Re: AMD power reduction
Le lundi 08 fivrier 2010 04:10:22, Nick Holland a icrit : With all this talk about power reduction...I'm going to toss out one small suggestion: Get a Wattmeter, and measure... Don't waste your time speculating. Hello, I did. It's consuming some 90 Watts at idle. Actually, it's an Athlon but the latest Sempron has an even reduced TDP. My next server will be based on it. Actually even 70 Watts is a little bit high for my next server given the fact it will be in an autonomous environment (small wind/solar generators). Regards
prestamo con cheques
A PRESTAMOS EN EL DIA A EMPRESAS, PYMES, MONOTRIBUTISTAS Y PARTICULARES CON CHEQUES DE SU CUENTA CORRIENTE (NO TERCEROS) EN MENOS DE UNA HORA. Plazo 30-60-90-120 dias. CONSULTE OTROS PLAZOS. OBTENGA EFECTIVO INMEDIATO SOLO CON SUS CHEQUES. OPERACIONES EN NUESTRAS OFICINAS EN CAPITAL FEDERAL, BUENOS AIRES O EN SU DOMICILIO. Consultenos telefonicamente. Consultas Financentro (011) 43041971(011) 1539026020 Lunes a Viernes de 9 a 17 hs. NOTA: si Ud.no desea recibir informacion nuestra en el futuro envie envie la palabra REMOVER a stopenvio...@yahoo.com.ar .
Re: Download rate and sysctl settings
On Sat, 6 Feb 2010 19:43:54 +0100 Claudio Jeker cje...@diehard.n-r-g.com wrote: Thank you for the clear answer. Anyway, trying to act on tcp.sendspace isn't affecting the upload capabilities of my OpenBSD server. I tried downloading a file through httpd, via ftp but results are still disappointing: 60-70 kbps between two boxes on the same switch. The box is going to become a webserver, could you please give me more hints about tuning network performance? Check your links. This sounds like a full-duplex issue between switch and machines. On a LAN even with default tcp send/recvspace you should get easily get up to 200Mbps. Just logged through ssh on the server, ifconfig reports: re0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:b0:c2:02:5e:a0 priority: 0 groups: egress media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause) status: active inet 192.167.132.99 netmask 0xff00 broadcast 192.167.132.255 inet6 fe80::2b0:c2ff:fe02:5ea0%re0 prefixlen 64 scopeid 0x2 As from the name, nic is a common Realtek card (OpenBSD just got it without need of doing anything). So I suppose nic is running in full duplex. Hints? Check interface statistics on interface and switch, look for excessive errors or collisions. Both should not happen on a full-duplex link. Back in the office, I made a simple test: using the integrated card (bge) and not the realtek one (re), I now get almost full speed from the server (8-9 MBps). Are there some issues with that driver? ifconfig even reported it was going 100Base TX. Extract from dmesg: re0 at pci5 dev 0 function 0 Realtek 8169 rev 0x10: RTL8169/8110SB (0x1000), a pic 4 int 21 (irq 11), address 00:b0:c2:02:5e:a0 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 3
Re: loops on rstp and firewall bridging
Hello again, I am still having the same issues trying to figure out how to set this scenario up. Could you please help me with RSTP bridging? what am I missing? Thanks, sincerely Miguel Araujo Hello everyone, I have two machines with OBSD intalled on them. Both will be firewalls filtrating traffic from a DMZ. I need to avoid single points of failure, so the whole architecture is redundant. This is a simple diagram of my architecture: DMZ DMZ | | FW1 FW2 | \ /| | \/ | switch1-- ---switch2 | | internal network Both OBSD machines will be used as firewalls running PF. I am creating a bridge in each firewall. Creating a /etc/bridgename.bridge0 that contains: add vr0 add vr1 add msk0 stp vr0#I'm pretty sure this is done by default stp vr1 stp msk0 up Both firewalls are connected to both switches. These are Dell 2816 with RSTP activated on all ports. From time to time I get loops and traffic raises and collapses my testing network bandwith. This points that Spanning Tree is bad configured, but I don't know what I'm missing. I don't know what to look for. brconfig shows bridges are running on rstp and the interfaces are in learning mode. The rstp roles are automatically set and look correct. On the other side, my Dell switches have rstp activated. Packet Filter is not activated yet. Any way to find out what is going wrong here? pointer to good up to date how-tos on bridge firewalling? Thanks, regards Miguel Araujo
Re: Download rate and sysctl settings
Hi, by the way strange mac-adresse, oui search show a cisco systems mac one... - Mail Original - De: Sebastiano Pomata sebastianopom...@tiscali.it C: misc@openbsd.org EnvoyC): Lundi 8 FC)vrier 2010 11h17:31 GMT +01:00 Amsterdam / Berlin / Berne / Rome / Stockholm / Vienne Objet: Re: Download rate and sysctl settings On Sat, 6 Feb 2010 19:43:54 +0100 Claudio Jeker cje...@diehard.n-r-g.com wrote: Thank you for the clear answer. Anyway, trying to act on tcp.sendspace isn't affecting the upload capabilities of my OpenBSD server. I tried downloading a file through httpd, via ftp but results are still disappointing: 60-70 kbps between two boxes on the same switch. The box is going to become a webserver, could you please give me more hints about tuning network performance? Check your links. This sounds like a full-duplex issue between switch and machines. On a LAN even with default tcp send/recvspace you should get easily get up to 200Mbps. Just logged through ssh on the server, ifconfig reports: re0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:b0:c2:02:5e:a0 priority: 0 groups: egress media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause) status: active inet 192.167.132.99 netmask 0xff00 broadcast 192.167.132.255 inet6 fe80::2b0:c2ff:fe02:5ea0%re0 prefixlen 64 scopeid 0x2 As from the name, nic is a common Realtek card (OpenBSD just got it without need of doing anything). So I suppose nic is running in full duplex. Hints? Check interface statistics on interface and switch, look for excessive errors or collisions. Both should not happen on a full-duplex link. Back in the office, I made a simple test: using the integrated card (bge) and not the realtek one (re), I now get almost full speed from the server (8-9 MBps). Are there some issues with that driver? ifconfig even reported it was going 100Base TX. Extract from dmesg: re0 at pci5 dev 0 function 0 Realtek 8169 rev 0x10: RTL8169/8110SB (0x1000), a pic 4 int 21 (irq 11), address 00:b0:c2:02:5e:a0 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 3 -- i l i m i t . . . Vincent Tamet vincent.ta...@ilimit.net CREA XARXES i SISTEMES 0034 937 333 375 VOLTA 1, 5C( 08224 TERRASSA.BCN La informaciC3 inclosa en aquest email C)s CONFIDENCIAL.En virtut d'allC2 establert a la Llei 15/1999 i la LSSICE 34/2002, l'informem que les seves dades formen part d'un fitxer automatitzat titularitat dB4ILIMIT COMUNICACIONS,S.L. La informaciC3 registrada s'utilitzarC per informar-li, per qualsevol mitjC electrC2nic, de les nostres novetats comercials. VostC( pot exercir els seus drets d'accC)s, rectificaciC3, cancelB7laciC3 i oposiciC3 a la segCent adreC'a: C/ VOLTA, 1 5C(, 08224 TERRASSA (BARCELONA).En compliment de la Llei 34/2002 dB411 de juliol de Serveis de la Societat de la InformaciC3 i del ComerC' ElectrC2nic, l'informem que pot revocar en qualsevol moment, de forma senzilla i gratuC/ta, el consentiment per a la recepciC3 de correu electrC2nic, enviant un correu electrC2nic amb la seva solB7licitud a: i...@ilimit.cat.
