Re: wireless ethernet (ralink) not working

2013-03-25 Thread lilit-aibolit 

On 03/24/2013 12:13 AM, Riccardo Mottola wrote:

Hi,

On 03/23/13 20:13, Peter N. M. Hansteen wrote:

Riccardo Mottola riccardo.mott...@libero.it writes:


But i am connecting to a WEP protected network, not WPA.

typical hostname.if for a wep network:

media autoselect nwid wepnetwork nwkey secretasitgets
dhcp
rtsol

activates at boot, or if you do 'sudo sh /etc/netstart ifname'

for wpa, you would change 'nwkey' to 'wpakey' and get sensible defaults.

Thanks, this looks equivalent to me to what I did configure at the 
shell command line using ifconfig.

In fact, If I run netstart later, I too get no link... sleeping.

I start to think that there is a problem with the card's driver: if I 
leave the card in at boot time, the kernel will panic and drop into 
ddb. However if I insert later, as I did up to now, I don't


Riccardo


.


Hello, you are not alone with Ralink issues.
In my cases as AP:
# cat /etc/hostname.rum0(ral0)
inet 192.168.111.254 255.255.255.0 NONE -inet6 \
media autoselect mode 11g \
mediaopt hostap chan 1 nwid network \
wpakey xx
#wpa wpaprotos wpa2 wpaakms psk wpakey x
***
I happy with my first servers with:
# uname -a
OpenBSD gw.dk 5.0 GENERIC.MP#59 i386

# dmesg | grep ral0
ral0 at pci1 dev 0 function 0 Ralink RT3090 rev 0x00: apic 2 int 16, 
address 00:12:0e:b1:6e:c7

ral0: MAC/BBP RT3071 (rev 0x0213), RF RT3020 (MIMO 1T1R)

But But periodically dmesg and messages log have next error:
ral0: Michael MIC failure

And once per two or three weeks wi-fi stops serving client, so once per 
week I do

cron job with:
@weekly/bin/sh /etc/netstart ral0
*
Let's look to my second box:
# uname -a
OpenBSD gw.kh 5.2 GENERIC.MP#339 i386

# dmesg | grep rum0
rum0 at uhub2 port 3 Ralink 802.11 bg WLAN rev 2.00/0.01 addr 3
rum0: MAC/BBP RT2573 (rev 0x2573a), RF RT2528, address 6c:62:6d:12:5d:59

Wi-fi doesn't work after configuration:
rum0: device timeout
***
And third one:
# uname -a
OpenBSD gw 5.2 GENERIC.MP#339 i386

# dmesg | grep ral0
ral0 at pci1 dev 0 function 0 Ralink RT2790 rev 0x00: apic 0 int 16, 
address 00:22:43:5d:6c:b1

ral0: MAC/BBP RT2872 (rev 0x0200), RF RT2720 (MIMO 1T2R)

# ifconfig ral0
ral0: flags=28843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NOINET6 mtu 1500
lladdr 00:22:43:5d:6c:b1
priority: 4
groups: wlan
media: IEEE802.11 autoselect mode 11g hostap
status: active
ieee80211: nwid test chan 3 bssid 00:22:43:5d:6c:b1 wpakey 
0x437fe128e9de20eedab446ea43a2b68a6b833c66bc62e13a2bef13b24ad7d5ed 
wpaprotos wpa1,wpa2 wpaakms psk wpaciphers tkip,ccmp wpagroupcipher tkip

inet 192.168.55.254 netmask 0xff00 broadcast 192.168.55.255

# tail /var/log/daemon
Mar 25 12:51:00 gw dhcpd[22330]: DHCPDISCOVER from 00:17:9a:b0:19:db via 
ral0
Mar 25 12:51:00 gw dhcpd[22330]: DHCPOFFER on 192.168.55.18 to 
00:17:9a:b0:19:db via ral0
Mar 25 12:51:08 gw dhcpd[22330]: DHCPDISCOVER from 00:17:9a:b0:19:db via 
ral0
Mar 25 12:51:08 gw dhcpd[22330]: DHCPOFFER on 192.168.55.18 to 
00:17:9a:b0:19:db via ral0
Mar 25 12:51:08 gw dhcpd[22330]: DHCPREQUEST for 192.168.55.18 from 
00:17:9a:b0:19:db via ral0
Mar 25 12:51:08 gw dhcpd[22330]: DHCPACK on 192.168.55.18 to 
00:17:9a:b0:19:db via ral0


And it seems to work fine until you do something real,
for example I try to copy 10MB file to this server from client,
that connected to it via wi-fi:
# scp ppo@192.168.55.18:/home/ppo/Downloads/gfibackup2009home.exe .
ppo@192.168.55.18's password:
gfibackup2009home.exe   
15% 1872KB   0.5KB/s - stalled -

^CKilled by signal 2.

