Page MenuHomeFreeBSD

eugen_grosbein.net (Eugene Grosbein)
User

Projects

User Details

User Since
Nov 6 2015, 7:38 AM (258 w, 5 d)

Recent Activity

Aug 1 2020

eugen_grosbein.net updated the summary of D25911: bsnmpget should print protocol errors to stderr.
Aug 1 2020, 9:10 AM
eugen_grosbein.net requested review of D25911: bsnmpget should print protocol errors to stderr.
Aug 1 2020, 9:08 AM

Jul 16 2020

eugen_grosbein.net abandoned D25681: if_spppsubr: Define a few LCP options, Recognize (but still reject) multilink PPP config options.
Jul 16 2020, 6:32 AM · network, transport
eugen_grosbein.net updated subscribers of D25681: if_spppsubr: Define a few LCP options, Recognize (but still reject) multilink PPP config options.

Sorry for the mess, my latest actions on this differential were unintentional, some problems with old Firefox.

Jul 16 2020, 6:32 AM · network, transport
eugen_grosbein.net reclaimed D25681: if_spppsubr: Define a few LCP options, Recognize (but still reject) multilink PPP config options.
Jul 16 2020, 6:26 AM · network, transport
eugen_grosbein.net commandeered D25681: if_spppsubr: Define a few LCP options, Recognize (but still reject) multilink PPP config options.
Jul 16 2020, 6:25 AM · network, transport
eugen_grosbein.net updated subscribers of D25681: if_spppsubr: Define a few LCP options, Recognize (but still reject) multilink PPP config options.

CCing Roman Kurakin (ce(4)) and Serge Vakulenko (cp(4)), see later.

Jul 16 2020, 6:19 AM · network, transport

Jul 9 2020

eugen_grosbein.net added a comment to D25551: Optimize "install -s" and installworld.

I'm going to commit this soon unless an objection is raised.

Jul 9 2020, 2:31 AM

Jul 3 2020

eugen_grosbein.net added a comment to D25551: Optimize "install -s" and installworld.

My goal is to improve performance by default not requiring any user actions while not breaking things same time. Both GNU binutils version of strip(1) and our version from contrib/elftoolchain/elfcopy support -o, so there would be no slowdown but improvement for all supported branches. However, install(1) could be used in some strange environment for cases other than "installworld" and I don't want it to break there making regression.

Jul 3 2020, 5:30 AM
eugen_grosbein.net added a comment to D25551: Optimize "install -s" and installworld.

Thanks, I've fixed this.

Jul 3 2020, 5:11 AM
eugen_grosbein.net updated the diff for D25551: Optimize "install -s" and installworld.

Use: strip -o to_name -- from_name

Jul 3 2020, 5:09 AM

Jul 2 2020

eugen_grosbein.net updated the summary of D25551: Optimize "install -s" and installworld.
Jul 2 2020, 8:39 PM
eugen_grosbein.net updated the test plan for D25551: Optimize "install -s" and installworld.
Jul 2 2020, 7:31 PM
eugen_grosbein.net updated the summary of D25551: Optimize "install -s" and installworld.
Jul 2 2020, 7:24 PM
eugen_grosbein.net requested review of D25551: Optimize "install -s" and installworld.
Jul 2 2020, 7:18 PM

Jun 3 2020

eugen_grosbein.net added a comment to D25029: Introduce ifconfig -a -[gG] groupname.

Thanks!

Jun 3 2020, 1:20 PM
eugen_grosbein.net updated the diff for D25029: Introduce ifconfig -a -[gG] groupname.

Correct wording in the manual page.

Jun 3 2020, 1:19 PM
eugen_grosbein.net added a comment to D25029: Introduce ifconfig -a -[gG] groupname.

I'm going to commit this soon unless an objection is raised.

Jun 3 2020, 12:39 PM

Jun 2 2020

eugen_grosbein.net added a comment to D25029: Introduce ifconfig -a -[gG] groupname.

If I understand correctly

ifconfig -a -g lagg -G lagg*1

will match all lagg interfaces besides those ending in 1.

But

ifconfig -a -g lagg -g vlan

will match vlan interfaces only.

