Hi,
glad to see interest in DCTCP!
On 2019-6-4, at 11:05, Yu He via freebsd-net wrote:
> In line 387 of file cc_tcp.c, the update of alpha is calculated by following
> code:
>
> dctcp_data->alpha = min(alpha_prev - (alpha_prev >> V_dctcp_shift_g) +
> (dctcp_data->bytes_ecn << (10 -
Hi,
On 2011-2-14, at 19:59, Darek M wrote:
> Currently using 7.2-RELEASE, with ipnat/ipfilter.
>
> Will I be setting up the NAT box in dual stack?
yes.
> Will that allow me then to provide each private host with a v6 IP?
Yes.
> Will that then make the private hosts run in dual stack?
If the
On 2010-10-1, at 1:55, Doug Barton wrote:
> My point about FreeBSD 9 is that if we add the 6rd code today, then
> release 9.0 in about a year, then support the RELENG_9 branch for 4-6
> years that we will still be maintaining code that no one has any use
> for. Sorry if I wasn't clear.
You're s
On 2010-9-24, at 12:06, Lasse Brandt wrote:
> IPs: 2a01:::3183:: /64
> Gateway: 2a01:::3180::1 /59
>
> And this is my rc.conf:
>
> ipv6_enable=”YES”
> ipv6_static_routes=”defgw”
> ipv6_route_defgw=”2a01:::3180:: -prefixlen 59 -iface re0”
> ipv6_defaultrouter=”2a01::xxx
Hi,
On 2010-9-22, at 14:31, Bjoern A. Zeeb wrote:
> On Wed, 22 Sep 2010, Lars Eggert wrote:
>> The ipfw "fwd" command also doesn't do IPv6;
>
> Hmm, that could possibly be fixed. Not sure it's a good idea in
> general, but ...
I'd be happy to test pa
On 2010-9-21, at 17:05, Andre Oppermann wrote:
> It seems multi-FIB is incomplete for IPv6. Also radix multi-path
> is incomplete for IPv6 at the moment.
Thanks all, for confirming what the status here is.
(Too bad though - this means I still can't properly get packets routed out of a
multihomed
Hi,
am I correct in that multi-FIB support is currently only working for IPv4? At
least "setfib route add -inet6 " adds the route into all FIBs,
not only FIB . (For IPv4, it works correctly.)
Or am I missing something?
Thanks,
Lars
PS: Please CC me on replies.
Hi,
On 2010-8-29, at 16:22, Andre Oppermann wrote:
> T/TCP was ill-defined and had major security issues and never gained
> any support. It has been defunct in FreeBSD and most code has been
> removed about 6 years ago.
we're also about to declare the T/TCP RFCs Historic. See
http://tools.ietf.o
t you from spoofed RSTs.
Lars
--
Lars Eggert NEC Network Laboratories
itigation mechanisms such as this one, and are able to judge
the risks of enabling it.
Lars
--
Lars Eggert NEC Network Laboratories
ags and fields, not
the data contents.
I think that'd be very useful. I frequently come across entries in
the logs that I wish I had some more information about. I'd even go
as far as (optionally) dumping all such packets in tcpdump format.
Lars
--
Lars Eggert NEC Network Laboratories
ds track in the future.
Thus, I'd like to suggest that the default for
net.inet.tcp.insecure_rst be zero for now. AFAIK, any other TCP mod
came disabled be default in the past, too.
Lars
--
Lars Eggert NEC Network Laboratories
ops to try and reestablish the original packet order.
Lars
--
Lars Eggert NEC Network Laboratories
smime.p7s
Description: S/MIME Cryptographic Signature
rival spacing. That may or may not be a
problem for what you are trying to simulate however.
Lars
--
Lars Eggert NEC Network Laboratories
smime.p7s
Description: S/MIME Cryptographic Signature
Lars Eggert wrote:
this sounds like something you could do with planetlab
(http://planet-lab.org/). Do you have access? (Or maybe I misunderstood
what you meant by "testbed".)
