Re: MIDI over USB
On Wed, Jan 11, 2012 at 08:43:59AM +0100, pet...@schwertfisch.de wrote: Why is the extra -t slave needed to play audio tracks when the sub-device (mmc) is in slave mode already? the -tslave (aka mmc control) in the player is to allow the stream to relocate. So it's needed. Without -tslave, the player will start synchornously (because the server will block it until all clients start) but won't know how to relocate. Is there other software from packages that can be controlled this way (start, stop, relocate)? audio/lmms is supposed to support mmc, but I've never used it this way. Note that mmc is only necessary to relocate. If you only need the program to start and stay in sync, any app using a server sub-device with -tslave should work. Also, when using your setup and leaving out the -t slave the track can be started from midish using the p command, but it only plays for a second or so and then stops. $ aucat -fsnd/0.mmc -qmidithru/0 -i song50.wav -d snd0: playing s16le,0:1,44100 snd0: block size is 480 frames, using 27 blocks starting device server relocated to 0 wav(wav0)/run: stopping snd0: closing device short answer: - if mmc is required, both -qport and -tslave are needed - else, if -qport is required, mmc should be disabled in midish long answer: Even if -tslave is missing, aucat uses mmc internally (because code is simpler this way), so mmc is not 100% disabled when -tslave is missing. In the above case, midish sends the stop - relocate - start sequence, and aucat interprets it, but only partially. There's no extra code to filter mmc out when -tslave is missing (which would be cleaner). -- Alexandre
Re: No schizophrenia
On 01/11/2012 01:19 AM, John Tate wrote: Just an idiot, Jan Stary, who turned the sentence 7 years of FreeBSD/OpenBSD experience into OpenBSD Guru. I wish I had more time and less faith in minds like hers. What an embarrassment... oh dear. She should learn to read. I'm back, healthy as can be. I had a nice holiday. I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU John Tate Jan Stary is a male, John, and a very helpful member of the community. About your holiday, looks like they had to use more electric shocks in there. You talk like a Stephen King character. ... -- Rares Aioanei
Re: No schizophrenia
On Wed, Jan 11, 2012 at 12:19 AM, John Tate j...@johntate.org wrote: Just an idiot, Jan Stary, who turned the sentence 7 years of FreeBSD/OpenBSD experience into OpenBSD Guru. I wish I had more time and less faith in minds like hers. What an embarrassment... oh dear. She should learn to read. I'm back, healthy as can be. I had a nice holiday. I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU The intertruck begs to differ: I was a Linux hacker since I was 13. I am a bit of a guru[1] [1] http://marc.info/?l=openbsd-miscm=132275346807070w=2
Re: No schizophrenia
On 2012-01-11, Bret Lambert bret.lamb...@gmail.com wrote: On Wed, Jan 11, 2012 at 12:19 AM, John Tate j...@johntate.org wrote: Just an idiot, Jan Stary, who turned the sentence 7 years of FreeBSD/OpenBSD experience into OpenBSD Guru. I wish I had more time and less faith in minds like hers. What an embarrassment... oh dear. She should learn to read. I'm back, healthy as can be. I had a nice holiday. I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU The intertruck begs to differ: I was a Linux hacker since I was 13. I am a bit of a guru[1] [1] http://marc.info/?l=openbsd-miscm=132275346807070w=2 So is this a guru meditation error?
locate weirdness
Have a 4.3 server with a really weird problem: locate ONLY indexes one [user file] partition! IOW, no binaries are indexed, nor is /usr/, /var, .. All filesystems are ffs; I deleted /var/db/locate.db and recreated with /usr/libexec/locate.updatedb more than once; locate.rc is stock: == TMPDIR=/var/tmp FCODES=/var/db/locate.database SEARCHPATHS=/ PRUNEPATHS=/tmp /var/tmp /usr/tmp FILESYSTEMS=ffs ufs ext2fs [comments pruned] = The locate database seems to be normal: Database: /var/db/locate.database Compression: Front: 19.48%, Bigram: 65.90%, Total: 14.52% Filenames: 218512, Characters: 14825215, Database size: 2153551 Bigram characters: 734303, Integers: 5440, 8-Bit characters: 3 = Trying to troubleshoot a Perl module problem, and locate is not returning any hits except user files g! Any pointers on what is 'intefering' with the process? Lee
Comunicado de comprovante de operação
Voc- est- recebendo esta comunica--o de opera--o realizada no Ita- Bankline enviada por Mariana Duarte Silva. Coment-rio do remetente: Pagamento Visualizar_Comprovante N-mero do Controle: 2231.6722.66 O comprovante estar- dispon-vel por 7 dias. Atenciosamente, Banco Ita-
Re: No schizophrenia
Omg, this one is still going on? Please stop filling those Internet tubes with useless attempts to argument with a troll. You'd never win. And this whole topic... Waste of time... Peter On Jan 11, 2012 12:24 AM, John Tate j...@johntate.org wrote: Just an idiot, Jan Stary, who turned the sentence 7 years of FreeBSD/OpenBSD experience into OpenBSD Guru. I wish I had more time and less faith in minds like hers. What an embarrassment... oh dear. She should learn to read. I'm back, healthy as can be. I had a nice holiday. I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU I NEVER SAID THE WORD GURU John Tate -- www.johntate.org
Re: Multiple ISP-connections/Routing/Packet filtering
Hello Russell, On Wed, Jan 11, 2012 at 07:46:59AM -0500, Russell Garrison wrote: Have you considered routing domains? no I have not. According to your hint I started to study their concept, but have not found a description that would meet my situation. Thanks for your idea and best regards Torsten On Tue, Jan 10, 2012 at 1:41 PM, Dr.-Ing. Torsten Finke torsten.fi...@igh-essen.com wrote: Hello Jorge, I read again your mail and now i'm lost ! You Wrote: How can I force my Extl. FW to reply on exactly the same interface it had been requested on? For example I am running OpenVPN(1194/UDP) between my HomeOffice (Z=Client) and the Intl. FW(=Server). Alike I would appretiate SSH-portforwarding from Internet to the Intl. FW. SSH port forwarding from internet to Internal server is something like : ext_if=vr0 ext_ip=1.2.3.4 Spvt= 4.5.6.7 match in on $ext_if proto tcp from any to $ext_ip port 22 rdr-to $Spvt pass in on $ext_if proto tcp from any to $Spvt port 22 pass out on $int_if proto tcp from any to $Spvt port 22 The above line redirects all traffic coming from any place in internet to my external IP ( 1.2.3.4) to the server 4.5.6.7 which is located in my internal lan, in other words the packet comes in on external interface , goes out on internal interface .. These works on OpenBSD 4.8 or newer ! Is this what you need ? no. Obviously I have not explained clearly what my problem is. On my firewall I have TWO different internet connections. It is simple to forward - for instance ssh - from both connections to an internal machine. Now this machine answers and the firewall sends the reply back. How can I force the firewall to send the reply over exactly that interface the request came in? The problem is that the client anywhere on the internet expects the answer from the very address it had contacted. If now the reply comes from another address, it will get lost. Best regards Torsten On Tue, Jan 10, 2012 at 10:46 AM, Dr.-Ing. Torsten Finke torsten.fi...@igh-essen.com wrote: Hello Jorge, If i understood you well, the answer to your question is here ! http://www.openbsd.org/faq/pf/pools.html Under the section Load Balancing outgoing traffic, or take a look at: http://www.openbsd.org/faq/faq6.html#Multipath There are good examples there ! I hope this can help ! thank you for this. The FAQ on pools has nice examples but none of them really faces my problem. It discusses load balancing of incoming traffic to several servers as well as load balancing of outgoing traffic. I cannot figure out how to dispatch replies to incoming requests over different connections. The FAQ on multipath has helped me very well to set up multiple default routes - this works very well. Best regards Torsten Dear List, Here I show my network topology. Maybe it seems quite typical. My internal network is located behind an Intl/Extl Firewall which is connected to the Internet(IN) via pppoe/ppp(8). On the other side I run different systems, for instance a home office network, a mobile laptop, and several customers. +---+ +---+ | A | | B | (PC) +-+-+ +-+-+ | | +-+ --+-+---| Intl FW |---(DMZ)---+ (LAN/int) +-+ | | +---+ | +---+ | | Z | (PC) | () +---+ | +-+ pppoe/ppp(8) +---+ () ++| | | |--| DSL-Modem |--()--| GW |+- | | | rl0/tun0 +---+ () ++ (HomeOffice) +--| Extl FW | ( IN ) +--+ | | pppoe/ppp(8) +---+ ()--| Customer | | |--| DSL-Modem |--() +--+ +-+ rl1/tun1 +---+ () ++ OpenBSD 4.8 ()--| Mobile | ++ My question is about the setup of routing and packet filtering on the External Firewall: How can I force my Extl. FW to reply on exactly the same interface it had been requested on? For example I am running OpenVPN(1194/UDP) between my HomeOffice (Z=Client) and the Intl. FW(=Server). Alike I would appretiate SSH-portforwarding from Internet to the Intl. FW. I tried using route-to and reply-to, but that did not work - PF.CONF(5)
OpenSMTPD memory leak...
