Date: Thu, 29 May 1997 11:10:01 +0200 (CEST) From: mw@FreibergNet.DE To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: kern/3707: IP Accounting counts packets to virtual servers more than once Message-ID: <199705290910.LAA02799@beast.FreibergNet.de> Resent-Message-ID: <199705290920.CAA04363@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 3707 >Category: kern >Synopsis: IP Accounting counts packets two virtual servers more than once >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu May 29 02:20:01 PDT 1997 >Last-Modified: >Originator: Martin Welk >Organization: Provider for Internet Services >Release: FreeBSD 2.2-RELEASE i386 >Environment: Our FreeBSD server has some different IP addresses running virtual www and ftp servers for customers and yet two different Ethernet devices, one used mainly for our Internet connection, the other for our local network. >Description: We're trying to use the firewall's accounting functions to count incoming and outgoing traffic. Data transferred from another host (also running FreeBSD, but this shouldn't be relevant) is counted correctly. But when I'm logged in on the server itself and transferring data to a virtual machine on the same server, it count's a significant higher amount of data. For example, if I send a ``ping -c 1'' to the virtual address, it doesn't count the expected 84 bytes but it counts exactly twice as much, 168 bytes. If I do an ftp transfer, it counts almost twice as much. I can't reproduce the transferred amount of data from that counted. >How-To-Repeat: Enable IP accounting, do an ifconfig alias for another address on your subnet, do an ipfw zero, send ping to that address. Tell me if it works for you. I'll add my firewall rules: add 65435 allow ip from any to any add 01000 count ip from 127.0.0.1 to 127.0.0.1 add 01010 count ip from beast.FreibergNet.de to any add 01020 count ip from any to beast.FreibergNet.de add 01030 count ip from www.Liebscher.FreibergNet.de to any add 01040 count ip from any to www.Liebscher.FreibergNet.de add 01050 count ip from ftp.FreibergNet.de to any add 01060 count ip from any to ftp.FreibergNet.de add 01070 count ip from ftp.actech.FreibergNet.de to any add 01080 count ip from any to ftp.actech.FreibergNet.de add 01090 count ip from www.Solac.FreibergNet.de to any add 01100 count ip from any to www.Solac.FreibergNet.de add 01110 count ip from camelot.FreibergNet.de to any add 01120 count ip from any to camelot.FreibergNet.de ifconfig de0 says: de0: flags=c943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,LINK2,MULTICAST> mtu 1500 inet 195.125.179.3 netmask 0xffffff80 broadcast 195.125.179.127 inet 195.125.179.11 netmask 0xffffff80 broadcast 195.125.179.127 inet 195.125.179.12 netmask 0xffffff80 broadcast 195.125.179.127 inet 195.125.179.13 netmask 0xffffff80 broadcast 195.125.179.127 inet 195.125.179.14 netmask 0xffffff80 broadcast 195.125.179.127 ether 00:00:c0:0c:7e:e0 >Fix: I don't have any yet :-( >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705290910.LAA02799>