Hello,
On 13.10.2020 14:19, Kristof Provost wrote:
Are these symptoms of a bug ?
Perhaps. It can also be a symptom of resource exhaustion.
Are there any signs of memory allocation failures, or incrementing
error counters (in netstat or in pfctl)?
Well, the only signs of resource
Hello,
I'm running a FreeBSD 12.1 server as a VM under Hyper-V. And although
this letter will make an impression of another lame post blaming FreeBSD
for all of the issues while the author should blame himselm, I'm atm out
of another explanation. The thing is: I'm getting loads of sendmail
Hi,
I have an ConnectX ethernet card (vendor = 'Mellanox Technologies',
device = 'MT26448 [ConnectX EN 10GigE, PCIe 2.0 5GT/s] <-- this is from
the pciconf -lv, I believe it's an "unnumbered" ConnectX card) and
FreeBSD 11 box. Skipping all of my unsuccessful tries description, I
will simply
Hi,
regarding all this stir around ALTQ and igb(4), and mentioning that
igb(4) doesn't have ALTQ in HEAD - I wanted to ask - is this just igb(4)
and ixgbe(4) that lost ALTQ in HEAD, or is ALTQ being removed totally
from FreeBSD ? I did a couple of searches, but seems like I cannot find
the
Hi,
Recently I had to move from Ultimate and Perfect pf (because it's not
the Ultimate and Perfect when it comes to gigabit/s speeds, due to
legacy TX in Intel drivers and associated problems) [back] to ipfw. I
was terribly disappointed, because after 10 years with pf I felt myself
like
Hi.
Some have probably seen this already -
http://lists.dragonflybsd.org/pipermail/users/2017-March/313254.html
So, could anyone explain why FreeBSD was owned that much. Test is split
into two parts, one is nginx part, and the other is the IPv4 forwarding
part. I understand that nginx
Hi.
On 18.01.2017 15:03, Slawa Olhovchenkov wrote:
> I am use Chelsio and Solarflare.
> Not sure about you workload -- I am have 40K+ TCP connections, you
> workload need different tuning.
> Do you planed to utilise both ports?
> For this case you need PCIe 16x card. This is Chelsio T6 and
>
Hi.
On 18.01.2017 14:51, Hans Petter Selasky wrote:
> On 01/18/17 10:48, Eugene M. Zheganin wrote:
>> Hi.
>>
>> Could someone recommend a decent 40Gbit adapter that are proven to be
>> working under FreeBSD ? The intended purpose - iSCSI traffic, not much
>> pp
Hi.
Could someone recommend a decent 40Gbit adapter that are proven to be
working under FreeBSD ? The intended purpose - iSCSI traffic, not much
pps, but rates definitely above 10G. I've tried Supermicro-manufactured
Intel XL710 ones (two boards, different servers - same sad story:
packets loss,
Hi.
Sometimes on one of my servers I got dmesg full of
sonewconn: pcb 0xf80373aec000: Listen queue overflow: 49 already in
queue awaiting acceptance (6 occurrences)
sonewconn: pcb 0xf80373aec000: Listen queue overflow: 49 already in
queue awaiting acceptance (2 occurrences)
sonewconn:
Hi,
On 11.12.2016 4:07, Andrey V. Elsukov wrote:
Hi All,
I am pleased to announce that projects/ipsec, that I started several
months ago is ready for testing and review.
The main goals were:
* rework locking to make IPsec code more friendly for concurrent
processing;
* make lookup
Hi.
On 08.06.2016 19:37, Alan Somers wrote:
What is the value of "sysctl net.add_addr_allfibs"? In your case, it
sounds like you want to set it to 0.
Thanks a lot, looks like it, will try.
Eugene.
___
freebsd-net@freebsd.org mailing list
Hi.
(first part of the message is describing why I need this, so impatient
people can proceed to th 'setfib 2 route delete' part directly).
