Re: 4.6 postponed to Nov 1
On Fri, Sep 18, 2009 at 11:18:30AM +0200, Stephan A. Rickauer wrote: On Fri, 2009-09-18 at 11:09 +0200, Alexander Hall wrote: Theo de Raadt wrote: The 4.6 release will be postponed to Nov 1. Heh. I just cannot help being a little amused by this, since we are expecting our second kid with an ETA of Nov 1, and I thought it would have been a fun coincidence to have OpenBSD and (possibly) a kid released the same day. :-) don't name it puffy, please ;) Don't listen to him; there's a shiny American dollar in it if you do. I put a shiny silver 10,- EUR coin on top of it. ;)
Re: dd performance question
On Mon, Aug 25, 2008 at 06:58:30PM -0700, Neko wrote: Hi all, having a 250 GB drive on a PATA strip using lowest PIO mode (without dma if possible), drive specs show a 8 MB buffer , .. i had ran mine at 4mb block space thinking ill use the 16mb bus transfer divided at most in 4, per second, but i achieved that in a minute instead. this is really poor performance, 3 days for 250gb transfer at 4mb bs what do you expect ? PIO0 ist max. 3mbyte/sec, in reality more like 1-2mbyte/sec. that's 125000sec=34hours if you are lucky, 3days if you are unlucky. switch to UDMA4/5/6 and you will get 30mbyte/sec but no, I wan't no DMA and lowest PIO. some days one is really wondering... -sm
Re: TV out for Xorg/OpenBSD?
Hi, Edd Barrett wrote: On Sun, Aug 17, 2008 at 07:16:51PM +0300, Jussi Peltola wrote: On Sun, Aug 17, 2008 at 04:22:33PM +0100, Edd Barrett wrote: Hi, We have this BSD box with some films on, and someone had the idea of hookiing it up to the TV so we can watch DVD's etc in the living room. Not a bad idea, but I don't know how. You need an interlaced [EMAIL PROTECTED] mode. A suitable modeline should be findable with google. OK, well [EMAIL PROTECTED] is the standard vga option in xorg.conf. This fails :( As for modelines, googling modeline tvmodel xorg doesn't bring back any results. You can try some of the modelines there and need to make sure the tv is in rgb mode and the sync-line ist connected and put's out the right singal. http://www.unix-ag.uni-kl.de/~pfeffer/tvout/index.html Alternatively most modern cards have a tv-out, don't know what is supported by the x-servers. The solution using RGB above will give the best picture quality if you get it working. -sm
Re: TV out for Xorg/OpenBSD?
Hi, On Mon, Aug 18, 2008 at 5:40 PM, Antti Harri [EMAIL PROTECTED] wrote: On Mon, 18 Aug 2008, Edd Barrett wrote: The card is a NVIDIA GeForce4 MX 420 rev 0xa3 I'm not 100% sure but I don't think that will work without the blobby nvidia driver. Which of course isn't available on OpenBSD. Ah wonderful. Does this apply for the vga port too, sing the VGA to scart adaptor? If I plug the box into a LCD monitor i see [EMAIL PROTECTED] just fine, its just a very small screen, not ideal for films. If you can see the picture on a standard computer screen, you very likely are running a modeline which doesn't work on a standard tv. It's likely not interlaced and you need the interlaced signal for the tv. Most LCD and CRT screens nowadays are not capable of syncing down to the 15.625KHz of the TV-Signal. modeline pal_768x576 14.75 768 784 864 944 576 582 588 625 -hsync -vsync interlace # H 15625 [Hz], V 50 [Hz] modeline pal_720x576 13.875 720 744 808 888 576 582 588 625 -hsync -vsync interlace # H 15625 [Hz], V 50 [Hz] You can check the X-log to see if the card actually accepts the modeline and uses it. If you put only this resolution into the config it should either start with it correctly or drop out with an error. Then I would use an Oscilloscope to check the signals on the Scart-Connector to make sure you have what your TV needs. Maybe somebody from the electrical-engineering department at your university can help you with that. I had something like that running in the past, but since I don't have a TV anymore... ;) -sm
Re: Hardware recommendation for firewalls (more than 4 NICs)
Hi, Forget this. Cisco does CEF (cisco express forwarding) that's stream forwarding in hardware. You don't have a chance to reach this PPS with a yeah, expect that it doesn't route everything and in the moment it falls back to cpu your router is dead. then there I saw all kind of funny and therefore extremely hard to trace and debug, bugs popping up with CEF enabled if you use a bit more then just 08/15 routing. pc / server based router (any os). And I don't think there is any equivalent hardware for Cisco and other router vendors. Because only routing decision is done in CPU / memory, packet forwarding is done on the hardware layer... so you can't compare Cisco CPU / memory against PC cpu / memory that's not fair :-) life's not fair either ;) But software routers e.g. OpenBSD are cheap and work well. If you don't need more than about 800Mbit/s throughput and you want to save some money us software routers... but agree, with a good server hardware, intel nics, dual core cpu, etc. you can get good performance out off a server based router / firewall. well, up to around 500mbit any decent pc, doesn't even need to be server grade hardware will smoke any cisco, which costs 10 times more. if you need more performance, forget about cisco, get juniper if you really need something _fast_ or foundry. cisco only now brought some stuff to the market which comes close to what juniper delivered over the last years. will cost some money though. fast, reliable, cheap. pick two. ;) i wonder though how fast a nice openbsd machine with some 10g cards in PCIe slots will be. I guess we will soon find out, those things are getting affordable. -sm
Re: ral(4) hostap plea
Hello, Personally, I've given up on using OpenBSD as an AP--though I have for years. Back when I used wi, everything worked very well. However, 802.11g drivers/cards work very poorly as APs. While speed with them can be good at times, different wireless clients performed erratically and frequently the AP would lock up. I have since moved on and now use commercial APs. Sorry if this is not what you were looking for. I'd love to say 802.11g, OpenBSD and APs work swimmingly, but that has never been the case for me. I personally don't think it's that much an obsd problem, there are always some people which can't connect to whatever AP you are running. That's why we have a some cheap WiFi cards lying around. Can't connect? Put this one in. Voila. In the past the Realtek stuff was a nightmare, then came centrino... -sm
Re: Rolling release?
