RTF_CLONING and RTF_WASCLONED flags - cloning mechanisum question

2002-12-16 Thread Svetoslav Agafonkin 

   flober# uname -a
   FreeBSD flober 4.7-RELEASE FreeBSD 4.7-RELEASE #5:
Thu Dec  5 22:01:28 EET 2002
   root@flober:/usr/obj/usr/src/sys/AKERNEL  i386

  I've got this question about flags C (RTF_CLONING)
and W (RTF_WASCLONED)(struct rtentry):

  Let there are two active interfaces - fxp0
(ethernet) i lo0 (loopback):

   flober# ifconfig

   fxp0:
flags=8843 mtu
1500
 inet 192.168.1.1 netmask 0xff00 broadcast
192.168.1.255
 ether 00:06:29:b0:df:65
 media: Ethernet autoselect (none)
 status: no carrier
   lp0: flags=8810 mtu
1500
   ppp0: flags=8010 mtu 1500
   sl0: flags=c010 mtu
552
   faith0: flags=8002 mtu 1500
   lo0: flags=8049 mtu
16384
inet 127.0.0.1 netmask 0xff00


 initial routing table :

   flober# netstat -rn
   Routing tables

   Internet:
   DestinationGatewayFlagsRefs
 Use  Netif Expire
   127.0.0.1  127.0.0.1  UH  0
   0lo0
   192.168.1  link#1 UC  0
   0   fxp0

the flag C in the entry route to 192.168.1.0/24 means
that every time we use that entry (via
rtalloc/rtrequest/rtrequest_ign(/sys/net/route.c)) it
will be  cloned (i.e. a new entry will be created
using the old a a template).Let's see:

 for example:

  flober# ping 192.168.1.1

   ...

  flober# netstat -rn
  Routing tables

  Internet:
  DestinationGatewayFlags Refs
 Use  Netif Expire
  127.0.0.1  127.0.0.1  UH  0 
  0lo0
  192.168.1  link#1 UC  1 
  0   fxp0
  192.168.1.100:06:29:b0:df:65  UHLW0 
  4lo0

How fxp0 interface is changed to lo0? Where exactly in
the source (rtrequest)this is done?


Svetoslav Agafonkin




__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: RTF_CLONING and RTF_WASCLONED flags - cloning mechanisum question

2002-12-16 Thread Ruslan Ermilov 
It's done in the arp_rtrequest() function and is controlled
by the net.link.ether.inet.useloopback sysctl.

On Mon, Dec 16, 2002 at 03:39:48AM -0800, Svetoslav Agafonkin wrote:
> 
>flober# uname -a
>FreeBSD flober 4.7-RELEASE FreeBSD 4.7-RELEASE #5:
> Thu Dec  5 22:01:28 EET 2002
>root@flober:/usr/obj/usr/src/sys/AKERNEL  i386
> 
>   I've got this question about flags C (RTF_CLONING)
> and W (RTF_WASCLONED)(struct rtentry):
> 
>   Let there are two active interfaces - fxp0
> (ethernet) i lo0 (loopback):
> 
>flober# ifconfig
> 
>fxp0:
> flags=8843 mtu
> 1500
>  inet 192.168.1.1 netmask 0xff00 broadcast
> 192.168.1.255
>  ether 00:06:29:b0:df:65
>  media: Ethernet autoselect (none)
>  status: no carrier
>lp0: flags=8810 mtu
> 1500
>ppp0: flags=8010 mtu 1500
>sl0: flags=c010 mtu
> 552
>faith0: flags=8002 mtu 1500
>lo0: flags=8049 mtu
> 16384
> inet 127.0.0.1 netmask 0xff00
> 
> 
>  initial routing table :
> 
>flober# netstat -rn
>Routing tables
> 
>Internet:
>DestinationGatewayFlagsRefs
>  Use  Netif Expire
>127.0.0.1  127.0.0.1  UH  0
>0lo0
>192.168.1  link#1 UC  0
>0   fxp0
> 
> the flag C in the entry route to 192.168.1.0/24 means
> that every time we use that entry (via
> rtalloc/rtrequest/rtrequest_ign(/sys/net/route.c)) it
> will be  cloned (i.e. a new entry will be created
> using the old a a template).Let's see:
> 
>  for example:
> 
>   flober# ping 192.168.1.1
> 
>...
> 
>   flober# netstat -rn
>   Routing tables
> 
>   Internet:
>   DestinationGatewayFlags Refs
>  Use  Netif Expire
>   127.0.0.1  127.0.0.1  UH  0 
>   0lo0
>   192.168.1  link#1 UC  1 
>   0   fxp0
>   192.168.1.100:06:29:b0:df:65  UHLW0 
>   4lo0
> 
> How fxp0 interface is changed to lo0? Where exactly in
> the source (rtrequest)this is done?
> 
> 
> Svetoslav Agafonkin
> 
> 
> 
> 
> __
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-net" in the body of the message

