diff options
author | Gabor Kovesdan <gabor@FreeBSD.org> | 2013-11-07 15:39:28 +0000 |
---|---|---|
committer | Gabor Kovesdan <gabor@FreeBSD.org> | 2013-11-07 15:39:28 +0000 |
commit | 24d129e8d1984a0b46a543bc523b63d216813bb0 (patch) | |
tree | 7dd0501c857c6f2139f4a71191c93bf19136412a /zh_TW.Big5/books/handbook/advanced-networking/chapter.xml | |
parent | 35f1d6c78be90eb13320d655cd68f94333a0ab26 (diff) | |
download | doc-24d129e8d1984a0b46a543bc523b63d216813bb0.tar.gz doc-24d129e8d1984a0b46a543bc523b63d216813bb0.zip |
- Definitively upgrade to DocBook 5.0
Notes
Notes:
svn path=/projects/db5/; revision=43125
Diffstat (limited to 'zh_TW.Big5/books/handbook/advanced-networking/chapter.xml')
-rw-r--r-- | zh_TW.Big5/books/handbook/advanced-networking/chapter.xml | 804 |
1 files changed, 346 insertions, 458 deletions
diff --git a/zh_TW.Big5/books/handbook/advanced-networking/chapter.xml b/zh_TW.Big5/books/handbook/advanced-networking/chapter.xml index 8b16140908..682b809094 100644 --- a/zh_TW.Big5/books/handbook/advanced-networking/chapter.xml +++ b/zh_TW.Big5/books/handbook/advanced-networking/chapter.xml @@ -5,11 +5,10 @@ $FreeBSD$ Original revision: 1.402 --> - -<chapter id="advanced-networking"> +<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="advanced-networking"> <title>網路進階練功房</title> - <sect1 id="advanced-networking-synopsis"> + <sect1 xml:id="advanced-networking-synopsis"> <title>概述</title> <para>本章將介紹一些進階的網路設定主題。</para> @@ -67,8 +66,7 @@ </listitem> <listitem> - <para>知道如何設定、安裝新的 FreeBSD kernel (<xref - linkend="kernelconfig"/>)。</para> + <para>知道如何設定、安裝新的 FreeBSD kernel (<xref linkend="kernelconfig"/>)。</para> </listitem> <listitem> @@ -79,17 +77,13 @@ </itemizedlist> </sect1> - <sect1 id="network-routing"> - <sect1info> + <sect1 xml:id="network-routing"> + <info><title>Gateways and Routes</title> <authorgroup> - <author> - <firstname>Coranth</firstname> - <surname>Gryphon</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Coranth</firstname><surname>Gryphon</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect1info> - <title>Gateways and Routes</title> + </info> + <indexterm><primary>routing</primary></indexterm> <indexterm><primary>gateway</primary></indexterm> @@ -125,19 +119,19 @@ test0 0:e0:b5:36:cf:4f UHLW 5 63288 ed0 77 10.20.30.255 link#1 UHLW 1 2421 example.com link#1 UC 0 0 host1 0:e0:a8:37:8:1e UHLW 3 4601 lo0 -host2 0:e0:a8:37:8:1e UHLW 0 5 lo0 => +host2 0:e0:a8:37:8:1e UHLW 0 5 lo0 => host2.example.com link#1 UC 0 0 224 link#1 UC 0 0</screen> <indexterm><primary>default route</primary></indexterm> <para>The first two lines specify the default route (which we will cover in the <link linkend="network-routing-default">next - section</link>) and the <hostid>localhost</hostid> route.</para> + section</link>) and the <systemitem>localhost</systemitem> route.</para> <indexterm><primary>loopback device</primary></indexterm> <para>The interface (<literal>Netif</literal> column) that this routing table specifies to use for - <literal>localhost</literal> is <devicename>lo0</devicename>, + <literal>localhost</literal> is <filename>lo0</filename>, also known as the loopback device. This says to keep all traffic for this destination internal, rather than sending it out over the LAN, since it will only end up back where it @@ -148,12 +142,12 @@ host2.example.com link#1 UC 0 0 <secondary>MAC address</secondary> </indexterm> <para>The next thing that stands out are the addresses beginning - with <hostid role="mac">0:e0:</hostid>. These are Ethernet + with <systemitem class="etheraddress">0:e0:</systemitem>. These are Ethernet hardware addresses, which are also known as MAC addresses. FreeBSD will automatically identify any hosts - (<hostid>test0</hostid> in the example) on the local Ethernet + (<systemitem>test0</systemitem> in the example) on the local Ethernet and add a route for that host, directly to it over the - Ethernet interface, <devicename>ed0</devicename>. There is + Ethernet interface, <filename>ed0</filename>. There is also a timeout (<literal>Expire</literal> column) associated with this type of route, which is used if we fail to hear from the host in a specific amount of time. When this happens, the @@ -163,10 +157,8 @@ host2.example.com link#1 UC 0 0 based upon a shortest path determination.</para> <indexterm><primary>subnet</primary></indexterm> - <para>FreeBSD will also add subnet routes for the local subnet (<hostid - role="ipaddr">10.20.30.255</hostid> is the broadcast address for the - subnet <hostid role="ipaddr">10.20.30</hostid>, and <hostid - role="domainname">example.com</hostid> is the domain name associated + <para>FreeBSD will also add subnet routes for the local subnet (<systemitem class="ipaddress">10.20.30.255</systemitem> is the broadcast address for the + subnet <systemitem class="ipaddress">10.20.30</systemitem>, and <systemitem class="fqdomainname">example.com</systemitem> is the domain name associated with that subnet). The designation <literal>link#1</literal> refers to the first Ethernet card in the machine. You will notice no additional interface is specified for those.</para> @@ -179,21 +171,21 @@ host2.example.com link#1 UC 0 0 <para>The <literal>host1</literal> line refers to our host, which it knows by Ethernet address. Since we are the sending host, FreeBSD - knows to use the loopback interface (<devicename>lo0</devicename>) + knows to use the loopback interface (<filename>lo0</filename>) rather than sending it out over the Ethernet interface.</para> <para>The two <literal>host2</literal> lines are an example of what happens when we use an &man.ifconfig.8; alias (see the section on Ethernet for reasons why we would do this). The <literal>=></literal> symbol after the - <devicename>lo0</devicename> interface says that not only are + <filename>lo0</filename> interface says that not only are we using the loopback (since this address also refers to the local host), but specifically it is an alias. Such routes only show up on the host that supports the alias; all other hosts on the local network will simply have a <literal>link#1</literal> line for such routes.</para> - <para>The final line (destination subnet <hostid role="ipaddr">224</hostid>) deals + <para>The final line (destination subnet <systemitem class="ipaddress">224</systemitem>) deals with multicasting, which will be covered in another section.</para> <para>Finally, various attributes of each route can be seen in @@ -252,7 +244,7 @@ host2.example.com link#1 UC 0 0 </informaltable> </sect2> - <sect2 id="network-routing-default"> + <sect2 xml:id="network-routing-default"> <title>Default Routes</title> <indexterm><primary>default route</primary></indexterm> @@ -290,9 +282,9 @@ host2.example.com link#1 UC 0 0 </textobject> </mediaobject> - <para>The hosts <hostid>Local1</hostid> and - <hostid>Local2</hostid> are at your site. - <hostid>Local1</hostid> is connected to an ISP via a dial up + <para>The hosts <systemitem>Local1</systemitem> and + <systemitem>Local2</systemitem> are at your site. + <systemitem>Local1</systemitem> is connected to an ISP via a dial up PPP connection. This PPP server computer is connected through a local area network to another gateway computer through an external interface to the ISPs Internet feed.</para> @@ -326,22 +318,21 @@ host2.example.com link#1 UC 0 0 </informaltable> <para>A common question is <quote>Why (or how) would we set - the <hostid>T1-GW</hostid> to be the default gateway for - <hostid>Local1</hostid>, rather than the ISP server it is + the <systemitem>T1-GW</systemitem> to be the default gateway for + <systemitem>Local1</systemitem>, rather than the ISP server it is connected to?</quote>.</para> <para>Remember, since the PPP interface is using an address on the ISP's local network for your side of the connection, routes for any other machines on the ISP's local network will be automatically generated. - Hence, you will already know how to reach the <hostid>T1-GW</hostid> + Hence, you will already know how to reach the <systemitem>T1-GW</systemitem> machine, so there is no need for the intermediate step of sending traffic to the ISP server.</para> - <para>It is common to use the address <hostid - role="ipaddr">X.X.X.1</hostid> as the gateway address for your local + <para>It is common to use the address <systemitem class="ipaddress">X.X.X.1</systemitem> as the gateway address for your local network. So (using the same example), if your local class-C address - space was <hostid role="ipaddr">10.20.30</hostid> and your ISP was - using <hostid role="ipaddr">10.9.9</hostid> then the default routes + space was <systemitem class="ipaddress">10.20.30</systemitem> and your ISP was + using <systemitem class="ipaddress">10.9.9</systemitem> then the default routes would be:</para> <informaltable frame="none" pgwide="1"> @@ -367,7 +358,7 @@ host2.example.com link#1 UC 0 0 <para>You can easily define the default route via the <filename>/etc/rc.conf</filename> file. In our example, on the - <hostid>Local2</hostid> machine, we added the following line + <systemitem>Local2</systemitem> machine, we added the following line in <filename>/etc/rc.conf</filename>:</para> <programlisting>defaultrouter="10.20.30.1"</programlisting> @@ -412,7 +403,7 @@ host2.example.com link#1 UC 0 0 to do this.</para> </sect2> - <sect2 id="network-dedicated-router"> + <sect2 xml:id="network-dedicated-router"> <title>Building a Router</title> <indexterm><primary>router</primary></indexterm> @@ -437,7 +428,7 @@ host2.example.com link#1 UC 0 0 daemon &man.routed.8;, which speaks RIP (both version 1 and version 2) and IRDP. Support for BGP v4, OSPF v2, and other sophisticated routing protocols is available with the - <filename role="package">net/zebra</filename> package. + <package>net/zebra</package> package. Commercial products such as <application>&gated;</application> are also available for more complex network routing solutions.</para> @@ -447,17 +438,13 @@ host2.example.com link#1 UC 0 0 </sect2> <sect2> - <sect2info> + <info><title>Setting Up Static Routes</title> <authorgroup> - <author> - <firstname>Al</firstname> - <surname>Hoang</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Al</firstname><surname>Hoang</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect2info> + </info> <!