Allow PING(8) in jails without raw socket access permissions
Hello, I have currently a patch in review with jamie which is the current jail maintainer and kyle evans, if anyone else could comment/review this patch : https://reviews.freebsd.org/D26782 What has been done is the following : Raw socket access is allowed for ICMP protocol as is required by PING(8) but option IP_HDRINCL is not allowed. to accomplish this a new privilege PRIV_NETINET_ICMP_ACCESS has been added by default for jails. Bests ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
[Bug 248652] iflib: netmap pkt-gen large TX performance difference between 11-STABLE and 12-STABLE/CURRENT on ix & ixl NIC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248652 --- Comment #18 from Michael Muenz --- (In reply to vistalba from comment #17) - Install Vanilla FreeBSD12 - pkg install git - cd /usr && git clone https://github.com/opnsense/tools - cd tools && make update - make kernel You can also just create an image, follow the guides on https://github.com/opnsense/tools this might be easier -- You are receiving this mail because: You are on the CC list for the bug. ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
[Bug 248652] iflib: netmap pkt-gen large TX performance difference between 11-STABLE and 12-STABLE/CURRENT on ix & ixl NIC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248652 --- Comment #17 from vistalba --- (In reply to Vincenzo Maffione from comment #14) Is there a easy way to test this on my opnsense vm with vmx interfaces. As far as I know my netmap issue on vmx is related to this timer issue as well. I'm not so familiar with freebsd. -- You are receiving this mail because: You are on the CC list for the bug. ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
[Bug 248652] iflib: netmap pkt-gen large TX performance difference between 11-STABLE and 12-STABLE/CURRENT on ix & ixl NIC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248652 --- Comment #16 from Sylvain Galliano --- (In reply to Vincenzo Maffione from comment #14) Here are the results: X520 with 1 queue ix0: PCI Express Bus: Speed 5.0GT/s Width x8 ix0: netmap queues/slots: TX 1/2048, RX 1/2048 *** sysctl dev.ix.0.iflib.nm_tx_tmr_us=0 (default value) pkt-gen: 683.502433 main_thread [2639] 4.215 Mpps (4.227 Mpkts 2.023 Gbps in 1002819 usec) 465.43 avg_batch 9 min_space *** sysctl dev.ix.0.iflib.nm_tx_tmr_us=300 pkt-gen: 750.688608 main_thread [2639] 6.496 Mpps (6.646 Mpkts 3.118 Gbps in 1023000 usec) 465.45 avg_batch 9 min_space *** sysctl dev.ix.0.iflib.nm_tx_tmr_us=200 pkt-gen: 771.736855 main_thread [2639] 8.907 Mpps (9.112 Mpkts 4.275 Gbps in 1022999 usec) 465.45 avg_batch 9 min_space *** sysctl dev.ix.0.iflib.nm_tx_tmr_us=100 pkt-gen: 804.554603 main_thread [2639] 14.136 Mpps (14.147 Mpkts 6.785 Gbps in 1000748 usec) 465.45 avg_batch 9 min_space -> close to 10G line rate *** sysctl dev.ix.0.iflib.nm_tx_tmr_us=90 pkt-gen: 872.156329 main_thread [2639] 14.880 Mpps (15.054 Mpkts 7.142 Gbps in 1011721 usec) 466.96 avg_batch 9 min_space Now using same X520 NIC using 4 queues. ix1: PCI Express Bus: Speed 5.0GT/s Width x8 ix1: netmap queues/slots: TX 4/2048, RX 4/2048 *** sysctl dev.ix.1.iflib.nm_tx_tmr_us=0 (default) pkt-gen: 047.988586 main_thread [2639] 13.596 Mpps (13.623 Mpkts 6.526 Gbps in 1002002 usec) 443.03 avg_batch 9 min_space -> close to max speed (thanks to 4 queue) *** sysctl dev.ix.1.iflib.nm_tx_tmr_us=400 pkt-gen: 094.224581 main_thread [2639] 14.887 Mpps (14.904 Mpkts 7.146 Gbps in 1001173 usec) 440.75 avg_batch 9 min_space Looks really good for X520 NIC whatever the number of queue I used. Now same tests using XL710 NIC (40G) using 1 queue: ixl1: PCI Express Bus: Speed 8.0GT/s Width x8 ixl1: netmap queues/slots: TX 1/1024, RX 1/1024 *** sysctl dev.ixl.1.iflib.nm_tx_tmr_us=0 (default) pkt-gen: 324.883066 main_thread [2639] 12.270 Mpps (13.044 Mpkts 5.890 Gbps in 1063000 usec) 16.53 avg_batch 9 min_space *** sysctl dev.ixl.1.iflib.nm_tx_tmr_us=100 pkt-gen: 350.497566 main_thread [2639] 12.246 Mpps (12.258 Mpkts 5.878 Gbps in 1001003 usec) 16.48 avg_batch 9 min_space no changes. Now testing XL710 with 4 queues: ixl0: PCI Express Bus: Speed 8.0GT/s Width x8 ixl0: netmap queues/slots: TX 4/1024, RX 4/1024 *** sysctl dev.ixl.0.iflib.nm_tx_tmr_us=0 (default) pkt-gen: 614.766048 main_thread [2639] 13.671 Mpps (14.539 Mpkts 6.562 Gbps in 1063494 usec) 15.75 avg_batch 9 min_space *** sysctl dev.ixl.0.iflib.nm_tx_tmr_us=100 pkt-gen: 640.652549 main_thread [2639] 13.672 Mpps (13.795 Mpkts 6.562 Gbps in 1009001 usec) 15.79 avg_batch 9 min_space No changes using XL710 NIC (as a reminder, using FreeBSD 11 without iflib, I can reach +40Mpps on XL710 using pkt-gen) -- You are receiving this mail because: You are on the CC list for the bug. ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: ping -R output?
