[LARTC] news + list is back
On Wed, Sep 21, 2005 at 09:25:10AM +0200, richard lucassen wrote: > > Second test after big upgrade.. > > So you finally got your driver's license? ;) Indeed - and I have a picture to prove it: http://ds9a.nl/photos/mim-en-bert-in-auto.jpg I'm the one on the right :-) The server has just been upgraded to Debian Sarge and I cleaned up a lot so there is lots of free space on the disks. The next step will be setting up the wiki, although I'm still not sure on the best way to do this. I've looked at a host of wikis, none of them entirely suits my needs so far. I *need* the DocBook output in the end as lots of people read the pdf. I also need top-notch moderation infrastructure because even as it is, there is enough bad advice available already which I do not want to enshrine into the HOWTO! Many many apologies for the long delay... -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] test 1 2 3 4
Second test after big upgrade.. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Upcoming maintenance, fixes, apologies, wiki
Hi everybody, As you may have noticed, the HOWTO is getting stale, you can't subscribe to the mailinglist and a lot of messages sent to it aren't getting through. I apologise for this. If all goes well I'll get my driver's license this Tuesday, which will allow me to visit the server, which I can't easily reach right now. I'll add memory and upgrade the storage. The root cause of our problems are the filling up of the disks each morning because of dspam and htdig resource exhaustion. In the meantime, I've disabled a lot of non-lartc.org functionality on the server and am working on restoring (again) the mailing list. When the mailing list is back up, I'll start working on the wiki. What I'd like best is to have a wiki *in addition* to the boring static document, and move the good stuff from the wiki to the static document every once in a while. Ideas? Thanks, bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services
Re: [LARTC] What happend with this mLIST?
On Thu, Mar 10, 2005 at 02:43:15PM -0800, Gafton Claudiu wrote: > I didn't received any email since 18 Feb ? What is happening ? The short story is that we had a lot of disk full conditions. The long story is that this should not have happened and that Mailman should be able to deal with it if it does. The even longer story is that I've been too busy to find a few consecutive hours to redo the Mailman install. Sorry! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] LARTC has a new Mailman!
Hi everybody, I finally caved in an did a full reinstall of Mailman. I nearly decided on rewriting the damn thing. Might do so later on hehe, but probably not. Biggest apologies to those users that had disabled delivery of our list. I have not found a way to retain user settings in this recovery. Our Mailman install was hosed so severely that nothing short of a complete purge would do the job. I apologise for the long delay in doing this. Furthermore, not everything is back, like the archives. Some details might be wrong. It is well possible that the archives will remain split. Thanks to Wichert Akkerman for his services as 'Mailman doctor'! Let me know if anything is wrong. I've tried to retain important settings but I might've missed some things. Bert. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services ___ LARTC mailing list LARTC@mailman.ds9a.nl http://outpost.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] Interesting oopses...
On Mon, Nov 29, 2004 at 10:57:40AM +0200, Justin Schoeman wrote: > OK - this is starting to get frustrating... Are there any known issues > with 2.6.9 and traffic shaping? I am using 2.6.9 with geoip 20041115, > and get odd oopses. The following script oopses my box: 2.6.9 is known to be slightly fishy. Could you post the oops? -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] the list is down but I'm working on it
Hi people The list is down, severly so. Mailman is pretty hosed which is probably related to repeated disk-full conditions. I'll try to fix this tomorrow (Saturday). In the meantime, I'm considering moving away from Mailman, if anybody knows a better alternative, I'd love to hear about it in private. Thanks! -- http://www.PowerDNS.com Open source database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
[LARTC] the list is back online
Hi everybody, Sometime last week outpost.ds9a.nl's disk filled up and mailman corrupted one of its databases. It took quite some time to fix this, for which I apologize. But we're back now! For posterity, the log file reported: Nov 13 13:27:33 2004 (25374) Delivery exception: EOF read where object expected Nov 13 13:27:33 2004 (25374) Traceback (most recent call last): File "/usr/lib/mailman/Mailman/Handlers/HandlerAPI.py", line 82, in do_pipeline func(mlist, msg, msgdata) File "/usr/lib/mailman/Mailman/Handlers/Hold.py", line 152, in process hold_for_approval(mlist, msg, msgdata, NonMemberPost) File "/usr/lib/mailman/Mailman/Handlers/Hold.py", line 218, in hold_for_approval mlist.HoldMessage(msg, reason, msgdata) File "/var/lib/mailman/Mailman/ListAdmin.py", line 146, in HoldMessage self.__opendb() File "/var/lib/mailman/Mailman/ListAdmin.py", line 70, in __opendb self.__db = marshal.load(fp) EOFError: EOF read where object expected The solution was to delete the request.db (or at least move it), which unwedged mailman mostly. The final solution was to run 'listzap' by Wichert Akkerman, which zonked the outstanding requests database, allowing the mailman administrative website to function again. Thanks Wichert! Anyhow, happy LARTC-ing! -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] maybe OT, Linux TCP programming
On Wed, Nov 10, 2004 at 10:24:49PM +0100, Damjan wrote: > Is there a way in Linux socket programming, when using TCP sockets to be > able to require notifications of when the TCP ACK packets are received. > > If I send some data over a TCP socket, I'd like to know for sure > if the data reached its recipient. A blocking "send" call, that blocks > until all ACK's for the data are received back, would be good enough. If you want that, you have to make your own 'tcp' with UDP. Another solution is to set a very small window size, select(2) will then return on reception on the ACK. Set the window size to one packet in that case (~1500 bytes). Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] testing
Apologies if you receive this, the mailinglist appears broken -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] another test
apologies if you see this -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] wondershaper 2.0, QoS gui, presentation
Hi Everybody, Tomorrow the 5th of September I'll be presenting my new QoS gui which will eventually include the wondershaper 2.0 as its configuration. Configuration will also be loadable using a non-X tool, and the gui will be able to configure remote machines as well using netlink-over-tcp. If you are interested and live near Switzerland, visit http://www.sucon.ch/sucon/03/register.html Other presentations: http://www.sucon.ch/sucon/03/sessions.html If you are there, I'll be happy to meet with you. I'll attempt to setup a LARTC BOF or WIP or whatever. Thanks! -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Server hacked
Dear people, The server outpost.ds9a.nl has been compromised and will be offline for the coming days, probably, unless I feel that I've been able to flush out the hackers, which I doubt. Don't trust anything you downloaded from lartc.org or ds9a.nl! This includes the wondershaper or powerdns. Thanks. -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] setting up an IPSEC on Linux mailinglist?
