is doesn't work since the tunnel interface needs to see the interface
with the IP to route it to, and since it's in another jail/vnet, it can't
get there.
The closes thing I can think of is putting an epair in w/ the tunnel
interface, and routing the tunnel out of the vnet via the epair interface..
Rick Macklem wrote this message on Thu, Jun 02, 2022 at 14:44 +:
> John-Mark Gurney wrote:
> > I just booted FreeBSD-current diskless, using NFS root, and I ended
> > up having issues because by default, NFS root is only v2.
> >
> > One of things that happen
via mount options, but I can't
see where it's documented to set them.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
te, even via power_off/power_on
commands.
Sorry that I don't have a solution for you. The closest that I could
suggest is to try to drop the USB id from the ure driver or switch it's
mode to try the ucdce driver instead. I've seen that it's been more
reliable, but
Eric Joyner wrote this message on Sun, Aug 01, 2021 at 21:10 -0700:
> On Sun, Aug 1, 2021 at 6:59 PM John-Mark Gurney wrote:
>
> > I have a dual port igb card:
> > igb0: port 0x2020-0x203f mem
> > 0xd102-0xd103,0xd0c0-0xd0ff,0xd1044000-0xd1047fff irq 17 a
3
+Process and send pause frames.
+.It 4
+No software override, use EEPROM configuration.
+.El
+.El
+Note: That the variable is available for igb as well.
.Sh FILES
.Bl -tag -width /dev/led/em*
.It Pa /dev/led/em*
--
John-Mark Gurney Voice: +1 415 225 5579
&
device. So, other
non-RealTek devices would be great to test with.
Let me know if you have any issues with the change!
Thanks.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
sary binaries are installed, and skip them if not
present.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
___
freebsd-net@freebsd.org mailing list
ht
, and despite the current docs both...
There are a large number of flags that have been added over the years...
and it'd be good to catch up with that work...
Yes, I could spend hours reading the code, but it'd be much easier to
just ask the people who did the work.
--
John-Mark Gurney
John-Mark Gurney wrote this message on Wed, Jan 13, 2021 at 17:59 -0800:
> Andrey V. Elsukov wrote this message on Wed, Jan 13, 2021 at 11:42 +0300:
> > On 13.01.2021 00:37, John-Mark Gurney wrote:
> > >> when this will happen again, it would be nice to make sure that NS
>
Andrey V. Elsukov wrote this message on Wed, Jan 13, 2021 at 11:42 +0300:
> On 13.01.2021 00:37, John-Mark Gurney wrote:
> >> when this will happen again, it would be nice to make sure that NS
> >> packets hit the IP stack. E.g. with attached dtrace script.
> >
>
Andrey V. Elsukov wrote this message on Tue, Jan 12, 2021 at 16:33 +0300:
> On 12.01.2021 05:25, John-Mark Gurney wrote:
> >> The device, where the capture was taken does not respond tot he NS packet.
> >> This might be caused by:
> >> a) the device has a differe
37::c43c, length 32
05:08:32.215624 IP6 fc00:b5d:41c:7e37::7e37 > fc00:b5d:41c:7e37::c43c: ICMP6,
echo request, seq 0, length 16
05:08:32.215646 IP6 fc00:b5d:41c:7e37::c43c > fc00:b5d:41c:7e37::7e37: ICMP6,
echo reply, seq 0, length 16
--
John-Mark Gurney
ibc)
looks like it returns all the info you want in the ifa_data for
any entry that is of type AF_LINE...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
__
n BACKUP and never return to
> MASTER. Any idea what I'm missing? Is CARP supposed to work with epair?
Did you set net.inet.carp.preempt=1? Or do you not yet have another
peer and that is why you expect that it'd come back as MASTER?
--
John-Mark Gurney Voice: +1 41
: flags=8802 metric 0 mtu 1500
options=8
ether xx:xx:xx:xx:xx:xx
media: Ethernet autoselect (1000baseT )
status: active
nd6 options=21
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done
y imposed on me... So now I don't have this need
> anymore.
