OBSD PF / Carp and pfsync issue
I setup a pair of OBSD box's with carp pfsync last week, They appeared to working when I left them although the number of states on each was out by about 20%. I had the leave them like they were, but when I checked on them this morning I noticed that the backup box only has about 15 states and the active box has about 8000! I compared the hostname.vlan .carp files on each box and realised that I has an extra character in one of the carp password fields in one of the files. I fixed this but haven't done a sh /etc/netstart yet as don't want to do that remotely. The wrong password in the files makes sense and will account for the missing 20% states but could the wrong password have been seen as a denial of service against pfsync and have caused it to stop syncing ? I've had a look at the /var/log/messages daemon files but there's nothing there. PF doesn't seem to be blocking anything and if I run tcpdump on the vlan's I can see carp broadcasts (I don't understand them, but they are there). Does anyone have any suggestions. Thanks Keith.
OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?
All, I got my first non-tunneled IPv6 uplink a while ago, and now I have issues with NDP. Over the same shared LAN, the ISP apparently serves several (more than one, but as far as I can see not neccessarily more than two) customer routers, with a logical /125 transfer network for each customer. What I currently see, is this: 1) 2001:db8:1234:5678::08/125 - Someone else's transfer network 2) 2001:db8:1234:5678::10/125 - My transfer network What happens now is that the ISP router sometimes sends neigbor solicitation requests for my OpenBSD router using a source IP from its proper physical interface, but a different logical network. In this case: 2001:db8:1234:5678::9 When the NDP solicitations from 2001:db8:1234:5678::9 come in, OpenBSD does not respond to them, apparently because their source IP doesn't match the OpenBSD router's own prefix. The ISP router receives no neighbor advertisement from my OpenBSD router, and deems it unreachable. IPv6 is now down until a while later, when the solicitations happen to come from 2001:db8:1234:5678::11 again. RFC4861 says about the source IP for neighbor solicitations, that it has to be an address assigned to the interface from which this message is sent. The ISP router firmware interprets this to mean any address from the interface, thus using an IP from a different logical subnet. OpenBSD, in turn, does not seem to be willing to respond to requests from a different subnet. This was reproduced with OpenBSD 5.2-release, with pf turned off. It also happens on the production router, which happens to still run OpenBSD 4.6. To try to better understand the issue, I also set up a Linux system (Debian 6), which does in fact send advertisements in response to those wrong-prefix solicitations. What I understand is that either OpenBSD or the ISP router interpret the RFC in a way that leads to unintended results. Is this a bug in OpenBSD? Is there a workaround, e.g. in the form of a sysctl or a pf.conf hack that will make OpenBSD's NDP more liberal? Thanks for all input, -martin
Re: Foxconn NanoPC nT-i1250 fails to boot after install
Hi Kent, On 14/01/13(Mon) 10:05, Kent Fritz wrote: On Fri, Jan 11, 2013 at 5:29 PM, Stefan Sperling s...@openbsd.org wrote: I see. So this is happening during pms_probe() which runs before the protocol is selected. Maybe fix it like this? I think the code should cope with hardware that returns unrecognizable garbage. But I don't know very much about PS/2. Thanks for pinning down the problem! Index: pckbc.c === RCS file: /cvs/src/sys/dev/ic/pckbc.c,v retrieving revision 1.31 diff -u -p -r1.31 pckbc.c --- pckbc.c 17 Oct 2012 19:16:10 - 1.31 +++ pckbc.c 12 Jan 2013 01:25:41 - @@ -620,6 +620,11 @@ pckbc_poll_cmd1(struct pckbc_internal *t #ifdef PCKBCDEBUG printf(pckbc_cmd: lost 0x%x\n, c); #endif + /* Don't retry cmd forever. */ + if (cmd-retries++ = 5) { + cmd-status = EIO; + return; + } } while (cmd-responseidx cmd-responselen) { That patch works fine. Tested on i386 on nT-i1250. Thanks for pointing me in the right direction! Could you try the diff below and tell me if it also fix your problem? I believe it's better to handle the bat failure core (0xfc) like we already do with the bat completion code rather than exiting for any value.. M. Index: pckbc.c === RCS file: /home/ncvs/src/sys/dev/ic/pckbc.c,v