freebsd-isp Digest, Vol 146, Issue 6
[SVENSK.NL] Berry
berry at svensk.nl
Sun Jan 15 23:22:55 PST 2006
-----Original Message-----
From: owner-freebsd-isp at freebsd.org [mailto:owner-freebsd-isp at freebsd.org]
On Behalf Of freebsd-isp-request at freebsd.org
Sent: 15 January 2006 13:01
To: freebsd-isp at freebsd.org
Subject: freebsd-isp Digest, Vol 146, Issue 6
Send freebsd-isp mailing list submissions to
freebsd-isp at freebsd.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
or, via email, send a message with subject or body 'help' to
freebsd-isp-request at freebsd.org
You can reach the person managing the list at
freebsd-isp-owner at freebsd.org
When replying, please edit your Subject line so it is more specific than
"Re: Contents of freebsd-isp digest..."
Today's Topics:
1. Re: FreeBSD as Server (Eric Anderson)
2. Re: FreeBSD as Server (Brian Candler)
3. Re: FreeBSD as Server (Bob Martin)
4. Re: FreeBSD as Server (Bill Vermillion)
5. Re: FreeBSD as Server (Alexander)
6. Re: FreeBSD as Server (Brian Candler)
7. Re: freebsd router (Gleb Smirnoff)
8. Linux binary of Apache/PHP ... (Marc G. Fournier)
9. Re: FreeBSD as Server (Freddie Cash)
10. Re: Linux binary of Apache/PHP ... (Matthew D. Fuller)
11. Re: Linux binary of Apache/PHP ... (Tobias Roth)
----------------------------------------------------------------------
Message: 1
Date: Sat, 14 Jan 2006 06:19:05 -0600
From: Eric Anderson <anderson at centtech.com>
Subject: Re: FreeBSD as Server
To: Alexander <shulik_freebsd at matrixhome.net>
Cc: freebsd-isp at freebsd.org, Alexander Leidinger
<Alexander at Leidinger.net>
Message-ID: <43C8EC39.6080708 at centtech.com>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Alexander wrote:
> Alexander Leidinger PI[ET:
>
>> Alexander <shulik_freebsd at matrixhome.net> wrote:
>>
>>> http://linuxgazette.net/122/TWDT.html#piszcz - there is comparation
>>> of Linux FS.
>>
>>
>> Since this doesn't cover the FreeBSD implementations of UFS or UFS2,
>> this doesn't say anything about the reasons why you want to use a
>> different FS on FreeBSD.
>
> So. Ext2/Ext3 is only modification of UFS and UFS is modification of
> S5FS. That's why I don't think, that UFS or UFS2 work better than
> ext2/ext3. But XFS and Reiser has big advantage.
I think these are gross generalizations, and not very true at all. They are
all different in their own right, and all have different performance
charactoristics. If you feel ext3 would be better suited to your needs,
feel free to complete the ext2 port to ext3 for FreeBSD, I'm sure lots of
people would enjoy it. Better yet, finish the write portion of XFS.
Eric
--
------------------------------------------------------------------------
Eric Anderson Sr. Systems Administrator Centaur Technology
Anything that works is better than anything that doesn't.
------------------------------------------------------------------------
------------------------------
Message: 2
Date: Sat, 14 Jan 2006 13:14:27 +0000
From: Brian Candler <B.Candler at pobox.com>
Subject: Re: FreeBSD as Server
To: Alexander <shulik_freebsd at matrixhome.net>
Cc: freebsd-isp at freebsd.org
Message-ID: <20060114131427.GA5349 at uk.tiscali.com>
Content-Type: text/plain; charset=us-ascii
On Fri, Jan 13, 2006 at 03:50:00PM +0200, Alexander wrote:
> Now I try to configure ng_nat. I use example from man ng_nat. Clients
> machine can ping inet hosts, but nothing loaded by http or ftp or other
> tcp protocol. On server packet NATed by not real ip. On other server
> under Linux this packet again NATed by real ip. What can I do with this?