Correct?

Jun 2 2020, 1:31 PM
eugen_grosbein.net updated the diff for D25029: Introduce ifconfig -a -[gG] groupname.

Add explicit note to the manual page that additional options -g override previous ones, same for -G.

Jun 2 2020, 1:29 PM

May 31 2020

eugen_grosbein.net updated the diff for D25029: Introduce ifconfig -a -[gG] groupname.

Fix case when none of -g nor -G is specified that was broken with addition of second option.

May 31 2020, 7:48 PM
eugen_grosbein.net updated the summary of D25029: Introduce ifconfig -a -[gG] groupname.
May 31 2020, 1:44 AM
eugen_grosbein.net updated the summary of D25029: Introduce ifconfig -a -[gG] groupname.
May 31 2020, 1:42 AM
eugen_grosbein.net updated the diff for D25029: Introduce ifconfig -a -[gG] groupname.

Do not use prefix to negate condition. Instead, use new flag -G and allow user to specify both -g and -G same time.

May 31 2020, 1:41 AM
eugen_grosbein.net added a comment to D25029: Introduce ifconfig -a -[gG] groupname.

"^" does look like an regex starting point and will cause confusion: "Why is '-g la.*2[345]' not working?"

May 31 2020, 12:15 AM

May 29 2020

eugen_grosbein.net added a comment to D25029: Introduce ifconfig -a -[gG] groupname.
In D25029#551705, @ae wrote:

You can just use another option name to specify excludes.

May 29 2020, 1:00 PM
eugen_grosbein.net added inline comments to D25029: Introduce ifconfig -a -[gG] groupname.
May 29 2020, 12:45 PM
eugen_grosbein.net added inline comments to D25029: Introduce ifconfig -a -[gG] groupname.
May 29 2020, 8:26 AM

May 27 2020

eugen_grosbein.net added inline comments to D25029: Introduce ifconfig -a -[gG] groupname.
May 27 2020, 8:02 PM
eugen_grosbein.net updated the diff for D25029: Introduce ifconfig -a -[gG] groupname.

Compactify code a bit.

May 27 2020, 1:59 PM
eugen_grosbein.net updated the diff for D25029: Introduce ifconfig -a -[gG] groupname.

Fix misprint that somehow passed testing.

May 27 2020, 1:31 PM
eugen_grosbein.net requested review of D25029: Introduce ifconfig -a -[gG] groupname.
May 27 2020, 1:20 PM
eugen_grosbein.net accepted D18382: Add new "trim" conversion for dd(1).
May 27 2020, 1:04 PM

Apr 16 2020

eugen_grosbein.net added a comment to D24383: ethersubr: Make the mac address generation more robust.

Kernel side asprintf() uses M_NOWAIT internally and may return -1 on memory allocation failure. It would need a check.

Apr 16 2020, 6:27 PM
eugen_grosbein.net requested changes to D24383: ethersubr: Make the mac address generation more robust.

Please consider to decrease abuse of kernel stack. We already had problems with kernel-land double faults due to kernel thread stack overflows. Could you please aggregate these big but fixed-sized arrays to single struct and allocate it using one malloc() call at heap instead?

Apr 16 2020, 4:17 AM

Apr 14 2020

eugen_grosbein.net added a comment to D24416: epair: Simplify mac address generation.
In D24416#537135, @kp wrote:

I can't create epair0 again even though it no longer exists in the host vnet.

Apr 14 2020, 5:50 PM
eugen_grosbein.net added a comment to D24416: epair: Simplify mac address generation.

I haven't been paying attention to this, but IME the problem with epair (and also bridge) interfaces was always that the generator would come up with the same MAC address on different *machines*. We simply gave up and manually assigned LAA MAC addresses to all such interfaces.

Apr 14 2020, 5:48 PM
eugen_grosbein.net added a comment to D24416: epair: Simplify mac address generation.

You still miss the point. Please read PR 229957 there all epairs are created within host, so they have same UUID. But after epair is created and MAC generated, epair get moved to another VNET, so next one may be created within host with same properties and get same MAC address.

Apr 14 2020, 4:28 PM
eugen_grosbein.net requested changes to D24416: epair: Simplify mac address generation.