Hello, AFAIK OpenBSD has 2 releases a year - which means, that devs are trying to keep the packages and OS itself fresh. But I'm wondering: wouldn't be in such situation reasonable to switch to s.c. rolling release model - and even more convenient for both devs and users? I as a user am very happy with the way this is organised now, I wouldn't mind having only 1 release a year if eventually 2 per year get's to much. But nothing faster please. I'm mostly using snapshots but I am very happy that stable exists and the way it is maintained. -sm
Re: Is there a badblocks-equivalent for OpenBSD?
Hello, I don't know if anyone brought this up, and I hate to state the obvious, but if you're getting bad blocks then the hard drive has exhausted its ability to deal with them on its own and should be replaced. Otherwise you'll see data loss/corruption and a higher probability of a total drive failure. not always, bad sectors get only reasigned if either the sector containing data can still be read after a few tries eg. the drive notices when reading that this part is going bad or when you write to the sector. in case you stumble upon a bad sector and just try to read it, nothing will happen. write it and it will get reasigned. with the current drive-capacities and data densities bad sectors are kind of unavoidable in consumer grade drives. that's why it is recommended to read scan your raid of cheap drives often, so the drives have a chance to discover sectors going bad when they are still readable. currently we just take drives with some bad sectors out of the raid, write check them, see if they are gone, mark them and use them again. if it happens again after that they go out for warranty. of course not for really important data, there it's SAS or fresh drives. ;) -sm
Re: Is there a badblocks-equivalent for OpenBSD?
Hello, I'm curious how much more failure in the new perpendicular drives you are seeing. I can certainly see various drive makers pushing capacity irrespective of reliability. Germane to this case, some of them reduce the reserve storage for bad sectors for that extra storage. Tisk tisk. to new, not that many in use yet and it will likely take a while for the errors to show up. when searching for an unrelated issue with the samsung 1TB, I found some reports of high numbers of reassigned sectors in SMART data, floating around. but that is not necessarily an issue, could be just an aspect of the higher density handled with more ECC. nice poster one has to admit, the terabite. :) the bad-sectors we saw where mostly found in cheap 80/160GB single platter drives. of the 300/400/500 we had only a few errors so far. i think there are some companies out there having collected a lot more smart-data the we do, wonder what they do with it... ;) -sm
Re: the death of the oldest OpenBSD system on the net...
On Monday 17 March 2008 22:12:05 you wrote: On Mon, Mar 17, 2008 at 4:56 PM, Marc Balmer [EMAIL PROTECTED] wrote: back in time (but not to long ago), I served 3000 email accounts for a Swiss multinational insurance company on a P133 with 32MB RAM. That is no big deal, however. sendmail and any Unix like system can handle that without problem. Until a few years back, all the emails for one of the most widely recognized global brands went through 3 gateway servers (think 250k employees, and a whole bunch of automatic notification emails) that were freebsd, sendmail, and either dual ppro 200mhz or dual P2-400mhz. softdep really helped them out :) Nice! Got any more _freebsd_ success stories for [EMAIL PROTECTED] No. But I will be shutting down a ten year old Linux server, where I am the only one which actually changed and burned the EPROMs of a rather rare kind with the software needed to make the mylex Raid6 controller working in a few days. The thing kept sitting in the basement without UPS and anybody ever doing anything, just running and running... Almost as good as novell 3.x and nowadays openbsd, some things just keep running... The guy at mylex was quite happy that finally somebody made use of the code they wrote for this at the time ancient piece of hardware and surprised. ;) -sm
DEC - Alpha giveaway 3000-300 X,LX
Hello, I have too many alphas in the cellar some need to go, it's 1x175MHz and 2x125MHz DEC3000-300 machines. The alphas are clean and working. I have several harddisks for them 1gb,2gb, 1x4gb, 1x9gb and one external storage-enclosure. Memory options are also available at least 64MB for each and likely 256MB for one of them then some manuals, tapes, keyboard+mouse. It's in Germany, Frankfurt Area, preferrably pickup, shipping only when it makes sense. It's not urgent, I need to clean the harddrives first anyway. All the batteries of the RTCs are dead, I didn't bother replacing them since I can just set the time with ntp after powercycling them, it's not difficult to change the RTC though and one can also drill open the case of the RTC and put a new battery in if one wishes to do so ;) Just hope to find a nice home for them, they are eating to much dust here. In case it's of interest for anyone, there is also a working SGI Indigo2 with monitor available, doesn't work with OpenBSD (yet) though. Bye, Siggi.
