Re: wireless ethernet (ralink) not working
On 03/24/2013 12:13 AM, Riccardo Mottola wrote: Hi, On 03/23/13 20:13, Peter N. M. Hansteen wrote: Riccardo Mottola riccardo.mott...@libero.it writes: But i am connecting to a WEP protected network, not WPA. typical hostname.if for a wep network: media autoselect nwid wepnetwork nwkey secretasitgets dhcp rtsol activates at boot, or if you do 'sudo sh /etc/netstart ifname' for wpa, you would change 'nwkey' to 'wpakey' and get sensible defaults. Thanks, this looks equivalent to me to what I did configure at the shell command line using ifconfig. In fact, If I run netstart later, I too get no link... sleeping. I start to think that there is a problem with the card's driver: if I leave the card in at boot time, the kernel will panic and drop into ddb. However if I insert later, as I did up to now, I don't Riccardo . Hello, you are not alone with Ralink issues. In my cases as AP: # cat /etc/hostname.rum0(ral0) inet 192.168.111.254 255.255.255.0 NONE -inet6 \ media autoselect mode 11g \ mediaopt hostap chan 1 nwid network \ wpakey xx #wpa wpaprotos wpa2 wpaakms psk wpakey x *** I happy with my first servers with: # uname -a OpenBSD gw.dk 5.0 GENERIC.MP#59 i386 # dmesg | grep ral0 ral0 at pci1 dev 0 function 0 Ralink RT3090 rev 0x00: apic 2 int 16, address 00:12:0e:b1:6e:c7 ral0: MAC/BBP RT3071 (rev 0x0213), RF RT3020 (MIMO 1T1R) But But periodically dmesg and messages log have next error: ral0: Michael MIC failure And once per two or three weeks wi-fi stops serving client, so once per week I do cron job with: @weekly/bin/sh /etc/netstart ral0 * Let's look to my second box: # uname -a OpenBSD gw.kh 5.2 GENERIC.MP#339 i386 # dmesg | grep rum0 rum0 at uhub2 port 3 Ralink 802.11 bg WLAN rev 2.00/0.01 addr 3 rum0: MAC/BBP RT2573 (rev 0x2573a), RF RT2528, address 6c:62:6d:12:5d:59 Wi-fi doesn't work after configuration: rum0: device timeout *** And third one: # uname -a OpenBSD gw 5.2 GENERIC.MP#339 i386 # dmesg | grep ral0 ral0 at pci1 dev 0 function 0 Ralink RT2790 rev 0x00: apic 0 int 16, address 00:22:43:5d:6c:b1 ral0: MAC/BBP RT2872 (rev 0x0200), RF RT2720 (MIMO 1T2R) # ifconfig ral0 ral0: flags=28843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NOINET6 mtu 1500 lladdr 00:22:43:5d:6c:b1 priority: 4 groups: wlan media: IEEE802.11 autoselect mode 11g hostap status: active ieee80211: nwid test chan 3 bssid 00:22:43:5d:6c:b1 wpakey 0x437fe128e9de20eedab446ea43a2b68a6b833c66bc62e13a2bef13b24ad7d5ed wpaprotos wpa1,wpa2 wpaakms psk wpaciphers tkip,ccmp wpagroupcipher tkip inet 192.168.55.254 netmask 0xff00 broadcast 192.168.55.255 # tail /var/log/daemon Mar 25 12:51:00 gw dhcpd[22330]: DHCPDISCOVER from 00:17:9a:b0:19:db via ral0 Mar 25 12:51:00 gw dhcpd[22330]: DHCPOFFER on 192.168.55.18 to 00:17:9a:b0:19:db via ral0 Mar 25 12:51:08 gw dhcpd[22330]: DHCPDISCOVER from 00:17:9a:b0:19:db via ral0 Mar 25 12:51:08 gw dhcpd[22330]: DHCPOFFER on 192.168.55.18 to 00:17:9a:b0:19:db via ral0 Mar 25 12:51:08 gw dhcpd[22330]: DHCPREQUEST for 192.168.55.18 from 00:17:9a:b0:19:db via ral0 Mar 25 12:51:08 gw dhcpd[22330]: DHCPACK on 192.168.55.18 to 00:17:9a:b0:19:db via ral0 And it seems to work fine until you do something real, for example I try to copy 10MB file to this server from client, that connected to it via wi-fi: # scp ppo@192.168.55.18:/home/ppo/Downloads/gfibackup2009home.exe . ppo@192.168.55.18's password: gfibackup2009home.exe 15% 1872KB 0.5KB/s - stalled - ^CKilled by signal 2. Copying started with speed 100KB/sec and than slowdown so I need to ctrl+c it. Client PC stays at the from of the server and it shows connection speed 54Mb/sec So in this case no error present, but wi-fi didn't work as expected. *** I've no idea how much mini-pci cards I should test to find which is works without any issues.
