From owner-freebsd-net Sat Sep 16 13:26:24 2000 Delivered-To: freebsd-net@freebsd.org Received: from gluttony.henshaw.net (gluttony.henshaw.net [63.70.222.4]) by hub.freebsd.org (Postfix) with SMTP id C5C3F37B423 for ; Sat, 16 Sep 2000 13:26:20 -0700 (PDT) Received: (qmail 52074 invoked from network); 16 Sep 2000 20:26:17 -0000 Received: from dhcp-64-58-25-247.henshaw.net (HELO Ben.henshaw.net) (64.58.25.247) by gluttony.henshaw.net with SMTP; 16 Sep 2000 20:26:17 -0000 Message-Id: <5.0.0.25.2.20000916141107.01c0beb0@pop.henshaw.net> X-Sender: (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.0 Date: Sat, 16 Sep 2000 14:26:32 -0600 To: Julian Elischer From: Ben Schumacher Subject: Re: netgraph based MAC authentication Cc: freebsd-net@freebsd.org In-Reply-To: <39C326FD.41C67EA6@elischer.org> References: <5.0.0.25.2.20000913221340.00a04950@pop.henshaw.net> <5.0.0.25.2.20000915183859.026c2310@pop.henshaw.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 12:53 AM 9/16/2000 -0700, you wrote: >Can you do one of the following? > >Put have DDB in the kernel (and can get to it by running >the test case from the console) so you can do a stack trace.. > >OR > >Enable kernel core-dumps >and compile your kernel with -g so that you can examine >the core-dump and see where the crash was. > >(these are the first things to do when you have a kernel crash) In the process of compiling DDB into the kernel, I'll let you know what I find out when I get it up and running. >Are you talking about incoming or outgoing arp packets and DHCP >packets? DHCP (from memory) uses the BPF interface to shove >packets out on the wire, and it may be that they get put on after >the point where Netgraph hooks in.. Incoming DHCP packets seem to crash it. I believe you're right, that DHCP uses BPF to transmit its packets and it occurred to me that that might be where the problem lies, but I wasn't entirely certain, so I thought I'd pass what I knew along to people who had more network programming experience. Basically what happens with DHCP packets is that I receive a DHCP request from the lower hook, and it the crash seems to happen when I call NgSendData to send the packets to the upper hook. >check if_ethersubr.c for illumination... >not sure about arp.. once again, incoming or outgoing? >I think ARP packets SHOULD be captured.. I'll have a look >at the code and mail again later.. I'm not entirely certain which way the packets aren't being transmitted. So far, all I know is that if I connect a box with an assigned IP on the hub that my interface is connected to, when I try to ping its IP, the ARP resolution fails. (I guess that would imply outgoing then, eh?) > > Can anybody give me any insight as to why this might be having the problems > > I mentioned above? I realize it might be better to do what I'm trying to > > do as a node, but since I have little experience using mbuf's, and haven't > > been able to figure out where MAC address are stored in these, I thought > > this might be an easier way to do what I'm proposing. > >Well, it's easier, but it's also going to be quite a bit slower as it >will require a process schedule for each packet. >(this may or may not be ok in production, >but it's definitly ok for a prototype) On a related note, I was playing around a little bit with the nodes and connected a ng_tee between the upper and lower hooks on my interface, and everything seems to work perfectly, no kernel panics when DHCP packets are send through, and ARP packets are being passed both directions. For that reason, I'd like to shift most of my development efforts this direction, however, I still don't completely understand how mbuf's work (the *first* programming gotcha in Archie's article), so could you (or anybody) point me in the direction of a good reference on this subject? Book or website, either would work. Thanks again, - Ben Schumacher To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message