Re: What is our ultimate goal??
On Fri, Feb 22, 2008 at 07:43:05PM +, Jacob Meuser wrote: On Fri, Feb 22, 2008 at 03:01:40PM +0100, Marc Espie wrote: On Thu, Feb 21, 2008 at 04:18:42PM +0100, Miod Vallat wrote: SO now do you want FireEngine? Or rather SMPng networking? Or would you like ReallyHyperFastZoomStreamCyberWoosh? Now that you've brought it up, I would really like a ReallyHyperFastZoomStreamCyberWoosh TCP stack. Just make sure it doesn't require 1.2Jigawatts of power and have interesting side effects when it gets to 88mph. But ReallyHyperFastZoomStreamCyberWoosh is designed for processors with the HyperVirtualFuzzboxVoodooDoubleStream extension. Porting it to OpenBSD would seriously impact performance of OpenBSD on mundane processors. Nonsense, as long as you can plug in some plutonium, things should be fine. Are you tellin' me this sucker is nuclear? No, just that transactions across it are atomic Now, where is that chisel. I'd like to see some bubbles here. -sm
Re: What is our ultimate goal??
Hi, It gets stranger. How is a bare bones code ever going to be useful to a non developing user? Its useful to them only when its part of an overall system. And that overall system in a really usable state is only available via CDs which need to be purchased. aehm, hello ? I do buy the cd's, they look nice on my shelf. but most of the time when installing I use ftp. this statement of your's does not make any sense to me. -sm
Re: setting up a noiseless workstation
2008/2/1, Zbigniew Baniewski [EMAIL PROTECTED]: You can use old Pentium II 400 MHz - there are still many of them available, which doesn't need any cooler, its radiator will do. Such way the only And where do you get a PCI graphics card with DVI capable of doing 1920x1200? Everywhere ? ATI Cards can do that, Matrox can and so on. http://www.alternate.de/html/product/details.html?articleId=41922 2560x1600 might give you trouble but 1920x1200 is piece of cake. BUT: Not every DVI-Card works with every DVI/HDMI-Monitor, sometimes they just don't like each other. Has nothing to do with PCI though. -sm
Re: Real men don't attack straw men
Is it April 2008 already, or what is happening on this mailing list ? I am about two weeks behind reading but out of curiosity I read a few emails in this thread and well, almost can't believe it. I better stop reading this list for a while and come back after doing something usefull, like installing my alphas and checking wether this damned AlphaBug is really gone gone... ;) Those are my computers and they will eat what I feed them, wether it's free, unfree, payed, unpayed, typed in, downloaded, zigzagged or whatever. I'm free they are not harharhar. That simple. n8, sm.
Re: The Atheros story ... Rui trolling again.
Rui Miguel Silva Seabra [EMAIL PROTECTED] lol it's always bullshit when it's not convenient to you, right? and you are a troll. can you please troll around somewhere else, you are wasting precious magnetic domains. eris will not set you free, she will eat you alive. -sm
Re: That whole Linux stealing our code thing
On Sat, Sep 01, 2007 at 04:55:34PM -0600, Theo de Raadt wrote: The license is not an alternative. The alternative is between two licenses. The moment one chooses one them... it's that one henceforth. And... you are a judge? Theo, be as unreasonable as you want. The copyright notice tells the user he can choose between two licenses. If you choose the GNU GPL vs, you can't later on change to BSD or proprietary for that would be a copyright violation. *Copyright notice != license* no. the copyright notice tells you that you can use GPL2 for distribution, not that you can choose it. -sm
Re: That whole Linux stealing our code thing
Hi, On Sat, Sep 01, 2007 at 05:56:44PM -0500, Marco Peereboom wrote: On Sat, Sep 01, 2007 at 11:29:11PM +0100, Rui Miguel Silva Seabra wrote: Yes. The *rights you received* are the central point of the question. Which did the user receive? The BSD granted ones? Or the GPLv2 granted ones? Both! That's not what the copyright notice of the files * drivers/net/wireless/ath5k_base.c * drivers/net/wireless/ath5k_base.h * drivers/net/wireless/ath5k_reg.h said. It said it was licensed under the BSD ters. *Alternatively* on the GNU GPLv2. Its alternatively not at the same time NO. You are using the word out of context, put it back in there and it is simple: * Alternatively, this software may be distributed under the terms of the * GNU General Public License (GPL) version 2 as published by the Free * Software Foundation. To translate that: ALTERNATIVELY you may DISTRIBUTE the software using GPL or BSD. That's _ALL_ it does say. distribute is not the same as change, modify, delete, whatever. /Putting it down to the legal point of view it implies even a XOR eg. one or the other choice, it's kind of missing the may also part but we are not splitting words here and it's reasonable to interpret it as OR. This part is not that clear but also not that important since the result of applying either OR or XOR is practically the same. The wordly inpretation is actually if you choose GPL you may use BSD any more, which is implied in the GPL so, but it is not stated like that, so whatever, not relevant in the context, but this sentece could be a lot clearer with may also instead of may, could be also my english, I am not a native speaker .../ This allows you to distribute the Software complying with the license there or, if you wish you so complying to GPL2. The word may also makes it clear that the author prefers his license and not GPL2 but since he is easy on that he allows you to make you own choice there. The only thing which leaves room for interpretation there is the distribution part. But from the court point of view you will likely not get much leaway there and I would not place any bets on it. So if you wan't to be on the safe side, copy it, upload it, print it, distribute it any way you like but don't modify the license or the lawyers I work for/with will have you for a midnight snack from the fridge. (Not even for breaktfast, case is not big enough) NOW: When you modify the work, when you add you own code to it, the situation changes. You can basically do 3 sensible things: 1. Distribute a diff under any license any way you like. This is not always safe though, depends on what's exactly in the diff but reasonable. - You are not changing anything on the original, you are just giving other people instructions for changes they can do at their own discretion and responsibility. 