Does OB support any 10GE NIC card
Hi all, Does OB support any 10GE NIC card , where can I get the support list ? Thanks a lot . Raindy Long
Re: Does OB support any 10GE NIC card
On Mon, Mar 25, 2013 at 05:26:17PM +0800, Raindy Long wrote: Does OB support any 10GE NIC card , where can I get the support list ? $ apropos 10G che, cheg (4) - Chelsio Communications 10Gb Ethernet device ix (4) - Intel 82598/82599/X540 PCI Express 10Gb Ethernet device ixgb (4) - Intel PRO/10GbE 10Gb Ethernet device myx (4) - Myricom Myri-10G PCI Express 10Gb Ethernet device oce (4) - Emulex OneConnect 10Gb Ethernet device tht, thtc (4) - Tehuti Networks 10Gb Ethernet device xge (4) - Neterion Xframe/Xframe II 10Gb Ethernet device possible that misses a spot or two, but do look up the man pages. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
ospfd default route problem
Hi all, I update my last mail with OSPF to give you precisions. I have 2 LAN OBSD routers, which are on a local VLAN, and 1 MAN OBSD router, connected to local VLAN and has an interco with MAN Router - my 3 OpenBSD routers use area 12 to exchange local routes - my MAN router use area 12 over GRE+IPSec with a remote site - my MAN router use area 3 to get routes from MAN (default route especially) A little scheme network scheme Area 3Area 12 WAN --| MAN Router || My OBSD MAN Router || My OBSD LAN1 | ||| My OBSD LAN2 | | | | | Gre + IPSec | Area 12 | | | | | | |--| Remote OBSD Router || Remote LAN The problem is when my MAN router learn routes from area 12, the default route, learnt from area 3, disapears (same problem if area 3 is loaded after area 12). I have tryied combinaison of stub/non stub areas, but in each case the problem is present. here is my configuration for the man router: router-id A.B.C.D auth-md 1 pwd1 auth-md 3 pwd2 area 12 { auth-type crypt auth-md-keyid 1 interface gre0 interface trunk1 } area 3 { auth-type crypt auth-md-keyid 3 interface trunk0 } and my configuration from one LAN router router-id A.B.C.D no redistribute default auth-md 1 pwd1 area 12 { auth-type crypt auth-md-keyid 1 interface trunk0 interface trunk1 { passive } interface vlan994 { passive } } Has anyone an idea ? i'm stucked :s. Thanks for advance -- Best regards, Loïc BLOT, Engineering UNIX Systems, Security and Networks http://www.unix-experience.fr
Re: empty pf log / pflogd not starting?
On 2013-03-24, David Ruggiero thatseattle...@gmail.com wrote: I'm playing with the latest 5.3 snapshot and I'm getting an always-empty /var/log/pflog. I'm wondering if there's a problem with the snapshot (unlikely) or something I did wrong in my configuration (much more likely). I don't see this with a -current snapshot on amd64 (TZ=UTC ls -l /sbin/pfctl shows a timestamp of Mar 24 19:00, kernel Mar 24 13:09:09 MDT). If your upgrade procedure is correct (i.e. kernel and userland are upgraded in-sync) and are still seeing this problem, please give more information about what you are running.