retrieving revision 1.31 diff -u -p -r1.31 pckbc.c --- pckbc.c 17 Oct 2012 19:16:10 - 1.31 +++ pckbc.c 11 Feb 2013 10:24:49 - @@ -48,6 +48,12 @@ #include dev/pckbc/pckbdvar.h #endif +#ifdef PCKBCDEBUG +#define DPRINTF(x...) do { printf(x); } while (0); +#else +#define DPRINTF(x...) +#endif + /* descriptor for one device command */ struct pckbc_devcmd { TAILQ_ENTRY(pckbc_devcmd) next; @@ -102,9 +108,10 @@ int pckbcintr_internal(struct pckbc_inte const char *pckbc_slot_names[] = { kbd, aux }; -#define KBC_DEVCMD_ACK 0xfa -#define KBC_DEVCMD_RESEND 0xfe -#define KBC_DEVCMD_BAT 0xaa +#define KBC_DEVCMD_ACK 0xfa +#define KBC_DEVCMD_RESEND 0xfe +#define KBC_DEVCMD_BAT_DONE0xaa +#define KBC_DEVCMD_BAT_FAIL0xfc #defineKBD_DELAY DELAY(8) @@ -587,39 +594,32 @@ pckbc_poll_cmd1(struct pckbc_internal *t break; } - if (c == KBC_DEVCMD_ACK) { + switch (c) { + case KBC_DEVCMD_ACK: cmd-cmdidx++; continue; - } /* * Some legacy free PCs keep returning Basic Assurance Test * (BAT) instead of something usable, so fail gracefully. */ - if (c == KBC_DEVCMD_RESEND || c == KBC_DEVCMD_BAT) { -#ifdef PCKBCDEBUG - printf(pckbc_cmd: %s\n, + case KBC_DEVCMD_RESEND: + case KBC_DEVCMD_BAT_DONE: + case KBC_DEVCMD_BAT_FAIL: + DPRINTF(pckbc_cmd: %s\n, c == KBC_DEVCMD_RESEND ? RESEND: BAT); -#endif if (cmd-retries++ 5) continue; - else { -#ifdef PCKBCDEBUG - printf(pckbc: cmd failed\n); -#endif - cmd-status = ENXIO; - return; - } - } - if (c == -1) { -#ifdef PCKBCDEBUG - printf(pckbc_cmd: timeout\n); -#endif + + DPRINTF(pckbc_cmd: cmd failed\n); + cmd-status = ENXIO; + return; + case -1: + DPRINTF(pckbc_cmd: timeout\n); cmd-status = EIO; return; + default: + DPRINTF(pckbc_cmd: lost 0x%x\n, c); } -#ifdef PCKBCDEBUG - printf(pckbc_cmd: lost 0x%x\n, c); -#endif } while (cmd-responseidx cmd-responselen) {
Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?
On Mon, Feb 11, 2013 at 11:09:00AM +0100, Martin Schmitt wrote: All, I got my first non-tunneled IPv6 uplink a while ago, and now I have issues with NDP. Over the same shared LAN, the ISP apparently serves several (more than one, but as far as I can see not neccessarily more than two) customer routers, with a logical /125 transfer network for each customer. What I currently see, is this: 1) 2001:db8:1234:5678::08/125 - Someone else's transfer network 2) 2001:db8:1234:5678::10/125 - My transfer network What happens now is that the ISP router sometimes sends neigbor solicitation requests for my OpenBSD router using a source IP from its proper physical interface, but a different logical network. In this case: 2001:db8:1234:5678::9 When the NDP solicitations from 2001:db8:1234:5678::9 come in, OpenBSD does not respond to them, apparently because their source IP doesn't match the OpenBSD router's own prefix. The ISP router receives no neighbor advertisement from my OpenBSD router, and deems it unreachable. IPv6 is now down until a while later, when the solicitations happen to come from 2001:db8:1234:5678::11 again. RFC4861 says about the source IP for neighbor solicitations, that it has to be an address assigned to the interface from which this message is sent. The ISP router firmware interprets this to mean any address from the interface, thus using an IP from a different logical subnet. OpenBSD, in turn, does not seem to be willing to respond to requests from a different subnet. This was reproduced with OpenBSD 5.2-release, with pf turned off. It also happens on the production router, which happens to still run OpenBSD 4.6. To try to better understand the issue, I also set up a Linux system (Debian 6), which does in fact send advertisements in response to those wrong-prefix solicitations. What I understand is that either OpenBSD or the ISP router interpret the RFC in a way that leads to unintended results. Interesting problem. I'm not sure who's at fault here. I'm surprised your ISP doesn't use link-local addresses for transfer networks (mine does). I believe the code path you're hitting is this one in netinet6/nd6_nbr.c, in nd6_ns_input(): } else { /* * Make sure the source address is from a neighbor's address. */ if (!in6_ifpprefix(ifp, saddr6)) { nd6log((LOG_INFO, nd6_ns_input: NS packet from non-neighbor\n)); goto bad; } } Is this a bug in OpenBSD? Is there a workaround, e.g. in the form of a sysctl or a pf.conf hack that will make OpenBSD's NDP more liberal? Have you tried using a /64 netmask at your end of the transfer link, instead of the /125?
