Re: CPU Utiliaztion on a ethernet bridge
On Wed, 2003-11-19 at 21:42, Simon Allard wrote: > I have replaced NIC's as I thought it might of been the drives also. I > moved to the eepro100 cards. Same problem. You should be using NICs with a poll-based driver, as opposed to an interrupt-based driver. This will preempt the kernel less often, and allow it to service the NIC more efficiently. The e1000 driver is excellent in this respect. We run more than 100Mb through a Linux router with a full eBGP table (~127k FIB entries) with no appreciable CPU consumption. The only time the box is substantially taxed is when a BGP peer flaps, in which case zebra consumes a lot of CPU power reconfiguring the FIB. It's a shame that the Linux kernel doesn't make the FIB structures accessible directly via an interface similar to /dev/kmem so zebra could simply mmap(2) it in and make large writes instead of small ioctl(2) calls. -- Jeff S Wheeler <[EMAIL PROTECTED]> Five Elements, Inc.
Re: Exim store and forward
On Wed, 19 Nov 2003, Adam Dawes wrote: > I tried commenting out my snippet and adding yours in the beginning of the > routers section. That ended up totally hosing my smtp. Pine gave me an > error saying that the smtp server was unavailable when I tried testing it. > > Where exactly should I put your snippet in my exim file? And do I need to > remove the snippet that I suggested below? hmm... I know why it didn't; you're using version 3 (from your sent mail headers): Exim 3.35 #1 (Debian) I was refering to version 4 which is a very different animal requiring a different config. If you don't want to upgrade to version 4, then try adding the following as the very last router: smart_route: driver = domainlist transport = remote_smtp route_list = * smtp.myisp.net bydns_a Cheers, Chris Foote <[EMAIL PROTECTED]> _ _ _Jabber: [EMAIL PROTECTED] (_)| | | | Director - INETD PTY LTD _ _ __ ___ | |___| | Level 2, 132 Franklin St | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 Inetd supports: Linux.Conf.Au Adelaide Jan 12-17 2004 Australia's Premier Linux Conference http://lca2004.linux.org.au -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CPU Utiliaztion on a ethernet bridge
On Wed, 2003-11-19 at 21:42, Simon Allard wrote: > I have replaced NIC's as I thought it might of been the drives also. I > moved to the eepro100 cards. Same problem. You should be using NICs with a poll-based driver, as opposed to an interrupt-based driver. This will preempt the kernel less often, and allow it to service the NIC more efficiently. The e1000 driver is excellent in this respect. We run more than 100Mb through a Linux router with a full eBGP table (~127k FIB entries) with no appreciable CPU consumption. The only time the box is substantially taxed is when a BGP peer flaps, in which case zebra consumes a lot of CPU power reconfiguring the FIB. It's a shame that the Linux kernel doesn't make the FIB structures accessible directly via an interface similar to /dev/kmem so zebra could simply mmap(2) it in and make large writes instead of small ioctl(2) calls. -- Jeff S Wheeler <[EMAIL PROTECTED]> Five Elements, Inc. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
I tried commenting out my snippet and adding yours in the beginning of the routers section. That ended up totally hosing my smtp. Pine gave me an error saying that the smtp server was unavailable when I tried testing it. Where exactly should I put your snippet in my exim file? And do I need to remove the snippet that I suggested below? thanks a lot! Adam On Thu, 20 Nov 2003, Chris Foote wrote: > On Wed, 19 Nov 2003, Adam Dawes wrote: > > > I've running exim as my mta on my home gateway machine which is connected > > via a fixed IP DSL line. I'm having increasing trouble getting my mail > > through as other sites (rightly) find messages coming from a block of dsl > > addresses suspicious. I want to have exim forward my outgoing messages to > > my internet provider's smtp server which is obviously more legit than > > mine. I've added the following at the top of the routers section of my > > exim.conf file. > > > > store_and_forward: > > driver = domainlist > > transport = remote_smtp > > route_list = "localhost smtp.myisp.net" > > > > When I send mail from my server and look at the headers, there's no > > indication that it actually got forwarded on to my isp's smtp server. What > > am I missing here? > > You need to use manualroute for non-local domains, as per: > > smarthost: > driver = manualroute > domains = !