Re: Download rate and sysctl settings
On Mon, 8 Feb 2010 11:37:11 +0100 (GMT+01:00) Vincent Tamet vincent.ta...@ilimit.net wrote: Hi, by the way strange mac-adresse, oui search show a cisco systems mac one... Just logged through ssh on the server, ifconfig reports: re0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:b0:c2:02:5e:a0 priority: 0 groups: egress media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause) status: active inet 192.167.132.99 netmask 0xff00 broadcast 192.167.132.255 inet6 fe80::2b0:c2ff:fe02:5ea0%re0 prefixlen 64 scopeid 0x2 I think it's a chinese-made network card. You're right, vendor mac address should be of Cisco, and obviously that buggy card is not Cisco-branded. Don't worry, I already dumped it from the window.
Re: AMD power reduction
From: Jean-Francois [mailto:jfsimon1...@gmail.com] Le lundi 08 fivrier 2010 04:10:22, Nick Holland a icrit : With all this talk about power reduction...I'm going to toss out one small suggestion: Get a Wattmeter, and measure... Don't waste your time speculating. Hello, I did. It's consuming some 90 Watts at idle. Actually, it's an Athlon but the latest Sempron has an even reduced TDP. My next server will be based on it. Actually even 70 Watts is a little bit high for my next server given the fact it will be in an autonomous environment (small wind/solar generators). Regards Nick is right, numbers should speak. Parameters at the time of measuring: MB: GA-MA74GM-S2H rev1.x (no idea about TDP but according to [1] should be low) - unneeded MB components turned off, check my previous dmesg - integrated GPU core slowed down from 400MHz to 200MHz - Cool'n'quiet enabled in BIOS CPU: AMD Sempron LE-1150 (TDP 45W) - undervolted from 1.2V to 1.00V - passive cooling PSU: Enermax 400W Liberty (no data for this model but it's bigger brothers had efficiency around 78% for 114W AC [2]) RAM: 1 stick of 1GB DDR2 800MHz HDD: 3x 1TB, 2x 500G (4 Hitachi and 1 WD Green) other: 1 low rpm 12cm system fan, no keyboard, no display I measured my setup couple of times while setting it up. Numbers are from memory, may not be accurate. Besides, I used a cheap powermeter, meaning the absolute values are probably off but the deltas could be somewhat trusted: 1. On boot with everything on and no udervolting of CPU the AC wattage was somewhere around 150W. 2. Undervolting the CPU to 1.00V and playing with the BIOS shaved off some 20-30W. 3. Setting the Hitachi drives to low power idle reduced the power draw for another 20-30W, at the time the system was idling at 70-90W. 4. Putting the drives into sleep mode got the system under 70W. I'm not using this atm, had some problems with long delays while waking up the drives. All of that was without apm -C, basically the CPU was running at full speed. For testing apm -C I was lazy and relied on temperatures. 1. Temperatures at idle with apm -C hw.sensors.it0.temp0=28.00 degC hw.sensors.it0.temp1=33.00 degC 2. Temperatures at idle with apm -H (from memory and different season) hw.sensors.it0.temp0=34.00 degC hw.sensors.it0.temp1=38.00 degC Couple of degrees difference should mean at least couple of W difference. Regards, Daniel. Useful links: 47 watt 7 TB server (disks spun down) - http://www.silentpcreview.com/forums/viewtopic.php?t=57476 TDP list for Intel chipsets - http://www.silentpcreview.com/forums/viewtopic.php?t=35078 [1] http://www.silentpcreview.com/article859-page5.html [2] http://www.silentpcreview.com/article279-page4.html
firewall / ftp-proxy problem
Dear Listers The installation here is OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008 On this OpenBSD we essentially have a pf firewall and an ftp Proxy running. The ftp Proxy transfers to an internal ftp server. So far, everything worked OK. Then, a fortnight ago, we started to change the backbone ISP, so we had to change IP addresses. That's were trouble started: ftp access from the Internet is limited to approx two days after a system reboot, e.g. I rebooted the system the day before yesterday, then everything was fine, from the Internet we could open connections to the ftp server at our wish. But from this morning, from the Internet, no ftp connection to the ftp server is possible any more. I usually do a traceroute on the pflog of the firewall to check to see, whether the packet, which initiates the call to the ftp proxy, passes OK. Yes, it does pass the firewall. Behind that, I do a ktrace/kdump of the corresponding ftp proxy process, and yes, the ftp proxy does NOT react on any incoming call. I then connect to an outside host (which is in the same subnet like the external interface of the firewall) via ssh, and, no problem, from there, ftp connections to the ftp server via the firewall are possible. The firewall configuration is as follows: [r...