Hi, I'm running OpenBSD5 (all from binaries) as a spam filter installed in SPARC LDOM (T1000). I've changed sendmail for OpenSMTPD and after few weeks a see that OpenSMTPD ate almost all memory: root@homer $ ps aux | grep smtpd root 5866 0.0 0.1 1296 2544 ?? Is23Nov110:10.40 smtpd: [priv] (smtpd) _smtpd 32416 0.0 0.1 1088 2160 ?? I 23Nov110:23.96 smtpd: control (smtpd) _smtpd 862 0.0 0.1 1136 2384 ?? I 23Nov116:59.17 smtpd: lookup agent (smtpd) _smtpd 25812 0.0 0.1 848 1944 ?? I 23Nov110:04.31 smtpd: mail delivery agent (smtpd) _smtpd 19507 0.0 0.1 944 1984 ?? I 23Nov113:01.57 smtpd: mail filter agent (smtpd) _smtpd7286 0.0 64.5 3180912 1184408 ?? I 23Nov11 950:16.16 smtpd: mail transfer agent (smtpd) _smtpd1789 0.0 0.1 1536 2640 ?? I 23Nov117:35.61 smtpd: queue (smtpd) _smtpd 27134 0.0 0.1 1288 2384 ?? I 23Nov118:22.50 smtpd: runner (smtpd) _smtpd4856 0.0 0.2 1768 4296 ?? I 23Nov11 10:01.85 smtpd: smtp server (smtpd) Are you devs already aware of that leak? Can I help with some traces/dumps till I'll must restart it? I.
Re: locate weirdness
Have a 4.3 server [rest deleted] There is a ton of documentation that makes it clear you are on your own more than two releases back.
Re: locate weirdness
At 10:41 AM 1/11/2012, Theo de Raadt wrote: Have a 4.3 server [rest deleted] There is a ton of documentation that makes it clear you are on your own more than two releases back. So, you're advocating incomplete information? Is that not a bigger problem? Lee
Re: locate weirdness
Have a 4.3 server [rest deleted] There is a ton of documentation that makes it clear you are on your own more than two releases back. So, you're advocating incomplete information? Is that not a bigger problem? No, I am advocating that you TAKE CARE OF YOUR OWN PROBLEMS YOURSELF. We do not support old releases. AT ALL.
Re: OpenSMTPD memory leak...
On Wed, Jan 11, 2012 at 05:39:43PM +0100, Ivan Nudzik wrote: Hi, I'm running OpenBSD5 (all from binaries) as a spam filter installed in SPARC LDOM (T1000). I've changed sendmail for OpenSMTPD and after few weeks a see that OpenSMTPD ate almost all memory: [snip] Are you devs already aware of that leak? Can I help with some traces/dumps till I'll must restart it? I bet it's this one: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/ssl.c#rev1.38 If you want to try opensmtpd you should really really run the code from current. The one shipped with 5.0 is old and it does not help finding bugs. Eric.
Anyone got a 48 port gigabit switch, small and lower power? looking for a good home?
OpenBSD's building infrastructure has a need for such things. if you are in the process of rewhacking your network, I would love to hear from you if you have such beasts that might be sent our way. We are looking to get these things in Calgary, Canada.
Re: locate weirdness
So, you're advocating incomplete information? Is that not a bigger problem? No, we don't support old releases. 4.3 is very old. You should update your OS to something supported, and likely your problem will go away.
Aşkınızı Ateşleyin
Yes! Feromon A~k Parf|m| Yes! Feromon Parf|m, kad}nlar} etkileyen ve cinsel istek arzusunu tetikleyen erkek feromonu igerir. \zerinizdeki kokuyu alan bayanlarda cinsel istek uyand}r}r. Yes! Feromon Parf|m etkisi kan}tlanm}~ bir |r|nd|r ABD'de en gok satan feromon kokular aras}ndad}r. Yes! Feromon Parf|m Hakk}nda Detayl} Bilgi
Re: locate weirdness
On Wed, Jan 11, 2012 at 9:49 AM, L. V. Lammert l...@omnitec.net wrote: At 10:41 AM 1/11/2012, Theo de Raadt wrote: Have a 4.3 server [rest deleted] There is a ton of documentation that makes it clear you are on your own more than two releases back. So, you're advocating incomplete information? Is that not a bigger problem? Lee Bite the bullet, upgrade, life is better at 5.0 Prior to last year, I had been upgrading OpenBSD by clean install, then install and configure all packages, it was a major hassle. Things hit critical mass about a year ago. I had five systems on either 4.2 or 4.3. I gave in and decided to learn the new upgrade tools. As a result I upgraded nearly all my 10+ OpenBSD systems to 4.9 over the course of 3-4 weeks. That was a total of 43 upgrades counting each release on each system. I'm more confident in my OpenBSD systems now and the 4.9-5.0 upgrades went even more smoothly (once I figured out /etc/rc.d/). I'm not sure how I missed them before, but follow the upgrade guides is essential: http://www.openbsd.org/faq/upgrade50.html Once you get to 4.3, upgrading your systems becomes a whole lot easier, thanks in large part to sysmerge(8), introduced in 4.4 The upgrade from 4.2 - 4.3 was still a bit of a hassle, but after that upgrades went fairly smooth with little incident. It is very interesting to see sysmerge(8) get better and better with each release. Go get'em man, those upgrades are nowhere near as hard as they once were, back in the day when you had to grep 10,000 LOC, uphill, both ways, just to get schooled. Have a nice day, Barry
Re: locate weirdness
At 01:04 PM 1/11/2012, Barry Grumbine wrote: Bite the bullet, upgrade, life is better at 5.0 Sorry, but *UPGRADING* isn't the question - the question is why locate is not working properly. If nobody has ever seen such a problem, it would be quite more forthright to just admit that than spout the normal crap this list promulgates. But, then, I should have expected multiple replies that are off topic, of no help, and not worth the time to read. Sorry, I had momentarily forgotten the definition of OBSD Misc - my bad. If nobody can answer the question, that's is not a problem, just say so! Lee
Re: locate weirdness
Bite the bullet, upgrade, life is better at 5.0 ...knew I forgot something. There aren't many North American mirrors that go back to 4.2. I was fortunate to find obsd.cec.mtu.edu which Nick Holland recently notified us that he needs to take down very soon. After Looking through all the mirrors, I think the only OpenBSD archive located in North America is planetunix.net : ftp://mirror.planetunix.net/pub/OpenBSD/4.3/ Most of the rest only mirror a couple of releases. -Barry
Re: locate weirdness
On Wed, Jan 11, 2012 at 14:17, L. V. Lammert l...@omnitec.net wrote: At 01:04 PM 1/11/2012, Barry Grumbine wrote: Bite the bullet, upgrade, life is better at 5.0 Sorry, but *UPGRADING* isn't the question - the question is why locate is not working properly. If nobody has ever seen such a problem, it would be quite more forthright to just admit that than spout the normal crap this list promulgates. But, then, I should have expected multiple replies that are off topic, of no help, and not worth the time to read. Sorry, I had momentarily forgotten the definition of OBSD Misc - my bad. If nobody can answer the question, that's is not a problem, just say so! Lee 4.3 was released May 1, 2008. That's almost 4 years old software. What are you expecting here? Someone to check out the code from that version and deeply inspect what may be causing your problem, that is more than likely already fixed in a later version? The replies were perfectly valid and helpful. In the software world, you're using an antique.