Low latency and interrupt mitigation
Hi All, I have a very latency sensitive application. I need to move packets from one interface to another I am using a quad 1000/pro Intel NIC. pcidump shows 82571EB My latency sensitive application reads packets from one em interface using libpcap and sends packet to another em interface using udp socket. Does em has interrupt mitigation enabled? If interrupt mitigation is enabled would disabling it will reduce latency? How can I disable the interrupt mitigation for em NICs? What would change in 5.3? Best regards, Dan
Re: OpenBSD-Update Tool
- Crookedmaze themazed...@gmail.com [2013-02-10 07:33:34 -0600] - : This makes me a little nervous and I think I would rather just follow release with errata patches or just follow stable. OK, System Administrator I see what you mean by overhead now, now that I think about it I am starting to see what you mean by undue burdon (why would you add something new if what is being used right now works just fine?) I will have to have a look at marc.info and see what I can find on the topic on binary updates there also. Nick your right I should stop trying to make OpenBSD like FreeBSD or Linux, in all honestly I don't really mind the current update process, really the only actual problem I have had with it is simply that if you had multiple servers running OpenBSD (eg if you had 200 servers why would you build the patch on all 200 of them) but the tool Brian suggested I look at looked promising in that it looks like you could just apply the patch on a single system build a package and have all the other servers install the package. Nick I also agree with you that there is a certain simple elegance about OpenBSD its actually one of my favorite things about OpenBSD in that it is secure by default and the installer for it is great because I can install OpenBSD in about 3 minutes (as opposed to 20-30+ minutes on others) not to mention all the time I would normally have to spend hardening the system post install. With OpenBSD its just a matter of checking the errata page. Whilst I understand your concern, I can confirm that since using snapshots for the last 4 months I have had completely functional and stable systems. I have yet to come across an issue that i've needed to manually get involved with fixing. I can highly recommend using snapshots. Of course, there's the choice so you can stick with what you feel most comfortable with. -- Primary Key: 4096R/1D31DC38 2011-12-03 Key Fingerprint: A4B9 E875 A18C 6E11 F46D B788 BEE6 1251 1D31 DC38
Re: Low latency and interrupt mitigation
On 11 February 2013 12:19, Dan Shechter dans...@gmail.com wrote: Hi All, I have a very latency sensitive application. I need to move packets from one interface to another I am using a quad 1000/pro Intel NIC. pcidump shows 82571EB My latency sensitive application reads packets from one em interface using libpcap and sends packet to another em interface using udp socket. Does em has interrupt mitigation enabled? It does. If interrupt mitigation is enabled would disabling it will reduce latency? It would. How can I disable the interrupt mitigation for em NICs? I suggest you try increasing MAX_INTS_PER_SEC define by the factor or two in /sys/dev/pci/if_em.h. In case it doesn't suite your needs you can try commenting out this line: E1000_WRITE_REG(sc-hw, ITR, DEFAULT_ITR); What would change in 5.3? Nothing regarding interrupt moderation. Best regards, Dan Cheers, Mike
Re: OpenBSD-Update Tool
On Sun, Feb 10, 2013 at 3:23 AM, Crookedmaze themazed...@gmail.com wrote: Dear OpenBSD Community, Hello I am wondering if there is a tool similar to FreeBSD-update on OpenBSD? Yes, there is. But it is not official. http://www.openbsd-stable.org/ -- chs,
Re: Low latency and interrupt mitigation
Thanks, Are there any other tips to reduce latency? Best regards, Dan On Mon, Feb 11, 2013 at 1:43 PM, Mike Belopuhov m...@belopuhov.com wrote: On 11 February 2013 12:19, Dan Shechter dans...@gmail.com wrote: Hi All, I have a very latency sensitive application. I need to move packets from one interface to another I am using a quad 1000/pro Intel NIC. pcidump shows 82571EB My latency sensitive application reads packets from one em interface using libpcap and sends packet to another em interface using udp socket. Does em has interrupt mitigation enabled? It does. If interrupt mitigation is enabled would disabling it will reduce latency? It would. How can I disable the interrupt mitigation for em NICs? I suggest you try increasing MAX_INTS_PER_SEC define by the factor or two in /sys/dev/pci/if_em.h. In case it doesn't suite your needs you can try commenting out this line: E1000_WRITE_REG(sc-hw, ITR, DEFAULT_ITR); What would change in 5.3? Nothing regarding interrupt moderation. Best regards, Dan Cheers, Mike
Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?
