Re: net.link.bridge.member_ifaddrs has landed in stable/14

I have compiled the latest 14-STABLE too and looked at my bridge configuration before changing this net.link.bridge.member_ifaddrs to 0. After reboot my system did not respond on the IP4 bridge address and it turned out I had forgot "inet6 -auto_linklocal" on the member interface, which only ha

EFI boot with iPXE

Hi, I have tried to boot over iSCSI using PXE using the ports isboot-kmod. It worked after many tries, but it is not automatic yet. At the loader.efi prompt I do: set currdev=zfs:zroot/ROOT/default: load /boot/kernel/kernel load /boot/kernel/opensolaris.ko load /boot/kernel/zfs.ko load /boot/ker

Re: [Bug 219901] if_bridge(4): Panic when destroying interface on bridge over time

I believe if you remove the work-around "exec.poststop = "jib destroy ${name}”;” this panic happens Peter > On 3 May 2020, at 18:42, bugzilla-nore...@freebsd.org wrote: > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219901 > > --- Comment #5 from Kristof Provost --- > I'm not immediat

pf firewall on bridge member

I have difficulty filtering one member of a bridge using pf firewall net.link.bridge.pfil_member: 1 net.link.bridge.pfil_bridge: 0 Two segments are bridged, segment 'home' and segment ‘safe'. The idea for segment ’safe’ is to only allow access to the outside world with certain rules, but NO acc

Re: VIMAGE option in FreeBSD 11.x

I’m using static IP indeed. > On 18 Jul 2018, at 12:09, Goran Mekić wrote: > > On 18 July 2018 11:38:42 EEST, peter.b...@bsd4all.org wrote: > Hi, > > I’m using VIMAGE on stable for more than a year now. No issues, but I did > apply patches from CURRENT. As far as I know those patches have not

Re: VIMAGE option in FreeBSD 11.x

Hi, I’m using VIMAGE on stable for more than a year now. No issues, but I did apply patches from CURRENT. As far as I know those patches have not been MFC’ed. I have applied the following commits. 306684, 307234, 312942, 313000, 313167, 315130, 315135, 315468, 315740, 317399, 320847 Peter > O

Re: multiple if_ipsec

Hi, I have mixed types of configurations. I’ll give it a run next week. So far I have tried a tunnel with if_ipsec and strongswan at one end and gif and racoon at the other end. I have tried if_ipsec with strongswan on both ends. I’ll start with recompiling racoon today and using it to see if i

Re: multiple if_ipsec

Andrey, I was planning to move towards Strongswan anyway. The 1st step (with 1 interface worked great) Julian, The idea of having a jail as VPN end-point is going to help me transition step by step and possibly have both racoon and strongswan active. Thx, Peter > On 9 May 2018, at 03:08, Ju

Re: multiple if_ipsec

Hi Victor, I’m struggling wit the same issue. My sainfo doesn’t match unless I use anonymous. Hi Andrey, What I don’t understand is why a “catchall” policy is added instead of the policy that matches the inner tunnel. What is supposed to happen here? Is the IKE daemon supposed to update the

Re: Looking for a Wireless NIC with 802.11ac or 802.11n support

Hi, I have been using a TP-Link TL-WDN4800. It has hostap support, because that’s how I used it. Had lots of stuck beacon messages, but it kept doing its job. Peter > On 6 Feb 2018, at 07:04, Kevin Oberman wrote: > > On Mon, Feb 5, 2018 at 9:38 PM, Victor Sudakov

NFS exports -mapall notworking

Hi, I’m running 11-STABLE as of today and was trying to use the -mapall parameter, but it doesn’t have any effect. Anybody else using this? Peter ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsu

Re: MFC VIMAGE fixes to 11-stable

Yeah, you are right. To keep the pf code as unchanged as possible, it is sometimes unclear whether something is virtualised or not. The SLIST_HEAD and RB_HEAD in pfvar.h need virtualisation as well. > On 20 Apr 2017, at 21:41, Marko Zec wrote: > > On Thu, 20 Apr 2017 21:24:33 +0200 > mailto:p