Copying started with speed 100KB/sec and than slowdown so I need to 
ctrl+c it.
Client PC stays at the from of the server and it shows connection speed 
54Mb/sec


So in this case no error present, but wi-fi didn't work as expected.
***
I've no idea how much mini-pci cards I should test to find which is 
works without any issues.

Does OB support any 10GE NIC card

2013-03-25 Thread Raindy Long 
Hi all,



Does OB support any 10GE NIC card , where can I get the support list ?

Thanks a lot .









Raindy Long

Re: Does OB support any 10GE NIC card

2013-03-25 Thread Peter N. M. Hansteen 
On Mon, Mar 25, 2013 at 05:26:17PM +0800, Raindy Long wrote:
 Does OB support any 10GE NIC card , where can I get the support list ?

$ apropos 10G
che, cheg (4) - Chelsio Communications 10Gb Ethernet device
ix (4) - Intel 82598/82599/X540 PCI Express 10Gb Ethernet device
ixgb (4) - Intel PRO/10GbE 10Gb Ethernet device
myx (4) - Myricom Myri-10G PCI Express 10Gb Ethernet device
oce (4) - Emulex OneConnect 10Gb Ethernet device
tht, thtc (4) - Tehuti Networks 10Gb Ethernet device
xge (4) - Neterion Xframe/Xframe II 10Gb Ethernet device

possible that misses a spot or two, but do look up the man pages.

- P

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

ospfd default route problem

2013-03-25 Thread Loïc Blot 
Hi all,
I update my last mail with OSPF to give you precisions.

I have 2 LAN OBSD routers, which are on a local VLAN, and 1 MAN OBSD
router, connected to local VLAN and has an interco with MAN Router
- my 3 OpenBSD routers use area 12 to exchange local routes
- my MAN router use area 12 over GRE+IPSec with a remote site
- my MAN router use area 3 to get routes from MAN (default route
especially)

A little scheme network scheme


   Area 3Area 12 
WAN --| MAN Router || My OBSD MAN Router || My OBSD LAN1
 |  ||| My OBSD LAN2
 |  |
 |  |
 |  Gre + IPSec | Area 12
 |  |
 |  |
 |  |
 |--| Remote OBSD Router || Remote LAN

The problem is when my MAN router learn routes from area 12, the default
route, learnt from area 3, disapears (same problem if area 3 is loaded
after area 12).
I have tryied combinaison of stub/non stub areas, but in each case the
problem is present.

here is my configuration for the man router:
router-id A.B.C.D
auth-md 1 pwd1
auth-md 3 pwd2

area 12 {
auth-type crypt
auth-md-keyid 1
interface gre0
interface trunk1
}

area 3 {
auth-type crypt
auth-md-keyid 3
interface trunk0
}

and my configuration from one LAN router

router-id A.B.C.D
no redistribute default
auth-md 1 pwd1
area 12 {
auth-type crypt
auth-md-keyid 1
interface trunk0
interface trunk1 { passive }
interface vlan994 { passive }
}

Has anyone an idea ? i'm stucked :s.

Thanks for advance

-- 
Best regards, 

Loïc BLOT, Engineering
UNIX Systems, Security and Networks
http://www.unix-experience.fr

Re: empty pf log / pflogd not starting?

2013-03-25 Thread Stuart Henderson 
On 2013-03-24, David Ruggiero thatseattle...@gmail.com wrote:
 I'm playing with the latest 5.3 snapshot and I'm getting an
 always-empty /var/log/pflog. I'm wondering if there's a problem with
 the snapshot (unlikely) or something I did wrong in my configuration
 (much more likely).

I don't see this with a -current snapshot on amd64 (TZ=UTC ls -l /sbin/pfctl
shows a timestamp of Mar 24 19:00, kernel Mar 24 13:09:09 MDT).

If your upgrade procedure is correct (i.e. kernel and userland are upgraded
in-sync) and are still seeing this problem, please give more information about
what you are running.

Re: Openbsd openrisc opencores arm

2013-03-25 Thread Dmitrij D. Czarkoff 
On Sun, Mar 24, 2013 at 10:54:27PM -0400, Nick Holland wrote:
   There's no keyboard, well, because there's no
 keyboard.  There's no mouse, because there's no place to plug it in and
 the touch screen is undocumented.  There's no real network port because
 it is supposed to be wireless.

Typical tablet has USB port one could attach keyboard/mouse/both to. Some of
the touch screens are supported in linux, so theoretically the drivers could
be written based on linux code as reference.

Still, making a usable port for any tablet would take more time then the
period of device availability in shops, and even then the user experience
would likely be suboptimal, as most pieces of software still rely heavily on
text input and precise pointing, while keyboard and mouse would effectively
defeat the very idea of using tablet.

FWIW Intel is lobbying Atom-based mobile devices. If such devices ever come to
exiistance, the idea of OpenBSD may ultimately make some sense. As of now it
would be just a waste of developers' time, which is quite limited.