Re: Openbsd openrisc opencores arm
On Sun, Mar 24, 2013 at 10:54:27PM -0400, Nick Holland wrote: There's no keyboard, well, because there's no keyboard. There's no mouse, because there's no place to plug it in and the touch screen is undocumented. There's no real network port because it is supposed to be wireless. Typical tablet has USB port one could attach keyboard/mouse/both to. Some of the touch screens are supported in linux, so theoretically the drivers could be written based on linux code as reference. Still, making a usable port for any tablet would take more time then the period of device availability in shops, and even then the user experience would likely be suboptimal, as most pieces of software still rely heavily on text input and precise pointing, while keyboard and mouse would effectively defeat the very idea of using tablet. FWIW Intel is lobbying Atom-based mobile devices. If such devices ever come to exiistance, the idea of OpenBSD may ultimately make some sense. As of now it would be just a waste of developers' time, which is quite limited. -- Dmitrij D. Czarkoff
Re: Openbsd openrisc opencores arm
Nick Holland [n...@holland-consulting.net] wrote: The problem with ARM is there is no ARM reference platform. Every machine is significantly different than every other machine, technical details of how it is built are not published (why should they be? They aren't being sold as general purpose computers). I do not get the excitement over ARM. Sorry. Its design complete and total chaos at this point. There is maybe one sort-of exception to this mess: The openly documented Freescale iMX6 platform. http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code=i.MX6QnodeId=018rH3ZrDRB24Afpsp=1tab=Documentation_Tab It could stay around for a while. There is an open laptop design built around it that looks like fun: http://www.bunniestudios.com/blog/?p=2686 And a certain Dale Rahn even wrote support for iMX6 in a source tree that could drop in to OpenBSD... If someone really wants to play with newer ARM stuff on OpenBSD, try to find some iMX6 hardware, and start with Dale's improved sys/arch/arm, sys/arch/imx and sys/arch/beagle Chris
Re: Openbsd openrisc opencores arm
Am 25.03.2013 um 17:17 schrieb Chris Cappuccio ch...@nmedia.net: Nick Holland [n...@holland-consulting.net] wrote: The problem with ARM is there is no ARM reference platform. Every machine is significantly different than every other machine, technical details of how it is built are not published (why should they be? They aren't being sold as general purpose computers). I do not get the excitement over ARM. Sorry. Its design complete and total chaos at this point. There is maybe one sort-of exception to this mess: The openly documented Freescale iMX6 platform. http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code=i.MX6QnodeId= 018rH3ZrDRB24Afpsp=1tab=Documentation_Tab It could stay around for a while. There is an open laptop design built around it that looks like fun: http://www.bunniestudios.com/blog/?p=2686 And a certain Dale Rahn even wrote support for iMX6 in a source tree that could drop in to OpenBSD... If someone really wants to play with newer ARM stuff on OpenBSD, try to find some iMX6 hardware, and start with Dale's improved sys/arch/arm, sys/arch/imx and sys/arch/beagle I have all that running on OpenBSD. I'm slowly sorting out diffs so we can get it (armv7, panda, imx) into OpenBSD without breaking zaurus. Without that constrain, I could basically just drop it in. I'd recommend one of the following, where I got the first one from: http://boundarydevices.com/products/sabre-lite-imx6-sbc/ http://boundarydevices.com/products/nitrogen6x-board-imx6-arm-cortex-a9-sbc/ Of course, there are other boards, even tablets and mini-usb/hdmi-sticks, but those boards are imho very good. Chris
Re: Pre-orders for 5.3