+local_domains > transport = remote_smtp > route_list = * smtp.myisp.net > > or alternatively: > > smarthost: > driver = manualroute > transport = remote_smtp > route_list = !+local_domains smtp.myisp.net > > > Grab a copy of the author's new Exim book from > http://www.uit.co.uk/exim-book/ > > > Chris Foote <[EMAIL PROTECTED]> > _ _ _Jabber: [EMAIL PROTECTED] > (_)| | | | Director - INETD PTY LTD > _ _ __ ___ | |___| | Level 2, 132 Franklin St > | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 > | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au > |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 > > Inetd supports: > Linux.Conf.Au Adelaide Jan 12-17 2004 > Australia's Premier Linux Conference > http://lca2004.linux.org.au > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CPU Utiliaztion on a ethernet bridge
I have replaced NIC's as I thought it might of been the drives also. I moved to the eepro100 cards. Same problem. What kernel are you using? I have tried 2.4.19 and 2.4.22. > I'm running the same scenario here on a ppro 200 except that I'm using > 2x3c905btxm cards for the briding instead of the one dual card. If I > flush all firewall rules i get a throuput of about 95MBit with a > cpu-load of constantly under 8%. With all firewall rules i get about > 85MBit and the cpu-load is far away from 50%. The bottleneck is the > memory timing. > Have you tried your setup with two nics as well? I would suggest the > problem is the NIC or the driver therefor. > > Cheers, > Michael > > > Simon Allard schrieb: > > > I have setup a linux box with a 2.4.19 kernel. I am bridging 2 ethernet > > devices together using 3Com PCI 3c982 Dual Port cards. (3c59x). > > > > What I am seeing is that the module itself uses 30% of CPU to handle just > > 10mbit both ways (20mbit total). ~6000ps total. From what I have read on > > the bridge homepages I should be able to run this on a 486 as CPU has > > nothing to do with it. What am I doing wrong? > > > > > > bridge:~# brctl show > > bridge name bridge id STP enabled interfaces > > br0 8000.000475c9a6f9 yes eth1 > > eth2 > > > > > > bridge:~# lsmod > > Module Size Used byNot tainted > > limiter13064 0 (unused) > > bridge 16748 1 > > 3c59x 25512 2 > > sis900 12388 1 > > > > > > > > bridge:~# cat /etc/modules > > # /etc/modules: kernel modules to load at boot time. > > # > > # This file should contain the names of kernel modules that are > > # to be loaded at boot time, one per line. Comments begin with > > # a #, and everything on the line after them are ignored. > > sis900 > > 3c59x options=4,4,4,4 full_duplex=1,1,1,1 max_interrupt_work=1 > > bridge > > limiter > > > > > > in /etc/network/interfaces > > auto eth1 > > iface eth1 inet loopback > > > > auto eth2 > > iface eth2 inet loopback > > > > # Bridge Interface for eth1 + eth2 > > auto br0 > > iface br0 inet loopback > > pre-up brctl addbr br0 > > up brctl addif br0 eth1 > > up brctl addif br0 eth2 > > up brctl stp br0 on > > down brctl delif br0 eth1 > > down brctl delif br0 eth2 > > post-down brctl delbr br0 > > > > > > > > > > > > Does anyone have any ideas off the top of your head what could be > > causing this or be able to point me in the right direction for some > > documentation relating to this problem. > > > > > > > > > > > > Simon Allard (Senior Tool Monkey) > > IHUG > > Ph (09) 358-5067 Email: [EMAIL PROTECTED] > > > > I'm out of my mind right now, but feel free to leave a message. > > > > > > Simon Allard (Senior Tool Monkey) IHUG Ph (09) 358-5067 Email: [EMAIL PROTECTED] I'm out of my mind right now, but feel free to leave a message. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
