Also make sure that the route for this specific test isn't going out on
the Internet and coming back in at your outside link speed of
around117kbits/sec?
I had a similar problem once where I had 3 boxes hooked up and the
speeds were blistering fast for 2 tests but the third test was horrid slo
have a look at ng_one2many(4) I've never used it but it sounds
like it could be what you are after according to the manpage.
Vince
On Wed, 2008-06-18 at 13:22 -0400, Andrew Thompson wrote:
On Tue, Jun 17, 2008 at 04:32:03AM -0400, Martes G Wigglesworth wrote:
Greetings all.
I have
Kevin Oberman wrote:
Date: Fri, 25 Apr 2008 16:48:46 -0300
From: "Tobias P. Santos" <[EMAIL PROTECTED]>
Kevin Oberman wrote:
Running 7-STABLE of April 10, if I disable the firewall ('sysctl
net.inet.ip.fw.enable=0'), IPv4 traffic passes, but IPv6 will not. I had
to add a "allow ip from any to a
Tom Judge wrote:
> Andrei Kolu wrote:
>>> Alexandre Biancalana wrote:
This server is an Dell Power Edge 1950, QuadCore 2.83, 2Gb Ram, one
bce gigabit interface connected to a gigabit port of a Cisco 4500 in
trunk mode.
>>
>> Why you are using trunk mode? IIRC then "trunk" is used o
nce 6.2 so a stock 6.2 will but updating using
freebsd-update will patch it, 7 and -CURRENT wont.
>From the Advisory:
Support for IPv6 type 0 routing headers can be re-enabled
if required by setting the newly added net.inet6.ip6.rthdr0_allowed sysctl
to a non-zero v
it like
http://mucc.mahidol.ac.th/~ccvvs/KAME-NAT-PT-ENG.htm
Hope thats useful,
Vince
> Thanks ...
>
>
> Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
> Email . [EMAIL PROTECTED] MSN . [EMAIL PROT
this form
MUST NOT appear outside a host.
I would interpret this as 127.0.0.0/8 are all loopback host addresses,
but I'd be happy to be corrected.
Vince
> Could you please help me understand this?
>
>
> sincerely
>
> Mathen
> (Abraham K. M
s Ethernet autoselect (DS/11Mbps)
status: associated
vlan: 1 parent interface: an0
Vince
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
tic TCP
send and receive socket buffer sizing patches mentioned in the last
status report?
[http://www.freebsd.org/news/status/report-oct-2006-dec-2006.html#Automatic-TCP-Send-and-Receive-Socket-Buffer-Sizing]
If not they might be worth a l
gt; Same problem with FreeBSD to FreeBSD NFS.
>
Just out of interest since cygwin was mentioned, has anyone tried out
the cygwin NFS server rather than the SFU one? If it were combined with
cygwin's "managed mount" mode it should in theory support ':' or other
similar name
odule if needed, then
ifconfig fxp0.1 create
should create a subinterface like
fxp0.1: flags=8842 mtu 1500
ether 00:50:8b:03:6d:00
media: Ethernet 100baseTX
status: active
vlan: 1 parent interface: fxp0
Vince
Should I us
Paul Schmehl wrote:
> --On Tuesday, October 10, 2006 09:59:15 +0100 Vince <[EMAIL PROTECTED]>
> wrote:
>>
>> Just a a final note. The (discontinued) wpi driver that Damien started
>> is still floating around and works for some people (although its a
>> little
ce driver.
>
> Thanks for the info.
>
Just a a final note. The (discontinued) wpi driver that Damien started
is still floating around and works for some people (although its a
little flaky and only gives 6Mbps even for those where it does work.)
I have a copy you can try
t side.
>
> pf and sticky rdr.
>
> Use a shell script that pings the hosts on the backend, to insert/remove
> them from a persistent table.
>
I'd probably go with that for a basic solutions myself, but also have a
look at the results of
c
JICUDN, I have been using nc,dd and systat to check TCP performance on
my servers, the good thing about it is it requires little setup and
gives results fast.