-- 
Dmitrij D. Czarkoff

Re: Openbsd openrisc opencores arm

2013-03-25 Thread Chris Cappuccio 
Nick Holland [n...@holland-consulting.net] wrote:
 
 The problem with ARM is there is no ARM reference platform.
 Every machine is significantly different than every other machine,
 technical details of how it is built are not published (why should they
 be? They aren't being sold as general purpose computers).
 
 I do not get the excitement over ARM.  Sorry.  Its design complete and
 total chaos at this point.

There is maybe one sort-of exception to this mess:

The openly documented Freescale iMX6 platform.

http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code=i.MX6QnodeId=018rH3ZrDRB24Afpsp=1tab=Documentation_Tab

It could stay around for a while. There is an open laptop
design built around it that looks like fun:

http://www.bunniestudios.com/blog/?p=2686

And a certain Dale Rahn even wrote support for iMX6 in a source
tree that could drop in to OpenBSD...

If someone really wants to play with newer ARM stuff on OpenBSD,
try to find some iMX6 hardware, and start with Dale's improved
sys/arch/arm, sys/arch/imx and sys/arch/beagle

Chris

Re: Openbsd openrisc opencores arm

2013-03-25 Thread Patrick Wildt 
Am 25.03.2013 um 17:17 schrieb Chris Cappuccio ch...@nmedia.net:

 Nick Holland [n...@holland-consulting.net] wrote:

 The problem with ARM is there is no ARM reference platform.
 Every machine is significantly different than every other machine,
 technical details of how it is built are not published (why should they
 be? They aren't being sold as general purpose computers).

 I do not get the excitement over ARM.  Sorry.  Its design complete and
 total chaos at this point.

 There is maybe one sort-of exception to this mess:

 The openly documented Freescale iMX6 platform.


http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code=i.MX6QnodeId=
018rH3ZrDRB24Afpsp=1tab=Documentation_Tab

 It could stay around for a while. There is an open laptop
 design built around it that looks like fun:

 http://www.bunniestudios.com/blog/?p=2686

 And a certain Dale Rahn even wrote support for iMX6 in a source
 tree that could drop in to OpenBSD...

 If someone really wants to play with newer ARM stuff on OpenBSD,
 try to find some iMX6 hardware, and start with Dale's improved
 sys/arch/arm, sys/arch/imx and sys/arch/beagle

I have all that running on OpenBSD. I'm slowly sorting out diffs so we can get
it (armv7, panda, imx) into OpenBSD without breaking zaurus.
Without that constrain, I could basically just drop it in.

I'd recommend one of the following, where I got the first one from:
http://boundarydevices.com/products/sabre-lite-imx6-sbc/
http://boundarydevices.com/products/nitrogen6x-board-imx6-arm-cortex-a9-sbc/

Of course, there are other boards, even tablets and mini-usb/hdmi-sticks, but
those boards are imho very good.


 Chris

Re: Pre-orders for 5.3

2013-03-25 Thread Nicolai 
On Sun, Mar 17, 2013 at 05:13:02PM -0600, dera...@cvs.openbsd.org wrote:
 Pre-orders for 5.3 are activated!

Cool, ordered!  Love the theme... re-reading the book now.

BTW, there's a typo in tshirts.html

Nicolai



Index: tshirts.html
===
RCS file: /cvs/www/tshirts.html,v
retrieving revision 1.100
diff -u -p -r1.100 tshirts.html
--- tshirts.html  17 Mar 2013 16:08:57 -  1.100
+++ tshirts.html  25 Mar 2013 16:59:21 -
@@ -23,7 +23,7 @@ following T-Shirts:/font/h3
 hr
 table
 tr
-tda href=#38#39: 5.3 T-shirt (*NEW*)/a/td
+tda href=#39#39: 5.3 T-shirt (*NEW*)/a/td
 tda href=#38#38: 5.2 Puffy T-shirt/a/td
 tda href=#37#37: 5.1 T-shirt/a/td
 /trtr

5.3 song released

2013-03-25 Thread deraadt 
Between pre-release and actual release, I always make the new song
available with some fragments of the release artwork.

This song was composed by my good friend Bob Kitella.

http://www.openbsd.org/lyrics.html
http://www.openbsd.org/lyrics.html#53

http://www.openbsd.org/songs/song53.mp3
http://www.openbsd.org/songs/song53.ogg

Enjoy.

If you want a non-compressed version of it, you will need to pre-order
the 5.3 release and wait a little while...

http://www.openbsd.org/orders.html

Re: Kernel panic with jme driver

2013-03-25 Thread Comète 

Le 25/03/2013 05:59, Brad Smith a écrit :

On Sun, Mar 24, 2013 at 03:46:38PM +0100, Com??te wrote:

Hello,

i own a Shuttle XS35v2 and actually run OpenBSD 5.2 amd64 (SMP) on
it. I run OpenBSD on this hardware since 4.9 and i always
encountered the following problem, sorry for the late report it took
me some time to identify it:

The NIC uses the jme driver which run in a kernel panic each time i
upload data from the XS35v2 to any other machine with a transfer
rate above 7 Mbits/s (XS35v2 - other PC). No problem at all
when downloading.