Am 11.02.2013 12:12, schrieb Stefan Sperling: I believe the code path you're hitting is this one in netinet6/nd6_nbr.c, in nd6_ns_input(): } else { /* * Make sure the source address is from a neighbor's address. */ if (!in6_ifpprefix(ifp, saddr6)) { nd6log((LOG_INFO, nd6_ns_input: NS packet from non-neighbor\n)); goto bad; } } Thanks for your quick response! The ISP has now worked around the issue by adding a fixed NDP entry for my router's address so I can't really test with it, but I have added another address on the interface, which gives me this, after sysctl net.inet6.icmp6.nd6_debug=1: nd6_ns_input: src=2001:0db8:1234:5678::0009 nd6_ns_input: dst=ff02:0001::0001:ff00:0015 nd6_ns_input: tgt=2001:0db8:1234:5678::0015 nd6_ns_input: NS packet from non-neighbor Have you tried using a /64 netmask at your end of the transfer link, instead of the /125? I had already tried /123, which made it work. Such a workaround comes across a bit desperate, because with further expansion of the ISP's IPv6 customer base, further widening of the prefix will be required. I'm not sure whether this is how the uplink is intended to work and if it has the potential to do any damage. How is your understanding of NDP? Do you think OpenBSD is at fault for ignoring these solicitations, or do you think the ISP router's OS selects the wrong source IP? The wording in the RFC is really very terse and leaves room for interpretation. -martin [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: Low latency and interrupt mitigation
On 11 February 2013 12:53, Dan Shechter dans...@gmail.com wrote: Thanks, Are there any other tips to reduce latency? Using pcap means copying packets, so I'd say you want to put your code into the kernel to avoid copying and maybe queueing as well, but this is not something that can be trivially explained and is certainly not something that OpenBSD supports or would want to support out of the box. FreeBSD netmap interface would be helpful in your situation but is not currently supported by OpenBSD. Cheers, Mike Best regards, Dan On Mon, Feb 11, 2013 at 1:43 PM, Mike Belopuhov m...@belopuhov.com wrote: On 11 February 2013 12:19, Dan Shechter dans...@gmail.com wrote: Hi All, I have a very latency sensitive application. I need to move packets from one interface to another I am using a quad 1000/pro Intel NIC. pcidump shows 82571EB My latency sensitive application reads packets from one em interface using libpcap and sends packet to another em interface using udp socket. Does em has interrupt mitigation enabled? It does. If interrupt mitigation is enabled would disabling it will reduce latency? It would. How can I disable the interrupt mitigation for em NICs? I suggest you try increasing MAX_INTS_PER_SEC define by the factor or two in /sys/dev/pci/if_em.h. In case it doesn't suite your needs you can try commenting out this line: E1000_WRITE_REG(sc-hw, ITR, DEFAULT_ITR); What would change in 5.3? Nothing regarding interrupt moderation. Best regards, Dan Cheers, Mike
Re: Low latency and interrupt mitigation
Thanks. If interrupt mitigation disabling won't be enough I will have do decide: freebs with netmap or openbsd with if_ethersubr.c modification. netmap looks much easier to code. No need to do the mbuf dance (or I hope that with netmap there would be no such need). BTW, would HW TX IP/UDP checksum reduce the latency? Best regards, Dan On Mon, Feb 11, 2013 at 2:11 PM, Mike Belopuhov m...@belopuhov.com wrote: On 11 February 2013 12:53, Dan Shechter dans...@gmail.com wrote: Thanks, Are there any other tips to reduce latency? Using pcap means copying packets, so I'd say you want to put your code into the kernel to avoid copying and maybe queueing as well, but this is not something that can be trivially explained and is certainly not something that OpenBSD supports or would want to support out of the box. FreeBSD netmap interface would be helpful in your situation but is not currently supported by OpenBSD. Cheers, Mike Best regards, Dan On Mon, Feb 11, 2013 at 1:43 PM, Mike Belopuhov m...@belopuhov.com wrote: On 11 February 2013 12:19, Dan Shechter dans...@gmail.com wrote: Hi All, I have a very latency sensitive application. I need to move packets from one interface to another I am using a quad 1000/pro Intel NIC. pcidump shows 82571EB My latency sensitive application reads packets from one em interface using libpcap and sends packet to another em interface using udp socket. Does em has interrupt mitigation enabled? It does. If interrupt mitigation is enabled would disabling it will reduce latency? It would. How can I disable the interrupt mitigation for em NICs? I suggest you try increasing MAX_INTS_PER_SEC define by the factor or two in /sys/dev/pci/if_em.h. In case it doesn't suite your needs you can try commenting out this line: E1000_WRITE_REG(sc-hw, ITR, DEFAULT_ITR); What would change in 5.3? Nothing regarding interrupt moderation. Best regards, Dan Cheers, Mike
