From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 06:51:48 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A99B8106564A
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 06:51:48 +0000 (UTC)
	(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
	by mx1.freebsd.org (Postfix) with ESMTP id 5E0F88FC12
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 06:51:48 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
	[67.180.24.15]) (authenticated bits=0)
	by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q156pi74032659
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
	Sat, 4 Feb 2012 22:51:47 -0800 (PST)
	(envelope-from julian@freebsd.org)
Message-ID: <4F2E274F.6000601@freebsd.org>
Date: Sat, 04 Feb 2012 22:53:03 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
	rv:1.9.2.25) Gecko/20111213 Thunderbird/3.1.17
MIME-Version: 1.0
To: =?windows-1251?Q?=CA=EE=ED=FC=EA=EE=E2_=C5=E2=E3=E5=ED=E8=E9?=
	<kes-kes@yandex.ru>
References: <67410574.20120202113314@yandex.ru>
In-Reply-To: <67410574.20120202113314@yandex.ru>
Content-Type: text/plain; charset=windows-1251; format=flowed
Content-Transfer-Encoding: 8bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 06:51:48 -0000

On 2/2/12 1:33 AM, Коньков Евгений wrote:
> this is the mine script which helps me keep my firewall very clean and safe.
>
> It is easy to understand even if you have a thousands rules, I think =)
>
> please comment.
>
> PS. If anybody may, please put into ports tree. thank you.

it would probably be get more response if it was in a file format we 
had heard of.. like tar..

WTF is a ".rar"  file?

>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"


From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 07:11:58 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 730B4106566C
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 07:11:58 +0000 (UTC)
	(envelope-from kob6558@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
	by mx1.freebsd.org (Postfix) with ESMTP id 08A868FC13
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 07:11:57 +0000 (UTC)
Received: by wgbdq11 with SMTP id dq11so5261635wgb.31
	for <multiple recipients>; Sat, 04 Feb 2012 23:11:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	bh=THY4H03XvMXBKl3BpvfQmRnAXqjBR+muNVoNkrblyXw=;
	b=LI9dLwhSuHiGspVIZlW8kJKGNLizBsr0ht7wqGAhALLNkSmLpD+atagw/A9t5XiYf1
	Ub5SsdkiQSVu4YLNUMAFxfl4SfRr8w+68uI+tau9KAiPO37/SPHPjkwGxmGkytdzpvz9
	h5iA+q0xImn6LQ6LBzopo+SNKZX568d68sJ6M=
MIME-Version: 1.0
Received: by 10.181.12.106 with SMTP id ep10mr6263923wid.8.1328425916589; Sat,
	04 Feb 2012 23:11:56 -0800 (PST)
Received: by 10.223.62.135 with HTTP; Sat, 4 Feb 2012 23:11:56 -0800 (PST)
In-Reply-To: <4F2E274F.6000601@freebsd.org>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
Date: Sat, 4 Feb 2012 23:11:56 -0800
Message-ID: <CAN6yY1vP2mRHWVcj6W_zEWJwqf_7=9tHZXWFbnSKKK3QbyfqKg@mail.gmail.com>
From: Kevin Oberman <kob6558@gmail.com>
To: Julian Elischer <julian@freebsd.org>
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-net@freebsd.org,
	=?KOI8-R?B?68/O2MvP1yDl18fFzsnK?= <kes-kes@yandex.ru>,
	freebsd-questions@freebsd.org
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 07:11:58 -0000

2012/2/4 Julian Elischer <julian@freebsd.org>:
> On 2/2/12 1:33 AM, =EB=CF=CE=D8=CB=CF=D7 =E5=D7=C7=C5=CE=C9=CA wrote:
>>
>> this is the mine script which helps me keep my firewall very clean and
>> safe.
>>
>> It is easy to understand even if you have a thousands rules, I think =3D=
)
>>
>> please comment.
>>
>> PS. If anybody may, please put into ports tree. thank you.
>
>
> it would probably be get more response if it was in a file format we had
> heard of.. like tar..
>
> WTF is a ".rar" =9Afile?

rar is a compression and archiving tool used commonly for bittorrent.
The tool to extract files is in port archivers/rar, but it's
commercial and a proprietary format. The free tool is only capable of
extracting, not compressing. It is reported that its compression is
very good, better than bzip2, xz and can even do a reasonable job of
compressing things like already compressed video formats. (Probably
why it became popular for bittorrent.)

R. Kevin Oberman, Network Engineer
E-mail: kob6558@gmail.com

From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 07:14:19 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C0953106566B;
	Sun,  5 Feb 2012 07:14:19 +0000 (UTC)
	(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
	by mx1.freebsd.org (Postfix) with ESMTP id 9229A8FC12;
	Sun,  5 Feb 2012 07:14:19 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
	[67.180.24.15]) (authenticated bits=0)
	by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q157EH0B032730
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
	Sat, 4 Feb 2012 23:14:18 -0800 (PST)
	(envelope-from julian@freebsd.org)
Message-ID: <4F2E2C97.7000400@freebsd.org>
Date: Sat, 04 Feb 2012 23:15:35 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
	rv:1.9.2.25) Gecko/20111213 Thunderbird/3.1.17
MIME-Version: 1.0
To: =?windows-1251?Q?=CA=EE=ED=FC=EA=EE=E2_=C5=E2=E3=E5=ED=E8=E9?=
	<kes-kes@yandex.ru>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
In-Reply-To: <4F2E274F.6000601@freebsd.org>
Content-Type: text/plain; charset=windows-1251; format=flowed
Content-Transfer-Encoding: 8bit
Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 07:14:19 -0000

On 2/4/12 10:53 PM, Julian Elischer wrote:
> On 2/2/12 1:33 AM, Коньков Евгений wrote:
>> this is the mine script which helps me keep my firewall very clean 
>> and safe.
>>
>> It is easy to understand even if you have a thousands ruBTWles, I 
>> think =)
>>
>> please comment.
>>
>> PS. If anybody may, please put into ports tree. thank you.
>
> it would probably be get more response if it was in a file format we 
> had heard of.. like tar..
>
> WTF is a ".rar"  file?
BTW the  "stuffit" expander on a Mac seems to be able to handle it..

I can see that this would allow you to manage very complex rule sets 
while keeping errors under control.

I find the syntax hard to follow however
  I guess that comes from it being a relatively simple perl script 
doing the work.

it would be nice to get rid of the line numbers entirely in the 
specifications
and allow the program to completely specify them using symbolic 
definitions instead.



>
>>
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
>


From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 09:48:11 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 291EB1065674;
	Sun,  5 Feb 2012 09:48:11 +0000 (UTC)
	(envelope-from kes-kes@yandex.ru)
Received: from forward7.mail.yandex.net (forward7.mail.yandex.net
	[IPv6:2a02:6b8:0:202::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 084828FC17;
	Sun,  5 Feb 2012 09:48:09 +0000 (UTC)
Received: from smtp6.mail.yandex.net (smtp6.mail.yandex.net [77.88.61.56])
	by forward7.mail.yandex.net (Yandex) with ESMTP id 4DE0F1C10D1;
	Sun,  5 Feb 2012 13:48:07 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
	t=1328435287; bh=xKvRvSVjZbtpkUI6+2YQ8T11u8z+5wiColiZrU0o/HI=;
	h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To:
	References:MIME-Version:Content-Type;
	b=kAQmGMy3EzzAMlWL51mmwjvOzS0zd19nKgHIbocgj7WIAfq53DJcC/3l/f8QPCy1p
	UrSyc6Hqz8+W2UlUZ69Nkcj60ybcLsKVrL9EW7V0h0p9mcG94h/7MZk1ieUFenuyLs
	Mg53D44vFhKrDm1ahEKBdXa85O3JpyFN9bqHqBUA=
Received: from smtp6.mail.yandex.net (localhost [127.0.0.1])
	by smtp6.mail.yandex.net (Yandex) with ESMTP id 1AFCB1640481;
	Sun,  5 Feb 2012 13:48:07 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
	t=1328435287; bh=xKvRvSVjZbtpkUI6+2YQ8T11u8z+5wiColiZrU0o/HI=;
	h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To:
	References:MIME-Version:Content-Type;
	b=kAQmGMy3EzzAMlWL51mmwjvOzS0zd19nKgHIbocgj7WIAfq53DJcC/3l/f8QPCy1p
	UrSyc6Hqz8+W2UlUZ69Nkcj60ybcLsKVrL9EW7V0h0p9mcG94h/7MZk1ieUFenuyLs
	Mg53D44vFhKrDm1ahEKBdXa85O3JpyFN9bqHqBUA=
Received: from unknown (unknown [77.93.52.20])
	by smtp6.mail.yandex.net (nwsmtp/Yandex) with ESMTP id
	m5GOkfm2-m5GCxR5c; Sun,  5 Feb 2012 13:48:05 +0400
X-Yandex-Spam: 1
Date: Sun, 5 Feb 2012 11:48:03 +0200
From: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= <kes-kes@yandex.ru>
X-Mailer: The Bat! (v4.0.24) Professional
Organization: =?windows-1251?B?188gyu7t/Oru4iwgRnJlZUxpbmU=?=
X-Priority: 3 (Normal)
Message-ID: <332302285.20120205114803@yandex.ru>
To: Julian Elischer <julian@freebsd.org>
In-Reply-To: <4F2E2C97.7000400@freebsd.org>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
	<4F2E2C97.7000400@freebsd.org>
MIME-Version: 1.0
Content-Type: multipart/mixed;
 boundary="----------ADB6AC35B07843"
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= <kes-kes@yandex.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 09:48:11 -0000

------------ADB6AC35B07843
Content-Type: text/plain; charset=windows-1251
Content-Transfer-Encoding: 8bit

Здравствуйте, Julian.

Вы писали 5 февраля 2012 г., 9:15:35:

JE> On 2/4/12 10:53 PM, Julian Elischer wrote:
>> On 2/2/12 1:33 AM, Коньков Евгений wrote:
>>> this is the mine script which helps me keep my firewall very clean 
>>> and safe.
>>>
>>> It is easy to understand even if you have a thousands ruBTWles, I 
>>> think =)
>>>
>>> please comment.
>>>
>>> PS. If anybody may, please put into ports tree. thank you.
>>
>> it would probably be get more response if it was in a file format we 
>> had heard of.. like tar..
>>
>> WTF is a ".rar"  file?
JE> BTW the  "stuffit" expander on a Mac seems to be able to handle it..

JE> I can see that this would allow you to manage very complex rule sets 
JE> while keeping errors under control.

JE> I find the syntax hard to follow however
JE>   I guess that comes from it being a relatively simple perl script 
JE> doing the work.

JE> it would be nice to get rid of the line numbers entirely in the 
JE> specifications
JE> and allow the program to completely specify them using symbolic 
JE> definitions instead.

can you give an example how it whould be better?
a documentation is weak a bit, if you have question be free to ask.
I will clear that.

In tar format as you ask.


-- 
С уважением,
 Коньков                          mailto:kes-kes@yandex.ru
------------ADB6AC35B07843--


From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 12:18:17 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 84115106566B
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 12:18:17 +0000 (UTC)
	(envelope-from btillman99@yahoo.com)
Received: from nm36-vm2.bullet.mail.ne1.yahoo.com
	(nm36-vm2.bullet.mail.ne1.yahoo.com [98.138.229.114])
	by mx1.freebsd.org (Postfix) with SMTP id 4334B8FC0A
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 12:18:17 +0000 (UTC)
Received: from [98.138.90.51] by nm36.bullet.mail.ne1.yahoo.com with NNFMP;
	05 Feb 2012 12:05:14 -0000
Received: from [98.138.89.246] by tm4.bullet.mail.ne1.yahoo.com with NNFMP;
	05 Feb 2012 12:05:14 -0000
Received: from [127.0.0.1] by omp1060.mail.ne1.yahoo.com with NNFMP;
	05 Feb 2012 12:05:14 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 307951.26888.bm@omp1060.mail.ne1.yahoo.com
Received: (qmail 42442 invoked by uid 60001); 5 Feb 2012 12:05:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024;
	t=1328443513; bh=5O0Z+BW/bT6oDsPGN3I4vK5TAYSWn1pGrCW3mJmaSQs=;
	h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type;
	b=j77ErpiQzDghgDB5RDzcnysVStCaFUMwkYjw4uiMHlyuwyOno/U+L4m/7U279dDZvLUPVaB4PvkFk+UtUeg/gooY9tjrnRNRWeYKTk4t8tcbfflp+pyRW5jj14d0Ww3n/gl/JzOpRt2msvf7pePM3pZXEKAOv6Q1FxrjXSm9oBk=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
	h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type;
	b=0dAz7fjbMLZ2GS5vyTdKghxer7NahS4qqb3nrA5ZVBQz4bfARdch0d5VuOEOsZTpx3BSOuYaj13DEcNbxBARiRfzNcebwfBuNDMCuO3VyoD6p1r8p5EdJr4PMuSu8jdcmJ+Ngn2GzhtiZBdgIkPwXDur5XeQBKAtD5zSERgTEGo=;
X-YMail-OSG: c9TAR0IVM1kRXHXqL43VzvX0XHDJ8ayr2qCzwUVDFekiL67
	p6IYJfXdV62JpBbhTS6FaZZ7.QXLG9Wrc95anVvwp45ni3T1f3Urn9kL2C.m
	Sw1LysW6smnP6GmoMSG3s.j3QKQ.5NXfwZL7K4HmiQTT81EBrBdkMwbUCpOG
	mn4UUKWW8qyxgukiaBVdhjrvMBAE0waod9kBXu1sWl5MgsZ7WX6pMvy8d3N4
	MuY_ie_N3zzSEDuFFvIKUJl2NhdM0TlC3ewGzCU7UrH2GnIYACkbzSC.m7cP
	SkkKTmUZk8ftDR4096BORC.TKLbAWtlASJmCqRxIy8eXzKA3UWkLtlG72_9P
	zaQYJuZUZtEY5amUFahwPLJUDCklCNvd7Br.gzaMq6RSYXoDc7zNgtbFCmZz
	S23tMFKb2pq4LjiQ7JJgwB0Ovlqs7Pnr2_3iR5SQg8JKRH0EBJ8knGRjuPEt
	lUx6Ql23urMBVz8QEdQeryQ--
Received: from [98.203.44.66] by web36505.mail.mud.yahoo.com via HTTP;
	Sun, 05 Feb 2012 04:05:13 PST
X-Mailer: YahooMailWebService/0.8.116.331537
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
	<4F2E2C97.7000400@freebsd.org>
Message-ID: <1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
Date: Sun, 5 Feb 2012 04:05:13 -0800 (PST)
From: Bill Tillman <btillman99@yahoo.com>
To: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
In-Reply-To: <4F2E2C97.7000400@freebsd.org>
MIME-Version: 1.0
X-Mailman-Approved-At: Sun, 05 Feb 2012 12:49:16 +0000
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Bill Tillman <btillman99@yahoo.com>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 12:18:17 -0000

=0A=0A=0AFrom: Julian Elischer <julian@freebsd.org>=0ATo: =D0=9A=D0=BE=D0=
=BD=D1=8C=D0=BA=D0=BE=D0=B2 =D0=95=D0=B2=D0=B3=D0=B5=D0=BD=D0=B8=D0=B9 <kes=
-kes@yandex.ru> =0ACc: freebsd-net@freebsd.org; freebsd-questions@freebsd.o=
rg =0ASent: Sunday, February 5, 2012 2:15 AM=0ASubject: Re: HowTo easy use =
IPFW=0A=0AOn 2/4/12 10:53 PM, Julian Elischer wrote:=0A> On 2/2/12 1:33 AM,=
 =D0=9A=D0=BE=D0=BD=D1=8C=D0=BA=D0=BE=D0=B2 =D0=95=D0=B2=D0=B3=D0=B5=D0=BD=
=D0=B8=D0=B9 wrote:=0A>> this is the mine script which helps me keep my fir=
ewall very clean and safe.=0A>> =0A>> It is easy to understand even if you =
have a thousands ruBTWles, I think =3D)=0A>> =0A>> please comment.=0A>> =0A=
>> PS. If anybody may, please put into ports tree. thank you.=0A> =0A> it w=
ould probably be get more response if it was in a file format we had heard =
of.. like tar..=0A> =0A> WTF is a ".rar"=C2=A0 file?=0ABTW the=C2=A0 "stuff=
it" expander on a Mac seems to be able to handle it..=0A=0AI can see that t=
his would allow you to manage very complex rule sets while keeping errors u=
nder control.=0A=0AI find the syntax hard to follow however=0AI guess that =
comes from it being a relatively simple perl script doing the work.=0A=0Ait=
 would be nice to get rid of the line numbers entirely in the specification=
s=0Aand allow the program to completely specify them using symbolic definit=
ions instead.=0A=0A=0A=0A> =0A>> =0A>> ____________________________________=
___________=0A>> freebsd-net@freebsd.org mailing list=0A>> http://lists.fre=
ebsd.org/mailman/listinfo/freebsd-net=0A>> To unsubscribe, send any mail to=
 "freebsd-net-unsubscribe@freebsd.org"=0A> =0A> ___________________________=
____________________=0A> freebsd-net@freebsd.org mailing list=0A> http://li=
sts.freebsd.org/mailman/listinfo/freebsd-net=0A> To unsubscribe, send any m=
ail to "freebsd-net-unsubscribe@freebsd.org"=0A> =0A> =0A=0A_______________=
________________________________=0Afreebsd-questions@freebsd.org mailing li=
st=0Ahttp://lists.freebsd.org/mailman/listinfo/freebsd-questions=0ATo unsub=
scribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"=0A=0A=
=0A*.rar files have been aroung a long time. They are created by a program =
call Winrar. I never understood the need for this because every since M$ st=
arted including support for zip files built right into Windows Explorer the=
re's no need for additional compression utility. There are some studies whi=
ch show Winrar is a little more efficient with it's compression but with to=
day's 2 TB hard drive prices, disk space is not such a premium anymore. Fre=
eBSD actually has a port for it /"usr/ports/archivers/rar". I have found th=
at this program is mostly used by hackers on the bittorent sites who steal =
and distribute copyrighted software and transmit trojans and viruses so it'=
s been my habbit to avoid rar files. If someone I trust sends it I will ope=
n it but I don't plan on opening up this guy's ipfw rule set for that very =
reason. The other reason is that any rule set with 1,000 lines in it has go=
t to be over kill. The simplest advice I could offer here is this:=0A=0AThe=
 only truly safe firewall ruleset consists of one rule and that is:=0A=0A=
=C2=A0deny all from any to any=0A=0AIf you must have Internet access, and w=
e all do then the next simplest rule set would be:=0A=0ABuild your kernel t=
o have IPFW deny all traffic by default=0AAllow only the ports you deem nec=
essary for your needs=0ADeny all other traffic=0A=0AAfter you've examined y=
our log files for a few weeks, turn off logging because it's usually just a=
 bunch or crap from IP addresses in China, Amsterdam, or maybe an odd one h=
ere and there coming from another source, trying to hack into your computer=
. I have found over many years that it doesn't pay anything to know about a=
ll the attempted attacks. It only pays to stop them cold and the above simp=
le rule set will do just that.

From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 15:14:35 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4FB78106566B
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 15:14:35 +0000 (UTC)
	(envelope-from kes-kes@yandex.ru)
Received: from forward4.mail.yandex.net (forward4.mail.yandex.net
	[IPv6:2a02:6b8:0:602::4])
	by mx1.freebsd.org (Postfix) with ESMTP id E7B288FC14
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 15:14:23 +0000 (UTC)
Received: from smtp1.mail.yandex.net (smtp1.mail.yandex.net [77.88.46.101])
	by forward4.mail.yandex.net (Yandex) with ESMTP id EF3C4501A35;
	Sun,  5 Feb 2012 19:14:21 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
	t=1328454862; bh=gFEiFmqDjktwx7xVte+4y+FPPE2092+m/5WdovZS6CY=;
	h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To:
	References:MIME-Version:Content-Type;
	b=SweMmM5vZ3LugYQxTcreu4igi2/b35LfF5Jc+cS08he+HvCVPsomx6m+5yM4ahysh
	FaAZJKyoYVy2IbMXdFRwgOP/tVaZ6huKT+vh2QbLwMVuWVegf4up0tm/HcZG4iGtTZ
	jCXVb4+AP3OS9zAMBRtmUsgfAWu3kpOF+cdxG/Mw=
Received: from smtp1.mail.yandex.net (localhost [127.0.0.1])
	by smtp1.mail.yandex.net (Yandex) with ESMTP id BB97EAA0400;
	Sun,  5 Feb 2012 19:14:21 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
	t=1328454861; bh=gFEiFmqDjktwx7xVte+4y+FPPE2092+m/5WdovZS6CY=;
	h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To:
	References:MIME-Version:Content-Type;
	b=qS1zB+FhvYOcBq3fhBtIMMHeUeMYh9YXHIT+XkeVYG4JfmsRGBdzrmGKOsl5TorfH
	2w5YxBJpU+DVyCznN9cHz2alpBkGlInAxVjByyGDLGVPnrpyfna0Qwa4TTvIaUf7TU
	cG5/5DTF6AufsEFqRbjemWQdq34muW60Vh2LYJ48=
Received: from unknown (unknown [77.93.52.19])
	by smtp1.mail.yandex.net (nwsmtp/Yandex) with ESMTP id
	EFUaRkLj-EFU4cu8i; Sun,  5 Feb 2012 19:14:15 +0400
X-Yandex-Spam: 1
Date: Sun, 5 Feb 2012 17:14:13 +0200
From: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= <kes-kes@yandex.ru>
X-Mailer: The Bat! (v4.0.24) Professional
Organization: =?utf-8?B?0KfQnyDQmtC+0L3RjNC60L7QsiwgRnJlZUxpbmU=?=
X-Priority: 3 (Normal)
Message-ID: <675283668.20120205171413@yandex.ru>
To: Bill Tillman <btillman99@yahoo.com>
In-Reply-To: <1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
	<4F2E2C97.7000400@freebsd.org>
	<1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
 boundary="----------DC1E214C1A41B231"
X-Mailman-Approved-At: Sun, 05 Feb 2012 17:20:29 +0000
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?=
	<kes-kes@yandex.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 15:14:35 -0000

------------DC1E214C1A41B231
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit

Здравствуйте, Bill.

Вы писали 5 февраля 2012 г., 14:05:13:




BT> From: Julian Elischer <julian@freebsd.org>
BT> To: Коньков Евгений <kes-kes@yandex.ru> 
BT> Cc: freebsd-net@freebsd.org; freebsd-questions@freebsd.org 
BT> Sent: Sunday, February 5, 2012 2:15 AM
BT> Subject: Re: HowTo easy use IPFW

BT> On 2/4/12 10:53 PM, Julian Elischer wrote:
>> On 2/2/12 1:33 AM, Коньков Евгений wrote:
>>> this is the mine script which helps me keep my firewall very clean and safe.
>>> 
>>> It is easy to understand even if you have a thousands ruBTWles, I think  
>>> 
>>> please comment.
>>> 
>>> PS. If anybody may, please put into ports tree. thank you.
>> 
>> it would probably be get more response if it was in a file format we had heard of.. like tar..
>> 
>>   is a ".rar"  file?
BT> BTW the  "stuffit" expander on a Mac seems to be able to handle it..

BT> I can see that this would allow you to manage very complex rule
BT> sets while keeping errors under control.

BT> I find the syntax hard to follow however
BT> I guess that comes from it being a relatively simple perl script doing the work.

BT> it would be nice to get rid of the line numbers entirely in the specifications
BT> and allow the program to completely specify them using symbolic definitions instead.



