Artem,
> Um.. i was planning to use the included natd
> But i think it has only one external address to use
I think there is a couple of rules to add to ipfw to enable NAT, that
maybe where you divert to here or there:
ipfw add divert natd all from 192.169.x.y to any via ISPB
ipfw add divert nat
Artem,
> I have a strange task and don't understand how to implement such scheme.
>
> There is a router with 3 interfaces:
>
> IF1: PROVIDER A
> IF2: PROVIDER B
> IF3: LAN
>
> Clients served via NAT. There are about 15 clients.
>
> Now, what i need to do:
>
> By default all traffic from all client
Sam,
It seems that the distribution includes a directory called db_sample
with some tutorials/examples.
But it also seems that the last release of wide-dhcp is 16 years old...
Olivier
On Tue, Aug 13, 2013 at 3:42 PM, s m wrote:
> hello guys,
>
>
> does any body use WIDE-DHCP? i installed it on
Sam,
> is there any way to improve performance??? do you have any suggestion?
Unless it is on paper, do not even try to offer a /8 network, makes
subnets out of it and have as many DHCP servers as you need.
It is simply impossible to run a /8 network, so it make no sense
offering such a thing. L
t, using
>>> 4.5gb of ram )
>>> and then
>>> 192.0.0.1-192.221.255.255 which segfaults.
>>>
>>> The machine I test on does have 16gb of ram and 16gb of swap, so there
>>> should be a lot more mem available.
>>>
>>> Best regards
>>>
ou know how should i define my range ??
The reason may be that 2^24 machines in a subnet is such a non-sense
that dhcp simply cannot manage it.
Best regards,
Olivier
>
> On Tue, Aug 6, 2013 at 12:23 PM, Olivier Nicole > wrote:
>
>> Sam,
>>
>> > subnet 192.0.0.0
Sam,
> subnet 192.0.0.0 netmask 255.0.0.0
I know it is not the answer to your question, but you are wrong in your
guess that 192.0.0.0/8 is all private IPs. Only 192.168.0.0/16 is.
I know that for certain because my own IP starts with 192.
If you want a full /8 private, you can only use 10.0.0.
ses, so a tap
hanging to nowhere is the solution.
Best regards,
Olivier
>
>
> On 19 July 2013 10:29, Olivier Nicole wrote:
>
>> Hello,
>>
>> Could any one comment about the use of the same MAC address in 2
>> separate VLANs?
>>
>> All my machines are
Hello,
Could any one comment about the use of the same MAC address in 2
separate VLANs?
All my machines are connected to 2 VLANs (one public and one private)
with no routing in between the VLANs.
I used to run a FLEX license manager to a physical machine. When I
virtualized that service, I had t
Hi,
Sorry to jump in but...
> Problem is, this unit number is not constant and changing arbitrarily every
> time I reload the driver (card A unit number=0 & card B un=1 or the other
> way around).
Since I have been using FreeBSD, the NIC had always been given the
same unit number (that is, unles
> Oh, ah. If you haven't rebooted since the trouble, what does this show on
> the server?
I did reboot, and it basically shown nothing, that's why it was not
easy to find out.
The queue di not overflow, only the server took some time to accept
the connections, it accepted 50 and the rest was wa
> I am facing the following problem: I have a web server with an
> application that calls a MySQL server.
>
> For class and test run, I may have 100 users accessing the same web
> page to login to the same database.
Well, it seems that was due to a bad installation of MySQL. Going for
the port wi
> FreeBSD has no SYN rate limit, but you could be running into TIME_WAIT
> recycling issues.
I already set tcp.msl to 5000 to release the TIME WAIT quickly.
> Run a netstat on both the client and server, see if the port numbers
> match. For example, see if the client is trying to connect to po
Hi,
I am facing the following problem: I have a web server with an
application that calls a MySQL server.
For class and test run, I may have 100 users accessing the same web
page to login to the same database.
For some reason, it seems that the MySQL server only accepts 50
connections to the sam
> Can I use ipfw fwd rules against traffic coming to one of the bridged
> interfaces?
I think that the manual says that forward is not working in case of
bridge.
In fact I tried and gave up.
Now I got ipfiltyer to do some redirection on bridged interfaces. But
the solution is not yet finalized
> > But that ARP thing happens also with interfaces that are not part of
> > the bridge! Even if the interfaces are ifconfiged NOARP.
>
> This is not what I observed... which of the 3 bridging implementations
> (bridge, if_bridge, ng_bridge) have you seen this behaviour with?