Probably easier to use one of the other firewalling techniques to do NAT
rather than manually configure ng_nat.
Your other options are:
- ipfw + natd (old and venerable)
- ipf
- pf
My personal favourite is pf (which came from OpenBSD). Configuring NAT is
just one line in /etc/pf.conf.
Regards,
Brian.
------------------------------
Message: 3
Date: Sat, 14 Jan 2006 08:43:54 -0600
From: Bob Martin <bob at buckhorn.net>
Subject: Re: FreeBSD as Server
Cc: freebsd-isp at freebsd.org
Message-ID: <43C90E2A.9040702 at buckhorn.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
EXT is based on the Minix file system. Ext2 was the brain child of RC)my
Card, and has had a totally different development path than UFS.
UFS was based on the Berkeley Fast File System. It dates back to the
CSRG, and the infancy of UNIX. There are a number of books by Kirk
McKusick on the subject.
There have been tons of debates about UFS vs <fill in blank> on the net
over the years. YMMV, but if you want speed and stability, my money is
on UFS2. The benchmark you referred to does not show things like
recovery time or data loss after a catastrophic failure.
I also noted that the benchmark was using an ATA133 IDE drive. Nothing
wrong with that in itself, but it has long been my experience that the
type of drive used is usually the root cause of I/O disk problem. You
can't get fast performance with slow drives.
File systems are tools, just like operating systems. One size does not
fit all. You have to find the one that will work best for you. UFS and
UFS2 have worked well for many, for a very long time. I think if you try
it, you might find you're pleasantly surprised.
Bob Martin
Alexander wrote:
> Alexander Leidinger P?P8Q�P5Q�:
>
>> Alexander <shulik_freebsd at matrixhome.net> wrote:
>>
>>> http://linuxgazette.net/122/TWDT.html#piszcz - there is comparation
>>> of Linux FS.
>>
>>
>>
>> Since this doesn't cover the FreeBSD implementations of UFS or UFS2, this
>> doesn't say anything about the reasons why you want to use a different
>> FS on
>> FreeBSD.
>
>
> So. Ext2/Ext3 is only modification of UFS and UFS is modification of
> S5FS. That's why I don't think, that UFS or UFS2 work better than
> ext2/ext3. But XFS and Reiser has big advantage.
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
------------------------------
Message: 4
Date: Sat, 14 Jan 2006 10:30:29 -0500
From: Bill Vermillion <bv at wjv.com>
Subject: Re: FreeBSD as Server
To: Alexander <shulik_freebsd at matrixhome.net>
Cc: freebsd-isp at freebsd.org, Alexander Leidinger
<Alexander at Leidinger.net>
Message-ID: <20060114153029.GA43731 at wjv.com>
Content-Type: text/plain; charset=us-ascii
On Sat, Jan 14, 2006 at 09:29 , after knocking over a stack of dishes on
the heat sink Alexander
wondered out loud about:
> Alexander Leidinger ?????:
>
> >Alexander <shulik_freebsd at matrixhome.net> wrote:
> >>http://linuxgazette.net/122/TWDT.html#piszcz - there is comparation
> >>of Linux FS.
> >Since this doesn't cover the FreeBSD implementations of UFS or
> >UFS2, this doesn't say anything about the reasons why you want
> >to use a different FS on FreeBSD.
> So. Ext2/Ext3 is only modification of UFS and UFS is modification of
> S5FS. That's why I don't think, that UFS or UFS2 work better than
> ext2/ext3. But XFS and Reiser has big advantage.
UFS is not a modification of S5FS - which were S51 and S52.
Such concepts as cylinder groups and fragments were new ideas.
Running both the S51 and an AFS [an Acer implementation of
the BSD FFS[ on the same hard drive in about 1990, I saw
performance increases of up to 10 times on the same hard drive.
