Re: using interface groups in pf tables stopped working in 13.0-RELEASE
>>> >> I can >> It looks like there’s some confusion inside pfctl about the network group. >> It ends up in pfctl_parser.c, append_addr_host(), and expects an AF_INET or >> AF_INET6, but instead gets an AF_LINK. >> >> It’s probably related to 250994 or possibly >> d2568b024da283bd2b88a633eecfc9abf240b3d8. >> Either way it’s pretty deep in a part of the pfctl code I don’t much like. >> I’ll try to poke at it some more over the weekend. >> > It should be fixed as of d5b08e13dd6beb3436e181ff1f3e034cc8186584 in main. > I’ll MFC that in about a week, and then it’ll turn up in 13.1 in the fullness > of time. Nice thanks. I also seem to have problem even in anchors (not while using tables). But maybe this will also be fixed by this change. smime.p7s Description: S/MIME cryptographic signature
Re: using interface groups in pf tables stopped working in 13.0-RELEASE
const { trusted:network mgmt:network dmz:network >> guest:network edmz:network \ >>admin:network iot:network client:network } >> If I reload the configuration I get the following: >> # pfctl -f /etc/pf.conf >> /etc/pf.conf:12: cannot create address buffer: Invalid argument >> pfctl: Syntax error in config file: pf rules not loaded > Some changes in the pf source have been made over the last couple > of months. The error returned appears to be related. It appears > that your running into a table size/count and memory allocation > related error. The first change moved/changed memory allocation to > kernel space, requiring one to increase allocation via loader.conf(5). > It was recently moved back to userspace allowing one to make changes > to a running system via sysctl.conf(5) or the commandline. > IOW if your on the recent change you should be able to simply > increase your table count by executing something like: > # echo "set limit table-entries " | pfctl -m -f - > OTOH if your stuck with the change in kernelspace, increase > net.pf.request_maxcount= > by some amount in loader.conf(5). If you are on the newer userspace > change, you can issue the sysctl(8) command at your terminal for > net.pf.request_maxcount= > as well. I dont think so. Everything works normally if I switch from group name to interface name in the config. It seems to me that pf for some reason changed how it interprets group names differently from 12.2-RELEASE-p4 and 13.0-RELEASE. I dont really get how "anchor in from trusted:network” can resolve to "anchor in inet6 all” /Peter. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: using interface groups in pf tables stopped working in 13.0-RELEASE
> On 14 Apr 2021, at 16:16, Peter Ankerstål wrote: > > In pf I use the interface group syntax alot to make the configuration more > readable. All interfaces are assigned to a group representing its use/vlan > name. It seems that the rest of my ruleset is also affected by this, and interface groups combined with :network no longer work. For example I have this anchor: anchor in from trusted:network { } which before resolved to anchor in inet from 172.25.0.0/24 to any { } but now resolves to: anchor in inet6 all { } /Peter. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
using interface groups in pf tables stopped working in 13.0-RELEASE
In pf I use the interface group syntax alot to make the configuration more readable. All interfaces are assigned to a group representing its use/vlan name. For example: ifconfig_igb1_102="172.22.0.1/24 group iot description 'iot vlan' up" ifconfig_igb1_102_ipv6="inet6 2001:470:de59:22::1/64" ifconfig_igb1_300="172.26.0.1/24 group mgmt description 'mgmt vlan’ up" ifconfig_igb1_300_ipv6="inet6 2001:470:de59:26::1/64” in pf.conf I use these group names all over the place. But since I upgraded to 13.0-RELEASE it no longer works to define a table using the :network syntax and interface groups: tableconst { trusted:network mgmt:network dmz:network guest:network edmz:network \ admin:network iot:network client:network } If I reload the configuration I get the following: # pfctl -f /etc/pf.conf /etc/pf.conf:12: cannot create address buffer: Invalid argument pfctl: Syntax error in config file: pf rules not loaded I have tried to use just one network, double check the interface group setting and so on, but with no luck. to use actual interface works just fine: table{ igb1.300:network } but using the group fails: # ifconfig -g mgmt igb1.300 table{ mgmt:network } # pfctl -f /etc/pf.conf /etc/pf.conf:12: cannot create address buffer: Invalid argument pfctl: Syntax error in config file: pf rules not loaded Any ideas? Thanks! /Peter. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: 802.1X authenticator for FreeBSD
> On 18 Oct 2017, at 21:39, Charles Sprickman <sp...@bway.net> wrote: > > >> On Oct 18, 2017, at 1:10 PM, Peter Ankerstål <pe...@pean.org> wrote: >> >>> >>> I’m under the impression that the authenticator function in a wired network >>> is usually part of the switch, and the switch will talk to some >>> authentication server like RADIUS, giving it the port number of the >>> connected device and additional information. >>> >>> If FreeBSD had such a function, I think it would be limited to >>> point-to-point Ethernet links, 802.1x being a link-layer protocol. >>> >> >> Yes I know, but this is functional in hostapd for Linux and it would be nice >> to have it in FreeBSD as well. > > I’m not seeing this in FreeBSD, but pfsense does claim to support 802.1x for > wifi. > > I just happen to be reading about radius (last I used it was for dialup) for > wifi auth and the quick overview on the radius side of things is that the AP > software sends your auth info as well as MAC and a bunch of other stuff, and > the radius server (much like dialup) sends back all sorts of info beyond auth > success/fail - session timeout, info on what VLAN the client may be on, > firewall policies, etc. Pretty cool stuff. 802.1X (or WPA2 Enterprise) works fine with hostapd for wireless in FreeBSD. Well, the authentication at least. I havent tried assigning clients to specific vlans and so on but according to the documentation it is possible. smime.p7s Description: S/MIME cryptographic signature
Re: 802.1X authenticator for FreeBSD
> > I’m under the impression that the authenticator function in a wired network > is usually part of the switch, and the switch will talk to some > authentication server like RADIUS, giving it the port number of the connected > device and additional information. > > If FreeBSD had such a function, I think it would be limited to point-to-point > Ethernet links, 802.1x being a link-layer protocol. > Yes I know, but this is functional in hostapd for Linux and it would be nice to have it in FreeBSD as well. Thanks anyway! ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: 802.1X authenticator for FreeBSD