Hummm, I am not sure
> 'Enabling' bridging is a no-op.. However, when you -configure- a
> couple of interfaces together in a bridge, they share this behaviour;
> but this is correct as bridging is supposed to effectively merge the
> chosen interfaces into one. This does not affect any other interfaces,
> which makes it
> What Motonori Shindo described is actually the default behaviour for
> Linux kernels (at least my 2.6.8-kernel does it by default). It could be
> seen as a sort of proxy-arp, but only for the host itself, not other
> systems. Let me try to describe when it happens. Say you have
> 192.168.42.4
> Is there a trick to make bridge work with divert ?
I use ipf not ipfw. Divert I think is same as redirection. What I
found out is:
1) firewall applies only to incoming packets (while I think it should
apply to incoming and outgoing) so only half the rules applies, and
the revert rule of a
> Then my guess is that something is wrong with your redirection setup.
> Unfortunately, tcpdump sees the packets as they enter the network card,
> before the redirection occurs, so we can't see exactly what is really
> happening.
No actually that's the packets after they have been redirected.
Hi Mike,
> First of all, the redirection you speak of - is that occuring on the local
> machine itself, or a physically seperate machine?
Yes same machine.
> Secondly, please
> provide a tcpdump log of the aborted connection in question, if you can.
Here I could add more details if needed.
> When I try to connect via a redirection through the firewall, I got a
> RST after the SYN, SYN/ACK, ACK.
OK here is a step further, the rest occures because of syncache_expand
that return 0 on line 722 of tcp_input.
Any reason why the syncache is empty after the SYN and SYN,ACK?
Olivier
__
Hi,
I am trying to run NoCat (from the ports). One thing NoCat does is run
a TCP listener on port 5280.
When I try to connect to that port "by hand" (telnet xxx 5280)
everything goes fine.
When I try to connect via a redirection through the firewall, I got a
RST after the SYN, SYN/ACK, ACK.
Wha
Hi,
I am bridging between 2 Eth interfaces.
Inside that bridge, I do a packet redirection, so I end up with a
different destination address/port in the IP packet, but the Eth frame
keeps the same destination.
How can i force the bridge to recompute the destination address of the
Ethernat frame,
> I want to just dump all the packets between two satelite links
> without checking for ack back and forth which creates latency and
> long ping times.
The latency is created by the satellite transmission delay, not by the
ack. ACK suffer from the latency, but do not create it.
> Correct. That's
> I am looking for solution I could implement on a link with a huge latency
> when ping replies can go up to a few hundred miliseconds, e.g sateliete
> links.
> Etc.
One way we have been thinking was to use some NAT on both end of the
satellite connection and change the window size on the satellit
> > ? (10.0.0.1) at 00:e0:29:ad:5a:aa on em0 [ethernet]
> >
> > will do the trick, but it is a bit too heavy for the purpose, I'd
> > prefer a solution that only send an ARP request.
> >
>
> If you just want to avoid the DNS lookup, you can use arp -an.
> Its much faster :)
Thanks. Off course I
Hi,
Is there a command, or a short C code that I could use to resolve the
MAC address for a given IP address?
# ping -c 1 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 56 data bytes
64 bytes from 10.0.0.1: icmp_seq=0 ttl=64 time=0.974 ms
--- 10.0.0.1 ping statistics ---
1 packets transmitted, 1 packets re
Hi,
I have a firewall in bridging mode, using ipf.
I upgraded to 4.10-p5 and now I have a bunch of error message:
bdg_forward drop MULTICAST PKT
/usr/src/sys/net/if_ethersubr.c line 609
Any clue what I am missing (sysctl or kernel)
Thank you,
Olivier
_
> I'm running an ethernet over TCP bridge using a combination of the native
> ethernet bridge support and the tap driver. Basically, a daemon sits on
> /dev/tapX and bridges ethernet frames using a small header over a TCP
Yup i think I have seen the same thing while I was using a combination
of v
Hummm, it still looks correct so far.
>From the client can you ping the IP of ed0
ping 126...66 I think
Olivier
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]
Please the 2 other questions?
from client ping the router
default gateway on the client?
Olivier
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> ed0: flags=8843 mtu 1500
> inet 196.25.53.66 netmask 0xfff8 broadcast 196.25.53.71
Sound good so far.
I suppose that the FBSD box can connect anywhere on Internet,
ping www.yahoo.com
would work.
So lets have a look at your client configuration, I saw you have a
machine 1
> rc.conf entries:
>
> defaultrouter="196.25.53.65"
> gateway_enable="YES"
> router_enable="YES"
> router="/sbin/routed"
> router_flags="-q"
>
> >What is the result of "netstat -r"
>
> [EMAIL PROTECTED] extech]# netstat -r
> Routing tables
>
> Internet:
> DestinationGatewayF
> I'm trying to setup a gateway/router between my private network and my Public
> network.
>
> My public network is connected via T1 and I have 5 public IP's
Did you defined a default gateway on your router box?