I made some tests that you can follow to easily reproduce the crash:


Please test the following diff that should fix the obvious bug.


Index: if_jme.c
===
RCS file: /home/cvs/src/sys/dev/pci/if_jme.c,v
retrieving revision 1.29
diff -u -p -r1.29 if_jme.c
--- if_jme.c29 Nov 2012 21:10:32 -  1.29
+++ if_jme.c25 Mar 2013 04:54:01 -
@@ -1058,48 +1058,31 @@ jme_encap(struct jme_softc *sc, struct m
struct jme_txdesc *txd;
struct jme_desc *desc;
struct mbuf *m;
-   int maxsegs;
int error, i, prod;
uint32_t cflags;

prod = sc-jme_cdata.jme_tx_prod;
txd = sc-jme_cdata.jme_txdesc[prod];

-   maxsegs = (JME_TX_RING_CNT - sc-jme_cdata.jme_tx_cnt) -
- (JME_TXD_RSVD + 1);
-   if (maxsegs  JME_MAXTXSEGS)
-   maxsegs = JME_MAXTXSEGS;
-   if (maxsegs  (sc-jme_txd_spare - 1))
-   panic(%s: not enough segments %d, sc-sc_dev.dv_xname,
-   maxsegs);
-
error = bus_dmamap_load_mbuf(sc-sc_dmat, txd-tx_dmamap,
 *m_head, BUS_DMA_NOWAIT);
+   if (error != 0  error != EFBIG)
+   goto drop;
if (error != 0) {
-   bus_dmamap_unload(sc-sc_dmat, txd-tx_dmamap);
-   error = EFBIG;
-   }
-   if (error == EFBIG) {
if (m_defrag(*m_head, M_DONTWAIT)) {
-   printf(%s: can't defrag TX mbuf\n,
-   sc-sc_dev.dv_xname);
-   m_freem(*m_head);
-   *m_head = NULL;
-   return (ENOBUFS);
+   error = ENOBUFS;
+   goto drop;
}
-   error = bus_dmamap_load_mbuf(sc-sc_dmat,
-txd-tx_dmamap, *m_head,
-BUS_DMA_NOWAIT);
-   if (error != 0) {
-   printf(%s: could not load defragged TX mbuf\n,
-   sc-sc_dev.dv_xname);
-   m_freem(*m_head);
-   *m_head = NULL;
-   return (error);
-   }
-   } else if (error) {
-   printf(%s: could not load TX mbuf\n, sc-sc_dev.dv_xname);
-   return (error);
+   error = bus_dmamap_load_mbuf(sc-sc_dmat, txd-tx_dmamap,
+*m_head, BUS_DMA_NOWAIT);
+   if (error != 0)
+   goto drop;
+   }
+
+   if (sc-jme_cdata.jme_tx_cnt + txd-tx_dmamap-dm_nsegs +
+   1  JME_TX_RING_CNT - 1) {
+   bus_dmamap_unload(sc-sc_dmat, txd-tx_dmamap);
+   return (ENOBUFS);
}

m = *m_head;
@@ -1127,7 +1110,6 @@ jme_encap(struct jme_softc *sc, struct m
desc-addr_hi = htole32(m-m_pkthdr.len);
desc-addr_lo = 0;
sc-jme_cdata.jme_tx_cnt++;
-   KASSERT(sc-jme_cdata.jme_tx_cnt  JME_TX_RING_CNT - JME_TXD_RSVD);
JME_DESC_INC(prod, JME_TX_RING_CNT);
for (i = 0; i  txd-tx_dmamap-dm_nsegs; i++) {
desc = sc-jme_rdata.jme_tx_ring[prod];
@@ -1137,10 +1119,7 @@ jme_encap(struct jme_softc *sc, struct m
htole32(JME_ADDR_HI(txd-tx_dmamap-dm_segs[i].ds_addr));
desc-addr_lo =
htole32(JME_ADDR_LO(txd-tx_dmamap-dm_segs[i].ds_addr));
-
sc-jme_cdata.jme_tx_cnt++;
-   KASSERT(sc-jme_cdata.jme_tx_cnt =
-JME_TX_RING_CNT - JME_TXD_RSVD);
JME_DESC_INC(prod, JME_TX_RING_CNT);
}

@@ -1163,6 +1142,11 @@ jme_encap(struct jme_softc *sc, struct m
 	 sc-jme_cdata.jme_tx_ring_map-dm_mapsize, 
BUS_DMASYNC_PREWRITE);


return (0);
+
+  drop:
+   m_freem(*m_head);
+   *m_head = NULL;
+   return (error);
 }

 void
@@ -1204,13 +1188,13 @@ jme_start(struct ifnet *ifp)
 * for the NIC to drain the ring.
 */
if (jme_encap(sc, m_head)) {
-   if (m_head == NULL) {
+   if (m_head == NULL)
ifp-if_oerrors++;
-   break;
-   }
-   ifp-if_flags |= IFF_OACTIVE;
+   else
+

Re: ospfd default route problem

2013-03-25 Thread Loïc BLOT 
Hi Robert and misc@openbsd,
thanks for your reply, but if i don't want to connect  area 12 on area
0 ? My area 12 is reserved for LAN to LAN only, i don't want to publish
its routes on the backbone area and backbone area is not in stub mode.

