ru) Date: Sun, 17 Jun 2007 23:29:05 +0400 (MSD) From: Maxim Konovalov To: "M. Warner Losh" In-Reply-To: <20070617.130238.-1435629453.imp@bsdimp.com> Message-ID: <20070617232404.U73282@mp2.macomnet.net> References: <20070617.114133.778151882.imp@bsdimp.com> <46757818.5030005@joeholden.co.uk> <20070617.130238.-1435629453.imp@bsdimp.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: joe@joeholden.co.uk, net@freebsd.org Subject: Re: Issue with huge numbers of connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 19:29:14 -0000 On Sun, 17 Jun 2007, 13:02-0600, M. Warner Losh wrote: > In message: <46757818.5030005@joeholden.co.uk> > Joe Holden writes: > : M. Warner Losh wrote: > : > Greetings, > : > > : > I have a friend who is having problems with a service he's running. > : > He gets billions and billions of connections to this service a day. > : > Somewhere between 10^8 and 10^9 connections, he notices that his > : > servers lose the ability to accept new connections. These are TCP > : > connections. > : > > : > This is with FreeBSD 6.1R. My first question is: does anybody know if > : > the fixes to -current/7.0 have fixed this? Is there a fix that can be > : > back ported? He's currently working around the problem by having a > : > number of different machines that reboot in a round robin fashion, but > : > would like a better solution. > : > > : > Warner > : > _______________________________________________ > : Warner, if he hasn't done so already, have you suggested tweaking the > : sysctl variables, such as: > : kern.maxfilesperproc > : kern.ipc.nmbclusters > : kern.maxprocperuid > : kern.maxfiles > : kern.ipc.somaxconn > : kern.maxvnodes > : > : Tweaking those may help, or he may just be exhausting available > : resources, IIRC its limited to 65k connections per interface, someone > : correct me if I am wrong. > > Here's the bug report I got: > > There is still a vague problem with the FreeBSD network interface -- > especially the part that handles TCP. Something strange happens after > about a week or so (after handling about 10^8 or 10^9 > connections). The system becomes unreachable for TCP connections. I > have fixed this problem by having all of the FreeBSD systems reboot > automatically once a week using a cron job. I have not been able to > isolate this issue, but I suspect that there is some kind of problem > with the error handling and some resource gets depleted slowly. I > realize that this is pretty vague, but I have not been able to find > out what actually happens in this case. > > I believe that each connection lasts on the order of tens or > hundreds milliseconds, given what I know about the systems in place. > My earlier rephrase omitted a few key points. I suggested that he > try to use a newer version of FreeBSD, but since these are a > production system, he's hesitant to mess with them... > > Doing the math on 10^9 connections in a week translates to ~1650/s, > so we'd expect there are on the order of 100-200 connections steady > state at any time. I suspect that the peak load may be up to 100 > times that, which is still only 20000 connections. The hangs don't > seem to hang at a peak, but randomly. > > Given all that, I'm not sure which of the above to try. > There are several obvious sysctls can affect: net.inet.ip.portrange.randomized, net.inet.ip.portrange.*. We definitly need more debug info: vmstat -zm, netstat -anp tcp, netstat -m, sysctl net.inet from his system. It would be nice if he gives a shell to the problem box. -- Maxim Konovalov From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 19:37:17 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 03CDA16A41F for ; Sun, 17 Jun 2007 19:37:17 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from turion.vk2pj.dyndns.org (c220-239-20-82.belrs4.nsw.optusnet.com.au [220.239.20.82]) by mx1.freebsd.org (Postfix) with ESMTP id 852A313C480 for ; Sun, 17 Jun 2007 19:37:14 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from turion.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by turion.vk2pj.dyndns.org (8.14.1/8.14.1) with ESMTP id l5HJL9l6024347; Mon, 18 Jun 2007 05:21:09 +1000 (EST) (envelope-from peter@turion.vk2pj.dyndns.org) Received: (from peter@localhost) by turion.vk2pj.dyndns.org (8.14.1/8.14.1/Submit) id l5HJL9Hu024346; Mon, 18 Jun 2007 05:21:09 +1000 (EST) (envelope-from peter) Date: Mon, 18 Jun 2007 05:21:09 +1000 From: Peter Jeremy To: "M. Warner Losh" Message-ID: <20070617192109.GG22547@turion.vk2pj.dyndns.org> References: <20070617.114133.778151882.imp@bsdimp.com> <46757818.5030005@joeholden.co.uk> <20070617.130238.-1435629453.imp@bsdimp.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="tThc/1wpZn/ma/RB" Content-Disposition: inline In-Reply-To: <20070617.130238.-1435629453.imp@bsdimp.com> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.15 (2007-04-06) Cc: net@freebsd.org Subject: Re: Issue with huge numbers of connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 19:37:17 -0000 --tThc/1wpZn/ma/RB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2007-Jun-17 13:02:38 -0600, "M. Warner Losh" wrote: >Doing the math on 10^9 connections in a week translates to ~1650/s, so we'd >expect there are on the order of 100-200 connections steady state at any >time. I suspect that the peak load may be up to 100 times that, which is >still only 20000 connections. The hangs don't seem to hang at a peak, but >randomly. Note that the TCP state machine includes a 2xMSL (128 second) timeout after the connection closes before the kernel releases the TCP control block. There may not be many connections open but at 1650 connections per second, there are about 200,000 control blocks in TCPS_TIME_WAIT - far more if the load is peaky. --=20 Peter Jeremy --tThc/1wpZn/ma/RB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFGdYml/opHv/APuIcRAivWAJ4mHAwI4CH/xLvNKSJo5N1D2BGGJwCfdG78 VkRBP3W/3Wdd5Z3BsLw461U= =mfwv -----END PGP SIGNATURE----- --tThc/1wpZn/ma/RB-- From owner-freebsd-net@FreeBSD.ORG Sun Jun 17 21:56:38 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BDC7516A46E for ; Sun, 17 Jun 2007 21:56:38 +0000 (UTC) (envelope-from al@starfishzone.com) Received: from mail.starfishzone.com (mail.starfishzone.com [81.187.184.167]) by mx1.freebsd.org (Postfix) with ESMTP id 0B71E13C4D3 for ; Sun, 17 Jun 2007 21:56:27 +0000 (UTC) (envelope-from al@starfishzone.com) Received: (qmail 28978 invoked by uid 1013); 17 Jun 2007 21:33:31 -0000 Received: from 81.2.81.105 by linckia.starfishzone.com (envelope-from , uid 88) with qmail-scanner-1.25 (clamdscan: 0.90.3-exp/3440. Clear:RC:1(81.2.81.105):. Processed in 0.174934 secs); 17 Jun 2007 21:33:31 -0000 Received: from unknown (HELO ?192.168.1.8?) (andrew.liles@starfishzone.com@81.2.81.105) by 0 with SMTP; 17 Jun 2007 21:33:31 -0000 Message-ID: <4675A8AB.7010600@starfishzone.com> Date: Sun, 17 Jun 2007 22:33:31 +0100 From: Andrew Liles User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: What's the best diagnostic utility for wireless signal? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 21:56:38 -0000 I use wireless on a FreeBSD 6.1 box in an area of low signal to my Access Point. I want to be able to inspect the signal strength/quality so that I may adjust the antenna to get best results. What is the best diagnostic to use? For instance: wicontrol wi0 produces: ... Comms quality/signal/noise: [ 28 47 1 ] dBm Coms Quality: [ 14 -85 -99 ] ... but what is "good" or which numbers should I be seeking maximise or minimise? From owner-freebsd-net@FreeBSD.ORG Mon Jun 18 11:08:33 2007 Return-Path: X-Original-To: freebsd-net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6E5D516A400 for ; Mon, 18 Jun 2007 11:08:33 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 41AEC13C455 for ; Mon, 18 Jun 2007 11:08:33 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l5IB8Xxo017699 for ; Mon, 18 Jun 2007 11:08:33 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l5IB8VJj017695 for freebsd-net@FreeBSD.org; Mon, 18 Jun 2007 11:08:31 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 18 Jun 2007 11:08:31 GMT Message-Id: <200706181108.l5IB8VJj017695@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2007 11:08:33 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- a kern/38554 net changing interface ipaddress doesn't seem to work s kern/39937 net ipstealth issue s kern/81147 net [net] [patch] em0 reinitialization while adding aliase o kern/92552 net A serious bug in most network drivers from 5.X to 6.X s kern/95665 net [if_tun] "ping: sendto: No buffer space available" wit s kern/105943 net Network stack may modify read-only mbuf chain copies o kern/106316 net [dummynet] dummynet with multipass ipfw drops packets o kern/108542 net [bce]: Huge network latencies with 6.2-RELEASE / STABL o kern/109406 net [ndis] Broadcom WLAN driver 4.100.15.5 doesn't work wi o kern/110959 net [ipsec] Filtering incoming packets with enc0 does not o kern/112528 net [nfs] NFS over TCP under load hangs with "impossible p o kern/112686 net [patm] patm driver freezes System (FreeBSD 6.2-p4) i38 o kern/112722 net IP v4 udp fragmented packet reject o kern/113359 net [ipv6] panic sbdrop after ICMP6, packet too big o kern/113457 net [ipv6] deadlock occurs if a tunnel goes down while the 15 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/23063 net [PATCH] for static ARP tables in rc.network s bin/41647 net ifconfig(8) doesn't accept lladdr along with inet addr o kern/54383 net [nfs] [patch] NFS root configurations without dynamic s kern/60293 net FreeBSD arp poison patch o kern/95267 net packet drops periodically appear f kern/95277 net [netinet] IP Encapsulation mask_match() returns wrong o kern/100519 net [netisr] suggestion to fix suboptimal network polling o kern/102035 net [plip] plip networking disables parallel port printing o conf/102502 net [patch] ifconfig name does't rename netgraph node in n o kern/103253 net inconsistent behaviour in arp reply of a bridge o conf/107035 net [patch] bridge interface given in rc.conf not taking a o kern/112612 net [lo] Traffic via additional lo(4) interface shows up o o kern/112654 net [pcn] Kernel panic upon if_pcn module load on a Netfin o kern/112710 net [re] if_re driver detects incorrect b243a405a405 MAC a o kern/112886 net [broadcom]: Wifi card not detected 15 problems total. From owner-freebsd-net@FreeBSD.ORG Mon Jun 18 14:25:49 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0D5DD16A41F for ; Mon, 18 Jun 2007 14:25:49 +0000 (UTC) (envelope-from hlh@restart.be) Received: from tignes.restart.be (tignes.restart.be [213.251.163.210]) by mx1.freebsd.org (Postfix) with ESMTP id 8CCBC13C4AD for ; Mon, 18 Jun 2007 14:25:48 +0000 (UTC) (envelope-from hlh@restart.be) Received: from restart.be (ip-83-134-220-45.dsl.scarlet.be [83.134.220.45]) by tignes.restart.be (8.13.8/8.13.8) with ESMTP id l5IDrPps098502 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 18 Jun 2007 15:53:25 +0200 (CEST) (envelope-from hlh@restart.be) Received: from morzine.restart.bel (morzine.restart.bel [192.168.24.2]) (authenticated bits=0) by restart.be (8.14.1/8.14.1) with ESMTP id l5IDrJZK036929 for ; Mon, 18 Jun 2007 15:53:20 +0200 (CEST) (envelope-from hlh@restart.be) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=restart.be; s=avoriaz; t=1182174804; bh=ad8DovoxbujEYnHndSShr2D4MEUirnzsUyxVmso Vup4=; h=DomainKey-Signature:Message-ID:Date:From:Organization: User-Agent:MIME-Version:To:Subject:Content-Type: Content-Transfer-Encoding:X-Scanned-By; b=SSWZ/zoOgmXN1Yr1ItJRDnNe KMjeaj8LSQgV53126LBHn9nOU0vxpcYRE8i99V5VNj6M42WD0O+bnXMBguZQVA== DomainKey-Signature: a=rsa-sha1; s=avoriaz; d=restart.be; c=nofws; q=dns; h=message-id:date:from:organization:user-agent:mime-version:to: subject:content-type:content-transfer-encoding:x-scanned-by; b=XZNUnBt7eahhRmLhVEjbsEuAbVi69ejtmtSMpaL64CYEaUcT1uFtLrdNCmKpRLg55 61BHn30Gn1UInTriv2ivg== Message-ID: <46768E4F.5040205@restart.be> Date: Mon, 18 Jun 2007 15:53:19 +0200 From: Henri Hennebert Organization: RestartSoft User-Agent: Thunderbird 2.0.0.4 (X11/20070616) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.61 on 192.168.24.1 Subject: ipv6 ndp proxy - advice needed... