On Tue, 7/16/13, Eugene Grosbein wrote:
Subject: Re: FreeBSD router problems
To: "Barney Cordoba"
Cc: freebsd-net@freebsd.org
Date: Tuesday, July 16, 2013, 1:10 AM
On 15.07.2013 22:04, Barney Cordoba
wrote:
> Also, IP frag
On 15.07.2013 22:04, Barney Cordoba wrote:
> Also, IP fragmentation and TCP segments are not the same thing. TCP
> segments regularly will come in out of order, NFS is too stupid to do
> things correctly; IP fragmentation should not be done unless necessary
> to accommodate a smaller mtu.
The PR
On Sun, 7/14/13, Eugene Grosbein wrote:
Subject: Re: FreeBSD router problems
To: "Barney Cordoba"
Cc: freebsd-net@freebsd.org, "isp"
Date: Sunday, July 14, 2013, 1:17 PM
On 14.07.2013 23:14, Barney Cordoba
wrote:
>
On Sun, 7/14/13, Eugene Grosbein wrote:
Subject: Re: FreeBSD router problems
To: "Barney Cordoba"
Cc: "isp" , freebsd-net@freebsd.org
Date: Sunday, July 14, 2013, 1:17 PM
On 14.07.2013 23:14, Barney Cordoba
wrote:
>
On 14.07.2013 23:14, Barney Cordoba wrote:
> So why not get a real 10gb/s card? RJ45 10gig is here,
> and it works a lot better than LAGG.
>
> If you want to get more than 1Gb/s on a single connection,
> you'd need to use roundrobin, which will alternate packets
> without concern for ordering. Pu
How are you benchmarking it? Each TCP connection only uses one member
of a lagg port. So if you want to see > 1 Gbps, you'll need to
benchmark with multiple TCP connections. You may also need multiple
systems; I don't know the full details of LACP.
On Thu, Jul 11, 2013 at 11:32 AM, isp wrote:
On 2009-Mar-26 11:02:55 -0500, Pierre Lamy wrote:
>A 1 day default timeout for established connections is retarded, since
>virtually all client apps and OSs as well as intervening stateful
>firewalls will lose state after 1 hour.
With respect, this is nonsense. An app or OS should never "lose
Hi,
On Thu, Mar 26, 2009 at 5:02 PM, Pierre Lamy wrote:
> stateshard limit1
>
> If I want to dos this box all I need to do is hold 10k tcp connections open
> in established.
>
> A 1 day default timeout for established connections is retarded, since
> virtually all client apps and
stateshard limit1
If I want to dos this box all I need to do is hold 10k tcp connections
open in established.
A 1 day default timeout for established connections is retarded, since
virtually all client apps and OSs as well as intervening stateful
firewalls will lose state aft
Hi,
On Wed, Mar 25, 2009 at 11:21 PM, Shawn Everett wrote:
> > tcp.established 86400s
> >
> > ^^ This should be 3600.
> >
> > Pierre
>
> That's an interesting thought. Why would that matter?
It's the PF TCP established session timeout, which defaults to 1 day. This
is relevant only
> tcp.established 86400s
>
> ^^ This should be 3600.
>
> Pierre
That's an interesting thought. Why would that matter?
Shawn
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send a
tcp.established 86400s
^^ This should be 3600.
Pierre
Shawn Everett wrote:
Any error messages in dmesg output ?
Significant changes in "netstat -m" output before and after ?
The same for "pfctl -s all" output...
The box has been up for about 12 hours now. As a point of dis
Hi,
On Fri, Feb 27, 2009 at 9:04 AM, Shawn Everett wrote:
> On Thursday 26 February 2009, Adrian Penisoara wrote:
> > pfctl -v -s state
>
> It's midnight here. There should be very little active traffic from
> workstations at this hour. I was just about to head off to bed.
>
OK, then check w
On Thursday 26 February 2009, Adrian Penisoara wrote:
> pfctl -v -s state
It's midnight here. There should be very little active traffic from
workstations at this hour. I was just about to head off to bed.