2. Just add them and you name on top leaving the licencse and copyright the way they are. 3. Wrap the whole thing into a big block, with your licencse and copyright on top and the other's license and copyright inside. - They have to be inside, you can not remove them. - You have to adhere to their terms in doing so. With the original license you can do this. With GPL you might not even be allowed to do that. Yes, the Programm is still BSD Licensed. It's not GPL licensed. It only refers to the GPL for the distribution Which does include the GPL into the picture but does not mean that all terms of the GPL apply. The first license eg. BSD has precedence. Please stop rudely calling me a liar, ok? You have neither the right nor truth on your side to do that. Well, propragating false views is not exactly lying but it does not show cleverness either. But since we are in a discussion here it is okay, learning is part of it. From my point of view, I would not do anything else then specified with the original license with this software since the reference to the GPL does not give any advantages only more restrictions. It could be that some part of the GPL gives me some additional right in distribution which the other license might not give you. I will however not investigate this since it would involve a lengthy conversation with some real lawyer about the subject and I am quite happy with either BSD or public domain. If you give, don't expect things back just give and don't complain. It's hard these days, people are not showing respect for what they receive, but that's not a reason to go GPL that's a reason to stop giving. ;( -sm
Re: That whole Linux stealing our code thing
/Putting it down to the legal point of view it implies even a XOR eg. one or the other choice, it's kind of missing the may also part but Inexistant word in this case, so that reasoning doesn't apply. that, so whatever, not relevant in the context, but this sentece could be a lot clearer with may also instead of may, could be also my english, I am not a native speaker .../ No, it's quite clear, just not what you wished it was. Well, that's why I put the whole part int / .. / , to express that it is more something like a comment then a finished proof of something, guess these two little // haven't been clear enough, was only thinking there in words since this little part got me curious. In any case I am really wondering what you read into that part, since I did not express a wish there anywhere and as stated it does make little difference whether it's may or may also. It gives very similar results and will likely not make any difference in front of court. Whatever, you did not get the main point, the whole thing is about distri- bution and distribution only and still distribution. That's not the same as changing licenses and copyright notices. Being allowed to copy pages and hand them out according to some rules does not permit you to change the rules. Guess what ? I studied some of the stuff in University. It's 10 years ago and I didn't follow up since then but little has changed. I do know a thing or two about trademarks, patents and copyright. I don't know everything there is to know about it, but I did my homework. You sir are just wrong. You understand the meaning of the word alternatively quite correctly. But this word is not alone in free space, it's connected to other words to form a sentence and create meaning. You need to understand the sentence _and_ his relationship with the environment it's in. This you obviously don't and don't wish. I any case I refuse to continue discussing things with you on a kindergarden level. Stomping on the floor and saying it's XOR doesn't help. The XOR Hammer has already been taken by others, you're late. -sm
Re: Intel Core 2
Hi, On 6/27/07, Theo de Raadt [EMAIL PROTECTED] wrote: Various developers are busy implimenting workarounds for serious bugs in Intel's Core 2 cpu. These processors are buggy as hell, and some of these bugs don't just cause development/debugging problems, but will *ASSUREDLY* be exploitable from userland code. Full (current) errata from Intel: http://download.intel.com/design/processor/specupdt/31327914.pdf An easier summary document for some people to read: http://www.geek.com/images/geeknews/2006Jan/core_duo_errata__2006_01_21__full.gif I don't know much about the recent history of these chips. Are there any good summaries around? don't know but I am not surprised. Intel get's kicked their butt by the AMD64 cpu's like never before. The pull out the old PIII Design modified by some other company for Low Energy and put the stuff into Laptops. But since their P4 crap can't keep up to amd. They force the same old thing into the Core CPUs. And hey, it works. They are low power and fast. But ... it's a patchwork cpu ... no new development ... not enough time to carefull test things ... structural and design flaws which can not be cared for etc... So basically this all is two PIII cores with lot's of additional logic and modifications turning it into the ultimate Franken Dualcore PIII on steroids. Of course people shouldn't really know that, they might be scared of the monster. Considering all this the CPU runs very well. Don't own one though and all the machines I care for are AMD since the AthlonXP came up. I might still buy a Laptop with it, since I will be the only user on it, the only bugs I care are those which crash the machine more often then I crash it when dropping it *g* but even there some VIA stuff hit's the marked which is quite promising and well, there's always the Zaurus. And then there is MIPS. If AMD/Intel are not carefull they might wakeup one day with mips all around. They pop up like mushrooms in corners where you don't expect them. -sm * Now please Sharp, get us a new zaurus with a bit more RAM and a higher resolution display.