> On 17 Oct 2017, at 22:27, Chris Rosswrote: > > > wpa_supplicant is the client we use at work, on Linux systems. But, it’s > also the tool described in the FreeBSD wireless configuration pages, so I > know it can be used there. > > I haven’t tried FreeBSD with wired 802.1x myself, but just a thought I had. > > - Chris > Its my understanding that wpa_supplicant is actually a working client in FreeBSD. But I’m looking for the server side of this. It would be just fine if it worked just like hostapd (control access of one nic) and dont have any control over switchports or whatever. Another nice way of doing it would be to have some sort of integration with authpf or pf itself. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
802.1X authenticator for FreeBSD
Hi! I’ve been looking for a 802.1X authenticator for FreeBSD for a while without any real success. Im pretty familiar with hostapd and use it my self for WPA2 Enterprise authentications (with the build in RADIUS server) and it works fine. But what now I would really like to have the same type of authentication for the wired network, but as far as I can see there is no way to use the wired driver in FreeBSD. Any pointers on this? Thanks! ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Realtek RTL8192EU on FreeBSD 11.1
Hi! I recently bought a noname usb wifi card to use in my gateway but I fail to get it to work. It seems to work out of the box on my NanoPI running CURRENT: root@nanopi:~ # uname -a FreeBSD nanopi.pean.org 12.0-CURRENT FreeBSD 12.0-CURRENT #0 r320481: Sat Jul 1 13:10:46 CEST 2017 pe...@torus.pean.org:/usr/local/crochet/work/obj/arm.armv6/usr/src12/sys/GENERIC arm root@nanopi:~ # […] ugen0.2: at usbus0 rtwn0 on uhub0 rtwn0: <802.11n NIC> on usbus0 rtwn0: MAC/BB RTL8192EU, RF 6052 2T2R My other machine: root@gw:~ # uname -a FreeBSD gw.pean.org 11.1-RELEASE FreeBSD 11.1-RELEASE #0 r321606: Thu Jul 27 10:27:02 CEST 2017 r...@gw.pean.org:/usr/obj/usr/src/sys/SOEKRIS i386 I did follow the instructions here: https://github.com/s3erios/rtwn I have built and installed the modules, and loaded them into kernel: root@gw:~ # kldstat Id Refs AddressSize Name 1 21 0xc040 9ae080 kernel […] 112 0xc9f29000 18000if_rtwn.ko 121 0xc59f3000 1if_rtwn_usb.ko but the card is not recognised: root@gw:~ # dmesg […] ugen3.2: at usbus3 Any pointers to what I could be missing? /Peter. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Upgrade to 11.1-RELEASE fails to boot on aws EC2.
> On 28 Jul 2017, at 23:28, Peter Ankerstål <pe...@pean.org> wrote: > >> >>> On 28 Jul 2017, at 12:41, Peter Ankerstål <pe...@pean.org> wrote: >>> >>> Hi! >>> >>> It seems that FreeBSD 11.1-RELEASE also breaks on EC2 in some cases. I had >>> this problem before when upgrading to 11.0. This problem was noticed in the >>> ERRATA: https://www.freebsd.org/releases/11.0R/errata.html#open-issues >>> and later said to have been resolved with a EN: >>> https://www.freebsd.org/security/advisories/FreeBSD-EN-16:18.loader.asc >>> >>> Today I tried to upgrade a 11.0-RELEASE-p7 system to 11.1-RELEASE using the >>> good old build world method as described in the handbook. But after reboot >>> the machine hangs >>> in the loader. Reverting to a snapshot of / works fine but of course I have >>> a lot of problems due to kernel/world mismatch. So I tried to copy the old >>> /boot/ onto the newly updated >>> system and then it actually gets past the loader. But then fails to boot >>> for some other reason unknown to me. (Because it does not give any video >>> output) >>> >>> I have also posted to the forums about this with a few screenshots and more >>> details of what I have tried: >>> https://forums.freebsd.org/threads/61780/ >>> I just installed a new VM and moved the data instead. smime.p7s Description: S/MIME cryptographic signature
Re: Upgrade to 11.1-RELEASE fails to boot on aws EC2.
> >> On 28 Jul 2017, at 12:41, Peter Ankerstål <pe...@pean.org> wrote: >> >> Hi! >> >> It seems that FreeBSD 11.1-RELEASE also breaks on EC2 in some cases. I had >> this problem before when upgrading to 11.0. This problem was noticed in the >> ERRATA: https://www.freebsd.org/releases/11.0R/errata.html#open-issues >> and later said to have been resolved with a EN: >> https://www.freebsd.org/security/advisories/FreeBSD-EN-16:18.loader.asc >> >> Today I tried to upgrade a 11.0-RELEASE-p7 system to 11.1-RELEASE using the >> good old build world method as described in the handbook. But after reboot >> the machine hangs >> in the loader. Reverting to a snapshot of / works fine but of course I have >> a lot of problems due to kernel/world mismatch. So I tried to copy the old >> /boot/ onto the newly updated >> system and then it actually gets past the loader. But then fails to boot for >> some other reason unknown to me. (Because it does not give any video output) >> >> I have also posted to the forums about this with a few screenshots and more >> details of what I have tried: >> https://forums.freebsd.org/threads/61780/ >> >> /Peter. >> > Do you know what version of FreeBSD this system was originally running? It > may be that there are other oddities in the old partitioning which cause > problems for the newer loader code. > It was installed late 2014 or very early 2015. So it must be 10.0 or 10.1. I cant remember exactly. smime.p7s Description: S/MIME cryptographic signature
Upgrade to 11.1-RELEASE fails to boot on aws EC2.
Hi! It seems that FreeBSD 11.1-RELEASE also breaks on EC2 in some cases. I had this problem before when upgrading to 11.0. This problem was noticed in the ERRATA: https://www.freebsd.org/releases/11.0R/errata.html#open-issues and later said to have been resolved with a EN: https://www.freebsd.org/security/advisories/FreeBSD-EN-16:18.loader.asc Today I tried to upgrade a 11.0-RELEASE-p7 system to 11.1-RELEASE using the good old build world method as described in the handbook. But after reboot the machine hangs in the loader. Reverting to a snapshot of / works fine but of course I have a lot of problems due to kernel/world mismatch. So I tried to copy the old /boot/ onto the newly updated system and then it actually gets past the loader. But then fails to boot for some other reason unknown to me. (Because it does not give any video output) I have also posted to the forums about this with a few screenshots and more details of what I have tried: https://forums.freebsd.org/threads/61780/ /Peter. smime.p7s Description: S/MIME cryptographic signature
Problem with snmp_wlan
When I try to do a snmpwalk of the BEGEMOT-WIRELESS-MIB I get the follwing on the client side: BEGEMOT-WIRELESS-MIB::wlanIfaceRegDomain."wlan2" = INTEGER: etsi(3) Error in packet. Reason: (genError) A general failure occured Failed object: BEGEMOT-WIRELESS-MIB::wlanIfaceRegDomain."wlan2" and on the serverside: Mar 13 20:47:25 gw snmpd[1765]: iface wlan0 - get param: ioctl(57) failed: Invalid argument Anyone know what could be the problem? smime.p7s Description: S/MIME cryptographic signature
Booting Raspberry Pi with input on serial console
Hi! I have a problem that should (?) have a simple solution but I havent found one. I have a raspberry pi with a NMEA-GPS constantly hooked up to the serial console of the Pi. My problem is that when booting the Pi it will interpet the output from the GPS as input to the boot process and the boot will fail. How can I have the serial interface of the GPS permanently hooked up to the pi without preventing the system to boot? Thanks! /Peter. smime.p7s Description: S/MIME cryptographic signature
11.0-RELEASE cant boot on aws.