Sadly, ether_gen_addr() cannot be used for epair safely. Your change removes parts of code that was brought in for a reason. This change would re-introduce problems fixed by code removed. Please read PRs 184149 and 229957 for details.

Apr 14 2020, 1:16 PM

Apr 12 2020

eugen_grosbein.net added a comment to D24371: trim(8): candelete() returns wrong results because fd is opened O_WRONLY.

Also, trim(8) calls candelete() for cosmetic reasons only and in verbose mode only (by default).
"trim -q" does not call candelete() and always reveals real error of system call.

Apr 12 2020, 6:10 AM
eugen_grosbein.net added a comment to D24371: trim(8): candelete() returns wrong results because fd is opened O_WRONLY.

This seems to be driver-dependent as it works as expected for md:

Apr 12 2020, 6:03 AM

Apr 11 2020

eugen_grosbein.net added a comment to D24371: trim(8): candelete() returns wrong results because fd is opened O_WRONLY.

I'm not sure I understand the problem.

Apr 11 2020, 4:55 PM

Feb 15 2020

eugen_grosbein.net added a comment to D23577: divert: Add socket options for divert socket's send and receive buffers.
In D23577#519163, @aleksandr.fedorov_itglobal.com wrote:

divert sockets can be used with other software but present exactly same significant overhead.
Do you have an example when suggested change improves performance really?

I agree with you that divert sockets have a known overhead. And I don't have a suitable example, because I don't use them anywhere. On the other hand, I see no reason why the initial socket buffer size should be hardcoded. My experience with other types of sockets indicates that large buffers can increase throughput. For example, netgraph sockets.

So, if some people want to use divert sockets, why not add the ability to resize the buffer socket?

Feb 15 2020, 2:05 PM
eugen_grosbein.net added a comment to D23577: divert: Add socket options for divert socket's send and receive buffers.

Can you please explain, what the issue is with the sysctl itself?

Sysctls are great tools and very handy, so our sysctl tree grows quick and already bloated and needs increasing amounts of memory. I don't think we should add new one just because it's easy and we can do it, without any practical use case.

So how implementing an (existing) socketopt to modify the desired behavior from the application side?

Feb 15 2020, 2:00 PM
eugen_grosbein.net added a comment to D23577: divert: Add socket options for divert socket's send and receive buffers.

Can you please explain, what the issue is with the sysctl itself?

Feb 15 2020, 12:15 PM
eugen_grosbein.net added a comment to D23577: divert: Add socket options for divert socket's send and receive buffers.
In D23577#519163, @aleksandr.fedorov_itglobal.com wrote:

divert sockets can be used with other software but present exactly same significant overhead.
Do you have an example when suggested change improves performance really?

I agree with you that divert sockets have a known overhead. And I don't have a suitable example, because I don't use them anywhere. On the other hand, I see no reason why the initial socket buffer size should be hardcoded. My experience with other types of sockets indicates that large buffers can increase throughput. For example, netgraph sockets.

So, if some people want to use divert sockets, why not add the ability to resize the buffer socket?

Feb 15 2020, 12:13 PM

Feb 12 2020

eugen_grosbein.net added a comment to D23577: divert: Add socket options for divert socket's send and receive buffers.
In D23577#518798, @aleksandr.fedorov_itglobal.com wrote:

divert(4) sockets can be used not only with natd(8), so the changes looks reasonable for me.

Feb 12 2020, 11:24 AM
eugen_grosbein.net added a comment to D23577: divert: Add socket options for divert socket's send and receive buffers.

Please describe use case for this change. Also, defauls are not 65536 but (65536 + 100).

This can be used to reduce divert memory consumption on "small" devices (e.g. low power routers) or increase divert performance on "big" devices (e.g. middleboxes, IDS).

I updated the description.

Feb 12 2020, 6:21 AM
eugen_grosbein.net added a comment to D23577: divert: Add socket options for divert socket's send and receive buffers.

Please describe use case for this change. Also, defauls are not 65536 but (65536 + 100).

Feb 12 2020, 4:36 AM
eugen_grosbein.net accepted D23091: netgraph/ng_nat: Prevent crash by malformated packets.

