Re: FreeBSD as high speed router
In [EMAIL PROTECTED], Christoph Kukulies wrote: A question to the network experts: I want to build a router between FDDI and Fast Ethernet [...] CPU will be a PIII (something fast, 500 MHz). Do I need much memory or would be 32 MB for the router purposes sufficient? I have a Firewall with quite some filtering that has a throughput of about 7MB/sec. It is a P-90 in a HX board with 32 MB and two fxp cards, so you definitivly don't need ninja macho pentium for this task (better give it to me :-). The thing is bootet from floppy and is a pure filtering router, no NAT, no applications/server, no proxies (which is suicide on a firewall anyway). Martin -- % Martin Cracauer [EMAIL PROTECTED] http://www.cons.org/cracauer/ BSD User Group Hamburg, Germany http://www.bsdhh.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
On Wed, Feb 23, 2000 at 11:42:14AM +0100, Martin Cracauer wrote: In [EMAIL PROTECTED], Christoph Kukulies wrote: A question to the network experts: I want to build a router between FDDI and Fast Ethernet [...] CPU will be a PIII (something fast, 500 MHz). Do I need much memory or would be 32 MB for the router purposes sufficient? I have a Firewall with quite some filtering that has a throughput of about 7MB/sec. It is a P-90 in a HX board with 32 MB and two fxp Interesting. The thing is bootet from floppy and is a pure filtering router, no NAT, no applications/server, no proxies (which is suicide on a firewall anyway). Would be interesting to tell how you managed to produce a bootable floppy with the subsequent scripting that starts the OS and all that. -- Chris Christoph P. U. Kukulies [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
I have a Firewall with quite some filtering that has a throughput of about 7MB/sec. It is a P-90 in a HX board with 32 MB and two fxp Interesting. The thing is bootet from floppy and is a pure filtering router, no NAT, no applications/server, no proxies (which is suicide on a firewall anyway). Would be interesting to tell how you managed to produce a bootable floppy with the subsequent scripting that starts the OS and all that. you can probably look at the scripts used in picobsd (in the source tree) and you will also find in the images at http://www.iet.unipi.it/~luigi/ip_dummynet/ http://www.iet.unipi.it/~luigi/pgm.html (probably second one is more featureful). The idea is that the rc.network scripts try to match the MAC address of the first card found with a database of ethernet cards in /etc/hosts, getting a hostname and then assigning a machine identity, and from there rc.conf.local and rc.firewall have a switch() to decide what to do and all the rest. cheers luigi ---+- Luigi RIZZO, [EMAIL PROTECTED] . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56126 PISA (Italy) Mobile +39-347-0373137 ---+- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
In [EMAIL PROTECTED], Christoph Kukulies wrote: On Wed, Feb 23, 2000 at 11:42:14AM +0100, Martin Cracauer wrote: The thing is bootet from floppy and is a pure filtering router, no NAT, no applications/server, no proxies (which is suicide on a firewall anyway). Would be interesting to tell how you managed to produce a bootable floppy with the subsequent scripting that starts the OS and all that. This setup is still 2.2.8-stable as the same thing done with 3.x will not fit onto the floppy. It was done before PicoBSD, otherwise I would have based by work on that. Basically, a small and kzip'ed kernel and needed stuff are put into a 1.44 MB file that is disklabeled and newfs'd as a BSD FFS. The trick I used is that I have a custom `init` binary, which looks at getpid() and argv[0] and depending on that bahaves like: - init - df - login (against md5'ed passwd stored in binary) - dmesg - a simple more - sleep - route You can hardlink it to these names and it will then get its intended behaviour from argv[0]. To save inodes, you may also choose the behaviour by switches to the name 'init' (which behaves like a real init only when it is pid 1). The advantage is of course that you have just one binary, this saves a lot of space, especially when you don't want shared libraries. Other stuff on the floppy are telnet, ls, /bin/sh, ifconfig, tcpdump and ipfw in maximaum stripped versions and with many #ifdef's turned off. Some of that is compressed, after evaluating advantages and disadvantages. I am not allowed to post the whole setup here, because if contains much of our network achitekture. However, I planned to switch to PicoBSD anyway (mostly to get to FreeBSD-3.x) and hope that I'm allowed to contribute the init(8) as described above. Martin -- % Martin Cracauer [EMAIL PROTECTED] http://www.cons.org/cracauer/ Tel.: (private) +4940 5221829 Fax.: (private) +4940 5228536 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
Hi, At 13:41 23/02/00 +0100, Martin Cracauer wrote: In [EMAIL PROTECTED], Christoph Kukulies wrote: On Wed, Feb 23, 2000 at 11:42:14AM +0100, Martin Cracauer wrote: The thing is bootet from floppy and is a pure filtering router, no NAT, no applications/server, no proxies (which is suicide on a firewall anyway). Would be interesting to tell how you managed to produce a bootable floppy with the subsequent scripting that starts the OS and all that. This setup is still 2.2.8-stable as the same thing done with 3.x will not fit onto the floppy. It was done before PicoBSD, otherwise I would have based by work on that. We're using a similar setup based on 3.3-STABLEish PicoBSD. Configuration includes wdc support in the kernel, ed, telnetd, ftp client, and some extras of our own, and it's running in 16MB of RAM. It's basically just a plain ol' custom PicoBSD and it all fits on one floppy, although we're actually booting it from compact flash (hence the wdc support, so we can save changes to configuration). There's even room on the floppy for fsck in case we get careless updating the flash. -- Bob Bishop +44 118 977 4017 [EMAIL PROTECTED]fax +44 118 989 4254 (0800-1800 UK) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
