> I pulled the "scrub in all" line and replaced it with a "scrub in on
> bge0". I don't really care about scrubbing on the internal network. All
> works as expected now.
I dont really care about scrubbing my intrenal nbetwork either - but I do care
about NAT working on the outside, which requi
On Wed, 13 Dec 2006, Pete French wrote:
I'm running a 6.2-RC1 box (cvsup'd today) that has two broadcom nics. One
is an internal network (nfs) and the other is external.
...
Doing something like "ls /usr/ports" will just hang until interrupted.
Using tcp for nfs makes it workable, but very sl
> You are misunderstanding. The problem is simply that the bpf device sees=20
> bad checksums as it sees the packet before the hardware has calculated=20
> it. On the receiver the checksum will be correct.
Ah, gotcha. That makes perfect sense now.
-pete.
On Wednesday 13 December 2006 12:05, Pete French wrote:
> > As Luke already pointed out, "no-df" on the scrub rule should help.
> > As=20 for the "bad cksum!" - this is a symptom of checksumming done
> > in=20 hardware. ifconfig bge1 -rxcsum -txcsum should get rid of
> > them.
>
> I am a bit conc
> As Luke already pointed out, "no-df" on the scrub rule should help. As=20
> for the "bad cksum!" - this is a symptom of checksumming done in=20
> hardware. ifconfig bge1 -rxcsum -txcsum should get rid of them.
I am a bit concerned by this - we use a lot of bge interfaces, and I have
hardware c
> I'm running a 6.2-RC1 box (cvsup'd today) that has two broadcom nics. One
> is an internal network (nfs) and the other is external.
...
> Doing something like "ls /usr/ports" will just hang until interrupted.
> Using tcp for nfs makes it workable, but very slow.
Oddly enough I hit precisely t
On Wednesday 13 December 2006 07:10, Charles Sprickman wrote:
> Hi all,
>
> I'm running a 6.2-RC1 box (cvsup'd today) that has two broadcom nics.
> One is an internal network (nfs) and the other is external.
>
> PF has this rule for all traffic on the private net:
>
> [EMAIL PROTECTED] /home/jails
On Wed, 13 Dec 2006, Charles Sprickman wrote:
Hi all,
I'm running a 6.2-RC1 box (cvsup'd today) that has two broadcom nics. One is
an internal network (nfs) and the other is external.
PF has this rule for all traffic on the private net:
[EMAIL PROTECTED] /home/jails]# pfctl -sr|grep bge1
Hi all,
I'm running a 6.2-RC1 box (cvsup'd today) that has two broadcom nics. One
is an internal network (nfs) and the other is external.
PF has this rule for all traffic on the private net:
[EMAIL PROTECTED] /home/jails]# pfctl -sr|grep bge1
pass in quick on bge1 inet from 192.168.1.0/24 to
