Re: Vultr hosting of OpenBSD

2018-09-12 Thread Sacha El Masry 
> Without digging them up I did a quick google on openbsd issues vultr.
> It pulled some things I saw before with 6.2 and timing, as well as
> issues with the base image, and other ones talking about a setting in
> KVM that was causing issues on certain servers.

I use Vultr, happily, but I _can_ confirm what you said. Randomly,
instances will 'freeze', and be unresponsive to the network, as well as
to the provided console. Looking at the settings, CPU has jumped up to
105% and plateaued, and that's it - you have to restart the instance.

I spoke to their support who were very helpful, telling me:

"This is an issue with OpenBSD on KVM/QEMU platforms that has yet to
be patched by the developers.
...
The issue is a bug in the kernel virtual machine (KVM) subsystem of
the Linux kernel; the flaw was introduced in version 4.10. It's
fixed in Linux kernel versions above 4.15.0."

Their solution is to use their 6.3 image, which automatically applies
the patch (on their end of the infrastructure), or set up your machine
your way, then open a ticket, letting them know the IP and they will
apply the patch manually and reboot the machine. I've done this, and
will monitor for any further erratic crashes.

Overall, their support has been good, and I can't speak to the speed of
their network, but my OpenBSD webservers have worked flawlessly (apart
from the above issue) on their infrastructure for many years.

Sacha

Can OpenBSD connect to MS L2TP VPN?

2018-09-03 Thread Sacha El Masry 
Hi,

I've searched the internet every way I could think of, but cannot find
an easy answer to whether it's possible for OpenBSD as a client to
connect to a Microsoft (Windows Server-provided) L2TP VPN?

Obviously, there are countless guides to setting up OpenBSD as a
server, to which Windows, macOS, iOS and Linux/Android clients can
connect. While I should be able to work out how to do the reverse, I
haven't succeeded.

The first question is: can OpenBSD, using base packages or xl2tpd,
actually connect to this type of Windows VPN?

If it can, and one of you has done so, could you please provide a
pointer? I have read up on base tools, but as far as I get it, they can
be used to set up a server, or as a gateway with another IPSEC
gateway. From what little I understand, xl2tpd can be used as a client,
but I have not managed to create a connection - or to establish 'flows'
- as per the instructions that package provides
  at: /usr/local/.../xl2tpd-1.3.11.

Thanks,

Sacha

opensmtpd crashing intermittently

2010-09-07 Thread Sacha El Masry 
Gilles (or anybody),

I've been using smtpd since 4.6-RELEASE, for one domain-several email
addresses, plus one constantly receiving mailing list emails (including
misc@). It's been great.

Problem is, I've just set up smtpd on 4.7-RELEASE, using a very simple
ruleset, with the aim of using this as an outgoing only smtp server, for
an in-house weekly newsletter, going out to 3000+ recipients. The
server crashes intermittently. With smtpd started with the -dvf
arguments, I can see where it breaks:

...
lookup_a mx2.mail.eu.yahoo.com:0
fatal: dns: fork: Resource temporarily unavailable
lookup_ptr success
mta: getting datafd
lost child: lookup agent exited abnormally
queue handler exiting
mail filter exiting
mail delivery agent exiting
control process exiting
mail transfer agent exiting
smtp server exiting
runner handler exiting
parent terminating
lookup_a success
loolookup_ptr success
kup_a mx1.mail.eu.yahoo.com:0
lookup_ptr success
lookup_a success
lookup_mx success
fatal: dns_dispatch_parent: msgbuf_write: Broken pipe
# (command prompt)
# lookup_ptr success
fatal: dns_dispatch_parent: msgbuf_write: Broken pipe


Obviously, the record being looked up constantly changes, but the crash
is always the same: msgbuf_write: Broken pipe.

Now, I realise, from reading this list, that smtpd is not meant to be
production-ready, but I'm happy to use it (so long as it works) and test
it, and send information back to the developers, where relevant.

Is this a bug that's been looked at and fixed since -RELEASE?

My ruleset:

ext_if= re0
listen on $ext_if
map aliases { source db /etc/mail/aliases.db }
accept for local alias aliases deliver to maildir
accept from all for all relay
accept for all relay


My dmesg follows:

OpenBSD 4.7 (GENERIC.MP) #130: Wed Mar 17 20:48:50 MDT 2010
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2145255424 (2045MB)
avail mem = 2078703616 (1982MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf0100 (39 entries)
bios0: vendor Award Software International, Inc. version F4 date 04/03/2009
bios0: Gigabyte Technology Co., Ltd. EP41-UD3L
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP HPET MCFG APIC SSDT SSDT SSDT SSDT SSDT
acpi0: wakeup devices PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) PEX4(S5) PEX5(S5) 
HUB0(S5) UAR1(S3) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USBE(S3) AZAL(S5) PCI0(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz, 2600.28 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR,NXE,LONG
cpu0: 2MB 64b/line 8-way L2 cache
cpu0: apic clock running at 199MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz, 2599.94 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR,NXE,LONG
cpu1: 2MB 64b/line 8-way L2 cache
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 2 (PEX0)
acpiprt2 at acpi0: bus -1 (PEX1)
acpiprt3 at acpi0: bus -1 (PEX2)
acpiprt4 at acpi0: bus 3 (PEX3)
acpiprt5 at acpi0: bus -1 (PEX4)
acpiprt6 at acpi0: bus -1 (PEX5)
acpiprt7 at acpi0: bus 4 (HUB0)
acpicpu0 at acpi0: C3, C2, C1, FVS, 1600, 1200 MHz
acpicpu1 at acpi0: C3, C2, C1, FVS, 1600, 1200 MHz
acpibtn0 at acpi0: PWRB
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel G41 Host rev 0x03
ppb0 at pci0 dev 1 function 0 vendor Intel, unknown product 0x2e31 rev 0x03: 
apic 2 int 16 (irq 10)
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 ATI Radeon HD 4550 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
azalia0 at pci1 dev 0 function 1 ATI Radeon HD 4000 HD Audio rev 0x00: apic 2 
int 17 (irq 12)
azalia0: no supported codecs
azalia0: initialization failure, detaching
azalia1 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x01: apic 2 int 
16 (irq 10)
azalia1: codecs: Realtek ALC888
audio0 at azalia1
ppb1 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01: apic 2 int 16 
(irq 10)
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x01: apic 2 int 19 
(irq 11)
pci3 at ppb2 bus 3
re0 at pci3 dev 0 function 0 Realtek 8168 rev 0x02: RTL8168C/8111C (0x3c00), 
apic 2 int 19 (irq 11), address 00:24:1d:d0:a2:d8
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2
uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 2 int 23 
(irq 5)
uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 2 int 19 
(irq 11)
uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 2 int 18 
(irq 7)
uhci3 at pci0 dev 29

Multi-head support

2010-07-29 Thread Sacha El Masry 
A lot has been asked (and answered) about dual head cards. Is anyone
out there currently using quad-head (quad-port) cards? How are
they/what's the support like? What are you using and are there 
any problems I need to be aware of?

I'd like to have a three monitor setup, but am wary of going to
buy/ordering a quad card only to return it, get another one, return that
too, etc...

Any insights would be appreciated.

Many thanks,

Sacha El Masry