For example on host A start the nc server.
nc -4kl 3000 > /dev/null
Then start another one on hostb sending data via nc from /dev/zero
c
David DeSimone wrote:
- --
David DeSimone == Network Admin == [EMAIL PROTECTED]
I got it going!
Its working like a dream now.
I don't have a for sure reason why it wasn't working but my best guess
is it was one that actually boiled down to a silly mistake as you suggested.
I feel quite si
David DeSimone wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David DeSimone <[EMAIL PROTECTED]> wrote:
Hmm... In examining my kernel configuration I found these options:
options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG
# options IPSEC_FILTERGIF
# opt
David DeSimone wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Vince <[EMAIL PROTECTED]> wrote:
The main reason to use IPSEC tunnel mode and avoid GIF is that such
a config is interoperable with other IPSEC implementations, and thus
is much more useful in the real
David DeSimone wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brian Candler <[EMAIL PROTECTED]> wrote:
Ah, I guess this means you're following the instructions in the
FreeBSD handbook, which last time I looked gave a most bizarre and
unnecessary way of setting up IPSEC (GIF tunneling
VANHULLEBUS Yvan wrote:
On Tue, Jun 20, 2006 at 11:26:15PM +1000, Michael Vince wrote:
Hey All,
When installing the ipsec-tools it says if you want NAT-T you need to
install this patch, http://ipsec-tools.sourceforge.net/freebsd6-natt.diff
Can any one tell me if this patch works with
Hey All,
When installing the ipsec-tools it says if you want NAT-T you need to
install this patch, http://ipsec-tools.sourceforge.net/freebsd6-natt.diff
Can any one tell me if this patch works with Fast_ipsec or is it just
for the other ipsec?
Cheers,
Mike
Brian Candler wrote:
On Fri, Jun 16, 2006 at 01:43:54PM +1000, Michael Vince wrote:
I have setup the GRE tunneling and that is working fine doing pings and
tracerts when I disable ipsec and ipsec-tools, its just the encryption
side thats the problem.
Ah, I guess this means you&#x
Hey all.
I have been trying to setup a VPN between 2 FreeBSD hosts, but I can't
get any IKE exchange activity via ipsec tools happening.
I used this script http://thebeastie.org/projects/vpnsetup/vpnsetup.pl
which I created for my self to help me remember all the knobs, its been
about a year
_first_pass
to the relevent pam file. I use it so I can authenticate against an RSA
ACE server.
Do you know a good documentation about that?
A good read of man radius.conf and man pam_radius should be enough.
otherwise google is your friend.
cheers,
Vince
I use netperf which is a pure network traffic tester I also just use
basic 'ab/apache' tests which would also test HD/IO if getting large files.
For the 'em' driver I have seen some posts/cvs commit updates to the
driver saying it now works better without polling then with polling. I
think this
tes.uiuc.edu/network/autosense.html or use google for
more info)
Vince
I've looked in the archives and in bug reports and I've seen someone has
reported this too, but found no solutions.
Someone says that the same board connected to a different switch behaves
correctly.
I can only add that a
usly.
I seem to recall openntpd can be but I dont think the standard freebsd
ntpd can. I have never tried openntpd on freebsd though (it is in ports.)
http://www.openbsd.org/cgi-bin/man.cgi?query=ntpd.conf&sektion=5&arch=&apropos=0&manpath=OpenBSD+Cu
On FreeBSD amd64 if you compile in FAST_IPSEC and even regular IPSEC and
do something like run setkey you get a panic.
VPN on AMD64 FreeBSD has never worked.
Mike
Gleb Smirnoff wrote:
On Thu, Jan 05, 2006 at 02:38:02PM +1100, Michael Vince wrote:
M> >What is there to gain in perfo
Jon Otterholm wrote:
Hi!
What is there to gain in performance choosing AMD64 on a Dell PE1850
(Xeon EMT64) when used as router?
