=
Are these errors phy/hw problems e.x. wrong SFP+ hardware/firmware, too
high / too low RX levels, broken patch cord? Or may it be some OS errors?
Thanks for any advise!
--
CU,
Victor Gamov
Regards,
KK
W dniu 2022-10-24 17:59, Victor Gamov napisał(a):
> Hi All
>
> On my FreeBSD 12.3-STABLE r372089 GENERIC amd64 I have a huge amount
> of RX errors on ix0:
>
> =
> # netstat -n -I ix0
> Name Mtu Network
dling them just fine. This is a
documented errata.
I think the whole "problem" started when Intel opted to push all
interface errors into the input error counter in FreeBSD 13 which
surfaced this non-issue.
--
CU,
Victor Gamov
bridged ?
Then, if packet bridged all packets copied to all bridged vlans?
And only in [ip_output] undesired outgoing packets will be dropped ?
Is it possible to drop incoming packets _before_ they bridged?
--
CU,
Victor Gamov
Why this counters so different?
--
CU,
Victor Gamov
Hi All
Does FreeBSD support ECMP while using FRR + OSPF/BGP?
--
CU
Victor Gamov
is enabled by default since eb0b1b33d5af
<https://cgit.freebsd.org/src/diff/sys/net/route/route_ctl.c?id=eb0b1b33d5af4e81ee77732dffc77634e57a5879&h=main>
I was referring to the MULTIPATH option on the net/frr8 port (not
FreeBSD kernel) which is not enabled by default.
--
CU
Victor Gamov
==
So, OS-related MULTIPATH is "turned on" _and_ FRR MULTIPATH is "turned
on" but freshports says "MULTIPATH=off: Enable multipath function"
Or some misunderstanding here?
Thanks!
--
CU
Victor Gamov
On 11/12/2022 20:59, Olivier Cochard-Labbé wrote:
On Sat, Dec 10, 2022 at 4:44 PM Victor Gamov <mailto:v...@otcnet.ru>> wrote:
So, OS-related MULTIPATH is "turned on" _and_ FRR MULTIPATH is "turned
on" but freshports says "MULTIPATH=off: Enabl
be used to properly
calculate ECMP-hash to find a real VIP-owner which must receive this ICMP?
Thanks!
--
CU,
Victor Gamov
On Mon, 27 Feb 2023 at 13:57, Alexander Chernikov
wrote:
>
>
> > On 26 Feb 2023, at 12:07, Victor Gamov wrote:
> >
> > Hi All
> >
> > I have following scheme:
> > - LAN segment 10.5.8.0/24 with router1 (10.5.8.1) and MTU=1500
> > - two ho
like
strongswan/FreeBSD integration issue.
I'll appreciate any advice. Thanks!
--
CU,
Victor Gamov
, Victor Gamov wrote:
> Hi All
>
> I have FreeBSD 13.2-STABLE stable/13-n255939-b9da47180fd6 GENERIC amd64
> machine with strongswan-5.9.11_2 installed by pkg.
>
> When routed ipsec is up all outgoing packets forwarded into ipsec-tunnel
> so networking is immediately fail
Hi All
I have FreeBSD-based router with 3 uplinks. Everything works fine but new tasks
appears.
Is it possible to use FreeBSD as spoke for Cisco-based DMVPN hub for
hub-and-spoke model?
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing
eBSD misconfig
- racoon misconfig
- racoon not support multiple ipsec configuration
- something else
Thanks
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
On 20/04/2018 13:04, Andrey V. Elsukov wrote:
On 20.04.2018 11:17, Victor Gamov wrote:
All local SA configured and established and remote side (Cisco routers)
report SA established too.
But traffic goes via only one ipsec-interface.
If you have all SAs established, you probably need to check
On 20/04/2018 19:42, Andrey V. Elsukov wrote:
On 20.04.2018 18:48, Victor Gamov wrote:
More correct problem is: last configured ipsec interface tx/rx traffic
only. For my example:
- ping from 10.10.98.1 to 10.10.98.2 via ipsec30 is OK
- ping from 10.10.98.2 to 10.10.98.1 via ipsec30 is OK
On 23/04/2018 14:13, Andrey V. Elsukov wrote:
On 21.04.2018 19:16, Victor Gamov wrote:
When I change ipsec-interfaces creation order then only last created
interface worked fine again and previously configured interfaces does
not work.
