FreeBSD challenged by Internet
tedm at toybox.placo.com
Fri Jan 19 07:15:43 UTC 2007
----- Original Message -----
From: "RW" <fbsd06 at mlists.homeunix.com>
To: <freebsd-questions at freebsd.org>
Sent: Thursday, January 18, 2007 7:43 AM
Subject: Re: FreeBSD challenged by Internet
> On Thu, 18 Jan 2007 00:43:02 -0800
> "Ted Mittelstaedt" <tedm at toybox.placo.com> wrote:
> > Also, these companies simply
> > cannot afford to put their best programming and design
> > talent on solving things like slow DNS resolver queries
> > through their proxy, when these problems are reported.
> The OP said that there was no problem with linux and windows, and
> that's consistent with what I saw on my d-link ADSL router. Presumably
> FreeBSD is doing something slightly different.
Yes, it is, it's making IPv6 DNS queries. There's a long story to this
that started a couple years ago when the roots inserted (against a number
of people's recommendations) AAAA records
Things are fine if a downstream nameserver only speaks ipv4. The
problem is the newer versions of bind have been coming with IPv6
transition support. If they are run on hosts that have
IPv6 support that are connected to IPv4 networks, your supposed to
run named with the -4 option. Unfortunately this isn't widely known.
As a result when a resolver like FreeBSD's that is IPv6 compliant
makes a DNS lookup it will often make a IPv6 lookup, and this
trashes the DNS caches in these little routers.
If you recompile the kernel with INET6 removed from the config
I think it will fix the problem. Not an obvious or easy solution for
a lot of people. Or you can contact all the hosts you lookup and
tell them to have the admins check their nameservers. ;-)
> I wouldn't have expected
> these things to be tested against *BSD, but you would think that OS-X
> would behave like FreeBSD.
Well, Windows Vista will probably do this too so a lot more folks
are going to piss and moan I think before too long.
> > Yet, do the customers that actually have these devices,
> > after going through 2 or 3 of them in that many years,
> > actually stop one day and say "Gee, I'm really stupid
> > to keep urinating my money away on these cheezy
> > little routers when I could spend $600 on a nice new
> > Cisco 800 series and get expert Cisco support on it, and
> > it would work and I could then just forget about it"
> Draytek is a useful halfway house for domestic and soho use - I've
> never heard anyone have a bad word to say about their wired
> dsl-routers. Cisco is overkill for most people.
There's others. Your local ISP will have their favorites.
> > config your DSL modem out of routing mode and into bridging
> > mode.
> That's doesn't really buy you all that much, cheap hardware isn't
> going to be more reliable in bridged-mode. DNS proxy problems are
> not a big deal since it's easy to manually configure servers, or turn-on
> recursive lookups. It does eliminate the problems that some
> NAT routers have with large numbers of simultaneous connections though.
> These problems is particularly acute in countries where PPPoA is the
> norm. FreeBSD has no significant support for usb or pci PPPoA modems,
> that leaves us with routers, half-bridge modems, and full-bridging
> (where the ISP supports PPPoE over atm). And these bridged modems are
> really just adapted nat-routers.
Not true. For example the Westell 36R 516 series are true bridges. They
are DMT devices and have worked on every DMT ADSL line I've tried.
Of course, you have to firmware update them (not obvious) and configure
the vpi/vci in them (also not obvious, and requires windows 98 and their
program to do it) And they are cheap as dirt on Ebay.
And the other thing is that just about all the DSL setups I've seen in
bridging mode do the PPPoE/PPPoA conversion automagically. You
plug in your PC to the modem, send it PPPoE frames, the modem
encapsulates the PPPoE frames in PPPoA packets, sends them out
to the DSLAM, the DSLAM strips off the PPPoA header and forwards
the PPPoE packets onward to the BRAS/LNS (the PPP server) at
If you have an internal PPPoA card, all that happens is when the
recieving DSLAM gets the "pure" PPPoA frames from your DSL
modem over the DSL line, it adds a PPPoE header before sending
it onwards (over ethernet) to the BRAS/LNS (the PPP server) So
the ISP's PPP server sees PPPoE in either case.
> I do envy Linux's support for pci
> PPPoA modems.
If they are implemented like winmodems where most of the work is
offloaded to the CPU then you should be thankful FreeBSD doesen't
I think there's a lot of confusion out there over this PPPoE/PPPoA thing.
ADSL is a layer 1 protocol.
ATM runs over ADSL as a layer 2 protocol (as is Ethernet)
PPP is a layer 3 protocol.
PPPoA is PPP over an ATM network.
PPPoE is PPP over an Ethernet network.
When you do PPPoE over a DSL network it's effectively PPPoEoA.
> > Anyway, I think you should have availed yourself of your ISP's
> > tech support department first. And if your ISP's support
> > department stinks - some unfortunately do - then drop service
> > and get a better one. There's plenty more ISP's in the
> > phone book.
> I doubt there is any reasonably priced ISP that will help in
> troubleshooting a problem that's not reproducible on Windows.
$19.95 a month for DSL (ISP charges) is not reasonably priced?
More information about the freebsd-questions