Re: After upgrade to 6.5: Weird Apache2 perl_module behavior
I hit this recently too. I finally had some time to track it down and it's a
use-after-free bug in Apache that looks like it's been there since at least
2016.
It's only triggered if you load a non-standard module like mod_perl that
inserts its own config defines into the server's global
ap_server_config_defines array:
void modperl_register_hooks(apr_pool_t *p)
{
/* for and Apache2->define("MODPERL2") */
*(char **)apr_array_push(ap_server_config_defines) =
apr_pstrdup(p, "MODPERL2");
Apache later clears out and frees that particular memory pool, and after
that it walks the ap_server_config_defines and segfaults.
Bug report here: https://bz.apache.org/bugzilla/show_bug.cgi?id=63516
--
Sent from: http://openbsd-archive.7691.n7.nabble.com/openbsd-user-misc-f3.html
Re: APU2 Internal USB Headers Not Working
> > $ dmesg | egrep -i 'hci|hub|usb' > > Please don't trim things. Full dmesg, full pcidump (preferably -vxx). > Or better, run sendbug as root which includes acpi tables in the mail > it produces (the latter is not presently working in -current, but since > you're running 6.0 you won't run into that). Sorry. I was trying to keep the noise down and wasn’t sure that it qualified as a bug. Will know for next time. Full report posted just now using sendbug. Thanks Stuart, Sam
APU2 Internal USB Headers Not Working
I'm unable to see USB devices connected to the internal USB headers on a PC Engines APU2c2 board. The same devices work as expected when connected to the external USB ports. I have a TinyCore Linux USB stick handy that I used to update the board's firmware. If I boot it and run `lsusb` then I can see my devices using all of the internal and external USB headers/ports. So it would seem that the internal headers are wired up and working, but for some reason I can't use them via ehci. Note that that the external USB ports are USB3, so devices appear via xhci. It could therefore be a wider issue with ehci on this board. I've included as much detail as I know how to find below. If anyone has any ideas for things I can try to make this work I'd be very pleased to hear them. Sam Host: PC Engines APU2c2 running OpenBSD 6.0, then TinyCore Linux 6.4. Test device: FTDI Basic USB to Serial board. - - - - OpenBSD dmesg - - - - $ dmesg | egrep -i 'hci|hub|usb' xhci0 at pci0 dev 16 function 0 "AMD Bolton xHCI" rev 0x11: msi usb0 at xhci0: USB revision 3.0 uhub0 at usb0 "AMD xHCI root hub" rev 3.00/1.00 addr 1 ahci0 at pci0 dev 17 function 0 "AMD Hudson-2 SATA" rev 0x40: apic 4 int 19, AHCI 1.3 ahci0: port 0: 6.0Gb/s scsibus1 at ahci0: 32 targets ehci0 at pci0 dev 19 function 0 "AMD Hudson-2 USB2" rev 0x39: apic 4 int 18 usb1 at ehci0: USB revision 2.0 uhub1 at usb1 "AMD EHCI root hub" rev 2.00/1.00 addr 1 uhub2 at uhub1 port 1 "Advanced Micro Devices product 0x7900" rev 2.00/0.18 addr 2 - - - - OpenBSD, FTDI on internal J11 USB header (EHCI) - - - - $ usbdevs -vd Controller /dev/usb0: addr 1: super speed, self powered, config 1, xHCI root hub(0x), AMD(0x1022), rev 1.00 uhub0 port 1 disabled port 2 disabled port 3 disabled port 4 disabled Controller /dev/usb1: addr 1: high speed, self powered, config 1, EHCI root hub(0x), AMD(0x1022), rev 1.00 uhub1 port 1 addr 2: high speed, self powered, config 1, product 0x7900(0x7900), Advanced Micro Devices(0x0438), rev 0.18 uhub2 port 1 powered port 2 powered port 3 powered port 4 powered port 2 powered - - - - OpenBSD, FTDI on external USB port (xHCI) - - - - $ usbdevs -vd Controller /dev/usb0: addr 1: super speed, self powered, config 1, xHCI root hub(0x), AMD(0x1022), rev 1.00 uhub0 port 1 disabled port 2 disabled port 3 addr 2: full speed, power 90 mA, config 1, FT232R USB UART(0x6001), FTDI(0x0403), rev 6.00, iSerialNumber A8004w2k uftdi0 port 4 disabled Controller /dev/usb1: addr 1: high speed, self powered, config 1, EHCI root hub(0x), AMD(0x1022), rev 1.00 uhub1 port 1 addr 2: high speed, self powered, config 1, product 0x7900(0x7900), Advanced Micro Devices(0x0438), rev 0.18 uhub2 port 1 powered port 2 powered port 3 powered port 4 powered port 2 powered - - - - OpenBSD pcidumps - - - - $ doas pcidump -v 0:16:0 0:16:0: AMD Bolton xHCI 0x: Vendor ID: 1022 Product ID: 7814 0x0004: Command: 0006 Status: 0010 0x0008: Class: 0c Subclass: 03 Interface: 30 Revision: 11 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 10 0x0010: BAR mem 64bit addr: 0xfeb22000/0x2000 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 1022 Product ID: 1410 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 00 Min Gnt: 00 Max Lat: 00 0x0050: Capability 0x01: Power Management State: D0 0x0070: Capability 0x05: Message Signaled Interrupts (MSI) 0x0090: Capability 0x11: Extended Message Signaled Interrupts (MSI-X) 0x00a0: Capability 0x10: PCI Express $ doas pcidump -v 0:19:0 0:19:0: AMD Hudson-2 USB2 0x: Vendor ID: 1022 Product ID: 7808 0x0004: Command: 0006 Status: 02b0 0x0008: Class: 0c Subclass: 03 Interface: 20 Revision: 39 0x000c: BIST: 00 Header Type: 00 Latency Timer: 40 Cache Line Size: 10 0x0010: BAR mem 32bit addr: 0xfeb25400/0x0100 0x0014: BAR empty () 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 1022 Product ID: 7808 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 00 Min Gnt: 00 Max Lat: 00 0x00c0: Capability 0x01: Power Management State: D0 0x00e4: Capability 0x0a: Debug Port - - - - Linux dmesg - - - - # dmesg | egrep -i 'hci|hub|usb' | cut -c16- pci :00:11.0: set SATA to AHCI mode ACPI: bus type USB registered usbcore: registered new interface driver usbfs usbcore: registered new interface driver hub usbcore:
Re: NAT Firewalls and Client IPs in SSL Requests
On 14/01/2012, at 12:29 AM, Stuart Henderson wrote: On 2012-01-12, Sam Vaughan samjvaug...@gmail.com wrote: I have a web server handling predominantly https traffic sitting on a DMZ behind a CARP'd firewall of two ALIX 2D3s. Since the firewall is NATting traffic to the web server, the source IP of requests arriving at the web server is always the firewall's CARP address on the DMZ. Do you really have to NAT the source address? That is unusual, most people just use rdr-to which only touches the destination address. Nope, it was a bad set-up! Somehow I overlooked setting my web server's default route after installing it. When debugging the lack of reply traffic from it I came to the false conclusion that the firewall was dropping replies to routable IPs on its internal interface and that inbound NAT was needed. I've now added the default route and restricted NAT to outbound traffic on the external interface and all is good. I'd like the server to see the original client IP. The only solution I can think of is to use relayd, pound etc. as a layer 7 reverse proxy on the firewall that decrypts the SSL and inserts an X-Forwarded-For header. BTW, relayd can also do transparent forwarding (i.e. maintaining the source address in the packets), even