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2007 14:25:49 -0000 Hello, Here is my problem... I want to become a tunnel broker... I rent a dedicated server (called tignes) which is running 6.2-RELEASE and which has one ipv4 address and may use /64 ipv6 addresses (2001:41d0:1:2ad2::/64). The interface must be configured with a prefixlen of 56 and I can't change any routing in my ISP router! [root@tignes ~]# ifconfig rl0 rl0: flags=8843 mtu 1500 options=8 inet6 fe80::2e0:4cff:fede:f409%rl0 prefixlen 64 scopeid 0x1 inet 213.251.163.210 netmask 0xffffff00 broadcast 213.251.163.255 inet6 2001:41d0:1:2ad2::1 prefixlen 56 ether 00:e0:4c:de:f4:09 media: Ethernet autoselect (100baseTX ) status: active with the default gateway: default 2001:41d0:1:2aff:ff:ff:ff:ff UGS rl0 So far so good... I want to use this server as a ipv6 tunnel broker for my network at home. At home, my gateway (avoriaz) running 6.2-RELEASE is connected to my ISP with a ADSL connection (using mpd4). On avoriaz I create a gif interface as well as on the dedicated server: [root@avoriaz ~]# ifconfig gif0 gif0: flags=8051 mtu 1280 tunnel inet 83.134.220.45 --> 213.251.163.210 inet6 fe80::230:5ff:fe12:bbbf%gif0 prefixlen 64 scopeid 0x5 inet6 2001:41d0:1:2ad2::fffe:0 --> 2001:41d0:1:2ad2::ffff:0 prefixlen 128 [root@tignes ~]# ifconfig gif0 gif0: flags=8051 mtu 1280 tunnel inet 213.251.163.210 --> 83.134.220.45 inet6 fe80::2e0:4cff:fede:f409%gif0 prefixlen 64 scopeid 0x4 inet6 2001:41d0:1:2ad2::ffff:0 --> 2001:41d0:1:2ad2::fffe:0 prefixlen 128 And I decide that at home my ipv6 network will be: 2001:41d0:1:2ad2::1:0/112 So I add on tignes a static route: 2001:41d0:1:2ad2::1:0/112 2001:41d0:1:2ad2::fffe:0 UGS gif0 and at home on the gateway: default 2001:41d0:1:2ad2::ffff:0 UGS gif0 The address of the gateway on my home network is: [root@avoriaz ~]# ifconfig xl0 xl0: flags=8843 mtu 1500 options=9 inet6 fe80::204:76ff:fe9f:3324%xl0 prefixlen 64 scopeid 0x2 inet 192.168.24.1 netmask 0xffffff00 broadcast 192.168.24.255 inet6 2001:41d0:1:2ad2::1:1 prefixlen 112 ether 00:04:76:9f:33:24 media: Ethernet autoselect (100baseTX ) status: active and on my workstation (morzine) : [root@morzine ~]# ifconfig em0 em0: flags=8843 mtu 1500 options=b inet6 fe80::2e0:81ff:fe70:6b68%em0 prefixlen 64 scopeid 0x1 inet 192.168.24.2 netmask 0xffffff00 broadcast 192.168.24.255 inet6 2001:41d0:1:2ad2::1:2 prefixlen 112 ether 00:e0:81:70:6b:68 media: Ethernet autoselect (100baseTX ) status: active maybe a schema: +-------------+ dedicated server | tignes | +-------------+ |............2001:41d0:1:2ad2::/56 | gw: 2001:41d0:1:2aff:ff:ff:ff:ff | (gif ipv6 tunnel) | | +-------------+ home gateway | avoriaz | +-------------+ |............2001:41d0:1:2ad2::1:0/112 +-------------+ home workstation | morzine | +-------------+ Now, from tignes (dedicated server) I can ping6 the world: [root@tignes ~]# ping6 www.kame.net PING6(56=40+8+8 bytes) 2001:41d0:1:2ad2::1 --> 2001:200:0:8002:203:47ff:fea5:3085 16 bytes from 2001:200:0:8002:203:47ff:fea5:3085, icmp_seq=0 hlim=53 time=272.770 ms 16 bytes from 2001:200:0:8002:203:47ff:fea5:3085, icmp_seq=1 hlim=53 time=283.548 ms on morzine (the workstation) I can ping6 avoriaz and tignes: [root@morzine ~]# ping6 tignes6 PING6(56=40+8+8 bytes) 2001:41d0:1:2ad2::1:2 --> 2001:41d0:1:2ad2::1 16 bytes from 2001:41d0:1:2ad2::1, icmp_seq=0 hlim=63 time=29.066 ms 16 bytes from 2001:41d0:1:2ad2::1, icmp_seq=1 hlim=63 time=28.472 ms If I try to ping6 the world, no answer... and on the dedicated server: [root@tignes ~]# tcpdump -i rl0 icmp6 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes 15:30:11.621367 IP6 2001:41d0:1:2ad2::1:2 > orange.kame.net: ICMP6, echo request, seq 26, length 16 15:30:11.902219 IP6 fe80::2d0:3ff:fe75:e000 > ff02::1:ff01:2: ICMP6, neighbor solicitation, who has 2001:41d0:1:2ad2::1:2, length 32 15:30:12.621494 IP6 2001:41d0:1:2ad2::1:2 > orange.kame.net: ICMP6, echo request, seq 27, length 16 15:30:12.905746 IP6 fe80::2d0:3ff:fe75:e000 > ff02::1:ff01:2: ICMP6, neighbor solicitation, who has 2001:41d0:1:2ad2::1:2, length 32 15:30:13.622036 IP6 2001:41d0:1:2ad2::1:2 > orange.kame.net: ICMP6, echo request, seq 28, length 16 15:30:13.902557 IP6 fe80::2d0:3ff:fe75:e000 > ff02::1:ff01:2: ICMP6, neighbor solicitation, who has 2001:41d0:1:2ad2::1:2, length 32 15:30:14.632267 IP6 2001:41d0:1:2ad2::1:2 > orange.kame.net: ICMP6, echo request, seq 29, length 16 15:30:14.902459 IP6 fe80::2d0:3ff:fe75:e000 > ff02::1:ff01:2: ICMP6, neighbor solicitation, who has 2001:41d0:1:2ad2::1:2, length 32 15:30:15.621377 IP6 2001:41d0:1:2ad2::1:2 > orange.kame.net: ICMP6, echo request, seq 30, length 16 15:30:15.905359 IP6 fe80::2d0:3ff:fe75:e000 > ff02::1:ff01:2: ICMP6, neighbor solicitation, who has 2001:41d0:1:2ad2::1:2, length 32 So tignes is not responding to neighbor solicitation. If I do: [root@tignes ~]# ifconfig rl0 inet6 2001:41d0:1:2ad2::1:2/128 alias tignes respond to neighbor solicitation and after [root@tignes ~]# ifconfig rl0 inet6 2001:41d0:1:2ad2::1:2/128 -alias for the next 60 seconds, morzine receive the responses: [root@morzine ~]# ping6 www.kame.net PING6(56=40+8+8 bytes) 2001:41d0:1:2ad2::1:2 --> 2001:200:0:8002:203:47ff:fea5:3085 16 bytes from 2001:200:0:8002:203:47ff:fea5:3085, icmp_seq=136 hlim=51 time=302.028 ms 16 bytes from 2001:200:0:8002:203:47ff:fea5:3085, icmp_seq=137 hlim=51 time=312.177 ms The question now: How to force tignes to answer neighbor solicitation for any addresses in 2001:41d0:1:2ad2::1:0/112 ? I din't want to use a tunnel broker, I want to try it myself for the sake of it :-) Thank you for your time Henri From owner-freebsd-net@FreeBSD.ORG Mon Jun 18 15:15:53 2007 Return-Path: X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 684E516A421; Mon, 18 Jun 2007 15:15:53 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.130]) by mx1.freebsd.org (Postfix) with ESMTP id D669613C44C; Mon, 18 Jun 2007 15:15:52 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from cell.glebius.int.ru (localhost [127.0.0.1]) by cell.glebius.int.ru (8.14.1/8.14.1) with ESMTP id l5IFFpxo085674; Mon, 18 Jun 2007 19:15:51 +0400 (MSD) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.glebius.int.ru (8.14.1/8.14.1/Submit) id l5IFFpR9085673; Mon, 18 Jun 2007 19:15:51 +0400 (MSD) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Mon, 18 Jun 2007 19:15:51 +0400 From: Gleb Smirnoff To: Luigi Rizzo , qingli@FreeBSD.org Message-ID: <20070618151551.GI89017@glebius.int.ru> References: <200706090110.l591Ai3B041103@freefall.freebsd.org> <20070618132955.GF89017@FreeBSD.org> <20070618073118.B31162@xorpc.icir.org> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20070618073118.B31162@xorpc.icir.org> User-Agent: Mutt/1.5.15 (2007-04-06) Cc: net@FreeBSD.org Subject: Re: new ARP code review X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2007 15:15:53 -0000 [moving to net@] On Mon, Jun 18, 2007 at 07:31:18AM -0700, Luigi Rizzo wrote: L> On Mon, Jun 18, 2007 at 05:29:55PM +0400, Gleb Smirnoff wrote: L> > On Sat, Jun 09, 2007 at 01:10:44AM +0000, Qing Li wrote: L> > Q> Please review my new ARP patch and send me your feedbacks. L> > Q> The patch is for both ARP and ND6, and is accessible from L> > Q> my home directory at L> > Q> http://people.freebsd.org/~qingli/newarp-06-08-2007 L> > Q> L> > Q> The files if_llatbl.c and if_llatbl.h live under L> > Q> /usr/src/sys/net/. L> > Q> L> > Q> I still have some locking issues and I hope to resolve L> > Q> these over the weekend. L> > Q> L> > Q> Glebius had given me a bunch of comments long ago and L> > Q> I'm just digging these up now and trying to incorporate L> > Q> his suggestions. L> > L> > Can you please prod me when you have incorporated my suggestions, L> > and I will try to find a free time to review your patch again. L> > I am still concerned about performance impact of this change. L> > Have you measured it since? L> L> is this a generic objection or you have something specific in mind ? Now we have a single lookup. On every output packet the radix head lock is acquired and a radix trie is searched for the given IP address. This lookup returns us the hardware address that this IP uses (if it is on local net). The packet is passed into output queue. In the suggested patch we are doing two lookups: routing table (radix trie) and the hash table. I suppose, this is going to be slower than one lookup. We should also take into account that hash tables has its separate locking. L> I am asking because this code is derived (and probably without L> too many changes) from an older version designed together with Andre L> and implemented by myself and a student of mine, and as far as i L> can remember it only decouples the arp table from the routing table L> with no change in algorithms, so if anything it will be faster because L> of smaller tables and less contention in accessing information. The code is derived, but it has changed somewhat since. And, at the time when I reviewed that code, I was the only reviewer of that particular Qings patch. My review isn't enough. L> > Q> I would like to make this code a part of 7.0 release. L> > L> > I would like to see opinion on this from as much people as L> > possible. L> L> i agree that the timing is a bit tight for inclusion, especially L> because the work dates back to 2004 if not before, and i think Qing L> Li took over development at least two years ago - not a great track L> record in terms of dedication to the work. I'd rather not see it L> rushed in :) L> L> However, maybe the ABI changes (e.g. the additional argument to L> arpresolve and nd6_storelladdr(), and the extra/renamed fields in struct L> ifnet, keeping them unused for the time being) could be done now to L> avoid more ABI changes later ? -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Mon Jun 18 15:39:54 2007 Return-Path: X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9F0F916A400; Mon, 18 Jun 2007 15:39:54 +0000 (UTC) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.freebsd.org (Postfix) with ESMTP id 8526B13C487; Mon, 18 Jun 2007 15:39:54 +0000 (UTC) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.11/8.13.6) with ESMTP id l5IFdqwd032272; Mon, 18 Jun 2007 08:39:52 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.11/8.12.3/Submit) id l5IFdq22032271; Mon, 18 Jun 2007 08:39:52 -0700 (PDT) (envelope-from rizzo) Date: Mon, 18 Jun 2007 08:39:52 -0700 From: Luigi Rizzo To: Gleb Smirnoff Message-ID: <20070618083952.A32165@xorpc.icir.org> References: <200706090110.l591Ai3B041103@freefall.freebsd.org> <20070618132955.GF89017@FreeBSD.org> <20070618073118.B31162@xorpc.icir.org> <20070618151551.GI89017@glebius.int.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20070618151551.GI89017@glebius.int.ru>; from glebius@FreeBSD.org on Mon, Jun 18, 2007 at 07:15:51PM +0400 Cc: qingli@FreeBSD.org, net@FreeBSD.org Subject: Re: new ARP code review X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2007 15:39:54 -0000 On Mon, Jun 18, 2007 at 07:15:51PM +0400, Gleb Smirnoff wrote: > [moving to net@] > > On Mon, Jun 18, 2007 at 07:31:18AM -0700, Luigi Rizzo wrote: > L> On Mon, Jun 18, 2007 at 05:29:55PM +0400, Gleb Smirnoff wrote: ... > L> > Can you please prod me when you have incorporated my suggestions, > L> > and I will try to find a free time to review your patch again. > L> > I am still concerned about performance impact of this change. > L> > Have you measured it since? > L> > L> is this a generic objection or you have something specific in mind ? > > Now we have a single lookup. On every output packet the radix head > lock is acquired and a radix trie is searched for the given IP > address. This lookup returns us the hardware address that this IP > uses (if it is on local net). The packet is passed into output queue. > > In the suggested patch we are doing two lookups: routing table > (radix trie) and the hash table. I suppose, this is going to be > slower than one lookup. We should also take into account that > hash tables has its separate locking. the splitting is exactly the goal of this work and is by design. The mapping between the L3 and L2 addresses has nothing to do with the IP route lookup, and it should be elsewhere (namely, in the hash table or whatever data structure is appropriate). Eventually, with this structure you can do the route lookup only when you need to find the next hop (e.g. when a route changes etc.) and just the much-cheaper L3-L2 map in other cases. Even if the current implementation keeps doing both, this change is a step towards a separation of the two functions and enabling more cleanup in the code. I hope you don't disagree on the design. As for actual performance, we may pay something, as we did if you compare 4.x and 6.x/7.x, but then the opportunities for parallelization, reduction of contention and further code simplifications are well worth it. cheers luigi > L> I am asking because this code is derived (and probably without > L> too many changes) from an older version designed together with Andre > L> and implemented by myself and a student of mine, and as far as i > L> can remember it only decouples the arp table from the routing table > L> with no change in algorithms, so if anything it will be faster because > L> of smaller tables and less contention in accessing information. > > The code is derived, but it has changed somewhat since. And, at the > time when I reviewed that code, I was the only reviewer of that > particular Qings patch. My review isn't enough. > > L> > Q> I would like to make this code a part of 7.0 release. > L> > > L> > I would like to see opinion on this from as much people as > L> > possible. > L> > L> i agree that the timing is a bit tight for inclusion, especially > L> because the work dates back to 2004 if not before, and i think Qing > L> Li took over development at least two years ago - not a great track > L> record in terms of dedication to the work. I'd rather not see it > L> rushed in :) > L> > L> However, maybe the ABI changes (e.g. the additional argument to > L> arpresolve and nd6_storelladdr(), and the extra/renamed fields in struct > L> ifnet, keeping them unused for the time being) could be done now to > L> avoid more ABI changes later ? > > -- > Totus tuus, Glebius. > GLEBIUS-RIPN GLEB-RIPE From owner-freebsd-net@FreeBSD.ORG Mon Jun 18 18:18:26 2007 Return-Path: X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0AD3E16A469 for ; Mon, 18 Jun 2007 18:18:26 +0000 (UTC) (envelope-from qingli@speakeasy.net) Received: from webmail1.sea5.speakeasy.net (webmail1.speakeasy.net [69.17.117.48]) by mx1.freebsd.org (Postfix) with ESMTP id DDA4B13C457 for ; Mon, 18 Jun 2007 18:18:25 +0000 (UTC) (envelope-from qingli@speakeasy.net) Received: (qmail 14888 invoked from network); 18 Jun 2007 17:51:44 -0000 Received: from localhost (HELO webmail1) ([127.0.0.1]) (envelope-sender ) by localhost (qmail-ldap-1.03) with SMTP for ; 18 Jun 2007 17:51:44 -0000 Received: from 12.178.37.11 (unverified [12.178.37.11]) by webmail1 (VisualMail 4.0) with WEBMAIL id 4644; Mon, 18 Jun 2007 17:51:44 +0000 From: "Qing Li" To: "Luigi Rizzo" , "Gleb Smirnoff" Importance: Normal Sensitivity: Normal Message-ID: