Someone has working setup of sound in rdesktop?
Hi all, I'm trying to bring sound up in connection with Windows XP trough rdesktop(1),but still no success.Googling recommend solutions which I tryied yet and no special info in man page. Here is my script for connection : #!/bin/sh /usr/local/bin/rdesktop -u myname -d domain -g 1440x900 -a 16 -0 -r sound:remote remoteIP Thanks for points
Re: Someone has working setup of sound in rdesktop?
Toma Bodar wrote: Hi all, I'm trying to bring sound up in connection with Windows XP trough rdesktop(1),but still no success.Googling recommend solutions which I tryied yet and no special info in man page. Here is my script for connection : #!/bin/sh /usr/local/bin/rdesktop -u myname -d domain -g 1440x900 -a 16 -0 -r sound:remote remoteIP I believe you want sound:local if you want the sound to come out on the machine you are running rdesktop at. /Alexander
Re: Someone has working setup of sound in rdesktop?
On Thu, May 07, 2009 at 08:25:59AM +0200, Tom?? Bod??r wrote: Hi all, I'm trying to bring sound up in connection with Windows XP trough rdesktop(1),but still no success.Googling recommend solutions which I tryied yet and no special info in man page. Here is my script for connection : #!/bin/sh /usr/local/bin/rdesktop -u myname -d domain -g 1440x900 -a 16 -0 -r sound:remote remoteIP Thanks for points I don't expect the audio support (rdpsnd_sun.c) in rdesktop to work for at least two reasons: 1) full-duplex mode must be set explicitely, opening the device O_RDWR is not enough. 2) the 'samples' in struct audio_prinfo is a sample count on Sun OSs but byte counts on BSD OSs. -- jake...@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
Re: Someone has working setup of sound in rdesktop?
Op 7 mei 2009, om 08:58 heeft Jacob Meuser het volgende geschreven: On Thu, May 07, 2009 at 08:25:59AM +0200, Tom?? Bod??r wrote: Hi all, I'm trying to bring sound up in connection with Windows XP trough rdesktop(1),but still no success.Googling recommend solutions which I tryied yet and no special info in man page. Here is my script for connection : #!/bin/sh /usr/local/bin/rdesktop -u myname -d domain -g 1440x900 -a 16 -0 -r sound:remote remoteIP Thanks for points I don't expect the audio support (rdpsnd_sun.c) in rdesktop to work for at least two reasons: 1) full-duplex mode must be set explicitely, opening the device O_RDWR is not enough. 2) the 'samples' in struct audio_prinfo is a sample count on Sun OSs but byte counts on BSD OSs. It worked for me 2 years ago. But you should use sound:local as far as I remember. Wijnand
dhclient and dynamic IP address
Hi misc, I've been reading dhclient(8) but still it is not clear to me if dhclient(8) is supposed to stay in the background to automatically renew leases. In the manual page it says: -d Forces dhclient to always run as a foreground process. By de- fault, dhclient runs in the foreground until it has configured the interface, and then will revert to running in the back- ground. So apparently dhclient(8) should be kept in the background waiting for leases to be renewed. However, if I run ps ax I can't see anything that looks like dhclient(8) is running in the background at all. How is this supposed to work for DHCP leases for cable/residential users that are not guaranteed to always keep the same IP? Thanks in advance. -- http://www.felipe-alfaro.org/blog/disclaimer/
Re: Someone has working setup of sound in rdesktop?
With sound:local I have a lot of ' ERROR: No space to queue audio packet' errors. 2009/5/7 Wijnand Wiersma wijn...@videre.net: Op 7 mei 2009, om 08:58 heeft Jacob Meuser het volgende geschreven: On Thu, May 07, 2009 at 08:25:59AM +0200, Tom?? Bod??r wrote: Hi all, I'm trying to bring sound up in connection with Windows XP trough rdesktop(1),but still no success.Googling recommend solutions which I tryied yet and no special info in man page. Here is my script for connection : #!/bin/sh /usr/local/bin/rdesktop -u myname -d domain -g 1440x900 -a 16 -0 -r sound:remote remoteIP Thanks for points I don't expect the audio support (rdpsnd_sun.c) in rdesktop to work for at least two reasons: 1) full-duplex mode must be set explicitely, opening the device O_RDWR is not enough. B 2) the 'samples' in struct audio_prinfo is a sample count on Sun OSs but byte counts on BSD OSs. It worked for me 2 years ago. But you should use sound:local as far as I remember. Wijnand -- http://www.openbsd.org/lyrics.html
Re: dhclient and dynamic IP address
On Thu, May 07, 2009 at 09:57:57AM +0200, Felipe Alfaro Solana wrote: Hi misc, I've been reading dhclient(8) but still it is not clear to me if dhclient(8) is supposed to stay in the background to automatically renew leases. In the manual page it says: -d Forces dhclient to always run as a foreground process. By de- fault, dhclient runs in the foreground until it has configured the interface, and then will revert to running in the back- ground. So apparently dhclient(8) should be kept in the background waiting for leases to be renewed. However, if I run ps ax I can't see anything that looks like dhclient(8) is running in the background at all. How is this supposed to work for DHCP leases for cable/residential users that are not guaranteed to always keep the same IP? Thanks in advance. o...@stephanie/pj:~$ pgrep -lf dhclient 30516 dhclient: iwn0 12511 dhclient: iwn0 [priv] 13402 dhclient: em0 27486 dhclient: em0 [priv] guess again. It runs as a daemon. (those were started from /etc/netstart). -0- -- It's always darkest just before it gets pitch black.
Re: swap(encrypt) vs. vnd
On Thursday 07 May 2009 01:14:34 Maxim Bourmistrov wrote: Hello misc@, any one can answer the following question: why codebase used to encrypt/decrypt swap is not used to replace/ complement vnd? Complement, means skip the creation of encrypted image part and work directly with block device. //maxim Because keys for swap encryption are generated on the fly and kept in system memory. You don't need to access previous swap contents after restart but you definitely want to access svnd data. -- Best wishes, Vadim Zhukov A: Because it messes up the way people read text. Q: Why is a top-posting such a bad thing?
Re: dhclient and dynamic IP address
On Thursday 07 May 2009 11:57:57 Felipe Alfaro Solana wrote: Hi misc, I've been reading dhclient(8) but still it is not clear to me if dhclient(8) is supposed to stay in the background to automatically renew leases. In the manual page it says: -d Forces dhclient to always run as a foreground process. By de- fault, dhclient runs in the foreground until it has configured the interface, and then will revert to running in the back- ground. So apparently dhclient(8) should be kept in the background waiting for leases to be renewed. However, if I run ps ax I can't see anything that looks like dhclient(8) is running in the background at all. How is this supposed to work for DHCP leases for cable/residential users that are not guaranteed to always keep the same IP? Thanks in advance. Check your /var/log/daemon for messages from dhclient. If interface is disabled on dhclient start and dhclient can't enable it, then it'll put its hands off. -- Best wishes, Vadim Zhukov A: Because it messes up the way people read text. Q: Why is a top-posting such a bad thing?
Re: dhclient and dynamic IP address
On Thu, May 7, 2009 at 10:09 AM, Owain Ainsworth zer...@googlemail.com wrote: On Thu, May 07, 2009 at 09:57:57AM +0200, Felipe Alfaro Solana wrote: Hi misc, I've been reading dhclient(8) but still it is not clear to me if dhclient(8) is supposed to stay in the background to automatically renew leases. In the manual page it says: B B B -d B B B Forces dhclient to always run as a foreground process. B By de- B B B B B B B fault, dhclient runs in the foreground until it has configured B B B B B B B the interface, and then will revert to running in the back- B B B B B B B ground. So apparently dhclient(8) should be kept in the background waiting for leases to be renewed. However, if I run ps ax I can't see anything that looks like dhclient(8) is running in the background at all. How is this supposed to work for DHCP leases for cable/residential users that are not guaranteed to always keep the same IP? Thanks in advance. o...@stephanie/pj:~$ pgrep -lf dhclient 30516 dhclient: iwn0 12511 dhclient: iwn0 [priv] 13402 dhclient: em0 27486 dhclient: em0 [priv] I already said before that dhclient is _not_ running at all: $ pgrep -lf dhclient $ Any more ideas?
KDE and laptop battery monitor
Hi! I'm trying to display an applet which will show me my battery status in KDE3. I noticed that in Ksystemguard the acpi tree is totally missing, so I tried KControl/Power Control/Laptop Battery: It says on the configuration page, that Other error opening APM control device /dev/apmctl. I thought that apmd(8) is using that device, so I killed it, but still I couldn't make the Battery Monitor start. Is it possible to make KDE's battery monitor work, or is there any other monitor application that will integrate into a standard freedesktop system-tray? Thanks! Daniel -- LIVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: dhclient and dynamic IP address
On Thu, May 07, 2009 at 10:11:04AM +0200, Felipe Alfaro Solana wrote: On Thu, May 7, 2009 at 10:09 AM, Owain Ainsworth zer...@googlemail.com wrote: On Thu, May 07, 2009 at 09:57:57AM +0200, Felipe Alfaro Solana wrote: Hi misc, I've been reading dhclient(8) but still it is not clear to me if dhclient(8) is supposed to stay in the background to automatically renew leases. In the manual page it says: B B B -d B B B Forces dhclient to always run as a foreground process. B By de- B B B B B B B fault, dhclient runs in the foreground until it has configured B B B B B B B the interface, and then will revert to running in the back- B B B B B B B ground. So apparently dhclient(8) should be kept in the background waiting for leases to be renewed. However, if I run ps ax I can't see anything that looks like dhclient(8) is running in the background at all. How is this supposed to work for DHCP leases for cable/residential users that are not guaranteed to always keep the same IP? Thanks in advance. o...@stephanie/pj:~$ pgrep -lf dhclient 30516 dhclient: iwn0 12511 dhclient: iwn0 [priv] 13402 dhclient: em0 27486 dhclient: em0 [priv] I already said before that dhclient is _not_ running at all: $ pgrep -lf dhclient $ Any more ideas? Yes; check your logs.
Today: Amsterdam OpenBSD 4.5 release party
Today, Thursday 7th of May: Cafe de Deugniet Oude Brugsteeg 12, 1012 JP Amsterdam http://maps.google.nl/maps?f=qhl=enq=Oudebrugsteeg+12,+Amsterdam+1012+Amsterdam,+North+Holland,+The+Netherlandssll=52.469397,5.509644sspn=3.741684,6.097412ie=UTF8cd=1geocode=0,52.375293,4.897561t=hz=17iwloc=addr 18:00 gathering in front of De Deugniet we will find some food in the neighborhood that has lots of places where we can eat. From 20:00 on we will gather into De Deugniet itself and have a drink on OpenBSD 4.5! +++chefren
Re: KDE and laptop battery monitor
On Thursday 07 May 2009 12:30:25 LEVAI Daniel wrote: Hi! I'm trying to display an applet which will show me my battery status in KDE3. I noticed that in Ksystemguard the acpi tree is totally missing, so I tried KControl/Power Control/Laptop Battery: It says on the configuration page, that Other error opening APM control device /dev/apmctl. I thought that apmd(8) is using that device, so I killed it, but still I couldn't make the Battery Monitor start. Is it possible to make KDE's battery monitor work, or is there any other monitor application that will integrate into a standard freedesktop system-tray? Make sure that your user have write access to mentioned /dev/apmctl. By default, only root can write to it. It's some sort of unsecure advice, though. :( But on the personal notebook, IMHO, it's acceptable. -- Best wishes, Vadim Zhukov A: Because it messes up the way people read text. Q: Why is a top-posting such a bad thing?
