Re: [LARTC] Hardware Configuration Ideas
Yes. In fact most cases of advanced firewalling only mean that you have a stupid fw-design, like hundreds/thousands of rules in one chain :-). Usually can be optimised by using sub-chains, ipset and/or ipt_ACCOUNT. If someone has hundreds of rules in one chain (with out a _*VERY*_ good reason and even then) they need to be shot on the spot. For performance reasons such a chain should be broken out in to a tree of chains an subchains that are jumped to in an attempt to minimize the number of rules that have to be traversed to get a match on any given packet. What I was referring to by advanced firewalling was such things as running things like -p udp -s 0.0.0.0/32 -d 255.255.255.255/32 --sport 68 --dport 67 -m addrtype --src-type broadcast -m pkttype --pkt-type broadcast for DHCP requests. or complex SSH Brute Force prevention chains / rules, or recent lists to control what types of traffic will be valid based on what you have sent or is not valid b/c you have not sent any thing, or should packets with the reset flag have the ack flat set or not, etc. Grant. . . . ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Hardware Configuration Ideas
You don't. Maybe that's conntrack's default, but you can set it to a higher number manually. The required memory is approx 400b per connection (depends on iptables/kernel compile time options). The rather conservative default (hashsize = 1/16384th of RAM) is for a generic system. For more info look at ip_conntrack_core.c 65535 connections need about 25MB in RAM, so before starting iptables, do modprobe ip_conntrack hashsize=8192 (contrack_max is auto-set to 8*hashsize, this is the recommended relation). In fact my distro Shurdix automatically sets up larger hashsize than the default, depending on system memory. Hmm, I did not have much time to solve this problem at the time and documentation was hard to come by at the time and what I did find was old. Alass I was not subscribed to this list to ask for help either. Note things have changed sense then. :) While a redundant system is indeed a good idea, I recommend making sure the router is rock stable. This doesn't necessarily require high-end / fast hardware, it is recommended to stress test it before going live (memtest/cpuburn/whatever). My tip is not to use primitive network cards like those based on rtl8139 which you require high bandwidth. This has the most noticeable impact on performance. I have ok experience with 3com's, I've heard intels are even better. I would agree to both points. I have had good luck with the rtl8139s on Cable / DSL and T1 routers but I would want something better (3C905x cards) for a much higher bandwidth installation. The redundant (identical) system is for those cases where the cleaning crew and / or momma nature and / or Mr Murphy have their way with your box. We have all had it happen (or will) in some way or another at some time. It is not if a box will fail in some way, but rather when. The failure may not be any thing you could prevent. I think the stores in Florida this year are a good example of that. Grant. . . . ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] (yet another) HTB question(s)
On Tue, Aug 16, 2005 at 12:37:48PM -0700, Gabriel wrote: 1) when used on a router for shaping traffic done by clients connected to it, shaping is done on the interface connected to the cable/dsl modem. If I wanted to create classes for every client on the network, I would have to use iptables to mark packets (using -j MARK) and not filters because, according to http://www.docum.org/docum.org/kptd/ the shaping is done after the SNAT, so all the clients would have the src address rewritten with the public IP. Am I getting this right? This page: http://mailman.ds9a.nl/pipermail/lartc/2005q1/014656.html (LARTC archive) contains a lot of useful links, one of them: http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png Note right bottom corner of that picture. 4) related to 3), I've tried to use a syntax like this: tc clas add dev $ETH parent 1:0 classid 1:1 htb rate $RATE ceil $CEIL, where CEIL RATE , but the max speed I achieved was the RATE speed. After further reading, I found out that you can't (well, you can, there's no syntax error, but it's useless) specify CEIL for the class attached to the root qdisc because it doesn't have a parent to borrow from. So is there a way to simulate a variable bandwidth link or should I just set RATE to the highest possible value the bandwidth can reach? http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm (6. Priorizing bandwidth share) answers this question. Use qdisc inside qdisc. That's about it for now. :) Thanks Thank you, -- _,-=._ /|_/| `-.} `=._,.-=-._., @ @._, `._ _,-. ) _,.-' `G.m-^m`m'Dmytro O. Redchuk ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Plotting graphs ??WHAT TO PLOT?