[crossposted, private replies appreciated to prevent massive list pollution, [EMAIL PROTECTED] is closed for non-subscribers] I'm pondering setting up a mailinglist for native Linux 2.6 IPSEC users and I'm wondering is such a list exists already and what your feelings are. This list would be a place for end-users to discuss, where problems found could be thrown over the fence to netdev if needed. Interoperability with FreeS/WAN would also be an appropriate subject. This list could also have a webpage listing all available tools, a FAQ, whatever. Thanks. -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] The Wonder Shaper problem
On Sun, Jul 06, 2003 at 05:26:53PM +0200, Rudi Hansen wrote: > > Your message does not entirely make sense. Here you are talking about > > inbound. > > Ok let's se if I can explain it properly. > > > > I have a small home network with an ADSL router fore my internet connection, > and some computers all connected to the ADSL Router through a switch. > > > > Now my problem is that I would like to be able to restrict the internet > bandwidth on some of my machines. > > > > Now I have used The Wonder Shaper script to restrict the bandwidth on my > Linux machine, and it works on that machine. > > > > But now my problem is if I setup one of my Windows machines to use the Linux > machine as gateway, but I can still access the internet with full bandwidth > from that machine. Ah, I get it. You need to disable icmp redirects, your linux box is sending the windows machine directly to the adsl router! Check out /proc/sys/net something or order. Good luck! > > > > Now what am I doing wrong? -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] The Wonder Shaper problem
On Fri, Jul 04, 2003 at 03:23:10PM +0200, Rudi Hansen wrote: > I Have and Linux RedHat 9.0 machine, where i have installed the wondershaper > script to limit my inbound internet speed. Your message does not entirely make sense. Here you are talking about inbound. > If i upload a file from the linux machine my max speed is 9Kbit, but on the > windows its 40Kbit. This is about outbound. So I'm not entirely sure what you mean. Make sure you run the wondershaper on the correct interface though. Good luck. -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Chinese translation of the HOWTO available!
Spread the word, there is now a chinese version of the HOWTO available! It is on http://lartc.org/LARTC-zh_CN.GB2312.pdf - I can't read it as I don't have the right fonts, but for those of you who can read chinese, it should work. Thanks to <[EMAIL PROTECTED]> for this tremendous work! There are now translations to Chinese, French, Polish and Spanish! Regards, bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO http://netherlabs.nl Consulting ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] ECN vs. RED
On Mon, Dec 30, 2002 at 11:04:08AM +0100, Thomas Jalsovsky wrote: > So my question is: does RED works with ECN? Yes, but you need to turn it on. See the tc sources :-( -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO http://netherlabs.nl Consulting ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] My fifo Modification Qdisc
On Tue, Jan 07, 2003 at 03:11:41PM -0500, Al-Gharribeh Muhammad wrote: > Hi, > Actually, I did some modification on sch_fifo.c to do some required > accumulation of packets lets say 300 packet and to dequeue them together but > I couldn't compile the modified fifo, the question is How can I compile and > to test my modified fifo. Learn C :-) I suggest you start by just changing the files in place and compiling the kernel as usual. Regards, bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO http://netherlabs.nl Consulting ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Problems with the HTB cue
On Wed, Jan 08, 2003 at 09:30:27AM +0100, Jesper Kold-Hansen wrote: > I have a problem. As soon I patch my kernel with HTB, or recompile with a > kernel with the HTB cue included, I start getting problems. When ever I > try to make a connection to another computer, I get connection refused. > That goes for all services. I have tryed FTP HTTP TELNET. All atempts to > make a connection gives a connection refused. You messed up something else. I bet HTB has nothing to do with this - try to isolate what is really happening. > Oh yah one last thing, I did this on a 2.4.18 kernel that I patched with > the HTB cue. And the only thing I changed in the make config, was to > include the HTB cue in the kernel, and there were no problems before the > patch. No rejections in the patch? Why not try a recent 2.4 kernel with HTB built in? Regards, bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO http://netherlabs.nl Consulting ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] U32 filter for IPSEC (ESP)
On Mon, Jan 06, 2003 at 12:49:54AM +0100, Gilles Douillet wrote: > so this u32 filter should work ? (I can use fw filter because the > firewall/VPN can't mark pakets :-( > > tc filter add dev ethX parent X:0 protocol ip prio X u32 match ip protocol > 50 0xff flowid X:XX ? Looks fine, but try proving it - just send this traffic to anotherwise empty class and run 'tc -s qdisc ls dev eth0' and 'tc -s class ls dev eth0' to see if the counters change. Regards, bert -- http://www.PowerDNS.com Open source, database driven DNS Software http://lartc.org Linux Advanced Routing & Traffic Control HOWTO http://netherlabs.nl Consulting ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Automatic keying IPSEC!
Lots of updates to the IPSEC documentation on http://lartc.org/howto/lartc.ipsec.html The page lists 4 patches which should be applied to 2.5.47 and 1 patch to be applied to the kame racoon Internet Key Exchange daemon. If these are all applied, everything I throw at it works, modulo some annoying logmessages. Especially new & cool is http://lartc.org/howto/lartc.ipsec.automatic.keying.html and really cool is doing this with SSL certificates: http://lartc.org/howto/lartc.ipsec.automatic.keying.html#LARTC.IPSEC.X509 Anybody wanting to setup peering with me, let me know. Then you can view the lartc.org pages securely :-) Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] ipsec + IKE automatic keying works somewhat+docs
http://lartc.org/howto/lartc.ipsec.automatic.keying.html ^ you can now almost to automatic keying. you can do most of it in fact! -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] IPSEC documentation!