>> 
>>> 
>>> _______________________________________________
>>> freebsd-net@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>> 
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>> 
>> 

BT> _______________________________________________
BT> freebsd-questions@freebsd.org mailing list
BT> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
BT> To unsubscribe, send any mail to
BT> "freebsd-questions-unsubscribe@freebsd.org"


BT> *.rar files have been aroung a long time. They are created by a
BT> program call Winrar. I never understood the need for this because
BT> every since M$ started including support for zip files built right
BT> into Windows Explorer there's no need for additional compression
BT> utility. There are some studies which show Winrar is a little more
BT> efficient with it's compression but with today's 2 TB hard drive
BT> prices, disk space is not such a premium anymore. FreeBSD actually
BT> has a port for it /"usr/ports/archivers/rar". I have found that
BT> this program is mostly used by hackers on the bittorent sites who
BT> steal and distribute copyrighted software and transmit trojans and
BT> viruses so it's been my habbit to avoid rar files. If someone I
BT> trust sends it I will open it but I don't plan on opening up this
BT> guy's ipfw rule set for that very reason. The other reason is that
BT> any rule set with 1,000 lines in it has got to be over kill. The
BT> simplest advice I could offer here is this:

BT> The only truly safe firewall ruleset consists of one rule and that is:

BT>  deny all from any to any

BT> If you must have Internet access, and we all do then the next simplest rule set would be:

BT> Build your kernel to have IPFW deny all traffic by default
BT> Allow only the ports you deem necessary for your needs
BT> Deny all other traffic

BT> After you've examined your log files for a few weeks, turn off
BT> logging because it's usually just a bunch or crap from IP
BT> addresses in China, Amsterdam, or maybe an odd one here and there
BT> coming from another source, trying to hack into your computer. I
BT> have found over many years that it doesn't pay anything to know
BT> about all the attempted attacks. It only pays to stop them cold
BT> and the above simple rule set will do just that.

yes, and I suggest same thing: first deny all and then allow only that
packets you want to pass. so I have next default rules:
65500     deny log ip from any to any
65535     deny ip from any to any

but for the router which has many interfaces and which has flat
firewall rules it is hard to keep it clean. Mine script allow to
separate rules for each interface to its own file

Simple example:
allow any trafic through vlan153

cat f_vlan153
#################
GOSUB
 099 SPLIT



#################
#IN  TRAFIC (100-499)
 490 allow in recv $iface


#################
#out  TRAFIC (500-899)
 890 allow out xmit $iface



#################
# >=900 rules are reserved for other stuff
will be expanded as:
00999   skipto 8000 ip from any to any via vlan153
08099   skipto 8100 ip from any to any in recv vlan153
08099   skipto 8500 ip from any to any out xmit vlan153
08099   deny log ip from any to any via vlan153
08099   skipto 65000 ip from any to any
08490   allow ip from any to any in recv vlan153
08499   deny log ip from any to any via vlan153
08499   skipto 65000 ip from any to any
08890   allow ip from any to any out xmit vlan153
08899   deny log ip from any to any via vlan153
08899   skipto 65000 ip from any to any

and more complex:
nat packets that are going through vlan407, queue incoming trafic so
each host in lan will be shaped to 2Mbit/s for example.
allow some subnet and host from lan to access internet:
 10.12.50.0/24 and 10.11.43.58

I.N.E.T - your external IP like '155.7.43.16'

cat f_pipes
c pipe 52 config bw 2097152bit/s mask dst-ip 0xffffffff gred 0.002/10/30/0.1
c queue 52 config pipe 12 queue 50 mask dst-ip 0xffffffff gred 0.002/10/30/0.1

cat f_vlan407
NAT ip I.N.E.T unreg_only reset


#################
GOSUB
 099 SPLIT



#################
#IN  TRAFIC (100-499)
 256 NAT all from any to I.N.E.T in recv $iface
 275 queue 52 all from any to any in recv $iface
 490 allow in recv $iface


#################
#out  TRAFIC (500-899)

 757 NAT 101 all from 10.12.50.0/24 to any out xmit $iface
 758 NAT 101 all from 10.11.8.12 to any out xmit $iface
 890 allow out xmit $iface



#################
# >=900 rules are reserved for other stuff

will be expanded as:
00999  skipto 23000 ip from any to any via vlan407
23099  skipto 23100 ip from any to any in recv vlan407
23099  skipto 23500 ip from any to any out xmit vlan407
23099  deny log ip from any to any via vlan407
23099  skipto 65000 ip from any to any
23256  nat 101 ip from any to I.N.E.T in recv vlan407
23275  queue 52 ip from any to any in recv vlan407
23490  allow ip from any to any in recv vlan407
23499  deny log ip from any to any via vlan407
23499  skipto 65000 ip from any to any
23757  nat 101 ip from 10.12.50.0/24 to any out xmit vlan407
23758  nat 101 ip from 10.11.8.12 to any out xmit vlan407
23890  allow ip from any to any out xmit vlan407
23899  deny log ip from any to any via vlan407
23899  skipto 65000 ip from any to any

# ipfw nat show config
ipfw nat 101 config ip I.N.E.T unreg_only reset

-- 
С уважением,
 РљРѕРЅСЊРєРѕРІ                          mailto:kes-kes@yandex.ru
------------DC1E214C1A41B231--


From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 18:47:02 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 34ADE106566C
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 18:47:02 +0000 (UTC)
	(envelope-from lists@eitanadler.com)
Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com
	[209.85.215.182])
	by mx1.freebsd.org (Postfix) with ESMTP id C01FC8FC0A
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 18:47:01 +0000 (UTC)
Received: by eaan10 with SMTP id n10so2611566eaa.13
	for <freebsd-net@freebsd.org>; Sun, 05 Feb 2012 10:47:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=eitanadler.com; s=0xdeadbeef;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc:content-type:content-transfer-encoding;
	bh=BHE2V4GK77kI/6Uxt7wMCDODJEN0oT7uKkFI9qk1mzQ=;
	b=G7TPHewGCcgZDcIC2nEOUPrxbo/DZidBxYWRcIzt6qsi6uY3Pk2V5D0HUb9nks6lqX
	nAw3ABUAGwLuFBhxqHcyX+lpG2d9Xn11pbznV+T2HvkLaO4T4L0VUEtjTniF6IWQhg+X
	t3wikpZxmdXmrFajCB+ItfrzuUGWxLZOYz3cg=
Received: by 10.213.16.199 with SMTP id p7mr2345674eba.141.1328465825233; Sun,
	05 Feb 2012 10:17:05 -0800 (PST)
MIME-Version: 1.0
Received: by 10.14.28.1 with HTTP; Sun, 5 Feb 2012 10:16:35 -0800 (PST)
In-Reply-To: <1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
References: <67410574.20120202113314@yandex.ru> <4F2E274F.6000601@freebsd.org>
	<4F2E2C97.7000400@freebsd.org>
	<1328443513.34131.YahooMailNeo@web36505.mail.mud.yahoo.com>
From: Eitan Adler <lists@eitanadler.com>
Date: Sun, 5 Feb 2012 13:16:35 -0500
Message-ID: <CAF6rxgnni93wChmZME-_4DxaCiBt+dsvyVd3h2V1L=xpS=+Zog@mail.gmail.com>
To: Bill Tillman <btillman99@yahoo.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: HowTo easy use IPFW
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 18:47:02 -0000

On Sun, Feb 5, 2012 at 7:05 AM, Bill Tillman <btillman99@yahoo.com> wrote:
> The only truly safe firewall ruleset consists of one rule and that is:
>
> =C2=A0deny all from any to any

This ruleset is potentially a denial of service attack if the system
is intended to do certain useful things. You can't talk about "only
truly safe firewall ruleset" without also talking about your threat
model (and intended functionality).

--=20
Eitan Adler

From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 18:50:08 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 54BD3106566B
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 18:50:08 +0000 (UTC)
	(envelope-from mkurpel@gmail.com)
Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com
	[209.85.215.182])
	by mx1.freebsd.org (Postfix) with ESMTP id D3CF08FC0C
	for <freebsd-net@freebsd.org>; Sun,  5 Feb 2012 18:50:07 +0000 (UTC)
Received: by eaan10 with SMTP id n10so2612579eaa.13
	for <freebsd-net@freebsd.org>; Sun, 05 Feb 2012 10:50:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=message-id:date:from:user-agent:mime-version:to:subject
	:content-type:content-transfer-encoding;
	bh=fJsl5sO7uAs6NBWasn4uJfkElRwVyoJ0iyVdrtOIRGc=;
	b=s1kwZYiw9ZD8N9GefUTxWWZ6csoGYSczhPacaQRZ6z8Hp2FZeFeOgencyKC8X2I0pE
	DRB8n83mn5yKrID34M/cyHFaKt/1w5SzXcKmmQ6ED5GyaMmNrq9AYhBdsADukXDJ3Uq0
	u4Iy3gfny6kMzGgMbzuQ3Kjfh64RGBPiY69NE=
Received: by 10.213.4.148 with SMTP id 20mr877498ebr.143.1328465945140;
	Sun, 05 Feb 2012 10:19:05 -0800 (PST)
Received: from [172.17.17.17] (dial-95-105-196-185-orange.orange.sk.
	[95.105.196.185])
	by mx.google.com with ESMTPS id a58sm51092047eeb.8.2012.02.05.10.19.03
	(version=SSLv3 cipher=OTHER); Sun, 05 Feb 2012 10:19:04 -0800 (PST)
Message-ID: <4F2EC816.6080102@gmail.com>
Date: Sun, 05 Feb 2012 19:19:02 +0100
From: Matej Kurpel <mkurpel@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
	rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Multicast BIND error in jail
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 18:50:08 -0000

Hello all,
I have problems running programs that need to receive multicast traffic 
from the network in a jailed environment.
For example, a program udpxy I wanted to use, says: 
"setup_mcast_listener: bind: Can't assign requested address".
This looks like jail restriction. Unfortunately, I have no access to the 
jail host but I know people who have it. They also don't know how to 
solve this problem so I can tell them the solution if you provide me 
with any :) - please, does somebody know how to lift this restriction?
Uname -a  inside jail says (if it helps):
FreeBSD mek 8.2-RELEASE-p1 FreeBSD 8.2-RELEASE-p1 #4: Thu May 12 
06:36:55 CEST 2011     
(removed)@(removed).sk:/usr/obj/usr/src/sys/GENERIC  i386
If any other information is needed, just ask. Thanks in advance for all 
responses,

M. Kurpel

From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 19:38:27 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D38721065776;
	Sun,  5 Feb 2012 19:38:27 +0000 (UTC)
	(envelope-from andrey@zonov.org)
Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com
	[209.85.214.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 7C4268FC19;
	Sun,  5 Feb 2012 19:38:26 +0000 (UTC)
Received: by bkbzx1 with SMTP id zx1so5829045bkb.13
	for <multiple recipients>; Sun, 05 Feb 2012 11:38:25 -0800 (PST)
Received: by 10.204.145.155 with SMTP id d27mr6729477bkv.36.1328469304406;
	Sun, 05 Feb 2012 11:15:04 -0800 (PST)
Received: from [10.254.254.77] (ppp95-165-159-250.pppoe.spdop.ru.
	[95.165.159.250])
	by mx.google.com with ESMTPS id e17sm34493830bkz.13.2012.02.05.11.15.03
	(version=SSLv3 cipher=OTHER); Sun, 05 Feb 2012 11:15:04 -0800 (PST)
Message-ID: <4F2ED535.40606@zonov.org>
Date: Sun, 05 Feb 2012 23:15:01 +0400
From: Andrey Zonov <andrey@zonov.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru;
	rv:1.8.1.24) Gecko/20100228 Thunderbird/2.0.0.24 Mnenhy/0.7.6.0
MIME-Version: 1.0
To: Hiroki Sato <hrs@FreeBSD.org>
References: <20120205.033532.381149506660559829.hrs@allbsd.org>
In-Reply-To: <20120205.033532.381149506660559829.hrs@allbsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: sem@FreeBSD.org, mark@mivok.net, net@FreeBSD.org
Subject: Re: [CFT] multiple FIB support in route(8)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 19:38:27 -0000

Hi,

What do you think about adding fib support for rc.subr like we got one 
for nice?

On 04.02.2012 22:35, Hiroki Sato wrote:
> Hello,
>
>   Can anyone review/test the attached patch to add "-fib number" option
>   to route(8)?  This should simplify static route configuration across
>   multiple FIBs in rc.conf.  Just adding an -fib option like the
>   following will do the trick without changing rc.d/routing:
>
>    static_routes="foo bar"
>    route_foo="10.1.1.1/24 192.168.2.1 -fib 2"
>    route_bar="10.1.1.1/24 192.168.2.1 -fib 3"
>
>   The -fib option is supported in all subcommands but monitor.
>
> -- Hiroki

-- 
Andrey Zonov

From owner-freebsd-net@FreeBSD.ORG  Sun Feb  5 20:05:09 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8A82A106566B;
	Sun,  5 Feb 2012 20:05:09 +0000 (UTC)
	(envelope-from 000.fbsd@quip.cz)
Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4])
	by mx1.freebsd.org (Postfix) with ESMTP id 3E11F8FC1C;
	Sun,  5 Feb 2012 20:05:08 +0000 (UTC)
Received: from elsa.codelab.cz (localhost [127.0.0.1])
	by elsa.codelab.cz (Postfix) with ESMTP id 554C52842E;
	Sun,  5 Feb 2012 20:49:33 +0100 (CET)
Received: from [192.168.1.2] (ip-86-49-61-235.net.upcbroadband.cz
	[86.49.61.235])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by elsa.codelab.cz (Postfix) with ESMTPSA id 2CADD28424;
	Sun,  5 Feb 2012 20:49:32 +0100 (CET)
Message-ID: <4F2EDD4B.3010307@quip.cz>
Date: Sun, 05 Feb 2012 20:49:31 +0100
From: Miroslav Lachman <000.fbsd@quip.cz>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
	rv:1.9.1.19) Gecko/20110420 Lightning/1.0b1 SeaMonkey/2.0.14
MIME-Version: 1.0
To: Andrey Zonov <andrey@zonov.org>
References: <20120205.033532.381149506660559829.hrs@allbsd.org>
	<4F2ED535.40606@zonov.org>
In-Reply-To: <4F2ED535.40606@zonov.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Hiroki Sato <hrs@FreeBSD.org>, mark@mivok.net, net@FreeBSD.org,
	sem@FreeBSD.org
Subject: Re: [CFT] multiple FIB support in route(8)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 20:05:09 -0000

Andrey Zonov wrote:
> Hi,
>
> What do you think about adding fib support for rc.subr like we got one
> for nice?

There are PRs with patches for rc.subr for a long time without attention.
Same as with PR's adding suport for cpuset.
I don't understand why we are having some really useful tools in base 
without support in rc.conf

> On 04.02.2012 22:35, Hiroki Sato wrote:
>> Hello,
>>
>> Can anyone review/test the attached patch to add "-fib number" option
>> to route(8)? This should simplify static route configuration across
>> multiple FIBs in rc.conf. Just adding an -fib option like the
>> following will do the trick without changing rc.d/routing:
>>
>> static_routes="foo bar"
>> route_foo="10.1.1.1/24 192.168.2.1 -fib 2"
>> route_bar="10.1.1.1/24 192.168.2.1 -fib 3"
>>
>> The -fib option is supported in all subcommands but monitor.
>>
>> -- Hiroki

From owner-freebsd-net@FreeBSD.ORG  Mon Feb  6 11:07:08 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5B0E7106567A
	for <freebsd-net@FreeBSD.org>; Mon,  6 Feb 2012 11:07:08 +0000 (UTC)
	(envelope-from owner-bugmaster@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 47ED18FC2A
	for <freebsd-net@FreeBSD.org>; Mon,  6 Feb 2012 11:07:08 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q16B782c007891
	for <freebsd-net@FreeBSD.org>; Mon, 6 Feb 2012 11:07:08 GMT
	(envelope-from owner-bugmaster@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q16B77lb007889
	for freebsd-net@FreeBSD.org; Mon, 6 Feb 2012 11:07:07 GMT
	(envelope-from owner-bugmaster@FreeBSD.org)
Date: Mon, 6 Feb 2012 11:07:07 GMT
Message-Id: <201202061107.q16B77lb007889@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: gnats set sender to
	owner-bugmaster@FreeBSD.org using -f
From: FreeBSD bugmaster <bugmaster@FreeBSD.org>
To: freebsd-net@FreeBSD.org
Cc: 
Subject: Current problem reports assigned to freebsd-net@FreeBSD.org
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2012 11:07:08 -0000

Note: to view an individual PR, use:
  http://www.freebsd.org/cgi/query-pr.cgi?pr=(number).

The following is a listing of current problems submitted by FreeBSD users.
These represent problem reports covering all versions including
experimental development code and obsolete releases.