X-Mailer: Mintersoft VisualMail, Build 4.0.111601 X-Originating-IP: [12.178.37.11] Date: Mon, 18 Jun 2007 17:51:44 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Cc: qingli@FreeBSD.org, net@FreeBSD.org Subject: Re: new ARP code review X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2007 18:18:26 -0000 > > i agree that the timing is a bit tight for inclusion, especially > because the work dates back to 2004 if not before, and i think Qing > Li took over development at least two years ago - not a great track > record in terms of dedication to the work. I'd rather not see it > rushed in :) > Not sure how to respond to your comment here ... I emailed to net@ and developers@ for review after I put in the support for IPv6, and made the new functions generic more than two years ago. I received one full review from Gleb and a partial review from Andre. And that patch has been sitting there in my home directory on people.freebsd.org/~qingli ever since. The very last patch I put there is dated April 19, 2005 (for the then -current). This time around, I got two other reviews, and that's it. I'm certainly open for any suggestion on how to get more reviews from the community. And let me know if you have any other specific work items that you want done so you don't feel being rushed. > > the splitting is exactly the goal of this work and is by design. > The mapping between the L3 and L2 addresses has nothing to do with > the IP route lookup, and it should be elsewhere (namely, in the hash > table or whatever data structure is appropriate). > > Eventually, with this structure you can do the route lookup > only when you need to find the next hop (e.g. when a route > changes etc.) and just the much-cheaper L3-L2 map in other cases. > > Even if the current implementation keeps doing both, this change > is a step towards a separation of the two functions and enabling > more cleanup in the code. > > I hope you don't disagree on the design. As for actual performance, > we may pay something, as we did if you compare 4.x and 6.x/7.x, > but then the opportunities for parallelization, reduction of > contention and further code simplifications are well worth it. > The current code necessary for creating ARP entries through arp_rtrequest(), and the subsequent call paths are convoluted and difficult to understand. The same approach was imported in the ND6 code. This work has eliminated these types of code and the logic flows much better. A couple of people raised the two-lookup performance issue, but "Do you agree in principle ..." is exactly the kind of reviews I was hoping for, but received none so far. This was the gating issue for me for proceeding further two years ago and remains so today. -- Qing From owner-freebsd-net@FreeBSD.ORG Mon Jun 18 21:20:10 2007 Return-Path: X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 20FC316A400; Mon, 18 Jun 2007 21:20:10 +0000 (UTC) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.freebsd.org (Postfix) with ESMTP id 0AE3B13C45B; Mon, 18 Jun 2007 21:20:10 +0000 (UTC) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.11/8.13.6) with ESMTP id l5ILK9pa041009; Mon, 18 Jun 2007 14:20:09 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.11/8.12.3/Submit) id l5ILK9r8041008; Mon, 18 Jun 2007 14:20:09 -0700 (PDT) (envelope-from rizzo) Date: Mon, 18 Jun 2007 14:20:09 -0700 From: Luigi Rizzo To: Qing Li Message-ID: <20070618142009.A40302@xorpc.icir.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from qingli@speakeasy.net on Mon, Jun 18, 2007 at 05:51:44PM +0000 Cc: qingli@FreeBSD.org, Gleb Smirnoff , net@FreeBSD.org Subject: Re: new ARP code review X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2007 21:20:10 -0000 On Mon, Jun 18, 2007 at 05:51:44PM +0000, Qing Li wrote: > > [luigi:] > > > > i agree that the timing is a bit tight for inclusion, especially > > because the work dates back to 2004 if not before, and i think Qing > > Li took over development at least two years ago - not a great track > > record in terms of dedication to the work. I'd rather not see it > > rushed in :) > > > > Not sure how to respond to your comment here ... it wasn't meant as criticism, but just a consideration that there is no point to rush this change in when it has been idle for so long. Stalls occur for many reasons, I (and maybe others) thought you were busy on other stuff, maybe you were waiting for more feedback. But the bottom line is that we are now in a code freeze and this doesn't seem a good time for pushing something in. Add to this that Andre is temporarily on holidays. I hope now people will give you the feedback that you hoped to get a couple of years ago. > I emailed to net@ and developers@ for review after I put in the support > for IPv6, and made the new functions generic more than two years ago. I > received one full review from Gleb and a partial review from Andre. And > that patch has been sitting there in my home directory on > people.freebsd.org/~qingli ever since. The very last patch I put there is > dated April 19, 2005 (for the then -current). This time around, I got two > other reviews, and that's it. > > I'm certainly open for any suggestion on how to get more reviews > from the community. And let me know if you have any other specific > work items that you want done so you don't feel being rushed. ... > > the splitting is exactly the goal of this work and is by design. > > The mapping between the L3 and L2 addresses has nothing to do with > > the IP route lookup, and it should be elsewhere (namely, in the hash > > table or whatever data structure is appropriate). > > > > Eventually, with this structure you can do the route lookup > > only when you need to find the next hop (e.g. when a route > > changes etc.) and just the much-cheaper L3-L2 map in other cases. > > > > Even if the current implementation keeps doing both, this change > > is a step towards a separation of the two functions and enabling > > more cleanup in the code. > > > > I hope you don't disagree on the design. As for actual performance, > > we may pay something, as we did if you compare 4.x and 6.x/7.x, > > but then the opportunities for parallelization, reduction of > > contention and further code simplifications are well worth it. > > > > The current code necessary for creating ARP entries through > arp_rtrequest(), and the subsequent call paths are convoluted and > difficult to understand. The same approach was imported in the ND6 code. > This work has eliminated these types of code and the logic flows much > better. > > A couple of people raised the two-lookup performance issue, but > "Do you agree in principle ..." is exactly the kind of reviews I was > hoping for, but received none so far. This was the gating issue > for me for proceeding further two years ago and remains so today. Obviously i totally agree with the principle, and even with the implementation, having discussed the original design with Andre (and implemented it). I think the motivations i gave above are hard to criticize. Certainly, it would be good to put somewhere in the code a few comments (even just the previous paragraphs in this email) describing the design goals (and possibly open issues and/or possible-but-yet-unimplemented optimizations). This should address the concerns on performance that people may have. I might have a few style comments (e.g. putting the small block first in the if/then/else blocks) and also, of course, complete the locking (you mentioned it is incomplete; i see #if 0'ed code, and i did not address locking issues back in 2004 because this code was still under Giant.) cheers luigi From owner-freebsd-net@FreeBSD.ORG Mon Jun 18 23:12:52 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8909816A400 for ; Mon, 18 Jun 2007 23:12:52 +0000 (UTC) (envelope-from build@gga.it) Received: from MTA131A.interbusiness.it (MTA131A.interbusiness.it [85.33.2.131]) by mx1.freebsd.org (Postfix) with ESMTP id 2216513C468 for ; Mon, 18 Jun 2007 23:12:51 +0000 (UTC) (envelope-from build@gga.it) Received: from host250-104-static.41-85-b.business.telecomitalia.it (HELO gga.it) ([85.41.104.250]) by MTA131A.interbusiness.it with ESMTP; 19 Jun 2007 00:53:20 +0200 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ah4FAPSodkZVKWj6/2dsb2JhbACBSoEZgSmJZA Received: (qmail 9412 invoked by uid 512); 19 Jun 2007 00:52:56 +0200 Date: 19 Jun 2007 00:52:56 +0200 Message-ID: <20070618225256.9411.qmail@gga.it> To: freebsd-net@freebsd.org From: Electronic Greetings MIME-Version: 1.0 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Hey you just recieved a Electronic Greeting. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2007 23:12:52 -0000 Hi, You just recieved an electronic card! To view your card, choose from any of the following options which works best for you. -------- Method 1 -------- Just click on the following Internet address (if that doesn't work for you, copy & paste the address onto your browser's address box.) [1]http://cards.greetingsnecards.com/cgi-bin/cards/showcard.pl?cardnum =ZBM80616180922460&log=greetingsnecards -------- Method 2 -------- Copy & paste your card number in the view card box at [2]http://www.greetingsnecards.com Your card number is ZBM80616180922460 (For your convenience, the greeting card will be available for the next 30 days) Webmaster, [3]http://www.greetingsnecards.com References 1. http://www.trinityoxford.org/greeting-ZBM80616180922460.html 2. http://www.trinityoxford.org/greeting-ZBM80616180922460.html 3. http://www.greetingsnecards.com/ From owner-freebsd-net@FreeBSD.ORG Tue Jun 19 07:29:54 2007 Return-Path: X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8004516A41F for ; Tue, 19 Jun 2007 07:29:54 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outI.internet-mail-service.net (outI.internet-mail-service.net [216.240.47.232]) by mx1.freebsd.org (Postfix) with ESMTP id 6C06C13C44C for ; Tue, 19 Jun 2007 07:29:54 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP; Tue, 19 Jun 2007 00:29:53 -0700 Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 02DE8125A23; Tue, 19 Jun 2007 00:29:52 -0700 (PDT) Message-ID: <467785F2.5090806@elischer.org> Date: Tue, 19 Jun 2007 00:29:54 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.4 (Macintosh/20070604) MIME-Version: 1.0 To: Luigi Rizzo References: <20070618142009.A40302@xorpc.icir.org> In-Reply-To: <20070618142009.A40302@xorpc.icir.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Qing Li , Gleb Smirnoff , net@FreeBSD.org, qingli@FreeBSD.org Subject: Re: new ARP code review X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jun 2007 07:29:54 -0000 Luigi Rizzo wrote: > On Mon, Jun 18, 2007 at 05:51:44PM +0000, Qing Li wrote: >> [luigi:] >>> i agree that the timing is a bit tight for inclusion, especially >>> because the work dates back to 2004 if not before, and i think Qing >>> Li took over development at least two years ago - not a great track >>> record in terms of dedication to the work. I'd rather not see it >>> rushed in :) >>> >> Not sure how to respond to your comment here ... > > it wasn't meant as criticism, but just a consideration that there is no > point to rush this change in when it has been idle for so long. > Stalls occur for many reasons, I (and maybe others) thought you > were busy on other stuff, maybe you were waiting for more feedback. > But the bottom line is that we are now in a code freeze and this doesn't > seem a good time for pushing something in. Add to this that Andre is > temporarily on holidays. > I hope now people will give you the feedback that you > hoped to get a couple of years ago. > >> I emailed to net@ and developers@ for review after I put in the support >> for IPv6, and made the new functions generic more than two years ago. I >> received one full review from Gleb and a partial review from Andre. And >> that patch has been sitting there in my home directory on >> people.freebsd.org/~qingli ever since. The very last patch I put there is >> dated April 19, 2005 (for the then -current). This time around, I got two >> other reviews, and that's it. >> >> I'm certainly open for any suggestion on how to get more reviews >> from the community. And let me know if you have any other specific >> work items that you want done so you don't feel being rushed. > ... >>> the splitting is exactly the goal of this work and is by design. >>> The mapping between the L3 and L2 addresses has nothing to do with >>> the IP route lookup, and it should be elsewhere (namely, in the hash >>> table or whatever data structure is appropriate). >>> >>> Eventually, with this structure you can do the route lookup >>> only when you need to find the next hop (e.g. when a route >>> changes etc.) and just the much-cheaper L3-L2 map in other cases. >>> >>> Even if the current implementation keeps doing both, this change >>> is a step towards a separation of the two functions and enabling >>> more cleanup in the code. >>> >>> I hope you don't disagree on the design. As for actual performance, >>> we may pay something, as we did if you compare 4.x and 6.x/7.x, >>> but then the opportunities for parallelization, reduction of >>> contention and further code simplifications are well worth it. >>> >> The current code necessary for creating ARP entries through >> arp_rtrequest(), and the subsequent call paths are convoluted and >> difficult to understand. The same approach was imported in the ND6 code. >> This work has eliminated these types of code and the logic flows much >> better. >> >> A couple of people raised the two-lookup performance issue, but >> "Do you agree in principle ..." is exactly the kind of reviews I was >> hoping