Also, I thought about stub areas to not publish routes. I think i must
apply stub to area 3 but not under area 12, right ? Stub is on the area
on which we don't want to obtain routes from other areas, don't we ?

Thank you in advance,

--
Best regards,
Loïc BLOT,
UNIX systems, security and network expert
http://www.unix-experience.fr




Le lundi 25 mars 2013 à 14:23 +0100, Robert Blacquiere a écrit :

 On Mon, Mar 25, 2013 at 11:24:56AM +0100, Lo?c Blot wrote:
  Hi all,
  I update my last mail with OSPF to give you precisions.
 
  I have 2 LAN OBSD routers, which are on a local VLAN, and 1 MAN OBSD
  router, connected to local VLAN and has an interco with MAN Router
  - my 3 OpenBSD routers use area 12 to exchange local routes
  - my MAN router use area 12 over GRE+IPSec with a remote site
  - my MAN router use area 3 to get routes from MAN (default route
  especially)
 
  A little scheme network scheme
 
 
 Area 3Area 12
  WAN --| MAN Router || My OBSD MAN Router || My OBSD LAN1
   |  ||| My OBSD LAN2
   |  |
   |  |
   |  Gre + IPSec | Area 12
   |  |
   |  |
   |  |
   |--| Remote OBSD Router || Remote LAN
 

 snip

 Every OSPF area needs to connect to area 0 (Backbone area). If you don't
 you need to use virtual interface tunnel (CISCO specific) to attach Area 12
to Area 0.
 It seems this can cause the issue you are seeing.

 See also:

http://www.netcraftsmen.net/resources/archived-articles/434-introducing-ospf.
html

 Regards

 Robert

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]

Intel Centrino Wireless-N 2230

2013-03-25 Thread Tom Doherty 
Hi
Anyone working on adding support for Intel Centrino Wireless-N 2230?
dmesg shows it as

vendor Intel, unknown product 0x0888 (class network subclass miscellaneous, 
rev 0xc4) at pci3 dev 0 function 0 not configured

NetBSD has pcidevs entries for it but no driver code:

http://mail-index.netbsd.org/netbsd-users/2012/10/19/msg011722.html

dmesg/pcidump below. acpidump available at 
http://singlesecond.com/u310-acpidump.tgz