Re: locate weirdness
On 01/11/2012 02:30 PM, Jeremy O'Brien wrote: On Wed, Jan 11, 2012 at 14:17, L. V. Lammertl...@omnitec.net wrote: At 01:04 PM 1/11/2012, Barry Grumbine wrote: Bite the bullet, upgrade, life is better at 5.0 Sorry, but *UPGRADING* isn't the question - the question is why locate is not working properly. If nobody has ever seen such a problem, it would be quite more forthright to just admit that than spout the normal crap this list promulgates. But, then, I should have expected multiple replies that are off topic, of no help, and not worth the time to read. Sorry, I had momentarily forgotten the definition of OBSD Misc - my bad. If nobody can answer the question, that's is not a problem, just say so! Lee 4.3 was released May 1, 2008. That's almost 4 years old software. What are you expecting here? Someone to check out the code from that version and deeply inspect what may be causing your problem, that is more than likely already fixed in a later version? The replies were perfectly valid and helpful. In the software world, you're using an antique. They were valid replies, but a straw man argument at best. I think he would have preferred to hear something more like: Yeah, I saw something similar happen on my systems running an older release. I don't really remember the release, but I do remember the problem eventually went away for me. I'm not really sure of what's happening, but my best guess is giving the latest release a try and seeing if that solves the problem for you. -- David Cantrell david.l.cantr...@gmail.com WH6DSN | http://blog.burdell.org/
Re: locate weirdness
At 01:30 PM 1/11/2012, Jeremy O'Brien wrote: 4.3 was released May 1, 2008. That's almost 4 years old software. What are you expecting here? Someone to check out the code from that version and deeply inspect what may be causing your problem, that is more than likely already fixed in a later version? Another typical reply - the question was has anyone ever seen anything like this, .. or, perhaps, what could be causing it. No need for the off-topic diatribes - a simple no would more than suffice. Lee
Re: locate weirdness
They were valid replies, but a straw man argument at best. I think he would have preferred to hear something more like: Yeah, I saw something similar happen on my systems running an older release. I don't really remember the release, but I do remember the problem eventually went away for me. I'm not really sure of what's happening, but my best guess is giving the latest release a try and seeing if that solves the problem for you. The OP has been around long enough to know we don't like talking about ancient code. It is completely FAQ, and he knows better. It's not a kernel crash. It's not pf letting packets through. It's locate. Come on.
Re: locate weirdness
On Wed, Jan 11, 2012 at 14:47, L. V. Lammert l...@omnitec.net wrote: At 01:30 PM 1/11/2012, Jeremy O'Brien wrote: 4.3 was released May 1, 2008. That's almost 4 years old software. What are you expecting here? Someone to check out the code from that version and deeply inspect what may be causing your problem, that is more than likely already fixed in a later version? Another typical reply - the question was has anyone ever seen anything like this, .. or, perhaps, what could be causing it. No need for the off-topic diatribes - a simple no would more than suffice. OK then. I have used OpenBSD since 4.0, and I have not seen this behavior. I recommend seeing if an upgrade fixes your problem. ;)
Re: locate weirdness
Hi, Am 11.01.12 20:17, schrieb L. V. Lammert: At 01:04 PM 1/11/2012, Barry Grumbine wrote: Bite the bullet, upgrade, life is better at 5.0 Sorry, but *UPGRADING* isn't the question - the question is why locate is not working properly. No. You were advised to upgrade, since 4.3 is not supported anymore. Heck, probably nobody can even remember whether something was odd with locate in 4.3. Upgrade to a supported release and if you still face problems, come back to the list. Try to look from a different angle here. Say, you would have an old Debian Sarge release (years old) and you would approach a debian mailing list with something is weird with locate, pretty sure you would get a lot of advises to upgrade first, test then, and if problem persists, come back. All good and jolly! ./Marian
Re: Disk blocking and unacceptable wait times with Areca ARC 1210
I've installed OpenBSD onto this box from 4.6 through 5.0 to compare wait times for simple operations. I don't expect miracles from this relatively cheap raid controller, but, I expect it to be at least as quick as a regular sata drive! So, I'm dd'ing 10GB of zeros to a file, sleeping for a second then timing how long it takes ls to list the directory contents... To summarise, write speeds were quickest in 5.0 but system response times were worst. Everything was pretty respectable in 4.6 but still a lot slower than a single disk. My test was a country mile from scientific so if there's a better way to come up with results that might help reveal what the problem is I'd be glad to run more tests... Here's what I've been doing: # dd if=/dev/zero of=./testfile bs=1024k count=1 sleep 1; time ls -la /dev/null; ... followed by a few more... # time ls -la /dev/null; And the results where the ls time is a subjective average: The other server I've got in the office... OpenBSD 4.6 i386 on a single SATA drive: ls: 0.000u 0.020s 0:00.03 66.6% 0+0k 0+0io 0pf+0w dd: 1048576 bytes transferred in 94.775 secs (110637306 bytes/sec) OpenBSD 5.0 amd64 RAID 5 ls: 0m5.80s real 0m0.00s user 0m0.13s system dd: 1048576 bytes transferred in 53.736 secs (195132964 bytes/sec) Remarks: Terribly slow! OpenBSD 4.9 amd64 RAID 5 ls: 0m5.95s real 0m0.00s user 0m0.06s system dd: 1048576 bytes transferred in 75.058 secs (139700269 bytes/sec) Remarks: No better than 5.0 OpenBSD 4.8 amd64 RAID 5 ls: 0m5.72s real 0m0.00s user 0m0.04s system dd: 1048576 bytes transferred in 103.893 secs (100927877 bytes/sec) Remarks: A bit quicker, got some really quick response times OpenBSD 4.7 amd64 RAID 5 ls: 0m4.79s real 0m0.00s user 0m0.04s system dd: 1048576 bytes transferred in 95.476 secs (109825323 bytes/sec) Remarks: A little quicker than 4.8 OpenBSD 4.6 amd64 RAID 5 ls: 0m1.90s real 0m0.00s user 0m0.02s system dd: 1048576 bytes transferred in 64.263 secs (163166944 bytes/sec) Remarks: Consistently around the 2 second mark George Steel [li...@netglue.co] wrote: I've been testing and comparing between servers using dd -if /dev/zero and then performing simple tasks like ls. On a 4.6 server with a single SATA disk, ls spits out the listing immediately, on this RAID 5 box, the terminal hangs for as much as 12 seconds then begrudgingly spits out the dir listing line by line. I expect the system to become slower whilst writing 10GB of zeros to a file, but it seems to me that something is going on with this RAID box because the wait is unbelievable compared to a much lower spec machine. Perhaps this is to be expected with a relatively cheap RAID controller? and I'd be better off just attaching separate disks and doing softraid. If I cat the 10GB file to /dev/null and perform the same type of operations, everything is as quick as you'd expect. On 10 Jan 2012, at 17:48, Chris Cappuccio wrote: George Steel [li...@netglue.co] wrote: Yeah, I did start up top before hand on another terminal and biowait was all I saw with a 1 sec delay. I repeated the test several times and never saw anything other than biowait I also had a look with ps but couldn't really interpret what I saw other than ps reported state as D for both processes. I'm also not much good at interpreting systat but to my untrained eye, I couldn't see much difference between the idle machine and a heavy write other than lots of disk IO There's nothing in any logs and I've also tried the RAID card in different slots. I also installed i386 and had the same problem what activity is tying your disks up like this? --
Re: locate weirdness
On Wed, 11 Jan 2012, Marian Hettwer wrote: Hi, Am 11.01.12 20:17, schrieb L. V. Lammert: At 01:04 PM 1/11/2012, Barry Grumbine wrote: Bite the bullet, upgrade, life is better at 5.0 Sorry, but *UPGRADING* isn't the question - the question is why locate is not working properly. No. You were advised to upgrade, since 4.3 is not supported anymore. Heck, probably nobody can even remember whether something was odd with locate in 4.3. Upgrade to a supported release and if you still face problems, come back to the list. Try to look from a different angle here. Say, you would have an old Debian Sarge release (years old) and you would approach a debian mailing list with something is weird with locate, pretty sure you would get a lot of advises to upgrade first, test then, and if problem persists, come back. All good and jolly! ./Marian Hope you got off on the bs, .. as usual, offtopic, nothing useful, not worth readying. Quite repetitive of the other BS, actually. Lee
Re: locate weirdness
Time for today's how to debug a problem lesson. On Wed, Jan 11, 2012 at 7:26 AM, L. V. Lammert l...@omnitec.net wrote: Have a 4.3 server with a really weird problem: locate ONLY indexes one [user file] partition! IOW, no binaries are indexed, nor is /usr/, /var, .. Lesson #1: examine the anomalous data for clues. So, you're saying that locate /usr | grep ^/usr | head returns nothing but locate /home | grep ^/home | head returns something? (/home being a stand-in for whatever your unsaid [user file] partition is) Perhaps you should investigate how those two directories differ? The locate database seems to be normal: Database: /var/db/locate.database Compression: Front: 19.48%, Bigram: 65.90%, Total: 14.52% Filenames: 218512, Characters: 14825215, Database size: 2153551 Bigram characters: 734303, Integers: 5440, 8-Bit characters: 3 Lesson #2: step through the problem computation and verify the correctness of intermediate stages. So you've run locate.updatedb manually. It's just a shell script, so perhaps you should run the commands in it manually, one by one and examining the intermediate output of pipes, etc. Be sure to do so in a shell that reproduces how locate.updatedb is called from /etc/weekly! Philip Guenther
