IKEDv2 OpenBSD Roadwarrior

[Jan Lambertz]

still one thing left before i can decalre this bazaar open.
internet via vpn does not work yet. the vpn server is already acting
as router for my home network.
connecting vpn works.
ping each sides via vpn works.
using the vpnservers unbound as nameserver on notebook works.

it seems like the packages reaching enc0 at the server don't go to
egress. here the tcpdump.

server tcpdump

server# tcpdump -i enc0 -o -ttt -vv -e -n
tcpdump: listening on enc0, link-type ENC
May 30 19:57:57.510729 (authentic,confidential): SPI 0x8a035a97:
89.x.x.x.x > 178.x.x.x: 192.168.2.10 > 216.58.214.67: icmp: echo
request (id:121c seq:50) [icmp cksum ok] (ttl 255, id 30160, len 84)
(ttl 50, id 8360, l
en 104)
May 30 19:57:57.510761 (authentic,confidential): SPI 0xc36d724b:
178.x.x.x > 89.x.x.x.x: 192.168.2.10 > 216.58.214.67: icmp: echo
request (id:121c seq:50) [icmp cksum ok] (ttl 254, id 59008, len 84)
(ttl 64, id 62279,
len 104, bad ip cksum 0! -> afe5)
May 30 19:57:58.502468 (authentic,confidential): SPI 0x8a035a97:
89.x.x.x.x > 178.x.x.x: 192.168.2.10 > 216.58.214.67: icmp: echo
request (id:121c seq:51) [icmp cksum ok] (ttl 255, id 17935, len 84)
(ttl 50, id 31161,
len 104)
May 30 19:57:58.502499 (authentic,confidential): SPI 0xc36d724b:
178.x.x.x > 89.x.x.x.x: 192.168.2.10 > 216.58.214.67: icmp: echo
request (id:121c seq:51) [icmp cksum ok] (ttl 254, id 23117, len 84)
(ttl 64, id 13745,
len 104, bad ip cksum 0! -> 6d7c)
May 30 19:57:59.502705 (authentic,confidential): SPI 0x8a035a97:
89.x.x.x.x > 178.x.x.x: 192.168.2.10 > 216.58.214.67: icmp: echo
request (id:121c seq:52) [icmp cksum ok] (ttl 255, id 10110, len 84)
(ttl 50, id 12748,
len 104)

but after that nothing happens. no corresponding traffic on axe0 (egress).
here the relevant part of pf.conf. nothing gets blocked.

match out from 192.168.2.0/24 to (axe0:network) nat-to (axe0)
...
pass in on enc0 inet from 192.168.2.0/24
pass out on enc0
pass out on axe0



iked.conf notebook

ikev2 "VPN HOME" active ipcomp esp inet \
from 192.168.2.10 to 0.0.0.0/0 \
from 192.168.2.10 to 192.168.2.1 \
peer 178.x.x.x \
psk ""


iked.conf server

ikev2 "VPN HOME" passive ipcomp esp inet \
from 192.168.2.0/24 to 0.0.0.0/0 \
from 192.168.2.1 to 192.168.2.0/24 \
from 192.168.2.1 to 192.168.2.10 \
local egress peer any \
srcid egress \
psk ""



Jan

IKEDv2 OpenBSD Roadwarrior

[Jan Lambertz]

Hi Christophe,

I Made the changes you proposed. Sadly it still does not work. It seems to
me that the message "ikev2_resp_recv: failed to send auth response" is a
hint to the problem. But why did it fail ?

Jan

IKEDv2 OpenBSD Roadwarrior

[Jan Lambertz]

Hello everyone,

i'm trying for two days now to setup an IKedV2 Roadwarrior VPN.
the logfiles show, that something is not working correctly during
connection establishment.
I changed configs in every way i can think of without success. Why is
it not working ?
Here is the setup.

PF is permissive

Home(internet:178.x.x.x, NAT, lan 192.168.1.0/24) --
internet --
Smartphone(internet:89.x.x.x, NAT, WLanAP 192.168.43.0/24) --
Notebook(OpenBSD6.3, 192.168.43.253)

Home config
ikev2 "VPN HOME" passive esp \
from 192.168.1.1 to 192.168.43.253 \
local 178.x.x.x peer any \
srcid 178.x.x.x \
psk "key" \
config address 192.168.1.100/8 \
config netmask 255.255.255.0 \
config name-server 192.168.1.1

Notebook config
ikev2 "VPN HOME" active esp \
from 192.168.43.253 to 192.168.1.1 peer 178.x.x.x \
psk "key" \
tag "VPN" tap enc0

Home
net.inet.ip.forwarding=1
net.inet.ah.enable=1
net.inet.esp.enable=1
net.inet.esp.udpencap=1
net.inet.esp.udpencap_port=4500
net.inet.ipcomp.enable=1

Notebook
net.inet.ip.forwarding=1
net.inet.ah.enable=1
net.inet.esp.enable=1
net.inet.esp.udpencap=1
net.inet.esp.udpencap_port=4500
net.inet.ipcomp.enable=0



Home
server# iked -dvv
ikev2 "VPN HOME" passive esp inet from 192.168.1.1 to 192.168.43.253
local 178.x.x.x peer any ikesa enc aes-256,aes-192,aes-128,3des prf
hmac-sha2-256,hmac-sha1 auth hmac-sha2-256,hmac-sha1 group
modp2048,modp1536,modp1024 childsa enc aes-256,aes-192,aes-128 auth
hmac-sha2-256,hmac-sha1 srcid 178.x.x.x lifetime 10800 bytes 536870912
psk key config address 192.168.1.100 config netmask 255.255.255.0
config name-server 192.168.1.1
/etc/iked.conf: loaded 1 configuration rules
ca_privkey_serialize: type RSA_KEY length 1190
ca_pubkey_serialize: type RSA_KEY length 270
config_getpolicy: received policy
ca_privkey_to_method: type RSA_KEY method RSA_SIG
ca_getkey: received private key type RSA_KEY length 1190
ca_getkey: received public key type RSA_KEY length 270
ca_dispatch_parent: config reset
config_getpfkey: received pfkey fd 3
config_getcompile: compilation done
config_getsocket: received socket fd 4
config_getsocket: received socket fd 5
config_getsocket: received socket fd 6
config_getsocket: received socket fd 7
config_getmobike: mobike
ca_reload: local cert type RSA_KEY
config_getocsp: ocsp_url none
ikev2_dispatch_cert: updated local CERTREQ type RSA_KEY length 0
ikev2_recv: IKE_SA_INIT request from initiator 89.x.x.x:10749 to
178.x.x.x:500 policy 'VPN HOME' id 0, 510 bytes
ikev2_recv: ispi 0x6fa80e0bb275c9db rspi 0x
ikev2_policy2id: srcid IPV4/178.x.x.x length 8
ikev2_pld_parse: header ispi 0x6fa80e0bb275c9db rspi
0x nextpayload SA version 0x20 exchange IKE_SA_INIT
flags 0x08 msgid 0 length 510 response 0
ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 112
ikev2_pld_sa: more 0 reserved 0 length 108 proposal #1 protoid IKE
spisize 0 xforms 11 spi 0
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 192 total 4
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 128 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type ENCR id 3DES
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA1
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA1_96
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_2048
ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_1536
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_1024
ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 264
ikev2_pld_ke: dh group MODP_2048 reserved 0
ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 36
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_SOURCE_IP
ikev2_nat_detection: peer source 0x6fa80e0bb275c9db 0x
89.x.x.x:10749
ikev2_pld_notify: NAT_DETECTION_SOURCE_IP detected NAT, enabling UDP
encapsulation
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_DESTINATION_IP
ikev2_nat_detection: peer destination 0x6fa80e0bb275c9db
0x 178.x.x.x:500
ikev2_pld_payloads: payload NOTIFY nextpayload NONE critical 0x00 length 14
ikev2_pld_notify: protoid NONE spisize 0 type SIGNATURE_HASH_ALGORITHMS
ikev2_pld_notify: signature hash SHA2_256 (2)
ikev2_pld_notify: signature hash SHA2_384 (3)
ikev2_pld_notify: signature hash SHA2_512 (4)
sa_state: INIT -> SA_INIT
ikev2_sa_negotiate: score 4

Beg for Atheros wifi driver

[Jan Lambertz]

I have three of these

run0 at uhub0 port 2 configuration 1 interface 0 "Ralink 80
.11 n WLAN" rev 2.00/1.01 addr 2
run0: MAC/BBP RT5592 (rev 0x0222), RF RT5592 (MIMO 2T2R)

https://www.amazon.de/dp/B00LLIOT34/ref=cm_sw_r_cp_apa_eI60AbX2326EP

One of them runs 24/7 for two years by now, without problems. You need to
set mode 11g in ifconfig

Community-driven OpenBSD tutorials wiki?

[Jan Lambertz]

Before working with OpenBSD, I thought archlinux had good documenation, (
the wiki ). On OpenBSD I rarely need more things than the man pages, the
ports PKG docs and tailing the logfiles. But I can understand that
sometimes it feels good for short term benefits to be able to use an up and
running config for xy.
I've read the pf.conf manpage very often and still there is space for my
config to improve but I (believe) begin to understand how to configure it
properly and how it should be used. Never had that feeling with online
wikis. There I searched for xy, found an post that seems close to my
problem, copy paste, restart program and maybe it worked or not. Sometimes
this is faster but I definitely learned more with while reading manpages.
For my part I think it's not possible to build something better than the
manpages for its purpose. I do like other sources of information but this
is more about projects. Someone built xy with OpenBSD and wrote an article
about it. Share your stories via undeadly or whatever. Build an index that
lists cool OpenBSD Projects for everyone to find. And the rest is up to the
user and man(1)

Still having super slow speeds with USB 3 flash.

[Jan Lambertz]

Just upgraded to
OpenBSD 6.3-beta (GENERIC.MP) #34: Tue Mar  6 07:52:30 MST 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

everything still fine.
whole process took about 10 minutes (via http)

Jan

Still having super slow speeds with USB 3 flash.

[Jan Lambertz]

2018-03-06 17:05 GMT+01:00 Chris Bennett :
> Then I need to install the latest -current and make a bug report.
> I've had the same problem with several USB 3 flashes on different
> computers. I was hoping the problem would eventually get fixed.
>
I had similar issues with very cheap usbsticks. could be about the usb
controller or xhci implementation, too.


> It's a Sandisk Ultra Fit? I will look for one or order one.
> I have wondered if the actual flash drives themselves were the problem.
>
Yes, i wanted a short stick in the notebook. Already broke a few of
the longer ones...

