mehow.
Two (different) examples of such code are in (1) mpd and (2) libpdel.
The latter is newer and cleaner but might be harder to merge.
-Archie
______
Archie Cobbs *CT
Brett Glass wrote:
>> It was not originally intended as a large scale server. It could be
>> adapted to that fairly easily but no one has done so yet.
>
> I might be motivated to try; however, I would need to understand more
about its architecture (and about Netgraph, whose mysteries I haven't
p
Julian Elischer wrote:
Julian, as I recall you were one of the original employees of Whistle
Communications, correct? Perhaps you can explain this: Why does mpd
require all of those link configurations? Was mpd originally intended
to be used as a client only? I'm struggling here because I can't
el as
the real problem and which do you label as the unfortunate circumstance
that we should work around. Since there's no right answer, it should
be left up to the user to (re)configure as needed.
-Archie
_
bject of PPP option negotiation in the first place.
You can remove that hack, but the hack is not the reason for the failure
so to speak. It just happens to trigger the problem (which occurs elsewhere).
The hack itself should probably be turned into a config knob too.
-Archie
_
y been a bug in pre-SP2 WinXP. It
was (IIRC) when trying to do L2TP over IPSec, not PPTP.
Hope this helps.
-Archie
______
Archie Cobbs *CTO, Awarix* http://www.awarix.com
on Windows.
-Archie
__
Archie Cobbs *CTO, Awarix* http://www.awarix.com
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo
ot;incoming". Maybe it would make
more sense to attach a tag to the packet that divert would recognize and
know to ignore the extra incoming packet.
Also, does the same thing happen with broadcast packets?
-Archie
______
nd random ips, possibly NAT, and the examples i've
> seen talk about IPSec, but don't mention L2TP.
If you want L2TP as well, you might look into port net/sl2tps which
is a fairly new and simple L2TP server implementation.
-Archie
____
ww.freebsd.org/cgi/cvsweb.cgi/src/sys/netgraph/ng_pptpgre.c.diff?r1=1.2.2.14&r2=1.2.2.15
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netgraph/ng_pptpgre.h.diff?r1=1.1.4.4&r2=1.1.4.5
Don't know if that's the problem or not but worth a shot.
-Archie
____
Archie Cobbs wrote:
> For those interested in an L2TP implementation... good news & bad news :-)
>
> The good news is that the "libpdel" library (port devel/libpdel)
> now includes a PPP library with L2TP server support. MANY THANKS
> to Vernier Networks, Inc. for
Ilia Chipitsine wrote:
> it doesn't present in FreeBSD ports collection
> I've just discovered for myselt that it exists :)
It's not fully baked yet :-)
-Archie
______
Archie Cobbs *CTO, Awar
oject, please join the MPD mailing list
([EMAIL PROTECTED]) where we can continue discussion.
Thanks,
-Archie
______
Archie Cobbs *CTO, Awarix* http://www.awarix.com
___
/63317).
Thanks,
-Archie
______
Archie Cobbs *CTO, Awarix* http://www.awarix.com
Index: share/man/man4/ng_ether.4
===
RCS file: /home/ncvs/src/share/man/man4/ng_ether.4,v
retrieving revision 1.20
diff -u -r1.20 ng_e
gt; created, which results in a couple of questions:
> > >
> > > - Has someone already done this?
> > > - Is there such a beast as "mpd for l2tp"?
>
> > I asked a similar question to Archie Cobbs about a week ago
> > and the answer is : it is not possible
the server for "testuser" ?
-Archie
______
Archie Cobbs *Halloo Communications* http://www.halloo.com
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
e time
to work on mpd right now (just keeping up with email is hard these
days :-) so someone else will have to do any coding work that needs
to be done, etc. Might make for a nice programming project if anyone
is interested.
-Archie
____
emon could use, and all they
require is some kind of event support.
-Archie
______
Archie Cobbs *Halloo Communications* http://www.halloo.com
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
would it take to allow mpd to use a pool of
> addresses?
It wouldn't be "too hard" but would require some major surgery
to mpd... but it could use some :-)
-Archie
__
Archie Cobbs *Halloo Communications*
27;d like to, but to be truthful I don't have much time to spare
these days...