/Jon
I have one running under Amd64 FreeBSD.
When polling is enabled I do get transfer speeds of up to
112megabytes/sec, the only real down side as far as I am
Zongsheng Zhang wrote:
Hi, *,
For testing throughput of a TCP connection, the following topology is used:
Host-A ---GB Ethernet--- Dummynet ---GB Ethernet--- Host-B
Host-A/B use FreeBSD v6.0. Sysctl parameters of Host-A/B are:
kern.ipc.nmbclusters=32768
net.inet.tcp.inflight.enable=0
net.i
Andre Oppermann wrote:
Markus Oestreicher wrote:
Currently running a few routers on 5-STABLE I have read the
recent changes in the network stack with interest.
You should run 6.0R. It contains many improvements over 5-STABLE.
A few questions come to my mind:
- Can a machine tha
Scott Long wrote:
Michael Vince wrote:
Kris Kennaway wrote:
On Tue, Nov 22, 2005 at 08:54:49PM -0800, John Polstra wrote:
On 23-Nov-2005 Kris Kennaway wrote:
I am seeing the em driver undergoing an interrupt storm whenever the
amr driver receives interrupts. In this case I was
Kris Kennaway wrote:
On Tue, Nov 22, 2005 at 08:54:49PM -0800, John Polstra wrote:
On 23-Nov-2005 Kris Kennaway wrote:
I am seeing the em driver undergoing an interrupt storm whenever the
amr driver receives interrupts. In this case I was running newfs on
the amr array and em0 was not
dennis binder wrote:
hello,
i'm trying to get a wlan card WG511T from netgear to work
and connect to the internet via an accesspoint.
The accesspoint has an SSID= "WLAN" and provides DHCP.
dmesg bings up the following:
ath0: mem 0x8800-0x8800 irq 9 at device 0.0 on
cardbus0
ath0: mac
I just have to point out that below I made a statement that proved I
should of gone to bed earlier instead of doing benchmarks :). The 901
http States and ssh state have nothing to do with each other as there on
different pf rules.
Mike
Michael VInce wrote:
I did watch the gateway (B) pf
Here is my second round of my non scientific benchmarking and tests, I
hope this is useful.
I been having fun benchmarking these machines but I am starting to get
sick of it as well :) but I find it important to know that things are
going to work right when they are launched to do their real wor
he
fragmented packets coming in properly.
If that's a reliable check for MTU than the problem should not be MTU
related. Is there any other way to check MTU problems by using `ping'?
Thanks,
Volker
On 2005-10-22 20:16, Michael VInce wrote:
Try sending different sized pings or ot
Try sending different sized pings or other packet size control utils to
really make sure its not MTU related.
Maybe there is an upstream router thats blocking ICMP fragment packets,
have you ever seen them? try forcing the creation of some.
Mike
Volker wrote:
Still having the same problem wi
Gleb Smirnoff wrote:
Colleagues,
since the if_em problem was taken as a late showstopper for 6.0-RELEASE,
I am asking you to help with testing of the fixes made in HEAD.
Does your em(4) interface wedge for some time?
Do you see a lot of errors in 'netstat -i' output? Does these errors
inc
rt = isakmp to any -> ($ext_if) \
port 500
Not sure about the same for ipfw/natd but i'm sure its doable.
Vince
The FreeBSD Box is out of reach (around 50km from here), I can't access the
hosts on the inside network and I dont't have access to the cisco
concentrator, so I can&#x
On Thu, Oct 20, 2005 at 04:26:31PM +0200, Brad Knowles wrote:
At 10:49 PM +1000 2005-10-20, Michael VInce wrote:
> The 4 ethernet ports on the Dell server are all built-in so I am assuming
> they are on the best bus available.
In my experience, the terms "Dell
Sten Daniel Sørsdal wrote:
Michael VInce wrote:
I reinstalled the netperf to make sure its the latest.
