Re: Plans to port OpenBSD trunk(4)?
On Thu, Aug 03, 2006 at 03:50:39PM +1000, Antony Mawer wrote: Hi list, Is there any interest or plans underway to port the trunk(4) feature from OpenBSD? OpenBSD's trunk(4) appears to be exactly what I'm looking for, but there doesn't appear to be anything I can find on a port to FreeBSD. http://www.openbsd.org/cgi-bin/man.cgi?query=trunksektion=4 I've been tasked with setting up a system that will have 2x Intel Pro/1000 network adapters linked to an HP ProCurve 5300XL modular switch. I stumbled across ng_fec(4), but it refers explicitly to Cisco Fast EtherChannel; some information suggests that this is supported by the HP switch... would using Netgraph with ng_fec achieve the same end result? Has anyone successfully used it as such? ng_one2many(4) can do it; search for bonding in the FreeBSD mail archives for details. Cheers, -- Ruslan Ermilov [EMAIL PROTECTED] FreeBSD committer pgprFkAIxXXbb.pgp Description: PGP signature
Re: Can I pursuade someone to commit this patch? (Re: Multiple IP addresses in a jail.)
On Tue, Aug 01, 2006 at 10:40:53AM +0200, Phil Regnauld wrote: Josef Karthauser (joe) writes: Dear current folk, I'm forwarding this thread from the -net list where I asked the question, is it possible to have more than one IP address in a jail? The answer is yes, with Pawel's patch. The question here is can I pursuade anyone to commit this to head and MFC it please? The motivation is simple. I need to run a second SSL web server inside of a jail, however that needs another IP address because SSL is incompatible with HTTP/1.1. We have been using these patches all the way back since 5-CURRENT and they work very stable for us. I seem to remember that there were some reservations about the way it was being done, but for that matter it wouldn't be the first hack in jail (like u_int32_t for the ip_number in struct jail :) I no longer have a commit bit, so I can't commit these myself :/. Joe -- Josef Karthauser ([EMAIL PROTECTED]) http://www.josef-k.net/ Physics Particle Theory (student) http://www.pact.cpes.sussex.ac.uk/ An eclectic mix of fact and theory. = pgpvAToQ4zjmz.pgp Description: PGP signature
Re: ipw-firmware port (Intel Pro/Wireless 2100)
On Wed, 2006-08-02 at 18:01 -0400, Jonathan Herriott wrote: Hi All! I have been having trouble using the ipw-firmware port. I am able to get it up and running, and it is even associated to my wireless network. I use dhclient to get a lease and set everything up, which works fine (this is after I enter the encryption and stuff). The problem is when I try to ping or access any other IP address, even my router I'm connected to. Just pinging my router yields no results. I have loaded wlan_wep and provided the correct key (tried retyping the key several times) to make sure I provided that portion correctly. I also tried disabling wep in my router to make sure it was not a problem with the wlan_wep module. Here's a dump of ifconfig ipw0 ipw0: flags=8847UP,BROADCAST,DEBUG,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet6 fe80::204:23ff:fe6b:37ad%ipw0 prefixlen 64 scopeid 0x5 inet 192.168.0.2 netmask 0xff00 broadcast 192.168.0.255 ether 00:04:23:6b:37:ad media: IEEE 802.11 Wireless Ethernet autoselect (DS/11Mbps) status: associated ssid JONNET channel 11 bssid 00:09:5b:6a:ad:bc authmode OPEN privacy ON deftxkey 1 wepkey 1:104-bit txpowmax 100 bintval 100 I tried specifying the debug option, but I do not where I will get the output (could not find a specified log file). I was wondering what other information I may need to provide to help in troubleshooting this issue or if anyone knows what is going on. Followup to -net, as it's not a ports issue. I think you can define ipw.debug to something 0. Check the output of 'sysctl -a | grep ipw | grep debug' to find the right sysctl. -- Florent Thoumie [EMAIL PROTECTED] FreeBSD Committer signature.asc Description: This is a digitally signed message part
Re: Broadcom 5780
