Date: Mon, 16 Jan 2006 08:22:48 +0100 From: "[SVENSK.NL] Berry" <berry@svensk.nl> To: <freebsd-isp@freebsd.org>, <freebsd-isp-unsubscribe@freebsd.org> Subject: RE: freebsd-isp Digest, Vol 146, Issue 6 Message-ID: <002201c61a6d$a7188fc0$0a01a8c0@ectenterprise.local> In-Reply-To: <20060115120039.E1DEC16A424@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
=20 -----Original Message----- From: owner-freebsd-isp@freebsd.org = [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of freebsd-isp-request@freebsd.org Sent: 15 January 2006 13:01 To: freebsd-isp@freebsd.org Subject: freebsd-isp Digest, Vol 146, Issue 6 Send freebsd-isp mailing list submissions to freebsd-isp@freebsd.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freebsd.org/mailman/listinfo/freebsd-isp or, via email, send a message with subject or body 'help' to freebsd-isp-request@freebsd.org You can reach the person managing the list at freebsd-isp-owner@freebsd.org When replying, please edit your Subject line so it is more specific than "Re: Contents of freebsd-isp digest..." Today's Topics: 1. Re: FreeBSD as Server (Eric Anderson) 2. Re: FreeBSD as Server (Brian Candler) 3. Re: FreeBSD as Server (Bob Martin) 4. Re: FreeBSD as Server (Bill Vermillion) 5. Re: FreeBSD as Server (Alexander) 6. Re: FreeBSD as Server (Brian Candler) 7. Re: freebsd router (Gleb Smirnoff) 8. Linux binary of Apache/PHP ... (Marc G. Fournier) 9. Re: FreeBSD as Server (Freddie Cash) 10. Re: Linux binary of Apache/PHP ... (Matthew D. Fuller) 11. Re: Linux binary of Apache/PHP ... (Tobias Roth) ---------------------------------------------------------------------- Message: 1 Date: Sat, 14 Jan 2006 06:19:05 -0600 From: Eric Anderson <anderson@centtech.com> Subject: Re: FreeBSD as Server To: Alexander <shulik_freebsd@matrixhome.net> Cc: freebsd-isp@freebsd.org, Alexander Leidinger <Alexander@Leidinger.net> Message-ID: <43C8EC39.6080708@centtech.com> Content-Type: text/plain; charset=3DKOI8-R; format=3Dflowed Alexander wrote: > Alexander Leidinger PI[ET: > >> Alexander <shulik_freebsd@matrixhome.net> wrote: >> >>> http://linuxgazette.net/122/TWDT.html#piszcz - there is comparation=20 >>> of Linux FS. >> >> >> Since this doesn't cover the FreeBSD implementations of UFS or UFS2,=20 >> this doesn't say anything about the reasons why you want to use a=20 >> different FS on FreeBSD. > > So. Ext2/Ext3 is only modification of UFS and UFS is modification of=20 > S5FS. That's why I don't think, that UFS or UFS2 work better than=20 > ext2/ext3. But XFS and Reiser has big advantage. I think these are gross generalizations, and not very true at all. They = are all different in their own right, and all have different performance charactoristics. If you feel ext3 would be better suited to your needs, feel free to complete the ext2 port to ext3 for FreeBSD, I'm sure lots = of people would enjoy it. Better yet, finish the write portion of XFS. Eric -- ------------------------------------------------------------------------ Eric Anderson Sr. Systems Administrator Centaur Technology Anything that works is better than anything that doesn't. ------------------------------------------------------------------------ ------------------------------ Message: 2 Date: Sat, 14 Jan 2006 13:14:27 +0000 From: Brian Candler <B.Candler@pobox.com> Subject: Re: FreeBSD as Server To: Alexander <shulik_freebsd@matrixhome.net> Cc: freebsd-isp@freebsd.org Message-ID: <20060114131427.GA5349@uk.tiscali.com> Content-Type: text/plain; charset=3Dus-ascii On Fri, Jan 13, 2006 at 03:50:00PM +0200, Alexander wrote: > Now I try to configure ng_nat. I use example from man ng_nat. Clients=20 > machine can ping inet hosts, but nothing loaded by http or ftp or = other=20 > tcp protocol. On server packet NATed by not real ip. On other server=20 > under Linux this packet again NATed by real ip. What can I do with = this? Probably easier to use one of the other firewalling techniques to do NAT rather than manually configure ng_nat. Your other options are: - ipfw + natd (old and venerable) - ipf - pf My personal favourite is pf (which came from OpenBSD). Configuring NAT = is just one line in /etc/pf.conf. Regards, Brian. ------------------------------ Message: 3 Date: Sat, 14 Jan 2006 08:43:54 -0600 From: Bob Martin <bob@buckhorn.net> Subject: Re: FreeBSD as Server Cc: freebsd-isp@freebsd.org Message-ID: <43C90E2A.9040702@buckhorn.net> Content-Type: text/plain; charset=3DUTF-8; format=3Dflowed EXT is based on the Minix file system. Ext2 was the brain child of RC)my = Card, and has had a totally different development path than UFS. UFS was based on the Berkeley Fast File System. It dates back to the=20 CSRG, and the infancy of UNIX. There are a number of books by Kirk=20 McKusick on the subject. There have been tons of debates about UFS vs <fill in blank> on the net=20 over the years. YMMV, but if you want speed and stability, my money is=20 on UFS2. The benchmark you referred to does not show things like=20 recovery time or data loss after a catastrophic failure. I also noted that the benchmark was using an ATA133 IDE drive. Nothing=20 wrong with that in itself, but it has long been my experience that the=20 type of drive used is usually the root cause of I/O disk problem. You=20 can't get fast performance with slow drives. File systems are tools, just like operating systems. One size does not=20 fit all. You have to find the one that will work best for you. UFS and=20 UFS2 have worked well for many, for a very long time. I think if you try = it, you might find you're pleasantly surprised. Bob Martin Alexander wrote: > Alexander Leidinger P?P8Q=08P5Q=02: >=20 >> Alexander <shulik_freebsd@matrixhome.net> wrote: >> >>> http://linuxgazette.net/122/TWDT.html#piszcz - there is comparation=20 >>> of Linux FS. >> >> >> >> Since this doesn't cover the FreeBSD implementations of UFS or UFS2, = this >> doesn't say anything about the reasons why you want to use a = different=20 >> FS on >> FreeBSD. >=20 >=20 > So. Ext2/Ext3 is only modification of UFS and UFS is modification of=20 > S5FS. That's why I don't think, that UFS or UFS2 work better than=20 > ext2/ext3. But XFS and Reiser has big advantage. > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" ------------------------------ Message: 4 Date: Sat, 14 Jan 2006 10:30:29 -0500 From: Bill Vermillion <bv@wjv.com> Subject: Re: FreeBSD as Server To: Alexander <shulik_freebsd@matrixhome.net> Cc: freebsd-isp@freebsd.org, Alexander Leidinger <Alexander@Leidinger.net> Message-ID: <20060114153029.GA43731@wjv.com> Content-Type: text/plain; charset=3Dus-ascii On Sat, Jan 14, 2006 at 09:29 , after knocking over a stack of dishes on the heat sink Alexander wondered out loud about: > Alexander Leidinger ?????: >=20 > >Alexander <shulik_freebsd@matrixhome.net> wrote: > >>http://linuxgazette.net/122/TWDT.html#piszcz - there is comparation=20 > >>of Linux FS. > >Since this doesn't cover the FreeBSD implementations of UFS or > >UFS2, this doesn't say anything about the reasons why you want > >to use a different FS on FreeBSD. > So. Ext2/Ext3 is only modification of UFS and UFS is modification of=20 > S5FS. That's why I don't think, that UFS or UFS2 work better than=20 > ext2/ext3. But XFS and Reiser has big advantage. UFS is not a modification of S5FS - which were S51 and S52. Such concepts as cylinder groups and fragments were new ideas. Running both the S51 and an AFS [an Acer implementation of=20 the BSD FFS[ on the same hard drive in about 1990, I saw performance increases of up to 10 times on the same hard drive. Having worked with S51 and S52 [the latter was AT&Ts idea on how to make things faster that in reality had marginal improvement] and the FFS variants they really aren't that similar. The way files are placed on the hard-drive in the FFS variants as opposed to the S5? variants also contributed to keep the drives working fast for a much longer time. In fact there were file system defragmenters built and sold for the S5? systems as the awkward and inefficient way they handled the free-list actually meant you needed to backup a file system, remake it, and restore as often as ever 6 months in the S51 systems. The brand name Unix vendors slowly adopted a lot of the FFS items from BSD as it was so much better. I've used XFS on Irix systems and for items that have a lot of large files or lots and lots of files in a single diretory, it's one of the best. To get a good idea of the S51 and FFS differences you should read Bach's book for SysV and books by Lefler, McKusick et all on BSD. Bill --=20 Bill Vermillion - bv @ wjv . com ------------------------------ Message: 5 Date: Sat, 14 Jan 2006 18:01:14 +0200 From: Alexander <shulik_freebsd@matrixhome.net> Subject: Re: FreeBSD as Server To: Brian Candler <B.Candler@pobox.com> Cc: freebsd-isp@freebsd.org Message-ID: <43C9204A.1020401@matrixhome.net> Content-Type: text/plain; charset=3DUTF-8; format=3Dflowed I think, that ipfw is native for FreeBSD - it works better than other=20 packet filters. Am I right? With ng_nat first trouble was in parameter of mpd - there is set bundle=20 enable compression. Second trouble is next: in example I got next strings: ipfw add 300 netgraph.... any to any.... ipfw add 400 netgraph.... any to any..... In hook netgraph "out" I send only traffic from clients (in example was=20 all traffic). In hook "in" I send all traffic from external interface. But I took a problem with network on server. ping works fine mtr doesn't work telnet <any host> <any port> don't work. But why? When traffic that not be NATed in ng_nat was sent in hook "in" - it must = simply out from it? Or no? Where is trouble? Brian Candler P?P8Q=08P5Q=02: >On Fri, Jan 13, 2006 at 03:50:00PM +0200, Alexander wrote: > =20 > >>Now I try to configure ng_nat. I use example from man ng_nat. Clients=20 >>machine can ping inet hosts, but nothing loaded by http or ftp or = other=20 >>tcp protocol. On server packet NATed by not real ip. On other server=20 >>under Linux this packet again NATed by real ip. What can I do with = this? >> =20 >> > >Probably easier to use one of the other firewalling techniques to do = NAT >rather than manually configure ng_nat. > >Your other options are: >- ipfw + natd (old and venerable) >- ipf >- pf > >My personal favourite is pf (which came from OpenBSD). Configuring NAT = is >just one line in /etc/pf.conf. > >Regards, > >Brian. >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > =20 > ------------------------------ Message: 6 Date: Sat, 14 Jan 2006 20:38:24 +0000 From: Brian Candler <B.Candler@pobox.com> Subject: Re: FreeBSD as Server To: Alexander <shulik_freebsd@matrixhome.net> Cc: freebsd-isp@freebsd.org Message-ID: <20060114203823.GA56577@uk.tiscali.com> Content-Type: text/plain; charset=3Dus-ascii On Sat, Jan 14, 2006 at 06:01:14PM +0200, Alexander wrote: > I think, that ipfw is native for FreeBSD - it works better than other=20 > packet filters. Am I right? Not really. For NAT in particular, ipfw is pretty awful. You need an external daemon (natd) and have to route packets to and from it, which = works fine if you have a very simple configuration (e.g. single external interface, basic NAT-everything-going-out or NAT all RFC1918 address = space). More complex scenarios can be an utter nightmare to configure properly. It also has a long history, which means that the configuration syntax = isn't always