RE: urgent question regarding IP-in-IP encapsulation
Hi Radhika,
It's not clear what is not working correctly. The encapsulation, the
forwarding ? Also, please ensure that the interface you are forwarding to
supports multicasting and you put the source address of the outgoing
interface.
Regards
Kshitij
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of radhika sinha
Sent: Thursday, January 17, 2002 5:27 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: urgent question regarding IP-in-IP encapsulation
Hi,
I have a question regarding Ip-in-IP encapsulation in
freeBSD. In my implementation, I want a multicast
router to encapsulate multicast packets destined for
certain groups with an extra IP header before
forwarding them out. I am giving below some of the
code:
if(IN_MULTICAST(ntohl(ip->ip_dst.s_addr)))
{
struct in_multi *inm;
if(ip_mrouter){
1) Check if the destination address belongs to the
group of packets that need to be encapsulated
2)calls my encapsulation function which returns an
MBUF with the extra header
3)The encapsulated packet is then sent to
ip_mforward
}
For some reason this does not seem to be working
correctly, I would appreciate if someone can point out
the mistake I am making here.
Thanks a lot,
Radhika
__
Do You Yahoo!?
Send FREE video emails in Yahoo! Mail!
http://promo.yahoo.com/videomail/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
_
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
RE: ICMP Redirect
Hi Crist Hi, i'll describe a little more in detail: "Router"FreeBSD-4.5-RC Machine, configured as Router with multiple aliases on a interface "WinHost" A Client machine with Windows 2000 "BSDHost" A FreeBSD-Current machine Sysctl settings on Router and BSDHost: net.inet.ip.redirect: 1 -> Sending ICMP Redirect net.inet.icmp.drop_redirect: 0 -> Does not drop net.inet.icmp.log_redirect: 1 -> Logging ICMP Redirect Problem Cases: BSDHost/WinHost and Router The Router send a ICMP Redirect, but not only once, every time a icmp packet is recived. The BSDHost doesn't add the routing table. BSDHost/WinHost and Linux or CISCO Router The Router (Linux/CISCO) send once a ICMP Redirect package. The Client add the route to his routing table. The client side work well. Is there a problem with ICMP Redirect on the same interface? Why doesn't accept the clients the ICMP Redirect? Regards Reto Trachsel -Original Message- From: Crist J . Clark [mailto:[EMAIL PROTECTED]] Sent: Donnerstag, 17. Januar 2002 02:18 To: Reto Trachsel (NetModule) Cc: '[EMAIL PROTECTED]' Subject: Re: ICMP Redirect On Wed, Jan 16, 2002 at 01:15:54PM +0100, Reto Trachsel (NetModule) wrote: > Hi All > > I have some problems with ICMP Redirect. I'm using a FreeBSD-4.5-RC machine > as default Rrouter for our network. If i'm doing a ping to an external host, > a ICMP Redirect message is sended by the router-machine, but not only > once... it is sended every time a ICMP echo-request is detected. The Host > doesn't enter the route from the ICMP redirect into his table. With other > Systems (ie RH Linux and CISCO Routers), this will work on this host > correctly. I am a little unclear on this. Is "router-machine" the FreeBSD router in question? What kind of machine is "Host?" Are we trying to get "router-machine" to stop sending redirects? Or are we trying to get "Host" to accept and use the redirects? > Is there a posibility to switch on/off the ICMP redirect? How can i > configure, which hosts to redirect? You can turn sending/receiving redirects on and off with sysctl(8), but not on per-host basis. You could simulate this behavior to some degree using firewalling. > I saw the configs for sysctrl, but no way to enable or disable the sending > of these packets. Du you have an idea? > > net.inet.icmp.drop_redirect = 0 A machine will ignore incoming redirects. If you want "Host" to use the redirects, set this to one. > net.inet.icmp.log_redirect = 1 This logs the event. The other sysctl(8) you may be interested in is, net.inet.ip.redirect Which controls whether a router sends redirects. -- Crist J. Clark | [EMAIL PROTECTED] | [EMAIL PROTECTED] http://people.freebsd.org/~cjc/| [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: ICMP Redirect