I tried commenting out my snippet and adding yours in the beginning of the routers section. That ended up totally hosing my smtp. Pine gave me an error saying that the smtp server was unavailable when I tried testing it. Where exactly should I put your snippet in my exim file? And do I need to remove the snippet that I suggested below? thanks a lot! Adam On Thu, 20 Nov 2003, Chris Foote wrote: > On Wed, 19 Nov 2003, Adam Dawes wrote: > > > I've running exim as my mta on my home gateway machine which is connected > > via a fixed IP DSL line. I'm having increasing trouble getting my mail > > through as other sites (rightly) find messages coming from a block of dsl > > addresses suspicious. I want to have exim forward my outgoing messages to > > my internet provider's smtp server which is obviously more legit than > > mine. I've added the following at the top of the routers section of my > > exim.conf file. > > > > store_and_forward: > > driver = domainlist > > transport = remote_smtp > > route_list = "localhost smtp.myisp.net" > > > > When I send mail from my server and look at the headers, there's no > > indication that it actually got forwarded on to my isp's smtp server. What > > am I missing here? > > You need to use manualroute for non-local domains, as per: > > smarthost: > driver = manualroute > domains = !+local_domains > transport = remote_smtp > route_list = * smtp.myisp.net > > or alternatively: > > smarthost: > driver = manualroute > transport = remote_smtp > route_list = !+local_domains smtp.myisp.net > > > Grab a copy of the author's new Exim book from > http://www.uit.co.uk/exim-book/ > > > Chris Foote <[EMAIL PROTECTED]> > _ _ _Jabber: [EMAIL PROTECTED] > (_)| | | | Director - INETD PTY LTD > _ _ __ ___ | |___| | Level 2, 132 Franklin St > | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 > | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au > |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 > > Inetd supports: > Linux.Conf.Au Adelaide Jan 12-17 2004 > Australia's Premier Linux Conference > http://lca2004.linux.org.au > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: CPU Utiliaztion on a ethernet bridge
I have replaced NIC's as I thought it might of been the drives also. I moved to the eepro100 cards. Same problem. What kernel are you using? I have tried 2.4.19 and 2.4.22. > I'm running the same scenario here on a ppro 200 except that I'm using > 2x3c905btxm cards for the briding instead of the one dual card. If I > flush all firewall rules i get a throuput of about 95MBit with a > cpu-load of constantly under 8%. With all firewall rules i get about > 85MBit and the cpu-load is far away from 50%. The bottleneck is the > memory timing. > Have you tried your setup with two nics as well? I would suggest the > problem is the NIC or the driver therefor. > > Cheers, > Michael > > > Simon Allard schrieb: > > > I have setup a linux box with a 2.4.19 kernel. I am bridging 2 ethernet > > devices together using 3Com PCI 3c982 Dual Port cards. (3c59x). > > > > What I am seeing is that the module itself uses 30% of CPU to handle just > > 10mbit both ways (20mbit total). ~6000ps total. From what I have read on > > the bridge homepages I should be able to run this on a 486 as CPU has > > nothing to do with it. What am I doing wrong? > > > > > > bridge:~# brctl show > > bridge name bridge id STP enabled interfaces > > br0 8000.000475c9a6f9 yes eth1 > > eth2 > > > > > > bridge:~# lsmod > > Module Size Used byNot tainted > > limiter13064 0 (unused) > > bridge 16748 1 > > 3c59x 25512 2 > > sis900 12388 1 > > > > > > > > bridge:~# cat /etc/modules > > # /etc/modules: kernel modules to load at boot time. > > # > > # This file should contain the names of kernel modules that are > > # to be loaded at boot time, one per line. Comments begin with > > # a #, and everything on the line after them are ignored. > > sis900 > > 3c59x options=4,4,4,4 full_duplex=1,1,1,1 max_interrupt_work=1 > > bridge > > limiter > > > > > > in /etc/network/interfaces > > auto eth1 > > iface eth1 inet loopback > > > > auto eth2 > > iface eth2 inet loopback > > > > # Bridge Interface for eth1 + eth2 > > auto br0 > > iface br0 inet loopback > > pre-up brctl addbr br0 > > up brctl addif br0 eth1 > > up brctl addif br0 eth2 > > up brctl stp br0 on > > down brctl delif br0 eth1 > > down brctl delif br0 eth2 > > post-down brctl delbr br0 > > > > > > > > > > > > Does anyone have any ideas off the top of your head what could be > > causing this or be able to point me in the right direction for some > > documentation relating to this problem. > > > > > > > > > > > > Simon Allard (Senior Tool Monkey) > > IHUG > > Ph (09) 358-5067 Email: [EMAIL PROTECTED] > > > > I'm out of my mind right now, but feel free to leave a message. > > > > > > Simon Allard (Senior Tool Monkey) IHUG Ph (09) 358-5067 Email: [EMAIL PROTECTED] I'm out of my mind right now, but feel free to leave a message.