-Archie
__
Archie Cobbs *Halloo Communications* http://www.halloo.com
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
stem.
That's correct.. the code is not released. I'll ask about it again
(but don't keep your hopes up).
-Archie
__
Archie Cobbs *Halloo Communications* http://www.halloo.com
_
gre(4) to just silently drop the packets instead
apply the patch below.
-Archie
______
Archie Cobbs *Halloo Communications* http://www.halloo.com
Index: ng_pptpgre.c
8.0.10
> set ipcp nbns 192.168.0.10
>
> So, where's the catch ?
If what you want is to set a hard limit then "set iface mtu 1460"
is the command to use. "set link mtu" just initializes the starting
value for LCP negotiation.
-Archie
PP_SET_CONFIG message in ASCII form.
You need a userland daemon, such as mpd (see ports), to control
the ng_ppp node. With mpd try the "ng" device type.
-Archie
______
ing the bug.
-Archie
______
Archie Cobbs * Precision I/O * http://www.precisionio.com
Index: sys/netgraph/ng_ppp.c
===
RCS file: /home/cvs/freebsd/src/sys/netgraph/ng_ppp.c,v
retriev
ched a patch wich should solve
> the problem.
Thanks! I've applied it and put out a new version 3.12 with the fix.
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: sen
mpd processes.
I don't have time to work on MPD these days but would be happy to post
patches anyone submits that fixes this on the new mpd web site..
http://www.dellroad.org/mpd
Cheers,
-Archie
______
Archie Cobbs * Packe
esn't know how to send Ethernet frames
over a point-to-point link; it can only send IP frames.
Cheers,
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
any case it doesn't
sound like mpd does it without some hacking.
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
t place is to connect a windows client. I can see that
> W2K and WXP can use IPSec, but it still uses PPP as far as I remember.
But does Windows PPP support PPP bridging? I didn't think so.
-Archie
______
Archie Cobbs
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
switch to it in a second!
That bug has been fixed, in sys/netgraph/ng_pptpgre.c revisions
1.26 and 1.2.2.13.
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netgraph/ng_pptpgre.c
-Archie
__________
Archie Cobbs
#x27;t have.
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
will block too (mpd is event-driven, not
threaded), so any other links that might be doing negotiation, LCP
echoes, etc. will be delayed. In practice this is rarely a problem
unless you are doing lots of links simultaneously.
-Archie
_______
YI, the next version of mpd will contain support for RADIUS.
Does your MySQL server also have RADIUS gateway?
Cheers,
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: se
160 SCSI
> server already providing some other basic net services ? Do you think
> it's feasible ?
Should be no problem.
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
es to start up the link then it won't work.
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
ss mode. So, not sure what happened, but glad it's
working now...
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe
t.ro_rt) == 0 ||
> pkt_dst.s_addr != sin->sin_addr.s_addr ||
> rt->rt_refcnt <= 1 ||
> (rt->rt_flags & RTF_UP) == 0) {
>
> }
Sounds like kern/10778... ?
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/10778
says "total bandwidth 64000" - i'm on
You can ignore that, it doesn't mean anything in your case.
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe:
flag bit.
Note that 'struct in_ifaddr' structures are reference counted, so
they continue to exist even after being removed from the interface.
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
ED might be better (and
> EADDRNOTAVAIL isn't really germane).
Good point... ECONNABORTED is probably better. The particular error
code can be determined later however... more interesting is the
question, how should this be efficiently implemented?
-Archie
______
Secondly, the
communiation will NOT work because the host will drop packets sent
to it with the (now) wrong IP address.
The current behavior is bad because the application does not ever
receive any notification that the socket it's using is no longer
valid.
-Archie
_
g to whoever maintains the Linux PPP daemon.
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
--- sys/netgraph/ng_ppp.c.orig Thu Nov 21 12:39:06 2002
+++ sys/netgraph/ng_ppp.c Thu Nov 21 12:39:26 2002
@@ -744,7 +744,7 @@
ble chap" to mpd.conf.
