On Wed, Jul 04, 2012 at 12:31:56AM +0400, Alexander V. Chernikov wrote:
> On 04.07.2012 00:27, Luigi Rizzo wrote:
> >On Tue, Jul 03, 2012 at 09:37:38PM +0400, Alexander V. Chernikov wrote:
> >...
> >>Thanks, another good point. I forgot to merge this option from andre's
> >>patch.
> >>
> >>Another
On 04.07.2012 00:27, Luigi Rizzo wrote:
On Tue, Jul 03, 2012 at 09:37:38PM +0400, Alexander V. Chernikov wrote:
...
Thanks, another good point. I forgot to merge this option from andre's
patch.
Another 30-40-50kpps to win.
not much gain though.
What about the other IPSTAT_INC counters ?
Well,
On Tue, Jul 03, 2012 at 09:37:38PM +0400, Alexander V. Chernikov wrote:
...
> Thanks, another good point. I forgot to merge this option from andre's
> patch.
>
> Another 30-40-50kpps to win.
not much gain though.
What about the other IPSTAT_INC counters ?
I think the IPSTAT_INC macros were intro
On 03.07.2012 20:55, Luigi Rizzo wrote:
On Tue, Jul 03, 2012 at 08:11:14PM +0400, Alexander V. Chernikov wrote:
Hello list!
I'm quite stuck with bad forwarding performance on many FreeBSD boxes
doing firewalling.
...
In most cases system can forward no more than 700 (or 1400) kpps whi
On Tue, Jul 03, 2012 at 08:11:14PM +0400, Alexander V. Chernikov wrote:
> Hello list!
>
> I'm quite stuck with bad forwarding performance on many FreeBSD boxes
> doing firewalling.
...
> In most cases system can forward no more than 700 (or 1400) kpps which
> is quite a
Hello list!
I'm quite stuck with bad forwarding performance on many FreeBSD boxes
doing firewalling.
Typical configuration is E5645 / E5675 @ Intel 82599 NIC.
HT is turned off.
(Configs and tunables below).
I'm mostly concerned with unidirectional traffic flowing to single
inte
Sent: Wednesday, December 14, 2005 7:01 AM
Subject: Re: ipfw forwarding
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
On Tue, Dec 13, 2005 at 06:27:43PM +0100, OxY wrote:
> hi!
>
> i have a probably dumb question, can't get through it..
>
> i have some ips on my server (x.x.x.28 and x.x.x.204 is important)..
>
> tried to forward packets from one ip to the other and ipfw doesn't do
> anything.
> i'd like to cat
both addresses are on the same box, just 2 public ips..
.28 is the jail, .204 is one of the hosts alias
- Original Message -
From: "Peter Jeremy" <[EMAIL PROTECTED]>
To: "OxY" <[EMAIL PROTECTED]>
Cc:
Sent: Tuesday, December 13, 2005 7:20 PM
Subject: Re:
On Tue, 2005-Dec-13 18:27:43 +0100, OxY wrote:
>i used this rule:
>
>$cmd 00316 fwd x.x.x.x.204,80 tcp from any to x.x.x.28 80
>
>what's wrong with it?
You don't mention what is happening or not happening (running tcpdump
and following packets as they go from system to system can be useful)
but th
hi!
i have a probably dumb question, can't get through it..
i have some ips on my server (x.x.x.28 and x.x.x.204 is important)..
tried to forward packets from one ip to the other and ipfw doesn't do
anything.
i'd like to catch the packets on .204 port 80 and send them to one of my
vhosts
(do
On Saturday 08 March 2003 05:08, Bruce Cran wrote:
>
> Thanks, I added kern.ipc.nmbclusters=8192 to /boot/loader.conf and the
> messages have stopped. I have also learnt that the high CPU usage is
> simply because I'm trying to push 600KB/sec over an ISA bus, and lots
> of copying is going on.
On Fri, Mar 07, 2003 at 10:58:23AM -0800, Terry Lambert wrote:
> Bruce Cran wrote:
> > Also, I'm getting
> > several thousand 'lnc0: Missed packet -- no receive buffer' messages.
> > Could this be the problem, or is the system just not powerful enough do
> > nat? The sis0 card is 100MBit PCI, whil
On 2003-03-07 10:58, Terry Lambert <[EMAIL PROTECTED]> wrote:
>Bruce Cran wrote:
>> Also, I'm getting several thousand 'lnc0: Missed packet -- no
>> receive buffer' messages. Could this be the problem, or is the
>> system just not powerful enough do nat? The sis0 card is 100MBit
>> PCI, while the
Bruce Cran wrote:
> Also, I'm getting
> several thousand 'lnc0: Missed packet -- no receive buffer' messages.