thanks! that's really interesting. Different from what I was expecting
but what I'd expect from
the code dropping into Fuchsia.
It's such a pity our ping doesn't support ping -T (timestamps)
but Linux does and I'd love to see [(Linux) 'ping -T tsandaddr
{machine B}'] >[FreeBSD A] -> [FreeBSD B]
If anyone can do that, I'd really appreciate it..
Actually all three machines as Linux would be an interesting
comparison as well (for both -T and -R).
Linux adds an entry for both reception and transmission on the far end
and the sender..
FreeBSD only does sender on the intermediate and far end, and receiver
on the local.
I don't know what Linux does on the intermediate hosts. My reading of
the RFC agrees with BSD for RR.
but you only get 9 slots so Linux is limited to a full distance of 2
(and return) if they use 2 slots for each hop.
I can't say if we get Timestamp right as we can't do it.
J
On 10/14/20 1:25 AM, Peter Libassi wrote:
like this? ( ping from 192.168.3.1 -> (192.168.3.2/172.16.42.1) ->
172.16.42.2
root@bsd1:~ # ping -R 172.16.42.2
PING 172.16.42.2 (172.16.42.2): 56 data bytes
64 bytes from 172.16.42.2: icmp_seq=0 ttl=63 time=1.280 ms
RR: 172.16.42.1
172.16.42.2
192.168.3.2
192.168.3.1
64 bytes from 172.16.42.2: icmp_seq=1 ttl=63 time=1.238 ms(same route)
64 bytes from 172.16.42.2: icmp_seq=2 ttl=63 time=1.100 ms(same route)
64 bytes from 172.16.42.2: icmp_seq=3 ttl=63 time=1.210 ms(same route)
64 bytes from 172.16.42.2: icmp_seq=4 ttl=63 time=1.156 ms(same route)
/Peter
14 okt. 2020 kl. 09:05 skrev Julian Elischer >:
Can someone send me the output of a ping -R , starting with FreeBSD
machine, through a second FreeBSD machine and bouncing back from a
third FreeBSD machine? I don't have three in a row like that
anywhere. Probably best to send it back through the list so I
people can see if i get an answer.
Thanks, Julian
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: ping -R output?
like this? ( ping from 192.168.3.1 -> (192.168.3.2/172.16.42.1) -> 172.16.42.2 root@bsd1:~ # ping -R 172.16.42.2 PING 172.16.42.2 (172.16.42.2): 56 data bytes 64 bytes from 172.16.42.2: icmp_seq=0 ttl=63 time=1.280 ms RR: 172.16.42.1 172.16.42.2 192.168.3.2 192.168.3.1 64 bytes from 172.16.42.2: icmp_seq=1 ttl=63 time=1.238 ms (same route) 64 bytes from 172.16.42.2: icmp_seq=2 ttl=63 time=1.100 ms (same route) 64 bytes from 172.16.42.2: icmp_seq=3 ttl=63 time=1.210 ms (same route) 64 bytes from 172.16.42.2: icmp_seq=4 ttl=63 time=1.156 ms (same route) /Peter > 14 okt. 2020 kl. 09:05 skrev Julian Elischer : > > Can someone send me the output of a ping -R , starting with FreeBSD machine, > through a second FreeBSD machine and bouncing back from a third FreeBSD > machine? I don't have three in a row like that anywhere. Probably best to > send it back through the list so I people can see if i get an answer. > > > Thanks, Julian > > > > ___ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
ping -R output?
Can someone send me the output of a ping -R , starting with FreeBSD machine, through a second FreeBSD machine and bouncing back from a third FreeBSD machine? I don't have three in a row like that anywhere. Probably best to send it back through the list so I people can see if i get an answer. Thanks, Julian ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
