Hi,
glad to see interest in DCTCP!
On 2019-6-4, at 11:05, Yu He via freebsd-net wrote:
> In line 387 of file cc_tcp.c, the update of alpha is calculated by following
> code:
>
> dctcp_data->alpha = min(alpha_prev - (alpha_prev >> V_dctcp_shift_g) +
> (dctcp_data->bytes_ecn << (10
Hi,
On 2011-2-14, at 19:59, Darek M wrote:
Currently using 7.2-RELEASE, with ipnat/ipfilter.
Will I be setting up the NAT box in dual stack?
yes.
Will that allow me then to provide each private host with a v6 IP?
Yes.
Will that then make the private hosts run in dual stack?
If the OS
On 2010-10-1, at 1:55, Doug Barton wrote:
My point about FreeBSD 9 is that if we add the 6rd code today, then
release 9.0 in about a year, then support the RELENG_9 branch for 4-6
years that we will still be maintaining code that no one has any use
for. Sorry if I wasn't clear.
You're
On 2010-9-24, at 12:06, Lasse Brandt wrote:
IPs: 2a01:::3183:: /64
Gateway: 2a01:::3180::1 /59
And this is my rc.conf:
ipv6_enable=”YES”
ipv6_static_routes=”defgw”
ipv6_route_defgw=”2a01:::3180:: -prefixlen 59 -iface re0”
On 2010-9-21, at 17:05, Andre Oppermann wrote:
It seems multi-FIB is incomplete for IPv6. Also radix multi-path
is incomplete for IPv6 at the moment.
Thanks all, for confirming what the status here is.
(Too bad though - this means I still can't properly get packets routed out of a
multihomed
Hi,
On 2010-9-22, at 14:31, Bjoern A. Zeeb wrote:
On Wed, 22 Sep 2010, Lars Eggert wrote:
The ipfw fwd command also doesn't do IPv6;
Hmm, that could possibly be fixed. Not sure it's a good idea in
general, but ...
I'd be happy to test patches.
setfib was my alternative hope. And pf
Hi,
am I correct in that multi-FIB support is currently only working for IPv4? At
least setfib x route add -inet6 addr gw adds the route into all FIBs,
not only FIB x. (For IPv4, it works correctly.)
Or am I missing something?
Thanks,
Lars
PS: Please CC me on replies.
frequently come across entries in
the logs that I wish I had some more information about. I'd even go
as far as (optionally) dumping all such packets in tcpdump format.
Lars
--
Lars Eggert NEC Network Laboratories
such as this one, and are able to judge
the risks of enabling it.
Lars
--
Lars Eggert NEC Network Laboratories
from spoofed RSTs.
Lars
--
Lars Eggert NEC Network Laboratories
and reestablish the original packet order.
Lars
--
Lars Eggert NEC Network Laboratories
smime.p7s
Description: S/MIME Cryptographic Signature
spacing. That may or may not be a
problem for what you are trying to simulate however.
Lars
--
Lars Eggert NEC Network Laboratories
smime.p7s
Description: S/MIME Cryptographic Signature
to coordinate with the donations officer for help in getting
equipment you may need.
this sounds like something you could do with planetlab
(http://planet-lab.org/). Do you have access? (Or maybe I misunderstood
what you meant by testbed.)
Lars
--
Lars Eggert NEC
Lars Eggert wrote:
this sounds like something you could do with planetlab
(http://planet-lab.org/). Do you have access? (Or maybe I misunderstood
what you meant by testbed.)
Argh. Yes, it runs Linux. Yes, I'm jet lagged. (But there was some talk
about running something else on planetlab at some
)
Such was my expectation. But: is this a BSD-specific implementation?
If I catch a kernel doing otherwise, can I say 'Aha! That's a bug
based on documented standards' ?
RFC 1122, Section 3.3.4.2
Lars
--
Lars Eggert NEC Network Laboratories
smime.p7s
Description: S/MIME
- all my US modems just
had an Ethernet port...
--
Lars Eggert NEC Network Laboratories
smime.p7s
Description: S/MIME Cryptographic Signature
would target
at true policy-based routing.
For some simple setups, you can use ipfw fwd rules to forward on
something other than destination address.
But I agree that for more complex things you need some implementation of
policy routing.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC
with mtu, is there a fix ?
See the section on PMTU discovery in draft-touch-ipsec-vpn-06. If the
requirements of your setup allow is, IPIP gif tunnels together with
IPsec transport mode (as described in the ID) can address this issue.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information
. simulate a trie-like structure
with the firewall. This can can get you down to O(log).