Re: MFC VIMAGE fixes to 11-stable

It doesn’t solve my problem, but below is the stack back trace that leads to the problem that allocation doen for the default vnet are given back as part of the vnet destroy. #0 0x807ff275 at pfr_destroy_kentry+0x35 #1 0x807fe47c at pfr_remove_kentries+0x1fc #2 0x808053cd

Re: MFC VIMAGE fixes to 11-stable

I’ll test this today. > On 20 Apr 2017, at 15:32, Kristof Provost wrote: > > On 20 Apr 2017, at 15:28, Marko Zec wrote: >> Right. But pfi_attach_group_event() and the other handlers cited above >> _do_ in fact invoke CURVNET_SET(vnet0) on entry, overriding the proper >> vnet choice from the call

Re: MFC VIMAGE fixes to 11-stable

Hi Marko, Thanks for the pointer. It was not my intention to have this committed, but it helped identify other problems. I have asked this before in -current, but got no answer so I posted it here to get an answer. If you look inside slab_free_item there is a KASSERT for just this, so that’s w

MFC VIMAGE fixes to 11-stable

All, I’m running jails and bhyve using netgraph bridge. The jails are using Devin Teske’s jng and I have adapted iohyve to use the same netgraph bridge. I haven’t had any panic’s after applying revisions 306684, 312943, 315131, 315469, 307235, 313001, 315136 and 315741. Can someone please MFC

11-stable mountd listens on port 993

I just updated to 11-stable@313042 and when I rebootted my system dovecot didn’t want to start because port 993 was already in use. Checked with lsof and it was mountd that was listening on this port. When I stopped mountd and started dovecot everything was fine. When I started mountd after thi

Signal quality/strength of FreeBSD hostap vs. commercial products

Hi, I am trying to build a FreeBSD wireless router for a while and I noticed that the signal strength is always substantial lower compared to common available wireless routers. At first I thought it was due to the wireless card I used, but I have tried several different ones and several different

fastforwarding and gif tunnel

Hi, I have an esp/tunnel between two sites. 192.168.1.0/24 -> 192.168.1.1 gif - esp/tunnel - gif 192.168.101.1 -> 192.168.101.0/24 If I ping 192.168.101.1 from the 192.168.1.1 gateway everything works. If I ping 192.168.101.2 from the 192.168.1.1 gateway everything works But if I ping from 192.

RE: PF firewall NAT and Windows IPSEC tunnel

I'm using this combination for a long time. Since the VPN client initiates the VPN connection I have only provided NAT directives going out. nat pass on $ext_if proto { tcp, udp } from any to port { isakmp } -> ($ext_if:0) static-port nat pass on $ext_if proto { udp } from any to port { 1 }

ypxfr: call to rpc.ypxfrd failed: RPC: Timed out

Hi, If seen a couple of complaints about the message below. I have found the issue in ypxfr function ypxfrd_get_map. The timeval struct is initialized with a timeout of 25 usec. Inside libc this will result in a poll timeout of 0, which will return immediately raising this error. My question

RE: FAST_IPSEC is now IPSEC, please be advised...

Hi George, Is somebody looking at ipsec-tools? As far as I can see it requires a lot of kame definitions, although not used most of the times. I have tried to make sense of this, but it wasn't easy. Peter ___ freebsd-net@freebsd.org mailing list http://

RE: Applying NAT-T patch

I wish this would happen too. I'm using NAT-T in combination with a cisco client I use for work and home. It works great! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Masson Sent: Thursday, May 31, 2007 9:38 AM To: VANHULLEBUS Yvan Cc: freebsd-net@

RE: requests for mbufs denied increasing

This will indeed fix the false mbufs denied counts as part of the uma_reclaim and mb_reclaim functionality. If you still see mbuf denied counts after implementing this fix, it might be your problem. If the counts stay at 0 and your system still stops accepting network connections, you have a diffe

RE: mbuf denied problem

ay, May 20, 2006 2:12 PM To: Peter Blok; freebsd-net@freebsd.org Subject: Re: mbuf denied problem - Original Message - From: "Peter Blok" <[EMAIL PROTECTED]> To: "'OxY'" <[EMAIL PROTECTED]>; Cc: "'Jin Guojun [VFFS]'" <[EMAI