S Tracker      Resp.      Description
--------------------------------------------------------------------------------
o kern/164696  net        [netinet] [patch] [panic] VIMAGE + carp panics the ker
o kern/164569  net        [msk] [hang] msk network driver cause freeze in FreeBS
o kern/164495  net        [igb] connect double head igb to switch cause system t
o kern/164490  net        [pfil] Incorrect IP checksum on pfil pass from ip_outp
o kern/164475  net        [gre] gre misses RUNNING flag after a reboot
o kern/164400  net        [ipsec] immediate crash after the start of ipsec proce
o kern/164265  net        [netinet] [patch] tcp_lro_rx computes wrong checksum i
o kern/163903  net        [igb] "igb0:tx(0)","bpf interface lock" v2.2.5 9-STABL
o kern/163481  net        freebsd do not add itself to ping route packet
o kern/162927  net        [tun] Modem-PPP error ppp[1538]: tun0: Phase: Clearing
o kern/162926  net        [ipfilter] Infinite loop in ipfilter with fragmented I
o kern/162558  net        [dummynet] [panic] seldom dummynet panics
o kern/162509  net        [re] [panic] Kernel panic may be related to if_re.c (r
o kern/162352  net        [patch] Enhancement: add SO_PROTO to socket.h
o kern/162153  net        [em] intel em driver 7.2.4 don't compile
o kern/162110  net        [igb] [panic] RELENG_9 panics on boot in IGB driver - 
o kern/162028  net        [ixgbe] [patch] misplaced #endif in ixgbe.c
o kern/161899  net        [route] ntpd(8): Repeating RTM_MISS packets causing hi
o kern/161381  net        [re] RTL8169SC - re0: PHY write failed
o kern/161277  net        [em] [patch] BMC cannot receive IPMI traffic after loa
o kern/160873  net        [igb] igb(4) from HEAD fails to build on 7-STABLE
o kern/160750  net        Intel PRO/1000 connection breaks under load until rebo
o kern/160693  net        [gif] [em] Multicast packet are not passed from GIF0 t
o kern/160420  net        [msk] phy write timeout on HP 5310m
o kern/160293  net        [ieee80211] ppanic] kernel panic during network setup 
o kern/160206  net        [gif] gifX stops working after a while (IPv6 tunnel)
o kern/159817  net        [udp] write UDPv4: No buffer space available (code=55)
o kern/159795  net        [tcp] excessive duplicate ACKs and TCP session freezes
o kern/159629  net        [ipsec] [panic] kernel panic with IPsec in transport m
o kern/159621  net        [tcp] [panic] panic: soabort: so_count
o kern/159603  net        [netinet] [patch] in_ifscrubprefix() - network route c
o kern/159601  net        [netinet] [patch] in_scrubprefix() - loopback route re
o kern/159294  net        [em] em watchdog timeouts
o kern/159203  net        [wpi] Intel 3945ABG Wireless LAN not support IBSS
o kern/158930  net        [bpf] BPF element leak in ifp->bpf_if->bif_dlist
o kern/158726  net        [ip6] [patch] ICMPv6 Router Announcement flooding limi
o kern/158694  net        [ix] [lagg] ix0 is not working within lagg(4)
o kern/158665  net        [ip6] [panic] kernel pagefault in in6_setscope()
o kern/158635  net        [em] TSO breaks BPF packet captures with em driver
f kern/157802  net        [dummynet] [panic] kernel panic in dummynet
o kern/157785  net        amd64 + jail + ipfw + natd = very slow outbound traffi
o kern/157429  net        [re] Realtek RTL8169 doesn't work with re(4)
o kern/157418  net        [em] em driver lockup during boot on Supermicro X9SCM-
o kern/157410  net        [ip6] IPv6 Router Advertisements Cause Excessive CPU U
o kern/157287  net        [re] [panic] INVARIANTS panic (Memory modified after f
o kern/157209  net        [ip6] [patch] locking error in rip6_input() (sys/netin
o kern/157200  net        [network.subr] [patch] stf(4) can not communicate betw
o kern/157182  net        [lagg] lagg interface not working together with epair 
o kern/156877  net        [dummynet] [panic] dummynet move_pkt() null ptr derefe
o kern/156667  net        [em] em0 fails to init on CURRENT after March 17
o kern/156408  net        [vlan] Routing failure when using VLANs vs. Physical e
o kern/156328  net        [icmp]: host can ping other subnet but no have IP from
o kern/156317  net        [ip6] Wrong order of IPv6 NS DAD/MLD Report
o kern/156283  net        [ip6] [patch] nd6_ns_input - rtalloc_mpath does not re
o kern/156279  net        [if_bridge][divert][ipfw] unable to correctly re-injec
o kern/156226  net        [lagg]: failover does not announce the failover to swi
o kern/156030  net        [ip6] [panic] Crash in nd6_dad_start() due to null ptr
o kern/155772  net        ifconfig(8): ioctl (SIOCAIFADDR): File exists on direc
o kern/155680  net        [multicast] problems with multicast
s kern/155642  net        [request] Add driver for Realtek RTL8191SE/RTL8192SE W
o kern/155597  net        [panic] Kernel panics with "sbdrop" message
o kern/155420  net        [vlan] adding vlan break existent vlan
o kern/155177  net        [route] [panic] Panic when inject routes in kernel
o kern/155030  net        [igb] igb(4) DEVICE_POLLING does not work with carp(4)
o kern/155010  net        [msk] ntfs-3g via iscsi using msk driver cause kernel 
o kern/154943  net        [gif] ifconfig gifX create on existing gifX clears IP
s kern/154851  net        [request]: Port brcm80211 driver from Linux to FreeBSD
o kern/154850  net        [netgraph] [patch] ng_ether fails to name nodes when t
o kern/154679  net        [em] Fatal trap 12: "em1 taskq" only at startup (8.1-R
o kern/154600  net        [tcp] [panic] Random kernel panics on tcp_output
o kern/154557  net        [tcp] Freeze tcp-session of the clients, if in the gat
o kern/154443  net        [if_bridge] Kernel module bridgestp.ko missing after u
o kern/154286  net        [netgraph] [panic] 8.2-PRERELEASE panic in netgraph
o kern/154255  net        [nfs] NFS not responding
o kern/154214  net        [stf] [panic] Panic when creating stf interface
o kern/154185  net        race condition in mb_dupcl
o kern/154169  net        [multicast] [ip6] Node Information Query multicast add
o kern/154134  net        [ip6] stuck kernel state in LISTEN on ipv6 daemon whic
o kern/154091  net        [netgraph] [panic] netgraph, unaligned mbuf?
o conf/154062  net        [vlan] [patch] change to way of auto-generatation of v
o kern/153937  net        [ral] ralink panics the system (amd64 freeBSDD 8.X) wh
o kern/153936  net        [ixgbe] [patch] MPRC workaround incorrectly applied to
o kern/153816  net        [ixgbe] ixgbe doesn't work properly with the Intel 10g
o kern/153772  net        [ixgbe] [patch] sysctls reference wrong XON/XOFF varia
o kern/153497  net        [netgraph] netgraph panic due to race conditions
o kern/153454  net        [patch] [wlan] [urtw] Support ad-hoc and hostap modes 
o kern/153308  net        [em] em interface use 100% cpu
o kern/153244  net        [em] em(4) fails to send UDP to port 0xffff
o kern/152893  net        [netgraph] [panic] 8.2-PRERELEASE panic in netgraph
o kern/152853  net        [em] tftpd (and likely other udp traffic) fails over e
o kern/152828  net        [em] poor performance on 8.1, 8.2-PRE
o kern/152569  net        [net]: Multiple ppp connections and routing table prob
o kern/152235  net        [arp] Permanent local ARP entries are not properly upd
o kern/152141  net        [vlan] [patch] encapsulate vlan in ng_ether before out
o kern/152036  net        [libc] getifaddrs(3) returns truncated sockaddrs for n
o kern/151690  net        [ep] network connectivity won't work until dhclient is
o kern/151681  net        [nfs] NFS mount via IPv6 leads to hang on client with 
o kern/151593  net        [igb] [panic] Kernel panic when bringing up igb networ
o kern/150920  net        [ixgbe][igb] Panic when packets are dropped with heade
o kern/150557  net        [igb] igb0: Watchdog timeout -- resetting
o kern/150251  net        [patch] [ixgbe] Late cable insertion broken
o kern/150249  net        [ixgbe] Media type detection broken
o bin/150224   net        ppp(8) does not reassign static IP after kill -KILL co
f kern/149969  net        [wlan] [ral] ralink rt2661 fails to maintain connectio
o kern/149937  net        [ipfilter] [patch] kernel panic in ipfilter IP fragmen
o kern/149643  net        [rum] device not sending proper beacon frames in ap mo
o kern/149609  net        [panic] reboot after adding second default route
o kern/149117  net        [inet] [patch] in_pcbbind: redundant test
o kern/149086  net        [multicast] Generic multicast join failure in 8.1
o kern/148018  net        [flowtable] flowtable crashes on ia64
o kern/147912  net        [boot] FreeBSD 8 Beta won't boot on Thinkpad i1300  11
o kern/147894  net        [ipsec] IPv6-in-IPv4 does not work inside an ESP-only 
o kern/147155  net        [ip6] setfb not work with ipv6
o kern/146845  net        [libc] close(2) returns error 54 (connection reset by 
f kern/146792  net        [flowtable] flowcleaner 100% cpu's core load
o kern/146719  net        [pf] [panic] PF or dumynet kernel panic
o kern/146534  net        [icmp6] wrong source address in echo reply
o kern/146427  net        [mwl] Additional virtual access points don't work on m
o kern/146426  net        [mwl] 802.11n rates not possible on mwl
o kern/146425  net        [mwl] mwl dropping all packets during and after high u
f kern/146394  net        [vlan] IP source address for outgoing connections
o bin/146377   net        [ppp] [tun] Interface doesn't clear addresses when PPP
o kern/146358  net        [vlan] wrong destination MAC address
o kern/146165  net        [wlan] [panic] Setting bssid in adhoc mode causes pani
o kern/146082  net        [ng_l2tp] a false invaliant check was performed in ng_
o kern/146037  net        [panic] mpd + CoA = kernel panic
o kern/145825  net        [panic] panic: soabort: so_count
o kern/145728  net        [lagg] Stops working lagg between two servers.
p kern/145600  net        TCP/ECN behaves different to CE/CWR than ns2 reference
f kern/144917  net        [flowtable] [panic] flowtable crashes system [regressi
o kern/144882  net        MacBookPro =>4.1 does not connect to BSD in hostap wit
o kern/144874  net        [if_bridge] [patch] if_bridge frees mbuf after pfil ho
o conf/144700  net        [rc.d] async dhclient breaks stuff for too many people
o kern/144616  net        [nat] [panic] ip_nat panic FreeBSD 7.2
f kern/144315  net        [ipfw] [panic] freebsd 8-stable reboot after add ipfw 
o kern/144231  net        bind/connect/sendto too strict about sockaddr length
o kern/143846  net        [gif] bringing gif3 tunnel down causes gif0 tunnel to 
s kern/143673  net        [stf] [request] there should be a way to support multi
s kern/143666  net        [ip6] [request] PMTU black hole detection not implemen
o kern/143622  net        [pfil] [patch] unlock pfil lock while calling firewall
o kern/143593  net        [ipsec] When using IPSec, tcpdump doesn't show outgoin
o kern/143591  net        [ral] RT2561C-based DLink card (DWL-510) fails to work
o kern/143208  net        [ipsec] [gif] IPSec over gif interface not working
o kern/143034  net        [panic] system reboots itself in tcp code [regression]
o kern/142877  net        [hang] network-related repeatable 8.0-STABLE hard hang
o kern/142774  net        Problem with outgoing connections on interface with mu
o kern/142772  net        [libc] lla_lookup: new lle malloc failed
o kern/142018  net        [iwi] [patch] Possibly wrong interpretation of beacon-
o kern/141861  net        [wi] data garbled with WEP and wi(4) with Prism 2.5
f kern/141741  net        Etherlink III NIC won't work after upgrade to FBSD 8, 
o kern/140742  net        rum(4) Two asus-WL167G adapters cannot talk to each ot
o kern/140682  net        [netgraph] [panic] random panic in netgraph
o kern/140634  net        [vlan] destroying if_lagg interface with if_vlan membe
o kern/140619  net        [ifnet] [patch] refine obsolete if_var.h comments desc
o kern/140346  net        [wlan] High bandwidth use causes loss of wlan connecti
o kern/140142  net        [ip6] [panic] FreeBSD 7.2-amd64 panic w/IPv6
o kern/140066  net        [bwi] install report for 8.0 RC 2 (multiple problems)
o kern/139565  net        [ipfilter] ipfilter ioctl SIOCDELST broken
o kern/139387  net        [ipsec] Wrong lenth of PF_KEY messages in promiscuous 
o bin/139346   net        [patch] arp(8) add option to remove static entries lis
o kern/139268  net        [if_bridge] [patch] allow if_bridge to forward just VL
p kern/139204  net        [arp] DHCP server replies rejected, ARP entry lost bef
o kern/139117  net        [lagg] + wlan boot timing (EBUSY)
o kern/139058  net        [ipfilter] mbuf cluster leak on FreeBSD 7.2
o kern/138850  net        [dummynet] dummynet doesn't work correctly on a bridge
o kern/138782  net        [panic] sbflush_internal: cc 0 || mb 0xffffff004127b00
o kern/138688  net        [rum] possibly broken on 8 Beta 4 amd64: able to wpa a
o kern/138678  net        [lo] FreeBSD does not assign linklocal address to loop
o kern/138620  net        [lagg] [patch] lagg port bpf-writes blocked
o kern/138407  net        [gre] gre(4) interface does not come up after reboot
o kern/138332  net        [tun] [lor] ifconfig tun0 destroy causes LOR if_adata/
o kern/138266  net        [panic] kernel panic when udp benchmark test used as r
o kern/138177  net        [ipfilter] FreeBSD crashing repeatedly in ip_nat.c:257
f kern/138029  net        [bpf] [panic] periodically kernel panic and reboot
o kern/137881  net        [netgraph] [panic] ng_pppoe fatal trap 12
p bin/137841   net        [patch] wpa_supplicant(8) cannot verify SHA256 signed 
p kern/137776  net        [rum] panic in rum(4) driver on 8.0-BETA2
o bin/137641   net        ifconfig(8): various problems with "vlan_device.vlan_i
o kern/137392  net        [ip] [panic] crash in ip_nat.c line 2577
o kern/137372  net        [ral] FreeBSD doesn't support wireless interface from 
o kern/137089  net        [lagg] lagg falsely triggers IPv6 duplicate address de
o bin/136994   net        [patch] ifconfig(8) print carp mac address
o kern/136911  net        [netgraph] [panic] system panic on kldload ng_bpf.ko t
o kern/136618  net        [pf][stf] panic on cloning interface without unit numb
o kern/135502  net        [periodic] Warning message raised by rtfree function i
o kern/134583  net        [hang] Machine with jail freezes after random amount o
o kern/134531  net        [route] [panic] kernel crash related to routes/zebra
o kern/134157  net        [dummynet] dummynet loads cpu for 100% and make a syst
o kern/133969  net        [dummynet] [panic] Fatal trap 12: page fault while in 
o kern/133968  net        [dummynet] [panic] dummynet kernel panic
o kern/133736  net        [udp] ip_id not protected ...
o kern/133595  net        [panic] Kernel Panic at pcpu.h:195
o kern/133572  net        [ppp] [hang] incoming PPTP connection hangs the system
o kern/133490  net        [bpf] [panic] 'kmem_map too small' panic on Dell r900 
o kern/133235  net        [netinet] [patch] Process SIOCDLIFADDR command incorre
f kern/133213  net        arp and sshd errors on 7.1-PRERELEASE
o kern/133060  net        [ipsec] [pfsync] [panic] Kernel panic with ipsec + pfs
o kern/132889  net        [ndis] [panic] NDIS kernel crash on load BCM4321 AGN d
o conf/132851  net        [patch] rc.conf(5): allow to setfib(1) for service run
o kern/132734  net        [ifmib] [panic] panic in net/if_mib.c
o kern/132705  net        [libwrap] [patch] libwrap - infinite loop if hosts.all
o kern/132672  net        [ndis] [panic] ndis with rt2860.sys causes kernel pani
o kern/132554  net        [ipl] There is no ippool start script/ipfilter magic t
o kern/132354  net        [nat] Getting some packages to ipnat(8) causes crash
o kern/132277  net        [crypto] [ipsec] poor performance using cryptodevice f
o kern/131781  net        [ndis] ndis keeps dropping the link
o kern/131776  net        [wi] driver fails to init
o kern/131753  net        [altq] [panic] kernel panic in hfsc_dequeue
o kern/131601  net        [ipfilter] [panic] 7-STABLE panic in nat_finalise (tcp
o bin/131567   net        [socket] [patch] Update for regression/sockets/unix_cm
o bin/131365   net        route(8): route add changes interpretation of network 
f kern/130820  net        [ndis] wpa_supplicant(8) returns 'no space on device'
o kern/130628  net        [nfs] NFS / rpc.lockd deadlock on 7.1-R
o conf/130555  net        [rc.d] [patch] No good way to set ipfilter variables a
o kern/130525  net        [ndis] [panic] 64 bit ar5008 ndisgen-erated driver cau
o kern/130311  net        [wlan_xauth] [panic] hostapd restart causing kernel pa
o kern/130109  net        [ipfw] Can not set fib for packets originated from loc
f kern/130059  net        [panic] Leaking 50k mbufs/hour
f kern/129719  net        [nfs] [panic] Panic during shutdown, tcp_ctloutput: in
o kern/129517  net        [ipsec] [panic] double fault / stack overflow
f kern/129508  net        [carp] [panic] Kernel panic with EtherIP (may be relat
o kern/129219  net        [ppp] Kernel panic when using kernel mode ppp
o kern/129197  net        [panic] 7.0 IP stack related panic
o bin/128954   net        ifconfig(8) deletes valid routes
o bin/128602   net        [an] wpa_supplicant(8) crashes with an(4)
o kern/128448  net        [nfs] 6.4-RC1 Boot Fails if NFS Hostname cannot be res
o bin/128295   net        [patch] ifconfig(8) does not print TOE4 or TOE6 capabi
o bin/128001   net        wpa_supplicant(8), wlan(4), and wi(4) issues
o kern/127826  net        [iwi] iwi0 driver has reduced performance and connecti
o kern/127815  net        [gif] [patch] if_gif does not set vlan attributes from
o kern/127724  net        [rtalloc] rtfree: 0xc5a8f870 has 1 refs
f bin/127719   net        [arp] arp: Segmentation fault (core dumped)
f kern/127528  net        [icmp]: icmp socket receives icmp replies not owned by
p kern/127360  net        [socket] TOE socket options missing from sosetopt()
o bin/127192   net        routed(8) removes the secondary alias IP of interface 
f kern/127145  net        [wi]: prism (wi) driver crash at bigger traffic
o kern/126895  net        [patch] [ral] Add antenna selection (marked as TBD)
o kern/126874  net        [vlan]: Zebra problem if ifconfig vlanX destroy
o kern/126695  net        rtfree messages and network disruption upon use of if_
o kern/126339  net        [ipw] ipw driver drops the connection
o kern/126075  net        [inet] [patch] internet control accesses beyond end of
o bin/125922   net        [patch] Deadlock in arp(8)
o kern/125920  net        [arp] Kernel Routing Table loses Ethernet Link status 
o kern/125845  net        [netinet] [patch] tcp_lro_rx() should make use of hard
o kern/125258  net        [socket] socket's SO_REUSEADDR option does not work
o kern/125239  net        [gre] kernel crash when using gre
o kern/124341  net        [ral] promiscuous mode for wireless device ral0 looses
o kern/124225  net        [ndis] [patch] ndis network driver sometimes loses net
o kern/124160  net        [libc] connect(2) function loops indefinitely
o kern/124021  net        [ip6] [panic] page fault in nd6_output()
o kern/123968  net        [rum] [panic] rum driver causes kernel panic with WPA.
o kern/123892  net        [tap] [patch] No buffer space available
o kern/123890  net        [ppp] [panic] crash & reboot on work with PPP low-spee
o kern/123858  net        [stf] [patch] stf not usable behind a NAT
o kern/123796  net        [ipf] FreeBSD 6.1+VPN+ipnat+ipf: port mapping does not
o kern/123758  net        [panic] panic while restarting net/freenet6
o bin/123633   net        ifconfig(8) doesn't set inet and ether address in one 
o kern/123559  net        [iwi] iwi periodically disassociates/associates [regre
o bin/123465   net        [ip6] route(8): route add -inet6 <ipv6_addr> -interfac
o kern/123463  net        [ipsec] [panic] repeatable crash related to ipsec-tool
o conf/123330  net        [nsswitch.conf] Enabling samba wins in nsswitch.conf c
o kern/123160  net        [ip] Panic and reboot at sysctl kern.polling.enable=0
o kern/122989  net        [swi] [panic] 6.3 kernel panic in swi1: net
o kern/122954  net        [lagg] IPv6 EUI64 incorrectly chosen for lagg devices
f kern/122780  net        [lagg] tcpdump on lagg interface during high pps wedge
o kern/122685  net        It is not visible passing packets in tcpdump(1)
o kern/122319  net        [wi] imposible to enable ad-hoc demo mode with Orinoco
o kern/122290  net        [netgraph] [panic] Netgraph related "kmem_map too smal
o kern/122033  net        [ral] [lor] Lock order reversal in ral0 at bootup ieee
o bin/121895   net        [patch] rtsol(8)/rtsold(8) doesn't handle managed netw
s kern/121774  net        [swi] [panic] 6.3 kernel panic in swi1: net
o kern/121555  net        [panic] Fatal trap 12: current process = 12 (swi1: net
o kern/121443  net        [gif] [lor] icmp6_input/nd6_lookup
o kern/121437  net        [vlan] Routing to layer-2 address does not work on VLA
o bin/121359   net        [patch] [security] ppp(8): fix local stack overflow in
o kern/121257  net        [tcp] TSO + natd  -> slow outgoing tcp traffic
o kern/121181  net        [panic] Fatal trap 3: breakpoint instruction fault whi
o kern/120966  net        [rum] kernel panic with if_rum and WPA encryption
o kern/120566  net        [request]: ifconfig(8) make order of arguments more fr
o kern/120304  net        [netgraph] [patch] netgraph source assumes 32-bit time
o kern/120266  net        [udp] [panic] gnugk causes kernel panic when closing U
o bin/120060   net        routed(8) deletes link-level routes in the presence of
o kern/119945  net        [rum] [panic] rum device in hostap mode, cause kernel 
o kern/119791  net        [nfs] UDP NFS mount of aliased IP addresses from a Sol
o kern/119617  net        [nfs] nfs error on wpa network when reseting/shutdown
f kern/119516  net        [ip6] [panic] _mtx_lock_sleep: recursed on non-recursi
o kern/119432  net        [arp] route add -host <host> -iface <nic> causes arp e
o kern/119225  net        [wi] 7.0-RC1 no carrier with Prism 2.5 wifi card [regr
o kern/118727  net        [netgraph] [patch] [request] add new ng_pf module
o kern/117423  net        [vlan] Duplicate IP on different interfaces
o bin/117339   net        [patch] route(8): loading routing management commands 
o kern/117271  net        [tap] OpenVPN TAP uses 99% CPU on releng_6 when if_tap
o bin/116643   net        [patch] [request] fstat(1): add INET/INET6 socket deta
o kern/116185  net        [iwi] if_iwi driver leads system to reboot
o kern/115239  net        [ipnat] panic with 'kmem_map too small' using ipnat
o kern/115019  net        [netgraph] ng_ether upper hook packet flow stops on ad
o kern/115002  net        [wi] if_wi timeout. failed allocation (busy bit). ifco
o kern/114915  net        [patch] [pcn] pcn (sys/pci/if_pcn.c) ethernet driver f
o kern/113432  net        [ucom] WARNING: attempt to net_add_domain(netgraph) af
o kern/112722  net        [ipsec] [udp] IP v4 udp fragmented packet reject
o kern/112686  net        [patm] patm driver freezes System (FreeBSD 6.2-p4) i38
o bin/112557   net        [patch] ppp(8) lock file should not use symlink name
o kern/112528  net        [nfs] NFS over TCP under load hangs with "impossible p
o kern/111537  net        [inet6] [patch] ip6_input() treats mbuf cluster wrong
o kern/111457  net        [ral] ral(4) freeze
o kern/110284  net        [if_ethersubr] Invalid Assumption in SIOCSIFADDR in et
o kern/110249  net        [kernel] [regression] [patch] setsockopt() error regre
o kern/109470  net        [wi] Orinoco Classic Gold PC Card Can't Channel Hop
o bin/108895   net        pppd(8): PPPoE dead connections on 6.2 [regression]
o kern/107944  net        [wi] [patch] Forget to unlock mutex-locks
o conf/107035  net        [patch] bridge(8): bridge interface given in rc.conf n
o kern/106444  net        [netgraph] [panic] Kernel Panic on Binding to an ip to
o kern/106438  net        [ipf] ipfilter: keep state does not seem to allow repl
o kern/106316  net        [dummynet] dummynet with multipass ipfw drops packets 
o kern/105945  net        Address can disappear from network interface
s kern/105943  net        Network stack may modify read-only mbuf chain copies
o bin/105925   net        problems with ifconfig(8) and vlan(4) [regression]
o kern/104851  net        [inet6] [patch] On link routes not configured when usi
o kern/104751  net        [netgraph] kernel panic, when getting info about my tr
o kern/103191  net        Unpredictable reboot
o kern/103135  net        [ipsec] ipsec with ipfw divert (not NAT) encodes a pac
o kern/102540  net        [netgraph] [patch] supporting vlan(4) by ng_fec(4)
o conf/102502  net        [netgraph] [patch] ifconfig name does't rename netgrap
o kern/102035  net        [plip] plip networking disables parallel port printing
o kern/101948  net        [ipf] [panic] Kernel Panic Trap No 12 Page Fault - cau
o kern/100709  net        [libc] getaddrinfo(3) should return TTL info
o kern/100519  net        [netisr] suggestion to fix suboptimal network polling
o kern/98978   net        [ipf] [patch] ipfilter drops OOW packets under 6.1-Rel
o kern/98597   net        [inet6] Bug in FreeBSD 6.1 IPv6 link-local DAD procedu
o bin/98218    net        wpa_supplicant(8) blacklist not working
o kern/97306   net        [netgraph] NG_L2TP locks after connection with failed 
o conf/97014   net        [gif] gifconfig_gif? in rc.conf does not recognize IPv
f kern/96268   net        [socket] TCP socket performance drops by 3000% if pack
o kern/95519   net        [ral] ral0 could not map mbuf
o kern/95288   net        [pppd] [tty] [panic] if_ppp panic in sys/kern/tty_subr
o kern/95277   net        [netinet] [patch] IP Encapsulation mask_match() return
o kern/95267   net        packet drops periodically appear
f kern/93378   net        [tcp] Slow data transfer in Postfix and Cyrus IMAP (wo
o kern/93019   net        [ppp] ppp and tunX problems: no traffic after restarti
o kern/92880   net        [libc] [patch] almost rewritten inet_network(3) functi
s kern/92279   net        [dc] Core faults everytime I reboot, possible NIC issu
o kern/91859   net        [ndis] if_ndis does not work with Asus WL-138
s kern/91777   net        [ipf] [patch] wrong behaviour with skip rule inside an
o kern/91364   net        [ral] [wep] WF-511 RT2500 Card PCI and WEP
o kern/91311   net        [aue] aue interface hanging
s kern/90086   net        [hang] 5.4p8 on supermicro P8SCT hangs during boot if 
o kern/87521   net        [ipf] [panic] using ipfilter "auth" keyword leads to k
o kern/87421   net        [netgraph] [panic]: ng_ether + ng_eiface + if_bridge
s kern/86920   net        [ndis] ifconfig: SIOCS80211: Invalid argument [regress
o kern/86871   net        [tcp] [patch] allocation logic for PCBs in TIME_WAIT s
o kern/86427   net        [lor] Deadlock with FASTIPSEC and nat
o kern/86103   net        [ipf] Illegal NAT Traversal in IPFilter
o kern/85780   net        'panic: bogus refcnt 0' in routing/ipv6
o bin/85445    net        ifconfig(8): deprecated keyword to ifconfig inoperativ
p kern/85320   net        [gre] [patch] possible depletion of kernel stack in ip
o bin/82975    net        route change does not parse classfull network as given
o kern/82881   net        [netgraph] [panic] ng_fec(4) causes kernel panic after
o kern/82468   net        Using 64MB tcp send/recv buffers, trafficflow stops, i
o bin/82185    net        [patch] ndp(8) can delete the incorrect entry
o kern/81095   net        IPsec connection stops working if associated network i
o kern/78968   net        FreeBSD freezes on mbufs exhaustion (network interface
o kern/78090   net        [ipf] ipf filtering on bridged packets doesn't work if
o kern/77341   net        [ip6] problems with IPV6 implementation
o kern/77273   net        [ipf] ipfilter breaks ipv6 statefull filtering on 5.3
s kern/77195   net        [ipf] [patch] ipfilter ioctl SIOCGNATL does not match 
o kern/75873   net        Usability problem with non-RFC-compliant IP spoof prot
s kern/75407   net        [an] an(4): no carrier after short time
a kern/71474   net        [route] route lookup does not skip interfaces marked d
o kern/71469   net        default route to internet magically disappears with mu
o kern/70904   net        [ipf] ipfilter ipnat problem with h323 proxy support
o kern/68889   net        [panic] m_copym, length > size of mbuf chain
o kern/66225   net        [netgraph] [patch] extend ng_eiface(4) control message
o kern/65616   net        IPSEC can't detunnel GRE packets after real ESP encryp
s kern/60293   net        [patch] FreeBSD arp poison patch
a kern/56233   net        IPsec tunnel (ESP) over IPv6: MTU computation is wrong
s bin/41647    net        ifconfig(8) doesn't accept lladdr along with inet addr
s kern/39937   net        ipstealth issue
a kern/38554   net        [patch] changing interface ipaddress doesn't seem to w
o kern/34665   net        [ipf] [hang] ipfilter rcmd proxy "hangs".
o kern/31940   net        ip queue length too short for >500kpps
o kern/31647   net        [libc] socket calls can return undocumented EINVAL
o kern/30186   net        [libc] getaddrinfo(3) does not handle incorrect servna
o kern/27474   net        [ipf] [ppp] Interactive use of user PPP and ipfilter c
f kern/24959   net        [patch] proper TCP_NOPUSH/TCP_CORK compatibility
o conf/23063   net        [arp] [patch] for static ARP tables in rc.network
o kern/21998   net        [socket] [patch] ident only for outgoing connections
o kern/5877    net        [socket] sb_cc counts control data as well as data dat

387 problems total.


From owner-freebsd-net@FreeBSD.ORG  Mon Feb  6 11:50:09 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BF264106566B
	for <freebsd-net@hub.freebsd.org>; Mon,  6 Feb 2012 11:50:09 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id AE47A8FC08
	for <freebsd-net@hub.freebsd.org>; Mon,  6 Feb 2012 11:50:09 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q16Bo9tP051684
	for <freebsd-net@freefall.freebsd.org>; Mon, 6 Feb 2012 11:50:09 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q16Bo9Op051683;
	Mon, 6 Feb 2012 11:50:09 GMT (envelope-from gnats)
Date: Mon, 6 Feb 2012 11:50:09 GMT
Message-Id: <201202061150.q16Bo9Op051683@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Gleb Smirnoff <glebius@FreeBSD.org>
Cc: 
Subject: Re: kern/164696: VIMAGE + carp panics the kernel
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Gleb Smirnoff <glebius@FreeBSD.org>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2012 11:50:09 -0000

The following reply was made to PR kern/164696; it has been noted by GNATS.

From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Nikos Vassiliadis <nvass@gmx.com>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/164696: VIMAGE + carp panics the kernel
Date: Mon, 6 Feb 2012 15:47:41 +0400

 --TakKZr9L6Hm6aLOc
 Content-Type: text/plain; charset=koi8-r
 Content-Disposition: inline
 
   Hi, Nikos!
 
 On Wed, Feb 01, 2012 at 10:40:35PM +0000, Nikos Vassiliadis wrote:
 N> >Description:
 N> Trying to use a carp interface in a VIMAGE enabled kernel, panics the kernel.
 
 Can you please test another patch, that is attached?
 
 -- 
 Totus tuus, Glebius.
 