@firewall ~]$ firewall.sh nat no nat on rl0 inet from any to 192.168.97.0/24 nat on rl0 from ! (rl0) to any - (rl0:0) nat-anchor ftp-proxy/* all rdr-anchor ftp-proxy/* all rdr pass on vr0 inet proto tcp from any to any port = ftp - 127.0.0.1 port 8022 rdr on rl0 inet proto tcp from ! unwanted_ftp to any port = ftp - 127.0.0.1 port 8021 [r...@firewall ~]$ The last rdr rule does the forwarding from the hosts we allow access from the ftp port to port 8021 on the localhost, where the ftp proxy listens. r...@firewall ~]$ firewall.sh rules scrub in all fragment reassemble block drop in log all block drop in log quick on rl0 proto tcp from unwanted_ftp to any pass quick on vr0 all flags S/SA keep state pass log quick on rl0 inet proto tcp from any to 127.0.0.1 port = 8021 flags S/SA keep state pass log quick on rl0 inet proto udp from 192.168.97.0/24 to any port = snmp keep state pass quick on rl0 inet proto icmp all icmp-type echoreq keep state pass in quick on rl0 inet proto tcp from 192.168.97.0/24 to any port = 8080 flags S/SA synproxy state pass in quick on rl0 inet proto tcp from 192.168.97.0/24 to any port = https flags S/SA synproxy state pass in quick on rl0 inet proto tcp from 192.168.97.0/24 to any port = www flags S/SA synproxy state pass in quick on rl0 inet proto tcp from 192.168.97.0/24 to any port = smtp flags S/SA synproxy state pass out all flags S/SA keep state anchor ftp-proxy/* all block drop in quick on ! lo inet from 127.0.0.0/8 to any block drop in quick on ! lo inet6 from ::1 to any block drop in quick inet from 127.0.0.1 to any block drop in quick on ! vr0 inet from 192.168.97.0/24 to any block drop in quick inet from 192.168.97.2 to any block drop in quick inet6 from ::1 to any block drop in quick on lo0 inet6 from fe80::1 to any block drop in quick on vr0 inet6 from fe80::216:17ff:fe6e:dc0e to any [r...@firewall ~]$ the fifth line allows packages on port 8021 to pass through. The first dump shows, that the connection from the host in the same subnet as the external interface of the firewall, is possible: [myu...@otherhost ~]$ ftp ftx.mydomain.com Connected to ftx.mydomain.com (aaa.bbb.206.130). 220-- Welcome to Pure-FTPd [privsep] [TLS] -- 220-You are user number 1 of 50 allowed. 220-Local time is now 12:08. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. Name (ftx.mydomain.com:myuser): joe 331 User joe OK. Password required Password: 230-User joe has group access to: webdesign 230 OK. Current directory is / Remote system type is UNIX. Using binary mode to transfer files. ftp quit 221-Goodbye. You uploaded 0 and downloaded 0 kbytes. 221 Logout. [myu...@otherhost ~]$ Now, I move a workstation down in the Internet doing a dial-up. I get the IP Address ccc.ddd.217.153, which is not in unwanted_ftp: [r...@firewall ~]$ grep ccc.ddd.217.153 /etc/unwanted_ftp [r...@firewall ~]$ then I invoke ftp from the above address: r...@rosetta ~]# ftp ftx.mydomain.com ftp: connect: Connection timed out ftp quit [r...@rosetta Meanwhile, on the firewall I peep into the pflog: tcpdump: listening on pflog0, link-type PFLOG Feb 08 12:18:53.483352 rule 4/(match) [uid 0, pid 15736] pass in on rl0: ccc.ddd.217.153.52580 127.0.0.1.8021: S [tcp sum ok] (src OS: Linux 2.6 .1-7, Linux 2.4) 710621706:710621706(0) win 5840 mss 1452,sackOK,timestamp 42953264 0,nop,wscale 5 (DF) (ttl 55, id 20538, len 60, bad cksum 23dc! differs by b424) NOTE that tcpdump records a bad checksum in the respective packet. But this bad checksum is in the pflog and not on the interface as far as I have been
snort on openbsd with PF
Hi When snort on the external interface of an OpenBSD firewall, which scenario will be the one happening: 1. Snort captures all incoming traffic before it reaches PF (there's also NAT on the external interface). 2. Snort captures and analyzes only traffic that the firewall let through on the interface. -- TIA Paolo
Re: anyone need old PC crap?
Nick Holland wrote: ropers wrote: You (or anyone else, really) wouldn't happen to have any 1st or 2nd generation PC stuff (as in, IBM 5150 PC / IBM 5155 Portable, or IBM 5160 PC XT)? http://en.wikipedia.org/wiki/IBM_5150 http://en.wikipedia.org/wiki/IBM_5155 http://en.wikipedia.org/wiki/IBM_5160 please answer off-list. Do not feed the old computer crap addition I have... :-/ i smell an episode of hoarders :) Nick. On 5 February 2010 14:03, Daniel Malament b...@anonix.net wrote: Are there any developers (or anyone else) in the NY area who have a use for old PC crap? A 286, a 386, at least one 486 motherboard, some Pentiums, some P2s, etc? Before I cart it to the recycling center...
