ndd ?

ndd ?

Post by lg042- » Thu, 29 Nov 2001 16:43:56



Hi,
I need to to fix some problems on a secured internet connection (FW,
proxy,LDAP...).
The users' response time comes bad from time to time.
After a short investigation, it appears that some networks components are
not working fine.
I did let the different devices autonegociate and it comes that the diffrent
DMZ are not working at the same speed. For example, the internal and
external FW are connected at 10mb FD while the FW/proxy segment is 100mb/HD.
I feel that it may cause some problems, especialy when someone is using ftp,
as the AV is buffering the file while analyzing. When the analyze is over, I
can view the whole thing coming in once to the browser.

Now, here is my question.
Which command should I use to visualize all the TCP/IP stack parameters and
the network card configuration. NDD seems to suit my needs, but I wasn't
able to find a good documentation about it.
Thanks in advance.

 
 
 

ndd ?

Post by Joerg Morbitze » Thu, 29 Nov 2001 19:49:01



> Hi,
> I need to to fix some problems on a secured internet connection (FW,
> proxy,LDAP...).
> The users' response time comes bad from time to time.
> After a short investigation, it appears that some networks components are
> not working fine.
> I did let the different devices autonegociate and it comes that the diffrent
> DMZ are not working at the same speed. For example, the internal and
> external FW are connected at 10mb FD while the FW/proxy segment is 100mb/HD.
> I feel that it may cause some problems, especialy when someone is using ftp,
> as the AV is buffering the file while analyzing. When the analyze is over, I
> can view the whole thing coming in once to the browser.

> Now, here is my question.
> Which command should I use to visualize all the TCP/IP stack parameters and
> the network card configuration. NDD seems to suit my needs, but I wasn't
> able to find a good documentation about it.
> Thanks in advance.

This is what I found a while ago. Regards, Joerg.

------------------------------------- cut --------------------------------

ndd -set /dev/hme instance 0 ( this selects hme device instance 0 = hme0,
instance 1 = hme1 )
ndd -get /dev/hme transceiver_inuse ( 0=internal rj45 100baseTx connector,
1=external mii transeiver)
ndd -get /dev/hme link_status ( 0=down, 1=up )
ndd -get /dev/hme link_speed ( 0=10Mb, 1=100Mb )
ndd -get /dev/hme link_mode ( 0=half duplex, 1=full duplex )

To check what we are setup for:

ndd -set /dev/hme instance 0
( 1= on, 0 = off :not advertised)
ndd -get /dev/hme adv_autoneg_cap
ndd -get /dev/hme adv_100fdx_cap
ndd -get /dev/hme adv_100hdx_cap
ndd -get /dev/hme adv_100T4_cap
ndd -get /dev/hme adv_10hdx_cap
ndd -get /dev/hme transceiver_inuse

To Check what the the link partner(Switch ot MII transceiver) capabilites:

ndd -set /dev/hme instance 0
( 0=link parnter not adv this feature, 1= link partner has this capability)
ndd /dev/hme lp_autoneg_cap
ndd /dev/hme lp_100fdx_cap
ndd /dev/hme lp_100hdx_cap
ndd /dev/hme lp_100T4_cap
ndd /dev/hme lp_10fdx_cap
ndd /dev/hme lp_10hdx_cap

To Force 10Mb half Duplex :

( Standard 10baseT using shared Hub or 10Base2 using Mii to Aui adaptor)

set hme:hme_adv_autoneg_cap=0
set hme:hme_adv_100fdx_cap=0
set hme:hme_adv_100hdx_cap=0
set hme:hme_adv_10hdx_cap=1

To force 100Mb Full duplex:

( using a 100Mb Ethernet Switch that is compliant with 803.3u Full-duplex
or to another Sun hme device)

set hme:hme_adv_autoneg_cap=0
set hme:hme_adv_100fdx_cap=1

To force 100Mb Half duplex:

( Common configuration using a 100BaseT Ethernet Switch in half-duplex or
100BaseT shared Hub.

set hme:hme_adv_autoneg_cap=0
set hme:hme_adv_100fdx_cap=0
set hme:hme_adv_100hdx_cap=1

To force 100Mb Half duplex 100BaseT4:

( Using 8-wire 100BaseT4 MII transceiver configuration)

set hme:hme_adv_autoneg_cap=0
set hme:hme_adv_100fdx_cap=0
set hme:hme_adv_100hdx_cap=0
set hme:hme_adv_100T4_cap=1

To force 10Mb Full duplex:

( Uncommon 10Mb Full-Duplex Ethernet Switch configuration)

set hme:hme_adv_autoneg_cap=0
set hme:hme_adv_100fdx_cap=0
set hme:hme_adv_100hdx_cap=0
set hme:hme_adv_10fdx_cap=1
set hme:hme_adv_10hdx_cap=0

 
 
 

ndd ?