On Sun, Mar 17, 2013 at 05:13:02PM -0600, dera...@cvs.openbsd.org wrote: Pre-orders for 5.3 are activated! Cool, ordered! Love the theme... re-reading the book now. BTW, there's a typo in tshirts.html Nicolai Index: tshirts.html === RCS file: /cvs/www/tshirts.html,v retrieving revision 1.100 diff -u -p -r1.100 tshirts.html --- tshirts.html 17 Mar 2013 16:08:57 - 1.100 +++ tshirts.html 25 Mar 2013 16:59:21 - @@ -23,7 +23,7 @@ following T-Shirts:/font/h3 hr table tr -tda href=#38#39: 5.3 T-shirt (*NEW*)/a/td +tda href=#39#39: 5.3 T-shirt (*NEW*)/a/td tda href=#38#38: 5.2 Puffy T-shirt/a/td tda href=#37#37: 5.1 T-shirt/a/td /trtr
5.3 song released
Between pre-release and actual release, I always make the new song available with some fragments of the release artwork. This song was composed by my good friend Bob Kitella. http://www.openbsd.org/lyrics.html http://www.openbsd.org/lyrics.html#53 http://www.openbsd.org/songs/song53.mp3 http://www.openbsd.org/songs/song53.ogg Enjoy. If you want a non-compressed version of it, you will need to pre-order the 5.3 release and wait a little while... http://www.openbsd.org/orders.html
Re: Kernel panic with jme driver
Le 25/03/2013 05:59, Brad Smith a écrit : On Sun, Mar 24, 2013 at 03:46:38PM +0100, Com??te wrote: Hello, i own a Shuttle XS35v2 and actually run OpenBSD 5.2 amd64 (SMP) on it. I run OpenBSD on this hardware since 4.9 and i always encountered the following problem, sorry for the late report it took me some time to identify it: The NIC uses the jme driver which run in a kernel panic each time i upload data from the XS35v2 to any other machine with a transfer rate above 7 Mbits/s (XS35v2 - other PC). No problem at all when downloading. I made some tests that you can follow to easily reproduce the crash: Please test the following diff that should fix the obvious bug. Index: if_jme.c === RCS file: /home/cvs/src/sys/dev/pci/if_jme.c,v retrieving revision 1.29 diff -u -p -r1.29 if_jme.c --- if_jme.c29 Nov 2012 21:10:32 - 1.29 +++ if_jme.c25 Mar 2013 04:54:01 - @@ -1058,48 +1058,31 @@ jme_encap(struct jme_softc *sc, struct m struct jme_txdesc *txd; struct jme_desc *desc; struct mbuf *m; - int maxsegs; int error, i, prod; uint32_t cflags; prod = sc-jme_cdata.jme_tx_prod; txd = sc-jme_cdata.jme_txdesc[prod]; - maxsegs = (JME_TX_RING_CNT - sc-jme_cdata.jme_tx_cnt) - - (JME_TXD_RSVD + 1); - if (maxsegs JME_MAXTXSEGS) - maxsegs = JME_MAXTXSEGS; - if (maxsegs (sc-jme_txd_spare - 1)) - panic(%s: not enough segments %d, sc-sc_dev.dv_xname, - maxsegs); - error = bus_dmamap_load_mbuf(sc-sc_dmat, txd-tx_dmamap, *m_head, BUS_DMA_NOWAIT); + if (error != 0 error != EFBIG) + goto drop; if (error != 0) { - bus_dmamap_unload(sc-sc_dmat, txd-tx_dmamap); - error = EFBIG; - } - if (error == EFBIG) { if (m_defrag(*m_head, M_DONTWAIT)) { - printf(%s: can't defrag TX mbuf\n, - sc-sc_dev.dv_xname); - m_freem(*m_head); - *m_head = NULL; - return (ENOBUFS); + error = ENOBUFS; + goto drop; } - error = bus_dmamap_load_mbuf(sc-sc_dmat, -txd-tx_dmamap, *m_head, -BUS_DMA_NOWAIT); - if (error != 0) { - printf(%s: could not load defragged TX mbuf\n, - sc-sc_dev.dv_xname); - m_freem(*m_head); - *m_head = NULL; - return (error); - } - } else if (error) { - printf(%s: could not load TX mbuf\n, sc-sc_dev.dv_xname); - return (error); + error = bus_dmamap_load_mbuf(sc-sc_dmat, txd-tx_dmamap, +*m_head, BUS_DMA_NOWAIT); + if (error != 0) + goto drop; + } + + if (sc-jme_cdata.jme_tx_cnt + txd-tx_dmamap-dm_nsegs + + 1 JME_TX_RING_CNT - 1) { + bus_dmamap_unload(sc-sc_dmat, txd-tx_dmamap); + return (ENOBUFS); } m = *m_head; @@ -1127,7 +1110,6 @@ jme_encap(struct jme_softc *sc, struct m desc-addr_hi = htole32(m-m_pkthdr.len); desc-addr_lo = 0; sc-jme_cdata.jme_tx_cnt++; - KASSERT(sc-jme_cdata.jme_tx_cnt JME_TX_RING_CNT - JME_TXD_RSVD); JME_DESC_INC(prod, JME_TX_RING_CNT); for (i = 0; i txd-tx_dmamap-dm_nsegs; i++) { desc = sc-jme_rdata.jme_tx_ring[prod]; @@ -1137,10 +1119,7 @@ jme_encap(struct jme_softc *sc, struct m htole32(JME_ADDR_HI(txd-tx_dmamap-dm_segs[i].ds_addr)); desc-addr_lo = htole32(JME_ADDR_LO(txd-tx_dmamap-dm_segs[i].ds_addr)); - sc-jme_cdata.jme_tx_cnt++; - KASSERT(sc-jme_cdata.jme_tx_cnt = -JME_TX_RING_CNT - JME_TXD_RSVD); JME_DESC_INC(prod, JME_TX_RING_CNT); } @@ -1163,6 +1142,11 @@ jme_encap(struct jme_softc *sc, struct m sc-jme_cdata.jme_tx_ring_map-dm_mapsize, BUS_DMASYNC_PREWRITE); return (0); + + drop: + m_freem(*m_head); + *m_head = NULL; + return (error); } void @@ -1204,13 +1188,13 @@ jme_start(struct ifnet *ifp) * for the NIC to drain the ring. */ if (jme_encap(sc, m_head)) { - if (m_head == NULL) { + if (m_head == NULL) ifp-if_oerrors++; - break; - } - ifp-if_flags |= IFF_OACTIVE; + else +