I have also decided to upgrade Server-C (the i386 5.4 box) to 6.0RC1 and
noticed it gave a large improvement of network performance with a SMP
kernel.
As with the network setup ( A
nce with the right sysctls.
Needs more testing but it appears using AMD64 FreeBSD might be better
then i386 for Apache2 network performance on SMP kernels.
Single interface speeds tests from the router with polling enabled and
with 'net.isr.direct=1' appears to affect performance.
Regards
nce with the right sysctls.
Needs more testing but it appears using AMD64 FreeBSD might be better
then i386 for Apache2 network performance on SMP kernels.
Single interface speeds tests from the router with polling enabled and
with 'net.isr.direct=1' appears to affect performance.
Regards
Robert Watson wrote:
On Fri, 14 Oct 2005, Michael VInce wrote:
I been doing some network benchmarking using netperf and just simple
'fetch' on a new network setup to make sure I am getting the most out
of the router and servers, I thought I would post some results in
case some on
Hey all,
I been doing some network benchmarking using netperf and just simple
'fetch' on a new network setup to make sure I am getting the most out of
the router and servers, I thought I would post some results in case
some one can help me with my problems or if others are just interested
to
t all realy means.)
I do my memory monitoring localy (based on the scripts at
http://www.ag0ny.com/graphs/) and just assumed that net-snmp would
"just work".
My best suggestion now would be to either ask on questions@ or
on the net-snmp mailing lists.
Vince
> -Original M
[EMAIL PROTECTED] wrote:
Hi Guys,
I am trying to find out what mib value I can use to get the free memory.
I am running FreeBSd5.4 on a pc compatible machine (FreeBSD 5.4-RELEASE
i386 GENERIC). MIB-2 gives me the total memory. I can get the free
memory from a sun box using sun's mib(.1.3.6.1.4.
Yeah,
Does any one know if some one is going to add ipsec-tools to the ports
tree?
Cheers,
Michael
[EMAIL PROTECTED] wrote:
At Thu, 12 May 2005 05:25:24 + (UTC),
Bjoern A. Zeeb wrote:
On Thu, 12 May 2005, Qing Li wrote:
Hi,
I'd like to volunteer for
Tasks to updat
Hey all,
I have created a VPN setup script for FreeBSD, check it out here
http://roq.com/projects/vpnsetup/index.html
http://www.roq.com/projects/vpnsetup/vpnsetup.pl
Its still in its testing phase but as far as I can see its reasonably
complete.
If any one tries it out I would appreciate feed ba
Yeah I hooked up 5.3 BSD box with to a big mobile phone companies
$60,000 Cisco VPN piece of equipment, I got Cisco cert my self but I
prefer FreeBSD :)
Used Racoon/ipsec tools and FastIPSec compiled into the kernel.
IPs are spoofed ,but just to give you the idea.
Mar 31 16:02:54 mord racoon: IN
tunnel, see:
http://www.freebsd.org/doc/en/articles/checkpoint/
its a little old and you need to do some config on the checkpoint, but its
a good starting point.
Vince
John Mok
Vince wrote:
I do this with the cisco VPN client (to PIX), I am firewalling with pf.
Client --- FreeBSD firewall+NAT
nat rules are:
nat on $ext_if inet proto { tcp, udp } from $int_net port = 500 \
to any -> ($ext_if:0) port 500
nat on $ext_if from $int_net to any -> $ext_addr1
Havent tried checkpoint though.
Vince
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAI
Just out of interest has any one got serial console to work with this
IPMI stuff?
I was looking at regular 9pin serial alternatives since Dell machines
normally only have 1 serial port and I prefer 2.
Regards,
Mike
Bruce M Simpson wrote:
On Mon, Mar 14, 2005 at 04:26:16PM -0800, Jeff wrote:
I
Hey all.