Hello, I wrote some weeks ago about broadcom 5780 that wasn't detected in FreeBSD 6.1R After trying CURRENT, it was detected, but as Broadcom 5714 (i didn't know it was 5714) In the documentation of bge in FreeBSD 5.x and 6.x it says that the driver already has support for 5714... What can I do that FreeBSD detects my NICs? I don't want to use CURRENT on the server... Thanks for any help --- Best regards Pavol Čierny I don't maintain that driver so I don't know the answer to that. Dave -Original Message- From: Pavol Čierny [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 19, 2006 11:43 AM To: David (Controller AE) Christensen Cc: freebsd-net@freebsd.org Subject: Re: Broadcom 5780 Thanks for the info. Any chances it get's into STABLE in a near term? Could I use the driver code and compile it in STABLE? :) --- S pozdravom Pavol Čierny Pavol, The 5780 is functionally equivalent to the 5714. Support for the 5780 was added to -CURRENT on June 29, 2006 in version 1.135 of if_bge.c. Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pavol Cierny Sent: Wednesday, July 19, 2006 7:17 AM To: freebsd-net@freebsd.org Subject: Broadcom 5780 Hello, has anyone information about implementing Broadcom 5780 to the bge driver? Just bought a Fujitsu-Siemens RX220 server, and the NICs don't work :( --- Best regards Pavol Čierny ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Broadcom 5780
Hi, today I noticed that the STABLE bge driver was modified yesterday (2006-08-02), and it looks like it supports also 5780, so the NICs could work Now I have trouble compiling kernel :-( make: don't know how to make /usr/src/sys/crypto/rijndael/rijndael-alg-fst.c. Stop *** Error code 2 --- S pozdravom Pavol Čierny On Aug 3, 2006, at 2:25 PM, Pavol Čierny wrote: Hello, I wrote some weeks ago about broadcom 5780 that wasn't detected in FreeBSD 6.1R After trying CURRENT, it was detected, but as Broadcom 5714 (i didn't know it was 5714) In the documentation of bge in FreeBSD 5.x and 6.x it says that the driver already has support for 5714... What can I do that FreeBSD detects my NICs? I don't want to use CURRENT on the server... Thanks for any help --- Best regards Pavol Čierny I don't maintain that driver so I don't know the answer to that. Dave -Original Message- From: Pavol Čierny [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 19, 2006 11:43 AM To: David (Controller AE) Christensen Cc: freebsd-net@freebsd.org Subject: Re: Broadcom 5780 Thanks for the info. Any chances it get's into STABLE in a near term? Could I use the driver code and compile it in STABLE? :) --- S pozdravom Pavol Čierny Pavol, The 5780 is functionally equivalent to the 5714. Support for the 5780 was added to -CURRENT on June 29, 2006 in version 1.135 of if_bge.c. Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pavol Cierny Sent: Wednesday, July 19, 2006 7:17 AM To: freebsd-net@freebsd.org Subject: Broadcom 5780 Hello, has anyone information about implementing Broadcom 5780 to the bge driver? Just bought a Fujitsu-Siemens RX220 server, and the NICs don't work :( --- Best regards Pavol Čierny ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] I had the same problem (same fujitsu server model), I think for now the only way is to use CURRENT (5714) best regards ovidiu ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED]
Dynamic Rule Corpses of IPFW 2
I've set up a stateful IPFW rule to resist DoS attach. The rule is allow tcp from any to me tcpflags syn limit src-addr 10 But I found that there're many corpses in dynamic rules, which may resist normal accesses. There isn't correspondence between those corpses and existing TCP connections. How to deal with those impedient corpses? #ipfw -d show | grep myclient ; netstat -an | grep myclient 10010 4 192 (111s) LIMIT tcp myclient 50719 - myserver 443 10010 4 192 (80s) LIMIT tcp myclient 50700 - myserver 443 10010 4 192 (124s) LIMIT tcp myclient 50743 - myserver 443 10010 4 192 (119s) LIMIT tcp myclient 50735 - myserver 443 10010 3570544131 (300s) LIMIT tcp myclient 50828 - myserver 22 10010 0 0 (3s) PARENT 10 tcp myclient 0 - 0.0.0.0 0 10010 4 192 (44s) LIMIT tcp myclient 50617 - myserver 443 10010 4 192 (59s) LIMIT tcp myclient 50652 - myserver 443 10010 4 192 (59s) LIMIT tcp myclient 50650 - myserver 443 10010 4 192 (57s) LIMIT tcp myclient 50645 - myserver 443 10010 296 (300s) LIMIT tcp myclient 50890 - myserver 443 tcp4 0 0 myserver.443 myclient.50817TIME_WAIT tcp4 0 0 myserver.443 myclient.50815TIME_WAIT tcp4 0 0 myserver.443 myclient.50813TIME_WAIT tcp4 0 0 myserver.443 myclient.50809TIME_WAIT tcp4 0146 myserver.443 myclient.50706ESTABLISHED tcp4 0146 myserver.443 myclient.50688ESTABLISHED tcp4 0146 myserver.443 myclient.50679ESTABLISHED tcp4 0 0 myserver.443 myclient.50668ESTABLISHED tcp4 0 0 myserver.443 myclient.50618ESTABLISHED tcp4 0 0 myserver.443 myclient.50611ESTABLISHED tcp4 0146 myserver.443 myclient.50493FIN_WAIT_1 tcp4 0146 myserver.443 myclient.50026FIN_WAIT_1 tcp4 0 0 myserver.22 myclient.50828ESTABLISHED From Beijing, China ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED]