Re: ospfd default route problem
Hi Robert and misc@openbsd, thanks for your reply, but if i don't want to connect area 12 on area 0 ? My area 12 is reserved for LAN to LAN only, i don't want to publish its routes on the backbone area and backbone area is not in stub mode. Also, I thought about stub areas to not publish routes. I think i must apply stub to area 3 but not under area 12, right ? Stub is on the area on which we don't want to obtain routes from other areas, don't we ? Thank you in advance, -- Best regards, Loïc BLOT, UNIX systems, security and network expert http://www.unix-experience.fr Le lundi 25 mars 2013 à 14:23 +0100, Robert Blacquiere a écrit : On Mon, Mar 25, 2013 at 11:24:56AM +0100, Lo?c Blot wrote: Hi all, I update my last mail with OSPF to give you precisions. I have 2 LAN OBSD routers, which are on a local VLAN, and 1 MAN OBSD router, connected to local VLAN and has an interco with MAN Router - my 3 OpenBSD routers use area 12 to exchange local routes - my MAN router use area 12 over GRE+IPSec with a remote site - my MAN router use area 3 to get routes from MAN (default route especially) A little scheme network scheme Area 3Area 12 WAN --| MAN Router || My OBSD MAN Router || My OBSD LAN1 | ||| My OBSD LAN2 | | | | | Gre + IPSec | Area 12 | | | | | | |--| Remote OBSD Router || Remote LAN snip Every OSPF area needs to connect to area 0 (Backbone area). If you don't you need to use virtual interface tunnel (CISCO specific) to attach Area 12 to Area 0. It seems this can cause the issue you are seeing. See also: http://www.netcraftsmen.net/resources/archived-articles/434-introducing-ospf. html Regards Robert [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Intel Centrino Wireless-N 2230
Hi Anyone working on adding support for Intel Centrino Wireless-N 2230? dmesg shows it as vendor Intel, unknown product 0x0888 (class network subclass miscellaneous, rev 0xc4) at pci3 dev 0 function 0 not configured NetBSD has pcidevs entries for it but no driver code: http://mail-index.netbsd.org/netbsd-users/2012/10/19/msg011722.html dmesg/pcidump below. acpidump available at http://singlesecond.com/u310-acpidump.tgz Cheers Tom OpenBSD 5.3-current (GENERIC) #76: Fri Mar 22 12:23:44 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 4130385920 (3939MB) avail mem = 4012769280 (3826MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xfaa00 (35 entries) bios0: vendor Phoenix Technologies Ltd. version 65CN90WW date 09/25/2012 bios0: LENOVO IdeaPad U310 acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP SLIC SSDT ASF! HPET APIC MCFG FPDT FPDT SSDT SSDT UEFI UEFI MSDM SSDT UEFI SSDT DBG2 acpi0: wakeup devices P0P1(S4) EHC1(S3) EHC2(S3) XHC_(S3) HDEF(S4) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) PXSX(S4) RP06(S4) PXSX(S4) RP07(S4) PXSX(S4) RP08(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEG2(S4) PEG3(S4) LID0(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz, 1696.37 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,AVX,F16C,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS cpu0: 256KB 64b/line 8-way L2 cache cpu0: apic clock running at 99MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P1) acpiprt2 at acpi0: bus 1 (RP01) acpiprt3 at acpi0: bus 2 (RP02) acpiprt4 at acpi0: bus 3 (RP03) acpiprt5 at acpi0: bus -1 (RP04) acpiprt6 at acpi0: bus -1 (RP05) acpiprt7 at acpi0: bus -1 (RP06) acpiprt8 at acpi0: bus -1 (RP07) acpiprt9 at acpi0: bus -1 (RP08) acpiprt10 at acpi0: bus -1 (PEG0) acpiprt11 at acpi0: bus -1 (PEG1) acpiprt12 at acpi0: bus -1 (PEG2) acpiprt13 at acpi0: bus -1 (PEG3) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature is 104 degC acpiac0 at acpi0: AC unit offline acpibat0 at acpi0: BAT1 model LNV-L11M3P01 serial type LION oem SMP acpibtn0 at acpi0: LID0 acpibtn1 at acpi0: PWRB acpivideo0 at acpi0: GFX0 acpivout0 at acpivideo0: DD02 cpu0: Enhanced SpeedStep 1696 MHz: speeds: 1801, 1800, 1700, 1600, 1500, 1400, 1300, 1200, 1100, 1000, 900, 800, 774 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel Core 3G Host rev 0x09 vga1 at pci0 dev 2 function 0 Intel HD Graphics 4000 rev 0x09 intagp0 at vga1 agp0 at intagp0: aperture at 0xe000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: apic 2 int 16 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) Intel 7 Series xHCI rev 0x04 at pci0 dev 20 function 0 not configured Intel 7 Series MEI rev 0x04 at pci0 dev 22 function 0 not configured ehci0 at pci0 dev 26 function 0 Intel 7 Series USB rev 0x04: apic 2 int 16 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 Intel 7 Series HD Audio rev 0x04: msi azalia0: codecs: Conexant/0x506e, Intel/0x2806, using Conexant/0x506e audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 7 Series PCIE rev 0xc4: msi pci1 at ppb0 bus 1 ppb1 at pci0 dev 28 function 1 Intel 7 Series PCIE rev 0xc4: msi pci2 at ppb1 bus 2 re0 at pci2 dev 0 function 0 Realtek 8101E rev 0x05: RTL8105E (0x4080), apic 2 int 17, address 08:9e:01:34:c9:14 ukphy0 at re0 phy 7: Generic IEEE 802.3u media interface, rev. 2: OUI 0x000732, model 0x0008 ppb2 at pci0 dev 28 function 2 Intel 7 Series PCIE rev 0xc4: msi pci3 at ppb2 bus 3 vendor Intel, unknown product 0x0888 (class network subclass miscellaneous, rev 0xc4) at pci3 dev 0 function 0 not configured ehci1 at pci0 dev 29 function 0 Intel 7 Series USB rev 0x04: apic 2 int 23 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 pcib0 at pci0 dev 31 function 0 Intel HM77 LPC rev 0x04 ahci0 at pci0 dev 31 function 2 Intel 7 Series AHCI rev 0x04: msi, AHCI 1.3 scsibus0 at ahci0: 32 targets sd0 at scsibus0 targ 0 lun 0: ATA, RDM-II XM020C, C3M SCSI3 0/direct fixed naa.5044a50029221bfd sd0: 22902MB, 512 bytes/sector, 46905264 sectors, thin sd1 at scsibus0 targ 1 lun 0: ATA, HITACHI HTS54505, GG2Z SCSI3 0/direct fixed naa.5000cca6f7f049df sd1: 476940MB, 512 bytes/sector, 976773168 sectors
pf.conf: sticky-address causes page fault in this config
I sent this in via sendbug() but am also posting it here in case I'm doing something obviously wrong. I've got a fresh from-scratch plain-vanilla 5.2-generic i386 install with a mildly complex pf.conf file. Adding sticky-address to a single rule reliably causes a page fault whenever the file is loaded (either via pfctl or system boot). There's nothing else too wonky on this system (I haven't had time to mess it up yet). The output from the page fault is: uvm_fault(0xd0a11920, 0xd6c7b000, 0, 1) - e kernel: page fault trap, code=0 Stopped at pf_test_rule+0xdbc: mov1 0xff70(%ebp),%eax ddb ...I couldn't run trace because it hard-locked at that point. I just found the instructions for setting ddb.console, so if someone needs the trace output I can trigger it again, but I'd like to avoid it if reasonable. I've appended the pf.conf file, with only minor changes to the external IP addresses (NNN.NNN.NNN.NNN), warts and all. A quick search of the openbsd-misc archives didn't turn anything up either. Is this a known thing, maybe fixed in 5.3 or elsewhere, ...? Thanks. - R. -- # $OpenBSD: pf.conf,v 1.37 2008/05/09 06:04:08 reyk Exp $ # # See pf.conf(5) for syntax and examples. # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1 # in /etc/sysctl.conf if packets are to be forwarded between interfaces. # Useful macros for this network if_srv= rl0 if_dsl= rl1 if_sbb= re0 if_lan= fxp0 if_wifi = dc0 if_ext= { $if_dsl $if_sbb } if_int= { $if_lan $if_srv $if_wifi } ip_dsl= NNN.NNN.NNN.NNN ip_sbb= NNN.NNN.NNN.NNN ip_ext= { $ip_dsl $ip_sbb } gw_dsl= NNN.NNN.NNN.NNN gw_sbb= NNN.NNN.NNN.NNN net_lan = 192.168.0.0/24 net_wifi = 192.168.1.0/24 net_srv = 192.168.10.0/24 net_int = { 192.168.0.0/24 192.168.1.0/24 192.168.10.0/24 } ip_mail = 192.168.10.164 ip_lan= 192.168.0.1 # Default runtime options set block-policy drop # Block everything by default block # Redirect mail and webmail connections from external interfaces to the mail server. # Connections from the internal network need to bypass the rest of the rules in this #file to avoid getting mangled by routing later on. pass in on $if_ext proto tcp from any to $ip_ext port { 25 80 110 143 220 587 993 } rdr-to $ip_mail pass in quick on { $if_lan $if_wifi } proto tcp from { $net_lan $net_wifi } to $ip_ext port { 25 80 110 143 220 587 993 } rdr-to $ip_mail # Allow ssh connections to the firewall from the lan only. pass in on $if_lan proto tcp from $net_lan to $if_lan port ssh # Allow ssh connections to the srv interface from the firewall and local networks. pass on $if_srv proto tcp from $net_lan to $net_srv port ssh # Allow web connections to the srv interface from local and wifi networks. pass on $if_srv proto tcp from $net_int to $net_srv port 80 # Allow traffic to go out over the external interface. pass out on $if_ext # Allow traffic in from the LAN to anything else. pass in on $if_lan from $net_lan to ! $net_lan # Allow traffic in from wifi to anything not on the local network. pass in on $if_wifi from $net_wifi to ! 192.168.0.0/16 # Allow traffic from anywhere to the mail server on specific ports. pass on $if_srv proto tcp from any to any port { 25 80 110 143 220 587 993 } # Load balancing. pass in on $if_int from $net_int to { ! 192.168.0.0/16 } route-to { ($if_sbb $gw_sbb), ($if_dsl $gw_dsl) } round-robin #pass in on $if_int from $net_int to { ! 192.168.0.0/16 } route-to { $if_sbb $if_dsl } round-robin # To cause pf_test_rule to crash, comment the above round-robin rule and uncomment the following: #pass in on $if_int from $net_int to { ! 192.168.0.0/16 } route-to { ($if_sbb $gw_sbb), ($if_dsl $gw_dsl) } round-robin sticky-address # Send FTP and https connections out over only one of the interfaces; otherwise they may have trouble. pass in on $if_int proto tcp from $net_int to { ! 192.168.0.0/16 } port { ftp ftp-data https } route-to ($if_sbb $gw_sbb) # Re-route load-balanced packets to their correct external interfaces. pass out on $if_sbb from $if_dsl route-to ($if_dsl $gw_dsl) pass out on $if_dsl from $if_sbb route-to ($if_sbb $gw_sbb) # Block BitTorrent traffic. Sorry guys. :-/ (Do it from home.) block proto { tcp udp } from any to any port {6881:6999, 6969} # Exception for __. pass proto { tcp udp } from any to ! 192.168.0.0/16 port 6996 # Dropbox block to { 208.43.202.0/24, 199.47.216.0/22 } # Facebook. Added 10-25-2012. Sorry guys. block to { 31.13.64.0/18, 69.171.224.0/19, 66.220.144.0/20, 69.63.176.0/20, 204.15.20.0/22, 65.201.208.24/29, 65.204.104.128/28, 66.92.180.48/28, 66.93.78.176/29, 66.199.37.136/29 } block to { 67.200.105.48/30, 74.119.76.0/22, 173.252.64.0/18, 69.171.224.53, 69.171.228.74, 69.171.224.37, 69.171.237.32, 66.220.149.88, 69.171.237.16, 69.171.234.37, 69.171.229.11 } block to { 69.171.242.11, 66.220.149.11,
Re: ospfd default route problem
On 2013-03-25, Loïc BLOT loic.b...@unix-experience.fr wrote: Hi Robert and misc@openbsd, thanks for your reply, but if i don't want to connect area 12 on area 0 ? My area 12 is reserved for LAN to LAN only, i don't want to publish its routes on the backbone area and backbone area is not in stub mode. It sounds like you are trying to get a default route from area 3 into area 12 though, you would need to do that via the backbone (area 0). Le lundi 25 mars 2013 \xc3\xa0 14:23 +0100, Robert Blacquiere a \xc3\xa9crit : See also: http://www.netcraftsmen.net/resources/archived-articles/434-introducing-ospf.html yes, there are a bunch of pretty decent OSPF articles on that site.
