7;t find any options for that, and was thinking
> about a patch in the routing script. Thanks
>
Read through the comments in /etc/rc.d/netwait as that should do what
you're looking for (wait until the interface is active or wait until you
get a ping response from an IP before continuing with network
configuration).
--
Freddie Cash
fjwc...@gmail.com
l
Voila! A version of FreeBSD made especially for you, without any traces of
IPv6. Does exactly what you want. Why the long diatribe asking for
something else once you've been shown how to do what you want?
--
Freddie Cash
fjwc...@gmail.com
___
f
fully qualified)?
>
Search the freebsd-stable mailing list archives for the thread with subject
line:
HEADS UP: TCP CUBIC Broken on 12.0-RELEASE/STABLE
https://lists.freebsd.org/pipermail/freebsd-stable/2018-December/090255.html
An Errata Notice should be going out sometime this mont
.1 instead of bge0,
and configure dhcpd to listen on bge0.1 as well as the others.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
On Tue, May 1, 2018 at 6:08 AM, Julian Elischer wrote:
> On 1/5/18 2:08 am, Eugene Grosbein wrote:
>
>> 01.05.2018 1:03, Freddie Cash wrote:
>>
>> On Mon, Apr 30, 2018 at 10:59 AM, Eugene Grosbein >> <mailto:eu...@grosbein.net>>wrote:
>>>
>>
On Mon, Apr 30, 2018 at 10:59 AM, Eugene Grosbein
wrote:
> 30.04.2018 23:46, Freddie Cash wrote:
>
> > What the OP is trying to do is have PC1 send untagged packets to igb0 on
> FreeBSD which is configured for tagged vlan 5.
> > Then bridge the packets to igb1 which is also
On Sat, Apr 28, 2018 at 12:55 PM, Eugene Grosbein
wrote:
> 28.04.2018 21:57, Freddie Cash wrote:
>
> > If you want to think of it in switch terms, FreeBSD supports access
> ports (untagged vlan) and trunk ports (tagged vlans).
> > But there's no support for hybrid ports
If you want to think of it in switch terms, FreeBSD supports access ports
(untagged vlan) and trunk ports (tagged vlans). But there's no support for
hybrid ports (tagged vlans with a PVID on the port that adds tags to
untagged traffic).
What you are trying to do is create a hybrid port with a vlan
On Sat, Apr 28, 2018, 6:17 AM Abdullah Tariq wrote:
> >
> > No, its simplier: single bridge contains all interfaces corresponting to
> > ports of single vlan.
> > You can bridge plain igb* interfaces for untagged ports; or bridge
> > interface igbX with interface vlanY
> > when one port carries u
On Mon, Jan 8, 2018 at 10:42 AM, Freddie Cash wrote:
> On Sun, Jan 7, 2018 at 11:20 PM, Victor Sudakov
> wrote:
>
>> Freddie Cash wrote:
>> >
>> > > One trouble I expect here is: if the client goes to https
>> destination, it
>> > > wil
On Sun, Jan 7, 2018 at 11:20 PM, Victor Sudakov wrote:
> Freddie Cash wrote:
> >
> > > One trouble I expect here is: if the client goes to https destination,
> it
> > > will complain about your local apache certificate, as the client
> expects
> > >
On Jan 7, 2018 10:40 AM, "Valeri Galtsev" wrote:
On Sun, January 7, 2018 12:04 pm, Victor Sudakov wrote:
> Freddie Cash wrote:
>> >
>> > I'm trying to setup a quasi-enterprise WiFi network for mobile
>> > devices. This will be a solution for a publi
On Jan 7, 2018 10:04 AM, "Victor Sudakov" wrote:
Freddie Cash wrote:
> >
> > I'm trying to setup a quasi-enterprise WiFi network for mobile
> > devices. This will be a solution for a public library with the only
> > requirement that guest users should get p
Dammit, forgot to include the list again. Resending
-- Forwarded message --
From: fjwc...@gmail.com
Date: Jan 7, 2018 8:58 AM
Subject: Re: Quasi-enterprise WiFi network
To: Victor Sudakov
Cc:
On Jan 7, 2018 6:31 AM, "Victor Sudakov" wrote:
Colleagues,
I'm trying to setup a qu
On Dec 23, 2017 6:06 AM, "Michael Grimm" wrote:
I will skip these questions for the time being, because I did solve my
issue 15 minutes before your mail ;-) And I feel sorry for all your now
"wasted" efforts in trying to help me.