with SSL offload. http://www.mail-archive.com/misc@openbsd.org/msg102364.html Looks really handy, thanks for the link, Stuart. Pulling the IP out of the X-Forwarded-For header works just fine for my purposes though so I don't think I need to add the extra complexity of transparent forwarding to my setup. I still prefer the idea of doing the SSL offload on internal machines due to the performance impact on lightweight firewalls. To keep all the reverse proxying centralised on the firewalls that probably means a round trip to do the SSL offload, then a second pass to do the layer 7 filtering and load balancing to the web servers. Sam
NAT Firewalls and Client IPs in SSL Requests
I have a web server handling predominantly https traffic sitting on a DMZ behind a CARP'd firewall of two ALIX 2D3s. Since the firewall is NATting traffic to the web server, the source IP of requests arriving at the web server is always the firewall's CARP address on the DMZ. I'd like the server to see the original client IP. The only solution I can think of is to use relayd, pound etc. as a layer 7 reverse proxy on the firewall that decrypts the SSL and inserts an X-Forwarded-For header. The problem there though is that the firewall is lightweight with just a 500MHz Geode, whereas the web server has dual quad core 2.3GHz E5410 Xeons sitting mostly idle. Even if the firewall can handle the load now, it'll quickly become a bottleneck if traffic increases. There might be hardware accelerator products that will work with the ALIX boards, but it seems to me that scalability in future will depend on separating the SSL decryption from the firewall. How can I get the best of both worlds, offloading the SSL decryption from the firewall without losing the client's IP? Do any reverse proxies support handing off just the decryption load to other machines? How do big sites separate their SSL decryption from their firewalls without losing this valuable information? Thanks in advance, Sam
OpenBSD 5.0 upgrade: em interface status no carrier
Hi, After upgrading from OpenBSD 4.9 to OpenBSD 5.0, the Intel 82579LM and Intel PRO/1000 MT (82574L) devices on one of my servers no longer come up. The ifconfig output simply shows status: no carrier. Without network access I can't copy and paste an entire dmesg, so here's some cherry-picked info: # uname -mrsv OpenBSD 5.0 GENERIC.MP#63 amd64 # dmesg | head -2 OpenBSD 5.0 (GENERIC.MP) #63: Wed Aug 17 10:14:30 MDT 2011 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP # dmesg | grep em[01] em0 at pci0 dev 25 function 0 Intel 82579LM rev 0x05: msi, address 00:25:90:52:b2:c1 em1 at pci2 dev 0 function 0 Intel PRO/1000 MT (82574L) rev 0x00: msi, address 00:25:90:52:b2:c0 # ifconfig em0 em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:25:90:52:b2:c1 priority: 0 groups: egress media: Ethernet autoselect (none) status: no carrier inet 10.0.2.7 netmask 0xff00 broadcast 10.255.255.255 inet6 fe80::225:90ff:fe52:b2c1%em0 prefixlen 64 scopeid 0x1 Running ifconfig down/up, manually choosing media types from the supported list and rebooting all have no effect. I've tried em1 as well without success. The connected switch is a Netgear GS116E and I've tried different cables and also a Netgear GS105E. I don't think it's the cable or switch though because rebooting back into 4.9 immediately brings the interface back to life. This is the hardware I'm having the problem on: http://www.supermicro.com/products/motherboard/Xeon/C202_C204/X9SCL-F.cfm I'm wondering if it's related to OpenBSD 5.0's new MSI interrupt code? Below is the dmesg when it's all up and working on 4.9. Is there anything I can try to narrow the problem down a bit further? Regards, Sam OpenBSD 4.9 (GENERIC.MP) #819: Wed Mar 2 06:57:49 MST 2011 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3210297344 (3061MB) avail mem = 3110817792 (2966MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xeadc0 (105 entries) bios0: vendor American Megatrends Inc. version 4.6.4 date 06/30/2011 bios0: Supermicro X9SCL/X9SCM acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S4 S5 acpi0: tables DSDT FACP APIC SSDT MCFG HPET SPMI SPCR DMAR EINJ ERST HEST BERT acpi0: wakeup devices PS2K(S1) PS2M(S1) UAR1(S4) UAR2(S4) BR20(S1) EUSB(S4) USBE(S4) PEX0(S4) PEX4(S4) PEX6(S4) GBE_(S4) P0P1(S4) P0P2(S4) P0P3(S4) P0P4(S4) SLPB(S0) PWRB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU E31220L @ 2.20GHz, 2195.48 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,ES T,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX,NXE,LONG cpu0: 256KB 64b/line 8-way L2 cache cpu0: apic clock running at 99MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Xeon(R) CPU E31220L @ 2.20GHz, 2195.01 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,ES T,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX,NXE,LONG cpu1: 256KB 64b/line 8-way L2 cache cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Xeon(R) CPU E31220L @ 2.20GHz, 2195.02 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,ES T,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX,NXE,LONG cpu2: 256KB 64b/line 8-way L2 cache cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Xeon(R) CPU E31220L @ 2.20GHz, 2195.01 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,PCLMUL,MWAIT,DS-CPL,VMX,SMX,ES T,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,POPCNT,XSAVE,AVX,NXE,LONG cpu3: 256KB 64b/line 8-way L2 cache ioapic0 at mainbus0: apid 0 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 3 (BR20) acpiprt2 at acpi0: bus 1 (PEX0) acpiprt3 at acpi0: bus 2 (PEX4) acpiprt4 at acpi0: bus -1 (PEX6) acpiprt5 at acpi0: bus -1 (P0P1) acpiprt6 at acpi0: bus -1 (P0P2) acpiprt7 at acpi0: bus -1 (P0P3) acpiprt8 at acpi0: bus -1 (P0P4) acpicpu0 at acpi0: C3, C1, PSS acpicpu1 at acpi0: C3, C1, PSS acpicpu2 at acpi0: C3, C1, PSS acpicpu3 at acpi0: C3, C1, PSS acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: PWRB ipmi at mainbus0 not configured cpu0: unknown i686 model 0x2a, can't get bus clock cpu0: Enhanced SpeedStep 2195 MHz: speeds: 2201, 2200, 2100, 2000, 1900, 1800, 1700, 1600 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0
Re: OpenBSD 5.0 upgrade: em interface status no carrier
On 18/11/2011, at 12:59 PM, Sam Vaughan wrote: Hi, After upgrading from OpenBSD 4.9 to OpenBSD 5.0, the Intel 82579LM and Intel PRO/1000 MT (82574L) devices on one of my servers no longer come up. facepalm If I'd bothered to compare those two dmesg outputs more closely I'd have noticed that OpenBSD 5.0 is simply enumerating the two interfaces in the opposite order. What was em0 in 4.9 is now em1 in 5.0 and vice versa. Simply swapping the cable to the other port and _not_ moving the settings in ifconfig to em1 fixes the problem. Sorry for the noise. By the way, is there any reason why I should prefer the 82579LM to the 82574L or vice versa? Thanks, Sam
Is your switch a single point of failure?
