Mike Jakubik wrote:
>
> On Thu, May 12, 2005 3:27 am, Marian Durkovic said:
>
> >> Seems like i am getting half the performance when sending to the fbsd
> >> box. Also, enabling jumbo frames does not help, and sometimes even
> >> yields slightly slower results.
> >
> > Yes, that's exactly the pro
At Fri, 13 May 2005 22:26:05 +0200 (MEST),
[EMAIL PROTECTED] wrote:
> Afaik i can use different gif interfaces but
> i dont know how to define for each tunnel their
> own default gateway.
>
> ipv6_enable="YES"
> ipv6_network_interfaces="xl0 gif0 lo0"
> ipv6_defaultrouter="fe80::1%gif0"
> gifconfig
On Thu, May 12, 2005 3:27 am, Marian Durkovic said:
>> Seems like i am getting half the performance when sending to the fbsd
>> box. Also, enabling jumbo frames does not help, and sometimes even
>> yields slightly slower results.
>
> Yes, that's exactly the problem my patch is addressing - for lar
Hello Listers!
I hope that somebody here can help me with my
problem(s). I trying to setup several IPv6
tunnels on a FreeBSD 5.3 box. With only one
tunnel it works but whenever i add a other
one - both are broken and i cant connect out
to the world over ipv6.
Afaik i can use different gif interfa
Greetings and Salutations:
From: Maxim Konovalov <[EMAIL PROTECTED]>
> Test
> cd /usr/src && patch -C -p0 < /path/to/ip_maxfragspersecond.patch
> and apply
> cd /usr/src && patch -p0 http://gandalf.home.digital.net/
Trace E-Mail forgery - http://gandalf.home.digital.net/spamfaq.html
Trolls crosspo
Great, thank you very much for the advice and attention on this issue. I
very much appreciate it.
The short term results on these seem very good.
Thanks again.
Matthew Ruzicka - Systems Administrator
Front Range Internet, Inc.
[EMAIL PROTECTED] - (970) 212-0728
Got SPAM? Take back your email
[...]
> When I check the vmstat while getting errors from the netcat script I get
> this.
>
> -->vmstat -z | grep -i sock 2005/05/13 13:33:20
> socket: 224,16424, 16438, 0, 1150867
Limit -^
Current ---^^^
hmm.. I'm starting to feel a bit silly maybe.
Running the netstat and grep below showed that we had between 800-1700
lines in TIME_WAIT.
I then ran the netcat test script while checking for TIME_WAITs. They
climbed to the 4800 range then I started getting port failures.
I then ran sysctl net.in
On Fri, 13 May 2005, 23:09+0400, Maxim Konovalov wrote:
> On Fri, 13 May 2005, 12:58-0600, Matt Ruzicka wrote:
>
> > Yes, it still does. And actually the script Maxim attached to his last
> > email (using our IP's) has an interesting side effect of causing the
> > connections to fail.
> >
> > It
On Fri, 13 May 2005, Matt Ruzicka wrote:
Yes, it still does. And actually the script Maxim attached to his last
email (using our IP's) has an interesting side effect of causing the
connections to fail.
It doesn't fail right away, but within a few moments.
Are you perhaps exhausting all ports? Try
On Fri, 13 May 2005, 12:58-0600, Matt Ruzicka wrote:
> Yes, it still does. And actually the script Maxim attached to his last
> email (using our IP's) has an interesting side effect of causing the
> connections to fail.
>
> It doesn't fail right away, but within a few moments.
>
> -->./netcat-tes
--- Heinrich Rebehn <[EMAIL PROTECTED]> wrote:
> > There's no problem report on this.
>
> I wonder if it will ever get fixed then..
It will. It's purely a question of priorities and time.
> Since i am neither familiar with kernel sources nor with the internals
> of NFS: Could you show me, whe
Yes, it still does. And actually the script Maxim attached to his last
email (using our IP's) has an interesting side effect of causing the
connections to fail.
It doesn't fail right away, but within a few moments.
-->./netcat-test 2005/05/13 12:46:51
fail
fail
fail
fail
On Fri, 13 May 2005, Matt Ruzicka wrote:
Thank you both very much for all the help.
Incidentally those systems are now running 4.11 (patched today for htt).
Does the problem happen now that the system is upgraded to 4.11?