Re: Disk blocking and unacceptable wait times with Areca ARC 1210
I think your report falls a little short on explaining the problem. It's cool to see the benchmarks improve in 5.0. But Remarks: Terribly slow! is all you provide to explain the problem in the same 5.0 It would be better to have another test that represents the problem along with each dd test. Or at least a more detailed explanation of the rest of the system's responsiveness during the dd. When it gets slow, anything already running is still runnign but the disk is all tied up and you can't start new commands? Does it affect access to disks other than the one you are tying up? If only one disk is affected at a time, 5.0 is the fastest, and has the most trouble with responsiveness while being fast, this is likely to be improved by a fair I/O scheduler. There is a generic framework in place now for schedulers to get plugged in I don't think anybody has actually written it yet. There's also an issue with dirty buffers getting eaten up, but that is prominent on slow devices, and you'd be WAITing in buf_needva in that case. George Steel [li...@netglue.co] wrote: I've installed OpenBSD onto this box from 4.6 through 5.0 to compare wait times for simple operations. I don't expect miracles from this relatively cheap raid controller, but, I expect it to be at least as quick as a regular sata drive! So, I'm dd'ing 10GB of zeros to a file, sleeping for a second then timing how long it takes ls to list the directory contents... To summarise, write speeds were quickest in 5.0 but system response times were worst. Everything was pretty respectable in 4.6 but still a lot slower than a single disk. My test was a country mile from scientific so if there's a better way to come up with results that might help reveal what the problem is I'd be glad to run more tests... Here's what I've been doing: # dd if=/dev/zero of=./testfile bs=1024k count=1 sleep 1; time ls -la /dev/null; ... followed by a few more... # time ls -la /dev/null; And the results where the ls time is a subjective average: The other server I've got in the office... OpenBSD 4.6 i386 on a single SATA drive: ls: 0.000u 0.020s 0:00.03 66.6% 0+0k 0+0io 0pf+0w dd: 1048576 bytes transferred in 94.775 secs (110637306 bytes/sec) OpenBSD 5.0 amd64 RAID 5 ls: 0m5.80s real 0m0.00s user 0m0.13s system dd: 1048576 bytes transferred in 53.736 secs (195132964 bytes/sec) Remarks: Terribly slow! OpenBSD 4.9 amd64 RAID 5 ls: 0m5.95s real 0m0.00s user 0m0.06s system dd: 1048576 bytes transferred in 75.058 secs (139700269 bytes/sec) Remarks: No better than 5.0 OpenBSD 4.8 amd64 RAID 5 ls: 0m5.72s real 0m0.00s user 0m0.04s system dd: 1048576 bytes transferred in 103.893 secs (100927877 bytes/sec) Remarks: A bit quicker, got some really quick response times OpenBSD 4.7 amd64 RAID 5 ls: 0m4.79s real 0m0.00s user 0m0.04s system dd: 1048576 bytes transferred in 95.476 secs (109825323 bytes/sec) Remarks: A little quicker than 4.8 OpenBSD 4.6 amd64 RAID 5 ls: 0m1.90s real 0m0.00s user 0m0.02s system dd: 1048576 bytes transferred in 64.263 secs (163166944 bytes/sec) Remarks: Consistently around the 2 second mark George Steel [li...@netglue.co] wrote: I've been testing and comparing between servers using dd -if /dev/zero and then performing simple tasks like ls. On a 4.6 server with a single SATA disk, ls spits out the listing immediately, on this RAID 5 box, the terminal hangs for as much as 12 seconds then begrudgingly spits out the dir listing line by line. I expect the system to become slower whilst writing 10GB of zeros to a file, but it seems to me that something is going on with this RAID box because the wait is unbelievable compared to a much lower spec machine. Perhaps this is to be expected with a relatively cheap RAID controller? and I'd be better off just attaching separate disks and doing softraid. If I cat the 10GB file to /dev/null and perform the same type of operations, everything is as quick as you'd expect. On 10 Jan 2012, at 17:48, Chris Cappuccio wrote: George Steel [li...@netglue.co] wrote: Yeah, I did start up top before hand on another terminal and biowait was all I saw with a 1 sec delay. I repeated the test several times and never saw anything other than biowait I also had a look with ps but couldn't really interpret what I saw other than ps reported state as D for both processes. I'm also not much good at interpreting systat but to my untrained eye, I couldn't see much difference between the idle machine and a heavy write other than lots of disk IO There's nothing in any logs and I've also tried the RAID card in different slots. I also installed i386 and had the same problem what activity is tying your disks up like this? -- -- There are only three sports: bullfighting, motor racing, and mountaineering; all the
Re: Install without the DNS domain name from DHCP
On Sun, Jan 1, 2012 at 4:22 PM, bofh goodb...@gmail.com wrote: On Sun, Jan 1, 2012 at 2:47 PM, Josh Jevosh jev...@gmail.com wrote: Hello. I'm installing OpenBSD 5.0. When I configure the networking to DHCP it goes ahead and sets the DNS domain name to something that it got from my ISP. I would like to only use the short name that I specified as the hostname as the entire hostname excluding the rest of it that comes from my ISP. How do I do that? You want to play with the options in /etc/dhclient.conf. B I have supersede host-name and supersede domain-name in mine. B However, I don't know if you can use supersede domain-name ; this constantly comes up on the list for some reason. it shouldn't because it doesn't do anything once you actually test it, you'll see that setting an option to the empty string is the same as not setting the option at all (so dhclient fallsback to defaults) maybe it needs to be documented somewhere... as a valid option. B The better way is probably to include a search line in resolv.conf for the domain you are going to use (or the domain your ISP gives you). B Or get a free one from dyndns.org (or any other free ones). Everyone should really use FQDN - short names suck and make people lazy. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk This officer's men seem to follow him merely out of idle curiosity. -- Sandhurst officer cadet evaluation. Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. B -- Gene Spafford learn french: B http://www.youtube.com/watch?v=30v_g83VHK4
Re: locate weirdness
On Wed, 11 Jan 2012, Philip Guenther wrote: Also, in order to help others when they encounter a similar issue, please be sure to post what the problem and/or solution were once you figure them out. Philip Guenther Amen! At least there's a chance it would turn up in the search engines. Lee
Re: locate weirdness
On Wed, 11 Jan 2012, Philip Guenther wrote: Lesson #1: examine the anomalous data for clues. So, you're saying that locate /usr | grep ^/usr | head returns nothing but Yep! As does locate /usr locate /home | grep ^/home | head returns something? (/home being a stand-in for whatever your unsaid [user file] partition is) Perhaps you should investigate how those two directories differ? That was the original question - both are ffs, both are rw, the only difference between then that /home is nosuid, however that does not affect locate on 3.3, 4.9, or 5.0 (just tested). TFTR! Lee
Re: locate weirdness
Also, in order to help others when they encounter a similar issue, please be sure to post what the problem and/or solution were once you figure them out. Philip Guenther
Re: locate weirdness
On Wed, Jan 11, 2012 at 1:09 PM, L. V. Lammert l...@omnitec.net wrote: On Wed, 11 Jan 2012, Philip Guenther wrote: Lesson #1: examine the anomalous data for clues. So, you're saying that locate /usr | grep ^/usr | head returns nothing but Yep! As does locate /usr locate /home | grep ^/home | head returns something? (/home being a stand-in for whatever your unsaid [user file] partition is) Perhaps you should investigate how those two directories differ? That was the original question - both are ffs, both are rw, the only difference between then that /home is nosuid, however that does not affect locate on 3.3, 4.9, or 5.0 (just tested). If you've established that the two directories have no differences in mode, etc, then I guess you'll have to go with the walk through things step by step path then. Philip Guenther
Re: Disk blocking and unacceptable wait times with Areca ARC 1210
On Wed, Jan 11, 2012, Chris Cappuccio wrote: If only one disk is affected at a time, 5.0 is the fastest, and has the most trouble with responsiveness while being fast, this is likely to be improved by a fair I/O scheduler. There is a generic framework in place now for schedulers to get plugged in I don't think anybody has actually written it yet. There's also an issue with dirty buffers getting eaten up, but that is prominent on slow devices, and you'd be WAITing in buf_needva in that case. I don't think needva has been totally ruled out from what I've seen, though it's less likely. My other guess is that the raid card itself prioritizes writes over reads leading to a backlog of read requests.
Re: locate weirdness
L. V. Lammert wrote: At 01:04 PM 1/11/2012, Barry Grumbine wrote: Bite the bullet, upgrade, life is better at 5.0 Sorry, but *UPGRADING* isn't the question - the question is why locate is not working properly. If nobody has ever seen such a problem, it would be quite more forthright to just admit that than spout the normal crap this list promulgates. But, then, I should have expected multiple replies that are off topic, of no help, and not worth the time to read. Sorry, I had momentarily forgotten the definition of OBSD Misc - my bad. If nobody can answer the question, that's is not a problem, just say so! Lee Why don't you download 5.0 on a separate disc or folder and then compare the differences using a diff tool to see what changed and if it is fixed in 5.0 you can apply a patch to your old one. find the problem files, compare them to the new code. Also make sure the bug isn't in the new release because if it is, you should report it.