ethernet bridge and dhcpd
Hi All, I have a routerboard with two ethernet ports (sis0 and sis1) with FreeBSD 6.0 on it. I've been trying to setup a bridge between them and also run the dhcpd server on the routerboard. I've setup sis0 with an IP address and sis1 is just marked up in rc.conf. The bridge seems to work because if I statically assign an IP address to a laptop and connect it to sis1 I can ping the routers IP which is what is assigned to sis0. But the laptop cannot get an IP using DHCP. tcpdumping on sis0 doesn't show me the DHCPREQUEST from the laptop that's coming in through sis1 (but it doesn't show me any traffic during ping request either but that's not broadcast so I guess that's expected). Can anyone tell me what I'm doing wrong ?. Here's my rc.conf inetd_enable=YES ifconfig_sis0=inet 10.1.1.1 netmask 255.255.255.0 ifconfig_sis1=up ifconfig_ath0=down gateway_enable=YES dhcpd_enable=YES dhcpd_flags=-q dhcpd_conf=/usr/local/etc/dhcpd.conf --- And here is my dhcpd.conf --- ddns-update-style ad-hoc; default-lease-time 600; max-lease-time 7200; subnet 10.1.1.0 netmask 255.255.255.0 { range 10.1.1.64 10.1.1.250; option routers 10.1.1.1; } -- - Do you Yahoo!? Get on board. You're invited to try the new Yahoo! Mail Beta. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Broadcom 5780
The best solution would be to MFC the driver from -CURRENT to 6.1R, the second alternative would be to add the 5780 PCI vendor/device ID to the 6.1R driver, add a BGE_ASICREV_BCM5780 definition to if_bgereg.h, and make sure that any references to the 5714 also include a reference to the 5780. (Try a diff between 1.134 and 1.135 on -CURRENT to quickly identify the relevant changes.) Dave -Original Message- From: Pavol Čierny [mailto:[EMAIL PROTECTED] Sent: Thursday, August 03, 2006 4:26 AM To: David (Controller AE) Christensen Cc: freebsd-net@freebsd.org Subject: Re: Broadcom 5780 Hello, I wrote some weeks ago about broadcom 5780 that wasn't detected in FreeBSD 6.1R After trying CURRENT, it was detected, but as Broadcom 5714 (i didn't know it was 5714) In the documentation of bge in FreeBSD 5.x and 6.x it says that the driver already has support for 5714... What can I do that FreeBSD detects my NICs? I don't want to use CURRENT on the server... Thanks for any help --- Best regards Pavol Čierny I don't maintain that driver so I don't know the answer to that. Dave -Original Message- From: Pavol Čierny [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 19, 2006 11:43 AM To: David (Controller AE) Christensen Cc: freebsd-net@freebsd.org Subject: Re: Broadcom 5780 Thanks for the info. Any chances it get's into STABLE in a near term? Could I use the driver code and compile it in STABLE? :) --- S pozdravom Pavol Čierny Pavol, The 5780 is functionally equivalent to the 5714. Support for the 5780 was added to -CURRENT on June 29, 2006 in version 1.135 of if_bge.c. Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pavol Cierny Sent: Wednesday, July 19, 2006 7:17 AM To: freebsd-net@freebsd.org Subject: Broadcom 5780 Hello, has anyone information about implementing Broadcom 5780 to the bge driver? Just bought a Fujitsu-Siemens RX220 server, and the NICs don't work :( --- Best regards Pavol Čierny ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Broadcom 5780
Problem solved. The bge driver in STABLE has been modified yesterday, and it works if_bge.c,v 1.91.2.15 2006/08/02 15:01:59 glebius although it detects the NIC as 5714... maybe it's 5714 and not 5780 ... but it works... :) Thanks for the hints --- Best regards Pavol Čierny The best solution would be to MFC the driver from -CURRENT to 6.1R, the second alternative would be to add the 5780 PCI vendor/device ID to the 6.1R driver, add a BGE_ASICREV_BCM5780 definition to if_bgereg.h, and make sure that any references to the 5714 also include a reference to the 5780. (Try a diff between 1.134 and 1.135 on -CURRENT to quickly identify the relevant changes.) Dave -Original Message- From: Pavol Čierny [mailto:[EMAIL PROTECTED] Sent: Thursday, August 03, 2006 4:26 AM To: David (Controller AE) Christensen Cc: freebsd-net@freebsd.org Subject: Re: Broadcom 5780 Hello, I wrote some weeks ago about broadcom 5780 that wasn't detected in FreeBSD 6.1R After trying CURRENT, it was detected, but as Broadcom 5714 (i didn't know it was 5714) In the documentation of bge in FreeBSD 5.x and 6.x it says that the