-- Feb 2004 --> - <title>Setting Up Static Routes</title> + <sect3> <title>Manual Configuration</title> @@ -497,19 +484,17 @@ host2.example.com link#1 UC 0 0 </textobject> </mediaobject> - <para>In this scenario, <hostid>RouterA</hostid> is our &os; + <para>In this scenario, <systemitem>RouterA</systemitem> is our &os; machine that is acting as a router to the rest of the - Internet. It has a default route set to <hostid - role="ipaddr">10.0.0.1</hostid> which allows it to connect + Internet. It has a default route set to <systemitem class="ipaddress">10.0.0.1</systemitem> which allows it to connect with the outside world. We will assume that - <hostid>RouterB</hostid> is already configured properly and + <systemitem>RouterB</systemitem> is already configured properly and knows how to get wherever it needs to go. (This is simple in this picture. Just add a default route on - <hostid>RouterB</hostid> using <hostid - role="ipaddr">192.168.1.1</hostid> as the gateway.)</para> + <systemitem>RouterB</systemitem> using <systemitem class="ipaddress">192.168.1.1</systemitem> as the gateway.)</para> <para>If we look at the routing table for - <hostid>RouterA</hostid> we would see something like the + <systemitem>RouterA</systemitem> we would see something like the following:</para> <screen>&prompt.user; <userinput>netstat -nr</userinput> @@ -522,19 +507,17 @@ default 10.0.0.1 UGS 0 49378 xl0 10.0.0/24 link#1 UC 0 0 xl0 192.168.1/24 link#2 UC 0 0 xl1</screen> - <para>With the current routing table <hostid>RouterA</hostid> + <para>With the current routing table <systemitem>RouterA</systemitem> will not be able to reach our Internal Net 2. It does not - have a route for <hostid - role="ipaddr">192.168.2.0/24</hostid>. One way to alleviate + have a route for <systemitem class="ipaddress">192.168.2.0/24</systemitem>. One way to alleviate this is to manually add the route. The following command would add the Internal Net 2 network to - <hostid>RouterA</hostid>'s routing table using <hostid - role="ipaddr">192.168.1.2</hostid> as the next hop:</para> + <systemitem>RouterA</systemitem>'s routing table using <systemitem class="ipaddress">192.168.1.2</systemitem> as the next hop:</para> <screen>&prompt.root; <userinput>route add -net 192.168.2.0/24 192.168.1.2</userinput></screen> - <para>Now <hostid>RouterA</hostid> can reach any hosts on the - <hostid role="ipaddr">192.168.2.0/24</hostid> + <para>Now <systemitem>RouterA</systemitem> can reach any hosts on the + <systemitem class="ipaddress">192.168.2.0/24</systemitem> network.</para> </sect3> @@ -558,7 +541,7 @@ route_internalnet2="-net 192.168.2.0/24 192.168.1.2"</programlisting> only have one string in <literal>static_routes</literal>. This string is <replaceable>internalnet2</replaceable>. We then add a configuration variable called - <literal>route_<replaceable>internalnet2</replaceable></literal> + <literal>route_internalnet2</literal> where we put all of the configuration parameters we would give to the &man.route.8; command. For our example above we would have used the command:</para> @@ -570,9 +553,7 @@ route_internalnet2="-net 192.168.2.0/24 192.168.1.2"</programlisting> <para>As said above, we can have more than one string in <literal>static_routes</literal>. This allows us to create multiple static routes. The following lines shows - an example of adding static routes for the <hostid - role="ipaddr">192.168.0.0/24</hostid> and <hostid - role="ipaddr">192.168.1.0/24</hostid> networks on an imaginary + an example of adding static routes for the <systemitem class="ipaddress">192.168.0.0/24</systemitem> and <systemitem class="ipaddress">192.168.1.0/24</systemitem> networks on an imaginary router:</para> <programlisting>static_routes="net1 net2" @@ -658,25 +639,17 @@ route_net2="-net 192.168.1.0/24 192.168.1.1"</programlisting> </sect2> </sect1> - <sect1 id="network-wireless"> - <sect1info> + <sect1 xml:id="network-wireless"> + <info><title>Wireless Networking</title> <authorgroup> - <author> - <othername>Loader</othername> - </author> - - <author> - <firstname>Marc</firstname> - <surname>Fonvieille</surname> - </author> - - <author> - <firstname>Murray</firstname> - <surname>Stokely</surname> - </author> + <author><personname><othername>Loader</othername></personname></author> + + <author><personname><firstname>Marc</firstname><surname>Fonvieille</surname></personname></author> + + <author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname></author> </authorgroup> - </sect1info> - <title>Wireless Networking</title> + </info> + <indexterm><primary>wireless networking</primary></indexterm> <indexterm> @@ -769,7 +742,7 @@ route_net2="-net 192.168.1.0/24 192.168.1.1"</programlisting> set of wireless devices.</para> </sect2> - <sect2 id="network-wireless-basic"> + <sect2 xml:id="network-wireless-basic"> <title>Basic Setup</title> <sect3> @@ -812,8 +785,7 @@ route_net2="-net 192.168.1.0/24 192.168.1.1"</programlisting> of the &man.wlan.4; manual page. If a native &os; driver for your wireless device does not exist, it may be possible to directly use the &windows; driver with the - help of the <link - linkend="config-network-ndis">NDIS</link> driver + help of the <link linkend="config-network-ndis">NDIS</link> driver wrapper.</para> </note> @@ -897,7 +869,7 @@ ath0: mac 7.9 phy 4.5 radio 5.6</screen> probes for available access points. Only the super-user can initiate such a scan:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> up scan</userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 up scan</userinput> SSID BSSID CHAN RATE S:N INT CAPS dlinkap 00:13:46:49:41:76 6 54M 29:0 100 EPS WPA WME freebsdap 00:11:95:c3:0d:ac 1 54M 22:0 100 EPS WPA</screen> @@ -976,7 +948,7 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:0 100 EPS WPA</screen> <para>One can also display the current list of known networks with:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> list scan</userinput></screen> + <screen>&prompt.root; <userinput>ifconfig ath0 list scan</userinput></screen> <para>This information may be updated automatically by the adapter or manually with a <option>scan</option> request. @@ -991,8 +963,7 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:0 100 EPS WPA</screen> <para>This section provides a simple example of how to make the wireless network adapter work in &os; without encryption. After you are familiar with these concepts, - we strongly recommend using <link - linkend="network-wireless-wpa">WPA</link> to set up your + we strongly recommend using <link linkend="network-wireless-wpa">WPA</link> to set up your wireless network.</para> <para>There are three basic steps to configure a wireless @@ -1063,8 +1034,7 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:0 100 EPS WPA</screen> involve backend services such as RADIUS. Most users will use open authentication which is the default setting. Next most common setup is WPA-PSK, also known - as WPA Personal, which is described <link - linkend="network-wireless-wpa-wpa-psk">below</link>.</para> + as WPA Personal, which is described <link linkend="network-wireless-wpa-wpa-psk">below</link>.</para> <note> <para>If you have an &apple; &airport; Extreme base @@ -1084,8 +1054,7 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:0 100 EPS WPA</screen> crack the key. If WEP must be used (e.g., for compatibility with legacy devices) it is better to use WEP with <literal>open</literal> authentication. More - information regarding WEP can be found in the <xref - linkend="network-wireless-wep"/>.</para> + information regarding WEP can be found in the <xref linkend="network-wireless-wep"/>.</para> </note> </sect5> @@ -1109,9 +1078,9 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:0 100 EPS WPA</screen> <para>Once the interface is running, use <command>ifconfig</command> to see the status of the - interface <devicename>ath0</devicename>:</para> + interface <filename>ath0</filename>:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::211:95ff:fed5:4362%ath0 prefixlen 64 scopeid 0x1 inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255 @@ -1145,13 +1114,12 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 </sect5> </sect4> - <sect4 id="network-wireless-wpa"> + <sect4 xml:id="network-wireless-wpa"> <title>WPA</title> <para>WPA (Wi-Fi Protected Access) is a security protocol used together with 802.11 networks to address the lack of - proper authentication and the weakness of <link - linkend="network-wireless-wep">WEP</link>. WPA leverages + proper authentication and the weakness of <link linkend="network-wireless-wep">WEP</link>. WPA leverages the 802.1X authentication protocol and uses one of several ciphers instead of WEP for data integrity. The only cipher required by WPA is TKIP (Temporary Key Integrity @@ -1185,7 +1153,7 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 More information regarding this file can be found in the &man.wpa.supplicant.conf.5; manual page.</para> - <sect5 id="network-wireless-wpa-wpa-psk"> + <sect5 xml:id="network-wireless-wpa-wpa-psk"> <title>WPA-PSK</title> <para>WPA-PSK also known as WPA-Personal is based on a @@ -1220,7 +1188,7 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <para>Then, we can bring up the interface:</para> - <screen>&prompt.root; <userinput><filename>/etc/rc.d/netif</filename> start</userinput> + <screen>&prompt.root; <userinput>/etc/rc.d/netif start</userinput> Starting wpa_supplicant. DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 5 DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 6 @@ -1239,11 +1207,10 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 protmode CTS roaming MANUAL bintval 100</screen> <para>Or you can try to configure it manually using the - same <filename>/etc/wpa_supplicant.conf</filename> <link - linkend="network-wireless-wpa-wpa-psk">above</link>, and + same <filename>/etc/wpa_supplicant.conf</filename> <link linkend="network-wireless-wpa-wpa-psk">above</link>, and run:</para> - <screen>&prompt.root; <userinput>wpa_supplicant -i <replaceable>ath0</replaceable> -c /etc/wpa_supplicant.conf</userinput> + <screen>&prompt.root; <userinput>wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf</userinput> Trying to associate with 00:11:95:c3:0d:ac (SSID='freebsdap' freq=2412 MHz) Associated with 00:11:95:c3:0d:ac WPA: Key negotiation completed with 00:11:95:c3:0d:ac [PTK=TKIP GTK=TKIP]</screen> @@ -1252,11 +1219,11 @@ WPA: Key negotiation completed with 00:11:95:c3:0d:ac [PTK=TKIP GTK=TKIP]</scree <command>dhclient</command> command to get the IP address from the DHCP server:</para> - <screen>&prompt.root; <userinput>dhclient <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>dhclient ath0</userinput> DHCPREQUEST on ath0 to 255.255.255.255 port 67 DHCPACK from 192.168.0.1 bound to 192.168.0.254 -- renewal in 300 seconds. -&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> +&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::211:95ff:fed5:4362%ath0 prefixlen 64 scopeid 0x1 inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255 @@ -1282,8 +1249,8 