Hi, I recently updated one of my machines hosted on AWS EC2 running 10.3 to 11.0 using freebsd-update. Now the machine cant boot. Its gets stuck in the loader. Last thing that shows is: FreeBSD/x86 bootstrap loader, Revision 1.1 (r...@releng2.nyi.freebsd.org, Thu Sep 22 21:38:48 UTC 2016) _ To recover the machine I started a new instance and attached the block device from the original machine and fiddled around with somewhat with the bootcode without any success. Then I did a freebsd-update upgrade on the newly installed machine and the same thing happens. — freebsd-update upgrade -r 11.0-RELEASE freebsd-update install reboot — Now both machines show the same symptoms. I did the same procedure on another system running i another region, and that worked without any problem. /Peter. smime.p7s Description: S/MIME cryptographic signature
Re: PPS input on a generic GPIO pin on Raspberry Pi.
> On 05 Mar 2016, at 07:54, Peter Ankerstål <pe...@pean.org> wrote: >>>> >>> GPIO is supported on the Pi, I'm using it on 11-Current on my home >>> control software to drive relays on my pool hardware (e.g. valves, >>> heater, VFD motor drive, etc) and it is working very well. I don't >>> believe tapping into that at the kernel level to expose a pps signal >>> (e.g. on /dev/pps or something of the like) would be very difficult >>> at >>> all, since the low-level driver capability is already present. >>> >>> If I get some free time I'll dig around a bit and see if I can cobble >>> something up. It's of some interest to me as well since I have a GPS >>> clock here that currently talks to a serial port on an Intel-based >>> machine and being able to move that to a $35 "appliance" for NTP >>> using >>> the Adafruit setup looks sort of attractive given that the Pi plus >>> the >>> module would be under $100 all-in. >> >> Don't "cobble something up" just yet... there is "a right way" to fix >> this, which is a generic gpio-pps driver. The problem is that it >> requires support from the new INTRNG, and the rpi hasn't been converted >> to that yet. I'm checking around to see if someone has done the >> conversion for rpi and it just hasn't been reveiwed/committed yet; if >> not, I guess I'll try to do it myself. >> >> Writing the actual gpio-pps driver will be pretty quick and easy once >> we have the intrng support, I think it'll take me a couple hours. >> Any new here? Would be really nice to test this on the PI. > Oh, so there is hope. Thanks for looking into it. > > Im not a programmer myself but im willing to help if I can. > >> Also, FYI, another option with PPS is to use a usb-serial adapter and >> feed the PPS in on the CTS or DCD pin. I tested that on rpi a few >> months ago and it worked fine. There's surpisingly little jitter even >> when the usb bus is heavily loaded with other traffic such as disk or >> network IO. >> > Yes that was going to be my plan B. Good to know that it works. > > /Peter. smime.p7s Description: S/MIME cryptographic signature
Re: PPS input on a generic GPIO pin on Raspberry Pi.
> On 4 mars 2016, at 19:00, Ian Lepore <i...@freebsd.org> wrote: > >> On Fri, 2016-03-04 at 10:54 -0600, Karl Denninger wrote: >>> On 3/3/2016 12:57, Peter Ankerstål wrote: >>> Hi! >>> >>> I have sort of exactly the same question as Erik: >>> http://lists.freebsd.org/pipermail/freebsd-questions/2014-July/2590 >>> 55.html >>> >>> I have bought a https://learn.adafruit.com/adafruit-ultimate-gps an >>> d want to use the PPS output to discipline my clock. >>> >>> But the only source of information on how PPS works in FreeBSD I >>> could find is this: >>> https://docs.freebsd.org/doc/8.0-RELEASE/usr/share/doc/ntp/pps.html >>> and it clearly states the two ways to provide a PPS signal. "The >>> PPS signal can be connected in either of two ways: via the data >>> carrier detector (DCD) pin of a serial port or via the acknowledge >>> (ACK) pin of a parallel port” >>> >>> Since the Pi doesn´t have any DCD pin i would like to use a generic >>> GPIO for this. There is a linux kernel module for this: http://lxr. >>> free-electrons.com/source/drivers/pps/clients/pps-gpio.c?v=3.6 >> GPIO is supported on the Pi, I'm using it on 11-Current on my home >> control software to drive relays on my pool hardware (e.g. valves, >> heater, VFD motor drive, etc) and it is working very well. I don't >> believe tapping into that at the kernel level to expose a pps signal >> (e.g. on /dev/pps or something of the like) would be very difficult >> at >> all, since the low-level driver capability is already present. >> >> If I get some free time I'll dig around a bit and see if I can cobble >> something up. It's of some interest to me as well since I have a GPS >> clock here that currently talks to a serial port on an Intel-based >> machine and being able to move that to a $35 "appliance" for NTP >> using >> the Adafruit setup looks sort of attractive given that the Pi plus >> the >> module would be under $100 all-in. > > Don't "cobble something up" just yet... there is "a right way" to fix > this, which is a generic gpio-pps driver. The problem is that it > requires support from the new INTRNG, and the rpi hasn't been converted > to that yet. I'm checking around to see if someone has done the > conversion for rpi and it just hasn't been reveiwed/committed yet; if > not, I guess I'll try to do it myself. > > Writing the actual gpio-pps driver will be pretty quick and easy once > we have the intrng support, I think it'll take me a couple hours. > Oh, so there is hope. Thanks for looking into it. Im not a programmer myself but im willing to help if I can. > Also, FYI, another option with PPS is to use a usb-serial adapter and > feed the PPS in on the CTS or DCD pin. I tested that on rpi a few > months ago and it worked fine. There's surpisingly little jitter even > when the usb bus is heavily loaded with other traffic such as disk or > network IO. > Yes that was going to be my plan B. Good to know that it works. /Peter. smime.p7s Description: S/MIME cryptographic signature
PPS input on a generic GPIO pin on Raspberry Pi.