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
s,
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
--- sys/netgraph/ng_mppc.c.orig Mon Nov 18 11:53:06 2002
+++ sys/netgraph/ng_mppc.c Mon Nov 18 12:02:13 2002
@@ -95,6 +95,10 @@
#define MPPC_FLAG_ENCRYPTED 0x1000 /* packet is encrypted */
#define MPPC_CCOUNT_M
the messages going back & forth.
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
IP address list
for every outgoing packet. Would it work to only do that search if
the socket's cached route is invalid? Etc.
Thanks,
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
There
> is a timeout the M_GET() will wait, but the it will return NULL.
Oops, you're right.. sorry for the misinformation.
Sounds like a bug to me (did Iasen file a PR?)
-Archie
__
Archie Cobbs * Packet Des
onnected to it.
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
Index: iface.c
===
RCS file: /home/cvs/archie/mpd/src/iface.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6
k is necessary if M_WAIT is specified; the M_GET() function
is always successful in that case. Same for malloc().
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to
RU_MARGIN tests could be removed or LCP_MRU_MARGIN
> could be set to 0.
Yes, you're right.. that's a hold-over kludge from before.
I'll remove it in the next version. In the meantime, you can
just redefine it to zero.
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
p-e128
> set ccp yes mpp-stateless
> set link mtu 1490
>
> set bundle yes compression
> set ccp yes mpp-compress
Don't use "set ccp yes mpp-compress". FreeBSD doesn't support
MPPC compression.
-A
y of
> seeing the problem, you also get poor performance obviously.
If you can tell where the packets are being dropped, that would be useful
to know.
-Archie
__
Archie Cobbs * Packet Design * http://www.packe
you're having?
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
didn't we do something for this on the interjet?
Yep.. it was a custom hack (which is what's required in this case).
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe:
rying to solve is NBNS, use a WINS server.
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
Thomas Gielfeldt writes:
> So you probably have to filter via netgraph?
This can be done with ng_bpf(4).
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail
ubnet (but
with non-conflicting IP addresses) then use ng_bridge to set up
a bridged network across your VPN (e.g.). You'd need a VPN technology
compatible with netgraph, e.g., UDP-over-IPSec.
-Archie
__________
Archie Cobbs
quot;
for a point-to-point connection.
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
e it would
declare an invalid checksum on packets for which only the first
portion was captured (due to a limited snap length). Etherreal
may possibly have the same problem.
-Archie
______
Archie Cobbs * Packet Design
set-request's then the most likely explanation is that a lot of
packets getting dropped somewhere...
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to
tation?
The different Windowses have different PPP characteristics.
For Win9x, make sure you have the latest MS updates.
Try playing with 'set link mtu ...', mpp-stateless, and enabling
multilink.
-Archie
__________
Arch
makes sense :-)
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
\ /
ng_ip
|
|
ng_arp
| |
| |
ng_ether
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdes
try enabling the mpp-stateless option.
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
fic about your setup that causes this.
You're using 4.6.2? Try applying all of the patches in sys/netgraph
that are in 4.7-REL that you don't have in 4.6.2... ?
-Archie
__
Archie Cobbs * Packet Design
should be bundle-level commands, right? You can
use the examples that already exist as a starting point.
Cheers,
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send
x27;m guessing this is probably just something easy that I'm missing. My
> config files and an MPD trace are below.
These look reasonable.
-Archie
__
Archie Cobbs * Packet Design * http://www.packetd
{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
'etherbroadcastaddr' should really have type 'const u_char []'
rather than 'u_char []'.
-Archie
__________
Archie Cobbs * Packet Design * http://ww
ction IMHO.
Cheers,
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
Craig Rodrigues writes:
> On Thu, Oct 10, 2002 at 12:08:01PM -0700, Archie Cobbs wrote:
> > When that tutorial was written, ng_ether.ko did not exist,
> > so you got it with options NETGRAPH. Since then it's been
> > split into a separate options NETGRAPH_ETHER and
ventually but not soon. Anyone else of
course is free to start hacking on mpd, ppp(8), etc. as well.
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
missing the
> necessary alignments (with the ROUNDUP() macro).
Alternately, use the uroute(3) routines in the devel/libpdel port..
http://www.dellroad.org/manpage?page=uroute
-Archie
__________
Archie Cobbs * Packet
written, ng_ether.ko did not exist,
so you got it with options NETGRAPH. Since then it's been
split into a separate options NETGRAPH_ETHER and KLD.
