ame that's too large and you
> should look at the sender side for why it's being generated. If you
> don't want to do that you can probably just up the mtu on iwi and let
> the frame through.
>
This does sound awfully lot like the driver doesn't strip the 4
ld probably employ proxy arp to reply to arp
queries for the gateway address. Perhaps you have three public addresses
to use, reducing complexity a bit. man ng_nat(4) has an example that
could help you with the syntax (the hdlc one).
If all fails then perhaps marking the packets could help
pression that not
all realtek cards supported oversized frames (notably 8129 with an
external phy) and that 8139 A and B series were a little shakey but C is
definitly fine. 8139 had internal PHY so i guess they (a/b/c) are pretty
similar.
I can however not really give you the answer you are looking for, sorry.
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
anyone observed any ill-effects in such
> a configuration? Would it be simple enough for if_rl in RELENG_4 to
> just announce native VLAN support to the system?
>
> Sincerely, Dmitry
Not necessarily. I would assume, without looking, that you would also
need to enable oversized frame support.
defaultgateway. UGS 0 8065787em0 <need em1 here
>
> i can't change ip, it must be the same on both interfaces..
> how can i change the interface for defaultroute?
>
> thank you for help!
One side has to have a netmask of 255.255.255.255
-or
nderstand what I mean), depending on particular
> interface.
PF will do exactly that, if i'm not mistaken. It wouldn't be as hackish
as an IPFW solution (although IPFW has it's charm).
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.or
t shouldn't work (correctly) as
defined by the standard. commercial products tend to implement "mac-nat"
or just simple dumb passthrough (which requires support on the ap side
and is very much like ad-hoc mode).
you would want to look into WDS for a standard wa
a "sinner" within minutes (instead of
hours, if not days). They often come with more than adequate snmp
support so you can do real monitoring (even the low end ones).
--
Sten Daniel Sørsdal
signature.asc
Description: OpenPGP digital signature
Andre Oppermann wrote:
Sten Daniel Sørsdal wrote:
I am currently working on a udp multicast application written in C for
FreeBSD (6.x)
For our test cases in many different network types we found that
fragmentation poses as a significant problem for quality and reliability.
Packets that get
traffic is routed to the default router even the WAN link is again
up. Other unix like system (HP-UX, Linux) do not act the way,
i.e. they do not change static routes.
Are the routes still there after link goes down and then up?
--
Sten Daniel Sørsdal
signature.asc
Description: OpenPGP digital
negative effect on the
network.
Are there any way i can read whether a message's packet was fragmented
into smaller pieces and preferably how large the largest fragment was?
Are there any feasible way to do this?
Thank you for your time.
--
Sten Daniel Sørsdal
signature.asc
Description: Op
OxY wrote:
tested with iperf (bidirectional test, udp transfer, not stream)
and got 8-15% packet drop when the system was idle.
You might have a duplex mismatch problem.
--
Sten Daniel Sørsdal
signature.asc
Description: OpenPGP digital signature
ask is, i want to setup a tunnel between two units and
optimally not have to deal with any fragmentation issues.
--
Sten Daniel Sørsdal
signature.asc
Description: OpenPGP digital signature
ost 1.2.3.4 127.0.0.1' or something similar.
If it turns out to be the right thing to do then perhaps you would be so
kind as to sendbug(1) it?
--
Sten Daniel Sørsdal
signature.asc
Description: OpenPGP digital signature
packets. There
might be a PPTP proxy out there somewhere?
--
Sten Daniel Sørsdal
signature.asc
Description: OpenPGP digital signature
up to 400mbits/sec.
Are you by any chance using PCI NIC's? PCI Bus is limited to somewhere around 1
Gbit/s.
So if you consider;
Theoretical maxium = ( 1Gbps - pci_overhead )
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing list
http://l
ly?
[...snip...]
> Did you run tcpdump on both the hosts to find out what may be causing
> your problems?
> I will test adhoc between two atheros boxes at home
> today.
Did your "atheros boxes" perform any better?
---[ Appended e-mail ]-
epending on how you see it.