On Tue, Feb 22, 2000 at 10:35:48AM +0100, Christoph Kukulies wrote: A question to the network experts: I want to build a router between FDDI and Fast Ethernet (possibly without creating a subnet - something like arp proxy but that's more an IP issue; maybe someone can comment this also) That's sick, this way you don't have a strict separation between 2 lans and the router arps in both segments. Two have a real "broadcast firewall" you should avoid proxy arp. Figure out, you want to get the hosts in a segment and ping to the broadcast address. In a normal routed segment without proxy-arp you only the the station answering, which are in the segment. Turning on proxy arp you also get answers from machines from other connected lans... I'd avoid that ! Andreas /// -- Andreas Klemm http://www.FreeBSD.ORG/~andreas http://www.freebsd.org/~fsmp/SMP/SMP.html powered by Symmetric MultiProcessor FreeBSD Get new songs from our band: http://www.freebsd.org/~andreas/64bits/index.html To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
On Tue, Feb 22, 2000 at 10:42:46PM -0700, Wes Peters wrote: "Matthew N. Dodd" wrote: On Tue, 22 Feb 2000, Christoph Kukulies wrote: I'm thinking of using two PCI network cards. Fast Ethernet, no problem. But FDDI, what card? fpa0: Digital DEFPA PCI FDDI Controller port 0xe400-0xe47f mem 0xfafd-0xfafd,0xfafee000-0xfafee07f irq 4 at device 6.0 on pci0 fpa0: DEC DEFPA PCI FDDI SAS Controller fpa0: FDDI address 00:00:f8:40:e4:a8, FW=2.46, HW=0, SMT V7.2 fpa0: FDDI Port = S (PMD = Unshielded Twisted Pair) You want one of these (DEFPA-??). Can you still buy them? If so, what are they called now that DEC doesn't exist anymore? If you are interested I have a couple of DEFPA with SAS MMF fibre attachments for trade. New in the antistatic bag. -- Wilko Bulte Arnhem, The Netherlands http://www.tcja.nl The FreeBSD Project: http://www.freebsd.org To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
Martin Cracauer wrote: In [EMAIL PROTECTED], Christoph Kukulies wrote: Would be interesting to tell how you managed to produce a bootable floppy with the subsequent scripting that starts the OS and all that. The trick I used is that I have a custom `init` binary, which looks at getpid() and argv[0] and depending on that bahaves like: Now as the CD-ROM drives are quite cheap (I've got a 24x IDE drive for $30 about half a year ago) and the CD-writers are commonplace (and the writable/ re-witable CDs are also cheap) a bootable CD-ROM may be a simpler and more extensible solution. The bootable CD-ROMs can be created with mkhybrid: just create a floppy image that will mount cdrom as it root FS and give it to mkhybrid. You can still use floppy for such things as configuration files. The only caveat is to make sure that your BIOS is able to boot from CDROM. -SB To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
On Tue, 22 Feb 2000, Christoph Kukulies wrote: I'm thinking of using two PCI network cards. Fast Ethernet, no problem. But FDDI, what card? fpa0: Digital DEFPA PCI FDDI Controller port 0xe400-0xe47f mem 0xfafd-0xfafd,0xfafee000-0xfafee07f irq 4 at device 6.0 on pci0 fpa0: DEC DEFPA PCI FDDI SAS Controller fpa0: FDDI address 00:00:f8:40:e4:a8, FW=2.46, HW=0, SMT V7.2 fpa0: FDDI Port = S (PMD = Unshielded Twisted Pair) You want one of these (DEFPA-??). -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | [EMAIL PROTECTED] | 2 x '84 Volvo 245DL| ix86,sparc,pmax | | http://www.jurai.net/~winter | This Space For Rent | ISO8802.5 4ever | To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
"Matthew N. Dodd" wrote: On Tue, 22 Feb 2000, Christoph Kukulies wrote: I'm thinking of using two PCI network cards. Fast Ethernet, no problem. But FDDI, what card? fpa0: Digital DEFPA PCI FDDI Controller port 0xe400-0xe47f mem 0xfafd-0xfafd,0xfafee000-0xfafee07f irq 4 at device 6.0 on pci0 fpa0: DEC DEFPA PCI FDDI SAS Controller fpa0: FDDI address 00:00:f8:40:e4:a8, FW=2.46, HW=0, SMT V7.2 fpa0: FDDI Port = S (PMD = Unshielded Twisted Pair) You want one of these (DEFPA-??). Can you still buy them? If so, what are they called now that DEC doesn't exist anymore? -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC [EMAIL PROTECTED] http://softweyr.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
On Tue, 22 Feb 2000, Wes Peters wrote: Can you still buy them? If so, what are they called now that DEC doesn't exist anymore? I think Compaq has always sold them under their own label though I've never had my hands on any to verify this. I'm pretty sure that some 3com boards are actually OEMed DEF[EP]A boards too. -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | [EMAIL PROTECTED] | 2 x '84 Volvo 245DL| ix86,sparc,pmax | | http://www.jurai.net/~winter | This Space For Rent | ISO8802.5 4ever | To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD as high speed router
On Wed, 23 Feb 2000, Matthew N. Dodd wrote: On Tue, 22 Feb 2000, Wes Peters wrote: Can you still buy them? If so, what are they called now that DEC doesn't exist anymore? I think Compaq has always sold them under their own label though I've never had my hands on any to verify this. I'm pretty sure that some 3com boards are actually OEMed DEF[EP]A boards too. DEC's networking business went to Cabletron. I'm not sure they still make them, but they at list advertise them. Take a look at: http://www.cabletron.com/digital/dr/npg/index-fm.html#NICs -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | [EMAIL PROTECTED] | 2 x '84 Volvo 245DL| ix86,sparc,pmax | | http://www.jurai.net/~winter | This Space For Rent | ISO8802.5 4ever | Nadav To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