-Archie
______
Archie Cobbs * Packet Design * http://www.pac
Michael Bretterklieber writes:
> do you have the intention to implement this in the near future?
>
> >>Does mpd support client-callback?
> >
> > No, sorry.
No, sorry.
-Archie
______
Archie Co
Michael Bretterklieber writes:
> Does mpd support client-callback?
No, sorry.
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
w
be more specific than "it doesn't seem to work" ?
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
d.conf & mpd.links.
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
because you never
care how many references are, just whether there's one or more than
one, and this is easy to tell by examining the ring pointer.
I.e., you never have to iterate through the entire ring.
-Archie
__
Archie
our
PPTP clients know about it via the "set ipcp nbns ..." command.
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
he problem occurs?
Thanks,
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
ther way around. I am using sockstat -l to confirm where mpd
> is listening on?
Mpd only supports listening on one IP address for PPTP connections.
Can you try changing both IP addresses to 0.0.0.0?
-Archie
______
Archie
The best kind of bug - one that's already been fixed :-)
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
ulti() is passing NULL.
It seems that ng_iface is not the only interface code that makes
this assumption, e.g., see if_vlan.c, if_ppp.c, etc.
What is the deal with if_allmulti() passing NULL?
-Archie
______
Archie Cobbs *
'd be interested in taking a look.
-Archie
__________
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
gReq #2
> IPADDR 10.0.1.26
> [vpn] LCP: rec'd Terminate Request #5 link 0 (Opened)
^^^
The windows box is still hanging up on you. Did you try turning
on MPPE encryption? See mpd.conf.sample for how to do so.
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
x your 'set ipcp ranges' as the peer wants to
assign you an IP address and you're not letting it.
It looks like you cut & pasted from the 'vpn' configuration
instead of the 'pptp client' configuration.. ?
-Archie
_____
In reality you can feed it anything you want. It's not PPP specific.
You would however have to rig up a node that handles packets going
out and returning on the same hook (ng_bpf(4) could be configured
to do this).
-Archie
_______
secret
> set link yes acfcomp protocomp
> set link no pap
> set link enable chap
> set link accept chap
> set ipcp no vjcomp
Try "set link disable chap" instead. The Windows box may be
getting confused w
state.
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
o solve is that in_arpinput()
stomps all over its mbuf without first checking M_WRITABLE(m).
The patch below would work nicely except it breaks this token ring hack.
I'm tempted to just check it in and let the token ring people fix their
own bug instead of doing it for the
Archie Cobbs writes:
> My proposal:
>
>- Replace the obfuscating GETIP() macro in ip_input.c with a variable.
>- Rejigger the oltr driver to pass its "secret" information using
> an auxillary mbuf instead of m->m_pkthdr.header.
On second though
auxillary mbuf instead of m->m_pkthdr.header.
Any comments/objections?
Thanks,
-Archie
______
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
se patches from -current:
sys/netgraph/ng_ksocket.c rev. 1.20
sys/netgraph/ng_ksocket.h rev. 1.5
-Archie
__
Archie Cobbs * Packet Design * http://www.packetdesign.com
To Unsub
100% packet loss
I don't think you can have a point-to-point interface who's
remote IP address is also local to your box. In other words,
this may not work on the same machine but it might work if
you use two different machines... can you try that?
-Archie
_
bug.
Re: the -stable patch. I agree we need a more general MFC/cleanup
of some of the mbuf improvements from -current into -stable.
If I find time perhaps I'll do that as well, but in a separate patch.
For the present time, I'll commit this once 4.6-REL is done.
Thanks for your commen
ructures from Netgraph
> nodes. Of course i suspected my own code, until i tried ng_tee.
> Same crash :(
Try and see if you can get a complete stack trace...
-Archie
__
Archie Cobbs * Packet Design *
he initial person to request an atomic_t API.
You guys please stop changing the subject :-)
Can somebody confirm that they think this bug is real/valid?
Thanks,
-Archie
__________
Archie Cobbs * Packet Design * http:
1 - 100 of 264 matches
Mail list logo