Having worked with S51 and S52 [the latter was AT&Ts idea on how to
make things faster that in reality had marginal improvement] and
the FFS variants they really aren't that similar. The way files
are placed on the hard-drive in the FFS variants as opposed to the
S5? variants also contributed to keep the drives working fast for a
much longer time. In fact there were file system defragmenters
built and sold for the S5? systems as the awkward and inefficient
way they handled the free-list actually meant you needed to backup
a file system, remake it, and restore as often as ever 6 months in
the S51 systems. The brand name Unix vendors slowly adopted
a lot of the FFS items from BSD as it was so much better.
I've used XFS on Irix systems and for items that have a lot of
large files or lots and lots of files in a single diretory, it's
one of the best.
To get a good idea of the S51 and FFS differences you should read
Bach's book for SysV and books by Lefler, McKusick et all on
BSD.
Bill
--
Bill Vermillion - bv @ wjv . com
------------------------------
Message: 5
Date: Sat, 14 Jan 2006 18:01:14 +0200
From: Alexander <shulik_freebsd at matrixhome.net>
Subject: Re: FreeBSD as Server
To: Brian Candler <B.Candler at pobox.com>
Cc: freebsd-isp at freebsd.org
Message-ID: <43C9204A.1020401 at matrixhome.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
I think, that ipfw is native for FreeBSD - it works better than other
packet filters. Am I right?
With ng_nat first trouble was in parameter of mpd - there is set bundle
enable compression. Second trouble is next:
in example I got next strings:
ipfw add 300 netgraph.... any to any....
ipfw add 400 netgraph.... any to any.....
In hook netgraph "out" I send only traffic from clients (in example was
all traffic). In hook "in" I send all traffic from external interface.
But I took a problem with network on server.
ping works fine
mtr doesn't work
telnet <any host> <any port> don't work. But why?
When traffic that not be NATed in ng_nat was sent in hook "in" - it must
simply out from it? Or no? Where is trouble?
Brian Candler P?P8Q�P5Q�:
>On Fri, Jan 13, 2006 at 03:50:00PM +0200, Alexander wrote:
>
>
>>Now I try to configure ng_nat. I use example from man ng_nat. Clients
>>machine can ping inet hosts, but nothing loaded by http or ftp or other
>>tcp protocol. On server packet NATed by not real ip. On other server
>>under Linux this packet again NATed by real ip. What can I do with this?
>>
>>
>
>Probably easier to use one of the other firewalling techniques to do NAT
>rather than manually configure ng_nat.
>
>Your other options are:
>- ipfw + natd (old and venerable)
>- ipf
>- pf
>
>My personal favourite is pf (which came from OpenBSD). Configuring NAT is
>just one line in /etc/pf.conf.
>
>Regards,
>
>Brian.
>_______________________________________________
>freebsd-isp at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-isp
>To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
>
>
------------------------------
Message: 6
Date: Sat, 14 Jan 2006 20:38:24 +0000
From: Brian Candler <B.Candler at pobox.com>
Subject: Re: FreeBSD as Server
To: Alexander <shulik_freebsd at matrixhome.net>
Cc: freebsd-isp at freebsd.org
Message-ID: <20060114203823.GA56577 at uk.tiscali.com>
Content-Type: text/plain; charset=us-ascii
On Sat, Jan 14, 2006 at 06:01:14PM +0200, Alexander wrote:
> I think, that ipfw is native for FreeBSD - it works better than other
> packet filters. Am I right?
Not really. For NAT in particular, ipfw is pretty awful. You need an
external daemon (natd) and have to route packets to and from it, which works
fine if you have a very simple configuration (e.g. single external
interface, basic NAT-everything-going-out or NAT all RFC1918 address space).
More complex scenarios can be an utter nightmare to configure properly.
It also has a long history, which means that the configuration syntax isn't
always very clean because of backwards compatibility requirements.
