date:20100601

carp + carpdev option?

2010-06-01 Thread Ferdinand Goldmann


Greetings!

It seems that this question has been asked several times before ...
It looks like there is no carpdev option in 7.x :-(

Having this options should bring several advantages:
- One would only have to use a single public IP address (the carp interface),
  and would be able to configure the physical parent interface with a private
  IP address for management purposes only.

- One would not have to fiddle around with application configuration, like
  telling Squid to use the IP address of the carp interface as sender IP
  (and not the IP of the parent interface ...)

Is there any hope this option gets ported to FreeBSD? Maybe in 8.x?

TIA,
Ferdinand Goldmann
--
>> Ferdinand Goldmann
>> Johannes Kepler University Linz - Server Systems/Information Management
>> Mail: ferdinand.goldm...@jku.at Phone: 00437024689398 Fax: 00437024689397
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Re: [quagga-users 11570] Re: quagga:zebra errors on FreeBSD 6.x ...

2010-06-01 Thread Marc G. Fournier



[+freebsd-net,+quagga port maintainer]

Two questions ...

1. Is 8.x any better at this?
2. Any idea where the 'gross patch' is?



On Tue, 1 Jun 2010, Joe Greco wrote:


Other then appropriate interface/IP on the 7-STABLE boxes, the 7-STABLE
boxes all work fine ... is there an issue with em/fxp devices and zebra?
Or am I overlooking something in my config?


It doesn't "work fine" on 7-STABLE, be warned.  It's just more subtly
busted.

I spent a little time trying to figure out whether it was FreeBSD or
Quagga that was busted, and my conclusion that it was a little bit of
both.  Changes made to the multicast code in FreeBSD seem to be the
root cause; the multicast maintainer for FreeBSD doesn't seem to have
much interest in this, or at least that was my impression, and queries
on the Quagga list haven't had much result either.

There's a patch floating around that everyone agrees is a gross hack
and "isn't correct but seems to work."

... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
___
Quagga-users mailing list
quagga-us...@lists.quagga.net
http://lists.quagga.net/mailman/listinfo/quagga-users




Marc G. FournierHub.Org Hosting Solutions S.A.
scra...@hub.org http://www.hub.org

Yahoo:yscrappySkype: hub.orgICQ:7615664MSN:scra...@hub.org
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Re: carp + carpdev option?

2010-06-01 Thread Freddie Cash

On Tue, Jun 1, 2010 at 8:02 AM, Ferdinand Goldmann <
ferdinand.goldm...@jku.at> wrote:

> It seems that this question has been asked several times before ...
> It looks like there is no carpdev option in 7.x :-(
>
> Having this options should bring several advantages:
> - One would only have to use a single public IP address (the carp
> interface),
>  and would be able to configure the physical parent interface with a
> private
>  IP address for management purposes only.
>
> - One would not have to fiddle around with application configuration, like
>  telling Squid to use the IP address of the carp interface as sender IP
>  (and not the IP of the parent interface ...)
>
> Is there any hope this option gets ported to FreeBSD? Maybe in 8.x?
>

Max L. (can't remember how to spell his last name) had some patches
available for 7.x to enable carpdev support.  I did some testing of them
back then and they worked  so long as the IPs/devices were all added in
the exact same order on all interfaces.  The CARP hashes wouldn't match if
anything was different between interfaces.  If you didn't use multiple IPs
on the CARP devices, they worked perfectly.

The patches were never imported to the source tree, though.

I agree.  It would be nice to have carpdev support in FreeBSD, as it makes
things cleaner.  And it lines up with vlan(4), lagg(4), and if_bridge(4)
where you can specify devices and not have to rely on IPs/subnets.

Here's hoping that it gets added in some future update of pf/carp from
OpenBSD.  :)  It's the final missing link in our dreams of redundant
firewalls/routers and storage servers.

-- 
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Re: [axe][ue0] Device send packets but any host in network can not receive any packet from it.

2010-06-01 Thread Perevalov Sergey


Hi!
I tried it with crossover cable but results was the same bad. Then set 
debug flag hw.usb.axe.debug: to 15, and started ping -f from ue0.

