svn commit: r43892 - head/en_US.ISO8859-1/books/handbook/advanced-networking
Dru Lavigne
dru at FreeBSD.org
Wed Feb 12 23:20:57 UTC 2014
Author: dru
Date: Wed Feb 12 23:20:57 2014
New Revision: 43892
URL: http://svnweb.freebsd.org/changeset/doc/43892
Log:
White space fix only. Translators can ignore.
Sponsored by: iXsystems
Modified:
head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Feb 12 22:32:41 2014 (r43891)
+++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Wed Feb 12 23:20:57 2014 (r43892)
@@ -86,14 +86,15 @@
</sect1>
<sect1 xml:id="network-routing">
- <info><title>Gateways and Routes</title>
- <authorgroup>
- <author><personname><firstname>Coranth</firstname><surname>Gryphon</surname></personname><contrib>Contributed by </contrib></author>
+ <info>
+ <title>Gateways and Routes</title>
+
+ <authorgroup>
+ <author><personname><firstname>Coranth</firstname><surname>Gryphon</surname></personname><contrib>Contributed
+ by </contrib></author>
</authorgroup>
</info>
-
-
<indexterm><primary>routing</primary></indexterm>
<indexterm><primary>gateway</primary></indexterm>
<indexterm><primary>subnet</primary></indexterm>
@@ -151,12 +152,13 @@ host2.example.com link#1 UC
<primary>Ethernet</primary>
<secondary>MAC address</secondary>
</indexterm>
- <para>The addresses beginning with <systemitem class="etheraddress">0:e0:</systemitem> are Ethernet hardware addresses,
- also known as <acronym>MAC</acronym> addresses. &os; will
- automatically identify any hosts, <systemitem>test0</systemitem> in
- the example, on the local Ethernet and add a route for that
- host over the Ethernet interface,
- <filename>ed0</filename>. This type of route has a
+ <para>The addresses beginning with <systemitem
+ class="etheraddress">0:e0:</systemitem> are Ethernet
+ hardware addresses, also known as <acronym>MAC</acronym>
+ addresses. &os; will automatically identify any hosts,
+ <systemitem>test0</systemitem> in the example, on the local
+ Ethernet and add a route for that host over the Ethernet
+ interface, <filename>ed0</filename>. This type of route has a
timeout, seen in the <literal>Expire</literal> column, which
is used if the host does not respond in a specific amount of
time. When this happens, the route to this host will be
@@ -168,10 +170,11 @@ host2.example.com link#1 UC
<indexterm><primary>subnet</primary></indexterm>
<para>&os; will add subnet routes for the local subnet.
- <systemitem class="ipaddress">10.20.30.255</systemitem> is the broadcast
- address for the subnet <systemitem class="ipaddress">10.20.30</systemitem>
- and <systemitem class="fqdomainname">example.com</systemitem> is the
- domain name associated with that subnet. The designation
+ <systemitem class="ipaddress">10.20.30.255</systemitem> is the
+ broadcast address for the subnet <systemitem
+ class="ipaddress">10.20.30</systemitem> and <systemitem
+ class="fqdomainname">example.com</systemitem> is the domain
+ name associated with that subnet. The designation
<literal>link#1</literal> refers to the first Ethernet card in
the machine.</para>
@@ -189,13 +192,14 @@ host2.example.com link#1 UC
<para>The two <literal>host2</literal> lines represent aliases
which were created using &man.ifconfig.8;. The
<literal>=></literal> symbol after the
- <filename>lo0</filename> interface says that an alias
- has been set in addition to the loopback address. Such routes
- only show up on the host that supports the alias; all other
- hosts on the local network will have a
+ <filename>lo0</filename> interface says that an alias has been
+ set in addition to the loopback address. Such routes only
+ show up on the host that supports the alias; all other hosts
+ on the local network will have a
<literal>link#1</literal> line for such routes.</para>
- <para>The final line (destination subnet <systemitem class="ipaddress">224</systemitem>) deals with
+ <para>The final line (destination subnet <systemitem
+ class="ipaddress">224</systemitem>) deals with
multicasting.</para>
<para>Finally, various attributes of each route can be seen in
@@ -332,25 +336,28 @@ host2.example.com link#1 UC
</informaltable>
<para>A common question is <quote>Why is
- <systemitem>T1-GW</systemitem> configured as the default gateway for
- <systemitem>Local1</systemitem>, rather than the
+ <systemitem>T1-GW</systemitem> configured as the default
+ gateway for <systemitem>Local1</systemitem>, rather than the
<acronym>ISP</acronym> server it is connected
to?</quote>.</para>
<para>Since the <acronym>PPP</acronym> interface is using an
- address on the <acronym>ISP</acronym>'s local network for
- the local side of the connection, routes for any other
- machines on the <acronym>ISP</acronym>'s local network will
- be automatically generated. The system already knows how
- to reach the <systemitem>T1-GW</systemitem> machine, so there is no
- need for the intermediate step of sending traffic to the
+ address on the <acronym>ISP</acronym>'s local network for the
+ local side of the connection, routes for any other machines on
+ the <acronym>ISP</acronym>'s local network will be
+ automatically generated. The system already knows how to
+ reach the <systemitem>T1-GW</systemitem> machine, so there is
+ no need for the intermediate step of sending traffic to the
<acronym>ISP</acronym>'s server.</para>
- <para>It is common to use the address <systemitem class="ipaddress">X.X.X.1</systemitem> as the gateway address for
- the local network. So, if the local class C address space is
- <systemitem class="ipaddress">10.20.30</systemitem> and the
- <acronym>ISP</acronym> is using <systemitem class="ipaddress">10.9.9</systemitem>, the default routes would
- be:</para>
+ <para>It is common to use the address <systemitem
+ class="ipaddress">X.X.X.1</systemitem> as the gateway
+ address for the local network. So, if the local class C
+ address space is <systemitem
+ class="ipaddress">10.20.30</systemitem> and the
+ <acronym>ISP</acronym> is using <systemitem
+ class="ipaddress">10.9.9</systemitem>, the default routes
+ would be:</para>
<informaltable frame="none" pgwide="1">
<tgroup cols="2">
@@ -452,13 +459,15 @@ host2.example.com link#1 UC
</sect2>
<sect2 xml:id="network-static-routes">
- <info><title>Setting Up Static Routes</title>
+ <info>
+ <title>Setting Up Static Routes</title>
+
<authorgroup>
- <author><personname><firstname>Al</firstname><surname>Hoang</surname></personname><contrib>Contributed by </contrib></author>
+ <author><personname><firstname>Al</firstname><surname>Hoang</surname></personname><contrib>Contributed
+ by </contrib></author>
</authorgroup>
</info>
<!-- Feb 2004 -->
-
<sect3>
<title>Manual Configuration</title>
@@ -497,14 +506,18 @@ host2.example.com link#1 UC
</textobject>
</mediaobject>
- <para>In this scenario, <systemitem>RouterA</systemitem> is a &os;
- machine that is acting as a router to the rest of the
- Internet. It has a default route set to <systemitem class="ipaddress">10.0.0.1</systemitem> which allows it to
- connect with the outside world. <systemitem>RouterB</systemitem> is
- already configured properly as it uses <systemitem class="ipaddress">192.168.1.1</systemitem> as the gateway.</para>
+ <para>In this scenario, <systemitem>RouterA</systemitem> is a
+ &os; machine that is acting as a router to the rest of the
+ Internet. It has a default route set to <systemitem
+ class="ipaddress">10.0.0.1</systemitem> which allows it to
+ connect with the outside world.