Ok. Glad you were able to solve your problem, though obviously not the way you
wanted to.
Just for the archives, this style of routing should work fine in FreeBSD.
> On Tue, 15 Sep 2020 12:10:52 -0700
> John-Mark Gurney wrot
gt; > one ?
> > If it is possible, you can route via this private address on your FreeBSD
> > installation to the new one and assign a public/32 to the last.
> >
> > Alternatively to doing routing like above, if you have a firewall enabled on
> > the first machine, you can do address forwarding between the first and the
> > new one.
> >
> > And last, maybe with something like -iface from "route" you can achieve what
> > you want.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
signature.asc
Description: PGP signature
John-Mark Gurney wrote this message on Sat, Jul 25, 2020 at 16:13 -0700:
> Hello,
>
> I'd like people who have ure (RealTek) based USB devices to test
> review D25809[0].
>
> This update adds support for:
> - HW VLAN tagging
> - HW checksum offload for IPv4 and IPv6
&g
Ganbold Tsagaankhuu wrote this message on Wed, Aug 19, 2020 at 16:27 +0800:
> On Tue, Jul 28, 2020 at 2:35 AM John-Mark Gurney wrote:
>
> > Ganbold Tsagaankhuu wrote this message on Mon, Jul 27, 2020 at 18:29 +0800:
> > > On Mon, Jul 27, 2020 at 5:14 AM John-M
Ganbold Tsagaankhuu wrote this message on Mon, Jul 27, 2020 at 18:29 +0800:
> On Mon, Jul 27, 2020 at 5:14 AM John-Mark Gurney wrote:
>
> > Ganbold Tsagaankhuu wrote this message on Sun, Jul 26, 2020 at 11:05 +0800:
> > > On Sun, Jul 26, 2020 at 7:13 AM John-M
Ganbold Tsagaankhuu wrote this message on Sun, Jul 26, 2020 at 11:05 +0800:
> On Sun, Jul 26, 2020 at 7:13 AM John-Mark Gurney wrote:
>
> > Hello,
> >
> > I'd like people who have ure (RealTek) based USB devices to test
> > review D25809[0].
> >
> > T
depending upon
TCP or UDP, which is a significant improvement over the previous
91Mbps (~8kint/sec*1500bytes/packet*1packet/int).
Thanks.
[0] https://reviews.freebsd.org/D25809
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done
John-Mark Gurney wrote this message on Thu, Jul 23, 2020 at 16:49 -0700:
> Kristof Provost wrote this message on Thu, Jul 23, 2020 at 11:02 +0200:
> > On 23 Jul 2020, at 11:00, Bjoern A. Zeeb wrote:
> > > On 23 Jul 2020, at 8:09, Kristof Provost wrote:
> > >
> > &g
Kristof Provost wrote this message on Thu, Jul 23, 2020 at 11:02 +0200:
> On 23 Jul 2020, at 11:00, Bjoern A. Zeeb wrote:
> > On 23 Jul 2020, at 8:09, Kristof Provost wrote:
> >
> >> On 23 Jul 2020, at 9:19, Kristof Provost wrote:
> >>> On 23 Jul 2020, at 0:1
Bjoern A. Zeeb wrote this message on Wed, Jul 22, 2020 at 20:43 +:
> On 22 Jul 2020, at 19:34, John-Mark Gurney wrote:
>
> > John-Mark Gurney wrote this message on Tue, Jul 21, 2020 at 23:05
> > -0700:
> >> Peter Libassi wrote this message on Wed,
John-Mark Gurney wrote this message on Tue, Jul 21, 2020 at 23:05 -0700:
> Peter Libassi wrote this message on Wed, Jul 22, 2020 at 06:54 +0200:
> > Is this related to
> >
> > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234985
> > <https://bugs.freebsd.org/b
ks like in_multi isn't holding an
interface or address lock waiting for things to free up...