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
n that this was meant to solve a problem specific to
one network. It is about giving unprivileged applications the
opportunity to find the optimal packet size without relying on network
policies or flaws.
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
one would not need ICMP's to find the most efficient packet
size in a multicast application.
With DF NOT set, one is subject to fragmentation thus it would not
necessarily be the most efficient packet size.
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Robert Watson wrote:
>
> On Wed, 21 Sep 2005, Sten Daniel Sørsdal wrote:
>
> While the below is perfectly valid and useful and should be easy to
> implement with andre's proposed change, would you prefer an interface
> that allowed you to query the TCP connection and ask
Robert Watson wrote:
>
> On Wed, 21 Sep 2005, Sten Daniel Sørsdal wrote:
>
>> Robert Watson wrote:
>>
>>>
>>> So if someone could generate some application pseudo-code that suggests
>>> what specifically is necessary from the socket layer in order
about reassembly problems than DF problems IF a message is
generated in the first place. )
Sure, all of this could be fixed the complicated way but what if one
already has an application that runs in unprivileged userland. How many
lines of code would a simple socket option plus the "
(also as a support app for an UDP file
transfer utility)
The reason i want DF bit removed? I want to be able to generate my own
fragments or let the routers generate the fragments.
I also want to be able to receive bad UDP packets to gather statistics.
This would be userland
op all traffic to and from a particular ip address.
ipfw can also filter on mac addresses, which could help a potential ip
stealing issue without the hazards of using static arp.
Just a thought.
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing l
traffic
between you and the other work stations (put in another switch).
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
but with a slight addition).
CALL ID, a unique number assigned by the PPTP server per session.
AFAIK. There are some firewalls out there that uses this ID.
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/list
a customer.
--
Sten Daniel Sørsdal
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Eric Schuele wrote:
Alt Shift V closes the connection
sudo killall -TERM ppp
Have you ever tried -HUP (Hangup) ?
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL
Has anyone looked at porting NetBSD/OpenBSD's bridging code?
It is my opinion that it is superior in features and standards
compliancy to FreeBSD's current bridging methods.
_// Sten Daniel Sørsdal
___
[EMAIL PROTECTED] mailing
.0.0.1/24
>
Yes there is a way and i showed you one way to do it.
Apologies if this was too technical or not what you asked.
_// Sten Daniel Sørsdal
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
te change default 10.0.0.254
ifconfig rl0 inet 192.168.100.1/24 -alias
_// Sten Daniel Sørsdal
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
these lines;
# cd /usr/ports/net/isc-dhcp3-server
# make patch
now edit work/dhcp-3.0.1rc12/common/discover.c
at line 138 or so there should be "char buf[2048]"
change 2048 into for example 16384.
# make build install
assuming you are building on your gateway.
_// Sten Daniel Sørsdal
Apologies for the cross-post, i wasnt sure if this was hackers or net material.
I've often wondered why ip checksumming is done on every incoming
packet and not only on the packets that need to be delivered locally.
It looks like a very expensive way of doing it, especially on high
PPS. Basicall
>
> What can I do to make the system better handle this kind of
> traffic ?
> Could device polling(8) or just increasing the kernel
> frequency clock to 1000Hz or more improve the situation ?
> What kind of network cards could face a lot better this
> burden ? Are there any other solutions
>
> Has anyone made a patch to add ipfw2's verrev functionality
> in ip_input (or similar place) ?
[ ...snip... ]
Problem solved, it all works now. Thanks anyway!
// sten
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/fre
Has anyone made a patch to add ipfw2's verrev functionality in ip_input (or similar
place) ?
I've tried for a few days to write it myself but it keeps panicing on (among other
things) deleting of default route (i suspect that i really ask the route for 0.0.0.0).
I plan to add an ifconfig flag wh
> I have two 3com ethernet cards at my FreeBSD server. How to
> set up them, to
> work together at the same subnet with IP 192.168.1.1 (xl0) and IP
> 192.168.1.2(xl1).