Re: a little small want
Hello, It would be nice if someone could dig up a single DIMM for me. A Samsung M381L6423ETM-CB0 (512MB PC1200 266MHz 64Mx72 ECC non-buffered). It's to expand a Cisco 2811 that's involved in moving openbsd traffic, in case anyone needs to know. Thanks. Anything within about a week or so should be fine, otherwise I'll find something else in my own ways. don't have one lying around but I do have my eye on some ebay auctions. All the modules I have are either registered/buffered or non ECC. From our Distributors I only get Kingston and after like 25% DOA in the last months it's not a good idea. Shipping the stuff from Germany by regular air-mail will take some days though, anybody closer to canada want's to do this ? Otherwise I will just try to get them. Can paypal the money over. -sm
Re: OpenBSD sucks
It really sucks. it is slow. Yeah, installing OpenBSD takes a long time and one feels quite drained afterwards. -sm
Re: solar power / openbsd handheld
Hi, We have a need for a low power OpenBSD device or handheld that can connect to a small SCADA device (serial or USB) to collect some temperature and voltage data, plus control one light switch, on a remote solar powered wifi repeater tower. Any suggestions on the lowest powered OpenBSD runnable box we can expect to find for such a job, one that we can connect to the repeater by ethernet, or even wireless? Sharp Zaurus with Display off and maybe Midrodrive replaced with a CF should be very low power. -sm
Re: OpenBSD/alpha Status
Hi, Hm, this could point to violated hardware specifications, memory cells that aren't used fast enough and thus not auto-refreshed in time. I presume the Alpha-bug is OpenBSD-only so it's definitely not a hardware problem? Could be that OpenBSD uses certain parts not often enough. Slow down the clocks to see if it's in that direction? And if so, start reading the datasheets... If someone in The Netherlands is really interested I can provide 433 and 500MHz Miata's, we also have an original DEC Alpha AXP development board available, I presume with a 166MHz 21064, boots via Ethernet with bootp. Ethernet, yes the original version, we have a DEC Ethernet-BNC adapter for it too. the main problem with the damned thing is that you can't reproduce it reliably. no matter what I do, the machines I have will crash likely within a week, but there is no guarantee even for that. I thought i found something, binding it to the cheaper cpus but according to other peoples experiences it just seems to spread over all alpha systems, just some have it and some don't. some less and some more. no common denominator to be found so far. I played with the machines for weeks and months and just couldn't find anything pointing in any real direction. nothing reliable. looks like everybody was banging it's head against that stuff for years and nothing worked so far... just turned them off after some time, had other things to do and was better for my electricity bill. ;) -sm
Re: OpenBSD/alpha Status
Hi, On Monday 16 April 2007 12:06, Maurice Janssen wrote: On Monday, April 16, 2007 at 11:30:29 -0700, Bryan Vyhmeister wrote: On Apr 16, 2007, at 10:39 AM, J.C. Roberts wrote: I've never seen the alpha bug on my DS20L (equivalent to the CS20) or my 500/500 but I have seen it on my PC* boxes. Other people have had the exact opposite experience. The only time I've hit the bug was during system builds and in contrast, others have reported hitting the bug at other times during normal operation. -- The trouble is, when you have a strange mystery bug floating out there, it may or may not be correctly blamed for any and all problems. Thank you for the followup. I guess I will just try and see what happens. I should dig out my PC164 whatever box and see if it exhibits the issue. FWIW: the bug seems to occur at my 3000/300X, but only during heavy load like 'make build'. I never finished such a build, but I only tried a few times. Maurice I just thought of something which might be worth a try on systems that show the bug during system builds; use nice(1) to lower the build priority. It's a long shot, and I haven't tried it, but it *might* be a useful work around. Then again, it might be a waste of time. oh mann, crap it. I have 2 3000-300LX and one 3000-300X. I had the LXs crashing on me, the X never crashed. swapped the CPU-Boards and I had the other machine crashing. okay, so the 300X modules crash, just mine doesn't or takes a _long_ time to do so. let's see what the upcoming patch does. do you also get funny LLSC memory error messages when you run the builtin tests ? I had the impression the stuff was related but couldn't find one with intimate enough knowledge of the hardware to dig it and the cpu-manuals one can download are rather useless in this context. apart from the fact that those errors should not show up in a single cpu-system. you have to run the test a few times to get them, they only show up sometimes. kind of explains why it's rare in DS20s, with multiple CPUs LLSC error make the machine useless on single CPUs they shouldn't be there but don't kill it since there is only one cache. however, right now they are all off. as soon as something to test comes up I will power them up again and test. -sm
Re: OpenBSD/alpha Status
Hi, On the other hand, there seems to be a 'the alpha bug' around. I don't think it's solved yet, and it's been around for a long time. Apparently, it causes random crashes. only on some machines. I was not aware of this bug. That is unfortunate. Hopefully this might be resolved at some point. I do hope so; but I might be wrong there. I've never owned an Alpha, an don't think it's very likely I'll acquire one in the nearish future, so I haven't followed too closely. Should be still there, didn't follow it to closely but didn't get any info about it being resolved. If somebody would've found it there'd likely been a post to the alpha list since this mystery is around for years. Have two machines down in the basement whicht have it and one which doesn't, travels with swapping the CPU-Boards as far as I could test it. But being honest I didn't turn them on in months and couldn't go into detail since to much other work had to be done. Just shooting in the blue it seemed to be something with MP and LLC, maybe putting CPUs with not working SMP Elements into SP machines and sometimes it wrecks the cache. Found only one guy though which had some knowledge about the Hardware there and he gave up on it after he got a faster CPU module which didn't show the LLC errors anymore. since SMP is slowly moving ahead, maybe something shows up... ;) -sm