Cheers
Tom


OpenBSD 5.3-current (GENERIC) #76: Fri Mar 22 12:23:44 MDT 2013
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 4130385920 (3939MB)
avail mem = 4012769280 (3826MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xfaa00 (35 entries)
bios0: vendor Phoenix Technologies Ltd. version 65CN90WW date 09/25/2012
bios0: LENOVO IdeaPad U310
acpi0 at bios0: rev 2
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP SLIC SSDT ASF! HPET APIC MCFG FPDT FPDT SSDT SSDT UEFI 
UEFI MSDM SSDT UEFI SSDT DBG2
acpi0: wakeup devices P0P1(S4) EHC1(S3) EHC2(S3) XHC_(S3) HDEF(S4) PXSX(S4) 
RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) 
RP05(S4) PXSX(S4) RP06(S4) PXSX(S4) RP07(S4) PXSX(S4) RP08(S4) PEG0(S4) 
PEGP(S4) PEG1(S4) PEG2(S4) PEG3(S4) LID0(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz, 1696.37 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,AVX,F16C,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: apic clock running at 99MHz
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (P0P1)
acpiprt2 at acpi0: bus 1 (RP01)
acpiprt3 at acpi0: bus 2 (RP02)
acpiprt4 at acpi0: bus 3 (RP03)
acpiprt5 at acpi0: bus -1 (RP04)
acpiprt6 at acpi0: bus -1 (RP05)
acpiprt7 at acpi0: bus -1 (RP06)
acpiprt8 at acpi0: bus -1 (RP07)
acpiprt9 at acpi0: bus -1 (RP08)
acpiprt10 at acpi0: bus -1 (PEG0)
acpiprt11 at acpi0: bus -1 (PEG1)
acpiprt12 at acpi0: bus -1 (PEG2)
acpiprt13 at acpi0: bus -1 (PEG3)
acpiec0 at acpi0
acpicpu0 at acpi0: C3, C2, C1, PSS
acpitz0 at acpi0: critical temperature is 104 degC
acpiac0 at acpi0: AC unit offline
acpibat0 at acpi0: BAT1 model LNV-L11M3P01 serial   type LION oem SMP
acpibtn0 at acpi0: LID0
acpibtn1 at acpi0: PWRB
acpivideo0 at acpi0: GFX0
acpivout0 at acpivideo0: DD02
cpu0: Enhanced SpeedStep 1696 MHz: speeds: 1801, 1800, 1700, 1600, 1500, 1400, 
1300, 1200, 1100, 1000, 900, 800, 774 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel Core 3G Host rev 0x09
vga1 at pci0 dev 2 function 0 Intel HD Graphics 4000 rev 0x09
intagp0 at vga1
agp0 at intagp0: aperture at 0xe000, size 0x1000
inteldrm0 at vga1
drm0 at inteldrm0
inteldrm0: apic 2 int 16
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
Intel 7 Series xHCI rev 0x04 at pci0 dev 20 function 0 not configured
Intel 7 Series MEI rev 0x04 at pci0 dev 22 function 0 not configured
ehci0 at pci0 dev 26 function 0 Intel 7 Series USB rev 0x04: apic 2 int 16
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 Intel 7 Series HD Audio rev 0x04: msi
azalia0: codecs: Conexant/0x506e, Intel/0x2806, using Conexant/0x506e
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 Intel 7 Series PCIE rev 0xc4: msi
pci1 at ppb0 bus 1
ppb1 at pci0 dev 28 function 1 Intel 7 Series PCIE rev 0xc4: msi
pci2 at ppb1 bus 2
re0 at pci2 dev 0 function 0 Realtek 8101E rev 0x05: RTL8105E (0x4080), apic 
2 int 17, address 08:9e:01:34:c9:14
ukphy0 at re0 phy 7: Generic IEEE 802.3u media interface, rev. 2: OUI 0x000732, 
model 0x0008
ppb2 at pci0 dev 28 function 2 Intel 7 Series PCIE rev 0xc4: msi
pci3 at ppb2 bus 3
vendor Intel, unknown product 0x0888 (class network subclass miscellaneous, 
rev 0xc4) at pci3 dev 0 function 0 not configured
ehci1 at pci0 dev 29 function 0 Intel 7 Series USB rev 0x04: apic 2 int 23
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1
pcib0 at pci0 dev 31 function 0 Intel HM77 LPC rev 0x04
ahci0 at pci0 dev 31 function 2 Intel 7 Series AHCI rev 0x04: msi, AHCI 1.3
scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 0 lun 0: ATA, RDM-II XM020C, C3M SCSI3 0/direct fixed 
naa.5044a50029221bfd
sd0: 22902MB, 512 bytes/sector, 46905264 sectors, thin
sd1 at scsibus0 targ 1 lun 0: ATA, HITACHI HTS54505, GG2Z SCSI3 0/direct 
fixed naa.5000cca6f7f049df
sd1: 476940MB, 512 bytes/sector, 976773168 sectors

pf.conf: sticky-address causes page fault in this config

2013-03-25 Thread Rob Sheldon 
I sent this in via sendbug() but am also posting it here in case I'm 
doing something obviously wrong.


I've got a fresh from-scratch plain-vanilla 5.2-generic i386 install 
with a mildly complex pf.conf file. Adding sticky-address to a single 
rule reliably causes a page fault whenever the file is loaded (either 
via pfctl or system boot). There's nothing else too wonky on this system 
(I haven't had time to mess it up yet).


The output from the page fault is:

uvm_fault(0xd0a11920, 0xd6c7b000, 0, 1) - e
kernel: page fault trap, code=0
Stopped at pf_test_rule+0xdbc:   mov1  
0xff70(%ebp),%eax

ddb

...I couldn't run trace because it hard-locked at that point. I just 
found the instructions for setting ddb.console, so if someone needs the 
trace output I can trigger it again, but I'd like to avoid it if 
reasonable.


I've appended the pf.conf file, with only minor changes to the external 
IP addresses (NNN.NNN.NNN.NNN), warts and all.


A quick search of the openbsd-misc archives didn't turn anything up 
either. Is this a known thing, maybe fixed in 5.3 or elsewhere, ...?


Thanks.

- R.

--

#   $OpenBSD: pf.conf,v 1.37 2008/05/09 06:04:08 reyk Exp $
#
# See pf.conf(5) for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or 
net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between 
interfaces.


# Useful macros for this network
if_srv= rl0
if_dsl= rl1
if_sbb= re0
if_lan= fxp0
if_wifi   = dc0
if_ext= { $if_dsl $if_sbb }
if_int= { $if_lan $if_srv $if_wifi }
ip_dsl= NNN.NNN.NNN.NNN
ip_sbb= NNN.NNN.NNN.NNN
ip_ext= { $ip_dsl $ip_sbb }
gw_dsl= NNN.NNN.NNN.NNN
gw_sbb= NNN.NNN.NNN.NNN
net_lan   = 192.168.0.0/24
net_wifi  = 192.168.1.0/24
net_srv   = 192.168.10.0/24
net_int   = { 192.168.0.0/24 192.168.1.0/24 192.168.10.0/24 }
ip_mail   = 192.168.10.164
ip_lan= 192.168.0.1


