If a client and a server set up a new conversation over tcp.
They both have an MTU of 1500 and DF=1
How will you fragment this, even being a L3 tunnel?
/S
On Tue, 11 Feb 2020 at 08:22, Janne Johansson wrote:
> Den mån 10 feb. 2020 kl 20:53 skrev Simen Stavdal :
>
>> I think the m
On Mon, 10 Feb 2020 at 17:00, Janne Johansson wrote:
> Den mån 10 feb. 2020 kl 16:27 skrev Simen Stavdal :
>
>> This is more a discussion about scalability and practical implementation.
>> We both know that PMTU will work partly at best, your entire path back
>> mus
hich would include TCP, UDP and ICMP).
Would be interesting to find if UDP enforces DF in most cases.
Cheers,
Simon.
On Mon, 10 Feb 2020 at 13:50, Janne Johansson wrote:
> Den mån 10 feb. 2020 kl 12:15 skrev Simen Stavdal :
>
>> True, but issue was related to downloading over http, wh
?
Cheers,
Simon.
On Mon, 10 Feb 2020 at 12:06, Janne Johansson wrote:
> Den mån 10 feb. 2020 kl 11:58 skrev Simen Stavdal :
>
>> Hi Lucas,
>> Have you tried to manipulate the mss during conversation setup?
>> This is done with the max-mss directive in pf.conf.
>> Bas
Hi Lucas,
Have you tried to manipulate the mss during conversation setup?
This is done with the max-mss directive in pf.conf.
Basically, it takes the three way handshake, and overrides the MSS value in
the handshake to something lower than the default.
Client (1500 bytes) -> pf (change to 1300
92.168.2.0/30) so that I can re-advertise into
OSPF.
Is there a way to add a label to a directly connected network? Can I
get router C to advertise this, and then use router B to label? etc
Cheers,
Simon.
On Mon, 14 Jan 2019 at 22:06, Sebastian Benoit wrote:
> Hi,
>
> Simen Stavda
Hello,
I have three routers connected in a chain.
A<->B<->C
All routers have a host address as loopback 100 (192.168.5.x/32, A=1, B=2,
C=3).
The segments between the routers are 192.168.1.0/30 (AB) and 192.168.2.0/30
(BC).
A to B runs OSPF
B to C runs IBGP
I redistribute the BGP routes into
So, with 6.4 recently released, I just installed it rather than using
latest current - worked flawlessly - thank you.
ospfctl reload now picks up new interfaces added.
/S
On Sat, 29 Sep 2018 at 13:40, Stuart Henderson wrote:
> On 2018/09/29 13:36, Simen Stavdal wrote:
> > Than
Thanks Stuart,
-vd just said the same, i.e interface unknown, will try -current and report
back :)
Thanks,
Simon
On Sat, 29 Sep 2018 at 13:06, Stuart Henderson wrote:
> I've had problems at times with ospfd not seeing interfaces properly
> after adding them, please try a -current snapshot and
On Fri, Sep 28, 2018 at 10:22:42PM +0200, Simen Stavdal wrote:
> > Hi all,
> >
> > On 6.3, using both octeon and amd64.
> >
> > While ospfd is running, I would like to add another interface (let’s say
> a
> > loopback if). After adding the loopback if to os
Hi all,
On 6.3, using both octeon and amd64.
While ospfd is running, I would like to add another interface (let’s say a
loopback if). After adding the loopback if to ospf as passive I reload
with ospfctl, but it does not start advertising the new interface. Only
when I restart ospfd will it
Hello,
I am setting up an ospf lab, and have a quick question.
The answer is probably right in front of me, but I just can't seem to find
it.
I have a basic ospfd.conf including some active and some passive interfaces.
Working just fine.
usg2# cat /etc/ospfd.conf | grep -v "^#"
Hi Greg,
I haven't done this myself, but take a look at the man pages of httpd.conf
under the servers sections.
You can create multiple a-records pointing to the same ip address, and then
pick up the incoming traffic by inspecting the http header in order to find
which virtual server to send the
Anycast with ospf and ipv6 could be a fun tutorial...
/S
On 2 Apr 2017 22:27, "Luke Small" wrote:
> It might be a fun idea to share what a really locked down desktop system
> pf.conf would look like like if you are running a chain of DNS services (or
> something that
and...
do you have the routing table for some of the hosts that can/cannot ping
each other?
Are there other gateways out of the networks, other than the openvpn box?
S.
Alessandro Baggi wrote:
Johan Beisser wrote:
On Mon, Jan 25, 2010 at 10:05 AM, Alessandro Baggi
Hello Alessandro,
Can you see any of the traffic on the inside LAN on the client side with
tcpdump?
I.e set tcpdump on $int with
tcpdump -i nameofinternalinterface proto icmp
and then try to ping from a server?
Silly suggestion, but
What about client side firewalls? Do they allow to be
you want to use NAT between to RFC1918 networks that don't overlap?