On Thu, Jan 17, 2002 at 10:15:11AM +0100, Reto Trachsel (NetModule) wrote: > Hi Crist > > Hi, i'll describe a little more in detail: > > "Router" FreeBSD-4.5-RC Machine, configured as Router with multiple > aliases on a interface > "WinHost" A Client machine with Windows 2000 > "BSDHost" A FreeBSD-Current machine > > Sysctl settings on Router and BSDHost: > > net.inet.ip.redirect: 1 -> Sending ICMP Redirect > net.inet.icmp.drop_redirect: 0-> Does not drop > net.inet.icmp.log_redirect: 1 -> Logging ICMP Redirect > > Problem Cases: > > BSDHost/WinHost and Router > > The Router send a ICMP Redirect, but not only once, every time a icmp packet > is recived. The BSDHost doesn't add the routing table. Run, # tcpdump -vvXs 1500 'icmp' On BSDHost and show us the packet. Also show us, $ netstat -rn $ ifconfig -- Crist J. Clark | [EMAIL PROTECTED] | [EMAIL PROTECTED] http://people.freebsd.org/~cjc/| [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
RE: ICMP Redirect
Hi Crist Here the Logs and outputs for you Regards Reto # tcpdump -vvXs 1500 'icmp' 172.16.224.24 -> BSD Host 172.16.1.254 -> BSD Router 12:00:43.658869 172.16.1.254 > 172.16.224.24: icmp: redirect 172.24.0.2 to host 172.16.1.252 for 172.16.224.24 > 172.24.0.2: icmp: echo request (ttl 64, id 2963 2, len 84) (ttl 64, id 12073, len 56) 0x 4500 0038 2f29 4001 1165 ac10 01feE..8/)..@..e 0x0010 ac10 e018 0501 f014 ac10 01fc 4500 0054E..T 0x0020 73c0 4001 cea5 ac10 e018 ac18 0002s...@... 0x0030 0800 8337 bba5 1600...7 12:00:44.668972 172.16.224.24 > 172.24.0.2: icmp: echo request (ttl 64, id 29634 , len 84) 0x 4500 0054 73c2 4001 cea3 ac10 e018E..Ts...@... 0x0010 ac18 0002 0800 5f10 bba5 1700 4bae 463c.._.K.F< 0x0020 475c 0200 0809 0a0b 0c0d 0e0f 1011 1213G\.. 0x0030 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223.!"# 0x0040 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233$%&'()*+,-./0123 0x0050 3435 3637 4567 12:00:44.669009 172.16.224.24 > 172.24.0.2: icmp: echo request (ttl 63, id 29634 , len 84) 0x 4500 0054 73c2 3f01 cfa3 ac10 e018E..Ts...?... 0x0010 ac18 0002 0800 5f10 bba5 1700 4bae 463c.._.K.F< 0x0020 475c 0200 0809 0a0b 0c0d 0e0f 1011 1213G\.. 0x0030 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223.!"# 0x0040 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233$%&'()*+,-./0123 0x0050 3435 3637 4567 12:00:44.669034 172.16.1.254 > 172.16.224.24: icmp: redirect 172.24.0.2 to host 172.16.1.252 for 172.16.224.24 > 172.24.0.2: icmp: echo request (ttl 64, id 2963 4, len 84) (ttl 64, id 12154, len 56) 0x 4500 0038 2f7a 4001 1114 ac10 01feE..8/z..@... 0x0010 ac10 e018 0501 133c ac10 01fc 4500 0054...172.16.1.22: icmp: redirect 172.24.0.2 to host 17 2.16.1.252 for 172.16.1.22.139 > 172.24.0.2.1026: [|tcp] (DF) (ttl 128, id 53011 , len 1500) (DF) (ttl 64, id 12175, len 56) 0x 4500 0038 2f8f 4000 4001 b001 ac10 01feE..8/.@.@... 0x0010 ac10 0116 0501 2f26 ac10 01fc 4500 05dc../&E... 0x0020 cf13 4000 8006 ccc7 ac10 0116 ac18 0002..@. 0x0030 008b 0402 000b 1934...4 12:00:44.756062 172.16.1.254 > 172.16.1.22: icmp: redirect 172.24.0.2 to host 17 2.16.1.252 for 172.16.1.22.139 > 172.24.0.2.1026: [|tcp] (DF) (ttl 128, id 53267 , len 1500) (DF) (ttl 64, id 12176, len 56) 0x 4500 0038 2f90 4000 4001 b000 ac10 01feE..8/.@.@... 0x0010 ac10 0116 0501 2972 ac10 01fc 4500 05dc..)rE... 0x0020 d013 4000 8006 cbc7 ac10 0116 ac18 0002..@. 0x0030 008b 0402 000b 1ee8 $ netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default172.16.1.1 UGSc2 263 fxp0 127.0.0.1 127.0.0.1 UH 12lo0 139.79.35.95 172.16.1.2 UGHS00 fxp0 139.79.35.195 172.16.1.2 UGHS00 fxp0 139.79.35.201 172.16.1.2 UGHS00 fxp0 139.79.69/24 172.16.1.2 UGSc00 fxp0 172.16 link#1 UC 790 fxp0 172.16.1.1 0:2:b9:1d:27:20UHLW211978 fxp0 1181 172.16.1.2 0:10:7b:cc:49:2f UHLW6 1642 fxp0 1166 ... a lot of different hosts loke the two above ... 