Argh. Yes, it runs Linux. Yes, I'm jet lagged. (But there was some talk
about running something else
coordinate with the donations officer for help in getting
equipment you may need.
this sounds like something you could do with planetlab
(http://planet-lab.org/). Do you have access? (Or maybe I misunderstood
what you meant by "testbed".)
Lars
--
Lars Eggert
my expectation. But: is this a BSD-specific implementation?
If I catch a kernel doing otherwise, can I say 'Aha! That's a bug
based on documented standards' ?
RFC 1122, Section 3.3.4.2
Lars
--
Lars Eggert NEC Network Laboratories
smime.p7s
Desc
urope - all my US modems just
had an Ethernet port...
--
Lars Eggert NEC Network Laboratories
smime.p7s
Description: S/MIME Cryptographic Signature
l solution would target
at true policy-based routing.
For some simple setups, you can use ipfw fwd rules to forward on
something other than destination address.
But I agree that for more complex things you need some implementation of
policy routing.
Lars
--
Lars Eggert <[EMAIL PROTECTED]&g
is a known issue ?
Except playing with mtu, is there a fix ?
See the section on PMTU discovery in draft-touch-ipsec-vpn-06. If the
requirements of your setup allow is, IPIP gif tunnels together with
IPsec transport mode (as described in the ID) can address this issue.
Lars
--
Lars Eggert <[EMA
, i.e. simulate a trie-like structure
with the firewall. This can can get you down to O(log).
It's not as automatic as you'd like though, probably.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Michael Sierchio wrote:
The time it takes to resolve host names, probably, and the additional
burden of writing the service names, where known, etc.
Try
tcpdump -vvv -n
or
tcpdump -vvv -ln
Or try a binary dump straight into a file, and analyze it offline.
Lars
--
Lars Eggert <[EMAIL PROTEC
rtual network needs both virtual link and
network layers.)
It doesn't give you the full expressiveness of IPsec selectors, but it's
good enough for many VPN schemes (and routing works!)
See
ftp://ftp.rfc-editor.org/internet-drafts/draft-touch-ipsec-vpn-05.txt.
It is currently under in t
PS: I needed both these changes for our Soekris-based "rent-a-subnet"
box: http://www.isi.edu/tethernet/
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Nick,
Nick Barnes wrote:
At 2003-08-13 15:43:51+, Lars Eggert writes:
Nick Barnes wrote:
I have some MAC addresses from a local Ethernet segment. I want to
convert them into IP addresses. How can I do that programmatically?
net/arping from port:
Thanks for the reference. I had a look at
packets received, 0% unanswered
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
2.2.2): 56 data bytes
ping: sendto: Input/output error
ping: sendto: Input/output error
ping: sendto: Input/output error
Did you increase net.link.gif.max_nesting via sysctl?
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cr
are associated. If -b is also present, show the number of bytes
^^^
in and out. If -d is also present, show the number of dropped
^^^
packets. If -t is also present, show the contents of watchdog
timers.
Lars
--
Lars Eggert <[EMAIL
Eric,
On 4/2/2003 7:58 AM, Eric Masson wrote:
"Lars" == Lars Eggert <[EMAIL PROTECTED]> writes:
Lars> Alternatively (and already working), you can replace IPsec tunnel
Lars> mode with IPIP (gif) tunnels and transport mode, and then use the
Lars> gif device in your fir
st ready, which will then go to Informational.)
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
so on.
Try tcpmssd from ports, and bind it to ng0 after it comes up. It should
diddle the MSS values in your TCP SYNs on the fly. (You may also have to
do something similar on the tunnel endpoint for inbound connections.)
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information
, there is no need to run DHCP to get them.
Just assign them as aliases to a single NIC, turn off DHCP, and related
MAC address registration headaches go away.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
?
Finally, what were the numbers you got when you measured (and what is
chariot)?
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
On 1/5/2003 1:26 PM, randall ehren wrote:
how can i assign the default gateway to use fxp0 instead?
route delete default
route add default A.B.C.D
As described in the man page.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Descript
you described (when you say "megs", do you mean Mb/s or MB/s?)