I'm currently looking at growing my simple co-located setup of a single OpenBSD web server to add a separate firewall and a second web server. This would make regular upgrades much less stressful and add some welcome high availability and capacity improvements. I'm considering running dual OpenBSD firewalls on e.g. ALIX.2d3 boards with CARP and pfsync. My question relates to linking the firewalls to the servers via switches in a sensible way. I should be able to avoid the need for a switch on the upstream side by getting the ISP to provide me with two links from the rack router, one for each firewall board. These links would be CARP'd to share one external static IP. The second ethernet port on each board would be linked to the other board in the pair for pfsync. My question relates to the third port on each board, making up the CARP'd internal interface on the DMZ side. How can I avoid plugging these two ports straight into the same switch, thereby adding a really obvious single point of failure to the entire setup? I can see a couple of options but I'm thinking I must be missing something obvious. 1. Rather than CARPing the interfaces on the DMZ side, they could simply be treated as two separate gateways. Each would connect to its own switch and the servers on the inside would select between them as per RFC816. I'm not even sure this would work because if a switch failed, the firewalls would have to somehow transfer master/slave status to match. 2. Set up a couple of RSTP switches and somehow connect the CARP'd internal interface to both of them. Connect the web servers to both switches and configure just the one gateway on them. I can find heaps of good information on CARP but the described setups always show just one switch in the DMZ. Do people really just accept that single point of failure? Regards, Sam
Re: Supporting OpenBSD
Thank you Nick, very well said! And thank you Theo and team for doing what you do. 4.6 CD ordered! -Sam On Tue, 8 Sep 2009, Nick Holland wrote: What makes OpenBSD unique? Everyone's got their own list, but here's mine: * Good work is unacceptable, great work is expected. * Quality is the #1 goal, it takes a back seat to NOTHING else. * Freedom for the users to use OpenBSD without question and without lawyers having to be involved, again without compromise. * Strong leadership. Not a core team, or an elected committee that blows in the wind of public opinion, but one person who sets direction and policy for the project. You may not always agree with Theo, but you never wonder where he stands on an issue, or what direction the project will go. * Commitment to doing it right in one way, not twenty different ways (pick one, maybe you get lucky). * Refusal to accept the damned all programs have bugs chant as an excuse for making crap * No fear of retaining things that work, and trashing things that are broke or inferior to newer (or older!) alternatives. * The Just Works philosophy. But...a project like OpenBSD doesn't just run on volunteer effort, it takes real money. Hardware, infrastructure, Internet services, and if you are going to have ONE PERSON in charge, you need to keep them focused on the project, not in their spare time, and give them the money to live in reasonable comfort. I just had a talk with Theo, and he shared some numbers with me. There's a digit missing from the current CD pre-orders from where we were hoping to be now. There's a trailing zero missing from what we'd really like to have. Long ago, while waiting for customers to hand me money, my first boss told me, The hardest thing to do, but the most important, is to ask for the sale. I've never been very good at that, but here it is... People, it is time to get your browsers over to http://www.openbsd.org/orders.html and start running some money into the project. Do you use OpenBSD for fun? Contribute. Do you use OpenBSD for work? Contribute. Does OpenBSD allow you to worry about the problem you are trying to solve rather rather than the tools? Contribute. Do you wish your employer used the OpenBSD quality standard in your work? Contribute. Does your employer use OpenBSD? Ask them to contribute (after you do, of course). Do you bundle OpenBSD or subprojects like OpenSSH into your product? Contribute big! (you won't, you rarely do, but hey, I'll ask anyway) Do you find yourself wondering why so few take computer software quality seriously? Contribute! CDs are our favorite way to get contributions. The price is well within what the average person can easily pay for, they are a lot more educational than a month of cable TV (and maybe even more fun). Sure, the CD itself is not something everyone needs anymore, but it is about much more than the data recorded on it. It is the mark of being an active OpenBSD supporter, and it provides a nice, neat count of this many people care. Don't get me wrong, Theo likes big cash contributions, too, but (ok, my life flashes before my eyes every time I try to put words in Theo's mouth) while a $1 donation from BIGCORP Inc., is nice, it is probably more satisfying to see two hundred $50 contributions from private people and small businesses who appreciate and put a value not only the work OpenBSD does, but the KIND of work, the Quality and Freedom Second to NOTHING philosophy. Don't wait and hope for a big company to speak for you, speak your thanks directly for the work and effort that goes into OpenBSD by buying a CD set. I'm going to answer a question that comes up periodically: What about T-shirts and mugs and ...? Well, those are profit points, too, but CDs are dirt cheap to make, they store easily, and one size fits all. T-shirts have a higher manufacturing cost, take up more space, and must be stocked in multiple sizes, all of which must be kept accessible. Certainly, buy a t-shirt, buy a mug, poster, whatever..but buy a CD set, too. Thanks to those that contribute money and buy CDs. Thanks to the OpenBSD team, I can't tell you what an honor it is to work (in my small way) with some of the worlds best programmers and software DESIGNERS. Thanks to Theo de Raadt for the years of showing that it IS possible to hold one's ideals up high and proud, never compromise them, and never give in, in spite of the pressures from those that will trade their ideals for a little temporary expediency. And thanks to you for reading my rant. Nick.
