> And how do I know that it works ?
> Well, when it doesn't work, I do know it, quite quickly most of the
> time !
I have to chime in here. I did most of the initial porting of the
NAT-T patches from Kame IPSec to FAST_IPSEC. I did look at every
line of code during this process. I found no secur
The higher I set the buffer the worse it is.. 256 and 512 I get about
50-60k more pps than i do with 2048 or 4096.. You
would think it would be the other way around but obviously there is some
contention going on. :/
I'm sticking with 512 for now, as it seems to make it worse with
anything highe
Dear Paul,
I tried this.. I put 6-STABLE (6.3), using default driver was slower than
FBSD7
have you set the rx/tx buffers?
/boot/loader.conf
hw.em.rxd=4096
hw.em.txd=4096
bye,
Ingo
___
freebsd-net@freebsd.org mailing list
http://lists.free
I've just started moving a medium IPSEC+gif VPN to one based on OpenVPN.
OpenVPN solved all my problems with IPSEC:
* does not require kernel modules or recompiles
* works over UDP by default (and optionally TCP)
+ only requires a single IP port at each end
* supports compression out of the bo
I tried this.. I put 6-STABLE (6.3), using default driver was slower
than FBSD7
I tried yandex driver 1.36 and it was even worse.. It would make the
machine unresponsive and drop more packets than the default driver.
It would make 'top' show cpu's were 300% idle and a command such as 'w'
would
Well who wants to code it ? I would gladly pay someone to make it work
the way I want. :) It needs to be able to do line rate gig-e with 64
byte packets and 250k routes.
FBSD6 is definitely slower.
Haven't tried dragonfly.
Thanks
Ingo Flaschberger wrote:
Dear Paul,
Yes it does but it seem
At 08:16 PM 6/29/2008, Ingo Flaschberger wrote:
Dear Paul,
Yes it does but it seems to use a lot more of one cpu than the
others so It's really not SMP.. Can I stop it from doing this with
some setting?
Why can't there be 4 taskq's?
it is possible, but it need to be coded.
hz 4000 is also
Synopsis: [vr] ripd: multicast join failed, interface vr0 not running
State-Changed-From-To: open->feedback
State-Changed-By: yongari
State-Changed-When: Mon Jun 30 00:24:17 UTC 2008
State-Changed-Why:
Would you show me the dmesg output related with vr(4)?
There is a bug in multicasting filter ha
Dear Paul,
Yes it does but it seems to use a lot more of one cpu than the others so It's
really not SMP.. Can I stop it from doing this with some setting?
Why can't there be 4 taskq's?
it is possible, but it need to be coded.
hz 4000 is also too high, use 1000-2000
http://www.tancsa.com/blas
Yes it does but it seems to use a lot more of one cpu than the others so
It's really not SMP.. Can I stop it from doing this with some setting?
Why can't there be 4 taskq's?
Also with full internet table I can't even do 100kpps without errors.. I
don't get it :/ I could do 300kpps on a p3 and
Dear Paul,
does the em-task jump from cpu to cpu?
(mp-systems are not really better for forwarding performance).
try once with only 1 cpu.
bye,
Ingo
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
Thanks so much to folks like Bjorn and Yvan who spend the time to do
some tough jobs like dealing with IPsec and being stubborn about
committing things to security tools without very careful audit.
Seconded.
In case you missed it, IPsec is about security, not features. And, in
case you have n
Old Synopsis: vr driver: ripd: multicast join failed, interface vr0 not running
New Synopsis: [vr] ripd: multicast join failed, interface vr0 not running
Responsible-Changed-From-To: freebsd-i386->freebsd-net
Responsible-Changed-By: gavin
Responsible-Changed-When: Sun Jun 29 22:03:30 UTC 2008
Resp
> Date: Sun, 29 Jun 2008 13:07:03 -0700
> From: Julian Elischer <[EMAIL PROTECTED]>
> Sender: [EMAIL PROTECTED]
>
> Kevin Oberman wrote:
> >> Date: Sat, 28 Jun 2008 23:13:00 +0200
> >> From: VANHULLEBUS Yvan <[EMAIL PROTECTED]>
> >> Sender: [EMAIL PROTECTED]
> >>
> >> On Fri, Jun 27, 2008 at 11:06
Kevin Oberman wrote:
Date: Sat, 28 Jun 2008 23:13:00 +0200
From: VANHULLEBUS Yvan <[EMAIL PROTECTED]>
Sender: [EMAIL PROTECTED]
On Fri, Jun 27, 2008 at 11:06:19AM -0400, George V. Neville-Neil wrote:
At Thu, 26 Jun 2008 12:56:41 -0700,
julian wrote:
I'm planning on committing it unless someone
At 12:48 PM 6/29/2008, Paul wrote:
[RTM_MISS information added]
I have noticed something weird.. It doesn't generate the RTM_MISS
with all traffic...
Does turning off tso and or chksum offload make a difference ?