RE: mbuf denied problem

Hi, I have posted a reply to similar questions a couple of times. Although I'm subscribed to freebsd-net I never saw the answer appear in the list. The ... denied counts is coming from calling uma_reclaim, which will in the end call uma_zfree_internal which is increasing the fail counter. I am n

RE: requests for mbufs denied

Hi, I have tried to debug this and it turns out that it is not an allocation failure at all. It happens as part of uma_reclaim, which will eventually call uma_zfree_internal which increments the counters. When I use the following patch, uma_reclaim will skip uma_zfree_internal for both mbuf and m

RE: requests for mbufs denied

Hi, I have them too. They only happen on a Realtek re card. They don't happen on an Intel em card. I'm still narrowing down why this happens. I have now disabled carp, because I have a feeling it is related to promiscuous mode. So far they have not happened after disabling carp. Peter -Orig

test - ignore

___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"

best firmware for prism2

Hi, Currently I have a prism2 card with primary firmware 0.03.00 and station 0.08.03. It works currently fine in ibss but would like to move to hostap mode. I have learned that I can use primary firmware 0.03.00 and station f/w 0.1.71, but is that true and wise? I.e what is the best firmware f

RE: FreeBSD and Cisco router IPSEC tunnel

What router are you talking about? The ex-Altiga routers, or Cisco's own -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of ipver four Sent: Thursday, September 27, 2001 04:03 To: [EMAIL PROTECTED] Subject: FreeBSD and Cisco router IPSEC tunnel Has anyone

RE: Win32 to FreeBSD VPN

I have W2K working with ipsec on 4.4-STABLE. Wasn't that hard. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Shoichi Sakane Sent: Wednesday, September 26, 2001 05:39 To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Win32 to FreeBSD VPN > Does

RE: Win32 to FreeBSD VPN

PPTP stuff works fine. Regards, Peter Blok -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dmitry Samersoff Sent: Wednesday, September 19, 2001 21:35 To: [EMAIL PROTECTED] Subject: Win32 to FreeBSD VPN Does anybody have working VPN between Win32 client

RE: Runt frames = broken VLAN ?

Mike, et al. I had the panic too. The problem is the order of initialization. It only happened when you compile NETGRAPH support in the kernel instead of using it as a module. When initialize netgraph a little bit later it works fine. In netgraph.h there is a macro called NETGRAPH_INIT. I have ch

RE: PPPoE + Alpha + 32/64 bits

What did you patch in the mpd daemon. I found a lot endian issues with it, but due to work pressure I didn't finish it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Thomas Pornin Sent: Wednesday, August 01, 2001 17:36 To: [EMAIL PROTECTED] Cc: [EMAIL P

RE: sysctl net.link.vlan.link.proto

I fully agree with Steve. The netgraph code is ideal to handle the vlan stuff. Take a look at the port aggregation (etherchannel) Bill Paul has done as well -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vladimir B. Grebenschikov Sent: Sunday, July 22, 2

patch for if_wi.c

Hi, I have bought two SMC wireless cards. One SMC2632 in my laptop, the other a SMC2602 (PCI to SMC2632) in my FreeBSD server. I am running FreeBSD-STABLE as of july 1. Initially it didn't work because the PCI to PCMCIA bridge picked an interrupt that was already in use. Since I couldn't force th

wireless SMC 2602 and 2632 adapters

Hi Folks, I just wanted to let you know the SMC wireless adapters are working in 4.3-STABLE. Make sure you load the latest - called linux - firmware into the boards. The SMC2602W is a PCI to PCMCIA controller, dedicated for the SMC2632W. I have my SMC2632W in my laptop running windoze2000. I am r