very clean because of backwards compatibility requirements. > When traffic that not be NATed in ng_nat was sent in hook "in" - it = must=20 > simply out from it? Or no? Where is trouble? I can't answer that. All I can say is, if you want NAT there is a very simple incantation you can put in /etc/rc.conf: pf_enable=3D"YES" pflog_enable=3D"YES" and in /etc/pf.conf: # replace interface name as appropriate ext_if=3D"fxp0" nat on $ext_if from any to any -> ($ext_if) Start it like this: # /etc/rc.d/pf start # /etc/rc.d/pflog start It should Just Work[TM]. pf is loadable as a module, so you shouldn't = even have to recompile your kernel. Regards, Brian. ------------------------------ Message: 7 Date: Sun, 15 Jan 2006 04:14:00 +0300 From: Gleb Smirnoff <glebius@FreeBSD.org> Subject: Re: freebsd router To: Danial Thom <danial_thom@yahoo.com> Cc: freebsd-isp@FreeBSD.org, ann kok <annkok2001@yahoo.com>, "Matthew D. Fuller" <fullermd@over-yonder.net> Message-ID: <20060115011400.GM83922@FreeBSD.org> Content-Type: text/plain; charset=3Dkoi8-r On Wed, Jan 11, 2006 at 05:48:14AM -0800, Danial Thom wrote: D> I'd be interested in hearing your reasoning for D> thinking so. There is little argument that D> FreeBSD 4.x is perhaps the fastest Uniprocessor D> O/S ever created for networking. SMP will likely D> never be able to match it. It certainly can't D> now, in the current state of development. D>=20 D> Routing is fastest when implemented as a single D> process task. Once you start chopping up D> (threading) the path you slow it down. While it D> could be possible to have a faster routing D> subsystem on a custom-designed MP O/S, its not D> practical to build a general purpose O/S in such D> a way. D>=20 D> So freebsd 4.x it is. Freebsd 4.x can route 25% D> more traffic than its 5.x counterpart on the same D> hardware. 5.x SMP is actually worse (as it drops D> more packets at high traffic levels, and FreeBSD D> 4.x never drops packets until its overrun).=20 Do you have more exact information? I mean: - Description of the test setup. - How packet stream was generated? - How success/loss was measured? - What hardware was used: CPU, mobo, NICs. - What settings were non-default. - And finally exact numbers - pps success/loss. And don't waste your time comparing 5.x and 4.x. Please compare 4.x and 6.0. The 5.x is a previous step. --=20 Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE ------------------------------ Message: 8 Date: Sun, 15 Jan 2006 00:16:19 -0400 (AST) From: "Marc G. Fournier" <scrappy@hub.org> Subject: Linux binary of Apache/PHP ... To: freebsd-ports@freebsd.org Cc: freebsd-isp@freebsd.org Message-ID: <20060115001439.T28752@ganymede.hub.org> Content-Type: TEXT/PLAIN; charset=3DUS-ASCII; format=3Dflowed Does anyone know *what* is involved in setting this up under FreeBSD? I = have a client that purchased a Linux license for PHPLib (his old hosting = company was Linux based), and I've email'd PHPLib and there is no way of = 'changing' the license ... Is there an easy way of doing this? :( ---- Marc G. Fournier Hub.Org Networking Services = (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: = 7615664 ------------------------------ Message: 9 Date: Sat, 14 Jan 2006 23:23:07 -0800 (PST) From: "Freddie Cash" <fcash@ocis.net> Subject: Re: FreeBSD as Server To: "Brian Candler" <B.Candler@pobox.com> Cc: freebsd-isp@freebsd.org Message-ID: <61570.24.71.118.34.1137309787.squirrel@imap.sd73.bc.ca> Content-Type: text/plain;charset=3Diso-8859-1 On Sat, January 14, 2006 12:38 pm, Brian Candler wrote: > On Sat, Jan 14, 2006 at 06:01:14PM +0200, Alexander wrote: >> I think, that ipfw is native for FreeBSD - it works better than >> other packet filters. Am I right? > Not really. For NAT in particular, ipfw is pretty awful. You need an > external