Read_Write buffers for dd WAS: little cp diff
Moving this to m...@... Would part of this discussion usefully related to such issues like using 'dd' for diskwipes/copies/reformatting and slow data movement speeds? There are times when I am wiping (for reuse) hard disks using 'dd' and I set the BlockSize to 512 (like 1M or so sometimes) and the transfer speeds are quite a lot slower than for using 'dd' on some other Operating systems. (Linux or Windows) Mind you, for a lot of this, I am using oBSD RamDISK, so I am not anticipating a full-fledged OS support for the ATA or SCSI or USB2 platforms. But for those systems where I am using -stable or -current, the speeds are still comparably slow. I concur with Theo's point on portability and making a sysctl for kernel is hazardous, but what am I seeing in the above for 'dd' that would be causing the poor performance? (* BTW, I am using if=/dev/zero for the baseline, other if=/...'es may have lower performance as an input for compare*) Just my 2 cents. -sean Subject: Re: little cp diff 2010/2/8 Theo de Raadt dera...@cvs.openbsd.org: For those of you who asked why cp needs to be portable, come on. You've got it all wrong. If cp isn't written in a portable fashion, then what is the point of doing anything else in a portable fashion. This is good and reasonable answer. So I think we should stop discussion. antonvm _
Re: Read_Write buffers for dd WAS: little cp diff
On Mon, Feb 08, 2010 at 09:06:21AM -0500, Sean Kennedy wrote: Moving this to m...@... Would part of this discussion usefully related to such issues like using 'dd' for diskwipes/copies/reformatting and slow data movement speeds? There are times when I am wiping (for reuse) hard disks using 'dd' and I set the BlockSize to 512 (like 1M or so sometimes) and the transfer speeds are quite a lot slower than for using 'dd' on some other Operating systems. (Linux or Windows) Mind you, for a lot of this, I am using oBSD RamDISK, so I am not anticipating a full-fledged OS support for the ATA or SCSI or USB2 platforms. But for those systems where I am using -stable or -current, the speeds are still comparably slow. I concur with Theo's point on portability and making a sysctl for kernel is hazardous, but what am I seeing in the above for 'dd' that would be causing the poor performance? (* BTW, I am using if=/dev/zero for the baseline, other if=/...'es may have lower performance as an input for compare*) Just my 2 cents. -sean Well, for starters, different os, different caching behaviour. You should read from and write to the raw device, sync and use the actual elapsed time. Even then your measurement might be influenced by caching. # sync # time (dd if=/dev/rsd0a of=/dev/null bs=1m sync) 133+1 records in 133+1 records out 139797504 bytes transferred in 1.558 secs (89709129 bytes/sec) 0m1.56s real 0m0.00s user 0m0.07s system # OTOH, we do use a smaller size of the physical writes than other OSes. So a lower performance for modern hardware is not really a big surprise. -Otto
Re: Read_Write buffers for dd WAS: little cp diff
On Mon, 08 Feb 2010 09:06 -0500, Sean Kennedy woodentu...@hotmail.com wrote: Moving this to m...@... Would part of this discussion usefully related to such issues like using 'dd' for diskwipes/copies/reformatting and slow data movement speeds? There are times when I am wiping (for reuse) hard disks using 'dd' and I set the BlockSize to 512 (like 1M or so sometimes) In my experience, a bs of 64k is about as big and fast as you'll get. Setting bs larger than that may make dd a tad faster, but not much. Also, when IO errors occur with a larger bs you'll drop more data than you would have using a 512 byte block. Some modified dd's, such as ddrescue, set larger blocksizes initially in an effort to increase speed, but revert to 512 bytes upon IO errors. Brad and the transfer speeds are quite a lot slower than for using 'dd' on some other Operating systems. (Linux or Windows) Mind you, for a lot of this, I am using oBSD RamDISK, so I am not anticipating a full-fledged OS support for the ATA or SCSI or USB2 platforms. But for those systems where I am using -stable or -current, the speeds are still comparably slow. I concur with Theo's point on portability and making a sysctl for kernel is hazardous, but what am I seeing in the above for 'dd' that would be causing the poor performance? (* BTW, I am using if=/dev/zero for the baseline, other if=/...'es may have lower performance as an input for compare*) Just my 2 cents. -sean Subject: Re: little cp diff 2010/2/8 Theo de Raadt dera...@cvs.openbsd.org: For those of you who asked why cp needs to be portable, come on. You've got it all wrong. If cp isn't written in a portable fashion, then what is the point of doing anything else in a portable fashion. This is good and reasonable answer. So I think we should stop discussion. antonvm
Re: anyone need old PC crap?
On Sun, 07 Feb 2010 22:12:06 -0500 Nick Holland n...@holland-consulting.net wrote: ropers wrote: You (or anyone else, really) wouldn't happen to have any 1st or 2nd generation PC stuff (as in, IBM 5150 PC / IBM 5155 Portable, or IBM 5160 PC XT)? http://en.wikipedia.org/wiki/IBM_5150 http://en.wikipedia.org/wiki/IBM_5155 http://en.wikipedia.org/wiki/IBM_5160 please answer off-list. Do not feed the old computer crap addition I have... :-/ Your subconscious speaks otherwise.
Re: snort on openbsd with PF
Hi I apologize for not first RTFMing before asking. Section 4.4 of the Snort FAQ clearly states that scenario 1 is the one that will be ... -- TIA Paolo On 2/8/10 3:18 PM, Paolo Supino wrote: Hi When snort on the external interface of an OpenBSD firewall, which scenario will be the one happening: 1. Snort captures all incoming traffic before it reaches PF (there's also NAT on the external interface). 2. Snort captures and analyzes only traffic that the firewall let through on the interface. -- TIA Paolo
Re: pf rdr to multiple machines in the subnet
On 2010-02-07, Jean-Fran?ois SIMON jfsimon1...@gmail.com wrote: I am going to replace the rule rdr pass on $ext_if proto tcp from any to any port 1024:65535 - 10.0.1.32 port 1024:* rdr pass on $ext_if proto tcp to port 1024:65535 - 10.0.1/24
Re: Inconsistency between IPv6 and IPv4 announces between eBGP peers hooked through an iBGP session (OpenBGPd)
On Sat, Jan 30, 2010 at 03:21:32PM +0100, Laurent CARON wrote: On 30/01/2010 14:59, Laurent CARON wrote: My last test was with current as of 20100119. I did tests with 20091201 and 20091202 because the problem did appear just between those 2 dates and is reproductible. I'll try to upgrade to current and see if it helps. Since no commits were done on bgpd since 20100113 and my last test was from 20100119 with current from 20100119, I think the issue is still there. I just commited something that may be the reason for you IPv6 issues. Unbreak IPv6 local address lookups. Some idiot aka me optimised a loop and because of that either the IPv4 or IPv6 local address was not set. Because of this prefixes were sent out with all zero nexthops. Could you give it a spin? I still try to reproduce your problem but am unable to do so. Could I get the bgpd.conf and ifconfig output for the interface to the failing system? -- :wq Claudio
Re: flags for wd timeouts?