> When traffic that not be NATed in ng_nat was sent in hook "in" - it must
> simply out from it? Or no? Where is trouble?
I can't answer that. All I can say is, if you want NAT there is a very
simple incantation you can put in /etc/rc.conf:
pf_enable="YES"
pflog_enable="YES"
and in /etc/pf.conf:
# replace interface name as appropriate
ext_if="fxp0"
nat on $ext_if from any to any -> ($ext_if)
Start it like this:
# /etc/rc.d/pf start
# /etc/rc.d/pflog start
It should Just Work[TM]. pf is loadable as a module, so you shouldn't even
have to recompile your kernel.
Regards,
Brian.
------------------------------
Message: 7
Date: Sun, 15 Jan 2006 04:14:00 +0300
From: Gleb Smirnoff <glebius at FreeBSD.org>
Subject: Re: freebsd router
To: Danial Thom <danial_thom at yahoo.com>
Cc: freebsd-isp at FreeBSD.org, ann kok <annkok2001 at yahoo.com>, "Matthew
D. Fuller" <fullermd at over-yonder.net>
Message-ID: <20060115011400.GM83922 at FreeBSD.org>
Content-Type: text/plain; charset=koi8-r
On Wed, Jan 11, 2006 at 05:48:14AM -0800, Danial Thom wrote:
D> I'd be interested in hearing your reasoning for
D> thinking so. There is little argument that
D> FreeBSD 4.x is perhaps the fastest Uniprocessor
D> O/S ever created for networking. SMP will likely
D> never be able to match it. It certainly can't
D> now, in the current state of development.
D>
D> Routing is fastest when implemented as a single
D> process task. Once you start chopping up
D> (threading) the path you slow it down. While it
D> could be possible to have a faster routing
D> subsystem on a custom-designed MP O/S, its not
D> practical to build a general purpose O/S in such
D> a way.
D>
D> So freebsd 4.x it is. Freebsd 4.x can route 25%
D> more traffic than its 5.x counterpart on the same
D> hardware. 5.x SMP is actually worse (as it drops
D> more packets at high traffic levels, and FreeBSD
D> 4.x never drops packets until its overrun).
Do you have more exact information? I mean:
- Description of the test setup.
- How packet stream was generated?
- How success/loss was measured?
- What hardware was used: CPU, mobo, NICs.
- What settings were non-default.
- And finally exact numbers - pps success/loss.
And don't waste your time comparing 5.x and 4.x. Please
compare 4.x and 6.0. The 5.x is a previous step.
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
------------------------------
Message: 8
Date: Sun, 15 Jan 2006 00:16:19 -0400 (AST)
From: "Marc G. Fournier" <scrappy at hub.org>
Subject: Linux binary of Apache/PHP ...
To: freebsd-ports at freebsd.org
Cc: freebsd-isp at freebsd.org
Message-ID: <20060115001439.T28752 at ganymede.hub.org>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Does anyone know *what* is involved in setting this up under FreeBSD? I
have a client that purchased a Linux license for PHPLib (his old hosting
company was Linux based), and I've email'd PHPLib and there is no way of
'changing' the license ...
Is there an easy way of doing this? :(
----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email: scrappy at hub.org Yahoo!: yscrappy ICQ: 7615664
------------------------------
Message: 9
Date: Sat, 14 Jan 2006 23:23:07 -0800 (PST)
From: "Freddie Cash" <fcash at ocis.net>
Subject: Re: FreeBSD as Server
To: "Brian Candler" <B.Candler at pobox.com>
Cc: freebsd-isp at freebsd.org
Message-ID: <61570.24.71.118.34.1137309787.squirrel at imap.sd73.bc.ca>
Content-Type: text/plain;charset=iso-8859-1
On Sat, January 14, 2006 12:38 pm, Brian Candler wrote:
> On Sat, Jan 14, 2006 at 06:01:14PM +0200, Alexander wrote:
>> I think, that ipfw is native for FreeBSD - it works better than
>> other packet filters. Am I right?