As I am using vtnet interface in a cloud environment (Public Clou
he ipfw command that's run at boot time? Sounds like it's
configured to use the interface address instead of a specific IP address.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
em2 had no IPs associated with it, it was just the physical interface that
the vlans and carp traffic went over. We also only had a single subnet per
vlan, so only a single IP per carp instance on each vlan. But you can do
multiples using the alias syntax like you have.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
D 9.x and earlier, no, you can't. The CARP setup uses the
IP/subnet of the host interface for sending the CARP messages.
With FreeBSD 10.x and above, yes, you can. The CARP setup uses the
IP/subnet of the VHID for sending CARP messages, which can be set to
anything. So lon
X and vlanY interfaces to see what the
Ethernet frames actually look like. :)
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
e network.
Worked for us. Might work for you.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
net-server-adapter-i350.html
All the other variants (T2, T4, F2) come in low-profile formats.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, s
mits you
> and it is not changed
> automatically with interface MTU in your version of FreeBSD.
>
You can also manually delete and re-add the route with the -mtu option, if
you don't want to drop/add the IP.
--
Freddie Cash
fjwc...@gmail.com
4:0:0 vs 4:0:1
Looks to me like ix0 would be port 0, and ix1 would be port 1.
On Mar 29, 2016 5:27 PM, "Pallav Bose via freebsd-net" <
freebsd-net@freebsd.org> wrote:
> Thank you, John. Yes, dmidecode works perfectly for onboard NICs, but I
> wasn't able to obtain precise information about a NIC
gt; --
> Andriy Gapon
> ___
> freebsd-net@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
>
--
Freddie Cash
fjwc...@gmail.com
__
as neat and organised as having a separate ifconfig_IF_description
variable to set, but still very much workable.
Thanks for the pointer in the right direction. Now to play with it at
work. :)
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing lis
lizing it.
>
> e.g. ifconfig_vlan3_description=‘BLAH BLAH BLAH”
>
I'd be interested in this. Didn't know about the description option for
ifconfig, but can see it being useful at work. Having it integrated into
rc.conf(5) would be handy.
work around it (one for each NIC):
$IPFW add reass ip from any to any in recv $NIC0
$IPFW add reass ip from any to any in recv $NIC1
...
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
; wrote:
> On 1/01/2015 10:22pm, Freddie Cash wrote:
> > There's a sysctl specifically for this. Not at my computer right now,
> but the following should make it jump out at you:
> >
> > # sysctl -d | grep carp
>
> I'm guessing this one (from the openBSD d
There's a sysctl specifically for this. Not at my computer right now, but
the following should make it jump out at you:
# sysctl -d | grep carp
Cheers,
Freddie
On Jan 1, 2015 3:20 AM, "Aristedes Maniatis" wrote:
> I have two firewalls built with FreeBSD 10.1 which are working nicely.
> Upstream
On Dec 30, 2014 10:02 AM, "Martin Birgmeier" wrote:
>
> Hi,
>
> I have two network interfaces as follows:
>
> sis0: port 0xa400-0xa4ff mem
> 0xd580-0xd5800fff irq 9 at device 9.0 on pci0
> sis1: port 0x9400-0x94ff mem
> 0xd480-0xd4800fff irq 11 at device 12.0 on pci0
>
> When sis0 breaks
On Oct 31, 2014 12:12 PM, "John-Mark Gurney" wrote:
>
> Can any one think of a good reason not to enable IPDIVERT sockets in
> the ipfw module?
>
> And possibly enabling default to accept? That way you don't have to
> go to the console when you load the ipfw module because you forgot to
> auto a
FreeBSD 9 and FreeBSD 10 have very different implementations of CARP, and
they are configured differently.
On 9, you need to have an IP configured on the interface before you
configure the shared IP, and the subnet of the shared IP is used to
determine the interface to use. And there's carpX pseud
Forgot to include the list.
-- Forwarded message --
From: "Freddie Cash"
Date: Oct 15, 2014 8:57 AM
Subject: Re: Carp stuck in INIT
To: "Matt Churchyard"
Cc:
You don't need the "up" keyword, and it definitely works with a /30 and a
single IP. I
NAT.