Re: Low latency and interrupt mitigation
On 11 February 2013 13:22, Dan Shechter dans...@gmail.com wrote: Thanks. If interrupt mitigation disabling won't be enough I will have do decide: freebs with netmap or openbsd with if_ethersubr.c modification. netmap looks much easier to code. No need to do the mbuf dance (or I hope that with netmap there would be no such need). BTW, would HW TX IP/UDP checksum reduce the latency? I don't know exactly, but compared to the amount of work done by bpf/pcap and syscalls (at least write), I'd say it's negligible. Best regards, Dan On Mon, Feb 11, 2013 at 2:11 PM, Mike Belopuhov m...@belopuhov.com wrote: On 11 February 2013 12:53, Dan Shechter dans...@gmail.com wrote: Thanks, Are there any other tips to reduce latency? Using pcap means copying packets, so I'd say you want to put your code into the kernel to avoid copying and maybe queueing as well, but this is not something that can be trivially explained and is certainly not something that OpenBSD supports or would want to support out of the box. FreeBSD netmap interface would be helpful in your situation but is not currently supported by OpenBSD. Cheers, Mike Best regards, Dan On Mon, Feb 11, 2013 at 1:43 PM, Mike Belopuhov m...@belopuhov.com wrote: On 11 February 2013 12:19, Dan Shechter dans...@gmail.com wrote: Hi All, I have a very latency sensitive application. I need to move packets from one interface to another I am using a quad 1000/pro Intel NIC. pcidump shows 82571EB My latency sensitive application reads packets from one em interface using libpcap and sends packet to another em interface using udp socket. Does em has interrupt mitigation enabled? It does. If interrupt mitigation is enabled would disabling it will reduce latency? It would. How can I disable the interrupt mitigation for em NICs? I suggest you try increasing MAX_INTS_PER_SEC define by the factor or two in /sys/dev/pci/if_em.h. In case it doesn't suite your needs you can try commenting out this line: E1000_WRITE_REG(sc-hw, ITR, DEFAULT_ITR); What would change in 5.3? Nothing regarding interrupt moderation. Best regards, Dan Cheers, Mike
Re: Legal Question: OpenBSD Spin-off
On 02/10/2013 06:47 PM, Rod Whitworth wrote: On Sun, 10 Feb 2013 18:09:56 -0600, Maximo Pech wrote: Well, installing openbsd is not what I'd call easy for people with few technical skills. Crap! It is well documented and very little data needs to be typed in as most input can be done by accepting the default. Why not make it a live system that boots from cd/dvd/USB/sd with everything already configured and ready to run? Live CDs can be a PITA.. People have built them and they aon't setting the world on fire. You can make your own USB flash by following the instructions in the FAQ (= same as install to the HD, just different HDD name. Installing in under 5 minutes is possible on a real drive - USB sticks are much slower. If I am doing a quick test I sometimes install to a real HDD on USB. Meanwhile go read the FAQ about installing and try it. Unless you are an absolute dummy you should be able to absorb the instructions and do the install. If you can't handle that, then OpenBSD is probably not for you and, given some of the horrors in some Linux Live-CDs, you may be best to stick to windows or mac. *** NOTE *** Please DO NOT CC me. Iam subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it. Thanks for the replies guys, I am not too worried about people being able to install OpenBSD the installer is quick and fairly painless in my opinion. I think I am going to stick to simply writing a script that people can run after installing OpenBSD. -Crookedmaze
Re: OpenBSD-Update Tool
On 02/11/2013 05:52 AM, Christer Solskogen wrote: On Sun, Feb 10, 2013 at 3:23 AM, Crookedmazethemazed...@gmail.com wrote: Dear OpenBSD Community, Hello I am wondering if there is a tool similar to FreeBSD-update on OpenBSD? Yes, there is. But it is not official. http://www.openbsd-stable.org/ Thanks for the recommendation Christer, but I am starting to really like OpenBSD's update process (after I stopped comparing it to Linux or FreeBSD), James, Ed, Nick and Marcus thanks for letting me know that the current code still works well I'm used to thinking of current code as not being functional but now I know that even OpenBSD's current code is functional and still works and runs (which is impressive to say the least). I am really starting to understand what you guys mean by the OpenBSD's update process is simple. I am really starting to like it! -Crookedmaze
bootable OpenBSD USB stick from windows?
Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas
Ospfd filtering
Hello all, I would like to ask, if it's possible to filter incoming and outgoing announcements from neighbors in the same area (in the same way as in bgpd)? If it isn't implemented, maybe somebody knows, if it will be possible in future releases ospfd? I'm using ospfd from OpenBSD 5.1.
Re: bootable OpenBSD USB stick from windows?
On Mon, Feb 11, 2013 at 10:51:29PM +, Heptas Torres wrote: Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas Install OpenBSD on your usb stick on this Windows machine, copy tarballs to this OpenBSD installation, plug your stick to other machine, boot ramdisk from usb stick, load tarballs from usb stick, you are done. jirib
Re: bootable OpenBSD USB stick from windows?
I had a similar situation with my laptop and found a solution in the FAQ: http://www.openbsd.org/faq/faq14.html#flashmemLive Essentially what I had to do was boot from CD on the desktop system (using an ISO for the desktop system's architecture) and then do an install of OpenBSD onto the flash drive. After that, you can boot into the system from the flash drive and then download the bsd.rd file for the architecture of the laptop you want to install on from pub/OpenBSD/RELEASE/ARCH/bsd.rd and save it to the root directory of the flash drive install. Then boot from the flash drive on the laptop, when the boot prompt comes up, enter the name of the bsd.rd that you downloaded and boot into the installer. On Mon, Feb 11, 2013 at 5:51 PM, Heptas Torres hepta...@gmail.com wrote: Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas -- -Christopher Sasarak
Assigning an IP address to a bridge
Hi list, What is the advised way to assign an IP address to a bridge(4) interface? I have the following: % # ifconfig bridge0 % bridge0: flags=41UP,RUNNING % groups: bridge % priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp % designated: id 00:00:00:00:00:00 priority 0 % vr3 flags=3LEARNING,DISCOVER % port 4 ifpriority 0 ifcost 0 % vr2 flags=3LEARNING,DISCOVER % port 3 ifpriority 0 ifcost 0 % vr1 flags=3LEARNING,DISCOVER % port 2 ifpriority 0 ifcost 0 % vr0 flags=3LEARNING,DISCOVER % port 1 ifpriority 0 ifcost 0 % Addresses (max cache: 100, timeout: 240): % 3c:62:00:67:6f:e1 vr0 1 flags=0 % 00:15:af:7f:89:94 vr0 0 flags=0 I glanced at bridge(4) and ifconfig(8) manpages without luck. The FAQ doesn't seem to document this as well. My feeling is that I should add my IP address to each physical interface belonging to the bridge. I came to that conclusion because if you want serve IP addresses with dhcpd(8) on that bridge, you have to tell dhcpd(8) to listen on each of these physical interfaces but it will refuse to start if it is there is no IP address assigned to an interface it should listen on. Maybe this setup is not supported? Last thing: if it was documented, where should it be? I might spare some time to submit a documentation patch. Thanks for your help. -- Jeremie Le Hen Scientists say the world is made up of Protons, Neutrons and Electrons. They forgot to mention Morons.
Re: Assigning an IP address to a bridge
On Tue, 2013-02-12 at 00:16 +0100, Jeremie Le Hen wrote: What is the advised way to assign an IP address to a bridge(4) interface? The one time I had to do this, I assigned the IP to one member interface of the bridge, and left the other one without an IP, and it worked for my purposes. -- Shawn K. Quinn skqu...@rushpost.com
Re: bootable OpenBSD USB stick from windows?