RE: mpd netgraph bridge

nk it to another ethernet port. Peter -Original Message- From: Archie Cobbs [mailto:[EMAIL PROTECTED]] Sent: Friday, June 08, 2001 02:17 To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: mpd netgraph bridge Peter Blok writes: > I have a PPTP connection to my ADSL provider, using m

mpd netgraph bridge

Hi folks, I have a PPTP connection to my ADSL provider, using mpd-netgraph. It is available on ng0. I'd like to bridge this with netgraph to a separate ethernet interface sf3. Is this possible? I have looked at examples, but they don't work because ng0 is not of type ether. Peter To Unsubscrib

netgraph ng_bridge and ipfilter

Hi, Another question. I saw a posting a while ago, ipfilter doesn't work completely when a bridge is created with netgraph. I want to create a transparent firewall without NAT. I know OpenBSD has a bridge that works, but OpenBSD doesn't have netgraph. Is this still the case with 4.3-RC Peter

load balancing/failover multiple internet connections

Hi, I have three possible ways to get to the internet from my FreeBSD gateway. 1) ADSL session via netgraph PPTP implementation. The interface used is ng0 2) ISDN dial-up via netgraph PPP. The interface used is ng1 3) direct connection (limited bandwidth), interface is sf3 Curr

RE: 4.3-BETA netmask problem

Right! A stupid dial-up connection I wasn't thinking of -Original Message- From: Ruslan Ermilov [mailto:[EMAIL PROTECTED]] Sent: Friday, March 23, 2001 08:32 To: Peter Blok; Garrett Wollman Cc: [EMAIL PROTECTED] Subject: Re: 4.3-BETA netmask problem On Thu, Mar 22, 2001 at 09:45

4.3-BETA netmask problem

Hi, I'm having a strange problem. I have a block public ip addresses at X.Y.Z.128/28. My FreeBSD 4.3-BETA system has assigned IP address X.Y.Z.140 netmask 255.255.255.240, broadcast X.Y.Z.143. I don't use routed. I have one static host route to a particular host. Here's the problem when somebod

strange problem with ipfilter and 4.3-BETA

Hi, My system is having an internal interface, named sf0 and external sf3. I have cvsup'ed 4.3-BETA as of 16 march and have copied the /usr/src/etc/rc* files to /etc. In rc.network the invocation of ipfilter is now at the beginning to support IPFILTER_DEFAULT_BLOCK. When my system reboots it ha

RE: call for testers: port aggregation netgraph module

Bill, I have tested the port aggregation module on a BayStack 450-12, although I'm not sure the BayStack trunking is compatible with Etherchannel. I'm using a four port Adaptec in my FreeBSD 4.3-BETA system. After some attempts (I have never configured trunking on a BayStack) I had two links up,

RE: 802.1q vlans and STABLE

ephen Gunn [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 25, 2001 23:03 To: Peter Blok Cc: [EMAIL PROTECTED] Subject: Re: 802.1q vlans and STABLE On Sun, Feb 25, 2001 at 04:46:47PM +0100, Peter Blok wrote: > The panic occurs in ng_ether_output, during the ifconfig of the first vlan > in

RE: 802.1q vlans and STABLE

PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Julian Elischer Sent: Friday, February 23, 2001 10:48 To: [EMAIL PROTECTED] Cc: 'Mike Tancsa'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: 802.1q vlans and STABLE Peter Blok wrote: > > I am working with VLANs and a BaySta

RE: netgraph pptp and alcatel adsl modems

e: netgraph pptp and alcatel adsl modems Peter Blok wrote: > > Name: mxstream.tar.gz >mxstream.tar.gzType: Unix Tape Archive (application/x-tar) > Enco

RE: netgraph pptp and alcatel adsl modems

Stefan, You have to patch mpd-netgraph to make it work. I have recently found out how to use mpd-netgraph in such an environment. Attached my patch and config files. I don't have a written procedure yet. If you have questions, don't hesitate to e-mail me. Peter -Original Message- From

RE: 802.1q vlans and STABLE

2001 10:48 To: [EMAIL PROTECTED] Cc: 'Mike Tancsa'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: 802.1q vlans and STABLE Peter Blok wrote: > > I am working with VLANs and a BayStack 450-T without stability problems, > except when you configure NETGRAPH at the same time. The ker

RE: 802.1q vlans and STABLE

I am working with VLANs and a BayStack 450-T without stability problems, except when you configure NETGRAPH at the same time. The kernel crashes during boot-up. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Mike Tancsa Sent: Friday, February 23, 2001 04

netgraph-mpd

Hi, My DSL provider (KPN - mxstream) needs a PPTP connection. I am trying to use netgraph-mpd to make this work. Any experience good or bad with this? Peter To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message