Will the software-based GSO play nicely with IPFW NAT? Will it make any
difference to packet throughput through IPFW?
Or is it still way too early in development to be worrying about such
things? :)
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-
5.255.0"
>
> Or, if you want to keep them split into two parts (initialise lagg0, then
add IP):
create_args_lagg0="laggproto lacp laggport igb2 laggport igb3 laggport igb4
laggport igb5"
ifconfig_lagg0="inet 192.168.1.14 netmask 255.255.255.0"
create_args_* are ru
as a response to incoming packets go to the same interface as
> the incoming packet. Or are you thinking of hard-coding client addresses
> in ipfw rules so that packets going to specific IPs go to a specific
> interface?
>
>
>
--
Freddie Cash
fjwc...@gmail.com
___
u did at the command prompt:
ifconfig_ue0="ether blah blah blah"
ifconfig_ue0_alias0="DHCP"
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
On Wed, Sep 12, 2012 at 1:48 PM, Jack Vogel wrote:
> On Wed, Sep 12, 2012 at 12:40 PM, Freddie Cash wrote:
>> Thanks for checking. I've used lagg(4) with igb, just not on 9.x.
>>
>> You're right, it seems to be pointing to the igb(4) driver in 9.x
>> compare
On Wed, Sep 12, 2012 at 12:22 PM, Giulio Ferro wrote:
> On 09/11/2012 11:34 PM, Freddie Cash wrote:
>>
>> On Sep 11, 2012 2:12 PM, "Giulio Ferro" > <mailto:au...@zirakzigil.org>> wrote:
>> >
>> > Well, there definitely seems to be a probl
On Sep 11, 2012 2:12 PM, "Giulio Ferro" wrote:
>
> Well, there definitely seems to be a problem with igb and lagg.
>
> igb alone works as it should, but doesn't seem to work properly in lagg.
>
> To be sure I started from scratch from a 9.0 release with nothing but:
>
> /etc/rc.conf
>
left, thats the process ID
>
> kill
> dhclient re0
pkill dhclient
dhclient re0
Saves a few more steps. :)
There's also:
service netif restart re0
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
http://lists.freeb
upports D0 D1 D2 D3 current D0
cap 10[68] = PCI-Express 2 endpoint max data 128(4096) link x8(x8)
cap 03[d0] = VPD
cap 05[a8] = MSI supports 1 message, 64 bit
cap 11[c0] = MSI-X supports 15 messages in map 0x14 enabled
...
--
Freddie Cash
fjwc...@gmail.com
If you're adventurous, could you upgrade a test box to 10-CURRENT and
try the new CARP code?
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.o
Apologies if the formatting below gets messed up, writing this on my phone.
On Nov 28, 2011 2:36 PM, "Marek Salwerowicz" wrote:
> I am confused about one thing - I wanted to set up pipes for my DMZ hosts
(not to allow my hosts to consume all the bandwidth).
> When I set up the pipes at the beginn
On Oct 1, 2011 12:16 PM, "Marek Salwerowicz" wrote:
>
> W dniu 2011-09-30 17:44, Freddie Cash pisze:
>
>>
>> that's the correct behaviour, as the public IPs are physically assigned
to
>> the interfaces on the router. Thus, connecting to the public IPs
IF.
>
> But now there is next problem - when I try to ping /ssh from router to
> $DMZPUBLICIP, I connect to myself, instead of DMZ host..
>
> I'm guessing the router is the FreeBSD box running IPFW? If so, then
that's the correct behaviour, as the public IPs are physica
On Thu, Sep 29, 2011 at 11:09 AM, Marek Salwerowicz wrote:
> W dniu 2011-09-26 21:20, Freddie Cash pisze:
>
> Your rules are too generic, they will not work for a double-NAT setup.
>> Each and every single rule must specify the network interface. And it
>> must
>> sp
On Thu, Sep 22, 2011 at 7:24 AM, Marek Salwerowicz wrote:
> W dniu 2011-08-10 16:22, Freddie Cash pisze:
>
>
>>The more correct method is to double-NAT the traffic, such
>>that the LAN
>>clients connect to public IPs, and the DMZ servers see
2011/8/11 Gleb Smirnoff
> On Wed, Aug 10, 2011 at 09:38:04AM -0700, Freddie Cash wrote:
> F> However, I'm not sure I understand the reasoning for removing the carpX
> F> pseudo-interface. It's really nice having the symmetry between carpX,
> F> vlanX, brX, a
ce. It's really nice having the symmetry between carpX,
vlanX, brX, and other pseudo-interfaces, and keeping the configuration
details separate from the underlying physical interface.