Re: Exim store and forward
On Wed, 19 Nov 2003, Adam Dawes wrote: > I've running exim as my mta on my home gateway machine which is connected > via a fixed IP DSL line. I'm having increasing trouble getting my mail > through as other sites (rightly) find messages coming from a block of dsl > addresses suspicious. I want to have exim forward my outgoing messages to > my internet provider's smtp server which is obviously more legit than > mine. I've added the following at the top of the routers section of my > exim.conf file. > > store_and_forward: > driver = domainlist > transport = remote_smtp > route_list = "localhost smtp.myisp.net" > > When I send mail from my server and look at the headers, there's no > indication that it actually got forwarded on to my isp's smtp server. What > am I missing here? You need to use manualroute for non-local domains, as per: smarthost: driver = manualroute domains = !+local_domains transport = remote_smtp route_list = * smtp.myisp.net or alternatively: smarthost: driver = manualroute transport = remote_smtp route_list = !+local_domains smtp.myisp.net Grab a copy of the author's new Exim book from http://www.uit.co.uk/exim-book/ Chris Foote <[EMAIL PROTECTED]> _ _ _Jabber: [EMAIL PROTECTED] (_)| | | | Director - INETD PTY LTD _ _ __ ___ | |___| | Level 2, 132 Franklin St | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 Inetd supports: Linux.Conf.Au Adelaide Jan 12-17 2004 Australia's Premier Linux Conference http://lca2004.linux.org.au
UNSUBSCRIBE
Re: Exim store and forward
On Wed, 19 Nov 2003, Adam Dawes wrote: > I've running exim as my mta on my home gateway machine which is connected > via a fixed IP DSL line. I'm having increasing trouble getting my mail > through as other sites (rightly) find messages coming from a block of dsl > addresses suspicious. I want to have exim forward my outgoing messages to > my internet provider's smtp server which is obviously more legit than > mine. I've added the following at the top of the routers section of my > exim.conf file. > > store_and_forward: > driver = domainlist > transport = remote_smtp > route_list = "localhost smtp.myisp.net" > > When I send mail from my server and look at the headers, there's no > indication that it actually got forwarded on to my isp's smtp server. What > am I missing here? You need to use manualroute for non-local domains, as per: smarthost: driver = manualroute domains = !+local_domains transport = remote_smtp route_list = * smtp.myisp.net or alternatively: smarthost: driver = manualroute transport = remote_smtp route_list = !+local_domains smtp.myisp.net Grab a copy of the author's new Exim book from http://www.uit.co.uk/exim-book/ Chris Foote <[EMAIL PROTECTED]> _ _ _Jabber: [EMAIL PROTECTED] (_)| | | | Director - INETD PTY LTD _ _ __ ___ | |___| | Level 2, 132 Franklin St | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 Inetd supports: Linux.Conf.Au Adelaide Jan 12-17 2004 Australia's Premier Linux Conference http://lca2004.linux.org.au -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Route Question!
First, I strongly suggest you move your thread to the quagga-users list at [EMAIL PROTECTED] You can find numerous configuration examples in the archives at http://lists.quagga.net. This is the best forum for help with Zebra/Quagga. I suggest you follow-up on that list, which I also participate on. On Wed, 2003-11-19 at 16:16, kgb wrote: > router i have bgp all my traffic which are bgpeer (all traffic in my > country) and int (outside my country or with two words international First, you need to figure out how you will identify "bgpeer" traffic and "international" traffic. AS-PATH works but it is not the best way to go. Please provide details about how each of your eBGP sessions reaches your network. Are they all presently on your Cisco? What type of ports do you use, e.g. E3/DS3, FastEthernet, etc? > cisco router and bgp on debian linux router to be with some access list > _permit_ as_number _denied_ as_number can someone explane how that can You can accomplish what you want with AS-PATH access lists, however it will be a