And very interesting fact: when I ping from remote
;
racoon: DEBUG: cmpid source: '__FreeBSD_IP__'
racoon: DEBUG: IV freed
=
Can you please explain me how sainfo (or something else) must be
properly configured?
Thanks!
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
2_1
Then IKEv1 configured and two ipsec interfaces connected to
Cisco-routers works fine at first sight
You need both leftsubnet=0.0.0.0/0 and rightsubnet=0.0.0.0/0 configured
at strongswan to protocols like OSPF works properly.
I'll try to do more tests
cket path?
Thanks!
--
CU
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
On 27/10/2018 18:44, Eugene Grosbein wrote:
27.10.2018 22:16, Victor Gamov wrote:
Hi All
I have some misunderstanding how ipfw work with VLAN and bridge
I have following config
bridge2
/ | \
/ | \
/| \
vlan200
On 27/10/2018 19:33, Eugene Grosbein wrote:
27.10.2018 23:26, Victor Gamov wrote:
[skip]
net.link.bridge.pfil_member=1 makes frames enter ruleset as
incoming from bridge member, zero disables this pass.
net.link.bridge.ipfw=1 makes frames enter ruleset again as
incoming from bridge interface
On 27/10/2018 21:02, Eugene Grosbein wrote:
28.10.2018 0:48, Victor Gamov wrote:
On 27/10/2018 19:33, Eugene Grosbein wrote:
27.10.2018 23:26, Victor Gamov wrote:
[skip]
net.link.bridge.pfil_member=1 makes frames enter ruleset as
incoming from bridge member, zero disables this pass
Hi All
I have configuration where bridge interface need to be down at startup.
But "ifconfig_bridge2="down" is not working: bridge always up
How I can 'down' bridge interface at startup?
--
CU,
Victor Gamov
___
freebsd-net
On 28/07/2019 18:08, Eugene Grosbein wrote:
28.07.2019 21:50, Victor Gamov wrote:
I have configuration where bridge interface need to be down at startup.
But "ifconfig_bridge2="down" is not working: bridge always up
How I can 'down' bridge interface at startup
Mcast_vlan30_out add 232.10.20.2/32
ipfw table Mcast_vlan30_out add 232.10.55.5/32
ipfw add 35000 allow udp from IP1 to table(Mcast_vlan30_out) out via vlan30
ipfw add 35001 deny udp from any to any via vlan30
=
Thanks for your advise!
--
CU,
Victor Gamov
st2_iface_out)"
ipfw add 25015 deny udp from any to any
And so on.
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
On 24/08/2019 22:34, Eugene Grosbein wrote:
25.08.2019 1:13, Victor Gamov wrote:
I have nonstandard network task for my FreeBSD box:
many VLANs bridged together via bridge interface and specific multicast traffic
must be send
from one VLAN to many (but not all) other VLANs.
It is quite
On 26/08/2019 20:15, Eugene Grosbein wrote:
26.08.2019 23:25, Victor Gamov wrote:
More general question about my current config. I have about
200Mbit input multicasts which bridged and filtered later (about
380 Mbit bridged if trafshow does not lie me :-) )
Don't trust trafshow. Use: s
On 27/08/2019 21:03, Andrey V. Elsukov wrote:
On 26.08.2019 19:25, Victor Gamov wrote:
More general question about my current config. I have about 200Mbit
input multicasts which bridged and filtered later (about 380 Mbit
bridged if trafshow does not lie me :-) )
My FreeBSD box (12.0-STABLE
Calomel articles. I'll try to
tune system at next reboot.
The main question for myself now is "how is this architecture correct"
and "how many traffic is possible to process".
--
CU,
Victor Gamov
___
freebsd-net@freebsd.or
f they approach 8000 limit but not exceed it,
you may be suffering from this and should raise the limit with
/boot/loader.conf:
hw.igb.max_interrupt_rate=32000
It's about 5000-7000 per rxq
--
CU,
Victor Gamov
___
freebsd-net@freebsd.or
On 27/08/2019 22:59, Eugene Grosbein wrote:
28.08.2019 2:22, Victor Gamov wrote:
Also, you should monitor interrupt numbers shown by "systat -vm 3" for igb*
devices
at hours of most load. If they approach 8000 limit but not exceed it,
you may be suffering from this and should raise
On 27/08/2019 23:30, Eugene Grosbein wrote:
28.08.2019 2:20, Victor Gamov wrote:
sysctl.conf
=
net.link.ether.ipfw=1
net.link.bridge.ipfw=1
net.link.bridge.ipfw_arp=1
net.link.bridge.pfil_member=1
net.inet.ip.fw.verbose_limit=100
net.inet.ip.fw.verbose=1
=
You should avoid passing
On 28/08/2019 24:45, Eugene Grosbein wrote:
28.08.2019 3:59, Victor Gamov wrote:
sysctl.conf = net.link.ether.ipfw=1 net.link.bridge.ipfw=1
net.link.bridge.ipfw_arp=1 net.link.bridge.pfil_member=1
net.inet.ip.fw.verbose_limit=100 net.inet.ip.fw.verbose=1
=
Do you really use ipfw
On 28/08/2019 18:48, Eugene Grosbein wrote:
28.08.2019 17:18, Victor Gamov wrote:
Why do you need to filter ARP on bridge? That's unusial. VLANs are
isolated by default and by definition, unless you explicitly enable
inter-vlan routing and setup your routing table.