+ <systemitem>RouterB</systemitem> is already configured
+ properly as it uses <systemitem
+ class="ipaddress">192.168.1.1</systemitem> as the
+ gateway.</para>
- <para>The routing table on <systemitem>RouterA</systemitem> looks
- something like this:</para>
+ <para>The routing table on <systemitem>RouterA</systemitem>
+ looks something like this:</para>
<screen>&prompt.user; <userinput>netstat -nr</userinput>
Routing tables
@@ -516,17 +529,20 @@ default 10.0.0.1 UG
10.0.0.0/24 link#1 UC 0 0 xl0
192.168.1.0/24 link#2 UC 0 0 xl1</screen>
- <para>With the current routing table, <systemitem>RouterA</systemitem>
- cannot reach Internal Net 2 as it does not have a route for
- <systemitem class="ipaddress">192.168.2.0/24</systemitem>. The
+ <para>With the current routing table,
+ <systemitem>RouterA</systemitem> cannot reach Internal Net
+ 2 as it does not have a route for <systemitem
+ class="ipaddress">192.168.2.0/24</systemitem>. The
following command adds the Internal Net 2 network to
- <systemitem>RouterA</systemitem>'s routing table using <systemitem class="ipaddress">192.168.1.2</systemitem> as the next
- hop:</para>
+ <systemitem>RouterA</systemitem>'s routing table using
+ <systemitem class="ipaddress">192.168.1.2</systemitem> as
+ the next hop:</para>
<screen>&prompt.root; <userinput>route add -net 192.168.2.0/24 192.168.1.2</userinput></screen>
- <para>Now <systemitem>RouterA</systemitem> can reach any hosts on the
- <systemitem class="ipaddress">192.168.2.0/24</systemitem>
+ <para>Now <systemitem>RouterA</systemitem> can reach any hosts
+ on the <systemitem
+ class="ipaddress">192.168.2.0/24</systemitem>
network.</para>
</sect3>
@@ -558,8 +574,9 @@ route_internalnet2="-net 192.168.2.0/24
<para>Using more than one string in
<literal>static_routes</literal> creates multiple static
routes. The following shows an example of adding static
- routes for the <systemitem class="ipaddress">192.168.0.0/24</systemitem>
- and <systemitem class="ipaddress">192.168.1.0/24</systemitem>
+ routes for the <systemitem
+ class="ipaddress">192.168.0.0/24</systemitem> and
+ <systemitem class="ipaddress">192.168.1.0/24</systemitem>
networks:</para>
<programlisting>static_routes="net1 net2"
@@ -644,13 +661,16 @@ route_net2="-net 192.168.1.0/24 192.168.
which has largely been replaced by &man.pim.4; in many
multicast installations. &man.mrouted.8; and the related
&man.map-mbone.8; and &man.mrinfo.8; utilities are available
- in the &os; Ports Collection as <package>net/mrouted</package>.</para>
+ in the &os; Ports Collection as
+ <package>net/mrouted</package>.</para>
</note>
</sect2>
</sect1>
<sect1 xml:id="network-wireless">
- <info><title>Wireless Networking</title>
+ <info>
+ <title>Wireless Networking</title>
+
<authorgroup>
<author><personname><othername>Loader</othername></personname></author>
@@ -659,7 +679,6 @@ route_net2="-net 192.168.1.0/24 192.168.
<author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname></author>
</authorgroup>
</info>
-
<indexterm><primary>wireless networking</primary></indexterm>
<indexterm>
@@ -800,11 +819,13 @@ route_net2="-net 192.168.1.0/24 192.168.