pain in the ass to maintain. What you really want is a BGP community based route filtering system. In my shop(s), I set communities on all routes learned via eBGP sessions. This helps me identify where I learned a route (which POP); who it came from (customer, transit, peer); and if it should have any special local-preference or export concerns. I then use route-maps that match based on communities to export only my customer routes to peers and transit providers, for example. To do this, every eBGP session needs its own route-map. Below is just an example; you will need some additional parameters for your peer ASes and your transit ASes, as I understand you. I can produce a better example when you provide more information. Please, follow up to the quagga list. router 10 neighbor 20.20.20.20 remote-as 20 neighbor 20.20.20.20 description AS 20 transit neighbor 20.20.20.20 soft-reconfiguration inbound neighbor 20.20.20.20 route-map transit_AS20_in in neighbor 20.20.20.20 route-map transit_AS20_out out neighbor 30.30.30.30 remote-as 30 neighbor 30.30.30.30 description AS 30 peer neighbor 30.30.30.30 soft-reconfiguration inbound neighbor 30.30.30.30 route-map peer_AS30_in in neighbor 30.30.30.30 route-map peer_AS30_out out neighbor 40.40.40.40 remote-as 40 neighbor 40.40.40.40 description AS 40 customer neighbor 40.40.40.40 soft-reconfiguration inbound neighbor 40.40.40.40 route-map cust_AS40_in in neighbor 40.40.40.40 route-map cust_AS40_out out ! ip community-list cust_routes permit 10:14 ip community-list peer_routes permit 10:17 ip community-list transit_routes permit 10:19 ! route-map transit_AS20_in permit 100 set local-preference 100 set community 10:19 # this is "learnt from transit" community set next-hop 20.20.20.20 # always enforce next-hop ! route-map transit_AS20_out permit 100 match community cust_routes set community none # don't send our communities to transit set next-hop 20.20.20.21 # this is our interface to AS20 ! route-map peer_AS30_in permit 100 set local-preference 300 set community 19:17 # this is "learnt from peer" community set next-hop 30.30.30.30 ! route-map peer_AS30_out permit 100 match community cust_routes set community none # unless peer wants your communities set next-hop 30.30.30.31 ! route-map cust_AS40_in permit 100 set local-preference 500 set community 19:14 # this is "learnt from customer" set next-hop 40.40.40.40 ! route-map cust_AS40_out permit 100 match community transit_routes goto 1000 ! route-map cust_AS40_out permit 110 match community peer_routes goto 1000 ! route-map cust_AS40_out permit 120 match community cust_routes goto 1000 ! route-map cust_AS40_out deny 999 ! route-map cust_AS40_out permit 1000 set community none set next-hop 40.40.40.41 > be done in more details i want that because my cisco router is too weak > and can't work well with 50-60Mbit traffic and if i can do that to split With your level of traffic, 50Mb/s - 60Mb/s, you will want to choose interfaces with poll-based, as opposed to interrupt-based interfaces. The Intel e1000 cards are superb. I hope this is a helpful start. You'll need to do some configuration work on OSPF and Zebra itself as well, but we'll need to look at more specifics of your setup to do that. -- Jeff S Wheeler <[EMAIL PROTECTED]> Five Elements, Inc.
Exim store and forward
I've running exim as my mta on my home gateway machine which is connected via a fixed IP DSL line. I'm having increasing trouble getting my mail through as other sites (rightly) find messages coming from a block of dsl addresses suspicious. I want to have exim forward my outgoing messages to my internet provider's smtp server which is obviously more legit than mine. I've added the following at the top of the routers section of my exim.conf file. store_and_forward: driver = domainlist transport = remote_smtp route_list = "localhost smtp.myisp.net" When I send mail from my server and look at the headers, there's no indication that it actually got forwarded on to my isp's smtp server. What am I missing here? thanks, Adam
UNSUBSCRIBE
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Route Question!
