Re: CAN I POST THIS OPENING (TCP/IP, Networking and FreeBSD) TO YOUR LIST?

to 30-50% of those requirements are arbitrary anyway ... -- Bill Moran Collaborative Fusion Inc. wmo...@collaborativefusion.com Phone: 412-422-3463x4023 IMPORTANT: This message contains confidential information and is intended only for

Re: IPFW MAX RULES COUNT PERFORMANCE

capacity of rules supported, therefore > simultaneous user. > > Understand ? If you're only doing allow, then you'd be better off using a table, which has much better performance than a bunch of separate rules. If you're counting packets, I don't know if that approach w

Re: IPFW MAX RULES COUNT PERFORMANCE

.inet.ip.fw.verbose: 1 > net.inet.ip.fw.debug: 0 > net.inet.ip.fw.one_pass: 1 > net.inet.ip.fw.autoinc_step: 100 > net.inet.ip.fw.enable: 1 > net.link.ether.ipfw: 1 > net.link.bridge.ipfw: 0 > net.link.bridge.ipfw_arp: 0 > > Thanks, > > Daniel > ___ > freebsd-net@freebs

Re: Routing: local link vs VPN provided route

only > exist in either local network, or remote VPN'ed network) to go through > the tun0 device? Any hack you would do to make this work is going to be unreliable at best. Renumber your network so that routing can work as designed. -- Bill Moran Collaborative Fusion Inc. http://people.

Re: tcpdump/snort to capture chat sessions

In response to Tom Judge <[EMAIL PROTECTED]>: > Bill Moran wrote: > > In response to R J <[EMAIL PROTECTED]>: > > > >> I am trying to use tcpdump (or snort, but they are both behaving the same > >> in this case) to capture all the lines or cont

Re: tcpdump/snort to capture chat sessions

half of a sentence, and I don't see the rest of the lines. > And ofcourse, alot of it seems to be hex or obfuscated html? > > What switches do I need to capture the entire lines of text? Don't know about snort, but with tcpdump use -s0 -- Bill Moran Collaborative Fusion

Re: Trying to find source of collisions

it's not a managed switch, replace it because it's not working correctly and there's nothing you can do about it. > 3. Should i ever bother about this issue? Yes. Something is wrong and it will be hurting your network performance. --

Re: arplookup 10.0.0.68 failed: host is not on local network

You mention no details about your local network, but I would guess that you have two separate IP ranges on a single segment. Has the "attack" ended? If not, grab some tcpdumps and see who's actually sending those packets. What IP address does this machine have? What's the net

Re: Multiple default routes on multihome host

Eygene Ryabinkin <[EMAIL PROTECTED]> wrote: > > Thanks for the education! I have only one question: what it 'Yugo'? > I had not found it in nearby dictionaries ;)) http://en.wikipedia.org/wiki/Yugo -- Bill Moran Collaborative Fusion Inc. [EMAIL PROTECTED]

Re: Multiple default routes on multihome host

In response to Eygene Ryabinkin <[EMAIL PROTECTED]>: > Mon, Feb 18, 2008 at 05:06:42PM -0500, Bill Moran wrote: > > > I had faced such situation once: I had multihomed host that was > > > running Apache daemon that was announced via two DNS names that > > > wer

Re: Multiple default routes on multihome host

In response to Tom Judge <[EMAIL PROTECTED]>: > Bill Moran wrote: > > In response to Eygene Ryabinkin <[EMAIL PROTECTED]>: > > > >> Bill, > >> > >> Mon, Feb 18, 2008 at 04:36:18PM -0500, Bill Moran wrote: > >>> I woul

Re: Multiple default routes on multihome host

In response to Eygene Ryabinkin <[EMAIL PROTECTED]>: > Bill, > > Mon, Feb 18, 2008 at 04:36:18PM -0500, Bill Moran wrote: > > I would suggest you ask yourself (and possibly the list) _why_ you think > > multiple default routes is necessary ... what is it that you&

Re: Multiple default routes on multihome host

k yourself (and possibly the list) _why_ you think multiple default routes is necessary ... what is it that you're hoping to accomplish. I'm guessing your looking for some sort of redundancy, in which case something like CARP or RIP is liable to be the correct solution. -- Bill Moran Co

Re: unsubscribe

Michael DeMan <[EMAIL PROTECTED]> wrote: > > unsubscribe As mentioned in the footer of every list mail: > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Bill Moran Collaborative Fusion Inc. [EMAIL PROTECTED]