I have been googling around the Internet for information about IPSEC and
FAST_IPSEC for freebsd on the Internet and wondered what gives best
performance
when I came across this http://people.freebsd.org/~pjd/netperf/
It has some nice graphs / figures on performance of IPSEC and FAST_IPS
On Mon, 1 Nov 2004 [EMAIL PROTECTED] wrote:
Hi everybody!
I'm try configure bridge on FreeBSD box.
Box configuration:
%uname -srp
FreeBSD 5.3-RC1 i386
%ifconfig
xl0: flags=8943 mtu 1500
options=9
ether 00:04:79:68:02:e6
media: Ethernet autoselect (none)
status: n
# Enable ICMP: remove type 8 if you don't want your host to be pingable
> $fwcmd add allow icmp from any to any icmptypes 0,3,8,11,12,13,14
>
> # Deny all the rest.
> $fwcmd add deny log ip from any to any
>
> How's this?
>
> Obviously, for each there'd be differe
On Tue, 7 Sep 2004, Omer Faruk Sen wrote:
> Hi,
>
> I have given a work to test VPN performance of FreeBSD IPSEC subsystem. I am
> not that familiar with ipsec terms. (just started to read IPSEC documents
> about 5 days ago)I wanted to share my observations:
>
> My hardware is : P IV 2.8, 256 MB
l which) is selling the
200mw SMC or Senao card with the prism chipset for $30-$40 in pcmcia.
Another solution, although not FreeBSD, is StarOS. It'll do hostap on
the orinoco and has the captive portal and radius stuff built in for $40.
Vince.
--
Fast, inexpensive internet service 5
et. And also I want to keep part of the e-mail accounts on the
> main server for the whatever.com domain itself.
Look at smtproutes. You'll find info on it in: man qmail-remote
Vince.
--
Fast, inexpensive internet service 56k and beyond! http://www.pop4.net/
http://www.meanstrea
and
> reload bridge.ko.
>
> --
> Maxim Konovalov, [EMAIL PROTECTED], [EMAIL PROTECTED]
> ___
> [EMAIL PROTECTED] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "[EMAIL
ic, but isn't that also the recommended domain for internal
> networks? I was under the impression that .int as a public TLD was
> deprecated.
http://hq.nato.int/
I seem to recall recently that .local was for internal/local networks.
Vince.
--
====
d patch to ppp)
but the network cards are both CNET 100Base-TX cards. The below ping
times are pretty much normal, even tho I'm in the middle of a file
transfer.
round-trip min/avg/max/stddev = 24.203/28.876/35.084/4.076 ms
One thing you might want t
It didn't make 4.2 - it was MFC'd on December 18 :-(
>
> Brian, may I quote you from a different thread? =)
>
> "I think I've figured out the problem though... can you try the latest
> version of ppp - shou
compile, but the link fails with:
undefined reference to `csum'
missing library, but I didn't bother looking to see what.
Vince.
>
> bash-2.03$ gcc -o rawsocket rawsocket.c
> In file included from rawsocket.c:7:
> /usr/include/netinet/ip.h:152: parse error before
>
Today I'm suddenly getting these messages:
Jan 20 18:44:48 chives /kernel: icmp-response bandwidth limit 230/200 pps
Is someone trying to pingflood me or something?
Vince.
--
==
Vince Vielhaber -- KA8CSHemail: [
ack to named
when you get the public interface up. It's probably in ports/packages
but as easy as it is to set up you're probably better off from sources.
Vince.
--
==
Vince Vielhaber -- KA8CSHemail: [EMAIL PROTE
On Thu, 14 Dec 2000, Patrick Bihan-Faou wrote:
> I think that it was added in the last 2 weeks. It is in the HEAD for sure.
> It has not been commited in 4-STABLE yet.
Ok, that explains why I didn't see it in 4.2.
Th
On Thu, 14 Dec 2000, Patrick Bihan-Faou wrote:
> Hi,
>
> You probably need to use tcpmssd from the ports (net/tcpmssd) or use the
> recently added tcpmss option of PPP for you ADSL link.
How long ago was this added to
69 matches
Mail list logo
