Re: [axe][ue0] Device send packets but any host in network can not receive any packet from it.
On Thursday 03 June 2010 23:46:06 Pyun YongHyeon wrote: > > Jun 3 18:29:52 homeserv kernel: axe_bulk_write_callback: transfer > > error, USB_ERR_TIMEOUT > > I don't see abnormal things in axe(4). Maybe Hans can help(CCed). > Timeout might mean that the data format is not accepted. --HPS ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: A slight change to tcpip_fillheaders...
On Thu, 3 Jun 2010, George Neville-Neil wrote:
For what it's worth I checked the assembly for both versions as well. The bzero
version does not inline, as you said, and the original does do a move of
0 for each and every field, again on Nehalem with our default version of
gcc.
I think that for now I will leave this alone, the code is clear either way,
and what I cared about was finding out if the code could be sped up.
I couldn't find any options to make gcc-4.2.1 coalesce the assignments in the
following simple example:
%%%
struct foo {
char x;
char y;
};
xx(struct foo *fp)
{
fp->x = 0;
fp->y = 0;
}
%%%
The non-coalesced version may be a bottleneck in the instruction stream
in some relatively rare cases. The worst case seems to be non-coalescing
8 8-bit variables on a 64-bit arch. (gcc does do the coalescing for
bit-fields, else the worst cast would be 64 assignments of 1-bit bit-fields
generating 3*64 micro-instructions (3 for each assignment to preserve
nearby bits).) But since there are no dependencies between these assignments
they are easy to schedule, and 8 instructions isn't many (they probably take
4 cycles).
struct ip has 11 separate fields (after combining the bit-fields). 11
instructions for these is a few, the extern bzero() takes almost that
many just to call; then on i386 it takes 12 instructions internally
for administrivia and 5 instructions internally to do the work; on
amd64 it takes 7 instructions interally for administivia and 6
instructions internally to do the work (amd64 bzero actually does more
assignments internally -- ones of size 8,8,1,1,1,1 instead of ones of
size 4,4,4,4,4; it could do fewer, but only at a cost of more for
administrivia). The function call instructions and other adminstrivia
instructions are almost all heavyweight ones with strong dependencies,
so you would be lucky if they ran in 25 cycles where the 11 asignments
may run in 5.5 cycles. But 25 cycles isn't many, so the difference is
usually insignificant. Since this is initialization code, it may involve
a cache miss or two, taking several hundred cycles each...
Bruce
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: Is enabling jumbo frames on RTL8111C possible?
On Thursday, 3 of June 2010 19:20:38 Pyun YongHyeon wrote: > RealTek no longer releases datasheet so it's hard to know required > information to support jumbo frame. It seems driver released by > vendor has magic code which enables jumbo frame as well as DSP > fixups. The magic code is very complex and hard to understand the > meaning. It seems Linux borrowed the magic code from vendor but I > guess they also don't know what the magic code does and why the > magic is needed. > > Controllers targeted to servers show very good performance number > with jumbo frame(e.g. about 990Mbps for bulk TCP transfers) but I'm > not sure how well consumer controller works with jumbo frame. > Vendor driver disables checksum offloading when jumbo frame is > used. This indicates the controller has very small FIFO(less than 1 > jumbo frame size) which in turn means it may show poor performance > under load. Thanks for explanation. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
how cook ng_pipe?
Hi. What is it ng_pipe? How it work? How use it? I dont find any manuals or docs about it. Only links to sources. But it exist in STABLE7... Thanks. -- Thanks,, Bogoslovskiy Dmitriy mailto:she...@hostelnet.ru ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
pf nat & ipfw kernel nat & ng_nat - what uses less computer resources?