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <command>wpa_supplicant</command> has authenticated the station:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> inet <replaceable>192.168.0.100</replaceable> netmask <replaceable>255.255.255.0</replaceable></userinput> -&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 inet 192.168.0.100 netmask 255.255.255.0</userinput> +&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::211:95ff:fed5:4362%ath0 prefixlen 64 scopeid 0x1 inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255 @@ -1297,11 +1264,11 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <para>When DHCP is not used, you also have to manually set up the default gateway and the nameserver:</para> - <screen>&prompt.root; <userinput>route add default <replaceable>your_default_router</replaceable></userinput> -&prompt.root; <userinput>echo "nameserver <replaceable>your_DNS_server</replaceable>" >> /etc/resolv.conf</userinput></screen> + <screen>&prompt.root; <userinput>route add default your_default_router</userinput> +&prompt.root; <userinput>echo "nameserver your_DNS_server" >> /etc/resolv.conf</userinput></screen> </sect5> - <sect5 id="network-wireless-wpa-eap-tls"> + <sect5 xml:id="network-wireless-wpa-eap-tls"> <title>WPA with EAP-TLS</title> <para>The second way to use WPA is with an 802.1X backend @@ -1320,8 +1287,7 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <para>EAP-TLS (EAP with Transport Layer Security) is a very well-supported authentication protocol in the wireless world since it was the first EAP method to be - certified by the <ulink - url="http://www.wi-fi.org/">Wi-Fi alliance</ulink>. + certified by the <link xlink:href="http://www.wi-fi.org/">Wi-Fi alliance</link>. EAP-TLS will require three certificates to run: the CA certificate (installed on all machines), the server certificate for your authentication server, and one @@ -1336,15 +1302,15 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <filename>/etc/wpa_supplicant.conf</filename>:</para> <programlisting>network={ - ssid="freebsdap" <co id="co-tls-ssid"/> - proto=RSN <co id="co-tls-proto"/> - key_mgmt=WPA-EAP <co id="co-tls-kmgmt"/> - eap=TLS <co id="co-tls-eap"/> - identity="loader" <co id="co-tls-id"/> - ca_cert="/etc/certs/cacert.pem" <co id="co-tls-cacert"/> - client_cert="/etc/certs/clientcert.pem" <co id="co-tls-clientcert"/> - private_key="/etc/certs/clientkey.pem" <co id="co-tls-pkey"/> - private_key_passwd="freebsdmallclient" <co id="co-tls-pwd"/> + ssid="freebsdap" <co xml:id="co-tls-ssid"/> + proto=RSN <co xml:id="co-tls-proto"/> + key_mgmt=WPA-EAP <co xml:id="co-tls-kmgmt"/> + eap=TLS <co xml:id="co-tls-eap"/> + identity="loader" <co xml:id="co-tls-id"/> + ca_cert="/etc/certs/cacert.pem" <co xml:id="co-tls-cacert"/> + client_cert="/etc/certs/clientcert.pem" <co xml:id="co-tls-clientcert"/> + private_key="/etc/certs/clientkey.pem" <co xml:id="co-tls-pkey"/> + private_key_passwd="freebsdmallclient" <co xml:id="co-tls-pwd"/> }</programlisting> <calloutlist> @@ -1430,7 +1396,7 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <command>ifconfig</command> commands.</para> </sect5> - <sect5 id="network-wireless-wpa-eap-ttls"> + <sect5 xml:id="network-wireless-wpa-eap-ttls"> <title>WPA with EAP-TTLS</title> <para>With EAP-TLS both the authentication server and the @@ -1451,11 +1417,11 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ssid="freebsdap" proto=RSN key_mgmt=WPA-EAP - eap=TTLS <co id="co-ttls-eap"/> - identity="test" <co id="co-ttls-id"/> - password="test" <co id="co-ttls-passwd"/> - ca_cert="/etc/certs/cacert.pem" <co id="co-ttls-cacert"/> - phase2="auth=MD5" <co id="co-ttls-pha2"/> + eap=TTLS <co xml:id="co-ttls-eap"/> + identity="test" <co xml:id="co-ttls-id"/> + password="test" <co xml:id="co-ttls-passwd"/> + ca_cert="/etc/certs/cacert.pem" <co xml:id="co-ttls-cacert"/> + phase2="auth=MD5" <co xml:id="co-ttls-pha2"/> }</programlisting> <calloutlist> @@ -1515,7 +1481,7 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 txpowmax 36 protmode CTS roaming MANUAL bintval 100</screen> </sect5> - <sect5 id="network-wireless-wpa-eap-peap"> + <sect5 xml:id="network-wireless-wpa-eap-peap"> <title>WPA with EAP-PEAP</title> <para>PEAP (Protected EAP) has been designed as an @@ -1546,12 +1512,12 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ssid="freebsdap" proto=RSN key_mgmt=WPA-EAP - eap=PEAP <co id="co-peap-eap"/> - identity="test" <co id="co-peap-id"/> - password="test" <co id="co-peap-passwd"/> - ca_cert="/etc/certs/cacert.pem" <co id="co-peap-cacert"/> - phase1="peaplabel=0" <co id="co-peap-pha1"/> - phase2="auth=MSCHAPV2" <co id="co-peap-pha2"/> + eap=PEAP <co xml:id="co-peap-eap"/> + identity="test" <co xml:id="co-peap-id"/> + password="test" <co xml:id="co-peap-passwd"/> + ca_cert="/etc/certs/cacert.pem" <co xml:id="co-peap-cacert"/> + phase1="peaplabel=0" <co xml:id="co-peap-pha1"/> + phase2="auth=MSCHAPV2" <co xml:id="co-peap-pha2"/> }</programlisting> <calloutlist> @@ -1623,7 +1589,7 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 </sect5> </sect4> - <sect4 id="network-wireless-wep"> + <sect4 xml:id="network-wireless-wep"> <title>WEP</title> <para>WEP (Wired Equivalent Privacy) is part of the original @@ -1634,7 +1600,7 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <para>WEP can be set up with <command>ifconfig</command>:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> inet <replaceable>192.168.1.100</replaceable> netmask <replaceable>255.255.255.0</replaceable> ssid my_net \ + <screen>&prompt.root; <userinput>ifconfig ath0 inet 192.168.1.100 netmask 255.255.255.0 ssid my_net \ wepmode on weptxkey 3 wepkey 3:0x3456789012</userinput></screen> <itemizedlist> @@ -1679,7 +1645,7 @@ ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 <para>Then:</para> - <screen>&prompt.root; <userinput>wpa_supplicant -i <replaceable>ath0</replaceable> -c /etc/wpa_supplicant.conf</userinput> + <screen>&prompt.root; <userinput>wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf</userinput> Trying to associate with 00:13:46:49:41:76 (SSID='dlinkap' freq=2437 MHz) Associated with 00:13:46:49:41:76</screen> </sect4> @@ -1691,14 +1657,14 @@ Associated with 00:13:46:49:41:76</screen> <para>IBSS mode, also called ad-hoc mode, is designed for point to point connections. For example, to establish an ad-hoc - network between the machine <hostid>A</hostid> and the machine - <hostid>B</hostid> we will just need to choose two IP adresses + network between the machine <systemitem>A</systemitem> and the machine + <systemitem>B</systemitem> we will just need to choose two IP adresses and a SSID.</para> - <para>On the box <hostid>A</hostid>:</para> + <para>On the box <systemitem>A</systemitem>:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> inet <replaceable>192.168.0.1</replaceable> netmask <replaceable>255.255.255.0</replaceable> ssid <replaceable>freebsdap</replaceable> mediaopt adhoc</userinput> -&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 inet 192.168.0.1 netmask 255.255.255.0 ssid freebsdap mediaopt adhoc</userinput> +&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::211:95ff:fec3:dac%ath0 prefixlen 64 scopeid 0x4 @@ -1711,20 +1677,20 @@ Associated with 00:13:46:49:41:76</screen> <para>The <literal>adhoc</literal> parameter indicates the interface is running in the IBSS mode.</para> - <para>On <hostid>B</hostid>, we should be able to detect - <hostid>A</hostid>:</para> + <para>On <systemitem>B</systemitem>, we should be able to detect + <systemitem>A</systemitem>:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> up scan</userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 up scan</userinput> SSID BSSID CHAN RATE S:N INT CAPS freebsdap 02:11:95:c3:0d:ac 2 54M 19:0 100 IS</screen> <para>The <literal>I</literal> in the output confirms the - machine <hostid>A</hostid> is in ad-hoc mode. We just have to - configure <hostid>B</hostid> with a different IP + machine <systemitem>A</systemitem> is in ad-hoc mode. We just have to + configure <systemitem>B</systemitem> with a different IP address:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> inet <replaceable>192.168.0.2</replaceable> netmask <replaceable>255.255.255.0</replaceable> ssid <replaceable>freebsdap</replaceable> mediaopt adhoc</userinput> -&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 inet 192.168.0.2 netmask 255.255.255.0 ssid freebsdap mediaopt adhoc</userinput> +&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::211:95ff:fed5:4362%ath0 prefixlen 64 scopeid 0x1 inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255 @@ -1734,11 +1700,11 @@ Associated with 00:13:46:49:41:76</screen> ssid freebsdap channel 2 bssid 02:11:95:c3:0d:ac authmode OPEN privacy OFF txpowmax 36 protmode CTS bintval 100</screen> - <para>Both <hostid>A</hostid> and <hostid>B</hostid> are now + <para>Both <systemitem>A</systemitem> and <systemitem>B</systemitem> are now ready to exchange informations.</para> </sect2> - <sect2 id="network-wireless-ap"> + <sect2 xml:id="network-wireless-ap"> <title>&os; Host Access Points</title> <para>&os; can act as an Access Point (AP) which eliminates the @@ -1746,15 +1712,14 @@ Associated with 00:13:46:49:41:76</screen> particularly useful when your &os; machine is acting as a gateway to another network (e.g., the Internet).</para> - <sect3 id="network-wireless-ap-basic"> + <sect3 xml:id="network-wireless-ap-basic"> <title>Basic Settings</title> <para>Before configuring your &os; machine as an AP, the kernel must be configured with the appropriate wireless networking support for your wireless card. You also have to add the support for the security protocols you intend to - use. For more details, see <xref - linkend="network-wireless-basic"/>.</para> + use. For more details, see <xref linkend="network-wireless-basic"/>.