Re: KDE and laptop battery monitor
On Thursday 07 May 2009 10.47.39 Vadim Zhukov wrote: On Thursday 07 May 2009 12:30:25 LEVAI Daniel wrote: Hi! I'm trying to display an applet which will show me my battery status in KDE3. I noticed that in Ksystemguard the acpi tree is totally missing, so I tried KControl/Power Control/Laptop Battery: It says on the configuration page, that Other error opening APM control device /dev/apmctl. I thought that apmd(8) is using that device, so I killed it, but still I couldn't make the Battery Monitor start. Is it possible to make KDE's battery monitor work, or is there any other monitor application that will integrate into a standard freedesktop system-tray? Make sure that your user have write access to mentioned /dev/apmctl. By default, only root can write to it. Oh, thanks. I didn't think that I needed write access too. It's some sort of unsecure advice, though. :( But on the personal notebook, IMHO, it's acceptable. Daniel -- LIVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: OT: 10GbE Physical Network Taps
From: J.C. Roberts list-...@designtools.org To: Johan Fredin jo...@spelaroll.se On 09-05-07 05.00, J.C. Roberts wrote: If anyone here mistakenly thinks they can actually run *ANALYSIS* at these speeds with off the shelf components... BAWAHAHAHAHAHAHAHA! Well, depends on what you mean by off the shelf. Procera Networks is doing layer 7 analysis at 40Gbps FD with their PacketLogic PL10k. The hardware used for this is sourced from companies that anyone can by hardware from as far as I know. Of course it's not x86 stuff, but it's off the shelf. :) This is really rather getting off topic, but I would suggest that 'off the shelf' only applies when there are many well known shelves where the kit may easily be obtained, preferably with multiple implementations of the hardware. If you can't drive to a random three decent suppliers and find it in one of them, it is not 'off the shelf'. If the kit can be obtained from a restricted set of sources and features highly up to date technology, yet basically only requires money and a phone call to start the process it is 'leading edge' (if it features old technology it is now over the hill and is 'legacy') If you're calling a company to source FPGA/DSPs or to contract someone to make it for you, you're now into the 'bleeding edge' PK
Re: azalia
I put a lot of work into azalia(4) in the last release cycel, and I'd like to be able to say, when 4.6 release comes, that azalia is completed. by completed I mean it just works as expected, by default, everywhere. so, if you are using OpenBSD 4.5 or -current, and you have *any* issues with azalia(4) (I mean anything, even if it seems small or is not really a bug but I change this everytime), please let me know. I have a ThinkPad T60. I always wondered why I can hear the sounds from the earphones/speakers when the output volume control is on 0: $ mixerctl -va outputs.dig-dac_source=hdaudio [ hdaudio adc ] outputs.line_source=dac [ dac mix2 ] outputs.line_mute=off [ off on ] outputs.line=0,0 inputs.line=0,0 outputs.line_dir=output [ none output input input-vr0 input-vr50 input-vr80 ] outputs.line_boost=off [ off on ] outputs.line_eapd=on [ off on ] inputs.mic=0,0 outputs.mic_dir=input-vr80 [ none input input-vr0 input-vr50 input-vr80 ] outputs.SPDIF_source=dig-dac [ dig-dac ] inputs.sel_source=dac [ dac mix mix2 line ] inputs.mix_source=sel7 { sel7 } inputs.mix2_source=dac,sel3,sel5,cd { dac sel3 sel5 cd } inputs.dac_mute=off [ off on ] inputs.dac=0,0 inputs.sel3_source=mic [ mic ] outputs.sel3_mute=off [ off on ] outputs.sel3=120,120 record.adc_source=mix [ mix mix2 cd line ] record.adc_mute=off [ off on ] record.adc=119,119 inputs.sel5_source=line [ line ] outputs.sel5_mute=off [ off on ] outputs.sel5=120,120 inputs.cd_mute=off [ off on ] inputs.cd=120,120 inputs.sel7_source=mic [ mic ] outputs.sel7_mute=off [ off on ] outputs.master=0,0 outputs.master.mute=off [ off on ] outputs.master.slaves=line,dac { line dac sel3 sel5 cd sel7 } record.volume=119,119 record.volume.mute=off [ off on ] record.volume.slaves=adc { line mic adc } inputs.usingdac=03 [ 03 02 ] If I set outputs.line_mute=on, then it will mute it alright. $ dmesg OpenBSD 4.5-current (GENERIC.MP) #21: Mon May 4 17:18:54 MDT 2009 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Genuine Intel(R) CPU T2400 @ 1.83GHz (GenuineIntel 686-class) 1.83 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,A CPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2,xTPR real mem = 1072066560 (1022MB) avail mem = 1028296704 (980MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 08/02/06, BIOS32 rev. 0 @ 0xfd6b0, SMBIOS rev. 2.4 @ 0xe0010 (68 entries) bios0: vendor LENOVO version 79ET66WW (1.10 ) date 08/02/2006 bios0: LENOVO 2007FRG acpi0 at bios0: rev 2 acpi0: tables DSDT FACP SSDT ECDT TCPA APIC MCFG HPET BOOT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) LURT(S3) DURT(S3) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) PCI1(S4) USB0(S3) USB1(S3) USB2(S3) USB7(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Genuine Intel(R) CPU T2400 @ 1.83GHz (GenuineIntel 686-class) 1.83 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,A CPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2,xTPR ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus 4 (EXP2) acpiprt5 at acpi0: bus 12 (EXP3) acpiprt6 at acpi0: bus 21 (PCI1) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2 acpicpu1 at acpi0: C3, C2 acpitz0 at acpi0: critical temperature 127 degC acpitz1 at acpi0: critical temperature 99 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 42T4511 serial 21826 type LION oem SANYO acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit online acpithinkpad0 at acpi0 acpidock at acpi0 not configured acpivideo at acpi0 not configured acpivideo at acpi0 not configured bios0: ROM list: 0xc/0xfe00 0xd/0x1000 0xd1000/0x1000 0xdc000/0x4000! 0xe/0x1 cpu0: unknown Enhanced SpeedStep CPU, msr 0x06130b2c06000613 cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 1000 MHz (1004 mV): speeds: 1833, 1000 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) extent `pciio' (0x0 - 0x), flags=0 0x1800 - 0x188f 0x18a8 - 0x18cf 0x18e0 - 0x18ff 0x2000 - 0xdfff 0x1 - 0x extent `pcimem' (0x0 - 0x), flags=0 0x0 - 0xfff 0x2000 - 0x9 0xd2000 - 0xd3fff 0xdc000 - 0x3fff 0xd800 - 0xee1f 0xee40 - 0xee4047ff 0xf000 - 0xf3ff 0xfec0 - 0xfec0 0xfed0 - 0xfed003ff 0xfed14000 - 0xfed19fff 0xfed1c000 - 0xfed8 0xfee0 - 0xfee00fff 0xff80 - 0x pchb0 at pci0 dev 0 function 0 Intel 82945GM Host rev 0x03
Using ospfd to establish default routes with two outgoing connections
Hi all, I am trying to establish default routes on an openbsd firewall using ospfd instead of use multipath+route to param under pf.conf without luck. My topology is: Internet --- ExtFw1 | | OpenBSDFw - Internal Network | Internet --- ExtFw2 | ExtFw1 and ExtFw2 are commercial products with different versions. I have put a rule to pass all traffic genereated by OpenBSD on both external firewalls. My interfaces config are: em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:29:f2:2c priority: 0 media: Ethernet autoselect (1000baseT full-duplex,master) status: active inet 172.25.50.1 netmask 0xffe0 broadcast 172.25.50.31 inet6 fe80::250:56ff:fe29:f22c%em0 prefixlen 64 scopeid 0x1 em1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 priority: 0 media: Ethernet autoselect (1000baseT full-duplex,master) status: active inet6 fe80::250:56ff:fe0f:7bb0%em1 prefixlen 64 scopeid 0x2 enc0: flags=0 mtu 1536 priority: 0 vlan15: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 description: Management Interface priority: 0 vlan: 15 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan15 prefixlen 64 scopeid 0x5 inet 172.25.65.1 netmask 0xfff0 broadcast 172.25.65.15 vlan25: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 description: VPN Interface priority: 0 vlan: 25 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan25 prefixlen 64 scopeid 0x6 inet 172.25.85.1 netmask 0xfff8 broadcast 172.25.85.7 vlan35: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1496 lladdr 00:50:56:0f:7b:b0 description: Primary Outgoing Interface priority: 0 vlan: 35 priority: 0 parent interface: em1 groups: vlan egress inet6 fe80::250:56ff:fe0f:7bb0%vlan35 prefixlen 64 scopeid 0x7 inet 192.168.100.66 netmask 0xfffc broadcast 192.168.100.67 vlan45: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1496 lladdr 00:50:56:0f:7b:b0 description: Secondary Outgoing Interface priority: 0 vlan: 45 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan45 prefixlen 64 scopeid 0x8 inet 10.10.10.201 netmask 0xfff8 broadcast 10.10.10.207 pflog0: flags=141UP,RUNNING,PROMISC mtu 33204 priority: 0 groups: pflog My ospfd.conf: router-id 192.168.100.66 fib-update yes redistribute connected redistribute default area 0.0.0.0 { auth-type none interface vlan35 interface vlan45 { metric 20 } } Output of ospctl show database command is: Router Link States (Area 0.0.0.0) Link ID Adv Router Age Seq# Checksum 192.168.100.66 192.168.100.66 641 0x8001 0x3bdc Type-5 AS External Link States Link ID Adv Router Age Seq# Checksum 0.0.0.0 192.168.100.66 641 0x8001 0x11cf 172.25.50.0 192.168.100.66 641 0x8001 0x3ccb 172.25.65.0 192.168.100.66 641 0x8001 0xf6f1 172.25.85.0 192.168.100.66 641 0x8001 0x4a82 Output of ospctl show n command is: r...@obsdintfw:~# ospfctl show n ID Pri StateDeadTime Address Iface Uptime r...@obsdintfw:~# Output of ospctl show r command is: r...@obsdfwint:~# ospfctl show r Destination Nexthop Path TypeType CostUptime r...@obsdfwint:~# Is this configuration correct? Why can't I establish my default routes with multipath using ospfd? Or I am wrong and only I can use multipath+route to with pf.conf?? Many thanks. -- CL Martinez carlopmart {at} gmail {d0t} com
Re: Using ospfd to establish default routes with two outgoing connections
carlopmart wrote: Hi all, I am trying to establish default routes on an openbsd firewall using ospfd instead of use multipath+route to param under pf.conf without luck. My topology is: Internet --- ExtFw1 | | OpenBSDFw - Internal Network | Internet --- ExtFw2 | ExtFw1 and ExtFw2 are commercial products with different versions. I have put a rule to pass all traffic genereated by OpenBSD on both external firewalls. My interfaces config are: em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:29:f2:2c priority: 0 media: Ethernet autoselect (1000baseT full-duplex,master) status: active inet 172.25.50.1 netmask 0xffe0 broadcast 172.25.50.31 inet6 fe80::250:56ff:fe29:f22c%em0 prefixlen 64 scopeid 0x1 em1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 priority: 0 media: Ethernet autoselect (1000baseT full-duplex,master) status: active inet6 fe80::250:56ff:fe0f:7bb0%em1 prefixlen 64 scopeid 0x2 enc0: flags=0 mtu 1536 priority: 0 vlan15: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 description: Management Interface priority: 0 vlan: 15 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan15 prefixlen 64 scopeid 0x5 inet 172.25.65.1 netmask 0xfff0 broadcast 172.25.65.15 vlan25: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 description: VPN Interface priority: 0 vlan: 25 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan25 prefixlen 64 scopeid 0x6 inet 172.25.85.1 netmask 0xfff8 broadcast 172.25.85.7 vlan35: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1496 lladdr 00:50:56:0f:7b:b0 description: Primary Outgoing Interface priority: 0 vlan: 35 priority: 0 parent interface: em1 groups: vlan egress inet6 fe80::250:56ff:fe0f:7bb0%vlan35 prefixlen 64 scopeid 0x7 inet 192.168.100.66 netmask 0xfffc broadcast 192.168.100.67 vlan45: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1496 lladdr 00:50:56:0f:7b:b0 description: Secondary Outgoing Interface priority: 0 vlan: 45 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan45 prefixlen 64 scopeid 0x8 inet 10.10.10.201 netmask 0xfff8 broadcast 10.10.10.207 pflog0: flags=141UP,RUNNING,PROMISC mtu 33204 priority: 0 groups: pflog My ospfd.conf: router-id 192.168.100.66 fib-update yes redistribute connected redistribute default area 0.0.0.0 { auth-type none interface vlan35 interface vlan45 { metric 20 } } Output of ospctl show database command is: Router Link States (Area 0.0.0.0) Link ID Adv Router Age Seq# Checksum 192.168.100.66 192.168.100.66 641 0x8001 0x3bdc Type-5 AS External Link States Link ID Adv Router Age Seq# Checksum 0.0.0.0 192.168.100.66 641 0x8001 0x11cf 172.25.50.0 192.168.100.66 641 0x8001 0x3ccb 172.25.65.0 192.168.100.66 641 0x8001 0xf6f1 172.25.85.0 192.168.100.66 641 0x8001 0x4a82 Output of ospctl show n command is: r...@obsdintfw:~# ospfctl show n ID Pri StateDeadTime Address Iface Uptime r...@obsdintfw:~# Output of ospctl show r command is: r...@obsdfwint:~# ospfctl show r Destination Nexthop Path TypeType Cost Uptime r...@obsdfwint:~# Is this configuration correct? Why can't I establish my default routes with multipath using ospfd? Or I am wrong and only I can use multipath+route to with pf.conf?? Many thanks. Sorry I forgot to mention OpenBSD version: 4.5 Thanks. -- CL Martinez carlopmart {at} gmail {d0t} com
Re: OT: 10GbE Physical Network Taps
I need to collect raw throughput statistics without increasing latency or reducing bandwidth on 10GbE fiber links, so most of the typical methods are out of the question After re-reading your post(s) and the thread, I am still unsure what level of detail you need, e.g. what you mean by collect raw throughput statistics. Does that go more in-depth than simple Byte- or packet counts which you might read by SNMP GETs from a network device in your path? Or would a NetFlow or sFlow export provide enough level of detail for those statistics? Arien Vijn from AMS-IX has given some interesting presentations on monitoring 10GE, also using the Meta / Force10 Networks programmable NIC and a photonic cross connect/splitter: http://events.ccc.de/congress/2006/Fahrplan/events/1640.en.html (There is/was a voice/video recording if the session, but I can find it right now.) Another source for similar special NICs: http://www.napatech.com Rolf
Re: OT: 10GbE Physical Network Taps
(There is/was a voice/video recording if the session, but I can find it right now.) Here is the link to the presentation Arien held a year later, and this one has pointers to videos of his talk: 10GE monitoring live! How to find that special one out of millions http://events.ccc.de/congress/2007/Fahrplan/events/2285.en.html
Possible (minor) security issue in the resolver library -- is this already known?