> Could this be the problem, or is the system just not powerful enough do
> nat? The sis0 card is 100MBit PCI, while the lcn0 is 10MBit ISA.
The "no receive buffers available" message hap
I've just setup a P75 system as a router, containing fa311 and pcnet network
cards. The fa311 is doing nat to my private network, which is served by the
pcnet card. However, I've found that it often uses 40% cpu just to send
packets from the fa311 (sis) to the pcnet (lnc) cards. natd uses 20%,
Hi hackers:
Listen, I got two servers, first (MAIL) running Exim and
Tacacs+, second (FTP) running WWW, Squid, Samba, FTP ok, now MAILĀ“s IP is
xxx.yyy.120.178 and FTP share two Ethernet cards (xxx.yyy.120.179 and
192.168.1.1). Then a LAN connects to server (FTP) by the 192.168.1.1 IP.
"Martin Vana" <[EMAIL PROTECTED]> writes:
> The problem is when I try to retrive any files from users. Than DC
> tryies to establish direct connection to user on ports from
> 410-415. How could I somehow 'catch' this request (SYN_SENT
> foo.foobar.com 41x) and forward it through ssh tunnel and bac
hi,
Im trying to use DirectConnect (peer2peer sharing) over draconian firewall
(almost no
ports allowed in both directions).
DC uses port 411 to comunicate with nods that shows you other users and
their
files. I managed to make a tunell for this port.
The problem is when I try to retrive any files
hi,
I've got a problem with ssh forwarding. I wont to be able to run a service
which has one stable port to communicate (411) and then starts to
create another connections on random ports below 10000. Forwarding
just one port is throug our firewall was easy. But how to forward
whole 1
On Thu, Aug 30, 2001 at 07:42:24PM +0530, Sridhar M wrote:
> fxp0 : ip : 10.1.6.160/24
> fxp1: ip 10.1.6.161/24
> default gateway : ip : 10.1.6.1
> gateway and routed was enabled .
routed is for dynamic routing (RIP).
You don't need it if you are doing static routing.
> our setup is freebsd sy
hi
while i am working on FreeBSD5.0, my system has configured with two
ethernet cards which was i need.
and my system ethernet cards configuration are
fxp0 : ip : 10.1.6.160/24
fxp1: ip 10.1.6.161/24
default gateway : ip : 10.1.6.1
gateway and routed was enabled .
i am able to ping locally
Hi,
Sorry for not making it clear. I believe RFC 2644
actually suggested that routers MUST default to
disabling directed broadcast except explicitly
configured to do so. But I guess one can never
be too careful. :-)
yushun.
In message <[EMAIL PROTECTED]> Yu-Shun Wang writes:
: I think it's specified in RFC 2644. It might be useful
: to site it in the comments of the code.
There were several incidents in the early days of the internet when
this functionality was in place that caused all kinds of problems.
===
> RCS file: /export/ncvs/src/sys/netinet/in.h,v
> retrieving revision 1.55
> diff -u -r1.55 in.h
> --- in.h 2001/06/15 00:37:27 1.55
> +++ in.h 2001/08/09 15:12:19
> @@ -452,7 +452,8 @@
> #define IPCTL_FASTFORWARDING14 /
On Thu, Aug 09, 2001 at 12:57:47PM -0400, Bill Vermillion wrote:
> On Thu, Aug 09, 2001 at 12:30:56PM -0400, Jonathan Chen thus sprach:
> > On Thu, Aug 09, 2001 at 12:23:52PM -0400, Bill Vermillion wrote:
> > > On Thu, Aug 09, 2001 at 11:36:38AM -0400, Jonathan Chen thus sprach:
> > >
> > > > On
On Thu, Aug 09, 2001 at 12:30:56PM -0400, Jonathan Chen thus sprach:
> On Thu, Aug 09, 2001 at 12:23:52PM -0400, Bill Vermillion wrote:
> > On Thu, Aug 09, 2001 at 11:36:38AM -0400, Jonathan Chen thus sprach:
> >
> > > On FreeBSD -CURRENT and -STABLE, packets to broadcast addresses
> > > are n
This is called a 'directed broadcast'. In the early days there
was no talk of this sort of packet, leading to the assumption that
it should work as you expect. Many network management packages
did (and some still do) use directed broadcast pings to try and
find all hosts on managed subnets.
Du
MAY have an option to
> enable forwarding network-prefix-directed broadcasts. These
> options MUST default to blocking receipt and blocking forwarding
> of network-prefix-directed broadcasts.