This now makes creating/configuring CARP different from creating/configuring
vLANs. :(
--
Freddie Cash
f
On Tue, Aug 9, 2011 at 11:51 PM, Marek Salwerowicz wrote:
> W dniu 2011-08-09 18:04, Freddie Cash pisze:
>
> On Tue, Aug 9, 2011 at 4:59 AM, Marek Salwerowicz
>> wrote:
>>
>> I have set up a new router for my network, with separated DMZ zone for my
>>>
from 192.168.0.10 to $LAN in recv vr2
# NAT the traffic going to the LAN from x.x.x.170
ipfw add divert ip from 192.168.0.10 to $LAN out xmit vr0
ipfw add allow ip from x.x.x.170 t0 $LAN out xmit vr0
The general flow of the rules above is (src --> dest)
10.0.0.x --> x.x.x.170
10.0.0.x --> 19
On Tue, Apr 19, 2011 at 12:06 PM, K. Macy wrote:
> On Tue, Apr 19, 2011 at 8:19 PM, Freddie Cash wrote:
>> On Tue, Apr 19, 2011 at 7:42 AM, K. Macy wrote:
>>>> I'm not able to find IFNET_MULTIQUEUE in a recent 8.2-STABLE, is this
>>>> something
>>&g
igb(4)
interfaces in our new storage boxes, and it would be interesting to
test whether or not it helps in our setup.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To
ead, though, are the NOTES files:
/usr/src/sys/conf/NOTES (arch independent options)
/usr/src/sys//conf/NOTES (arch dependent options)
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.
rnel's networking code
automatically creates a route for the subnet when you add the IP to
the interface.
You can check this like so:
ifconfig re0 172.20.0.1/24
netstat -rn
Replace re0 with your interface. You'll notice that just by adding an
IP with a subnet mask to an interface, yo
s/subnets.
Here's hoping that it gets added in some future update of pf/carp from
OpenBSD. :) It's the final missing link in our dreams of redundant
firewalls/routers and storage servers.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@fr
isted on the
Advanced tab under Internet Options (IE 6 through 8).
Or, use an FTP proxy. Not sure if IPFW has one built in, as I've never
tried to use one ("either configure the client for PASV, or no connection"
is our policy for FTP), but PF includes ftp-proxy.
--
Freddie Cas
rface, and it looks like the traffic is
being separated correctly. Eventually, I'll be adding more IPFW rules to
block unwanted traffic.
Am I missing anything? Are the "route delete" statements needed? Is there
a better way to configu
sure which drivers support 802.11n (up to 480 Mbps or something like
that), though, as I don't have access to any 802.11n hardware.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinf
ethernet links? Or are you implying that it does not belong on ethernet
> links :)
> Cause Cisco and Linux support /31 (ptp's) on ordinary ethernet links.
>
> Sincerely,
>
> Sebastian H
> ___
> freebsd-net@freebsd.org mailing list
On December 4, 2008 11:58 pm Antonio Tommasi wrote:
> Hi to all,
> i want to install a virtual machine on my FreeBSD 7.0 box. Can you tell
> me which is the better sofware to do this?
For a FreeBSD host, QEmu is the best supported option.
There's also Win4BSD, which is a customised/modified versi
config em1 polling
> /sbin/ifconfig em2 polling
> /sbin/ifconfig em3 polling
>
> (and via /etc/rc.local also across reboots)
No, you put it into the ifconfig_X lines in /etc/rc.conf as the last
option. Or -polling to disable it.
ifconfig_em0='inet 1.2.3.4/24 polling"
ifconfi
lised that. So with a
> similar set of rules for the other of staff/students that your above
> example deals with, and the right pipe and queue configs, what remains
> to do? Sorry to be thick, but I don't see why that wouldn't work ..
I never said it wouldn't (or didn'
ogle searches. And no, it
still doesn't make sense how queue rules work with packet filter
rules. Hence, why I'm asking here.
