Re: IPSec w/SonicWall IKE
> OS: FreeBSD4.3 > Software: Racoon-20010322 > I'm attempting to connect a FBSD4.3 box to a SonicWall VPN solution. I > think I have everything configured correctly, but I keep getting this > error mesg and I'm unable to reach the IPs on the other end: > 2001-11-09 13:56:51: INFO: isakmp.c:1618:isakmp_post_acquire(): request > for establishing IPsec-SA was queued due to no phase1 found. > 2001-11-09 13:56:54: DEBUG: isakmp.c:1370:isakmp_ph1resend(): resend > phase1 packet 1b770e442d645209: these are not error messages. i guess that the peer did not reply to racoon or the packet could not arrive at the peer. because the last message means racoon sent the initial message of the negotiation. did you have any messages which tagged "ERROR" in the log file ? To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Tunnel Server Forwarding problem.
hi i am trying to setup an ipv6 tunnel broker on FreeBSD 4.4-STABLE i have a tunnel broker and tunnel server (FreeBSD) and ipv6 enabled Cisco Router. FreeBSD is directly connected (fxp0)to Cisco router. so i can connect to 6bone easily. FreeBSD Tunnel Server /etc/rc.conf file like following ipv6_enable="YES" ifconfig_fxp0="inet myIP netmask 255.255.255.240" ipv6_ifconfig_fxp0_alias0="3ffe:2900:a00d:1::3 prefixlen 64" defaultrouter="ciscorouter_ip" ipv6_defaultrouter="3ffe:2900:a00d:1::1" # cisco router v6 IP ipv6_gateway_enable="YES" The problem is: when i setup an gif tunnel between FreeBSD Tunnel server and FreeBSD client. Client can only ping to FreeBSD TS . nothing else. i run following command on FreeBSD Client # ifconfig gif0 create #gifconfig gif0 clientIPv4 Tunnel_server_IPv4 #ifconfig gif0 inet6 clientIPv6 Tunnel_server_IPv6 prefixlen 128 #route -n add -inet6 default Tunnel_server_IPv6 and on FreeBSD Tunnel Server: # ifconfig gif0 create #gifconfig gif0 TunnelServerIPv4 client_IPv4 #ifconfig gif0 inet6 Tunnel_serverIPv6 client_IPv6 prefixlen 128 metric 1 what is problem ? whan should i do ? Never let your sense of morals prevent you from doing what is right Ismail YENIGUL [EMAIL PROTECTED] www.EnderUNIX.ORG To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
zero copy and wire speeds
Do you have to be running Current in order to use the zero copy sockets? If so, when will this make it to Stable? (I'm on 4.4). On a related topic, if trying to maximize the amount of traffic being sent on an ethernet card, how can you write your code so that you can try to make sure every packet gets put out on the wire? This is in a test lab so I'm not particularly concerned with something else receiving it correctly. select() really only guarantees that I can write 1 byte to the file descriptor, no? Thanks, CJ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: zero copy and wire speeds
Actually, I'd say it's more along the opposite of this :-) There are patches for 4.0, IIRC, that do zero copy sockets and NFS. They are located at: http://people.freebsd.org/~ken/zero_copy/ I've been looking at them recently to see what it'd take to move it to -current and 4.4.. but definetly have not done anything worth looking at. Hope this helps, Andrew On Tue, 13 Nov 2001, CJTT wrote: : :Do you have to be running Current in order to use the :zero copy sockets? If so, when will this make it to :Stable? (I'm on 4.4). : :On a related topic, if trying to maximize the amount :of traffic being sent on an ethernet card, how can :you write your code so that you can try to make sure :every packet gets put out on the wire? This is in a :test lab so I'm not particularly concerned with something :else receiving it correctly. select() really only :guarantees that I can write 1 byte to the file descriptor, no? : :Thanks, :CJ : : : :To Unsubscribe: send mail to [EMAIL PROTECTED] :with "unsubscribe freebsd-net" in the body of the message : -- Andrew R. Reiter [EMAIL PROTECTED] [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: Mpd with a large number, 200+ , of bundles
> > Those two events correspond to the netgraph data and control sockets > associated with the bundle. Not sure how important that is.. > the ng_socket(4) code relies on the standard generic socket code > so unlikely that the problem lies there. > > The fact that it's blocked on "piperd" implies that something is > going wrong with a message pipe (mpd uses pipe(2) to communicate > with itself). But the tsleep() call in pipe_read() uses PCATCH, > so 'kill' should work... > > What version of FreeBSD again? > FreeBSD vpn-gw3.uib.no 4.4-STABLE FreeBSD 4.4-STABLE #2: Sat Nov 10 17:37:02 CET 2001 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/VPN-GW3 i386 cvsuped about a month ago. I tried to cvsup and rebuild now, but the kernel compile crashes in the linuxulator module. Trond Trond Davidsen Institutt for Informatikk | Tlf Kontor 5558 4237 Universitetet i Bergen| Tlf Mobil 917 45 822 Thormøhlensgt. 55 | Tlf Privat 5518 6900 5020 Bergen People want linux. Its a toy, and people like toys. -- Dennis To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: Mpd with a large number, 200+ , of bundles
Trond Davidsen writes: > > Those two events correspond to the netgraph data and control sockets > > associated with the bundle. Not sure how important that is.. > > the ng_socket(4) code relies on the standard generic socket code > > so unlikely that the problem lies there. > > > > The fact that it's blocked on "piperd" implies that something is > > going wrong with a message pipe (mpd uses pipe(2) to communicate > > with itself). But the tsleep() call in pipe_read() uses PCATCH, > > so 'kill' should work... > > > > What version of FreeBSD again? > > FreeBSD vpn-gw3.uib.no 4.4-STABLE FreeBSD 4.4-STABLE #2: Sat Nov 10 > 17:37:02 CET 2001 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/VPN-GW3 i386 > > cvsuped about a month ago. I tried to cvsup and rebuild now, but the > kernel compile crashes in the linuxulator module. Hmm.. well, we should try to pick this apart one problem at a time. If you can get mpd into a state where "kill -9" doesn't kill it, then that seems like a kernel bug to me, and so we should probably hone in on that first.. maybe we can come up with a simple test case, e.g. using the event library debug output, write a program that opens the same number of file descriptors, pipes, etc. and registers the same event handlers, etc.. -Archie __ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
