Hi,
What you pointed out below is true. But I am more
interested in the relative performance since the number
I measured were under exactly the same setup and traffic
condition. I am just curious why IPComp was _relatively_
(and signigicantly) slower than m
On Fri, 2 Feb 2001, Yu-Shun Wang wrote:
> Hi,
>
> What you pointed out below is true. But I am more
> interested in the relative performance since the number
> I measured were under exactly the same setup and traffic
> condition. I am just curious why IPComp was _relative
I use dummynet and bridge on FreeBSD 4.2-Stable to see traffic
statics on Celeron 466MHz with 256 mega bytes ram as follows.
ipfw pipe 1 config mask dst-ip 0x buckets 1024
ipfw pipe 2 config mask src-ip 0x buckets 1024
ipfw add pipe 1 all from any to any bridged via fxp0 in
ipfw
"Geoffrey Crompton (RMIT Guest)" wrote:
>
> On Wed, Jan 31, 2001 at 11:50:01PM -0800, Julian Elischer wrote:
> > "Geoffrey Crompton (RMIT Guest)" wrote:
> >
> > why are you doing this?
> > there are already 4 pseudo interfaces in the system of varying types..
> >
> > netgraph(2 types), divert, ta
[EMAIL PROTECTED] wrote:
>
> On 1 Feb, Julian Elischer wrote:
> = > We have a single firewall machine and a _separate_ machine running
> = > squid proxy (both servers are on the same network wire).
> = >
> = > How do I catch all of the outgoing http requests and send them
> = > through
I thought I rememberd someone mentioning a sysctl control for turning off
the kernel arp messages when you have two nics on the same (misconfigured)
network, but I couldn't find it in the archives.
Anyone know?
Thanks.
Peter Brezny
SysAdmin Services Inc.
To Unsubscribe: send mail to [EMAIL P
> I use dummynet and bridge on FreeBSD 4.2-Stable to see traffic
> statics on Celeron 466MHz with 256 mega bytes ram as follows.
>
> ipfw pipe 1 config mask dst-ip 0x buckets 1024
> ipfw pipe 2 config mask src-ip 0x buckets 1024
> ipfw add pipe 1 all from any to any bridged via
> What you pointed out below is true. But I am more
> interested in the relative performance since the number
> I measured were under exactly the same setup and traffic
> condition. I am just curious why IPComp was _relatively_
> (and signigicantly) slower than most
Nick Rogness wrote:
>
> Couple of comments on ipfw fwd.
>
> After playing around with the forward feature of ipfw, I ran into a couple
> of interesting things. First let me give you my test lab environment
> diagram:
>
> Internet
>
[EMAIL PROTECTED] wrote:
>
> On 1 Feb, Julian Elischer wrote:
> = > We have a single firewall machine and a _separate_ machine running
> = > squid proxy (both servers are on the same network wire).
> = >
> = > How do I catch all of the outgoing http requests and send them
> = > through s
Joao Carlos Mendes Luis wrote:
> > ipfw add allow ip from any to any out
the probele is the line above.
> > ipfw add fwd localhost,3128 log tcp from any to any 3128 in
the above shoudl be 'out'.. FWD is not symetrical..
you can only fwd locally on 'in' and fwd remotly on 'out'.
Luigi Rizzo wrote:
>
> > There's one downside though. You can get statistics from the bridge node on
> > packets and octects passed through the different parts of the bridge
> > setyup, but it's not IP based. Also using that bridging code there's no
> > bandwidth throttling or IPFW rule matching
On Fri, 2 Feb 2001, Yu-Shun Wang wrote:
> What you pointed out below is true. But I am more
> interested in the relative performance since the number
> I measured were under exactly the same setup and traffic
> condition.
I believe it is a common pitfall to assume that sa
I recently posted this to comp.unix.bsd.misc and thought I'd go
ahead and air this idea here. I'd appreciate any criticism,
constructive or otherwise, this group would care to heap upon me.
Thanks.
Clark
John M Cherko wrote:
> I am confused as to how to accomplish ip aliasing/ip masqin
Hello
I need urgently add a PCI card Realtek RTL8029 to
my box FreeBSD 4.0.
I tried compile the kernel with "device rl" but it no found
miibus_if.h file. The file not exist on the system.
Can somebody send me a copy ?