Re: rsync too slow between two disks with softraid crypto
On 2013.03.05 21:43:45 +0400, Mike Korbakov wrote: Hi, Luis! Low performance with filesystems still big problem in OpenBSD. Did You compare linux and OpenBSD without encryption ? Results will help to localize problem, is it in encryption engine or in overall filesystem performance. My simple tests on vmware virtual machines: both machines are with 2 cores of intel core-i7 920 and 3Gb RAM (host RAM 24Gb) virtual disks are preallocated and hosted on the RAID with sequential read speed 100Mb/s mike@ubuntu104:~$ uname -a Linux ubuntu104 2.6.32-45-generic #104-Ubuntu SMP Tue Feb 19 21:21:41 UTC 2013 i686 GNU/Linux mike@ubuntu104:~$ dd if=/dev/zero of=file1 bs=1024k count=1024 1024+0 records in 1024+0 records out 1073741824 bytes (1.1 GB) copied, 15.8527 s, 67.7 MB/s bash-4.2# uname -a OpenBSD obsd53.vm.mike-i7.kmv 5.3 GENERIC.MP#29 i386 bash-4.2# dd if=/dev/zero of=file1 bs=1024k count=1024 1024+0 records in 1024+0 records out 1073741824 bytes transferred in 55.544 secs (19331179 bytes/sec) Hi Mike, I took your challenge and did some tests with a set of files of 150MB. What I did was to compare the speed of data transfer in my very small home servers, both using Intel Desktop Board D945GSEJT with processor Atom N270. Configurations: server 0: 1 GB of RAM OpenBSD 5.2 Samsung SATA 2 disk HD103UJ Samsung SATA 2 disk HD103SJ server 1: 2 GB of RAM FreeBSD 9.1Linux kernel 3.2.29 Seagate PATA ST3160023A Default configuration/chipers for softraid (OpenBSD), geom geli (FreeBSD), and cryptsetup luks (Linux) were used. From my search, default chipers are: Linux - AES-CBC-ESSIV:SHA256 FreeBSD geom - 128 AES in CBC mode FreeBSD geli - 128 AES-XTS OpenBSD softraid0 - 256 AES-XTS I don't know enough about encryption, but it seems that OpenBSD's softraid is the best one and also most demandign. Am I correct? The command used to copy files was `cp -pR` in FreeBSD and OpenBSD, and `cp -ar` in Linux. Each operation was run at least two times, although only one time is recorded, because the operations returned similar results. Recorded times for operations in same disk (used HD103UJ in OpenBSD): +--+---+--+--+--+ |cp|OpenBSD|FreeBSD geom |FreeBSD geli |Linux | | |softraid0 | | |cryptsetup| | | | | |luks | +--+---+--+--+--+ |unencrypted |0m4.43s real |0.000u 0.775s |0.007u 0.786s |real 0m1.280s | |to|0m0.02s user |0:05.23 14.7% |0:05.23 14.9% |user 0m0.009s | |unencrypted |0m2.32s system |19+4887k |21+5377k |sys 0m1.269s | | | |0+1193io |0+1202io | | | | |0pf+0w|0pf+0w| | +--+---+--+--+--+ |unencrypted |2m35.50s real |0.000u 0.696s |0.000u 0.696s |real 0m2.351s | |to|0m0.01s user |0:14.28 4.8% |0:10.99 6.2% |user 0m0.014s | |encrypted |0m32.21s system|21+5340k |20+5058k |sys 0m1.506s | | | |16+1192io |3+1374io | | | | |0pf+0w|68pf+0w | | +--+---+--+--+--+ |encrypted |0m42.09s real |0.007u 0.798s |0.000u 0.803s |real 0m1.353s | |to|0m0.01s user |0:05.09 15.5% |0:05.15 15.5% |user 0m0.003s | |unencrypted |0m2.33s system |20+5011k |20+4852k |sys 0m1.275s | | | |9+1193io |15+1193io | | | | |0pf+0w|0pf+0w| | +--+---+--+--+--+ |encrypted |1m2.33s real |0.000u 0.700s |0.023u 0.792s |real 0m2.934s | |to|0m0.02s user |0:11.13 6.2% |0:10.16 7.9% |user 0m0.013s | |encrypted |0m30.84s system|21+5152k |24+4748k |sys 0m1.653s | | | |1+1192io |15+1374io | | | | |0pf+0w|0pf+0w| | +--+---+--+--+--+ Disk operations envolving encrypted partitions on OpenBSD are the longest ones, even considering that it's using a faster disk. As I wrote in an earlier post, the cpu is using about 80% during OpenBSD' data transfers. The OpenBSD's data transfer speeds when involving encrypted partitions seem to confirm that they are cpu bound, in my system. Maybe because of the superior encryption algorithm, maybe not, Atom N270 processor doesn't seem sufficient to run OpenBSD in encrypted mode. It's a real pain to use OpenBSD is this mode. FreeBSD and