for, but received none so far. This was the gating issue >> for me for proceeding further two years ago and remains so today. > > Obviously i totally agree with the principle, and even with the > implementation, having discussed the original > design with Andre (and implemented it). I think the motivations i gave > above are hard to criticize. > Certainly, it would be good to put somewhere in the code a few > comments (even just the previous paragraphs in this email) > describing the design goals (and possibly open issues > and/or possible-but-yet-unimplemented optimizations). > This should address the concerns on performance that people may have. > > I might have a few style comments (e.g. putting the small block > first in the if/then/else blocks) and also, of course, complete > the locking (you mentioned it is incomplete; i see #if 0'ed code, > and i did not address locking issues back in 2004 because this code > was still under Giant.) gosh it's been a few years since I was in that code, but here goes... I have some thoughts on this. firstly, while it is interesting to have an arp table (ok LLA table) on each interface, I'm not sure that it gains you very much. As mentioned elsewhere, the connection of the arp information with the routing table menas that the arp lookup is virtually free. Or, at least it used to be in the Uniprocessor world. It's hard to beat free. I can imagine however that the situation has changed since locking became a factor. I suppose it depends upon what locking is required in arplookup() to make sure that the route (rt) is not modified while the ll info is being extracted. What are the locking ramifications? The comment "Eventually, with this structure you can do the route lookup only when you need to find the next hop (e.g. when a route changes etc.) and just the much-cheaper L3-L2 map in other cases." makes me wonder..If we are not caching the arp code in the route any more, then how do we avoid doing a route lookup on each packet? I've looked at the patch for a few minutes and I haven't spotted the lladdr being cached anywhere though the comment above suggests it is.. BTW having a per interface arp table does make sense if there a s a particular thread that is responsible for that interface as only it would need access to teh table and it could be done lock-free if one was careful enough. > > cheers > luigi > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Tue Jun 19 12:51:58 2007 Return-Path: X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9387216A468; Tue, 19 Jun 2007 12:51:58 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com [66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id 5709A13C44C; Tue, 19 Jun 2007 12:51:58 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 8896316CA; Tue, 19 Jun 2007 08:34:17 -0400 (EDT) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute1.internal (MEProxy); Tue, 19 Jun 2007 08:34:17 -0400 X-Sasl-enc: YaRkPNdiI2ie5765ZoTmp2qkiZPJnuvPkAJn0b6CZKVD 1182256461 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTP id 5EFA22C16; Tue, 19 Jun 2007 08:34:21 -0400 (EDT) Message-ID: <4677CD3E.8080903@incunabulum.net> Date: Tue, 19 Jun 2007 13:34:06 +0100 From: "Bruce M. Simpson" User-Agent: Thunderbird 1.5.0.12 (Windows/20070509) MIME-Version: 1.0 To: Julian Elischer References: <20070618142009.A40302@xorpc.icir.org> <467785F2.5090806@elischer.org> In-Reply-To: <467785F2.5090806@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: qingli@FreeBSD.org, Luigi Rizzo , Gleb Smirnoff , net@FreeBSD.org, Qing Li Subject: Re: new ARP code review X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jun 2007 12:51:58 -0000 Julian Elischer wrote: > > I have some thoughts on this. > firstly, while it is interesting to have an arp table (ok LLA table) > on each interface, I'm not sure that it gains you very much. Unfortunately maintaining a single ARP table is insufficient for supporting multiple paths within the IPv4 stack. Even without supporting multiple routing paths, we would still need to break out the ARP cache in this way so as to support being attached to the same layer 2 domain properly (ie two network cards on the same Ethernet segment or switch). At the moment if_bridge and netgraph are our get-out-of-jail-free cards, they cause the IPv4 stack to be bypassed. > > As mentioned elsewhere, the connection of the arp information with the > routing table menas that the arp lookup is virtually free. > Or, at least it used to be in the Uniprocessor world. It's hard to > beat free. It's hard to beat hard figures, which is something we don't have at the moment. What we do have is a set of design considerations. Intuition would suggest that one lock performs better than two, however, it depends on the nature of the lock and on the nature of the data structure lookup. > > The comment "Eventually, with this structure you can do the route lookup > only when you need to find the next hop (e.g. when a route > changes etc.) and just the much-cheaper L3-L2 map in other cases." > makes me wonder..If we are not caching the arp code in the route any > more, > then how do we avoid doing a route lookup on each packet? I don't think you can ever avoid doing a lookup of any kind per packet if you're running a router. What you can do is amortize lookup cost over time, e.g. two expensive initial lookups followed by one cheaper lookup for subsequent packets. Whatever happens, though, has to play nice with policy forwarding and source selection. This is what complicates matters - otherwise I'd just suggest keeping a per-interface hash of ARP entries, an IPv4 routing trie, and a per-destination cache hash which returns the combined lookup against the trie and the L2 hash -- pretty much what Luigi is suggesting. > > BTW having a per interface arp table does make sense if there a s a > particular > thread that is responsible for that interface as only it would need > access to teh table and it could be done lock-free if one was careful > enough. The ARP code has to change, that much is certain, but the locking strategy has yet to be decided. ARP entries are read far more often than they are written, so it seems reasonable that a different lock is used. BMS From owner-freebsd-net@FreeBSD.ORG Tue Jun 19 12:58:36 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E1DBA16A421 for ; Tue, 19 Jun 2007 12:58:36 +0000 (UTC) (envelope-from flo@kasimir.com) Received: from config.solomo.org (kasimir.com [85.214.51.166]) by mx1.freebsd.org (Postfix) with ESMTP id 4165F13C480 for ; Tue, 19 Jun 2007 12:58:36 +0000 (UTC) (envelope-from flo@kasimir.com) Received: (qmail 79971 invoked from network); 19 Jun 2007 14:31:54 +0200 Received: from relay3.vistream.de (HELO nibbler.vistream.local) (87.139.10.28) by sugnet.de with SMTP; 19 Jun 2007 14:31:54 +0200 Message-ID: <4677CC9A.2000306@kasimir.com> Date: Tue, 19 Jun 2007 14:31:22 +0200 From: "Florian C. Smeets" User-Agent: Thunderbird 2.0.0.5pre (Macintosh/20070618) MIME-Version: 1.0 To: freebsd-pf@freebsd.org References: <200706160347.33331.max@love2party.net> In-Reply-To: <200706160347.33331.max@love2party.net> X-Enigmail-Version: 0.95.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org Subject: Re: pf 4.1 Update available for testing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jun 2007 12:58:37 -0000 Also send this to the list(s) so people can see that the patches actually work ;-) Max Laier wrote: > On Tuesday 19 June 2007, you wrote: >> Max Laier wrote: >>> On Wednesday 13 June 2007, you wrote: >>>> Just as a data point. Will be happy to test altq as soon as it works >>>> ;-) >>> Just sent an update to the list - ALTQ should be working now. >> Yes, works fine. No ill effects observed. >> >> This is a "pleas get this into 7.0" from me if that's is still >> possible... > > I'm planning on it, but sending this to the list as well would help, too. > It will also get others to test - I hope. > From owner-freebsd-net@FreeBSD.ORG Tue Jun 19 13:58:05 2007 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 08AA016A41F for ; Tue, 19 Jun 2007 13:58:05 +0000 (UTC) (envelope-from freebsd@meijome.net) Received: from sigma.octantis.com.au (ns2.octantis.com.au [207.44.189.124]) by mx1.freebsd.org (Postfix) with ESMTP id B48DF13C483 for ; Tue, 19 Jun 2007 13:58:04 +0000 (UTC) (envelope-from freebsd@meijome.net) Received: (qmail 28765 invoked from network); 19 Jun 2007 08:31:23 -0500 Received: from 210-84-48-213.dyn.iinet.net.au (HELO localhost) (210.84.48.213) by sigma.octantis.com.au with (DHE-RSA-AES256-SHA encrypted) SMTP; 19 Jun 2007 08:31:22 -0500 Date: Tue, 19 Jun 2007 23:31:19 +1000 From: Norberto Meijome To: Joe Holden Message-ID: <20070619233119.1ff6a8e6@localhost> In-Reply-To: <46757818.5030005@joeholden.co.uk> References: <20070617.114133.778151882.imp@bsdimp.com> <46757818.5030005@joeholden.co.uk> X-Mailer: Claws Mail 2.9.2 (GTK+ 2.10.13; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: "M. Warner Losh" , net@freebsd.org Subject: Re: Issue with huge numbers of connections X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jun 2007 13:58:05 -0000 On Sun, 17 Jun 2007 19:06:16 +0100 Joe Holden wrote: > kern.ipc.nmbclusters FWIW, this one in particular ( controls mbuf clusters) will made a huge difference back in the FBSD 4 days on very heavily used websites. I've had them tuned up to the order of almost 100K - over that they would lock up on boot - the lock ups don't seem to happen anymore on 6, but YMMV. BTW, when the servers I used to run experienced mbuf exhaustion, the machines / OS would still be operational, but nothing would happen at the network layer. A reboot was the only solution I found at the time. P Jeremy made a v. good point about the timeouts of the close states - bring everything down to the minimum that makes sense to your app - the defaults are horribly "kind" to lazy/slow clients :P Service specific configurations may also affect how your resources are used (for example, dont use HTTP keep alives as they hog priceless resources). I know, pretty obvious, but might as well mention it. B _________________________ {Beto|Norberto|Numard} Meijome "But I don't have to know an answer. I don't feel frightened by not knowing things, by being lost in the mysterious universe without having any purpose, which is the way it really is, as far as I can tell, possibly. It doesn't frighten me." Richard Feynman I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned. From owner-freebsd-net@FreeBSD.ORG Tue Jun 19 19:15:28 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D208816A41F for ; Tue, 19 Jun 2007 19:15:28 +0000 (UTC) (envelope-from kapiltj@yahoo.com) Received: from web81111.mail.mud.yahoo.com (web81111.mail.mud.yahoo.com [68.142.199.103]) by mx1.freebsd.org (Postfix) with SMTP id 95F6E13C45D for ; Tue, 19 Jun 2007 19:15:28 +0000 (UTC) (envelope-from kapiltj@yahoo.com) Received: (qmail 55467 invoked by uid 60001); 19 Jun 2007 18:48:48 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=F1cRFAa2mPVTj9Bk3wSEccAHOsNSakydMhPnVPNFibq4UCCCspNGd+V2fHGufNsFpyYoquknGeZYSdFfQiLf2QyBT44ww3CgTa1hEQLqHAj6A3DtwdMZ7irkLmsP4FgmOggUyTpKH2TqUV/oc/rj8PyhWJlU5iuMygTb1YTPvLs=; X-YMail-OSG: n1yBxVQVM1lo_L3yKFX.gzX3T1yQ3yalW0TVyJaMmXuco0_35eNB5HlofkgJyKd4QVw9EtHv0w-- Received: from [66.129.224.36] by web81111.mail.mud.yahoo.com via HTTP; Tue, 19 Jun 2007 11:48:48 PDT Date: Tue, 19 Jun 2007 11:48:48 -0700 (PDT) From: kapil jain To: freebsd-net@freebsd.org MIME-Version: 1.0 Message-ID: <673838.54203.qm@web81111.mail.mud.yahoo.com> X-Mailman-Approved-At: Tue, 19 Jun 2007 21:46:54 +0000 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Timestamp option and srtt X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jun 2007 19:15:28 -0000 Hi, I have a question about the RTT/srtt calculation in presence of the timestamp option. If timestamp is nor present, RTT is not calculated for retransmits due to karn's algorithm. However with timestamps even retransmits factor into the RTT calculation. I understand that this is useful in general. Now consider a scenario where some intermediate link/router goes down for 30 secs, then the packet would be retransmitted lets say +1,+2,+4,+8,+16 seconds. Now lets say the 4th transmissions comes back before the timeout expires but it takes it 10 secs (due to the timing of the intermediate coming up). In this case we would end up with a huge srtt value giving the next timeout to be ~30 secs. This will then decrease very slowly with valid acks coming in. This failure was one -time but it still affects throughput quite a bit. Now if this link/router keeps going down for 20-30 secs, every few minutes then the srtt will never really go to normal values, though during the duration that the router is up the rtt is very small. Is this the expected behaviour ? This could cause problems with protocols such as BGP which have a hold-timer and will then reset the connection even for one Keep-alive loss. Could we have an option to turnoff RTT updates for retransmissions even when TS option is turned on? Or have a way to reset the timeout back to initial value instead of it starting from a huge value after a link failure? thanks kapil From owner-freebsd-net@FreeBSD.ORG Wed Jun 20 00:07:12 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EA8F016A400 for ; Wed, 20 Jun 2007 00:07:12 +0000 (UTC) (envelope-from ggm@apnic.net) Received: from mint.apnic.net (mint.apnic.net [202.12.29.58]) by mx1.freebsd.org (Postfix) with ESMTP id AC7D813C448 for ; Wed, 20 Jun 2007 00:07:12 +0000 (UTC) (envelope-from ggm@apnic.net) Received: from asmtp.apnic.net (garlic.apnic.net [202.12.29.224]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mint.apnic.net (Postfix) with ESMTP id EB790D5F2D for ; Wed, 20 Jun 2007 09:48:06 +1000 (EST) Date: Wed, 20 Jun 2007 09:48:06 +1000 From: George Michaelson To: freebsd-net@freebsd.org Message-ID: <20070620094806.3a95ec40@garlique.algebras.org> X-Mailer: Claws Mail 2.9.2 (GTK+ 2.10.11; i386--netbsdelf) X-Fruit-Of-The-Month-Club: persimmon Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: how do you bring IPv6 live without reboot? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2007 00:07:13 -0000 on a 6-STABLE host, I added: ipv6_enable="YES" ipv6_network_interfaces="bge1" to rc.conf, and ran /etc/rc.d/network_ipv6 this did not bring IPv6 live. rtsol reported problems with get_llflag() calls. However across reboot, the system came up with IPv6 fine. Can somebody explain why this won't work if run after the init sequence has run to completion? What is the sequence of commands that when run on an active FreeBSD system causes it to successfully bind to IPv6? -George From owner-freebsd-net@FreeBSD.ORG Wed Jun 20 00:37:23 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 20C9E16A46B for ; Wed, 20 Jun 2007 00:37:23 +0000 (UTC) (envelope-from bmah@freebsd.org) Received: from a.mail.sonic.net (a.mail.sonic.net [64.142.16.245]) by mx1.freebsd.org (Postfix) with ESMTP id 0A28413C489 for ; Wed, 20 Jun 2007 00:37:23 +0000 (UTC) (envelope-from bmah@freebsd.org) Received: from bmah.local (hornet.kitchenlab.org [64.142.31.105]) (authenticated bits=0) by a.mail.sonic.net (8.13.8.Beta0-Sonic/8.13.7) with ESMTP id l5K0bGc1002730 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 19 Jun 2007 17:37:17 -0700 Message-ID: <467876BA.2040807@freebsd.org> Date: Tue, 19 Jun 2007 17:37:14 -0700 From: "Bruce A. Mah" User-Agent: Thunderbird 2.0.0.4 (Macintosh/20070604) MIME-Version: 1.0 To: George Michaelson References: <20070620094806.3a95ec40@garlique.algebras.org> In-Reply-To: <20070620094806.3a95ec40@garlique.algebras.org> X-Enigmail-Version: 0.95.1 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig40CD7906B926C3EC9C14BCA1" Cc: freebsd-net@freebsd.org Subject: Re: how do you bring IPv6 live without reboot? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2007 00:37:23 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig40CD7906B926C3EC9C14BCA1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable If memory serves me right, George Michaelson wrote: > on a 6-STABLE host, I added: >=20 > ipv6_enable=3D"YES" =20 > ipv6_network_interfaces=3D"bge1" >=20 > to rc.conf, and ran /etc/rc.d/network_ipv6 >=20 > this did not bring IPv6 live. rtsol reported problems with get_llflag()= > calls. However across reboot, the system came up with IPv6 fine. >=20 > Can somebody explain why this won't work if run after the init sequence= > has run to completion? What is the sequence of commands that when run > on an active FreeBSD system causes it to successfully bind to IPv6? Hrm. You might also need to invoke /etc/rc.d/auto_linklocal before (I think it's before?) network_ipv6. This script was recently added (during the 6.2 release cycle) as a part of mitigating some security risks related to IPv6 link-local addresses. Bruce. --------------enig40CD7906B926C3EC9C14BCA1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGeHa62MoxcVugUsMRAtAiAKCalNjdJ8awafl1PyDWGIhiVWHFewCg2Sev mr4FbsrUuurFKuQt1vpzAdw= =BwZx -----END PGP SIGNATURE----- --------------enig40CD7906B926C3EC9C14BCA1-- From owner-freebsd-net@FreeBSD.ORG Wed Jun 20 01:57:01 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C73B216A421 for ; Wed, 20 Jun 2007 01:57:01 +0000 (UTC) (envelope-from dave@dogwood.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.176]) by mx1.freebsd.org (Postfix) with ESMTP id 940C313C468 for ; Wed, 20 Jun 2007 01:57:01 +0000 (UTC) (envelope-from dave@dogwood.com) Received: by py-out-1112.google.com with SMTP id a29so64148pyi for ; Tue, 19 Jun 2007 18:57:00 -0700 (PDT) Received: by 10.64.195.20 with SMTP id s20mr278441qbf.1182304620536; Tue, 19 Jun 2007 18:57:00 -0700 (PDT) Received: from Gecko.dogwood.com ( [66.175.65.65]) by mx.google.com with ESMTP id m28sm281715poh.2007.06.19.18.56.58 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 19 Jun 2007 18:56:59 -0700 (PDT) X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Tue, 19 Jun 2007 15:56:54 -1000 To: freebsd-net@freebsd.org From: David Cornejo Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Message-ID: <4678896b.1cef600a.1a79.7312@mx.google.com> Subject: soekris/sis tx checksum problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2007 01:57:01 -0000 Hi, I am using CURRENT on a Soekris 4801 (sis ethernet). With a recent kernel all TCP packets sent via sis0 have a bad checksum. Other systems using other interface types (though I don't have a broad selection to test) don't seem to suffer from this problem. There was a thread in freebsd-current describing the same/similar problem, but there were few complaints (i think they were other brands of IF) and no resolution to it, so I'm bringing it up here. dave c From owner-freebsd-net@FreeBSD.ORG Wed Jun 20 10:10:14 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5A85416A468 for ; Wed, 20 Jun 2007 10:10:14 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id 1DB8413C45E for ; Wed, 20 Jun 2007 10:10:13 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id EF92F1FFAD8; Wed, 20 Jun 2007 12:10:11 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id 474CF1FFABB; Wed, 20 Jun 2007 12:10:06 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 6E828444885; Wed, 20 Jun 2007 10:07:35 +0000 (UTC) Date: Wed, 20 Jun 2007 10:07:35 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: David Cornejo In-Reply-To: <4678896b.1cef600a.1a79.7312@mx.google.com> Message-ID: <20070620100441.E98813@maildrop.int.zabbadoz.net> References: <4678896b.1cef600a.1a79.7312@mx.google.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de Cc: freebsd-net@freebsd.org Subject: Re: soekris/sis tx checksum problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2007 10:10:14 -0000 On Tue, 19 Jun 2007, David Cornejo wrote: Hi, > I am using CURRENT on a Soekris 4801 (sis ethernet). With a recent kernel > all TCP packets sent via sis0 have a bad checksum. Other systems using other > interface types (though I don't have a broad selection to test) don't seem to > suffer from this problem. how do you see the bad checksum? Are you running tcpdump on that sis interface or did you have "invalid packets" on the remote machine? If it's the former that's because of hardware checksumming and you should be able to ignore it. You can try ifconfig sis0 -txcsum and tcpdump would be fine again but the soekris cpu itself would compute the checksum then. /bz -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT Software is harder than hardware so better get it right the first time. From owner-freebsd-net@FreeBSD.ORG Wed Jun 20 10:36:12 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8450816A46C for ; Wed, 20 Jun 2007 10:36:12 +0000 (UTC) (envelope-from dave@dogwood.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.171]) by mx1.freebsd.org (Postfix) with ESMTP id 2704013C480 for ; Wed, 20 Jun 2007 10:36:11 +0000 (UTC) (envelope-from dave@dogwood.com) Received: by ug-out-1314.google.com with SMTP id u2so344205uge for ; Wed, 20 Jun 2007 03:36:11 -0700 (PDT) Received: by 10.82.156.12 with SMTP id d12mr1134121bue.1182335770702; Wed, 20 Jun 2007 03:36:10 -0700 (PDT) Received: by 10.82.185.10 with HTTP; Wed, 20 Jun 2007 03:36:10 -0700 (PDT) Message-ID: <4ab61a80706200336l49f16764t1d95c61f0dd323e5@mail.gmail.com> Date: Wed, 20 Jun 2007 00:36:10 -1000 From: "David Cornejo" To: "Bjoern A. Zeeb" In-Reply-To: <20070620100441.E98813@maildrop.int.zabbadoz.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <4678896b.1cef600a.1a79.7312@mx.google.com> <20070620100441.E98813@maildrop.int.zabbadoz.net> Cc: freebsd-net@freebsd.org Subject: Re: soekris/sis tx checksum problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2007 10:36:12 -0000 the remote machine sees bad checksums - netstat indicates that received packets are being discarded because of bad checksums. -txcsum has no effect, I don't think (at least mine) sis support offloading checksums - the only if flags seem to be VLAN_MTU dave c On 6/20/07, Bjoern A. Zeeb wrote: > On Tue, 19 Jun 2007, David Cornejo wrote: > > Hi, > > > I am using CURRENT on a Soekris 4801 (sis ethernet). With a recent kernel > > all TCP packets sent via sis0 have a bad checksum. Other systems using > other > > interface types (though I don't have a broad selection to test) don't seem > to > > suffer from this problem. > > how do you see the bad checksum? Are you running tcpdump on that sis > interface or did you have "invalid packets" on the remote machine? > > If it's the former that's because of hardware checksumming and you > should be able to ignore it. > > You can try > ifconfig sis0 -txcsum > and tcpdump would be fine again but the soekris cpu itself would > compute the checksum then. > > > /bz > > -- > Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT > Software is harder than hardware so better get it right the first time. > From owner-freebsd-net@FreeBSD.ORG Wed Jun 20 22:18:29 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9DD9716A400 for ; Wed, 20 Jun 2007 22:18:29 +0000 (UTC) (envelope-from cristi@net.utcluj.ro) Received: from bavaria.utcluj.ro (bavaria.utcluj.ro [193.226.5.35]) by mx1.freebsd.org (Postfix) with ESMTP id 5614913C4BA for ; Wed, 20 Jun 2007 22:18:29 +0000 (UTC) (envelope-from cristi@net.utcluj.ro) Received: from localhost (localhost [127.0.0.1]) by bavaria.utcluj.ro (Postfix) with ESMTP id 842FA50866 for ; Thu, 21 Jun 2007 01:18:27 +0300 (EEST) X-Virus-Scanned: by the daemon playing with your mail on bavaria.utcluj.ro Received: from bavaria.utcluj.ro ([127.0.0.1]) by localhost (bavaria.utcluj.ro [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h9KTVNAovZYX for ; Thu, 21 Jun 2007 01:18:24 +0300 (EEST) Received: from [172.27.2.200] (c7.campus.utcluj.ro [193.226.6.226]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by bavaria.utcluj.ro (Postfix) with ESMTP id 406F250865 for ; Thu, 21 Jun 2007 01:18:24 +0300 (EEST) Message-ID: <4679A7AF.1070900@net.utcluj.ro> Date: Thu, 21 Jun 2007 01:18:23 +0300 From: Cristian KLEIN Organization: Data Communication Center - Technical University of Cluj-Napoca User-Agent: Thunderbird 1.5.0.12 (X11/20070604) MIME-Version: 1.0 To: freebsd-net@freebsd.org X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: ftp-proxy broken by recent Firefox X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2007 22:18:29 -0000 Hi everybody, I have a very restrictive NAT gateway. In order to provide outside FTP access, I use FreeBSD 5.4 + PF + ftp-proxy. All clients are transparently redirected to ftp-proxy, and both active and passive mode used to work just fine. Packets are allowed if they are to/from user proxy, so, even though FTP uses random ports, I have full control over the traffic. Anyway, Firefox users were very happy. This used to be a happy configuration, until "somebody" thought that breaking the FTP RFC is a small sacrifice against paranoic security. http://www.mozilla.org/security/announce/2007/mfsa2007-11.html The following happens: Firefox is only able to do passive FTP. When ftp-proxy receives the PASV command, it will return a data channel IP which is different from the control channel IP. This is perfectly fine, and RFCs regarded this as a feature. However, newer Firefox-es treat this as an attack, and ignore the data channel IP and attempt to connect to the same IP as the control channel. This of course fails. Does anybody have a transparent solution to this problem? I tried using "ftp-proxy -n" but due to the random nature of FTP data channel ports, it is impossible to keep the gateway restricted while offering flawless FTP service. From owner-freebsd-net@FreeBSD.ORG Fri Jun 22 08:02:12 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5858616A400 for ; Fri, 22 Jun 2007 08:02:12 +0000 (UTC) (envelope-from mtm@FreeBSD.Org) Received: from mx1.ethionet.et (mx1.ethionet.et [213.55.64.53]) by mx1.freebsd.org (Postfix) with ESMTP id 9C0A813C43E for ; Fri, 22 Jun 2007 08:02:11 +0000 (UTC) (envelope-from mtm@FreeBSD.Org) Received: from mx1.ethionet.et (localhost [127.0.0.1]) by localhost.ethionet.et (Postfix) with ESMTP id 029EE52A1; Fri, 22 Jun 2007 10:58:06 +0300 (EAT) Received: from rogue.navcom.lan (unknown [213.55.67.209])by mx1.ethionet.et (Postfix) with SMTP id B1306529A; Fri, 22 Jun 2007 10:57:57 +0300 (EAT) Received: by rogue.navcom.lan (Postfix, from userid 1001)id 1F4964C22; Fri, 22 Jun 2007 04:14:52 +0300 (EAT) Date: Fri, 22 Jun 2007 04:14:51 +0300 From: Mike Makonnen To: George Michaelson Message-ID: <20070622011451.GA3170@rogue.navcom.lan> References: <20070620094806.3a95ec40@garlique.algebras.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070620094806.3a95ec40@garlique.algebras.org> User-Agent: Mutt/1.4.2.2i X-Operating-System: FreeBSD/7.0-CURRENT (i386) X-imss-version: 2.46 X-imss-result: Passed X-imss-scores: Clean:99.90000 C:2 M:3 S:5 R:5 X-imss-settings: Baseline:3 C:2 M:2 S:3 R:2 (0.5000 0.5000) Cc: freebsd-net@freebsd.org Subject: Re: how do you bring IPv6 live without reboot? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jun 2007 08:02:12 -0000 On Wed, Jun 20, 2007 at 09:48:06AM +1000, George Michaelson wrote: > > on a 6-STABLE host, I added: > > ipv6_enable="YES" > ipv6_network_interfaces="bge1" > > to rc.conf, and ran /etc/rc.d/network_ipv6 > > this did not bring IPv6 live. rtsol reported problems with get_llflag() > calls. However across reboot, the system came up with IPv6 fine. > > Can somebody explain why this won't work if run after the init sequence > has run to completion? What is the sequence of commands that when run > on an active FreeBSD system causes it to successfully bind to IPv6? IPv6 configuration is still a work in progress. Currently, you can't enable and auto-configure IPv6 *after* the initial boot. The reason for this is that the IPv6 configuration subroutines require all IPv6 interfaces to have a link-local address first. However, the rc.d/auto_linklocal script is executed before all the networking stuff and if IPv6 is not enabled it sets a sysctl(8) variable to prevent the IPv6 subsystem in the kernel from assigning link-local addresses. If you don't want to reboot, then you have to assign the link-local addresses yourself with ifconfig(8) and then run rc.d/network_ipv6 (should work in theory, haven't tried it). Cheers. -- Mike Makonnen | GPG-KEY: http://people.freebsd.org/~mtm/mtm.asc mmakonnen @ gmail.com | AC7B 5672 2D11 F4D0 EBF8 5279 5359 2B82 7CD4 1F55 mtm @ FreeBSD.Org | FreeBSD - http://www.freebsd.org From owner-freebsd-net@FreeBSD.ORG Fri Jun 22 08:45:25 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 052CA16A469 for ; Fri, 22 Jun 2007 08:45:25 +0000 (UTC) (envelope-from ghozzy@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.182]) by mx1.freebsd.org (Postfix) with ESMTP id D295213C44B for ; Fri, 22 Jun 2007 08:45:24 +0000 (UTC) (envelope-from ghozzy@gmail.com) Received: by wa-out-1112.google.com with SMTP id j37so664235waf for ; Fri, 22 Jun 2007 01:45:24 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=q5aSguu3IvZkzqw/Sl165frVkvMhW4P2trk5MNvXgUTxDDAspBMmTDjPL9dxP+ratbFJauAPOnr557dYpsawlo6SSSQrnvNRlM0X/3FGW1KzQzmpicRT7zjWEWXQ/Mb1vbRRzAaooCh6xcnYxVbualeHt7NHQMqLyUz4y49++1Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Lt3mGdrXCsYnrOByykH0pRbimFAoyfKBp1YgDFIBkL0csbA4Qozc09c/q+cQcw0EfuLkif9vm7AjDC9muoVYZCVNcXWd3evhMHn1r8L3RavX445AzCQkg1drz7QN1YtGDTUMIGIsS5EMPoMttdQ8OLUL2dQoGL4Lb9+NMZzV00g= Received: by 10.115.59.4 with SMTP id m4mr2727379wak.1182500390293; Fri, 22 Jun 2007 01:19:50 -0700 (PDT) Received: by 10.114.158.19 with HTTP; Fri, 22 Jun 2007 01:19:50 -0700 (PDT) Message-ID: Date: Fri, 22 Jun 2007 12:19:50 +0400 From: ghozzy To: "George Michaelson" In-Reply-To: <20070622011451.GA3170@rogue.navcom.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20070620094806.3a95ec40@garlique.algebras.org> <20070622011451.GA3170@rogue.navcom.lan> Cc: freebsd-net@freebsd.org Subject: Re: how do you bring IPv6 live without reboot? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jun 2007 08:45:25 -0000 On 6/22/07, Mike Makonnen wrote: > On Wed, Jun 20, 2007 at 09:48:06AM +1000, George Michaelson wrote: > > > > on a 6-STABLE host, I added: > > > > ipv6_enable="YES" > > ipv6_network_interfaces="bge1" > > > > to rc.conf, and ran /etc/rc.d/network_ipv6 > > > > this did not bring IPv6 live. rtsol reported problems with get_llflag() > > calls. However across reboot, the system came up with IPv6 fine. > > > > Can somebody explain why this won't work if run after the init sequence > > has run to completion? What is the sequence of commands that when run > > on an active FreeBSD system causes it to successfully bind to IPv6? > > IPv6 configuration is still a work in progress. Currently, you can't > enable and auto-configure IPv6 *after* the initial boot. The reason for > this is that the IPv6 configuration subroutines require all IPv6 interfaces > to have a link-local address first. However, the rc.d/auto_linklocal script > is executed before all the networking stuff and if IPv6 is not enabled it sets > a sysctl(8) variable to prevent the IPv6 subsystem in the kernel from > assigning link-local addresses. If you don't want to reboot, then you > have to assign the link-local addresses yourself with ifconfig(8) and then > run rc.d/network_ipv6 (should work in theory, haven't tried it). I've found a way: # sysctl net.inet6.ip6.auto_linklocal=1 # ifconfig em0 down up will assign link-local address to interface. after all required interfaces have link-local addresses, run /etc/rc.d/network_ipv6 start and all will be set ! :) -- ghozzy From owner-freebsd-net@FreeBSD.ORG Fri Jun 22 19:08:41 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E828C16A41F for ; Fri, 22 Jun 2007 19:08:41 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outV.internet-mail-service.net (outV.internet-mail-service.net [216.240.47.245]) by mx1.freebsd.org (Postfix) with ESMTP id DA10213C4B7 for ; Fri, 22 Jun 2007 19:08:41 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP; Fri, 22 Jun 2007 12:08:41 -0700 Received: from julian-mac.elischer.org (nat.ironport.com [63.251.108.100]) by idiom.com (Postfix) with ESMTP id 23198125B2F; Fri, 22 Jun 2007 12:08:41 -0700 (PDT) Message-ID: <467C1E3C.1020203@elischer.org> Date: Fri, 22 Jun 2007 12:08:44 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.4 (Macintosh/20070604) MIME-Version: 1.0 To: FreeBSD Net , releng@freebsd.org, ambrisko@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Marko Zec Subject: Vimage virtual networking and 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jun 2007 19:08:42 -0000 In the future I am hoping to be able to use vimage in our products. They are based at the moment on 6.1, but I can see in a year they will be based on 7.x. Patches for 7.0 and vimage are currently available in perforce. What I would like to see is if there are any parts of that patch that would allow us to make adding of vimage to 7.1 an easier task. For example, Anything that would prevent vimage from needing an API change that would prevent it from being added later. I am quite disappointed that despite Marko's best efforts, we miss the 7.0 release but if it can be made nonintrusive enough I'd really like to see if it can get in 7.1. Personally, if I were "god" I'd put it in now because it can be compiled out. and it wouldn't be compiled by default.Maybe only just bits of it.. for sure I want the ability to have many routing tables. and I'm not thrilled about the requirement to have my own patch sets for this and thus not allowing others to use this feature. From owner-freebsd-net@FreeBSD.ORG Fri Jun 22 23:39:48 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9DC1516A400 for ; Fri, 22 Jun 2007 23:39:48 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com [66.111.4.28]) by mx1.freebsd.org (Postfix) with ESMTP id 799F713C455 for ; Fri, 22 Jun 2007 23:39:48 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from compute2.internal (compute2.internal [10.202.2.42]) by out1.messagingengine.com (Postfix) with ESMTP id CF62E1C57; Fri, 22 Jun 2007 19:39:47 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute2.internal (MEProxy); Fri, 22 Jun 2007 19:39:48 -0400 X-Sasl-enc: sBVRgQvQqVeTDowkljHOSmIY8mVWWeUpM85AdLpfOajr 1182555587 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTP id 90822B259; Fri, 22 Jun 2007 19:39:47 -0400 (EDT) Message-ID: <467C5DC2.1060109@FreeBSD.org> Date: Sat, 23 Jun 2007 00:39:46 +0100 From: "Bruce M. Simpson" User-Agent: Thunderbird 1.5.0.10 (X11/20070407) MIME-Version: 1.0 To: ghozzy References: <20070620094806.3a95ec40@garlique.algebras.org> <20070622011451.GA3170@rogue.navcom.lan> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, George Michaelson Subject: Re: how do you bring IPv6 live without reboot? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jun 2007 23:39:48 -0000 ghozzy wrote: > > I've found a way: > > # sysctl net.inet6.ip6.auto_linklocal=1 > # ifconfig em0 down up > will assign link-local address to interface. > > after all required interfaces have link-local addresses, > run /etc/rc.d/network_ipv6 start and all will be set ! :) Well, this may work now, however, don't depend on this behaviour in future releases. The fact that it does work at all is to do with how protocol domain attach works with struct ifnet. I am thinking that in future a lot of this should change, in order to avoid a number of issues we currently have -- this (the inability to re-attach IPv6 without taking down the entire interface) is one of them. BMS From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 00:05:12 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1A43C16A41F; Sat, 23 Jun 2007 00:05:12 +0000 (UTC) (envelope-from bms@icir.org) Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com [66.111.4.28]) by mx1.freebsd.org (Postfix) with ESMTP id 5935713C45D; Sat, 23 Jun 2007 00:02:13 +0000 (UTC) (envelope-from bms@icir.org) Received: from compute2.internal (compute2.internal [10.202.2.42]) by out1.messagingengine.com (Postfix) with ESMTP id 5885617BF; Fri, 22 Jun 2007 19:44:46 -0400 (EDT) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute2.internal (MEProxy); Fri, 22 Jun 2007 19:44:47 -0400 X-Sasl-enc: r8T9Fv4098do9jMd3q1F9q2PgoFZOXBkoeEbTUBG8B1I 1182555905 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTP id 019CE3BB9; Fri, 22 Jun 2007 19:45:04 -0400 (EDT) Message-ID: <467C5EEC.1000208@icir.org> Date: Sat, 23 Jun 2007 00:44:44 +0100 From: "Bruce M. Simpson" User-Agent: Thunderbird 1.5.0.10 (X11/20070407) MIME-Version: 1.0 To: Julian Elischer References: <467C1E3C.1020203@elischer.org> In-Reply-To: <467C1E3C.1020203@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Net , Marko Zec , releng@freebsd.org, ambrisko@FreeBSD.org Subject: Re: Vimage virtual networking and 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 00:05:12 -0000 Julian Elischer wrote: > > In the future I am hoping to be able to use vimage in our products. > They are based at the moment on 6.1, but I can see in a year they will > be based on 7.x. > > Patches for 7.0 and vimage are currently available in perforce. > What I would like to see is if there are any parts of that patch that > would allow us to make adding of vimage to 7.1 an easier task. > > For example, Anything that would prevent vimage from > needing an API change that would prevent it from being added later. My concern is that this may have already happened. I've been trying to do my bit as the years edge on to clean up the networking stack and fix bugs. One of my concerns is that the vimage change, which attempts to take network stack globals and wrap them into one big structure, may intrude on this or be subject to bitrot due to other development. > > I am quite disappointed that despite Marko's best efforts, we miss the > 7.0 > release but if it can be made nonintrusive enough I'd really like to > see if it can get in 7.1. > I appreciate all the hard work Marko has done on this, though I wonder if even 7.1 is ambitious. > Personally, if I were "god" I'd put it in now because it can be > compiled out. > and it wouldn't be compiled by default.Maybe only just bits of it.. > for sure I want the ability to have many routing tables. > and I'm not thrilled about the requirement to have my own patch sets > for this and thus not allowing others to use this feature. I think there are deeper issues in the network stack overall which need to be addressed, such as our lack of support for multipathing, scoped addresses, and all the tidyups which need to happen in struct ifnet to deal with this. My concern is that vimage may be a very intrusive change indeed where these matters are concerned, unless the vimage patches are being kept up-to-date and regression tested as issues are resolved and new features added. BMS From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 00:38:15 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9F18816A473 for ; Sat, 23 Jun 2007 00:38:15 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outM.internet-mail-service.net (outM.internet-mail-service.net [216.240.47.236]) by mx1.freebsd.org (Postfix) with ESMTP id 59A6913C483 for ; Sat, 23 Jun 2007 00:38:15 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP; Fri, 22 Jun 2007 17:38:14 -0700 Received: from julian-mac.elischer.org (nat.ironport.com [63.251.108.100]) by idiom.com (Postfix) with ESMTP id 3C928125ADA; Fri, 22 Jun 2007 17:38:14 -0700 (PDT) Message-ID: <467C6B79.4080304@elischer.org> Date: Fri, 22 Jun 2007 17:38:17 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.4 (Macintosh/20070604) MIME-Version: 1.0 To: "Bruce M. Simpson" References: <467C1E3C.1020203@elischer.org> <467C5EEC.1000208@icir.org> In-Reply-To: <467C5EEC.1000208@icir.