Linux 2.5.47 specific, or 2.5.46 with patches: http://lartc.org/howto/lartc.ipsec.html Let me know how it works for you. -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Re: IPSEC FIRST LIGHT! (by non-kernel developer :-))
On Thu, Nov 07, 2002 at 02:02:44PM +0100, bert hubert wrote: > On Thu, Nov 07, 2002 at 02:52:50AM -0800, David S. Miller wrote: > > > Really, if this one doesn't apply, your 2.5 bitkeeper tree is not > > totally uptodate. > > It works in transport mode! Both EH/ASP. > > Hints: > Use the latest bitkeeper sources as of Thurday morning MET By the way, this is on ftp.nl.linux.org/pub/linux/bk2patch and then the tagged-to-head.v2.5 file. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] IPSEC FIRST LIGHT! (by non-kernel developer :-))
On Thu, Nov 07, 2002 at 02:52:50AM -0800, David S. Miller wrote: > Really, if this one doesn't apply, your 2.5 bitkeeper tree is not > totally uptodate. It works in transport mode! Both EH/ASP. Hints: Use the latest bitkeeper sources as of Thurday morning MET Apply the last patch Alexey sent in the 'silly advise' thread on linux kernel mailinglist Do not compile anything AH/ESP/CRYPTO as modules failed for me with bad oops Make very very sure that you are not filtering ipsec packets iptables needs to allow protocols 50 and 51 Use the KAME tools port on ftp://ftp.inr.ac.ru/ip-routing/ipsec/ racoon won't compile, you don't need it yet point it at your 2.5.46+bk+davem tree (edit GNUMakefiles) Use 3des-cbc examples online use blowfish-cbc but that gives an error in setkey Configuration (needs the setkey tool) on 10.0.0.11: #!./setkey -f flush; spdflush; # AH add 10.0.0.11 10.0.0.216 ah 15700 -A hmac-md5 "1234567890123456"; add 10.0.0.216 10.0.0.11 ah 24500 -A hmac-md5 "1234567890123456"; # ESP add 10.0.0.11 10.0.0.216 esp 15701 -E 3des-cbc "123456789012123456789012"; add 10.0.0.216 10.0.0.11 esp 24501 -E 3des-cbc "123456789012123456789012"; spdadd 10.0.0.216 10.0.0.11 icmp -P out ipsec esp/transport//use ah/transport//use; Configuration on 10.0.0.216: #!./setkey -f flush; spdflush; # AH add 10.0.0.11 10.0.0.216 ah 15700 -A hmac-md5 "1234567890123456"; add 10.0.0.216 10.0.0.11 ah 24500 -A hmac-md5 "1234567890123456"; # ESP add 10.0.0.11 10.0.0.216 esp 15701 -E 3des-cbc "123456789012123456789012"; add 10.0.0.216 10.0.0.11 esp 24501 -E 3des-cbc "123456789012123456789012"; # this is reversed spdadd 10.0.0.11 10.0.0.216 icmp -P out ipsec esp/transport//use ah/transport//use; # ping 10.0.0.11 PING 10.0.0.11 (10.0.0.11) from 10.0.0.216 : 56(84) bytes of data. 64 bytes from 10.0.0.11: icmp_seq=1 ttl=64 time=1.11 ms $ sudo tcpdump -n -i eth0 -p tcpdump: listening on eth0 13:55:42.381669 10.0.0.216 > 10.0.0.11: AH(spi=0x5fb4,seq=0x39): ESP(spi=0x5fb5,seq=0x39) (DF) 13:55:42.382518 10.0.0.11 > 10.0.0.216: AH(spi=0x3d54,seq=0x39): ESP(spi=0x3d55,seq=0x39) Great work everybody! I'm very impressed. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] ipsec updates + briding iptables!
Well, As I mailed two weeks ago or so, ipsec is now in, but not all of it. 2.5.45 and 2.5.46 contain a lot of the infrastructure, but a lot of relevant stuff for keys etc is still missing. This is expected to be there soon however. In the meantime! 2.5.45 contains code to allow iptables to see bridged packets! This is in addition to the ebtables stuff, which is very cool too. So by all means, check out 2.5, it is getting to be very interesting. Regards, bert Lartc administrator -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Re: [release] ipsysctl tutorial 1.0.1
On Mon, Oct 28, 2002 at 03:16:45PM -0500, Michael T. Babcock wrote: > It isn't a question (thus the lack of question mark). I asked for > either a clarification or a quotation of the page mentionned in the FAQ > to avoid confusion (or add some?) about syn cookies. Please keep this stuff off lartc.org. There has been enough flaming regarding SYN cookies and whatnot. I actually know some of the people mentioned on DJBs page in real life and they are bone tired of it all too. So give it a rest. Please do not respond to this message Regards, Bert Hubert Your Kind List Administrator -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Re: [release] ipsysctl tutorial 1.0.1
On Wed, Oct 23, 2002 at 05:47:07PM +0200, Oskar Andreasson wrote: > First of all, I hope this is no inconvenience to anyone, but I thought it > may be of interest to some people on the netdev mailinglist as well. > Just to inform people who may be interested, the ipsysctl tutorial has > been released in a new version at http://ipsysctl-tutorial.frozentux.net. > I added a link to your pages to the HOWTO. Other lartc readers may also find your work interesting, check it out! Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Useing HashTable
On Mon, Oct 21, 2002 at 06:08:39PM -0700, [EMAIL PROTECTED] wrote: > I'm wondering if I could set the mask to something like 0xff00 so that > I could only get the 3rd octect? Or am I not understanding how the mask > works? Would also work, yes. > and also could I use it like a normail netowrk mask so that I could use > something like 0x0080 or something? Even that! Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] htb ,essage in messages file !
On Sun, Sep 01, 2002 at 01:29:18PM +0530, Arindam Haldar wrote: > hi all, > i saw this message today & am reporting it(as it says) > > [root@cab1 surfNet]# tail -f /var/log/messages > Sep 1 04:02:03 cab1 syslogd 1.4.1: restart. > Sep 1 09:35:27 cab1 kernel: HTB: mindelay=500, report it please ! Can you also report your HTB configuration, the tc commands you used? Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] SMP in regards to routing/filtering
On Fri, Aug 30, 2002 at 10:11:46PM -0500, Phil Doroff wrote: > Hey, quick (stupid) question.. > > Is the routing/filtering code in the linux kernel able to take much > advantage of SMP? I'm building a router that I'd like to be able to handle > at least 450mbit/sec (64bit 66mhtz PCI slots of course) and be able to apply > QoS (basic prio queues) and htb/etc. traffic shaping to. Under some circumstances, a second CPU can be very useful. It depends on what you are doing, but the Linux networking core is completely able to paralelly use processors. You may need to do some work to give each network adaptor a dedicated CPU and you will also want to have multiple PCI busses. > Just wondering if it's worth grabbing an extra processor for the box, or if > it will largely go unused. It will see use but if you mess things up, it will not help. So make sure that you search on 'irq affinity' and the utility of multiple PCI busses. Perhaps a 64-bit 66MHz bus is fast enough to get by with one. Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] TBF to limit bandwidth, Should I change #define HZ?