And in /var/log/messages I found these strings:

Jun  1 22:28:34 laptop kernel: axe_bulk_read_callback:842: bulk read 
error, USB_ERR_CANCELLED
Jun  1 22:28:35 laptop kernel: axe_bulk_write_callback:870: transfer 
complete
Jun  1 22:29:12 laptop kernel: axe_bulk_write_callback:941: transfer 
error, USB_ERR_TIMEOUT

Jun  1 22:29:51 laptop last message repeated 4 times
Jun  1 22:31:40 laptop last message repeated 11 times

Then i googled it and found this
http://www.mail-archive.com/freebsd-...@freebsd.org/msg04388.html
the problem is described definitely like mine.
I read all thread and found the patch usb2_ethernet.patch2, but I havn't 
found

sys/dev/usb2/ethernet/usb2_ethernet.c file for patch.

how can I try to apply this patch to my system?
http://www.mail-archive.com/freebsd-...@freebsd.org/msg04403.html

Thank you very mach for your help!
//

//

On 01.06.2010 03:32, Pyun YongHyeon wrote:

On Sun, May 30, 2010 at 01:16:14AM +0500, Perevalov Sergey wrote:
   

Pyun YongHyeon, I am really sorry, I have found you message in my spam
folder:-(
And immediately I did by your instructions.
I connected 2 Freebsd 8.0 hosts by one cable, and started tcpdump
-evvi rl0/ue0.

So, 192.168.2.15 is receiver (rl0) log: http://pastebin.com/pZ5udweh

192.168.2.16 is sender (ue0) log: http://pastebin.com/BEDwUWBe

 

It seems both ends does not see any frames at all. I thought axe(4)
sent wrong ethernet address to the other end but tcpdump output you
posted makes me wonder cabling issue. I'm not sure whether
rgephy(4) used in axe(4) can handle automatic MDI/MDIX crossover
but rlphy(4) surely lacks the capability. Can you retest it with
crossover cable instead of straight UTP cable?
Also your tcpdump seems to indicate both hosts are trying to send
packets. This makes it hard to know which part of NIC is not
working. Send ICMP echo request on one host(e.g. ping(8)) and
capture traffic on both sender and receiver side and post the
result again.

   

Thank you for your help!



On 08.05.2010 02:05, Pyun YongHyeon wrote:
 

On Fri, May 07, 2010 at 10:30:21PM +0500, Perevalov Sergey wrote:

   

Hi guys. I am beginner in FreeBSD.  And I got problem with my Gigabit
usb to ethernet adapter with AX88178 chipset. It works in windows very
well but doesn't work in FreeBSD 8.0. tcpdump shows log with received
and sent packets, but any host in network doesn't receive them from it.
I checked it with 2 FreeBSD hosts connected directly by cable. Can you,
guys, advice to me something to fix or to find reason of this issue?
I started thread on freebsd forums(
http://forums.freebsd.org/showthread.php?t=13649 ) and also reported
about problem ( http://www.freebsd.org/cgi/query-pr.cgi?pr=146153 ).


 

It seems the PR shows tcpdump output on sender side(axe(4)
host 192.168.2.22). Would you capture the traffic on receiver side
(host 192.168.2.7) and post the result? Note, please use direct
cable to connect both systems and use option -e to capture traffic
on host 192.168.2.7. For instance, use
#ifconfig -envvi nic0
on receiver side.

Also check whether the receiver agrees on the resolved speed/duplex
of established link. For your case, host 192.168.2.7 should show
100baseTX, full-duplex.


   

Here some information:

dmesg:
ugen4.2:   at usbus4
axe0:   on usbus4
axe0: PHYADDR 0xe0:0x02
miibus0:   on axe0
rgephy0:   PHY 2 on miibus0
rgephy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT,
1000baseT-FDX, auto
ue0:   on axe0
ue0: Ethernet address: 00:0e:c6:88:09:4e

usbconfig:
laptop# usbconfig
ugen0.1:   at usbus0, cfg=0 md=HOST spd=FULL
(12Mbps) pwr=ON
ugen1.1:   at usbus1, cfg=0 md=HOST spd=FULL
(12Mbps) pwr=ON
ugen2.1:   at usbus2, cfg=0 md=HOST spd=FULL
(12Mbps) pwr=ON
ugen3.1:   at usbus3, cfg=0 md=HOST spd=FULL
(12Mbps) pwr=ON
ugen4.1:   at usbus4, cfg=0 md=HOST spd=HIGH
(480Mbps) pwr=ON
ugen4.2:   at usbus4, cfg=0 md=HOST
spd=HIGH (480Mbps) pwr=ON
ugen0.2:   at usbus0, cfg=0 md=HOST spd=LOW
(1.5Mbps) pwr=ON

ifconfig:
ue0: flags=8843   metric 0 mtu 1500
ether 00:0e:c6:88:09:4e
inet 192.168.2.22 netmask 0xff00 broadcast 192.168.2.255
media: Ethernet autoselect (100baseTX)
status: active

Thank you for you help!