172.17/24 link#2 UC 00 fxp1 => 172.17 172.17.10.250 UGSc010326 fxp1 172.17.1/24link#2 UC 00 fxp1 172.17.1.1 172.16.64.90 UGHS00 fxp0 172.17.10/24 link#2 UC 10 fxp1 172.17.10.250 link#2 UHRLW 10 fxp1 7 172.18.1/24link#2 UC 10 fxp1 172.18.1.520:e0:4c:39:a:36UHLW13 fxp1 1098 172.19 172.19.1.2 UGSc1 83 fxp1 172.19.1/24link#2 UC 10 fxp1 172.19.1.2 0:30:2b:0:28:84UHLW10 fxp1 1062 172.24 172.16.1.252 UGSc0 10 fxp0 192.168.65.64/29 172.16.1.2 UGSc00 fxp0 192.168.65.72/29 172.16.1.2 UGSc00 fxp0 $ ifconfig fxp0: flags=8843 mtu 1500 inet 172.16.1.12 netmask 0x broadcast 172.16.255.255 inet 172.
Re: urgent question regarding IP-in-IP encapsulation
> I have a question regarding Ip-in-IP encapsulation in > freeBSD. In my implementation, I want a multicast > router to encapsulate multicast packets destined for > certain groups with an extra IP header before > forwarding them out. What you describe is exactly a DVMRP tunnel. mrouted(8) performs this function and several other required tasks. Are you trying to do something beyond tunneling multicast over an IPv4 network, such as tunneling inside the DVMRP tunnel or PIM network? --mark tinguely. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
netgraph: how to setsockopt on ksocket node ?
Anyone has an example on how to setsockopt on a ksocket node in netgraph?
struct opts {
int level;
int name;
int value;
} myopts = { SOL_SOCKET, SO_REUSEADDR, 1
};
ret = NgSendMsg(cs, epath, NGM_KSOCKET_COOKIE, NGM_KSOCKET_SETOPT,
(struct ng_ksocket_sockopt *)&myopts,
sizeof(myopts)));
return error 14 "Bad address".
Did some tracing in ng_ksocket.c and the struct sockopt sent as argument to
sosetopt() seems to contains sane values:
sopt.sopt_val = 0xc182452c (pointer dereferences to 1)
sopt.sopt_valsize = 4
Help appreciated.
Thanks
Florent.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
dummynet byte counters
Hi, i got request from some people on how can i know how many bytes were used by a dummynet pipe -- essentially i guess for accounting reasons, or to export these values with mrtg as some people do, etc. For this to work you would need to count packets and bytes coming out of the queue. But at the moment, dummynet pipes only count packets and bytes _in_, plus packet drops. There are two ways to implement this feature (which i think is useful): + add to struct dn_flow_queue a counter for bytes dropped (and while we are at it, extend the packet drop counter to 64 bits). This has the problem of requiring a reinstallation of /sbin/ipfw because the size of structures passed with getsockopt changes; + use the tot_pkts/tot_bytes field to count traffic _out_ of the pipe instead of traffic going in. This way the size of dn_flow_queue does not change, but the meaning of these two fields changes; on the other hand, some people who wrote me already thought these field counted data out. For what is worth, the wording in /sbin/ipfw's output is sufficiently vague not to require any change in that program. Obviously I am not thinking of changing before 4.5 is released, but right after that it is definitely something to do. Any preference on the solution to use ? I see some good in both of them, and the second one is to some degree a bit more transparet than the first one. cheers luigi To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
interface creation notification
Hi, how is a daemon supposed to get informed that a network interface has been created? I had hoped, that an RTM_IFINFO message would be created on the routing socket, but this is not the case. If an interface is destroyed, the routing socket gets a message for whatever reason. Wouldn't it be simple to just create an RTM_IFINFO message? harti -- harti brandt, http://www.fokus.gmd.de/research/cc/cats/employees/hartmut.brandt/private [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: netgraph: how to setsockopt on ksocket node ?