On 2/11/13, christopher sasarak chris.sasa...@gmail.com wrote: I had a similar situation with my laptop and found a solution in the FAQ: http://www.openbsd.org/faq/faq14.html#flashmemLive Essentially what I had to do was boot from CD on the desktop system (using an ISO for the desktop system's architecture) That assumes that my windows machine can boot from a CD which is not the case (I have no CD-ROM neither on my windows machine nor on the machine where I want to install OpenBSD). heptas and then do an install of OpenBSD onto the flash drive. After that, you can boot into the system from the flash drive and then download the bsd.rd file for the architecture of the laptop you want to install on from pub/OpenBSD/RELEASE/ARCH/bsd.rd and save it to the root directory of the flash drive install. Then boot from the flash drive on the laptop, when the boot prompt comes up, enter the name of the bsd.rd that you downloaded and boot into the installer. On Mon, Feb 11, 2013 at 5:51 PM, Heptas Torres hepta...@gmail.com wrote: Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas -- -Christopher Sasarak
Re: OpenBSD-Update Tool
I am really starting to like it! I love it too but maybe one day long after we have KMS we may get to install it on anyones laptop and know that it is highly likely to keep itself upto date with current packages as a desktop all by itself. Of course you can't always do that even with debian due to the occasional badly handled config file like kdmrc and atleast OpenBSD still boots with a bost clock. Of course the devs would love all the FAQs then too and people pushing crap into the init system without any peer review ;-). Maybe we can do desktop auto updates for anyONE someday but keep it on the sly. I'd rather more update work than make OpenBSD Generic, unless the General understanding for the need of security without necessarily losing functionality shifts greatly in the right direction. -- ___ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) ___
Re: bootable OpenBSD USB stick from windows?
On 2/11/13, Jiri B ji...@devio.us wrote: On Mon, Feb 11, 2013 at 10:51:29PM +, Heptas Torres wrote: Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas Install OpenBSD on your usb stick on this Windows machine, How to do that exactly from windows when I cannot boot OpenBSD on that machine? -hepta copy tarballs to this OpenBSD installation, plug your stick to other machine, boot ramdisk from usb stick, load tarballs from usb stick, you are done. jirib
Re: Assigning an IP address to a bridge
On 2013-02-11, Jeremie Le Hen jere...@le-hen.org wrote: Hi list, What is the advised way to assign an IP address to a bridge(4) interface? http://marc.info/?l=openbsd-miscm=128268726102239w=2 Last thing: if it was documented, where should it be? I might spare some time to submit a documentation patch. This would be a really useful addition. It should probably go in http://www.openbsd.org/faq/faq6.html#Bridge Ideally make a cvs checkout of the faq: $ cvs -d anon...@anoncvs.spacehopper.org:/cvs get -P -d obsd-faq www/faq then edit faq6.html, and send a cvs diff.
Re: bootable OpenBSD USB stick from windows?
I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick I think you should ask this on a windows-centric place.
Re: Ospfd filtering
On 2013-02-11, Pawel mailing.s...@gmail.com wrote: Hello all, I would like to ask, if it's possible to filter incoming and outgoing announcements from neighbors in the same area (in the same way as in bgpd)? If it isn't implemented, maybe somebody knows, if it will be possible in future releases ospfd? I'm using ospfd from OpenBSD 5.1. It is not. All OSPF routers in an area *must* have a consistent view of the area's database in order to carry out the SPF algorithm; filtering announcements in the same way as BGP is incompatible with this. Any filtering within an area would need to be done between receving routes via OSPF and installing them in the kernel route table (RIB), i.e. OSPF would still have the routes but not install some of them to the kernel routing table - filtering would be local to the router only. This is possible with some other OSPF implementations but I didn't hear of any plans for doing this in ospfd. http://blog.ine.com/2009/08/17/ospf-route-filtering-demystified/ has a bit more (but cisco-centric) information on this.
Re: bootable OpenBSD USB stick from windows?
On Mon, Feb 11, 2013 at 10:51:29PM +, Heptas Torres wrote: Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas Hi Heptas, Use vmware/qemu/any other similar software to install openbsd to your usb stick. install52.iso can be used to boot your virtual machine. Then copy everything in http://ftp.openbsd.org/pub/OpenBSD/5.2/amd64/ to, say, /5.2/amd64/ on the same usb drive. (Do not forget to choose the right architecture, version and mirror). Just that. You can use that drive as install media or as your primary working system, if you wish. To use it as install media, enter bsd.rd at the boot prompt. P.S. FAQ on the website and man pages are highly recommended and useful. Read them before you start experimenting with OpenBSD. Best regards, Alex
Re: bootable OpenBSD USB stick from windows?
