Hi,
I'm tring to make NAT on FreeBSD box for 2500 clients on 35Mbit uplink.
Box is Xeon 2.8GHz, 1G RAM, 2xIntel PRO/1000 (em) adapters.
FreeBSD 4.9-STABLE, kernel is configured for single processor (HT not used),
with DEVICE_POLLING and HZ=2000, LARGE_NAT defined.
Nat was done using ipnat, no addit
Цитую Attila Nagy <[EMAIL PROTECTED]>:
> Andriy Korud wrote:
> > The problem is that when traffic grows to 10Mbit and number of active NAT
> > sessions reach 7, CPU usage exponentialy grows and system spends all
> CPU
> > time in interrupts handling.
> > The system become completely unreponsi
Цитую Q <[EMAIL PROTECTED]>:
> You have set the 'sysctl kern.polling.enable=1' bit right?
>
> Seeya...Q
>
Yes, and I 'systat -v 1' show 2000 timer interrupts and 0 em0,
Andriy
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinf
Цитую DrumFire <[EMAIL PROTECTED]>:
> On Tue, 16 Dec 2003 11:40:11 +0200
> Andriy Korud <[EMAIL PROTECTED]> wrote:
>
> First of try OpenBSD pf, that works only on a 5.x-Release,
> try to disable device polling in your kernel configuration.
>
> I've made some test with device_polling enabled, and
did you try natd?
(for comparison)
On Tue, 16 Dec 2003, Andriy Korud wrote:
> Hi,
> I'm tring to make NAT on FreeBSD box for 2500 clients on 35Mbit uplink.
> Box is Xeon 2.8GHz, 1G RAM, 2xIntel PRO/1000 (em) adapters.
> FreeBSD 4.9-STABLE, kernel is configured for single processor (HT not used),
Hi folks, I am trying to update a system from 4.6 to 4.8.
When I try to run o make buildworld the following erro appear:
# make buildworld
Makefile:137: *** missing separator. Stop.
I remove /usr/src and download already via cvsup but the error appear yet.
Could you help me?
Regards.
Eicke.
_
On Tuesday 16 December 2003 10:40, Andriy Korud wrote:
> Цитую Attila Nagy <[EMAIL PROTECTED]>:
> > Andriy Korud wrote:
> > > The problem is that when traffic grows to 10Mbit and number of active
> > > NAT sessions reach 7, CPU usage exponentialy grows and system
> > > spends all
> >
> > CPU
>
WRONG LIST!!
--
Best regards, | [EMAIL PROTECTED]
Max Laier | ICQ #67774661
http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] #DragonFlyBSD
___
[EMAIL PROTECTED] mailing list
http://list
On Tue, Dec 16, 2003 at 04:39:42AM -0800, Julian Elischer wrote:
> did you try natd?
> (for comparison)
i guess ipnat is in kernel, whereas natd is in userland,
and furthermore natd's session handling is just not up
to the job (small hash tables, huge session expire times...)
cheers
Hello,
My network configuration is 2 subnets separated by a gateway :
|| 1.1.1.0/24 |-| 2.1.1.0/24 |--|
| Host 1 |--| FreeBSD gateway |--| FreeBSD host |
|| |-| |--|
1.1.
Out of curiosity, has there been any success with implementing
infrastructure mode capability in the an driver for the Cisco Aironet
350 WLAN devices? I like the quality and range of these cards, and
would like to roll my own access points, but every piece of
documentation I've come across up to t
Hello,
I'm experimenting dynamic routing protocols in a vpn setup. Ipsec tunnel
mode is not applicable here as selectors do not appear in system routing
table.
So I've tried to use gre tunnels beetween lans and then protect them by
ipsec transport mode beetween gateways.
It seems that gre pseudo
First, I know very little about networking, especially performance
turning. I would really like to learn more but don't know where/how to
start effectively.