Re: Disk blocking and unacceptable wait times with Areca ARC 1210
Ted Unangst [t...@tedunangst.com] wrote: On Wed, Jan 11, 2012, Chris Cappuccio wrote: There's also an issue with dirty buffers getting eaten up, but that is prominent on slow devices, and you'd be WAITing in buf_needva in that case. I don't think needva has been totally ruled out from what I've seen, though it's less likely. My other guess is that the raid card itself prioritizes writes over reads leading to a backlog of read requests. But the behavior changes with each kernel he tests. It sounds like 4.6 and 4.8 are quite acceptable, the rest are not ?
Re: Disk blocking and unacceptable wait times with Areca ARC 1210
On 01/11/2012 05:12 PM, Ted Unangst wrote: On Wed, Jan 11, 2012, Chris Cappuccio wrote: If only one disk is affected at a time, 5.0 is the fastest, and has the most trouble with responsiveness while being fast, this is likely to be improved by a fair I/O scheduler. There is a generic framework in place now for schedulers to get plugged in I don't think anybody has actually written it yet. There's also an issue with dirty buffers getting eaten up, but that is prominent on slow devices, and you'd be WAITing in buf_needva in that case. I don't think needva has been totally ruled out from what I've seen, though it's less likely. My other guess is that the raid card itself prioritizes writes over reads leading to a backlog of read requests. I didn't follow the thread all the way back, so forgive me if this has been covered. I'm betting that the disk subsystem RAID controller combination are choking on queued metadata writes. Some of the questions are aimed at the user, and some at people who know the system code. User: Is the file system mounted with soft updates? Would the writes of the bit maps, inode and indirect blocks have piled up? Does turning off soft updates help? What is the block/cluster size? What is the stripe size and RAID configuration? RAIDs are really slow doing the required read-modify-write on small writes. The cacheing algorithm(s) in the cluster may be interfering with the metadata writes. When reading the file the first time when no metadata is cached, does the delay occur? If the file is opened in update mode so that no new allocation is done, does the delay occur? A trivial program might have to be written (C, Python, Perl, LISP, COBOL, whatever). Developers: Would the filesystem code write logically contiguous data blocks out of order? If so, that could trigger read-modify-writes as well. Has the soft update code changed to accumulate more metadata in core? I don't know if there's any utility which can capture data about the types of data in the disk queues. That would rule this out. Again, if this has been covered, just ignore me. Geoff Steckel
Re: locate weirdness
On Wed, Jan 11, 2012, L. V. Lammert wrote: At 01:30 PM 1/11/2012, Jeremy O'Brien wrote: 4.3 was released May 1, 2008. That's almost 4 years old software. What are you expecting here? Someone to check out the code from that version and deeply inspect what may be causing your problem, that is more than likely already fixed in a later version? Another typical reply - the question was has anyone ever seen anything like this, .. or, perhaps, what could be causing it. No need for the off-topic diatribes - a simple no would more than suffice. okie, dokie. locate works for me!
Re: locate weirdness
Am 11.01.12 22:34, schrieb Ted Unangst: On Wed, Jan 11, 2012, L. V. Lammert wrote: At 01:30 PM 1/11/2012, Jeremy O'Brien wrote: 4.3 was released May 1, 2008. That's almost 4 years old software. What are you expecting here? Someone to check out the code from that version and deeply inspect what may be causing your problem, that is more than likely already fixed in a later version? Another typical reply - the question was has anyone ever seen anything like this, .. or, perhaps, what could be causing it. No need for the off-topic diatribes - a simple no would more than suffice. okie, dokie. locate works for me! Ah! History Channel. /me too haz workin locate ([foobar@bistromath] ~)$ locate pfctl /sbin/pfctl /usr/sbin/ospfctl ([foobar@bistromath] ~)$ uname -a OpenBSD bistromath.meganet.local 4.0 GENERIC#1107 i386 ([foobar@bistromath] ~)$ time sudo /usr/libexec/locate.updatedb Password: real0m9.379s user0m1.453s sys 0m3.406s ([foobar@bistromath] ~)$ echo $? 0 I really should update this system ;-) ./Marian
Re: OpenBSD 5.0 Snapshot: ASUS Wireless Card - Not Configured
* Christiano F. Haesbaert haesba...@haesbaert.org [120109 08:45]: On 9 January 2012 02:21, Steven w.steven.schnei...@ualberta.net wrote: IC. Any recommendations for a good replacement wireless card? I've read the list on the FAQ, but my experience in wireless cards is (besides the ASUS card) practically nil. Should I just hang on to the ASUS and see what happens with subsequent snapshots? Of course, I could just do both ral(4) is usually a good recommendation, they're cheap and work well. Thanks, I'll look into that. The command from up-on-high (my wife) is that she have wireless. She doesn't much care how it's done. I'll hang on to the ASUS for now. If a Dev needs an ASUS I'll be happy to donate it to the cause. Drop me a line and I'll try to send it out as soon as I possibly can. :-) -- W. Steven Schneider w.steven.schnei...@ualberta.net
CARP strangeness after 5.0 upgrade
Hello all I have recently upgraded a pair of CARPed firewalls from 4.6 to 5.0 (late, I know ...) after almost 2 years of absolutely flawless operation (ipv4 interfaces only). I have changed all the nat/rdr rules in pf.conf to the new syntax, not changed any other fw/nw setting (at least to my knowledge - I used sysmerge in the process, carefully, and haven't noticed any fw/nw related changes in any file. The boxes are rather straight forwardly configured plain firewalls and very close to the default settings). They have 4 interfaces each, the external (egress, carp0 on em0) one being connected to the provider's switches (professional gear, Cisco or the like), the dmz (internal, carp1-3 on em1-3) ones being connected to a pair of levelone gsw-1641 (web smart switch, the cheap stuff). The two fw (fw1=master, and fw2=backup) and switches have been rebooted multiple times by now. The problem now is that the CARP master selection leads to weird results. After rebooting both, I get the following picture: fw1 (master, advbase 1 advskew 1): carp0: BACKUP carp1: MASTER carp2: MASTER carp3: BACKUP ifconfig -g carp carp: carp demote count 3 fw2 (backup, advbase 1 advskew 10) carp0: MASTER carp1: MASTER carp2: MASTER carp3: MASTER ifconfig -g carp carp: carp demote count 2 I get the following in dmesg on fw1: carp: carp0 demoted group carp by 1 to 129 (carpdev) carp: carp1 demoted group carp by 1 to 130 (carpdev) carp: carp2 demoted group carp by 1 to 131 (carpdev) carp: carp3 demoted group carp by 1 to 132 (carpdev) carp: carp2 demoted group carp by -1 to 131 (carpdev) carp: carp2 demoted group xfer by -1 to 0 (carpdev) carp: carp0 demoted group carp by -1 to 130 (carpdev) carp: pfsync0 demoted group carp by 1 to 131 (pfsync bulk start) carp: pfsync0 demoted group pfsync by 1 to 1 (pfsync bulk start) carp: carp3 demoted group carp by -1 to 130 (carpdev) carp: carp3 demoted group mgmt by -1 to 0 (carpdev) carp: carp1 demoted group carp by -1 to 129 (carpdev) carp: carp1 demoted group coca by -1 to 0 (carpdev) carp2: state transition: BACKUP - MASTER carp1: state transition: BACKUP - MASTER carp: pfsync0 demoted group carp by -1 to 128 (pfsync bulk done) carp: pfsync0 demoted group pfsync by -1 to 0 (pfsync bulk done) carp: carp2 demoted group carp by 1 to 129 ( snderrors) carp: carp1 demoted group carp by 1 to 130 ( snderrors) carp: carp1 demoted group coca by 1 to 1 ( snderrors) carp: carp2 demoted group xfer by 1 to 1 ( snderrors) carp0: state transition: BACKUP - MASTER carp3: state transition: BACKUP - MASTER carp: carp3 demoted group carp by 1 to 3 ( snderrors) carp: carp3 demoted group mgmt by 1 to 1 ( snderrors) carp0: state transition: MASTER - BACKUP nd6_na_input: duplicate IP6 address fe80:0008::0200:5eff:fe00:01c8 carp3: state transition: MASTER - BACKUP dmesg on fw2 gives this: carp: carp0 demoted group carp by 1 to 129 (carpdev) carp: carp1 demoted group carp by 1 to 130 (carpdev) carp: carp2 demoted group carp by 1 to 131 (carpdev) carp: carp3 demoted group carp by 1 to 132 (carpdev) carp: pfsync0 demoted group carp by 1 to 133 (pfsync bulk start) carp: pfsync0 demoted group pfsync by 1 to 1 (pfsync bulk start) carp: carp2 demoted group carp by -1 to 132 (carpdev) carp: carp2 demoted group xfer by -1 to 0 (carpdev) carp: carp1 demoted group carp by -1 to 131 (carpdev) carp: carp1 demoted group coca by -1 to 0 (carpdev) carp: carp0 demoted group carp by -1 to 130 (carpdev) carp: carp3 demoted group carp by -1 to 129 (carpdev) carp: carp3 demoted group mgmt by -1 to 0 (carpdev) carp: pfsync0 demoted group carp by -1 to 128 (pfsync bulk done) carp: pfsync0 demoted group pfsync by -1 to 0 (pfsync bulk done) carp2: state transition: BACKUP - MASTER carp1: state transition: BACKUP - MASTER carp: carp2 demoted group carp by 1 to 129 ( snderrors) carp: carp1 demoted group carp by 1 to 130 ( snderrors) carp: carp1 demoted group coca by 1 to 1 ( snderrors) carp: carp2 demoted group xfer by 1 to 1 ( snderrors) carp0: state transition: BACKUP - MASTER carp3: state transition: BACKUP - MASTER carp: carp3 demoted group carp by 1 to 3 ( snderrors) carp: carp3 demoted group mgmt by 1 to 1 ( snderrors) carp0: state transition: MASTER - BACKUP nd6_na_input: duplicate IP6 address fe80:0008::0200:5eff:fe00:01c8 arp info overwritten for 10.10.10.100 by 00:1e:68:9a:e4:4f on em2 nd6_na_input: duplicate IP6 address fe80:0009::0200:5eff:fe00:01c9 carp3: state transition: MASTER - BACKUP nd6_na_input: duplicate IP6 address fe80:000b::0200:5eff:fe00:01ff nd6_na_input: duplicate IP6 address fe80:000a::0200:5eff:fe00:01d2 carp0: state transition: BACKUP - MASTER carp3: state transition: BACKUP - MASTER carp: carp3 demoted group carp by -1 to 2 ( snderrors) carp: carp3 demoted group mgmt by -1 to 0 ( snderrors) nd6_na_input: duplicate IP6 address fe80:000a::0200:5eff:fe00:01d2 nd6_na_input: duplicate IP6 address fe80:0009::0200:5eff:fe00:01c9 carp0: state transition: MASTER - BACKUP nd6_na_input: duplicate IP6 address
Re: locate weirdness
On Wed, Jan 11, 2012 at 3:02 PM, Marian Hettwer m...@kernel32.de wrote: ... ([foobar@bistromath] ~)$ time sudo /usr/libexec/locate.updatedb Password: Ah, but that's *not* how locate.updatedb is invoked by the cronjob! There's a reason I called out the need to mimic that when trying to replicate the problem while walking through locate.updatedb manually... Philip Guenther
BSDCan 2012 - call for papers
BSDCan 2012 will be held 11-12 May, 2012 in Ottawa at the University of Ottawa. It will be preceded by two days of tutorials on 9-10 May. NOTE: This will be Fri/Sat with tutorials on Wed/Thu. We are now accepting proposals for talks. The talks should be designed with a very strong technical content bias. Proposals of a business development or marketing nature are not appropriate for this venue. If you are doing something interesting with a BSD operating system, please submit a proposal. Whether you are developing a very complex system using BSD as the foundation, or helping others and have a story to tell about how BSD played a role, we want to hear about your experience. People using BSD as a platform for research are also encouraged to submit a proposal. Possible topics include: * How we manage a giant installation with respect to handling spam. * and/or sysadmin. * and/or networking. From the BSDCan website, the Archives section will allow you to review the wide variety of past BSDCan presentations as further examples. Both users and developers are encouraged to share their experiences. The schedule is: 8 Jan 2012 Proposal acceptance begins 29 Jan 2012 Proposal acceptance ends 19 Feb 2012 Confirmation of accepted proposals See also http://www.bsdcan.org/2012/papers.php Instructions for submitting a proposal to BSDCan 2012 are available from: http://www.bsdcan.org/2012/submissions.php -- Dan Langille - http://langille.org
Re: locate weirdness
On Wed, 11 Jan 2012, Philip Guenther wrote: On Wed, Jan 11, 2012 at 3:02 PM, Marian Hettwer m...@kernel32.de wrote: ... ([foobar@bistromath] ~)$ time sudo /usr/libexec/locate.updatedb Password: Ah, but that's *not* how locate.updatedb is invoked by the cronjob! There's a reason I called out the need to mimic that when trying to replicate the problem while walking through locate.updatedb manually... Agreed, .. but if locate.update does NOT run as root, that would seem to indicate some problem other than permissions. BTW - Looked at a couple of other possiblities, .. mysql had a lot of space in log files so I freed up most of them, no change; the other possibility could be that of a memory problem, but I have no knowledge of 'bigmem' and how that works. Lee
Re: locate weirdness
Am 12.01.12 00:13, schrieb Philip Guenther: On Wed, Jan 11, 2012 at 3:02 PM, Marian Hettwerm...@kernel32.de wrote: ... ([foobar@bistromath]~)$ time sudo /usr/libexec/locate.updatedb Password: Ah, but that's *not* how locate.updatedb is invoked by the cronjob! There's a reason I called out the need to mimic that when trying to replicate the problem while walking through locate.updatedb manually... [root@bistromath] ~ # /bin/sh /etc/weekly Rebuilding locate database: Rebuilding whatis databases: [root@bistromath] ~ # echo $? 0 still on OpenBSD 4.0. And /etc/weekly looks like a reasonable easy straight forward shell script. (I would expect nothing else in OpenBSD). ./Marian
Re: OpenBSD 5.0 Snapshot: ASUS Wireless Card - Not Configured
* Tomas Bodzar tomas.bod...@gmail.com [120108 00:00]: On Sun, Jan 8, 2012 at 6:29 AM, Steven w.steven.schnei...@ualberta.net wrote: Hi, I recently purchased an ASUS PCE-N15 Wireless-N PCI-E Adapter. http://www.asus.com/Networks/Wireless_Adapters/PCEN15/ Details from pcidump will be maybe useful for developers, but it seems like you have some Win-only/proprietary stuff for which Linux has binary blob because of NDA or something. Well, I'm not sure in what format the pcidump might be useful. pcidump -v 2:0:0 2:0:0: Realtek unknown 0x: Vendor ID: 10ec Product ID: 8178 0x0004: Command: 0007 Status ID: 0010 0x0008: Class: 02 Subclass: 80 Interface: 00 Revision: 01 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 10 0x0010: BAR io addr: 0xbe00/0x0100 0x0014: BAR empty () 0x0018: BAR mem 64bit addr: 0xfcffc000/0x4000 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 1043 Product ID: 84b6 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 0a Min Gnt: 00 Max Lat: 00 0x0040: Capability 0x01: Power Management 0x0050: Capability 0x05: Message Signaled Interrupts (MSI) 0x0070: Capability 0x10: PCI Express Link Speed: 2.5 / 2.5 Gb/s Link Width: x1 / x1 -- W. Steven Schneider w.steven.schnei...@ualberta.net
Re: locate weirdness
On Wed, Jan 11, 2012 at 3:18 PM, L. V. Lammert l...@omnitec.net wrote: On Wed, 11 Jan 2012, Philip Guenther wrote: ... Ah, but that's *not* how locate.updatedb is invoked by the cronjob! There's a reason I called out the need to mimic that when trying to replicate the problem while walking through locate.updatedb manually... Agreed, .. but if locate.update does NOT run as root, that would seem to indicate some problem other than permissions. If you're saying what I think you're saying, then I disagree and think your logic is backwards. What user do you think locate.updatedb is run as? Philip Guenther
Re: locate weirdness
On Wed, 11 Jan 2012, Philip Guenther wrote: Agreed, .. but if locate.update does NOT run as root, that would seem to indicate some problem other than permissions. If you're saying what I think you're saying, then I disagree and think your logic is backwards. What user do you think locate.updatedb is run as? If it does not run as root, then it isn't a permission issue as running as root provides all required permissions, eh? I have never seen locate.updatedb fail when run as root (3.0 to 5.0, actually), .. but, then, it isn't exactly 'failing', it just isn't indexing anything except /home. The only other possible hypothesis, is that it is running out of memory; one would expect some sort of error to be returned in that case and a blank database as a result, not one partially populated. Lee
Limit ICMP echo reply
Hi all! very simple PF question, is it possible to limit the number of ICMP echo replies, like 5/min from any source address ? TIA!