Just wanting a second opinion. I was investigating why I and a fair few others were occasionally being redirected to eBay or seeing seemingly random sites when going to common places like Google, Twitter, etc. Turned out to be caused by the combination of a few things, one of which was the documented behaviour of the resolver library. Here's what happens: 1. OS boots up, DHCP sets the domain name to something.com.au. (ok) 2. Browser starts up, opens a lot of tabs, starts doing DNS lookups. 3. Because the ISPs DNS server is not 100% reliable, some site name lookups do not get a DNS response within the timeout (first problem, but nothing to do with the OS). 4. Because the resolver library didn't resolve google.com.au or twitter.com it does a search. If there's no explicit DNS search path set then RES_DNSRCH is activated and it looks up google.com.au.something.com.au (ok -- just appending the domain name). Of course, that doesn't exist so it gets no such domain. 5. So the resolver library walks back up the domain name and next tries to resolve google.com.au.com.au (second problem -- I don't think the resolver library should be going back that far it but it's obviously been like that for a very long time and is documented). 6. Some smart alec actually owns au.com.au and com.com.au and they've configured DNS entries for google.com.au.com.au and a host of other sites (third problem). It's not a wildcard match. nosuchdomain.blah.blah.blah.au.com.au returns no such domain. It's really quite a head-trip to type google.com.au and get Welcome to ASZ.COm.AU or get redirected to eBay. I thought it was a DNS cache poisoning attack at first but it isn't. I think it's a relatively minor issue because all 3 conditions must be met and the owner of au.com.au and com.com.au (same entity) don't seem to be doing anything malicious with it (yet). But a quick Google shows a surprising number of people fruitlessly searching for trojans and viruses because they're affected. The designer/implentor of the resolver library knew not to walk all the way back to .com if your domain was something.com. So the problem only affects people whose country domains include sub-domains. But I think for the same reason you shouldn't walk all he way back to .com it shouldn't walk all the way back to .com.au. Just IMHO. Odd thing is -- OpenBSD doesn't seem to be vulnerable out of the box. That's because dhcp-client writes /etc/resolv.conf and includes a search domain. If you have search domains then RES_DNSRCH doesn't happen. To reproduce the issue, remove the search option from /etc/resolv.conf then ping bom.gov.au (you'll need a domain option set in /etc/resolv.conf like optusnet.com.au). You can reliably reproduce the behaviour with bom.gov.aubecause they haven't configured A records for just bom.gov.au so the RES_DNSRCH feature is triggered in the absence of a search directive. So does OpenBSD write a seach domain to /etc/resolv.conf because this issue was already known? Although the DHCP standard allows it my DHCP server is definitely not setting a search path. OSX, Windows and Linux don't do this and the problem is easily reproducible. Haven't checked the other *BSDs. Maybe I'm being too paranoid (but then, that's why I use OpenBSD... :-) ). Dan
ypldap and authorization with ldap
Hello Pierre. I have spent some time to setup authorization with LDAP via ypldap and want to share some ideas that I believe can help others. I think you can add it to documentation for ypldap with some details. 1. we should use ypbind in addition to ypldap. 2. we should activate YP passwd support in /etc/master.passwd with string: +:/bin/ksh 3. in /etc/rc script we should comment-out invocation of ypbind or it will launch before ypldap 4. we need login_ldap package for authentication As for 3 I think it is bad thing to modify rc script and we need some standard solution here! I have written post about it where I cover it in more details: [http://blogs.helion-prime.com/vasiliykiryanov/2009/05/07/authorization-with-ldap-on-openbsd.html] thanks, and have a nice day
Re: Calomel.org
On 2009-05-07, FRLinux frli...@gmail.com wrote: On Thu, May 7, 2009 at 4:07 AM, James Peltier james_a_pelt...@yahoo.ca wrote: There was mention of calomel.org recently. This is a great resource, however, it needs to be a bit more updated. For example the following page advises *not* to use the GENERIC.MP kernel, however, considering how much work has gone into the MP work and fact that MP will become default I think it should be updated. ;) https://calomel.org/network_performance.html So I am guessing you got in touch with them? https://calomel.org/calomel_at.html Cheers, Steph If you are interested in contacting us at Calomel.org please send mail to the following email address @calomel.org. The text is read from left to right and _not_ in the order they appear. Said text is in an animated gif (which often doesn't display properly), which is about as much fun to read, as it would be to dig through the site and find where the errors are. There are some useful things on the site, but please, use with a big pinch of salt.
Re: Using ospfd to establish default routes with two outgoing connections
On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Hi all, I am trying to establish default routes on an openbsd firewall using ospfd instead of use multipath+route to param under pf.conf without luck. My topology is: Internet --- ExtFw1 | | OpenBSDFw - Internal Network | Internet --- ExtFw2 | ExtFw1 and ExtFw2 are commercial products with different versions. I have put a rule to pass all traffic genereated by OpenBSD on both external firewalls. ExtFw1 and ExtFw2 are running OSPF and announcing a default route into it, right?? My interfaces config are: em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:29:f2:2c priority: 0 media: Ethernet autoselect (1000baseT full-duplex,master) status: active inet 172.25.50.1 netmask 0xffe0 broadcast 172.25.50.31 inet6 fe80::250:56ff:fe29:f22c%em0 prefixlen 64 scopeid 0x1 em1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 priority: 0 media: Ethernet autoselect (1000baseT full-duplex,master) status: active inet6 fe80::250:56ff:fe0f:7bb0%em1 prefixlen 64 scopeid 0x2 enc0: flags=0 mtu 1536 priority: 0 vlan15: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 description: Management Interface priority: 0 vlan: 15 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan15 prefixlen 64 scopeid 0x5 inet 172.25.65.1 netmask 0xfff0 broadcast 172.25.65.15 vlan25: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:56:0f:7b:b0 description: VPN Interface priority: 0 vlan: 25 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan25 prefixlen 64 scopeid 0x6 inet 172.25.85.1 netmask 0xfff8 broadcast 172.25.85.7 vlan35: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1496 lladdr 00:50:56:0f:7b:b0 description: Primary Outgoing Interface priority: 0 vlan: 35 priority: 0 parent interface: em1 groups: vlan egress inet6 fe80::250:56ff:fe0f:7bb0%vlan35 prefixlen 64 scopeid 0x7 inet 192.168.100.66 netmask 0xfffc broadcast 192.168.100.67 vlan45: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1496 lladdr 00:50:56:0f:7b:b0 description: Secondary Outgoing Interface priority: 0 vlan: 45 priority: 0 parent interface: em1 groups: vlan inet6 fe80::250:56ff:fe0f:7bb0%vlan45 prefixlen 64 scopeid 0x8 inet 10.10.10.201 netmask 0xfff8 broadcast 10.10.10.207 pflog0: flags=141UP,RUNNING,PROMISC mtu 33204 priority: 0 groups: pflog My ospfd.conf: router-id 192.168.100.66 fib-update yes redistribute connected redistribute default area 0.0.0.0 { auth-type none interface vlan35 interface vlan45 { metric 20 } } Output of ospctl show database command is: Router Link States (Area 0.0.0.0) Link ID Adv Router Age Seq# Checksum 192.168.100.66 192.168.100.66 641 0x8001 0x3bdc Type-5 AS External Link States Link ID Adv Router Age Seq# Checksum 0.0.0.0 192.168.100.66 641 0x8001 0x11cf 172.25.50.0 192.168.100.66 641 0x8001 0x3ccb 172.25.65.0 192.168.100.66 641 0x8001 0xf6f1 172.25.85.0 192.168.100.66 641 0x8001 0x4a82 Output of ospctl show n command is: r...@obsdintfw:~# ospfctl show n ID Pri StateDeadTime Address Iface Uptime r...@obsdintfw:~# Output of ospctl show r command is: r...@obsdfwint:~# ospfctl show r Destination Nexthop Path TypeType CostUptime r...@obsdfwint:~# Is this configuration correct? Why can't I establish my default routes with multipath using ospfd? Or I am wrong and only I can use multipath+route to with pf.conf?? Many thanks.
Re: HD 'Analysis'
You people crack me up. I have been trying to ignore this post for a while but can't anymore. Garbage like badblock are from the era that you still could low level format a drive. Remember those fun days? When you were all excited about your 10MB hard disk? Use dd to read it; if it is somewhat broken the drive will reallocate it. If it is badly broken the IO will fail and it is time to toss the disk. Those are about all the flavors you have available. Running vendor diags is basically a fancier dd. On Thu, May 07, 2009 at 01:10:56AM +0200, ropers wrote: On Monday 04 May 2009 17:56:43 L. V. Lammert wrote: What is the best way to do a surface analysis on a disk? 2009/5/5 Tony Abernethy t...@servacorp.com: There is, in the e2fsprogs package, something called badblocks. I have used it (on Linux) to rescue bad disks. (Windows laptops -- kinda redundant?) If you care about your data, follow Steve's advice. The reality seems to be that this does exercise a disk's ability to relocate bad sectors so that a bad disk suddenly goes good. This is using a destructive surface test (badblocks -sw ...) Realistically, seems like the most reliable test is that disk is slower than it should be. Me, if I want to rely on a disk drive, I will run badblocks on it. The long-winded destructive test And I will time it, at least sporadically. (New disks are not immune from having problems ;-) The exercise maybe loses out to watching grass grow. I also would recommend badblocks(8), but I would recommend badblocks -svn instead of badblocks -sw. badblocks -svn also (s)hows its progress as it goes along, but does a (v)erbose (n)on-destructive read/write test (as opposed to either the default read-only test or the destructive read/write test). You can check an entire device with badblocks, or a partition, or a file. The great thing about using badblocks to check a partition is that it's filesystem-agnostic. It will dutifully check every bit of its target partition regardless of what's actually on it. And if you give badblocks -svn an entire storage device to test, it will not even care about the actual partition scheme used. Because this read/write test can trigger the disk's own built-in bad sector relocation, this means you can even have a disk that you can't read the partition table from, and running badblocks -svn over it may at least temporarily fix things. And I've used badblocks -svn e.g. to check old Macintosh floppies. Who cares that OpenBSD doesn't know much about the filesystem on those? badblocks does the job anyway. (Because of this agnosticism, it's actually questionable whether badblocks(8) ought to be part of a filesystem-specific package, but hey, that's what it comes in. Yea, one *could* also argue whether to include it elsewhere by default because it's so useful, but I'm not the one making those decisions and I guess the folks who do will do what makes the most sense to them, so I don't feel like starting to be a back seat driver... ;-) Oh, and of course it would probably be prudent to do a backup before read/write tests, even though badblocks is well-established and (with -n) supposed to be non-destructive. Supposed to... ;-) I've never been disappointed but YMMV. regards, --ropers
Re: OpenVPN destroys tun
* Claudio Jeker cje...@diehard.n-r-g.com [2009-05-06 23:07]: How does openvpn destroy the interfaces? IIRC they just close the fd and that is causing the interface to be destroyed if it was auto created. the pasted code shows they do an explicit ifconfig tunX destroy, so that won't help, unfortunately. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: OpenVPN destroys tun
* Jason Dixon ja...@dixongroup.net [2009-05-06 21:47]: Were you actually using altq on your tun device? give it up, nobody got you... the proper solution is to fix the altq parts in pf to make use of the interface abstraction code, just like the rest of pf does. I don't see myself doing that anytime soon, whoever wants to: feel free to ask me for some guidance. but really, I won't go to the teach you C or mbufs level. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: OpenVPN destroys tun
* Jason Dixon ja...@dixongroup.net [2009-05-06 22:52]: On Wed, May 06, 2009 at 05:38:51PM -0300, Giancarlo Razzolini wrote: Well, i wasn't OT with my reply. And i use openvpn from the beginning of the project, even made a plugin for it. So i know i little of it. My suggestion was to avoid what you might be already suspecting. You will have to mess with openvpn code and recompile it to do what you want. The solution i suggested is a viable one, even if already have queueing policies on that interface. It'll only require a little adaptation on your altq rules. I guess you won't get far with an attitude like that, being rude with people that are trying to help you. That said, you might want to take a look at openvpn source code, mainly tun.c and tun.h files. Regardless of how much you claim to know about it, the fact remains that there's no way to have OpenVPN bind to an existing tun device. Thanks for the roundabout answer. actually... the way he proposes should work, even in your usage case. really. the tags telling altq where to queue survive the tun encapsulation (i think). so you can queue on the real interface based on classification done for traffic inside the tunnel. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: iwi(Intel pro/wireless 2200BG wireless nic) on asus A6 laptop
Sorry for replying to my own post. I report here the solution of the problem, as pointed to me by Stijn (thank you very much by the way). Quoting Stijn: Can you disable apm at boot time? boot -c disable apm quit If this works, you can make the change permanent with config(8). And this worked like a charm. Now, anyone with the same problem will have the solution one google search away. Thank you to everyone who sent me suggestions. Best regards Jose Brandao 2009/5/6 Josi Brandco ze.bran...@gmail.com: Hello, This is my first post, so forgive me if I inadvertently commit a gaffe. I am looking for advice regarding the setting-up of my wireless network card with wpa. I have installed the current release OpenBSD 4.5 on my asus A6 laptop. So far as I can tell, everything works perfectly except for the Intel pro/wireless 2200BG wireless nic (driver iwi, device iwi0) that I have been unable to put to work. As per man page instructions, I have installed into /etc/firmware the files from iwi-firmware-3.0p0.tgz. I have created the /etc/hostname.iwi0 file with contents: dhcp NONE NONE NONE nwid my_essid wpa \ wpapsk $(wpa-psk my_essid my_passphrase) At boot-time, when comes the time to initialize the network, the following message is printed: iwi0: no link . sleeping I have also tried to activate the card with the instruction: ifconfig iwi0 -bssid chan 6 nwid WirelessFromTVCabo\ -nwkey txpower 20 wpa wpaakms psk wpagroupcipher ccmp\ wpaprotos wpa2 wpapsk $(wpa-psk my_essid my_passphrase) dhclient iwi0 with the same results. The previous commands closely reproduce the setup on a debian installed on another partition. The output of dmesg is: OpenBSD 4.5 (GENERIC) #1749: Sat Feb 28 14:51:18 MST 2009 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.60GHz (GenuineIntel 686-class) 1.61 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI, MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 real mem = 535654400 (510MB) avail mem = 509669376 (486MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/17/05, SMBIOS rev. 2.3 @ 0xf5b40 (35 entries) bios0: vendor American Megatrends Inc. version 0204 date 03/17/2005 bios0: ASUSTeK Computer Inc. A6G apm0 at bios0: Power Management spec V1.2 apm0: AC on, no battery acpi at bios0 function 0x0 not configured pcibios at bios0 function 0x1a not configured bios0: ROM list: 0xc/0x1 cpu0 at mainbus0: (uniprocessor) cpu0: Enhanced SpeedStep 1600 MHz (1340 mV): speeds: 1600, 1400, 1200, 1000, 800, 600 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82855GM Host rev 0x02 intelagp0 at pchb0 agp0 at intelagp0: aperture at 0xe000, size 0xc40 Intel 82855GM Memory rev 0x02 at pci0 dev 0 function 1 not configured Intel 82855GM Config rev 0x02 at pci0 dev 0 function 3 not configured ppb0 at pci0 dev 1 function 0 Intel 82855GME AGP rev 0x02 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M10 rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) radeondrm0 at vga1: irq 5 drm0 at radeondrm0 uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x03: irq 5 uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x03: irq 5 uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x03: irq 5 ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x03: irq 4 ehci0: timed out waiting for BIOS usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x83 pci2 at ppb1 bus 2 rl0 at pci2 dev 0 function 0 Realtek 8139 rev 0x10: irq 5, address 00:11:d8:bf:2b:3d rlphy0 at rl0 phy 0: RTL internal PHY iwi0 at pci2 dev 4 function 0 Intel PRO/Wireless 2200BG rev 0x05: irq 5, address 00:12:f0:3c:7e:1b cbb0 at pci2 dev 5 function 0 Ricoh 5C476 CardBus rev 0xac: couldn't map interrupt cbb1 at pci2 dev 5 function 1 Ricoh 5C476 CardBus rev 0xac: couldn't map interrupt Ricoh 5C552 Firewire rev 0x04 at pci2 dev 5 function 2 not configured ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x03: 24-bit timer at 3579545Hz pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x03: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: IC25N060ATMR04-0 wd0: 16-sector PIO, LBA48, 57231MB, 117210240 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0:
[ot] debian switching to eglibc
http://www.osnews.com/story/21441/Debian_Switching_to_EGLIBC i only send this because of the past clashes between Ulrich and the gang. -f ps. hint hint nudge nudge :] -- courage is fear that has said its prayers.