> If anyone reading this can tell me what info I need to include in the
> bug report, I will add it.
>
> Did you do anything special with swap or /tmp? I want to duplicate your
> setup more or less.

cat /etc/fstab
dd105848521bf1c4.b none swap sw
dd105848521bf1c4.a / ffs rw,wxallowed,noatime,softdep 1 1

[root@x131e jan]$  disklabel sd1
# /dev/rsd1c:
type: SCSI
disk: SCSI disk
label: Ultra Fit
duid: 417e539322cdb9e2
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 3738
total sectors: 60062500
boundstart: 64
boundend: 60050970
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize   cpg]
  a: 60050906   64RAID
  c: 600625000  unused


[root@x131e jan]$  disklabel sd2
# /dev/rsd2c:
type: SCSI
disk: SCSI disk
label: SR CRYPTO
duid: dd105848521bf1c4
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 3737
total sectors: 60050378
boundstart: 64
boundend: 60034905
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize   cpg]
  a: 58733568   64  4.2BSD   2048 16384 12958 # /
  b:  1301273 58733632swap# none
  c: 600503780  unused

>
> By the way, I can't manage to get UEFI to work on USB disks. Did you?
>
Haven't tried yet.

> Thanks, glad to know it is possible to have things work properly.
>

the ultrafit gets quite hot, but thats due to its small size. same under win10.
everything else runs perfect :-)

> Chris Bennett
>
>

Still having super slow speeds with USB 3 flash.

[Jan Lambertz]

Hi,

no Problems here.
dmesg:

OpenBSD 6.2-current (GENERIC.MP) #11: Mon Feb 26 19:16:54 MST 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

real mem = 3987337216 (3802MB)
avail mem = 3859464192 (3680MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdae3a000 (48 entries)
bios0: vendor LENOVO version "G8ET95WW (2.55 )" date
09/30/2013

bios0: LENOVO
336798U

acpi0 at bios0: rev
2

acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SLIC TCPA ASF! HPET APIC MCFG FPDT SSDT SSDT UEFI
UEFI MSDM UEFI DBG2
acpi0: wakeup devices P0P1(S4) EHC1(S3) EHC2(S3) XHC_(S3) HDEF(S4) RP04(S4)
PXSX(S4) RP06(S4) PXSX(S4) BLAN(S4) PEG0(S4) PEGP(S4) PEG1(S
4) PEG2(S4) PEG3(S4) LID_(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179
Hz

acpimadt0 at acpi0 addr 0xfee0: PC-AT
compat

cpu0 at mainbus0: apid 0 (boot
processor)

cpu0: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz, 1496.86 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL
,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSG
SBASE,SMEP,ERMS,SENSOR,ARAT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2
cache

acpihpet0: recalibrated TSC frequency 1496600417 Hz
cpu0: smt 0, core 0, package
0

mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed
ranges

cpu0: apic clock running at
99MHz

cpu0: mwait min=64, max=64, C-substates=0.2.1.1.2,
IBE

cpu1 at mainbus0: apid 2 (application
processor)

cpu1: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz, 1496.61 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL
,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSG
SBASE,SMEP,ERMS,SENSOR,ARAT,MELTDOWN

cpu1: 256KB 64b/line 8-way L2
cache

cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24
pins

acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiprt0 at acpi0: bus 0
(PCI0)
[72/111]
acpiprt1 at acpi0: bus -1 (P0P1)
acpiprt2 at acpi0: bus 2 (RP01)
acpiprt3 at acpi0: bus 3 (RP02)
acpiprt4 at acpi0: bus 4 (RP03)
acpiprt5 at acpi0: bus -1 (RP04)
acpiprt6 at acpi0: bus -1 (RP05)
acpiprt7 at acpi0: bus 9 (RP06)
acpiprt8 at acpi0: bus -1 (RP07)
acpiprt9 at acpi0: bus -1 (RP08)
acpiprt10 at acpi0: bus -1 (PEG0)
acpiprt11 at acpi0: bus -1 (PEG1)
acpiprt12 at acpi0: bus -1 (PEG2)
acpiprt13 at acpi0: bus -1 (PEG3)
acpiec0 at acpi0
acpicpu0 at acpi0: C2(500@59 mwait.1@0x10), C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C2(500@59 mwait.1@0x10), C1(1000@1 mwait.1), PSS
acpitz0 at acpi0: critical temperature is 99 degC
"INT3F0D" at acpi0 not configured
"MSF0001" at acpi0 not configured
"LEN0026" at acpi0 not configured
"SMO1200" at acpi0 not configured
acpithinkpad0 at acpi0
acpiac0 at acpi0: AC unit offline
acpibat0 at acpi0: BAT1 model "45N1176" serial  1289 type LION oem "SANYO"
acpibtn0 at acpi0: LID_
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
acpibtn1 at acpi0: PWRB
acpibtn2 at acpi0: SLPB
acpivideo0 at acpi0: GFX0
acpivout at acpivideo0 not configured
cpu0: Enhanced SpeedStep 1496 MHz: speeds: 1500, 1400, 1300, 1200, 1100,
1000, 900, 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core 3G Host" rev 0x09
inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics 2500" rev 0x09
drm0 at inteldrm0
inteldrm0: msi
inteldrm0: 1366x768,
32bpp
[33/111]
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
xhci0 at pci0 dev 20 function 0 "Intel 7 Series xHCI" rev 0x04: msi
usb0 at xhci0: USB revision 3.0
uhub0 at usb0 configuration 1 interface 0 "Intel xHCI root hub" rev
3.00/1.00 addr 1
"Intel 7 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured
ehci0 at pci0 dev 26 function 0 "Intel 7 Series USB" rev 0x04: apic 2 int 16
usb1 at ehci0: USB revision 2.0
uhub1 at usb1 configuration 1 interface 0 "Intel EHCI root hub" rev
2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 7 Series HD Audio" rev 0x04: msi
azalia0: codecs: Realtek ALC269, Intel/0x2806, using Realtek ALC269
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 7 Series PCIE" rev 0xc4: msi
pci1 at ppb0 bus 2
ppb1 at pci0 dev 28 function 1 "Intel 7 Series PCIE" rev 0xc4: msi
pci2 at ppb1 bus 3
vendor "Broadcom", unknown product 0x4359 (class network subclass
miscellaneous, rev 0x00) at pci2 dev 0 function 0 not configured
ppb2 at pci0 dev 28 function 2 "Intel 7 Series PCIE" rev 0xc4: msi
pci3 at ppb2 bus 4
rtsx0 at pci3 dev 0 function 0 "Realtek RTS5209 Card Reader" rev 0x01: msi
sdmmc0 at rtsx0: 4-bit, dma
ppb3 at pci0 dev 28 function 5 "Intel 7 Series PCIE" rev 0xc4: msi
pci4 at ppb3 bus 9
re0 at pci4 dev 0 

openbsd 6.2 current on lenovo miix 310

[Jan Lambertz]

Hi,

for anyone whos interested in these tablet+keyboad things here are the
facts about openbsd 6.2 current on the lenovo miix 310.
forgot to try apm -A ... will do next time

tldr;
- installation was done to a usb thumb drive (it's not my device..)
- Installation works as usual (secureboot disabled), internal storage
is recognized, screen is roatetd by 90 degrees
- booting works too. console is on fullscreen but rotated 180 degrees
- keyboard and touchpad are working
- apm bat seems not to be recognized
- wireless and ethernet devices are not recognized
- audio seems not to work
- X11 works !
- USB works

here the long story:

OpenBSD 6.2-current (GENERIC.MP) #237: Fri Nov 24 21:49:38 MST 2017
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4135493632 (3943MB)
avail mem = 4003246080 (3817MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x7781a000 (41 entries)
bios0: vendor LENOVO version "1HCN40WW" date 11/04/2016
bios0: LENOVO 80SG
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP UEFI TCPA MSDM UEFI HPET LPIT APIC MCFG PRAM
SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT TPM2 CSRT FPDT BGRT
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz, 1440.24 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu0: 1MB 64b/line 16-way L2 cache
acpihpet0: recalibrated TSC frequency 1439955909 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 79MHz
cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0.0.3.3, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz, 1439.96 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu1: 1MB 64b/line 16-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz, 1439.96 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu2: 1MB 64b/line 16-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz, 1439.96 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT
cpu3: 1MB 64b/line 16-way L2 cache
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 115 pins
acpimcfg0 at acpi0 addr 0xe000, bus 0-63
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (RP01)
acpiprt2 at acpi0: bus -1 (RP02)
acpiprt3 at acpi0: bus -1 (RP03)
acpiprt4 at acpi0: bus -1 (RP04)
acpicpu0 at acpi0
C2: state 6: substate 8 >= num 3
C3: state 7: substate 4 >= num 3: C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0
C2: state 6: substate 8 >= num 3
C3: state 7: substate 4 >= num 3: C1(1000@1 mwait.1), PSS
acpicpu2 at acpi0
C2: state 6: substate 8 >= num 3
C3: state 7: substate 4 >= num 3: C1(1000@1 mwait.1), PSS
acpicpu3 at acpi0
C2: state 6: substate 8 >= num 3
C3: state 7: substate 4 >= num 3: C1(1000@1 mwait.1), PSS
acpipwrres0 at acpi0: WWPR, resource for HS03, MDM1
acpipwrres1 at acpi0: WWPR, resource for HS13, MDM1
acpipwrres2 at acpi0: WWPR, resource for SSC1, MDM3
acpipwrres3 at acpi0: WWPR, resource for SSCW, MDM3
acpipwrres4 at acpi0: WWPR, resource for HSC1, MDM2
acpipwrres5 at acpi0: WWPR, resource for HSC3, MDM4
acpipwrres6 at acpi0: CLK2, resource for CA01, CA13
acpipwrres7 at acpi0: CLK4, resource for CAMR, CAMB, CA00, CA40
acpipwrres8 at acpi0: P28P, resource for CAMR, CAMB, CA00, CA01, CA40, CA13
acpipwrres9 at acpi0: P18P, resource for CAMR, CAMB, CA00, CA01, CA40, CA13
acpipwrres10 at acpi0: P12P, resource for CAMR
acpipwrres11 at acpi0: CLK2, resource for CAMC
acpipwrres12 at acpi0: CLK3, resource for RTEK, RTK2, RTK1
acpipwrres13 at acpi0: CLK4
acpipwrres14 at acpi0: CLK2
acpipwrres15 at acpi0: CLK1
acpipwrres16 

Console resolution change since upgrade to 6.2

[Jan Lambertz]

i noticed the new values in the dmesg, but i am not sure what they
mean. could be max or current resolution.

see 
http://openbsd-archive.7691.n7.nabble.com/inteldrm-add-a-handler-for-the-WSDISPLAYIO-GINFO-ioctl-td320907.html

My X11 works normal on 1280x800

$ xrandr
Screen 0: minimum 320 x 200, current 1280 x 800, maximum 8192 x 8192
LVDS-1 connected 1280x800+0+0 (normal left inverted right x axis y
axis) 331mm x 207mm
   1280x800  60.00*+  40.00
   1024x768  60.0460.00
   960x720   60.00
   928x696   60.05
   896x672   60.01
   800x600   60.0060.3256.25
   700x525   59.98
   640x512   60.02
   640x480   60.0059.94
   512x384   60.00
   400x300   60.3256.34
   320x240   60.05
VGA-1 disconnected (normal left inverted right x axis y axis)
HDMI-1 disconnected (normal left inverted right x axis y axis)
DP-1 disconnected (normal left inverted right x axis y axis)
HDMI-2 disconnected (normal left inverted right x axis y axis)
DP-2 disconnected (normal left inverted right x axis y axis)
DP-3 disconnected (normal left inverted right x axis y axis)
SVIDEO-1 disconnected (normal left inverted right x axis y axis)
$

Console resolution change since upgrade to 6.2

[Jan Lambertz]

that were my first ideas. never had a wsconcsctl.conf, so nothing so
post. I already created one  yesterday trying to solve the problem.