>
If it's some kind of simple loadbalancing you are after;
ng_one2many
It's a netgraph module to "double" your sendin
> My own purpose for using this is securing a bit more
> 802.11(whatever) in a
> large WISP setup. One of my question is how many pptp or
> pppoe sessions
> can be handled by one FreeBSD box knowing each pptp or pppoe
> sessions have
> to be shaped traffic wise symetrically or asymetrically.
>
> Julian Elischer wrote:
> > > > > >However I do suggest that you discuss the
> possibility of enhancing mpd
> > > > > >with archie to allow allocation of addresses from a pool.
> > > > >
> > > > > I seem to recall (I could be mistaken here) that
> Archie has been working
> > > > > with a co
>
> > if you are running a poptop pptp server and you want
> multiple clients
> > connecting to this one pptp server; make sure you get the
> GRE ID update
> > (poptop always sets the id to 0 - messes up two connections).
>
> Is this update in the FreeBSD port/package for poptop? (It should be.
> FreeBSD makes a very good NAT router... for most applications.
> But a client of mine is having terrible trouble with it when
> trying to use NAT with one particular protocol: PPTP.
>
> Here's what's going on. A client has a FreeBSD box that's serving as a
> NAT router. He has one public IP, a
> Sten Daniel Sørsdal wrote:
> > Make sure that you are diverting the traffic from LAN to
> DMZ via NATD.
>
> I didn'tunderstand very well:
> ipfw is not doing this thrue the "OPEN" configuration by default ?
>
No.
in rc.firewall (line 124):
${fwcmd} add
>
> I've done that but it's not working.
>
> It's strange because if I ping www.site-example.com it goes
> to the right
> static ip.
> So it's pinging the right server.
>
> It could be apache configs but it happens also in qmail, ...
>
> I think it's natd but don't know how ...
>
Make sure
> > >
> > > Well, I don't see the problem.
> > >
> > > My math says that that's .03% collision rate, which is so
> deep in the
> > > noise as to be practically zero. What do you _think_ it
> should be?
> > >
> > Even Mr. Inventor of the ethernet himself regrets calling
> them collisions beca
I've tried freebsd-questions but no reply.
I use a FreeBSD 4.7-STABLE box as a Zebra BGP route server.
When my provider reset their interface (switch inbetween) the
TCP connect seems to linger in TIME_WAIT for a very long time
(up to 20 minutes?). Are there any ways to tweak the TCP se
>On Thu, Feb 27, 2003 at 02:02:53PM +0100, Sten Daniel S?rsdal wrote:
>> What i am looking for is a feature that basically prevents spoofing by looking
>> the route for the source and match the incoming interface.
>> A firewall solves the problem but adds alot of administrative overhead and
>
Has anyone made any patches to lookup the source ip for a packet to be routed
so that it comes from the right interface?
I've heard alot of talk from people going to write patches to do this
but no patches have turned up and no help from google.
What i am looking for is a feature that basic
Does FreeBSD prioritize traffic based on TOS and or TCP Flags?
It could be my imagination but it looks like PSH flagged tcp
packets go faster through the network than non-PSH flagged.
We have other routers also (Cisco and Nortel) so it might be them.
-- Sten
To Unsubscribe: send mai
I think the community would love that!
Im having the exact same problem as you do when it comes to adding
scripts :)
Just mail me if you need anything - like testing.
Im no C wiz though :P
---
Med vennlig hilsen / Best regards
Sten Daniel
RELEASE + STABLE - 4.7 - Works like a charm! :)
---
Med vennlig hilsen / Best regards
Sten Daniel Sørsdal
---
-Original Message-
From: Eugene Grosbein [mailto:[EMAIL PROTECTED]]
Sent: 17. januar 2003
Have you remembered to setup anything to fix the MSS in TCP packets going through?
You have disabled encryption and compression right?
-Original Message-
From: Rostislav Krasny [mailto:[EMAIL PROTECTED]]
Sent: 26. desember 2002 15:42
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; FreeB
I've had similar issue with Intel Ethernet controllers (i82562ET and i82801BA/BAM).
It was practically no load, and on the wire there was no duplicates but ping got
duplicates anyway. - It only happens sporadically and it happens to about 10 boxes
with the same FreeBSD version (exact same).
Haven
53 matches
Mail list logo