Hi! I have sort of exactly the same question as Erik: http://lists.freebsd.org/pipermail/freebsd-questions/2014-July/259055.html I have bought a https://learn.adafruit.com/adafruit-ultimate-gps and want to use the PPS output to discipline my clock. But the only source of information on how PPS works in FreeBSD I could find is this: https://docs.freebsd.org/doc/8.0-RELEASE/usr/share/doc/ntp/pps.html and it clearly states the two ways to provide a PPS signal. "The PPS signal can be connected in either of two ways: via the data carrier detector (DCD) pin of a serial port or via the acknowledge (ACK) pin of a parallel port” Since the Pi doesn’t have any DCD pin i would like to use a generic GPIO for this. There is a linux kernel module for this: http://lxr.free-electrons.com/source/drivers/pps/clients/pps-gpio.c?v=3.6 smime.p7s Description: S/MIME cryptographic signature
Re: /dev/led soekris 6501.
On 03/03/2016 04:18 AM, Tom Samplonius wrote: How come there is no support for “ready" and “error" leds on the soekris 6501 even though it seems fairly easy to control them? a) perhaps no developer have that board? b) nobody has written the necessary code to do so? c) There is no generally accepted meaning for what “ready” or “error” LEDs might mean in FreeBSD, so implementing a driver for these LEDs may be a solution in a search of a problem. I see. To my understanding this works on older soekris hardware but I havent tested it myself. Also the /dev/led/error is specifically mentioned in the led(4) manual. Thanks for your time. smime.p7s Description: S/MIME Cryptographic Signature
/dev/led soekris 6501.
Hi! How come there is no support for “ready" and “error" leds on the soekris 6501 even though it seems fairly easy to control them? Please see http://www.mail-archive.com/soekris-tech@lists.soekris.com/msg06738.html and http://ross.vc/?p=183 smime.p7s Description: S/MIME cryptographic signature
amdtemp does not find my CPU.
Hi! Im running FreeBSD 9.1 on a AMD APU machine: CPU: AMD E-450 APU with Radeon(tm) HD Graphics (1699.36-MHz K8-class CPU) FreeBSD 9.1-RELEASE-p1 #0 r243379M: Fri Mar 8 23:16:44 CET 2013 r...@pean.org:/usr/obj/usr/src/sys/GENERIC I try to use amdtemp(4) to read the temperature of this CPU but it doesnt seem to detect the CPU. The manual states that it should support K8-class. The amdtemp.c isnt huge so maybe it is very simple to make it work? Best Regards Peter Ankerstål. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: amdtemp does not find my CPU.
On 03/13/2013 11:16 AM, Milan Obuch wrote: you need to try amdtemp.c from CURRENT aka HEAD. I did it for both E-350 and C-60 CPU and it works for me. If you need something more to test it, I can help, but it is really easy. Regards, Milan Thanks! That worked nicely! Regards, Peter ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: amdtemp does not find my CPU.
On 03/13/2013 12:00 PM, Milan Obuch wrote: Glad it helps :) Just one small thing I encountered - temperature read via sysctl from amdtemp module was ~ 7 degrees higher than those reported via BIOS setup screen. As it was some months already, maybe these vaules are now in line, but it would be good to test it for yourself. Regards, Milan Ah, good to know, I will check it out. /Peter. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Make use of RACCT and rctl
Hi! Im trying to limit memory usage for jails with the rctl API. But I don't really get it. I have compiled the kernel with the right options and rctl show me stuff like: jail:jail22:memoryuse:deny=268435456 jail:jail22:swapuse:deny=268435456 jail:jail20:memoryuse:deny=268435456 jail:jail20:swapuse:deny=268435456 jail:jail16:memoryuse:deny=268435456 jail:jail16:swapuse:deny=268435456 but when I try to allocate memory it doesn't seem to hit the limit. Also when I run # rctl -u jail:jail20 cputime=0 datasize=0 stacksize=0 coredumpsize=0 memoryuse=0 memorylocked=0 maxproc=0 openfiles=0 vmemoryuse=0 pseudoterminals=0 swapuse=0 nthr=0 msgqqueued=0 msgqsize=0 nmsgq=0 nsem=0 nsemop=0 nshm=0 shmsize=0 wallclock=0 it seems that no accounting is done. What's missing? Cant find anything in the manuals. # uname -srm FreeBSD 9.1-RELEASE-p1 amd64 /Peter. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Make use of RACCT and rctl
On Mar 2, 2013, at 5:15 PM, Edward Tomasz Napierała tr...@freebsd.org wrote: [..] Could you please do jls jid name and verify that a jail named jail20 is actually running? -- If you cut off my head, what would I say? Me and my head, or me and my body? Oh! My bad, I thought it was the name from rc.conf. But of course it is the name from the -n flag. Now everything seems to work. Thanks! ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Logging of installed packages.
In the light of this: http://www.freebsd.org/news/2012-compromise.html It would be nice if there was default way to log all package installations from both pkgs and ports. Is there? If not, what would you recommend for doing this? Thanks. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Logging of installed packages.
On 11/20/2012 10:42 AM, Volodymyr Kostyrko wrote: 20.11.2012 11:24, Peter Ankerstål wrote: In the light of this: http://www.freebsd.org/news/2012-compromise.html It would be nice if there was default way to log all package installations from both pkgs and ports. Is there? If not, what would you recommend for doing this? pkgng logs all installations/deinstallations. It's already default for CURRENT and you can switch to using it for other branches. Yes, that seems to work for ports too, thanks! ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Poor iSCSI performance with istgt.
On 11/19/2012 04:05 PM, Daniel Braniss wrote: On 11/19/2012 02:48 PM, Daniel Braniss wrote: try increasing the tag opening - see camcontrol(8) danny I tried camcontrol tags daX -N 32 (and a few different values) but cant see any change in speeds. (pass25:iscsi0:0:0:0): dev_openings 30 (pass25:iscsi0:0:0:0): dev_active2 (pass25:iscsi0:0:0:0): devq_openings 30 (pass25:iscsi0:0:0:0): devq_queued 0 (pass25:iscsi0:0:0:0): held 0 (pass25:iscsi0:0:0:0): mintags 2 (pass25:iscsi0:0:0:0): maxtags 255 I think there is some magic to allow istgt to do tagging, but at the moment can't find it, sorry. Hm! When increasing the tag openings to 8 (for example) I get extremley good reads. I saturate the network (arount 550MB/s). But writes becomes even more slow (around 1-2MB/s). So it seems the iscsi setup is capable of hadling the speeds I want but for some reason writes are f*ed up. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Poor iSCSI performance with istgt.