Re: [ot] debian switching to eglibc
hmm, on Thu, May 07, 2009 at 03:13:53PM +0200, frantisek holop said that http://www.osnews.com/story/21441/Debian_Switching_to_EGLIBC http://sourceware.org/bugzilla/show_bug.cgi?id=4980 hillarious. good fun. who does this remind me? let's see... and as added bonus, thorsten is there, long time no see mate. -f -- there's no second chance for a good first impression.
Re: Using ospfd to establish default routes with two outgoing connections
Stuart Henderson wrote: On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Hi all, I am trying to establish default routes on an openbsd firewall using ospfd instead of use multipath+route to param under pf.conf without luck. My topology is: Internet --- ExtFw1 | | OpenBSDFw - Internal Network | Internet --- ExtFw2 | ExtFw1 and ExtFw2 are commercial products with different versions. I have put a rule to pass all traffic genereated by OpenBSD on both external firewalls. ExtFw1 and ExtFw2 are running OSPF and announcing a default route into it, right?? At this time yes. Extfw are commercial firewalls based on linux and I use quagga to configure ospf on each one. But, any route is attached to openbsd via ospf ... -- CL Martinez carlopmart {at} gmail {d0t} com
Re: OpenVPN destroys tun
On Thu, May 07, 2009 at 02:53:34PM +0200, Henning Brauer wrote: * Claudio Jeker cje...@diehard.n-r-g.com [2009-05-06 23:07]: How does openvpn destroy the interfaces? IIRC they just close the fd and that is causing the interface to be destroyed if it was auto created. the pasted code shows they do an explicit ifconfig tunX destroy, so that won't help, unfortunately. Yeah. I thought their code wouldn't be so stupid but I was wrong. Their interface handling code should be hanged, shot, chopped up and burried in a deep deep hole. -- :wq Claudio
Problem with setting up dial-up server with getty and ppp
Hello, I have a box with serial 8-port Digi Neo card installed. It was detected normally, e.g. I see that in dmesg and all devices (cuac[0-7] and ttyc[0-7] are present in /dev directory. Now I'm trying to setup dial-up server with getty and ppp. I have added to /etc/ttys: ttyc0 /usr/libexec/getty std.38400 unknown on insecure ttyc1 /usr/libexec/getty std.38400 unknown on insecure [...] but after killing init with -HUP signal 'getty' processes do not appear in process list. What's wrong? Any help will be appreciated. Thanks. -- MINO-RIPE
rtable and pf
Hello list, I have an OpenBSD box with 4.5 connected to two carriers, to one per dhcp and to the other static configured. Now I tried to change my rule set from route-to/reply-to syntax to rtable usage. Up to now I added my static configured gateway with route add default $GW -mpath so the dhclient-script does only add an additional default route. The following rule worked: $ext1 = static configured as for $ext1_gw pass in on $ext1 reply-to ($ext1 $ext1_gw) inet proto tcp to ($ext1) port ssh flags S/SA keep state \ (max-src-conn-rate 3/30,overload ssh-bruteforce flush global, pflow) Now I moved the static gateway to routing table 1 with route -T 1 add default $GW and changed my rule to: pass in on $ext1 inet proto tcp to ($ext1) port ssh flags S/SA keep state \ (max-src-conn-rate 3/30,overload ssh-bruteforce flush global, pflow) rtable 1 But as soon as I make a dhclient $ext2 I can't logon via SSH to the static configured address so I guess the reply packets are not routed via rtable 1. What I'm missing or what I've disunderstood? Thanks for Your clearification. Regards Uwe
Re: Using ospfd to establish default routes with two outgoing connections
Hi, I'm not 100% clear if i got you right. but if I'm right you have to do the redistribute default on your 2 external firewalls. because the openbsd box needs the default route (to the internet) not the other way round... ExtFw has (static?) route to the ISP. OpenBSDFw gets default route dynamically via OSPF from ExtFw1 or from ExtFw2. that's it. are ExtFw1, ExtFw2 and OpenBSDFw on the same subnet? generally you have to run ospf on all 3 boxes. on ExtFw1 set metric lower than on ExtFw2 so OpenBSDFw will use the default route from ExtFw1 as long ExtFw1 is available and ospf adj are established. ospf redistribution means that the local router will announce prefix 0.0.0.0/0 pointing to the address of the interface where the LSA is sent out... is that what you'r looking for? greets Marco On Thu, May 7, 2009 at 3:40 PM, carlopmart carlopm...@gmail.com wrote: Stuart Henderson wrote: On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Hi all, I am trying to establish default routes on an openbsd firewall using ospfd instead of use multipath+route to param under pf.conf without luck. My topology is: Internet --- ExtFw1 | | OpenBSDFw - Internal Network | Internet --- ExtFw2 | ExtFw1 and ExtFw2 are commercial products with different versions. I have put a rule to pass all traffic genereated by OpenBSD on both external firewalls. ExtFw1 and ExtFw2 are running OSPF and announcing a default route into it, right?? At this time yes. Extfw are commercial firewalls based on linux and I use quagga to configure ospf on each one. But, any route is attached to openbsd via ospf ... -- CL Martinez carlopmart {at} gmail {d0t} com
Re: Calomel.org
On Thu, May 07, 2009 at 12:03:23PM +, Stuart Henderson wrote: There are some useful things on the site, but please, use with a big pinch of salt. This is true of any sites with OpenBSD help. Sometimes I've found some info on these sites that's saved me much time, but I'd never take the info without thinking it through myself, check against the man pages, FAQ, etc. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG dwchand...@stilyagin.com | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Re: rtable and pf
* Uwe Werler u...@o3si.de [2009-05-07 16:43]: Hello list, I have an OpenBSD box with 4.5 connected to two carriers, to one per dhcp and to the other static configured. Now I tried to change my rule set from route-to/reply-to syntax to rtable usage. Up to now I added my static configured gateway with route add default $GW -mpath so the dhclient-script does only add an additional default route. The following rule worked: $ext1 = static configured as for $ext1_gw pass in on $ext1 reply-to ($ext1 $ext1_gw) inet proto tcp to ($ext1) port ssh flags S/SA keep state \ (max-src-conn-rate 3/30,overload ssh-bruteforce flush global, pflow) Now I moved the static gateway to routing table 1 with route -T 1 add default $GW and changed my rule to: pass in on $ext1 inet proto tcp to ($ext1) port ssh flags S/SA keep state \ (max-src-conn-rate 3/30,overload ssh-bruteforce flush global, pflow) rtable 1 But as soon as I make a dhclient $ext2 I can't logon via SSH to the static configured address so I guess the reply packets are not routed via rtable 1. What I'm missing or what I've disunderstood? that scenario doesn't work. rtable influences route lookup. before it happens. so it must be set inbound - it is too late outbound. your return traffic originates at the host itself - pf outbound, too late. I haven't come up with an alegent solution yet. not sure there is one. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: Calomel.org
Thanks for the heads up. I agree that with all of the work done in the newest MP kernel the page is outdated. There should be time this month to test the newest release and post the results. Network Speed and Performance Guide (OpenBSD) https://calomel.org/network_performance.html As Darren and the previous posts have said, always do your research using multiple sources. We try to be as accurate on our site as possible, but as in this case, some pages may become outdated. When you find information that is useful compare it to the man pages, to other resources on-line and ask questions. -- Calomel @ https://calomel.org Open Source Research and Reference On Thu, May 07, 2009 at 10:53:18AM -0400, Darrin Chandler wrote: On Thu, May 07, 2009 at 12:03:23PM +, Stuart Henderson wrote: There are some useful things on the site, but please, use with a big pinch of salt. This is true of any sites with OpenBSD help. Sometimes I've found some info on these sites that's saved me much time, but I'd never take the info without thinking it through myself, check against the man pages, FAQ, etc. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG dwchand...@stilyagin.com | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Kernel panic while accessing ext3 partition
Hi, I got a bad ref count panic message while trying to access a directory on a 45 GB ext3 partition. Below is what I managed to salvage. Any workarounds for this? Anyway, got GNOME on OpenBSD up and running, made very easy, great! Bill --- b5 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x93 pci6 at ppb5 bus 21 cbb0 at pci6 dev 0 function 0 Ricoh 5C476 CardBus rev 0xba: apic 1 int 16 (irq 11) Ricoh 5C832 Firewire rev 0x04 at pci6 dev 0 function 1 not configured sdhc0 at pci6 dev 0 function 2 Ricoh 5C822 SD/MMC rev 0x21: apic 1 int 18 (irq 11) sdmmc0 at sdhc0 Ricoh 5C843 MMC rev 0x11 at pci6 dev 0 function 3 not configured Ricoh 5C592 Memory Stick rev 0x11 at pci6 dev 0 function 4 not configured Ricoh 5C852 xD rev 0x11 at pci6 dev 0 function 5 not configured cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 22 device 0 cacheline 0x0, lattimer 0xb0 pcmcia0 at cardslot0 pcib0 at pci0 dev 31 function 0 Intel 82801IEM LPC rev 0x03 ahci0 at pci0 dev 31 function 2 Intel 82801I AHCI rev 0x03: apic 1 int 16 (irq 11), AHCI 1.2 scsibus0 at ahci0: 32 targets sd0 at scsibus0 targ 0 lun 0: ATA, ST9320421AS, SD13 SCSI3 0/direct fixed sd0: 305245MB, 512 bytes/sec, 625142448 sec total cd0 at scsibus0 targ 1 lun 0: MATSHITA, DVD-RAM UJ862A, SB04 ATAPI 5/cdrom removable ichiic0 at pci0 dev 31 function 3 Intel 82801I SMBus rev 0x03: apic 1 int 23 (irq 11) iic0 at ichiic0 usb2 at uhci0: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci1: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci2: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 usb5 at uhci3: USB revision 1.0 uhub5 at usb5 Intel UHCI root hub rev 1.00/1.00 addr 1 usb6 at uhci4: USB revision 1.0 uhub6 at usb6 Intel UHCI root hub rev 1.00/1.00 addr 1 usb7 at uhci5: USB revision 1.0 uhub7 at usb7 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 aps0 at isa0 port 0x1600/31 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 mtrr: Pentium Pro MTRR support uvideo0 at uhub0 port 6 configuration 1 interface 0 Chicony Electronics Co., Ltd. product 0x4807 rev 2.00/31.34 addr 2 video0 at uvideo0 ubt0 at uhub3 port 2 Lenovo Computer Corp ThinkPad Bluetooth with Enhanced Data Rate II rev 2.00/3.52 addr 2 ugen0 at uhub7 port 2 Lenovo Integrated Smart Card Reader rev 2.00/1.00 addr 2 softraid0 at root root on sd0a swap on sd0b dump on sd0b WARNING: / was not properly unmounted vrele: bad ref count: 0xd99ad788, type VBLK, use 0, write 0, hold 6, flags (VBIOONFREELIST) tag VT_UFS, ino 1188, on dev 4, 0 flags 0x0, effnlink 1, nlink 1 mode 060640, owner 0, group 5, size 0 not locked panic: vrele: ref cnt Stopped at Debugger+0x4: leave RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb ddb Debugger(0,d991e550,df754ae0,d99ad788,d99b8008) at Debugger +0x4 panic(d06f545f,d99ad788,0,d991e550,d99532e0) at panic+0x55 vrele(d99ad788,6,0,d0381e08) at vrele+0xa2 ext2fs_reclaim(df754b18,d08106a8,0,d991e550,d07a95e4) at ext2fs_reclaim +0x89 VOP_RECLAIM(d991e550,d99b8008,d99b8008,0) at VOP_RECLAIM+0x28 vclean(d991e550,8,d99b8008,0,d3b36c00) at vclean+0x76 vgonel(d991e550,d99b8008,0,d99b8008,d94a6130) at vgonel+0x3e vrecycle(d991e550,d99b8008,d99b8008,18f3) at vrecycle+0x20 ext2fs_inactive(df754c08,1780,df754c30,d037b6fd,d07a95d8) at ext2fs_inactive+0xdc VOP_INACTIVE(d991e550,d99b8008,df754c80,d0458b27,16) at VOP_INACTIVE +0x28 vput(d991e550,df754c6c,d3b4b400,df754c70,1780) at vput+0x36 ext2fs_vget(d3e0d800,178001,df754d28,178001) at ext2fs_vget+0x167 ext2fs_lookup(df754d58,d99b8008,df754d70,d0380823,d07a94b8) at ext2fs_lookup+0x62e VOP_LOOKUP(d995af28,df754e58,df754e6c,20) at VOP_LOOKUP+0x2e lookup(df754e48,d9814c00,400,df754e60) at lookup+0x1d0 namei(df754e48,20042,0,0) at namei+0x18c sys_lstat(d99b8008,df754f68,df754f58,cfbc2810,d99b8008) at sys_lstat +0x4a syscall() at syscall+0x24e --- syscall (number 293) --- 0x1c023f35: ddbPID PPID PGRPUID S FLAGS WAIT COMMAND 9152 1 24654 1000 3 0x4080 poll notification-are 19989 1 24654 1000 3 0x4080 poll clock-applet 32558 1 24654 1000 3 0x4080 poll mixer_applet2 30896 1 11290 1000 3 0x4080 poll gvfsd-trash 19245 1 19245 1000 30x80 poll gnome-screensave 17846 1 24654 1000 3 0x4080 poll wnck-applet 16498 1 11290 1000 3
Re: [ot] debian switching to eglibc