On Fri, Aug 30, 2002 at 06:00:37PM -0300, Fernando Lemos de Mello wrote: > Dear friends, > > thanks for the last advices about TBF. > > After reading the tbf.pdf document I got a better insight of the problems I > had trying to limit the bandwith on my testbed with a high resolution. > > The question I have now is: > Would I get an immediatly better resolution result if I change the #define > HZ to 1000 for my Linux box? I have a Pentium Celeron 700 MHz, and I would > like to see the tbf working like: You don't need to change HZ, for most purposes, it suffices to just raise the burst size, which means 'send some packets' 'wait 10 ms' 'send some more packets'. This will even out just fine. > So if I change the file /usr/src/linux/include/asm-i386/param.h: #define HZ > 100 to #define HZ 1000 and simply recompile the kernel, would tc work with > better resolution? Yes. Kind regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Old linuxbox as BwM
On Fri, Aug 30, 2002 at 02:59:54PM -0300, Esteban Maringolo wrote: > Hello, > > I'm playing with tc, htb, and other QoS features on an old pc I have. > The PC runs, by now, a shrinked version of Debian Woody, with patched > versions of kernel 2.4.18 and iproute in order to support HTB. > > What i'm wondering is if with a AMD 100Mhz (stealed from a museum ;-), > 16Mbps RAM i can do bandwidth management to 20 network hosts, which > connect wirelessly (not all, but mostly of these) sharing a wireless > link of 800 kbps (kbit in tc grammar) and i'm simulating an external > interfase of 256 kbps. No problem. -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Re: 3 interfaces in one linux box
On Wed, Jul 17, 2002 at 08:11:50AM +0200, G?czi Szabolcs wrote: > So after I set up my iproute2 (ip rule add, ip route) my servers answer from > subnet, BUT the client from subnet can't reach the linuxbox's public > interface (217.65.110.146) and about this problem, they can't see the > webpage on the linux box. The internal ip address is available from subnet, > but the leased line's public interface cannot be reached. I'm very busy with powerdns now, but on a guess, turn off the reverse path filter and see if that helps. Otherwise, tcpdump on ALL interfaces individually and see what happens. Go beyond "can't reach". Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Re: 3 interfaces in one linux box
On Fri, Jul 12, 2002 at 10:45:58PM +0200, G?czi Szabolcs wrote: > Hello, > > first of all apologize for my bad english. No problem. > the facts : >+---+ > leased line--- eth0| Linux | >| box |-eth1--subnet/switch ---clients, servers > cablenetwork - eth2+---+ > > > The eth0 interface has 5 aliased ip addresses which portforwarded to > servers into subnet. Ok. How is this forwarding performed? ipchains? rinetd? > The eth2 interface has 1 ip address. > The eth1 interface used for subnet. > The linux box masquerades with ipchains (2.2.19 kernel). The problems are: * Making sure that the default gateway is the cablenet * Except for sessions that went to the 5 aliased ip addresses on eth0, which should have eth0 as their default gateway I think this will be pretty easy with policy routing. echo 200 leased >> /etc/iproute2/rt_tables ip rule add from alias.1.ip.address table leased ip rule add from alias.2.ip.address table leased ip rule add from alias.3.ip.address table leased ip rule add from alias.4.ip.address table leased ip rule add from alias.5.ip.address table leased ip route add default via leased.router.ip dev eth0 table leased However, it *is* possible that this interferes with the aliases. Try this and let us know! See also http://lartc.org/howto/lartc.rpdb.html#LARTC.RPDB.SIMPLE Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Where is the howto ?
On Thu, Jul 11, 2002 at 11:31:16AM +0200, Carles Xavier Munyoz Bald? wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Hi, > Where is the file pinted by the link "a good section on how to combine > multiple internet links succesfully" (http://lartc.org/howto/x247.html) http://lartc.org/howto/lartc.rpdb.multiple-links.html Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] which NIC is which
On Wed, Jul 10, 2002 at 04:38:55PM +0400, Vladimir B. Savkin wrote: > A script to rename interfaces with "ip link ... set name ..." after > modprobe according to their hw addresses should suffice. > > I never tried this because in my experience order of detection was always > consistant between reboots assuming there are no hardware chasnges. If you turn on APIC you are in for a surprise I gather :-) Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] which NIC is which
On Tue, Jul 09, 2002 at 02:14:05PM -0700, John Telford wrote: > I'm building routers. It's difficult to tell in advance which NIC will > be assigned eth0 and which will assigned eth1 when using two NICs. Ping > testing usually clears up this simple problem. > > The identification problem gets worse when adding a third NIC, after > sorting out the first two NICs. Frequently the eth0 or eth1 assignments > for the first two NICs change. There are tricks to configure based on the MAC address of your interface instead of on its place in the probe. Perhaps googling on that will help. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] What does overlimits mean?
On Wed, Jul 10, 2002 at 03:47:44PM +0800, Patrick Chan wrote: > in the root qdisc, the overlimits is 1710. > 1) What does "overlimits" mean? Times that CBQ decided to shutdown for a while. See the HOWTO. > 2) How to avoid overlimits? Not shaping - sorry, this is vital to how CBQ works, and how most other qdiscs that slow down traffic work. > 3) Below is the tc config, why only root qdisc has overlimits? > the child qdisc does not have? Try looking at the classes, tc -s class ls dev ppp0 - the rest will also have overlimits, if they are slowing traffic down. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] routing broadcast messages
On Wed, Jul 10, 2002 at 04:35:16AM +0400, Poltorak Serguei wrote: > Hello. > > I would like to route broadcast messages. > For now, if I ping a.b.c.255 from m.n.o.w the packet is passing through > each router, except the last, a.b.c.1 (m.n.o.p, other "external" address) > and only he replys to that packet, but not from a.b.c.1, he does it from > m.n.o.p address (logic, it's the address of the output interface). Broadcast messages don't leave their subnet. If you want that, you don't need a router but a bridge! Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] HTB does not work
On Wed, Jul 10, 2002 at 11:07:20AM +0300, Alexander Trotsai wrote: > [root@watcher root]# tc qdisc add dev eth0 root handle 1: > htb default 20 Make doubly sure that you are running a patched tc. Verify which tc you are running - perhaps an old one is lying around. > ps. Could I use htb queuening on dotQ subinterfaces? I think you can, but don't trust me on that. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Ethernet interface shuts down
On Tue, Jul 09, 2002 at 11:44:32AM -0700, nitin panjwani wrote: > Hi All, > > I have three Linux boxes running RH7.2 and each one of > these has two 3com Ethernet NICs. I am trying to do > some routing stuff with these. > > Ethernet interfaces on these boxes shut down by its > own if I do not pass the packet through them for a > while. I am not able to understand why is it > happening. I think you are running some kind of router daemon like routed, gated or Zebra. Just turn it off. > One more thing when I use ?ip addr show? it shows that > interface is there , but ifconfig doesn?t. I guess > that is because ifconfig shows only the interfaces > that are up. ifconfig -a will show it. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] cbq & iptables nat problems
On Tue, Jul 09, 2002 at 04:17:39AM -, ganesh kumar godavari wrote: > server in the private subnet. However, the server seems to be able > to finish the tcp handshake with the real player. The last > > successful connection is the sever sending the client [FIN, ACK]. > After that, nothing happens. Why can't the realserver FIN,ACK means that the connection was closed by an application. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Priority Queueing on Linux
On Tue, Jul 09, 2002 at 12:02:40PM +0800, Patrick Chan wrote: > There is priority queueing in Cisco router. > > Is there any equivalent implementation for TC on Linux? > > If yes, how can I configure and can you give me example? Please dig up a link so we can see what 'priority queueing' actually *is*. But I bet that tc has it. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Ingress - No such file or directory
On Tue, Jul 09, 2002 at 08:53:38AM +0100, A. Peter Mee wrote: > I am attempting to implement the SYN flood protection scheme as presented in > LARTC. Unfortunately, when I attempt `tc qdisc add dev eth0 handle : > ingress` I get the error: > > RTNETLINK answers: No such file or directory If you get an error in the last two lines of the script, try this version of iproute instead: ftp://ftp.inr.ac.ru/ip-routing/iproute2-2.4.7-now-ss010824.tar.gz. (local mirror) Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] NAT and CBQ
On Mon, Jul 08, 2002 at 09:45:38AM +0300, Daniel Sercaianu wrote: > > The same problem I encountered myself when I try to SNAT some ip's > going through my router. The incoming is shaped ok but the outgoing > doesn't seem to hit my rules. I think when the traffic leaves the outgoing > interface isn't caught in the filter rules because the source address of > the packets is already changed with the address specified in the SNAT > rules or with the address of the outgoing interface if you do masquerade. > To make some shapers, I think you have to shape the ip of the outgoing Exactly - once tc 'sees' your packets they have everything done to them already. Every translation by then will have finished. > interface, but this only works if you want to shape globally only one > filter rules because there is only one ip of the outgoing interface you can catch it >in > the filter rules. If someone can give any clues how we can solve this > problem please help us. Add fwmarks - they survive the NAT process and tell you where packets came from. The HOWTO details this. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] #lartc IRC channel
Hi everybody, Due to the current situation with openprojects.org (operators begging for monetary support), we've moved to irc.oftc.net, which is a very fine IRC network which is managed by rightminded people. If you are new to IRC - a small introduction. To access IRC you need a client, I highly recommend irssi (http://www.irssi.org) for Unix users and mirc for those with Win32. IRC is a very direct medium. It is well suited for chatting. It is however no substitute for email. We currently see people joining the channel and attempting to describe complex problems. While IRC is very good at 'try this? does it work?' kind of conversations, it is not good for passing around large amounts of information. So, the drill is as follows: 0) Search the HOWTO if your question is answered there 1) Post your problem to the mailinglist 2) Mention the problem on #lartc and see if people can/want to help you 3) If a solution was found on IRC, post it to the list so everybody can see it. Do not skip 0 and 1 or risk being ridiculed! Simple small questions are possible exceptions to these rules. Very small irc tutorial: * install irssi * Start irssi * type /server irc.oftc.net * wait a while * type /join #lartc * say 'hi' If you are running an accessfilter (firewall) that drops packets instead of denying connections, the /server bit may take up to a minute! Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] ip aliasing and tc ?