SAS HBA Recommendations?
To complement the man pages, the supported hardware pages and what I've found in the archives on marc, I'd be interested to read any SAS HBA recommendations people might have. I'm looking at some used Sun x4150 servers which have 8-lane PCIe slots but come with no built-in SAS/SATA controller. I'd be interested in running RAID 10 with a hot spare and I'd like to make use of an OpenBSD driver that supports bioctl. (I'm assuming OpenBSD runs on x4150s - the armorlogic site only lists Opteron Galaxy servers) I'm also curious about why vastly more RAID controllers are supported in the i386 port than the amd64 port. Is this because a lot of them aren't 64bit clean? Do some people as a result choose to run the i386 port on em64t hardware? Sam
Re: SAS HBA Recommendations?
On 16/04/2009, at 10:03 PM, Marco Peereboom wrote: On Thu, Apr 16, 2009 at 04:21:03PM +1000, Sam Vaughan wrote: To complement the man pages, the supported hardware pages and what I've found in the archives on marc, I'd be interested to read any SAS HBA recommendations people might have. LSI MPT. I'm looking at some used Sun x4150 servers which have 8-lane PCIe slots but come with no built-in SAS/SATA controller. I'd be interested in running RAID 10 with a hot spare and I'd like to make use of an OpenBSD driver that supports bioctl. (I'm assuming OpenBSD runs on x4150s - the armorlogic site only lists Opteron Galaxy servers) LSI MFI adapters are nice. Thanks Marco, So now that you've added bioctl support to mpi in 4.5, is there no real reason to preferentially choose a MegaRAID card over a Fusion MPT card, other than by price and features? I really appreciate the work you guys have done to bring all this great SAS support to OpenBSD. Sam
Re: support for Sun Fire
On 03/06/2007, at 7:33 PM, Stuart Henderson wrote: On 2007/06/03 14:09, Sam Vaughan wrote: if anyone has a working PXE bios-flash setup for these and wouldn't mind sharing how, please drop me a line, when I try the system hangs after memdisk loads the bios-flash image. I'd be interested to know about this too. Since my x4100s have no CD/DVD ROM drive (I've got the four-SAS-disk config) I can't use Sun's BIOS CD image. I couldn't even mount the ISO to get at the necessary files. I don't have one but it looks like X4100 is much easier, it appears that the BIOS update is done with the ILOM firmware via the service processor using an .ima file from http://www.sun.com/download/products.xml? id=45b94409 It certainly looks that way from the file descriptions, doesn't it? However installing that .ima file to upgrade the ILOM firmware gave no indication that it also upgraded the BIOS. All their previous releases looked like this: http://www.sun.com/download/products.xml?id=45007c22 The descriptions of the .ima file still mention the BIOS, but the required files to build a bootable DOS image to update the BIOS are all provided separately. When upgrading to those previous releases, I followed the docs and updated the ILOM firmware, then built the DOS image and booted from it. The BIOS certainly hadn't been updated at that point, and running the DOS tool worked as documented. It's a massive pain in the arse to have to boot into DOS to upgrade a machine that is otherwise completely serviceable remotely via the ILOM. It basically means a visit to the data centre with a USB stick, but as of this 1.3 release I can't even do that! But I take your point, Stuart, what the hell is the mention of the BIOS update in the .ima file descriptions about and is there really a much easier way that's just not mentioned in the docs? Have you had any success with IPMI SoL? Whilst the Java app works fine for remote access, I'd much rather not have to launch it when all I really want is access to the console. I only have X2100 and I didn't want to lose the decent NIC, I got as far as power control via ipmitool but didn't look at SoL, I'm just using good old-fashioned serial console and masterswitch. Fair enough. I'll just put up with the Java app to redirect video and USB for now then. Thanks, Sam