Hi Roger, Not entirely sure what is causing your problems, but there are several options in your BIOS that are worth investigating. http://www.supermicro.com/manuals/motherboard/HT2000/MNL-H8DSP-8i.pdf Plug Play OS (might be worth setting this to No) KBC Clock Source (try 8MHz) S-ATA Mode (IDE/MMIO or RAID, see if OpenBSD's behaviour changes) ACPI Version Features (1.0/2.0 or 3.0) Another issue may be the UDMA mode, change wd again via UKC and specify the flags 0xdfc (UDMA5,PIO 4). Just some suggestions, which you may have already tried. -Bryan.
Un año gratuito.Doble Titulo Internacional.Formacion online
SI NO VE LA INFORMACISN, HAGA CLICK AQUM [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] [IMAGE] Cursos que ofrecemos: MASTER EXPERTO EN COOPERACISN INTERNACIONAL Y DESARROLLO MASTER EXPERTO EN GESTISN Y DESARROLLO DE PROGRAMAS DE INTERVENCISN SOCIAL MASTER EXPERTO EN GESTISN DE PROGRAMAS GERIATRICOS MASTER EXPERTO EN RESOLUCISN DE CONFLICTOS MASTER EXPERTO EN RECURSOS PATRIMONIALES Y TURMSTICOS MASTER EXPERTO EN FORMACISN DE RECURSOS HUMANOS MASTER EXPERTO EN ANIMACISN SOCIOCULTURAL [IMAGE] [IMAGE] [IMAGE] Conforme a la Ley de servicios de la sociedad de la informacisn y de comercio electrsnico, y a la vigente Ley organica 15 13/12/1999 de proteccisn de datos espaqola, le informamos que su direccisn de correo esta incluida en nuestra base de datos, con la finalidad de enviarle informacisn de su interis. Si no desea seguir recibiendo ningzn correo futuro por nuestra parte o quiere modificar sus datos, por favor, responda directamente este mail con su peticisn. En caso de que no tengamos respuesta en este envmo, consideramos su autorizacisn para posteriores envmos. SI DESEA DARSE DE BAJA, HAGA CLICK AQUM [IMAGE]
Re: Download rate and sysctl settings
Il 06/02/10 19:43, Claudio Jeker ha scritto: Thank you for the clear answer. Anyway, trying to act on tcp.sendspace isn't affecting the upload capabilities of my OpenBSD server. I tried downloading a file through httpd, via ftp but results are still disappointing: 60-70 kbps between two boxes on the same switch. The box is going to become a webserver, could you please give me more hints about tuning network performance? Check your links. This sounds like a full-duplex issue between switch and machines. On a LAN even with default tcp send/recvspace you should get easily get up to 200Mbps. Proceeding with debugging, I'm getting even more close to the problem but still need some help. Giving to OpenBSD box a local IP, and accessing from a same-subnet IP machine, I get full speed (about 8 MB/s downloading). Problems come when I give to OpenBSD box an IP of another range, that goes behind a Cisco router: downloading from the same machine (and adding a hop in the path, the router itself) only reaches 20-30 kB/s, while giving the same IP to another linux machine and getting a file with apache2 reaches 150 kB/s. Any idea?
route6d bug
Hi, current route6d does not add advertised RipNG routes of other systems to the routing table. This problem seems to go back to 2008, as older OpenBSD releases do also suffer from this problem, here. Using route6d build from Jul. 3, 2007 does add advertised RipNG routes to the kernel routing table, but does not delete them on exit; at least if running a recent kernel. :-( Any hints how to patch this problem? -Florian
Re: Inconsistency between IPv6 and IPv4 announces between eBGP peers hooked through an iBGP session (OpenBGPd)
On 08/02/2010 18:41, Claudio Jeker wrote: Could you give it a spin? I just tried it and so far it seems successful. I'll let it run for a few days on my secondary bgp box and upgrade the primary one if successful. Many thanks
OT: Interupted system call/broken pipe with squid squidguard
Hello: I recently installed squid Version 2.7.STABLE6 and SquidGuard: 1.4 Berkeley DB 4.6.21 on OpenBSD 4.5. At this point, I am still setting things up, so it is not proxying much of anything, except for testing, but I have been getting this error every morning at 7:00AM local time: Feb 3 07:01:01 server squid[12276]: The url_rewriter helpers are crashing too rapidly, need help! Feb 3 07:01:01 server squid[7601]: Squid Parent: child process 12276 exited due to signal 6 Feb 3 07:01:04 server squid[7601]: Squid Parent: child process 29122 started I have no idea why this happens. After squid shuts down, it restarts without an issue, and runs fine until 7AM the next day. I am using newsyslog to manage the log files, and I send a squid -k reconfigure after the logs are rotated for squidguard; and a squid -k rotate after the squid logs rotate. But that happens at 3AM. I thought maybe