Mike "Silby" Silbersack
___
freeb
At Fri, 13 May 2005 19:17:05 +0200,
Sebastien Petit wrote:
>
> On Fri, 13 May 2005 08:33:32 -0400
> [EMAIL PROTECTED] wrote:
>
> > At Fri, 13 May 2005 11:10:13 +0200,
> > Sebastien Petit wrote:
> > >
> > > Hi -net hackers,
> > >
> > > A little question about SIOCGIFMEDIA ioctl:
> > >
> > > Some
On Fri, 13 May 2005, 10:36-0600, Matt Ruzicka wrote:
> Thank you both very much for all the help.
>
> Incidentally those systems are now running 4.11 (patched today for htt).
>
> They are primarily web servers running apache 1.3.33 with customer as well
> as company cgi's running on them, but are
On Fri, 13 May 2005 08:33:32 -0400
[EMAIL PROTECTED] wrote:
> At Fri, 13 May 2005 11:10:13 +0200,
> Sebastien Petit wrote:
> >
> > Hi -net hackers,
> >
> > A little question about SIOCGIFMEDIA ioctl:
> >
> > Somebody reports me that some interfaces (bge / em but anothers
> > perhaps) seem to dis
Thank you both very much for all the help.
Incidentally those systems are now running 4.11 (patched today for htt).
They are primarily web servers running apache 1.3.33 with customer as well
as company cgi's running on them, but are also running proftpd.
Let me know if I can get you any system r
On Fri, 13 May 2005, 20:21+0400, Maxim Konovalov wrote:
> > I attempted to apply the patch, but I think the date on my in_pcb.c is
> > incorrect. What do I do to correct?:
> > # ls -al /usr/src/sys/netinet/in_pcb.c
> > -rw-r--r-- 1 root wheel 32712 Mar 28 06:29 /usr/src/sys/netinet/in_pcb.c
>
[...]
> Hm, it's not port randomization then. I guess you have found a new
> glitch, but I don't have any idea what would have caused the
> problem. Maxim, any ideas? You're good at finding my bugs. :)
I have 4.9 system with all recent SA patches applied and going to
reproduce the problem in a c
> I attempted to apply the patch, but I think the date on my in_pcb.c is
> incorrect. What do I do to correct?:
> # ls -al /usr/src/sys/netinet/in_pcb.c
> -rw-r--r-- 1 root wheel 32712 Mar 28 06:29 /usr/src/sys/netinet/in_pcb.c
> GandalfBSD# patch < ip_maxfragspersecond.patch
> Hmm... Looks l
On Fri, 13 May 2005 [EMAIL PROTECTED] wrote:
I attempted to apply the patch, but I think the date on my in_pcb.c is incorrect. What do I do to correct?:
I have revision 1.163 from 6-current.
Mike "Silby" Silbersack
___
freebsd-net@freebsd.org mailing lis
On Fri, 13 May 2005, Matt Ruzicka wrote:
Hmm.. doesn't seem to have helped.
net.inet.ip.portrange.randomized: 0
net.inet.ip.portrange.randomcps: 10
net.inet.ip.portrange.randomtime: 45
Results of outbound port check:
pasiphae01.frii.com Fri May 13 09:44:26 2005 failed
Did I miss something?
Matth
Hmm.. doesn't seem to have helped.
-->uptime
9:59AM up 29 mins, 2 users, load averages: 0.96, 0.92, 1.24
-->sysctl -a | grep net.inet.ip.portrange.
net.inet.ip.portrange.lowfirst: 1023
net.inet.ip.portrange.lowlast: 600
net.inet.ip.portrange.first: 1024
net.inet.ip.portrange.last: 5000
net.inet
Greetings and Salutations:
From: Mike Silbersack <[EMAIL PROTECTED]>
> But on another laptop with the same processor, 8000 pps could effectively
> freeze it. We believe this is because the network card on that machine
> shares an IRQ with the sound card, making interrupt processing very
> expe
[EMAIL PROTECTED] wrote:
>
> Hi Folks,
>
> In a continuing effort to clean up some code nits in the IPv6 code
> I'd like to propose the following diffs. There is a comment, starting
> with a *) explaining the problem and proposed fix.
>
> Let me know.
...