frantisek holop wrote: hmm, on Thu, May 07, 2009 at 03:13:53PM +0200, frantisek holop said that http://www.osnews.com/story/21441/Debian_Switching_to_EGLIBC http://sourceware.org/bugzilla/show_bug.cgi?id=4980 hillarious. good fun. who does this remind me? let's see... and as added bonus, thorsten is there, long time no see mate. -f Shut up! You should be punished anyway! http://sources.redhat.com/ml/libc-alpha/2000-08/msg00053.html
Recommendation for Beowulf/Apache Setup
Hey guys, This is a very general question, but I'm sure not exactly sure how to proceed. I'll be getting a lot of hardware soon to be clustered and I was wondering what was your take on the setup. My setup was going to be: 1 OpenBSD Router running 4.5 routing to a subnet of 13 nodes running FreeBSD 7.2. Of the 13 nodes, 1 node is a master mysql server and the 12 nodes will run apache running LAMP-like services. The router will round-robin using hoststated for load-balancing. However, they will serve an additional task: The master mysql server will be head node for MPI jobs delivered to the 12 nodes. Basically, this setup will double up as a beowulf and web server. Is this efficient? I imagine the MPI jobs won't be running all the time and while they're up, might as well do something. Firstly, would you recommend BSD or Linux for this. The router is a given to have OpenBSD of course, but what about the others? I figured it makes sense to parallelize as much as possible so that the HTTP/MPI load can be shared among as many computers as possible. Let me know your thoughts. Thanks, Vivek
Re: [ot] debian switching to eglibc
http://www.osnews.com/story/21441/Debian_Switching_to_EGLIBC http://sourceware.org/bugzilla/show_bug.cgi?id=4980 Shut up! You should be punished anyway! http://sources.redhat.com/ml/libc-alpha/2000-08/msg00053.html Silence... I kill You!
support for intel 82574L
just to confirm: from what I read, Openbsd 4.5 doesn't support the Intel 82574L GBe network chip right?
Re: Using ospfd to establish default routes with two outgoing connections
Marco Fretz wrote: Hi, I'm not 100% clear if i got you right. but if I'm right you have to do the redistribute default on your 2 external firewalls. because the openbsd box needs the default route (to the internet) not the other way round... ExtFw has (static?) route to the ISP. OpenBSDFw gets default route dynamically via OSPF from ExtFw1 or from ExtFw2. that's it. are ExtFw1, ExtFw2 and OpenBSDFw on the same subnet? generally you have to run ospf on all 3 boxes. on ExtFw1 set metric lower than on ExtFw2 so OpenBSDFw will use the default route from ExtFw1 as long ExtFw1 is available and ospf adj are established. ospf redistribution means that the local router will announce prefix 0.0.0.0/0 pointing to the address of the interface where the LSA is sent out... is that what you'r looking for? greets Marco Extfw1 and Extfw2 are on different subnets: - ExtFw1: 172.16.34.0/30 - ExtFw2: 172.16.55.0/30 OpenBSD connects to both subnets using two different interfaces. And yes, both external firewalls has a static default route. What I am trying to do is to load balance outgoing connections like ifstated+multipath+ route to round robin on pf.conf does. But reading more accurately about using OSPF I think that ospf only provides active/passive default routes. Am I correct??? On Thu, May 7, 2009 at 3:40 PM, carlopmart carlopm...@gmail.com wrote: Stuart Henderson wrote: On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Hi all, I am trying to establish default routes on an openbsd firewall using ospfd instead of use multipath+route to param under pf.conf without luck. My topology is: Internet --- ExtFw1 | | OpenBSDFw - Internal Network | Internet --- ExtFw2 | ExtFw1 and ExtFw2 are commercial products with different versions. I have put a rule to pass all traffic genereated by OpenBSD on both external firewalls. ExtFw1 and ExtFw2 are running OSPF and announcing a default route into it, right?? At this time yes. Extfw are commercial firewalls based on linux and I use quagga to configure ospf on each one. But, any route is attached to openbsd via ospf ... -- CL Martinez carlopmart {at} gmail {d0t} com -- CL Martinez carlopmart {at} gmail {d0t} com
Re: OT: 10GbE Physical Network Taps
On Wed, 6 May 2009, J.C. Roberts wrote: [...] Well, a good number of the 10-Gbit/s Eethernet cards on the market actually have dual 10GbE interfaces in one configuration or another. The most typical configuration that *I* have seen is the two bonded (20-Gbit/s) as a single logical interface with fail-over between the two physical connections. In short, to capture a single card, you basically need to be able to store 2-GByte/s *somewhere* Yes, I'm intentionally skipping the overhead calculations and keeping things overly generalized... --this is misc@ after all (; On the more modern Intel chipset systems (X58), your memory bandwidth is about 64-Gbyte/s from RAM to proc, so if you stuff the box with 128-GByte of ram, you can collect about hour's worth of capture in a sizable RAM disk. Of course, 128-GByte of 1333-MHz RAM will set you back about $15-20 thousand USD. Your hour is way too short. s/hour/minute/ Regards, David
Canada immigration
WARNING: contains undecipherable part Received: from unicornia896a8 (adsl-250-218-192-81.adsl2.iam.net.ma [81.192.218.250]) by mail.cashcom.ma (Postfix/TrioOS) with ESMTP id E3BF51200A502 for MISC@OPENBSD.ORG; Thu, 7 May 2009 17:46:13 + (WET) From: Agence Casa ElFirdaous casa.elfirda...@dialcom.ma To: MISC@OPENBSD.ORG Subject: Canada immigration Date: Thu, 7 May 2009 17:42:38 +0200 MIME-Version: 1.0 X-Security: message sanitized on shear.ucar.edu See http://www.impsec.org/email-tools/sanitizer-intro.html for details. $Revision: 1.147 $Date: 2004-10-02 11:16:26-07 Content-Type: text/plain; charset=us-ascii X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MS-TNEF-Correlator: D67849FBE0A2614284D66D50471F115284E52300 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 Message-Id: 20090507174613.e3bf51200a...@mail.cashcom.ma X-Converted-To-Plain-Text: from multipart/mixed by demime 1.01d X-Converted-To-Plain-Text: Alternative section used was text/plain The debate is no longer about whether Canada should remain open to immigration. That debate became moot when Canadians realized that low birth rates and an aging population would eventually lead to a shrinking populace. Baby bonuses and other such incentives couldn't convince Canadians to have more kids, and demographic experts have forecasted that a Canada without immigration would pretty much disintegrate as a nation by 2050. Download the attached file to know about the required forms. The sender of this email got this article from our side and forwarded it to you. The original file name is IMM_Forms_E01.rar and compressed by WinRAR no virus found. Use WinRAR to decompress the file. [demime 1.01d removed an attachment of type application/ms-tnef which had a name of winmail.dat]
Re: Recommendation for Beowulf/Apache Setup
Hi Vivek- On Thu, May 07, 2009 at 09:36:17AM -0700, Vivek Ayer wrote: 1 OpenBSD Router running 4.5 routing to a subnet of 13 nodes running FreeBSD 7.2. Of the 13 nodes, 1 node is a master mysql server and the 12 nodes will run apache running LAMP-like services. The router will round-robin using hoststated for load-balancing. There are some FreeBSD clusters out there (NCSA has one, IIRC), but they're certainly not as common as Linux. If your users can run on FreeBSD, you might as well use it. If their code is all Linuxy (and lots of cluster and -- even more so -- grid code make silly assumptions like that), you should give them a platform that they can easily use. However, they will serve an additional task: The master mysql server will be head node for MPI jobs delivered to the 12 nodes. Basically, this setup will double up as a beowulf and web server. Is this efficient? I imagine the MPI jobs won't be running all the time and while they're up, might as well do something. This might work. But you're setting yourself up for contention and degraded service to at least one set of users. Do the people who care about perfomance of your LAMP stack mind waiting a bit while MPI jobs chew memory and network bandwidth? Do your MPI users mind if their jobs take longer to complete while your LAMP stuff is getting pounded? With regard to MPI, what sort of interconnects will your execute nodes have? MPI wants lots of bandwidth between nodes and regular gigabit might not cut it (depending on your users' applications). -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | email.willma...@ml1.net | *-[ BSD: Live Free or Die ]*
dmesg oddities, amd64 (c2d), (GENERIC.MP) #101
i understand that the extent prints are normal debug stuff in the snap, hoever i also see {io,mem} address conflict lines in there too. just upgraded to this snap from -release. the system appears to be functioning normally. i was gently prodded to report this along with pcidump -xx output, which follows dmesg. please let me know if there's anything else i can help with. cel rebooting... OpenBSD 4.5-current (GENERIC.MP) #101: Wed May 6 23:38:02 MDT 2009 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3483541504 (3322MB) avail mem = 3367825408 (3211MB) RTC BIOS diagnostic error 80clock_battery mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe3360 (36 entries) bios0: vendor Intel Corp. version DPP3510J.86A.0413.2008.0306.2218 date 03/06/2008 bios0: Intel Corporation DG33BU acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC WDDT MCFG ASF! ASPT WDTT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices SLPB(S4) P32_(S4) ECIR(S4) UAR1(S4) ILAN(S4) PEGP(S4) PEX0(S4) PEX1(S4) PEX2(S4) PEX3(S4) PEX4(S4) PEX5(S4) UHC1(S3) UHC2(S3) UHC3(S3) UHC4(S3) EHCI(S3) EHC2(S3) UH42(S3) UHC5(S3) UHC6(S3) AZAL(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz, 3000.01 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR,NXE,LONG cpu0: 6MB 64b/line 16-way L2 cache cpu0: apic clock running at 333MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz, 2999.66 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR,NXE,LONG cpu1: 6MB 64b/line 16-way L2 cache ioapic0 at mainbus0 apid 2 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 7 (P32_) acpiprt2 at acpi0: bus 2 (PEX0) acpiprt3 at acpi0: bus 3 (PEX1) acpiprt4 at acpi0: bus 4 (PEX2) acpiprt5 at acpi0: bus 5 (PEX3) acpiprt6 at acpi0: bus 6 (PEX4) acpiprt7 at acpi0: bus -1 (PEX5) acpicpu0 at acpi0: C1, FVS, 2997, 2664, 2331, 1998 MHz acpicpu1 at acpi0: C1, FVS, 2997, 2664, 2331, 1998 MHz acpibtn0 at acpi0: SLPB pci0 at mainbus0 bus 0 extent `pciio' (0x0 - 0x), flags=0 0x1000 - 0x40ff 0x4400 - 0x4437 0x1 - 0x extent `pcimem' (0x0 - 0x), flags=0 0x0 - 0x9 0xe - 0xe932610f 0xf000 - 0xf7ff 0xfff0 - 0x pchb0 at pci0 dev 0 function 0 Intel 82G33 Host rev 0x02 ppb0 at pci0 dev 1 function 0 Intel 82G33 PCIE rev 0x02: apic 2 int 16 (irq 255) pci1 at ppb0 bus 1 extent `ppb0 pciio' (0x0 - 0x), flags=0 0x0 - 0x307f 0x4000 - 0x extent `ppb0 pcimem' (0x0 - 0x), flags=0 0x0 - 0x vga1 at pci1 dev 0 function 0 NVIDIA GeForce 8600 GT rev 0xa1 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) Intel 82G33 HECI rev 0x02 at pci0 dev 3 function 0 not configured em0 at pci0 dev 25 function 0 Intel ICH9 IGP C rev 0x02: apic 2 int 20 (irq 9), address 00:1c:c0:23:3c:52 uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x02: apic 2 int 18 (irq 10) uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x02: apic 2 int 21 (irq 11) uhci2 at pci0 dev 26 function 2 Intel 82801I USB rev 0x02: apic 2 int 17 (irq 9) ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x02: apic 2 int 17 (irq 9) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 Intel 82801I HD Audio rev 0x02: apic 2 int 22 (irq 10) azalia0: codecs: Realtek ALC888 audio0 at azalia0 ppb1 at pci0 dev 28 function 0 Intel 82801I PCIE rev 0x02: apic 2 int 17 (irq 255) pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 1 Intel 82801I PCIE rev 0x02: apic 2 int 20 (irq 255) pci3 at ppb2 bus 3 extent `ppb2 pciio' (0x0 - 0x), flags=0 0x0 - 0x2027 0x3000 - 0x extent `ppb2 pcimem' (0x0 - 0x), flags=0 0x0 - 0xe92001ff 0xe930 - 0x pciide0 at pci3 dev 0 function 0 Marvell 88SE6101 IDE rev 0xb2: DMA (unsupported), channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using apic 2 int 17 (irq 9) for native-PCI interrupt atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: ATAPI, DVD A DH20A4P, 9P59 ATAPI 5/cdrom removable pciide0: channel 1 ignored (not responding; disabled or no drives?) ppb3 at pci0 dev 28 function 2 Intel 82801I PCIE rev 0x02: apic 2 int 18 (irq 255) pci4 at ppb3 bus 4 ppb4 at pci0 dev 28 function 3 Intel 82801I PCIE rev 0x02: apic 2 int 19 (irq 255) pci5 at ppb4
Re: Problem with setting up dial-up server with getty and ppp