On Wed, Aug 17, 2005 at 04:10:28AM +0200, Alberto Torres wrote: Hello, i am writing a GUI for the tc. I am almost there, but i need some guideness... For every class/qdisc i have the bytes sents, dropped, borrowed, overlimits data for statistics, and i want to plot them on a graph. packets too lended tokens, ctokens :-) I like http://www2.ldc.net/~dor/py-htbstat/ though :) What data and how would yuu find it usefull to see plotted on a graph? I need you answers ;) I will post my GUI soon :) -- _,-=._ /|_/| `-.} `=._,.-=-._., @ @._, `._ _,-. ) _,.-' `G.m-^m`m'Dmytro O. Redchuk ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] (yet another) HTB question(s)
4) related to 3), I've tried to use a syntax like this: tc clas add dev $ETH parent 1:0 classid 1:1 htb rate $RATE ceil $CEIL, where CEIL RATE , but the max speed I achieved was the RATE speed. try to add 2-level root class: tc qdisc add dev $ETH root handle 1: htb default FF tc class add dev $ETH parent 1: classid 1:1 htb rate $MAXRATE ceil $MAXRATE tc class add dev $ETH parent 1:1 classid 1:2 htb rate $MINRATE ceil $MAXRATE tc class add ... [your child classes] I don't know if it'll work but worth trying. Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] HOWTO unmaintained?
Hi, more than a month ago I proposed an addition to the HOWTO to address a certain packet classification problem/bug and how to fix it (see http://mailman.ds9a.nl/pipermail/lartc/2005q3/016728.html). I never received any reaction from the HOWTO maintainers, not even when addressing them directly (see mail below). Given that a month has gone by: Is the HOWTO currently unmaintained? Regards, Georg ---BeginMessage--- --20050723180350+0200-4600352811890471214323957 Content-Transfer-Encoding: quoted-printable Hi, some days ago, I encountered what turned out to be either a problem of the HOWTO or the QDISC code itself. The start of the thread is: http://mailman.ds9a.nl/pipermail/lartc/2005q3/016716.html and I came up with a short draft for the HOWTO that explains the problem and gives the workaround, which you can find at http://mailman.ds9a.nl/pipermail/lartc/2005q3/016728.html Could you please include this in the HOWTO? Thanks, Georg =2D-=20 Georg C. F. Greve [EMAIL PROTECTED] Free Software Foundation Europe (http://fsfeurope.org) Join the Fellowship and protect your freedom! (http://www.fsfe.org) --20050723180350+0200-4600352811890471214323957 Content-Type: application/pgp-signature -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2rc2 (GNU/Linux) iQCVAwUAQuJqZik9sUy32wQcAQKDsQP9FLzD/eoz0LhUzEG1z/oyK09CxmKNlsPU q4ALYsS8Eyc/rrfqRGgvCqCR/mISICGW6in9NXjAH1ZWksqu1V7A8Q//4S3vi5hj r5ImbLMPBt/W3PAw3vMSLumANQ9uFwsF7AwT1IIWPPdOm13pXgaGdamX+IajbhGY ZHC8FKo0XRA= =vPw7 -END PGP SIGNATURE- --20050723180350+0200-4600352811890471214323957-- ---End Message--- -- Georg C. F. Greve [EMAIL PROTECTED] Free Software Foundation Europe (http://fsfeurope.org) Join the Fellowship and protect your freedom! (http://www.fsfe.org) pgpMgbaVLrHSm.pgp Description: PGP signature ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
On Wednesday 17 August 2005 10:04, Georg C. F. Greve wrote: I never received any reaction from the HOWTO maintainers, not even when addressing them directly (see mail below). Given that a month has gone by: Is the HOWTO currently unmaintained? www.lartc.org says: Linux Advanced Routing Traffic Control HOWTO Current version is 1.0.0 Files were last updated at 2004-03-31 00:11 CET (ie, about 12108.1 hours ago). So yes, I'd guess it's not actively maintained. Andreas ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
|| On Wed, 17 Aug 2005 12:19:54 +0200 || Andreas Klauer [EMAIL PROTECTED] wrote: ak www.lartc.org says: ak Linux Advanced Routing Traffic Control HOWTO Current version ak is 1.0.0 Files were last updated at 2004-03-31 00:11 CET (ie, ak about 12108.1 hours ago). ak So yes, I'd guess it's not actively maintained. Thanks for that quick reply. I guess the obvious question then is: How do we get it maintained? Does anyone know where the current maintainers have disappeared? Is anyone willing to take over that job? Regards, Georg -- Georg C. F. Greve [EMAIL PROTECTED] Free Software Foundation Europe (http://fsfeurope.org) Join the Fellowship and protect your freedom! (http://www.fsfe.org) pgpwRtqSU1Jxm.pgp Description: PGP signature ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