Thanks.
Yonny Cardenas B.
[EMAIL PROTECTED]
To Unsubscribe: send ma
Thus spake [EMAIL PROTECTED] ([EMAIL PROTECTED]):
> I tried compile the kernel with "device rl" but it no found
> miibus_if.h file. The file not exist on the system.
Add "device miibus" to your config file.
Alex
--
cat: /home/alex/.sig: No such file or directory
To Unsubscribe: send mail
On Fri, 2 Feb 2001 [EMAIL PROTECTED] wrote:
> I need urgently add a PCI card Realtek RTL8029 to
> my box FreeBSD 4.0.
>
> I tried compile the kernel with "device rl" but it no found
> miibus_if.h file. The file not exist on the system.
ed driver works just perfect with 8029 chips.
Try device ed0
My machine:
ed0: port 0xcc00-0xcc1f irq 11 at
device 17
.0 on pci0
[EMAIL PROTECTED] wrote:
>
> Hello
>
> I need urgently add a PCI card Realtek RTL8029 to
> my box FreeBSD 4.0.
>
> I tried compile the kernel with "device rl" but it no found
> miibus_if.h file. The file not ex
isnt that something to do with usb ? i have had that problem before and just
comment the usb part out as i dont need it
have you tried commenting the network cards out and just putting
device ed0
if it is pci, it should detect it
david
-Original Message-
From: Eron Cardoso [mailto:[
Is this all i need to allow dns queries from the outside world?
$fwcmd add allow tcp from any 53 to $ns1 53
i'm using ipfw and $ns1 just happens to be the same machine as the firewall.
it's 4.2-stable (as of two days ago)
and now it appears that an outsidemachine can's perform an nsloo
At Fri, 2 Feb 2001, [EMAIL PROTECTED] wrote:
>Is this all i need to allow dns queries from the outside world?
>
> $fwcmd add allow tcp from any 53 to $ns1 53
No, queries use udp and often don't use 53 as source port. And you have to
make rules for both incoming and outgoing traffic..
>and
Hi Boris
On Fri, 2 Feb 2001 Boris wrote:
>> I need urgently add a PCI card Realtek RTL8029 to
>> my box FreeBSD 4.0.
>>
>> I tried compile the kernel with "device rl" but it no found
>> miibus_if.h file. The file not exist on the system.
> ed driver works just perfect with 8029 chips.
Y
[EMAIL PROTECTED] wrote:
>
> I recently posted this to comp.unix.bsd.misc and thought I'd go
> ahead and air this idea here. I'd appreciate any criticism,
> constructive or otherwise, this group would care to heap upon me.
>
> Thanks.
> Clark
>
> John M Cherko wrote:
> > I am confused
On Fri, Feb 02, 2001 at 10:58:48AM -0600, Thomas T. Veldhouse wrote:
> If I change the bridging code over to NETGRAPH - this scenario does not
> happen. All communication works just fine between all the hosts and the
> Internet, however, all firewall rules that would apply to Host B and C seem
>
On Thu, 1 Feb 2001 [EMAIL PROTECTED] wrote:
> Nick
>
> Thanks for taking the time to reply to query. Here is more information that
> may help you.
No problem. Comments below. Sorry for the late reply.
[snip]
>
> the_swamp# ifconfig gif0 132.146.115.164 132.145.113.1
> the_swamp# net
On Fri, 2 Feb 2001, Julian Elischer wrote:
> Joao Carlos Mendes Luis wrote:
>
> > > ipfw add allow ip from any to any out
>
> the probele is the line above.
>
> > > ipfw add fwd localhost,3128 log tcp from any to any 3128 in
>
> the above shoudl be 'out'.. FWD is not symetrica
I thought I had everything.
# Allow DNS traffic from internet to query your DNS (for reverse
# lookups etc).
$fwcmd add allow tcp from any 53 to $ns1 53 setup
$fwcmd add allow udp from any 53 to $ns1 53
$fwcmd add allow udp from $ns1 53 to any 53
but nslookup'
On Fri 2001-02-02 (16:23), Peter Brezny wrote:
> I thought I had everything.
>
> # Allow DNS traffic from internet to query your DNS (for reverse
> # lookups etc).