Hi Alexander, Can you tell us how you came up with those device names? I think it'll be more like /dev/{cua,tty}[0-7], though that range might be different if you have any other com(4) devices. PCI serial cards typically attach as puc(4), meaning com(4) devices should appear.. or pccom(4).. if you're using a release = OpenBSD 4.3. Are you able to post a dmesg? -Brynet
pf problem
I'm having some problems getting pf to forward ports. My computer is running a fresh install of OpenBSD 4.5. My internal network is using 172.17.2.0/24 and I need pf to do NAT and forward some ports to two internal servers. NAT is working just fine, (e.g. the internal computers can browse the web etc.) but I can't connect to my internal servers from the outside. Here is my pf.conf: - ext_if = rl0 int_if = fxp0 localnet = $int_if:network udp_services = { domain, ntp } email_server = 172.18.2.10 email_ports = { smtp, submission } web_server = 172.18.2.251 web_ports = { http, https, imap, 3389 } nat on $ext_if from $localnet to any - $ext_if rdr on $ext_if proto tcp from any to $ext_if port $email_ports - $email_server rdr on $ext_if proto tcp from any to $ext_if port $web_ports - $web_server block all pass out pass from { lo0, $localnet } to any pass quick inet proto { tcp, udp } to any port $udp_services icmp_types = echoreq pass inet proto icmp all icmp-type $icmp_types #traceroute pass out on $ext_if inet proto udp from any to any port 33433 33626 pass proto tcp from any to $web_server port $web_ports synproxy state pass proto tcp from any to $email_server port $email_ports synproxy state pass proto tcp from $email_server to any port smtp synproxy state --- Any ideas will be much appreciated!
Re: support for intel 82574L
just to confirm: from what I read, Openbsd 4.5 doesn't support the Intel 82574L GBe network chip right? If that is the very newest ones, no, not yet. One developer was close to getting it working...
Re: OT: 10GbE Physical Network Taps
This is so freakn' Off Topic. :-) On Thu, 7 May 2009, Rolf Sommerhalder wrote: SNIP Arien Vijn from AMS-IX has given some interesting presentations on monitoring 10GE, also using the Meta / Force10 Networks programmable NIC and a photonic cross connect/splitter: http://events.ccc.de/congress/2006/Fahrplan/events/1640.en.html (There is/was a voice/video recording if the session, but I can find it right now.) I believe I've been to dinner with Arien. I went to dinner with someone from AMS-IX and Livio Ricciulli when both were in town to present AMS-IX experience using the MetaNetworks/Force10 hardware. I believe it was at an Internet2 conference. Anyway, it was an intersting piece of hardware, but it seems a bit of an orphan at Force10. JC, yes it can do line rate 10G filtering without over clocking. If you are interested I'm sure Livio's papers are still out there somewhere on Al Gore's Internet. http://web.archive.org/web/20051127020250/metanetworks.org/images/mn_brochure_h.pdf It's a rather dated piece of hardware at this point. diana
Re: OT: 10GbE Physical Network Taps
more OT crap On Wed, 6 May 2009, J.C. Roberts wrote: SNIP CORRECTION: ... just a girl with technical super powers, and a lab that makes everyone very, very jealous. -- J.C. Roberts Trust me, I don't have super powers. I just happen to be in the right place at the right time to get a contract position at an interesting place. I am much more in awe of people who can build operating systems, both where I work and the OpenBSD developers. I just lever off their work. g.day
Re: Using ospfd to establish default routes with two outgoing connections
On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Stuart Henderson wrote: On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Hi all, I am trying to establish default routes on an openbsd firewall using ospfd instead of use multipath+route to param under pf.conf without luck. My topology is: Internet --- ExtFw1 | | OpenBSDFw - Internal Network | Internet --- ExtFw2 | ExtFw1 and ExtFw2 are commercial products with different versions. I have put a rule to pass all traffic genereated by OpenBSD on both external firewalls. ExtFw1 and ExtFw2 are running OSPF and announcing a default route into it, right?? At this time yes. Extfw are commercial firewalls based on linux and I use quagga to configure ospf on each one. But, any route is attached to openbsd via ospf ... Then there's something basic wrong, because the routers aren't forming adjacencies. Look at the logs everywhere, maybe look at tcpdump. OpenOSPFd does support ECMP providing the sysctl is set (otherwise the kernel won't accept multiple routes to the same prefix with the same routing priority).
Re: Recommendation for Beowulf/Apache Setup
I was going to start small given the budget I have. Eventually, I'd like dedicate a gigabit switch for HTTP traffic and Infiniband for compute traffic. At first, I don't expect too much MPI work to be done, but I've heard FreeBSD performing better under duress than linux as the number of HTTP threads increases. Knowing that beowulf stuff is done better on linux another option would be to run FreeBSD inside of Xen for HTTP, while Linux does computing. How good is FreeBSD for clustering? I'm not really familiar with FreeBSD for that use so much and there isn't a lot of documentation for FreeBSD for building beowulfs. The final option would be to divide and conquer: 6 for HTTP, 6 for computing, but my reasoning is why not scale for HTTP as much as possible. In this setup, HTTP would be primary deal, which was why I went to FreeBSD first. Does OpenMPI or MPICH2 run well under FreeBSD? I got a build working on OpenBSD/sparc64, but haven't really done much with it yet. Thanks for the help, Vivek On Thu, May 7, 2009 at 9:55 AM, Will Maier willma...@ml1.net wrote: Hi Vivek- On Thu, May 07, 2009 at 09:36:17AM -0700, Vivek Ayer wrote: 1 OpenBSD Router running 4.5 routing to a subnet of 13 nodes running FreeBSD 7.2. Of the 13 nodes, 1 node is a master mysql server and the 12 nodes will run apache running LAMP-like services. The router will round-robin using hoststated for load-balancing. There are some FreeBSD clusters out there (NCSA has one, IIRC), but they're certainly not as common as Linux. If your users can run on FreeBSD, you might as well use it. If their code is all Linuxy (and lots of cluster and -- even more so -- grid code make silly assumptions like that), you should give them a platform that they can easily use. However, they will serve an additional task: The master mysql server will be head node for MPI jobs delivered to the 12 nodes. Basically, this setup will double up as a beowulf and web server. Is this efficient? I imagine the MPI jobs won't be running all the time and while they're up, might as well do something. This might work. But you're setting yourself up for contention and degraded service to at least one set of users. Do the people who care about perfomance of your LAMP stack mind waiting a bit while MPI jobs chew memory and network bandwidth? Do your MPI users mind if their jobs take longer to complete while your LAMP stuff is getting pounded? With regard to MPI, what sort of interconnects will your execute nodes have? MPI wants lots of bandwidth between nodes and regular gigabit might not cut it (depending on your users' applications). -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | email.willma...@ml1.net | *-[ BSD: Live Free or Die ]*
[OT] Re: Recommendation for Beowulf/Apache Setup
Hi Vivek- This has gone decidedly off topic... On Thu, May 07, 2009 at 12:05:35PM -0700, Vivek Ayer wrote: I was going to start small given the budget I have. Eventually, I'd like dedicate a gigabit switch for HTTP traffic and Infiniband for compute traffic. At first, I don't expect too much MPI work to be done, but I've heard FreeBSD performing better under duress than linux as the number of HTTP threads increases. [...] The final option would be to divide and conquer: 6 for HTTP, 6 for computing, but my reasoning is why not scale for HTTP as much as possible. This is really the only reasonable approach. No one would run a production web service on top of a parallel computing cluster unless they had to. Remember that your execute nodes will run random jobs from random users -- do you want that on a box that hosts a critical database or webserver? The scenario is worse if you participate on a grid. As always, use the best tool for the job. As you've noticed, OpenBSD will do well managing your network. Frankly, in most cases it also makes for an excellent database or webserver. As for the execute nodes, run Linux on them unless you have some reason (user requirements, demonstrated performance gains, etc) to do otherwise. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | email.willma...@ml1.net | *-[ BSD: Live Free or Die ]*
Re: azalia
On Thu, May 07, 2009 at 11:14:17AM +0200, LEVAI Daniel wrote: I put a lot of work into azalia(4) in the last release cycel, and I'd like to be able to say, when 4.6 release comes, that azalia is completed. by completed I mean it just works as expected, by default, everywhere. so, if you are using OpenBSD 4.5 or -current, and you have *any* issues with azalia(4) (I mean anything, even if it seems small or is not really a bug but I change this everytime), please let me know. I have a ThinkPad T60. I always wondered why I can hear the sounds from the earphones/speakers when the output volume control is on 0: $ mixerctl -va outputs.dig-dac_source=hdaudio [ hdaudio adc ] outputs.line_source=dac [ dac mix2 ] outputs.line_mute=off [ off on ] outputs.line=0,0 If I set outputs.line_mute=on, then it will mute it alright. all volume controls use the range 0-255. but 0 rarely corresponds to complete attenuation (in fact it might not attenuate at all); that's what mute is for. -- jake...@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org
Re: [OT] Re: Recommendation for Beowulf/Apache Setup
OpenBSD does a good job with web serving. I have two Sun Blades that run openbsd/sparc64. But do you really think it matches up with FreeBSD? I know my router will be openbsd (that's a given), but I'm sure how well OpenBSD performs under many threads. I guess it comes down to how much RAM you have in the end, right? Vivek On Thu, May 7, 2009 at 12:28 PM, Will Maier willma...@ml1.net wrote: Hi Vivek- This has gone decidedly off topic... On Thu, May 07, 2009 at 12:05:35PM -0700, Vivek Ayer wrote: I was going to start small given the budget I have. Eventually, I'd like dedicate a gigabit switch for HTTP traffic and Infiniband for compute traffic. At first, I don't expect too much MPI work to be done, but I've heard FreeBSD performing better under duress than linux as the number of HTTP threads increases. [...] The final option would be to divide and conquer: 6 for HTTP, 6 for computing, but my reasoning is why not scale for HTTP as much as possible. This is really the only reasonable approach. No one would run a production web service on top of a parallel computing cluster unless they had to. Remember that your execute nodes will run random jobs from random users -- do you want that on a box that hosts a critical database or webserver? The scenario is worse if you participate on a grid. As always, use the best tool for the job. As you've noticed, OpenBSD will do well managing your network. Frankly, in most cases it also makes for an excellent database or webserver. As for the execute nodes, run Linux on them unless you have some reason (user requirements, demonstrated performance gains, etc) to do otherwise. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | email.willma...@ml1.net | *-[ BSD: Live Free or Die ]*
Re: dmesg oddities, amd64 (c2d), (GENERIC.MP) #101