>ret = NgSendMsg(cs, epath, NGM_KSOCKET_COOKIE, NGM_KSOCKET_SETOPT, > (struct ng_ksocket_sockopt *)&myopts, > sizeof(myopts))); > >return error 14 "Bad address". Could it be that your path to the node is not correct? (missing a : maybe...?) Doc To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: netgraph: how to setsockopt on ksocket node ?
--On 2002-01-17 19:11:45 +0100 [EMAIL PROTECTED] wrote: > >>ret = NgSendMsg(cs, epath, NGM_KSOCKET_COOKIE, NGM_KSOCKET_SETOPT, >> (struct ng_ksocket_sockopt *)&myopts, >> sizeof(myopts))); >> >> return error 14 "Bad address". > > Could it be that your path to the node is not correct? (missing a : > maybe...?) > > Doc No. I'm able to CONNECT and BIND on that same path. I'm able to trace to call to the ng_ksocket module so it is going to the correct path. Florent. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
which 802.11b card for 4.4?
Hi, we're looking to buy a bunch of 802.11b cards that need to work under FreeBSD-4.4 (soon 4.5) with 128bit WEP and Cisco access points (which are not under our direct administration). The cheapest right now seems to be the "Netgear MA401NA 802.11b Wireless PC Card" ($49 at Outpost.com) - but people reported problems with it. Have these been resolved? Another cheap cards are the "D-Link DWL-650 WirelessLAN 802.11b PC Card" ($59 at computers4sure.com). Anyone have experiences with these? Are there any others you'd recommend? (Ideally, we'd buy Cisco cards, but since we're a .edu, saving a few bucks is good... :-) Thanks, Lars -- Lars Eggert <[EMAIL PROTECTED]> Information Sciences Institute http://www.isi.edu/larse/ University of Southern California smime.p7s Description: application/pkcs7-signature
Re: which 802.11b card for 4.4?
On Thu, Jan 17, 2002 at 11:51:21AM -0800, Lars Eggert wrote: > we're looking to buy a bunch of 802.11b cards that need to work under > FreeBSD-4.4 (soon 4.5) with 128bit WEP and Cisco access points (which > are not under our direct administration). > > The cheapest right now seems to be the "Netgear MA401NA 802.11b Wireless > PC Card" ($49 at Outpost.com) - but people reported problems with it. > Have these been resolved? > > Another cheap cards are the "D-Link DWL-650 WirelessLAN 802.11b PC Card" > ($59 at computers4sure.com). Anyone have experiences with these? > > Are there any others you'd recommend? (Ideally, we'd buy Cisco cards, > but since we're a .edu, saving a few bucks is good... :-) The Lucent cards are generally superior to the various Prism II designs. You can get gold cards for $87 on pricewatch. That's more then the cheap stuff, but quite a bit less then the $130 I've heard as the best prices for Ciscos. I'd certaintly suggest you pick up one of anything you're considering before you buy a bunch with possiable exception of Lucent or Cisco cards. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 msg04751/pgp0.pgp Description: PGP signature
Re: netgraph: how to setsockopt on ksocket node ?
archie is Mr ksocket. On Thu, 17 Jan 2002, Florent Parent wrote: > > > --On 2002-01-17 19:11:45 +0100 [EMAIL PROTECTED] wrote: > > > > >>ret = NgSendMsg(cs, epath, NGM_KSOCKET_COOKIE, NGM_KSOCKET_SETOPT, > >> (struct ng_ksocket_sockopt *)&myopts, > >> sizeof(myopts))); > >> > >> return error 14 "Bad address". > > > > Could it be that your path to the node is not correct? (missing a : > > maybe...?) > > > > Doc > > No. I'm able to CONNECT and BIND on that same path. I'm able to trace to > call to the ng_ksocket module so it is going to the correct path. > > Florent. > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
IPNAT -- Can't send file thru it with any instant messengers.....