Re: Marvell chipsets on 8-CURRENT and XP x64 won't talk with one another

ace the faulty wiring. Just because it _seems_ to be OK at 100 doesn't mean it is. If it's unable to work reliably at a speed it should work at, you need to fix that. b) Force the speed/duplex on both ends. One of the ugliest networking problems I've seen is when the

Re: problems with networking...

t with no change in > results. I have removed the machine at 10.11.12.252 with the only change > being that the file-server can obtain NO connection to ANY IP address. > > Any help would be appreciated. Why don't your cut/paste the output of ifconfig -a and netstat -rn I suspect

Re: Failover default route?

st use a script like here : The protocols designed to handle this are things like RIP and BGP. However, in a case like yours, where you control both ends of things, it's probably better to just use a script. -- Bill Moran Collaborative Fusion Inc. [EMAIL PROTECTED] Phone: 412-422-3463x4

Re: 6.2 mtu now limits size of incomming packet

In response to David DeSimone <[EMAIL PROTECTED]>: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Bill Moran <[EMAIL PROTECTED]> wrote: > > > > Let's flip the question around a bit: why would you _want_ the TCP > > stack to accept frames

Re: 6.2 mtu now limits size of incomming packet

In response to Stephen Clark <[EMAIL PROTECTED]>: > Bill Moran wrote: > > >In response to Stephen Clark <[EMAIL PROTECTED]>: > > > >>Sten Daniel Soersdal wrote: > >> > >>>Stephen Clark wrote: > >>> > >>>>

Re: 6.2 mtu now limits size of incomming packet

460 it get silently dropped. connection > stalls. > > -- > > "They that give up essential liberty to obtain temporary safety, > deserve neither liberty nor safety." (Ben Franklin) > > "The course of history shows that as a government grows, liberty >

Re: Weird "ignoring syn" problem

In response to Bill Moran <[EMAIL PROTECTED]>: > In response to Adam McDougall <[EMAIL PROTECTED]>: > > > On Tue, Jun 12, 2007 at 10:19:49AM -0400, Bill Moran wrote: > > > > > > This one has got me pretty befuddled. > > > > We

Re: [6.x] problem with AIO, non-blocking sockets on freebSD and IE7 on windows.

ot using non-blocking IO in the manner it was intended. If you want properly closed connections, you turn of non-blocking before you close the connection. If you want fast close that's not contingent on anything, you close non-blocking and accept that some data may be lost and some errors

Re: Weird "ignoring syn" problem

In response to Adam McDougall <[EMAIL PROTECTED]>: > On Tue, Jun 12, 2007 at 10:19:49AM -0400, Bill Moran wrote: > > > This one has got me pretty befuddled. > > We're seeing some really odd behaviour with FreeBSD ignoring SYN packets. > I've been

Re: Weird "ignoring syn" problem

against a server with FreeBSD-current (the future 7.0) on > it. In -current we've got detailed logging of LISTEN socket > failures that allow rapid analysis of the problem. This will take some time. Also, I'm not seeing the problem on other, similar hardware. I'

Re: Weird "ignoring syn" problem

Brief update to add another item to the list of things I've tried: *) The problem occurs whether the em device is polling or not. In response to Bill Moran <[EMAIL PROTECTED]>: > > This one has got me pretty befuddled. > > We're seeing some really odd behaviour with

Weird "ignoring syn" problem

0MB (71024640 sectors) RAID 1 (optimal) SMP: AP CPU #3 Launched! SMP: AP CPU #1 Launched! SMP: AP CPU #2 Launched! Trying to mount root from ufs:/dev/amrd0s1a -- Bill Moran Collaborative Fusion Inc. http://people.collaborativefusion.com/~wmoran/ [EMAIL PROTECTED] Phone: 412-422-3463x4023 __

Re: PPTPClient Setup

ver modes (as well as other stuff) and seems to be pretty well documented. -Bill > > Cameron > > ----- Original Message - > From: "Bill Moran" <[EMAIL PROTECTED]> > To: "Cameron Haegle" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]>;

Re: PPTPClient Setup

Cameron Haegle wrote: > I am trying to get the pptpclient working between my 4.2 server > and my companies Microsoft VPN server. >I have not found any really useful sites regarding the setup of this. Are you using mpd? If not, that's probably the way to go. /usr/local/share/doc/mpd has HTML doc

Re: UDP - Reliable throughput mesaurement tool

Harkirat Singh wrote: > > Hello! > > I want to measure UDP thruput of lossy channel, is there any tool > which tests it? I looked at some of the tools but these do not take care > of loss, I mean no retransmisson, just measure raw thruput of UDP (TTCP > is one of these). > > I am lookin