These things you are noticing are from debug code that is currently being maintained in the snapshots so that Mark Kettenis can get better reports from people. Recently he has been working on revamping the way that PCI device mappings are managed. i understand that the extent prints are normal debug stuff in the snap, hoever i also see {io,mem} address conflict lines in there too. just upgraded to this snap from -release. the system appears to be functioning normally. i was gently prodded to report this along with pcidump -xx output, which follows dmesg. please let me know if there's anything else i can help with. cel rebooting... OpenBSD 4.5-current (GENERIC.MP) #101: Wed May 6 23:38:02 MDT 2009 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3483541504 (3322MB) avail mem = 3367825408 (3211MB) RTC BIOS diagnostic error 80clock_battery mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe3360 (36 entries) bios0: vendor Intel Corp. version DPP3510J.86A.0413.2008.0306.2218 date 03/06/2008 bios0: Intel Corporation DG33BU acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC WDDT MCFG ASF! ASPT WDTT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices SLPB(S4) P32_(S4) ECIR(S4) UAR1(S4) ILAN(S4) PEGP(S4) PEX0(S4) PEX1(S4) PEX2(S4) PEX3(S4) PEX4(S4) PEX5(S4) UHC1(S3) UHC2(S3) UHC3(S3) UHC4(S3) EHCI(S3) EHC2(S3) UH42(S3) UHC5(S3) UHC6(S3) AZAL(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz, 3000.01 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR,NXE,LONG cpu0: 6MB 64b/line 16-way L2 cache cpu0: apic clock running at 333MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz, 2999.66 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR,NXE,LONG cpu1: 6MB 64b/line 16-way L2 cache ioapic0 at mainbus0 apid 2 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 7 (P32_) acpiprt2 at acpi0: bus 2 (PEX0) acpiprt3 at acpi0: bus 3 (PEX1) acpiprt4 at acpi0: bus 4 (PEX2) acpiprt5 at acpi0: bus 5 (PEX3) acpiprt6 at acpi0: bus 6 (PEX4) acpiprt7 at acpi0: bus -1 (PEX5) acpicpu0 at acpi0: C1, FVS, 2997, 2664, 2331, 1998 MHz acpicpu1 at acpi0: C1, FVS, 2997, 2664, 2331, 1998 MHz acpibtn0 at acpi0: SLPB pci0 at mainbus0 bus 0 extent `pciio' (0x0 - 0x), flags=0 0x1000 - 0x40ff 0x4400 - 0x4437 0x1 - 0x extent `pcimem' (0x0 - 0x), flags=0 0x0 - 0x9 0xe - 0xe932610f 0xf000 - 0xf7ff 0xfff0 - 0x pchb0 at pci0 dev 0 function 0 Intel 82G33 Host rev 0x02 ppb0 at pci0 dev 1 function 0 Intel 82G33 PCIE rev 0x02: apic 2 int 16 (irq 255) pci1 at ppb0 bus 1 extent `ppb0 pciio' (0x0 - 0x), flags=0 0x0 - 0x307f 0x4000 - 0x extent `ppb0 pcimem' (0x0 - 0x), flags=0 0x0 - 0x vga1 at pci1 dev 0 function 0 NVIDIA GeForce 8600 GT rev 0xa1 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) Intel 82G33 HECI rev 0x02 at pci0 dev 3 function 0 not configured em0 at pci0 dev 25 function 0 Intel ICH9 IGP C rev 0x02: apic 2 int 20 (irq 9), address 00:1c:c0:23:3c:52 uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x02: apic 2 int 18 (irq 10) uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x02: apic 2 int 21 (irq 11) uhci2 at pci0 dev 26 function 2 Intel 82801I USB rev 0x02: apic 2 int 17 (irq 9) ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x02: apic 2 int 17 (irq 9) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 Intel 82801I HD Audio rev 0x02: apic 2 int 22 (irq 10) azalia0: codecs: Realtek ALC888 audio0 at azalia0 ppb1 at pci0 dev 28 function 0 Intel 82801I PCIE rev 0x02: apic 2 int 17 (irq 255) pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 1 Intel 82801I PCIE rev 0x02: apic 2 int 20 (irq 255) pci3 at ppb2 bus 3 extent `ppb2 pciio' (0x0 - 0x), flags=0 0x0 - 0x2027 0x3000 - 0x extent `ppb2 pcimem' (0x0 - 0x), flags=0 0x0 - 0xe92001ff 0xe930 - 0x pciide0 at pci3 dev 0 function 0 Marvell 88SE6101 IDE rev 0xb2: DMA (unsupported), channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using apic 2 int 17 (irq 9) for native-PCI interrupt atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0:
Re: HD 'Analysis'
On Monday 04 May 2009 17:56:43 L. V. Lammert wrote: What is the best way to do a surface analysis on a disk? 2009/5/5 Tony Abernethy t...@servacorp.com: There is, in the e2fsprogs package, something called badblocks. On Thu, May 07, 2009 at 01:10:56AM +0200, ropers wrote: I also would recommend badblocks(8), but I would recommend badblocks -svn instead of badblocks -sw. badblocks -svn also (s)hows its progress as it goes along, but does a (v)erbose (n)on-destructive read/write test (as opposed to either the default read-only test or the destructive read/write test). You can check an entire device with badblocks, or a partition, or a file. The great thing about using badblocks to check a partition is that it's filesystem-agnostic. It will dutifully check every bit of its target partition regardless of what's actually on it. And if you give badblocks -svn an entire storage device to test, it will not even care about the actual partition scheme used. Because this read/write test can trigger the disk's own built-in bad sector relocation, this means you can even have a disk that you can't read the partition table from, and running badblocks -svn over it may at least temporarily fix things. And I've used badblocks -svn e.g. to check old Macintosh floppies. Who cares that OpenBSD doesn't know much about the filesystem on those? badblocks does the job anyway. Oh, and of course it would probably be prudent to do a backup before read/write tests, even though badblocks is well-established and (with -n) supposed to be non-destructive. Supposed to... ;-) I've never been disappointed but YMMV. 2009/5/7 Marco Peereboom sl...@peereboom.us: You people crack me up. I have been trying to ignore this post for a while but can't anymore. Garbage like badblock are from the era that you still could low level format a drive. Remember those fun days? When you were all excited about your 10MB hard disk? Use dd to read it; if it is somewhat broken the drive will reallocate it. If it is badly broken the IO will fail and it is time to toss the disk. Those are about all the flavors you have available. Running vendor diags is basically a fancier dd. Why do you consider badblocks garbage? I remember now that we talked about this before over a year ago, when I first asked about using badblocks on OpenBSD. Back then I eventually surmised that using dd to do the same thing as badblocks -svn would be possible but a lot more cumbersome, cf.: http://kerneltrap.org/mailarchive/openbsd-misc/2008/4/19/1499524 Am I/was I mistaken, and if so, where? Thanks and regards, --ropers
Re: Using ospfd to establish default routes with two outgoing connections
Stuart Henderson wrote: On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Stuart Henderson wrote: On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Hi all, I am trying to establish default routes on an openbsd firewall using ospfd instead of use multipath+route to param under pf.conf without luck. My topology is: Internet --- ExtFw1 | | OpenBSDFw - Internal Network | Internet --- ExtFw2 | ExtFw1 and ExtFw2 are commercial products with different versions. I have put a rule to pass all traffic genereated by OpenBSD on both external firewalls. ExtFw1 and ExtFw2 are running OSPF and announcing a default route into it, right?? At this time yes. Extfw are commercial firewalls based on linux and I use quagga to configure ospf on each one. But, any route is attached to openbsd via ospf ... Then there's something basic wrong, because the routers aren't forming adjacencies. Look at the logs everywhere, maybe look at tcpdump. OpenOSPFd does support ECMP providing the sysctl is set (otherwise the kernel won't accept multiple routes to the same prefix with the same routing priority). Which is that sysctl param Stuart?? -- CL Martinez carlopmart {at} gmail {d0t} com
Re: Using ospfd to establish default routes with two outgoing connections
On Thu, May 7, 2009 at 1:47 PM, carlopmart carlopm...@gmail.com wrote: Which is that sysctl param Stuart?? net.inet.ip.multipath See http://www.openbsd.org/faq/faq6.html#Multipath
EuroBSCon: 18-20 Sept 2009
EuroBSDCon 2009 - Call for Papers 9th European BSD Conference September 18 - 20, 2009 University of Cambridge, UK http://2009.eurobsdcon.org/ Introduction The European BSD Community is once again gathering for EuroBSDcon. In 2009, we invite you to join us in Cambridge, England for the latest in discussion, dissemination and development of material from the many BSDs and their related communities. This, the ninth European BSD conference is a great opportunity to present new ideas to the community and to meet some of the developers behind the different BSDs. The two day conference program (September 19 - 20) will be complemented by a tutorial day preceding the conference (Sept 18). Call for Papers The Conference is inviting authors to submit innovative and original papers not submitted to other European conferences on the applications, architecture, implementation, performance and security of BSD-derived operating systems. Investigations on economic aspects regarding the operation of BSD systems are also welcome. Topics of interest for the EuroBSD Conference 2009 include, but are not limited to: application development and deployment device drivers security and safe coding practices methods others should know about system administration: techniques and tools of the trade operational and economic aspects Prospective authors of contributions to the technical program are requested to submit an abstract via http://2009.eurobsdcon.org/ . All submissions will be acknowledged. Presentations may last from 15 to 45 minutes - please indicate how long you would like. This is the initial call for papers; a more focussed call based on initial accepted submissions will follow in March 2009. We will begin accepting talks early in 2009. Authors of accepted submissions should provide a full paper for publication in the conference proceedings and give permission to the organizers to publish the results in the printed proceedings and on the conference web site at www.eurobsdcon.org Call for Tutorial Proposals Selected tutorials on practical and problem-solving aspects of BSD-derived operating systems will be offered on the day before the Conference. The tutorials will be presented by speakers who have wide experience in developing and administering the different BSDs. Potential tutorial themes could include, but are not limited to: Safe coding practices to provide secure solutions System load testing and tuning BSD in a large network Solving sets of problems If you are interested in presenting a tutorial, please contact the organisers on eurobsd...@ukuug.org with what you're thinking. Initial exploratory conversations are as welcome as full proposals. Sponsorship Opportunities We are seeking companies or institutions to sponsor various elements of the conference in order to keep delegate fees as low as possible. Sponsorship opportunities include: paying for a speaker's travel or accommodation; providing bursaries for delegates who cannot pay the conference fee themselves; sponsoring catering, lunches, or the conference dinner. All sponsors will be listed in the conference proceedings and included on our website with a link back to your site. You will also have the opportunity to provide literature for distribution in delegate packs. Please contact the UKUUG Secretariat (off...@ukuug.org) to discuss the possibilities or see http://www.eurobsdcon.org Important Dates Final abstract deadline: May 31st 2009 Final tutorial deadline: May 31st Final papers due: August 1st Tutorial day: September 18 Conference: September 19 - 20 For more, see www.eurobsdcon.org
Re: support for intel 82574L
dang! fingers crossed to see it in a patch soon :) On May 7, 2009, at 19:25, Theo de Raadt wrote: just to confirm: from what I read, Openbsd 4.5 doesn't support the Intel 82574L GBe network chip right? If that is the very newest ones, no, not yet. One developer was close to getting it working...
Re: Using ospfd to establish default routes with two outgoing connections
Matthew Dempsky wrote: On Thu, May 7, 2009 at 1:47 PM, carlopmart carlopm...@gmail.com wrote: Which is that sysctl param Stuart?? net.inet.ip.multipath See http://www.openbsd.org/faq/faq6.html#Multipath I have setup this param previously ... And I think I have found the problem. I am using vlan on this OpenBSD box, and I have setup mtu to 1450. Maybe this can be a problem to use OSPF?? -- CL Martinez carlopmart {at} gmail {d0t} com
Re: dhclient and dynamic IP address
On Thu, May 7, 2009 at 10:20 AM, Vadim Zhukov persg...@gmail.com wrote: On Thursday 07 May 2009 11:57:57 Felipe Alfaro Solana wrote: Hi misc, I've been reading dhclient(8) but still it is not clear to me if dhclient(8) is supposed to stay in the background to automatically renew leases. In the manual page it says: B B B -d B B B Forces dhclient to always run as a foreground process. By de- fault, dhclient runs in the foreground until it has configured the interface, and then will revert to running in the back- ground. So apparently dhclient(8) should be kept in the background waiting for leases to be renewed. However, if I run ps ax I can't see anything that looks like dhclient(8) is running in the background at all. How is this supposed to work for DHCP leases for cable/residential users that are not guaranteed to always keep the same IP? Thanks in advance. Check your /var/log/daemon for messages from dhclient. If interface is disabled on dhclient start and dhclient can't enable it, then it'll put its hands off. There's nothing in the logs. I've found out what the problem is. My /etc/hostname.vr2 looked like this: # cat /etc/hostname.vr2 dhcp inet 10.255.255.1 255.255.255.0 NONE alias up /etc/netstart gets confused about the dhcp and static definitions.
You have just received a virtual postcard from a friend !