$ cat /etc/wsconsctl.conf
display.height=800
display.width=1200

System says "Value is read only".

Console resolution change since upgrade to 6.2

[Jan Lambertz]

Hi,
after upgrading one of my notebooks to 6.2 release my console resolution is only
# wsconsctl
display.type=inteldrm
display.width=848
display.height=480
display.depth=32

Only the left upper of the display is active.
Screen is capable of 1280x800. That was the mode it worked in 6.1 i
think. At least it was fullscreen.
I didn't found a way to change the resolution. ideas to get back to
full resolution and fullscreen ?

Jan

dmesg:
OpenBSD 6.2 (GENERIC.MP) #134: Tue Oct  3 21:22:29 MDT 2017
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2084098048 (1987MB)
avail mem = 2013970432 (1920MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf6c50 (51 entries)
bios0: vendor Dell Inc. version "A06" date 09/26/2008
bios0: Dell Inc. Latitude E5500
acpi0 at bios0: rev 2
acpi0: TCPA checksum error
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET DMAR APIC ASF! MCFG SLIC TCPA SSDT
acpi0: wakeup devices PCI0(S5) PCIE(S4) USB1(S3) USB2(S3) USB3(S3)
USB4(S3) USB5(S3) USB6(S3) EHC2(S3) EHCI(S3) AZAL(S3) RP01(S4)
RP02(S4) RP03(S3) RP04(S3) RP05(S5) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz, 707.71 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR
cpu0: 2MB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 199MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz, 705.59 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR
cpu1: 2MB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
, remapped to apid 2
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiprt0 at acpi0: bus 2 (PCIE)
acpiprt1 at acpi0: bus 11 (RP01)
acpiprt2 at acpi0: bus 12 (RP02)
acpiprt3 at acpi0: bus -1 (RP03)
acpiprt4 at acpi0: bus -1 (RP04)
acpiprt5 at acpi0: bus 9 (RP05)
acpiprt6 at acpi0: bus -1 (RP06)
acpiprt7 at acpi0: bus 0 (PCI0)
acpiec0 at acpi0
acpicpu0 at acpi0: !C3(100@57 mwait.3@0x30), !C2(500@1 mwait.1@0x10),
C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: !C3(100@57 mwait.3@0x30), !C2(500@1 mwait.1@0x10),
C1(1000@1 mwait.1), PSS
acpitz0 at acpi0: critical temperature is 102 degC
"PNP0F13" at acpi0 not configured
tpm0 at acpi0: TPM_ addr 0xfed4/0x5000: Broadcom BCM0102 rev 0x20
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: PBTN
acpibtn2 at acpi0: SBTN
acpiac0 at acpi0: AC unit offline
acpibat0 at acpi0: BAT0 model "DELL RM6618A" serial 46883 type LION
oem "Samsung SDI"
"*pnp0c14" at acpi0 not configured
acpivideo0 at acpi0: VID_
acpivout0 at acpivideo0: LCD_
acpivideo1 at acpi0: VID2
cpu0: Enhanced SpeedStep 707 MHz: speeds: 2001, 2000, 1600, 1200, 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel GM45 Host" rev 0x07
inteldrm0: msi
inteldrm0: 848x480, 32bpp
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
"Intel GM45 Video" rev 0x07 at pci0 dev 2 function 1 not configured
uhci0 at pci0 dev 26 function 0 "Intel 82801I USB" rev 0x02: apic 2 int 20
uhci1 at pci0 dev 26 function 1 "Intel 82801I USB" rev 0x02: apic 2 int 21
uhci2 at pci0 dev 26 function 2 "Intel 82801I USB" rev 0x02: apic 2 int 22
ehci0 at pci0 dev 26 function 7 "Intel 82801I USB" rev 0x02: apic 2 int 22
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev
2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 82801I HD Audio" rev 0x02: msi
azalia0: codecs: IDT 92HD71B7, Intel/0x2802, using IDT 92HD71B7
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 82801I PCIE" rev 0x02: msi
pci1 at ppb0 bus 11
ppb1 at pci0 dev 28 function 1 "Intel 82801I PCIE" rev 0x02: msi
pci2 at ppb1 bus 12
iwn0 at pci2 dev 0 function 0 "Intel Centrino Ultimate-N 6300" rev
0x35: msi, MIMO 3T3R, MoW, address 3c:a9:f4:01:83:18
ppb2 at pci0 dev 28 function 4 "Intel 82801I PCIE" rev 0x02: msi
pci3 at ppb2 bus 9
bge0 at pci3 dev 0 function 0 "Broadcom BCM5756" rev 0x00, BCM5755 C0
(0xa200): msi, address 00:21:9b:ef:f2:d6
brgphy0 at bge0 phy 1: BCM5722 10/100/1000baseT PHY, rev. 0
uhci3 at pci0 dev 29 function 0 "Intel 82801I USB" rev 0x02: apic 2 int 20
uhci4 at pci0 dev 29 function 1 "Intel 82801I USB" rev 0x02: apic 2 int 21
uhci5 at pci0 dev 29 function 2 "Intel 82801I USB" rev 0x02: apic 2 int 22
ehci1 at pci0 dev 29 

Intel t7250 cpu and vmm

[Jan Lambertz]

Hi,

right now (6.1 current amd64) my Intel t7250 CPU is not supported by vmm.
Is there any chance this will change in the next months or should i go for
new hardware ?

Thank you so far for this great Software :-).

hotplugd attach script

[Jan Lambertz]

Hi,
i am not sure that the hotplug scripts are executed by the system user of
the person that is sitting in front of the Computer. So, no rights to files
or no display can be a Problem. How can the Computer know how inserted that
device ?

[vmm] SSL read error: read failed: error:06FFF064:digital envelope routines:CRYPTO_internal:bad decrypt

[Jan Lambertz]

I had similar issues, mostly with crypto things in vmd. Can this happen
because we get out of entropy? I have no evidence yet, but i will test
things tomorrow.

Running Debian in vmd - succes

[Jan Lambertz]

That sounds great. Hopefully the grub Problem can be fixed too. My vms did
not work with grub over serial even with a working grub.cfg for serial use.

Running Debian in vmd - succes

[Jan Lambertz]

My process is this:

Install Debian with qemu to a raw disk file
Boot Debian
apt install extlinux
Install extlinux to /Boot
Create extlinux cfg
Write extlinux mbr
Shutdown qemu vm
Put raw disk into vmd vm
Boot vmd vm
Habe fun

All extlinux steps can be found via Google,manpages etc. I can post a
working config tomorrow when i am back in office

Running Debian in vmd - succes

[Jan Lambertz]

For those who did not already know, vmd can run Linux guests with its
seabios Firmware. However this does not work out of the box for Linux
guests with grub bootloader even with grub serial settings.

Replacing grub with syslinux/extlinux made my Debian 8.7.1 amd64 run. No
problems so far. This should work for other distros too.

vmd memory bigger 2G

[Jan Lambertz]

yes. daemon should be the one.

daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-max=1024:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,a:\
:tc=default:

vmd memory bigger 2G

[Jan Lambertz]

right now i can succesfully run vms with memory of 2G. Anything above
will bring following error:

vmd_configure: not creating vm vm1.virt.net (disabled)
vmd_configure: not creating vm vm2.virt.net (disabled)
vmd_configure: not creating vm vm3.virt.net (disabled)
vmd_configure: not creating vm vm4.virt.net (disabled)
vmd_configure: not creating vm vm5.virt.net (disabled)
vm_opentty: vm vm4.virt.net tty /dev/ttypf uid 0 gid 4 mode 620
vm4.virt.net: create vmm ioctl failed - exiting: Invalid argument
vm4.virt.net: failed to start vm: No such file or directory

vm.conf is
vm "vm4.virt.net" {
disable
memory 6G
disk "/home/jan/virt/4/img0.raw"
interface { switch "inner"
lladdr "fe:e1:ba:d6:bf:ef" }
}


openbsd 6.1 should be able to run guests with more than 2G ?!
Did i miss something ?


$ dmesg | head
OpenBSD 6.1-current (GENERIC.MP) #67: Mon Apr 17 15:22:46 MDT 2017


dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

   real mem = 8243118080 (7861MB)
avail mem = 7988613120 (7618MB)

Re: DHCP over bridge(4) was: OpenBSD as a non-routing access point

[Jan Lambertz]

Works for me.
Bridge0
tap0
tap1
em0
vether0

Important: em0 (link to LAN) must not be configured with an IP Adresse. If
you need an address for your host usw vether0

Udoo X86

[Jan Lambertz]

Huh, just found out that you can preorder this device right now. So
ordering might come later

Udoo X86

[Jan Lambertz]

Hi,

anyone tried running OpenBSD on the udoo x86 ? Dmesg ? What works and what
dosen't ?

Jan

Re: OpenBSD to Dell Latitude E6510

[Jan Lambertz]

Hi,

the dell latitude E6510 is available with different hardware inside.
so i can not say if yours will work. mine works.
try yours by installing openbsd to a usb-drive (via qemu or something)
and boot openbsd.

Jan

radicale and httpd

[Jan Lambertz]

Hi,

having Problems for some time now with the webserver in python2/3 and
radicale, i tried to get it working with httpd.

installed flup. python is working in the chroot.

here's my work so far but i'm not getting any further. anyone got this
working ?