 


   


--
Regards, Sergey.

 
   



--
Regards, Sergey.

___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Re: [axe][ue0] Device send packets but any host in network can not receive any packet from it.

2010-06-01 Thread Pyun YongHyeon

On Tue, Jun 01, 2010 at 11:31:13PM +0500, Perevalov Sergey wrote:
> Hi!
> I tried it with crossover cable but results was the same bad. Then set 
> debug flag hw.usb.axe.debug: to 15, and started ping -f from ue0.
> And in /var/log/messages I found these strings:
> 
> Jun  1 22:28:34 laptop kernel: axe_bulk_read_callback:842: bulk read 
> error, USB_ERR_CANCELLED
> Jun  1 22:28:35 laptop kernel: axe_bulk_write_callback:870: transfer 
> complete
> Jun  1 22:29:12 laptop kernel: axe_bulk_write_callback:941: transfer 
> error, USB_ERR_TIMEOUT
> Jun  1 22:29:51 laptop last message repeated 4 times
> Jun  1 22:31:40 laptop last message repeated 11 times
> 
> Then i googled it and found this
> http://www.mail-archive.com/freebsd-...@freebsd.org/msg04388.html
> the problem is described definitely like mine.
> I read all thread and found the patch usb2_ethernet.patch2, but I havn't 
> found
> sys/dev/usb2/ethernet/usb2_ethernet.c file for patch.
> 
> how can I try to apply this patch to my system?
> http://www.mail-archive.com/freebsd-...@freebsd.org/msg04403.html
> 

I believe the bug in the thread was fixed long time ago.
If you're using 8.0-RELEASE, try latest stable/8 or
8.1-PRERELEASE and see whether axe(4) works or not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Link state changes

2010-06-01 Thread Andrew Thompson

> Revision 205024 - (annotate)
> Thu Mar 11 17:56:46 2010 UTC (2 months, 3 weeks ago) by qingli
>
> The if_tap interface is of IFT_ETHERNET type, but it
> does not set or update the if_link_state variable.
> As such RT_LINK_IS_UP() fails for the if_tap interface.
>
> Also, the RT_LINK_IS_UP() needs to bypass all loopback
> interfaces because loopback interfaces are considered
> up logically as long as the system is running.
>
> This patch fixes the above issues by setting and updating
> the if_link_state variable when the tap interface is
> opened or closed respectively. Similary approach is
> already done in the if_tun device.

This is also a problem for bridge(4) and possibly ef(4), edesc(4) and
epair(4). Should the same change be applied to them?


Andrew
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Re: kern/147191: [ppp] Problems with ppp -nat [pppoe], ipfw, dummynet

2010-06-01 Thread Jose M Rodriguez

The following reply was made to PR kern/147191; it has been noted by GNATS.

From: Jose M Rodriguez 
To: bug-follo...@freebsd.org, jos...@freebsd.jazztel.es
Cc:  
Subject: Re: kern/147191: [ppp] Problems with ppp -nat [pppoe], ipfw, dummynet
Date: Wed, 02 Jun 2010 02:37:20 +0200

 This is a multi-part message in MIME format.
 --080505020803060701030501
 Content-Type: text/plain; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: 7bit

 Seems that this must be reopen.

 After redo the rules to work with one_pass=0, problems of all sort still 
 alive.

 - ppp nat seems to consume all translated traffic 'in to out', with or 
 without one_pass set.
  but traffic 'out to in' hit ipfw rules following specs

 - after changing to mpd5 + natd, problems are even more strange, and 
 firewall mostly works
 only if local net traffic is done LAST and not FIRST.  But some NATed 
 apps fails (jdownloader, bitcomet file donloader), while others works 
 (firefox and his file downloader)

 My vote is for some problem with libalias.

 At the moment, I MUST put the sharper FIRST, catching the traffic coming 
 from local net.

 I'm very busy now, but can go over this again after 2 weeks.

