From owner-freebsd-net@FreeBSD.ORG Thu Oct 20 17:13:24 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 018F916A41F for ; Thu, 20 Oct 2005 17:13:24 +0000 (GMT) (envelope-from saundersconsult@hotmail.com) Received: from hotmail.com (bay101-f35.bay101.hotmail.com [64.4.56.45]) by mx1.FreeBSD.org (Postfix) with ESMTP id B61A943D62 for ; Thu, 20 Oct 2005 17:13:23 +0000 (GMT) (envelope-from saundersconsult@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 20 Oct 2005 10:13:23 -0700 Message-ID: Received: from 64.4.56.200 by by101fd.bay101.hotmail.msn.com with HTTP; Thu, 20 Oct 2005 17:13:23 GMT X-Originating-IP: [64.60.108.59] X-Originating-Email: [saundersconsult@hotmail.com] X-Sender: saundersconsult@hotmail.com In-Reply-To: <4356E47D.605@freemail.gr> From: "Shawn Saunders" To: dionch@freemail.gr Date: Thu, 20 Oct 2005 17:13:23 +0000 X-Priority: 1 Importance: High Mime-Version: 1.0 Content-Type: text/plain; format=flowed X-OriginalArrivalTime: 20 Oct 2005 17:13:23.0519 (UTC) FILETIME=[93BBACF0:01C5D599] Cc: freebsd-net@freebsd.org Subject: Re: Trying to make a Host into a gigabit hub for testing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Oct 2005 17:13:24 -0000 Chris, Thanks for the quick response. It looked good, but when I execute each command, I receive an Error on the following: ngctl connect sf0: o2m lower many0 Returns: ngctl: send msg: No such file or directory Did I miss something? Shawn >From: Chris Dionissopoulos >Reply-To: dionch@freemail.gr >To: Shawn Saunders >CC: freebsd-net@freebsd.org >Subject: Re: Trying to make a Host into a gigabit hub for testing >Date: Thu, 20 Oct 2005 03:27:41 +0300 > >SS>I am setting up a test environment with multiple IDS's. ngctl looks >like a solution but it is not broadcasting all packets to all interfaces as >the documentation appears to state it should. I've probably made some >error in configuration. >SS> >SS>My goal is to put em0 into a spanned port in promiscuous mode and >broadcast all traffic from that port out the other network interfaces. I >plan on having em0 (gigabit) and 6 other gigabit interfaces. Each will >then echo the same traffic to six other machines (IDS's) for testing. >SS> >SS>The proof of concept with a gigabit (EM0) and 4 10/100 ethernets (sfx). >The 10/100's will be replaced for implementation. >SS> >SS>Any help would be appreciated. My config follows: > >Hi, >Why to use ng_fec and ng_one2many together? >how about something simplier, like: > > +----------+ -->-sf0:lower--->wire >wire>--em:lower->| one2many | -->-sf1:lower--->wire > | | -->-sf2:lower--->wire > +----------+ -->sf3:lower--->wire > >ngctl mkpeer em0: one2many lower one >ngctl name em0:lower o2m >ngctl connect sf0: o2m lower many0 >ngctl connect sf1: o2m lower many1 >ngctl connect sf2: o2m lower many2 >ngctl connect sf3: o2m lower many3 >ngctl msg o2m setconfig "{ xmitAlg=2 failAlg=1 enabledLinks=[1 1 1 1 1] }" > >ngctl msg sf0: setpromisc 1 >ngctl msg sf0: setautosrc 0 >ngctl msg sf1: setpromisc 1 >ngctl msg sf1: setautosrc 0 >ngctl msg sf2: setpromisc 1 >ngctl msg sf2: setautosrc 0 >ngctl msg sf3: setpromisc 1 >ngctl msg sf3: setautosrc 0 >ngctl msg em0: setpromisc 1 >ngctl msg em0: setautosrc 0 > >This keeps kernel-stack isolated from traffic, I think >(and all interfaces involved layer2 unreachable from outsiders). > >Just tell us if its working for you. > >Chris. > >____________________________________________________________________ >http://www.freemail.gr - δωρεάν υπηρεσία ηλεκτρονικού ταχυδρομείου. >http://www.freemail.gr - free email service for the Greek-speaking.