May be I have
i
if dhcpif $1; then
===/cut here===
On 28/07/2019 18:33, Victor Gamov wrote:
On 28/07/2019 18:08, Eugene Grosbein wrote:
28.07.2019 21:50, Victor Gamov wrote:
I have configuration where bridge interface need to be down at startup.
But "ifconfig_bridge2="down" is not w
Hi All
I have vlan111 and vlan222 bridged into bridge2. Then multicast traffic
from vlan111 sending and I get it at vlan222 even if 'ifconfig vlan222
down' issued.
Is it bug or known feature?
FreeBSD 12.0-STABLE r348449 GENERIC amd64
Thanks!
--
CU,
Vi
have reordering somewhere "on
the wire" or packets may be reordered due more then one CPU read
packets from NIC ?
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubsc
deletes after this timeout?).
Is it possible to get such sysctl for ipv4 ?
Thanks!
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-uns
=
Is it bug or known feature?
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
n not). This check was
removed at some point - in 12.1 the Hc counters are unconditionally
there. You may want to check the bitrate that these interfaces
report.
harti
-Ursprüngliche Nachricht- Von: owner-freebsd-...@freebsd.org
[mailto:owner-freebsd-...@freebsd.org] Im Auftrag von Victor
On 25/10/2019 14:36, Andrey V. Elsukov wrote:
On 22.10.2019 17:30, Victor Gamov wrote:
Hi All
I discover the following problem: FreeBSD host install route recived by
ICMP-redirect from default GW and this route is permanents.
In my case FreeBSD 192.168.1.10/24 has 192.168.1.254 as default
additional software?
Thanks!
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
here
10.199.199.102 -- vlan299, multicast must be forfarded here after
IGMP-Join received from 10.199.199.101/30
So, kernel with MROUTING options must be configured/installed or
ip_mroute.ko is enough?
P.S. FreeBSD 11.3-STABLE #0 r351605M
--
CU,
Victor Gamov
_
ptions (RA))
10.199.199.101 > 224.0.0.22: igmp v3 report, 1 group record(s)
[gaddr 232.232.8.33 to_ex { }]
=
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Is it possible to make load-sharing based on
fmod(ipsec_seq_number / NUM_CPU_CORES) for example?
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "
(vlan299)
who must resend multicast from input interface 3 (vlan750) to output
interface 2 (vlan299)? I guess it kernel-specific task and kernel must
resend multicast without any other helpers. Is it wrong?
P.S. I rebuild kernel with MROUTING option but
=
# netstat -gs -f inet
No IPv4 MR
st routing interfaces
Map iface vlan299 => VIF 1 ifindex 10 flags 0x TTL
threshold 20
Failed adding VIF for iface vlan299: Can't assign requested address
=
and no records reported by 'netstat -f inet -n -g'
--
CU,
Victor Gamov
Hi Eugene!
On 08/11/2019 11:22, Eugene Grosbein wrote:
07.11.2019 21:17, Victor Gamov wrote:
I still have misunderstood here. Pimd installs multicast routes and this
routes displayed by `netstat -g`.
So, the system knows interface where multicast received.
When Join received via interface
On 08/11/2019 16:47, Eugene Grosbein wrote:
08.11.2019 19:10, Victor Gamov wrote:
I'm not familiar with multicast routing in FreeBSD.
Multicast routing has its rules in general, though.
For example, Cisco routers never process incoming multicast UDP flows if
unicast route
to sour
Packets In-Vif Out-Vifs:Ttls
10.200.208.34 232.232.88.173 2224912:1
10.200.205.2232.232.9.431924702:1
=
Any suggestion?