 --TakKZr9L6Hm6aLOc
 Content-Type: text/x-diff; charset=koi8-r
 Content-Disposition: attachment; filename="164696.diff"
 
 Index: ip_carp.c
 ===================================================================
 --- ip_carp.c	(revision 231067)
 +++ ip_carp.c	(working copy)
 @@ -707,19 +707,24 @@
  	LIST_FOREACH(sc, &carp_list, sc_next)
  		if (sc->sc_state == MASTER) {
  			CARP_LOCK(sc);
 +			CURVNET_SET(sc->sc_carpdev->if_vnet);
  			carp_send_ad_locked(sc);
 +			CURVNET_RESTORE();
  			CARP_UNLOCK(sc);
  		}
  	mtx_unlock(&carp_mtx);
  }
  
 +/* Send a periodic advertisement, executed in callout context. */
  static void
  carp_send_ad(void *v)
  {
  	struct carp_softc *sc = v;
  
  	CARP_LOCK_ASSERT(sc);
 +	CURVNET_SET(sc->sc_carpdev->if_vnet);
  	carp_send_ad_locked(sc);
 +	CURVNET_RESTORE();
  	CARP_UNLOCK(sc);
  }
  
 @@ -1090,6 +1095,7 @@
  	return (0);
  }
  
 +/* Master down timeout event, executed in callout context. */
  static void
  carp_master_down(void *v)
  {
 @@ -1097,12 +1103,14 @@
  
  	CARP_LOCK_ASSERT(sc);
  
 +	CURVNET_SET(sc->sc_carpdev->if_vnet);
  	if (sc->sc_state == BACKUP) {
  		CARP_LOG("VHID %u@%s: BACKUP -> MASTER (master down)\n",
  		    sc->sc_vhid,
  		    sc->sc_carpdev->if_xname);
  		carp_master_down_locked(sc);
  	}
 +	CURVNET_RESTORE();
  
  	CARP_UNLOCK(sc);
  }
 
 --TakKZr9L6Hm6aLOc--

From owner-freebsd-net@FreeBSD.ORG  Tue Feb  7 08:50:11 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D52D6106564A
	for <freebsd-net@hub.freebsd.org>; Tue,  7 Feb 2012 08:50:11 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id A2CFF8FC15
	for <freebsd-net@hub.freebsd.org>; Tue,  7 Feb 2012 08:50:11 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q178oBDB051459
	for <freebsd-net@freefall.freebsd.org>; Tue, 7 Feb 2012 08:50:11 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q178oBpN051457;
	Tue, 7 Feb 2012 08:50:11 GMT (envelope-from gnats)
Date: Tue, 7 Feb 2012 08:50:11 GMT
Message-Id: <201202070850.q178oBpN051457@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Nikos Vassiliadis <nvass@gmx.com>
Cc: 
Subject: Re: kern/164696: VIMAGE + carp panics the kernel
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Nikos Vassiliadis <nvass@gmx.com>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 08:50:11 -0000

The following reply was made to PR kern/164696; it has been noted by GNATS.

From: Nikos Vassiliadis <nvass@gmx.com>
To: Gleb Smirnoff <glebius@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/164696: VIMAGE + carp panics the kernel
Date: Tue, 07 Feb 2012 10:46:57 +0200

 On 2/6/2012 1:47 PM, Gleb Smirnoff wrote:
 >    Hi, Nikos!
 >
 > On Wed, Feb 01, 2012 at 10:40:35PM +0000, Nikos Vassiliadis wrote:
 > N>  >Description:
 > N>  Trying to use a carp interface in a VIMAGE enabled kernel, panics the kernel.
 >
 > Can you please test another patch, that is attached?
 >
 
 Yes, it works. Please, commit it.
 
 Thanks!

From owner-freebsd-net@FreeBSD.ORG  Tue Feb  7 14:41:00 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E8E79106566C
	for <freebsd-net@freebsd.org>; Tue,  7 Feb 2012 14:41:00 +0000 (UTC)
	(envelope-from tmulkar@sandvine.com)
Received: from mail1.sandvine.com (Mail1.sandvine.com [64.7.137.134])
	by mx1.freebsd.org (Postfix) with ESMTP id 8EF148FC19
	for <freebsd-net@freebsd.org>; Tue,  7 Feb 2012 14:41:00 +0000 (UTC)
Received: from blr-exch-1.sandvine.com (10.30.4.60) by WTL-EXCH-1.sandvine.com
	(192.168.196.31) with Microsoft SMTP Server (TLS) id 14.1.339.1;
	Tue, 7 Feb 2012 09:30:11 -0500
Received: from BLR-EXCH-1.sandvine.com ([fe80::b896:bd62:3a8d:e51d]) by
	blr-exch-1.sandvine.com ([fe80::b896:bd62:3a8d:e51d%16]) with mapi id
	14.01.0289.001; Tue, 7 Feb 2012 20:00:09 +0530
From: Tushar Mulkar <tmulkar@sandvine.com>
To: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Thread-Topic: [PATCH] if_lagg driver enhancements. 
Thread-Index: AczlpP1OgZtGvpS8Rw6M7AAnxRmPvA==
Date: Tue, 7 Feb 2012 14:30:08 +0000
Message-ID: <26E6BFB8942F2949A1501D4878FAEA152CD50451@blr-exch-1.sandvine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.30.10.51]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [PATCH] if_lagg driver enhancements. 
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 14:41:01 -0000

Hello,
A patch is developed that has following enhancements in lagg driver

- Sending a gratuitous ARP when link state changes on primary port of=20
  lag (kern/156226)
- Support of new ioctl command to change primary port of the lag

These enhancements are quite handy and useful. Please check if it can=20
be added to FreeBSD


------------------------------------------------------------------
--- /vobs/fw-bsd/src/sys/net/if_lagg.c     2012-01-24 05:28:25.000000000 -0=
500
+++ /vobs/fw-bsd/src/sys/net/if_lagg.c     2012-02-03 09:11:50.000000000 -0=
500
@@ -54,13 +54,19 @@

 #ifdef INET
#include <netinet/in.h>
+#include <netinet/in_var.h>
#include <netinet/in_systm.h>
#include <netinet/if_ether.h>
#include <netinet/ip.h>
#endif

 #ifdef INET6
+#include <netinet/icmp6.h>
#include <netinet/ip6.h>
+#include <netinet6/ip6_var.h>
+#include <netinet6/in6_var.h>
+#include <netinet6/scope6_var.h>
+#include <netinet6/nd6.h>
#endif

 #include <net/if_vlan_var.h>
@@ -746,6 +752,7 @@

     switch (dst->sa_family) {
          case pseudo_AF_HDRCMPLT:
+                        return ((*lp->lp_output)(ifp, m, dst, ro));
          case AF_UNSPEC:
               eh =3D (struct ether_header *)dst->sa_data;
               type =3D eh->ether_type;
@@ -1053,7 +1060,38 @@
          error =3D EINVAL;
          break;

-    default:
+        case SIOCSPLAGGPORT:
+
+                if (rp->rp_portname[0] =3D=3D '\0' ||
+                   (tpif =3D ifunit(rp->rp_portname)) =3D=3D NULL) {
+                        error =3D EINVAL;
+                        break;
+                }
+
+                LAGG_WLOCK(sc);
+                if ((lp =3D (struct lagg_port *)tpif->if_lagg) =3D=3D NULL=
 ||
+                    lp->lp_softc !=3D sc) {
+                        error =3D ENOENT;
+                        LAGG_WUNLOCK(sc);
+                        break;
+                }
+                /* This port is already primary port no need to do any thi=
ng */=20
+                if(SLIST_FIRST(&sc->sc_ports)=3D=3D lp){
+                  LAGG_WUNLOCK(sc);
+              return (error);
+                }
+                else{
+               SLIST_REMOVE(&sc->sc_ports, lp, lagg_port, lp_entries);
+               SLIST_INSERT_HEAD(&sc->sc_ports, lp, lp_entries);
+               sc->sc_primary =3D lp;=20
+               lagg_lladdr(sc, lp->lp_lladdr);
+               sc->sc_ifp->if_mtu =3D tpif->if_mtu;
+               SLIST_FOREACH(lp, &sc->sc_ports, lp_entries)
+               lagg_port_lladdr(lp, IF_LLADDR(ifp));
+               LAGG_WUNLOCK(sc);
+          }=20
+          break;    =20
+         default:
          error =3D ether_ioctl(ifp, cmd, data);
          break;
    }
@@ -1309,17 +1347,47 @@
{
    struct lagg_port *lp =3D (struct lagg_port *)ifp->if_lagg;
    struct lagg_softc *sc =3D NULL;
+    struct ifaddr *ifa ;=20
+    struct in6_ifaddr *ia =3D NULL;=20
+    struct in6_addr *in6 =3D NULL;=20
+    struct ifaddrhead ifaddrh;
+    struct in_ifaddr *laddr =3D NULL;=20
=20
     if (lp !=3D NULL)
          sc =3D lp->lp_softc;
    if (sc =3D=3D NULL)
          return;
-
+   =20
    LAGG_WLOCK(sc);
    lagg_linkstate(sc);
+       =20
     if (sc->sc_linkstate !=3D NULL)
          (*sc->sc_linkstate)(lp);
+   =20
    LAGG_WUNLOCK(sc);
+        =20
+        /* If status changed on primary port send gratuitous ARP */
+
+    if(sc->sc_primary =3D=3D lp){
+          IFP_TO_IA(sc->sc_ifp, laddr);
+          if (laddr =3D=3D NULL)
+               return;
+          ifaddrh =3D sc->sc_ifp->if_addrhead;
+          TAILQ_FOREACH(ifa, &ifaddrh, ifa_link) {
+#ifdef INET
+               if(ifa->ifa_addr->sa_family =3D=3D AF_INET)
+                    arp_ifinit(sc->sc_ifp,(struct ifaddr *) laddr);
+#endif
+
+#ifdef INET6
+               if (ifa->ifa_addr->sa_family =3D=3D AF_INET6){
+                    ia =3D in6ifa_ifpforlinklocal(sc->sc_ifp, 0);
+                    in6 =3D &ifatoia6(ifa)->ia_addr.sin6_addr;
+                    nd6_ns_output(sc->sc_ifp, NULL,in6, 0, 1);
+               }   =20
+#endif
+          }
+    }
}

 struct lagg_port *
--- /vobs/fw-bsd/src/sys/net/if_lagg.h     2012-02-03 03:45:32.000000000 -0=
500
+++ /vobs/fw-bsd/src/sys/net/if_lagg.h     2012-02-03 03:53:18.000000000 -0=
500
@@ -119,6 +119,7 @@

 #define   SIOCGLAGG       _IOWR('i', 143, struct lagg_reqall)
#define   SIOCSLAGG       _IOW('i', 144, struct lagg_reqall)
+#define   SIOCSPLAGGPORT       _IOWR('i', 145, struct lagg_reqport)

 #ifdef _KERNEL
/*
--- /vobs/fw-bsd/src/sbin/ifconfig/iflagg.c     2012-02-03 00:48:38.0000000=
00 -0500
+++ /vobs/fw-bsd/src/sbin/ifconfig/iflagg.c     2012-02-03 01:41:34.0000000=
00 -0500
@@ -43,6 +43,18 @@
    if (ioctl(s, SIOCSLAGGPORT, &rp))
          err(1, "SIOCSLAGGPORT");
}
+static void=20
+setlaggpport(const char *val, int d, int s, const struct afswtch *afp)
+{
+    struct lagg_reqport rp;
+
+    bzero(&rp, sizeof(rp));
+    strlcpy(rp.rp_ifname, name, sizeof(rp.rp_ifname));
+    strlcpy(rp.rp_portname, val, sizeof(rp.rp_portname));
+
+    if (ioctl(s, SIOCSLAGGPPORT, &rp))
+          err(1, "SIOCSLAGPPORT");
+}

 static void
unsetlaggport(const char *val, int d, int s, const struct afswtch *afp)
@@ -174,6 +186,7 @@
    DEF_CMD_ARG("laggport",         setlaggport),
    DEF_CMD_ARG("-laggport",   unsetlaggport),
    DEF_CMD_ARG("laggproto",   setlaggproto),
+    DEF_CMD_ARG("laggpport",   setlaggpport),
};
static struct afswtch af_lagg =3D {
    .af_name   =3D "af_lagg",
---------------------------------------------------------------------------=
-----------------------------



Tushar Mulkar
Senior Software Engineer , Sandvine India
Mobile: +91-9845146601
Skype: tushar.mulkar
www.sandvine.com



From owner-freebsd-net@FreeBSD.ORG  Tue Feb  7 20:30:18 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5FFFF106568B
	for <freebsd-net@hub.freebsd.org>; Tue,  7 Feb 2012 20:30:18 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 31DDA8FC13
	for <freebsd-net@hub.freebsd.org>; Tue,  7 Feb 2012 20:30:18 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q17KUIXU002955
	for <freebsd-net@freefall.freebsd.org>; Tue, 7 Feb 2012 20:30:18 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q17KUIZk002951;
	Tue, 7 Feb 2012 20:30:18 GMT (envelope-from gnats)
Date: Tue, 7 Feb 2012 20:30:18 GMT
Message-Id: <201202072030.q17KUIZk002951@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: "Steven Hartland" <killing@multiplay.co.uk>
Cc: 
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets
	causing high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Steven Hartland <killing@multiplay.co.uk>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 20:30:18 -0000

The following reply was made to PR kern/161899; it has been noted by GNATS.

From: "Steven Hartland" <killing@multiplay.co.uk>
To: <bug-followup@freebsd.org>
Cc:  
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
Date: Tue, 7 Feb 2012 09:24:47 -0000

 Any update on this, would have been nice to see a fix hit before
 9.0. If you need any more information please let me know.
 

From owner-freebsd-net@FreeBSD.ORG  Tue Feb  7 23:27:12 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3C20E106567A
	for <freebsd-net@freebsd.org>; Tue,  7 Feb 2012 23:27:12 +0000 (UTC)
	(envelope-from adrian.chadd@gmail.com)
Received: from mail-we0-f182.google.com (mail-we0-f182.google.com
	[74.125.82.182])
	by mx1.freebsd.org (Postfix) with ESMTP id CCC838FC16
	for <freebsd-net@freebsd.org>; Tue,  7 Feb 2012 23:27:11 +0000 (UTC)
Received: by werm13 with SMTP id m13so8610779wer.13
	for <freebsd-net@freebsd.org>; Tue, 07 Feb 2012 15:27:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:sender:date:x-google-sender-auth:message-id:subject
	:from:to:content-type;
	bh=ScnBwPefZs5kj5GrExJWONjAFoHhERww9iz6A66z1fw=;
	b=jYyiFPPputNwblH2lXRWpq2Hzfpwx0+6tQiB55pEOCLIU4SHd+JHNHlae1nuY6LG7O
	igUQmkASVVkQwVy2N/OYycSB4kmCa5T4kikLiHNLn3l9ki1vecBuIQDi0nIWjtwGmgb2
	NeUdt3VTKbxxqhL6pLyNzGQ6dphF+cntGW/6k=
MIME-Version: 1.0
Received: by 10.181.11.227 with SMTP id el3mr37089297wid.18.1328657230766;
	Tue, 07 Feb 2012 15:27:10 -0800 (PST)
Sender: adrian.chadd@gmail.com
Received: by 10.216.175.136 with HTTP; Tue, 7 Feb 2012 15:27:10 -0800 (PST)
Date: Tue, 7 Feb 2012 15:27:10 -0800
X-Google-Sender-Auth: ypk7U1RfRyZN9yX5PbuRQ3xfPQY
Message-ID: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
From: Adrian Chadd <adrian@freebsd.org>
To: FreeBSD Net <freebsd-net@freebsd.org>, "rozhuk.im" <rozhuk.im@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: 
Subject: call for review: 802.11q QinQ netgraph support
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 23:27:12 -0000

Hi,

I've been working with the patch author on this and although I haven't
yet had time to test it out myself, he's taken my suggestions on board
and continued improving things.

The patch can be found in the PR:

http://www.freebsd.org/cgi/query-pr.cgi?pr=161908

In summary, he's added the ability to support q-in-q tags, as well as
maintaining backwards compatibility for existing users.

I'd like to commit this at the end of the week.

He's indicated that he will take care of any issues it may break. I'll
back it out if it breaks things and isn't fixed.

Ivan - thank you for being so patient!

I would appreciate further review from network/netgraph related
people. I'm going to borrow a term from gnn and say "Silence implies
consent." :-)


Adrian

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 01:01:53 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 11CA41065690;
	Wed,  8 Feb 2012 01:01:53 +0000 (UTC)
	(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
	by mx1.freebsd.org (Postfix) with ESMTP id D805A8FC15;
	Wed,  8 Feb 2012 01:01:52 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
	[67.180.24.15]) (authenticated bits=0)
	by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q1811o0o050463
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
	Tue, 7 Feb 2012 17:01:51 -0800 (PST)
	(envelope-from julian@freebsd.org)
Message-ID: <4F31C9D0.6030904@freebsd.org>
Date: Tue, 07 Feb 2012 17:03:12 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
	rv:1.9.2.26) Gecko/20120129 Thunderbird/3.1.18
MIME-Version: 1.0
To: Adrian Chadd <adrian@freebsd.org>
References: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
In-Reply-To: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: FreeBSD Net <freebsd-net@freebsd.org>
Subject: Re: call for review: 802.11q QinQ netgraph support
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 01:01:53 -0000

On 2/7/12 3:27 PM, Adrian Chadd wrote:
> Hi,
>
> I've been working with the patch author on this and although I haven't
> yet had time to test it out myself, he's taken my suggestions on board
> and continued improving things.
>
> The patch can be found in the PR:
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=161908
>
> In summary, he's added the ability to support q-in-q tags, as well as
> maintaining backwards compatibility for existing users.
>
> I'd like to commit this at the end of the week.
>
> He's indicated that he will take care of any issues it may break. I'll
> back it out if it breaks things and isn't fixed.
>
> Ivan - thank you for being so patient!
>
> I would appreciate further review from network/netgraph related
> people. I'm going to borrow a term from gnn and say "Silence implies
> consent." :-)
>

looks good though s/2011/2012/

> Adrian
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>


From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 09:13:29 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BCD79106564A;
	Wed,  8 Feb 2012 09:13:29 +0000 (UTC)
	(envelope-from egrosbein@rdtc.ru)
Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13::5])
	by mx1.freebsd.org (Postfix) with ESMTP id 241C88FC0A;
	Wed,  8 Feb 2012 09:13:28 +0000 (UTC)
Received: from eg.sd.rdtc.ru (localhost [127.0.0.1])
	by eg.sd.rdtc.ru (8.14.5/8.14.5) with ESMTP id q189DRit099782;
	Wed, 8 Feb 2012 16:13:27 +0700 (NOVT)
	(envelope-from egrosbein@rdtc.ru)
Message-ID: <4F323CB7.3000609@rdtc.ru>
Date: Wed, 08 Feb 2012 16:13:27 +0700
From: Eugene Grosbein <egrosbein@rdtc.ru>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; ru-RU;
	rv:1.9.2.13) Gecko/20110112 Thunderbird/3.1.7
MIME-Version: 1.0
To: Steven Hartland <killing@multiplay.co.uk>
References: <201202072030.q17KUIZk002951@freefall.freebsd.org>
In-Reply-To: <201202072030.q17KUIZk002951@freefall.freebsd.org>
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: 8bit
Cc: freebsd-net@freebsd.org, bug-followup@freebsd.org
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets	causing
 high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 09:13:29 -0000

08.02.2012 03:30, Steven Hartland РЙЫЕФ:
> The following reply was made to PR kern/161899; it has been noted by GNATS.
> 
> From: "Steven Hartland" <killing@multiplay.co.uk>
> To: <bug-followup@freebsd.org>
> Cc:  
> Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
> Date: Tue, 7 Feb 2012 09:24:47 -0000
> 
>  Any update on this, would have been nice to see a fix hit before
>  9.0. If you need any more information please let me know.

This is known problem. You should remove "options FLOWTABLE"
from your kernel configuration, as it was removed from GENERIC
for such misbehaviours. That had fixed same problem for me.

Eugene Grosbein

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 09:20:06 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 72F2C1065670
	for <freebsd-net@hub.freebsd.org>; Wed,  8 Feb 2012 09:20:06 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 5892C8FC0C
	for <freebsd-net@hub.freebsd.org>; Wed,  8 Feb 2012 09:20:06 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q189K5O6058681
	for <freebsd-net@freefall.freebsd.org>; Wed, 8 Feb 2012 09:20:05 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q189K5Bq058680;
	Wed, 8 Feb 2012 09:20:05 GMT (envelope-from gnats)
Date: Wed, 8 Feb 2012 09:20:05 GMT
Message-Id: <201202080920.q189K5Bq058680@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Eugene Grosbein <egrosbein@rdtc.ru>
Cc: 
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets	causing
 high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Eugene Grosbein <egrosbein@rdtc.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 09:20:06 -0000

The following reply was made to PR kern/161899; it has been noted by GNATS.

From: Eugene Grosbein <egrosbein@rdtc.ru>
To: Steven Hartland <killing@multiplay.co.uk>
Cc: freebsd-net@freebsd.org, bug-followup@freebsd.org
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets	causing
 high CPU load for ntpd
Date: Wed, 08 Feb 2012 16:13:27 +0700

 08.02.2012 03:30, Steven Hartland РЙЫЕФ:
 > The following reply was made to PR kern/161899; it has been noted by GNATS.
 > 
 > From: "Steven Hartland" <killing@multiplay.co.uk>
 > To: <bug-followup@freebsd.org>
 > Cc:  
 > Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
 > Date: Tue, 7 Feb 2012 09:24:47 -0000
 > 
 >  Any update on this, would have been nice to see a fix hit before
 >  9.0. If you need any more information please let me know.
 
 This is known problem. You should remove "options FLOWTABLE"
 from your kernel configuration, as it was removed from GENERIC
 for such misbehaviours. That had fixed same problem for me.
 
 Eugene Grosbein

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 10:03:37 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BFC881065673;
	Wed,  8 Feb 2012 10:03:37 +0000 (UTC)
	(envelope-from prvs=1385245108=killing@multiplay.co.uk)
Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
	by mx1.freebsd.org (Postfix) with ESMTP id 12AED8FC16;
	Wed,  8 Feb 2012 10:03:36 +0000 (UTC)
X-Spam-Processed: mail1.multiplay.co.uk, Wed, 08 Feb 2012 09:52:05 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	mail1.multiplay.co.uk
X-Spam-Level: 
X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST
	shortcircuit=ham autolearn=disabled version=3.2.5
Received: from r2d2 ([188.220.16.49])
	by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
	(MDaemon PRO v10.0.4) with ESMTP id md50017940128.msg;
	Wed, 08 Feb 2012 09:52:04 +0000
X-MDRemoteIP: 188.220.16.49
X-Return-Path: prvs=1385245108=killing@multiplay.co.uk
X-Envelope-From: killing@multiplay.co.uk
Message-ID: <81B748092F3A413D84F6262C4B9AB146@multiplay.co.uk>
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Eugene Grosbein" <egrosbein@rdtc.ru>
References: <201202072030.q17KUIZk002951@freefall.freebsd.org>
	<4F323CB7.3000609@rdtc.ru>
Date: Wed, 8 Feb 2012 09:53:03 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="KOI8-R"; reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Cc: freebsd-net@freebsd.org, bug-followup@freebsd.org
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets
	causing high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 10:03:37 -0000

----- Original Message ----- 
From: "Eugene Grosbein" <egrosbein@rdtc.ru>

> This is known problem. You should remove "options FLOWTABLE"
> from your kernel configuration, as it was removed from GENERIC
> for such misbehaviours. That had fixed same problem for me.

We already have this removed due to the issues it causes with IP
changes, unfortunately it has no impact on this behaviour here.

    Regards
    Steve

================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. 

In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.


From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 10:10:10 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 30CE21065676
	for <freebsd-net@hub.freebsd.org>; Wed,  8 Feb 2012 10:10:10 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 1B2C18FC08
	for <freebsd-net@hub.freebsd.org>; Wed,  8 Feb 2012 10:10:10 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18AA90d004386
	for <freebsd-net@freefall.freebsd.org>; Wed, 8 Feb 2012 10:10:09 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18AA9Tt004385;
	Wed, 8 Feb 2012 10:10:09 GMT (envelope-from gnats)
Date: Wed, 8 Feb 2012 10:10:09 GMT
Message-Id: <201202081010.q18AA9Tt004385@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: "Steven Hartland" <killing@multiplay.co.uk>
Cc: 
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets
	causing high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Steven Hartland <killing@multiplay.co.uk>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 10:10:10 -0000

The following reply was made to PR kern/161899; it has been noted by GNATS.