I have a FreeBSD router connected to the ISP network, which is organized
according to the rfc3069 (you know, when all of the clients think they
have /24.
Hi.
Why we still have this anachronism - routes via lo0 even for ethernet
interfaces ? Seems like no other modern OS has such antiquities.
Eugene.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To
Hi.
I'm using ng_netflow along with flow-tools to collect traffic statistics.
What is bothering me, is that I constantly see lost flow. What is even
more weird - is that ng_netflow and flow-capture are on the same host,
and are communication via lo0:
May 26 18:33:16 balancer1
Hi.
On 15.04.2014 10:27, Matt Lager wrote:
Do you utilize PF as your firewalling platform, because I'm slightly
suspicious that could be the cause.
I do.
Eugene.
___
freebsd-net@freebsd.org mailing list
Hi.
On 10.04.2014 02:15, Matt Lager wrote:
I have used IPSEC tunnels w/ racoon to establish point to point VPN
connections for a long time, with great success. I recently decided to
upgrade one of my endpoints to 10.0-RELEASE from 9.2-RELEASE-p3. I
didn't do an upgrade but did a fresh
Hi.
Can someone explain me where are the 4 missing bytes when capturing
traffic on a gif interface with a tcpdump ?
I expect to see the length of the first fragment (offset = 0) to be
equal to an mtu (1280 bytes), but clearly it's 1276 bytes.
Same thing happens to a gre tunnel.
# ifconfig gif0
The following reply was made to PR kern/164475; it has been noted by GNATS.
From: Eugene M. Zheganin e...@norma.perm.ru
To: bug-follo...@freebsd.org, eug...@zhegan.in
Cc:
Subject: Re: kern/164475: [gre] gre misses RUNNING flag after a reboot
Date: Fri, 04 Apr 2014 18:27:29 +0600
Still
Hi.
On 12.04.2013 20:13, Olivier Cochard-Labbé wrote:
On Fri, Apr 12, 2013 at 1:54 PM, Gleb Smirnoff gleb...@freebsd.org wrote:
On Fri, Apr 12, 2013 at 01:45:51PM +0200, Olivier Cochard-Labb? wrote:
O PR closed too soon ?
It isn't closed, it is in patched state. This means that problem
is
Hi.
On 03.04.2013 22:17, Milan Obuch wrote:
Well, I am struggling with this too, and now I just use /etc/rc.local
containing
#!/bin/sh
ifconfig gre0 up
ifconfig gre1 up
to bring tunnels to real life. Maybe not that nice, but simple and
working.
It's an ancient bug; it's reported in GNATS (
Hi.
On 24.03.2013 0:05, Eugene M. Zheganin wrote:
Hi.
On 19.03.2013 12:03, YongHyeon PYUN wrote:
I have no idea how this change can freeze your box. It would be
even better to know whether the issue was triggered by bge(4)
changes. I think you can use bge(4)/brgphy(4) of 8.3-RELEASE on
your
Hi.
On 19.03.2013 12:03, YongHyeon PYUN wrote:
I have no idea how this change can freeze your box. It would be
even better to know whether the issue was triggered by bge(4)
changes. I think you can use bge(4)/brgphy(4) of 8.3-RELEASE on
your stable/8. Copy required files from 8.3-RELEASE to
Hi.
On 19.03.2013 12:56, Yoann Gini wrote:
Even if it’s not built-in the L2TP / PPTP standard, the rest of the world do
it, and need it by the way. Using the VPN gateway as a default one is not
acceptable when it’s made to secure access to specific resources only (i.e:
Split Tunneling), as a
Hi.
On 19.03.2013 20:27, Thomas Johnson wrote:
Does anyone have any suggestions on what I should look for, when this
happens again? Could this be related to reported CARP issues in 9.1, as
discussed on this list recently?
So, in other words, you upgraded from pf 4.4 to pf 4.5 and problems
Hi.