First, I strongly suggest you move your thread to the quagga-users list at [EMAIL PROTECTED] You can find numerous configuration examples in the archives at http://lists.quagga.net. This is the best forum for help with Zebra/Quagga. I suggest you follow-up on that list, which I also participate on. On Wed, 2003-11-19 at 16:16, kgb wrote: > router i have bgp all my traffic which are bgpeer (all traffic in my > country) and int (outside my country or with two words international First, you need to figure out how you will identify "bgpeer" traffic and "international" traffic. AS-PATH works but it is not the best way to go. Please provide details about how each of your eBGP sessions reaches your network. Are they all presently on your Cisco? What type of ports do you use, e.g. E3/DS3, FastEthernet, etc? > cisco router and bgp on debian linux router to be with some access list > _permit_ as_number _denied_ as_number can someone explane how that can You can accomplish what you want with AS-PATH access lists, however it will be a pain in the ass to maintain. What you really want is a BGP community based route filtering system. In my shop(s), I set communities on all routes learned via eBGP sessions. This helps me identify where I learned a route (which POP); who it came from (customer, transit, peer); and if it should have any special local-preference or export concerns. I then use route-maps that match based on communities to export only my customer routes to peers and transit providers, for example. To do this, every eBGP session needs its own route-map. Below is just an example; you will need some additional parameters for your peer ASes and your transit ASes, as I understand you. I can produce a better example when you provide more information. Please, follow up to the quagga list. router 10 neighbor 20.20.20.20 remote-as 20 neighbor 20.20.20.20 description AS 20 transit neighbor 20.20.20.20 soft-reconfiguration inbound neighbor 20.20.20.20 route-map transit_AS20_in in neighbor 20.20.20.20 route-map transit_AS20_out out neighbor 30.30.30.30 remote-as 30 neighbor 30.30.30.30 description AS 30 peer neighbor 30.30.30.30 soft-reconfiguration inbound neighbor 30.30.30.30 route-map peer_AS30_in in neighbor 30.30.30.30 route-map peer_AS30_out out neighbor 40.40.40.40 remote-as 40 neighbor 40.40.40.40 description AS 40 customer neighbor 40.40.40.40 soft-reconfiguration inbound neighbor 40.40.40.40 route-map cust_AS40_in in neighbor 40.40.40.40 route-map cust_AS40_out out ! ip community-list cust_routes permit 10:14 ip community-list peer_routes permit 10:17 ip community-list transit_routes permit 10:19 ! route-map transit_AS20_in permit 100 set local-preference 100 set community 10:19 # this is "learnt from transit" community set next-hop 20.20.20.20 # always enforce next-hop ! route-map transit_AS20_out permit 100 match community cust_routes set community none # don't send our communities to transit set next-hop 20.20.20.21 # this is our interface to AS20 ! route-map peer_AS30_in permit 100 set local-preference 300 set community 19:17 # this is "learnt from peer" community set next-hop 30.30.30.30 ! route-map peer_AS30_out permit 100 match community cust_routes set community none # unless peer wants your communities set next-hop 30.30.30.31 ! route-map cust_AS40_in permit 100 set local-preference 500 set community 19:14 # this is "learnt from customer" set next-hop 40.40.40.40 ! route-map cust_AS40_out permit 100 match community transit_routes goto 1000 ! route-map cust_AS40_out permit 110 match community peer_routes goto 1000 ! route-map cust_AS40_out permit 120 match community cust_routes goto 1000 ! route-map cust_AS40_out deny 999 ! route-map cust_AS40_out permit 1000 set community none set next-hop 40.40.40.41 > be done in more details i want that because my cisco router is too weak > and can't work well with 50-60Mbit traffic and if i can do that to split With your level of traffic, 50Mb/s - 60Mb/s, you will want to choose interfaces with poll-based, as opposed to interrupt-based interfaces. The Intel e1000 cards are superb. I hope this is a helpful start. You'll need to do some configuration work on OSPF and Zebra itself as well, but we'll need to look at more specifics of your setup to do that. -- Jeff S Wheeler <[EMAIL PROTECTED]> Five Elements, Inc. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Exim store and forward
I've running exim as my mta on my home gateway machine which is connected via a fixed IP DSL line. I'm having increasing trouble getting my mail through as other sites (rightly) find messages coming from a block of dsl addresses suspicious. I want to have exim forward my outgoing messages to my internet provider's smtp server which is obviously more legit than mine. I've added the following at the top of the routers section of my exim.conf file. store_and_forward: driver = domainlist transport = remote_smtp route_list = "localhost smtp.myisp.net" When I send mail from my server and look at the headers, there's no indication that it actually got forwarded on to my isp's smtp server. What am I missing here? thanks, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Route Question!