# Default runtime options
set block-policy drop


# Block everything by default
block


# Redirect mail and webmail connections from external interfaces to the 
mail server.
# Connections from the internal network need to bypass the rest of the 
rules in this

#file to avoid getting mangled by routing later on.
pass in on $if_ext proto tcp from any to $ip_ext port { 25 80 110 143 
220 587 993 } rdr-to $ip_mail
pass in quick on { $if_lan $if_wifi } proto tcp from { $net_lan 
$net_wifi } to $ip_ext port { 25 80 110 143 220 587 993 } rdr-to 
$ip_mail



# Allow ssh connections to the firewall from the lan only.
pass in on $if_lan proto tcp from $net_lan to $if_lan port ssh


# Allow ssh connections to the srv interface from the firewall and 
local networks.

pass on $if_srv proto tcp from $net_lan to $net_srv port ssh


# Allow web connections to the srv interface from local and wifi 
networks.

pass on $if_srv proto tcp from $net_int to $net_srv port 80


# Allow traffic to go out over the external interface.
pass out on $if_ext


# Allow traffic in from the LAN to anything else.
pass in on $if_lan from $net_lan to ! $net_lan


# Allow traffic in from wifi to anything not on the local network.
pass in on $if_wifi from $net_wifi to ! 192.168.0.0/16


# Allow traffic from anywhere to the mail server on specific ports.
pass on $if_srv proto tcp from any to any port { 25 80 110 143 220 587 
993 }



# Load balancing.
pass in on $if_int from $net_int to { ! 192.168.0.0/16 } route-to { 
($if_sbb $gw_sbb), ($if_dsl $gw_dsl) } round-robin
#pass in on $if_int from $net_int to { ! 192.168.0.0/16 } route-to { 
$if_sbb $if_dsl } round-robin


# To cause pf_test_rule to crash, comment the above round-robin rule 
and uncomment the following:
#pass in on $if_int from $net_int to { ! 192.168.0.0/16 } route-to { 
($if_sbb $gw_sbb), ($if_dsl $gw_dsl) } round-robin sticky-address



# Send FTP and https connections out over only one of the interfaces; 
otherwise they may have trouble.
pass in on $if_int proto tcp from $net_int to { ! 192.168.0.0/16 } port 
{ ftp ftp-data https } route-to ($if_sbb $gw_sbb)



# Re-route load-balanced packets to their correct external interfaces.
pass out on $if_sbb from $if_dsl route-to ($if_dsl $gw_dsl)
pass out on $if_dsl from $if_sbb route-to ($if_sbb $gw_sbb)


# Block BitTorrent traffic. Sorry guys. :-/ (Do it from home.)
block proto { tcp udp } from any to any port {6881:6999, 6969}


# Exception for __.
pass proto { tcp udp } from any to ! 192.168.0.0/16 port 6996


# Dropbox
block to { 208.43.202.0/24, 199.47.216.0/22 }


# Facebook. Added 10-25-2012. Sorry guys.
block to { 31.13.64.0/18, 69.171.224.0/19, 66.220.144.0/20, 
69.63.176.0/20, 204.15.20.0/22, 65.201.208.24/29, 65.204.104.128/28, 
66.92.180.48/28, 66.93.78.176/29, 66.199.37.136/29 }
block to { 67.200.105.48/30, 74.119.76.0/22, 173.252.64.0/18, 
69.171.224.53, 69.171.228.74, 69.171.224.37, 69.171.237.32, 
66.220.149.88, 69.171.237.16, 69.171.234.37, 69.171.229.11 }

block to { 69.171.242.11, 66.220.149.11,

Re: ospfd default route problem

2013-03-25 Thread Stuart Henderson 
On 2013-03-25, Loïc BLOT loic.b...@unix-experience.fr wrote:
 Hi Robert and misc@openbsd,
 thanks for your reply, but if i don't want to connect  area 12 on area
 0 ? My area 12 is reserved for LAN to LAN only, i don't want to publish
 its routes on the backbone area and backbone area is not in stub mode.

It sounds like you are trying to get a default route from area 3 into area
12 though, you would need to do that via the backbone (area 0).

 Le lundi 25 mars 2013 \xc3\xa0 14:23 +0100, Robert Blacquiere a \xc3\xa9crit :

 See also:

 http://www.netcraftsmen.net/resources/archived-articles/434-introducing-ospf.html

yes, there are a bunch of pretty decent OSPF articles on that site.

Re: rsync too slow between two disks with softraid crypto

2013-03-25 Thread Luis 
On 2013.03.05 21:43:45 +0400, Mike Korbakov wrote:
 Hi, Luis!
 
 Low performance with filesystems still big problem in OpenBSD.
 Did You compare linux and OpenBSD without encryption ?
 Results will help to localize problem, is it in encryption engine or in 
 overall filesystem performance.
 