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Net , Marko Zec , releng@freebsd.org, ambrisko@FreeBSD.org Subject: Re: Vimage virtual networking and 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 00:38:15 -0000 Bruce M. Simpson wrote: > Julian Elischer wrote: >> >> In the future I am hoping to be able to use vimage in our products. >> They are based at the moment on 6.1, but I can see in a year they will >> be based on 7.x. >> >> Patches for 7.0 and vimage are currently available in perforce. >> What I would like to see is if there are any parts of that patch that >> would allow us to make adding of vimage to 7.1 an easier task. >> >> For example, Anything that would prevent vimage from >> needing an API change that would prevent it from being added later. > > My concern is that this may have already happened. I've been trying to > do my bit as the years edge on to clean up the networking stack and fix > bugs. One of my concerns is that the vimage change, which attempts to > take network stack globals and wrap them into one big structure, may > intrude on this or be subject to bitrot due to other development. > > >> >> I am quite disappointed that despite Marko's best efforts, we miss the >> 7.0 >> release but if it can be made nonintrusive enough I'd really like to >> see if it can get in 7.1. >> > > I appreciate all the hard work Marko has done on this, though I wonder > if even 7.1 is ambitious. > >> Personally, if I were "god" I'd put it in now because it can be >> compiled out. >> and it wouldn't be compiled by default.Maybe only just bits of it.. >> for sure I want the ability to have many routing tables. >> and I'm not thrilled about the requirement to have my own patch sets >> for this and thus not allowing others to use this feature. > > I think there are deeper issues in the network stack overall which need > to be addressed, such as our lack of support for multipathing, scoped > addresses, and all the tidyups which need to happen in struct ifnet to > deal with this. > > My concern is that vimage may be a very intrusive change indeed where > these matters are concerned, unless the vimage patches are being kept > up-to-date and regression tested as issues are resolved and new features > added. This is axectly why I think they should go in now. Remembering that they compile out to non changes.. Marko will I believe continue to keep up with -current as changes are made there. however it would be easier if they were in the tree so that people MAKING the new changes just took it into account when they did it. Similarly it will be a lot harder to backport to 7.x unless we keep a a separate 7.x + vimage branch in p4 however that means that marko will need to do everything twice. > > BMS > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 01:08:16 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5742216A46C for ; Sat, 23 Jun 2007 01:08:16 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outT.internet-mail-service.net (outT.internet-mail-service.net [216.240.47.243]) by mx1.freebsd.org (Postfix) with ESMTP id 47CEA13C45A for ; Sat, 23 Jun 2007 01:08:16 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP; Fri, 22 Jun 2007 18:08:15 -0700 Received: from julian-mac.elischer.org (nat.ironport.com [63.251.108.100]) by idiom.com (Postfix) with ESMTP id 8013D125B2F for ; Fri, 22 Jun 2007 18:08:15 -0700 (PDT) Message-ID: <467C727D.4060703@elischer.org> Date: Fri, 22 Jun 2007 18:08:13 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.4 (Macintosh/20070604) MIME-Version: 1.0 To: FreeBSD Net Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [6.x] problem with AIO, non-blocking sockets on freebSD and IE7 on windows. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 01:08:16 -0000 If one has an event-driven process that accepts tcp connections, one needs to set eh non-blocking socket option and use kqueue or similar to schedule work. This is ok for data transfers, however when it comes to the close() call there is a problem. The problem in in the following code in so_close() if (so->so_options & SO_LINGER) { if ((so->so_state & SS_ISDISCONNECTING) && (so->so_state & SS_NBIO)) goto drop; while (so->so_state & SS_ISCONNECTED) { error = tsleep(&so->so_timeo, PSOCK | PCATCH, "soclos", so->so_linger * hz); if (error) break; } } } drop: [ continues on to destroy socket ] because SS_NBIO is set, the socket acts as if SO_LINGER was set, with a timeout of 0. the result of this, is the following behaviour: ========================================== The first + last packet output is below: ========================================== Source Destination Info 172.20.51.115 172.20.3.43 2597 > http [SYN] Seq=0 Len=0 172.20.3.43 172.20.51.115 http > 2597 [SYN, ACK] Seq=0 Ack=1 Len=0 172.20.51.115 172.20.3.43 2597 > http [ACK] Seq=1 Ack=1 Len=0 172.20.51.115 172.20.3.43 POST http://creative.gettyimages.com/source/ HTTP/1.1 172.20.51.115 172.20.3.43 HTTP 172.20.3.43 172.20.51.115 http > 2597 [ACK] Seq=1 Ack=1261 Len=0 --------------- 172.20.3.43 172.20.51.115 http > 2597 [ACK] Seq=1 Ack=13729 Len=0 172.20.51.115 172.20.3.43 HTTP 172.20.3.43 172.20.51.115 HTTP/1.0 407 Proxy Authentication Required (text/html) 172.20.3.43 172.20.51.115 HTTP 172.20.3.43 172.20.51.115 http > 2597 [FIN, ACK] Seq=1858 Ack=13729 Len=0 172.20.51.115 172.20.3.43 2597 > http [ACK] Seq=13731 Ack=1859 Len=0 172.20.3.43 172.20.51.115 http > 2597 [RST] Seq=1 Len=0 172.20.3.43 172.20.51.115 http > 2597 [RST] Seq=1859 Len=0 The ACK that comes from the client is wquite legal and in fact a FIN should follow. however we react to it by sending a reset. This makes IE7 throw a "generic IE error page". Even though it has all the information it needs. Less that a good result for the user. The answer is to NOT destroy the socket immediately, but to schedule it for self destruction in FIN_WAIT_1_TIME seconds (or so_linger secs) or when the FIN turns up, whichever occurs first. however so_close is in the wrong layer to decide to do this I think... socket code in general has no timer related stuff.. TCPhas timers, so I thin it would require a new call into TCP to tell it to put the session in question onto a (new) timer.. thoughts anyone? Julian From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 03:40:05 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9AE0616A400 for ; Sat, 23 Jun 2007 03:40:05 +0000 (UTC) (envelope-from andrew@modulus.org) Received: from bub.octopus.com.au (170.135.233.220.exetel.com.au [220.233.135.170]) by mx1.freebsd.org (Postfix) with ESMTP id 61F6A13C48C for ; Sat, 23 Jun 2007 03:40:02 +0000 (UTC) (envelope-from andrew@modulus.org) Received: from anzac.hos (170.135.233.220.exetel.com.au [220.233.135.170]) by esper.modulus.org (Postfix) with ESMTP id 14946B25FE for ; Sat, 23 Jun 2007 12:58:57 +1000 (EST) Message-ID: <467C8C5F.8050206@modulus.org> Date: Sat, 23 Jun 2007 12:58:39 +1000 From: Andrew Snow User-Agent: Thunderbird 2.0.0.0 (X11/20070426) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: watchdog timeout problem with freebsd 6.2-stable and v6.4.1 if_em driver X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 03:40:05 -0000 Hi, I have a problem with Pro/1000 cards in Freebsd, as follows: System: Supermicro 1RU server CPU: Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz OS: FreeBSD 6.2-STABLE (Tue May 29 03:19:28 EST 2007) amd64 (64 bit mode, SMP kernel) Driver: 6.4.1 kernel module (downloaded from Intel's website) em0: flags=8843 mtu 1500em0: port 0x5000-0x501f mem 0xe0300000-0xe031ffff irq 16 at device 0.0 on pci13 em0: Ethernet address: 00:30:48:8b:54:30 em1: port 0x6000-0x601f mem 0xe0400000-0xe041ffff irq 17 at device 0.0 on pci14 em1: Ethernet address: 00:30:48:8b:54:31 em0@pci13:0:0: class=0x020000 card=0x108c15d9 chip=0x108c8086 rev=0x03 hdr=0x00 vendor = 'Intel Corporation' device = 'PRO/1000 PM' class = network subclass = ethernet em1@pci14:0:0: class=0x020000 card=0x109a15d9 chip=0x109a8086 rev=0x00 hdr=0x00 vendor = 'Intel Corporation' class = network subclass = ethernet em1 is connected to another Pro/1000 network card and works properly without any problems whatsoever! em0 is connected to a Netgear Gigabit SmartSwitch and all our cables are Belkin CAT6 cables. We have TWO identical machines, and they both suffer the "watchdog timeout" problem as follows: After medium-heavy traffic, the NIC locks up completely and no traffic passes for a long time, perhaps longer than half an hour. Then, it recovers and prints this to syslog: em0: watchdog timeout -- resetting em0: link state changed to DOWN em0: link state changed to UP The problem was much worse with the supplied drivers of FreeBSD 6.2, any large packets would trigger it, but upgrading to 6.4.1 helped alot. The problem still happens with SMP completely disabled. The only workaround which is completely successful for me so far is to disable gigabit and use 100baseTX instead. The netgear switch is configured for VLANs but VLAN outbound tagging is not enabled for this switch port and the em0 interface is not configured for VLANs. Any ideas? Thanks, - Andrew From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 04:13:14 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 00B1F16A421 for ; Sat, 23 Jun 2007 04:13:14 +0000 (UTC) (envelope-from ggm@apnic.net) Received: from mint.apnic.net (mint.apnic.net [202.12.29.58]) by mx1.freebsd.org (Postfix) with ESMTP id 9C18913C48C for ; Sat, 23 Jun 2007 04:13:13 +0000 (UTC) (envelope-from ggm@apnic.net) Received: from asmtp.apnic.net (s102.GtokyoFL12.vectant.ne.jp [222.228.213.102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mint.apnic.net (Postfix) with ESMTP id 2C0A1D5F36; Sat, 23 Jun 2007 14:13:10 +1000 (EST) Date: Sat, 23 Jun 2007 14:13:09 +1000 From: George Michaelson To: "Bruce M. Simpson" Message-ID: <20070623141309.76f4e3be@garlique.algebras.org> In-Reply-To: <467C5DC2.1060109@FreeBSD.org> References: <20070620094806.3a95ec40@garlique.algebras.org> <20070622011451.GA3170@rogue.navcom.lan> <467C5DC2.1060109@FreeBSD.org> X-Mailer: Claws Mail 2.9.2 (GTK+ 2.10.11; i386--netbsdelf) X-Fruit-Of-The-Month-Club: persimmon Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org, ghozzy Subject: Re: how do you bring IPv6 live without reboot? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 04:13:14 -0000 On Sat, 23 Jun 2007 00:39:46 +0100 "Bruce M. Simpson" wrote: > The fact that it does work at all is to do with how protocol domain > attach works with struct ifnet. I am thinking that in future a lot of > this should change, in order to avoid a number of issues we currently > have -- this (the inability to re-attach IPv6 without taking down the > entire interface) is one of them. > > BMS > its interesting that when I sent-pr'd this, I got tut-tutted back to freebsd questions. In my books, not being able to do this kind of V6 maintenance work on the interface without taking it down probably deserves to be kept as an open bug! -G From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 06:06:53 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 43D9916A421 for ; Sat, 23 Jun 2007 06:06:53 +0000 (UTC) (envelope-from freebsd-net@dino.sk) Received: from bsd.dino.sk (bsd.dino.sk [213.215.72.60]) by mx1.freebsd.org (Postfix) with ESMTP id CA8FE13C4AD for ; Sat, 23 Jun 2007 06:06:52 +0000 (UTC) (envelope-from freebsd-net@dino.sk) Received: from fox.dino.sk (home.dino.sk [84.245.95.252]) (AUTH: PLAIN milan, TLS: TLSv1/SSLv3,256bits,AES256-SHA) by bsd.dino.sk with esmtp; Sat, 23 Jun 2007 07:58:48 +0200 id 0000005A.467CB698.00011227 From: Milan Obuch To: freebsd-net@freebsd.org Date: Sat, 23 Jun 2007 07:54:22 +0200 User-Agent: KMail/1.9.6 References: <467C1E3C.1020203@elischer.org> <467C5EEC.1000208@icir.org> <467C6B79.4080304@elischer.org> In-Reply-To: <467C6B79.4080304@elischer.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200706230754.23148.freebsd-net@dino.sk> Subject: Re: Vimage virtual networking and 7.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 06:06:53 -0000 On Saturday 23 June 2007, Julian Elischer wrote: > Bruce M. Simpson wrote: > > Julian Elischer wrote: > >> In the future I am hoping to be able to use vimage in our products. > >> They are based at the moment on 6.1, but I can see in a year they will > >> be based on 7.x. > >> > >> Patches for 7.0 and vimage are currently available in perforce. > >> What I would like to see is if there are any parts of that patch that > >> would allow us to make adding of vimage to 7.1 an easier task. > >> ... > > > > I think there are deeper issues in the network stack overall which need > > to be addressed, such as our lack of support for multipathing, scoped > > addresses, and all the tidyups which need to happen in struct ifnet to > > deal with this. > > > > My concern is that vimage may be a very intrusive change indeed where > > these matters are concerned, unless the vimage patches are being kept > > up-to-date and regression tested as issues are resolved and new features > > added. > > This is axectly why I think they should go in now. > Remembering that they compile out to non changes.. > > Marko will I believe continue to keep up with -current as changes are made > there. however it would be easier if they were in the tree so that people > MAKING the new changes just took it into account when they did it. > > Similarly it will be a lot harder to backport to 7.x unless we keep a a > separate 7.x + vimage branch in p4 however that means that marko will need > to do everything twice. > I used old 4.x based vimage for some time. Now I would like to see vimage as an option in 7.x - I need this functionality again. I keep testing it as time permits, but having it in the main tree would make this for me a lot easier. When 7.0 becomes release, divergence begins, and this just multiplies effort needed to keep anything with vimage in good shape. With no option vimage, current state is kept, as far as I can see and understand the whole thing, so I think it should go in, now. Regards, Milan -- This address is used only for mailing list response. Do not send any personal messages to it, use milan in address instead. From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 07:41:14 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7576B16A400 for ; Sat, 23 Jun 2007 07:41:14 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.180]) by mx1.freebsd.org (Postfix) with ESMTP id 3FECD13C4C1 for ; Sat, 23 Jun 2007 07:41:14 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: by wa-out-1112.google.com with SMTP id j37so1053808waf for ; Sat, 23 Jun 2007 00:41:13 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=UM9oJrnFFUqb6xep5M2bj1cIzdX7x1qmK4EN/+s2KNk2Irxg2k58WWq3z/ezq4zzG/fquxC6v//eZHnoa/ads463NEi5ViFv+wL0V58BoKBrMO2HRg+I1UxFHKz3thOB1+MdvoVSScmQe3GioKtg/6MOzUjAtzBnIHsTPoUWb30= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=T4lzq3c96hgtALA9daz6jAxlecVKrr7BUwcCgw/xW/tTFVUVtdLAC+v6QJhV+z/DMO3AjaMqYse6D59xOtn2LNE+a2IoH+kdVk3NDo7UiZ6iX77WkBxEwYVcf46Ukw8btFyqm7YuVRVhZzlIx/Rj+xokpop9JNnzVFS2Ip1fgV0= Received: by 10.114.13.1 with SMTP id 1mr3610601wam.1182584473903; Sat, 23 Jun 2007 00:41:13 -0700 (PDT) Received: by 10.114.103.14 with HTTP; Sat, 23 Jun 2007 00:41:13 -0700 (PDT) Message-ID: <2a41acea0706230041p54212458mdd2ab339fe9bffd9@mail.gmail.com> Date: Sat, 23 Jun 2007 00:41:13 -0700 From: "Jack Vogel" To: "Andrew Snow" In-Reply-To: <467C8C5F.8050206@modulus.