So, your patch just adds the mentioned option -- which I'm fine with,
as
On Thu, Aug 09, 2001 at 12:23:52PM -0400, Bill Vermillion wrote:
> On Thu, Aug 09, 2001 at 11:36:38AM -0400, Jonathan Chen thus sprach:
>
> > On FreeBSD -CURRENT and -STABLE, packets to broadcast addresses
> > are not forwarded. For instance, if I have a FreeBSD router with
> > interfaces 19
On Thu, Aug 09, 2001 at 09:20:55AM -0700, Matthew Jacob wrote:
>
> I haven't consulted the RFCs either, but, ahem, I thought this was a major
> point of netmasks and routers and why multicast was invented- to keep
> broadcasts from clogging the world.
It would be nice if all applications support
On Thu, Aug 09, 2001 at 11:36:38AM -0400, Jonathan Chen thus sprach:
> On FreeBSD -CURRENT and -STABLE, packets to broadcast addresses
> are not forwarded. For instance, if I have a FreeBSD router with
> interfaces 192.168.1.1 and 192.168.2.1, and I send packets from
> 192.168.1.2 to 192.
I haven't consulted the RFCs either, but, ahem, I thought this was a major
point of netmasks and routers and why multicast was invented- to keep
broadcasts from clogging the world.
-matt
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the mess
12:19
@@ -452,7 +452,8 @@
#defineIPCTL_FASTFORWARDING14 /* use fast IP forwarding code */
#defineIPCTL_KEEPFAITH 15 /* FAITH IPv4->IPv6 translater ctl */
#defineIPCTL_GIF_TTL 16 /* default TTL for gif encap packet */
-#define
I've been ripping out what little hair I have left for two days on
this problem... Here's my situation:
I have a box (FreeBSD 4.0/i386) that has a ton of broadcast traffic coming
into it's fxp1 port. I want that traffic to show up on another LAN as
broadcast, effectively changing the dest addr o
> I wish to forward broadcast packets from one subnet to another via a FreeBSD
> box.
> Both subnets are on the same Ethernet interface. Is this possible?
You should not do this in a routed environment, but is required in a
bidged enviroment. the kernel bridge(4) support should allow you to
I wish to forward broadcast packets from one subnet to another via a FreeBSD
box.
Both subnets are on the same Ethernet interface. Is this possible?
Chris
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Hi,
Just wondering if anyone else has had problems with
net.inet.ip.fastforwarding set?
It seems that if I do sysctl -w net.inet.ip.fastforwarding=1 after a few
minutes on 4.0-STABLE and 4.0-RELEASE the box kernel panics and dies
horribly.
Any suggestions would be much appreciated
Thanks
And
ould you test just removing the swpipl(0) code and see if it
> improves things, thanks.
Yes, it improves things. Removing the swpipl(0) appears to make an
alpha stable under extreme interrupt load. I'm most of the way
through a cvs checkout of -current while forwarding about 15,000
packets/s
On Thu, 28 Oct 1999, Jason Thorpe wrote:
> On Thu, 28 Oct 1999 21:32:51 -0400 (EDT)
> Andrew Gallatin <[EMAIL PROTECTED]> wrote:
>
> > exception_return & skipped the ipl lowering & the check for an ast
> > since I don't think you're ever going to need to check for an ast
> > after an interr
y hard (like running a netperf -tUDP_STREAM
> > -- -m 100 across the router, eg about 10-20k 100byte packets/sec ) the
> > alpha falls over almost instantly. I have not enabled any NAT or
> > firewall functionality, just ip forwarding.
>
> <...>
>
> >
>
On Thu, 28 Oct 1999 21:32:51 -0400 (EDT)
Andrew Gallatin <[EMAIL PROTECTED]> wrote:
> exception_return & skipped the ipl lowering & the check for an ast
> since I don't think you're ever going to need to check for an ast
> after an interrupt.
Nonsense. ASTs are a key part of process sche
eg about 10-20k 100byte packets/sec ) the
> alpha falls over almost instantly. I have not enabled any NAT or
> firewall functionality, just ip forwarding.
<...>
>
> This might be a red herring, but I've found that if I run the entire
> ip_input path under splnet() (adde
> -tUDP_STREAM -- -m 100 across the router, eg about 10-20k 100byte
> packets/sec ) the alpha falls over almost instantly. I have not
> enabled any NAT or firewall functionality, just ip forwarding.
>
> It generally crashes in MCLGET down in the ethernet driver's
> receiver
almost instantly. I have not enabled any NAT or
firewall functionality, just ip forwarding.
It generally crashes in MCLGET down in the ethernet driver's receiver
interrupt handler. The driver doesn't seem to matter -- I've tried
Intel Etherexpress Pro 100Bs and 3Com 3c905C-TX Fas
45 matches
Mail list logo