Hello guys, I have autonomously system, cisco router and Debian linux router on linux box i have zebra and ospf which communicated with cisco on cisco router i have bgp all my traffic which are bgpeer (all traffic in my country) and int (outside my country or with two words international traffic) now all my traffic int and bgpeer go through cisco router i want to split this traffic between cisco router and debian linux router international to go through cisco router and bgpeer to go through debian linux router i think that can be done by bgp on debian linux router and cisco router and bgp on debian linux router to be with some access list _permit_ as_number _denied_ as_number can someone explane how that can be done in more details i want that because my cisco router is too weak and can't work well with 50-60Mbit traffic and if i can do that to split my traffic then it will work well with 4-5Mbit. Any help will be appreciate. Thanks in advanced. -- Feci quod potui, faciant meliora potentes! signature.asc Description: This is a digitally signed message part
Route Question!
Hello guys, I have autonomously system, cisco router and Debian linux router on linux box i have zebra and ospf which communicated with cisco on cisco router i have bgp all my traffic which are bgpeer (all traffic in my country) and int (outside my country or with two words international traffic) now all my traffic int and bgpeer go through cisco router i want to split this traffic between cisco router and debian linux router international to go through cisco router and bgpeer to go through debian linux router i think that can be done by bgp on debian linux router and cisco router and bgp on debian linux router to be with some access list _permit_ as_number _denied_ as_number can someone explane how that can be done in more details i want that because my cisco router is too weak and can't work well with 50-60Mbit traffic and if i can do that to split my traffic then it will work well with 4-5Mbit. Any help will be appreciate. Thanks in advanced. -- Feci quod potui, faciant meliora potentes! signature.asc Description: This is a digitally signed message part
E-Center in PHP and Payments per Credit-Cards
Hello, curently I am using 'Intershop 4' (90 days trial) but I think, it is a little bit too expensive (8 Shops with Credit-Card payment around 8000 ¤) Is there a solution Open-Source written in PHP using postgresql and supports payments wit VISA dard ? I like to start my Online-Store (Strasbourg) in January 2004... Greetings Michelle -- Registered Linux-User #280138 with the Linux Counter, http://counter.li.org.
E-Center in PHP and Payments per Credit-Cards
Hello, curently I am using 'Intershop 4' (90 days trial) but I think, it is a little bit too expensive (8 Shops with Credit-Card payment around 8000 ¤) Is there a solution Open-Source written in PHP using postgresql and supports payments wit VISA dard ? I like to start my Online-Store (Strasbourg) in January 2004... Greetings Michelle -- Registered Linux-User #280138 with the Linux Counter, http://counter.li.org. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Proxy server
On Wed, 19 Nov 2003, Antonin Karasek wrote: > Hello everybody, > one of our customers want proxy server. Ok - it's common job. But he want > the proxy server to apply anti-virus scan to any incoming file. > > Is there anybody, who knows proxy server, which can do this? http://viralator.loddington.com/ works with squid - daniduc Daniel Lobato Duclos - http://www.cybershark.net GPG Key fingerprint = A21B 40DF 4B8D 3CE6 9284 E764 4DF0 144C 509F 080F --- " For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." R. P. Feynman http://science.ksc.nasa.gov/shuttle/missions/51-l/docs/rogers-commission/Appendix-F.txt
Proxy server
Hello everybody, one of our customers want proxy server. Ok - it's common job. But he want the proxy server to apply anti-virus scan to any incoming file. Is there anybody, who knows proxy server, which can do this? Many thanks
Re: Proxy server
On Wed, 19 Nov 2003, Antonin Karasek wrote: > Hello everybody, > one of our customers want proxy server. Ok - it's common job. But he want > the proxy server to apply anti-virus scan to any incoming file. > > Is there anybody, who knows proxy server, which can do this? http://viralator.loddington.com/ works with squid - daniduc Daniel Lobato Duclos - http://www.cybershark.net GPG Key fingerprint = A21B 40DF 4B8D 3CE6 9284 E764 4DF0 144C 509F 080F --- " For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." R. P. Feynman http://science.ksc.nasa.gov/shuttle/missions/51-l/docs/rogers-commission/Appendix-F.txt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Proxy server