Jan

# cat /etc/httpd.conf
server "default" {
listen on * tls port 5233
#   authenticate with "/radicale/htpasswd"

location "*radicale.fcgi" {
fastcgi socket "/radicale/run/radicalefcgi.sock"
root "/radicale/cgi-bin"
}

tcp {
nodelay
}


tls {
certificate "/etc/radicale/server.crt"
key "/etc/radicale/private/server.key"
}
}




slowcgi -d -p /var/www/ -s /var/www/radicale/run/radicalefcgi.sock


# cat /var/www/radicale/cgi-bin/radicale.fcgi
#!/usr/local/bin/python
try:
from flup.server.fcgi import WSGIServer
except ImportError:
from flipflop import WSGIServer
import radicale
radicale.log.start()
radicale.log.LOGGER.info("Starting Radicale FastCGI server")
WSGIServer(radicale.Application()).run()
radicale.log.LOGGER.info("Stopping Radicale FastCGI server")



/var/www/log/error.log says

Traceback (most recent call last):
  File "/radicale/cgi-bin/radicale.fcgi", line 9, in 
WSGIServer(radicale.Application()).run()
  File "/usr/local/lib/python2.7/site-packages/flup/server/fcgi.py",
line 113, in run
ret = ThreadedServer.run(self, sock)
  File "/usr/local/lib/python2.7/site-
packages/flup/server/threadedserver.py", line 84, in run
clientSock, addr = sock.accept()
socket
.
error   
:
[Errno 22] Invalid argument




chroot -g daemon -u www /var/www/ /usr/local/bin/python /radicale/cgi-
bin/radicale.fcgi

says 

Status: 200 OK
Content-Length: 54
Content-type: text/html


RadicaleRadicale works!#





slowcgi says 

slowcgi: socket: /var/www/radicale/run/radicalefcgi.sock
slowcgi: slowcgi_user: www  
slowcgi: chroot: /var/www/  
slowcgi: inflight incremented, now 1
slowcgi: version: 1 
slowcgi: type:1  
slowcgi: requestId:   1 
slowcgi: contentLength:   8   
slowcgi: paddingLength:   0 
slowcgi: reserved:0 
slowcgi: role 1 
slowcgi: flags0 
slowcgi: version: 1 
slowcgi: type:4 
slowcgi: requestId:   1 
slowcgi: contentLength:   448  
slowcgi: paddingLength:   0 
slowcgi: reserved:0
slowcgi: env[0], PATH_INFO= 
slowcgi: env[1], SCRIPT_NAME=/radicale.fcgi
slowcgi: env[2], SCRIPT_FILENAME=/radicale/cgi-bin/radicale.fcgi
slowcgi: env[3], QUERY_STRING=  
slowcgi: env[4], DOCUMENT_ROOT=/radicale/cgi-bin
slowcgi: env[5],
DOCUMENT_URI=/radicale.fcgi
slowcgi: env[6], GATEWAY_INTERFACE=CGI/1.1
slowcgi: env[7], HTTP_HOST=127.0.0.1:5233  
slowcgi: env[8], HTTP_USER_AGENT=OpenBSD ftp   
slowcgi: env[9], HTTPS=on  
slowcgi: env[10], REMOTE_ADDR=127.0.0.1
slowcgi: env[11], REMOTE_PORT=22318
slowcgi: env[12], REQUEST_METHOD=GET
slowcgi: env[13], REQUEST_URI=/radicale.fcgi
slowcgi: env[14], SERVER_ADDR=127.0.0.1
slowcgi: env[15], SERVER_PORT=5233 
slowcgi: env[16], SERVER_NAME=default
slowcgi: env[17], SERVER_PROTOCOL=HTTP/1.0  
slowcgi: env[18], SERVER_SOFTWARE=OpenBSD httpd 
slowcgi: version: 1 
slowcgi: type:4 
slowcgi: requestId:   1 
slowcgi: contentLength:   0 
slowcgi: paddingLength:   0  
slowcgi: reserved:0 
slowcgi: fork: /radicale/cgi-bin/radicale.fcgi
slowcgi: version: 1 
slowcgi: type:5 
slowcgi: requestId:   1 
slowcgi: contentLength:   0 
slowcgi: paddingLength:   0 
slowcgi: reserved:0 
slowcgi: resp version: 1
slowcgi: resp type:7   
slowcgi: resp requestId:   1
slowcgi: resp contentLength:   35
slowcgi: resp paddingLength:   5
slowcgi: resp reserved:0   
slowcgi: resp version: 1
slowcgi: resp type:7
slowcgi: resp requestId:   1
slowcgi: resp
contentLength:   62
  
slowcgi: resp paddingLength:   2  
slowcgi: resp reserved:0   
slowcgi: resp version: 1   
slowcgi: resp type:7   
slowcgi: resp requestId:   1   
slowcgi: resp contentLength:   4   
slowcgi: resp paddingLength:   4
slowcgi: resp reserved:0
slowcgi: resp version: 1   
slowcgi: resp type:7   
slowcgi: resp requestId:   1 
slowcgi: resp contentLength:   41  

sometimes nic stops working (vte) - driver problem ?

[Jan Lambertz]

 Hi,
short Version:
I think there might be a problem with the vte (nic) driver. I'm
searching for a way to gather all the Information to get this fixed.

long Version:
I've built a home router with following components.
 - Educake (very small X86 SBC around Arduino) [1]
 - USB Lan Card (axe0 nic to ISP)
 - USB Hard drive (nfs export)
 - SDHC Card (Openbsd)

After some thinking (and help from various openbsd users and this
list) i was able to
install OpenBSD 5.9 on this device. Things are working very well. For
my Connection
50mbit/down 4mbit/up this Hardware is more than enough.
running Services:
dhcpd
nfsd/portmap
ntpd
sshd
radicale (caldav server)
ddclient (dyndns updater)
unbound
pf

Here comes the problem. After some event i do not know vte0 is not
able to receive or
send any anything. Logs show nothing. Leds on the nic are still
showing that there is
traffic but i can't do anything on that nic. Established connections
on that nic all get broken. Other parts of the system work fine.
An easy way to fix this is

~ ifconfig vte0 down; ifconfig vte0 up

And things are working perfectly normal againfor some time.
Creating much traffic (about 40mb/s), this happens every few hours.
With low traffic,
it's about one or two times a week.
With my findings it's probably hard to investigate/fix that Problem.
I'm searching for ways to file a good bug report. Ideas ?


Jan

[1] http://www.86duino.com/index.php?p=95


dmesg

OpenBSD 5.9-current (GENERIC) #1584: Thu Mar 10 21:02:23 MST 2016
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error b
cpu0: Vortex86 SoC  (686-class) 301 MHz
cpu0: FPU,TSC,CX8,SEP,CMOV,MMX,PERF
real mem  = 133246976 (127MB)
avail mem = 118288384 (112MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 06/23/99, BIOS32 rev. 0 @ 0xff046, SMBIOS rev.
2.7 @ 0x7fe1420 (6 entries)
bios0: vendor coreboot version "4.0-4750-g745041e-dirty" date 03/12/2015
bios0: DMP Vortex86EX
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4ce0/224 (12 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x17f3 product 0x6011
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xef000/0x1000!
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "RDC R6025 Host" rev 0x01
ppb0 at pci0 dev 1 function 0 "RDC R1031 PCIe" rev 0x02: irq 15
pci1 at ppb0 bus 1
pcib0 at pci0 dev 7 function 0 "RDC R6011 SB" rev 0x01
pcib1 at pci0 dev 7 function 1 "RDC R6011 SB" rev 0x01
vte0 at pci0 dev 8 function 0 "RDC R6040 Ethernet" rev 0x00: irq 9,
address 00:1b:eb:64:ae:d4
ukphy0 at vte0 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI
0x000bb4, model 0x0005
ohci0 at pci0 dev 10 function 0 "RDC R6060 USB" rev 0x13: irq 14,
version 1.0, legacy support
ehci0 at pci0 dev 10 function 1 "RDC R6061 USB2" rev 0x07: irq 10
ehci0: halt timeout
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "RDC EHCI root hub" rev 2.00/1.00 addr 1
pciide0 at pci0 dev 12 function 0 "RDC R1012 IDE" rev 0x03: DMA,
channel 0 configured to native-PCI, channel 1 configured to native-PCI
pciide0: using irq 11 for native-PCI interrupt
wd0 at pciide0 channel 0 drive 0: < D0 RDC SD-IDE HOST CONTROLLER>
wd0: 1-sector PIO, LBA, 14719MB, 30144512 sectors
pciide0: channel 1 ignored (disabled)
azalia0 at pci0 dev 14 function 0 "RDC R3010 HDA" rev 0x02: irq 7
azalia0: codecs: Realtek ALC262
audio0 at azalia0
"RDC R1060 USB Device" rev 0x03 at pci0 dev 15 function 0 not configured
"RDC R1331 MC" rev 0x00 at pci0 dev 16 function 0 not configured
"RDC R1710 SPI" rev 0x01 at pci0 dev 16 function 1 not configured
"RDC R1070 CAN" rev 0x00 at pci0 dev 17 function 0 not configured
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
com2 at isa0 port 0x3e8/8 irq 5: ns16550a, 16 byte fifo
com3 at isa0 port 0x2e8/8 irq 12: ns16550a, 16 byte fifo
com3: console
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
isa at pcib1 not configured
usb1 at ohci0: USB revision 1.0
uhub1 at usb1 "RDC OHCI root hub" rev 1.00/1.00 addr 1
nvram: invalid checksum
axe0 at uhub0 port 1 configuration 1 interface 0 "ASIX Electronics
AX88178" rev 2.00/0.01 addr 2
axe0: AX88178, address 00:11:6b:73:cb:43
rgephy0 at axe0 phy 1: RTL8169S/8110S/8211 PHY, rev. 2
umass0 at uhub0 port 2 configuration 1 interface 0 "Western Digital My
Book" rev 2.00/1.65 addr 3
umass0: using SCSI over Bulk-Only
scsibus1 at umass0: 2 targets, initiator 0
sd0 at scsibus1 targ 1 lun 0:  SCSI2
0/direct fixed serial.10581100343030323339
sd0: 953869MB, 512 bytes/sector, 

smplayer 14.9 gets muted when moving or resizing windows in xfce 4.12

[Jan Lambertz]

 what Input devices are you useing to resize/move the window ?
usb/ps2, Keyboard/mouse ?

Re: smplayer 14.9 gets muted when moving or resizing windows in xfce 4.12

[Jan Lambertz]

Hi,

i had a similar Problem. turned out to happen with plain mplayer and
any windowmanager. when you move the application Window, after a sec
or so mplayer stops Sound. can you verify the behavior ?