I guess the obvious question then is: How do we get it maintained? Does anyone know where the current maintainers have disappeared? Is anyone willing to take over that job? I wonder if someone would host a mediawiki and consider uploading the documentation there. This would make it easier for people to contribute, and I think it shold be fairly easy to convert from it's current format to a wiki Just a thought Ed W ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
On 8/17/05, Ed W [EMAIL PROTECTED] wrote: I guess the obvious question then is: How do we get it maintained? Does anyone know where the current maintainers have disappeared? Is anyone willing to take over that job? I wonder if someone would host a mediawiki and consider uploading the documentation there. This would make it easier for people to contribute, and I think it shold be fairly easy to convert from it's current format to a wiki Just a thought And a great one I might add. Does anybody know how busy the current site is? If not too busy (i.e. 10GB a month) I'd gladly put up a wiki on my server for it. If it get's busier I'll just have to move it to another server in due course. I've also gotten very frustrated with some old outdated information, and especially the lack of information regarding the 2.6.x kernel. All in favour...? Regards -- Kenneth Kalmer [EMAIL PROTECTED] [EMAIL PROTECTED] stats http://vspx27.stanford.edu/cgi-bin/main.py?qtype=userpageusername=kenneth%2Ekalmer ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
I don't even think this is list is being maintained. Several people have tried to unsubscribe. From: Ed W [EMAIL PROTECTED] To: Georg C. F. Greve [EMAIL PROTECTED] CC: Andreas Klauer [EMAIL PROTECTED],lartc@mailman.ds9a.nl Subject: Re: [LARTC] HOWTO unmaintained? Date: Wed, 17 Aug 2005 12:28:10 +0100 I guess the obvious question then is: How do we get it maintained? Does anyone know where the current maintainers have disappeared? Is anyone willing to take over that job? I wonder if someone would host a mediawiki and consider uploading the documentation there. This would make it easier for people to contribute, and I think it shold be fairly easy to convert from it's current format to a wiki Just a thought Ed W ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] HTB and Prio
Hi , I wanted some clarification on the PRIO value of HTB. I have a parent class 1:1 with ceil and rate 1000Kbit. Further I have three classes 1. 1:2 with rate 500Kbit ceil 1000Kbit prio 1 2. 1:3 with rate 300Kbit ceil 1000Kbit prio 2 3. 1:4 with rate 200Kbit ceil 1000Kbit prio 3 Also there is a child class of 1:2 , 1:22, with rate 100Kbit ceil 1000Kbit prio 4. I am not that among the siblings, the excess bandwidth is shared on basis of priority ie . 1:3 will get a higher share than 1:4. What I am not sure is will 1:22 class(being a child of 1:2) get a greater share than 1:3 or for that matter 1:4. Thanks, Vinod C ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Unsubsription impossible
Thomas Heinz wrote: Hi Several times, I unsuccessfully tried to unsubscribe from lartc via the web interface and mailto:[EMAIL PROTECTED] I also contacted the mailing list admin but got no reply. Even resubscribing did not work. I have posted here since I am running out of options. This posting is addressed to the list admin in charge: Please remove my email address from the lartc mailing list. If all else fails, just start bouncing the messages. After a few bounces it'll unsubscribe you. I kept getting unsubscribed because my system was rejecting the sentrisystem virus stuff. Dave ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
Hi Kenneth, Aye/puts hand up in agreement. A wiki would be great. The problem right now is there is little, and usually not very good, documentation on how to setup queue's and other advanced routing. The end result this list is full of people asking questions and very few who answer. :L And a great one I might add. Does anybody know how busy the current site is? If not too busy (i.e. 10GB a month) I'd gladly put up a wiki on my server for it. If it get's busier I'll just have to move it to another server in due course. I've also gotten very frustrated with some old outdated information, and especially the lack of information regarding the 2.6.x kernel. All in favour...? ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HTB and Prio
I am not that among the siblings, the excess bandwidth is shared on basis of priority ie . 1:3 will get a higher share than 1:4. The quantum of borrowed bandwidth is proportional with the rate you specified for each class. The prio control is for controlling who gets the excess bandwith first (if exists). Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
