Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 21 Dec 2004 17:27:34 +1100
From:      Andrew Thomson <andrewjt@applecomm.net>
To:        freebsd-sparc64@freebsd.org
Subject:   netra t1 as a firewall
Message-ID:  <1103610454.38458.13.camel@itouch-1011.prv.au.itouchnet.net>

next in thread | raw e-mail | index | archive | help
All,

This may be kind of a loose comment but I thought I'd float it as most
of my experience is with i386 freebsd not sparc.

Basically at a site I have installed a Netra T1 as a firewall - worked
out well as it had a lot of nics in it, hme[0-5].

I originally installed 5.2.1 on it but soon discovered that the hme
driver in 5.2.1 didn't allocate different mac addresses! Upgraded to 5.3
and that problem disappeared.

This firewall runs a simple office network providing internet access and
has a couple of IPSEC VPNs to other sites.

After the initial install, the network seemed to be "hanging" when
running simple commands on remote boxes, top, ls -al etc.. The MTU was
changed was to 1492 which seemed to resolve the problem.

However now when we try to transfer files across the VPN, the transfers
just stall. If the mtu is changed back to 1500, the transfers across the
VPN work but then the network hang returns until the mtu is dropped to
1492 again - it's pretty weird.

Basically I just thought I'd float the problem here just to make sure
I'm not running into any known sparc related issues..

My /var/log/messages is filled with these...

hme2: discard oversize frame (ether type 800 flags 3 len 1514 > max
1506)
hme2: discard oversize frame (ether type 800 flags 3 len 1514 > max
1506)
hme2: discard oversize frame (ether type 800 flags 3 len 1514 > max
1506)
hme2: discard oversize frame (ether type 800 flags 3 len 1514 > max
1506)

Any thoughts appreciated.

Regards,

ajt.


-- 
Andrew Thomson <andrewjt@applecomm.net>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1103610454.38458.13.camel>