unsubscribe
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Hi,
I think this is a really good question.
I'm curious since we use a lot of stripped-down FreeBSD for modest
performance routers.
We typically enabling our interfaces with POLLING not so much for
performance (it seems to be a negligible improvement nowadays) but so
that we know that ou
Hi All,
I've done some ad-hoc testing off and on for a few years. None of
the data around, but we do have a couple rules of thumb that we use
internally...
1) Get the fastest PCI bus you can - PCI-X, etc.
2) Plan on 1GHz of CPU per 1 gigabit of throughput.
The performance hit going from
Hi All,
Unfortunately our company hasn't had the resources to help FreeBSD
much over the years, but I do want to say thank you to the folks who
are helping sort out this issue with the em driver.
That Intel gigabit interface is very, very common on server hardware
nowadays and it means a
Hi,
No on the SSH. Look at the specs, I think the 1401 cards will be
helpful only on older IPSec circuits.
I am not 100% sure here, I haven't looked at any of this in a few
years, this is just from recollection.
Michael F. DeMan
Director of Technology
OpenAccess Network Services
Bellingh
hi,
Just jumping in here. The Soekris 1401 offers only limited
performance enhancements. If you read the specs, it is only useful
(and used?) for certain encryption algorithms. Its also deprecated
and would imagine that Soren regrets even releasing it in the first
place.
None the les
Hi,
See inline...
On Mar 30, 2006, at 11:11 PM, Dima Dorfman wrote:
Michael DeMan <[EMAIL PROTECTED]> wrote:
So, if you already have a route to 10.100.100.0/24 via OSPF to
another machine, then try to...
ip address 10.100.100.55/24
You get an error.
Is that the only problem? Someo
Yes,
Any ideas anywhere?
I'm not a BSD kernel guru, but from the other people that responded
it seems that the issue is not allowing userland processes to update
the routing table with the same subnet if there is a route for that
subnet in the UNIX kernel already.
You can force the local
, WA 98225
[EMAIL PROTECTED]
360-647-0785
On Mar 25, 2006, at 1:21 AM, Dima Dorfman wrote:
Michael DeMan <[EMAIL PROTECTED]> wrote:
Anyway, thanks very much for the information. I'm going to have to
figure out some kind of workaround on my architecture. In the worst
case, I can shut
On Mar 16, 2006, at 1:36 PM, Bart Van Kerckhove wrote:
Any quick hacks you have in mind that could allow multiple copies
of the
same route / pfxlen in the freebsd routingtable?
Doesn't even need to have metrics in kernel-level, the point of the
whole
thing (for now) would be to be able to i
Hi All,
Thanks for the information.
This is a huge problem for me, we badly need redundancy
capabilities. I'm surprised something like this hasn't been
addressed long ago. I guess a lot of the focus is on SMP and 'big
servers' and not router/appliance functionality in the newer FBSD
re
Hi,
I haven't been able to make headway on the Quagga lists, and I seem
to recall somewhere a few months ago googling that my problem was
some kind of know FreeBSD issue. Googling (and other sources) the
last week hasn't helped.
In essence, I am wondering if anybody on the FreeBSD side o
Buy a cheap managed switch and set one port up as a monitoring port
and dump all your IDS traffic there?
Michael F. DeMan
Director of Technology
OpenAccess Network Services
Bellingham, WA 98225
[EMAIL PROTECTED]
360-647-0785
On Feb 7, 2006, at 7:38 AM, Shawn Saunders wrote:
Hello,
Based on
Hi,
Just my 2-cents, but we've found polling to be extremely valuable on
low-end hardware as described here.
We use it only on fxp drivers, but it moved throughput on 133Mhz
hardware from something around 8Mbps to 20Mbps on regular layer-3
packet forwarding and also bumped VPN performance
Hi,
Does anybody know what controls the value of sysctl variable
vfs.nfs.diskless_valid?
We need to boot off compact flash and like the capabilities of
/etc/rc.d/initdiskless.
I can just comment out the line in that script where it checks the value
of vfs.nfs.diskless_valid but would prefe
The rule of thumb I have seen on Intel/UNIX based routers is that you
want 1GHz of CPU for every gigabit of throughput.
Also, on gigabit NICs, make sure you have a 64-bit PCI bus on the
motherboard.
Michael F. DeMan
Director of Technology
OpenAccess Network Services
Bellingham, WA 98225
[EMAIL
Hey,
Probably a dumb question, but are their any MIBs or any kind of SNMP
support for jail environments on BSD 5.3?
Thanks,
- mike
Michael F. DeMan
Director of Technology
OpenAccess Network Services
Bellingham, WA 98225
[EMAIL PROTECTED]
360-647-0785
__
Yes, the auto-mesh matters were solved long ago.
Michael F. DeMan
Director of Technology
OpenAccess Network Services
Bellingham, WA 92825
[EMAIL PROTECTED]
360-647-0785
On Sep 14, 2004, at 2:58 AM, Bruce M Simpson wrote:
Hello there.
On Mon, Sep 13, 2004 at 07:19:31PM +0200, John Hay wrote:
I'm bus
Hi,
We're actually planning to migrate to PF instead of IPF+IPFW to meet
these needs.
IPFW from what I've gathered over the past few years is the traditional
FreeBSD way of handling firewalls, nat and bandwidth limiting.
We found IPFW a little complex to use, granted very powerful.
We ended up
I agree with the 3 firewalls being a problem.
I would like to point out however that having the 3 firewalls is a classic
political issue.
>From a purely technical perspective we have IPFW and IPF/PF.
Really, only two firewalls.
For our company, as an end user that occasionally has to do build/
It should work fine, probably you have a permission or configuration set
wrong somewhere.
- mike
On 8/17/03 9:51 AM, "Archie Cobbs" <[EMAIL PROTECTED]> wrote:
> Maria Dolores Moral wrote:
>> Please, if you can help me :-(
>> I do not know anywhere where I can ask this question
>>
>> I am workin
Hi All,
We have a couple of boxes overlooked for patches since mid-summer.
We cvsup all our boxes.
Is it possible to do a make buildworld / make installworld and restart
appropriate services to pick up latest security patches?
What could go wrong with this? Lots of things?
Our cvsup is releas
Hi,
I'm going to jump in here too.
We have an issue where we use IPSec tunneling to wireless clients.
Currently we associate two IP on the external interface, the public one and
then tunneled one.
We are however forced to use NATD instead of IPFILTER for NAT because
IPFILTER does its NAT work be
Hi All,
Are there any plans to get load balancing our multipath routing in the BSD
kernel similar to what iproute2 supports in linux?
Thanks,
- Mike
Michael F. DeMan
Director of Technology
OpenAccess Internet Services
1305 11th St., 3rd Floor
Bellingham, WA 98225
Tel 360-647-0785 x204
Fax 360-7
We are interested in any 802.1x developments too. Is this in the 4.7 or 5.0
tree?
We are small ISP that does 802.11 wireless. We use IPSEC to tunnel to
business customers, but would really like a secure way for our
roaming/laptop users to connect.
- Mike
On 2/17/03 12:39 PM, "Vincent Jardin"
Hi,
Yes, you need JDK 1.4, a friend of mine was porting it to MacOSX and the
whole thing broke when OpenNMS release a 1.4 dependent version.
In theory, you should be able to run it in linux-compatibility mode on
FreeBSD with a recent JDK. We have played with it on a RedHat 7.3 box, and
looked in
We have a nightmare situation with DFE-580TX 4-port cards that use the ste
driver. The driver seems to just choke. I'm not sure if its an issue with
PCI interrupts or what. It throttles back the time-outs, but even then
after its been up for days one of the interfaces will start acting up and
ou
Hi,
We're running FBSD 4.6.2 in hostap mode to support a couple of wireless
clients. The setup is pretty standard but there is one critical problem.
If the hostap machine gets rebooted, the clients do not reconnect and we
must also reboot them before they're back up.
Has anybody else experience
28 matches
Mail list logo