It's not as automatic as you'd like though, probably.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to [EMAIL PROTECTED]
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Michael Sierchio wrote:
The time it takes to resolve host names, probably, and the additional
burden of writing the service names, where known, etc.
Try
tcpdump -vvv -n
or
tcpdump -vvv -ln
Or try a binary dump straight into a file, and analyze it offline.
Lars
--
Lars Eggert [EMAIL PROTECTED
needed both these changes for our Soekris-based rent-a-subnet
box: http://www.isi.edu/tethernet/
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Nick,
Nick Barnes wrote:
At 2003-08-13 15:43:51+, Lars Eggert writes:
Nick Barnes wrote:
I have some MAC addresses from a local Ethernet segment. I want to
convert them into IP addresses. How can I do that programmatically?
net/arping from port:
Thanks for the reference. I had a look
): 56 data bytes
ping: sendto: Input/output error
ping: sendto: Input/output error
ping: sendto: Input/output error
Did you increase net.link.gif.max_nesting via sysctl?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic
packets received, 0% unanswered
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
^^^
in and out. If -d is also present, show the number of dropped
^^^
packets. If -t is also present, show the contents of watchdog
timers.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Eric,
On 4/2/2003 7:58 AM, Eric Masson wrote:
Lars == Lars Eggert [EMAIL PROTECTED] writes:
Lars Alternatively (and already working), you can replace IPsec tunnel
Lars mode with IPIP (gif) tunnels and transport mode, and then use the
Lars gif device in your firewall rules.
If transport mode
will then go to Informational.)
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
on.
Try tcpmssd from ports, and bind it to ng0 after it comes up. It should
diddle the MSS values in your TCP SYNs on the fly. (You may also have to
do something similar on the tunnel endpoint for inbound connections.)
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences
, there is no need to run DHCP to get them.
Just assign them as aliases to a single NIC, turn off DHCP, and related
MAC address registration headaches go away.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
, what were the numbers you got when you measured (and what is
chariot)?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
/transport//require;
spdadd 10.0.0.0/0 10.0.0.3 any -P out ipsec esp/transport//require;
EOF
These look fishy. Shouldn't they simply be:
spdadd 10.0.0.3 10.0.0.1 any -P in ipsec esp/transport//require;
spdadd 10.0.0.1 10.0.0.3 any -P out ipsec esp/transport//require;
Lars
--
Lars Eggert [EMAIL
, where
IP is used as both link and network protocol.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
soheil soheil wrote:
I want to do packet capturing but as you know the pcap let the packet go
out and just put a copy on the buffer .
I just want to do a copy and don't let them go out .
Sounds like you should be using a divert socket, and not a bpf.
Lars
--
Lars Eggert [EMAIL PROTECTED
net.inet.tcp.slowstart_flightsize to 4? (I've been
running with this for a long time w/o problems.)
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
[Re-send, forgot to attach the patches. Argh.]
Lars Eggert wrote:
This causes the problem decribed in PR kern/41632
(http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/41632), where dhcpd
listens on interface A which is bridged to interface B. When A has no
carrier, DHCP requests arriving on B
Lars Eggert wrote:
Attached is a rough patch to if_ethersubr.c that fixes the problem. It
should probably further be tweaked (there's a chance for duplicates),
but I wanted some comments first :-)
Here's a revised version of the patch (against bridge.c, which is a
better place
not sure which one is
the best approach.
On Mon, Aug 19, 2002 at 09:52:27AM -0700, Lars Eggert wrote:
I've filed a PR (kern/41632,
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/41632) on the following
problem:
FreeBSD box with two Ethernet NICs, e.g. if0 with IP address A and if1
with IP address B
.
Reading his first post, the original poster wants to IPsec NAT'ed
packets, not vice versa.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
, and transport-mode IPsec
that. That way, your NAT packets get tunneled, and the tunneled packets
secured. On inbound, security processing comes first, then
decapsulation, then ipfw.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME
it over multiple packets. (But there are different issues
that can limit TCP throughput.)
I´ll try changing the packet sizes to figure out optimum.
I think I remember that 4K packets were fastest with the em hardware in
our case.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information
?
RFC2414 seems to indicate it should be higher. Solaris in version 8 and
later default to 4 for this value.
I've been running with 4 for years w/o problems. so i'm all for the change.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S
card and
4K datagrams on a 2.4Ghz P4.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
get you the list. MAC addresses will
then be either in your cache, or use net/arping from ports to get them.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Luigi Rizzo wrote:
than move to a different board, or use polling (i have polling
patches for the intel gigabit adapter)
If you mean em(4) - I'd love to test them :-)
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME
way to build one, no?)