I am trying to understand your objective and the purpose of the setup,
maybe there is a different way of setting it up?
Cheers,
Simon.
Alessandro Baggi wrote:
Simen Stavdal wrote:
and...
do you have the routing table
Dukes wrote:
On Mon, Sep 28, 2009 at 11:28:51PM +0200, Simen Stavdal wrote:
Hello misc,
I have an openbsd host running that I wish to access in different
manners depending on where the users connect from.
This host runs sftp chrooted for internet users, and at the same
time
Hello misc,
I have an openbsd host running that I wish to access in different
manners depending on where the users connect from.
This host runs sftp chrooted for internet users, and at the same time, I
wish to administer the box with ssh.
At the same time, I do not wish to allow ssh from the
Hello jcr,
Not quite sure if this would meet your needs, but you could look at anue
systems :
http://www.anuesystems.com
Cheers,
Simon.
On Wed May 6 13:33 , J.C. Roberts sent:
I need to collect raw throughput statistics without increasing
latency
or reducing bandwidth on 10GbE fiber
Hello,
What sort of box is your default gateway?
(Possibilities for running tcpdump on the gateway?)
If you do, you could check the interfaces on the gateway, that the
packets get routed to another interface on the gateway.
There could be a number of configuration options on the gateway producing
Hello,
I've had a similar issue before, and cannot quite remember in detail, but
it was something like this ;
Check that you have a /etc/hostname.vlan203 config file, and modify the
netmask here.
Do you have any carp interfaces layered over vlan203 that may be
conflicting with the netmask?
If
Hello,
Checking on my own box (running 4.1), $PKG_PATH echoes ;
ftp://ftp.stacken.kth.se/pub/OpenBSD/4.1/packages/i386/
# uname -a
OpenBSD ## 4.1 GENERIC.MP#1225 i386
I have
export PKG_PATH=ftp://ftp.stacken.kth.se/pub/OpenBSD/4.1/packages/i386/
Set in my .profile, and it works for
Hi Ricardo/list,
You could also use pfflowd (which exports netflow compatible datagrams).
Then you could set up ntop as a receiver, to give you long term stats.
Cheers,
Simon.
On Thu Jan 15 15:24 , Ricardo Augusto de Souza sent:
Hi list,
i have an openBSD 4.3 with PF as a gateway/router.
Hi Lars,
The USB 2.0 Specification says max 480Mbps, and is to be considered a
theroretical max.
This equates to about 60MBytes/second.
The devices that connect through the bus rarely get even close to this
rate.
In fact, if you compare it to the SATA-2 specification says 3000Mbps
if
sendbug is appropriate for feature requests or not. Given the text
under
http://www.openbsd.org/report.html, it sounds like sendbug is
appropriate
for feature requests, but you may want to double-check that yourself.
- Damian
Simen Stavdal wrote:
:
: Hello again,
: Ok, I think we
Hello Damian/Claer/misc,
Thanks for your feedback,
Just a bit more background...
Here is some of my reasoning for wanting to do trap handling and
duplications
There are several advantages to having the devices send only one trap to
a central system.
1) Less configuration on the devices (and
Hi Damian/misc,
I appreciate your input -I really do.
Please see my comments below.
Cheers,
Simon.
On Wed Nov 5 14:46 , Damian Gerow sent:
Simen Stavdal wrote:
: 1) Less configuration on the devices (and also less load, though
not a
: big problem anymore). This is not really a problem
Hi Damian,
Nothing like a fiery discussion :)
On Wed Nov 5 15:39 , Damian Gerow sent:
Simen Stavdal wrote:
: I am not trying to escape the fact that one needs systems in place
: to manage large installations, I am merely looking for what *I*
: think would be a better way to deploy
which is the only accepted argument
when using a host table.
I will give multicast a try, as it may be a better fix than store and
forward, replacing the source address.
Ultimately, I think this is a feature request.
Thank you,
Simen.
On Wed Nov 5 15:28 , Russell Howe sent:
Simen Stavdal
:
Simen Stavdal wrote:
: Worth submitting a feature request?
: --- I looks like this would be the best solution ---
Sounds like you have your desired solution. So long as the OBSD
developers
accept your request as valid.
: --- The subject of my posting is Duplicating incoming packets
hosts
Cheers,
Simon.
On Nov 4, 2008, at 5:32 PM, Giancarlo Razzolini wrote:
Simen Stavdal escreveu:
Hello,
I have the following scenario.
A router (let's call it router A) is sending snmp traps to an nms
(Network Monitoring System).
Between the router A and the nms (let's call it nms
Hello,
I have the following scenario.
A router (let's call it router A) is sending snmp traps to an nms
(Network Monitoring System).
Between the router A and the nms (let's call it nms-a) is a Dell
PowerEdge 860 running OpenBSD 4.1 i386 (bsd.mp) and pf.
On the same segment as nms-a, is nms-b,
33 matches
Mail list logo