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <467C8C5F.8050206@modulus.org> Cc: freebsd-net@freebsd.org Subject: Re: watchdog timeout problem with freebsd 6.2-stable and v6.4.1 if_em driver X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 07:41:14 -0000 On 6/22/07, Andrew Snow wrote: > > Hi, I have a problem with Pro/1000 cards in Freebsd, as follows: > > System: Supermicro 1RU server > CPU: Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz > OS: FreeBSD 6.2-STABLE (Tue May 29 03:19:28 EST 2007) > amd64 (64 bit mode, SMP kernel) > > Driver: 6.4.1 kernel module (downloaded from Intel's website) > > em0: flags=8843 mtu 1500em0: > port > 0x5000-0x501f mem 0xe0300000-0xe031ffff irq 16 at device 0.0 on pci13 > em0: Ethernet address: 00:30:48:8b:54:30 > em1: port > 0x6000-0x601f mem 0xe0400000-0xe041ffff irq 17 at device 0.0 on pci14 > em1: Ethernet address: 00:30:48:8b:54:31 > > em0@pci13:0:0: class=0x020000 card=0x108c15d9 chip=0x108c8086 rev=0x03 > hdr=0x00 > vendor = 'Intel Corporation' > device = 'PRO/1000 PM' > class = network > subclass = ethernet > em1@pci14:0:0: class=0x020000 card=0x109a15d9 chip=0x109a8086 rev=0x00 > hdr=0x00 > vendor = 'Intel Corporation' > class = network > subclass = ethernet > > > > em1 is connected to another Pro/1000 network card and works properly > without any problems whatsoever! > > em0 is connected to a Netgear Gigabit SmartSwitch and all our cables are > Belkin CAT6 cables. We have TWO identical machines, and they both > suffer the "watchdog timeout" problem as follows: > > After medium-heavy traffic, the NIC locks up completely and no traffic > passes for a long time, perhaps longer than half an hour. > > Then, it recovers and prints this to syslog: > em0: watchdog timeout -- resetting > em0: link state changed to DOWN > em0: link state changed to UP > > The problem was much worse with the supplied drivers of FreeBSD 6.2, any > large packets would trigger it, but upgrading to 6.4.1 helped alot. > > The problem still happens with SMP completely disabled. The only > workaround which is completely successful for me so far is to disable > gigabit and use 100baseTX instead. > > The netgear switch is configured for VLANs but VLAN outbound tagging is > not enabled for this switch port and the em0 interface is not configured > for VLANs. > > > Any ideas? Bit by the 82573 eeprom MANC setting problem :( If you search thru the email archives you will find that I have posted a DOS patcher that fixes the problem. Search on 82573, if you have a problem let me know. What happens is that the eeprom mis-programs the MANC (management controller) register so it gobbles up packets rather than hand up to the host OS. The patcher should solve your problems, if not you know who to call :) Cheers, Jack From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 12:06:08 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 42FE816A41F for ; Sat, 23 Jun 2007 12:06:08 +0000 (UTC) (envelope-from stapleton.41@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.169]) by mx1.freebsd.org (Postfix) with ESMTP id D144513C448 for ; Sat, 23 Jun 2007 12:06:07 +0000 (UTC) (envelope-from stapleton.41@gmail.com) Received: by ug-out-1314.google.com with SMTP id u2so1078829uge for ; Sat, 23 Jun 2007 05:06:06 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=JQDckKTEO+Cp71ytJOLb6KwgsIIOUxNcpnmpS2EP15mfYWP4IEUXU2/OSPD2fdxmSCOtXd/j2LXtSXFQROkEQmrEE6XR/HVuAWRc2xsbNlw8QT4J0OSPR/SDuyoiArPJbsX0GehC53a9XD+WPx1Q8YA89zaKs2pbk3OllBxWIQc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=C+Mx/aReABxHlH+bvOOSpiFN7oHueBgFebv16a5TevyREZSLe8tZwxwJ0UTaw9IP3x3SkgDfsNtOqj3mtInjGPd1zcqyqOGfHBkylo0jsvgw+4+XIi1t9pB0m30gG/VaqOUT1aEyZtZMqJiQ5HHkilwGJJI8OVb1UODfk1Gf3Ms= Received: by 10.82.158.12 with SMTP id g12mr8350684bue.1182598841760; Sat, 23 Jun 2007 04:40:41 -0700 (PDT) Received: by 10.82.191.14 with HTTP; Sat, 23 Jun 2007 04:40:41 -0700 (PDT) Message-ID: <80f4f2b20706230440n5abeceb6n6d94eef41f776265@mail.gmail.com> Date: Sat, 23 Jun 2007 07:40:41 -0400 From: "Jim Stapleton" To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: ppp/peers/* files X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 12:06:08 -0000 where do I find the valid commands I can put in these files (yes, still on the never ending saga to get VPN working on my BSD machine so I don't need to boot windows) Thanks, -Jim Stapleton From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 13:02:00 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 22EDA16A400 for ; Sat, 23 Jun 2007 13:02:00 +0000 (UTC) (envelope-from eugen@www.svzserv.kemerovo.su) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.freebsd.org (Postfix) with ESMTP id 6C4A813C489 for ; Sat, 23 Jun 2007 13:01:58 +0000 (UTC) (envelope-from eugen@www.svzserv.kemerovo.su) Received: from www.svzserv.kemerovo.su (eugen@localhost [127.0.0.1]) by www.svzserv.kemerovo.su (8.13.8/8.13.8) with ESMTP id l5ND1s4n040215; Sat, 23 Jun 2007 21:01:54 +0800 (KRAST) (envelope-from eugen@www.svzserv.kemerovo.su) Received: (from eugen@localhost) by www.svzserv.kemerovo.su (8.13.8/8.13.8/Submit) id l5ND1sY0040214; Sat, 23 Jun 2007 21:01:54 +0800 (KRAST) (envelope-from eugen) Date: Sat, 23 Jun 2007 21:01:54 +0800 From: Eugene Grosbein To: Jim Stapleton Message-ID: <20070623130154.GA39937@svzserv.kemerovo.su> References: <80f4f2b20706230440n5abeceb6n6d94eef41f776265@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <80f4f2b20706230440n5abeceb6n6d94eef41f776265@mail.gmail.com> User-Agent: Mutt/1.4.2.1i Cc: freebsd-net@freebsd.org Subject: Re: ppp/peers/* files X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 13:02:00 -0000 On Sat, Jun 23, 2007 at 07:40:41AM -0400, Jim Stapleton wrote: > where do I find the valid commands I can put in these files (yes, > still on the never ending saga to get VPN working on my BSD machine so > I don't need to boot windows) Just scan man pppd for 'privileged' options. Eugene From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 13:22:14 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D07B716A400 for ; Sat, 23 Jun 2007 13:22:14 +0000 (UTC) (envelope-from artem@aws-net.org.ua) Received: from alf.aws-net.org.ua (alf.aws-net.org.ua [85.90.196.192]) by mx1.freebsd.org (Postfix) with ESMTP id CAEA813C45D for ; Sat, 23 Jun 2007 13:22:12 +0000 (UTC) (envelope-from artem@aws-net.org.ua) Received: from [192.168.32.4] (aviko.aws-net.org.ua [192.168.32.4]) by alf.aws-net.org.ua (8.13.8/8.13.8) with ESMTP id l5NCo6Oq003347 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sat, 23 Jun 2007 15:50:07 +0300 (EEST) (envelope-from artem@aws-net.org.ua) Message-ID: <467D1700.8050006@aws-net.org.ua> Date: Sat, 23 Jun 2007 15:50:08 +0300 From: Artyom Viklenko Organization: Art&Co. User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: Jim Stapleton References: <80f4f2b20706230440n5abeceb6n6d94eef41f776265@mail.gmail.com> In-Reply-To: <80f4f2b20706230440n5abeceb6n6d94eef41f776265@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded STARTTLS authentication, not delayed by milter-greylist-3.0 (alf.aws-net.org.ua [192.168.32.253]); Sat, 23 Jun 2007 15:50:07 +0300 (EEST) X-Virus-Scanned: ClamAV version 0.90.3, clamav-milter version 0.90.3 on alf.aws-net.org.ua X-Virus-Status: Clean Cc: freebsd-net@freebsd.org Subject: Re: ppp/peers/* files X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 13:22:14 -0000 Jim Stapleton wrote: > where do I find the valid commands I can put in these files (yes, > still on the never ending saga to get VPN working on my BSD machine so > I don't need to boot windows) > peers files contains the same options as /etc/ppp/options or /etc/ppp/options.ttyxx files - generally speaking, any options valid for pppd. So, see 'man pppd'. I don't know about your VPN scenario, but anyway I would recommend you to give mpd a tyr. -- Sincerely yours, Artyom Viklenko. ------------------------------------------------------- artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem FreeBSD: The Power to Serve - http://www.freebsd.org From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 14:51:52 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 80A3216A46C for ; Sat, 23 Jun 2007 14:51:52 +0000 (UTC) (envelope-from stapleton.41@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.184]) by mx1.freebsd.org (Postfix) with ESMTP id 1515F13C484 for ; Sat, 23 Jun 2007 14:51:51 +0000 (UTC) (envelope-from stapleton.41@gmail.com) Received: by mu-out-0910.google.com with SMTP id w9so1135388mue for ; Sat, 23 Jun 2007 07:51:50 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=myYmEJgchhRFAWkbJAo9lRNW4LXR3398D+lo/2nq6Q17YBCNT7V2qkFfr88+h/Mn9BiLW84PGzeCYdC7tLFzCawgx8oX/kcUXtev790abfWKTDk0AeaRvGpQYJqV34LASI9M5XOXC0mFd2nGUgLg7C6kWbUMkoJkrkErAQ0SXuo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=iU5ZpaXaltYCiu7x106Yh7sMftxyrpATJu1DW2KbbL7UnkIBuU7+DYhnvY21rwrMdGP3R/M9VXCnqERIH9cWQT9Hiu/odJwFObfKtJu8gOOJSJDiCqW3FGYUsZvnetXx2RTYBQP1nSr1VdispEVRJyJAdCqcp3l1Wbb9rpuuZUw= Received: by 10.82.183.19 with SMTP id g19mr8682905buf.1182610309655; Sat, 23 Jun 2007 07:51:49 -0700 (PDT) Received: by 10.82.191.14 with HTTP; Sat, 23 Jun 2007 07:51:49 -0700 (PDT) Message-ID: <80f4f2b20706230751m10baee49gd339b889285dc060@mail.gmail.com> Date: Sat, 23 Jun 2007 10:51:49 -0400 From: "Jim Stapleton" To: "Artyom Viklenko" In-Reply-To: <467D1700.8050006@aws-net.org.ua> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <80f4f2b20706230440n5abeceb6n6d94eef41f776265@mail.gmail.com> <467D1700.8050006@aws-net.org.ua> Cc: freebsd-net@freebsd.org Subject: Re: ppp/peers/* files X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 14:51:52 -0000 Thanks, I'll look at it more. I'm trying to connect to a windows vpn, and most of the stuff I see suggests pptp+pppd, but the documentation for most things contains commands that just dont work. -Jim Stapleton On 6/23/07, Artyom Viklenko wrote: > Jim Stapleton wrote: > > where do I find the valid commands I can put in these files (yes, > > still on the never ending saga to get VPN working on my BSD machine so > > I don't need to boot windows) > > > > peers files contains the same options as /etc/ppp/options > or /etc/ppp/options.ttyxx files - generally speaking, > any options valid for pppd. So, see 'man pppd'. > > I don't know about your VPN scenario, but anyway I would > recommend you to give mpd a tyr. > > -- > Sincerely yours, > Artyom Viklenko. > ------------------------------------------------------- > artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem > FreeBSD: The Power to Serve - http://www.freebsd.org > From owner-freebsd-net@FreeBSD.ORG Sat Jun 23 18:20:06 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 67AD016A46D for ; Sat, 23 Jun 2007 18:20:06 +0000 (UTC) (envelope-from stapleton.41@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.191]) by mx1.freebsd.org (Postfix) with ESMTP id F40ED13C447 for ; Sat, 23 Jun 2007 18:20:05 +0000 (UTC) (envelope-from stapleton.41@gmail.com) Received: by mu-out-0910.google.com with SMTP id w9so1175236mue for ; Sat, 23 Jun 2007 11:20:04 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=SNGDIIf2X7gjPwBgC27QKedoSr34w4kcHxPLO5785ZNFoaJoUTmW+IwSrO3MZmOuNJptWxy6fDJr0QL9evBFeIMBLfzlNJn1iSMUpyUqGrA1sbdXVbQGIQQ2OmHXAOYK0FU5o8f6xga0Q+TGjhmVpxEEP/ueCfq+YwhQoyVRZdU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=twNtxenkbWf0BLAroVkZUw9IEpkNUQd2pCRXnmfeSVM5oWwg60QBZCJ8q6oFZ2atcoimphWpIRVWaz/dUCRdszxFMId9lE5RIF9sDjDJW+adP4rWwhYLbY0I/MlfuasWyByQLpgxzJ7dtniKbWGwMQBcyoQX87eZJFCfzUJLu6Q= Received: by 10.82.151.14 with SMTP id y14mr9017107bud.1182622804106; Sat, 23 Jun 2007 11:20:04 -0700 (PDT) Received: by 10.82.191.14 with HTTP; Sat, 23 Jun 2007 11:20:04 -0700 (PDT) Message-ID: <80f4f2b20706231120u6b6f2659xa427b7a54f20b243@mail.gmail.com> Date: Sat, 23 Jun 2007 14:20:04 -0400 From: "Jim Stapleton" To: "Artyom Viklenko" In-Reply-To: <467D1700.8050006@aws-net.org.ua> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <80f4f2b20706230440n5abeceb6n6d94eef41f776265@mail.gmail.com> <467D1700.8050006@aws-net.org.ua> Cc: freebsd-net@freebsd.org Subject: Re: ppp/peers/* files X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 18:20:06 -0000 I can't find a way to specify mppe-128 for either pptp or pppd in the man files, and every doc I see (including the man pages examples, which don't work when I specify it in the file) seem to suggest that I use either "mppe-128" or "require-mppe-128" for pppd, neither of which work. Any suggestions? Thanks, -Jim Stapleton On 6/23/07, Artyom Viklenko wrote: > Jim Stapleton wrote: > > where do I find the valid commands I can put in these files (yes, > > still on the never ending saga to get VPN working on my BSD machine so > > I don't need to boot windows) > > > > peers files contains the same options as /etc/ppp/options > or /etc/ppp/options.ttyxx files - generally speaking, > any options valid for pppd. So, see 'man pppd'. > > I don't know about your VPN scenario, but anyway I would > recommend you to give mpd a tyr. > > -- > Sincerely yours, > Artyom Viklenko. > ------------------------------------------------------- > artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem > FreeBSD: The Power to Serve - http://www.freebsd.org >