Complicated firewall rule sets also eat CPU time.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
we describe there (IPIP tunnels + IPsec transport mode), you
get this functionality free, because rcvif will be the IPIP tunnel a
packet came in on.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
roblem is with *implementing* recursive encapsulation recursively,
as this can overflow the kernel stack and cause crashes. The fix that
I'd prefer would prevent this stack overflow from happening, without
limiting recursive encapsulation.
But I'd settle for any patch that comes with a kno
ec esp/transport//require;
spdadd 10.0.0.0/0 10.0.0.3 any -P out ipsec esp/transport//require;
EOF
These look fishy. Shouldn't they simply be:
spdadd 10.0.0.3 10.0.0.1 any -P in ipsec esp/transport//require;
spdadd 10.0.0.1 10.0.0.3 any -P out ipsec esp/transport//require;
Lars
--
Lars Egg
yer 3 VPNs, where
IP is used as both link and network protocol.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
soheil soheil wrote:
I want to do packet capturing but as you know the pcap let the packet go
out and just put a copy on the buffer .
I just want to do a copy and don't let them go out .
Sounds like you should be using a divert socket, and not a bpf.
Lars
--
Lars Eggert <[EMAIL P
fault net.inet.tcp.slowstart_flightsize to 4? (I've been
running with this for a long time w/o problems.)
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
[Re-send, forgot to attach the patches. Argh.]
Lars Eggert wrote:
> This causes the problem decribed in PR kern/41632
> (http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/41632), where dhcpd
> "listens" on interface A which is bridged to interface B. When A has no
> carrier,
Lars Eggert wrote:
This causes the problem decribed in PR kern/41632
(http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/41632), where dhcpd
"listens" on interface A which is bridged to interface B. When A has no
carrier, DHCP requests arriving on B are ignored. When A has a carrier,
dhc
Lars Eggert wrote:
Attached is a rough patch to if_ethersubr.c that fixes the problem. It
should probably further be tweaked (there's a chance for duplicates),
but I wanted some comments first :-)
Here's a revised version of the patch (against bridge.c, which is a
better place fo
AL)" branch. Still, there might be
duplicate packets delivered to the bpf, I'll look into that today.
Thanks for the feedback!
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
case,
or remove it altogether... I am not sure which one is
the best approach.
On Mon, Aug 19, 2002 at 09:52:27AM -0700, Lars Eggert wrote:
>I've filed a PR (kern/41632,
>http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/41632) on the following
>problem:
>
>FreeBSD box with two E
.
Reading his first post, the original poster wants to IPsec NAT'ed
packets, not vice versa.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
between B and C, and transport-mode IPsec
that. That way, your NAT packets get tunneled, and the tunneled packets
secured. On inbound, security processing comes first, then
decapsulation, then ipfw.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smi
ng through gif (4)
tunnel" a few weeks ago that dealt with a very similar issue.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
that case, syscall overhead is less, since
you amortize it over multiple packets. (But there are different issues
that can limit TCP throughput.)
> I´ll try changing the packet sizes to figure out optimum.
I think I remember that 4K packets were fastest with the em hardware in
our case.
Lar
til Luigi releases polling for em
interfaces... :-)
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
netperf UDP throughputs of ~950Mpbs with a fiber em card and
4K datagrams on a 2.4Ghz P4.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
net.tcp.slowstart_flightsize higher?
> RFC2414 seems to indicate it should be higher. Solaris in version 8 and
> later default to 4 for this value.
I've been running with 4 for years w/o problems. so i'm all for the change.
Lars
--
Lars Eggert <[EMAIL PROTECTED]>
ard interface queue
length is 50 packets, you get ENOBUFS when it's full.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Paul Herman wrote:
>
> Not true. Although some bugs have been fixed in 4.3, FreeBSD's
> delayed ACKs will still degrade your performance dramatically in
> some cases.
I'm sorry, but such statements without a packet trace that exhibits the
problem are just not useful.
intimate with the IP stack in 2.2.5).