---Mike
___
freebsd-net
Other interesting behavior:
netstat -rs hitting up arrow and enter to get repeated views of it:
[EMAIL PROTECTED] /usr/src/sys/net]# netstat -rs
routing:
0 bad routing redirects
0 dynamically created routes
0 new gateways due to redirects
25691 destinations found unreac
On Sat, 24 May 2008, Robert Watson wrote:
Just as a reminder, we've just about reached the one month date before
IFF_NEEDSGIANT drivers are disabled in the build. You can find a
description of the general problem and list of specific drivers below.
As USB work is on-going, I will *not* disa
[RTM_MISS information added]
I have noticed something weird.. It doesn't generate the RTM_MISS with
all traffic...
Check this out..
flooding packets through the router
11:29:56.147177 IP (tos 0x0, ttl 255, id 51487, offset 0, flags [none],
proto TCP (6), length 40) 87.42.160.8.8195 > 10.3.9.5
On Saturday 28 June 2008 13:14:27 [EMAIL PROTECTED] wrote:
> [ Charset ISO-8859-1 unsupported, converting... ]
>
> > On Friday 27 June 2008 18:57:59 Alexandre Biancalana wrote:
> > > On 6/27/08, Max Laier <[EMAIL PROTECTED]> wrote:
> > > > You don't need a patch at all. What you do is: Queue on t
At 04:04 AM 6/29/2008, Paul wrote:
This is just a question but who can get more than 400k pps
forwarding performance ?
I have tested fbsd 6/7/8 so far with many different configs. (all
using intel pci-ex nic and SMP)
fbsd 7-stable/8(current) seem to be the fastest and always hit this
ceiling o
Polling makes no difference.. It uses the cpus in a slightly different
way but the pps rate is similar..
I tried different HZ settings, I edited kern_poll so i could have a
burst max of 8000.. Polling doesn't do anything any more. The only thing
I noticed it does is lower the latency on packets
Hi Guys,
Another public follow-up: Ali has been sending me debugging information
privately due to the inclusion of application source code and IP
addresses. Tracing of the application suggests that there is an
application concurrency bug leading to one socket to be closed twice and
another so
The following reply was made to PR kern/125003; it has been noted by GNATS.
From: Shunsuke SHINOMIYA <[EMAIL PROTECTED]>
To: Hiroki Sato <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED],
[EMAIL PROTECTED],
[EMAIL PROTECTED]
Subject: Re[2]: kern/125003: incorrect EtherIP header format.
Date: Sun, 29 Jun
The Centre for Advanced Internet Architectures (CAIA -
http://caia.swin.edu.au)
is proud to announce the release of alias_sctp version 0.1, a SCTP NAT
patch to
FreeBSD 8.x.
Alias_sctp provides SCTP NAT functionality to the ipfw/ipfw_nat/libalias
suite.
It is part of the CAIA SONATA project (
Dear Paul,
tried interface polling?
what hardware system? how are the nic's connected?
Kind regards,
ingo flaschberger
geschaeftsleitung
---
netstorage-crossip-flat:fee
powered by
crossip communications gmbh
---
sebastian kneipp gasse 1
a
The following reply was made to PR kern/125003; it has been noted by GNATS.
From: Hiroki Sato <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED]
Subject: Re: kern/125003: incorrect EtherIP header format.
Date: Sun, 29 Ju
The "em" driver currently only has a single worker/queue so will only
use one CPU to process packets. However I remember reading that
multi-threaded version of the driver is being worked on and is "coming
soon", but there is no known ETA yet.
I see you mentioned that you played with the rec
Synopsis: [gif] incorrect EtherIP header format.
State-Changed-From-To: feedback->open
State-Changed-By: hrs
State-Changed-When: Sun Jun 29 08:21:04 UTC 2008
State-Changed-Why:
We have a concrete case now.
http://www.freebsd.org/cgi/query-pr.cgi?pr=125003
This is just a question but who can get more than 400k pps forwarding
performance ?
I have tested fbsd 6/7/8 so far with many different configs. (all using
intel pci-ex nic and SMP)
fbsd 7-stable/8(current) seem to be the fastest and always hit this
ceiling of 400k pps. Soon as it hits that I
On Sat, Jun 28, 2008 at 11:22 PM, Ian Smith <[EMAIL PROTECTED]> wrote:
> It's not clear to me what's not working from your example rules above?
I never said anything wasn't working. I was just looking for
information to better understand how things work together, and to get
a general feeling of w
On Fri, Jun 27, 2008 at 01:17:27AM -0700, Eugene M. Kim wrote:
> Pyun YongHyeon wrote:
> >I've updated patch again. There was a bug that disabled
> >multicasting filter. Back out previous patch and try again.
> >The URL is the same as before.
> >
> > > Regards,
> > > Eugene
> >
>
> rtsol
The following reply was made to PR kern/125003; it has been noted by GNATS.
From: Shunsuke SHINOMIYA <[EMAIL PROTECTED]>
To: Andrew Thompson <[EMAIL PROTECTED]>,
Hiroki Sato <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED],
[EMAIL PROTECTED]
Subject: Re[2]: kern/125003: incorrect EtherIP header format.
33 matches
Mail list logo
