From owner-freebsd-net@FreeBSD.ORG Mon Oct 22 12:53:54 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0DF7216A418 for ; Mon, 22 Oct 2007 12:53:54 +0000 (UTC) (envelope-from zec@icir.org) Received: from xaqua.tel.fer.hr (xaqua.tel.fer.hr [161.53.19.25]) by mx1.freebsd.org (Postfix) with ESMTP id 85B1913C4B2 for ; Mon, 22 Oct 2007 12:53:53 +0000 (UTC) (envelope-from zec@icir.org) Received: by xaqua.tel.fer.hr (Postfix, from userid 20006) id D69EB9B647; Mon, 22 Oct 2007 14:20:18 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on xaqua.tel.fer.hr X-Spam-Level: X-Spam-Status: No, score=-4.3 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.1.7 Received: from [192.168.200.103] (zec2.tel.fer.hr [161.53.19.79]) by xaqua.tel.fer.hr (Postfix) with ESMTP id 4A5389B645; Mon, 22 Oct 2007 14:20:17 +0200 (CEST) From: Marko Zec To: freebsd-net@freebsd.org Date: Mon, 22 Oct 2007 14:20:12 +0200 User-Agent: KMail/1.9.7 References: <27cb3ada0710212206h6460a7a6heb9a82dde4d9f1dd@mail.gmail.com> In-Reply-To: <27cb3ada0710212206h6460a7a6heb9a82dde4d9f1dd@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200710221420.12674.zec@icir.org> Cc: Len Gross Subject: Re: Netgraph - Breaks "ping" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Oct 2007 12:53:54 -0000 On Monday 22 October 2007 07:06:30 Len Gross wrote: > I'm trying to "monitor" an ethernet interface with a tee node, but > ping breaks when I setup the graph. I suspect I'm doing something > "dumb" with respect to how the Ethernet node and/or the iface (ng0) > need to be configured in order to make this work, or possibly I'm > really using ng0 incorrectly. (I've also tried this with a "direct > connect" of rl0: to ng0: which also doesn't work.) You don't need an iface (ng0) node to be able to hook a monitoring ngctl process to the ng_tee node. Just as you've connected rl0.lower hook to the tee node, connect the rl0.upper hook to the tee node instead of ng0. Marko > Before Netgraph > > Machine Setup > > Machine 1 192.168.4.1 > > Machine 2: 192.168.4.4 (rl0) > > Machine 1 can ping machine 2 going through rl0 > > > > BSD-1# ifconfig rl0 > > rl0: flags=8843 mtu 1500 > > options=8 > > inet6 fe80::248:54ff:fe8b:1cc8%rl0 prefixlen 64 scopeid 0x3 > > inet 192.168.4.4 netmask 0xffffff00 broadcast 192.168.4.255 > > ether 00:48:54:8b:1c:c8 > > media: Ethernet autoselect (100baseTX ) > > status: active > > > > Now on Machine 2, I set up netgraph: > > > > Kldload ng_ether > > > > Using ngctl to create a path from rl0: to tee: to ng0: > > Here is the list and show output. > > > > There are 6 total nodes: > > Name: ng0 Type: iface ID: 00000008 > Num hooks: 1 > > Name: tee Type: tee ID: > 00000007 Num hooks: 4 > > Name: rl0 Type: ether ID: 00000004 > Num hooks: 1 > > Name: wi0 Type: ether ID: 00000003 Num > hooks: 0 > > Name: xl0 Type: ether ID: 00000002 > Num hooks: 0 > > Name: ngctl681 Type: socket ID: 00000001 Num > hooks: 2 > > > > + show tee: > > Name: tee Type: tee ID: 00000007 Num > hooks: 4 > > Local hook Peer name Peer type Peer ID Peer > hook > > > ---------- --------- --------- ------- > --------- > > > left2right ngctl681 socket 00000001 upper > > > left ng0 iface 00000008 > inet > > > right rl0 ether 00000004 > lower > > > right2left ngctl681 socket 00000001 lower > > > > + show rl0: > > Name: rl0 Type: ether ID: 00000004 Num > hooks: 1 > > Local hook Peer name Peer type Peer ID Peer > hook > > > ---------- --------- --------- ------- > --------- > > > lower tee tee 00000007 right > > > > + show ng0: > > Name: ng0 Type: iface ID: 00000008 Num > hooks: 1 > > Local hook Peer name Peer type Peer ID Peer > hook > > > ---------- --------- --------- ------- > --------- > > > inet tee tee 00000007 left > > > > > > > Now I use machine 1 to ping machine 2 and here is what I get on the > ngctl screen. > > > > Rec'd data packet on hook "lower": > > 0000: 00 48 54 8b 1c c8 00 02 3f 8a d6 44 08 00 45 00 > .HT.....?..D..E. > > 0010: 00 3c 02 19 00 00 80 01 af 52 c0 a8 04 01 c0 a8 > .<.......R...... > > 0020: 04 04 08 00 2a 5c 02 00 21 00 61 62 63 64 65 66 > ....*\..!.abcdef > > 0030: 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 > ghijklmnopqrstuv > > 0040: 77 61 62 63 64 65 66 67 68 69 wabcdefghi > > > > This looks kind-of right, but I don't get anything back from the ng0 > node ( i.e no other output to ngctl.) Also, machine 1 "times out" > its ping. > > > > BSD-1# ifconfig ng0 > > ng0: flags=88d1 mtu > 1500 > > inet6 fe80::201:3ff:fe24:ffe3%ng0 prefixlen 64 scopeid 0x6 > > > > I've also tried giving ng0 inet addresses, but got the same results. > > > > Help! > > > > -- Len > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to > "freebsd-net-unsubscribe@freebsd.org"