> Not really. For NAT in particular, ipfw is pretty awful. You need an
> external daemon (natd) and have to route packets to and from it, which
> works fine if you have a very simple configuration (e.g. single
> external interface, basic NAT-everything-going-out or NAT all RFC1918
> address space). More complex scenarios can be an utter nightmare to
> configure properly.
IPFW in FreeBSD 6.0 includes support for in-kernel NAT using the nat
keyword. Just recompile the kernel with "options LIBALIAS" to enable
it. I haven't tested it just yet (my home firewall is recompiling it
all right now), but the stuff I've read online makes it seem like it
should be on-par with IPFilter/PF's nat.
Don't know if it qualifies as a complex scenario or not, but we use
P2-333 MHz systems with 256 MB RAM running FreeBSD 5.3 using
IPFW/natd. All stations behind the firewall are in an RFC1918
network. Some stations are given public IPs for access using 1-for-1
NAT on the firewall, and all the rest go out via standard 1-to-many
NAT. So far, no issues to speak of. [knock wood] We even have
multiple VPNs configured and use fwd rules to pass packets through
them.
--
Freddie Cash
fcash at ocis.net
------------------------------
Message: 10
Date: Sun, 15 Jan 2006 02:05:29 -0600
From: "Matthew D. Fuller" <fullermd at over-yonder.net>
Subject: Re: Linux binary of Apache/PHP ...
To: "Marc G. Fournier" <scrappy at hub.org>
Cc: freebsd-isp at freebsd.org, freebsd-ports at freebsd.org
Message-ID: <20060115080529.GD40810 at over-yonder.net>
Content-Type: text/plain; charset=us-ascii
On Sun, Jan 15, 2006 at 12:16:19AM -0400 I heard the voice of
Marc G. Fournier, and lo! it spake thus:
>
> Does anyone know *what* is involved in setting this up under
> FreeBSD?
Maybe you could chroot into the Linux compat tree (so all your
commands are the Linux commands running through the emulation) and
install the RPM's?
--
Matthew Fuller (MF4839) | fullermd at over-yonder.net
Systems/Network Administrator | http://www.over-yonder.net/~fullermd/
On the Internet, nobody can hear you scream.
------------------------------
Message: 11
Date: Sun, 15 Jan 2006 11:43:47 +0100
From: Tobias Roth <roth at iam.unibe.ch>
Subject: Re: Linux binary of Apache/PHP ...
To: "Marc G. Fournier" <scrappy at hub.org>
Cc: freebsd-isp at freebsd.org, freebsd-ports at freebsd.org
Message-ID: <20060115104347.GA28797 at droopy.unibe.ch>
Content-Type: text/plain; charset=us-ascii
On Sun, Jan 15, 2006 at 12:16:19AM -0400, Marc G. Fournier wrote:
>
> Does anyone know *what* is involved in setting this up under FreeBSD? I
> have a client that purchased a Linux license for PHPLib (his old hosting
> company was Linux based), and I've email'd PHPLib and there is no way of
> 'changing' the license ...
This may not be what you want to hear, but you should instist on them
changing the license. Call them. Ask for the boss. Then ask why such
a simple thing as switching is not possible. Promise them a written
agreement that you will destroy the old license once you received the
new one, and maybe offer to renew the license in advance, if the
license is limited.
The exact thing happened to us a few weeks ago, with a different product.
We received an email stating that the license is not changable, because
if they'd change it, we would surely not delete the old license and so on.
This was after we already sent a written agreement that we would not
continue using the old license. So basically, they were accusing us of
cheating, despite that we already bought their product. A phone call to
their boss surely cleared things up quickly.
Good luck, Tobias
------------------------------
_______________________________________________
freebsd-isp at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
End of freebsd-isp Digest, Vol 146, Issue 6
*******************************************
More information about the freebsd-isp
mailing list