Hello.We have a network. Now we are using pf NAT. But we are interested in some question:1. What type of NAT uses less computer resources?a) pf NATb) ipfw kernel NATc) NG_NAT ?2. BINAT or NAT - what is better? Which one of them is more faster and uses less computer resources with one of firewall? In theory I think that BINAT faster than NAT, because there is no necessary to track connections.3. I know that the firewall PF does not support threads. I read that IPFW is (in FreeBSD 8.0, for example). But in my test I haven`t seen threads when used IPFW. Maybe there are some special options to compile kernel or configure IPFW? For tests I compiled kernel with:options SMP# IPFWoptions IPFIREWALLoptions IPFIREWALL_VERBOSEoptions IPFIREWALL_DEFAULT_TO_ACCEPToptions DUMMYNEToptions IPFIREWALL_NAToptions LIBALIASoptions HZ="2000"4. I can`t find any information about BINAT in ipfw+ng_nat? Does anyone use this technology? Or maybe you know interesting information about it?I have a test computer (border nat):- dmesg | less:FreeBSD 8.0-STABLE-201004 #0: Mon Apr 5 15:59:06 UTC 2010CPU: Intel(R) Pentium(R) 4 CPU 3.20GHz (3200.01-MHz K8-class CPU)real memory = 536870912 (512 MB)age0: mem 0xfeac-0xfeaf irq 17 at device 0.0 on pci2rl0: port 0xe800-0xe8ff mem 0xfebffc00-0xfebffcff irq 19 at device 0.0 on pci4Test scheme:laptop(192.168.0.188)-->age0(192.168.0.1)-->rl0(10.1.2.142)-->internetage0 - internal interfacerl0 - external interfaceIP Pool for nat is http://10.1.6.0/24"; target="_blank">10.1.6.0/24.I have completed 2 tests:1. with utility "ping": ping -c 500 -f 192.168.1.1122. with utility "iperf": iperf -c 192.168.1.112 -n 1M -i 1 -t 180You can see the results of these tests below: 1. pf NAT:There is one rule for NAT in /etc/pf.conf.ports:nat pass on $ext_if from to any -> http://10.1.6.0/24"; target="_blank">10.1.6.0/24 source-hash test static-porta). ping -c 500 -f http://192.168.1.112"; target="_blank">192.168.1.112:PING 192.168.1.112 (192.168.1.112) 56(84) bytes of data.--- 192.168.1.112 ping statistics ---500 packets transmitted, 398 received, 20% packet loss, time 1658msrtt min/avg/max/mdev = 0.239/0.339/5.425/0.262 ms, ipg/ewma 3.323/0.328 msb) On the server http://192.168.1.112"; target="_blank">192.168.1.112:iperf -s 80On the laptop:iperf -c 192.168.1.112 -p 80 -n 1M -i 1 -t 180There are results of “netstat”:netstat -w1d -I age0: input (age0) outputpackets errs idrops bytes packets errs bytes colls5247 0 0 7332276 1600 0 83700 05286 0 0 7331330 1578 0 82296 05278 0 0 7339278 1589 0 83754 05312 0 0 7380344 1570 0 82728 05328 0 0 7337764 1567 0 83160 0netstat -w1d -I rl0: input (rl0) outputpackets errs idrops bytes packets errs bytes colls1556 0 0 93508 5133 0 7275788 01547 0 0 92832 5169 0 7337174 01551 0 0 93072 5161 0 7321088 01539 0 0 92352 5199 0 7381268 01520 0 0 91212 5195 0 7367642 0top –S:last pid: 6320; load averages: 0.07, 0.02, 0.00 up 1+18:19:20 10:08:2670 processes: 3 running, 55 sleeping, 12 waitingCPU: 0.0% user, 0.0% nice, 1.2% system, 4.7% interrupt, 94.2% idleMem: 21M Active, 136M Inact, 89M Wired, 44K Cache, 59M Buf, 237M FreeSwap: 2048M Total, 2048M Free2. pf BINAT:There are about 1000 rules for BINAT in /etc/pf.conf.ports:...binat on $ext_if from 10.10.10.2 to any -> 10.1.6.13binat on $ext_if from 10.10.10.3 to any -> 10.1.6.14...And the last one is for our laptop:binat on $ext_if from 192.168.0.188 to any -> 10.1.6.188a) ping -c 500 -f http://192.168.1.112"; target="_blank">192.168.1.112:PING 192.168.1.112 (192.168.1.112) 56(84) bytes of data.--- 192.168.1.112 ping statistics ---500 packets transmitted, 398 received, 20% packet loss, time 1688msrtt min/avg/max/mdev = 0.238/0.357/1.006/0.078 ms, ipg/ewma 3.383/0.330 msb) On the server http://192.168.1.112"; target="_blank">192.168.1.112:iperf -s 80On the laptop:iperf -c 192.168.1.112 -p 80 -n 1M -i 1 -t 180There are results of “netstat”:netstat -w1d -I age0: input (age0) outputpackets errs idrops bytes packets errs bytes colls5294 0 0 7318272 1585 0 84996 00 0 0 7357824 0 0 83862 05314 0 0 7367854 1591 0 83268 05302 0 0 7290642 1591 0 83646 05270 0 0