Hi! Im using two FreeBSD machines trying to get iSCSI to work and it works allright, but extremley slow. It peaks at about 50MB/s if I have multiple dd's runningt against the target. I have two separate networks but I get no difference in speed whichever I use. One regular 1G network connected to the same switch with Intel cards. I get close to maximum performance with both ftp and iperf. The other network is a IPoverIB network where I get 560MB/s with iperf and 250MB/s with ftp.. (hmm). Both machines run FreeBSD 9.1-PRE with OFED enabled: FreeBSD zfs1 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #0: Tue Oct 16 16:07:39 CEST 2012 peter@zfs1:/usr/obj/usr/src/sys/OFED amd64 Im only fiddeling with writes right now and like I said I get about 50MB/s with multiple dds running, around 30 with a single thread. (dd if=/dev/zero of=/dev/daX bs=1M count=n) Writing to local disk at the target gives me like 300MB/s I have also been experimenting with different burst lengths, queue depths and so no with no noticeable difference. I have also tried iozone and dd on both ZFS and UFS, similar results, 40MB/s and peaks at 50MB/s. So I figure it has to have something to do with my iscsi setup. istgt.conf: [Global] Comment Global section NodeBase dc3 PidFile /var/run/istgt.pid AuthFile /usr/local/etc/istgt/auth.conf LogFacility local7 Timeout 30 NopInInterval 20 DiscoveryAuthGroup AuthGroup MaxSessions 16 MaxConnections 4 FirstBurstLength 262144 MaxBurstLength 1048576 MaxRecvDataSegmentLength 262144 [UnitControl] Comment Internal Logical Unit Controller AuthMethod CHAP Mutual AuthGroup AuthGroup1 Portal UC1 127.0.0.1:3261 Netmask 127.0.0.1 [PortalGroup1] Comment T1 portal Portal DA1 ip:3260 [InitiatorGroup1] Comment V1 group InitiatorName dc1 Netmask ip/24 [LogicalUnit1] TargetName V1 Mapping PortalGroup1 InitiatorGroup1 AuthGroup AuthGroup1 UseDigest Auto UnitType Disk QueueDepth 64 LUN0 Storage /dev/zvol/store/v1 Auto iscsi.conf dc3 { authmethod = CHAP chapIName = id chapSecret = pass Initiatorname = dc1 TargetName = dc3:V1 TargetAddress = ip:3260,1 MaxConnections = 4 } ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Poor iSCSI performance with istgt.
On 11/19/2012 02:48 PM, Daniel Braniss wrote: try increasing the tag opening - see camcontrol(8) danny I tried camcontrol tags daX -N 32 (and a few different values) but cant see any change in speeds. (pass25:iscsi0:0:0:0): dev_openings 30 (pass25:iscsi0:0:0:0): dev_active2 (pass25:iscsi0:0:0:0): devq_openings 30 (pass25:iscsi0:0:0:0): devq_queued 0 (pass25:iscsi0:0:0:0): held 0 (pass25:iscsi0:0:0:0): mintags 2 (pass25:iscsi0:0:0:0): maxtags 255 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
AUDIT and jails.
I have tried to enable audit trails for jails but I can't get it to work, is there something special I need to do? Nothing shows up in the logs when I do anything inside a jail. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Lenovo X220 wont boot.
Hi, I just got a Lenovo X220, a one with a i7-2640M CPU. I can boot from cd and install the OS without any problem, but when im going to boot the system for the first time it just stops and give me a menu to choose boot-order (bios). I figured out that this has something to to with the EFI on this machine and tried to disable EFI-boot and only use legacy, but I still have the same problem. Does anyone of you have any pointers here? Best Peter. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Disable DMA.
On Feb 11, 2012, at 9:34 PM, Alexander Motin wrote: On 02/11/12 20:15, Peter Ankerstål wrote: In FreeBSD 8 i used the loader-variable hw.ata.ata_dma=0 to get my computer boot on a CF card. But in FreeBSD 9.0 it doesn't seem to work. Could it be another variable or is it something else that doesn't work in 9? The machine boots up the installer when the CF-card is not present but when it is present it stops right after the Timecounter stuff. On 9.0 you can to it with hint.ata.X.mode=PIO4 , where X is a bus number. In recent 8/9-STABLE I've also resurrected hw.ata.ata_dma=0. That works, thanks! ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Disable DMA.
Hi, In FreeBSD 8 i used the loader-variable hw.ata.ata_dma=0 to get my computer boot on a CF card. But in FreeBSD 9.0 it doesn't seem to work. Could it be another variable or is it something else that doesn't work in 9? The machine boots up the installer when the CF-card is not present but when it is present it stops right after the Timecounter stuff. -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Swap on zvol - recommendable?
I can just tell you I had this problem still in 8.1 and it was a HUGE problem. System stalled every two weeks or so. Now when the swap is moved away from zfs it works fine. On Feb 6, 2012, at 11:57 AM, Patrick M. Hausen wrote: Hi, all, is it possible to make a definite statement about swap on zvols? I found some older discussions about a resource starvation scenario when ZFS arc would be the cause of the system running out of memory, trying to swap, yet the ZFS would not be accessible until some memory was freed - leading to a deadlock. Is this still the case with RELENG_8? The various Root on ZFS guides mention both choices (decicated or gmirror partition vs. zvol), yet don't say anything about the respective merits or risks. I am aware of the fact that I cannot dump to a raidz2 zvol ... Thanks for any hints, Patrick -- punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe Tel. 0721 9109 0 * Fax 0721 9109 100 i...@punkt.de http://www.punkt.de Gf: Jürgen Egeling AG Mannheim 108285 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
device names changes for adX.
Hi, When I installed FreeBSD 8.1-RELEASE (freebsd-update) the adX devices changed index number and the machine obviously didnt boot. Due to this I hesitate to install 8.1 on my servers remote. How do I know if and to what the devices will change? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: device names changes for adX.
Peter Ankerstål wrote: Hi, When I installed FreeBSD 8.1-RELEASE (freebsd-update) the adX devices changed index number and the machine obviously didnt boot. Due to this I hesitate to install 8.1 on my servers remote. How do I know if and to what the devices will change? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org label your filesystems and mount them by label rather than by device name. see man glabel -- SY, Marat Thanks, I may try that. But how will this affect ZFS raidz set up to use ad-drives? Like this: tankONLINE 0 0 0 raidz1ONLINE 0 0 0 ad10s2 ONLINE 0 0 0 ad12ONLINE 0 0 0 ad14ONLINE 0 0 0 ad16ONLINE 0 0 0 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD on MacBook Pro.