changed according to the configuration. A list of
available wireless drivers and supported adapters can be
found in the &os; Hardware Notes, available on
- the <link xlink:href="http://www.FreeBSD.org/releases/index.html">Release
+ the <link
+ xlink:href="http://www.FreeBSD.org/releases/index.html">Release
Information</link> page of the &os; website. If a
native &os; driver for the wireless device does not
exist, it may be possible to use the &windows; driver
- with the help of the <link linkend="config-network-ndis">NDIS</link> driver
+ with the help of the <link
+ linkend="config-network-ndis">NDIS</link> driver
wrapper.</para>
</note>
@@ -980,7 +1001,8 @@ freebsdap 00:11:95:c3:0d:ac 1
<para>This section provides a simple example of how to make
the wireless network adapter work in &os; without
encryption. Once familiar with these concepts, it is
- strongly recommend to use <link linkend="network-wireless-wpa">WPA</link> to set up
+ strongly recommend to use <link
+ linkend="network-wireless-wpa">WPA</link> to set up
the wireless network.</para>
<para>There are three basic steps to configure a wireless
@@ -1057,7 +1079,8 @@ ifconfig_wlan0="mode <replaceable>11g</r
authentication is the default setting. The next most
common setup is <acronym>WPA-PSK</acronym>, also
known as <acronym>WPA</acronym> Personal, which is
- described in <xref linkend="network-wireless-wpa-wpa-psk"/>.</para>
+ described in <xref
+ linkend="network-wireless-wpa-wpa-psk"/>.</para>
<note>
<para>If using an &apple; &airport; Extreme base
@@ -1079,7 +1102,8 @@ ifconfig_wlan0="authmode shared wepmode
with legacy devices, it is better to use
<acronym>WEP</acronym> with <literal>open</literal>
authentication. More information regarding
- <acronym>WEP</acronym> can be found in <xref linkend="network-wireless-wep"/>.</para>
+ <acronym>WEP</acronym> can be found in <xref
+ linkend="network-wireless-wep"/>.</para>
</note>
</sect5>
@@ -1339,17 +1363,19 @@ wlan0: flags=8843<UP,BROADCAST,RUNNIN
(<acronym>EAP-TLS</acronym>) is a well-supported
wireless authentication protocol since it was the
first <acronym>EAP</acronym> method to be certified
- by the <link xlink:href="http://www.wi-fi.org/">Wi-Fi alliance</link>.
- <acronym>EAP-TLS</acronym> requires three certificates
- to run: the certificate of the Certificate Authority
- (<acronym>CA</acronym>) installed on all machines, the
- server certificate for the authentication server, and
- one client certificate for each wireless client. In
- this <acronym>EAP</acronym> method, both the
- authentication server and wireless client authenticate
- each other by presenting their respective certificates,
- and then verify that these certificates were signed by
- the organization's <acronym>CA</acronym>.</para>
+ by the <link
+ xlink:href="http://www.wi-fi.org/">Wi-Fi
+ alliance</link>. <acronym>EAP-TLS</acronym> requires
+ three certificates to run: the certificate of the
+ Certificate Authority (<acronym>CA</acronym>) installed
+ on all machines, the server certificate for the
+ authentication server, and one client certificate for
+ each wireless client. In this <acronym>EAP</acronym>
+ method, both the authentication server and wireless
+ client authenticate each other by presenting their
+ respective certificates, and then verify that these
+ certificates were signed by the organization's
+ <acronym>CA</acronym>.</para>
<para>As previously, the configuration is done via
<filename>/etc/wpa_supplicant.conf</filename>:</para>
@@ -1742,8 +1768,8 @@ Associated with 00:13:46:49:41:76</scree
<para><acronym>IBSS</acronym> mode, also called ad-hoc mode, is
designed for point to point connections. For example, to
establish an ad-hoc network between the machines
- <systemitem>A</systemitem> and <systemitem>B</systemitem>, choose two
- <acronym>IP</acronym> addresses and a
+ <systemitem>A</systemitem> and <systemitem>B</systemitem>,
+ choose two <acronym>IP</acronym> addresses and a
<acronym>SSID</acronym>.</para>
<para>On <systemitem>A</systemitem>:</para>
@@ -1773,8 +1799,8 @@ Associated with 00:13:46:49:41:76</scree
<para>The <literal>I</literal> in the output confirms that
<systemitem>A</systemitem> is in ad-hoc mode. Now, configure
- <systemitem>B</systemitem> with a different <acronym>IP</acronym>
- address:</para>
+ <systemitem>B</systemitem> with a different
+ <acronym>IP</acronym> address:</para>
<screen>&prompt.root; <userinput>ifconfig <replaceable>wlan0</replaceable> inet <replaceable>192.168.0.2</replaceable> netmask <replaceable>255.255.255.0</replaceable> ssid <replaceable>freebsdap</replaceable></userinput>
&prompt.root; <userinput>ifconfig <replaceable>wlan0</replaceable></userinput>
@@ -1787,8 +1813,9 @@ Associated with 00:13:46:49:41:76</scree
country US ecm authmode OPEN privacy OFF txpower 21.5 scanvalid 60
protmode CTS wme burst</screen>
- <para>Both <systemitem>A</systemitem> and <systemitem>B</systemitem> are now
- ready to exchange information.</para>
+ <para>Both <systemitem>A</systemitem> and
+ <systemitem>B</systemitem> are now ready to exchange
+ information.</para>
</sect2>
<sect2 xml:id="network-wireless-ap">
@@ -1807,7 +1834,8 @@ Associated with 00:13:46:49:41:76</scree
<acronym>AP</acronym>, the kernel must be configured with
the appropriate networking support for the wireless card
as well as the security protocols being used. For more
- details, see <xref linkend="network-wireless-basic"/>.</para>
+ details, see <xref
+ linkend="network-wireless-basic"/>.</para>
<note>
<para>The <acronym>NDIS</acronym> driver wrapper for
@@ -1914,8 +1942,8 @@ freebsdap 00:11:95:c3:0d:ac 1
<acronym>AP</acronym> using the <acronym>WPA</acronym>
security protocol. More details regarding
<acronym>WPA</acronym> and the configuration of
- <acronym>WPA</acronym>-based
- wireless clients can be found in <xref linkend="network-wireless-wpa"/>.</para>
+ <acronym>WPA</acronym>-based wireless clients can be found
+ in <xref linkend="network-wireless-wpa"/>.</para>
<para>The &man.hostapd.8; daemon is used to deal with client
authentication and key management on the
@@ -1931,7 +1959,8 @@ freebsdap 00:11:95:c3:0d:ac 1
<programlisting>hostapd_enable="YES"</programlisting>
<para>Before trying to configure &man.hostapd.8;, first
- configure the basic settings introduced in <xref linkend="network-wireless-ap-basic"/>.</para>
+ configure the basic settings introduced in <xref
+ linkend="network-wireless-ap-basic"/>.</para>
<sect4>
<title><acronym>WPA-PSK</acronym></title>
@@ -2042,10 +2071,10 @@ wpa_pairwise=CCMP TKIP <co xml:id="co-ap
authmode WPA2/802.11i privacy MIXED deftxkey 2 TKIP 2:128-bit txpowmax 36 protmode CTS dtimperiod 1 bintval 100</screen>
<para>Once the <acronym>AP</acronym> is running, the
- clients can associate with it. See <xref linkend="network-wireless-wpa"/> for more details.