#pfctl -v -s state
No ALTQ support in kernel
ALTQ related functions disabled
all tcp 63
Hi,
On Fri, Feb 27, 2009 at 8:41 AM, Shawn Everett wrote:
> > Any error messages in dmesg output ?
> > Significant changes in "netstat -m" output before and after ?
> > The same for "pfctl -s all" output...
>
> The box has been up for about 12 hours now. As a point of discussion here
> is th
> Any error messages in dmesg output ?
> Significant changes in "netstat -m" output before and after ?
> The same for "pfctl -s all" output...
The box has been up for about 12 hours now. As a point of discussion here
is the output from netstat and pfctl in case anything obvious jumps out.
38
On Feb 26, 2009, at 3:43 PM, Shawn Everett wrote:
Here's a weird one... I set up FreeBSD 5.2 to act as a router.
[ ... ]
Any suggestions would be appreciated.
Try upgrading to a supported version of the OS, first, then work on
debugging any deadlocks if they still reoccur.
Early 5.x ver
Hi,
On Fri, Feb 27, 2009 at 1:06 AM, Shawn Everett wrote:
> Sorry I meant to say FreeBSD 7.0 :)
>
> > Hi Guys,
> >
> > Here's a weird one... I set up FreeBSD 5.2 to act as a router. I used
> > the pf.conf script shown at:
> > http://www.openbsd.org/faq/pf/pools.html#outgoing
> >
> > Everything
Sorry I meant to say FreeBSD 7.0 :)
> Hi Guys,
>
> Here's a weird one... I set up FreeBSD 5.2 to act as a router. I used
> the pf.conf script shown at:
> http://www.openbsd.org/faq/pf/pools.html#outgoing
>
> Everything works just fine. Traffic is appropriately load balanced and
> things work as
"Verbeek, Maarten" <[EMAIL PROTECTED]> wrote:
> i'm busy creating a a http-proxy server/router with FreeBSD 6.2, but
> somewhere along the line i'm doing things wrong i think.
What exactly did you do so far and how is it failing?
> situation: network 172.45.x.x/12 -FREEBSD ROUTER -
> 1
At Thu, 28 Apr 2005 18:16:03 -0500,
Christopher Chan wrote:
> Can you provide much needed assistance? I have successfully setup a
> FreeBSD Router, but unfortunately it's connectivity is quite buggy.
>
> As per the traditional setup of a router, there are two ethernet
> cards: rl0 and de0.
> While
> Hello (just signed up to this list),
>
> I am wondering if anyone on the list has any experience using FreeBSD 5.3
> as a
> router in a high traffic environment? I am building a development cluster
> here
> and have decided to try using FreeBSD as my main network router instead of
> somethi
Thomas,
can you try if_em driver from HEAD and check whether this help.
There were some work done during 5.3-RELEASE.
On Fri, Jan 28, 2005 at 06:18:19PM +0100, Thomas Vogt wrote:
T> netstat -w 1 (polling disabled)
T> input(Total) output
T>packets errs
At Mon, 20 Dec 2004 19:28:21 +,
Lee Johnston wrote:
> Does any one have any ideas on this? Could the kernel option (options HZ)
> which we use for dummynet/polling effect the rate in which ARP requests are
> issued?
>
> I had planned to place each subnet in a VLAN, and looks like this will h
There are probably a couple of things you will need to do for everything to
... just work.
I agree with Julian Elischer, you should run ipfw with a basic firewall rule
set, because you will need natd running. However, this will have it's own
set of problems.
First, if you use ipfw, you will need
You should probably include some backdoor access in case the ISP DHCP
settings need tweaking, some options:
- Include a modem with your box that you can dial into.
- An internal station with remote control (PCAnywhere) that you can dial
into then hop over to the internal NIC of your box via puTTY s
basically I think that is right, as long as the provider is
supplying enough addresses for all the clients..
if not then you need to be using NAT on the external interface.
This implies running ipfw, but then, you probably should be doing that
anyhow..
On Thu, 19 Jun 2003, agent dero wrote:
>
27 matches
Mail list logo