> > 21 juli 2020 kl. 22:23 skrev John-Mark Gurney :
> >
> > Marko Zec wrote this message on Tue, Jul 21, 2020 at 11:31 +0200:
> >> On Tue, 21 Jul 2020 02:16:55 -0700
> >> John-Ma
Marko Zec wrote this message on Tue, Jul 21, 2020 at 11:31 +0200:
> On Tue, 21 Jul 2020 02:16:55 -0700
> John-Mark Gurney wrote:
>
> > I'm running:
> > FreeBSD test 13.0-CURRENT FreeBSD 13.0-CURRENT #0 r362596: Thu Jun 25
> > 05:02:51 UTC 2020
> > r...@releng1
in fork_exit (
callout=0x80c26200 ,
arg=0x81cf4f70 , frame=0xfe0049e99b80)
at /usr/src/sys/kern/kern_fork.c:1052
#10
(kgdb)
I have the core files so I can get additional information.
Let me know if you need any additional information.
--
John-Mark Gurney
-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe
Marko Zec wrote this message on Fri, Jul 17, 2020 at 23:54 +0200:
> On Fri, 17 Jul 2020 11:56:09 -0700
> John-Mark Gurney wrote:
> > Marko Zec wrote this message on Fri, Jul 17, 2020 at 12:03 +0200:
> ...
> > > #define IFQ_DRV_IS_EMPTY(ifq) \
> > > ((
Marko Zec wrote this message on Fri, Jul 17, 2020 at 12:03 +0200:
> On Thu, 16 Jul 2020 11:56:29 -0700
> John-Mark Gurney wrote:
>
> > Marko Zec wrote this message on Thu, Jul 16, 2020 at 07:49 +0200:
> > > On Thu, 16 Jul 2020 07:26:22 +0200
> > > Marko Zec w
Marko Zec wrote this message on Thu, Jul 16, 2020 at 07:49 +0200:
> On Thu, 16 Jul 2020 07:26:22 +0200
> Marko Zec wrote:
>
> > On Wed, 15 Jul 2020 16:26:25 -0700
> > John-Mark Gurney wrote:
> >
> > > I happen to be looking at the implementation
often, since it's an error path that likely
rarely happens, but we should fix it.
Should we just add the IFQ_LOCK/_UNLOCK to the macro?
Comments or thoughts?
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have
just that tunnel.
> > It's not required to do the encryption in netgraph.
> > there is a script to make the tunnel in
> > /usr/share/examples.netgraph/udp.tunnel
> > you just need to set up the SA to catch it..
> > you can also if you desire you
I can integrate it with FreeBSD jails
> > >> and I was looking at some of the examples provided in
> > >> /usr/share/examples/netgraph and now have the following question.
> > >> The udp.tunnel example shows an iface point-to-point connection but it
me -- unless I'm missing
> something.
I only see rtltime on em0, and I don't see a closing colon after
rtltime on em0. Try adding a terminating colon on em0 and see if
the problem goes away.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I w
>
> Right, a "consumers need to ask for it" issue more so than an inherently
> problematic approach. I assumed as much but wasn't sure.
Don't we have the option of doing soft re-classification? Where we
recalculate the hash, and then do a netisr defer? I mean that'd burn
a bunch of
Olivier Cochard-Labb wrote this message on Tue, Nov 05, 2019 at 23:45 +0100:
> On Tue, Nov 5, 2019 at 8:15 PM John-Mark Gurney wrote:
>
> > AES-GCM can run at over 1GB/sec on a single core, so as long as the
> > traffic can be processed by multiple threads (via multiple queu
, so as long as the
traffic can be processed by multiple threads (via multiple queues
for example), it should be doable.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All
an the epair
successfully. I've had to do that myself.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
___
freebsd-net@freebsd.org mailing list
ht
Hiroki Sato wrote this message on Tue, Aug 20, 2019 at 16:26 +0900:
> "Bjoern A. Zeeb" wrote
> in <7a7874fa-e663-4ec9-b349-c46d32982...@lists.zabbadoz.net>:
>
> bz> On 17 Aug 2019, at 6:03, John-Mark Gurney wrote:
> bz>
> bz> > I am setting
of the rtadvd source code,
and I don't see a makeentry for addrs either.