> *) Make sure that sro is also valid b
Hello,
I'm working with netgraph, I have written a program main.c ( main(ac, av) ), it
allows me to use the node socket and I need to use it to capture ethernet
frames. I have also the node ng_ethernet, but I
don't know how to use my program.
For writing this program, I was based on the file:
Jeremie Le Hen wrote:
>
> On Wed, Feb 02, 2005 at 12:05:11PM +0100, Jeremie Le Hen wrote:
> > > Take a look at PRs 61685 and 76539. Hope that helps.
> >
> > Well, I was aware of the first one (I'm doing shaping on my internal
> > interface as a workaround), but not the second one. The second one
It would be helpful if you can provide the result of "ifconfig -a"
under the configuration that can cause the crash.
Hercules-/usr/home/mklein(1): ifconfig -a
de0: flags=8843 mtu 1500
inet 64.221.254.105 netmask 0xffe0 broadcast 64.221.254.127
inet6 fe80::240:5ff:fe40:9be9%de0 p
[...]
> net.inet.ip.portrange.randomized: 1
> net.inet.ip.portrange.randomcps: 10
> net.inet.ip.portrange.randomtime: 45
>
> Although I'm not familiar with what this /should/ be, my guts says 10
> seems sort of low.
>
> Also, was this only implemented in 4.11? (Since we started seeing this
> while
So reading up on this here:
http://www.freebsd.se/cgi-bin/man.cgi?section=4&topic=ip
"Ports are allocated at random within the specified port range in order to
increase the difficulty of random spoofing attacks. In scenarios such as
benchmarking, this behavior may be undesirable. In these cas
Donatas,
[moving discussion to freebsd-net]
On Fri, Apr 22, 2005 at 09:16:29AM +0300, Donatas wrote:
D> can you check flood.gif?(it's denied to send gif's to this conference)
D> ftp://temp:[EMAIL PROTECTED]/flood.gif
Already unavailable. :|
D> for unknown reasons ng_bridge seems to be working
On Fri, 13 May 2005, Maxim Konovalov wrote:
[...]
So, test out my attached patch with varying settings of
maxfragspersecond and see if it makes any difference for you.
Am I right the above delta is a letfover from Suleiman's work and it's
not needed at all?
--
Maxim Konovalov
Correct, good catch!
M
Yeah,
Does any one know if some one is going to add ipsec-tools to the ports
tree?
Cheers,
Michael
[EMAIL PROTECTED] wrote:
At Thu, 12 May 2005 05:25:24 + (UTC),
Bjoern A. Zeeb wrote:
On Thu, 12 May 2005, Qing Li wrote:
Hi,
I'd like to volunteer for
Tasks to updat
At Fri, 13 May 2005 11:10:13 +0200,
Sebastien Petit wrote:
>
> Hi -net hackers,
>
> A little question about SIOCGIFMEDIA ioctl:
>
> Somebody reports me that some interfaces (bge / em but anothers
> perhaps) seem to discard packet(s) during SIOCGIFMEDIA ioctl, Is it
> true and why ?
At least in t
[...]
> So, test out my attached patch with varying settings of
> maxfragspersecond and see if it makes any difference for you.
[...]
diff -u -r /usr/src/sys.old/netinet/ip_var.h /usr/src/sys/netinet/ip_var.h
--- /usr/src/sys.old/netinet/ip_var.h Sun Apr 17 18:05:06 2005
+++ /usr/src/sys/netinet
On Wed, Feb 02, 2005 at 12:05:11PM +0100, Jeremie Le Hen wrote:
> > Take a look at PRs 61685 and 76539. Hope that helps.
>
> Well, I was aware of the first one (I'm doing shaping on my internal
> interface as a workaround), but not the second one. The second one
> is very new and this could indee
Hi -net hackers,
A little question about SIOCGIFMEDIA ioctl:
Somebody reports me that some interfaces (bge / em but anothers perhaps) seem
to discard packet(s) during SIOCGIFMEDIA ioctl, Is it true and why ?
Regards,
Sebastien.
--
[EMAIL PROTECTED]
__
Mohan Srinivasan wrote:
Are you using NFS/TCP ? Can you force the mount to NFS/UDP ?
Yes, we use TCP. It is strongly recommended for multispeed networks and
we did have problems with retransmissions using UDP.
I'm not disputing the merits of NFS/TCP. I suggested this merely as
a workaround, and t
39 matches
Mail list logo