Re: kern/147191: [ppp] Problems with ppp -nat [pppoe], ipfw, dummynet
El 03/06/2010 9:15, Ian Smith escribió: On Wed, 2 Jun 2010, Jose M Rodriguez wrote: > The following reply was made to PR kern/147191; it has been noted by GNATS. > > From: Jose M Rodriguez > To: bug-follo...@freebsd.org > Cc: > Subject: Re: kern/147191: [ppp] Problems with ppp -nat [pppoe], ipfw, dummynet > Date: Wed, 02 Jun 2010 04:31:49 +0200 [..] > El 02/06/2010 2:37, Jose M Rodriguez escribió: > > Seems that this must be reopen. > > ... > Seems this one worked, but I don't remember this last time I use ipfw on > FreeBSD-7 > [..] > Content-Disposition: attachment; >filename="rc.firewall.router.4" > > #!/bin/sh - > # Copyright (c) 1996 Poul-Henning Kamp > # All rights reserved. [..] > # $FreeBSD: src/etc/rc.firewall,v 1.60.2.3 2010/04/14 15:03:58 ume Exp $ I had to do a 'diff -uw rc.firewall.1.60.2.3 rc.firewall.router.4' (and before that, vs your previous rc.firewall.router.1) to follow what was going on here; you've added some 'interesting' stuff (esp dummynet), but I think your main problem is the placement of the NAT rule, where you've merged it into what is otherwise based on the 'workstation' ruleset. ... I don't have much experience doing ipfw setups, but I've setup docens of boxes with ipfilter. I don't think this maybe a 'rule' problem. I expect two hits, one IN and other OUT, per IP packet. But maybe this is NOT the case. I do things as I learned to do: - lo0 - local lans (big traffic, more simple) - outside (less traffic, complex) My initial setup (rc.firewall.router.4) uses ppp -nat, without natd. and one_pass=1 (without I Know). It mostly works, and I learn that I must setup one_pass=0 to get the packet again on ipfw after dummynet. As I can read, this must also matters to ppp -nat. So I expect that a packed passed IN from local lan, after translated, hit the firewall as XMIT on tun0. I near sure this is not the case. Can anyone probe this? So I must put the dummynet catching incoming traffic from lan to be translated later by ppp. This setup is NOW WORKING, with the sharper being effective and without problems with ppp -nat rc.firewall.router.1 it's another history, after the problems with ppp, using mpd5 and natd. I can't test this well, and the way things go are really odd, but this is how I get things mostly working. What I noted on this setup is that I must pass the traffic incoming from local lan LAST, or NATP is not fuction at all (I use to do LAN traffic very first by performance reasons). I begin to think in a libalias problem (inside natd this time), but I'm also in doubt about the two IN/OUT hits. Maybe there's only one hit as IN/OUT, as from a bridge hook? In any case, the gotos (skipto) are placed not only as logic, but also to get counts of packets and try to see what's going on. I know that the natd rule in not at the very first (/etc/rc.firewall use to put it as rule 25, even before 100 lo0.) but also near sure that no traffic that can matters natd (via oif, ng0) is passed or denied before that. This matters about being able to catch incoming lan Traffic before translated. This maybe my first test when I got time again. Replace natd at rule 25 and do again LAN traffic at FIRST. Also thinking in doing an altq/pf test. And I added SOME line to my ipfw Notes: - put dummynet VERY FIRST, if possible on INCOMING, and be sure that sysctl net.inet.ip.fw.one_pass=0. - FreeBSD don't expect by default any firewall processing after libalias. But now, I'm very busy, really -- josemi ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
re: [trouble] restart network & vlan`s interface (if_vlan / conf/63700 redux)