- It is possible to see the stations associated with the
- <acronym>AP</acronym> using <command>ifconfig
- wlan0 list
+ clients can associate with it. See <xref
+ linkend="network-wireless-wpa"/> for more details. It
+ is possible to see the stations associated with the
+ <acronym>AP</acronym> using <command>ifconfig wlan0 list
sta</command>.</para>
</sect4>
</sect3>
@@ -2112,7 +2141,8 @@ freebsdap 00:11:95:c3:0d:ac 1
<para>In this example, the client machine found the
<acronym>AP</acronym> and can associate with it using the
- correct parameters. See <xref linkend="network-wireless-wep"/> for more details.</para>
+ correct parameters. See <xref
+ linkend="network-wireless-wep"/> for more details.</para>
</sect3>
</sect2>
@@ -2131,8 +2161,10 @@ freebsdap 00:11:95:c3:0d:ac 1
and the operating system switches automatically when the link
state changes.</para>
- <para>Link aggregation and failover is covered in <xref linkend="network-aggregation"/> and an example for using
- both wired and wireless connections is provided at <xref linkend="networking-lagg-wired-and-wireless"/>.</para>
+ <para>Link aggregation and failover is covered in <xref
+ linkend="network-aggregation"/> and an example for using
+ both wired and wireless connections is provided at <xref
+ linkend="networking-lagg-wired-and-wireless"/>.</para>
</sect2>
<sect2>
@@ -2228,16 +2260,17 @@ freebsdap 00:11:95:c3:0d:ac 1
</sect1>
<sect1 xml:id="network-bluetooth">
- <info><title>Bluetooth</title>
+ <info>
+ <title>Bluetooth</title>
+
<authorgroup>
- <author><personname><firstname>Pav</firstname><surname>Lucistnik</surname></personname><contrib>Written by </contrib><affiliation>
+ <author><personname><firstname>Pav</firstname><surname>Lucistnik</surname></personname><contrib>Written
+ by </contrib><affiliation>
<address><email>pav at FreeBSD.org</email></address>
</affiliation></author>
</authorgroup>
</info>
-
-
<indexterm><primary>Bluetooth</primary></indexterm>
<sect2>
<title>Introduction</title>
@@ -2804,8 +2837,9 @@ Success, response: OK, Success (0x20)</s
<para>In order to provide the <acronym>OPUSH</acronym> service,
&man.sdpd.8; must be running and a root folder, where all
incoming objects will be stored, must be created. The
- default path to the root folder is <filename>/var/spool/obex</filename>. Finally,
- start the <acronym>OBEX</acronym> server on a valid
+ default path to the root folder is
+ <filename>/var/spool/obex</filename>. Finally, start the
+ <acronym>OBEX</acronym> server on a valid
<acronym>RFCOMM</acronym> channel number. The
<acronym>OBEX</acronym> server will automatically register
the <acronym>OPUSH</acronym> service with the local
@@ -2877,12 +2911,14 @@ rfcomm_sppd[94692]: Starting on /dev/tty
</sect1>
<sect1 xml:id="network-bridging">
- <info><title>Bridging</title>
+ <info>
+ <title>Bridging</title>
+
<authorgroup>
- <author><personname><firstname>Andrew</firstname><surname>Thompson</surname></personname><contrib>Written by </contrib></author>
+ <author><personname><firstname>Andrew</firstname><surname>Thompson</surname></personname><contrib>Written
+ by </contrib></author>
</authorgroup>
</info>
-
<sect2>
<title>Introduction</title>
@@ -3206,23 +3242,25 @@ bridge0: flags=8843<UP,BROADCAST,RUNN
forwarding table. Clients learned on a particular segment
of the bridge can not roam to another segment.</para>
- <para>Another example of using sticky addresses is to
- combine the bridge with <acronym>VLAN</acronym>s to create
- a router where customer networks are isolated without
- wasting <acronym>IP</acronym> address space. Consider that
- <systemitem class="fqdomainname">CustomerA</systemitem> is on
- <literal>vlan100</literal> and <systemitem class="fqdomainname">CustomerB</systemitem> is on
+ <para>Another example of using sticky addresses is to combine
+ the bridge with <acronym>VLAN</acronym>s to create a router
+ where customer networks are isolated without wasting
+ <acronym>IP</acronym> address space. Consider that
+ <systemitem class="fqdomainname">CustomerA</systemitem> is
+ on <literal>vlan100</literal> and <systemitem
+ class="fqdomainname">CustomerB</systemitem> is on
<literal>vlan101</literal>. The bridge has the address
- <systemitem class="ipaddress">192.168.0.1</systemitem> and is also an
- Internet router.</para>
+ <systemitem class="ipaddress">192.168.0.1</systemitem> and
+ is also an Internet router.</para>
<screen>&prompt.root; <userinput>ifconfig bridge0 addm vlan100 sticky vlan100 addm vlan101 sticky vlan101</userinput>
&prompt.root; <userinput>ifconfig bridge0 inet 192.168.0.1/24</userinput></screen>
- <para>In this example, both clients see <systemitem class="ipaddress">192.168.0.1</systemitem> as their default
- gateway. Since the bridge cache is sticky, one host can not
- spoof the <acronym>MAC</acronym> address of the other
- customer in order to intercept their traffic.</para>
+ <para>In this example, both clients see <systemitem
+ class="ipaddress">192.168.0.1</systemitem> as their
+ default gateway. Since the bridge cache is sticky, one host
+ can not spoof the <acronym>MAC</acronym> address of the
+ other customer in order to intercept their traffic.</para>
<para>Any communication between the <acronym>VLAN</acronym>s
can be blocked using a firewall or, as seen in this example,
@@ -3231,8 +3269,8 @@ bridge0: flags=8843<UP,BROADCAST,RUNN
<screen>&prompt.root; <userinput>ifconfig bridge0 private vlan100 private vlan101</userinput></screen>