@eugen_grosbein.net are your concerns handled?

Feb 12 2020, 12:05 AM

Feb 9 2020

eugen_grosbein.net added a comment to D23586: ipfw_nat: Perfomance of accessing multiple nat tables.

We already have "nat tablearg" feature for this task:

Feb 9 2020, 6:44 AM

Feb 4 2020

eugen_grosbein.net added a comment to D23450: libalias: Allow setting alias port ranges.
In D23450#515674, @pi wrote:

What happens, if some port mapping is defined unexpected source IPs are sent from behind the CGN ? Will this packet/port end up 'somewhere' in the reserved range or will it map somewhere outside of all reserved ranges ?

Feb 4 2020, 10:51 AM
eugen_grosbein.net added a comment to D23450: libalias: Allow setting alias port ranges.
In D23450#515673, @pi wrote:

The use case is a static mapping from behind-nat users to the outside world. If such a static mapping is possible, CGN-operators do not need to log every transaction.

Feb 4 2020, 10:37 AM
eugen_grosbein.net added a reviewer for D23450: libalias: Allow setting alias port ranges: eugen_grosbein.net.
Feb 4 2020, 10:11 AM
eugen_grosbein.net added a reviewer for D23450: libalias: Allow setting alias port ranges: network.

Please describe why do you need to limit aliasing port rangle for NAT instance and what is wrong with current unlimited and mixed usage of ports for NAT instances?

Feb 4 2020, 10:02 AM

Jan 13 2020

eugen_grosbein.net added a comment to D23091: netgraph/ng_nat: Prevent crash by malformated packets.
Jan 13 2020, 3:30 PM
eugen_grosbein.net requested changes to D23091: netgraph/ng_nat: Prevent crash by malformated packets.
Jan 13 2020, 11:18 AM
eugen_grosbein.net added a reviewer for D23091: netgraph/ng_nat: Prevent crash by malformated packets: eugen_grosbein.net.
Jan 13 2020, 11:18 AM
eugen_grosbein.net added a comment to D23091: netgraph/ng_nat: Prevent crash by malformated packets.

Add an explanation to the man page.

Jan 13 2020, 11:17 AM

Dec 4 2019

eugen_grosbein.net added a comment to D20468: Port if_vether from OpenBSD.

Could you please supply use case? Why do we need another virtual ethernet interface? We already have many kinds of them.

Dec 4 2019, 1:18 PM

Oct 2 2019

eugen_grosbein.net added a comment to D21724: Move simple_httpd out of picobsd, add HTTPD option.

Wouldn't /usr/libexec be a better place for it, like for many other such daemons (like fingerd etc…)?

Oct 2 2019, 4:22 AM

Sep 20 2019

eugen_grosbein.net accepted D21724: Move simple_httpd out of picobsd, add HTTPD option.
Sep 20 2019, 4:23 AM

Sep 16 2019

eugen_grosbein.net added a comment to D21527: Add SIOCGIFDOWNREASON.

Sometimes I suffer from being unable to bring the interface to "administratively shutdown" state as opposed to "operative shutdown". It would be nice if ifconfig(8) "down" was able to update status of the interface with "admindown" string or similar, and "up" was able to auto-remove such note.

Sep 16 2019, 9:26 AM

Aug 21 2019

eugen_grosbein.net added a comment to D21306: Document IPFW's in-kernel NAT.

Thanks for the feedback Eugen, that will take a bit more time to restructure / add some of your comments.

I have one remark regarding 1), rc.firewall creates the NAT rule at number 50, although I think the example in the handbook and the ruleset rc.firewall creates are different. rc.firewall only has one NAT rule and does not have all stateful rules. So I don't feel too strong about renumbering the existing ruleset in the handbook just to match the NAT rule at number 50.

Aug 21 2019, 7:10 AM

Aug 19 2019

eugen_grosbein.net added a comment to D21306: Document IPFW's in-kernel NAT.

There is also one subtle difference between "ipfw divert" command used with natd and "ipfw nat" command.

Aug 19 2019, 9:38 PM
eugen_grosbein.net added a comment to D21306: Document IPFW's in-kernel NAT.