</para> <note> <para>The use of the NDIS driver wrapper and the &windows; @@ -1766,7 +1731,7 @@ Associated with 00:13:46:49:41:76</screen> check if your wireless device supports the host-based access point mode (also know as hostap mode):</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> list caps</userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 list caps</userinput> ath0=783ed0f<WEP,TKIP,AES,AES_CCM,IBSS,HOSTAP,AHDEMO,TXPMGT,SHSLOT,SHPREAMBLE,MONITOR,TKIPMIC,WPA1,WPA2,BURST,WME></screen> <para>This output displays the card capabilities; the @@ -1779,12 +1744,12 @@ ath0=783ed0f<WEP,TKIP,AES,AES_CCM,IBSS,HOSTAP,AHDEMO,TXPMGT,SHSLOT,SHPREAMBLE <para>The wireless device can now be put into hostap mode and configured with the correct SSID and IP address:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> ssid <replaceable>freebsdap</replaceable> mode 11g mediaopt hostap</userinput> inet <replaceable>192.168.0.1</replaceable> netmask <replaceable>255.255.255.0</replaceable></screen> + <screen>&prompt.root; <userinput>ifconfig ath0 ssid freebsdap mode 11g mediaopt hostap</userinput> inet <replaceable>192.168.0.1</replaceable> netmask <replaceable>255.255.255.0</replaceable></screen> <para>Use again <command>ifconfig</command> to see the status - of the <devicename>ath0</devicename> interface:</para> + of the <filename>ath0</filename> interface:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::211:95ff:fec3:dac%ath0 prefixlen 64 scopeid 0x4 @@ -1818,15 +1783,15 @@ ath0=783ed0f<WEP,TKIP,AES,AES_CCM,IBSS,HOSTAP,AHDEMO,TXPMGT,SHSLOT,SHPREAMBLE possible from another wireless machine to initiate a scan to find the AP:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> up scan</userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 up scan</userinput> SSID BSSID CHAN RATE S:N INT CAPS freebsdap 00:11:95:c3:0d:ac 1 54M 22:1 100 ES</screen> <para>The client machine found the Access Point and can be associated with it:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> ssid <replaceable>freebsdap</replaceable> inet <replaceable>192.168.0.2</replaceable> netmask <replaceable>255.255.255.0</replaceable></userinput> -&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 ssid freebsdap inet 192.168.0.2 netmask 255.255.255.0</userinput> +&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::211:95ff:fed5:4362%ath0 prefixlen 64 scopeid 0x1 inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255 @@ -1859,8 +1824,7 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:1 100 ES</screen> <para>Before trying to configure <application>hostapd</application>, be sure you have done - the basic settings introduced in the <xref - linkend="network-wireless-ap-basic"/>.</para> + the basic settings introduced in the <xref linkend="network-wireless-ap-basic"/>.</para> <sect4> <title>WPA-PSK</title> @@ -1872,15 +1836,15 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:1 100 ES</screen> <para>The configuration is done in the <filename>/etc/hostapd.conf</filename> file:</para> - <programlisting>interface=ath0 <co id="co-ap-wpapsk-iface"/> -debug=1 <co id="co-ap-wpapsk-dbug"/> -ctrl_interface=/var/run/hostapd <co id="co-ap-wpapsk-ciface"/> -ctrl_interface_group=wheel <co id="co-ap-wpapsk-cifacegrp"/> -ssid=freebsdap <co id="co-ap-wpapsk-ssid"/> -wpa=1 <co id="co-ap-wpapsk-wpa"/> -wpa_passphrase=freebsdmall <co id="co-ap-wpapsk-pass"/> -wpa_key_mgmt=WPA-PSK <co id="co-ap-wpapsk-kmgmt"/> -wpa_pairwise=CCMP TKIP <co id="co-ap-wpapsk-pwise"/></programlisting> + <programlisting>interface=ath0 <co xml:id="co-ap-wpapsk-iface"/> +debug=1 <co xml:id="co-ap-wpapsk-dbug"/> +ctrl_interface=/var/run/hostapd <co xml:id="co-ap-wpapsk-ciface"/> +ctrl_interface_group=wheel <co xml:id="co-ap-wpapsk-cifacegrp"/> +ssid=freebsdap <co xml:id="co-ap-wpapsk-ssid"/> +wpa=1 <co xml:id="co-ap-wpapsk-wpa"/> +wpa_passphrase=freebsdmall <co xml:id="co-ap-wpapsk-pass"/> +wpa_key_mgmt=WPA-PSK <co xml:id="co-ap-wpapsk-kmgmt"/> +wpa_pairwise=CCMP TKIP <co xml:id="co-ap-wpapsk-pwise"/></programlisting> <calloutlist> <callout arearefs="co-ap-wpapsk-iface"> @@ -1907,7 +1871,7 @@ wpa_pairwise=CCMP TKIP <co id="co-ap-wpapsk-pwise"/></programlisting> <callout arearefs="co-ap-wpapsk-cifacegrp"> <para>The <literal>ctrl_interface_group</literal> line sets the group (here, it is the - <groupname>wheel</groupname> group) allowed to access + <systemitem class="groupname">wheel</systemitem> group) allowed to access to the control interface files.</para> </callout> @@ -1956,7 +1920,7 @@ wpa_pairwise=CCMP TKIP <co id="co-ap-wpapsk-pwise"/></programlisting> <screen>&prompt.root; <userinput>/etc/rc.d/hostapd forcestart</userinput></screen> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2290 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::211:95ff:fec3:dac%ath0 prefixlen 64 scopeid 0x4 @@ -1967,10 +1931,9 @@ wpa_pairwise=CCMP TKIP <co id="co-ap-wpapsk-pwise"/></programlisting> authmode WPA2/802.11i privacy MIXED deftxkey 2 TKIP 2:128-bit txpowmax 36 protmode CTS dtimperiod 1 bintval 100</screen> <para>The Access Point is running, the clients can now be - associated with it, see <xref - linkend="network-wireless-wpa"/> for more details. It is + associated with it, see <xref linkend="network-wireless-wpa"/> for more details. It is possible to see the stations associated with the AP using - the <command>ifconfig <replaceable>ath0</replaceable> list + the <command>ifconfig ath0 list sta</command> command.</para> </sect4> </sect3> @@ -1988,8 +1951,8 @@ wpa_pairwise=CCMP TKIP <co id="co-ap-wpapsk-pwise"/></programlisting> <para>The wireless device can now be put into hostap mode and configured with the correct SSID and IP address:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> ssid <replaceable>freebsdap</replaceable> wepmode on weptxkey 3 wepkey 3:0x3456789012 mode 11g mediaopt hostap \ - inet <replaceable>192.168.0.1</replaceable> netmask <replaceable>255.255.255.0</replaceable></userinput></screen> + <screen>&prompt.root; <userinput>ifconfig ath0 ssid freebsdap wepmode on weptxkey 3 wepkey 3:0x3456789012 mode 11g mediaopt hostap \ + inet 192.168.0.1 netmask 255.255.255.0</userinput></screen> <itemizedlist> <listitem> @@ -2011,9 +1974,9 @@ wpa_pairwise=CCMP TKIP <co id="co-ap-wpapsk-pwise"/></programlisting> </itemizedlist> <para>Use again <command>ifconfig</command> to see the status - of the <devicename>ath0</devicename> interface:</para> + of the <filename>ath0</filename> interface:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput> + <screen>&prompt.root; <userinput>ifconfig ath0</userinput> ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::211:95ff:fec3:dac%ath0 prefixlen 64 scopeid 0x4 @@ -2026,7 +1989,7 @@ wpa_pairwise=CCMP TKIP <co id="co-ap-wpapsk-pwise"/></programlisting> <para>From another wireless machine, it is possible to initiate a scan to find the AP:</para> - <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> up scan</userinput> + <screen>&prompt.root; <userinput>ifconfig ath0 up scan</userinput> SSID BSSID CHAN RATE S:N INT CAPS freebsdap 00:11:95:c3:0d:ac 1 54M 22:1 100 EPS</screen> @@ -2081,7 +2044,7 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:1 100 EPS</screen> <filename>/usr/src/tools/tools/net80211</filename>. For example:</para> - <screen>&prompt.root; <userinput>wlandebug -i <replaceable>ath0</replaceable> +scan+auth+debug+assoc</userinput> + <screen>&prompt.root; <userinput>wlandebug -i ath0 +scan+auth+debug+assoc</userinput> net.wlan.0.debug: 0 => 0xc80000<assoc,auth,scan></screen> <para>can be used to enable console messages related to @@ -2105,20 +2068,15 @@ freebsdap 00:11:95:c3:0d:ac 1 54M 22:1 100 EPS</screen> </sect2> </sect1> - <sect1 id="network-bluetooth"> - <sect1info> + <sect1 xml:id="network-bluetooth"> + <info><title>Bluetooth</title> <authorgroup> - <author> - <firstname>Pav</firstname> - <surname>Lucistnik</surname> - <contrib>Written by </contrib> - <affiliation> + <author><personname><firstname>Pav</firstname><surname>Lucistnik</surname></personname><contrib>Written by </contrib><affiliation> <address><email>pav@FreeBSD.org</email></address> - </affiliation> - </author> + </affiliation></author> </authorgroup> - </sect1info> - <title>Bluetooth</title> + </info> + <indexterm><primary>Bluetooth</primary></indexterm> <sect2> @@ -2606,7 +2564,7 @@ Bluetooth Profile Descriptor List: <para>The OBEX server and client are implemented as a third-party package <application>obexapp</application>, which is available as - <filename role="package">comms/obexapp</filename> port.</para> + <package>comms/obexapp</package> port.</para> <para>OBEX client is used to push and/or pull objects from the OBEX server. An object can, for example, be a business card or an appointment. @@ -2683,7 +2641,7 @@ rfcomm_sppd[94692]: Starting on /dev/ttyp6...</screen> <title>Something is going wrong, can I see what exactly is happening?</title> <para>Yes, you can. Use the third-party package <application>hcidump</application>, which is available as - <filename role="package">comms/hcidump</filename> port. + <package>comms/hcidump</package> port. The <application>hcidump</application> utility is similar to &man.tcpdump.1;. It can be used to display the content of the Bluetooth packets on the terminal and to dump the Bluetooth packets to a @@ -2694,17 +2652,13 @@ rfcomm_sppd[94692]: Starting on /dev/ttyp6...</screen> </sect1> - <sect1 id="network-bridging"> - <sect1info> + <sect1 xml:id="network-bridging"> + <info><title>Bridging</title> <authorgroup> - <author> - <firstname>Andrew</firstname> - <surname>Thompson</surname> - <contrib>Written by </contrib> - </author> + <author><personname><firstname>Andrew</firstname><surname>Thompson</surname></personname><contrib>Written by </contrib></author> </authorgroup> - </sect1info> - <title>Bridging</title> + </info> + <sect2> <title>Introduction</title> @@ -2855,8 +2809,8 @@ bridge0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 &prompt.root; <userinput>ifconfig fxp1 up</userinput></screen> <para>The bridge is now forwarding Ethernet frames between - <devicename>fxp0</devicename> and - <devicename>fxp1</devicename>. The equivalent configuration + <filename>fxp0</filename> and + <filename>fxp1</filename>. The equivalent configuration in <filename>/etc/rc.conf</filename> so the bridge is created at startup is:</para> @@ -2941,8 +2895,8 @@ ifconfig_fxp1="up"</programlisting> <para>Spanning Tree can be enabled on member interfaces using the <literal>stp</literal> command. For a bridge with - <devicename>fxp0</devicename> and - <devicename>fxp1</devicename> as the current interfaces, + <filename>fxp0</filename> and + <filename>fxp1</filename> as the current interfaces, enable STP with the following:</para> <screen>&prompt.root; <userinput>ifconfig bridge0 stp fxp0 stp fxp1</userinput> @@ -2984,7 +2938,7 @@ bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1 <literal>00:01:02:4b:d4:50</literal> as above and has a path cost of <literal>400000</literal> from this bridge, the path to the root bridge is via <literal>port 4</literal> which is - <devicename>fxp0</devicename>.</para> + <filename>fxp0</filename>.</para> </sect2> <sect2> @@ -3020,7 +2974,7 @@ bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1 connected to one of the span ports of the bridge.