Thanks,
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Garrett Wollman wrote:
On Wed, 09 Oct 2002 18:18:41 -0700, Lars Eggert [EMAIL PROTECTED] said:
anyone know of an in-kernel traffic generator similar to UDPgen
(http://www.fokus.gmd.de/research/cc/glone/employees/sebastian.zander/private/udpgen/)
for Linux? Userland traffic generators have
the tree?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
up between two FreeeBSD machines no problem, but not
between the two OSes.
Yes, we've been using IPIP tunnels between the two systems without
problems since at least 1998. (No idea about GRE.) What's the problem?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
this been tested with the new natd?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
to be.Am i doing anything wrong?
I have read the docs well and i thought the above
commands should work for me.
What does your topology look like?
What are your other firewall rules?
How do you measure bandwidth?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
ip from any to 10.0.1.0/24
ipfw pipe 1 config bw 100Kbit/s
That looks OK. What does ipfw show print?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Vinod wrote:
--- Lars Eggert [EMAIL PROTECTED] wrote:
That looks OK. What does ipfw show print?
ipfw pipe 1 show prints:
1: 100.000 Kbit/s 0 ms 50 sl. 0 queues (1 buckets)
droptail
mask: 0x00 0x/0x -0x/0x
*Just* ipfw show - I was wondering if your packets match
reasons, all of which people can only speculate on until they see
your code, a description of your setup and experimental procedure, and a
commented packet dump.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic
interface though,
according to tcpdump
What's the TTL on the broadcast packets?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
doesn't change, you may want
to ask this on the vtun mailing list, too: http://vtun.sourceforge.net/
What's the load on the box when the ping times go up? Vtun is userland.
I'd also try not compressing, it doesn't save much.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences
chipset problems. I recently replaced a
P120 with a Celeron 333 - the performance improvement was surprising.
Regards,
David
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-net in the body of the message
--
Lars Eggert [EMAIL PROTECTED] USC
!
That's about $300 above where I'm willing to consider it.
Soren's boxes (http://www.soekris.com/) are half that price and work
great for our purposes. (Although the current models are also a bit less
powerful than the one above.)
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information
, but it will add some
protection against this particular DOS attack.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
by default to begin with
(as required by RFC what-was-the-number-again, the one that updates that
piece of RFC 1812).
Have you *seen* your box forward directed broadcasts with a default
configuration?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
,
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
that, see ipfw (8), esp. the fwd action.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
leaving the
addresses unconfigured? Maybe you can still use ipfw like this:
route add DUMMY_NEXT_HOP -interface GIF
ipfw add fwd DUMMY_NEXT_HOP all from SOURCE to any
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME
, as I would need one for
each tunnel I have set up, and the number of tunnels I set up is dependent
on the number of mobile's that come into the system (which is somewhat of an
unknown).
This makes (2) look infeasible, but (1) may still be an option.
Lars
--
Lars Eggert [EMAIL PROTECTED
vs. UDP performance over
the link? (If so, you'll need to use a TCP tunnel.)
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
in ?? ()
#24 0x8048fc1 in ?? ()
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
I'd like to feed to an encryption node
are UDP (and soon TCP and IP). Or am I wrong?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
Hi,
anyone know of a netgraph node that implements decent-strength
encryption (Blowfish, etc.)?
Thanks,
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
transmissions together. For clarification, do you expect one if_tx_rdy()
call per packet or one per batch? Per packet may result in a burst of
these calls, does dummynet handle this?
Thanks,
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S
Lars Eggert wrote:
I'm trying to merge this into the sis driver, which seems to batch
transmissions together. For clarification, do you expect one if_tx_rdy()
call per packet or one per batch? Per packet may result in a burst of
these calls, does dummynet handle this?
Oh, I'm also using
, I'm really glad the folks on freebsd-small have
pointed us at them. Only downside is that you go blind if you look at
the case for too long :-)
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
in sis_txeof(), after the mbuf is freed.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
,timestamp 14033891 14033881,nop,nop,cc 384 (DF)
I don't know enough about the netgraph internals to debug this further
myself, but I'd be more than happy to do any tests that'd help you or
someone else look into this. (I should probably mention that I'm using
4.5-RELEASE.)
Thanks,
Lars
--
Lars
that extra uplink bandwidth would remain unused in this setup, right? Is
it possible to do WFQ when the uplink bandwidth is unknown/unspecified?
Thanks,
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
this (I
hope, still evaluating), and should also have the additional benefit of
being an in-kernel mechanism, thus saving two user/kernelmode switches
per packet. Maybe netgraph might work for you, too.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
by device
So I guess I have two questions:
1. Is there some other netgraph documentation out
there that I don't knowe about?