On Sun, Jul 07, 2002 at 02:51:53PM +, Juli?n Mu?oz wrote: > How does traffic control behaves with respect of ip aliasing ? > > > I am using IMQ for ingress shapping. > > How behaves IMQ with an interface eth0:0 ?? (linux ip aliasing, kernel > 2.4) > iptables -A PREROUTING -t mangel -i eth0:0 -j IMQ doesn't work, so I think > it is useless ?? (The queue is before the interface "demultiplexing" ??) There is no eth0:0 - it is a fiction created by ifconfig. Just do everything on eth0 and use other filters to separate traffic, perhaps based on source or destination address. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] RE: Redhat 7.3 / SuSE 8.0
On Sat, Jul 06, 2002 at 08:37:07PM -0400, Brian wrote: > You would think?, but you never know. I am loading SuSE 8.0 on the same box > as my Redhat 7.3 box having the problem...hu Turn on 'experimental features' and turn on 'advanced router' and they will be un-greyed. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] tc hard problem
On Sat, Jul 06, 2002 at 02:10:31PM +0200, bert hubert wrote: > > Voice always come first, data can only use the bandwidth left. > > I've tried this and you can't get it perfect. The big thing with voice is > that it really hates delays. I think you'll be able to do 3 calls and have > data active at the same time. Oh, by the way, you need to install rules at *both* ends! Otherwise you have little control over downstream, except for dropping it and hoping tcp slows down enough. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] tc hard problem
On Sat, Jul 06, 2002 at 10:45:12AM +0800, Patrick Chan wrote: > Hi, > > I have a Linux router which has to do QoS > Voice and Data traffic will pass through this router > Of cuz, voice traffic is put in first priority than data traffic > Can you tell me how can I configure tc in order to meet > the following requirements? > > 1. There are two types of traffic: voice and data > > 2. The bandwidth to the Internet is just 64K > > 3. Each voice call occupies 16K bandwidth, so > the whole bandwidth can only allows 4 concurrent voice calls > > 4. The most important and most hard to do: > If no voice call, data can use up to 64K bandwidth > > If there are three voice calls, voice can use up to 16K x 3 = 48K bandwidth, > data only can use 16K bandwidth > > If there are four voice calls, voice can use up to 64K bandwidth, > data cannot use any bandwidth > > Voice always come first, data can only use the bandwidth left. I've tried this and you can't get it perfect. The big thing with voice is that it really hates delays. I think you'll be able to do 3 calls and have data active at the same time. You can easily do this with the PRIO qdisc. Just make sure that all call data, which you can recognize because they are small UDP packets most of the time, and put them in the highest priority band, band 0 or 1 I think. Put the rest in the lowest band. I very much advise the use of 'tcng' http://tcng.sourceforge.net/dist/tcng-8s.tar.gz Configure with ./configure -n and read the example file. It should be pretty easy to write something that does what you want. Also see http://ds9a.nl/ols-presentation/800x600 , near the end. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] tc reliably hangs my system
On Fri, Jul 05, 2002 at 04:35:33PM +0300, Dimitris Zilaskos wrote: > > > > > > http://www.cyberus.ca/~hadi/patches/ing-stats.patch > > > > This fixes a known issue that looks like this - can you try if this resolves > > your problem? This patch will be in in 2.4.19 probably. > > Thnx . I am using the patch now with success . I can no longer reproduce > the hang . Good to hear - I reported the success to the author, Jamal Hadi Salim - thanks for verifying that it helps! Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Per-destination MTUs?