On Apr 25, 2010, at 8:14 AM, Patrick Lamaiziere wrote: Le Sat, 24 Apr 2010 14:31:18 +0200, Peter Ankerstål pe...@pean.org a écrit : Actuall it seems to work with US ISO och US UNIX too but only with the fixit cd. In the FreeBSD boot-meny I also can use the keyboard properly, but when Im trying to log in on the booted system no keys work properly. It almost seems like the ctrl-key is constantly pressed. (pressing say F gives me ^F on the screen and L clears it like ctrl+L does) -- So I think it is a problem in the keyboard driver. Which Macbook pro model is it? I use a model 3,1 and it works fine. I suggest you to ask on the usb mailing list. Regards. Ok. I have the new MacBook Pro 7,1 that came out recently. I'll check with the USB-list then. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD on MacBook Pro.
Actuall it seems to work with US ISO och US UNIX too but only with the fixit cd. In the FreeBSD boot-meny I also can use the keyboard properly, but when Im trying to log in on the booted system no keys work properly. It almost seems like the ctrl-key is constantly pressed. (pressing say F gives me ^F on the screen and L clears it like ctrl+L does) -- Peter Ankerstål pe...@pean.org http://www.pean.org/ On 24 apr 2010, at 13.34, Patrick Lamaiziere wrote: Le Fri, 23 Apr 2010 23:42:37 +0200, Peter Ankerstål pe...@pean.org a écrit : Im trying to install FreeBSD on a macbook with dualboot. Everyting works out fine but the keymap doesnt work at all. I've tried alot of keymaps but everyting it produces is mumbojumbo. What keymap should I use to get the macbook working in console? -- There is a french keymap fr.macbook.acc.kbd. May be you can adapt it? This it not very hard to do. There is a new and small utility to get the scancode (use it in a console, not under X): http://hack.org/mc/hacks/kbdscan/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
FreeBSD on MacBook Pro.
Im trying to install FreeBSD on a macbook with dualboot. Everyting works out fine but the keymap doesnt work at all. I've tried alot of keymaps but everyting it produces is mumbojumbo. What keymap should I use to get the macbook working in console? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: SASL problems with spnego on 8.0-BETA4
On Sep 21, 2009, at 5:26 PM, Rick Macklem wrote: Now, hopefully someone who understands enough about dynamic linking will know if this is the correct fix for 8.0? (I'm going on a couple of weeks vacation at the end of this week, so I won't be around to commit anything and don't understand it well enough to know if this is the correct way to fix it.) So, hopefully someone else can pick this one up? Thanks for testing it, rick ___ Could this be the same problem I have with SASL and postfix? http://lists.freebsd.org/pipermail/freebsd-questions/2009-September/205525.html -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
SMART for mpt raid.
Hi, I have a mpt raid and want to run smart on the individual drives. But the examples in the config all seems linux-specific. Is there a way to get SMART-status for the drives in a mpt-raid? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
LSI Logic raid status
Hi, I have a LSI Logic sata/sas raid running, is there a way to see the state of the volume, like optimal, degraded or resyncing? I've tried several commands with camcontrol but I cant figure it out. -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: LSI Logic raid status
On Mar 24, 2009, at 2:08 PM, Ruben van Staveren wrote: On 24 Mar 2009, at 13:40, Peter Ankerstål wrote: Hi, I have a LSI Logic sata/sas raid running, is there a way to see the state of the volume, like optimal, degraded or resyncing? There is sysutils/linux-megacli Sorry about that. This is not megaraid its the mpt driver. LSI SAS3041E-R PCI-e mpt0: LSILogic SAS/SATA Adapter port 0x2000-0x20ff mem 0xd021-0xd0213fff,0xd020-0xd020 irq 16 at device 0.0 on pci3 mpt0: [ITHREAD] mpt0: MPI Version=1.5.19.0 mpt0: Capabilities: ( RAID-0 RAID-1E RAID-1 ) mpt0: 1 Active Volume (2 Max) mpt0: 2 Hidden Drive Members (14 Max) -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: LSI Logic raid status
On Mar 24, 2009, at 8:00 PM, Charles Sprickman wrote: dev.mpt.0.nonoptimal_volumes: 0 Don't test whether the nonoptimal_volumes parameter works, it does - but if you pull a drive, FreeBSD likes to panic both on the loss of a disk and then again when the drive is reconnected and the rebuild completes. This is apparently some problem in the CAM layer, not the mpt driver, but it's something to be aware of. Scott Long has noted that this is being worked on in 8.x. Yes, I tried to remove a drive today. Of course I need to see if it works properly before using it for real. It did, but just as you say it paniced when I pulled the drive and when is was resynced. But it sound great if someone is working on this problem! -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: LSI Logic raid status
On Mar 24, 2009, at 8:20 PM, Scott Long wrote: Peter Ankerstål wrote: On Mar 24, 2009, at 8:00 PM, Charles Sprickman wrote: dev.mpt.0.nonoptimal_volumes: 0 Don't test whether the nonoptimal_volumes parameter works, it does - but if you pull a drive, FreeBSD likes to panic both on the loss of a disk and then again when the drive is reconnected and the rebuild completes. This is apparently some problem in the CAM layer, not the mpt driver, but it's something to be aware of. Scott Long has noted that this is being worked on in 8.x. Yes, I tried to remove a drive today. Of course I need to see if it works properly before using it for real. It did, but just as you say it paniced when I pulled the drive and when is was resynced. But it sound great if someone is working on this problem! The instability during a rebuild should be fixed in 7.2 (and 7- stable as of about the last month). If you can, please update your sources and let me know if it helps. As for actually monitoring and configuring arrays, that work is in progress. Scott Im running RELENG_7 cvsuped and built like 15 hours ago. I still have this problem. Please come back to me if you want some additional information about the setup. -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: LSI Logic raid status
On Mar 24, 2009, at 8:50 PM, Marat N.Afanasyev wrote: Scott Im running RELENG_7 cvsuped and built like 15 hours ago. I still have this problem. Please come back to me if you want some additional information about the setup. -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org I'd rather prefer using a gmirror/gstripe instead of mpt semihardware raid then ;) -- SY, Marat Well, if the boot-disk dies the machine wont boot? Am I right? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
dhclient cant renew lease.