I have a small home network with a PowerBook G4 and FBSD 4.9-STABLE
connected through a Netgear DS108 hub (10/100). The FBSD box is a dual
On Tue, Dec 16, 2003 at 05:58:08PM -0500, Alex wrote:
> First, I know very little about networking, especially performance
> turning. I would really like to learn more but don't know where/how to
> start effectively.
You're seeing icmp rate-limiting. Don't worry about it.
--
Barney Wolff
On Dec 16, 2003, at 5:58 PM, Alex (ander Sendzimir) wrote:
I have a small home network with a PowerBook G4 and FBSD 4.9-STABLE
connected through a Netgear DS108 hub (10/100).
If the device works at both 10 and 100 speed, it's a switch, not a hub.
Anyway, the very high rates of packet loss you rep
On Tue, 16 Dec 2003, Alex wrote:
> I have a small home network with a PowerBook G4 and FBSD 4.9-STABLE
> connected through a Netgear DS108 hub (10/100). The FBSD box is a dual
> Xeon 500MHz with Intel Etherexpress 100/Pro (MS440GX motherboard). If
> for some reason it makes a difference, there is
On Dec 16, 2003, at 6:32 PM, Barney Wolff wrote:
You're seeing icmp rate-limiting. Don't worry about it.
Whoops, I didn't pay particular attention to the "-f" option, but
you're absolutely right...
--
-Chuck
___
[EMAIL PROTECTED] mailing list
http://li
On Tue, 16 Dec 2003, Charles Swiger wrote:
> If the device works at both 10 and 100 speed, it's a switch, not a hub.
It is sold as a hub. Most of these "dual-speed" hubs are/were two hubs,
one of each speed, with a two-port internal switch connecting them. The
physical ports would auto-join to
In reply to Alex (ander Sendzimir) <[EMAIL PROTECTED]> :
> First, I know very little about networking, especially performance
> turning. I would really like to learn more but don't know where/how to
> start effectively.
Take a look at the tools ttcp, netperf and iperf. They build
straight ou
Folks, see sysctl net.inet.icmp.icmplim for why you get packet loss
on a flood ping. It has nothing to do with duplex, hub/switch or
problems with equipment. Make it 0 to remove the limit, I believe.
Barney
___
[EMAIL PROTECTED] mailing list
http://list
I'm responding to several people at once. References
to material to read is fine in place of personal
descriptions. However, you know, the 'personal touch'
is always good :-)
The only thing better than FBSD is the mailing lists.
Thanks, folks.
Alex
On Tuesday, D
On Dec 16, 2003, at 7:22 PM, Alex (ander Sendzimir) wrote:
[ ... ]
First, Barney was correct: using "ping -f" will run into the ICMP
response limitation. Try using "ping -i 0.01 _hostname_", instead, and
you may find out that you don't have a problem with packet loss at all
at this lower speed.
On Dec 16, 2003, at 17:32, Charles Swiger wrote:
On Dec 16, 2003, at 7:22 PM, Alex (ander Sendzimir) wrote:
[ ... ]
First, Barney was correct: using "ping -f" will run into the ICMP
response limitation. Try using "ping -i 0.01 _hostname_", instead,
and you may find out that you don't have a pro
[ this isn't really -net material ]
On Tue, Dec 16, 2003 at 07:50:57PM -0800, Kevin Stevens wrote:
> >First, Barney was correct: using "ping -f" will run into the ICMP
> >response limitation. Try using "ping -i 0.01 _hostname_", instead,
> >and you may find out that you don't have a problem wi
On Dec 16, 2003, at 20:32, Bill Fumerola wrote:
I wish I had a FreeBSD box to check this on, but from an OS X G5 to an
Athlon WinXP box (both at 100% CPU from distribfolding client:
which is completely irrelevant because your winxp machine doesn't have
the aforementioned icmp response limiter.
Tha
I apologize to the list for my results not being germane to the
conversation. I can confirm that OS X also implements an ICMP
restriction (net.inet.icmp.icmplim) which similarly limits responses
(default is 250), and would account for the OP's results when testing
toward the PowerBook.
As for
26 matches
Mail list logo