On Thu, Jul 04, 2002 at 03:36:28PM -0400, Michael T. Babcock wrote: > I have some Path-MTU discovery problems it seems; a few sites I deal > with can only communicate with us if we use an MTU of 1492 (they're on > ADSL of course ...) and another (in Japan) only works for file transfers > if we use an MTU of around 1425. http://lartc.org/HOWTO//cvs/2.4routing/html/lartc.cookbook.mtu-discovery.html -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] tc reliably hangs my system
On Thu, Jul 04, 2002 at 04:42:19PM +0200, bert hubert wrote: > I've forwarded this to the right kernel people - your description is > specific enough, so I have good hope that this bug will be spotted soon! Ok, I've been told that this might or might not help: http://www.cyberus.ca/~hadi/patches/ing-stats.patch This fixes a known issue that looks like this - can you try if this resolves your problem? This patch will be in in 2.4.19 probably. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] HZ to be 1000 - 2.5.25 may have this
>From lwn.net: The current development kernel remains 2.5.24. Linus has not released any kernels - or surfaced on the linux-kernel mailing list - since before OLS and the Kernel Summit. Some patches are beginning to show up in his BitKeeper tree, however; they include some SCSI updates, an NTFS update, and, interestingly, a change of the internal x86 clock frequency to 1000 Hz. 1000Hz would mean great things for us shaping people! Also, on a related note, see this on 'firm timers': http://www.cse.ogi.edu/~luca/firm.html More on http://www.cse.ogi.edu/~ashvin/ Thanks for Erik Walthinsen for pointing this out . Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] filter add to which of class
On Thu, Jul 04, 2002 at 04:22:08PM +0800, hanhbnetfilter wrote: > htb was used to control traffic > stuctrul is like that(default is 1:20): > > |1:100 >|--1:10| > 1:1| |1:110 >| >|--1:20 > > #AC="tc filter add dev eth0 protocol ip parent 1:0 > prio 1" > #$AC u32 match u32 0xac100b00 ff00 at 16 flowid > 1:10 > #$AC u32 match u32 0xac100b01 at 16 flowid > 1:100 > I copy a file to 172.16.11.1 > class 1:100 go into effect. > I copy a file to 172.16.11.2 > class 1:10 did not go into effect > but class 1:20 take effect. > if a class has sub class, can the filter be added to > this class? With recent versions of htb, yes. -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Load balancing
On Wed, Jun 26, 2002 at 05:06:36PM -0500, Greg Scott wrote: > I am trying to figure out how to do this: I've tried the howto but just become > hopelessly confused. (I don' think this is a problem in the howto, it's a problem > with my comprehension.) What you want is hard in general. > And I need the ability to change this policy at will, so I can let other departments > use the combined T1s as needed. Incoming or outgoing? Outgoing is pretty easy - just make policy rules to route traffic from different department differently, and use TEQL to distribute outgoing traffic. > I think I can figure out how to route based on the source network, that all makes > sense in the how-to. I can set up different routing tables based on the source IP > address/network. It's the load balancing that is making me crazy - how do I put > together a load-balancing mechanism for those combined T1s that makes sense? TEQL is probably your best bet. There is also the nano-howto by Julian Anastasov. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] advanced routing for traffic generator-like setup
On Mon, Jul 01, 2002 at 02:14:22AM +0200, Filip Sneppe wrote: > How does one set up advanced routing so that when > HostA sends a packet from 1.1.1.1 to 2.2.2.1, it > goes via HostB, and vice versa: a packet from > 2.2.2.1 to 1.1.1.1 also goes via HostB. Only by doing NAT at HostB. Linux is way to smart for this to work otherwise :-) Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] tc reliably hangs my system
On Thu, Jul 04, 2002 at 01:07:08PM +0300, Dimitris Zilaskos wrote: > > ok , this 2 lines repated anything from 5 to 20 times cause the hang : > > tc qdisc del dev eth0 ingress > tc qdisc add dev eth0 handle : ingress > > again , the presence of sustained outgoing traffic catalyses the effect . > It takes at least 150-200 kbytes/sec to easily cause the hang . I've forwarded this to the right kernel people - your description is specific enough, so I have good hope that this bug will be spotted soon! Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] how to control bridge traffic using imq
On Thu, Jul 04, 2002 at 04:00:22PM +0800, hanhbnetfilter wrote: > bridge was configured with "brctl" > three NIC was bind to br0 > imq and htb was used to control traffic. > #modprobe imq numdevs=3 > "htb scripts" > #iptables -t mangle -A PREROUTING -i br0 -j IMQ > --todev 1 > #ip link set imq1 up > but this can not do the traffic controling. > please tell me how can i do iptables does not function on bridge devices - there are reasons for this, I'm seeing if I can push the right people into submitting a patch though. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Allowing CVS, RCP & SCP
On Thu, Jul 04, 2002 at 02:01:07PM +0100, Alex Bennee wrote: > A. Peter Mee said: > > Hi all, > > > > Could someone give me some pointers to achieving stable cvs and rcp > > access through a fairly restrictive firewall. I'm using a 2.4.18 > > kernel which defaults to dropping everthing, then punching holes where > > needed and SNATting the internal network. Single-socket protocols > > (http, smtp, pop3) do currently function correctly through the firewall > > so I'm assuming the cvs and rcp/scp protocols are not single-socket. > > The ftp and irc protocols also function correctly through the firewall. > > ssh is a single socket protocol. If you can ssh through your firewall then > you can use scp. You can even tunnel other ports over the single ssh > connection (e.g. X). > > CVS isn't a network protocol. You generally run it using remote shell tools, > in the CVS manual it allows you to specifify how with the CVS_RSH evrionment > variable. CVS 'pserver' lives on port 2401. Use netstat -an to see which ports have LISTENing sockets, and open up those ports. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] compiling tc on ETRAX (fwd)
> Hello. > > I would like to compile iproute2 utility suite for Etrax 100LX processors > (www.axis.com). I compiled it, but after running tc i found a problem. tc > doesn't recognize qdiscs. ex: > [root@axis /var]67# ./tc qdisc add cbq help > Unknown qdisc "cbq", hence option "help" is unparsable tc qdisc add dev eth0 root cbq what does that say? > Another problem is that I cannot run ltrace or gdb on this box (it's > embedded system). So if tc fails it means that it cannot open itself as > lib. may be tc need some ld mechanism that my box doesn't support... It has some kind of fallback mechanism for finding qdisc code, but I don't think it is normally needed. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Re: priomap table
On Sat, Jun 29, 2002 at 01:20:41PM +0200, Vik Heyndrickx wrote: > Hi guys, > > In the current LARTC Howto, at 9.2.1.1. "Parameters & usage", there is the > following table > > > TOS Bits MeansLinux PriorityBand > > 0x0 0 Normal Service 0 Best Effort 1 > 0x2 1 Minimize Monetary Cost 1 Filler 2 > 0x4 2 Maximize Reliability 0 Best Effort 1 > 0x6 3 mmc+mr 0 Best Effort 1 > 0x8 4 Maximize Throughput 2 Bulk2 > 0xa 5 mmc+mt 2 Bulk2 > 0xc 6 mr+mt2 Bulk2 > 0xe 7 mmc+mr+mt2 Bulk2 > 0x108 Minimize Delay 6 Interactive 0 > 0x129 mmc+md 6 Interactive 0 > 0x1410mr+md6 Interactive 0 > 0x1611mmc+mr+md6 Interactive 0 > 0x1812mt+md4 Int. Bulk 1 > 0x1a13mmc+mt+md4 Int. Bulk 1 > 0x1c14mr+mt+md 4 Int. Bulk 1 > 0x1e15mmc+mr+mt+md 4 Int. Bulk 1 > > > And then > > The last column shows the result of the default priomap. > On the commandline, the default priomap looks like this: > 1, 2, 2, 2, 1, 2, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1 > > > Now, why are this "band column" and priomap list different? Is there a > relationship between them, or is it just a mistake, or did I miss something > (also a good possibility)? There is an additional level of indirection in there I think. I really really went over this with a fine comb when I wrote it. Perhaps something changed? Would the commandline default priomap make sense? Regards, bert > > Thanks, > > -- > Vik > -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] important test
important test -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Gigabit Etnernet router
On Mon, Jun 24, 2002 at 04:33:32PM +0200, M.F. PSIkappa wrote:
> Hi,
> I would like to build new router with 3 Gigabit Ethernet card. Need I
> dual procesor system or not ? I would like to have trafic controling (htb
> or cbq/sfq) and firewall (iptables) on this router.