Hi Im running FreeBSD 7.0-RELEASE on my gateway and for the last week or so it cant renew its dhcp-lease. At boot-time it sends a request to broadcast: DHCPREQUEST on fxp0 to 255.255.255.255 port 67 And then it gets an DHCPACK from the gateway. (not 172.21.248.127) But then the machine tries to renew the lease I keep getting messages like this: Feb 23 18:29:06 cone dhclient[1623]: DHCPREQUEST on fxp0 to 172.21.248.127 port 67 Feb 23 18:29:06 cone dhclient[1623]: SENDING DIRECT Feb 23 18:29:33 cone dhclient[1623]: DHCPREQUEST on fxp0 to 172.21.248.127 port 67 Feb 23 18:29:33 cone dhclient[1623]: SENDING DIRECT until the lease runs out and then the connection drops. I guess 172.21.248.127 is the real dhcp-server. A 'dhclient fxp0' sends a new request to 255.255.255.255 and it immediately fixes the connection. -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: dhclient cant renew lease.
On Feb 23, 2009, at 7:08 PM, Brooks Davis wrote: On Mon, Feb 23, 2009 at 06:40:15PM +0100, Peter Ankerst?l wrote: Hi Im running FreeBSD 7.0-RELEASE on my gateway and for the last week or so it cant renew its dhcp-lease. At boot-time it sends a request to broadcast: DHCPREQUEST on fxp0 to 255.255.255.255 port 67 And then it gets an DHCPACK from the gateway. (not 172.21.248.127) You may be seeing the issue in bin/96018. If so, switching to the dhclient from 7.1 should fix it. -- Brooks I've been trying with my laptop running 7.1 and it doesnt get any replies from 172.21.248.127. I guess a workaround is to set a shorter rebind-interval.. -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Jail resource limits
On May 22, 2008, at 1:31 PM, Alexander Leidinger wrote: Quoting Miroslav Lachman [EMAIL PROTECTED] (from Thu, 22 May 2008 13:19:55 +0200): Peter Ankerstål wrote: http://wiki.freebsd.org/JailResourceLimits If the are somebody with skills and time to resurrect some mentioned projects, I am willing to help with testing. Also it will be good to have some up-to-date wiki page with all the patches (resource limits, SysV IPC, multiple IPs...) and status of this work, so people can easily find and try it. Are you willing to update the existing wiki page? If yes register to the wiki (default style would be MiroslavLachman as the username) and I give you write access to the page. Maybe it will be a good idea to create a new page that puts all jail- stuff in one place. I mean, there is more to this then just resource limits. -- Peter Ankerstål [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Jail resource limits
http://wiki.freebsd.org/JailResourceLimits Is this anthing people are working on? Is it on its way to RELENG_7? Is there a 7-version of the patch or anything? This would be a _VERY_ useful feature. -- Peter Ankerstål [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Jail resource limits
If the are somebody with skills and time to resurrect some mentioned projects, I am willing to help with testing. I will also be happy to help in whatever way I can. I have no coding- experience to talk about. But testing in various env and so on. (and help with docs/wiki) -- Peter Ankerstål [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Packet-corruption with re(4)
On Apr 29, 2008, at 2:08 PM, Jeremy Chadwick wrote: I'd recommend staying away from Realtek NICs. Pick up an Intel Pro/ 1000 GT or PT. Realtek has a well-known history of issues. Just wanted to tell you guys that so far a em(4) seems to have fixed the problem. -- Peter Ankerstål [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Packet-corruption with re(4)
Hi, Im using a built in re(4) card and it seems like its causes data- corruption as soon as it gets some load (or after a few hours online) The machine is running FreeBSD 7.0R: FreeBSD ninja 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Wed Apr 16 22:49:15 CEST 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/NINJA amd64 (using a RELENG_7 kernel updated today) If I download alot of files with wget or something everything works fine for a while until the download just stalls and tcpdump reports bad cksum 13:04:25.839408 IP (tos 0x0, ttl 64, id 23912, offset 0, flags [DF], proto TCP (6), length 1500, bad cksum 0 (-f40a)!) host1.http host2.53895: . 115065:116513(1448) ack 1421 win 8326 nop,nop,timestamp 2316944721 2174233192 and so on again and again until the connection times out. re0: RealTek 8168/8111B PCIe Gigabit Ethernet port 0xb800-0xb8ff mem 0xff9ff000-0xff9f irq 19 at device 0.0 on pci3 re0: Using 2 MSI messages miibus0: MII bus on re0 rgephy0: RTL8169S/8110S/8211B media interface PHY 1 on miibus0 rgephy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto re0: Ethernet address: 00:1d:60:74:be:e3 re0: [FILTER] re0: [FILTER] [EMAIL PROTECTED]:3:0:0: class=0x02 card=0x81aa1043 chip=0x816810ec rev=0x01 hdr=0x00 vendor = 'Realtek Semiconductor' device = 'RTL8168/8111 PCI-E Gigabit Ethernet NIC' class = network subclass = ethernet A strange thing is that encrypted data seems to work better than plaintext. https works for a longer time (after boot) then http for example. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Packet-corruption with re(4)
On Apr 29, 2008, at 2:08 PM, Jeremy Chadwick wrote: tcpdump reporting bad cksum can occur due to TX/RX checksum offloading. Do you not see this message normally, but only when the problem begins? Have you tried turning off TX/RX offloading to see if the erroneous behaviour goes away? Have you tried disabling RFC1323 to see if that's actually what's responsible for the stalls you're seeing? sysctl net.inet.tcp.rfc1323=0 I'd recommend staying away from Realtek NICs. Pick up an Intel Pro/ 1000 GT or PT. Realtek has a well-known history of issues. Now Ive tried: ninja# sysctl net.inet.tcp.rfc1323=0 net.inet.tcp.rfc1323: 1 - 0 ninja# ifconfig re0 -rxcsum -txcsum -tso -lro The problem remains, but when I have -rxcsum/tx tcpdump does not say anything about bad checksums but it send out the same ack over and over. and it seems like bigger files are the most effected (images rather then html-files) I know, I have em in all other machines.. :/ ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Sata controller Sil 3512 - Kernel Panic.