 My simple tests on vmware virtual machines:
 both machines are with 2 cores of intel core-i7 920 and 3Gb RAM (host RAM 
 24Gb)
 virtual disks are preallocated and hosted on the RAID with sequential read 
 speed  100Mb/s
 
 mike@ubuntu104:~$ uname -a
 Linux ubuntu104 2.6.32-45-generic #104-Ubuntu SMP Tue Feb 19 21:21:41 UTC 
 2013 i686 GNU/Linux
 mike@ubuntu104:~$ dd if=/dev/zero of=file1 bs=1024k count=1024
 1024+0 records in
 1024+0 records out
 1073741824 bytes (1.1 GB) copied, 15.8527 s, 67.7 MB/s
 
 bash-4.2# uname -a
 OpenBSD obsd53.vm.mike-i7.kmv 5.3 GENERIC.MP#29 i386
 bash-4.2# dd if=/dev/zero of=file1 bs=1024k count=1024
 1024+0 records in
 1024+0 records out
 1073741824 bytes transferred in 55.544 secs (19331179 bytes/sec)


Hi Mike,


I took your challenge and did some tests with a set of files of 150MB.
What I did was to compare the speed of data transfer in my very small home
servers, both using Intel Desktop Board D945GSEJT with processor Atom N270.

Configurations:
server 0:
1 GB of RAM
OpenBSD 5.2
Samsung SATA 2 disk HD103UJ
Samsung SATA 2 disk HD103SJ

server 1:
2 GB of RAM
FreeBSD 9.1Linux kernel 3.2.29
Seagate PATA ST3160023A

Default configuration/chipers for softraid (OpenBSD), geom  geli
(FreeBSD), and cryptsetup luks (Linux) were used.
From my search, default chipers are:
Linux - AES-CBC-ESSIV:SHA256
FreeBSD geom - 128 AES in CBC mode
FreeBSD geli - 128 AES-XTS
OpenBSD softraid0 - 256 AES-XTS

I don't know enough about encryption, but it seems that
OpenBSD's softraid is the best one and also most demandign. Am I
correct?

The command used to copy files was `cp -pR` in FreeBSD and OpenBSD,
and `cp -ar` in Linux.

Each operation was run at least two times, although only one time is
recorded, because the operations returned similar results.

Recorded times for operations in same disk (used HD103UJ in OpenBSD):
+--+---+--+--+--+
|cp|OpenBSD|FreeBSD geom  |FreeBSD geli  |Linux |
|  |softraid0  |  |  |cryptsetup|
|  |   |  |  |luks  |
+--+---+--+--+--+
|unencrypted   |0m4.43s real   |0.000u 0.775s |0.007u 0.786s |real 0m1.280s |
|to|0m0.02s user   |0:05.23 14.7% |0:05.23 14.9% |user 0m0.009s |
|unencrypted   |0m2.32s system |19+4887k  |21+5377k  |sys 0m1.269s  |
|  |   |0+1193io  |0+1202io  |  |
|  |   |0pf+0w|0pf+0w|  |
+--+---+--+--+--+
|unencrypted   |2m35.50s real  |0.000u 0.696s |0.000u 0.696s |real 0m2.351s |
|to|0m0.01s user   |0:14.28 4.8%  |0:10.99 6.2%  |user 0m0.014s |
|encrypted |0m32.21s system|21+5340k  |20+5058k  |sys 0m1.506s  |
|  |   |16+1192io |3+1374io  |  |
|  |   |0pf+0w|68pf+0w   |  |
+--+---+--+--+--+
|encrypted |0m42.09s real  |0.007u 0.798s |0.000u 0.803s |real 0m1.353s |
|to|0m0.01s user   |0:05.09 15.5% |0:05.15 15.5% |user 0m0.003s |
|unencrypted   |0m2.33s system |20+5011k  |20+4852k  |sys 0m1.275s  |
|  |   |9+1193io  |15+1193io |  |
|  |   |0pf+0w|0pf+0w|  |
+--+---+--+--+--+
|encrypted |1m2.33s real   |0.000u 0.700s |0.023u 0.792s |real 0m2.934s |
|to|0m0.02s user   |0:11.13 6.2%  |0:10.16 7.9%  |user 0m0.013s |
|encrypted |0m30.84s system|21+5152k  |24+4748k  |sys 0m1.653s  |
|  |   |1+1192io  |15+1374io |  |
|  |   |0pf+0w|0pf+0w|  |
+--+---+--+--+--+

Disk operations envolving encrypted partitions on OpenBSD are the
longest ones, even considering that it's using a faster disk.

As I wrote in an earlier post, the cpu is using about 80% during
OpenBSD' data transfers.  The OpenBSD's data transfer speeds when involving
encrypted partitions seem to confirm that they are cpu bound, in my
system.

Maybe because of the superior encryption algorithm, maybe not, Atom
N270 processor doesn't seem sufficient to run OpenBSD in encrypted
mode.  It's a real pain to use OpenBSD is this mode.
FreeBSD and