Hi, I got frustrated with it several months ago when I tried to update IMQ information and never got a response. I can host a WiKi too, maybe we can mirror content and share the task. I'm not sure if any WiKi has a mirroring functionality but we can figure this out. Andre D. Correa, CISSP | Visite meus projetos pessoais: andre.correa (at) pobox.com| Visit my personal projects: http://andre.hiperlinks.com.br | -http://malware.hiperlinks.com.br Sao Paulo / SP / Brazil| -http://www.linuximq.net/ Kenneth Kalmer wrote: On 8/17/05, Ed W [EMAIL PROTECTED] wrote: I guess the obvious question then is: How do we get it maintained? Does anyone know where the current maintainers have disappeared? Is anyone willing to take over that job? I wonder if someone would host a mediawiki and consider uploading the documentation there. This would make it easier for people to contribute, and I think it shold be fairly easy to convert from it's current format to a wiki Just a thought And a great one I might add. Does anybody know how busy the current site is? If not too busy (i.e. 10GB a month) I'd gladly put up a wiki on my server for it. If it get's busier I'll just have to move it to another server in due course. I've also gotten very frustrated with some old outdated information, and especially the lack of information regarding the 2.6.x kernel. All in favour...? Regards ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] Hardware Configuration Ideas
Thank you all for your help! The reason why I asked for your help was because I had the following problem: Router: 1.4 GHZ AMD 256 RAM Realtek 8139 NIC Slackware 2.6 kernel No iptables rules just iproute2 routing. I have 2 sub-networks and the router is configured as a router on a stick. I tested a simple routing from one sub-network to another (FTP transfer) (the traffic enters and leaves the router using the same NIC) and the maximum transfer rate is 50 Mbit (instead of 100 Mbit as expected). I wonder how am I able to route a Gigabit network ... Someone told me that he solved the problem using FreeBSD as it has a better performance on this field... I am bound to Linux as it has a superb implementation of QoS. You have nothing like this in BSD. I want to ask you: what is the maximum transfer rate that you can obtain on your configurations (with and without heavy firewalling / marking / tc). Thanks again for your input! Mihai ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
On Wed, 17 Aug 2005 12:28:10 +0100 Ed W [EMAIL PROTECTED] wrote: I guess the obvious question then is: How do we get it maintained? Does anyone know where the current maintainers have disappeared? Is anyone willing to take over that job? I wonder if someone would host a mediawiki and consider uploading the documentation there. This would make it easier for people to contribute, and I think it shold be fairly easy to convert from it's current format to a wiki Good idea, I'll see if the OSDL will put up a wiki for it on developer.osdl.org, stay tuned. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
Aye/puts hand up in agreement. A wiki would be great. The problem right now is there is little, and usually not very good, documentation on how to setup queue's and other advanced routing. The end result this list is full of people asking questions and very few who answer. i am totally pro refreshing the lartc howto. and wiki is a great idea -- *Dariusz 'tdi' Dwornikowski | Gentoo | admin at pozman.pl | *[JID]:[EMAIL PROTECTED]|[gg]:2266034|[IRC]:[EMAIL PROTECTED] | *[MAIL]:[EMAIL PROTECTED]|[WWW]:www.tdi.pozman.pl | *Serwery,administracja,webapps - www.ProAdmin.com.pl | *Fingerprint:43E21CC46DAFD2F754E91547D59B39F56AAA4B5F | pgphGBb7lGB8P.pgp Description: PGP signature ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
It seems strange that astronomers discovered a whole set of Black Holes at about the time the maintainers vanished... It looks like a number of people are offering sites - IMHO, a distributed wiki (ie: you can edit at any of the sites) or a master/mirror setup would be good, as that would help prevent problems if site maintainers get kidnapped by aliens, sites get slashdotted, etc. It would also be good if at least one site offered multiple ways to connect - eg: via an IPSec tunnel or via IPv6 - as this would give people a simple way of testing what they're trying. --- Kenneth Kalmer [EMAIL PROTECTED] wrote: On 8/17/05, Ed W [EMAIL PROTECTED] wrote: I guess the obvious question then is: How do we get it maintained? Does anyone know where the current maintainers have disappeared? Is anyone willing to take over that job? I wonder if someone would host a mediawiki and consider uploading the documentation there. This would make it easier for