Thank you very much for starting this work. We really need updates to the Handbook.

Aug 19 2019, 6:21 PM
eugen_grosbein.net added inline comments to D21306: Document IPFW's in-kernel NAT.
Aug 19 2019, 6:00 PM

Apr 23 2019

eugen_grosbein.net accepted D19921: Add GRE-in-UDP encapsulation support.
Apr 23 2019, 5:42 AM

Apr 19 2019

eugen_grosbein.net added a comment to D19921: Add GRE-in-UDP encapsulation support.

I like the idea.

Apr 19 2019, 4:18 PM
eugen_grosbein.net added a reviewer for D19921: Add GRE-in-UDP encapsulation support: eugen_grosbein.net.
Apr 19 2019, 3:43 PM

Feb 20 2019

eugen_grosbein.net accepted D19271: Define a constant for the maximum number of GEOM_CTL arguments..
Feb 20 2019, 4:47 PM
eugen_grosbein.net added inline comments to D19271: Define a constant for the maximum number of GEOM_CTL arguments..
Feb 20 2019, 4:01 PM
eugen_grosbein.net added a reviewer for D19271: Define a constant for the maximum number of GEOM_CTL arguments.: eugen_grosbein.net.
Feb 20 2019, 4:00 PM

Feb 12 2019

eugen_grosbein.net accepted D19158: Add rc.resume(8) alias for rc(8) to fix the manpage cross references.
Feb 12 2019, 5:02 AM

Dec 30 2018

eugen_grosbein.net requested changes to D18382: Add new "trim" conversion for dd(1).

o Due to popular request rename "erase" into "trim".

Dec 30 2018, 6:47 PM

Dec 14 2018

eugen_grosbein.net accepted D18546: dhclient(8) issues unneeded ioctl(SIOCSIFMTU) on every lease renew.

That makes sense, thanks.

Dec 14 2018, 8:58 PM · network
eugen_grosbein.net added a comment to D18546: dhclient(8) issues unneeded ioctl(SIOCSIFMTU) on every lease renew.
Dec 14 2018, 8:08 PM · network
eugen_grosbein.net added a comment to D18546: dhclient(8) issues unneeded ioctl(SIOCSIFMTU) on every lease renew.

Hmm, there was https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229432 and corresponding commit https://svnweb.freebsd.org/base?view=revision&revision=336195 fixing the problem.

Was it insufficient or your tree does not have that fix?

Yes, you are right. We were looking at the FreeBSD 11.2 code here, I have not noticed there is another change in a trunk to fix the same issue. :(

Dec 14 2018, 8:06 PM · network
eugen_grosbein.net added a comment to D18546: dhclient(8) issues unneeded ioctl(SIOCSIFMTU) on every lease renew.

Hmm, there was https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229432 and corresponding commit https://svnweb.freebsd.org/base?view=revision&revision=336195 fixing the problem.

Dec 14 2018, 2:30 AM · network
eugen_grosbein.net added a comment to D18535: Allow ng_nat to be attached to a ethernet interface directly via ng_ether(4) and such.

Yes, it requires corruption of private node memory. As owner of multiple routers mass servicing thousands of customers using multiple NETGRAPH nodes I can assure you that panic is not appropriatie action. Appropriate action is some form of block for traffic flow trough the node in question (with logging) leaving other nodes working.

Well, that's where I respectively disagree. As an owner of hundreds of FreeBSD systems servicing many millions of customers I think that rebooting the system immediately after any slight kernel heap/stack memory corruption is detected is not just appropriate but the only sane action available. Shutting down particular netgraph node and hope for the best would just leave the service down indefinitely with no hope for any sorts of automatic recovery.

Dec 14 2018, 2:02 AM · network

Dec 13 2018

eugen_grosbein.net added a comment to D18535: Allow ng_nat to be attached to a ethernet interface directly via ng_ether(4) and such.

Looks good with one exception: additional plain panic(). Can it be replaced with KASSERT?

IDK, there is no way this option to be set to anything but DLT_RAW or DLT_EN10MB in the course of normal operation of the node. So it would require some form of memory corruption to actually happen. IDK, panic(9) seems an appropriate action in that case. There are other panic(9) call in the code in similar situations.