there was some sort of problem with the file descriptors running out (I don't know what that means) after squid/squidguard was running for 24 hours, but I ran a script to shutdown and restart squid/squidguard at 3:32 AM, but the same errors occurred at 7AM. The ONLY thing that I can think of is that 7AM is the start of dayhours in my squidguard.conf. But I have no idea why that would be causing these errors. In any case, other than the fact that it all dies and then is reborn at 7AM every day, it is all good. It bothers me to have this issue. Any ideas to correct this would be welcome. Below I have included the output of (in this order): /var/squid/logs/cache.log /var/log/squidguard/squidGuard.log As well as my squidGuard.conf. Thanks for any advice Bye - ted - /var/squid/logs/cache.log 2010/02/03 07:00:00| WARNING: url_rewriter #1 (FD 9) exited 2010/02/03 07:00:00| WARNING: url_rewriter #3 (FD 11) exited 2010/02/03 07:00:00| WARNING: url_rewriter #2 (FD 10) exited 2010/02/03 07:00:00| Too few url_rewriter processes are running 2010/02/03 07:00:00| Starting new helpers 2010/02/03 07:00:00| helperOpenServers: Starting 5 'squidGuard' processes 2010/02/03 07:00:00| WARNING: url_rewriter #4 (FD 12) exited 2010/02/03 07:00:00| WARNING: url_rewriter #5 (FD 13) exited 2010/02/03 07:00:30| WARNING: url_rewriter #5 (FD 29) exited 2010/02/03 07:00:30| WARNING: url_rewriter #1 (FD 9) exited 2010/02/03 07:00:30| WARNING: url_rewriter #4 (FD 26) exited 2010/02/03 07:00:30| Too few url_rewriter processes are running 2010/02/03 07:00:30| Starting new helpers 2010/02/03 07:00:30| helperOpenServers: Starting 5 'squidGuard' processes 2010/02/03 07:00:30| ipcCreate: PARENT: hello read test failed 2010/02/03 07:00:30| -- read: (4) Interrupted system call 2010/02/03 07:00:30| WARNING: Cannot run '/usr/local/bin/squidGuard' process. 2010/02/03 07:00:30| write FD 12: (32) Broken pipe 2010/02/03 07:00:30| ipcCreate: CHILD: hello write test failed 2010/02/03 07:00:31| WARNING: url_rewriter #3 (FD 25) exited 2010/02/03 07:00:31| WARNING: url_rewriter #2 (FD 11) exited 2010/02/03 07:01:01| WARNING: url_rewriter #4 (FD 12) exited 2010/02/03 07:01:01| WARNING: url_rewriter #1 (FD 9) exited 2010/02/03 07:01:01| Too few url_rewriter processes are running 2010/02/03 07:01:01| Starting new helpers 2010/02/03 07:01:01| helperOpenServers: Starting 5 'squidGuard' processes 2010/02/03 07:01:01| ipcCreate: PARENT: hello read test failed 2010/02/03 07:01:01| -- read: (4) Interrupted system call 2010/02/03 07:01:01| WARNING: Cannot run '/usr/local/bin/squidGuard' process. 2010/02/03 07:01:01| ipcCreate: PARENT: hello read test failed 2010/02/03 07:01:01| -- read: (4) Interrupted system call 2010/02/03 07:01:01| WARNING: Cannot run '/usr/local/bin/squidGuard' process. 2010/02/03 07:01:01| write FD 25: (32) Broken pipe 2010/02/03 07:01:01| ipcCreate: CHILD: hello write test failed 2010/02/03 07:01:01| ipcCreate: PARENT: hello read test failed 2010/02/03 07:01:01| -- read: (4) Interrupted system call 2010/02/03 07:01:01| WARNING: Cannot run '/usr/local/bin/squidGuard' process. 2010/02/03 07:01:01| write FD 25: (32) Broken pipe 2010/02/03 07:01:01| ipcCreate: CHILD: hello write test failed 2010/02/03 07:01:01| ipcCreate: PARENT: hello read test failed 2010/02/03 07:01:01| -- read: (4) Interrupted system call 2010/02/03 07:01:01| WARNING: Cannot run '/usr/local/bin/squidGuard' process. 2010/02/03 07:01:01| WARNING: url_rewriter #3 (FD 10) exited 2010/02/03 07:01:01| Too few url_rewriter processes are running 2010/02/03 07:01:01| storeDirWriteCleanLogs: Starting... 2010/02/03 07:01:01| write FD 25: (32) Broken pipe 2010/02/03 07:01:01| ipcCreate: CHILD: hello write test failed 2010/02/03 07:01:01| write FD 25: (32) Broken pipe 2010/02/03 07:01:01| ipcCreate: CHILD: hello write test failed 2010/02/03 07:01:01| Finished. Wrote 1020 entries. 2010/02/03 07:01:01| Took 0.1 seconds (15190.8 entries/sec). FATAL: The url_rewriter helpers are crashing too rapidly, need help! Squid Cache (Version
Apache can't resume downloads after upgrade to 4.6