2. Why can't I listen on a ksocket?
Thanks,
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
receivers (the problem John Hay described), there's TCP mounts.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
protocol as well, including TCP.
If you can create collisions at the right time, you can disable all
retransmission schemes. The kicker is - how?
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
mode is
allowed between a host pair only.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: application/pkcs7-signature
patching net/vtund so it uses multi-af mode.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
!= AF_INET)
+ if (dst-sa_family != AF_INET dst-sa_family != AF_INET6)
#endif
{
m_freem(m0);
Thanks,
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
, which platform? from cc: it seems to be freebsd,
but which revision?
Sorry, yes, FreeBSD-4.5, but from looking at the CVS tree, it also seems
to be present in -CURRENT still.
Lars
--
Lars Eggert [EMAIL PROTECTED] USC Information Sciences Institute
smime.p7s
Description: S
the address family on
the front of each packet (see bundle_Create() in
src/usr.sbin/ppp/bundle.c).
Ah, that makes sense. The tag is so the tun device knows who to toss the
packet to when it comes back from the process? Guess I'll have to patch
vtund, then...
Thanks,
Lars
--
Lars Eggert [EMAIL
and the length of the encapsulation header...
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
smime.p7s
Description: application/pkcs7-signature
Dennis Pedersen wrote:
But uhm is there a 'simple' way of doing this?
Did you look at the KAME newsletters? (URL in a previous email)
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
http://www.isi.edu/larse/ University of Southern California
configuration for IPsec
http://www.kame.net/newsletter/19991007/
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
http://www.isi.edu/larse/ University of Southern California
smime.p7s
Description: S/MIME Cryptographic Signature
to assign remote peers its own IP address, which
would cause routing loops if mpd didn't catch it. (Note that this could
be due to misconfiguration; I still haven't been able to find the
support staff person who is in charge of the box...)
Lars
--
Lars Eggert [EMAIL PROTECTED
came across like that.
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
http://www.isi.edu/larse/ University of Southern California
smime.p7s
Description: S/MIME Cryptographic Signature
-browsable at http://www.kame.net/).
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
http://www.isi.edu/larse/ University of Southern California
smime.p7s
Description: S/MIME Cryptographic Signature
128.9/16) that is willing to hand you a
sublock, and let you run one end of the relay on their system. It can't
magically make your NAT'ed machines globally routable.
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
http://www.isi.edu/larse/ University
and the config scripts. Ping me again in a few days if you
haven't heard from me :-)
What is required to make this work though is that you can get a few
static IPs inside the 216.6.6.129/25 net (in your example) to relay.
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
etc...
Ports are part of the system in some sense. Do you mean part of the
default installation? I'm not sure load-balancing would be useful for
the majority of users. (Although it can be very useful for a minority.)
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences
problem than you describe. What Archie saw
was an ENOBUFS being handled like a loss inside the network, even though
the sender has information locally that can allow it to make smarter
retransmission decisions.
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
http
, and talking about -STABLE here),
but it's not too much work to add.
Not sure if this is really useful though. Ususally the NIC doesn't limit
your transmission speed, it's losses inside the network that do. Also,
why a new system call? Is it that much more efficient than RawIP?
Lars
--
Lars Eggert
there. There
currently is no such mechanism (AFAIK, and talking about -STABLE here),
but it's not too much work to add.
if you could suggest a few modifications that would be required, i'd like
to pursue this further.
Look at tsleep/wakeup on ifnet of if_snd.
Lars
--
Lars Eggert [EMAIL
Lars Eggert wrote:
Matthew Luckie wrote:
Is there a mechanism to tell when ip_output should be called again?
Ideally, I would block until such time as i could send it via ip_output
You probably get that because the outbound interface queue gets full,
so you want to block your caller
aren't interfaces, at least on
FreeBSD). Try tcpdumping and tell me what you get.
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
http://www.isi.edu/larse/ University of Southern California
smime.p7s
Description: S/MIME Cryptographic Signature
gateways, because transit packets have the correct source addresses
(check with tcpdump if you like). Only stuff originating on the gateways
has this problem.
Lars
--
Lars Eggert [EMAIL PROTECTED] Information Sciences Institute
http://www.isi.edu/larse/ University
driver, because it also offloads
checksum generation to the NIC.
that makes total sense. I'd like to see the paragraph above in big, bold
letters in the xl(4) man page then - so far it doesn't discuss checksum
offloading at all. :-)
Thanks,
Lars
--
Lars Eggert [EMAIL PROTECTED
1 - 100 of 134 matches
Mail list logo