</para> <para>To send a copy of all frames out the interface named - <devicename>fxp4</devicename>:</para> + <filename>fxp4</filename>:</para> <screen>&prompt.root; <userinput>ifconfig bridge0 span fxp4</userinput></screen> </sect3> @@ -3051,19 +3005,16 @@ bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1 <para>Another example of using sticky addresses would be to combine the bridge with VLANs to create a router where customer networks are isolated without wasting IP address - space. Consider that <hostid - role="hostname">CustomerA</hostid> is on - <literal>vlan100</literal> and <hostid - role="hostname">CustomerB</hostid> is on + space. Consider that <systemitem class="fqdomainname">CustomerA</systemitem> is on + <literal>vlan100</literal> and <systemitem class="fqdomainname">CustomerB</systemitem> is on <literal>vlan101</literal>. The bridge has the address - <hostid role="ipaddr">192.168.0.1</hostid> and is also an + <systemitem class="ipaddress">192.168.0.1</systemitem> and is also an internet router.</para> <screen>&prompt.root; <userinput>ifconfig bridge0 addm vlan100 sticky vlan100 addm vlan101 sticky vlan101</userinput> &prompt.root; <userinput>ifconfig bridge0 inet 192.168.0.1/24</userinput></screen> - <para>Both clients see <hostid - role="ipaddr">192.168.0.1</hostid> as their default gateway + <para>Both clients see <systemitem class="ipaddress">192.168.0.1</systemitem> as their default gateway and since the bridge cache is sticky they can not spoof the MAC address of the other customer to intercept their traffic.</para> @@ -3074,7 +3025,7 @@ bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1 <screen>&prompt.root; <userinput>ifconfig bridge0 private vlan100 private vlan101</userinput></screen> <para>The customers are completely isolated from each other, - the full <hostid role="netmask">/24</hostid> address range + the full <systemitem class="netmask">/24</systemitem> address range can be allocated without subnetting.</para> </sect3> @@ -3097,10 +3048,8 @@ bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1 &man.snmp.bridge.3; for more information.</para> <para>The following examples use the - <application>Net-SNMP</application> software (<filename - role="package">net-mgmt/net-snmp</filename>) to query a - bridge, the <filename - role="package">net-mgmt/bsnmptools</filename> port can also + <application>Net-SNMP</application> software (<package>net-mgmt/net-snmp</package>) to query a + bridge, the <package>net-mgmt/bsnmptools</package> port can also be used. From the SNMP client host add to <filename>$HOME/.snmp/snmp.conf</filename> the following lines to import the bridge MIB definitions in to @@ -3165,17 +3114,13 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefaultBridgeIf.0 s bridge2</screen> </sect2> </sect1> - <sect1 id="network-aggregation"> - <sect1info> + <sect1 xml:id="network-aggregation"> + <info><title>Link Aggregation and Failover</title> <authorgroup> - <author> - <firstname>Andrew</firstname> - <surname>Thompson</surname> - <contrib>Written by </contrib> - </author> + <author><personname><firstname>Andrew</firstname><surname>Thompson</surname></personname><contrib>Written by </contrib></author> </authorgroup> - </sect1info> - <title>Link Aggregation and Failover</title> + </info> + <indexterm><primary>lagg</primary></indexterm> <indexterm><primary>failover</primary></indexterm> @@ -3265,7 +3210,7 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeDefaultBridgeIf.0 s bridge2</screen> <sect2> <title>Examples</title> - <example id="networking-lacp-aggregation-cisco"> + <example xml:id="networking-lacp-aggregation-cisco"> <title>LACP aggregation with a Cisco switch</title> <para>This example connects two interfaces on a &os; machine to the @@ -3326,7 +3271,7 @@ Fa0/1 SA 32768 0005.5d71.8db8 29s 0x146 0x3 0x3D Fa0/2 SA 32768 0005.5d71.8db8 29s 0x146 0x4 0x3D</screen> </example> - <example id="networking-lagg-failover"> + <example xml:id="networking-lagg-failover"> <title>Failover mode</title> <para>Failover mode can be used to switch over to another interface if @@ -3345,32 +3290,24 @@ Fa0/2 SA 32768 0005.5d71.8db8 29s 0x146 0x4 0x3D</screen laggport: fxp0 flags=5<MASTER,ACTIVE></screen> <para>Traffic will be transmitted and received on - <devicename>fxp0</devicename>. If the link is lost on - <devicename>fxp0</devicename> then <devicename>fxp1</devicename> will + <filename>fxp0</filename>. If the link is lost on + <filename>fxp0</filename> then <filename>fxp1</filename> will become the active link. If the link is restored on the master interface then it will once again become the active link.</para> </example> </sect2> </sect1> - <sect1 id="network-diskless"> - <sect1info> + <sect1 xml:id="network-diskless"> + <info><title>Diskless Operation</title> <authorgroup> - <author> - <firstname>Jean-François</firstname> - <surname>Dockès</surname> - <contrib>Updated by </contrib> - </author> + <author><personname><firstname>Jean-François</firstname><surname>Dockès</surname></personname><contrib>Updated by </contrib></author> </authorgroup> <authorgroup> - <author> - <firstname>Alex</firstname> - <surname>Dupre</surname> - <contrib>Reorganized and enhanced by </contrib> - </author> + <author><personname><firstname>Alex</firstname><surname>Dupre</surname></personname><contrib>Reorganized and enhanced by </contrib></author> </authorgroup> - </sect1info> - <title>Diskless Operation</title> + </info> + <indexterm><primary>diskless workstation</primary></indexterm> <indexterm><primary>diskless operation</primary></indexterm> @@ -3393,8 +3330,7 @@ Fa0/2 SA 32768 0005.5d71.8db8 29s 0x146 0x4 0x3D</screen </listitem> <listitem> <para>The <application>Etherboot</application> - port (<filename - role="package">net/etherboot</filename>) produces + port (<package>net/etherboot</package>) produces ROM-able code to boot kernels over the network. The code can be either burnt into a boot PROM on a network card, or loaded from a local floppy (or hard) disk @@ -3573,15 +3509,15 @@ Fa0/2 SA 32768 0005.5d71.8db8 29s 0x146 0x4 0x3D</screen <para><application>ISC DHCP 3.0</application> is not part of the base system. You will first need to install the - <filename role="package">net/isc-dhcp3-server</filename> port or the + <package>net/isc-dhcp3-server</package> port or the corresponding package.</para> <para>Once <application>ISC DHCP</application> is installed, it needs a configuration file to run (normally named <filename>/usr/local/etc/dhcpd.conf</filename>). Here follows - a commented example, where host <hostid>margaux</hostid> + a commented example, where host <systemitem>margaux</systemitem> uses <application>Etherboot</application> and host - <hostid>corbieres</hostid> uses <acronym>PXE</acronym>:</para> + <systemitem>corbieres</systemitem> uses <acronym>PXE</acronym>:</para> <programlisting> default-lease-time 600; @@ -3593,16 +3529,16 @@ option domain-name-servers 192.168.4.1; option routers 192.168.4.1; subnet 192.168.4.0 netmask 255.255.255.0 { - use-host-decl-names on; <co id="co-dhcp-host-name"/> + use-host-decl-names on; <co xml:id="co-dhcp-host-name"/> option subnet-mask 255.255.255.0; option broadcast-address 192.168.4.255; host margaux { hardware ethernet 01:23:45:67:89:ab; fixed-address margaux.example.com; - next-server 192.168.4.4; <co id="co-dhcp-next-server"/> - filename "/data/misc/kernel.diskless"; <co id="co-dhcp-filename"/> - option root-path "192.168.4.4:/data/misc/diskless"; <co id="co-dhcp-root-path"/> + next-server 192.168.4.4; <co xml:id="co-dhcp-next-server"/> + filename "/data/misc/kernel.diskless"; <co xml:id="co-dhcp-filename"/> + option root-path "192.168.4.4:/data/misc/diskless"; <co xml:id="co-dhcp-root-path"/> } host corbieres { hardware ethernet 00:02:b3:27:62:df; @@ -3620,7 +3556,7 @@ subnet 192.168.4.0 netmask 255.255.255.0 { <literal>host</literal> declarations as the hostname for the diskless host. An alternate way would be to add an <literal>option host-name - <replaceable>margaux</replaceable></literal> inside the + margaux</literal> inside the <literal>host</literal> declarations.</para> </callout> @@ -3647,7 +3583,7 @@ subnet 192.168.4.0 netmask 255.255.255.0 { <filename>pxeboot</filename>, not the kernel. There are other interesting possibilities, like loading <filename>pxeboot</filename> from a &os; CD-ROM - <filename class="directory">/boot</filename> directory (as + <filename>/boot</filename> directory (as &man.pxeboot.8; can load a <filename>GENERIC</filename> kernel, this makes it possible to use <acronym>PXE</acronym> to boot from a remote CD-ROM).</para> @@ -3704,17 +3640,16 @@ margaux:ha=0123456789ab:tc=.def100 <primary>Etherboot</primary> </indexterm> - <para><ulink url="http://etherboot.sourceforge.net">Etherboot's Web - site</ulink> contains - <ulink url="http://etherboot.sourceforge.net/doc/html/userman/t1.html"> - extensive documentation</ulink> mainly intended for Linux + <para><link xlink:href="http://etherboot.sourceforge.net">Etherboot's Web + site</link> contains + <link xlink:href="http://etherboot.sourceforge.net/doc/html/userman/t1.html"> + extensive documentation</link> mainly intended for Linux systems, but nonetheless containing useful information. The following will just outline how you would use <application>Etherboot</application> on a FreeBSD system.</para> - <para>You must first install the <filename - role="package">net/etherboot</filename> package or port.</para> + <para>You must first install the <package>net/etherboot</package> package or port.</para> <para>You can change the <application>Etherboot</application> configuration (i.e. to use <acronym>TFTP</acronym> instead of @@ -3733,7 +3668,7 @@ margaux:ha=0123456789ab:tc=.def100 type:</para> <screen> -&prompt.root; <userinput>gmake bin32/<replaceable>devicetype</replaceable>.fd0</userinput> +&prompt.root; <userinput>gmake bin32/devicetype.fd0</userinput> </screen> <para><replaceable>devicetype</replaceable> depends on the type of @@ -3945,7 +3880,7 @@ cd /usr/src/etc; make distribution</programlisting> swap file. To create a swap file of appropriate size, you can do like this:</para> - <screen>&prompt.root; <userinput>dd if=/dev/zero of=<replaceable>/path/to/swapfile</replaceable> bs=1k count=1 oseek=<replaceable>100000</replaceable></userinput></screen> + <screen>&prompt.root; <userinput>dd if=/dev/zero of=/path/to/swapfile bs=1k count=1 oseek=100000</userinput></screen> <para>To enable it you have to add the following line to your <filename>rc.conf</filename>:</para> @@ -3992,7 +3927,7 @@ cd /usr/src/etc; make distribution</programlisting> </sect2> </sect1> - <sect1 id="network-isdn"> + <sect1 xml:id="network-isdn"> <title>ISDN</title> <indexterm> @@ -4000,8 +3935,8 @@ cd /usr/src/etc; make distribution</programlisting> </indexterm> <para>A good resource for information on ISDN technology and hardware is - <ulink url="http://www.alumni.caltech.edu/~dank/isdn/">Dan Kegel's ISDN - Page</ulink>.