people to contribute, and I think it shold be fairly easy to convert from it's current format to a wiki Just a thought And a great one I might add. Does anybody know how busy the current site is? If not too busy (i.e. 10GB a month) I'd gladly put up a wiki on my server for it. If it get's busier I'll just have to move it to another server in due course. I've also gotten very frustrated with some old outdated information, and especially the lack of information regarding the 2.6.x kernel. All in favour...? Regards -- Kenneth Kalmer [EMAIL PROTECTED] [EMAIL PROTECTED] stats http://vspx27.stanford.edu/cgi-bin/main.py?qtype=userpageusername=kenneth%2Ekalmer ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
On Wednesday 17 August 2005 19:05, Jonathan Day wrote: It looks like a number of people are offering sites - IMHO, a distributed wiki (ie: you can edit at any of the sites) or a master/mirror setup would be good, as that would help prevent problems if site maintainers get kidnapped by aliens, sites get slashdotted, etc. I'd prefer if we could keep the central site www.lartc.org since that location is already more than well known. If the owner just doesn't have the time to maintain the Howto anymore, it would be best to put the wiki directly there, since that can be self-maintained by the users then. So I suggest we at least try to contact the original maintainer / domain owner before putting a Wiki just anywhere. If that's not possible, I think I'd prefer one central, but reliable long-term host over a distributed solution. Mirrors are fine, though. It would also be good if at least one site offered multiple ways to connect - eg: via an IPSec tunnel or via IPv6 - as this would give people a simple way of testing what they're trying. There are sites that let you run a connection speed test and stuff. However, this does not have to do anything with the Wiki per se. Regards Andreas Klauer ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
Jonathan Day schrieb: It seems strange that astronomers discovered a whole set of Black Holes at about the time the maintainers vanished... It looks like a number of people are offering sites - IMHO, a distributed wiki (ie: you can edit at any of the sites) or a master/mirror setup would be good, as that would help prevent problems if site maintainers get kidnapped by aliens, sites get slashdotted, etc. Or some big organization like SUSE/RedHat/etc. who are unlikely to vanish could offer hosting a wiki. That makes alien abduction and slashdotting really unlikely. Using multiple sites is always a problem because invariably people will lose interest, sites will get out of sync, the question which site should be linked from external sites and all of the sites stealing google ranking from each other. If people feel comfortable with SUSE hosting such a wiki, I could ask them. Regards, Carl-Daniel -- http://www.hailfinger.org/ ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
RE: [LARTC] Hardware Configuration Ideas
On Wed, 17 Aug 2005 18:46:35 +0300 Mihai Vlad [EMAIL PROTECTED] wrote: The reason why I asked for your help was because I had the following problem: [cut] Realtek 8139 NIC Yes, this is indeed a problem. Cards based on this chipset don't scale well. Try 3coms or intels. If you're short on money, dlink dfe-530tx might do too. (I work for none of the mentioned companies :-)). Mihai Yours sincerely, Peter -- http://www.shurdix.org - Linux distribution for routers and firewalls ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
Andreas Klauer schrieb: On Wednesday 17 August 2005 19:05, Jonathan Day wrote: It would also be good if at least one site offered multiple ways to connect - eg: via an IPSec tunnel or via IPv6 - as this would give people a simple way of testing what they're trying. There are sites that let you run a connection speed test and stuff. However, this does not have to do anything with the Wiki per se. Yes, a way to test certain setups would be cool, but you have to be aware that there might be security bugs in the services you offer. Your risk would be higher than for usual setups because people might also be able to use post-authentication bugs. A person setting up such a test system should also be aware that people might use more bandwidth than anticipated. Regards, Carl-Daniel -- http://www.hailfinger.org/ ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Hardware Configuration Ideas