Qemu error on OpenBSD 5.8

[Jan Lambertz]

When you do:

open xterm
ulimit -d 2000
start vm from this xterm

same error ?

boot stops - 86duino educake

[Jan Lambertz]

Hi,

im still trying to run openbsd on my (quite special) 86duino educake.
i am making some progress, but right now i could need some directions.
the device boots to some piont, then it does nothing. but plugging in
a usb stick in it produces output.
i can not get a login.
i've tested 5.4-5.6, same behavior.
5.7 causes uvm panic.
how can i find out why boot is not getting further ?

jan


 OpenBSD/i386 BOOT 3.21
^Mboot p^H ^Hmachine diskinfo
^MDiskBIOS#   TypeCylsHeads   SecsFlags   Checksum
^Mfd0 0x0 *none*  236 2   32  0x4 0x0
^Mhd0 0x80label   1023255 63  0x2 0xd7659677
^Mboot help
^Mcommands: # boot echo env help ls machine reboot set stty time
^Mmachine: boot comaddr diskinfo memory
^Mboot machine memory
^MRegion 0: type 1 at 0x0 for 639KB
^MRegion 1: type 2 at 0x9fc00 for 1KB
^MRegion 2: type 2 at 0xf for 64KB
^MRegion 3: type 1 at 0x10 for 129596KB
^MRegion 4: type 2 at 0x7f8f000 for 4KB
^MRegion 5: type 1 at 0x7f9 for 320KB
^MLow ram: 639KB  High ram: 129916KB
^MTotal free memory: 130555KB
^Mboot boot^M[ using 800644 bytes of bsd ELF symbol table ]
^MCopyright (c) 1982, 1986, 1989, 1991, 1993
^M  The Regents of the University of California.  All rights reserved.
^MCopyright (c) 1995-2013 OpenBSD. All rights reserved.  http://www.OpenBSD.org
^M
^MOpenBSD 5.4 (GENERIC) #37: Tue Jul 30 12:05:01 MDT 2013
^Mdera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
^MRTC BIOS diagnostic error bfixed_disk
^Mcpu0: Vortex86 SoC  (686-class) 301 MHz
^Mcpu0: FPU,TSC,CX8,SEP,CMOV,MMX,PERF
^Mreal mem  = 133292032 (127MB)
^Mavail mem = 119693312 (114MB)
^Mmainbus0 at root
^Mbios0 at mainbus0: AT/286+ BIOS, date 06/23/99, BIOS32 rev. 0 @
0xff046, SMBIOS rev. 2.7 @ 0x7fe1420 (6 entries)
^Mbios0: vendor coreboot version 4.0-4750-g745041e-dirty date 03/12/2015
^Mbios0: DMP Vortex86EX
^Macpi at bios0 function 0x0 not configured
^Mpcibios0 at bios0: rev 2.1 @ 0xf/0x1
^Mpcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4ce0/224 (12 entries)
^Mpcibios0: no compatible PCI ICU found: ICU vendor 0x17f3 product 0x6011
^Mpcibios0: Warning, unable to fix up PCI interrupt routing
^Mpcibios0: PCI bus #1 is the last bus
^Mbios0: ROM list: 0xef000/0x1000!
^Mcpu0 at mainbus0: (uniprocessor)
^Mpci0 at mainbus0 bus 0: configuration mode 1 (bios)
^Mpchb0 at pci0 dev 0 function 0 vendor RDC, unknown product 0x6025 rev 0x01
^Mppb0 at pci0 dev 1 function 0 vendor RDC, unknown product 0x1031
rev 0x02: irq 15
^Mpci1 at ppb0 bus 1
^Mpcib0 at pci0 dev 7 function 0 vendor RDC, unknown product 0x6011 rev 0x01
^Mpcib1 at pci0 dev 7 function 1 vendor RDC, unknown product 0x6011 rev 0x01
^Mvte0 at pci0 dev 8 function 0 RDC R6040 Ethernet rev 0x00: irq 9,
address 00:1b:eb:64:ae:d4
^Mukphy0 at vte0 phy 1: Generic IEEE 802.3u media interface, rev. 0:
OUI 0x000bb4, model 0x0005^Mohci0 at pci0 dev 10 function 0 RDC R6060
USB rev 0x13: irq 14, version 1.0, legacy support
^Mehci0 at pci0 dev 10 function 1 RDC R6061 USB rev 0x07: irq 10
^Musb0 at ehci0: USB revision 2.0
^Muhub0 at usb0 RDC EHCI root hub rev 2.00/1.00 addr 1
^Mpciide0 at pci0 dev 12 function 0 vendor RDC, unknown product
0x1012 rev 0x03: DMA (unsupported), channel 0 configured to native-
PCI, channel 1 configured to native-PCI
^Mpciide0: using irq 11 for native-PCI interrupt
^Mwd0 at pciide0 channel 0 drive 0:  D0 RDC SD-IDE HOST CONTROLLER
^Mwd0: 1-sector PIO, LBA, 14719MB, 30144512 sectors
^Mpciide0: channel 1 ignored (not responding; disabled or no drives?)
^Mazalia0 at pci0 dev 14 function 0 vendor RDC, unknown product
0x3010 rev 0x02: irq 7
^Mazalia0: No codecs found
^Mvendor RDC, unknown product 0x1060 (class serial bus subclass USB,
rev 0x03) at pci0 dev 15 function 0 not configured
^Mvendor RDC, unknown product 0x1331 (class undefined unknown
subclass 0xff, rev 0x00) at pci0 dev 16 function 0 not configured
^Mvendor RDC, unknown product 0x1710 (class undefined unknown
subclass 0xff, rev 0x01) at pci0 dev 16 function 1 not configured
^Mvendor RDC, unknown product 0x1070 (class serial bus subclass
CANbus, rev 0x00) at pci0 dev 17 function 0 not configured
^Misa0 at pcib0
^Misadma0 at isa0
^Mcom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
^Mcom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
^Mcom2 at isa0 port 0x3e8/8 irq 5: ns16550a, 16 byte fifo
^Mpckbc0 at isa0 port 0x60/5
^Mpckbd0 at pckbc0 (kbd slot)
^Mpckbc0: using irq 1 for kbd slot
^Mwskbd0 at pckbd0: console keyboard
^Mpcppi0 at isa0 port 0x61
^Mspkr0 at pcppi0
^Mnpx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
^Mpcic: does not support memory and I/O cards, ignored (ident=3)
^Mpcic: does not support memory and I/O cards, ignored (ident=3)
^Mpcic: does not support memory and I/O cards, ignored (ident=3)
^Mpcic: does not support memory and I/O cards, ignored (ident=3)^Misa
at pcib1 not configured
^Musb1 at ohci0: USB revision 1.0
^Muhub1 at usb1 RDC OHCI root hub rev 1.00/1.00 addr 1
^Mnvram: invalid 

Panic UVM on educake

[Jan Lambertz]

Hi,

i've bought an new device. x86duino educake. there is a dmesg that
looks like it has worked with openbsd 5.4 [1].
I'm trying to run 5.7 release on it an getting a panic. any ideas ?


jan

[1] http://www2192ue.sakura.ne.jp/~uaa/gomitext/2014/20140219/dmesg.txt

 OpenBSD/i386 BOOT 3.26
boot
booting hd0a:/bsd: 9777628+1068236 [72+409680+404343]=0xb1ec54
entry point at 0x200120

[ using 814508 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2015 OpenBSD. All rights reserved.  http://www.OpenBSD.org

OpenBSD 5.7 (GENERIC) #738: Sun Mar  8 10:59:31 MDT 2015
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error bfixed_disk
cpu0: Vortex86 SoC  (686-class) 301 MHz
cpu0: FPU,TSC,CX8,SEP,CMOV,MMX,PERF
real mem  = 133246976 (127MB)
avail mem = 118726656 (113MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 06/23/99, BIOS32 rev. 0 @ 0xff046, SMBIOS rev.
2.7 @ 0x7fe1420 (6 entries)
bios0: vendor coreboot version 4.0-4750-g745041e date 09/02/2014
bios0: DMP Vortex86EX
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4d30/224 (12 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x17f3 product 0x6011
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xef000/0x1000!
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 RDC R6025 Host rev 0x01
ppb0 at pci0 dev 1 function 0 RDC R1031 PCIe rev 0x02: irq 15
pci1 at ppb0 bus 1
pcib0 at pci0 dev 7 function 0 RDC R6011 SB rev 0x01
pcib1 at pci0 dev 7 function 1 RDC R6011 SB rev 0x01
vte0 at pci0 dev 8 function 0 RDC R6040 Ethernet rev 0x00: irq 9,
address 00:1b:eb:64:ae:d4
ukphy0 at vte0 phy 1: Generic IEEE 802.3u media interface, rev. 0: OUI
0x000bb4, model 0x0005
ohci0 at pci0 dev 10 function 0 RDC R6060 USB rev 0x13: irq 14,
version 1.0, legacy support
ehci0 at pci0 dev 10 function 1 RDC R6061 USB2 rev 0x07: irq 10
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 RDC EHCI root hub rev 2.00/1.00 addr 1
pciide0 at pci0 dev 12 function 0 RDC R1012 IDE rev 0x03: DMA,
channel 0 configured to native-PCI, channel 1 configured to native-PCI
pciide0: using irq 11 for native-PCI interrupt
wd0 at pciide0 channel 0 drive 0: SD04G D0 RDC SD-IDE HOST CONTROLLER
wd0: 1-sector PIO, LBA, 3781MB, 7744512 sectors
pciide0: channel 1 ignored (disabled)
azalia0 at pci0 dev 14 function 0 RDC R3010 HDA rev 0x02: irq 7
azalia0: codecs: Realtek ALC262
audio0 at azalia0
RDC R1060 USB Device rev 0x03 at pci0 dev 15 function 0 not configured
RDC R1331 MC rev 0x00 at pci0 dev 16 function 0 not configured
RDC R1710 SPI rev 0x01 at pci0 dev 16 function 1 not configured
RDC R1070 CAN rev 0x00 at pci0 dev 17 function 0 not configured
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
com2 at isa0 port 0x3e8/8 irq 5: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
pcic: does not support memory and I/O cards, ignored (ident=3)
pcic: does not support memory and I/O cards, ignored (ident=3)
pcic: does not support memory and I/O cards, ignored (ident=3)
pcic: does not support memory and I/O cards, ignored (ident=3)
isa at pcib1 not configured
usb1 at ohci0: USB revision 1.0
uhub1 at usb1 RDC OHCI root hub rev 1.00/1.00 addr 1
nvram: invalid checksum
uvm_fault(0xd0b984c0, 0x0, 0, 1) - e
kernel: page fault trap, code=0
Stopped at  wdcintr+0x85:   call*0(%edx)
ddb trace
wdcintr(d10385e4,0,1,0,0) at wdcintr+0x85
pciide_pci_intr(d1038000,d1034900) at pciide_pci_intr+0x69
Xrecurse_legacy11() at Xrecurse_legacy11+0xb9
--- interrupt ---Xspllower(d322c870) at Xddb show registers
ds  0x10
es  0x10
fs  0x20
gs 0
edi   0xd10385e4end+0x3e061c
esi   0xd10385e4end+0x3e061c
ebp   0xf1e0aed0
ebx   0xd1038508end+0x3e0540
edx0
ecx 0x10
eax0
eip   0xd0208315wdcintr+0x85
cs   0x8
eflags 0x256
esp   0xf1e0ae98
ss  0x10
wdcintr+0x85:   call*0(%edx)
spllower+0xe
Bad frame pointer: 0xd0d20e18

autoinstall + sitexx-hostname.tgz

[Jan Lambertz]

Hi,

i am using pxe boot with autoinstall and a hostname specific tgz file
in the sets to deploy many similar Firewalls.
i tell the installer how to configure at least one nic, to download
the sets. i use dhcp for that.
after that everything works as expected until the install is done and
machine restarts.

in my custom site57-fw1.tgz is a /etc/hostname.vio0. it says up.
i was wondering why in the filesystem of fw1 /etc/hostname.vio0 says dhcp.
i can only think the installer filling the file, after my site.tgz
gets extracted.
i am not absolutely sure if that's whats happening but if that's the
case i'm not sure if that is intended behavior.


i could of course add another nic just for pxe booting or put
something in the install.site script, but maybe there is a better
solution.