</para> + <link xlink:href="http://www.alumni.caltech.edu/~dank/isdn/">Dan Kegel's ISDN + Page</link>.</para> <para>A quick simple road map to ISDN follows:</para> @@ -4030,17 +3965,13 @@ cd /usr/src/etc; make distribution</programlisting> choose. The following options are listed from least expensive to most expensive.</para> - <sect2 id="network-isdn-cards"> - <sect2info> + <sect2 xml:id="network-isdn-cards"> + <info><title>ISDN Cards</title> <authorgroup> - <author> - <firstname>Hellmuth</firstname> - <surname>Michaelis</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Hellmuth</firstname><surname>Michaelis</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect2info> - <title>ISDN Cards</title> + </info> + <indexterm> <primary>ISDN</primary> @@ -4079,12 +4010,10 @@ cd /usr/src/etc; make distribution</programlisting> <para>For documentation on <application>isdn4bsd</application>, have a look at <filename>/usr/share/examples/isdn/</filename> - directory on your FreeBSD system or at the <ulink - url="http://www.freebsd-support.de/i4b/">homepage of - isdn4bsd</ulink> which also has pointers to hints, erratas and - much more documentation such as the <ulink - url="http://people.FreeBSD.org/~hm/">isdn4bsd - handbook</ulink>.</para> + directory on your FreeBSD system or at the <link xlink:href="http://www.freebsd-support.de/i4b/">homepage of + isdn4bsd</link> which also has pointers to hints, erratas and + much more documentation such as the <link xlink:href="http://people.FreeBSD.org/~hm/">isdn4bsd + handbook</link>.</para> <para>In case you are interested in adding support for a different ISDN protocol, a currently unsupported ISDN PC card or @@ -4123,9 +4052,7 @@ cd /usr/src/etc; make distribution</programlisting> already have PPP set up. However, at the same time any problems you experienced with the PPP program and are going to persist.</para> - <para>If you want maximum stability, use the kernel <link - linkend="ppp">PPP</link> option, not the <link - linkend="userppp">userland PPP</link>.</para> + <para>If you want maximum stability, use the kernel <link linkend="ppp">PPP</link> option, not the <link linkend="userppp">userland PPP</link>.</para> <para>The following TA's are known to work with FreeBSD:</para> @@ -4146,9 +4073,8 @@ cd /usr/src/etc; make distribution</programlisting> <para>The real problem with external TA's is that, like modems, you need a good serial card in your computer.</para> - <para>You should read the <ulink - url="&url.articles.serial-uart;/index.html">FreeBSD Serial - Hardware</ulink> tutorial for a detailed understanding of + <para>You should read the <link xlink:href="&url.articles.serial-uart;/index.html">FreeBSD Serial + Hardware</link> tutorial for a detailed understanding of serial devices, and the differences between asynchronous and synchronous serial ports.</para> @@ -4169,8 +4095,7 @@ cd /usr/src/etc; make distribution</programlisting> <para>The choice of synchronous card/TA v.s. stand-alone router is largely a religious issue. There has been some discussion of this in - the mailing lists. We suggest you search the <ulink - url="&url.base;/search/index.html">archives</ulink> for + the mailing lists. We suggest you search the <link xlink:href="&url.base;/search/index.html">archives</link> for the complete discussion.</para> </sect2> @@ -4307,19 +4232,15 @@ ISDN BRI line</literallayout> </sect2> </sect1> - <sect1 id="network-natd"> - <sect1info> + <sect1 xml:id="network-natd"> + <info><title>Network Address Translation</title> <authorgroup> - <author> - <firstname>Chern</firstname> - <surname>Lee</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Chern</firstname><surname>Lee</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect1info> - <title>Network Address Translation</title> + </info> + - <sect2 id="network-natoverview"> + <sect2 xml:id="network-natoverview"> <title>Overview</title> <indexterm> <primary><application>natd</application></primary> @@ -4337,7 +4258,7 @@ ISDN BRI line</literallayout> Internet Connection Sharing.</para> </sect2> - <sect2 id="network-natsetup"> + <sect2 xml:id="network-natsetup"> <title>Setup</title> <para>Due to the diminishing IP space in IPv4, and the increased number of users on high-speed consumer lines such as cable or DSL, people are @@ -4389,7 +4310,7 @@ ISDN BRI line</literallayout> machine.</para> </sect2> - <sect2 id="network-natdkernconfiguration"> + <sect2 xml:id="network-natdkernconfiguration"> <title>Configuration</title> <indexterm> @@ -4408,12 +4329,12 @@ options IPFIREWALL_VERBOSE</programlisting> <para>The following must be in <filename>/etc/rc.conf</filename>:</para> - <programlisting>gateway_enable="YES" <co id="co-natd-gateway-enable"/> -firewall_enable="YES" <co id="co-natd-firewall-enable"/> -firewall_type="OPEN" <co id="co-natd-firewall-type"/> + <programlisting>gateway_enable="YES" <co xml:id="co-natd-gateway-enable"/> +firewall_enable="YES" <co xml:id="co-natd-firewall-enable"/> +firewall_type="OPEN" <co xml:id="co-natd-firewall-type"/> natd_enable="YES" -natd_interface="<replaceable>fxp0</replaceable>" <co id="co-natd-natd-interface"/> -natd_flags="" <co id="co-natd-natd-flags"/></programlisting> +natd_interface="<replaceable>fxp0</replaceable>" <co xml:id="co-natd-natd-interface"/> +natd_flags="" <co xml:id="co-natd-natd-flags"/></programlisting> <calloutlist> <callout arearefs="co-natd-gateway-enable"> @@ -4473,25 +4394,20 @@ redirect_port tcp 192.168.0.3:80 80</programlisting> <para>Each machine and interface behind the LAN should be assigned IP address numbers in the private network space as - defined by <ulink - url="ftp://ftp.isi.edu/in-notes/rfc1918.txt">RFC 1918</ulink> + defined by <link xlink:href="ftp://ftp.isi.edu/in-notes/rfc1918.txt">RFC 1918</link> and have a default gateway of the <application>natd</application> machine's internal IP address.</para> - <para>For example, client <hostid>A</hostid> and - <hostid>B</hostid> behind the LAN have IP addresses of <hostid - role="ipaddr">192.168.0.2</hostid> and <hostid - role="ipaddr">192.168.0.3</hostid>, while the natd machine's - LAN interface has an IP address of <hostid - role="ipaddr">192.168.0.1</hostid>. Client <hostid>A</hostid> - and <hostid>B</hostid>'s default gateway must be set to that - of the <application>natd</application> machine, <hostid - role="ipaddr">192.168.0.1</hostid>. The <application>natd</application> machine's + <para>For example, client <systemitem>A</systemitem> and + <systemitem>B</systemitem> behind the LAN have IP addresses of <systemitem class="ipaddress">192.168.0.2</systemitem> and <systemitem class="ipaddress">192.168.0.3</systemitem>, while the natd machine's + LAN interface has an IP address of <systemitem class="ipaddress">192.168.0.1</systemitem>. Client <systemitem>A</systemitem> + and <systemitem>B</systemitem>'s default gateway must be set to that + of the <application>natd</application> machine, <systemitem class="ipaddress">192.168.0.1</systemitem>. The <application>natd</application> machine's external, or Internet interface does not require any special modification for &man.natd.8; to work.</para> </sect2> - <sect2 id="network-natdport-redirection"> + <sect2 xml:id="network-natdport-redirection"> <title>Port Redirection</title> <para>The drawback with &man.natd.8; is that the LAN clients are not accessible @@ -4502,8 +4418,8 @@ redirect_port tcp 192.168.0.3:80 80</programlisting> <application>natd</application> machine to a LAN client. </para> - <para>For example, an IRC server runs on client <hostid>A</hostid>, and a web server runs - on client <hostid>B</hostid>. For this to work properly, connections received on ports + <para>For example, an IRC server runs on client <systemitem>A</systemitem>, and a web server runs + on client <systemitem>B</systemitem>. For this to work properly, connections received on ports 6667 (IRC) and 80 (web) must be redirected to the respective machines. </para> @@ -4527,7 +4443,7 @@ redirect_port tcp 192.168.0.3:80 80</programlisting> ranges over individual ports. For example, <replaceable>tcp 192.168.0.2:2000-3000 2000-3000</replaceable> would redirect all connections received on ports 2000 to 3000 to ports 2000 - to 3000 on client <hostid>A</hostid>.</para> + to 3000 on client <systemitem>A</systemitem>.</para> <para>These options can be used when directly running &man.natd.8;, placed within the @@ -4538,7 +4454,7 @@ redirect_port tcp 192.168.0.3:80 80</programlisting> <para>For further configuration options, consult &man.natd.8;</para> </sect2> - <sect2 id="network-natdaddress-redirection"> + <sect2 xml:id="network-natdaddress-redirection"> <title>Address Redirection</title> <indexterm><primary>address redirection</primary></indexterm> <para>Address redirection is useful if several IP addresses are @@ -4548,14 +4464,14 @@ redirect_port tcp 192.168.0.3:80 80</programlisting> with the proper external IP address and redirects all traffic incoming on that particular IP address back to the specific LAN client. This is also known as static NAT. - For example, the IP addresses <hostid role="ipaddr">128.1.1.1</hostid>, - <hostid role="ipaddr">128.1.1.2</hostid>, and - <hostid role="ipaddr">128.1.1.3</hostid> belong to the <application>natd</application> gateway - machine. <hostid role="ipaddr">128.1.1.1</hostid> can be used + For example, the IP addresses <systemitem class="ipaddress">128.1.1.1</systemitem>, + <systemitem class="ipaddress">128.1.1.2</systemitem>, and + <systemitem class="ipaddress">128.1.1.3</systemitem> belong to the <application>natd</application> gateway + machine. <systemitem class="ipaddress">128.1.1.1</systemitem> can be used as the <application>natd</application> gateway machine's external IP address, while - <hostid role="ipaddr">128.1.1.2</hostid> and - <hostid role="ipaddr">128.1.1.3</hostid> are forwarded back to LAN - clients <hostid>A</hostid> and <hostid>B</hostid>.</para> + <systemitem class="ipaddress">128.1.1.2</systemitem> and + <systemitem class="ipaddress">128.1.1.3</systemitem> are forwarded back to LAN + clients <systemitem>A</systemitem> and <systemitem>B</systemitem>.</para> <para>The <option>-redirect_address</option> syntax is as follows:</para> @@ -4593,7 +4509,7 @@ redirect_port tcp 192.168.0.3:80 80</programlisting> </sect2> </sect1> - <sect1 id="network-plip"> + <sect1 xml:id="network-plip"> <title>Parallel Line IP (PLIP)</title> <indexterm><primary>PLIP</primary></indexterm> @@ -4616,7 +4532,7 @@ redirect_port tcp 192.168.0.3:80 80</programlisting> </listitem> </itemizedlist> - <sect2 id="network-create-parallel-cable"> + <sect2 xml:id="network-create-parallel-cable"> <title>Creating a Parallel Cable</title> <para>You can purchase a parallel cable at most computer supply @@ -4739,7 +4655,7 @@ BUSY</literallayout></entry> </table> </sect2> - <sect2 id="network-plip-setup"> + <sect2 xml:id="network-plip-setup"> <title>Setting Up PLIP</title> <para>First, you have to get a laplink cable. @@ -4771,17 +4687,17 @@ plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500</screen> both computers.