driver already has support for 5714... What can I do that FreeBSD detects my NICs? I don't want to use CURRENT on the server... Thanks for any help --- Best regards Pavol Čierny I don't maintain that driver so I don't know the answer to that. Dave -Original Message- From: Pavol Čierny [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 19, 2006 11:43 AM To: David (Controller AE) Christensen Cc: freebsd-net@freebsd.org Subject: Re: Broadcom 5780 Thanks for the info. Any chances it get's into STABLE in a near term? Could I use the driver code and compile it in STABLE? :) --- S pozdravom Pavol Čierny Pavol, The 5780 is functionally equivalent to the 5714. Support for the 5780 was added to -CURRENT on June 29, 2006 in version 1.135 of if_bge.c. Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pavol Cierny Sent: Wednesday, July 19, 2006 7:17 AM To: freebsd-net@freebsd.org Subject: Broadcom 5780 Hello, has anyone information about implementing Broadcom 5780 to the bge driver? Just bought a Fujitsu-Siemens RX220 server, and the NICs don't work :( --- Best regards Pavol Čierny ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ethernet bridge and dhcpd
Purushotham Nayak wrote: Hi All, Hey! Sorry you dind't get my answer first because I sent in wrong format, so i post it again: Here is a thought, don't setup dhcp server on a bridge. I tried to use firewalling on this but it works differently than in linux where you can control the traffic with --physdev-in -out, you can't determine that which card where the traffic come from and which where it goes, i read something in a handbook but dont remember atm so try to accept all packet on the firewall. You can try to tell dhcpd which interface you want to use but it's possible it won't work. I have a routerboard with two ethernet ports (sis0 and sis1). I've been trying top setup a bridge and also run the dhcpd server on it. I've setup sis0 with an IP address and sis1 is just marked up in rc.conf. The bridge seems to work because if I statically assign an IP address to a laptop and connect it to sis1 I can ping the routers IP which is what is assigned to sis0. But the laptop cannot get an IP using DHCP. tcpdumping on sis0 doesn't show me the DHCPREQUEST from the laptop that's coming in through sis1 (but it doesn't show me any traffic during ping request either but that's not broadcast so I guess that's expected). Here's my rc.conf - inetd_enable=YES ifconfig_sis0=inet 10.1.1.1 netmask 255.255.255.0 broadcast parameter? ifconfig_sis1=up ifconfig_ath0=down gateway_enable=YES this not requied for a bridge dhcpd_enable=YES dhcpd_flags=-q try to setup the interface as i told dhcpd_conf=/usr/local/etc/dhcpd.conf --- And here is my dhcpd.conf - ddns-update-style ad-hoc; default-lease-time 600; max-lease-time 7200; subnet 10.1.1.0 netmask 255.255.255.0 { range 10.1.1.64 10.1.1.250; option routers 10.1.1.1; } --- Can anyone please let me know if there is something I'm doing wrong. nayak I hope it will help. Regards, JaX ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Plans to port OpenBSD trunk(4)?
On Thu, 3 Aug 2006, Antony Mawer wrote: Is there any interest or plans underway to port the trunk(4) feature from OpenBSD? OpenBSD's trunk(4) appears to be exactly what I'm looking for, but there doesn't appear to be anything I can find on a port to FreeBSD. http://www.openbsd.org/cgi-bin/man.cgi?query=trunksektion=4 I've been tasked with setting up a system that will have 2x Intel Pro/1000 network adapters linked to an HP ProCurve 5300XL modular switch. I stumbled across ng_fec(4), but it refers explicitly to Cisco Fast EtherChannel; some information suggests that this is supported by the HP switch... would using Netgraph with ng_fec achieve the same end result? Has anyone successfully used it as such? You HP switch will probably support FEC trunking (the ones I have do), so using the ng_fec netgraph module is probably what you want to do. In fact, even if your switch uses something other than the FEC scheduler to distribute incoming packets, ng_fec will still work to distribute outgoing packets. Here is the config I use (on a 5.x system)... #!/bin/sh ngctl mkpeer fec dummy fec ngctl msg fec0: add_iface 'em0' ngctl msg fec0: add_iface 'em1' ngctl msg fec0: add_iface 'em2' ngctl msg fec0: add_iface 'em3' ifconfig fec0 192.168.1.1 255.255.255.0 #this next line should be implied by the previous, but... ifconfig fec0 up -- Luke ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED]