Re: [LARTC] New L7-Filter patterns for Kademlia / eMule?
On Saturday 25 September 2004 19:10, Alexis wrote: > uhm, could you capture some packets with ethereal to check the contents and > make the new pattern? Possibly, but not very easily. The pattern match for edonkey 'classic' is several dozen hex matches for L7. That was probably nontrivial to decipher. I'd expect Kad to be of similar complexity. -- Jason Boxman Perl Programmer / *NIX Systems Administrator Shimberg Center for Affordable Housing | University of Florida http://edseek.com/ - Linux and FOSS stuff ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] New L7-Filter patterns for Kademlia / eMule?
uhm, could you capture some packets with ethereal to check the contents and make the new pattern? -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] En nombre de Jason Boxman Enviado el: Sábado, 25 de Septiembre de 2004 19:52 Para: [EMAIL PROTECTED] Asunto: [LARTC] New L7-Filter patterns for Kademlia / eMule? I had been using L7-Filter[1] successfully for edonkey/eMule traffic until recently. I upgraded to the latest release of mldonkey, 2.5.28a, which implements eMule compatibility, and with support for Kademlia[2] enabled, network latency increases greatly. [1] http://l7-filter.sourceforge.net/ [2] http://www.infoanarchy.org/wiki/wiki.pl?Kademlia Has anyone created a new pattern match for L7-Filter for this protocol? I fetched the latest l7-protocols tarball, but the edonkey.pat hasn't been updated in some time. I'd be happy to capture Kademlia traffic, but I don't know what exactly to do with it thereafter. Thanks. -- Jason Boxman Perl Programmer / *NIX Systems Administrator Shimberg Center for Affordable Housing | University of Florida http://edseek.com/ - Linux and FOSS stuff ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] New L7-Filter patterns for Kademlia / eMule?
I had been using L7-Filter[1] successfully for edonkey/eMule traffic until recently. I upgraded to the latest release of mldonkey, 2.5.28a, which implements eMule compatibility, and with support for Kademlia[2] enabled, network latency increases greatly. [1] http://l7-filter.sourceforge.net/ [2] http://www.infoanarchy.org/wiki/wiki.pl?Kademlia Has anyone created a new pattern match for L7-Filter for this protocol? I fetched the latest l7-protocols tarball, but the edonkey.pat hasn't been updated in some time. I'd be happy to capture Kademlia traffic, but I don't know what exactly to do with it thereafter. Thanks. -- Jason Boxman Perl Programmer / *NIX Systems Administrator Shimberg Center for Affordable Housing | University of Florida http://edseek.com/ - Linux and FOSS stuff ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] Coexistence of Dynamic and Static routing
Thanks for your prompt response. You have confirmed most of my thoughts so now it is just do it and see how much performamce we can get. Again Thank you Loren Alexis <[EMAIL PROTECTED]> wrote: List members; I have been reading the digest for some time now and I would like to ask some conceptual questions. I am a telecommunications systems designer and not a software guy, but I have tried and used a number of the tools availabel in the LARTC and Iptables, and many of the other great things included in Linux. We are designing commercial products and I don't want to ask my software people to do things that are not realistic or might cause instability in systems. Great, me too :) 1) Is it feasible to use both dynamic and static routing systems in a Linux router? That is, if I am using the facilities in IProute2 and Iptables to do fair queing and bandwidth control, for selected subnets, will that work ok with one of the router daemons like ripd or ospfd? Will their be a problem with routing tables being confused between the two? I guess what I am really asking is what is the relationship between Ingress / Egress ques, Pre-routing / Post-routing tables and the daemons in the data flow within the box. yes it is. in fact, compared, just say, with a cisco router, a linux router keeps the logic of "main routing table" and then the routing protocols tables. But the difference is linux can handle a _lot_ of routing tables and you can handle the way routing protocols, static routes and policers/classifiers acts on that networks. Off course iptables can act on this schema too. 2) Given the above, are there any issues as far as throughput and processing horse power, are concerned? We are building on a 2.6 kernel and will be using PIV 2.4 to 2.8 GHz hyperthreaded systems with large amounts of RAM, but there will be other stuff running on the same machine, such as Squid cache server. Also, my satellite modulator and demodulators are on the PCI bus and will take some processor. We will be handling data rates of up to 8 mbps on the upstream (bits not bytes) and up to 40 mbps on the downstream. Hub routers may be receiving up to 1 Gbps of incoming data from remotes. These rates are maximum and not the norm, but rather the exception. Part of the reason for wanting to use OSPF for example is that this system is multi-destination and there will be new alternate routes available as well multiple routes appearing and disappearing. Uhm, i sorry i cannot be quite clear about the benchmarks, but im sure that you can handle those bw without a problem. An example. with 2.4 (2.6 is more performant i think) with a dual P3 1.2ghz, 1gb ram, a few years ago, i handled bgp with full routing (around 130k prefixes), OSPF as an IGP, firewall and some QoS rules. With this schema i had 4 ethernet interfaces and 1 Gb ethernet, the total bw was around 100 to 130mbps and it worked just fine. I think you could handle your traffic without major problems with those equipment, think that the only "additional" proccesses are the routing daemons, all other tasks ran at kernel level 3) I have read questions many times, from people who ask about ingress control (policing) and the same answer is always given, about the fact that you can't tell the internet to send data slower. Has anyone used the ECN congestion notification bits in the IP header? At least for an internal (read that edge) network, it should work just as well as the BECN controls in frame relay. This would allow the network to slow down the sender without dropping packets, and should work as well in UDP as in TCP. ive not used ecn , as you say it may work, feel free to test it if you can :) Ive used IMQ and it works just fine, but its a software implementation and takes some cpu resources. and off course, the ingress policers works just fine, but they are limited. 4) Has anyone tried an accelerator for TCP with IProute2? I guess it would have to be behind the routing machine (LAN side), right? nop, i didnt 5) Has anyone out there, worked with the HDLC driver in the kernel? It is built in and we have used it, but I don't know how to relate it to the Iproute2 commands. Is it as simple as setting up the same as you would for the zebra router? Yes, ive used this driver with a v35 interface, ive used ifconfig and iproute commands to manage this interface without a problem. i remember commands like ifconfig hdlc0 up ifconfig pvc0 10.0.0.1 pointopoint 10.0.0.2 this is an example that ive found to use iproute2 to create tunnels, they act as a ptp interface, so, take a look http://mirrors.bieringer.de/www.deepspace6.net/docs/iproute2tunnel-en.html Lastly, I wold like to thank all of the people in the open surce community and especially the folks that maintain this list for their efforts and their dedication to this project. You are appreciated, even if it isn't said often enough. :) as part of the community and the l
[LARTC] IPv6 interfaces Fowarding and non-forward.
I'm running fedora core 2 with 2.6.7 kernel when I have /proc/sys/net/ipv6/conf/all/forwarding Set on Listening Deamon's will not respond to Sync requests. if I turn it off which breaks routing of course. then the Deamons can make connections. Is this suppost to be normal behavior when the box is routeing IPv6? This only happens with ipv6 connections. ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] strange behavior of ipsec tunnel mode
It's because recived packet is decapsulated (from AH) and reinserted into your interface (e.g. eth0). Then it's decapsulated from ESP and reinserted one more time in plain. In FreeS/WAN packets ware inserted in ipsec0 instead of original eth0. It's normal. You don't see the same with sent packets because wey are inserted into interface (eth0) after being encrypted. PoltoS/ - This mail sent through IMP: http://horde.org/imp/ - ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Coexistence of Dynamic and Static routing
List members; I have been reading the digest for some time now and I would like to ask some conceptual questions. I am a telecommunications systems designer and not a software guy, but I have tried and used a number of the tools availabel in the LARTC and Iptables, and many of the other great things included in Linux. We are designing commercial products and I don't want to ask my software people to do things that are not realistic or might cause instability in systems. 1) Is it feasible to use both dynamic and static routing systems in a Linux router? That is, if I am using the facilities in IProute2 and Iptables to do fair queing and bandwidth control, for selected subnets, will that work ok with one of the router daemons like ripd or ospfd? Will their be a problem with routing tables being confused between the two? I guess what I am really asking is what is the relationship between Ingress / Egress ques, Pre-routing / Post-routing tables and the daemons in the data flow within the box. 2) Given the above, are there any issues as far as throughput and processing horse power, are concerned? We are building on a 2.6 kernel and will be using PIV 2.4 to 2.8 GHz hyperthreaded systems with large amounts of RAM, but there will be other stuff running on the same machine, such as Squid cache server. Also, my satellite modulator and demodulators are on the PCI bus and will take some processor. We will be handling data rates of up to 8 mbps on the upstream (bits not bytes) and up to 40 mbps on the downstream. Hub routers may be receiving up to 1 Gbps of incoming data from remotes. These rates are maximum and not the norm, but rather the exception. Part of the reason for wanting to use OSPF for example is that this system is multi-destination and there will be new alternate routes available as well multiple routes appearing and disappearing. 3) I have read questions many times, from people who ask about ingress control (policing) and the same answer is always given, about the fact that you can't tell the internet to send data slower. Has anyone used the ECN congestion notification bits in the IP header? At least for an internal (read that edge) network, it should work just as well as the BECN controls in frame relay. This would allow the network to slow down the sender without dropping packets, and should work as well in UDP as in TCP. 4) Has anyone tried an accelerator for TCP with IProute2? I guess it would have to be behind the routing machine (LAN side), right? 5) Has anyone out there, worked with the HDLC driver in the kernel? It is built in and we have used it, but I don't know how to relate it to the Iproute2 commands. Is it as simple as setting up the same as you would for the zebra router? Lastly, I wold like to thank all of the people in the open surce community and especially the folks that maintain this list for their efforts and their dedication to this project. You are appreciated, even if it isn't said often enough. Loren Wells CTO Linksat America Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers!