From owner-freebsd-questions Sun Sep 2 23: 6:34 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [206.29.169.15]) by hub.freebsd.org (Postfix) with ESMTP id 49F1737B403 for ; Sun, 2 Sep 2001 23:06:27 -0700 (PDT) Received: from tedm.placo.com (nat-rtr.freebsd-corp-net-guide.com [206.29.168.154]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id f8366O700523; Sun, 2 Sep 2001 23:06:24 -0700 (PDT) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Chip" , "Joe Clarke" Cc: Subject: RE: replacing a cisco router with a fbsd box Date: Sun, 2 Sep 2001 23:06:23 -0700 Message-ID: <000601c1343e$8ec86900$1401a8c0@tedm.placo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 In-Reply-To: <01090222230108.44697@chip.wiegand.org> Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Try this: http://www.cisco.com/warp/public/477/SNMP/snmp_faq.html for future reference, http://www.cisco.com has a fairly good search engine on it. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com >-----Original Message----- >From: Chip [mailto:chip@wiegand.org] >Sent: Sunday, September 02, 2001 10:23 PM >To: Joe Clarke >Cc: Ted Mittelstaedt; freebsd-questions@FreeBSD.ORG >Subject: Re: replacing a cisco router with a fbsd box > > >On Sunday 02 September 2001 20:46, Joe Clarke wrote: >> Telnet is one way of going, but if the router isn't allowing connections, >> you'll need to do it from the console. I can also send you a good list of >> SNMP objects for polling if you'd like that. >> >> Joe > >That'd be great, or just point me to a web site where I can get the info. > >-- >Chip > >> On Sun, 2 Sep 2001, Chip wrote: >> > On Sunday 02 September 2001 09:40, Joe Clarke wrote: >> > > I believe the NAT bug you're referring to has been fixed. However, if >> > > you send me some details, I'd be happy to verify for you. >> > > >> > > Yes, FreeBSD's NAT isn't as feature-rich as Cisco's, but the libalias >> > > stuff is easy to add protocol support to. I just added TFTP to the >> > > tree, and internal to Cisco, I've added another protocol for IP >> > > telephony. >> > > >> > > As for the crash/hang. Yeah, if it hangs, you're screwed. It's hard >> > > to troubleshoot those kind of things if you can't produce any kind of >> > > error messages. In those cases, obtaining information regularly like >> > > show proc, show proc cpu, show buff, and show log can help. >> > >> > Are those run on the router via telnet? >> > >> > -- >> > Chip >> > >> > > Joe >> > > >> > > On Sun, 2 Sep 2001, Ted Mittelstaedt wrote: >> > > > >-----Original Message----- >> > > > >From: owner-freebsd-questions@FreeBSD.ORG >> > > > >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Joe Clarke >> > > > > >> > > > >I realize I'm coming in a bit late on this, but I work for Cisco >> > > > > TAC, and can say that with the recent Code Red thing, our NAT has >> > > > > seen a lot of work. There have been bugs filed to be sure. >> > > > >> > > > I hope that you fix the one where the Cisco NAT doesen't tear down >> > > > the address map as soon as the connection is closed. I saw that one >> > > > on a 1005 running early 12.0 code when someone asked us why they >> > > > could Telnet into a JetDirect card from the Internet that in reality >> > > > had a private network number. Turned out they were telnetting into >> > > > the overload number on a nat pool on the 1005. I never did get >> > > > around to writing that one up because I figured it was an >> > > > obvious hole that would be caught, but if your interested I'll dig up >> > > > the particulars. >> > > > >> > > > Offloading NAT from a >> > > > >> > > > >router with a small amount of RAM will improve packet flow to be >> > > > > sure. In fact, if you're experiencing lock-ups, I'd try that. It >> > > > > may help you isolate the problem. FreeBSD's NAT is pretty good for >> > > > > most standard protocols. I've found it's relatively easy to add >> > > > > support to. >> > > > >> > > > But it doesen't so the DNS trick that you guys do which is very >> > > > useful. >> > > > >> > > > :-( >> > > > : >> > > > >Also, if you do find yourself having to reload, see if you're >> > > > > getting any tracebacks. Do a show ver or show stack, and see what >> > > > > you can see. Those memory addresses can be useful for tracking down >> > > > > bugs. >> > > > >> > > > He was saying that when the router got hosed that they had to >> > > > power-cycle which I take it to mean the device froze. It sounds >> > > > suspiciously like flakey hardware to me. Maybe someone upgraded the >> > > > ram with some random PC memory they had lying around? >> > > > >> > > > >> > > > Ted Mittelstaedt >> > > > tedm@toybox.placo.com Author of: The >> > > > FreeBSD Corporate Networker's Guide Book website: >> > > > http://www.freebsd-corp-net-guide.com >> > >> > -- >> > -- >> > Chip W. > >-- >-- >Chip W. > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message