Jan

Re: Munich BSD meetup

[Jan Lambertz]

Hi,

where: Augustiner Keller Arnulfstraße 52, 80335 München
www.augustinerkeller.de
hopefully i can get a table down in the schwemm (Kellergewölbe). I
will bring a puffy or something to find me.
when: 06.02.2015 16:30 TOMORROW
what: Fun - People - Tech - Beer

Please send a mail if you come .

Jan

2015-01-27 16:14 GMT+01:00 Jan Klemkow j.klem...@wemelug.de:
 On Mon, Jan 26, 2015 at 07:54:16PM +0100, Jan wrote:
 Hi,
 Augustiner Keller is also very nice.
 http://www.augustinerkeller.de
 Is this week possible ?
 With the people mailing me private we are about 6 + friends and coworkers

 Yes, this week is ok.  Friday fits best this week.  Maybe a coworker and
 Bitrig hacker will join this meetup too.

 Do you have an exact date?!

 bye,
 Jan

Munich BSD meetup

[Jan Lambertz]

Hi,

stolen the idea from Reyk, maybe we can have a BSD meetup near munich.
One and only cirtitcal question is where.
I live about 30km North of Munich, but my job is near munich central station.
I fine with everywhere reachable in 1,5 hours.


Jan

Re: Hannover BSD meetup

[Jan Lambertz]

Challenge accepted =)
I'm thinking about organizing a little meet up for some time. i
thought nobody will come, but maybe its worth a try. Proposals for a
location ?
And Maybe we should start a new thread for munich.

Re: Hannover BSD meetup

[Jan Lambertz]

Hey Reyk,

that sounds great. Unfortunately the Way to Hannover is 600km from
here. I hope something simliar is happening soon near Munich. I was
not able to find any Meeting for OpenBSD here.

Jan

New x86, 4,5W Hardware Fit-PC Fillet

[Jan Lambertz]

Hi,

as i am always searching for new (low power) hardware, today i found
something new.
It sounds quite nice for running openbsd as a router/firewall.
It is possible that not everything is supported right now in openbsd
but the low power and number of nics made me smile.
It might be availiable around march 2015. Hopefully someone will try
running openbsd on it.Some highlights:
AMD A4-6400T SoC
64-bit quad core
1.0GHz (boost up to 1.6GHz)
4.5W
1x SO-DIMM 204-pin DDR3 SDRAM memory slot
Up to 8GB DDR3-1333
1x mSATA slot up to 6 Gbps (SATA 3.0)
AMD Radeon R3 Graphics
2x GbE LAN ports (RJ-45)
LAN1: Intel I211 GbE controller
LAN2: Intel I211 GbE controller
Warranty 5 years
Pricing ??
(other models available)


link to product
http://www.fit-pc.com/web/products/specifications/fitlet-models-specifications/?model%5B%5D=fitlet-B+%28TBA%29model%5B%5D=fitlet-X+%28TBA%29model%5B%5D=fitlet-i+%28TBA%29

link to news
http://www.phoronix.com/scan.php?page=news_itempx=CompuLab-Fitlet-Linux-PC

as always, other/similar choices:
APU1D4
soekris net6801-xx


Jan

openbsd and chromebooks

[Jan Lambertz]

Hi,

i thought chromebooks can be nice with openbsd some time ago. i found
that out that at least some chromebooks have a bios and bootloader
that i dont like.
after that i bought a thinkpad x201 with i5, gsm modem,ssd, 2gb ram,
giant battery and dockingstation for 340€ at ebay. its quite light and
has a 12,1 inch screen.
this device runs great and without any problems.
gsm modem and fingerprint reader are not working due lack of drivers.

openbsd and chromebooks

[Jan Lambertz]

Hi Johan,

dmesg (seems i lied little bit, got 4gb ram)

OpenBSD 5.5-current (GENERIC.MP) #250: Tue Jul  8 12:13:47 MDT 2014
t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4062691328 (3874MB)
avail mem = 3945762816 (3762MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe0010 (78 entries)
bios0: vendor LENOVO version 6QET70WW (1.40 ) date 10/11/2012
bios0: LENOVO 3323REG
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET ASF! SLIC BOOT SSDT
TCPA DMAR SSDT SSDT SSDT
acpi0: wakeup devices LID_(S3) SLPB(S3) IGBE(S4) EXP1(S4) EXP2(S4)
EXP3(S4) EXP4(S4) EXP5(S4) EHC1(S3) EHC2(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2660.50 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 133MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1.0, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2660.01 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2660.01 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 5 (application processor)
cpu3: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, 2660.01 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,LONG,LAHF,PERF,ITSC
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 2, package 0
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 2, remapped to apid 1
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG_)
acpiprt2 at acpi0: bus 13 (EXP1)
acpiprt3 at acpi0: bus -1 (EXP2)
acpiprt4 at acpi0: bus -1 (EXP3)
acpiprt5 at acpi0: bus 5 (EXP4)
acpiprt6 at acpi0: bus 2 (EXP5)
acpicpu0 at acpi0: C3, C1, PSS
acpicpu1 at acpi0: C3, C1, PSS
acpicpu2 at acpi0: C3, C1, PSS
acpicpu3 at acpi0: C3, C1, PSS
acpipwrres0 at acpi0: PUBS, resource for EHC1, EHC2
acpitz0 at acpi0: critical temperature is 100 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model 42T4696 serial  8337 type LION oem Panasonic
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
acpidock0 at acpi0: GDCK docked (15)
cpu0: Enhanced SpeedStep 2660 MHz: speeds: 2400, 2399, 2266, 2133,
1999, 1866, 1733, 1599, 1466, 1333, 1199 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel Core Host rev 0x02
vga1 at pci0 dev 2 function 0 Intel HD Graphics rev 0x02
intagp0 at vga1
agp0 at intagp0: aperture at 0xd000, size 0x1000
inteldrm0 at vga1
drm0 at inteldrm0
inteldrm0: 1280x800
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
Intel 3400 MEI rev 0x06 at pci0 dev 22 function 0 not configured
puc0 at pci0 dev 22 function 3 Intel 3400 KT rev 0x06: ports: 1 com
com4 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo
com4: probed fifo depth: 0 bytes
em0 at pci0 dev 25 function 0 Intel 82577LM rev 0x06: msi, address
f0:de:f1:11:80:ca
ehci0 at pci0 dev 26 function 0 Intel 3400 USB rev 0x06: apic 1 int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 Intel 3400 HD Audio rev 0x06: msi
azalia0: codecs: Conexant/0x5069, Intel/0x2804, using Conexant/0x5069
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 Intel 3400 PCIE rev 0x06: msi
pci1 at ppb0 bus 13
ppb1 at pci0 dev 28 function 3 Intel 3400 PCIE rev 0x06: msi
pci2 at ppb1 bus 5
ppb2 at pci0 dev 28 function 4 Intel 3400 PCIE rev 0x06: msi
pci3 at ppb2 bus 2
iwn0 at pci3 dev 0 function 0 Intel Centrino Ultimate-N 6300 

[Cannot allocate memory][Qemu][x86 i386] limits ? login.conf ?

[Jan Lambertz]

Hi, had same Problem.the only (poor) workaround i found is running qemu as
root .

Re: issues with firefox

[Jan Lambertz]

I had the same problems since June snapshots. I also noticed, that with
faster Hardware the lag gets smaller. I tried different sysctls, different
Hardware, different Browsers. In the Ende deleting .config/.chrome and the
local Firefox config folder solved my Problem instantly.
I dont know what caused this behaviour. Now watching fullscreen HD movies
via html5 is again Wirkung.

trunk device on bridge

[Jan Lambertz]

Hi,

im running

OpenBSD 5.5 (GENERIC.MP) #300: Wed Feb 26 16:28:46 MST 2014
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

Right now i'm trying some network fun.
I am using a thinkpad x201 where i combined iwn0 and em0 to a trunk
failover device. that works without  problems.
now i want to add trunk0 to bridge0 to be able to add an vether and other
taps. i can create that bridge and add the devices but after that nothing
happens.

$ cat /etc/hostname.em0

up

$ cat /etc/hostname.iwn0

nwid ssid wpakey secret up

$ cat /etc/hostname.trunk0

trunkproto failover trunkport em0 trunkport iwn0

$ cat /etc/hostname.vether0
up
dhcp

$ cat /etc/hostname.bridge0
add trunk0
add vether0
up


tcpdump -i iwn0 does not show the dhcp requests from vether0 (iwn0 is
master at trunk0). there isn't any traffic going though the bridge.

is there a limitiation of adding trunk devices to bridges or am i doing the
bridging wrong ?
i am afraid the solution is quite obvious, but i am guessing for serveral
days now 


thanks

Request for Funding our Electricity

[Jan Lambertz]

Pushing the subscription idea and cd set selling a litte bit further, what
about a signed cd set or artwork from theo or a developer ( next hackathon
) . The time investment should be no problem and this could sell for ...
70$ or something.
This is cool, no time effort,  promotion easy possible ( undeadly etc)

Request for Funding our Electricity

[Jan Lambertz]

I like the subscription idea. I'd love to have every release without
actually doing the shopping every time. This could at least make a bit of
safe money.

I believe, making a company  sending 20k$ every year to openbsd could be
quite difficult.
Why should they do this ?
What do they get ?
Why is that better than spending that money in new hardware or buying fancy
whiteboards in managers office ?

I know what they would get, but they dont. How do we make a company to know
about the benefit of openbsd? They never heard of it. They wont ever use it
because they dont get a 24/7 support contract from a big consulting company
for it.
They dont know about openbsd and most dont care.
That might not be the opinion of most people on this list but it is the
opinion of most people not on this list [the ones with money].

Pseudo video device webcam emulation

[Jan Lambertz]

Hi misc,
for some time i am trying to get a easy videochat working with openbsd. For
testing different aproaches,frameworks,protocols and daemons i need some
clients. Problem is that i dont want to run through my whole cellar from
machine to machine and also buy a few more cams.
For linux i found some software for webcam emulation aka pseudo video
devices. Anything for openbsd here ? Some testpicture will be sufficent for
a dry run.

Right now i am trying to set up
Ejabberd as server
Gajim as client
Xmpp as protocoll
Gstreamer/farsight as framework.