[Originally from freebsd-hackers@ / Feb 2008] All: pf conf/63700 got the ball rolling on fixing cloned/VLAN interface management with rc.d/netif, but problems still remain. For example, adding an alias to a VLAN and running: /etc/rc.d/netif restart && /etc/rc.d/routing restart is a failure. Take the following rc.conf(4) config: hostname="sexdrugsandunix" cloned_interfaces="vlan14" ifconfig_em0="up media 100baseTX mediaopt full-duplex -tso" ifconfig_vlan14="inet 1.2.3.4 netmask 255.255.255.128 vlan 14 vlandev em0 up" ifconfig_vlan14_alias0="inet 1.2.3.5 netmask 255.255.255.255" Change it to include a second alias without a reboot, instead run 'rc.d/netif restart', as works on a physical interface: hostname="sexdrugsandunix" cloned_interfaces="vlan14" ifconfig_em0="up media 100baseTX mediaopt full-duplex -tso" ifconfig_vlan14="inet 1.2.3.4 netmask 255.255.255.128 vlan 14 vlandev em0 up" ifconfig_vlan14_alias0="inet 1.2.3.5 netmask 255.255.255.255" ifconfig_vlan14_alias1="inet 1.2.3.6 netmask 255.255.255.255" The result will be: % ifconfig vlan14 [bsekle...@sureshot ~]$ ifconfig vlan14 vlan14: flags=8843 metric 0 mtu inet 1.2.3.6 netmask 0x broadcast 192.168.158.152 inet 1.2.3.5 netmask 0x broadcast 192.168.158.255 1) I'm not sure where the .152 broadcast comes from. ?! 2) The new _alias1= data is now in the primary IP slot 3) The primary IP is lost, there is no routable IP 4) The original _alias0= data is now in the 1st alias slot 5) rc.d/routing fails because the interface lacks a routable IP with a valid netmask/broadcast combination. --- Problem #1: rc.d/netif::network_stop() The core problem is that rc.d/netif::network_stop() never calls network.subr::clone_down() in the same way that rc.d/netif::network_start() calls network.subr::cloned_up() I'd speculate that this is a design decision not to destroy network interfaces that certain userland daemons (DHCP, RTADVD, BPF) may be strictly bound to; I disagree. Even if you explicitly pass your VLAN interface to rc.d/netif, a stop doesn't call 'ifconfig VL destory', and, when 'rc.d/netif start' is called later, SIOCSETVLAN results. jail-host-80:/home/bseklecki% sudo ifconfig vlan666 destroy jail-host-80:/home/bseklecki% sudo ifconfig vlan666 create inet 1.2.3.4 netmask 255.255.255.0 vlan 666 vlandev em0 jail-host-80:/home/bseklecki% sudo ifconfig vlan666 create inet 1.2.3.4 netmask 255.255.255.0 vlan 666 vlandev em0 ifconfig: create: bad value A simple rc.d/network_stop() patch could fix this problem if we can avoid bikeshedding. -- Problem #2: VLAN interface data structures maintain configuration data after being destroyed, *SOMETIMES* %ifconfig vlan666 vlan666: flags=8843 metric 0 mtu 1500 options=3 ether 00:0c:29:a1:4b:9d inet 192.168.15.54 netmask 0xff00 broadcast 192.168.15.255 media: Ethernet 1000baseT status: active vlan: 666 parent interface: em0 %sudo ifconfig vlan666 destroy %sudo ifconfig vlan666 create %ifconfig vlan666 vlan666: flags=8843 metric 0 mtu 1500 options=3 ether 00:0c:29:a1:4b:9d !!**?>> inet 192.168.15.54 netmask 0xff00 broadcast 192.168.15.255 media: Ethernet 1000baseT status: active vlan: 666 parent interface: em0 Now, that's something you don't see very day!! NOTE: I can't get that persistent IP data problem to happen consistently, but its highly reproducible. I also have no idea on the fixes, I'll check this weekend, but I have a work-around. To avoid destroying your routing table after adding an alias to a VLAN interface in rc.conf(5), simply run: $ sudo /etc/rc.d/netif [VLAN] start DO NOT RESTART, and you should be okay. ~BAS References: http://lists.freebsd.org/pipermail/freebsd-hackers/2008-February/023440.html http://www.freebsd.org/cgi/query-pr.cgi?pr=63700&cat= (Circa 2004) http://lists.freebsd.org/pipermail/freebsd-net/2007-September/015447.html -- Brian A. Seklecki Collaborative Fusion, Inc. signature.asc Description: This is a digitally signed message part
