On Fri, 10 Jul 2020 08:45:30 +0200
Patrick Lamaiziere wrote:
> Hello,
>
> That is mostly for the record but it looks like the intel X520 is not
> very good and generates a high level of interrupts.
...
Oh I forgot to thank you all for yours replies, sorry.
I will try to p
On Wed, 15 Jul 2020 17:07:23 +0700
Eugene Grosbein wrote:
Hello,
> > That is mostly for the record but it looks like the intel X520 is
> > not very good and generates a high level of interrupts.
> >
> > On a router / firewall with 500 Kpps in input (dropped by pf) is
> > enough to put the CPUs
On Fri, 10 Jul 2020 18:21:11 +0200
Olivier Cochard-Labbé wrote:
Hi Olivier,
> > That is mostly for the record but it looks like the intel X520 is
> > not very good and generates a high level of interrupts.
> >
> > On a router / firewall with 500 Kpps in input (dropped by pf) is
> > enough to put
Hello,
That is mostly for the record but it looks like the intel X520 is not
very good and generates a high level of interrupts.
On a router / firewall with 500 Kpps in input (dropped by pf) is enough to put
the CPUs at
100% busy.
We use FreeBSD 11.3 on a machine with 12 CPU Intel(R) Xeon(R) CP
On Sat, 31 Aug 2019 08:04:11 +0700
Eugene Grosbein wrote:
Hello,
> >>> bsnmpd sends a trap when an interface link goes up but not when
> >>> the link goes down.
> >>>
> >>> Is there a way to have a trap when the link is down?
> >>
> >> Are you sure you not trying to send a trap for broken li
On Fri, 30 Aug 2019 19:18:35 +0700
Eugene Grosbein wrote:
> > bsnmpd sends a trap when an interface link goes up but not when the
> > link goes down.
> >
> > Is there a way to have a trap when the link is down?
>
> Are you sure you not trying to send a trap for broken link over same
> link? :
Hello,
bsnmpd sends a trap when an interface link goes up but not when the
link goes down.
Is there a way to have a trap when the link is down?
Thanks, regards.
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebs
On Thu, 29 Aug 2019 12:54:41 +0200
Patrick Lamaiziere wrote:
Hello,
> I've upgraded our two firewalls from 11.2-RELEASE-p11 to 11.3 release
> p3 and I'm seeing a problem with carp, the carp slave becomes briefly
> MASTER and returns to the slave state. This occurs often.
Hello,
I've upgraded our two firewalls from 11.2-RELEASE-p11 to 11.3 release p3 and
I'm seeing a problem with carp, the carp slave becomes briefly MASTER
and returns to the slave state. This occurs often.
the firewalls use PF / PFSYNC / CARP and the configuration is the same
as on 11.2. On 11.2 t
On Sat, 6 Oct 2018 14:03:46 +0300
Yuri Pankov wrote:
Hello,
> > Patrick Lamaiziere wrote:
> >> Hello,
> >>
> >> freebsd 11.2/amd64 release
> >> net-snmp-5.7.3_18
> >>
> >> net-snmpd returns incomplete MAC addresses in
> >> I
Hello,
freebsd 11.2/amd64 release
net-snmp-5.7.3_18
net-snmpd returns incomplete MAC addresses in IF-MIB::ifPhysAddress,
the first octet is always "0".
$ snmpwalk -v 2c -c "xxx" localhost 1.3.6.1.2.1.2.2.1.6
IF-MIB::ifPhysAddress.1 = STRING: 0:36:9f:93:7d:f8
IF-MIB::ifPhysAddress.2 = STRING: 0:3
Le Thu, 26 Jul 2018 09:58:05 +0200,
Patrick Lamaiziere a écrit :
Hello,
> > Hey,
> > I am on
> > 11.2-STABLE FreeBSD 11.2-STABLE #9 r336597
> > Sun Jul 22 14:08:38 CEST 2018
> >
> > and I see 2 problems with PF that are still there:
> > 1.) set ski
Le Thu, 26 Jul 2018 09:58:05 +0200,
Patrick Lamaiziere a écrit :
Hello,
> > Hey,
> > I am on
> > 11.2-STABLE FreeBSD 11.2-STABLE #9 r336597
> > Sun Jul 22 14:08:38 CEST 2018
> >
> > and I see 2 problems with PF that are still there:
> > 1.) set ski
Le Sun, 22 Jul 2018 15:53:41 +0200,
Lars Schotte a écrit :
Hello,
> Hey,
> I am on
> 11.2-STABLE FreeBSD 11.2-STABLE #9 r336597
> Sun Jul 22 14:08:38 CEST 2018
>
> and I see 2 problems with PF that are still there:
> 1.) set skip on lo
> does not work even though ifconfig lo matches.
Le Tue, 12 Jun 2018 14:34:47 +0200,
Patrick Lamaiziere a écrit :
Hello,
> I'm trying Bird 2 on FreeBSD 11.2 using tcp md5 signature for BGP
> connections.