From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Eugene Grosbein" <egrosbein@rdtc.ru>
Cc: <freebsd-net@freebsd.org>,
	<bug-followup@freebsd.org>
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd
Date: Wed, 8 Feb 2012 09:53:03 -0000

 ----- Original Message ----- 
 From: "Eugene Grosbein" <egrosbein@rdtc.ru>
 
 > This is known problem. You should remove "options FLOWTABLE"
 > from your kernel configuration, as it was removed from GENERIC
 > for such misbehaviours. That had fixed same problem for me.
 
 We already have this removed due to the issues it causes with IP
 changes, unfortunately it has no impact on this behaviour here.
 
     Regards
     Steve
 
 ================================================
 This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. 
 
 In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
 or return the E.mail to postmaster@multiplay.co.uk.
 

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 10:42:15 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A6AB71065675;
	Wed,  8 Feb 2012 10:42:15 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
	by mx1.freebsd.org (Postfix) with ESMTP id 28A978FC0C;
	Wed,  8 Feb 2012 10:42:14 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
	by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18AgDMx021393;
	Wed, 8 Feb 2012 14:42:13 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
	by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18AgDwc021392;
	Wed, 8 Feb 2012 14:42:13 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
	glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 14:42:13 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Adrian Chadd <adrian@FreeBSD.org>, "rozhuk.im" <rozhuk.im@gmail.com>
Message-ID: <20120208104213.GD13554@FreeBSD.org>
References: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: FreeBSD Net <freebsd-net@FreeBSD.org>
Subject: Re: call for review: 802.11q QinQ netgraph support
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 10:42:15 -0000

On Tue, Feb 07, 2012 at 03:27:10PM -0800, Adrian Chadd wrote:
A> I've been working with the patch author on this and although I haven't
A> yet had time to test it out myself, he's taken my suggestions on board
A> and continued improving things.
A> 
A> The patch can be found in the PR:
A> 
A> http://www.freebsd.org/cgi/query-pr.cgi?pr=161908
A> 
A> In summary, he's added the ability to support q-in-q tags, as well as
A> maintaining backwards compatibility for existing users.
A> 
A> I'd like to commit this at the end of the week.
A> 
A> He's indicated that he will take care of any issues it may break. I'll
A> back it out if it breaks things and isn't fixed.
A> 
A> Ivan - thank you for being so patient!
A> 
A> I would appreciate further review from network/netgraph related
A> people. I'm going to borrow a term from gnn and say "Silence implies
A> consent." :-)

I have only minor comments:

1.1) According to style(9) new code should use uintXX_t instead of u_intXX_t.
1.2) Some lines are really loooong, they need to be broken into shorter ones
     accoording to style(9).
1.3) Operators at beginning of a line - also style(9) violation.

2) NETGRAPH_DEBUG wasn't designed for the things the patch is doing. But
   the KASSERT was. So it'll be better to change the code under NETGRAPH_DEBUG
   to KASSERTs. For example in the chunk '@@ -262,35 +322,143 @@':

	KASSERT(priv->vlan_hook[EVL_VLANOFTAG(hook_data)] == hook,
	    ("%s: NGM_VLAN_DEL_FILTER: Invalid VID for Hook = %s\n",
	    __func__, (char *)msg->data));

	and

	KASSERT(EVL_VLANOFTAG(hook_data) == vid,
	    ("%s: NGM_VLAN_DEL_VID_FLT: Invalid VID Hook = %us, must be: %us\n",
            __func__, (uint16_t )EVL_VLANOFTAG(hook_data), vid));

-- 
Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 10:50:11 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9EF91106566C
	for <freebsd-net@hub.freebsd.org>; Wed,  8 Feb 2012 10:50:11 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 8A16D8FC08
	for <freebsd-net@hub.freebsd.org>; Wed,  8 Feb 2012 10:50:11 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18AoBIR042113
	for <freebsd-net@freefall.freebsd.org>; Wed, 8 Feb 2012 10:50:11 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18AoBwY042112;
	Wed, 8 Feb 2012 10:50:11 GMT (envelope-from gnats)
Date: Wed, 8 Feb 2012 10:50:11 GMT
Message-Id: <201202081050.q18AoBwY042112@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Dmitrij Tejblum <tejblum@yandex-team.ru>
Cc: 
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets	causing
 high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Dmitrij Tejblum <tejblum@yandex-team.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 10:50:11 -0000

The following reply was made to PR kern/161899; it has been noted by GNATS.

From: Dmitrij Tejblum <tejblum@yandex-team.ru>
To: bug-followup@freebsd.org
Cc:  
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets	causing
 high CPU load for ntpd
Date: Wed, 08 Feb 2012 14:30:51 +0400

 I would suggest to remove RTM_MISS messages at all. I believe that there 
 is no sofware that actually use it. OTOH, in some cases RTM_MISS 
 messages are really disturbing.
 
 E.g., a router without default route (e.g. runnung BGP) will always 
 generate some amount of RTM_MISS messages. They have no use, but require 
 daemons to parse them, and could result in overflow on routing socket 
 queue and, in turn, cause some important routing messages to be dropped.
 
 I have a patch that add a sysctl to turn off RTM_MISS messages, but 
 since no one use them, it would be easier to just remove them entirely.
 
 -- 
 Dmitry

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:00:32 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7D7201065672
	for <freebsd-net@hub.freebsd.org>; Wed,  8 Feb 2012 13:00:32 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 68D5F8FC13
	for <freebsd-net@hub.freebsd.org>; Wed,  8 Feb 2012 13:00:32 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18D0Wmi067565
	for <freebsd-net@freefall.freebsd.org>; Wed, 8 Feb 2012 13:00:32 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18D0Wnc067564;
	Wed, 8 Feb 2012 13:00:32 GMT (envelope-from gnats)
Date: Wed, 8 Feb 2012 13:00:32 GMT
Message-Id: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Gleb Smirnoff <glebius@FreeBSD.org>
Cc: 
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
 for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Gleb Smirnoff <glebius@FreeBSD.org>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:00:32 -0000

The following reply was made to PR kern/161899; it has been noted by GNATS.

From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Steven Hartland <killing@multiplay.co.uk>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
 for ntpd
Date: Wed, 8 Feb 2012 16:59:44 +0400

 > Any update on this, would have been nice to see a fix hit before
 > 9.0. If you need any more information please let me know.
 
 AFAIK, this is no longer a problem in 9.0-RELEASE or in HEAD.
 
 The cause for this number of misses is absense of a route for
 IPv4 mapped block in IPv6 routing table.
 
 Here it is:
 
 # netstat -rn -f inet6 
 Routing tables
 
 Internet6:
 Destination                       Gateway                       Flags      Netif Expire
 ::/96                             ::1                           UGRS        lo0
 
 Some rc.d script installs this prefix in 9.0 and 10.0. If it hasn't
 been merged to stable/8, then it needs to be found and merged.
 
 -- 
 Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:01:48 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 13543106566B
	for <freebsd-net@FreeBSD.org>; Wed,  8 Feb 2012 13:01:48 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
	by mx1.freebsd.org (Postfix) with ESMTP id 8BF4B8FC14
	for <freebsd-net@FreeBSD.org>; Wed,  8 Feb 2012 13:01:47 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
	by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18D1klP022747;
	Wed, 8 Feb 2012 17:01:46 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
	by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18D1kIs022746;
	Wed, 8 Feb 2012 17:01:46 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
	glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:01:46 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Dmitrij Tejblum <tejblum@yandex-team.ru>
Message-ID: <20120208130146.GH13554@FreeBSD.org>
References: <201202081050.q18AoBwY042112@freefall.freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <201202081050.q18AoBwY042112@freefall.freebsd.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net@FreeBSD.org
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets causing
 high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:01:48 -0000

  Dmitrij,

On Wed, Feb 08, 2012 at 10:50:11AM +0000, Dmitrij Tejblum wrote:
D>  I would suggest to remove RTM_MISS messages at all. I believe that there 
D>  is no sofware that actually use it. OTOH, in some cases RTM_MISS 
D>  messages are really disturbing.
D>  
D>  E.g., a router without default route (e.g. runnung BGP) will always 
D>  generate some amount of RTM_MISS messages. They have no use, but require 
D>  daemons to parse them, and could result in overflow on routing socket 
D>  queue and, in turn, cause some important routing messages to be dropped.
D>  
D>  I have a patch that add a sysctl to turn off RTM_MISS messages, but 
D>  since no one use them, it would be easier to just remove them entirely.

Sounds reasonable. A patch that adds a sysctl is definitely a commit candidate.
But we can't be sure that no one uses these messages, so we can't remove them
entirely.

-- 
Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:26:50 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CF2A3106564A
	for <freebsd-net@FreeBSD.org>; Wed,  8 Feb 2012 13:26:50 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
	by mx1.freebsd.org (Postfix) with ESMTP id 5225F8FC13
	for <freebsd-net@FreeBSD.org>; Wed,  8 Feb 2012 13:26:50 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
	by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18DQnhX022986;
	Wed, 8 Feb 2012 17:26:49 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
	by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18DQmQI022985;
	Wed, 8 Feb 2012 17:26:48 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
	glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:26:48 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Tushar Mulkar <tmulkar@sandvine.com>
Message-ID: <20120208132648.GI13554@FreeBSD.org>
References: <26E6BFB8942F2949A1501D4878FAEA152CD50451@blr-exch-1.sandvine.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <26E6BFB8942F2949A1501D4878FAEA152CD50451@blr-exch-1.sandvine.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: "freebsd-net@freebsd.org" <freebsd-net@FreeBSD.org>
Subject: Re: [PATCH] if_lagg driver enhancements.
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:26:50 -0000

On Tue, Feb 07, 2012 at 02:30:08PM +0000, Tushar Mulkar wrote:
T> Hello,
T> A patch is developed that has following enhancements in lagg driver
T> 
T> - Sending a gratuitous ARP when link state changes on primary port of 
T>   lag (kern/156226)
T> - Support of new ioctl command to change primary port of the lag
T> 
T> These enhancements are quite handy and useful. Please check if it can 
T> be added to FreeBSD

IMHO, the patch introduces a layering violation, which is bad. This would
lead to problems in future. From a quick look I don't see any right now,
and patch is compatible with carp(4) just accidentially :)

I would suggest the following approach:

1) Network protocols should register theirselves on the ifnet_link_event
   EVENTHANDLER(9).
2) The inet4 should send gratutious ARP on this event.
3) The inet6 should send NA.

As you see the patch would be entirely not about lagg(4) :)

We've got some minor obstacles on the suggested way:

- The if_link_state_change() function suppresses any processing if the link
  hasn't changed, for example UP -> UP event.

We can overcome this by adding a new pseudo state LINK_STATE_UPAGAIN (or
LINK_STATE_UPCHANGED or LINK_STATE_UPANOTHER or any better name you can
imagine). This pseudo state can't be stored in the ifp->if_link_state, but
it can be used to keep the state LINK_STATE_UP, but force triggering link
state hooks.

I think this approach is more clean and error prone. It can lead only to
extraneous gratutious ARP sent in some cases, which is not critical.

-- 
Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:32:00 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BE05F106564A;
	Wed,  8 Feb 2012 13:32:00 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
	by mx1.freebsd.org (Postfix) with ESMTP id 4152A8FC13;
	Wed,  8 Feb 2012 13:32:00 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
	by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18DVw1K023042;
	Wed, 8 Feb 2012 17:31:58 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
	by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18DVwOL023041;
	Wed, 8 Feb 2012 17:31:58 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
	glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:31:58 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: rozhuk.im@gmail.com
Message-ID: <20120208133158.GJ13554@FreeBSD.org>
References: <4f298d95.82b7cc0a.49b2.5d24@mx.google.com>
	<4F2A2C1F.1060609@freebsd.org>
	<4f2b0826.10cbcc0a.5660.ffff8aa9@mx.google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <4f2b0826.10cbcc0a.5660.ffff8aa9@mx.google.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net@FreeBSD.org, 'Julian Elischer' <julian@FreeBSD.org>
Subject: Re: m_pullup - fail
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:32:00 -0000

On Fri, Feb 03, 2012 at 07:03:11AM +0900, rozhuk.im@gmail.com wrote:
r> I am writing a netgraph node for processing UDP packets passing through the
r> router / bridge.
r> Node must fully inspect the entire contents of the package, in some cases,
r> change them.

In this case you need something like m_megapullup() that can be found in
sys/netinet/libalias/alias.c

-- 
Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:36:01 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A421C106564A;
	Wed,  8 Feb 2012 13:36:01 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
	by mx1.freebsd.org (Postfix) with ESMTP id 2161C8FC0C;
	Wed,  8 Feb 2012 13:36:00 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
	by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18Da0G3023112;
	Wed, 8 Feb 2012 17:36:00 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
	by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18DZx4R023109;
	Wed, 8 Feb 2012 17:35:59 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
	glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:35:59 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Luigi Rizzo <rizzo@iet.unipi.it>
Message-ID: <20120208133559.GK13554@FreeBSD.org>
References: <CAPBZQG32iyzkec4PG+qay9bKfd0GiffKyRBapLkATKvHr7cVww@mail.gmail.com>
	<20120131110204.GA95472@onelab2.iet.unipi.it>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <20120131110204.GA95472@onelab2.iet.unipi.it>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: Ermal Lu?i <eri@FreeBSD.org>, freebsd-net <freebsd-net@FreeBSD.org>,
	freebsd-hackers@FreeBSD.org
Subject: Re: [PATCH] multiple instances of ipfw(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:36:01 -0000

On Tue, Jan 31, 2012 at 12:02:04PM +0100, Luigi Rizzo wrote:
L> if i understand what the patch does, i think it makes sense to be
L> able to hook ipfw instances to specific interfaces/sets of interfaces,
L> as it permits the writing of more readable rulesets. Right now the
L> workaround is start the ruleset with skipto rules matching on
L> interface names, and then use some discipline in "reserving" a range
L> of rule numbers to each interface.

This is definitely a desired feature, but it should be implemented
on level of pfil(9). However, that would still require multiple
instances of ipfw(4).

-- 
Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:39:46 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8D33910657A2;
	Wed,  8 Feb 2012 13:39:46 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 52B488FC13;
	Wed,  8 Feb 2012 13:39:46 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18DdkNl005750;
	Wed, 8 Feb 2012 13:39:46 GMT
	(envelope-from glebius@freefall.freebsd.org)
Received: (from glebius@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18DdjmA005746;
	Wed, 8 Feb 2012 13:39:45 GMT (envelope-from glebius)
Date: Wed, 8 Feb 2012 13:39:45 GMT
Message-Id: <201202081339.q18DdjmA005746@freefall.freebsd.org>
To: nvass@gmx.com, glebius@FreeBSD.org, freebsd-net@FreeBSD.org,
	glebius@FreeBSD.org
From: glebius@FreeBSD.org
Cc: 
Subject: Re: kern/164696: [netinet] [patch] [panic] VIMAGE + carp panics the
	kernel
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:39:46 -0000

Synopsis: [netinet] [patch] [panic] VIMAGE + carp panics the kernel

State-Changed-From-To: open->closed
State-Changed-By: glebius
State-Changed-When: Wed Feb 8 13:38:23 UTC 2012
State-Changed-Why: 
Fixed.


Responsible-Changed-From-To: freebsd-net->glebius
Responsible-Changed-By: glebius
Responsible-Changed-When: Wed Feb 8 13:38:23 UTC 2012
Responsible-Changed-Why: 
Fixed.

http://www.freebsd.org/cgi/query-pr.cgi?pr=164696

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:44:34 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A78FB106566B
	for <freebsd-net@FreeBSD.org>; Wed,  8 Feb 2012 13:44:34 +0000 (UTC)
	(envelope-from prvs=1385245108=killing@multiplay.co.uk)
Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
	by mx1.freebsd.org (Postfix) with ESMTP id ED8868FC1A
	for <freebsd-net@FreeBSD.org>; Wed,  8 Feb 2012 13:44:33 +0000 (UTC)
X-Spam-Processed: mail1.multiplay.co.uk, Wed, 08 Feb 2012 13:44:04 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	mail1.multiplay.co.uk
X-Spam-Level: 
X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST
	shortcircuit=ham autolearn=disabled version=3.2.5
Received: from r2d2 ([188.220.16.49])
	by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
	(MDaemon PRO v10.0.4) with ESMTP id md50017942426.msg;
	Wed, 08 Feb 2012 13:44:03 +0000
X-MDRemoteIP: 188.220.16.49
X-Return-Path: prvs=1385245108=killing@multiplay.co.uk
X-Envelope-From: killing@multiplay.co.uk
Message-ID: <F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Gleb Smirnoff" <glebius@FreeBSD.org>,
	<freebsd-net@FreeBSD.org>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
Date: Wed, 8 Feb 2012 13:44:56 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="Windows-1252";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Cc: 
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
	for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:44:34 -0000

----- Original Message ----- 
From: "Gleb Smirnoff" <glebius@FreeBSD.org>
> > Any update on this, would have been nice to see a fix hit before
> > 9.0. If you need any more information please let me know.
> 
> AFAIK, this is no longer a problem in 9.0-RELEASE or in HEAD.
> 
> The cause for this number of misses is absense of a route for
> IPv4 mapped block in IPv6 routing table.
> 
> Here it is:
> 
> # netstat -rn -f inet6 
> Routing tables
> 
> Internet6:
> Destination                       Gateway                       Flags      Netif Expire
> ::/96                             ::1                           UGRS        lo0
> 
> Some rc.d script installs this prefix in 9.0 and 10.0. If it hasn't
> been merged to stable/8, then it needs to be found and merged.

Thanks Gleb!

Running the following commands does indeed stop this
route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject

I found these in /etc/rc.d/network_ipv6 but I can't see why
these wouldnt be run on a machine that doesn't have an IPv6
address, they seem to be added correctly on machines that do.

So any pointers are to how to get this fix setup correctly in
8.2 would appreciated.

    Regards
    Steve

================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. 

In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.


From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:55:02 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8CC9A106564A
	for <freebsd-net@FreeBSD.org>; Wed,  8 Feb 2012 13:55:02 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
	by mx1.freebsd.org (Postfix) with ESMTP id 0C7438FC15
	for <freebsd-net@FreeBSD.org>; Wed,  8 Feb 2012 13:55:01 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
	by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18Dt0UN023315;
	Wed, 8 Feb 2012 17:55:00 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
	by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18Dt0GH023314;
	Wed, 8 Feb 2012 17:55:00 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
	glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 17:55:00 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Steven Hartland <killing@multiplay.co.uk>
Message-ID: <20120208135500.GL13554@FreeBSD.org>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
	<F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net@FreeBSD.org
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
 for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:55:02 -0000

On Wed, Feb 08, 2012 at 01:44:56PM -0000, Steven Hartland wrote:
S> ----- Original Message ----- 
S> From: "Gleb Smirnoff" <glebius@FreeBSD.org>
S> > > Any update on this, would have been nice to see a fix hit before
S> > > 9.0. If you need any more information please let me know.
S> > 
S> > AFAIK, this is no longer a problem in 9.0-RELEASE or in HEAD.
S> > 
S> > The cause for this number of misses is absense of a route for
S> > IPv4 mapped block in IPv6 routing table.
S> > 
S> > Here it is:
S> > 
S> > # netstat -rn -f inet6 
S> > Routing tables
S> > 
S> > Internet6:
S> > Destination                       Gateway                       Flags      Netif Expire
S> > ::/96                             ::1                           UGRS        lo0
S> > 
S> > Some rc.d script installs this prefix in 9.0 and 10.0. If it hasn't
S> > been merged to stable/8, then it needs to be found and merged.
S> 
S> Thanks Gleb!
S> 
S> Running the following commands does indeed stop this
S> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
S> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
S> 
S> I found these in /etc/rc.d/network_ipv6 but I can't see why
S> these wouldnt be run on a machine that doesn't have an IPv6
S> address, they seem to be added correctly on machines that do.
S> 
S> So any pointers are to how to get this fix setup correctly in
S> 8.2 would appreciated.

I don't have any 8.2 where I can play already :) All test boxes
are either head or 9.0.

So it'll be easier to you than to me, to find the exact revision
that is already in stable/9, but not yet in stable/8, that adds
these routes to kernel in startup. Once found, I can do merging.

Meanwhile, I can bounce the PR to freebsd-rc@, and may be someone
from there can find out what needs to be merged.

-- 
Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 13:55:34 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E0587106566B;
	Wed,  8 Feb 2012 13:55:34 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id B31378FC1B;
	Wed,  8 Feb 2012 13:55:34 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q18DtY9m022790;
	Wed, 8 Feb 2012 13:55:34 GMT
	(envelope-from glebius@freefall.freebsd.org)
Received: (from glebius@localhost)
	by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q18DtYJ7022786;
	Wed, 8 Feb 2012 13:55:34 GMT (envelope-from glebius)
Date: Wed, 8 Feb 2012 13:55:34 GMT
Message-Id: <201202081355.q18DtYJ7022786@freefall.freebsd.org>
To: glebius@FreeBSD.org, freebsd-net@FreeBSD.org, freebsd-rc@FreeBSD.org
From: glebius@FreeBSD.org
Cc: 
Subject: Re: kern/161899: [route] ntpd(8): Repeating RTM_MISS packets
	causing high CPU load for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 13:55:35 -0000

Synopsis: [route] ntpd(8): Repeating RTM_MISS packets causing high CPU load for ntpd

Responsible-Changed-From-To: freebsd-net->freebsd-rc
Responsible-Changed-By: glebius
Responsible-Changed-When: Wed Feb 8 13:55:07 UTC 2012
Responsible-Changed-Why: 
I think, that solution to the problem lives somewhere in th rc-land.

http://www.freebsd.org/cgi/query-pr.cgi?pr=161899

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 14:04:10 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1CE33106564A;
	Wed,  8 Feb 2012 14:04:10 +0000 (UTC)
	(envelope-from ermal.luci@gmail.com)
Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com
	[209.85.210.182])
	by mx1.freebsd.org (Postfix) with ESMTP id C23928FC1D;
	Wed,  8 Feb 2012 14:04:09 +0000 (UTC)
Received: by iaeo4 with SMTP id o4so1256087iae.13
	for <multiple recipients>; Wed, 08 Feb 2012 06:04:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:sender:in-reply-to:references:date
	:x-google-sender-auth:message-id:subject:from:to:cc:content-type;
	bh=+J0xlP6I1mhPtm6JmLkzX/MN5IuuYy8GGNP+ZtNP1Kg=;
	b=IcivfqBr1JdiPJTEbuhNzxbMoy0aPAGOXDihScdkTJl+EJJe4gSjJAyxiQ4Lwiphbx
	4PKQM9TNS56QNSlMr89Ra2KehIAr3kf+Mih1iJn2pmFz+a7nkgW66YsVf1y0kHuqWO3H
	OxAXXJz5HETWCSfWxVMZwtxrYIBGs7vRRP0b0=
MIME-Version: 1.0
Received: by 10.42.144.69 with SMTP id a5mr27139143icv.45.1328709849420; Wed,
	08 Feb 2012 06:04:09 -0800 (PST)
Sender: ermal.luci@gmail.com
Received: by 10.231.134.198 with HTTP; Wed, 8 Feb 2012 06:04:09 -0800 (PST)
In-Reply-To: <20120208133559.GK13554@FreeBSD.org>
References: <CAPBZQG32iyzkec4PG+qay9bKfd0GiffKyRBapLkATKvHr7cVww@mail.gmail.com>
	<20120131110204.GA95472@onelab2.iet.unipi.it>
	<20120208133559.GK13554@FreeBSD.org>
Date: Wed, 8 Feb 2012 15:04:09 +0100
X-Google-Sender-Auth: 0aFIRkQDzHRwTd5nBZ_gaj2_wVQ
Message-ID: <CAPBZQG0edS3sru=D_iGMsNDC5EA8H=A=wwRUDOGZi9DtU5-CkQ@mail.gmail.com>
From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org>
To: Gleb Smirnoff <glebius@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-net <freebsd-net@freebsd.org>, Luigi Rizzo <rizzo@iet.unipi.it>,
	freebsd-hackers@freebsd.org
Subject: Re: [PATCH] multiple instances of ipfw(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 14:04:10 -0000

2012/2/8 Gleb Smirnoff <glebius@freebsd.org>:
> On Tue, Jan 31, 2012 at 12:02:04PM +0100, Luigi Rizzo wrote:
> L> if i understand what the patch does, i think it makes sense to be
> L> able to hook ipfw instances to specific interfaces/sets of interfaces,
> L> as it permits the writing of more readable rulesets. Right now the
> L> workaround is start the ruleset with skipto rules matching on
> L> interface names, and then use some discipline in "reserving" a range
> L> of rule numbers to each interface.
>
> This is definitely a desired feature, but it should be implemented
> on level of pfil(9). However, that would still require multiple
> instances of ipfw(4).
>
This opens a discussion of architecture design.
I do not think presently pfil(9) is designed to handle such thing!