-- 
Ruslan Ermilov  Sysadmin and DBA,
[EMAIL PROTECTED]   Sunbay Software AG,
[EMAIL PROTECTED]  FreeBSD committer,
+380.652.512.251Simferopol, Ukraine

http://www.FreeBSD.org  The Power To Serve
http://www.oracle.com   Enabling The Information Age



msg07871/pgp0.pgp
Description: PGP signature

Re: libpcap

2002-12-16 Thread Eli Dart 
We maintain our own patches here as well to get around this problem.

IMHO, it is far better to have some applications "waste" a meg or two 
of buffer space than to hamstring any high-performance bpf app that 
runs on a FreeBSD box.

This is most likely a trivial code fix -- how hard would it be to get 
this committed?

--eli


In reply to "Guy Helmer" <[EMAIL PROTECTED]> :

> Petri Helenius wrote:
> > Guy Helmer wrote:
> > >I use "sysctl debug.dbf_bufsize=131072" on my appliances to increase the
> > >BPF buffer size  to something more reasonable without having to directly
> > >modify libpcap.
> > >
> > Hope you're not disappointed to find out that modifying that parameter has
> > no effect when using applications which use libpcap since libpcap always
> > sets the buffer size to 32768. (which is exactly the problem I'm
> complaining about)
> 
> You are right - I misremembered how the BIOCSBLEN ioctl worked.  My
> appliances do have a private copy of libpcap with a larger buffer size
> because of this problem.
> 
> IMHO, it would be better for the libpcap code to query the default BPF
> buffer size (BIOCGLEN) and use it if it is larger than the libpcap default
> size (32768).  Then libpcap would obey the buffer size set by the sysctl.
> 
> Guy
> 
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-net" in the body of the message





msg07872/pgp0.pgp
Description: PGP signature

DHCP and IP Addresses

2002-12-16 Thread Lewis Watson 
I have a bsd machine set up as a gateway for two networks. On the Internal
side I need DHCPD to assign IP addresses for some clients and some not. Also
on the Internet interface itself I need some IP addresses assigned by DHCPd
and some manually assigned. Is this possible. The reason I am asking is that
the tutorial I am following shows to comment out the defaultrouter line as
well as the ifconfig statement. Is there a better example I could follow?
Thanks.
Lewis


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Recursive encapsulation could panic the Kernel

2002-12-16 Thread Vincent Jardin 
Hi,

With FreeBSD, there are many ways to create a recursive local encapsulation 
loop within the IPv4 and IPv6 stack. For example, this problem shows up when :
  - Netgraph with pptp is used or Netgraph with an ng_iface over UDP or any 
more complex Netgraph topologies...
  - gre interfaces
  - gif tunnels
  - ...

There is a simple local solution that is used by gif_output() that is not 
protected by any mutex:
/*
 * gif may cause infinite recursion calls when misconfigured.
 * We'll prevent this by introducing upper limit.
 * XXX: this mechanism may introduce another problem about
 *  mutual exclusion of the variable CALLED, especially if we
 *  use kernel thread.
 */
if (++called > max_gif_nesting) {
log(LOG_NOTICE,
"gif_output: recursively called too many times(%d)\n",
called);
m_freem(m);
error = EIO;/* is there better errno? */
goto end;
}

I am wondering if a more generic solution could be found, however I do not 
have any idea yet ;-(
I mean, is it possible to protect the kernel against any panic that could 
come from a mis-configuration of the routing tables ?