I was just about to send email to John about it, after finding the
PC-router page on Google... Was it part of the CAIRN tree? If so, I
probably have it somewhere.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
way to build one, no?)
Thanks,
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Luigi Rizzo wrote:
> than move to a different board, or use polling (i have polling
> patches for the intel gigabit adapter)
If you mean em(4) - I'd love to test them :-)
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
De
) to scan the subnet should get you the list. MAC addresses will
then be either in your cache, or use net/arping from ports to get them.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
(2.4.x)? I
> can get a tunnel up between two FreeeBSD machines no problem, but not
> between the two OSes.
Yes, we've been using IPIP tunnels between the two systems without
problems since at least 1998. (No idea about GRE.) What's the problem?
Lars
--
Lars Eggert <[EMAIL PROT
for removal from the tree?
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Vinod wrote:
> --- Lars Eggert <[EMAIL PROTECTED]> wrote:
>
>>That looks OK. What does "ipfw show" print?
>
ipfw pipe 1 show prints:
1: 100.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets)
droptail
mask: 0x00 0x/0x ->0x/0x
*Just* &qu
; bandwidth i am getting.
...
>>
>>>i use the commands
>>>ipfw add pipe 1 ip from any to 10.0.1.0/24
>>>ipfw pipe 1 config bw 100Kbit/s
That looks OK. What does "ipfw show" print?
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
w.its the same
> high bw it used to be.Am i doing anything wrong?
> I have read the docs well and i thought the above
> commands should work for me.
What does your topology look like?
What are your other firewall rules?
How do you measure bandwidth?
Lars
--
Lars Eggert <[EMAIL P
ns
caused it though.)
Has this been tested with the new natd?
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
> why this happend?
Many reasons, all of which people can only speculate on until they see
your code, a description of your setup and experimental procedure, and a
commented packet dump.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
sm
packet never gets out onto any interface though,
> according to tcpdump
What's the TTL on the broadcast packets?
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
ver the base network doesn't change, you may want
to ask this on the vtun mailing list, too: http://vtun.sourceforge.net/
What's the load on the box when the ping times go up? Vtun is userland.
I'd also try not compressing, it doesn't save much.
Lars
--
Lars Eggert <[
ay be.
>>
>> Lastly, performance issues on older Pentiums can also result from poor
>> memory bandwidth and/or PCI chipset problems. I recently replaced a
>> P120 with a Celeron 333 - the performance improvement was surprising.
>>
>> Regards,
>> David
>>
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-net" in the body of the message
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
ion, test, burn-in
>
> $769 Ouch!
>
> That's about $300 above where I'm willing to consider it.
Soren's boxes (http://www.soekris.com/) are half that price and work
great for our purposes. (Although the current models are also a bit less
powerful than the one abov
ight be a bit
higher, since the ARP table won't be pre-loaded, but it will add some
protection against this particular DOS attack.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
ted broadcasts where disabled by default to begin with
(as required by RFC what-was-the-number-again, the one that updates that
piece of RFC 1812).
Have you *seen* your box forward directed broadcasts with a default
configuration?
Lars
--
Lars Eggert <[EMAIL PROTECTED]>
ink it necessary for us to ship usr.bin/telnet any longer.
Thanks,
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
addresses for DUMMY_NEXT_HOP
> Plus,
> I don't know how many DUMMY_NEXT_HOPs to allocate, as I would need one for
> each tunnel I have set up, and the number of tunnels I set up is dependent
> on the number of mobile's that come into the system (which is somewhat of an
&g
a next hop associated with it? Are you leaving the
addresses unconfigured? Maybe you can still use ipfw like this:
route add DUMMY_NEXT_HOP -interface GIF
ipfw add fwd DUMMY_NEXT_HOP all from SOURCE to any
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Informat
rewall forwarding will do that, see ipfw (8), esp. the fwd action.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
reasonable??
Yup, but I'm really too familiar with the routing or ipfw parts of the
network stack. Ping Luigi?
Lars
PS: Minor nit: I'd overload the "fwd" action instead of creating a new one.