Regards,
Ermal

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 14:09:23 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6AD3D1065781;
	Wed,  8 Feb 2012 14:09:23 +0000 (UTC)
	(envelope-from glebius@FreeBSD.org)
Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.117])
	by mx1.freebsd.org (Postfix) with ESMTP id E54448FC14;
	Wed,  8 Feb 2012 14:09:22 +0000 (UTC)
Received: from cell.glebius.int.ru (localhost [127.0.0.1])
	by cell.glebius.int.ru (8.14.5/8.14.5) with ESMTP id q18E9Lil023577;
	Wed, 8 Feb 2012 18:09:21 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
Received: (from glebius@localhost)
	by cell.glebius.int.ru (8.14.5/8.14.5/Submit) id q18E9Lfq023576;
	Wed, 8 Feb 2012 18:09:21 +0400 (MSK)
	(envelope-from glebius@FreeBSD.org)
X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to
	glebius@FreeBSD.org using -f
Date: Wed, 8 Feb 2012 18:09:21 +0400
From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Ermal Lu?i <eri@FreeBSD.org>
Message-ID: <20120208140921.GM13554@glebius.int.ru>
References: <CAPBZQG32iyzkec4PG+qay9bKfd0GiffKyRBapLkATKvHr7cVww@mail.gmail.com>
	<20120131110204.GA95472@onelab2.iet.unipi.it>
	<20120208133559.GK13554@FreeBSD.org>
	<CAPBZQG0edS3sru=D_iGMsNDC5EA8H=A=wwRUDOGZi9DtU5-CkQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <CAPBZQG0edS3sru=D_iGMsNDC5EA8H=A=wwRUDOGZi9DtU5-CkQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net <freebsd-net@FreeBSD.org>, Luigi Rizzo <rizzo@iet.unipi.it>,
	freebsd-hackers@FreeBSD.org
Subject: Re: [PATCH] multiple instances of ipfw(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 14:09:23 -0000

On Wed, Feb 08, 2012 at 03:04:09PM +0100, Ermal Lu?i wrote:
E> 2012/2/8 Gleb Smirnoff <glebius@freebsd.org>:
E> > On Tue, Jan 31, 2012 at 12:02:04PM +0100, Luigi Rizzo wrote:
E> > L> if i understand what the patch does, i think it makes sense to be
E> > L> able to hook ipfw instances to specific interfaces/sets of interfaces,
E> > L> as it permits the writing of more readable rulesets. Right now the
E> > L> workaround is start the ruleset with skipto rules matching on
E> > L> interface names, and then use some discipline in "reserving" a range
E> > L> of rule numbers to each interface.
E> >
E> > This is definitely a desired feature, but it should be implemented
E> > on level of pfil(9). However, that would still require multiple
E> > instances of ipfw(4).
E> >
E> This opens a discussion of architecture design.
E> I do not think presently pfil(9) is designed to handle such thing!

Several years ago, I guess around 2005, a discussion on a per-interface
packet filtering was taken on the net@ mailing list. In that time, it lead
to nothing, several people were against the idea.

Recently on IRC I had raised the discussion again. Today more people liked
the idea and found it a desired feature.

Many kinds of high end networking equipment have per-interface ACLs. I know
that networking sysadmins would be happy if FreeBSD packet filters would
get this feature, since maintaing such ACLs is much easier on a router with
dozens of interfaces.

-- 
Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 16:53:48 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E41A0106564A;
	Wed,  8 Feb 2012 16:53:48 +0000 (UTC)
	(envelope-from adrian.chadd@gmail.com)
Received: from mail-ww0-f42.google.com (mail-ww0-f42.google.com [74.125.82.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 495EC8FC14;
	Wed,  8 Feb 2012 16:53:47 +0000 (UTC)
Received: by wgbgn7 with SMTP id gn7so5445121wgb.1
	for <multiple recipients>; Wed, 08 Feb 2012 08:53:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:sender:in-reply-to:references:date
	:x-google-sender-auth:message-id:subject:from:to:cc:content-type
	:content-transfer-encoding;
	bh=3Bt1p2WgEfVCw+a9p2HRYww/5ShIpfbtlPkn3tFIoFI=;
	b=HUJyNFAP7h64bx0V2gdlNo2kgILoS6bklRZ2wFWlxJ066t/U0Wb0hXJ6izTW9RNw9F
	goBHTfw28wwpfYCHNXZ7gwHs9zKbU7dg0G0xT4n6jRfA3xkjdjLRJXVf0YR11MkuRSLr
	ESrTISnHiFHN74s1uAx+t1oO9HQ6AXHyHNe0w=
MIME-Version: 1.0
Received: by 10.216.135.76 with SMTP id t54mr11003490wei.14.1328720027188;
	Wed, 08 Feb 2012 08:53:47 -0800 (PST)
Sender: adrian.chadd@gmail.com
Received: by 10.216.175.136 with HTTP; Wed, 8 Feb 2012 08:53:47 -0800 (PST)
In-Reply-To: <20120208104213.GD13554@FreeBSD.org>
References: <CAJ-Vmondr7uO2++ADk_s=Zpx5HdmABOM=UGP+rnGKaNN8zXehQ@mail.gmail.com>
	<20120208104213.GD13554@FreeBSD.org>
Date: Wed, 8 Feb 2012 08:53:47 -0800
X-Google-Sender-Auth: bnglK4tXeo4hK85xl1tgke5FUwM
Message-ID: <CAJ-VmokBHkyRC5mAnQkFFL9w-ETwppo_6Ofb8YGa11vEKMcygg@mail.gmail.com>
From: Adrian Chadd <adrian@freebsd.org>
To: Gleb Smirnoff <glebius@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: FreeBSD Net <freebsd-net@freebsd.org>
Subject: Re: call for review: 802.11q QinQ netgraph support
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 16:53:49 -0000

2012/2/8 Gleb Smirnoff <glebius@freebsd.org>:

> A> I would appreciate further review from network/netgraph related
> A> people. I'm going to borrow a term from gnn and say "Silence implies
> A> consent." :-)
>
> I have only minor comments:

Thanks for your feedback!

Ivan, can you please review these?


Adrian

>
> 1.1) According to style(9) new code should use uintXX_t instead of u_intX=
X_t.
> 1.2) Some lines are really loooong, they need to be broken into shorter o=
nes
> =A0 =A0 accoording to style(9).
> 1.3) Operators at beginning of a line - also style(9) violation.
>
> 2) NETGRAPH_DEBUG wasn't designed for the things the patch is doing. But
> =A0 the KASSERT was. So it'll be better to change the code under NETGRAPH=
_DEBUG
> =A0 to KASSERTs. For example in the chunk '@@ -262,35 +322,143 @@':
>
> =A0 =A0 =A0 =A0KASSERT(priv->vlan_hook[EVL_VLANOFTAG(hook_data)] =3D=3D h=
ook,
> =A0 =A0 =A0 =A0 =A0 =A0("%s: NGM_VLAN_DEL_FILTER: Invalid VID for Hook =
=3D %s\n",
> =A0 =A0 =A0 =A0 =A0 =A0__func__, (char *)msg->data));
>
> =A0 =A0 =A0 =A0and
>
> =A0 =A0 =A0 =A0KASSERT(EVL_VLANOFTAG(hook_data) =3D=3D vid,
> =A0 =A0 =A0 =A0 =A0 =A0("%s: NGM_VLAN_DEL_VID_FLT: Invalid VID Hook =3D %=
us, must be: %us\n",
> =A0 =A0 =A0 =A0 =A0 =A0__func__, (uint16_t )EVL_VLANOFTAG(hook_data), vid=
));
>
> --
> Totus tuus, Glebius.

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 18:23:45 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 054D3106564A;
	Wed,  8 Feb 2012 18:23:45 +0000 (UTC)
	(envelope-from gpalmer@freebsd.org)
Received: from noop.in-addr.com (mail.in-addr.com [IPv6:2001:470:8:162::1])
	by mx1.freebsd.org (Postfix) with ESMTP id CB48B8FC0C;
	Wed,  8 Feb 2012 18:23:44 +0000 (UTC)
Received: from gjp by noop.in-addr.com with local (Exim 4.77 (FreeBSD))
	(envelope-from <gpalmer@freebsd.org>)
	id 1RvCAz-000G2v-ID; Wed, 08 Feb 2012 13:23:29 -0500
Date: Wed, 8 Feb 2012 13:23:29 -0500
From: Gary Palmer <gpalmer@freebsd.org>
To: Steven Hartland <killing@multiplay.co.uk>
Message-ID: <20120208182329.GC10082@in-addr.com>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
	<F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: gpalmer@freebsd.org
X-SA-Exim-Scanned: No (on noop.in-addr.com); SAEximRunCond expanded to false
Cc: freebsd-net@FreeBSD.org, Gleb Smirnoff <glebius@FreeBSD.org>
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
	for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 18:23:45 -0000

On Wed, Feb 08, 2012 at 01:44:56PM -0000, Steven Hartland wrote:
> ----- Original Message ----- 
> From: "Gleb Smirnoff" <glebius@FreeBSD.org>
> >> Any update on this, would have been nice to see a fix hit before
> >> 9.0. If you need any more information please let me know.
> >
> >AFAIK, this is no longer a problem in 9.0-RELEASE or in HEAD.
> >
> >The cause for this number of misses is absense of a route for
> >IPv4 mapped block in IPv6 routing table.
> >
> >Here it is:
> >
> ># netstat -rn -f inet6 
> >Routing tables
> >
> >Internet6:
> >Destination                       Gateway                       Flags      
> >Netif Expire
> >::/96                             ::1                           UGRS       
> >lo0
> >
> >Some rc.d script installs this prefix in 9.0 and 10.0. If it hasn't
> >been merged to stable/8, then it needs to be found and merged.
> 
> Thanks Gleb!
> 
> Running the following commands does indeed stop this
> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
> 
> I found these in /etc/rc.d/network_ipv6 but I can't see why
> these wouldnt be run on a machine that doesn't have an IPv6
> address, they seem to be added correctly on machines that do.

Speculation: the machine(s) which didn't have the routes maybe
didn't have

ipv6_enable="YES"

in /etc/rc.conf?

Gary

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 19:13:05 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4E4731065673;
	Wed,  8 Feb 2012 19:13:05 +0000 (UTC)
	(envelope-from prvs=1385245108=killing@multiplay.co.uk)
Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
	by mx1.freebsd.org (Postfix) with ESMTP id 63E188FC1D;
	Wed,  8 Feb 2012 19:13:03 +0000 (UTC)
X-Spam-Processed: mail1.multiplay.co.uk, Wed, 08 Feb 2012 19:13:00 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	mail1.multiplay.co.uk
X-Spam-Level: 
X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST
	shortcircuit=ham autolearn=disabled version=3.2.5
Received: from r2d2 ([188.220.16.49])
	by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
	(MDaemon PRO v10.0.4) with ESMTP id md50017949032.msg;
	Wed, 08 Feb 2012 19:13:00 +0000
X-MDRemoteIP: 188.220.16.49
X-Return-Path: prvs=1385245108=killing@multiplay.co.uk
X-Envelope-From: killing@multiplay.co.uk
Message-ID: <7033DB091C8A46E0A14C7C2F52929C95@multiplay.co.uk>
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Gary Palmer" <gpalmer@freebsd.org>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
	<F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
	<20120208182329.GC10082@in-addr.com>
Date: Wed, 8 Feb 2012 19:12:38 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Cc: freebsd-net@FreeBSD.org, Gleb Smirnoff <glebius@FreeBSD.org>
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
	for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 19:13:05 -0000

----- Original Message ----- 
From: "Gary Palmer" <gpalmer@freebsd.org>
>> Running the following commands does indeed stop this
>> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
>> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
>> 
>> I found these in /etc/rc.d/network_ipv6 but I can't see why
>> these wouldnt be run on a machine that doesn't have an IPv6
>> address, they seem to be added correctly on machines that do.
> 
> Speculation: the machine(s) which didn't have the routes maybe
> didn't have
> 
> ipv6_enable="YES"
> 
> in /etc/rc.conf?

Doh!

Indeed they don't so of course /etc/rc.d/network_ipv6 doesnt
start but IPv6 is in the kernel and ipv6 is configured on lo0 via
/etc/rc.d/auto_linklocal so it looks like ipv6 is enabled even
though it isnt.

Given this would a reasonable patch be to move the internal routing
to auto_linklocal i.e. these lines:-
    # disallow "internal" addresses to appear on the wire
    route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
    route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject

Seems the relavent fix was part of a much bigger commit:-
http://svnweb.freebsd.org/base?view=revision&revision=197139

So it may not be easy to patch this into 8.x

    Regards
    Steve

================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. 

In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.


From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 21:08:51 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 51C0F106566B
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:08:51 +0000 (UTC)
	(envelope-from lists@rewt.org.uk)
Received: from abby.lhr1.as41113.net (unknown [IPv6:2001:b70:201:2::20])
	by mx1.freebsd.org (Postfix) with ESMTP id 1609B8FC16
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:08:51 +0000 (UTC)
Received: from jasmine.internethq (unknown [91.208.177.192])
	by abby.lhr1.as41113.net (Postfix) with ESMTP id E1B3B22853
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:08:49 +0000 (UTC)
Received: from [172.16.11.44] (jwh-laptop.internethq [172.16.11.44])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by jasmine.internethq (Postfix) with ESMTPS id BD9FE10751240
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:08:24 +0000 (GMT)
Message-ID: <4F32E45F.9030504@rewt.org.uk>
Date: Wed, 08 Feb 2012 21:08:47 +0000
From: Joe Holden <lists@rewt.org.uk>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 21:08:51 -0000

Hey guys,

The maximum fibs is currently 16 due to an mbuf limitation I believe? Is 
there any scope for the number being increased?

Ta,
J

From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 21:25:56 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EC09D1065674
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:25:56 +0000 (UTC)
	(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
	by mx1.freebsd.org (Postfix) with ESMTP id C05DE8FC12
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:25:56 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
	[67.180.24.15]) (authenticated bits=0)
	by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q18LPtSR057498
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
	Wed, 8 Feb 2012 13:25:55 -0800 (PST)
	(envelope-from julian@freebsd.org)
Message-ID: <4F32E8B6.8050409@freebsd.org>
Date: Wed, 08 Feb 2012 13:27:18 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
	rv:1.9.2.26) Gecko/20120129 Thunderbird/3.1.18
MIME-Version: 1.0
To: Joe Holden <lists@rewt.org.uk>
References: <4F32E45F.9030504@rewt.org.uk>
In-Reply-To: <4F32E45F.9030504@rewt.org.uk>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 21:25:57 -0000

On 2/8/12 1:08 PM, Joe Holden wrote:
> Hey guys,
>
> The maximum fibs is currently 16 due to an mbuf limitation I 
> believe? Is there any scope for the number being increased?
it was designed to be able to be expanable... there is only the one place.

there are upcoming FIB changes and it may be a good oportunity to 
change this in 10..

>
> Ta,
> J
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>


From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 21:28:16 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2315E1065676
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:28:16 +0000 (UTC)
	(envelope-from lists@rewt.org.uk)
Received: from abby.lhr1.as41113.net (unknown [IPv6:2001:b70:201:2::20])
	by mx1.freebsd.org (Postfix) with ESMTP id B35BD8FC1D
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:28:15 +0000 (UTC)
Received: from jasmine.internethq (unknown [91.208.177.192])
	by abby.lhr1.as41113.net (Postfix) with ESMTP id 1AF4F22853
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:28:15 +0000 (UTC)
Received: from [172.16.11.44] (jwh-laptop.internethq [172.16.11.44])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by jasmine.internethq (Postfix) with ESMTPS id C451A1019F9E5;
	Wed,  8 Feb 2012 21:27:49 +0000 (GMT)
Message-ID: <4F32E8EC.4070206@rewt.org.uk>
Date: Wed, 08 Feb 2012 21:28:12 +0000
From: Joe Holden <lists@rewt.org.uk>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Julian Elischer <julian@freebsd.org>
References: <4F32E45F.9030504@rewt.org.uk> <4F32E8B6.8050409@freebsd.org>
In-Reply-To: <4F32E8B6.8050409@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 21:28:16 -0000

Julian Elischer wrote:
> On 2/8/12 1:08 PM, Joe Holden wrote:
>> Hey guys,
>>
>> The maximum fibs is currently 16 due to an mbuf limitation I believe? 
>> Is there any scope for the number being increased?
> it was designed to be able to be expanable... there is only the one place.
> 
> there are upcoming FIB changes and it may be a good oportunity to change 
> this in 10..
> 
aha, I was under the impression that it was limited due to mbuf size, 
not sure where I read that - think it was a commit from a while back.

>>
>> Ta,
>> J
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>>
> 
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"


From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 21:53:12 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 169B01065670
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:53:12 +0000 (UTC)
	(envelope-from kes-kes@yandex.ru)
Received: from forward10.mail.yandex.net (forward10.mail.yandex.net
	[IPv6:2a02:6b8:0:202::5])
	by mx1.freebsd.org (Postfix) with ESMTP id 81E148FC13
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 21:53:11 +0000 (UTC)
Received: from smtp9.mail.yandex.net (smtp9.mail.yandex.net [77.88.61.35])
	by forward10.mail.yandex.net (Yandex) with ESMTP id A2E501021936
	for <freebsd-net@freebsd.org>; Thu,  9 Feb 2012 01:53:09 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
	t=1328737989; bh=17KfxzQtBmSqhBRSwzx3YFckLQ0WAlZV8u5JW9mYa/8=;
	h=Date:From:Reply-To:Message-ID:To:Subject:MIME-Version:
	Content-Type:Content-Transfer-Encoding;
	b=sF57xrGMPfH1tRxNyCm8uNZtXWMpp5mTa4kGaZJyNWWAuv28crmfg7lBlRlpPiIpV
	0nHxoT8Lmpm+4zqhVYVVc0epyI7f1e5sI1g7AGujCq1bVNyGDWOYn2fxuUYQlNcTq6
	otfisGOe/MPc8Ciau0qCGY9Bmd43xDdsiaXrQs24=
Received: from smtp9.mail.yandex.net (localhost [127.0.0.1])
	by smtp9.mail.yandex.net (Yandex) with ESMTP id 896FA15201CC
	for <freebsd-net@freebsd.org>; Thu,  9 Feb 2012 01:53:09 +0400 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
	t=1328737989; bh=17KfxzQtBmSqhBRSwzx3YFckLQ0WAlZV8u5JW9mYa/8=;
	h=Date:From:Reply-To:Message-ID:To:Subject:MIME-Version:
	Content-Type:Content-Transfer-Encoding;
	b=sF57xrGMPfH1tRxNyCm8uNZtXWMpp5mTa4kGaZJyNWWAuv28crmfg7lBlRlpPiIpV
	0nHxoT8Lmpm+4zqhVYVVc0epyI7f1e5sI1g7AGujCq1bVNyGDWOYn2fxuUYQlNcTq6
	otfisGOe/MPc8Ciau0qCGY9Bmd43xDdsiaXrQs24=
Received: from unknown (unknown [77.93.52.20])
	by smtp9.mail.yandex.net (nwsmtp/Yandex) with ESMTP id
	r8EaS4qs-r9Eix3sv; Thu,  9 Feb 2012 01:53:09 +0400
X-Yandex-Spam: 1
Date: Wed, 8 Feb 2012 23:53:07 +0200
From: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= <kes-kes@yandex.ru>
X-Mailer: The Bat! (v4.0.24) Professional
Organization: =?windows-1251?B?188gyu7t/Oru4iwgRnJlZUxpbmU=?=
X-Priority: 3 (Normal)
Message-ID: <15210117711.20120208235307@yandex.ru>
To: freebsd-net@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1251
Content-Transfer-Encoding: 8bit
Subject: security issue!!
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: =?windows-1251?B?yu7t/Oru4iDF4uPl7ejp?= <kes-kes@yandex.ru>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 21:53:12 -0000


some host on LAN can send packets to MAC address of FreeBSD server

and server accept packets even if frame is not in its subnet and pass them further %-)

details here
http://www.freebsd.org/cgi/query-pr.cgi?pr=164914


From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 22:06:02 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 74A5B1065674
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 22:06:02 +0000 (UTC)
	(envelope-from cswiger@mac.com)
Received: from asmtpout030.mac.com (asmtpout030.mac.com [17.148.16.105])
	by mx1.freebsd.org (Postfix) with ESMTP id 5B4F68FC1F
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 22:06:02 +0000 (UTC)
MIME-version: 1.0
Content-type: text/plain; charset=koi8-r
Received: from cswiger1.apple.com (unknown [17.209.4.71])
	by asmtp030.mac.com (Oracle Communications Messaging Server 7u4-23.01
	(7.0.4.23.0) 64bit (built Aug 10 2011))
	with ESMTPSA id <0LZ300MU8HDEVD80@asmtp030.mac.com> for
	freebsd-net@freebsd.org; Wed, 08 Feb 2012 14:05:39 -0800 (PST)
X-Proofpoint-Virus-Version: vendor=fsecure
	engine=2.50.10432:5.6.7361,1.0.260,0.0.0000
	definitions=2012-02-08_08:2012-02-08, 2012-02-08,
	1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0
	ipscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0
	classifier=spam
	adjust=0 reason=mlx scancount=1 engine=6.0.2-1012030000
	definitions=main-1202080239
From: Chuck Swiger <cswiger@mac.com>
X-Priority: 3 (Normal)
In-reply-to: <15210117711.20120208235307@yandex.ru>
Date: Wed, 08 Feb 2012 14:05:38 -0800
Content-transfer-encoding: quoted-printable
Message-id: <2BF9EFDB-C52E-4842-9754-66357AD3EBA5@mac.com>
References: <15210117711.20120208235307@yandex.ru>
To: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= <kes-kes@yandex.ru>
X-Mailer: Apple Mail (2.1084)
Cc: freebsd-net@freebsd.org
Subject: Re: security issue!!
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 22:06:02 -0000

On Feb 8, 2012, at 1:53 PM, =EB=CF=CE=D8=CB=CF=D7 =E5=D7=C7=C5=CE=C9=CA =
wrote:
> some host on LAN can send packets to MAC address of FreeBSD server
>=20
> and server accept packets even if frame is not in its subnet and pass =
them further %-)
>=20
> details here
> http://www.freebsd.org/cgi/query-pr.cgi?pr=3D164914

Um, what were you expecting to have happen?

It's not that unusual for someone to setup a bridge or VPN/proxy-arp =
configuration where an interface doesn't have an IP, but still receives =
and forwards (or otherwise processes) the traffic which it sees, because =
the traffic is addressed to the MAC address of that interface....