Regards,
  Vincent

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

rlogin, ssh tak forever

2002-12-16 Thread Mikhail Teterin 
Hello!

Rlogin and/or ssh into my machine takes forever. Apparently -- a name
resolving issue, since rlogind remains idle for most of the time. Attaching
debugger to the server rlogind process yields:

0x280ba50f in kevent () from /usr/lib/libc.so.5
(gdb) where
#0  0x280ba50f in kevent () from /usr/lib/libc.so.5
#1  0x280e968d in res_send () from /usr/lib/libc.so.5
#2  0x280f0feb in getaddrinfo () from /usr/lib/libc.so.5
#3  0x280f14c1 in getaddrinfo () from /usr/lib/libc.so.5
#4  0x280f11e5 in getaddrinfo () from /usr/lib/libc.so.5
#5  0x280f062c in getaddrinfo () from /usr/lib/libc.so.5
#6  0x280f964d in nsdispatch () from /usr/lib/libc.so.5
#7  0x280ef1ad in getaddrinfo () from /usr/lib/libc.so.5
#8  0x280ef06c in getaddrinfo () from /usr/lib/libc.so.5
#9  0x280a9714 in __ivaliduser_sa () from /usr/lib/libc.so.5
#10 0x280a9453 in __ivaliduser_sa () from /usr/lib/libc.so.5
#11 0x280a8e5f in iruserok_sa () from /usr/lib/libc.so.5

It feels like something times out and proceeds, because once logged
in, the connection is as fast as the LAN is supposed to be.

I'd look into the name resolution issues, but nslookup(1) and host(1)
are both very quick with answers about all machines involved.

/etc/resolv.conf contains five domains and two (local) name servers.
host.conf lists hosts, bind, nis in this order.

Any clues? Thanks!

-mi

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: rlogin, ssh tak forever

2002-12-16 Thread Stacey Roberts 
Are you attempting to ssh to the machine via hostname? What's the
response time like when you try ssh'ing to a host via its IP address?

Also, is there a firewall in between in the route to / from source and
target machines?

What options to ssh (or rlogin) are being used, if any?

Might be an idea to try ssh with the "-v" option, and paste the output
to the list.

Regards,

Stacey

On Mon, 2002-12-16 at 23:42, Mikhail Teterin wrote:
> Hello!
> 
> Rlogin and/or ssh into my machine takes forever. Apparently -- a name
> resolving issue, since rlogind remains idle for most of the time. Attaching
> debugger to the server rlogind process yields:
> 
>   0x280ba50f in kevent () from /usr/lib/libc.so.5
>   (gdb) where
>   #0  0x280ba50f in kevent () from /usr/lib/libc.so.5
>   #1  0x280e968d in res_send () from /usr/lib/libc.so.5
>   #2  0x280f0feb in getaddrinfo () from /usr/lib/libc.so.5
>   #3  0x280f14c1 in getaddrinfo () from /usr/lib/libc.so.5
>   #4  0x280f11e5 in getaddrinfo () from /usr/lib/libc.so.5
>   #5  0x280f062c in getaddrinfo () from /usr/lib/libc.so.5
>   #6  0x280f964d in nsdispatch () from /usr/lib/libc.so.5
>   #7  0x280ef1ad in getaddrinfo () from /usr/lib/libc.so.5
>   #8  0x280ef06c in getaddrinfo () from /usr/lib/libc.so.5
>   #9  0x280a9714 in __ivaliduser_sa () from /usr/lib/libc.so.5
>   #10 0x280a9453 in __ivaliduser_sa () from /usr/lib/libc.so.5
>   #11 0x280a8e5f in iruserok_sa () from /usr/lib/libc.so.5
> 
> It feels like something times out and proceeds, because once logged
> in, the connection is as fast as the LAN is supposed to be.
> 
> I'd look into the name resolution issues, but nslookup(1) and host(1)
> are both very quick with answers about all machines involved.
> 
> /etc/resolv.conf contains five domains and two (local) name servers.
> host.conf lists hosts, bind, nis in this order.
> 
> Any clues? Thanks!
> 
>   -mi
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-questions" in the body of the message
-- 
Stacey Roberts
B.Sc (HONS) Computer Science

Web: www.vickiandstacey.com



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message