Re: support for Sun Fire
On 29/05/2007, at 10:41 PM, Stuart Henderson wrote: if you have a recent bios that lets you set the low-temp fan duty cycle to 0% to quieten things down while you do the initial install, make sure the 'power off if cpu fan fails' option is turned off or you'll have an aggravating 'enter the bios at just the right time' session. I wish I'd known I could have shut those fans up when I was setting up my x4100s! Thanks for the tip. if anyone has a working PXE bios-flash setup for these and wouldn't mind sharing how, please drop me a line, when I try the system hangs after memdisk loads the bios-flash image. I'd be interested to know about this too. Since my x4100s have no CD/ DVD ROM drive (I've got the four-SAS-disk config) I can't use Sun's BIOS CD image. I couldn't even mount the ISO to get at the necessary files. With their releases prior to 1.3 they provided the individual files which made it easy to make a floppy image that could then be written to a USB stick. A PXE solution would be even better. latest bios on sun's ftp site fixes erratum 89, first time I've seen an amd64 box boot without it. and hooray: the bios *defaults* to using serial console, so you don't lose access if the CMOS battery dies. other vendors would do well to copy that idea. Very true. My pet peeve is that I can't move the service processor's ssh to a high port number and disable password authentication. Logging in to the embedded OS and editing the ssh config file by hand doesn't work, presumably because it's not sitting on writable media when it's running. I can't really be bothered digging in to the source and building my own service processor OS image. Have you had any success with IPMI SoL? Whilst the Java app works fine for remote access, I'd much rather not have to launch it when all I really want is access to the console. Sam
Re: Macppc G3 Powerbook - Install Fails
On 16/11/2005, at 12:43 PM, Bob Ababurko wrote: If this is an oldworld (before circa 1988) you cannot boot from a cd. Google your model to see if it is. Otherwise, you could try to boot the laptop while pressing cmd+opt+shift+delete to skip the first bootable deviceI believe it is something like that. You may also look into the ramdisk booting method, if your machine will not boot off of a cd. Good Luck, bob For what it's worth, OpenBSD will run on a bronze keyboard Powerbook G3 333MHz - the model prior to the first one with Firewire ports. I had to try several times to get it to recognise the CD, but I think that was thanks to a flaky CD drive. dmesg below. Sam [ using 308668 bytes of bsd ELF symbol table ] console out [ATY,264LTProA]console in [keyboard] ADB found using parent ATY,LTProParent:: memaddr 8100 size 100, : consaddr 8100, : ioaddr 80881000, size 1000: memtag 8800, iotag 8800: width 1024 linebytes 1024 height 768 depth 8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2005 OpenBSD. All rights reserved. http:// www.OpenBSD.org OpenBSD 3.7 (GENERIC) #225: Sun Mar 20 00:55:39 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 402653184 (393216K) avail mem = 360964096 (352504K) using 1254 buffers containing 20131840 bytes of memory mainbus0 (root) cpu0 at mainbus0: 750 (Revision 0x8202): 333 MHz: 512KB backside cache mpcpcibr0 at mainbus0: grackle, Revision 0x40 pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 0 function 0 Motorola MPC106 PCI rev 0x40 ohci0 at pci0 dev 14 function 0 ATT/Lucent USB rev 0x12: irq 28, version 1.0 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: ATT/Lucent OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered macobio0 at pci0 dev 16 function 0 Apple Paddington rev 0x00 macintr0 at macobio0 zsc0 at macobio0: irq 15,16 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 awacs0 at macobio0: irq 17,8,9 speaker audio0 at awacs0 adb0 at macobio0 irq 18: via-pmu 3 targets aed0 at adb0 addr 0: ADB Event device akbd0 at adb0 addr 2: PowerBook G4 keyboard (Inverted T) wskbd0 at akbd0 (mux 1 ignored for console): console keyboard ams0 at adb0 addr 3: EMP trackpad tpad 2-button, 400 dpi wsmouse0 at ams0 mux 0 abtn0 at adb0 addr 7: brightness/volume/eject buttons apm0 at adb0: battery flags 0x5, 100% charged wdc0 at macobio0 irq 13: DMA wd0 at wdc0 channel 0 drive 0: FUJITSU MHH2048AT wd0: 16-sector PIO, LBA, 4645MB, 9514260 sectors wd0(wdc0:0:0): using BIOS timings, DMA mode 2 mediabay0 at macobio0 irq 29 wdc1 at mediabay0 offset 0x21000 irq 14: DMA atapiscsi0 at wdc1 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: MATSHITA, CD-ROM CR-175, 5AAE SCSI0 5/ cdrom removable cd0(wdc1:0:0): using BIOS timings, DMA mode 2 bm0 at macobio0 irq 42,33: address 00:50:e4:00:af:41 ukphy0 at bm0 phy 0: Generic IEEE 802.3u media interface ukphy0: OUI 0x080017, model 0x0001, rev. 0 vgafb0 at pci0 dev 17 function 0 ATI Mach64 LI rev 0xdc, mmio wsdisplay0 at vgafb0: console (std, vt100 emulation), using wskbd0 cbb0 at pci0 dev 19 function 0 Texas Instruments PCI1211 CardBus rev 0x00: irq 22 cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 1 device 0 cacheline 0x8, lattimer 0x20 pcmcia0 at cardslot0 bootpath: '/pci/mac-io/[EMAIL PROTECTED]/[EMAIL PROTECTED]/bsd' boot device: wd0. root on wd0a rootdev=0x0 rrootdev=0xb00 rawdev=0xb02
Re: Compatibility question for the New Sun X4100 server with 4FastEthernet as possible BGP routers, or stick with HP DL-145 G2?
I just came across an interesting white paper with lots more detail: http://www.computerworld.com/x64/pdfs/ Sun_Fire_X4100_and_4200_WP_v14.pdf Sam
Re: dual DVI graphics card
On 07/10/2005, at 11:50 AM, Martin Schrvder wrote: One DVI port does up to 1600x1200, so you need four DVI (two dual-link) ports. I beg to differ. I'm currently using a 1920x1200 monitor at native resolution connected to the DVI port of a three year old Radeon 7500 that certainly isn't dual link. For an Apple 30 Cinema display at 2560x1600 then yeah, you'd need dual link per display, but that's a completely different class of pixel real estate!
Re: Compatibility question for the New Sun X4100 server with 4FastEthernet as possible BGP routers, or stick with HP DL-145 G2?
On 30/09/2005, at 6:58 PM, David Gwynne wrote: From: Henning Brauer [EMAIL PROTECTED] * Daniel Ouellet [EMAIL PROTECTED] [2005-09-29 22:20]: afaik the 4100 and 4200 use the slightly aged AMD chipset, same thing as in the HP DL145 G1, the V20z, and the IBM - should just work. True, that bit should just work as should the nics since its just 4x em. However, the onboard storage controller probably wont work out of the box right now. It's a SAS variant of the chips supported by the mpt driver. According to marco it isn't as trivial as adding the pci ids to the driver to make it work either. I'll gladly accept a donation of a x4100 or x4200 to make it work ;) The only other interesting thing in these machines is the ipmi stuff and the management controller. When you say that the onboard storage controller probably won't work, do you mean that managing it from inside OpenBSD won't work, or that it probably won't even be possible to boot? If it's just the former, then the IPMI controller would still allow you to set up RAID status notification, reconfigure the disks and so forth. I need to choose a server in the next couple of months and the x4200 looks like very good value for money. I'd really like to be able to run OpenBSD on it. Thanks, Sam