Thanks

Live usb stick quite slow

[Jan Lambertz]

Hi Jerome,

you didnt post your /etc/fstab, so i can only assume your mounting.
if you want a fast openbsd usb stick consider using MFS and options like
noatime,softdeps.



http://www.volkerroth.com/tecn-obsd-diskless.html

5.4 amd64 - Poor disk performance with Smart Array 6404

[Jan Lambertz]

I found dd to be a very bad/misleading tool for this case.
Problems are caches in different layers of the system, filesystem
behaviour, sector sizing of drives and arrays, kernel configurations, input
data loading, real world scenarios and driver implementation.
I had same issues on centos.
Not perfect but a lot better for my purpose is bonnie++. Even with bonnie++
i would not dare to say that same tests on same hardware with centos and
openbsd will show the real differences in performance.

Maybe that might help to get more comparable results

Help troubleshooting performance problem

[Jan Lambertz]

I m not sure if you already investigated this but s.m.a.r.t. has quite many
diagnostic info. Even if the drive has not actually been marked as broken.
This is somewhat vendor dependent. I did not check these info with openbsd
but it should be possible.
Facts from my hard drives include:
Bad sectors, read retries, write reatries and so on (dumped with some
windows tool)

Re: IPSec VPN with iked (8)

[Jan Lambertz]

There is a post of my findings in the archives. Android 2.3 worked fine
with iked and npppd

OpenBSD for mobile

[Jan Lambertz]

I thought about a recent device  type (tablet/mobile) mixing with openbsd
for some time. My final thought was: openbsd will need some further dev
work in this direction, but this is what devs do. Problems - small
Recent device type hardware has to be built and documented with some
direction towards openess (bootloader,firmware,driver,etc). Problems - huge
Some work can be done on the openbsd side,but without a big change by the
manufactors (they wont) there is no hope.

Here and there small companies come up with an open hardware approach (
openmoko) but the plattforms commonly do not survive.

carp+pfsync+relayd question

[Jan Lambertz]

qemu-kvm ...-smp sockets=2 ... solved it for me. What qemu version an build
are you using ?
Am 14.11.2013 18:47 schrieb Leonardo Santagostini lsantagost...@gmail.com
:

 Thanks a lot to all, i will give it a try and gives tou you feedback as
 soon as it get implemented.

 Saludos.-
 Leonardo Santagostini

 http://ar.linkedin.com/in/santagostini





 2013/11/14 Andy a...@brandwatch.com

   On 14/11/13 15:21, Leonardo Santagostini wrote:
 
  Hello misc,
 
  Im doing my final approach to put a production system with
  carp+pfsync+relayd on production.
 
  The point is that im facing some trouble setting more than one ip alias
  address with different vhid and different passwd.
 
  So, this is the scenario.
 
  Im trying to relayd more or less 15 sites so i have conceptual doubts.
 
  1) is it nesessary to create one carp interface for each one of my
  internals VIP address
  2) my understanding is that i have to work with pf on my carp
interfaces.
 
  I have tried to put two different VIP's on my carp, but whitout lucky.
 
  Here is the homework.
 
  [root@server ~]# uname -a
  OpenBSD server.internaldomain.com 5.4 GENERIC#37 amd64
  [root@server ~]#
 
  [root@server ~]# cat /etc/hostname.em0
  inet 172.19.224.180 255.255.255.0
 
  [root@server ~]# cat /etc/hostname.em1
  inet 172.19.226.231 255.255.255.0 172.19.226.255
 
  [root@server ~]# cat /etc/hostname.carp0
  # inet alias 172.19.224.16 255.255.255.255 172.19.224.255 vhid 1
advskew 10
  carpdev em0 pass Ahsooqu3
  inet alias 172.19.224.131 255.255.255.0 172.19.224.255 vhid 2 advskew 10
  carpdev em0 pass Meixo9oe
  # inet alias 172.19.224.41 255.255.255.255 172.19.224.255 vhid 3
advskew 10
  carpdev em0 pass av5eG9Gi
  # inet alias 172.19.224.40 255.255.255.255 172.19.224.255 vhid 4
advskew 10
  carpdev em0 pass Rei6thai
  # inet alias 172.19.224.181 255.255.255.0 172.19.224.255 vhid 5 advskew
10
  carpdev em0 pass Toobohz3
  # inet alias 172.19.224.182 255.255.255.255 172.19.224.255 vhid 6
adskew 10
  carpdev em0 pass Quahng6U
 
   CARP should look like this (master);
  inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass
  Ahsooqu3 advskew 0
  inet alias 172.19.224.131 255.255.255.255
  inet alias 172.19.224.41 255.255.255.255
  inet alias 172.19.224.40 255.255.255.255
  inet alias 172.19.224.181 255.255.255.255
  inet alias 172.19.224.182 255.255.255.255
 
  And (backup);
  inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass
  Ahsooqu3 advskew 200
  inet alias 172.19.224.131 255.255.255.255
  inet alias 172.19.224.41 255.255.255.255
  inet alias 172.19.224.40 255.255.255.255
  inet alias 172.19.224.181 255.255.255.255
  inet alias 172.19.224.182 255.255.255.255
 
  And yes the subnet masks for the alias' should be /32 and you will see a
  warning in the logs during fail-over. This is fine, the devs just
haven't
  muted the check warning yet.
 
  You've done it right if 'netstat -rn' shows;
 
  172.19.224.131 127.0.0.1  UGHS   00 33152 8
  lo0
  172.19.224.131/32  172.19.224.131 U  00 - 4
  carp0
 
 
   [root@server ~]# cat /etc/hostname.pfsync0
  up syncdev em1
 
  [root@server ~]# cat /etc/pf.conf
  ext_if=carp0
 
   You don't refer to CARP as an interface, it is simply a VRRP watchdog
  interface (for example you cannot set the MTU on a CARP interface as it
is
  not really an interface.
  Use the physical..
 
  ext_if=em0
 
 
 
  set fingerprints /etc/pf.os
  set optimization aggressive
  set limit states 9
 
   Definitely needs to be higher! try 1 million..
 
 
   set limit src-nodes 65000
 
  table bad_ip persist
  table internat_net persist file /etc/internal_net
  table admitted_net persist file /etc/admitted.txt
 
  # vip1_address = 172.19.224.181
  # vip2_address = 172.19.224.16
  vip3_address = 172.19.224.131
  # vip4_address = 172.19.224.41
  # vip5_address = 172.19.224.40
 
   Just to keep you sane remember these rules;
  # (SNAT) NATing is done before filtering, 'pass out on $if_ext from
  $external_carp_ip1' (public address as src for outbound).
  # (DNAT) RDRing is done before filtering, 'pass in on $if_ext from any
to
  $internal_ip1' (private address as dst for inbound).
 
  [image: OpenBSD_PF_flow]
 
 
 
  # Dejo de procesar cuando se trata de las redes internas
  pass in quick from internat_net to any
 
  # Dejo pasar las ips desde las redes permitidas
  # pass in quick from admitted_net to $vip1_address
  pass in quick from admitted_net to $vip3_address
 
  # Genero el block
  block in quick from bad_ip
 
   Your 'block in quick's should be above your 'pass in quick's!
  quick means stop evaluating and do this action now..
 
 
   block in log quick on $ext_if proto tcp from any os NMAP to any label
  ExtNMAPScan
 
  # Proteccion contra nmap y herramientas similares
  # block in quick on $ext_if proto tcp flags FUP/WEUAPRSF
  block in quick on $ext_if proto tcp flags WEUAPRSF/WEUAPRSF
  block in quick on $ext_if proto tcp flags 

Areca HW-Raid Support ARC-1224

[Jan Lambertz]

Great to see that support for newer cards is on its way.

Areca HW-Raid Support ARC-1224

[Jan Lambertz]

Hi,

i'm currently looking for a openbsd compatible hw-raid solution. i ended up
with areca. openbsd lists a number of supported devices. sadly nothing that
can be found on the areca website. relevant openbsd supported products seem
to be eol.
the ARC-1224-8I ist quite intresting for my purpose, but not listed as
supported by openbsd, but on the areca website there is sourcecode for a
driver...
http://www.areca.com.tw/support/s_openbsd/openbsd.htm
Anyone tried that yet ?
have things changed with license or something ? why do i need this external
driver ?
any other good (and supported) hw-raid pcie card out there ?

Re: beaglebone black

[Jan Lambertz]

Hi Alexey,
i asked myself same question.
As i read http://www.openbsd.org/armv7.html - Planned Projects Support
for USB on BeagleBoard and BeagleBone models.
Seems there isn't any usb-support yet. Netherless i bought a LevelOne
USB-0401 (axe AX88178) usb-ethernet card for upcoming support. I also found
a dmesg where usb-controller seems recognized.
I want to replace my home router with this solution, therefore two nics are
needed.
I`m going to make a try today afternoon.

Android mobile - OpenBSD IPSEC

[Jan Lambertz]

Hi christopher,
After i figured out the npppd config setup (seems there were some recent
syntax changes) it worked like charm.
I post my config files here as soon as i am at home

Jan

Fujitsu Siemens Amilo Pro V2030

[Jan Lambertz]

Hi,

i got Hands on an old Amilo Pro V2030. Hardware seems working. Celeron
1,4GHz, 40 gig HD, 1024 Ram. Tried to install 5.3 with built in disc drive.
Immediately hangs at boot with entry Point 
I found some topics about ACPI but there is no BIOS Option for deactivating
this.
boot -c stops at same point. Any pointers ?


Jan

Seeking GUI refuge

[Jan Lambertz]

Hi Patrick,

My Gui problem is (was) quite similar. I was searching intensivly for a
correct,fast,non bloated desktop manager for years. I have checked at least
10 products ( non windows ) and in the end i felt depressed,like you.
So what saved my live ?
At work i had to build an environment for java and db developers that works
on an enterprise linux distro. These distros came typically with gnome2.
Being a terminal server and doing some more intense compiling tasks, system
became slow. Developers were angry because they were only used to ms
windows. Then i remembered openbsd and fvwm. I took a deep dive into fvwm
and figured out that it can do nearly anything. I build my config (
beginning from a large sample config that ships with it. Ms windows 95
style). I cleaned out about 50% i dont need. I integrated the development
tools and  then everything went like tux on crack. It took some time but i
was happy with the achieved. After that fvwm became the wm of my choice and
i am still happy.
I really can recommend fvwm. Even if it looks a little bit oldschool and
hard to understand in first place,this is the window manager with coolness
(correctness) in mind. I even think it the openbsd of the window managers.

P.s. Good to see thomas adam around at openbsd . Great work !

Linux Xorg security issues

[Jan Lambertz]

Hi,
reading a news post
http://www.phoronix.com/scan.php?page=news_itempx=MTM3ODA
it turned out that there might be a number of security issues with xorg on
linux (really ? Lol ). I wonder how that affects the openbsd xorg. Can
anyone with more insight share his knowledge ?