daemon (natd) and have to route packets to and from it, which > works fine if you have a very simple configuration (e.g. single > external interface, basic NAT-everything-going-out or NAT all RFC1918 > address space). More complex scenarios can be an utter nightmare to > configure properly. IPFW in FreeBSD 6.0 includes support for in-kernel NAT using the nat keyword. Just recompile the kernel with "options LIBALIAS" to enable it. I haven't tested it just yet (my home firewall is recompiling it all right now), but the stuff I've read online makes it seem like it should be on-par with IPFilter/PF's nat. Don't know if it qualifies as a complex scenario or not, but we use P2-333 MHz systems with 256 MB RAM running FreeBSD 5.3 using IPFW/natd. All stations behind the firewall are in an RFC1918 network. Some stations are given public IPs for access using 1-for-1 NAT on the firewall, and all the rest go out via standard 1-to-many NAT. So far, no issues to speak of. [knock wood] We even have multiple VPNs configured and use fwd rules to pass packets through them. --=20 Freddie Cash fcash@ocis.net ------------------------------ Message: 10 Date: Sun, 15 Jan 2006 02:05:29 -0600 From: "Matthew D. Fuller" <fullermd@over-yonder.net> Subject: Re: Linux binary of Apache/PHP ... To: "Marc G. Fournier" <scrappy@hub.org> Cc: freebsd-isp@freebsd.org, freebsd-ports@freebsd.org Message-ID: <20060115080529.GD40810@over-yonder.net> Content-Type: text/plain; charset=3Dus-ascii On Sun, Jan 15, 2006 at 12:16:19AM -0400 I heard the voice of Marc G. Fournier, and lo! it spake thus: >=20 > Does anyone know *what* is involved in setting this up under > FreeBSD? Maybe you could chroot into the Linux compat tree (so all your commands are the Linux commands running through the emulation) and install the RPM's? --=20 Matthew Fuller (MF4839) | fullermd@over-yonder.net Systems/Network Administrator | http://www.over-yonder.net/~fullermd/ On the Internet, nobody can hear you scream. ------------------------------ Message: 11 Date: Sun, 15 Jan 2006 11:43:47 +0100 From: Tobias Roth <roth@iam.unibe.ch> Subject: Re: Linux binary of Apache/PHP ... To: "Marc G. Fournier" <scrappy@hub.org> Cc: freebsd-isp@freebsd.org, freebsd-ports@freebsd.org Message-ID: <20060115104347.GA28797@droopy.unibe.ch> Content-Type: text/plain; charset=3Dus-ascii On Sun, Jan 15, 2006 at 12:16:19AM -0400, Marc G. Fournier wrote: >=20 > Does anyone know *what* is involved in setting this up under FreeBSD? = I=20 > have a client that purchased a Linux license for PHPLib (his old = hosting=20 > company was Linux based), and I've email'd PHPLib and there is no way = of=20 > 'changing' the license ... This may not be what you want to hear, but you should instist on them changing the license. Call them. Ask for the boss. Then ask why such a simple thing as switching is not possible. Promise them a written agreement that you will destroy the old license once you received the new one, and maybe offer to renew the license in advance, if the license is limited. The exact thing happened to us a few weeks ago, with a different = product. We received an email stating that the license is not changable, because if they'd change it, we would surely not delete the old license and so = on. This was after we already sent a written agreement that we would not continue using the old license. So basically, they were accusing us of cheating, despite that we already bought their product. A phone call to their boss surely cleared things up quickly. Good luck, Tobias ------------------------------ _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" End of freebsd-isp Digest, Vol 146, Issue 6 *******************************************
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002201c61a6d$a7188fc0$0a01a8c0>