If no one objects, I'll remove it.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have
Andrey V. Elsukov wrote this message on Thu, Aug 15, 2019 at 17:38 +0300:
> On 14.08.2019 03:27, John-Mark Gurney wrote:
> > I'm doing some perf testing on an APU4 board, and I noticed that
> > it looks like the input netstat counters are 2x than what they should
> > be.
-CURRENT from the July 25th snapshot, which is r350322.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
___
freebsd-net@freebsd.org mailing
iness/2017/03/16/lack-oxford-comma-costs-maine-company-millions-overtime-dispute/BIxK837fA2C06qavQMDs5J/story.html
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
_
sounds like vaddrs and paddrs arrays are
already allocated and you just use these addresses... But there is no
way I can write code from this description...
Also, lots of terminology is missing, like what is a qset?
--
John-Mark Gurney Voice: +1 415 225 5579
Marko Zec wrote this message on Tue, Sep 04, 2018 at 16:43 +0200:
> On Sat, 1 Sep 2018 14:11:23 -0700
> John-Mark Gurney wrote:
> > Vincenzo Maffione wrote this message on Sat, Sep 01, 2018 at 22:25
> > +0200:
> ...
> > > On x86_64 netmap is not built as a module,
Vincenzo Maffione wrote this message on Sat, Sep 01, 2018 at 22:25 +0200:
> Il giorno sab 1 set 2018 alle ore 03:50 John-Mark Gurney
> ha scritto:
>
> > First, does vale work for anyone? At least one of the documented
> > commands in vale(4) does not work.
> >
_get_bdg_na(hdr, na, nmd, create);
1539if (error)
1540goto out;
1541
1542if (*na != NULL) /* valid match in netmap_get_bdg_na() */
Thanks.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, h
es... And the A: line gives you the ability to spoof
packets as well...
Hopefully there wasn't any important data encrypted w/ that key...
Always X those out...
> > A: hmac-sha2-256 xxx
--
John-Mark Gurney Voice: +1 415 225 5579
0
> net.inet.ipsec.debug: 0
> net.inet.ipsec.filtertunnel: 0
> net.inet.ipsec.natt_cksum_policy: 0
> net.inet.ipsec.check_policy_history: 0
> net.inet.ipsec.crypto_support: 50331648
>
>
>
> > On Aug 9, 2018, at 6:40 AM, John-Mark Gurney wr
performance, and not the cipher...
Need to see your setkey.conf, or at least the output of setkey -D..
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
___
Adrian Chadd wrote this message on Sat, Jul 28, 2018 at 13:33 -0700:
> On Fri, 27 Jul 2018 at 15:19, John-Mark Gurney wrote:
>
> > Ryan Moeller wrote this message on Fri, Jul 27, 2018 at 12:45 -0700:
> > > There is a long-standing issue with 9k mbuf jumbo clusters in FreeB
46becfbb150a1
Drivers need to be fixed to use 4k pages instead of cluster. I really hope
no one is using a card that can't do 4k pages, or if they are, then they
should get a real card that can do scatter/gather on 4k pages for jumbo
frames..
--
John-Mark Gurney
with latest netmap code
> > (LINUX).
> >
> > What is the source of this limitation? From the chip datasheet it appears
> > that much larger frames are supported.
> >
> > There is mention of 9216 in some of the driver source files but as an MTU,
>
nfig bridge14 addm tap0 addm em0.14
> ifconfig bridge14 up
> ifconfig bridge14
>
> then your VM will can communicate (untagged) with your host system, and
> you will see tagged packets on em0 (and untagged on em0.14 of course)
Yes, and that prevents me running some of my VM's that I wa
all the mac addresses, but this is just a
> guess.
I finally figured this out w/ tcpdump, as tcpdump was showing the
packets going out em0.14 (in my case), but the reply was never making
it back to em0.14. I was seeing it on em0 w/ "tcpdump -i em0 vlan 14",
and then, when I ran &qu
, it should work
w/ original configuration), I'll test and commit the patch.
Otherwise, please submit another fix.
Thanks.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have
perly to
handle the latency.
