Vlan Problem/Bug maybe?
Hey I run freebsd 4.9-Stable. And i also use vlans and a program called freevrrp for redundancy. For freevrrpd to function, it needs to change the ether MAC addresses of the interfaces it is told to use. I found that if i assign it only to a vlan interfaces such as vlan0 or whatever, that it changes the ether MAC adddress of it fine. The problem then, is that no traffic is ever picked up by that interface after that. After a few dumps and stuff, i realised that it is using the new ether MAC address in the packets it sends out, which is now different from the parent NIC's ether MAC address. So somewhere along when the responses are sent back, they are not being handed back to the Vlan device. As soon as i changed the NIC's ether MAC address to match that of the new vlan ether MAC address, everything works fine again. Now this isnt really a feasible option. So i would like to know if there is anyone that could possibly help with some sort of patch to the vlan driver if_vlan.c so that when it has its ether MAC address updated, it also updates the ether MAC address of the parent device. Ive done a bit of looking and i see that somewhere in the vlan_start function inside if_vlan.c the ether MAC is being changed there, but i would also like to know how to send the new ether MAC address to the parent device driver and have it update itself. If there is a better list to send this too or if anyone could possibly help, it would be much appreciated. Thanx /Cole ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
unable to ping or connect to freebsd
Hi, I have installed freebsd 5.2.1 and connect it to the network using ppp. it works well. I have access to internet but I am unable to ping the freebsd from another computer. The network card get the ICMP packets but it seems that they are filters whereas no firewall like ipfw are installed. My rc.conf is bellow. As you can see the kernel_secureLevel is disable. Thanks. #network hostname="AMSTERDAMER" network_interfaces="lo0 lp0 sis0 sis1" ifconfig_sis0="inet 192.168.10.1 netmask 255.255.255.0" ifconfig_sis1="inet 10.0.0.1 netmask 255.255.255.255" ppp_enable="YES" ppp_mode="background" ppp_profile="tele2" ppp_nat="yes" gateway_enable="YES" #system kern_securelevel="1" kern_securelevel_enable="NO" keymap="fr.iso.acc" linux_enable="YES" moused_enable="YES" nfs_reserved_port_only="NO" usbd_enable="YES" #service inetd_enable="YES" Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout ! Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: ng_netflow: testers are welcome
Yep... But it not so obvious for man like me, who thought just a week ago that netgraph is something beetween net & graphics... like MRTG LOL Another question: Is is possible that ng_netflow take packets _after_ they are diverted by natd? I apologise, that this would require divert implemented as netgraph node? So... I have no idea how this would work with ipfw ruleset... Any ideas? > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Gleb Smirnoff > Sent: Sunday, February 22, 2004 2:58 AM > To: Julian Elischer > Cc: [EMAIL PROTECTED]; Bjoern A. Zeeb; Vasenin Alexander aka > BlackSir; [EMAIL PROTECTED] > Subject: Re: ng_netflow: testers are welcome > Is it possible to make port dependant on kernel module > shipped with base system? How? > For example sysutils/ips is not dependant on ipfw. It is obvious > that ipfw is required for it, as well as in case of netgraph > and ng_netflow. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ng_netflow: testers are welcome
On Sun, Feb 22, 2004 at 04:43:40PM +0300, Vasenin Alexander aka BlackSir wrote: V> Yep... But it not so obvious for man like me, who thought just a week ago V> that netgraph is something beetween net & graphics... like MRTG V> LOL V> V> Another question: V> Is is possible that ng_netflow take packets _after_ they are diverted by V> natd? I apologise, that this would require divert implemented as netgraph V> node? So... I have no idea how this would work with ipfw ruleset... Any V> ideas? The only known workaround is connecting ng_netflow to hook "upper" on inner interface of masquerading router. Any better ideas are welcome. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: unable to ping or connect to freebsd
On Sun, Feb 22, 2004 at 01:29:32PM +0100, Sylvain Lemasson wrote: > Hi, > I have installed freebsd 5.2.1 and connect it to the > network using ppp. it works well. I have access to > internet but I am unable to ping the freebsd from > another computer. The network card get the ICMP > packets but it seems that they are filters whereas no > firewall like ipfw are installed. My rc.conf is > bellow. As you can see the kernel_secureLevel is > disable. > > ppp_nat="yes" NAT normally does not allow connections from outside in, or unsolicited UDP or ICMP from outside in. Why do you need to allow that? Or, unless your fbsd box is acting as a router, why do you need NAT? -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: unable to ping or connect to freebsd
> On Sun, Feb 22, 2004 at 01:29:32PM +0100, Sylvain Lemasson wrote:
> > Hi,
> > I have installed freebsd 5.2.1 and connect it to the
> > network using ppp. it works well. I have access to
> > internet but I am unable to ping the freebsd from
> > another computer. The network card get the ICMP
> > packets but it seems that they are filters whereas no
> > firewall like ipfw are installed. My rc.conf is
> > bellow. As you can see the kernel_secureLevel is
> > disable.
> >
> > ppp_nat="yes"
>
> NAT normally does not allow connections from outside in, or unsolicited
> UDP or ICMP from outside in. Why do you need to allow that? Or, unless
> your fbsd box is acting as a router, why do you need NAT?
>
Unless ppp_nat="yes" engages some userland ppp filtering, I see no reason
why that would block ICMP. On my userland PPP setup with NAT enabled ('nat
enable' in ppp.conf iirc) the router still acts as if it were a normaly
connected machine and responds to ICMP echo requests and traceroutes etc.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Solution: TX performance problems with 3Com 905C cards
On Sun, 22 Feb 2004, David Burns wrote: > Probably should have someone with more understanding of kernel drivers > check whether it has any application outside my home office... :-) > > David If you have a patch, I'd be glad to merge it into the driver (if it works well, of course.) Mike "Silby" Silbersack ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: ng_netflow: testers are welcome
you can open a divert socket as a netgraph node by openning a ksocket node with protocol 'divert'. On Sun, 22 Feb 2004, Vasenin Alexander aka BlackSir wrote: > Yep... But it not so obvious for man like me, who thought just a week ago > that netgraph is something beetween net & graphics... like MRTG > LOL > > Another question: > Is is possible that ng_netflow take packets _after_ they are diverted by > natd? I apologise, that this would require divert implemented as netgraph > node? So... I have no idea how this would work with ipfw ruleset... Any > ideas? > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Gleb Smirnoff > > Sent: Sunday, February 22, 2004 2:58 AM > > To: Julian Elischer > > Cc: [EMAIL PROTECTED]; Bjoern A. Zeeb; Vasenin Alexander aka > > BlackSir; [EMAIL PROTECTED] > > Subject: Re: ng_netflow: testers are welcome > > > Is it possible to make port dependant on kernel module > > shipped with base system? How? > > For example sysutils/ips is not dependant on ipfw. It is obvious > > that ipfw is required for it, as well as in case of netgraph > > and ng_netflow. > > ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