Hello misc, I'm using OpenBSD since 4.4 and today I noticed that httpd server doesn''t support resuming while a file is downloading. I made an upgrade from 4.5 to 4.6 couple days ago. I googled this problem and it appears that Apache supports resuming by default. I made the following tests: I ran orbit downloader on a Windows machine and it turns out that the web server doesn't support resuming. When pausing the download everything begins from scratch after resuming. I ran wget on my time server (FreeBSD 4.11) and here are the results: == [time]/root# wget -c -O ./xx http://bsdbg.net/pf --22:58:36-- http://bsdbg.net/pf = `./xx' Resolving bsdbg.net... done. Connecting to bsdbg.net[192.168.1.1]:80... connected. HTTP request sent, awaiting response... 200 OK Continued download failed on this file, which conflicts with `-c'. Refusing to truncate existing file `pf'. All of the tests were made after resetting the Apache config to default. Has anyone experienced such problems? Thanks in advance. *Here is uname:* [ns]~# uname -a OpenBSD ns.bsdbg.net 4.6 GENERIC#0 i386 *Here is dmesg* [ns]~# dmesg OpenBSD 4.6-stable (GENERIC) #0: Fri Feb 5 20:34:04 EET 2010 r...@ns.bsdbg.net:/usr/src/sys/arch/i386/compile/GENERIC cpu0: AMD Sempron(tm) Processor 3200+ (AuthenticAMD 686-class, 128KB L2 cache) 1.81 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16 real mem = 1055420416 (1006MB) avail mem = 1011703808 (964MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 02/05/08, BIOS32 rev. 0 @ 0xf2030, SMBIOS rev. 2.4 @ 0xf (70 entries) bios0: vendor Phoenix Technologies, LTD version ASUS M2NPV-VM ACPI BIOS Revision 1301 date 02/05/2008 bios0: ASUSTek Computer INC. M2NPV-VM acpi0 at bios0: rev 2 acpi0: tables DSDT FACP MCFG APIC acpi0: wakeup devices HUB0(S5) XVRA(S5) XVRB(S5) XVRC(S5) UAR1(S5) UAR2(S5) PS2M(S4) PS2K(S4) USB0(S4) USB2(S4) AZAD(S5) MMAC(S5) MMCI(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 200MHz ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (HUB0) acpicpu0 at acpi0 acpitz0 at acpi0: critical temperature 75 degC acpibtn0 at acpi0: PWRB bios0: ROM list: 0xc/0xec00 pci0 at mainbus0 bus 0: configuration mode 1 (bios) NVIDIA C51 Host rev 0xa2 at pci0 dev 0 function 0 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 1 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 2 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 3 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 4 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 5 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 6 not configured NVIDIA C51 Memory rev 0xa2 at pci0 dev 0 function 7 not configured vga1 at pci0 dev 5 function 0 NVIDIA GeForce 6150 rev 0xa2 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) NVIDIA MCP51 Host rev 0xa2 at pci0 dev 9 function 0 not configured pcib0 at pci0 dev 10 function 0 NVIDIA MCP51 ISA rev 0xa3 nviic0 at pci0 dev 10 function 1 NVIDIA MCP51 SMBus rev 0xa3 iic0 at nviic0 spdmem0 at iic0 addr 0x50: 512MB DDR2 SDRAM non-parity PC2-5300CL5 spdmem1 at iic0 addr 0x51: 512MB DDR2 SDRAM non-parity PC2-5300CL5 iic1 at nviic0 NVIDIA MCP51 Memory rev 0xa3 at pci0 dev 10 function 2 not configured pciide0 at pci0 dev 13 function 0 NVIDIA MCP51 IDE rev 0xa1: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: WDC WD800JB-00JJC0 wd0: 16-sector PIO, LBA, 76319MB, 156301488 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide0: channel 1 disabled (no drives) ppb0 at pci0 dev 16 function 0 NVIDIA MCP51 PCI-PCI rev 0xa2 pci1 at ppb0 bus 1 xl0 at pci1 dev 8 function 0 3Com 3c905C 100Base-TX rev 0x74: apic 2 int 16 (irq 10), address 00:50:da:e1:34:84 bmtphy0 at xl0 phy 24: 3C905C internal PHY, rev. 6 xl1 at pci1 dev 9 function 0 3Com 3c905C 100Base-TX rev 0x74: apic 2 int 17 (irq 11), address 00:04:76:18:a5:3f bmtphy1 at xl1 phy 24: 3C905C internal PHY, rev. 6 pchb0 at pci0 dev 24 function 0 AMD AMD64 0Fh HyperTransport rev 0x00 pchb1 at pci0 dev 24 function 1 AMD AMD64 0Fh Address Map rev 0x00 pchb2 at pci0 dev 24 function 2 AMD AMD64 0Fh DRAM Cfg rev 0x00 kate0 at pci0 dev 24 function 3 AMD AMD64 0Fh Misc Cfg rev 0x00: core rev DH-F2 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 it0 at isa0 port 0x2e/2:
Re: AMD power reduction
Le lundi 08 fivrier 2010 10:41:18, Daniel Gracia Garallar a icrit : If absolute raw power is not mandatory, you may have a look at Atom-based servers -like http://www.supermicro.es/?opcion=contenidoplt=notasid=137 for example-. This servers consumption should make a difference when working on renovable energy sources. Regards! Jean-Francois escribis: Le lundi 08 fivrier 2010 04:10:22, Nick Holland a icrit : With all this talk about power reduction...I'm going to toss out one small suggestion: Get a Wattmeter, and measure... Don't waste your time speculating. Hello, I did. It's consuming some 90 Watts at idle. Actually, it's an Athlon but the latest Sempron has an even reduced TDP. My next server will be based on it. Actually even 70 Watts is a little bit high for my next server given the fact it will be in an autonomous environment (small wind/solar generators). Regards Thank you for this information. Is it working ok with OpenBSD ? Standard x86 is suitable ? Regards.
New Year Promotion from Systat Software
Dear Researcher, Systat Software would like to thank you for trying out our products. If you would like to take advantage of our current New Year promotion, please give us a call or email us. For Academic and non-profit inquiries, please call Amanda McDowell at 1-800-797-7401 Option 1 or email her at amcdow...@systat.com For all Corporate or Government inquiries, please call Vivian Le at 1408-715-7081 or email her at v...@systat.com Thanks again and we hope to hear from you soon. Best Regards, Sales Team SYSTAT Software Inc 1735 Technology Drive Suite 430 San Jose, CA 95110 New Website: http://www.sigmaplot.com http://www.sigmaplot.com/optout/
Re: Apache can't resume downloads after upgrade to 4.6
I'm using OpenBSD since 4.4 and today I noticed that httpd server doesn''t support resuming while a file is downloading. The in-tree Apache (Apache 1.3.29 + improvements) doesn't support the range header (so you can't resume a previous download); as far as I know, it never has. If you need resume support, install the Apache httpd 2.2.11 package. Matthew On Mon, 8 Feb 2010, aTANAS wLADIMIROW wrote: Hello misc, I'm using OpenBSD since 4.4 and today I noticed that httpd server doesn''t support resuming while a file is downloading. I made an upgrade from 4.5 to 4.6 couple days ago. I googled this problem and it appears that Apache supports resuming by default. I made the following tests: I ran orbit downloader on a Windows machine and it turns out that the web server doesn't support resuming. When pausing the download everything begins from scratch after resuming. I ran wget on my time server (FreeBSD 4.11) and here are the results: == [time]/root# wget -c -O ./xx http://bsdbg.net/pf --22:58:36-- http://bsdbg.net/pf = `./xx' Resolving bsdbg.net... done. Connecting to bsdbg.net[192.168.1.1]:80... connected. HTTP request sent, awaiting response... 200 OK Continued download failed on this file, which conflicts with `-c'. Refusing to truncate existing file `pf'. All of the tests were made after resetting the Apache config to default. Has anyone experienced such problems? Thanks in advance. *Here is uname:* [ns]~# uname -a OpenBSD ns.bsdbg.net 4.6 GENERIC#0 i386 --- Matthew Mulrooney Teamify - Team Management Simplified - http://www.teamify.com ---
eshop.gr: Ενημερωτικό δελτίο 9/2/2010
Episjeuhe_te tgm die}humsg http://www.e-shop.gr/newsletter/mail-100211.html cia ma de_te tir pqosvoq]r lar TGKEVYMIJES PAQACCEKIES 9:00-20:00 STO 211 5000500 Oi til]r isw}oum ap| 06/02/10 l]wqi 20/02/10, ]yr enamtk^seyr tym apohel\tym jai l|mo cia ta l]kg tou e-shop.gr Am h]kete ma diacqave_te ap| tg k_sta emgl]qysgr tou e-shop.gr, paqajako}le apamt^ste sto paq|m le t_tko(subject) tou lgm}lat|r sar: DIACQAVG.
Re: AMD power reduction
Le lundi 08 fivrier 2010 10:41:18, Daniel Gracia Garallar a icrit : If absolute raw power is not mandatory, you may have a look at Atom-based servers -like http://www.supermicro.es/?opcion=contenidoplt=notasid=137 for example-. those work ok (i386/amd64 kernels). you must use a 2.5 drive if you want to use the PCIE slot (get the 1x2.5 carrier, not the dual one, if you want that), and note that the PCI slots aren't usable in that chassis. supermicro also have some newer mini-itx Atom boards - ICH9: more sata, em(4), optional IPMI - and there are also numerous low-power systems from a range of manufacturers using various CPUs (VIA, Geode, EP80579, Atom, ..). if you don't need i386 compatibility, keep an eye on OpenBSD/loongson too. (or OpenBSD/armish but the supported hardware doesn't seem to be available new any more, the closest replacement for Thecus N2100 uses a different CPU [still arm-based, but this time a slower Oxford Semiconductor one rather than the XScale]). but without more information on what server means to you, it's hard to say what might actually be suitable...
Google, automation, and lack of security
Not directly about OpenBSD, but worth reading: http://blogs.techrepublic.com.com/security/?p=3007
Sanal Albümler
\cretsiz Ful alb|mler hemde yasal olarak indirebilirsiniz. Alb|m sahiplerinin izniyle. http://www.devsan.net http://devsan.net/zakirercankilic http://devsan.net/melikekaya Kat}lmak igin t}klay}n}z... http://www.devsan.net/cgi-bin/paylasim/mailer.cgi Yeni alb|mler haz}rlan}yor, k}sa s|rede eklenecektir.
Re: AMD power reduction
If absolute raw power is not mandatory, you may have a look at Atom-based servers -like http://www.supermicro.es/?opcion=contenidoplt=notasid=137 for example-. This servers consumption should make a difference when working on renovable energy sources. Regards! Jean-Francois escribis: Le lundi 08 fivrier 2010 04:10:22, Nick Holland a icrit : With all this talk about power reduction...I'm going to toss out one small suggestion: Get a Wattmeter, and measure... Don't waste your time speculating. Hello, I did. It's consuming some 90 Watts at idle. Actually, it's an Athlon but the latest Sempron has an even reduced TDP. My next server will be based on it. Actually even 70 Watts is a little bit high for my next server given the fact it will be in an autonomous environment (small wind/solar generators). Regards
Re: pf rdr to multiple machines in the subnet
* Jean-Frangois SIMON (jfsimon1...@gmail.com) wrote: 2010/2/7 Bret S. Lambert bret.lamb...@gmail.com No, you'd have to so a seperate rdr line for each backend host. Would a rule like this one work (2 lines). rdr pass on $ext_if proto tcp from any to any port 1024:65535 - 10.0.1.32 rdr pass on $ext_if proto tcp from any to any port 1024:65535 - 10.0.1.33 You can't redirect one port to multiple machines, your options are: 1) redirect different ports to different machines, i.e.: rdr pass on $ext_if proto tcp from any to any port 1024:5000 - 10.0.1.32 rdr pass on $ext_if proto tcp from any to any port 5001:65535 - 10.0.1.33 2) get more external IP addresses. /jkm
Re: pf rdr to multiple machines in the subnet
On Tue, Feb 09, 2010 at 08:19:14AM +0100, Joakim Aronius wrote:
* Jean-Frangois SIMON (jfsimon1...@gmail.com) wrote:
2010/2/7 Bret S. Lambert bret.lamb...@gmail.com
No, you'd have to so a seperate rdr line for each backend host.
Would a rule like this one work (2 lines).
rdr pass on $ext_if proto tcp from any to any port 1024:65535 - 10.0.1.32
rdr pass on $ext_if proto tcp from any to any port 1024:65535 - 10.0.1.33
You can't redirect one port to multiple machines, your options are:
1) redirect different ports to different machines, i.e.:
rdr pass on $ext_if proto tcp from any to any port 1024:5000 - 10.0.1.32
rdr pass on $ext_if proto tcp from any to any port 5001:65535 - 10.0.1.33
2) get more external IP addresses.
Or use tables:
table foo = { $list_of_ips }
rdr pass on $ext_if proto tcp from any to any port 1024:65535 - foo
or run relayd
The OP would do well to read the PF guide on openbsd.org.