For Windows, VirtualBox is free and should do the trick. You'll probably need the extension pack. https://www.virtualbox.org/wiki/Downloads -Stuart On Tue, Feb 12, 2013 at 01:53:46PM +1300, m...@extensibl.com wrote: On Mon, Feb 11, 2013 at 10:51:29PM +, Heptas Torres wrote: Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas Hi Heptas, Use vmware/qemu/any other similar software to install openbsd to your usb stick. install52.iso can be used to boot your virtual machine. Then copy everything in http://ftp.openbsd.org/pub/OpenBSD/5.2/amd64/ to, say, /5.2/amd64/ on the same usb drive. (Do not forget to choose the right architecture, version and mirror). Just that. You can use that drive as install media or as your primary working system, if you wish. To use it as install media, enter bsd.rd at the boot prompt. P.S. FAQ on the website and man pages are highly recommended and useful. Read them before you start experimenting with OpenBSD. Best regards, Alex
Re: Legal Question: OpenBSD Spin-off
Crookedmaze wrote: On 02/10/2013 06:47 PM, Rod Whitworth wrote: On Sun, 10 Feb 2013 18:09:56 -0600, Maximo Pech wrote: Well, installing openbsd is not what I'd call easy for people with few technical skills. Crap! It is well documented and very little data needs to be typed in as most input can be done by accepting the default. If you need OpenBSD you have the technical skills to install it or you know (and possibly pay) someone who does. OpenBSD, which is 20-ish years old now, was designed and is designed and apparently always will be designed for those who have the technical skills. If no, there is always Linux. -- Jack Woehr # We commonly say we have no time when, Box 51, Golden CO 80402 # of course, we have all that there is. http://www.softwoehr.com # - James Mason, _The Art of Chess_, 1905
Re: bootable OpenBSD USB stick from windows?
On 2/11/2013 5:51 PM, Heptas Torres wrote: Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas If windows has something like dd, maybe you can write the floppy image to your usb.
Re: bootable OpenBSD USB stick from windows?
Apparently Someone has written one http://www.chrysocome.net/dd On Mon, Feb 11, 2013 at 08:02:13PM -0500, brian wrote: On 2/11/2013 5:51 PM, Heptas Torres wrote: Hello I have an old laptop with no CD-ROM but can boot from USB. Given that I only have access to a windows machine to burn an iso image, do you know of an easy way (e.g. some windows programa) to create a bootable OpenBSD USB stick which I can then use to install OpenBSD on my old laptop? -heptas If windows has something like dd, maybe you can write the floppy image to your usb. -- Stuart McMurray
Re: bootable OpenBSD USB stick from windows?
On Mon, Feb 11, 2013 at 11:55:30PM +, Heptas Torres wrote: On 2/11/13, Jiri B ji...@devio.us wrote: Install OpenBSD on your usb stick on this Windows machine, How to do that exactly from windows when I cannot boot OpenBSD on that machine? If the laptop has a floppy drive, you can rawrite floppy52.fs to a floppy disk. The FTP mirrors have rawrite.exe in /pub/OpenBSD/5.2/tools. Otherwise maybe you could try rawriting bsd.rd to a USB stick. Nicolai
'Re: bootable OpenBSD USB stick from windows?
Hi, I often used the virtualbox way. Extension pack may not be needed. The way is ( vbox faqs-vbox raw disk access-hd file pointing to usb stick- and ready to go). I also used this setup for creating an openbsd mfs usb livestick.works perfect
Re: bootable OpenBSD USB stick from windows?
On Mon, Feb 11, 2013 at 09:05:13PM -0600, Nicolai wrote: On Mon, Feb 11, 2013 at 11:55:30PM +, Heptas Torres wrote: On 2/11/13, Jiri B ji...@devio.us wrote: Install OpenBSD on your usb stick on this Windows machine, How to do that exactly from windows when I cannot boot OpenBSD on that machine? If the laptop has a floppy drive, you can rawrite floppy52.fs to a floppy disk. The FTP mirrors have rawrite.exe in /pub/OpenBSD/5.2/tools. Otherwise maybe you could try rawriting bsd.rd to a USB stick. Nicolai Don't forget netbooting. Most of the pc class machines can do that these days. -Otto