Dec 13 2018, 4:20 PM · network
eugen_grosbein.net added a reviewer for D18535: Allow ng_nat to be attached to a ethernet interface directly via ng_ether(4) and such: eugen_grosbein.net.

Looks good with one exception: additional plain panic(). Can it be replaced with KASSERT?

Dec 13 2018, 7:58 AM · network

Dec 1 2018

eugen_grosbein.net added a comment to D18380: Fix a number of style issues with trim(8).
In D18380#391441, @imp wrote:

I'm pissed this was committed. It wasn't ready and in total breach of protocol.
This matter is *NOT* settled and you're lucky I don't just remove it from the tree.

Dec 1 2018, 3:23 AM
eugen_grosbein.net reopened D18380: Fix a number of style issues with trim(8).

Closed prematurely.

Dec 1 2018, 2:55 AM
eugen_grosbein.net added inline comments to D18380: Fix a number of style issues with trim(8).
Dec 1 2018, 2:52 AM

Nov 30 2018

eugen_grosbein.net added a comment to D18380: Fix a number of style issues with trim(8).
In D18380#391343, @cem wrote:

First, DIOCGDELETE is not GEOM-specific ioctl()

I don't know why you say that. It was created specifically for GEOM (r169284). That's what the 'G' in the name represents, along with other similar ioctls (r92698).

Nov 30 2018, 9:34 PM
eugen_grosbein.net added inline comments to D18380: Fix a number of style issues with trim(8).
Nov 30 2018, 9:13 PM
eugen_grosbein.net added inline comments to D18380: Fix a number of style issues with trim(8).
Nov 30 2018, 9:10 PM
eugen_grosbein.net added inline comments to D18380: Fix a number of style issues with trim(8).
Nov 30 2018, 8:45 PM
eugen_grosbein.net added a comment to D18380: Fix a number of style issues with trim(8).

I strongly disagree against GEOM'ifying or CAM'ifyng such simple code.

Nov 30 2018, 10:41 AM

Nov 29 2018

eugen_grosbein.net added a comment to D18380: Fix a number of style issues with trim(8).

I'm fine with rest of changes.

Nov 29 2018, 6:22 PM
eugen_grosbein.net added a comment to D18380: Fix a number of style issues with trim(8).

The check for CHR and SBLK is to issue nice and correct error message in case of pilot error instead of generic and obscure error after ioctl() so I'd prefer to keep it.

Nov 29 2018, 6:18 PM
eugen_grosbein.net added a comment to D18380: Fix a number of style issues with trim(8).

The operation in question is dangerous and can easily result in loss of data if used by unexperienced root. This is why I want it to NOT defaults to -f but instead defaults to verbose dry-run mode. Hence the need for -f and -q.

Nov 29 2018, 6:18 PM

Nov 26 2018

eugen_grosbein.net accepted D18338: Fix possible panic during ifnet detach in rtsock .
Nov 26 2018, 11:55 AM

Oct 28 2018

eugen_grosbein.net updated the diff for D17719: Improve ipfw.8 manual page with more clear layer2 processing documentation.

Use .Cm instead of .Nm for keyword. Begin sentences with new line.

Oct 28 2018, 7:24 PM

Oct 27 2018

eugen_grosbein.net updated the summary of D17719: Improve ipfw.8 manual page with more clear layer2 processing documentation.
Oct 27 2018, 3:46 PM
eugen_grosbein.net created D17719: Improve ipfw.8 manual page with more clear layer2 processing documentation.
Oct 27 2018, 3:16 PM

Oct 21 2018

eugen_grosbein.net accepted D17299: PR231649: pw: make checks in boolean_str() match reality.
Oct 21 2018, 12:43 PM

Oct 18 2018

eugen_grosbein.net added inline comments to D17598: Properly handle case when system is out of network interface numbers.
Oct 18 2018, 7:49 PM

Oct 16 2018

eugen_grosbein.net accepted D17575: pw: file == NULL check in read_userconfig() is always false.
Oct 16 2018, 11:04 AM