On 19.03.2013 12:03, YongHyeon PYUN wrote:
I have no idea how this change can freeze your box. It would be
even better to know whether the issue was triggered by bge(4)
changes. I think you can use bge(4)/brgphy(4) of 8.3-RELEASE on
your stable/8. Copy required files from 8.3-RELEASE to
Hi.
On 18.03.2013 14:23, Damien Fleuriot wrote:
I'm afraid I can't afford 10.x, this is for production, although I acknowledge
the problems you're faced with.
Regarding 8.x, this is a guest VM running on proxmox 2.3 which doesn't support
stock 8.x (need the virtio kernel option, I'll get a
Hi.
On 18.03.2013 3:26, Yoann Gini wrote:
Hello,
I’m Yoann. It’s my first message here so a little brief about me. I’m a OS X
Server System Administrator and Trainer, actually working on a FreeBSD based
setup for a simple service provider infrastructure.
I currently setup a L2TP over IPSec
Hi.
On 14.03.2013 20:47, Fleuriot Damien wrote:
I'm experiencing this odd behavior with 9.1 r24791 for amd64.
You should definitely sit on 8.x until 10.x will become stable, or
upgrade to 10.x from 9.x (at least this is what I do).
Carp is entirely rewritten in 10.x branch. In the same time,
Hi.
On 17.03.2013 21:20, Ermal Luçi wrote:
From this aspects carp in 10(HEAD) should behave the same since the
internals of carp have not been changed only the iconnection with the
FreeBSD stack has.
Talking about aliases on carp that used to be a bit broken up-to 9.x
they do not exist at
Hi.
On 14.03.2013 13:29, YongHyeon PYUN wrote:
I thought you were using stable/8 but it seems you have slightly
older stable/8. The bge(4) code difference between CURRENT and
stable9/stable8 is very minor.
Nah, I really am running recent 8/stable. My mistake was to try to apply
the whole code
Hi.
On 13.03.2013 07:57, YongHyeon PYUN wrote:
If your controller supports ASF/IPMI access please apply r248226
to stable/8 and let me know whether that makes any difference.
I believe ignoring ASF/IPMI firmware is not good idea since the
ASF/IPMI firmware will run regardless of
Hi.
Hi.
On 06.03.2013 12:26, YongHyeon PYUN wrote:
If you were using latest stable/8, the result would be same on
CURRENT.
How frequently do you see the watchdog timeouts? Is there way to
reproduce it?
Would you show me the output of dmesg (bge(4) and brgphy(4) only)
and pciconf -lcbv?
I
Hi.
On 06.03.2013 12:26, YongHyeon PYUN wrote:
If you were using latest stable/8, the result would be same on
CURRENT.
How frequently do you see the watchdog timeouts? Is there way to
reproduce it?
Would you show me the output of dmesg (bge(4) and brgphy(4) only)
and pciconf -lcbv?
I just
Hi.
On 07.03.2013 8:24, YongHyeon PYUN wrote:
What was previous SVN revision number on that machine?
The support for 5718/5719/5720 was merged to stable/8 about 3
months ago.
It was definitely older than months. It was running something similar
to FreeBSD 8.2-STABLE #0: Mon Sep 19 08:10:00
Hi.
On 07.03.2013 12:23, YongHyeon PYUN wrote:
On Thu, Mar 07, 2013 at 11:08:50AM +0600, Eugene M. Zheganin wrote:
It was definitely older than months. It was running something similar
to FreeBSD 8.2-STABLE #0: Mon Sep 19 08:10:00 YEKST 2011, this is the
uname from a neighbor machine.
I
Hi.
On 28.02.2013 11:35, YongHyeon PYUN wrote:
The reporter said the machine was Sun Fire X2200 M2 so I guess you
may see the same issue on both stable/9 and stable/8. Ideally the
loader tunable hw.bge.allow_asf should not be there and driver
should take care of it by checking the existence
Hi.