> I have not done much with bandwidth shaping in about a year, so I am a
> bit rusty as to the more complex setups however, it is one of the more
> easy t
On Fri, Jun 27, 2008 at 11:14 PM, Ian Smith <[EMAIL PROTECTED]> wrote:
> On Fri, 27 Jun 2008, Chuck Swiger wrote:
> > On Jun 27, 2008, at 3:01 PM, Freddie Cash wrote:
> > [ ... ]
> > >> If net.inet.ip.fw.one_pass is true, then you definitely want to
> >
On Fri, Jun 27, 2008 at 2:37 PM, Chuck Swiger <[EMAIL PROTECTED]> wrote:
> On Jun 27, 2008, at 1:01 PM, Freddie Cash wrote:
>> Mainly, I'm wondering where to put the "ipfw queue" rules (the ones
>> that send the packets to dummynet), in relation to the pack
he middle, just above the rules for the workstations? Do I add
them after all the bad packet checks and general deny rules that are
at the top of the ruleset?
Just wondering how the queue rules interact with the general packet
filter rules, since they can have the same parameters.
Thanks
es is different, they won't join the carp vhid"
issue fixed in this patch?
I'd be happy to test this again, if the IP order issue has been fixed.
--
Freddie Cash
[EMAIL PROTECTED]
___
freebsd-net@freebsd.org mailing list
http://lists.free
t would accept TCP option even if
udp was listed.
--
Freddie Cash
[EMAIL PROTECTED]
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
On March 19, 2008 01:56 pm you wrote:
> Freddie Cash wrote:
> > On March 19, 2008 01:43 pm Freddie Cash wrote:
> >> On March 19, 2008 01:34 pm Freddie Cash wrote:
> >>> Just curious if the following rule will work correctly. It is
> >>> accepted by the ip
On March 19, 2008 01:47 pm you wrote:
> Freddie Cash wrote:
> > Just curious if the following rule will work correctly. It is
> > accepted by the ipfw command. In the process of working out a test
> > for it, but thought I'd ask here as well, just to be sure.
> >
On March 19, 2008 01:43 pm Freddie Cash wrote:
> On March 19, 2008 01:34 pm Freddie Cash wrote:
> > Just curious if the following rule will work correctly. It is
> > accepted by the ipfw command. In the process of working out a test
> > for it, but thought I'd ask her
On March 19, 2008 01:34 pm Freddie Cash wrote:
> Just curious if the following rule will work correctly. It is accepted
> by the ipfw command. In the process of working out a test for it, but
> thought I'd ask here as well, just to be sure.
>
> ipfw add { tcp or udp } from
to me in recv fxp0 established
Will the UDP packets go through correctly, even though "established" has
no meaning for UDP streams, and the ipfw command will barf if you use it
with just "ipfw add udp" rules?
--
Freddie Cash
[EMAIL PROTECTED]
__
w tcp from any to me 443 in recv fxp0
ipfw add allow tcp from any to me 1 in recv fxp0
Other than the ability to track traffic through each port, of course.
--
Freddie Cash
[EMAIL PROTECTED]
___
freebsd-net@freebsd.org mailing list
On March 5, 2008 12:09 pm you wrote:
> Am Mi, 5.03.2008, 20:39, schrieb Freddie Cash:
> > On March 4, 2008 03:25 pm Freddie Cash wrote:
> > Patch applied cleanly to RELENG_7.0. However, there are a few
> > strange things happening now.
> >
> > If there are IPs
On March 4, 2008 03:25 pm Freddie Cash wrote:
> On March 4, 2008 02:20 pm Max Laier wrote:
> > Am Di, 4.03.2008, 22:51, schrieb Freddie Cash:
> > ...
> >
> > > The lack of a "carpdev" option to directly link a carp device to an
> > > interface (s
On March 4, 2008 02:20 pm Max Laier wrote:
> Am Di, 4.03.2008, 22:51, schrieb Freddie Cash:
> ...
>
> > The lack of a "carpdev" option to directly link a carp device to an
> > interface (similar to "vlandev" for vlan(4)) is what's really
> > tri
ysical device.
So it seems I'd have to use two IPs for each vlan interface: one shared
IP for the carp device, one management IP for the vlan device. Which
seems really complicated and not-quite-right. Maybe I'm just
over-thinking things.
Any poi
80 matches
Mail list logo