Hi! I'm using IPNAT in order to split many local IPs over 5 external IPs. I can receive ICQ or MSN file transfers but I can't send any of those thru the NAT I have a friend which uses natd and he can send/receive files without any problems So.. I'm just wondering what's the big difference between natd and ipnat and can I send files with ICQ or MSN thru a NAT that uses IPNAT ??? Answer me on my email address please... or CC it... Thanks a lot! -- Dominic Blais Administrateur reseau Interplex telecom -=[ http://www.interplex.ca ]=- Email: [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: netgraph: how to setsockopt on ksocket node ?
Florent Parent writes:
> Anyone has an example on how to setsockopt on a ksocket node in netgraph?
>
> struct opts {
> int level;
> int name;
> int value;
> } myopts = { SOL_SOCKET, SO_REUSEADDR, 1
> };
>
> ret = NgSendMsg(cs, epath, NGM_KSOCKET_COOKIE, NGM_KSOCKET_SETOPT,
> (struct ng_ksocket_sockopt *)&myopts,
> sizeof(myopts)));
>
> return error 14 "Bad address".
>
> Did some tracing in ng_ksocket.c and the struct sockopt sent as argument to
> sosetopt() seems to contains sane values:
>
> sopt.sopt_val = 0xc182452c (pointer dereferences to 1)
> sopt.sopt_valsize = 4
What kind of socket?
What version of FreeBSD?
That should work.. if the error is coming from the sosetopt()
call then it's a socket problem rather than a netgraph problem.
What if you create the socket normally and call setsockopt()?
Cheers,
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
Re: netgraph: how to setsockopt on ksocket node ?
--On 2002-01-17 18:16:08 -0800 [EMAIL PROTECTED] wrote:
> Florent Parent writes:
>> Anyone has an example on how to setsockopt on a ksocket node in netgraph?
>>
>> struct opts {
>> int level;
>> int name;
>> int value;
>> } myopts = { SOL_SOCKET, SO_REUSEADDR, 1
>> };
>>
>> ret = NgSendMsg(cs, epath, NGM_KSOCKET_COOKIE, NGM_KSOCKET_SETOPT,
>> (struct ng_ksocket_sockopt *)&myopts,
>> sizeof(myopts)));
>>
>> return error 14 "Bad address".
>>
>> Did some tracing in ng_ksocket.c and the struct sockopt sent as argument
>> to sosetopt() seems to contains sane values:
>>
>> sopt.sopt_val = 0xc182452c (pointer dereferences to 1)
>> sopt.sopt_valsize = 4
>
> What kind of socket?
UDP
>
> What version of FreeBSD?
4.5-PRERELEASE (~ 2 weeks old)
> That should work.. if the error is coming from the sosetopt()
> call then it's a socket problem rather than a netgraph problem.
>
> What if you create the socket normally and call setsockopt()?
Well that works just fine. I've attached normal.c which is a dummy example
using standard socket calls, and I've attached netgraph.c which wants to do
the same thing using a ksocket node. The latter fails with the following
debug:
netgraph: SENDING MESSAGE:
netgraph: SOCKADDR: { fam=32 len=9 addr=".dummy" }
netgraph: NG_MESG :
netgraph: vers 2
netgraph: arglen 12
netgraph: flags 0
netgraph: token 3
netgraph: cookie KSOCKET (942710669)
netgraph: cmd7
netgraph: args (12 bytes)
netgraph: : ff ff 00 00 00 02 00 00 01 00 00 00
netgraph: sendto(.dummy): Bad address
.dummy Cannot setopt the ksocket node: Bad address
It has to be the way I'm presenting the socket options arguments through
the netgraph interface. This is why I originally asked for any example on
doing a setsockopt through netgraph.
Thanks for the help
Florent.
netgraph.c
Description: Binary data
normal.c
Description: Binary data