<para>The customers are completely isolated from each other
- and the full <systemitem class="netmask">/24</systemitem> address
- range can be allocated without subnetting.</para>
+ and the full <systemitem class="netmask">/24</systemitem>
+ address range can be allocated without subnetting.</para>
</sect3>
<sect3>
@@ -3245,7 +3283,8 @@ bridge0: flags=8843<UP,BROADCAST,RUNN
is removed.</para>
<para>The following example sets the maximum number of
- Ethernet devices for <systemitem class="fqdomainname">CustomerA</systemitem> on
+ Ethernet devices for <systemitem
+ class="fqdomainname">CustomerA</systemitem> on
<literal>vlan100</literal> to 10:</para>
<screen>&prompt.root; <userinput>ifconfig bridge0 ifmaxaddr vlan100 10</userinput></screen>
@@ -3272,11 +3311,13 @@ bridge0: flags=8843<UP,BROADCAST,RUNN
information.</para>
<para>The following examples use the
- <application>Net-SNMP</application> software (<package>net-mgmt/net-snmp</package>) to query a
- bridge from a client system. The <package>net-mgmt/bsnmptools</package> port can
- also be used. From the <acronym>SNMP</acronym> client
- which is running <application>Net-SNMP</application>, add
- the following lines to
+ <application>Net-SNMP</application> software
+ (<package>net-mgmt/net-snmp</package>) to query a bridge
+ from a client system. The
+ <package>net-mgmt/bsnmptools</package> port can also be
+ used. From the <acronym>SNMP</acronym> client which is
+ running <application>Net-SNMP</application>, add the
+ following lines to
<filename>$HOME/.snmp/snmp.conf</filename> in order to
import the bridge <acronym>MIB</acronym> definitions:</para>
@@ -3340,12 +3381,14 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefault
</sect1>
<sect1 xml:id="network-aggregation">
- <info><title>Link Aggregation and Failover</title>
+ <info>
+ <title>Link Aggregation and Failover</title>
+
<authorgroup>
- <author><personname><firstname>Andrew</firstname><surname>Thompson</surname></personname><contrib>Written by </contrib></author>
+ <author><personname><firstname>Andrew</firstname><surname>Thompson</surname></personname><contrib>Written
+ by </contrib></author>
</authorgroup>
</info>
-
<indexterm><primary>lagg</primary></indexterm>
<indexterm><primary>failover</primary></indexterm>
@@ -3685,15 +3728,18 @@ ifconfig_<literal>lagg0</literal>="laggp
</sect1>
<sect1 xml:id="network-diskless">
- <info><title>Diskless Operation</title>
+ <info>
+ <title>Diskless Operation</title>
+
<authorgroup>
- <author><personname><firstname>Jean-François</firstname><surname>Dockès</surname></personname><contrib>Updated by </contrib></author>
+ <author><personname><firstname>Jean-François</firstname><surname>Dockès</surname></personname><contrib>Updated
+ by </contrib></author>
</authorgroup>
<authorgroup>
- <author><personname><firstname>Alex</firstname><surname>Dupre</surname></personname><contrib>Reorganized and enhanced by </contrib></author>
+ <author><personname><firstname>Alex</firstname><surname>Dupre</surname></personname><contrib>Reorganized
+ and enhanced by </contrib></author>
</authorgroup>
</info>
-
<indexterm><primary>diskless workstation</primary></indexterm>
<indexterm><primary>diskless operation</primary></indexterm>
@@ -3717,8 +3763,9 @@ ifconfig_<literal>lagg0</literal>="laggp
file system on the server. The script will probably require
a little customization.</para>
- <para>Standard system startup files exist in <filename>/etc</filename> to detect and support a
- diskless system startup.</para>
+ <para>Standard system startup files exist in
+ <filename>/etc</filename> to detect and support a diskless
+ system startup.</para>
<para>Swapping, if needed, can be done either to an
<acronym>NFS</acronym> file or to a local disk.</para>
@@ -3736,10 +3783,10 @@ ifconfig_<literal>lagg0</literal>="laggp
<filename>/</filename> and
<filename>/usr</filename>.</para>
- <para>The root file system is a copy of a standard &os;
- root, with some configuration files overridden by ones
- specific to diskless operation or, possibly, to the
- workstation they belong to.</para>
+ <para>The root file system is a copy of a standard &os; root,
+ with some configuration files overridden by ones specific to
+ diskless operation or, possibly, to the workstation they
+ belong to.</para>
<para>The parts of the root which have to be writable are
overlaid with &man.md.4; file systems. Any changes will be
@@ -3855,8 +3902,9 @@ ifconfig_<literal>lagg0</literal>="laggp
answer both <acronym>BOOTP</acronym> and
<acronym>DHCP</acronym> requests.</para>
- <para><application>ISC DHCP</application> is not part of
- the base system. Install the <package>net/isc-dhcp42-server</package> port or
+ <para><application>ISC DHCP</application> is not part of the
+ base system. Install the
+ <package>net/isc-dhcp42-server</package> port or
package.</para>
<para>Once <application>ISC DHCP</application> is installed,
@@ -3980,7 +4028,8 @@ subnet 192.168.4.0 netmask 255.255.255.0
<procedure>
<step>
<para>Create a directory from which &man.tftpd.8; will
- serve the files, such as <filename>/tftpboot</filename>.</para>
+ serve the files, such as
+ <filename>/tftpboot</filename>.</para>
</step>
<step>
@@ -4152,7 +4201,8 @@ cd /usr/src/etc; make distribution</prog
<title>Miscellaneous Issues</title>
<sect4>
- <title>Running with a Read-only <filename>/usr</filename></title>