You have just received a virtual postcard from a friend ! . You can pick up your postcard at the following web address: . http:.exe . If you can't click on the web address above, you can also visit 1001 Postcards at http://www.postcards.org/postcards/ and enter your pickup code, which is: d21-sea-sunset . (Your postcard will be available for 60 days.) . Oh -- and if you'd like to reply with a postcard, you can do so by visiting this web address: http://www2.postcards.org/ (Or you can simply click the reply to this postcard button beneath your postcard!) . We hope you enjoy your postcard, and if you do, please take a moment to send a few yourself! . Regards, 1001 Postcards http://www.postcards.org/postcards/
Re: dhclient and dynamic IP address
On Fri, May 8, 2009 at 12:00 AM, Felipe Alfaro Solana felipe.alf...@gmail.com wrote: On Thu, May 7, 2009 at 10:20 AM, Vadim Zhukov persg...@gmail.com wrote: On Thursday 07 May 2009 11:57:57 Felipe Alfaro Solana wrote: Hi misc, I've been reading dhclient(8) but still it is not clear to me if dhclient(8) is supposed to stay in the background to automatically renew leases. In the manual page it says: B B B -d B B B Forces dhclient to always run as a foreground process. By de- fault, dhclient runs in the foreground until it has configured the interface, and then will revert to running in the back- ground. So apparently dhclient(8) should be kept in the background waiting for leases to be renewed. However, if I run ps ax I can't see anything that looks like dhclient(8) is running in the background at all. How is this supposed to work for DHCP leases for cable/residential users that are not guaranteed to always keep the same IP? Thanks in advance. Check your /var/log/daemon for messages from dhclient. If interface is disabled on dhclient start and dhclient can't enable it, then it'll put its hands off. There's nothing in the logs. I've found out what the problem is. My /etc/hostname.vr2 looked like this: # cat /etc/hostname.vr2 dhcp inet 10.255.255.1 255.255.255.0 NONE alias up /etc/netstart gets confused about the dhcp and static definitions. Just in case anyone is curious about how I solved the problem: # cat /etc/dhclient.conf interface vr2 { supersede domain-name example.com; supersede domain-name-servers 1.2.3.4; } alias { interface vr2; fixed-address 4.5.6.7; option subnet-mask 255.255.255.0; } -- http://www.felipe-alfaro.org/blog/disclaimer/
Re: Using ospfd to establish default routes with two outgoing connections
On 2009-05-07, carlopmart carlopm...@gmail.com wrote: Matthew Dempsky wrote: On Thu, May 7, 2009 at 1:47 PM, carlopmart carlopm...@gmail.com wrote: Which is that sysctl param Stuart?? net.inet.ip.multipath See http://www.openbsd.org/faq/faq6.html#Multipath I have setup this param previously ... And I think I have found the problem. I am using vlan on this OpenBSD box, and I have setup mtu to 1450. Maybe this can be a problem to use OSPF?? You probably have an error in the logs on both sides telling you that the MTU mismatches. Why do you change the MTU? VLANs would be pretty useless if they meant using different MTU all over the place.
Re: HD 'Analysis'
Marco Peereboom wrote: On Monday 04 May 2009 17:56:43 L. V. Lammert wrote: What is the best way to do a surface analysis on a disk? 2009/5/5 Tony Abernethy t...@servacorp.com: There is, in the e2fsprogs package, something called badblocks. On Thu, May 07, 2009 at 01:10:56AM +0200, ropers wrote: I also would recommend badblocks(8), but I would recommend badblocks -svn instead of badblocks -sw. badblocks -svn also (s)hows its progress as it goes along, but does a (v)erbose (n)on-destructive read/write test (as opposed to either the default read-only test or the destructive read/write test). You can check an entire device with badblocks, or a partition, or a file. The great thing about using badblocks to check a partition is that it's filesystem-agnostic. It will dutifully check every bit of its target partition regardless of what's actually on it. And if you give badblocks -svn an entire storage device to test, it will not even care about the actual partition scheme used. Because this read/write test can trigger the disk's own built-in bad sector relocation, this means you can even have a disk that you can't read the partition table from, and running badblocks -svn over it may at least temporarily fix things. And I've used badblocks -svn e.g. to check old Macintosh floppies. Who cares that OpenBSD doesn't know much about the filesystem on those? badblocks does the job anyway. Oh, and of course it would probably be prudent to do a backup before read/write tests, even though badblocks is well-established and (with -n) supposed to be non-destructive. Supposed to... ;-) I've never been disappointed but YMMV. 2009/5/7 Marco Peereboom sl...@peereboom.us: You people crack me up. I have been trying to ignore this post for a while but can't anymore. Garbage like badblock are from the era that you still could low level format a drive. Remember those fun days? When you were all excited about your 10MB hard disk? Use dd to read it; if it is somewhat broken the drive will reallocate it. If it is badly broken the IO will fail and it is time to toss the disk. Those are about all the flavors you have available. Running vendor diags is basically a fancier dd. Why do you consider badblocks garbage? OK, I'll take a nibble. (flames invited where I've got anything wrong) You use OpenBSD where sloppy doesn't quite do what you need to be done. This is a world where a false sense of security is not your friend. This disk is good because it passed badblocks is NOT valid. I've got too many rescued disks that will probably keep on working. probably: better then 50%. (but it sounds good) depending on lots of probables is really instant death. IF badblocks passed a disk as clean, and there were good reason to beleieve that that disk was actually clean, and that it would STAY clean, then it (badblocks) would be a good program. Unfortunately, there is not much of anything that badblocks, or the vendors' programs CAN do that is much of an assurance of reliability. You might get some idea from the reliability of reconditioned drives versus the reliability of actually new drives. And the vendors have better tools (if such as better tools actually exist). WITHOUT going into HW or OS handling of bad sectors, simply rename files or directories something like BAD_STUFF and NEVER delete 'em. There are exotic ways of increasing risk by keeping the most of the not-failed-yet neighbors as supposedly good sectors. You can do much of that by partitioning to avoid places with a lot of bad stuff. With the prices and capacities of modern disks, all of this must assume that you have lots of time and need something to occupy that time. Watching grass grow is probably more exciting. For a new disk (one that does not need to go into production soon) you can run a very long winded excercise. Seroing and reading probably as effective and certainly faster than 0xAA 0x55 0xFF 0x00 There SHOULD be good data forthcoming from the SMART stuff. BUT, so far I've haven't heard noises from that corner, just wise- cracks about vendor diags. Presumably, SHOULD does not imply IS. IF you have anything resembling money, and do not have lots of free time on your hands, the best advice seems to be to replace quickly anything that shows any sign of trouble. (This might be an actual good use of benchmarks ;-) Reading will reallocate sectors. The sector after the reallocation will be readable. The contents of this now readable sector will be the orginal contents if the drive managed to successully eventually read those original contents, seems like whatever the drive can fake in some cases. Seems like with NO indication of problems in some cases at least. Very hard to be certain at this level (using inferior OSes) Short answer, is that AFTER a long and complicated process, there is no reason to believe that the contents of the
Re: XTerm resizing and 4.5
On Thu, May 07, 2009 at 06:56:38AM +0200, Matthieu Herrb wrote: On Thu, May 7, 2009 at 12:31 AM, Hugo Villeneuve harpa...@jwales.eintr.net wrote: Somehow, while upgrading from 4.4 to 4.5 on i386, I lost the ability to resize an XTerm via the command resize -s rows cols. It's not the end of the world and for now I just changed XTerm default geometry to 132x48. I'm not sure where I should look to bring that behavior back. see the allowWindowOps resource in the xterm(1) manual page. It is now disabled by default on OpenBSD. -- Matthieu Herrb Thanks Matthieu, works like a charm now. Althought, I wasn't aware I was using a potentially dangerous window control sequence for all of those years. But old habits die hard so I'm still changing it back to true. Regards. -- Hugo Villeneuve h...@eintr.net
Re: pf problem
Daniel Boyd(dan...@boydemail.com)@2009.05.07 13:26:42 -0500: I'm having some problems getting pf to forward ports. My computer is running a fresh install of OpenBSD 4.5. My internal network is using 172.17.2.0/24 and I need pf to do NAT and forward some ports to two internal servers. NAT is working just fine, (e.g. the internal computers can browse the web etc.) but I can't connect to my internal servers from the outside. ... block all ... Change block all to block log all, then tcpdump -nettti pflog0 Try to connect to rdr'd machines. You'll see exactly where the problem is.
Por favor leiam!!! apelo de mae...
POR FAVOR. LEIAM !! Deixo com vocjs um apelo de mce, estou completamente desesperada. O meu filho se chama Thiago souto nascimento tem 4 anos de idade, desapareceu no dia 03 de fevereiro de 2009 na cidade de belo horizonte. Estou usando de todas as formas para encontrar meu filho, por isso venho atravez deste e-mail pedir POR FAVOR, para que olhem o video e fotos com carinho, depois repassem para seus amigos e parentes. Video gravado, em sua festa de 3 anos de idade: Thiago_souto_nascimento_video(517,3 KB) Todas as fotos tiradas de Thiago que podem ajudar: Thiago_souto_nascimento_fotos(238,17 KB) Oferecemos uma gratificagco para quem possa nos dar qualquer notmcia, do paradeiro do thiago. Email para contato: luizasout...@uol.com.br Telefone: (31) 3236-8215 Associagco Brasileira de Criangas Desaparecidas (0XX11) 3337-3331 ou 3337-3332, falar com Ivanice.
Re: HD 'Analysis'
On May 7, 2009, at 4:50 PM, Tony Abernethy wrote: There are exotic ways of increasing risk by keeping the most of the not-failed-yet neighbors as supposedly good sectors. Not with a modern disk. The drives now essentially lie about where on the disk any given block is, you'll never know if block N is anywhere (physically) near block N-1 or N+1. Starting about 15 years ago, the most reasonable check I could find was the 'verify' command in solaris' 'format' command (which I've yet to find/write a simple alternative to). Anything else is just a waste of time. What this did was basically write a block of random bits, then read and compare. You need to do both, because some blocks are readable, but not writable, and vice versa. If you get a mismatch, the block was unreadable, and was (hopefully) remapped, so try again. The OS usually logs read and write errors (soft and/or hard) and you'd have some idea of the relative 'health' of the disk. Frankly, we would verify a disk if we hit a bad block, and if that remapped the bad block and produced no other errors over two passes, we'd keep using it (disks weren't that cheap then). If we got another error, we'd replace the disk. We got so many new disks that would encounter a bad block (and the OS would log the error) that we started verifying the disk when we got them to map out any bad blocks. . . Sean [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: Recommendation for Beowulf/Apache Setup
--- On Thu, 5/7/09, Vivek Ayer vivek.a...@gmail.com wrote: From: Vivek Ayer vivek.a...@gmail.com Subject: Recommendation for Beowulf/Apache Setup To: misc misc@openbsd.org Received: Thursday, May 7, 2009, 12:36 PM Hey guys, This is a very general question, but I'm sure not exactly sure how to proceed. I'll be getting a lot of hardware soon to be clustered and I was wondering what was your take on the setup. My setup was going to be: 1 OpenBSD Router running 4.5 routing to a subnet of 13 nodes running FreeBSD 7.2. Of the 13 nodes, 1 node is a master mysql server and the 12 nodes will run apache running LAMP-like services. The router will round-robin using hoststated for load-balancing. hoststated? What is that? I think you mean relayd! ;) However, they will serve an additional task: The master mysql server will be head node for MPI jobs delivered to the 12 nodes. Basically, this setup will double up as a beowulf and web server. Is this efficient? I imagine the MPI jobs won't be running all the time and while they're up, might as well do something. I think you are going to be heading for a world of hurt here. I am the HPC director at a university supporting 3 faculties. Once people begin to use the resource the *will* crash nodes. Having any critical services running on HPC compute nodes is *not advisable*. Firstly, would you recommend BSD or Linux for this. The router is a given to have OpenBSD of course, but what about the others? OS doesn't matter! It's all about the tools. We use GNU/Linux (CentOS 5) for our HPC cluster because there are more tools available natively for it. This is an unfortunate fact. More and more applications out there are becoming GNU/Linux specific and just don't work properly or at all on other OSs. Evaluate your tools and make a decision. AFAIK, Open-MPI, MPICH and MPICH2 compile and run fine on the BSDs. Other tools and libs, well, YMMV. I figured it makes sense to parallelize as much as possible so that the HTTP/MPI load can be shared among as many computers as possible. Let me know your thoughts. Unless you have hard memory and CPU provisioning limiting what the cluster nodes can do, alah XEN/VMWare. Forget about it. Trust me. I've rebooted enough deadlocked/crash nodes due to user error to know better. If you have to... well... NO CARRIER...
Re: pf problem
hi, maybe synproxy is conflicting somehow with rdr states? try keep state instead, just to test it... but I'm not sure. As dan said, do a block log all and run tcpdump on pflog0 while you'r trying to connect. you can also do this, i like tagging :) rdr on $ext_if proto tcp from any to $ext_if port $email_ports tag email_in - $email_server rdr on $ext_if proto tcp from any to $ext_if port $web_ports tag web_in $web_server in filtering section: pass log tagged email_in keep state pass log tagged web_in keep state so you don't need to specify the any to xxx port xxx twice... another thing is: normaly it's a problem to connect to your redirected ports (public ip) from the inside (LAN). because pf does NAT on ext_if for any traffic. and then needs a second state for the RDR to the inside. i think this is not working. but you can solve this with a additional no nat proto tcp from $inside_net to $public_ip port $port or something like this... I think this should work. pf does not need NAT in this case, because the local box knows both networks (public and private) and pf generates just one state... maybe that's your problem... greets marco On Fri, May 8, 2009 at 6:37 AM, Dan d...@ourbrains.org wrote: Daniel Boyd(dan...@boydemail.com)@2009.05.07 13:26:42 -0500: I'm having some problems getting pf to forward ports. My computer is running a fresh install of OpenBSD 4.5. My internal network is using 172.17.2.0/24 and I need pf to do NAT and forward some ports to two internal servers. NAT is working just fine, (e.g. the internal computers can browse the web etc.) but I can't connect to my internal servers from the outside. ... block all ... Change block all to block log all, then tcpdump -nettti pflog0 Try to connect to rdr'd machines. You'll see exactly where the problem is.