On 25.02.2013 14:20, YongHyeon PYUN wrote:
On Sun, Feb 24, 2013 at 11:06:42AM +0100, Kajetan Staszkiewicz wrote:
Dnia sobota, 23 lutego 2013 o 04:54:07 Marc Fournier napisał(a):
We just picked up 5 new HP DL 360p Gen8 E5-2630 2P servers … just installed
9.1-RELEASE, and it looks like all
The following reply was made to PR kern/171697; it has been noted by GNATS.
From: Eugene M. Zheganin e...@norma.perm.ru
To: bug-follo...@freebsd.org
Cc:
Subject: Re: kern/171697: [ip6] [ndp] panic when changing routes
Date: Mon, 17 Sep 2012 14:03:02 +0600
Actually it's repeatable.
There's
Hi.
On 30.07.2012 20:14, Bernard Higonnet wrote:
Hello,
Hope this is the right place to mail...
I have two networks A and B.
One machine on A runs an MPD5 server.
On network B I have machine X which has an MPD5 client used to
establish a connection the VPN server on machine Z in network A.
Hi,
I'm having troubles with one FreeBSD server, running 8.2-STABLE.
Randomly I get 'bge watchdog timeout - resetting' errors on it's
console. It can run 1-2 months without problem, then I can get these
errors like twice per day. They are appearing in bunches, and the system
becomes
Hi,
On 09.06.2012 23:07, Jeremie Le Hen wrote:
What it usually done for convenience is to create a gif(4) or gre(4)
tunnel to another network, which is then encrypted using IPSec
transport mode. The inner IP/GRE header is considered as the payload
and it is encrypted. The benefit of this
Hi.
On 14.06.2012 21:57, Jeremie Le Hen wrote:
Not at all, I read the whole mail thoroughly actually :-). But I don't
work on Cisco/Junipers equipements so I didn't exactly grasp what you
meant.
Okay. Actually, the whole idea is to 'simplify'. The conventional way of
creating IPSec makes
Hi.
I have an idea about new networking feature in FreeBSD.
I guess everyone is having ideas from time to time, and lots of these
idea having people think that they just had a decent idea. However, only
ideas that are complemented by a working code can be considered by the
community, and only
The following reply was made to PR kern/164400; it has been noted by GNATS.
From: Eugene M. Zheganin e...@norma.perm.ru
To: bug-follo...@freebsd.org, eug...@zhegan.in
Cc:
Subject: Re: kern/164400: [ipsec] immediate crash after the start of ipsec
processing
Date: Tue, 22 May 2012 00:46:00 +0600
Hi.
I've recently read about ECMP in quagga-users@ mailing list and seems
like quagga can inject equal-cost routes into the kernel (at least in
Linux).
So I wanna know if the same is possible under FreeBSD, because I'm
constructing a VPN with lots of failover channels and a dynamic routing,
Hi.
I've recently read about ECMP in quagga-users@ mailing list and seems
like quagga can inject equal-cost routes into the kernel (at least in
Linux).
So I wanna know if the same is possible under FreeBSD, because I'm
constructing a VPN with lots of failover channels and a dynamic routing,
The following reply was made to PR kern/164400; it has been noted by GNATS.
From: Eugene M. Zheganin e...@norma.perm.ru
To: bug-follo...@freebsd.org, eug...@zhegan.in
Cc:
Subject: Re: kern/164400: [ipsec] immediate crash after the start of ipsec
processing
Date: Fri, 02 Mar 2012 13:52:09 +0600
The following reply was made to PR kern/164400; it has been noted by GNATS.
From: Eugene M. Zheganin e...@norma.perm.ru
To: bug-follo...@freebsd.org, eug...@zhegan.in
Cc:
Subject: Re: kern/164400: [ipsec] immediate crash after the start of ipsec
processing
Date: Wed, 29 Feb 2012 14:03:55 +0600
The following reply was made to PR kern/164400; it has been noted by GNATS.