Re: locate weirdness
On 01/11/12 14:24, Barry Grumbine wrote: Bite the bullet, upgrade, life is better at 5.0 ...knew I forgot something. There aren't many North American mirrors that go back to 4.2. I was fortunate to find obsd.cec.mtu.edu which Nick Holland recently notified us that he needs to take down very soon. Ouch. I opted to archive old versions of OpenBSD for historical interest... When did we get Mozilla ported? What platforms were supported back in the 2.5 days? What was it like to install OpenBSD 2.0 on a 386 system? Etc. It's FUN. And, storage is cheap; for something like $500US several years ago, I was able to add 1.5G of redundant storage to obsd.cec.mtu.edu, and that allowed me to make a comprehensive archive available, and being it was my money and my interest, I did. :) Same reason I collect 80+ year old calculating devices and 40 year old calculators...but this, I can easily share with others. It was certainly never intended to be USED for production. It bothers me that people may have been using my archive to avoid upgrading ('specially since I write the upgrade guides!). (for anyone tempted to snarf down all my old archival versions of OpenBSD before the final shut down of obsd.cec.mtu.edu, don't worry, I believe I'll be able to get all the hardware (20U worth! loaded with data) back, so the data won't be vanishing into thin air. And, I don't believe it is the only copy left on the 'net.) I've removed everything from 4.8 and before from the easily spotted space on the mirror, so it is now only available in a directory clearly marked archive. Nick.
Re: Multiple ISP-connections/Routing/Packet filtering
I ran OpenVPN on the loopback and did an rdr (back in the day). It has worked for me. http://marc.info/?l=openbsd-miscm=119446553412564w=2 -Steve S. -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Dr.-Ing. Torsten Finke Sent: Wednesday, January 11, 2012 10:48 AM To: misc@openbsd.org Subject: Re: Multiple ISP-connections/Routing/Packet filtering Hello Russell, On Wed, Jan 11, 2012 at 07:46:59AM -0500, Russell Garrison wrote: Have you considered routing domains? no I have not. According to your hint I started to study their concept, but have not found a description that would meet my situation. Thanks for your idea and best regards Torsten On Tue, Jan 10, 2012 at 1:41 PM, Dr.-Ing. Torsten Finke torsten.fi...@igh-essen.com wrote: Hello Jorge, I read again your mail and now i'm lost ! You Wrote: How can I force my Extl. FW to reply on exactly the same interface it had been requested on? For example I am running OpenVPN(1194/UDP) between my HomeOffice (Z=Client) and the Intl. FW(=Server). Alike I would appretiate SSH-portforwarding from Internet to the Intl. FW. SSH port forwarding from internet to Internal server is something like : ext_if=vr0 ext_ip=1.2.3.4 Spvt= 4.5.6.7 match in on $ext_if proto tcp from any to $ext_ip port 22 rdr-to $Spvt pass in on $ext_if proto tcp from any to $Spvt port 22 pass out on $int_if proto tcp from any to $Spvt port 22 The above line redirects all traffic coming from any place in internet to my external IP ( 1.2.3.4) to the server 4.5.6.7 which is located in my internal lan, in other words the packet comes in on external interface , goes out on internal interface .. These works on OpenBSD 4.8 or newer ! Is this what you need ? no. Obviously I have not explained clearly what my problem is. On my firewall I have TWO different internet connections. It is simple to forward - for instance ssh - from both connections to an internal machine. Now this machine answers and the firewall sends the reply back. How can I force the firewall to send the reply over exactly that interface the request came in? The problem is that the client anywhere on the internet expects the answer from the very address it had contacted. If now the reply comes from another address, it will get lost. Best regards Torsten On Tue, Jan 10, 2012 at 10:46 AM, Dr.-Ing. Torsten Finke torsten.fi...@igh-essen.com wrote: Hello Jorge, If i understood you well, the answer to your question is here ! http://www.openbsd.org/faq/pf/pools.html Under the section Load Balancing outgoing traffic, or take a look at: http://www.openbsd.org/faq/faq6.html#Multipath There are good examples there ! I hope this can help ! thank you for this. The FAQ on pools has nice examples but none of them really faces my problem. It discusses load balancing of incoming traffic to several servers as well as load balancing of outgoing traffic. I cannot figure out how to dispatch replies to incoming requests over different connections. The FAQ on multipath has helped me very well to set up multiple default routes - this works very well. Best regards Torsten Dear List, Here I show my network topology. Maybe it seems quite typical. My internal network is located behind an Intl/Extl Firewall which is connected to the Internet(IN) via pppoe/ppp(8). On the other side I run different systems, for instance a home office network, a mobile laptop, and several customers. +---+ +---+ | A | | B | (PC) +-+-+ +-+-+ | | +-+ --+-+---| Intl FW |---(DMZ)---+ (LAN/int) +-+ | | +---+ | +---+ | | Z | (PC) | () +---+ | +-+ pppoe/ppp(8) +---+ () ++ | | | |--| DSL-Modem |--()--| GW |--- -+- | | | rl0/tun0 +---+ () ++ (HomeOffice) +--| Extl FW | ( IN ) + --+ | | pppoe/ppp(8) +---+ ()--| Customer | | |--| DSL-Modem |--() + --+ +-+ rl1/tun1 +---+ () + + OpenBSD 4.8 ()--| Mobile | ++ My question is about the setup of routing and packet filtering on the External
Re: locate weirdness
On Wed, Jan 11, 2012 at 4:08 PM, L. V. Lammert l...@omnitec.net wrote: On Wed, 11 Jan 2012, Philip Guenther wrote: Agreed, .. but if locate.update does NOT run as root, that would seem to indicate some problem other than permissions. If you're saying what I think you're saying, then I disagree and think your logic is backwards. What user do you think locate.updatedb is run as? If it does not run as root, then it isn't a permission issue as running as root provides all required permissions, eh? I'm sorry, but I don't understand that sentence. It appears to conflate running as root with not running as root, or I'm miscounting the 'not's. So let me try again: what user do you think locate.updatedb is run as? I have never seen locate.updatedb fail when run as root (3.0 to 5.0, actually), .. but, then, it isn't exactly 'failing', it just isn't indexing anything except /home. I don't understand this sentence either. If the word fail is ambiguous or unclear, then use a different word instead! I cannot tell from what you wrote what behavior you saw when you manually ran locate.updatedb as root on (say) 3.0. Philip Guenther
Re: OpenBSD 5.0 Snapshot: ASUS Wireless Card - Not Configured
On 2012-01-11, Steven w.steven.schnei...@ualberta.net wrote: * Christiano F. Haesbaert haesba...@haesbaert.org [120109 08:45]: On 9 January 2012 02:21, Steven w.steven.schnei...@ualberta.net wrote: IC. Any recommendations for a good replacement wireless card? I've read the list on the FAQ, but my experience in wireless cards is (besides the ASUS card) practically nil. Should I just hang on to the ASUS and see what happens with subsequent snapshots? Of course, I could just do both ral(4) is usually a good recommendation, they're cheap and work well. Thanks, I'll look into that. The command from up-on-high (my wife) is that she have wireless. She doesn't much care how it's done. I'll hang on to the ASUS for now. If a Dev needs an ASUS I'll be happy to donate it to the cause. Drop me a line and I'll try to send it out as soon as I possibly can. :-) What do you want to do with the wireless? Is this for acting as an access point? (in this case I would be looking at athn(4) devices) or just for connecting to an existing wireless network? (in which case you are likely to have good luck by just picking up a random cheap USB device).