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing list
https://lists.free
ng socket read in one sec
=
Is it OK?
And more about pimd. It creates register_vif0 on startup. I assume it
uses this interface (not reported by `ifconfig`) to route all multicast
via. But `netstat -g` reports this interface with threshold=1. Is it O
475659 datagrams arrived on wrong interface
0 datagrams selectively dropped
0 datagrams dropped due to queue overflow
0 datagrams dropped for being too large
=
On 19/11/2019 11:05, Victor Gamov wrote:
On 19/11/2019 03:49, Mike Karels wrote:
Hi All
Still trying
7;
then 12.1 generates IGMP-Join without source:
=
10.200.207.35 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr
232.232.9.44 to_ex { }]
=
So, I assume 12.1 have some problem with IGMP
--
CU,
Victor Gamov
___
freeb
Hi All
I have FreeBSD box with many ipsec interfaces. Now I want to export
Netflow and trying to use enc0 to export all ipsec traffic but `ngctl
mkpeer enc0: netflow lower iface0` failed with:
ngctl: send msg: No such file or directory
Does enc0 allow to use netgraph?
--
CU,
Victor
Hi All
Can somebody help me to get UDP 'dropped due to full socket buffers' by
SNMP? Is it possible? Now I'm getting it with
`netstat -n -p udp -f inet -s`
but SNMP will be more useful for remote monitoring.
Thanks!
--
C
Hi All
I have trunk port with many VLANs attached to FreeBSD 12.2-STABLE box
via ix0 interface.
What is the best way to get per second traffic statistic for ix0
interface and every VLAN?
--
CU,
Victor Gamov
___
freebsd-net@freebsd.org mailing
And one more question about 'dropped due to full socket buffers': how
to avoid it? Which params must be tuned?
Thanks.
On 30/11/2020 18:33, Victor Gamov wrote:
Hi All
Can somebody help me to get UDP 'dropped due to full socket buffers' by
SNMP? Is it possible? Now
Hi Eugene
Thank for your reply
On 30/12/2020 02:13, Eugene Grosbein wrote:
29.12.2020 23:36, Victor Gamov wrote:
Please do not top-post.
Thanks.
On 30/11/2020 18:33, Victor Gamov wrote:
Hi All
Can somebody help me to get UDP 'dropped due to full socket buffers' by SNMP?
Is i
On 30/12/2020 12:57, Eugene Grosbein wrote:
30.12.2020 16:44, Victor Gamov wrote:
Currently I'm thinking about ethernet flow control: Host-B connected to
VLAN-750 on the third switch has 1G link (via igb driver)
and both Host-A and Host-B has fc=3. So when Host-B get microburst i
Hi Eugene!
Thanks for your responces.
And Happy New Year for everyone!
On 01.01.2021 03:19, Eugene Grosbein wrote:
30.12.2020 23:08, Victor Gamov wrote:
As I understand hw.ix.flow_control=3 to allow flow-control for negotiation.
Real PAUSE setting will be set during negotiation.
At the
Hi All
On 05.01.2021 12:39, Victor Gamov wrote:
Hi Eugene!
Thanks for your responces.
And Happy New Year for everyone!
On 01.01.2021 03:19, Eugene Grosbein wrote:
30.12.2020 23:08, Victor Gamov wrote:
As I understand hw.ix.flow_control=3 to allow flow-control for
negotiation.
Real PAUSE
On 22.01.2021 12:52, Eugene Grosbein wrote:
22.01.2021 16:27, Victor Gamov wrote:
I increase kern.ipc.maxsockbuf from 2097152 -> 2597152 -> 3145728 but
netstat -sn -p udp | grep 'dropped due to full socket buffers' still show
dropped packets.
Then I increase net.inet.udp
On 22.01.2021 13:21, Eugene Grosbein wrote:
22.01.2021 17:02, Victor Gamov wrote:
No link overload: this host attached to network via 10G ix0, many
VLANs on this ix0 and some sender on every VLAN sends multicast
traffic to this host. Total input traffic about 1Gbit/s
What FreeBSD version
On 22.01.2021 16:09, Eugene Grosbein wrote:
22.01.2021 19:28, Victor Gamov wrote:
On 22.01.2021 13:21, Eugene Grosbein wrote:
22.01.2021 17:02, Victor Gamov wrote:
No link overload: this host attached to network via 10G ix0, many
VLANs on this ix0 and some sender on every VLAN sends
67 matches
Mail list logo