 Attached rc.firewall mostly working with mpd5 + natd as reference

 --080505020803060701030501
 Content-Type: text/plain;
  name="rc.firewall.router.1"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
  filename="rc.firewall.router.1"

 #!/bin/sh -
 # Copyright (c) 1996  Poul-Henning Kamp
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
 # are met:
 # 1. Redistributions of source code must retain the above copyright
 #notice, this list of conditions and the following disclaimer.
 # 2. Redistributions in binary form must reproduce the above copyright
 #notice, this list of conditions and the following disclaimer in the
 #documentation and/or other materials provided with the distribution.
 #
 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
 # $FreeBSD: src/etc/rc.firewall,v 1.60.2.3 2010/04/14 15:03:58 ume Exp $
 #
 # $Log$

 #
 # Setup system for ipfw(4) firewall service on AHS router
 #

 # Configuration:
 #   firewall_resetports:
 #  List of TCP ports reset on incoming
 #   firewall_myservices:
 #  List of TCP ports on which this host offers services.
 #   firewall_myudpports:
 #  List of UDP ports on which this host offers services.
 #   firewall_logdeny:
 #  Boolean (YES/NO) specifying if the default denied packets should be
 #  logged (in /var/log/security).
 #   firewall_nologports:
 #  List of TCP/UDP ports for which denied incoming packets are not logged.
 #   firewall_oif:
 #  Outside IPv4 network interface, default to tun0.
 #   firewall_iifaces:
 #  Inside network interface list.
 #   firewall_net_${iface}
 #  IPv4 network definition for each of the previous interfaces.
 #   firewall_p2p_${iface}
 #  List of address ports for opened TCP/UDP ports on ${iface}
 #   firewall_p2p_uids
 #  List of uids of p2p daemons running on me

 # predefined
 firewall_resetports="53,113,135-139,445"
 firewall_p2p_uids="mlnet transmission"
 for u in ${firewall_p2p_uids}; do
eval ${u}_enable="NO"
 done
 mpd_enable="NO"

 # Suck in the configuration variables.
 if [ -z "${source_rc_confs_defined}" ]; then
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
source_rc_confs
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
 fi

 . /etc/rc.subr
 . /etc/network.subr
 afexists inet6
 ipv6_available=$?

 # macros
 fwcmd="/sbin/ipfw"
 ifaces=${firewall_iifaces}
 if checkyesno mpd_enable ; then
oif=${firewall_oif-ng0}
 else
oif=${firewall_oif-tun0}
 fi
 log=""

 # Set quiet mode if requested
 checkyesno firewall_quiet && fwcmd="${fwcmd} -q"

 # Flush out the list before we begin.
 ${fwcmd} -f flush

 # setup loopback
 ${fwcmd} add 100 pass all from any to any via lo0
 ${fwcmd} add 200 deny all from any to 127.0.0.0/8
 ${fwcmd} add 300 deny all from 127.0.0.0/8 to any

 # setup ipv6 mandatory
 if [ $i

Re: kern/147191: [ppp] Problems with ppp -nat [pppoe], ipfw, dummynet

2010-06-01 Thread Jose M Rodriguez

The following reply was made to PR kern/147191; it has been noted by GNATS.

From: Jose M Rodriguez 
To: bug-follo...@freebsd.org
Cc:  
Subject: Re: kern/147191: [ppp] Problems with ppp -nat [pppoe], ipfw, dummynet
Date: Wed, 02 Jun 2010 04:31:49 +0200

 This is a multi-part message in MIME format.
 --090100060803090709040905
 Content-Type: text/plain; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: 8bit

 El 02/06/2010 2:37, Jose M Rodriguez escribió:
 > Seems that this must be reopen.
 > ...
 Seems this one worked, but I don't remember this last time I use ipfw on 
 FreeBSD-7

 --090100060803090709040905
 Content-Type: text/plain;
  name="rc.firewall.router.4"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
  filename="rc.firewall.router.4"

 #!/bin/sh -
 # Copyright (c) 1996  Poul-Henning Kamp
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
 # are met:
 # 1. Redistributions of source code must retain the above copyright
 #notice, this list of conditions and the following disclaimer.
 # 2. Redistributions in binary form must reproduce the above copyright
 #notice, this list of conditions and the following disclaimer in the
 #documentation and/or other materials provided with the distribution.
 #
 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
 # $FreeBSD: src/etc/rc.firewall,v 1.60.2.3 2010/04/14 15:03:58 ume Exp $
 #
 # $Log$