+ <title>Running with a Read-only
+ <filename>/usr</filename></title>
<indexterm>
<primary>diskless operation</primary>
@@ -4162,7 +4212,8 @@ cd /usr/src/etc; make distribution</prog
<para>If the diskless workstation is configured to run
<application>&xorg;</application>, adjust the
<application>XDM</application> configuration file as it
- puts the error log on <filename>/usr</filename> by default.</para>
+ puts the error log on <filename>/usr</filename> by
+ default.</para>
</sect4>
<sect4>
@@ -4174,27 +4225,28 @@ cd /usr/src/etc; make distribution</prog
&man.tar.1; or &man.cpio.1;.</para>
<para>In this situation, there are sometimes problems with
- the special files in <filename>/dev</filename>, due to differing
- major/minor integer sizes. A solution to this problem
- is to export a directory from the non-&os; server, mount
- this directory onto a &os; machine, and use &man.devfs.5;
- to allocate device nodes transparently for the
- user.</para>
+ the special files in <filename>/dev</filename>, due to
+ differing major/minor integer sizes. A solution to this
+ problem is to export a directory from the non-&os; server,
+ mount this directory onto a &os; machine, and use
+ &man.devfs.5; to allocate device nodes transparently for
+ the user.</para>
</sect4>
</sect3>
</sect2>
</sect1>
<sect1 xml:id="network-pxe-nfs">
- <info><title>PXE Booting with an <acronym>NFS</acronym> Root File
+ <info>
+ <title>PXE Booting with an <acronym>NFS</acronym> Root File
System</title>
+
<authorgroup>
<author><personname><firstname>Craig</firstname><surname>Rodrigues</surname></personname><affiliation>
<address>rodrigc at FreeBSD.org</address>
</affiliation><contrib>Written by </contrib></author>
</authorgroup>
</info>
-
<para>The &intel; Preboot eXecution Environment
(<acronym>PXE</acronym>) allows booting the operating system
@@ -4211,7 +4263,8 @@ cd /usr/src/etc; make distribution</prog
loader via <acronym>TFTP</acronym>. After the host computer
receives this information, it downloads the boot loader via
<acronym>TFTP</acronym> and then executes the boot loader.
- This is documented in section 2.2.1 of the <link xlink:href="http://download.intel.com/design/archives/wfm/downloads/pxespec.pdf">Preboot
+ This is documented in section 2.2.1 of the <link
+ xlink:href="http://download.intel.com/design/archives/wfm/downloads/pxespec.pdf">Preboot
Execution Environment (<acronym>PXE</acronym>)
Specification</link>. In &os;, the boot loader retrieved
during the <acronym>PXE</acronym> process is
@@ -4229,8 +4282,9 @@ cd /usr/src/etc; make distribution</prog
<step>
<para>Choose a directory which will have a &os;
installation which will be <acronym>NFS</acronym>
- mountable. For example, a directory such as <filename>/b/tftpboot/FreeBSD/install</filename>
- can be used.</para>
+ mountable. For example, a directory such as
+ <filename>/b/tftpboot/FreeBSD/install</filename> can be
+ used.</para>
<screen>&prompt.root; <userinput>export NFSROOTDIR=/b/tftpboot/FreeBSD/install</userinput>
&prompt.root; <userinput>mkdir -p ${NFSROOTDIR}</userinput></screen>
@@ -4238,7 +4292,8 @@ cd /usr/src/etc; make distribution</prog
<step>
<para>Enable the <acronym>NFS</acronym> server by following
- the instructions in <xref linkend="network-configuring-nfs"/>.</para>
+ the instructions in <xref
+ linkend="network-configuring-nfs"/>.</para>
</step>
<step>
@@ -4274,7 +4329,8 @@ cd /usr/src/etc; make distribution</prog
</step>
<step>
- <para>Rebuild the &os; kernel and userland (<xref linkend="makeworld"/>):</para>
+ <para>Rebuild the &os; kernel and userland (<xref
+ linkend="makeworld"/>):</para>
<screen>&prompt.root; <userinput>cd /usr/src</userinput>
&prompt.root; <userinput>make buildworld</userinput>
@@ -4358,17 +4414,19 @@ myhost.example.com:/b/tftpboot/FreeBSD/i
<acronym>NFS</acronym> boot and runs
<filename>/etc/rc.initdiskless</filename>. Read the comments
in this script to understand what is going on. In this case,
- <filename>/etc</filename> and <filename>/var</filename> need to be memory backed
- file systems so that these directories are writable but the
- <acronym>NFS</acronym> root directory is read-only:</para>
+ <filename>/etc</filename> and <filename>/var</filename> need
+ to be memory backed file systems so that these directories are
+ writable but the <acronym>NFS</acronym> root directory is
+ read-only:</para>
<screen>&prompt.root; <userinput>chroot ${NFSROOTDIR}</userinput>
&prompt.root; <userinput>mkdir -p conf/base</userinput>
&prompt.root; <userinput>tar -c -v -f conf/base/etc.cpio.gz --format cpio --gzip etc</userinput>
&prompt.root; <userinput>tar -c -v -f conf/base/var.cpio.gz --format cpio --gzip var</userinput></screen>
- <para>When the system boots, memory file systems for <filename>/etc</filename> and <filename>/var</filename> will be created and
- mounted and the contents of the
+ <para>When the system boots, memory file systems for
+ <filename>/etc</filename> and <filename>/var</filename> will
+ be created and mounted and the contents of the
<filename>cpio.gz</filename> files will be copied into
them.</para>
</sect2>
@@ -4385,7 +4443,8 @@ myhost.example.com:/b/tftpboot/FreeBSD/i
<procedure>
<step>
<para>Install the <acronym>DHCP</acronym> server by
- following the instructions documented at <xref linkend="network-dhcp-server"/>. Make sure that
+ following the instructions documented at <xref
+ linkend="network-dhcp-server"/>. Make sure that