Re: bcw(4) is gone
Hi, Now everyone has won, the Linux people, Broadcom and the OpenBSD users. Thank you, Linux BCW developers! actually, although the above is clearly meant in the sense if irony. I take it literally and agree with it. didn't cry a single tear about the adaptec shit either. my laptop has some silly 3com softmodem, which is not supported and I don't care that much. yes it would be more convenient to have it working but I still have enough serial (not even pcmcia) modems to carry around in case I need a modem which work better anyway. in the whole thread on gmane there is the sentence I am going to take my toys and go home is an immature, childish response to an adult problem. in this case I don't think so. why the fuck should I buy some trash from nvidia, adaptec, broadcom and spend have people spending lifeblood on doing the work of those when I can get stuff from amd,lsi,ralink ? public market is not a democratic republic. the only vote there is the vote of the feet. so people, don't buy and don't use trash dispose it properly and there will be less trash on the market. ( the sentece wasn't meant or used in this way in ther original thread, but the above is what came to my mind when I read it. in the original meaning it was referring to the deletion of the driver from the tree. I don't see this childish though. If we play we play for fun and not for profit. when the fun is gone there is no reason to keep playing unless one draws pleasure from the pain or fun is not the reason to play. ) apart from that Michael Buesch obviously doesn't have the balls to admit when he's wrong. like theo said, one pm would've been enough. I can understand that and why he didn't do that and sent out the mail to many, obviously he believed there was theft there and looking at the situation he had some reason to believe that. but at least later on he could've admitted that it was the wrong thing to do, that what he saw was not somebody intentionally stealing something from them but somebody putting things where they don't belong without realising and considering the consequeces of his actions. however, let it rest in peace, I hope we all learned something from it. CVS is _public_ for good and for bad, use with care the michaels are watching you. ;) -sm
Re: Very slow raid performance with ami(4)
Hello, On 2007/03/30 13:18, Roy Kim wrote: I didn't realize there's two different batteries. What does the 'intelligent' version of the battery do extra? LSIiBBU01 (intelligent) has some kind of comms relating to charge state etc, I think it may also have a longer runtime. LSIBBU03 (non-intelligent) doesn't, and was something like a third of the price where I bought mine (scan.co.uk). AFAIK the intelligent BBU has memory onboard so you can swap the controller below in case of failure and turn the machine back on and write the cache back to the disks, that's also why they sell it for this much money. But nobody I know ever bought one or tried that. The dumb ones have been sufficient so far. -sm
OT Re: Long WEP key - germany/legalities
Hi Henning, * Siegbert Marschall [EMAIL PROTECTED] [2007-03-29 22:13]: If somebody does something bad with my unencrypted access-point using my internet-access, here in germany I am liable. no, you're not. it's not that easy. (and I just leave mine wide open) well, I didn't say what you are liable for. You are not directly liable for the actions which have been commited but in the last lawsuit I heard of the guy was found guilty for providing the means to commit the actions and got his share for that. I personally find this ridiculous and I wonder if this kind of argumentation stands in front of a higher court, but it will cost quite some money on lawyers to find out. With any form of protection enabled you are on the safe side afaik. However, since this is getting quite offtopic for OpenBSD now we should continue this in pm or next time we meet, if desired. -sm
Re: Long WEP key
Well, I'd be more scared of the hacker that can bypass wep, than the average joe without wep. The hacker knows how to exploit your wep-decrypted network traffic, the average joe doesn't even if it were plain-text data. it's not always about sniffing something, sometimes it's about access only. If somebody does something bad with my unencrypted access-point using my internet-access, here in germany I am liable. If I configure feeble WEP64/40 I am not since there is at least some protection to be illegaly bypassed before the network can be used. Same with your car, leave the door open and the key in the lock for everybody even minor to drive and the accident will be your problem since the car hasn't been stolen. Lock the car and not matter if you can short and open the thing with your fingers only it's a different story since the car is stolen. So even though WEP is trash, from certain points of view it's a usefull as a cheap padlock on the garden hood so the next neighbours children don't kill themself with the axe or whatever is in there. If they break the window and get in there, it's their problem. Not that this is a lot more difficult then cracking WEP. /pun Cracking windows just makes more noise. Of course this is all a bit simplified but maybe some of the people here declaring that WEP is trash and shouldn't be used wake up and see that even trashy protection has it's use as long as it offers some protection. -sm
Re: Long WEP key