I posted some info on the wiki about this:
https://wiki.freebsd.org/SSHPerf
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
__
ut subsystem to coalesce callouts scheduled close to each
other into fewer timer interrupts, reducing processing overhead and power
consumption. These flags may be specified to adjust the interpretation
of sbt and pr:
--
John-Mark Gurney Voice: +1
Chris Stankevitz wrote this message on Wed, Aug 26, 2015 at 14:30 -0700:
Thanks again. I appreciate you teaching me how to fish. I basically
spent all morning reading kdump output.
No worries, glad you're learning...
On 8/26/15 1:24 AM, John-Mark Gurney wrote:
It really looks like we
Chris Stankevitz wrote this message on Tue, Aug 25, 2015 at 19:55 -0700:
John-Mark,
Thank you for your reply.
On 8/25/15 6:03 PM, John-Mark Gurney wrote:
Chris Stankevitz wrote this message on Tue, Aug 25, 2015 at 15:47 -0700:
# cat /dev/urandom | ssh root@host 'cat /dev/null
from my
MacOSX box, and ~776k from my 9.2-R box... Server in both cases is
a June -CURRENT... netstat -xAanfinet is helpful on this...
Hope this helps!
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has
at fixed the em driver yet.
[1] https://svnweb.freebsd.org/changeset/base/r162205
P.S. Probing time could be made faster if ping -t supported sub-second
values as if a host on a local segment hasn't replied in, say, 100ms,
it's probably not going to, or you need to fix the network.
--
John-Mark
..
I haven't tried this out myself, but I may in the near future...
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
https
, the people who
can and will do something about it can subscribe, the problem is
getting those people subscribed... If we don't get enough people
subscribed, then there isn't much point...
btw, if this works, we should do it for all the main categories..
--
John-Mark Gurney
John-Mark Gurney wrote this message on Wed, Jul 29, 2015 at 09:11 -0700:
George Neville-Neil wrote this message on Wed, Jul 29, 2015 at 10:35 -0400:
That's fine so long as its removed in HEAD now, and then the warning can
go into 10 aka 10.3.
As I said, setkey doesn't support it.. and I
Chadd wrote:
I'd put together a deprecation plan, which starts with the kernel
warning that this stuff is being removed, MFC that to stable/10 and
stable/9 so people aren't surprised when they upgrade, and then have
it removed in 11.
--
John-Mark Gurney Voice
process doesn't have to have /dev/kmem access...
Is there a reason you need to use kmem? The only reason you list above
is that it's too large via ioctl, but a copyout is fine, and would
handle all page faults for you..
--
John-Mark Gurney Voice: +1 415 225 5579
Laurie Jennings wrote this message on Wed, Jul 29, 2015 at 17:52 -0700:
On Wed, 7/29/15, John-Mark Gurney j...@funkthat.com wrote:
Subject: Re: Locking Memory Question
To: Laurie Jennings laurie_jennings_1...@yahoo.com
Cc: John Baldwin j
/
or the racoon example from:
https://blog.plitc.eu/2014/freebsd-10-ipv4-ipsec-net-to-net-vpn-in-der-jail/
best regards
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has
Jim Thompson wrote this message on Mon, Jul 27, 2015 at 23:18 -0500:
On Jul 27, 2015, at 10:41 PM, John-Mark Gurney j...@funkthat.com wrote:
Jim Thompson wrote this message on Mon, Jul 27, 2015 at 20:24 -0500:
On Jul 27, 2015, at 7:57 PM, John-Mark Gurney j...@funkthat.com wrote:
I
this mode, you have to say you are currently
using the mode and include a working sample config.
Thanks.