Post by stuart abrams-humphri » Thu, 29 Nov 2001 20:31:39


ndd /dev/hme \? will give you the tcp parameters
you can then for the parameter you're interested in do
ndd /dev/hme link_status (for example)
similarly can do this for any other network interfaces and for /dev/tcp and /dev/ip
Hope thats enough to get you started!
Best Wishes
STuart

> Hi,
> I need to to fix some problems on a secured internet connection (FW,
> proxy,LDAP...).
> The users' response time comes bad from time to time.
> After a short investigation, it appears that some networks components are
> not working fine.
> I did let the different devices autonegociate and it comes that the diffrent
> DMZ are not working at the same speed. For example, the internal and
> external FW are connected at 10mb FD while the FW/proxy segment is 100mb/HD.
> I feel that it may cause some problems, especialy when someone is using ftp,
> as the AV is buffering the file while analyzing. When the analyze is over, I
> can view the whole thing coming in once to the browser.

> Now, here is my question.
> Which command should I use to visualize all the TCP/IP stack parameters and
> the network card configuration. NDD seems to suit my needs, but I wasn't
> able to find a good documentation about it.
> Thanks in advance.

 
 
 

ndd ?

Post by Chuck Sterlin » Fri, 30 Nov 2001 12:46:19



> Hi,
> I need to to fix some problems on a secured internet connection (FW,
> proxy,LDAP...).
> The users' response time comes bad from time to time.
> After a short investigation, it appears that some networks components are
> not working fine.
> I did let the different devices autonegociate and it comes that the diffrent
> DMZ are not working at the same speed. For example, the internal and
> external FW are connected at 10mb FD while the FW/proxy segment is 100mb/HD.
> I feel that it may cause some problems, especialy when someone is using ftp,
> as the AV is buffering the file while analyzing. When the analyze is over, I
> can view the whole thing coming in once to the browser.

> Now, here is my question.
> Which command should I use to visualize all the TCP/IP stack parameters and
> the network card configuration. NDD seems to suit my needs, but I wasn't
> able to find a good documentation about it.
> Thanks in advance.

I got a sample script from Sun a while back to get that stuff
straightened up, but it is at work and I do not have it handy. You can

part) and I'll dig it out for you, if you still need it tomorrow. You
can also put some parameters in /etc/system, I think, but I did not do
it that way.

Chuck

 
 
 

1. Did ndd tweeking, Netscape server still fails

I'm running Netscape Communications Server 1.1 on an Ultra 170 with 128
mb RAM (Solaris 2.5).  I'm running 7 different servers, each running on
a logical ethernet interface (le0:{1-7}.

The symptom is as follows:

Using a browser, connecting to one of the hosts results in "contacted
host, waiting for reply".  After about 30 seconds, it responds with the
speed I would expect.

Tailing the log file for that server, at the same time it finally
responds to my browser, I see the following logged:

[20/Jun/1996:09:19:01] warning: accept failed (Protocol error)

Having read both Netscape's ticket 20101 and Mukesh Kacker's very useful
explanation of the problems related to this, I have tried the following
things:

Added to /etc/system (and rebooted):
   set rlim_fd_cur=1024
   set rlim_fd_max=1024

On startup:
   ndd -set /dev/tcp tcp_close_wait_interval 120000
   ndd -set /dev/tcp tcp_conn_req_max 1024

I realize some of these may not be exactly ideal values, but it would
seem they should at least alleviate the problem, then I could go back
and cleanup.  Sadly, the problem persists.

Has anyone else seen this problem?  It seems to be very similar to the
problem people saw with Solaris 2.3, but not quite close enough...

-rob
---

<URL:http://home.dti.net/rfrancis/>

2. Logitech Scanner Driver

3. setting duplex: need sun doc confirming /etc/system better than ndd

4. better passwd program

5. ndd parameters

6. MOMspider & swap space error

7. FastEthernet ndd parameters

8. paging limit

9. disabling interface groups with ndd

10. ndd parameters documentation

11. Sec. Vulnerability in ndd(1M) on HP-UX 11.11

12. dmesg and ndd give different results

13. ndd and device vars