Regards,
--=20
-Chuck


From owner-freebsd-net@FreeBSD.ORG  Wed Feb  8 23:24:46 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 97632106566B
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 23:24:46 +0000 (UTC)
	(envelope-from lacombar@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
	by mx1.freebsd.org (Postfix) with ESMTP id 2B71D8FC12
	for <freebsd-net@freebsd.org>; Wed,  8 Feb 2012 23:24:45 +0000 (UTC)
Received: by wgbdq11 with SMTP id dq11so1187843wgb.31
	for <freebsd-net@freebsd.org>; Wed, 08 Feb 2012 15:24:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:date:message-id:subject:from:to:cc:content-type;
	bh=TbbUesCmA0JRe1ToH2a27VCv1BPv0YeJUQrapi9kcuw=;
	b=LaWAzMivG3mCm75Ihx+T9vaKK5+TiUnmqprB+utGjuKp/iERKcTCNO5ryDj4qvGA2a
	Z6/pjsztJZetjdTmHmSTNjN+MVIQqn19iw+BrEvHcfOkyIKtZf14Wo5YbN9/c3T+pfaC
	i4LnP4oXjJ1JWo31exaOF1gKzu9hNYuYriidg=
MIME-Version: 1.0
Received: by 10.180.103.68 with SMTP id fu4mr40603665wib.7.1328743485100; Wed,
	08 Feb 2012 15:24:45 -0800 (PST)
Received: by 10.216.58.201 with HTTP; Wed, 8 Feb 2012 15:24:45 -0800 (PST)
Date: Wed, 8 Feb 2012 18:24:45 -0500
Message-ID: <CACqU3MWLcURFL4k3-Athcvd5TwtodqA5=vryE-wxgFFp8-wnrw@mail.gmail.com>
From: Arnaud Lacombe <lacombar@gmail.com>
To: Jack Vogel <jack.vogel@intel.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-net@freebsd.org
Subject: Missed packet on recent em(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2012 23:24:46 -0000

Hi Jack,

For the record, on the following hardware:

em3@pci0:5:0:0: class=0x020000 card=0x150415bb chip=0x150c8086 rev=0x00 hdr=0x00

and the following version of em(4):

em3: <Intel(R) PRO/1000 Network Connection 7.2.3> port 0xec00-0xec1f
mem 0xfebe0000-0xfebfffff,0xfebdc000-0xfebdffff irq 19 at device 0.0
on pci5
em3: Using an MSI interrupt
em3: [FILTER]
em3: Ethernet address: 00:90:fb:35:18:b1

backported to 7-STABLE, I am still getting `missed_packets' increment,
without any obvious mbuf allocation denial. These increments do not
translate into complete hang of the driver, just crazy frame loss.

# sysctl dev.em.3
dev.em.3.%desc: Intel(R) PRO/1000 Network Connection 7.2.3
dev.em.3.%driver: em
dev.em.3.%location: slot=0 function=0
dev.em.3.%pnpinfo: vendor=0x8086 device=0x150c subvendor=0x15bb
subdevice=0x1504 class=0x020000
dev.em.3.%parent: pci5
dev.em.3.rx_int_delay: 0
dev.em.3.tx_int_delay: 66
dev.em.3.rx_abs_int_delay: 66
dev.em.3.tx_abs_int_delay: 66
dev.em.3.rx_processing_limit: 100
dev.em.3.flow_control: 3
dev.em.3.eee_control: 0
dev.em.3.link_irq: 0
dev.em.3.mbuf_alloc_fail: 0
dev.em.3.cluster_alloc_fail: 0
dev.em.3.dropped: 0
dev.em.3.tx_dma_fail: 0
dev.em.3.rx_overruns: 78
dev.em.3.watchdog_timeouts: 0
dev.em.3.device_control: 1477444168
dev.em.3.rx_control: 67141634
dev.em.3.fc_high_water: 18432
dev.em.3.fc_low_water: 16932
dev.em.3.queue0.txd_head: 703
dev.em.3.queue0.txd_tail: 703
dev.em.3.queue0.tx_irq: 0
dev.em.3.queue0.no_desc_avail: 0
dev.em.3.queue0.rxd_head: 692
dev.em.3.queue0.rxd_tail: 691
dev.em.3.queue0.rx_irq: 0
dev.em.3.mac_stats.excess_coll: 0
dev.em.3.mac_stats.single_coll: 0
dev.em.3.mac_stats.multiple_coll: 0
dev.em.3.mac_stats.late_coll: 0
dev.em.3.mac_stats.collision_count: 0
dev.em.3.mac_stats.symbol_errors: 0
dev.em.3.mac_stats.sequence_errors: 0
dev.em.3.mac_stats.defer_count: 0
dev.em.3.mac_stats.missed_packets: 1135790
dev.em.3.mac_stats.recv_no_buff: 555763
dev.em.3.mac_stats.recv_undersize: 0
dev.em.3.mac_stats.recv_fragmented: 0
dev.em.3.mac_stats.recv_oversize: 0
dev.em.3.mac_stats.recv_jabber: 0
dev.em.3.mac_stats.recv_errs: 0
dev.em.3.mac_stats.crc_errs: 0
dev.em.3.mac_stats.alignment_errs: 0
dev.em.3.mac_stats.coll_ext_errs: 0
dev.em.3.mac_stats.xon_recvd: 6806
dev.em.3.mac_stats.xon_txd: 253
dev.em.3.mac_stats.xoff_recvd: 7583
dev.em.3.mac_stats.xoff_txd: 742908
dev.em.3.mac_stats.total_pkts_recvd: 3904354
dev.em.3.mac_stats.good_pkts_recvd: 2761900
[...]

This happened with about 1000 short-lived TCP connection filling about
100Mbps of traffic.

I saw you made updates to the driver recently. I'll attempt a backport
and let you know. This might not be trivial given the netmap mess
which appeared in -current...

 - Arnaud

From owner-freebsd-net@FreeBSD.ORG  Thu Feb  9 00:43:52 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 52D0A106566C
	for <freebsd-net@freebsd.org>; Thu,  9 Feb 2012 00:43:52 +0000 (UTC)
	(envelope-from jack.vogel@intel.com)
Received: from mga03.intel.com (mga03.intel.com [143.182.124.21])
	by mx1.freebsd.org (Postfix) with ESMTP id 249F98FC0C
	for <freebsd-net@freebsd.org>; Thu,  9 Feb 2012 00:43:51 +0000 (UTC)
Received: from azsmga001.ch.intel.com ([10.2.17.19])
	by azsmga101.ch.intel.com with ESMTP; 08 Feb 2012 16:15:27 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="4.71,315,1320652800"; d="scan'208";a="104711010"
Received: from orsmsx603.amr.corp.intel.com ([10.22.226.49])
	by azsmga001.ch.intel.com with ESMTP; 08 Feb 2012 16:15:27 -0800
Received: from orsmsx102.amr.corp.intel.com (10.22.225.129) by
	orsmsx603.amr.corp.intel.com (10.22.226.49) with Microsoft SMTP Server
	(TLS) id 8.2.255.0; Wed, 8 Feb 2012 16:15:19 -0800
Received: from orsmsx104.amr.corp.intel.com ([169.254.3.48]) by
	ORSMSX102.amr.corp.intel.com ([169.254.1.143]) with mapi id
	14.01.0355.002; Wed, 8 Feb 2012 16:15:19 -0800
From: "Vogel, Jack" <jack.vogel@intel.com>
To: Arnaud Lacombe <lacombar@gmail.com>
Thread-Topic: Missed packet on recent em(4)
Thread-Index: AQHM5rjg46GNePr+F0CWTzh5R+6cFZYzsi+w
Date: Thu, 9 Feb 2012 00:15:18 +0000
Message-ID: <BC1B13FD0226B0479C795193AC1B25720445A7@ORSMSX104.amr.corp.intel.com>
References: <CACqU3MWLcURFL4k3-Athcvd5TwtodqA5=vryE-wxgFFp8-wnrw@mail.gmail.com>
In-Reply-To: <CACqU3MWLcURFL4k3-Athcvd5TwtodqA5=vryE-wxgFFp8-wnrw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.22.254.138]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: RE: Missed packet on recent em(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 00:43:52 -0000

The NETMAP code is all self-contained, just delete what's inside the ifdef'=
s=20

Jack


-----Original Message-----
From: Arnaud Lacombe [mailto:lacombar@gmail.com]=20
Sent: Wednesday, February 08, 2012 3:25 PM
To: Vogel, Jack
Cc: freebsd-net@freebsd.org
Subject: Missed packet on recent em(4)

Hi Jack,

For the record, on the following hardware:

em3@pci0:5:0:0: class=3D0x020000 card=3D0x150415bb chip=3D0x150c8086 rev=3D=
0x00 hdr=3D0x00

and the following version of em(4):

em3: <Intel(R) PRO/1000 Network Connection 7.2.3> port 0xec00-0xec1f
mem 0xfebe0000-0xfebfffff,0xfebdc000-0xfebdffff irq 19 at device 0.0
on pci5
em3: Using an MSI interrupt
em3: [FILTER]
em3: Ethernet address: 00:90:fb:35:18:b1

backported to 7-STABLE, I am still getting `missed_packets' increment,
without any obvious mbuf allocation denial. These increments do not
translate into complete hang of the driver, just crazy frame loss.

# sysctl dev.em.3
dev.em.3.%desc: Intel(R) PRO/1000 Network Connection 7.2.3
dev.em.3.%driver: em
dev.em.3.%location: slot=3D0 function=3D0
dev.em.3.%pnpinfo: vendor=3D0x8086 device=3D0x150c subvendor=3D0x15bb
subdevice=3D0x1504 class=3D0x020000
dev.em.3.%parent: pci5
dev.em.3.rx_int_delay: 0
dev.em.3.tx_int_delay: 66
dev.em.3.rx_abs_int_delay: 66
dev.em.3.tx_abs_int_delay: 66
dev.em.3.rx_processing_limit: 100
dev.em.3.flow_control: 3
dev.em.3.eee_control: 0
dev.em.3.link_irq: 0
dev.em.3.mbuf_alloc_fail: 0
dev.em.3.cluster_alloc_fail: 0
dev.em.3.dropped: 0
dev.em.3.tx_dma_fail: 0
dev.em.3.rx_overruns: 78
dev.em.3.watchdog_timeouts: 0
dev.em.3.device_control: 1477444168
dev.em.3.rx_control: 67141634
dev.em.3.fc_high_water: 18432
dev.em.3.fc_low_water: 16932
dev.em.3.queue0.txd_head: 703
dev.em.3.queue0.txd_tail: 703
dev.em.3.queue0.tx_irq: 0
dev.em.3.queue0.no_desc_avail: 0
dev.em.3.queue0.rxd_head: 692
dev.em.3.queue0.rxd_tail: 691
dev.em.3.queue0.rx_irq: 0
dev.em.3.mac_stats.excess_coll: 0
dev.em.3.mac_stats.single_coll: 0
dev.em.3.mac_stats.multiple_coll: 0
dev.em.3.mac_stats.late_coll: 0
dev.em.3.mac_stats.collision_count: 0
dev.em.3.mac_stats.symbol_errors: 0
dev.em.3.mac_stats.sequence_errors: 0
dev.em.3.mac_stats.defer_count: 0
dev.em.3.mac_stats.missed_packets: 1135790
dev.em.3.mac_stats.recv_no_buff: 555763
dev.em.3.mac_stats.recv_undersize: 0
dev.em.3.mac_stats.recv_fragmented: 0
dev.em.3.mac_stats.recv_oversize: 0
dev.em.3.mac_stats.recv_jabber: 0
dev.em.3.mac_stats.recv_errs: 0
dev.em.3.mac_stats.crc_errs: 0
dev.em.3.mac_stats.alignment_errs: 0
dev.em.3.mac_stats.coll_ext_errs: 0
dev.em.3.mac_stats.xon_recvd: 6806
dev.em.3.mac_stats.xon_txd: 253
dev.em.3.mac_stats.xoff_recvd: 7583
dev.em.3.mac_stats.xoff_txd: 742908
dev.em.3.mac_stats.total_pkts_recvd: 3904354
dev.em.3.mac_stats.good_pkts_recvd: 2761900
[...]

This happened with about 1000 short-lived TCP connection filling about
100Mbps of traffic.

I saw you made updates to the driver recently. I'll attempt a backport
and let you know. This might not be trivial given the netmap mess
which appeared in -current...

 - Arnaud

From owner-freebsd-net@FreeBSD.ORG  Thu Feb  9 16:14:19 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5BEC51065678;
	Thu,  9 Feb 2012 16:14:19 +0000 (UTC)
	(envelope-from qing.li@bluecoat.com)
Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28])
	by mx1.freebsd.org (Postfix) with ESMTP id 077C78FC0A;
	Thu,  9 Feb 2012 16:14:18 +0000 (UTC)
Received: from PWSVL-EXCHTS-02.internal.cacheflow.com (sai-rp.bluecoat.com
	[10.2.2.126] (may be forged))
	by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id q19G42Oa011312
	(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL);
	Thu, 9 Feb 2012 08:04:03 -0800 (PST)
Received: from PWSVL-EXCMBX-01.internal.cacheflow.com
	([fe80::15bc:12e2:4676:340f]) by PWSVL-EXCHTS-02.internal.cacheflow.com
	([fe80::4910:317f:407:6ecc%14]) with mapi id 14.01.0289.001;
	Thu, 9 Feb 2012 08:04:08 -0800
From: "Li, Qing" <qing.li@bluecoat.com>
To: Steven Hartland <killing@multiplay.co.uk>, Gary Palmer
	<gpalmer@freebsd.org>
Thread-Topic: kern/161899: Repeating RTM_MISS packets causing high CPU load
	for ntpd
Thread-Index: AQHM5pWffl/Cu3mx7EyaNXcGWApqBZY0u4gg
Date: Thu, 9 Feb 2012 16:04:07 +0000
Message-ID: <B143A8975061C446AD5E29742C53172321BFD6@PWSVL-EXCMBX-01.internal.cacheflow.com>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org>
	<F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk>
	<20120208182329.GC10082@in-addr.com>
	<7033DB091C8A46E0A14C7C2F52929C95@multiplay.co.uk>
In-Reply-To: <7033DB091C8A46E0A14C7C2F52929C95@multiplay.co.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [216.52.23.68]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: RE: kern/161899: Repeating RTM_MISS packets causing high CPU load
 for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 16:14:19 -0000

Hmm...  I don't see this problem until multiple FIBs are enabled.

--Qing


> -----Original Message-----
> From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-
> net@freebsd.org] On Behalf Of Steven Hartland
> Sent: Wednesday, February 08, 2012 11:13 AM
> To: Gary Palmer
> Cc: freebsd-net@freebsd.org; Gleb Smirnoff
> Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU
> load for ntpd
>=20
> ----- Original Message -----
> From: "Gary Palmer" <gpalmer@freebsd.org>
> >> Running the following commands does indeed stop this
> >> route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
> >> route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
> >>
> >> I found these in /etc/rc.d/network_ipv6 but I can't see why
> >> these wouldnt be run on a machine that doesn't have an IPv6
> >> address, they seem to be added correctly on machines that do.
> >
> > Speculation: the machine(s) which didn't have the routes maybe
> > didn't have
> >
> > ipv6_enable=3D"YES"
> >
> > in /etc/rc.conf?
>=20
> Doh!
>=20
> Indeed they don't so of course /etc/rc.d/network_ipv6 doesnt
> start but IPv6 is in the kernel and ipv6 is configured on lo0 via
> /etc/rc.d/auto_linklocal so it looks like ipv6 is enabled even
> though it isnt.
>=20
> Given this would a reasonable patch be to move the internal routing
> to auto_linklocal i.e. these lines:-
>     # disallow "internal" addresses to appear on the wire
>     route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
>     route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
>=20
> Seems the relavent fix was part of a much bigger commit:-
> http://svnweb.freebsd.org/base?view=3Drevision&revision=3D197139
>=20
> So it may not be easy to patch this into 8.x
>=20
>     Regards
>     Steve
>=20
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> This e.mail is private and confidential between Multiplay (UK) Ltd. and
> the person or entity to whom it is addressed. In the event of
> misdirection, the recipient is prohibited from using, copying, printing
> or otherwise disseminating it or any information contained in it.
>=20
> In the event of misdirection, illegible or incomplete transmission
> please telephone +44 845 868 1337
> or return the E.mail to postmaster@multiplay.co.uk.
>=20
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

From owner-freebsd-net@FreeBSD.ORG  Thu Feb  9 16:55:04 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DB920106566B
	for <freebsd-net@freebsd.org>; Thu,  9 Feb 2012 16:55:04 +0000 (UTC)
	(envelope-from lacombar@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
	by mx1.freebsd.org (Postfix) with ESMTP id 628FA8FC0A
	for <freebsd-net@freebsd.org>; Thu,  9 Feb 2012 16:55:03 +0000 (UTC)
Received: by wgbdq11 with SMTP id dq11so2037603wgb.31
	for <freebsd-net@freebsd.org>; Thu, 09 Feb 2012 08:55:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	bh=NTTSvwemYmLCIAYQhSbh+U6MSoYi5pn40+ULmBBGiw8=;
	b=lbfqBn2Fz79+rxZVr3QTHn5EK59Aqg5DEBG+zBdKs8XR7IzP/3NK6YdFi7br/N2VhI
	S1tLOyDZQNmmQNUFewv4LxcNpvmAFdj/LqsblzkSonwv6kBshuyJA3YoqD/XkNGiR0bN
	WVkyA4DCky+JrBgZWY0PM/C0W6vA//DqXFd48=
MIME-Version: 1.0
Received: by 10.180.101.165 with SMTP id fh5mr4021787wib.10.1328806502445;
	Thu, 09 Feb 2012 08:55:02 -0800 (PST)
Received: by 10.216.58.201 with HTTP; Thu, 9 Feb 2012 08:55:02 -0800 (PST)
In-Reply-To: <BC1B13FD0226B0479C795193AC1B25720445A7@ORSMSX104.amr.corp.intel.com>
References: <CACqU3MWLcURFL4k3-Athcvd5TwtodqA5=vryE-wxgFFp8-wnrw@mail.gmail.com>
	<BC1B13FD0226B0479C795193AC1B25720445A7@ORSMSX104.amr.corp.intel.com>
Date: Thu, 9 Feb 2012 11:55:02 -0500
Message-ID: <CACqU3MXBjFk8L5vY-MTRtqFkOdT-7zECVzBTRR2d+mBu-3dtiw@mail.gmail.com>
From: Arnaud Lacombe <lacombar@gmail.com>
To: "Vogel, Jack" <jack.vogel@intel.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: Missed packet on recent em(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 16:55:05 -0000

Hi,

On Wed, Feb 8, 2012 at 7:15 PM, Vogel, Jack <jack.vogel@intel.com> wrote:
> The NETMAP code is all self-contained, just delete what's inside the ifde=
f's
>
not exactly, the allocator stuff from r229939 is not that self
contained, but beside that my problem is more to get the patches to
apply to our internal 7-STABLE tree.

My generic workflow is to mindlessly use git-format-patch to generate
the set of patches, slightly reformat commit log to our internal
standard, and apply that on top of the target tree. I then let git
figures out eventual conflicts and fix them. I do not want to have to
think about all the things we changed internally which might conflict,
but also want to keep record of who made what change in which
commit/revision. To some extend, I want to avoid the mess which
happened in `sys/dev/e1000/' where you blew luigi@ and other
committers changes by blindly committing stuff and letting them fix
the damage afterward. These few commits were just wonderful, I must
admit you made my day a little less sad ;-)

 - Arnaud

> Jack
>
>
> -----Original Message-----
> From: Arnaud Lacombe [mailto:lacombar@gmail.com]
> Sent: Wednesday, February 08, 2012 3:25 PM
> To: Vogel, Jack
> Cc: freebsd-net@freebsd.org
> Subject: Missed packet on recent em(4)
>
> Hi Jack,
>
> For the record, on the following hardware:
>
> em3@pci0:5:0:0: class=3D0x020000 card=3D0x150415bb chip=3D0x150c8086 rev=
=3D0x00 hdr=3D0x00
>
> and the following version of em(4):
>
> em3: <Intel(R) PRO/1000 Network Connection 7.2.3> port 0xec00-0xec1f
> mem 0xfebe0000-0xfebfffff,0xfebdc000-0xfebdffff irq 19 at device 0.0
> on pci5
> em3: Using an MSI interrupt
> em3: [FILTER]
> em3: Ethernet address: 00:90:fb:35:18:b1
>
> backported to 7-STABLE, I am still getting `missed_packets' increment,
> without any obvious mbuf allocation denial. These increments do not
> translate into complete hang of the driver, just crazy frame loss.
>
> # sysctl dev.em.3
> dev.em.3.%desc: Intel(R) PRO/1000 Network Connection 7.2.3
> dev.em.3.%driver: em
> dev.em.3.%location: slot=3D0 function=3D0
> dev.em.3.%pnpinfo: vendor=3D0x8086 device=3D0x150c subvendor=3D0x15bb
> subdevice=3D0x1504 class=3D0x020000
> dev.em.3.%parent: pci5
> dev.em.3.rx_int_delay: 0
> dev.em.3.tx_int_delay: 66
> dev.em.3.rx_abs_int_delay: 66
> dev.em.3.tx_abs_int_delay: 66
> dev.em.3.rx_processing_limit: 100
> dev.em.3.flow_control: 3
> dev.em.3.eee_control: 0
> dev.em.3.link_irq: 0
> dev.em.3.mbuf_alloc_fail: 0
> dev.em.3.cluster_alloc_fail: 0
> dev.em.3.dropped: 0
> dev.em.3.tx_dma_fail: 0
> dev.em.3.rx_overruns: 78
> dev.em.3.watchdog_timeouts: 0
> dev.em.3.device_control: 1477444168
> dev.em.3.rx_control: 67141634
> dev.em.3.fc_high_water: 18432
> dev.em.3.fc_low_water: 16932
> dev.em.3.queue0.txd_head: 703
> dev.em.3.queue0.txd_tail: 703
> dev.em.3.queue0.tx_irq: 0
> dev.em.3.queue0.no_desc_avail: 0
> dev.em.3.queue0.rxd_head: 692
> dev.em.3.queue0.rxd_tail: 691
> dev.em.3.queue0.rx_irq: 0
> dev.em.3.mac_stats.excess_coll: 0
> dev.em.3.mac_stats.single_coll: 0
> dev.em.3.mac_stats.multiple_coll: 0
> dev.em.3.mac_stats.late_coll: 0
> dev.em.3.mac_stats.collision_count: 0
> dev.em.3.mac_stats.symbol_errors: 0
> dev.em.3.mac_stats.sequence_errors: 0
> dev.em.3.mac_stats.defer_count: 0
> dev.em.3.mac_stats.missed_packets: 1135790
> dev.em.3.mac_stats.recv_no_buff: 555763
> dev.em.3.mac_stats.recv_undersize: 0
> dev.em.3.mac_stats.recv_fragmented: 0
> dev.em.3.mac_stats.recv_oversize: 0
> dev.em.3.mac_stats.recv_jabber: 0
> dev.em.3.mac_stats.recv_errs: 0
> dev.em.3.mac_stats.crc_errs: 0
> dev.em.3.mac_stats.alignment_errs: 0
> dev.em.3.mac_stats.coll_ext_errs: 0
> dev.em.3.mac_stats.xon_recvd: 6806
> dev.em.3.mac_stats.xon_txd: 253
> dev.em.3.mac_stats.xoff_recvd: 7583
> dev.em.3.mac_stats.xoff_txd: 742908
> dev.em.3.mac_stats.total_pkts_recvd: 3904354
> dev.em.3.mac_stats.good_pkts_recvd: 2761900
> [...]
>
> This happened with about 1000 short-lived TCP connection filling about
> 100Mbps of traffic.
>
> I saw you made updates to the driver recently. I'll attempt a backport
> and let you know. This might not be trivial given the netmap mess
> which appeared in -current...
>
> =A0- Arnaud

From owner-freebsd-net@FreeBSD.ORG  Thu Feb  9 22:45:39 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A7A8E106566C;
	Thu,  9 Feb 2012 22:45:39 +0000 (UTC)
	(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
	by mx1.freebsd.org (Postfix) with ESMTP id 5A29B8FC08;
	Thu,  9 Feb 2012 22:45:38 +0000 (UTC)
Received: from julian-mac.elischer.org (64.1.209.194.ptr.us.xo.net
	[64.1.209.194]) (authenticated bits=0)
	by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q19MjZmu063692
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
	Thu, 9 Feb 2012 14:45:36 -0800 (PST)
	(envelope-from julian@freebsd.org)
Message-ID: <4F344CE4.301@freebsd.org>
Date: Thu, 09 Feb 2012 14:47:00 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
	rv:1.9.2.26) Gecko/20120129 Thunderbird/3.1.18
MIME-Version: 1.0
To: Gleb Smirnoff <glebius@freebsd.org>
References: <CAPBZQG32iyzkec4PG+qay9bKfd0GiffKyRBapLkATKvHr7cVww@mail.gmail.com>	<20120131110204.GA95472@onelab2.iet.unipi.it>	<20120208133559.GK13554@FreeBSD.org>	<CAPBZQG0edS3sru=D_iGMsNDC5EA8H=A=wwRUDOGZi9DtU5-CkQ@mail.gmail.com>
	<20120208140921.GM13554@glebius.int.ru>
In-Reply-To: <20120208140921.GM13554@glebius.int.ru>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Ermal Lu?i <eri@freebsd.org>, freebsd-net <freebsd-net@freebsd.org>,
	Luigi Rizzo <rizzo@iet.unipi.it>, freebsd-hackers@freebsd.org
Subject: Re: [PATCH] multiple instances of ipfw(4)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2012 22:45:39 -0000

On 2/8/12 6:09 AM, Gleb Smirnoff wrote:
> On Wed, Feb 08, 2012 at 03:04:09PM +0100, Ermal Lu?i wrote:
> E>  2012/2/8 Gleb Smirnoff<glebius@freebsd.org>:
> E>  >  On Tue, Jan 31, 2012 at 12:02:04PM +0100, Luigi Rizzo wrote:
> E>  >  L>  if i understand what the patch does, i think it makes sense to be
> E>  >  L>  able to hook ipfw instances to specific interfaces/sets of interfaces,
> E>  >  L>  as it permits the writing of more readable rulesets. Right now the
> E>  >  L>  workaround is start the ruleset with skipto rules matching on
> E>  >  L>  interface names, and then use some discipline in "reserving" a range
> E>  >  L>  of rule numbers to each interface.
> E>  >
> E>  >  This is definitely a desired feature, but it should be implemented
> E>  >  on level of pfil(9). However, that would still require multiple
> E>  >  instances of ipfw(4).
> E>  >
> E>  This opens a discussion of architecture design.
> E>  I do not think presently pfil(9) is designed to handle such thing!
>
> Several years ago, I guess around 2005, a discussion on a per-interface
> packet filtering was taken on the net@ mailing list. In that time, it lead
> to nothing, several people were against the idea.
>
> Recently on IRC I had raised the discussion again. Today more people liked
> the idea and found it a desired feature.
>
> Many kinds of high end networking equipment have per-interface ACLs. I know
> that networking sysadmins would be happy if FreeBSD packet filters would
> get this feature, since maintaing such ACLs is much easier on a router with
> dozens of interfaces.