Hi, I'd like to hear an actual developer position on that statement. I read it as a criticism of the way WPA is used more than of the protocol itself. As in, it's of little value to encrypt the traffic if you allow anybody to access it. If Theo was saying that it sucks even when you're using some sufficient form of authentication (other than that it's maybe too complicated), I'd love to have it explained. not in the mood to search for it, but I've seen people demonstrating that WPA is as useless as WEP, just different approach and different software. WPA2 is a bit better but there are still a few underlying design flaws which make the whole stuff on it's own rather insecure. can't recall though that anybody had WPA2 exploited at the time but that's more then a year in the past so I wouldn't trust it. however, google should find the stuff somewhere, it was demonstrated on a few events, docs should be on the net, no need to bother theo with this. -sm
Re: Important OpenBSD errata
Ray Percival ... attention had patched and been happy for nearly a week. The logic behind the misc posting is so very obvious that to bitch about it is just finding something to complain about. I, of course, don't know the exact numbers but it seems pretty clear that misc has a much larger subscriber base than security-announce. Given that it just makes sense to post this to the list where the most people are going to see it. misc goes into a separate folder security-announce straight to my inbox. misc I read only when I have the time to do so. what you see logical is not granted logical for others. -sm
OT: Cheap Domains/Service was OT: Domain Name Freedom
Hi, can you people sit down and realize that you are turning mice into elephants here ? If you buy a domain from a cheap provider for a $ a month, you can't expect them to have a legal team on call for you 24/7. They have just some person in the noc, skilled enough and trained enough to maintain their stuff and that's it if you are lucky. They get a complaint, they check, the stuff looks illegal, they pull the plug and notify you. Nobody payed them enough money to try and track you down first, contact a lawyer and get legal advice etc. If he looks at his contract he will find out that it was completely legal and to be expected. That you don't have a decent hotline number and it takes 1 hour to get things back online, well, you get what you pay for. If there have been full account names and passwords posted there, they did the right thing btw., from my point of view. There are other ways to do full-disclosure. All this has nothing to do with freedom except his freedom of choice of provider which he still has... -sm
Re: msk(4) with SK-9S91: Can not set 1000baseSX Single Mode Fiber Media Type
Hi, On 1/30/07, Siegbert Marschall [EMAIL PROTECTED] wrote: Or, are you saying that the Marvell PHY 88112 does not really care about if T, SX or LX is set, because for the optical GBIC electrically all is the same? yupp, from the signal point of view in the moment you have optics it's all the same, just a question of power and wavelength. but as others found out, the phy/driver doesn't seem to know that there are any optics attached and thinks he's got a copper link which is not the same. -sm
Re: msk(4) with SK-9S91: Can not set 1000baseSX Single Mode Fiber Media Type
Hi, # ifconfig -m msk0 msk0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:00:5a:72:fc:58 media: Ethernet autoselect (100baseTX half-duplex) status: no carrier supported media: media none media 10baseT media 10baseT mediaopt full-duplex media 100baseTX media 100baseTX mediaopt full-duplex media 1000baseT media 1000baseT mediaopt full-duplex media autoselect inet6 fe80::200:5aff:fe72:fc58%msk0 prefixlen 64 scopeid 0x5 inet 10.10.0.218 netmask 0xff00 broadcast 10.10.0.255 # Maybe I am mistaken by assuming that 1000baseSX should be accepted by msk() for these NICs? try media 1000baseT mediaopt full-duplex , 1G fiberlinks should be always fullduplex, rest ist not relevant since it's purely a hardware- question. wonder how the thing got it's head on 100BaseTX... apart from that it's a good idea to test them with something else, to make sure the fibers are crossed and signal-levels are okay. with single-mode fiber and short cables sometimes you need to insert a dampening-block since the signal can be too strong for the receiver, don't think it's the case here though. -sm
Re: Version 4.0 release
I'm not saying OpenBSD is a bad operating system. Far from it. However I would only use it for routers, firewalls, bridges, etc... Anything that has to do with networking because after all, OpenBSD's networking is great. Outside these areas OpenBSD is just too slow and doesn't support enough hardware. complete nonsense, it may be slower in some areas than other os but quite often for a reason. if you rev your engine to the limit and beyond it will die quicker and more often, I prefer something which is _stable_ and no other mainstream os I worked with is better in this respect then obsd. the filesystem for example is not the fastest but, it has a very predictable overall performance and not unlike reiserfs which rockets away in benchmark and crawls to a halt in another or ext2 just dying to often. some software doesn't run as fast as on linux with default parameters but therefore the system doesn't crawl to a halt for you if someone else is running a resource intensive program but makes sure that everyone gets his piece of the cake. obsd is fast, it's not the fastest but gives you the best tradeoff between speed and performance you can get. if you wan't a racecar, go get one, openbsd isn't one but will get you through the desert, the jungle and over the sea. it won't trash, won't break and will not leak and sink. apart from that sometimes one can adjust some knobs and it will race away. -sm
Re: OpenBSD 4.0 pre-orders are up
Hi, On 9/20/06, Theo de Raadt [EMAIL PROTECTED] wrote: We have activated OpenBSD 4.0 pre-orders. The official release date is November 1. For more information on the release, please see http://www.openbsd.org/40.html And don't forget to order the cute Pluffy: http://undeadly.org/cgi?action=articlesid=20060921164308 https://https.openbsd.org/images/pluffy.jpg ;) damned. wanted to make a donation and ended up buying pluffies and shirts for me, my wife and the office. it's all your fault. ;) -sm
OT Media-Converters, was Re: BGP router now running desp. low on mem.