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
hanks,
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
only "optimizes" TCP - have you benmarked TCP vs. UDP performance over
the link? (If so, you'll need to use a TCP tunnel.)
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
ndshake (which is dumb,
since stronger shared secrets need be in place anyway.)
Archie's daemonnews article has an example of how to do UDP tunneling
with netgraph, which nets about a 2x performance improvement over vtun
(without encryption, haven't figured out how tie in ng_mppc).
Lars
Archie Cobbs wrote:
> Lars Eggert writes:
>
>>#11 0xc1be5bfc in ?? ()
>>#12 0xc01b622c in if_allmulti (ifp=0xc1be4300, onswitch=1) at
>>../../net/if.c:1375
>
>
> Well, this is obvious by looking at it.
>
> ng_iface_ioctl() expects (in the case of SIOC
4b6e5 in ?? ()
#22 0x8055302 in ?? ()
#23 0x804b5d6 in ?? ()
#24 0x8048fc1 in ?? ()
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
ide, do netgraph interfaces have problems with multicast? I've
seen crashes using both mrouted and pim6dd when I had a netgraph
interface configured. I'll try to produce a dump next time.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
ppp node above it. The packets I'd like to feed to an encryption node
are UDP (and soon TCP and IP). Or am I wrong?
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Hi,
anyone know of a netgraph node that implements decent-strength
encryption (Blowfish, etc.)?
Thanks,
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
example) works fine between the same machines
using the same addresses.
Please let me know if there's anything I can do to help track this down.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
_poll() would fire
on each poll while the queue is empty, so I guess I'll put the call at
the end of the "while" loop in sis_txeof(), after the mbuf is freed.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
opular, aren't they!
They are amazing, I'm really glad the folks on freebsd-small have
pointed us at them. Only downside is that you go blind if you look at
the case for too long :-)
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Lars Eggert wrote:
> I'm trying to merge this into the sis driver, which seems to batch
> transmissions together. For clarification, do you expect one if_tx_rdy()
> call per packet or one per batch? Per packet may result in a burst of
> these calls, does dummynet handle th
return
> some results).
I'm trying to merge this into the sis driver, which seems to batch
transmissions together. For clarification, do you expect one if_tx_rdy()
call per packet or one per batch? Per packet may result in a burst of
these calls, does dummynet handle this?
Tha
agine
that extra uplink bandwidth would remain unused in this setup, right? Is
it possible to do WFQ when the uplink bandwidth is unknown/unspecified?
Thanks,
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
gh about the netgraph internals to debug this further
myself, but I'd be more than happy to do any tests that'd help you or
someone else look into this. (I should probably mention that I'm using
4.5-RELEASE.)
Thanks,
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
g into replacing vtun with netgraph, which handles this (I
hope, still evaluating), and should also have the additional benefit of
being an in-kernel mechanism, thus saving two user/kernelmode switches
per packet. Maybe netgraph might work for you, too.
Lars
--
Lars Eggert <[EMAIL PROTECTED]&
: send msg: Operation not supported by device
So I guess I have two questions:
1. Is there some other netgraph documentation out
there that I don't knowe about?
2. Why can't I listen on a ksocket?
Thanks,
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC In
uot; works against any other protocol as well, including TCP.
If you can create collisions "at the right time", you can disable all
retransmission schemes. The kicker is - how?
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
fine in the majority of cases, and for slow
receivers (the problem John Hay described), there's TCP mounts.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
sport
mode: If it isn't end-to-end, it's tunnel mode. Transport mode is
allowed between a host pair only.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: application/pkcs7-signature
in
> "multi-af" mode.
The specific reason was that I didn't know about it :-) I'm currently
patching net/vtund so it uses multi-af mode.
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
and prepend/strip the address family on
> the front of each packet (see bundle_Create() in
> src/usr.sbin/ppp/bundle.c).
Ah, that makes sense. The tag is so the tun device knows who to toss the
packet to when it comes back from the process? Guess I'll have to patch
vtund, then...
1 - 100 of 177 matches
Mail list logo