Hello everybody, one of our customers want proxy server. Ok - it's common job. But he want the proxy server to apply anti-virus scan to any incoming file. Is there anybody, who knows proxy server, which can do this? Many thanks -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CPU Utiliaztion on a ethernet bridge
I don't know is it make any sense but I've compiled bridge as integrated, not as module. And I don't state any line in "interfaces" file about bridged interfaces; Only br0 exists. Also I'm using br0 as external interface. gw11:/etc# gw11:/etc# cat network/interfaces # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) # The loopback interface # automatically added when upgrading auto lo iface lo inet loopback # # Ayrintili bilgi ve diger parametreler icin: # /usr/share/doc/bridge-utils/README.Debian # auto br0 iface br0 inet static address 212.156.128.21 network 212.156.128.0 netmask 255.255.255.0 broadcast 212.156.128.255 bridge_ports eth0 eth1 bridge_stp on bridge_fd 5 gateway 212.156.128.18 # UNUSED # auto eth2 # iface eth2 inet static # auto eth3 # iface eth3 inet static gw11:/etc# free total used free sharedbuffers cached Mem:257064 211444 45620 0 5276 159648 -/+ buffers/cache: 46520 210544 Swap: 128516 1604 126912 gw11:/etc# gw11:/etc# lsmod Module Size Used byNot tainted shaper 3004 0 (unused) tulip 36928 0 (unused) eepro100 16816 0 (unused) 3c59x 24712 2 gw11:/etc#
Re: CPU Utiliaztion on a ethernet bridge
I don't know is it make any sense but I've compiled bridge as integrated, not as module. And I don't state any line in "interfaces" file about bridged interfaces; Only br0 exists. Also I'm using br0 as external interface. gw11:/etc# gw11:/etc# cat network/interfaces # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) # The loopback interface # automatically added when upgrading auto lo iface lo inet loopback # # Ayrintili bilgi ve diger parametreler icin: # /usr/share/doc/bridge-utils/README.Debian # auto br0 iface br0 inet static address 212.156.128.21 network 212.156.128.0 netmask 255.255.255.0 broadcast 212.156.128.255 bridge_ports eth0 eth1 bridge_stp on bridge_fd 5 gateway 212.156.128.18 # UNUSED # auto eth2 # iface eth2 inet static # auto eth3 # iface eth3 inet static gw11:/etc# free total used free sharedbuffers cached Mem:257064 211444 45620 0 5276 159648 -/+ buffers/cache: 46520 210544 Swap: 128516 1604 126912 gw11:/etc# gw11:/etc# lsmod Module Size Used byNot tainted shaper 3004 0 (unused) tulip 36928 0 (unused) eepro100 16816 0 (unused) 3c59x 24712 2 gw11:/etc# -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: CPU Utiliaztion on a ethernet bridge
Hi! I don't think that I could address your problem, but in Debian there is a package called bridge-utils that allows easy bridge creation. One of my systems uses it for a user-mode-linux installation between tap0 and eth2: - auto tap0 iface tap0 inet manual tunctl_user uml-net auto eth2 iface eth2 inet manual auto br0 iface br0 inet manual bridge_ports eth2 tap0 bridge_stp on As you can notice in my example, the iface method shouldn't be loopback (it isn't the lo device). Try using the "manual" method if it helps Regards > > in /etc/network/interfaces > auto eth1 > iface eth1 inet loopback > > auto eth2 > iface eth2 inet loopback > > # Bridge Interface for eth1 + eth2 > auto br0 > iface br0 inet loopback > pre-up brctl addbr br0 > up brctl addif br0 eth1 > up brctl addif br0 eth2 > up brctl stp br0 on > down brctl delif br0 eth1 > down brctl delif br0 eth2 > post-down brctl delbr br0 >
Re: CPU Utiliaztion on a ethernet bridge
Hi! I don't think that I could address your problem, but in Debian there is a package called bridge-utils that allows easy bridge creation. One of my systems uses it for a user-mode-linux installation between tap0 and eth2: - auto tap0 iface tap0 inet manual tunctl_user uml-net auto eth2 iface eth2 inet manual auto br0 iface br0 inet manual bridge_ports eth2 tap0 bridge_stp on As you can notice in my example, the iface method shouldn't be loopback (it isn't the lo device). Try using the "manual" method if it helps Regards > > in /etc/network/interfaces > auto eth1 > iface eth1 inet loopback > > auto eth2 > iface eth2 inet loopback > > # Bridge Interface for eth1 + eth2 > auto br0 > iface br0 inet loopback > pre-up brctl addbr br0 > up brctl addif br0 eth1 > up brctl addif br0 eth2 > up brctl stp br0 on > down brctl delif br0 eth1 > down brctl delif br0 eth2 > post-down brctl delbr br0 > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