Yes, this is indeed a problem. Cards based on this chipset don't scale well. Try 3coms or intels. If you're short on money, dlink dfe-530tx might do too. Um, the DFE-530TX+ is a (rebranded) Realtek8139 chipset card so I would expect that the performance would be comparable to the Realtek cards. I personally have not used them but I have heard wonderful things about DEC Tulup cards. If you are interested I have some 3Com 905 cards I'd be willing to part with for a very reasonable price. (Please email me off the list if you are interested in the NICs.) Grant. . . . ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Hardware Configuration Ideas
Taylor, Grant schrieb: Yes, this is indeed a problem. Cards based on this chipset don't scale well. Try 3coms or intels. If you're short on money, dlink dfe-530tx might do too. Um, the DFE-530TX+ is a (rebranded) Realtek8139 chipset card so I would expect that the performance would be comparable to the Realtek cards. I personally have not used them but I have heard wonderful things about DEC Tulip cards. Some of the DFE-5..TX cards are indeed tulip based and have very good performance for a reasonable price. Unfortunately sources on the net disagree which cards have which chipset, so I recommend looking at them (I bought a new tulip based card here in Germany for 7 Euros). It pays to request a look at the chipsets of the cheaper cards, they might not even advertise their chipsets as tulip. Regards, Carl-Daniel -- http://www.hailfinger.org/ ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Hardware Configuration Ideas
On Wed, 17 Aug 2005 14:18:47 -0500 Taylor, Grant [EMAIL PROTECTED] wrote: Um, the DFE-530TX+ is a (rebranded) Realtek8139 chipset card so I would expect that the performance would be comparable to the Realtek cards. I don't have one here, but I vaguely remember they use a different kernel module (8139too vs. via-rhine) so I think it's a different chipset. I only mentioned them because some time in distant past I solved some performance problems by switching from from 8139 to the dlink, and the dlink costs less than a half of entry-level 3com. Grant. . . . -- http://www.shurdix.org - Linux distribution for routers and firewalls ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] HOWTO unmaintained?
It looks like a number of people are offering sites - IMHO, a distributed wiki (ie: you can edit at any of the sites) or a master/mirror setup would be good, as that would help prevent problems if site maintainers get kidnapped by aliens, sites get slashdotted, etc. I think the Wiki, if that route is chosen, should be on the www.lartc.org domain name. This means that we will have to find and contact the administrators of that domain / DNS servers. As far as the distributed web site goes I think it is a good idea. To pull off the distributed site we would need to have the DNS records resolve to multiple boxen across the net. I have considered a self replicating set up for some of my servers and at present I'm looking at using Coda or AFS as a replicating / caching local copies of the remote file system content. I've never dealt with Wikis other than and end user (and I say that the ones that I've looked at have been slow) so I don't know what they take to set up. I suspect that they use a database and thus we would want to set up the Wiki to use a database that has real time replication between the two (or more) web servers that the wiki points to. I would be more than happy to help with such an endeavor. I can not host it at my office (bosses will not let me) but I can help provide content and / or convert stuff. It would also be good if at least one site offered multiple ways to connect - eg: via an IPSec tunnel or via IPv6 - as this would give people a simple way of testing what they're trying. Again I am not able to do this, but I think it could be relatively easily done by offering a host with multiple IPs bound to it and give people a UML that they can test things in. Much of the routing / firewalling work that I have done can easily be done in side of a UML. This would mean that a system would need to be fairly capable and running a UML it's self to be a router in to the UML farm / UML switch backplane. Again I would be more than willing to help set up such a system (and enjoy it at that). I think it would be interesting to do this with multiple distributions and possibly versions there of. To pull this off the box would need to be fairly powerful though to support many people at one time. I'd say that you could get away with a dual multi GHz proc box with at least 2 - 4 GB of RAM. I would expect that this could support 10+ concurrent users in side of UML doing some compiling or more if they are just using recompiled binaries. Grant. . . . ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