>
> Bird2 has an option to set the needed ipsec SA/SP but here this does
> not work.
>
> The first entry
Le Tue, 12 Jun 2018 14:34:47 +0200,
Patrick Lamaiziere a écrit :
Hello
I change the subject because this is not at all related to bird.
> I'm trying Bird 2 on FreeBSD 11.2 using tcp md5 signature for BGP
> connections.
>
> Bird2 has an option to set the needed ipsec SA/SP b
Hello,
I'm trying Bird 2 on FreeBSD 11.2 using tcp md5 signature for BGP
connections.
Bird2 has an option to set the needed ipsec SA/SP but here this does
not work.
The first entry (0.0.0.0 129.20.128.78) is correct but the second one
(129.20.128.78 0.0.0.0) has an invalid spi field (should be 0
Le Wed, 13 Jul 2016 15:35:23 +0200,
Patrick Lamaiziere a écrit :
Hello,
> 10/stable rev 302560
>
> I'm building a pair of firewalls with pf and carp and the states are
> well synchronized between the firewalls. But at startup or using
> "service pfsync restart"
Hello,
10/stable rev 302560
I'm building a pair of firewalls with pf and carp and the states are
well synchronized between the firewalls. But at startup or using
"service pfsync restart" pfsync fails the bulk update.
In rare situations the bulk is successful but I don't know why.
Jul 13 15:01:3
Le Tue, 5 Jul 2016 15:00:50 +0100,
Melissa Jenkins a écrit :
Hello,
> > On 5 Jul 2016, at 13:00, freebsd-net-requ...@freebsd.org wrote:
> >
> > Is there anyone using openbgpd with BGP password with success?
>
> Yes, we have this working on 10.2, with openbgpd
>
> Using the set key and kerne
Hello,
As openbgpd(*) looks broken for the BGP password, is there any BGP
daemon that works with tcp md5 signature (using setkey and ipsec of
course) ?
Thanks, regards
(*)
https://lists.freebsd.org/pipermail/freebsd-ports-bugs/2013-December/267545.html
Hello,
Is there anyone using openbgpd with BGP password with success?
I've setup the password using setkey :
add localip ippeer tcp 0x1000 -A tcp-md5 "secret!";
But as far I can see with tcpdump, the outgoing packets are not signed.
The kernel is built with
options IPSEC #IP security (requires
Hello,
Documentation states that setting net.inet.ip.fastforwarding on a
router breaks ipsec. But it's not clear to me "where" ipsec is broken.
Is it ipsec broken to (or from) the router, but ipsec between differents
hosts will work as expected.
Or is it broken for all the ipsec traffic passing
Le Mon, 05 Jan 2015 07:57:33 +0100,
Sascha a écrit :
Hello,
> you made my day! It's working again. But I continue my research.
>
> Rebooting takes the Port-Channel on the switch down. When the machine
> comes up the port-channel on the switch needs some seconds until it's
> up.
Any spanning
Le Thu, 8 Aug 2013 11:34:22 +0430,
s m a écrit :
> hello guys,
>
> i have a question about ip addresses. i know my question is not
> related to freebsd but i googled a lot and found nothing useful and
> don't know where i should ask my question.
>
> i want to know how can i calculate the number
Le Fri, 4 Nov 2011 11:13:21 +0100,
Borja Marcos a écrit :
> I'm testing a set up for OpenBGPd with FreeBSD 9-RC1 (amd64). For now
> I'm trying on two virtual machines. Using the stock GENERIC kernel it
> works, although of course it doesn't have TCP MD5 support, which I
> require.
>
> I've compi
Le Mon, 18 Jul 2011 19:18:53 +0400,
Dmitry Banschikov a écrit :
Hi,
> > is it possible to let a CARP-interface fail(-over) in the situation
> > when a certain program fails or stops working? I hope it's clear
> > enough what I have in mind. Could you give me any pointers on how
> > this can be a
Le Thu, 2 Jun 2011 16:39:40 -0400,
John a écrit :
>Instead of running carp on the external interfaces as below:
>
> ifconfig_cxgb0="inet 10.24.99.11 netmask 255.255.0.0" # System 1
> physical ip ifconfig_cxgb0="inet 10.24.99.12 netmask 255.255.0.0" #
> System 2 physcial ip ifconfig_carp1=
Le Thu, 2 Jun 2011 16:39:40 -0400,
John a écrit :
Hello,
>However, if system A is the MASTER, and system B is rebooted,
> the carp interface on system A will flip/flop going down and
> coming back up which is not what I want.
I saw this if the switch connecting the two systems takes some ti
Le Thu, 10 Sep 2009 00:37:39 -0700,
Chris Cowart a écrit :
Hello,
> A C program that sends long UDP messages is attached (there's a
> hardcoded remote IP in there). The program sends 2 UDP message of size
> 1960, sleeping for 3 seconds in between. Most of the time, on a clean
> boot, the first m
30 matches
Mail list logo