</para> <para>Configure the network interface parameters on both - sites as <username>root</username>. For example, if you want to connect - the host <hostid>host1</hostid> with another machine <hostid>host2</hostid>:</para> + sites as <systemitem class="username">root</systemitem>. For example, if you want to connect + the host <systemitem>host1</systemitem> with another machine <systemitem>host2</systemitem>:</para> <programlisting> host1 <-----> host2 IP Address 10.0.0.1 10.0.0.2</programlisting> - <para>Configure the interface on <hostid>host1</hostid> by doing:</para> + <para>Configure the interface on <systemitem>host1</systemitem> by doing:</para> <screen>&prompt.root; <userinput>ifconfig plip0 10.0.0.1 10.0.0.2</userinput></screen> - <para>Configure the interface on <hostid>host2</hostid> by doing:</para> + <para>Configure the interface on <systemitem>host2</systemitem> by doing:</para> <screen>&prompt.root; <userinput>ifconfig plip0 10.0.0.2 10.0.0.1</userinput></screen> @@ -4797,7 +4713,7 @@ IP Address 10.0.0.1 10.0.0.2</programlisting> 10.0.0.2 host2.my.domain</programlisting> <para>To confirm the connection works, go to each host and ping - the other. For example, on <hostid>host1</hostid>:</para> + the other. For example, on <systemitem>host1</systemitem>:</para> <screen>&prompt.root; <userinput>ifconfig plip0</userinput> plip0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1500 @@ -4822,33 +4738,21 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> </sect2> </sect1> - <sect1 id="network-ipv6"> - <sect1info> + <sect1 xml:id="network-ipv6"> + <info><title>IPv6</title> <authorgroup> - <author> - <firstname>Aaron</firstname> - <surname>Kaplan</surname> - <contrib>Originally Written by </contrib> - </author> + <author><personname><firstname>Aaron</firstname><surname>Kaplan</surname></personname><contrib>Originally Written by </contrib></author> </authorgroup> <authorgroup> - <author> - <firstname>Tom</firstname> - <surname>Rhodes</surname> - <contrib>Restructured and Added by </contrib> - </author> + <author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Restructured and Added by </contrib></author> </authorgroup> <authorgroup> - <author> - <firstname>Brad</firstname> - <surname>Davis</surname> - <contrib>Extended by </contrib> - </author> + <author><personname><firstname>Brad</firstname><surname>Davis</surname></personname><contrib>Extended by </contrib></author> </authorgroup> - </sect1info> + </info> - <title>IPv6</title> + <para>IPv6 (also known as IPng <quote>IP next generation</quote>) is the new version of the well known IP protocol (also known as <acronym>IPv4</acronym>). Like the other current *BSD systems, @@ -4864,9 +4768,9 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <listitem> <para>Running out of addresses. Today this is not so much of a concern anymore since RFC1918 private address space - (<hostid role="ipaddr">10.0.0.0/8</hostid>, - <hostid role="ipaddr">172.16.0.0/12</hostid>, and - <hostid role="ipaddr">192.168.0.0/16</hostid>) + (<systemitem class="ipaddress">10.0.0.0/8</systemitem>, + <systemitem class="ipaddress">172.16.0.0/12</systemitem>, and + <systemitem class="ipaddress">192.168.0.0/16</systemitem>) and Network Address Translation (<acronym>NAT</acronym>) are being employed.</para> </listitem> @@ -4898,8 +4802,7 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <itemizedlist> <listitem> - <para>Address autoconfiguration (<ulink - url="http://www.ietf.org/rfc/rfc2462.txt">RFC2462</ulink>)</para> + <para>Address autoconfiguration (<link xlink:href="http://www.ietf.org/rfc/rfc2462.txt">RFC2462</link>)</para> </listitem> <listitem> @@ -4932,11 +4835,11 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <itemizedlist> <listitem> - <para>IPv6 overview at <ulink url="http://playground.sun.com/pub/ipng/html/ipng-main.html">playground.sun.com</ulink></para> + <para>IPv6 overview at <link xlink:href="http://playground.sun.com/pub/ipng/html/ipng-main.html">playground.sun.com</link></para> </listitem> <listitem> - <para><ulink url="http://www.kame.net">KAME.net</ulink></para> + <para><link xlink:href="http://www.kame.net">KAME.net</link></para> </listitem> </itemizedlist> @@ -4958,7 +4861,7 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> for a multicast address will arrive at all interfaces belonging to the multicast group.</para> - <note><para>The IPv4 broadcast address (usually <hostid role="ipaddr">xxx.xxx.xxx.255</hostid>) is expressed + <note><para>The IPv4 broadcast address (usually <systemitem class="ipaddress">xxx.xxx.xxx.255</systemitem>) is expressed by multicast addresses in IPv6.</para></note> <table frame="none"> @@ -4976,24 +4879,23 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <tbody> <row> - <entry><hostid role="ip6addr">::</hostid></entry> + <entry><systemitem>::</systemitem></entry> <entry>128 bits</entry> <entry>unspecified</entry> - <entry>cf. <hostid role="ipaddr">0.0.0.0</hostid> in + <entry>cf. <systemitem class="ipaddress">0.0.0.0</systemitem> in IPv4</entry> </row> <row> - <entry><hostid role="ip6addr">::1</hostid></entry> + <entry><systemitem>::1</systemitem></entry> <entry>128 bits</entry> <entry>loopback address</entry> - <entry>cf. <hostid role="ipaddr">127.0.0.1</hostid> in + <entry>cf. <systemitem class="ipaddress">127.0.0.1</systemitem> in IPv4</entry> </row> <row> - <entry><hostid - role="ip6addr">::00:xx:xx:xx:xx</hostid></entry> + <entry><systemitem>::00:xx:xx:xx:xx</systemitem></entry> <entry>96 bits</entry> <entry>embedded IPv4</entry> <entry>The lower 32 bits are the IPv4 address. Also @@ -5002,8 +4904,7 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> </row> <row> - <entry><hostid - role="ip6addr">::ff:xx:xx:xx:xx</hostid></entry> + <entry><systemitem>::ff:xx:xx:xx:xx</systemitem></entry> <entry>96 bits</entry> <entry>IPv4 mapped IPv6 address</entry> <entry>The lower 32 bits are the IPv4 address. @@ -5011,30 +4912,28 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> </row> <row> - <entry><hostid role="ip6addr">fe80::</hostid> - <hostid - role="ip6addr">feb::</hostid></entry> + <entry><systemitem>fe80::</systemitem> - <systemitem>feb::</systemitem></entry> <entry>10 bits</entry> <entry>link-local</entry> <entry>cf. loopback address in IPv4</entry> </row> <row> - <entry><hostid role="ip6addr">fec0::</hostid> - <hostid - role="ip6addr">fef::</hostid></entry> + <entry><systemitem>fec0::</systemitem> - <systemitem>fef::</systemitem></entry> <entry>10 bits</entry> <entry>site-local</entry> <entry> </entry> </row> <row> - <entry><hostid role="ip6addr">ff::</hostid></entry> + <entry><systemitem>ff::</systemitem></entry> <entry>8 bits</entry> <entry>multicast</entry> <entry> </entry> </row> <row> - <entry><hostid role="ip6addr">001</hostid> (base + <entry><systemitem>001</systemitem> (base 2)</entry> <entry>3 bits</entry> <entry>global unicast</entry> @@ -5049,25 +4948,25 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <sect2> <title>Reading IPv6 Addresses</title> - <para>The canonical form is represented as: <hostid role="ip6addr">x:x:x:x:x:x:x:x</hostid>, each + <para>The canonical form is represented as: <systemitem>x:x:x:x:x:x:x:x</systemitem>, each <quote>x</quote> being a 16 Bit hex value. For example - <hostid role="ip6addr">FEBC:A574:382B:23C1:AA49:4592:4EFE:9982</hostid></para> + <systemitem>FEBC:A574:382B:23C1:AA49:4592:4EFE:9982</systemitem></para> <para>Often an address will have long substrings of all zeros therefore one such substring per address can be abbreviated by <quote>::</quote>. Also up to three leading <quote>0</quote>s per hexquad can be omitted. - For example <hostid role="ip6addr">fe80::1</hostid> + For example <systemitem>fe80::1</systemitem> corresponds to the canonical form - <hostid role="ip6addr">fe80:0000:0000:0000:0000:0000:0000:0001</hostid>.</para> + <systemitem>fe80:0000:0000:0000:0000:0000:0000:0001</systemitem>.</para> <para>A third form is to write the last 32 Bit part in the well known (decimal) IPv4 style with dots <quote>.</quote> as separators. For example - <hostid role="ip6addr">2002::10.0.0.1</hostid> + <systemitem>2002::10.0.0.1</systemitem> corresponds to the (hexadecimal) canonical representation - <hostid role="ip6addr">2002:0000:0000:0000:0000:0000:0a00:0001</hostid> + <systemitem>2002:0000:0000:0000:0000:0000:0a00:0001</systemitem> which in turn is equivalent to - writing <hostid role="ip6addr">2002::a00:1</hostid>.</para> + writing <systemitem>2002::a00:1</systemitem>.</para> <para>By now the reader should be able to understand the following:</para> @@ -5080,13 +4979,12 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> media: Ethernet autoselect (100baseTX ) status: active</programlisting> - <para><hostid role="ip6addr">fe80::200:21ff:fe03:8e1%rl0</hostid> + <para><systemitem>fe80::200:21ff:fe03:8e1%rl0</systemitem> is an auto configured link-local address. It is generated from the MAC address as part of the auto configuration.</para> <para>For further information on the structure of IPv6 addresses - see <ulink - url="http://www.ietf.org/rfc/rfc3513.txt">RFC3513</ulink>.</para> + see <link xlink:href="http://www.ietf.org/rfc/rfc3513.txt">RFC3513</link>.</para> </sect2> <sect2> @@ -5101,12 +4999,11 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> </listitem> <listitem> - <para>Tunnel via 6-to-4 (<ulink - url="http://www.ietf.org/rfc/rfc3068.txt">RFC3068</ulink>)</para> + <para>Tunnel via 6-to-4 (<link xlink:href="http://www.ietf.org/rfc/rfc3068.txt">RFC3068</link>)</para> </listitem> <listitem> - <para>Use the <filename role="package">net/freenet6</filename> port if you are on a dial-up connection.</para> + <para>Use the <package>net/freenet6</package> port if you are on a dial-up connection.</para> </listitem> </itemizedlist> </sect2> @@ -5126,7 +5023,7 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <para>To your primary zone DNS file. In case you do not serve your own <acronym>DNS</acronym> zones ask your <acronym>DNS</acronym> provider. Current versions of <application>bind</application> (version 8.3 and 9) - and <filename role="package">dns/djbdns</filename> (with the IPv6 patch) + and <package>dns/djbdns</package> (with the IPv6 patch) support AAAA records.