What is the result of "netstat -r"
Olivier
___
Vladimir,
We have been running a piece of international network with Zebra for
many years (www.ai3.net).
Olivier
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]
> How can a body do ethernet over ip on FreeBSD? I have heard that
> with netgraph you can do that. Has anybody tried this or maybe some
> other way? The goal is to connect two L2 networks on remote sites.
I think you may find some answer there:
http://sfc-cpu.ai3.net/~husni/soi-asia-ow/ethe
> I am just wandering if anyone in this Mailing List can give me any
> hints, help or advice on how to set up my FreeBSD Box so that I can
> finally Print from my PC instead of asking my officemates who are using
> Windows to Print for me...
I am not sure I understand what you exactelly mean.
Christoffer Pio wrote:
> Is it not possible to subnet a C class into 3 nets, like
>
> 0-63
> 64-191 <-- Offending network (?)
> 192-255
>
> If so, why is this?
I think you got explanations on the why.
Now it should still be possible to subnet the way you want I think.
While I would never recom
> Not only outgoing traffic for squid will be traversing that link, but
> also the answers to those requests sent out. So even thought your not
> really interested in the outgoing traffic as such, you have to send it
> out on that link to get responses back on the same link.
Not always true, an
> The problem is that I don't know how to get the outgoing
> requests from squid to use the nic that is connected to the cable company.
I think that at least would need quite some twisting of the set-up.
Is the outgoing bandwidth a problem (usually that is the incoming
bandwidth that is saturated
> since it is connected to a full-duplex switch.
Is the port set to full-duplex? Or to auto configuration?
If the last, the default is to fall in half duplex degradated mode.
Auto configuration will only work when both ends are set to auto.
Olivier
__
> (if any, I believe its a Cisco). The card is forced to 100BT/FD on our end,
> and im sure it is on the other end, though I will have them double check
If your card is forced to FD and the other end is not, this is "very
bad" (and according to the standard should fall back into SD).
Olivier
I would not be so pessimistic about comparing IPv6 and Ada. From Asia
Educational network, using IPv6 means having large bandwidth, almost
unused to cross the ocean, that is a strong motivation to do the move.
Olivier
___
[EMAIL PROTECTED] mailing list
h
Hi,
I know the problem is not new, but...
I am using 4.8-RELEASE, 2 interfaces 3com 905b (xl0 and xl1), and one
RealTeck, no IP on the 3 com, one fixed IP on the rl0.
I bridge between xl0 and xl1.
Interface rl0 and xl1 are connected to the same switched ethernet
network.
Sometime, the interfac
Hi
Could anyone tell me please why I would receive these messages and what I can
do to help avoid them?
The servers are not that busy and the NFS connection is on a private 10.0
interconnect between the servers, yet I still get these now and again.
Thanks!
Nicole
> nfs server
kley be giving a talk this Thursday at BABUG
(www.babug.org) on Bind9 and DNS configuation.
Nicole
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-net" in the body of the message
[EMAIL PROTECTED] |\ __ /| (`\ http:
bound traffic to
take a very high priority over the server to server traffic.
When everything possible has been exausted, it must then be something otherwise
not thought possible.
Nicole
On 08-Jan-01 David Greenman wrote:
>> Now I am really confused.
>> After more testing I hav
other weird question. What is the real difference between a cable
with 2 pairs and a cable with 4 pairs were 10/100 ethernet is concerned. On
another server that was using a SMC/DEC card I found it would go nuts when it
had a 2 pair cable, but worked Ok with a 4 pair cable. From everything I can
tell
lem, then there is probably something wonky with
> the server motherboard.
>
> -DG
Ahha.. Well.. Nice new word for the day "wonky" I like that :)
Yea.. as I change things on the server, I can see the switch respond to my
settings when it it is autoconfig mode. (worried abt that
e the problem.
Now.. I have the server set to 100Mb/Full duplex. But same problem :(
Switch: 100Mbps/Full/Enabled (IEEE 802.3x)
Server: media: 100baseTX status: active
root@goodserver:/usr/sbin> scp sendmail.8.9.3 [EMAIL PROTECTED]:
nicole@badserver's password:
Filesize = 290448
On 05-Jan-01 Tom Samplonius wrote:
>
> On Thu, 4 Jan 2001, Nicole wrote:
>
> ...
>> The problem is that when trying to scp a file or send a large file to it
>> via
>> sendmail, (large = 253952 ) it seems to transmit along
>> happily, then (at least for s
anyway.
ANY help or clues would be appreciated. Could this be caused by the MB? What
else can I try?
Please CC me in any replies to make sure I see it right away.
Thanks!!!
Nicole
nicole@home:/home/nicole> sysctl -a | grep tcp
tcpcb: 288, 2344,124,
53 matches
Mail list logo