[1] https://tools.ietf.org/html/draft-ietf-ipsec-skipjack-cbc-00
[2] https://en.wikipedia.org/wiki/Skipjack_(cipher)
--
John-Mark Gurney Voice: +1 415 225 5579
Jim Thompson wrote this message on Mon, Jul 27, 2015 at 20:24 -0500:
On Jul 27, 2015, at 7:57 PM, John-Mark Gurney j...@funkthat.com wrote:
I would like to remove it from HEAD immediately as I don't see a use
for it. Some time ago I proposed removing Skipjack from the OCF in 12
Karl Pielorz wrote this message on Mon, Jul 13, 2015 at 09:33 +0100:
--On 10 July 2015 11:06 -0700 John-Mark Gurney j...@funkthat.com wrote:
Try bumping the MTU on the root em's by 4 (1504) before creating the
lagg...
I had thought of that - but didn't want to try it (on the basis
on lagg0.10 has shrunk by 4 (size of VLAN tag). Is there a way of
avoiding that?
Try bumping the MTU on the root em's by 4 (1504) before creating the
lagg...
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has
of 9K clusters.
There are even tunables that will let you set 4K as the only cluster
size that the driver should allocate.
Can we get this to be the default? and included in more drivers too?
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do
John-Mark Gurney wrote this message on Fri, Apr 24, 2015 at 11:11 -0700:
I would also be fine w/ documenting this behavior, though I'm sure
it'd be surprising to many that you'd have to check to make sure your
data was properly copied.
Should have reviewed the m_copyback function before
fundamental change... mbuf(9) does not document this
behavior that data may be thrown away...
I would also be fine w/ documenting this behavior, though I'm sure
it'd be surprising to many that you'd have to check to make sure your
data was properly copied.
--
John-Mark Gurney
/rfc6864
Which is a good read for addressing this issue...
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http
the review on the website.
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo
?
Do people realize that we have gcov in the tree? For changes like
this, seems like it'd be nice and easy to verify that all of the
changes got coverage...
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has
to
announce the route, but your lan admin will probably not like you for
that...
The other way is to use nat... Look at the handbook for configuring
either ipfw or pf for nat:
https://www.freebsd.org/doc/handbook/firewalls.html
--
John-Mark Gurney Voice: +1 415 225
manually and the the MAC adds it a second time...
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http
..
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any
Andrey V. Elsukov wrote this message on Fri, Nov 21, 2014 at 01:20 +0300:
On 21.11.2014 00:35, John-Mark Gurney wrote:
As I'm about to commit my AES-GCM work, I've been trying to do
some testing to make sure I didn't break IPsec.
The first major issue I ran across was transport mode
) - display an XvImage
hmm.. nope... jail has something about vnets, but not nearly enough
to be useful...
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd
or other image to confirm that there
is support...
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http
Fg8ZK2FsFj0QiYuN7rdHWASLUjQCM08VnGItPbaIK1mnEa5RR66jgbLckbsTzCpP
u9TA361AfS2/MER6RNdF
=zRJy
-END PGP SIGNATURE-
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
--
John-Mark Gurney
problem) but first i have to solve this.
Sounds like you're looking for multipath routing... This requires the
kernel to be recompiled w/ the option RADIX_MPATH..
By default, FreeBSD does not support having the same route to two
different interfaces..
Hope this helps...
--
John-Mark Gurney
...
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe
+= -DIPFIREWALL_VERBOSE_LIMIT=100
#
#If you want it to pass all packets by default
-#CFLAGS+= -DIPFIREWALL_DEFAULT_TO_ACCEPT
+CFLAGS+= -DIPFIREWALL_DEFAULT_TO_ACCEPT
+#
+#If you want divert sockets
+CFLAGS+= -DIPDIVERT
#
.include bsd.kmod.mk
--
John-Mark Gurney Voice
John-Mark Gurney wrote this message on Fri, Oct 31, 2014 at 12:12 -0700:
Can any one think of a good reason not to enable IPDIVERT sockets in
the ipfw module?
sorry, ignore this... didn't realize ipdivert was loadable as a
separate module, ipdivert...
--
John-Mark Gurney
new
in FreeBSD 10.0.
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd
interface?
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
as lagg) to ng_ether..
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd
NOT increment with each
packet sent.
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org
max_len)..
--
John-Mark Gurney Voice: +1 415 225 5579
All that I will do, has been done, All that I have, has not.
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
1 - 100 of 232 matches
Mail list logo