<filename>/etc/rc.conf</filename> and
<filename>/usr/local/etc/dhcpd.conf</filename> are
correctly configured.</para>
@@ -4443,7 +4502,8 @@ myhost.example.com:/b/tftpboot/FreeBSD/i
<para>Use the <package>net/wireshark</package> package or
port to debug the network traffic involved during the
<acronym>PXE</acronym> booting process, as illustrated
- in the diagram below. In <xref linkend="network-pxe-setting-up-dhcp"/>, an example
+ in the diagram below. In <xref
+ linkend="network-pxe-setting-up-dhcp"/>, an example
configuration is shown where the <acronym>DHCP</acronym>,
<acronym>TFTP</acronym>, and <acronym>NFS</acronym>
servers are on the same machine. However, these
@@ -4456,11 +4516,16 @@ myhost.example.com:/b/tftpboot/FreeBSD/i
<mediaobject>
<imageobjectco>
<areaspec units="calspair">
- <area xml:id="co-pxenfs1" coords="2873,8133 3313,7266"/>
- <area xml:id="co-pxenfs2" coords="3519,6333 3885,5500"/>
- <area xml:id="co-pxenfs3" coords="4780,5866 5102,5200"/>
- <area xml:id="co-pxenfs4" coords="4794,4333 5102,3600"/>
- <area xml:id="co-pxenfs5" coords="3108,2666 3519,1800"/>
+ <area
+ xml:id="co-pxenfs1" coords="2873,8133 3313,7266"/>
+ <area
+ xml:id="co-pxenfs2" coords="3519,6333 3885,5500"/>
+ <area
+ xml:id="co-pxenfs3" coords="4780,5866 5102,5200"/>
+ <area
+ xml:id="co-pxenfs4" coords="4794,4333 5102,3600"/>
+ <area
+ xml:id="co-pxenfs5" coords="3108,2666 3519,1800"/>
</areaspec>
<imageobject>
<imagedata fileref="advanced-networking/pxe-nfs"/>
@@ -4547,12 +4612,14 @@ Received 264951 bytes in 0.1 seconds</sc
</sect1>
<sect1 xml:id="network-natd">
- <info><title>Network Address Translation</title>
+ <info>
+ <title>Network Address Translation</title>
+
<authorgroup>
- <author><personname><firstname>Chern</firstname><surname>Lee</surname></personname><contrib>Contributed by </contrib></author>
+ <author><personname><firstname>Chern</firstname><surname>Lee</surname></personname><contrib>Contributed
+ by </contrib></author>
</authorgroup>
</info>
-
<sect2 xml:id="network-natoverview">
<title>Overview</title>
@@ -4768,20 +4835,27 @@ redirect_port tcp 192.168.0.3:80 80</pro
<para>Each machine and interface behind the
<acronym>LAN</acronym> should be assigned
<acronym>IP</acronym> addresses in the private network space,
- as defined by <link xlink:href="ftp://ftp.isi.edu/in-notes/rfc1918.txt">RFC
+ as defined by <link
+ xlink:href="ftp://ftp.isi.edu/in-notes/rfc1918.txt">RFC
1918</link>, and have a default gateway of the
&man.natd.8; machine's internal <acronym>IP</acronym>
address.</para>
<para>For example, client <systemitem>A</systemitem> and
- <systemitem>B</systemitem> behind the <acronym>LAN</acronym> have
- <acronym>IP</acronym> addresses of <systemitem class="ipaddress">192.168.0.2</systemitem> and <systemitem class="ipaddress">192.168.0.3</systemitem>, while the &man.natd.8;
- machine's <acronym>LAN</acronym> interface has an
- <acronym>IP</acronym> address of <systemitem class="ipaddress">192.168.0.1</systemitem>. The default gateway
- of clients <systemitem>A</systemitem> and <systemitem>B</systemitem> must be
- set to that of the &man.natd.8; machine, <systemitem class="ipaddress">192.168.0.1</systemitem>. The &man.natd.8;
- machine's external Internet interface does not require any
- special modification for &man.natd.8; to work.</para>
+ <systemitem>B</systemitem> behind the <acronym>LAN</acronym>
+ have <acronym>IP</acronym> addresses of <systemitem
+ class="ipaddress">192.168.0.2</systemitem> and <systemitem
+ class="ipaddress">192.168.0.3</systemitem>, while the
+ &man.natd.8; machine's <acronym>LAN</acronym> interface has an
+ <acronym>IP</acronym> address of <systemitem
+ class="ipaddress">192.168.0.1</systemitem>. The default
+ gateway of clients <systemitem>A</systemitem> and
+ <systemitem>B</systemitem> must be set to that of the
+ &man.natd.8; machine, <systemitem
+ class="ipaddress">192.168.0.1</systemitem>. The
+ &man.natd.8; machine's external Internet interface does not
+ require any special modification for &man.natd.8; to
+ work.</para>
</sect2>
<sect2 xml:id="network-natdport-redirection">
@@ -4798,10 +4872,10 @@ redirect_port tcp 192.168.0.3:80 80</pro
client.</para>
<para>For example, an <acronym>IRC</acronym> server runs on
- client <systemitem>A</systemitem> and a web server runs on client
- <systemitem>B</systemitem>. For this to work properly, connections
- received on ports 6667 (<acronym>IRC</acronym>) and 80
- (<acronym>HTTP</acronym>) must be redirected to the
+ client <systemitem>A</systemitem> and a web server runs on
+ client <systemitem>B</systemitem>. For this to work properly,
+ connections received on ports 6667 (<acronym>IRC</acronym>)
+ and 80 (<acronym>HTTP</acronym>) must be redirected to the
respective machines.</para>
<para>The syntax for <option>-redirect_port</option> is as
@@ -4823,7 +4897,8 @@ redirect_port tcp 192.168.0.3:80 80</pro
<option>-redirect_port</option>. For example,
<replaceable>tcp 192.168.0.2:2000-3000 2000-3000</replaceable>
would redirect all connections received on ports 2000 to 3000
- to ports 2000 to 3000 on client <systemitem>A</systemitem>.</para>
+ to ports 2000 to 3000 on client
+ <systemitem>A</systemitem>.</para>
<para>These options can be used when directly running
&man.natd.8;, placed within the
@@ -4849,12 +4924,17 @@ redirect_port tcp 192.168.0.3:80 80</pro
incoming on that particular <acronym>IP</acronym> address