> Can you recommend me some good motherborad with 64-bit PCI-X ?
Actual gigabit speed routing is an advanced art. Having multiple processors
may in fact help in this case. Some exciting work is being done in Linux 2.5
development ('NAPI') which may also interest you.
Regards,
bert
--
http://www.PowerDNS.com Versatile DNS Software & Services
http://www.tk the dot in .tk
http://lartc.org Linux Advanced Routing & Traffic Control HOWTO
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] OLS, cvs is back, big SGML changes, new section on IMQ, tcng coming up
Hi everybody, I'll be holding a presentation on advanced routing at OLS: http://www.linuxsymposium.org/2002/view_txt.php?text=abstract&talk=19 If you have done something cool, or have something you think I should mention, now is the time to let me know, so I can work it into the presentation. If you are going to OLS, let me know, it would be good to meet people in real life! Philippe Latu, famous for his French translation of the HOWTO, also turns out to be an SGML guru and piped up with some wonderful suggestions and a big patch implementing a lot of them. Thanks! So we now have: * Proper filenames! These will not change over time, as the old filenames did. This means that you and searchengines will have an easier time finding us. * A working clickable index in the PDF * Properly wrapped (or not) sections * The ability to do internal references, some of which have been added already. This means that you can click and be forwarded to another chapter easily. Some more cool stuff is coming. Now that this is done, I've also added a section on the Intermediate Queue (IMQ), submitted by Patrick McHardy. Furthermore, I'll be adding some words on HTB3 and TCNG soon. TCNG is getting to be truly useful, so it needs attention to spread the word. Cvs access is back so you can all start submitting more cool patches! Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] About HTB3
On Thu, Jun 20, 2002 at 10:45:11AM +0500, Alexey Talikov wrote: > Don't set HZ to 1024 on intel - it a bad idea > it produce many problem for other parts of linux which use HZ=100 Can you elaborate? I know of only the 'top' problem but most other things work well. If you raise HZ you will get more precise shaping and less bursty traffic. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] triangle tunneling
On Fri, May 17, 2002 at 01:51:24PM -0700, Vikas B. Wadhwani wrote: > Hello, > > Does anyone know where I can download the > implementation of triangle tunneling for the linux > platform? Please do let me know. What *is* 'triangle tunneling'? -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] Re: Routing problem with 2 "wan" interfaces
On Fri, May 17, 2002 at 10:20:36AM +0200, Michael Renner wrote: > Hello! > > I've got the following setup: > > ippp0 (isdn), ppp0 (adsl), eth1 (internal lan), eth0 (nic dedicated to the > adsl modem) > > Firewall rules: > > Default 2.4. iptables (everything set to accept) except: > iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE > > > Routing Table: > Default gw is set to the ptp partner of ippp0 > > > Problem: > > Packets which are received on ppp0 don't get responded (tcpdump shows only > the incoming packets, no responses; stuff like ident lookups from irc > servers time out although a ident server is running and bound to 0.0.0.0) > Connections which get masqueraded through ppp0 with the following ruleset: This is the classic 'information loss' problem. A connection comes in on the IP address of ppp0, and now the response needs to go out. But over what interface? Over the default route of course! So now your ppp0 source address packet is going out over ippp0 which does not work. > ip rule add from 192.168.0.10 to default iif eth1 table 50 > ip route add table 50 via > > work fine though. Yeah, that is what you need to do - force packets with the source address of ppp0 to go out over ppp0, and same for ippp0. You need to point it out to Linux that those interfaces are not equivalent. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] New server in place!
As you can see on http://outpost.ds9a.nl, the new server has arrived. It is a very nice IBM x135 1U eServer. Many thanks to my friend Dave Aaldering (http://www.puddingonline.com/~dave/) of Hubris (http://www.hubris.nl) for helping to quickly procure a great server for a great price. We fully expect to be up for >99% of the time from now on. The old server is gone and will not be coming back. If you find any remaining problems (dead links etc), please let me know ASAP! Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] bw console monitoring
On Mon, May 13, 2002 at 08:23:27PM +0700, Kristiadi Himawan wrote: > > Hi, > I want to see bandwidth every ip address in the local network that passing > my linux gateway in the console, may be it's similar like mrtg (web based > version) > It's possible ? iptraf or trafshow may help. -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] We're back ;-(
For the nth time, our server broke down. This weekend we've replaced it by an older computer (thanks Jasper!) - other people have also been very helpful in getting us online again, you know who you are! The server will now be returning to the manufacturer but I doubt we will be able to reach a solution. So for the moment we're hosted on a computer that is far too big (4U) for our server location. I'm looking out for a new 1U server, but it might take awhile. In the meantime, we expect stability to increase now that we've migrated away from the piece of shit we previously ran on. Apologies for any problems caused. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] sysctl & rp_filter (fwd)
On Mon, Apr 29, 2002 at 08:51:39AM +0200, bert hubert wrote: > On Mon, Apr 29, 2002 at 08:32:51AM +0200, Dragan Simic wrote: > > > > Hi all ! > > > > I noticed a small (typo?) error in section "13.1. Reverse Path > > Filtering", which says: > > Arent't there kernels which support '2' as well? I would like to expand it > then to cover what '2' is. Ok, there aren't :-) I've changed it: http://lartc.org/HOWTO//cvs/2.4routing/html/c1182.html#AEN1188 And added you to the 'thanks to' list. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Ultimate Traffic Conditioner
On Mon, Apr 29, 2002 at 11:20:21AM +0200, Jan Coppens wrote: > Hi all, > > When I try to run the ultimate traffic conditioner (cbq implementation), I get this >strange output: This is a bug in 'tc filter show'. -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] sysctl & rp_filter (fwd)
On Mon, Apr 29, 2002 at 08:32:51AM +0200, Dragan Simic wrote: > > Hi all ! > > I noticed a small (typo?) error in section "13.1. Reverse Path > Filtering", which says: Arent't there kernels which support '2' as well? I would like to expand it then to cover what '2' is. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Routing based on source port
On Fri, Apr 19, 2002 at 09:09:35AM +0200, Daniel Ahlberg wrote: > Hello, > > I have two ISPs connected to my router. Using "ip rule" I can easily divert > traffic to the diffrent uplinks. However, "ip rule" only seems to be able to > send packets according to their source or destination adress. What I want is > to be able to route based on protocol and source port. Is this possible, and > how? I think ip rule has a syntax for that; if it doesn't, use iptables or ipchains to attach a mark to packets with certain source or destination port and create a rule that works on that mark. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] complie error
On Thu, Apr 18, 2002 at 05:47:31PM +0530, Arindam Haldar wrote: > hi all, > > while compiling iproute2-2.4.7-now-ss010824 with kernel-2.4.18 i got the > following error ! ... i need ur help friends ! > > > gcc -D_GNU_SOURCE -O9 -Wstrict-prototypes -Wall -Werror -g Remove -Werror > -I../include-glibc > -include ../include-glibc/glibc-bugs.h -I/usr/src/linux-2.4.18/include > -I../include -DRESOLVE_HOSTNAMES -c -o utils.o utils.c > cc1: warnings being treated as errors > utils.c: In function `invarg': > utils.c:281: warning: `noreturn' function does return > utils.c: In function `duparg': > utils.c:287: warning: `noreturn' function does return > utils.c: In function `duparg2': > utils.c:293: warning: `noreturn' function does return > make[1]: *** [utils.o] Error 1 > make[1]: Leaving directory `/usr/local/src/iproute2/lib' > make: *** [all] Error 2 Boy this sucks :-) It is probaby best to look somewhere above line 281 and remove the noreturn statement. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] PRIO not working?