El ADN de la Asistente Ejecutiva Moderna
476525 [IMAGE] Pms de Mixico prestigiada firma de Capacitacisn presenta: La Asistente Ejecutiva Moderna -Mas de 900 asistentes satisfechas nos respaldansupera con ixito los retos del 2012. -Obtenga las herramientas necesarias para alcanzar un sptimo desempeqo en su funcisn. !Reciba la informacisn completa! Por favor responda este e-mail con los datos siguientes Empresa Nombre Telifono Email Nzmero de Interesados En breve recibira temario, reseqa de expositor y tarifas. Pms Capacitacisn Efectiva de Mixico es una empresa Registrada ante la STPS Trabajamos con expertos en la materia para poder brindar herramientas tacticas, vanguardistas y de facil aplicacisn. 100% Garantma de Satisfaccisn. Si lo prefiere comunmquese a los telifonos donde con gusto uno de nuestros ejecutivos le atendera. Telifonos: (0133) 8851-2365, (0133) 8851-2741 con mas de 10 lmneas. Smguenos en Twitter@pmscapacitacion o bien en Facebook PMS de Mixico Copyright (C) 2011, PMS Capacitacisn Efectiva de Mixico S.C. Derechos Reservados. E-Mail MARKETING SERVICE POWERED BY MEDIAMKTOOLS. Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de Mixico o bien un usuario le refiris para recibir este boletmn. Como usuario de Pms de Mixico, en este acto autoriza de manera expresa que Pms de Mixico le puede contactar vma correo electrsnico u otros medios. ALTO, si en esta ocasisn la informacisn recibida no fue de su interis pero desea recibir informacisn personalizada en relacisn a otros temas favor de indicarlo. Si usted ha recibido este mensaje por error, haga caso omiso de el y de antemano una sincera disculpa por la molestia, reporte su cuenta respondiendo este correo con el subject BAJAEJECUTIVA Unsubscribe to this mailing list, reply a blank message with the subject UNSUBSCRIBE BAJAEJECUTIVA Tenga en cuenta que la gestisn de nuestras bases de datos es de suma importancia para nosotros y no es intencisn de la empresa la inconformidad del receptor, nuestra intencisn es promover herramientas de utilidad para el [demime 1.01d removed an attachment of type image/jpeg which had a name of promo asistentes h.jpg]
Re: Multiple ISP-connections/Routing/Packet filtering
Steven's method has worked for me as well, with OpenVPN on OpenBSD 4.9. Lawrence On Wed, Jan 11, 2012 at 07:48:55PM -0500, Steven Surdock wrote: I ran OpenVPN on the loopback and did an rdr (back in the day). It has worked for me. http://marc.info/?l=openbsd-miscm=119446553412564w=2 -Steve S. -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Dr.-Ing. Torsten Finke Sent: Wednesday, January 11, 2012 10:48 AM To: misc@openbsd.org Subject: Re: Multiple ISP-connections/Routing/Packet filtering Hello Russell, On Wed, Jan 11, 2012 at 07:46:59AM -0500, Russell Garrison wrote: Have you considered routing domains? no I have not. According to your hint I started to study their concept, but have not found a description that would meet my situation. Thanks for your idea and best regards Torsten On Tue, Jan 10, 2012 at 1:41 PM, Dr.-Ing. Torsten Finke torsten.fi...@igh-essen.com wrote: Hello Jorge, I read again your mail and now i'm lost ! You Wrote: How can I force my Extl. FW to reply on exactly the same interface it had been requested on? For example I am running OpenVPN(1194/UDP) between my HomeOffice (Z=Client) and the Intl. FW(=Server). Alike I would appretiate SSH-portforwarding from Internet to the Intl. FW. SSH port forwarding from internet to Internal server is something like : ext_if=vr0 ext_ip=1.2.3.4 Spvt= 4.5.6.7 match in on $ext_if proto tcp from any to $ext_ip port 22 rdr-to $Spvt pass in on $ext_if proto tcp from any to $Spvt port 22 pass out on $int_if proto tcp from any to $Spvt port 22 The above line redirects all traffic coming from any place in internet to my external IP ( 1.2.3.4) to the server 4.5.6.7 which is located in my internal lan, in other words the packet comes in on external interface , goes out on internal interface .. These works on OpenBSD 4.8 or newer ! Is this what you need ? no. Obviously I have not explained clearly what my problem is. On my firewall I have TWO different internet connections. It is simple to forward - for instance ssh - from both connections to an internal machine. Now this machine answers and the firewall sends the reply back. How can I force the firewall to send the reply over exactly that interface the request came in? The problem is that the client anywhere on the internet expects the answer from the very address it had contacted. If now the reply comes from another address, it will get lost. Best regards Torsten On Tue, Jan 10, 2012 at 10:46 AM, Dr.-Ing. Torsten Finke torsten.fi...@igh-essen.com wrote: Hello Jorge, If i understood you well, the answer to your question is here ! http://www.openbsd.org/faq/pf/pools.html Under the section Load Balancing outgoing traffic, or take a look at: http://www.openbsd.org/faq/faq6.html#Multipath There are good examples there ! I hope this can help ! thank you for this. The FAQ on pools has nice examples but none of them really faces my problem. It discusses load balancing of incoming traffic to several servers as well as load balancing of outgoing traffic. I cannot figure out how to dispatch replies to incoming requests over different connections. The FAQ on multipath has helped me very well to set up multiple default routes - this works very well. Best regards Torsten Dear List, Here I show my network topology. Maybe it seems quite typical. My internal network is located behind an Intl/Extl Firewall which is connected to the Internet(IN) via pppoe/ppp(8). On the other side I run different systems, for instance a home office network, a mobile laptop, and several customers. +---+ +---+ | A | | B | (PC) +-+-+ +-+-+ | | +-+ --+-+---| Intl FW |---(DMZ)---+ (LAN/int) +-+ | | +---+ | +---+ | | Z | (PC) | () +---+ | +-+ pppoe/ppp(8) +---+ () ++ | | | |--| DSL-Modem |--()--| GW |--- -+- | | | rl0/tun0 +---+ () ++ (HomeOffice) +--| Extl FW | ( IN ) + --+ | | pppoe/ppp(8) +---+ ()--| Customer | |
NAT Firewalls and Client IPs in SSL Requests
I have a web server handling predominantly https traffic sitting on a DMZ behind a CARP'd firewall of two ALIX 2D3s. Since the firewall is NATting traffic to the web server, the source IP of requests arriving at the web server is always the firewall's CARP address on the DMZ. I'd like the server to see the original client IP. The only solution I can think of is to use relayd, pound etc. as a layer 7 reverse proxy on the firewall that decrypts the SSL and inserts an X-Forwarded-For header. The problem there though is that the firewall is lightweight with just a 500MHz Geode, whereas the web server has dual quad core 2.3GHz E5410 Xeons sitting mostly idle. Even if the firewall can handle the load now, it'll quickly become a bottleneck if traffic increases. There might be hardware accelerator products that will work with the ALIX boards, but it seems to me that scalability in future will depend on separating the SSL decryption from the firewall. How can I get the best of both worlds, offloading the SSL decryption from the firewall without losing the client's IP? Do any reverse proxies support handing off just the decryption load to other machines? How do big sites separate their SSL decryption from their firewalls without losing this valuable information? Thanks in advance, Sam
Re: OpenBSD 5.0 Snapshot: ASUS Wireless Card - Not Configured
* Stuart Henderson s...@spacehopper.org [120111 19:00]: Date: Thu, 12 Jan 2012 01:42:11 + (UTC) From: Stuart Henderson s...@spacehopper.org To: misc@openbsd.org Subject: Re: OpenBSD 5.0 Snapshot: ASUS Wireless Card - Not Configured Content-Type: text/plain; charset=us-ascii User-Agent: slrn/0.9.9p1 (OpenBSD) Sender: owner-m...@openbsd.org On 2012-01-11, Steven w.steven.schnei...@ualberta.net wrote: * Christiano F. Haesbaert haesba...@haesbaert.org [120109 08:45]: On 9 January 2012 02:21, Steven w.steven.schnei...@ualberta.net wrote: IC. Any recommendations for a good replacement wireless card? I've read the list on the FAQ, but my experience in wireless cards is (besides the ASUS card) practically nil. Should I just hang on to the ASUS and see what happens with subsequent snapshots? Of course, I could just do both ral(4) is usually a good recommendation, they're cheap and work well. Thanks, I'll look into that. The command from up-on-high (my wife) is that she have wireless. She doesn't much care how it's done. I'll hang on to the ASUS for now. If a Dev needs an ASUS I'll be happy to donate it to the cause. Drop me a line and I'll try to send it out as soon as I possibly can. :-) What do you want to do with the wireless? Is this for acting as an access point? (in this case I would be looking at athn(4) devices) or just for connecting to an existing wireless network? (in which case you are likely to have good luck by just picking up a random cheap USB device). It would act as an access point. We have several wireless devices (ie. my wife's laptop) and I want to implement a wireless network for these devices. -- W. Steven Schneider w.steven.schnei...@ualberta.net
Re: CARP strangeness after 5.0 upgrade
On 01/12/12 00:05, Markus Wernig wrote: If I set net.inet.carp.log=7, I get lots of the following on both fws, only for carp1 and carp2, never for carp0 and carp3: carp2: ip_output failed: 65 carp1: ip_output failed: 65 carp2: ip_output failed: 65 carp1: ip_output failed: 65 carp2: ip_output failed: 65 carp1: ip_output failed: 65 Hi all After another round of reboots (no config changed) this has now shifted to carp2 and carp3: Jan 12 08:33:17 fw1 /bsd: carp2: ip_output failed: 65 Jan 12 08:33:17 fw1 /bsd: carp3: ip_output failed: 65 Jan 12 08:33:18 fw1 /bsd: carp2: ip_output failed: 65 Jan 12 08:33:18 fw1 /bsd: carp3: ip_output failed: 65 And consequently tcpdump shows outgoing carp traffic on em0 and em1 only. Does anybody have an idea where to search further? krgds /markus