back to the specific <acronym>LAN</acronym> client. This is
also known as static <acronym>NAT</acronym>. For example,
- if <acronym>IP</acronym> addresses <systemitem class="ipaddress">128.1.1.1</systemitem>, <systemitem class="ipaddress">128.1.1.2</systemitem>, and <systemitem class="ipaddress">128.1.1.3</systemitem> are available, <systemitem class="ipaddress">128.1.1.1</systemitem> can be used as the
- &man.natd.8; machine's external <acronym>IP</acronym>
- address, while <systemitem class="ipaddress">128.1.1.2</systemitem> and
- <systemitem class="ipaddress">128.1.1.3</systemitem> are forwarded back
- to <acronym>LAN</acronym> clients <systemitem>A</systemitem> and
- <systemitem>B</systemitem>.</para>
+ if <acronym>IP</acronym> addresses <systemitem
+ class="ipaddress">128.1.1.1</systemitem>, <systemitem
+ class="ipaddress">128.1.1.2</systemitem>, and <systemitem
+ class="ipaddress">128.1.1.3</systemitem> are available,
+ <systemitem class="ipaddress">128.1.1.1</systemitem> can be
+ used as the &man.natd.8; machine's external
+ <acronym>IP</acronym> address, while <systemitem
+ class="ipaddress">128.1.1.2</systemitem> and <systemitem
+ class="ipaddress">128.1.1.3</systemitem> are forwarded back
+ to <acronym>LAN</acronym> clients <systemitem>A</systemitem>
+ and <systemitem>B</systemitem>.</para>
<para>The <option>-redirect_address</option> syntax is as
follows:</para>
@@ -4901,25 +4981,29 @@ redirect_port tcp 192.168.0.3:80 80</pro
</sect1>
<sect1 xml:id="network-ipv6">
- <info><title><acronym>IPv6</acronym></title>
+ <info>
+ <title><acronym>IPv6</acronym></title>
+
<authorgroup>
- <author><personname><firstname>Aaron</firstname><surname>Kaplan</surname></personname><contrib>Originally Written by </contrib></author>
+ <author><personname><firstname>Aaron</firstname><surname>Kaplan</surname></personname><contrib>Originally
+ Written by </contrib></author>
</authorgroup>
<authorgroup>
- <author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Restructured and Added by </contrib></author>
+ <author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Restructured
+ and Added by </contrib></author>
</authorgroup>
<authorgroup>
- <author><personname><firstname>Brad</firstname><surname>Davis</surname></personname><contrib>Extended by </contrib></author>
+ <author><personname><firstname>Brad</firstname><surname>Davis</surname></personname><contrib>Extended
+ by </contrib></author>
</authorgroup>
</info>
-
-
<para><acronym>IPv6</acronym>, also known as
<acronym>IPng</acronym> <quote><acronym>IP</acronym> next
generation</quote>, is the new version of the well known
<acronym>IP</acronym> protocol, also known as
- <acronym>IPv4</acronym>. &os; includes the <link xlink:href="http://www.kame.net/">KAME</link>
+ <acronym>IPv4</acronym>. &os; includes the <link
+ xlink:href="http://www.kame.net/">KAME</link>
<acronym>IPv6</acronym> reference implementation. &os; comes
with everything needed to use <acronym>IPv6</acronym>. This
section focuses on getting <acronym>IPv6</acronym> configured
@@ -4933,16 +5017,17 @@ redirect_port tcp 192.168.0.3:80 80</pro
<itemizedlist>
<listitem>
<para>Running out of addresses. For years the use of
- RFC1918 private address space
- (<systemitem class="ipaddress">10.0.0.0/8</systemitem>,
- <systemitem class="ipaddress">172.16.0.0/12</systemitem>, and
- <systemitem class="ipaddress">192.168.0.0/16</systemitem>) and NAT
+ RFC1918 private address space (<systemitem
+ class="ipaddress">10.0.0.0/8</systemitem>, <systemitem
+ class="ipaddress">172.16.0.0/12</systemitem>, and
+ <systemitem
+ class="ipaddress">192.168.0.0/16</systemitem>) and NAT
has slowed down the exhaustion. Even though, there are
very few remaining IPv4 addresses. The Internet
Assigned Numbers Authority (<acronym>IANA</acronym>) has
issued the last of the available major blocks to the
Regional Registries. Once each Regional Registry runs
- out, there will be no more available and switching to
+ out, there will be no more available and switching to
<acronym>IPv6</acronym> will be critical.</para>
</listitem>
@@ -4978,7 +5063,8 @@ redirect_port tcp 192.168.0.3:80 80</pro
<itemizedlist>
<listitem>
- <para>Address autoconfiguration (<link xlink:href="http://www.ietf.org/rfc/rfc2462.txt">RFC2462</link>).</para>
+ <para>Address autoconfiguration (<link
+ xlink:href="http://www.ietf.org/rfc/rfc2462.txt">RFC2462</link>).</para>
</listitem>
<listitem>
@@ -5014,7 +5100,8 @@ redirect_port tcp 192.168.0.3:80 80</pro
<itemizedlist>
<listitem>
- <para><link xlink:href="http://www.kame.net">KAME.net</link></para>
+ <para><link
+ xlink:href="http://www.kame.net">KAME.net</link></para>
</listitem>
</itemizedlist>
@@ -5040,8 +5127,9 @@ redirect_port tcp 192.168.0.3:80 80</pro
<note>
<para>The <acronym>IPv4</acronym> broadcast address, usually
- <systemitem class="ipaddress">xxx.xxx.xxx.255</systemitem>, is expressed
- by multicast addresses in <acronym>IPv6</acronym>.</para>
+ <systemitem class="ipaddress">xxx.xxx.xxx.255</systemitem>,
+ is expressed by multicast addresses in
+ <acronym>IPv6</acronym>.</para>
</note>
<table frame="none">
@@ -5062,7 +5150,8 @@ redirect_port tcp 192.168.0.3:80 80</pro
<entry><systemitem>::</systemitem></entry>
<entry>128 bits</entry>
<entry>unspecified</entry>
- <entry>Equivalent to <systemitem class="ipaddress">0.0.0.0</systemitem> in
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-doc-head
mailing list