</para> </sect2> @@ -5142,14 +5039,14 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <programlisting>ipv6_enable="YES"</programlisting> - <para>To statically assign an IP address such as <hostid role="ip6addr"> - 2001:471:1f11:251:290:27ff:fee0:2093</hostid>, to your - <devicename>fxp0</devicename> interface, add:</para> + <para>To statically assign an IP address such as <systemitem> + 2001:471:1f11:251:290:27ff:fee0:2093</systemitem>, to your + <filename>fxp0</filename> interface, add:</para> <programlisting>ipv6_ifconfig_fxp0="2001:471:1f11:251:290:27ff:fee0:2093"</programlisting> <para>To assign a default router of - <hostid role="ip6addr">2001:471:1f11:251::1</hostid> + <systemitem>2001:471:1f11:251::1</systemitem> add the following to <filename>/etc/rc.conf</filename>:</para> <programlisting>ipv6_defaultrouter="2001:471:1f11:251::1"</programlisting> @@ -5165,7 +5062,7 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <filename>/etc/rc.conf</filename>:</para> <para>List the Generic Tunneling interfaces that will be configured, for - example <devicename>gif0</devicename>:</para> + example <filename>gif0</filename>:</para> <programlisting>gif_interfaces="gif0"</programlisting> @@ -5212,7 +5109,7 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <para>It is important that you specify the interface on which to do IPv6 router solicitation. For example to tell &man.rtadvd.8; to use - <devicename>fxp0</devicename>:</para> + <filename>fxp0</filename>:</para> <programlisting>rtadvd_interfaces="fxp0"</programlisting> @@ -5222,31 +5119,27 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <programlisting>fxp0:\ :addrs#1:addr="2001:471:1f11:246::":prefixlen#64:tc=ether:</programlisting> - <para>Replace <devicename>fxp0</devicename> with the interface you + <para>Replace <filename>fxp0</filename> with the interface you are going to be using.</para> - <para>Next, replace <hostid role="ip6addr">2001:471:1f11:246::</hostid> + <para>Next, replace <systemitem>2001:471:1f11:246::</systemitem> with the prefix of your allocation.</para> - <para>If you are dedicated a <hostid role="netmask">/64</hostid> subnet + <para>If you are dedicated a <systemitem class="netmask">/64</systemitem> subnet you will not need to change anything else. Otherwise, you will need to change the <literal>prefixlen#</literal> to the correct value.</para> </sect2> </sect1> - <sect1 id="network-atm"> - <sect1info> + <sect1 xml:id="network-atm"> + <info><title>Asynchronous Transfer Mode (ATM)</title> <authorgroup> - <author> - <firstname>Harti</firstname> - <surname>Brandt</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Harti</firstname><surname>Brandt</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect1info> + </info> - <title>Asynchronous Transfer Mode (ATM)</title> + <sect2> <title>Configuring classical IP over ATM (PVCs)</title> @@ -5268,8 +5161,7 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> of machines. The example supposes that we have four machines in the network, each connected to the <acronym role="Asynchronous Transfer Mode">ATM</acronym> network with an <acronym role="Asynchronous Transfer Mode">ATM</acronym> adapter card. The first step is the planning of - the IP addresses and the <acronym role="Asynchronous - Transfer Mode">ATM</acronym> connections between the + the IP addresses and the <acronym role="Asynchronous Transfer Mode">ATM</acronym> connections between the machines. We use the following:</para> <informaltable frame="none" pgwide="1"> @@ -5285,23 +5177,23 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <tbody> <row> - <entry><hostid>hostA</hostid></entry> - <entry><hostid role="ipaddr">192.168.173.1</hostid></entry> + <entry><systemitem>hostA</systemitem></entry> + <entry><systemitem class="ipaddress">192.168.173.1</systemitem></entry> </row> <row> - <entry><hostid>hostB</hostid></entry> - <entry><hostid role="ipaddr">192.168.173.2</hostid></entry> + <entry><systemitem>hostB</systemitem></entry> + <entry><systemitem class="ipaddress">192.168.173.2</systemitem></entry> </row> <row> - <entry><hostid>hostC</hostid></entry> - <entry><hostid role="ipaddr">192.168.173.3</hostid></entry> + <entry><systemitem>hostC</systemitem></entry> + <entry><systemitem class="ipaddress">192.168.173.3</systemitem></entry> </row> <row> - <entry><hostid>hostD</hostid></entry> - <entry><hostid role="ipaddr">192.168.173.4</hostid></entry> + <entry><systemitem>hostD</systemitem></entry> + <entry><systemitem class="ipaddress">192.168.173.4</systemitem></entry> </row> </tbody> </tgroup> @@ -5323,32 +5215,32 @@ round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen> <tbody> <row> - <entry><hostid>hostA</hostid> - <hostid>hostB</hostid></entry> + <entry><systemitem>hostA</systemitem> - <systemitem>hostB</systemitem></entry> <entry>0.100</entry> </row> <row> - <entry><hostid>hostA</hostid> - <hostid>hostC</hostid></entry> + <entry><systemitem>hostA</systemitem> - <systemitem>hostC</systemitem></entry> <entry>0.101</entry> </row> <row> - <entry><hostid>hostA</hostid> - <hostid>hostD</hostid></entry> + <entry><systemitem>hostA</systemitem> - <systemitem>hostD</systemitem></entry> <entry>0.102</entry> </row> <row> - <entry><hostid>hostB</hostid> - <hostid>hostC</hostid></entry> + <entry><systemitem>hostB</systemitem> - <systemitem>hostC</systemitem></entry> <entry>0.103</entry> </row> <row> - <entry><hostid>hostB</hostid> - <hostid>hostD</hostid></entry> + <entry><systemitem>hostB</systemitem> - <systemitem>hostD</systemitem></entry> <entry>0.104</entry> </row> <row> - <entry><hostid>hostC</hostid> - <hostid>hostD</hostid></entry> + <entry><systemitem>hostC</systemitem> - <systemitem>hostD</systemitem></entry> <entry>0.105</entry> </row> </tbody> @@ -5366,8 +5258,8 @@ hostC&prompt.root; <userinput>ifconfig hatm0 192.168.173.3 up</userinput> hostD&prompt.root; <userinput>ifconfig hatm0 192.168.173.4 up</userinput></screen> <para>assuming that the ATM interface is - <devicename>hatm0</devicename> on all hosts. Now the PVCs - need to be configured on <hostid>hostA</hostid> (we assume that + <filename>hatm0</filename> on all hosts. Now the PVCs + need to be configured on <systemitem>hostA</systemitem> (we assume that they are already configured on the ATM switches, you need to consult the manual for the switch on how to do this).</para> @@ -5399,7 +5291,7 @@ hostD&prompt.root; <userinput>atmconfig natm add 192.168.173.3 hatm0 0 105 llc/s <para>The same configuration can also be done via <filename>/etc/rc.conf</filename>. - For <hostid>hostA</hostid> this would look like:</para> + For <systemitem>hostA</systemitem> this would look like:</para> <programlisting>network_interfaces="lo0 hatm0" ifconfig_hatm0="inet 192.168.173.1 up" @@ -5416,17 +5308,13 @@ route_hostD="192.168.173.4 hatm0 0 102 llc/snap ubr"</programlisting> </sect2> </sect1> - <sect1 id="carp"> - <sect1info> + <sect1 xml:id="carp"> + <info><title>Common Access Redundancy Protocol (CARP)</title> <authorgroup> - <author> - <firstname>Tom</firstname> - <surname>Rhodes</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect1info> - <title>Common Access Redundancy Protocol (CARP)</title> + </info> + <indexterm><primary>CARP</primary></indexterm> <indexterm><primary>Common Access Redundancy Protocol</primary></indexterm> @@ -5475,11 +5363,11 @@ route_hostD="192.168.173.4 hatm0 0 102 llc/snap ubr"</programlisting> <para>The two machines should be configured identically other than their issued hostnames and <acronym>VHID</acronym>s. This example calls these machines - <hostid>hosta.example.org</hostid> and - <hostid>hostb.example.org</hostid> respectively. First, the + <systemitem>hosta.example.org</systemitem> and + <systemitem>hostb.example.org</systemitem> respectively. First, the required lines for a <acronym>CARP</acronym> configuration have to be added to <filename>rc.conf</filename>. For - <hostid>hosta.example.org</hostid>, the + <systemitem>hosta.example.org</systemitem>, the <filename>rc.conf</filename> file should contain the following lines:</para> @@ -5488,7 +5376,7 @@ ifconfig_fxp0="inet 192.168.1.3 netmask 255.255.255.0" cloned_interfaces="carp0" ifconfig_carp0="vhid 1 pass testpast 192.168.1.50/24"</programlisting> - <para>On <hostid>hostb.example.org</hostid> the following lines + <para>On <systemitem>hostb.example.org</systemitem> the following lines should be in <filename>rc.conf</filename>:</para> <programlisting>hostname="hostb.example.org" @@ -5499,16 +5387,16 @@ ifconfig_carp0="vhid 2 pass testpass 192.168.1.51/24"</programlisting> <note> <para>It is very important that the passwords, specified by the <option>pass</option> option to <command>ifconfig</command>, - are identical. The <devicename>carp</devicename> devices will + are identical. The <filename>carp</filename> devices will only listen to and accept advertisements from machines with the correct password. The <acronym>VHID</acronym> must also be different for each machine.</para> </note> <para>The third machine, - <hostid>provider.example.org</hostid>, should be prepared so that + <systemitem>provider.example.org</systemitem>, should be prepared so that it may handle failover from either host. This machine will require - two <devicename>carp</devicename> devices, one to handle each + two <filename>carp</filename> devices, one to handle each host. The appropriate <filename>rc.conf</filename> configuration lines will be similar to the following:</para> @@ -5518,24 +5406,24 @@ cloned_interfaces="carp0 carp1" ifconfig_carp0="vhid 1 advskew 100 pass testpass 192.168.1.50/24" ifconfig_carp1="vhid 2 advskew 100 pass testpass 192.168.1.51/24"</programlisting> - <para>Having the two <devicename>carp</devicename> devices will - allow <hostid>provider.example.org</hostid> to notice and pick + <para>Having the two <filename>carp</filename> devices will + allow <systemitem>provider.example.org</systemitem> to notice and pick up the <acronym>IP</acronym> address of either machine should it stop responding.</para> <note> <para>The default &os; kernel <emphasis>may</emphasis> have preemption enabled. If so, - <hostid>provider.example.org</hostid> may not relinquish the + <systemitem>provider.example.org</systemitem> may not relinquish the <acronym>IP</acronym> address back to the original content server. In this case, an administrator may <quote>nudge</quote> the interface. The following command should be issued on - <hostid>provider.example.org</hostid>:</para> + <systemitem>provider.example.org</systemitem>:</para> <screen>&prompt.root; <userinput>ifconfig carp0 down && ifconfig carp0 up</userinput></screen> - <para>This should be done on the <devicename>carp</devicename> + <para>This should be done on the <filename>carp</filename> interface which corresponds to the correct host.</para> </note> |