I think it is a good idea. not only for interfaces but certain routing 
and bridging paths too.



From owner-freebsd-net@FreeBSD.ORG  Fri Feb 10 00:43:28 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 745381065676;
	Fri, 10 Feb 2012 00:43:28 +0000 (UTC)
	(envelope-from prvs=1387bf0264=killing@multiplay.co.uk)
Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
	by mx1.freebsd.org (Postfix) with ESMTP id 903148FC1C;
	Fri, 10 Feb 2012 00:43:27 +0000 (UTC)
X-Spam-Processed: mail1.multiplay.co.uk, Fri, 10 Feb 2012 00:31:38 +0000
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	mail1.multiplay.co.uk
X-Spam-Level: 
X-Spam-Status: No, score=-5.0 required=6.0 tests=USER_IN_WHITELIST
	shortcircuit=ham autolearn=disabled version=3.2.5
Received: from r2d2 ([188.220.16.49])
	by mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23])
	(MDaemon PRO v10.0.4) with ESMTP id md50017980317.msg;
	Fri, 10 Feb 2012 00:31:37 +0000
X-MDRemoteIP: 188.220.16.49
X-Return-Path: prvs=1387bf0264=killing@multiplay.co.uk
X-Envelope-From: killing@multiplay.co.uk
Message-ID: <926CBEDBBCCE44E998B05C11D2C0C621@multiplay.co.uk>
From: "Steven Hartland" <killing@multiplay.co.uk>
To: "Li, Qing" <qing.li@bluecoat.com>,
	"Gary Palmer" <gpalmer@freebsd.org>
References: <201202081300.q18D0Wnc067564@freefall.freebsd.org><F2AB6FBA67934AF38EA2BCB528D27F34@multiplay.co.uk><20120208182329.GC10082@in-addr.com>
	<7033DB091C8A46E0A14C7C2F52929C95@multiplay.co.uk>
	<B143A8975061C446AD5E29742C53172321BFD6@PWSVL-EXCMBX-01.internal.cacheflow.com>
Date: Fri, 10 Feb 2012 00:30:46 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Cc: freebsd-net@freebsd.org
Subject: Re: kern/161899: Repeating RTM_MISS packets causing high CPU load
	for ntpd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Feb 2012 00:43:28 -0000


----- Original Message ----- 
From: "Li, Qing" <qing.li@bluecoat.com>
> Hmm...  I don't see this problem until multiple FIBs are enabled.

I have a bog standard box here one default route and one
active nic, which exhibits this issue so there shouldn't be
multiple FIB's unless the fact that IPv6 is compiled in and
active on lo0 making this so?

    Regards
    Steve

================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. 

In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster@multiplay.co.uk.


From owner-freebsd-net@FreeBSD.ORG  Sat Feb 11 08:34:21 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7A5A8106566B
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 08:34:21 +0000 (UTC)
	(envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
	by mx1.freebsd.org (Postfix) with ESMTP id 4D1D48FC0C
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 08:34:21 +0000 (UTC)
Received: from julian-mac.elischer.org (c-67-180-24-15.hsd1.ca.comcast.net
	[67.180.24.15]) (authenticated bits=0)
	by vps1.elischer.org (8.14.4/8.14.4) with ESMTP id q1B8YJNW072001
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO);
	Sat, 11 Feb 2012 00:34:20 -0800 (PST)
	(envelope-from julian@freebsd.org)
Message-ID: <4F362861.7090801@freebsd.org>
Date: Sat, 11 Feb 2012 00:35:45 -0800
From: Julian Elischer <julian@freebsd.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US;
	rv:1.9.2.26) Gecko/20120129 Thunderbird/3.1.18
MIME-Version: 1.0
To: Joe Holden <lists@rewt.org.uk>
References: <4F32E45F.9030504@rewt.org.uk> <4F32E8B6.8050409@freebsd.org>
	<4F32E8EC.4070206@rewt.org.uk>
In-Reply-To: <4F32E8EC.4070206@rewt.org.uk>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 08:34:21 -0000

On 2/8/12 1:28 PM, Joe Holden wrote:
> Julian Elischer wrote:
>> On 2/8/12 1:08 PM, Joe Holden wrote:
>>> Hey guys,
>>>
>>> The maximum fibs is currently 16 due to an mbuf limitation I 
>>> believe? Is there any scope for the number being increased?
>> it was designed to be able to be expanable... there is only the one 
>> place.
>>
>> there are upcoming FIB changes and it may be a good oportunity to 
>> change this in 10..
>>
> aha, I was under the impression that it was limited due to mbuf 
> size, not sure where I read that - think it was a commit from a 
> while back.

you are correct.. the one limitation is the mbufs
but we can maybe change the mbuf layout a little in 10
which will allow for more FIBs

>
>>>
>>> Ta,
>>> J
>>> _______________________________________________
>>> freebsd-net@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>>> To unsubscribe, send any mail to 
>>> "freebsd-net-unsubscribe@freebsd.org"
>>>
>>
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>
>


From owner-freebsd-net@FreeBSD.ORG  Sat Feb 11 08:41:04 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D0A4B1065672;
	Sat, 11 Feb 2012 08:41:04 +0000 (UTC)
	(envelope-from bzeeb-lists@lists.zabbadoz.net)
Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25])
	by mx1.freebsd.org (Postfix) with ESMTP id 862158FC0C;
	Sat, 11 Feb 2012 08:41:04 +0000 (UTC)
Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587])
	(using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.sbone.de (Postfix) with ESMTPS id 47FA025D37C0;
	Sat, 11 Feb 2012 08:41:03 +0000 (UTC)
Received: from content-filter.sbone.de (content-filter.sbone.de
	[IPv6:fde9:577b:c1a9:31::2013:2742])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.sbone.de (Postfix) with ESMTPS id 674E6BDB1D3;
	Sat, 11 Feb 2012 08:41:02 +0000 (UTC)
X-Virus-Scanned: amavisd-new at sbone.de
Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587])
	by content-filter.sbone.de (content-filter.sbone.de
	[fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024)
	with ESMTP id wmG5g06cSfVr; Sat, 11 Feb 2012 08:41:01 +0000 (UTC)
Received: from orange-en1.sbone.de (orange-en1.sbone.de
	[IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3])
	(using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested)
	by mail.sbone.de (Postfix) with ESMTPSA id 18C9DBDB1D2;
	Sat, 11 Feb 2012 08:41:00 +0000 (UTC)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=us-ascii
From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
In-Reply-To: <4F362861.7090801@freebsd.org>
Date: Sat, 11 Feb 2012 08:41:00 +0000
Content-Transfer-Encoding: quoted-printable
Message-Id: <E55332B4-F2B4-42DA-9231-0B3F56FAD750@lists.zabbadoz.net>
References: <4F32E45F.9030504@rewt.org.uk> <4F32E8B6.8050409@freebsd.org>
	<4F32E8EC.4070206@rewt.org.uk> <4F362861.7090801@freebsd.org>
To: Julian Elischer <julian@freebsd.org>
X-Mailer: Apple Mail (2.1084)
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>,
	Joe Holden <lists@rewt.org.uk>
Subject: Re: Max FIBS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 08:41:04 -0000


On 11. Feb 2012, at 08:35 , Julian Elischer wrote:

> On 2/8/12 1:28 PM, Joe Holden wrote:
>> Julian Elischer wrote:
>>> On 2/8/12 1:08 PM, Joe Holden wrote:
>>>> Hey guys,
>>>>=20
>>>> The maximum fibs is currently 16 due to an mbuf limitation I =
believe? Is there any scope for the number being increased?
>>> it was designed to be able to be expanable... there is only the one =
place.
>>>=20
>>> there are upcoming FIB changes and it may be a good oportunity to =
change this in 10..
>>>=20
>> aha, I was under the impression that it was limited due to mbuf size, =
not sure where I read that - think it was a commit from a while back.
>=20
> you are correct.. the one limitation is the mbufs
> but we can maybe change the mbuf layout a little in 10
> which will allow for more FIBs

We are basically waiting for someone to touch mbufs for real and to be =
able
to do the full performance re-evaluation but I guess we'd also like to =
have
the secondary zone to die etc all in the same go...

Meanwhile updating the limit locally isn't too hard; it's a couple of =
line
change.

/bz

--=20
Bjoern A. Zeeb                                 You have to have visions!
   It does not matter how good you are. It matters what good you do!


From owner-freebsd-net@FreeBSD.ORG  Sat Feb 11 15:38:28 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7B96D106566B
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 15:38:28 +0000 (UTC)
	(envelope-from stalker2174@yandex.ru)
Received: from me10436d0.tmodns.net (me10436d0.tmodns.net [208.54.4.225])
	by mx1.freebsd.org (Postfix) with SMTP id 4978B8FC14
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 15:38:26 +0000 (UTC)
Received: from unknown (HELO 7jvin1) ([27.29.33.113])
	by me10436d0.tmodns.net with ESMTP; Sat, 11 Feb 2012 08:32:25 -0700
Message-ID: <001c01cce8d1$c756dfb0$1b1d2171@OwnerPC7jvin1>
From: "Rolf Rangel" <stalker2174@yandex.ru>
To: <freebsd-net@freebsd.org>
Date: Sat, 11 Feb 2012 08:22:46 -0700
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="windows-1250";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1158
Subject: Microsoft OEM Software
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 15:38:28 -0000

We sell industry leading software at the lowest prices(90% discount), 
with free fast shipping!

Windows Pro 7 SP1 Full oem 64-Bit DVD version - 15.99$
Office 2010 Home and Business for 1 PC Full - 19.99$
Adobe Acrobat X Professional - 21.99$
and more...

Mail to order: stalker2174@yandex.ru or just click Reply.


From owner-freebsd-net@FreeBSD.ORG  Sat Feb 11 18:19:40 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 86E16106564A;
	Sat, 11 Feb 2012 18:19:40 +0000 (UTC)
	(envelope-from alexey@kouznetsov.com)
Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com
	[209.85.214.54])
	by mx1.freebsd.org (Postfix) with ESMTP id DF3788FC08;
	Sat, 11 Feb 2012 18:19:39 +0000 (UTC)
Received: by bkcjg1 with SMTP id jg1so3333233bkc.13
	for <multiple recipients>; Sat, 11 Feb 2012 10:19:38 -0800 (PST)
Received: by 10.204.154.14 with SMTP id m14mr2866675bkw.38.1328984378389;
	Sat, 11 Feb 2012 10:19:38 -0800 (PST)
Received: from your89ebba6db9 ([77.41.97.165])
	by mx.google.com with ESMTPS id o26sm28924945bko.14.2012.02.11.10.19.36
	(version=SSLv3 cipher=OTHER); Sat, 11 Feb 2012 10:19:37 -0800 (PST)
From: "Alexey Kouznetsov" <alexey@kouznetsov.com>
To: <zi@FreeBSD.org>,
	<net@FreeBSD.org>
Date: Sat, 11 Feb 2012 22:19:33 +0400
Message-ID: <D1BB55D7D7404898AD10C68C27F0EB25@your89ebba6db9>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
Thread-Index: Aczo6TDC5mkYPw7sTNOizM7GCkH49QAACwgg
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
X-Gm-Message-State: ALoCoQkYpeOBBJBoF8A20cJPrx/V9Vr6zmKX0J4r7I2TKavlRygJ9d+5fdhc9/O/Z58l+xJyKPzd
Cc: 
Subject: FW: [ net-snmp-Bugs-3480541 ] Wrong index of disk (dskIndex)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 18:19:40 -0000

Hello! 
Could you, please look at this also?
Explanation bellow at SF bug track

--- work/net-snmp-5.7.1/agent/mibgroup/ucd-snmp/disk_hw.c.orig  2011-09-@@
+++ work/net-snmp-5.7.1/agent/mibgroup/ucd-snmp/disk_hw.c       2012-02-11
21:55:16.000000000 +0400-322,7 +321,7 @@

     switch (vp->magic) {
     case MIBINDEX:
+        long_ret = disknum + 1;
-        long_ret = disknum;
         return ((u_char *) (&long_ret));
     case ERRORNAME:            /* DISKPATH */
         *var_len = strlen(entry->path);

Thank you!

-----Original Message-----
From: SourceForge.net [mailto:noreply@sourceforge.net] 
Sent: Saturday, February 11, 2012 10:16 PM
To: SourceForge.net
Subject: [ net-snmp-Bugs-3480541 ] Wrong index of disk (dskIndex)

Bugs item #3480541, was opened at 2012-01-27 05:47
Message generated for change (Comment added) made by st-da
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=3480541&group_i
d=12694

Please note that this message will contain a full copy of the comment
thread,
including the initial issue submission, for this request,
not just the latest update.
Category: agent
Group: freeBSD
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Alexey (st-da)
Assigned to: Nobody/Anonymous (nobody)
Summary: Wrong index of disk (dskIndex)

Initial Comment:
# snmpwalk -c public 127.0.0.1 dskIndex 

UCD-SNMP-MIB::dskIndex.1 = INTEGER: 0
UCD-SNMP-MIB::dskIndex.2 = INTEGER: 1
UCD-SNMP-MIB::dskIndex.3 = INTEGER: 2
UCD-SNMP-MIB::dskIndex.4 = INTEGER: 3
UCD-SNMP-MIB::dskIndex.5 = INTEGER: 4
UCD-SNMP-MIB::dskIndex.6 = INTEGER: 5
UCD-SNMP-MIB::dskIndex.7 = INTEGER: 6


In my mind it have to be same mumbers in OID and in index

UCD-SNMP-MIB::dskIndex.1 = INTEGER: 1
UCD-SNMP-MIB::dskIndex.2 = INTEGER: 2
UCD-SNMP-MIB::dskIndex.3 = INTEGER: 3
UCD-SNMP-MIB::dskIndex.4 = INTEGER: 4
UCD-SNMP-MIB::dskIndex.5 = INTEGER: 5
UCD-SNMP-MIB::dskIndex.6 = INTEGER: 6
UCD-SNMP-MIB::dskIndex.7 = INTEGER: 7


# /usr/local/sbin/snmpd -v

NET-SNMP version:  5.7.1
Web:               http://www.net-snmp.org/
Email:             net-snmp-coders@lists.sourceforge.net

recenly built from ports on FreeBSD 8.2 stable. Looks lite it started from
5.7 and was correctly before. 

----------------------------------------------------------------------

>Comment By: Alexey (st-da)
Date: 2012-02-11 10:15

Message:
ops reverse + and - at last patch...

----------------------------------------------------------------------

Comment By: Alexey (st-da)
Date: 2012-02-11 10:07

Message:
disk index fixed for me by small path:

--- work/net-snmp-5.7.1/agent/mibgroup/ucd-snmp/disk_hw.c       2012-02-11
21:55:16.000000000 +0400
+++ work/net-snmp-5.7.1/agent/mibgroup/ucd-snmp/disk_hw.c.orig  2011-09-@@
-322,7 +321,7 @@

     switch (vp->magic) {
     case MIBINDEX:
-        long_ret = disknum + 1;
+        long_ret = disknum;
         return ((u_char *) (&long_ret));
     case ERRORNAME:            /* DISKPATH */
         *var_len = strlen(entry->path);


----------------------------------------------------------------------

Comment By: Alexey (st-da)
Date: 2012-02-02 06:09

Message:
there are same requets sfter we clean up the disk


UCD-SNMP-MIB::dskTotal.4 = INTEGER: 50777034
UCD-SNMP-MIB::dskAvail.4 = INTEGER: 36894232
UCD-SNMP-MIB::dskUsed.4 = INTEGER: 9820640


----------------------------------------------------------------------

Comment By: Alexey (st-da)
Date: 2012-02-02 05:53

Message:
There are some more problem:

df -k | egrep logs
/dev/aacd0s1g              50777034 46745456    -30584   100%    /logs


/usr/local/bin/snmpwalk -c public xxxxxx dsk| egrep '\.4 = '
UCD-SNMP-MIB::dskIndex.4 = INTEGER: 3
UCD-SNMP-MIB::dskPath.4 = STRING: /logs
UCD-SNMP-MIB::dskDevice.4 = STRING: /dev/aacd0s1g
UCD-SNMP-MIB::dskMinimum.4 = INTEGER: 524288
UCD-SNMP-MIB::dskMinPercent.4 = INTEGER: -1
UCD-SNMP-MIB::dskTotal.4 = INTEGER: 50777034
UCD-SNMP-MIB::dskAvail.4 = INTEGER: 2147483647
UCD-SNMP-MIB::dskUsed.4 = INTEGER: 46745264
UCD-SNMP-MIB::dskPercent.4 = INTEGER: 92
UCD-SNMP-MIB::dskPercentNode.4 = INTEGER: 1
UCD-SNMP-MIB::dskTotalLow.4 = Gauge32: 50777034
UCD-SNMP-MIB::dskTotalHigh.4 = Gauge32: 0
UCD-SNMP-MIB::dskAvailLow.4 = Gauge32: 4294936904
UCD-SNMP-MIB::dskAvailHigh.4 = Gauge32: 4294967295
UCD-SNMP-MIB::dskUsedLow.4 = Gauge32: 46745264
UCD-SNMP-MIB::dskUsedHigh.4 = Gauge32: 0
UCD-SNMP-MIB::dskErrorFlag.4 = INTEGER: noError(0)
UCD-SNMP-MIB::dskErrorMsg.4 = STRING: 

some unrealistic unavailable value
dskAvail.4 = INTEGER: 2147483647

Somethiong like unsigned where we save negative value ?

FreeBSD 8.2-STABLE #9: Tue Oct 11 07:07:46 UTC 2011

pkg_info -aI | egrep snmp
net-snmp-5.7_4      An extendable SNMP implementation


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=3480541&group_i
d=12694


From owner-freebsd-net@FreeBSD.ORG  Sat Feb 11 19:41:55 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E698B106566B
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 19:41:55 +0000 (UTC)
	(envelope-from kudzu@tenebras.com)
Received: from mail-tul01m020-f182.google.com (mail-tul01m020-f182.google.com
	[209.85.214.182])
	by mx1.freebsd.org (Postfix) with ESMTP id B80B28FC13
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 19:41:54 +0000 (UTC)
Received: by obcwo16 with SMTP id wo16so6850256obc.13
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 11:41:54 -0800 (PST)
MIME-Version: 1.0
Received: by 10.60.29.228 with SMTP id n4mr2110387oeh.32.1328987925559; Sat,
	11 Feb 2012 11:18:45 -0800 (PST)
Received: by 10.60.25.99 with HTTP; Sat, 11 Feb 2012 11:18:45 -0800 (PST)
Date: Sat, 11 Feb 2012 11:18:45 -0800
Message-ID: <CAHu1Y73N=2Kr4D3NNDVsGTokhqOxE=mhMtERw_ULGvsGO9QuZw@mail.gmail.com>
From: Michael Sierchio <kudzu@tenebras.com>
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Subject: MPD5 L2TP question
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 19:41:56 -0000

[if there's a more appropriate place to pose this, please direct me]

I'm trying to use mpd5 to build an L2TP server.  It generally works as
expected, except I cannot figure out how to push the route to an
attached network to the PPP client.  If I manually add a route on the
client (to the ppp0 interface), things work as expected.  This won't
work for deploying this to users, though.

I should point out that for OS X users of the L2TP client, we
generally discourage routing all traffic over the tunnel - if we told
them to put the L2TP pseudo-interface above the Ethernet interface,
this would probably work.  However, I'd like to push a route to my
local net.

A sample config would be most welcome.  Thanks.

- M

From owner-freebsd-net@FreeBSD.ORG  Sat Feb 11 20:36:43 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 58EB2106566B
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 20:36:43 +0000 (UTC)
	(envelope-from adrian.minta@gmail.com)
Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com
	[209.85.215.182])
	by mx1.freebsd.org (Postfix) with ESMTP id D4B608FC1A
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 20:36:42 +0000 (UTC)
Received: by eaan10 with SMTP id n10so1498301eaa.13
	for <freebsd-net@freebsd.org>; Sat, 11 Feb 2012 12:36:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=message-id:date:from:user-agent:mime-version:to:subject:references
	:in-reply-to:content-type:content-transfer-encoding;
	bh=75YPT17GQymOyK2oH/q9OJAUzzAzlZE75wiKOl4YHwU=;
	b=YZcg6Ab/e8joJ3kdQE5MhP5NOAF34tkBsUKsx7p1xXHrXFLzUwf3M5Yy9xIDiEkM26
	9EoVFQcMfyIBluy+OHwNTSoaDk5urTP5IN5mJrrg3gF7gcUORDu2B6IMRGAfPCNsznZs
	vojqX1v9uB9lpLe+4H5tCeWBPbRLkpgHJC2Z0=
Received: by 10.14.120.74 with SMTP id o50mr706834eeh.18.1328992601910;
	Sat, 11 Feb 2012 12:36:41 -0800 (PST)
Received: from [192.168.10.10] ([86.120.82.165])
	by mx.google.com with ESMTPS id o49sm39630710eeb.7.2012.02.11.12.36.40
	(version=TLSv1/SSLv3 cipher=OTHER);
	Sat, 11 Feb 2012 12:36:41 -0800 (PST)
Message-ID: <4F36D157.3060908@gmail.com>
Date: Sat, 11 Feb 2012 22:36:39 +0200
From: Adrian Minta <adrian.minta@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.24) Gecko/20111114 Icedove/3.1.16
MIME-Version: 1.0
To: freebsd-net@freebsd.org
References: <CAHu1Y73N=2Kr4D3NNDVsGTokhqOxE=mhMtERw_ULGvsGO9QuZw@mail.gmail.com>
In-Reply-To: <CAHu1Y73N=2Kr4D3NNDVsGTokhqOxE=mhMtERw_ULGvsGO9QuZw@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: MPD5 L2TP question
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Feb 2012 20:36:43 -0000

On 02/11/12 21:18, Michael Sierchio wrote:
> I'm trying to use mpd5 to build an L2TP server.  It generally works as
> expected, except I cannot figure out how to push the route to an
> attached network to the PPP client.  If I manually add a route on the
> client (to the ppp0 interface), things work as expected.  This won't
> work for deploying this to users, though.
Make a nice app with a big colorful icon, that brings up the session and 
then add the route.