From: Eugene M. Zheganin e...@norma.perm.ru
To: bug-follo...@freebsd.org, eug...@zhegan.in
Cc:
Subject: Re: kern/164400: [ipsec] immediate crash after the start of ipsec
processing
Date: Thu, 01 Mar 2012 10:38:38 +0600
Hi.
I'm suffering from low network performance on one of my FreeBSDs.
I have an i386 8.2-RELEASE machine with an fxp(4) adapter. It's
connected though a bunch of catalysts 2950 to another 8.2. While other
machines in this server room using the same sequence of switches and the
same target
The following reply was made to PR kern/164400; it has been noted by GNATS.
From: Eugene M. Zheganin eug...@zhegan.in
To: bug-follo...@freebsd.org, eug...@zhegan.in
Cc:
Subject: Re: kern/164400: immediate crash after the start of ipsec processing
Date: Mon, 23 Jan 2012 14:22:59 +0600
I've re
The following reply was made to PR kern/144572; it has been noted by GNATS.
From: Eugene M. Zheganin eug...@zhegan.in
To: bug-follo...@freebsd.org, e...@norma.perm.ru
Cc:
Subject: Re: kern/144572: [carp] CARP preemption mode traffic partially goes
to backup node
Date: Mon, 19 Dec 2011 10:36:47
Hi.
On 18.03.2011 23:56, sth...@nethelp.no wrote:
Are you using IA_PD or IA_NA on your DHCPv6 server?
Since I didn't configure anything on a DHCPv6 server about PD, I assume
I'm using NA.
rtadvd can give you the default router.
DHCPv6 IA_NA gives you a single /128 address and no netmask.
Hi.
On 18.03.2011 23:25, JINMEI Tatuya / 神明達哉 wrote:
A possible workaround is to rewrite dhclient-script to hardcode
/120. Another solution is to use a different DHCPv6 client
implementation. (Although it's not actively maintained/enhanced
recently) I believe WIDE DHCPv6 should work for your
Hi.
I'm trying to get a working freebsd workstation with an ipv6 network
where addresses are received from DHCP.
ATM my IPv6 setup copies the IPv4 layout with vlans and /24 masks, so
I'm using /120 prefixes.
Is that even possible ?
As the Handbook lacks any information about such setup, I
Hi.
On 18.03.2011 20:57, J.R. Oldroyd wrote:
You don't say what prefix length rtadvd is sending or that you're seeing
in the wireshark log.
Do you have prefixlen#120 in your rtadvd.conf?
Yup.
rtadvd.conf from router:
default:
:raflags#192:
vlan1:\
Hi.
I'm running FreeBSD 8.1-STABLE (I had major issues with em(4) on
8.1-RELEASE, so I had to upgrade this host to more recent STABLE).
I'm using ipv6-over-ipv4 tunnel.
gif0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST metric 0 mtu 1280
tunnel inet 89.250.210.67 -- 216.66.80.26
Hi.
On 03.12.2010 01:58, Bjoern A. Zeeb wrote:
FreeBSD A ==ipsec over gre=== FreeBSD B
I'm using FreeBSD as a security gateway:
What it means is that a packet with either an invalid sequence, a
sequence lower than the last seen and outside the window, or a
sequence seen already (lately)
Hi.
What does this message means ?
I'm getting a lots of those.
===Cut===
Dec 2 14:35:15 ural85-gw0-omega kernel: ah_input: packet replay failure:
SA(SPI=3662816 src=10.50.116.6 dst=10.50.110.210)
===Cut===
I'm using FreeBSD as a security gateway:
FreeBSD A ==ipsec over gre=== FreeBSD
The following reply was made to PR kern/134557; it has been noted by GNATS.
From: Eugene M. Zheganin e...@norma.perm.ru
To: bug-follo...@freebsd.org, sergei.cherv...@gmail.com
Cc:
Subject: Re: kern/134557: [netgraph] [hang] 7.2 with mpd3.5 hanging up - ng_pptp
problem
Date: Mon, 08 Jun 2009 15
61 matches
Mail list logo