On Sat, Apr 13, 2002 at 05:24:10PM -0400, Jacob Elder wrote: > I'm trying to prioritize interactive traffic over other traffic on my 56k > dialup link. I wrote some chains to set the ToS in PREROUTING and OUTGOING, > and I'm using a PRIO queue with three SFQ children: PRIO works just fine - you probably have it configured wrong. > iptables -A OUTPUT -t mangle -p tcp --dport ftp-data -j TOS --set-tos >Maximize-throughput OUTPUT is only for locally generated packets, by the way. To mangle forwarded packets, use PREROUTING. > According to tcpdump, the ToS bits are indeed being set like I asked, but > "watch tc -s qdisc show dev ppp0" shows that everything is going into the > "througput" queue regardless. The only traffic that increments the counter > for the "interactive" queue is post-handshake SSH traffic, and from what > I've read, SSH sets the ToS explicitly. What am I doing wrong? I would advise rechecking the output of tcpdump before and after applying the iptables mangle rules. Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] long delays with NNTP after switching T1 to other ser vcie provider
On Sun, Apr 14, 2002 at 12:37:14AM -0700, David Koski wrote: > To clarify, doing a reverse DNS on me outside of the local network does not > work. Are we on the same page? I think that is causing a problem receiving > some mail also. Might very well be. I sould advise contacting the administrator of your NNTP server to see if s/he has reverse lookups configured. Also contact your T1 supplier to get reverse DNS working. If you don't have a nameserver go to http://www.powerdns.com . Regards, bert hubert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Ingress policing
On Fri, Apr 12, 2002 at 05:09:14PM +0200, Jan Coppens wrote: > Hi all, > > Currently, I'm experimenting with ingress policing. Is it possible to > attach multiple u32 filters to the same policer or attach one policer to > multiple u32 filters? I would like to define a shared meter, so the rate > of the traffic that matches any u32 is accumulated. In the "Edge32-ca-u32" > example, they also use a shared meter, but I don't quite understand how > it's done. Can someone help me out? I'm not sure if I really understand you. But I *can* tell you that you do not attach policers to filters. The filter contains a policer. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Load balancing between 2 DSL lines
On Fri, Apr 12, 2002 at 06:21:28PM +0200, martin f krafft wrote: > also sprach Arthur van Leeuwen <[EMAIL PROTECTED]> [2002.04.10.1419 +0200]: > > Yes. See the HOWTO in about 2 days. :) > > not meaning to push, but how's the status? Merged. -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] docbook migration done
We migrated to DocBook today. Please check if everything still works as it should. I also merged Arthur's contribution regarding the use of multiple links to the internet. I'm rather busy with PowerDNS (http://www.powerdns.com http://www.powerdns.com/pdns ), but I'm not dead :-) Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] What method to use when NATing
On Sun, Mar 24, 2002 at 07:00:20PM -0600, Kelly Scroggins wrote: > There are two ways to NAT with 2.4.x that I am > aware of. One is to use the ipmasq rule, and the > other is to use the ip utility's 'ip rule' > command. The iptables way is used more, but is probably a few nanoseconds slower. The ip rule command is not used a lot but does involve very little code. I would personally always use the iptables command because the iptables/netfilter community is so much more helpful. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] draining multiple sockets
On Fri, Mar 22, 2002 at 12:25:10AM +, J K wrote: > 2. In practice though, the draining of sockets is like a FCFS > scheduling discipline!!! > Which ever socket has data to send, will grab a piece of the > TCP sk->sndbuf (16KB) and write it out. If the sndbuf is full, > the process waits a random amount of time (between 2 and 21 > jiffies) then retries again. 16k=~10 packets, while there is a queue of 100 packets. So I think you will still achieve balancing. The *real* experts on this reside on [EMAIL PROTECTED], you may want to ask there Alexey, Andi & DaveM are the real gurus. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] sorry to spam you: powerdns http://pdns.powerdns.com
Hi subscribers, This is your list administrator speaking :-) As you may know, my site & mailinglist is made possible by my company PowerDNS. We are about to release our nameserver to Freshmeat and make a lot of noise about it, but before doing so, we need more testers to make sure we're not releasing stuff that is too broken. So if nameserving interests you, and you have some time to spare, please go to http://pdns.powerdns.com, read the license, look at the documentation (http://pdns.powerdns.com/doc), and test it out. Please be aware that this is not 'open source' yet. If that upsets you, please accept my apologies. If you decide to go ahead with testing, you can send your experiences directly to me. Please do not send them to the list. Thanks for your time. I promise I won't ever do this again. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] DocBook testing
On Wed, Mar 13, 2002 at 03:18:09PM +0100, Oskar Andreasson wrote: > DocBook should then try to insert the first imageobject, and if that fails > go further down and try the next, and then the next. etcetera. I don't > know how well this works together with txt diagrams, but I can't see how > this would be any problems. Well, I'm wondering if it would insert 'ascii pictures'. > > I hope this is of any help. Now... if anyone would like to help me with > changing fonts used within a document=). I've spent some 2 days or so > trying to figure it out, and so far I only think it should be done via the > DSSSL style sheets however it doesn't work when I do it;). by the by, > www.docbook.org is an excellent reference and I definitely recommend > buying the book(also available online at the site) which contains a huge > and extremely well written reference section to every tag available in > docbook v 3.1. No clue :-) Sorry. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Bandwith drops when using The Ultimate...
On Fri, Mar 08, 2002 at 11:13:14AM +0100, Frank Maas wrote: > Hi, > > It requested a completely new kernel (and make mrproper ;-) ) but I got tc > to work and The Ultimate ... script (CBQ) runs without problems. But... after > applying it the bandwith for downloading drops enormously (from +800 to below > 650). Is this normal? Can this be altered? Is this a stupid question? > > Help is appreciated! Try tuning the parameters in the script. You need to figure out how high you can set them before the latency returns. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