Hi, I've recently installed a new sata-controller on a fresh installed FreeBSD 6.2. I gave the manual ata(4) a quick look before I bought the controller and it tells me this chip should be supported. But the machine panics every few minutes when I have a disk connected to it. Is there a way to fix this? heh. kernel: atapci0: SiI 3512 SATA150 controller port 0xdff0-0xdff7,0xdfe4-0xdfe7,0xdfa8-0xdfaf,0xdfe0-0xdfe3,0xdf90-0xdf9f mem 0xfe5ffc00-0xfe5ffdff irq 22 at device 11.0 on pci1 kernel: ad6: TIMEOUT - WRITE_DMA retrying (1 retry left) LBA=244892063 fee kernel: fee kernel: kernel: Fatal trap 12: page fault while in kernel mode kernel: fault virtual address = 0x28 kernel: fault code = supervisor read, page not present kernel: instruction pointer = 0x20:0xc0685de4 kernel: stack pointer = 0x28:0xcbeeac28 kernel: frame pointer = 0x28:0xcbeeac30 kernel: code segment= base 0x0, limit 0xf, type 0x1b kernel: = DPL 0, pres 1, def32 1, gran 1 kernel: processor eflags= interrupt enabled, resume, IOPL = 0 kernel: current process = 6 (thread taskq) kernel: trap number = 12 kernel: panic: page fault kernel: Uptime: 33m38s kernel: Cannot dump. No dump device defined. kernel: Automatic reboot in 15 seconds - press a key on the console to abort kernel: Rebooting... ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
6.2 RELEASE - READ_DMA timed out
I have a router running NanoBSD on a CF-card, 512MB SanDisk and yesterday when installed 6.2-RELEASE I encountered some problems. The systems seems to boot properly but when it tries to mount the filesystem I get errors like this: ad0: FAILURE - READ_DMA timed out LBA=1000941 When I try to boot without acpi I get the same problem but when I boot in Safe Mode it boots properly and I haven't encountered any problems at all. I have'nt compiled any modules, and the acpi.ko is missing, could that be the problem? It worked fine i 6.1-RELEASE though. What could be the problem? If there is no quick solution to this, are there any way to make Safe Mode the default option at boot? I've attached my kernconf and configuration for the NanoBSD-build. #!/bin/sh # Copyright (c) 2005 Poul-Henning Kamp. # # See /usr/share/examples/etc/bsd-style-copyright for license terms. # # $FreeBSD: src/tools/tools/nanobsd/nanobsd.sh,v 1.1 2005/07/26 18:52:50 phk Exp $ # # Name of this NanoBSD build. (Used to construct workdir names) NANO_NAME=uchman NANO_SRC=/usr/src NANO_PMAKE=make -j 4 # Options to put in make.conf during buildworld only CONF_BUILD=' NO_HESIOD_LIBC=YES NO_KLDLOAD=YES NO_NETGRAPH=YES NO_PAM=YES PPP_NO_NETGRAPH=YES PPP_NO_RADIOS=YES ' # Options to put in make.conf during installworld only CONF_INSTALL=' NO_ACPI=YES NO_BLUETOOTH=YES NO_CVS=YES NO_CXX=YES NO_DICT=YES NO_FORTRAN=YES NO_GCOV=YES NO_GDB=YES NO_HTML=YES NO_LPR=YES NO_MAN=YES NO_OBJC=YES NO_P1003_1B=YES NO_PROFILE=YES NO_SENDMAIL=YES NO_SHAREDOCS=YES NO_TOOLCHAIN=YES NO_EXAMPLES=YES NO_INSTALLLIB=YES NO_CALENDAR=YES NO_MISC=YES #NO_SHARE=YES NO_MAKE=YES ' # Options to put in make.conf during both build- installworld. CONF_WORLD=' NO_ATM=YES NO_I4B=YES NO_BIND=YES NO_MODULES=YES NO_IPFILTER=YES NO_KERBEROS=YES NO_NIS=YES NO_RCMDS=YES NO_GAMES=YES NO_RESCUE=YES PPP_NO_NETGRAPH=YES PPP_NO_RADIUS=YES NO_LOCALES=YES NO_SYSCONS=YES NO_GROFF=YES NO_NLS=YES NO_PCVT=YES NO_IPX=YES NO_INFO=YES ' NANO_KERNEL=GW FlashDevice Sandisk 512MB NANO_IMAGES=2 NANO_CODESIZE=0 NANO_CONFSIZE=20480 NANO_DATASIZE=0 #customize_cmd cust_comconsole customize_cmd cust_allow_ssh_root customize_cmd cust_install_files customize_cmd phk_pkg phk_pkg () ( mkdir -p ${NANO_WORLDDIR}/Pkg cp /usr/src/tools/tools/nanobsd/Pkg/* ${NANO_WORLDDIR}/Pkg chroot ${NANO_WORLDDIR} sh -c 'pkg_add -v Pkg/*' rm -rf ${NANO_WORLDDIR}/Pkg ) machine i386 cpu I686_CPU ident GW # To statically compile in device wiring instead of /boot/device.hints #hints GENERIC.hints # Default places to look for devices. makeoptions DEBUG=-g# Build kernel with gdb(1) debug symbols device pf device pflog device pfsync device fdescfs options ALTQ options ALTQ_CBQ# Class Bases Queuing (CBQ) options ALTQ_RED# Random Early Detection (RED) options ALTQ_RIO# RED In/Out options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC) options ALTQ_PRIQ # Priority Queuing (PRIQ) options ALTQ_NOPCC # Required for SMP build #optionsSCHED_ULE # ULE scheduler options SCHED_4BSD # 4BSD scheduler options PREEMPTION # Enable kernel thread preemption options INET# InterNETworking options INET6 # IPv6 communications protocols options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates support options UFS_ACL # Support for access control lists options UFS_DIRHASH # Improve performance on big directories options MD_ROOT # MD is a potential root device options NFSCLIENT # Network Filesystem Client options NFSSERVER # Network Filesystem Server options NFS_ROOT# NFS usable as /, requires NFSCLIENT options MSDOSFS # MSDOS Filesystem options CD9660 # ISO 9660 Filesystem options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS# Pseudo-filesystem framework options GEOM_GPT# GUID Partition Tables. options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] options COMPAT_FREEBSD4 # Compatible with FreeBSD4 options COMPAT_FREEBSD5 # Compatible with FreeBSD5 options KTRACE # ktrace(1) support options SYSVSHM # SYSV-style shared memory options SYSVMSG # SYSV-style message queues options SYSVSEM # SYSV-style semaphores options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions options KBD_INSTALL_CDEV# install
Re: 6.2 RELEASE - READ_DMA timed out
Pietro Cerutti wrote: On 1/14/07, Peter Ankerstål [EMAIL PROTECTED] wrote: ad0: FAILURE - READ_DMA timed out LBA=1000941 This kind of errors usually denote a hardware problem, either at the disk or at the controller level. Check sysutils/smartmontools in the ports. But there was no problem at all before the upgrade, and it works without any problem in safe mode and I have done fscks on the CF-card without any errors. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 6.2 RELEASE - READ_DMA timed out
The reason it works in safe mode is that DMA is not used there. Are you sure it worked with DMA before ? I cant be sure, I never looked it up. But it worked just fine before. The _only_ difference is the soruce-code i compiled NanoBSD from. I was RELENG_6_1 before and now it is RELENG_6_2 I'm using a IDE to CF-card adapter in a ordinary PC if that could be any help. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]