> $fwcmd add allow tcp from any 53 to $ns1 53 setup
> $fwcmd add allow udp from any 53 to $ns1 53
> $fwcmd
On Fri, 2 Feb 2001, Peter Brezny wrote:
> I thought I had everything.
>
> # Allow DNS traffic from internet to query your DNS (for reverse
> # lookups etc).
> $fwcmd add allow tcp from any 53 to $ns1 53 setup
> $fwcmd add allow udp from any 53 to $ns1 53
> $fwcmd add al
On a recently cvsup'd machine (4.2-S as of two days ago), incoming PPP
w/CHAP via RADIUS has suddenly broken. Basically, RADIUS OK's the
connection, addr info is transferred & approved, everything looks normal,
until after the log line listing myaddr and hisaddr - why is it doing
CHAP again, and
On Fri, 2 Feb 2001, Peter Brezny wrote:
> I thought I had everything.
>
> # Allow DNS traffic from internet to query your DNS (for reverse
> # lookups etc).
> $fwcmd add allow tcp from any 53 to $ns1 53 setup
> $fwcmd add allow udp from any 53 to $ns1 53
> $fwcmd add al
Hmm,
I can't see how this can happen without any previous log lines saying
that a chap packet has been received.
If this is repeatable, can you try doing a ``show timer'' right after
the SUCCESS response has been sent ? If the radius timer wasn't
cleared properly this might result, but I can
Any thoughts on my questions below. If it is possible, where can I find
information to implement it.
Thanks
Mark Carlile
interKeel, Inc.
3977 E. Bayshore Rd., Suite 100
Palo Alto, CA 94303
mailto:[EMAIL PROTECTED]
-Original Message-
From: Justin T. Gibbs [mailto:[EMAIL PROTECTED]]
S
At 07:07 2-2-01 -0800, you wrote:
>Luigi Rizzo wrote:
> >
> > > There's one downside though. You can get statistics from the bridge
> node on
> > > packets and octects passed through the different parts of the bridge
> > > setyup, but it's not IP based. Also using that bridging code there's no
>
I found this while experimenting with both "legacy" bridge and ng_bridge.
The bridging code doesn't check its activation everywhere so when I started
using an ng_bridge node I started getting weird errors.
Patch is rather simple, can someone submit this?
DocWilco
>Date: Mon, 29 Jan 2
Mark,
There are two that I know of; one is PPTP implementation and another
is L2TP implementation.
There is a ports/packages for PPTP called 'pptpclient'. You many need
to modify pppd a little bit, depending on how the peering Windows is
configured.
L2TP implemantation is availabe via an anony
>> When I typed 'ipfw pipe list', packet loss occur.
>
> unfortunately the "pipe list" has to navigate through a list of
> pipe/flow/queue descriptors to report its output, and at the moment
> it does this with interrupts disabled to avoid that the data
> structure changes while it is working.
[Peter Brezny]
> I thought I rememberd someone mentioning a sysctl control for turning off
> the kernel arp messages when you have two nics on the same (misconfigured)
> network, but I couldn't find it in the archives.
>
> Anyone know?
# sysctl -w net.link.ether.inet.log_arp_wrong_iface=0
--
[Peter Brezny]
> I thought I had everything.
>
> # Allow DNS traffic from internet to query your DNS (for reverse
> # lookups etc).
> $fwcmd add allow tcp from any 53 to $ns1 53 setup
> $fwcmd add allow udp from any 53 to $ns1 53
> $fwcmd add allow udp from $ns1 53 to an
> I can't see how this can happen without any previous log lines saying
> that a chap packet has been received.
>
> If this is repeatable, can you try doing a ``show timer'' right after
> the SUCCESS response has been sent ? If the radius timer wasn't
> cleared properly this might result, b
Motonori Shindo wrote:
>
> Mark,
>
> There are two that I know of; one is PPTP implementation and another
> is L2TP implementation.
>
> There is a ports/packages for PPTP called 'pptpclient'. You many need
> to modify pppd a little bit, depending on how the peering Windows is
> configured.
mpd
> Hmm... Repeatable every time on the machine in question. (Time passes
> while I configure the a similar on a completely different set of
> boxes.) Yup - repeatable on another machine as well.
Apologies to everyone regarding the LONG response I just sent - I didn't
realize that the log secti
42 matches
Mail list logo
