Re: kern/169634: [bge] Network unavailable when booting directly to FreeBSD [regression]
Synopsis: [bge] Network unavailable when booting directly to FreeBSD [regression] Responsible-Changed-From-To: freebsd-net->yongari Responsible-Changed-By: yongari Responsible-Changed-When: Sun Sep 16 09:00:43 UTC 2012 Responsible-Changed-Why: Grab. http://www.freebsd.org/cgi/query-pr.cgi?pr=169634 ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
getting counters for a plenty of vlan ifaces
Hi We are running freebsd9.0 on a router with more than 1000 of subscriber's vlan interfaces. Outgoing packet rate is approximately 40 kpps. There's a need to collect bytes and packets counters for all those vlan interfaces every minute (or even twice a minute) and store them in a plain text file: ... Also I'd like to copy the whole arp table into a file (not so frequently). Our observations show that using common tools like a snmp daemon can create a significant CPU load. If I'm not mistaken this is due to high rate of context switches that are need to access kernel data from the userspace. So it is desirable to run this tasks - saving counters and arp table into files on a dedicated cpu core. So that copying data from kernel will not affect router performance - packet delays, for example. I would like to ask for an advice about possible solutions. Currently there are two scenarios I can think of: 1) Our custom daemon using userspace APIs (rtmsg, if_* functions, don't know for sure). 2) Our kld module that will store the data needed directly from the kernel into the files. Thanks, Ivan ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
proxy arp - openvpn
Hi. I am trying to use proxy arp mechanism to create new registration in arp table. I have three NICs: xl0, em0 and one virtual - tun0. Default route is going through em0. Route to 10.146.0.0/16 network is going through xl0. OS is FreeBSD 9.0-RELEASE amd64 I would like to add registration in arp table for addresses in 10.146.100.0/24 network, so all traffic to that network from 10.146.0.0/16 will go through xl0. I would like to do this dynamically, when openvpn client connects. The situation is like this: 1. 3 NICs are up: s1% ifconfig em0: flags=8843 metric 0 mtu 1500 options=4219b media: Ethernet autoselect (1000baseT ) status: active lo0: flags=8049 metric 0 mtu 16384 options=63 inet 127.0.0.1 netmask 255.0.0.0 xl0: flags=8843 metric 0 mtu 1500 options=82009 ether 00:10:4b:c3:db:5b inet 10.146.225.1 netmask 255.255.0.0 broadcast 10.146.255.255 media: Ethernet autoselect (100baseTX ) status: active tun0: flags=8010 metric 0 mtu 1500 options=8 route table is like below: s1% netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire defaultA.B.C.DUGS 0 217em0 10.146.0.0/16 link#3 U 011737xl0 10.146.225.1 link#3 UHS 00lo0 127.0.0.1 link#2 UH 01lo0 A.B.C.0/24 link#1 U 0 138837em0 A.B.C.Dlink#1 UHS 00lo0 A.B.C.D is my WAN interface. arp table is like below: s1% arp -a s1.lan (10.146.225.1) at S01-3C on xl0 permanent [ethernet] my.host.pl (A.B.C.D) at S01 on em0 permanent [ethernet] In this situation I could add new entry in arp table: s1% # arp -s 10.146.100.1 auto pub using interface xl0 for proxy with address S01-3C After adding I could see new entry in arp table: s1% arp -a s1.lan (10.146.225.1) at S01-3C on xl0 permanent [ethernet] ? (10.146.100.1) at S01-3C on xl0 permanent published [ethernet] Proxy ARP is working manually. 2. The second situation is diffrent (before using arp proxy), 3 NICs are working, I have added address and new route like below: s1% ifconfig em0: flags=8843 metric 0 mtu 1500 options=4219b media: Ethernet autoselect (1000baseT ) status: active lo0: flags=8049 metric 0 mtu 16384 options=63 inet 127.0.0.1 netmask 255.0.0.0 xl0: flags=8843 metric 0 mtu 1500 options=82009 ether 00:10:4b:c3:db:5b inet 10.146.225.1 netmask 255.255.0.0 broadcast 10.146.255.255 media: Ethernet autoselect (100baseTX ) status: active tun0: flags=8043 metric 0 mtu 1500 options=8 inet 10.146.100.1 netmask 255.255.255.0 broadcast 10.146.100.255 Opened by PID 5211 s1% netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire defaultA.B.C.DUGS 0 223em0 10.146.0.0/16 link#3 U 011739xl0 10.146.100.0/24link#4 U 00 tun0 10.146.100.1 link#4 UHS 00lo0 10.146.225.1 link#3 UHS 00lo0 127.0.0.1 link#2 UH 01lo0 A.B.C.0/24 link#1 U 0 146082em0 A.B.C.Dlink#1 UHS 00lo0 When trying to add an entry in arp table I got an error like this: s1% arp -s 10.146.100.100 auto pub using interface xl0 for proxy with address S01-3C cannot intuit interface index and type for 10.146.100.100 I can not delete arp entries provided earlier, if are any: s1% # arp -d 10.146.100.100 delete: cannot locate 10.146.100.100 Is there any solution to provide arp entries dynamically, after creation of 10.146.100.0/24 network on xl0 interace or I have to do this manually before creating this network? regards, Lukasz Polaczyk ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: getting counters for a plenty of vlan ifaces
On 9/16/2012 10:41 AM, Ivan Alexandrovich wrote: > Hi > > We are running freebsd9.0 on a router with > more than 1000 of subscriber's vlan interfaces. > Outgoing packet rate is approximately 40 kpps. > > There's a need to collect bytes and packets > counters for all those vlan interfaces every > minute (or even twice a minute) and store them Hi, We approach it a little differently and collect all the data via netflow, or in this case argus. I sample the parent interface and save all the flow data which argus is smart enough to parse out at the vlan level. You can then run all sorts of fine grained reports this way. We use it on a system with about 900 ng interfaces. ---Mike -- --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: getting counters for a plenty of vlan ifaces
On Sun, Sep 16, 2012 at 6:00 PM, Mike Tancsa wrote: > On 9/16/2012 10:41 AM, Ivan Alexandrovich wrote: >> >> We are running freebsd9.0 on a router with >> more than 1000 of subscriber's vlan interfaces. >> Outgoing packet rate is approximately 40 kpps. >> >> There's a need to collect bytes and packets >> counters for all those vlan interfaces every >> minute (or even twice a minute) and store them > > Hi, > We approach it a little differently and collect all the data via > netflow, or in this case argus. I sample the parent interface and save > all the flow data which argus is smart enough to parse out at the vlan > level. You can then run all sorts of fine grained reports this way. We > use it on a system with about 900 ng interfaces. I know that many people like netflow, but consider you're adding a processing point per packet to solve a once per minute interface sample. Netflow has always struck me as a solution for closed systems --- giving access to all possible information at moderate expense such that you would then never have an excuse to want changes in the operating system of the router. It strikes me that a little kernel module that provided a kernel call that (when called) walked the list of interfaces (in kernel) building a table as described and then shipping that table to userland in one go would be exceedingly cheep to call. It would also not be part of the packet forwarding path and not a potential constant cost during a DDOS. If someone wanted me to write a little .ko for that and an associated userland utility, I'd be happy to do the work. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: getting counters for a plenty of vlan ifaces
.. you just have to make sure you get the locking right. Especially if you're walking lists of interfaces and getting protocol stats from a device that's dynamically creating/deleting network interfaces (eg ppp stuff.) Adrian ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