Jan

Linux Xorg security issues

[Jan Lambertz]

Thanks Paul for this information. OpenBSD developers are fast as lightning.
Great !

Xf86-video-qxl on openbsd possible ?

[Jan Lambertz]

Hi,

with virtio drivers and spice-protocol available in 5.3, i wonder if it is
possible to bring the qxl driver to openbsd. I assume this might be quite
difficult. Has someone already started (or given up) doing this ?

Jan

OpenBSD as VirtualBox Host

[Jan Lambertz]

Hi adam,
I am heavily using virtualization in my daily work. I tried many different
virtualization technologies with openbsd. Openbsd client scenarios nearly
work well. As host nothing will work except qemu, that is slow.

So porting vb to openbsd ? This would be a rather difficult task. I dont
know if there are efforts in this direction but in my ears kvm on openbsd
sounds much better.

OpenBSD as NAS

[Jan Lambertz]

I will defintly try the vnode and buffercache parameters for these are
totally new to me

OpenBSD as NAS

[Jan Lambertz]

Hi there,
to be prepared for storage desaster i am planning to upgrade my home
box.itis a intel atom d525 with 2gig mem. Im planning to build up a
small raid 10
with standard sata 5.25 inch drives. 1000 mbit lan. This storage will
mainly be used for samba shares, backups and nfs shares. Of course i want
massive performance. What du you suggest ?
Change cpu
Change filesystem (os)
Parameters ?
Do something other ?
Any experiences in read /write speed of this hardware ?

Server

[Jan Lambertz]

Hi andi,

You didnt mention your RAM size, disc speed etc so it's quite hard answer
your question.
As for a true database (RDBMS) system, with serious data, i would not use
openbsd.
You should check the homepage of your database software distributor and
look out for something like supported os. If openbsd is on the list i m

 Hello,

 It will depend what you want to do with your server.

 Firstly, I suggest you to remove your graphic card if you can. It will
 make noise and heat for nothing and will increase your power
 consumption.
 If you need a simple home server, to store/share files on your
 network, set-up your owncloud and/or run a database for personal
 developments, I think your hardware is good.

 I can't say if OpenBSD is the best system for your use as we don't
 know your use. OpenBSD can run a database (postgresql, mysql, redis,
 mongo..), but the performance will depend of your workload.

 Best regards,
 Charles RAPENNE

 2013/3/13 Andi andiro...@gmail.com:
  Hello everybody,
 
  I'm thinking about putting the openBSD 5.2, in a desktop machine, in
 order
  to make this a server.
 
  The hardware configuration is:
  intel i3, 1TB of HD, nvidia 9800.
 
  But I'm wondering about this, if it will be good idea?
  If it's recommended... if openBSD is good to run a database... etc
 
  Any sugestion, critict, whatever... feel free to answer.
 
  Best regards,
  ..:: Andi ::..

WebRTC, google and firefox

[Jan Lambertz]

Jitsi is another jingle capable messanger. Jre seems to the only dependency
to startup. It has some nice features like registrarless sip. Technology
seems quite up to date.
Gui is little bit slow.
Until now i did not manage to get jingle (video)working on openbsd. Could
not find out what would be needed (ffmpeg,gstreamer...). Maybe you have
more luck.

'Re: bootable OpenBSD USB stick from windows?

[Jan Lambertz]

Hi,

I often used the virtualbox way. Extension pack may not be needed. The way
is ( vbox faqs-vbox raw disk access-hd file pointing to usb stick- and
ready to go). I also used this setup for creating an openbsd mfs usb
livestick.works perfect

Re: openbsd and vmware

[Jan Lambertz]

I also tried the socket trick in different setups but couldn't make it
work. I tried a smp 4,threads 1 cores 1 sockets 4. Sysctl tells cpus are
found but not used. Did you pass any special cpu information to qemu ?

Virtio: i'm not following current right now, but this are great news. Thank
you.

Re: openbsd and vmware

[Jan Lambertz]

I'm Using KVM to virtualize OpenBSD 5.2 right now. I'm not that impressed
about Vmware. I used a esxi server for 2 years extensivly. Things i didnt
like : cli,closed software,bloated,technical documentation,gui.
Not that KVM is much better at this point,but at least, i have the sources.
problems i found using kvm and openbsd:
SMP not working as it should.
spice and qxl is not that good right now.
No virto drivers for openbsd(disk i miss the most)
Virt-viewer (remote spice viewer app)  has some annoying keyboardlayout
obfuscation.
And with a look in the future i dont think the problems are going to to be
solved. A recent article on phoronix.com had information about qxl getting
KMS support. Correct me if im wrong, but this seems quite linux only to me.

Non the less, i use KVM right now for a few OpenBSD,Linux and Win8
Maschines and overall it performs quite well. One of myinterests are VDI
solutions, for that i will check citrix (xen) as an alternative in the
future.

--send from mobile

Re: Android mobile - OpenBSD IPSEC

[Jan Lambertz]

Ohh i see. I totally missed the l2tp stuff. I thought android could do
plain ipsec or ipsec with l2tp.
I think things will flow now.
Thank you

Android mobile - OpenBSD IPSEC

[Jan Lambertz]

Hi,

Running OpenBSD 5.2 AMD64 release as homeserver.
Got Andoid 2.3 Samsung Mobile.
Want to connect via vpn IPSEC.
Config:
ike passive esp tunnel from any to any \
main auth hmac-sha1 enc des \
quick auth hmac-sha1 enc des \
srcid  dstid (testted different things here without effect) \
psk test123


Also changed any to any to more concise settings, without effect.
local ip and peer any didnt help, too.


Jan 24 08:41:37 puffy isakmpd[10830]: attribute_unacceptable:
ENCRYPTION_ALGORITHM: got 3DES_CBC, expected DES_CBC
Jan 24 08:41:37 puffy isakmpd[10830]: attribute_unacceptable:
ENCRYPTION_ALGORITHM: got 3DES_CBC, expected DES_CBC
Jan 24 08:41:38 puffy isakmpd[10830]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 10.166.112.90, responder id
178.26.160.62
Jan 24 08:41:38 puffy isakmpd[10830]: dropped message from 89.204.138.90
port 51210 due to notification type INVALID_ID_INFORMATION
Jan 24 08:41:50 puffy isakmpd[10830]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 10.166.112.90, responder id
178.26.160.62
Jan 24 08:41:50 puffy isakmpd[10830]: dropped message from 89.204.138.90
port 51210 due to notification type INVALID_ID_INFORMATION
Jan 24 08:41:58 puffy isakmpd[10830]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 10.166.112.90, responder id
178.26.160.62
Jan 24 08:41:58 puffy isakmpd[10830]: dropped message from 89.204.138.90
port 51210 due to notification type INVALID_ID_INFORMATION


89.204.138.90 seems to be the mobile
10.166.112.90 ?? whats this ?

btw. im using the standard vpn client built in android. before i can
connect i have to enter a username / pw (not psk). is ipsec about username
/ pw stuff ? could find it anywhere in the manuals.


thanks

openntpd without internet connection

[Jan Lambertz]

Hello,

i try to set up a openntpd server for a local network. because of security
i don't have a internet connection. goal is to setup openbsd 5.2 release as
openntpd server, sharing its local time (without sync of any pool servers
or something) to others.

/etc/ntpd.conf says:
---
listen on 192.168.1.1 (this in the lan interface)

#no server
---
ntpd -dvs says:
listening on 192.168.1.1
ntp engie ready
set local clock 

when i try to connect from another machine (centos 6.3) to my openntpd
server i get:
ntpdate
no servers can be used, exiting

client ntp.conf looks like:

server 192.168.1.1
driftfile 
logconfig all
logfile /var/log/ntp.log
-

Im not quite sure if it is possible to use openntpd in this way. i found
nothing about this in the manual, but i know that ntpd (from ntp.org) is
able to act in this way.

Thanks in advance

Re: openntpd without internet connection

[Jan Lambertz]

Thank you for sharing this information.
It's clear now
Am 11.12.2012 14:47 schrieb Jérémie Courrèges-Anglas jca+o...@wxcvbn.org
:


 BTW, this issue has already been discussed before:
 http://marc.info/?l=openbsd-techm=134580856917208w=2

 --
 Jérémie Courrèges-Anglas
 GPG Key fingerprint: 61DB D9A0 00A4 67CF 2A90  8961 6191 8FBF 06A1 1494

Re: Qemu segmentation fault linux guest

[Jan Lambertz]

Hello again,

after several hours of testing i found a solution for my problem. Here the
command i run as root (so no ulimit problems):
qemu-system-i386 -smp 1 -drive
file=harddisk.qcow2,if=sd,media=disk,cache=writeback,aio=native -cdrom
/mnt/usb/debian-6.0.6-i386-CD-1.iso -m 512 -k de -localtime -usb -usbdevice
tablet -name debian -display vnc=192.168.1.1:0 -vga std -no-acpi
-no-fd-bootchk -balloon none -net nic,vlan=0,model=e1000,name=netif_debian
-net tap,vlan=0,name=netif_hosttun1,ifname=tun1,script=no,downscript=no

it is quite long because i had to test many options. the one that makes the
difference on my system is -vga. if i try to start it with -vga cirrus then
qemu segfaults during kernel load of linux. -vga std works fine.
Hope that this may help others.



2012/12/3 Brett brett.ma...@gmx.com

 On Mon, 3 Dec 2012 07:15:13 +0100
 Jan Lambertz jd.arb...@googlemail.com wrote:

  Hello,
  I try to run a qemu  linux guest ontop of my openbsd 5.1 i386. I've tried
  nearly any possible qemu command. I've tested archlinux,debian,sled and
  ubuntu. In every case,qemu core dumps when loading the linux kernel.
 When i
  run an openbsd guest with same qemu configuration, everything works
  fine.ami missing something general ? No-acpi and vlan tweaks tested
  with no effect.
  My system has no hardware virtualisation support. Intel D525 cpu.
 

 I had the same problem a while back and as suggested on the mailing list,
 OpenSuse11.4 worked for me.

 http://marc.info/?l=openbsd-portsm=131977715309792w=2

 Newer versions of qemu might need -m 512 or something lower than the -m
 1300 shown on the above link. Haven't used qemu for quite a while so I'm
 not sure if it will still work with OpenSuse, but it did a year ago.

 Brett.

Qemu segmentation fault linux guest

[Jan Lambertz]

Hello,
I try to run a qemu  linux guest ontop of my openbsd 5.1 i386. I've tried
nearly any possible qemu command. I've tested archlinux,debian,sled and
ubuntu. In every case,qemu core dumps when loading the linux kernel. When i
run an openbsd guest with same qemu configuration, everything works
fine.ami missing something general ? No-acpi and vlan tweaks tested
with no effect.
My system has no hardware virtualisation support. Intel D525 cpu.