 #
 # Setup system for ipfw(4) firewall service on AHS router
 #

 # Configuration:
 #   firewall_resetports:
 #  List of TCP ports reset on incoming
 #   firewall_myservices:
 #  List of TCP ports on which this host offers services.
 #   firewall_myudpports:
 #  List of UDP ports on which this host offers services.
 #   firewall_logdeny:
 #  Boolean (YES/NO) specifying if the default denied packets should be
 #  logged (in /var/log/security).
 #   firewall_nologports:
 #  List of TCP/UDP ports for which denied incoming packets are not logged.
 #   firewall_oif:
 #  Outside IPv4 network interface, default to tun0.
 #   firewall_iifaces:
 #  Inside network interface list.
 #   firewall_net_${iface}
 #  IPv4 network definition for each of the previous interfaces.
 #   firewall_p2p_${iface}
 #  List of address ports for opened TCP/UDP ports on ${iface}
 #   firewall_p2p_uids
 #  List of uids of p2p daemons running on me

 # predefined
 firewall_resetports="53,113,135-139,445"
 firewall_p2p_uids="mlnet transmission"
 for u in ${firewall_p2p_uids}; do
eval ${u}_enable="NO"
 done
 mpd_enable="NO"

 # Suck in the configuration variables.
 if [ -z "${source_rc_confs_defined}" ]; then
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
source_rc_confs
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
 fi

 . /etc/rc.subr
 . /etc/network.subr
 afexists inet6
 ipv6_available=$?

 # macros
 fwcmd="/sbin/ipfw"
 ifaces=${firewall_iifaces}
 if checkyesno mpd_enable ; then
oif=${firewall_oif-ng0}
 else
oif=${firewall_oif-tun0}
 fi
 log=""

 # Set quiet mode if requested
 checkyesno firewall_quiet && fwcmd="${fwcmd} -q"

 # Flush out the list before we begin.
 ${fwcmd} -f flush

 # setup loopback
 ${fwcmd} add 100 pass all from any to any via lo0
 ${fwcmd} add 200 deny all from any to 127.0.0.0/8
 ${fwcmd} add 300 deny all from 127.0.0.0/8 to any

 # setup ipv6 mandatory
 if [ $ipv6_available -ne 0 ]; then
${fwcmd} add 400 deny all from any to ::1
${fwcmd} add 500 deny all from ::1 to any
# DAD
${fwcmd} add pass ipv6-icmp from :: to ff02::/16
# RS, RA, NS, NA, redirect...
${fwcmd} add pass ipv6-icmp from fe80::/1o to fe80::/10
${fwcmd} add pass ipv6-icmp from fe80::/1o to ff02::/16
# IMCPv6 destination unreachable, NS, NA, toobig
${fwcmd} add pass ipv6-icmp from any to any icmp6 types 1,2,135,136
 fi

 # setup tables
 ${fwcmd} table all flush

 astable=1
 astn=1
 asln=2
 aspn=3
 asipv4=4
 ascle=5
 asmcast=6
 # rfc 1912 local net
 ${fwcmd} table ${astable} add 0.0.0.0/

Re: panic: rtqkill route really not free on freebsd 8.0-release

2010-06-01 Thread Chao Shin


I worte:


Hi all,

I have four heavy load mysql database servers which system is 8.0-release
got "panic: rtqkill route really not free" this week. We have a gateway
set up by OpenBSD have a icmp route redirect function between two  
subnets,
I suspect the FreeBSD panic at trying to delete routes sent from that  
gateway.


So I set sysctl net.inet.icmp.drop_redirect=1, no more panic in past 24  
hours.

I guess maybe miss some locks or wrong delete route path in 8.0-release.

Did any one meet this problem before?



After four days research we think the problem is between function  
in_matroute
and in_rtqkill. This two functions' conflicted at processing RTPRF_OURS  
flag
routes. In my opinion, it is a design problem, so I have no idea about how  
to
resolve it. The simple way I think is change the panic assert in  
in_rtqkill,

treat it as a normal state not assert a panic.

--
The Power to Serve
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

carp + carpdev option?

Re: [quagga-users 11570] Re: quagga:zebra errors on FreeBSD 6.x ...

Re: carp + carpdev option?

Re: [axe][ue0] Device send packets but any host in network can not receive any packet from it.

Re: [axe][ue0] Device send packets but any host in network can not receive any packet from it.

Link state changes

Re: kern/147191: [ppp] Problems with ppp -nat [pppoe], ipfw, dummynet

Re: kern/147191: [ppp] Problems with ppp -nat [pppoe], ipfw, dummynet

Re: panic: rtqkill route really not free on freebsd 8.0-release

9 matches

Site Navigation

Mail list logo

Footer information