Hi, ## Physical connection: # ## We are terminating with this carrier in a FE port but due to the distance between them and us at the datacenter location, a FDDI connection was placed in between like: [our router][100baseTX][IMC**]//..fiber..//[IMC**][100baseTX][switch integrated in a Cisco 7200 iron][Cisco iron itself/router] * Attenuation on the FDDI part was 1.2db respectively 1.3db which is not brilliant, but okay. More importantly it's within the specifications of the IMC's. ** (IMC = MOXA Industrial Media Converter 101 a.k.a. IMC-101 for both Single- and Multi mode / SC connectors. We even replaced these with MOXA EDS-208-M-SC (larger model) as well). I think here you have the Problems. I can't see any FDDI stuff in this drawing so I will assume for the moment that is just a FDDI type fiber you are connected to and everything else is Ethernet. The IMC-101 is just a plain media-converter without any Layer-2 capabilities according to http://www.moxa.com/product/IMC-101.htm but they are not completely dumb devices, so one has to be careful with them. In the connection above there is something very important to know: Autonegotiation activated in any part of the setup is a bit like playing russian roulette. Either the whole chain supports it perfectly or you are fd. Make sure that you have Autonegotiation off _everywhere_ and everything is set and bolted to Fullduplex otherwise you might get the strangest and hard to trace errors. I helped someone troubleshoot a similar setup at his decix connection a few years ago and they've been swapping media-converters back and forth till we just used a switch as media converter catching the FDX/HDX issue in the middle so the end's where happy and some people where wondering for a few weeks to who the new mac address (of the switch) belonged which suddenly appeared in the decix mesh till the link got switched over to fiber end to end. I am not of the opinion of the other poster, media-converters are not bad. But the are devices which need to be treated with respect, not everything can be transparently converted to other media. there normally aren't any flp-pulses on fiber since it is FDX by nature, so FDX/HDX negotiation is troublesome. some converters emulate it or catch the autoneg but wether the equipment you connect to the converter is capable of actually talking to it is also not for sure. -sm
Re: Faster SBC
I thought these look interesting, has anyone tried them already? http://www.win-ent.com/MB-06047.htm no and since it is nvidia based i think not many of us are interested. -sm
Re: disk bad block
Hi, On Wed, May 03, 2006 at 04:17:57PM +0100, Stuart Henderson wrote: On 2006/05/03 10:24, Paulo Manoel Mafra wrote: I would like to create a large partition on a disk, but this disk has a known bad block. How could I create the partition without the bad block ? Use a different drive? It's normal for drives to have bad blocks, they used to be printed on a label attached to the drive, modern drives have spare capacity which is automatically allocated over bad or failing blocks. If this isn't happening any more, the drive is not worth trusting. nope. normal IDE/SATA drives have an Non Recoverable Read Error Rate of 1 per 10^14 bits. which could be translated into 1 bad sector for each 12.5 Terrabytes read. Good SCSI-Disks and some SATA drives have 10^15 or 10^16. Which resolves into 1 per 125 or 1250 Terrabytes. This is more or less confirmed by the drive error-failure rates I observed on a bunch of servers. We are having around 1 disk failing with one bad sector or a small cluster of bad sectors per month. we just reinit the raid and that's it. Of course if a drive does that more then once in a while get's swapped. So from out point of view they still are to be trusted, if you don't trust them because of that you have to switch to SCSI or maybe Raptors but no other IDE/SATA drive. The times were you had error free drives are over for the moment. Unless manufacturers decide in favor of less storage density and therefore lower bad sector rate as they do with SCSI drives. Which is unlikely since the normal end-user will never notice this problem. We tried replacing some IDE drives with new drives from maxtor which claim to have 10^15, but since their bugridden firmware gives us CRC errors in SATA mode even during OS install we dropped them and will stay with Samsung, which have better support and replacement _and_ a Jumper to get them down into 1.5G mode. i've got a drive that sometimes fails to replace bad blocks even if there seems to be spare blocks available unless i overwrite them. I've that's the way it should be. in case there is something really important in this sector I do not wan't it to be erased before I can send the drive to someone who can recover the data which the drive can't recover itself. bye, siggi.
Re: OpenVPN on OpenBSD with hw crypto acceleration
Hi, I have an OpenVPN server interconnecting 5 networks with data center using permanent PtP links - each network has about 30 PCs. Also there is about 30 road-warrior OpenVPN clients. Average traffic on each PtP link is 1-2Mbit/s. The server and end-points of permanent PtP links are currently running on Linux. I've read about OpenBSD's ability to use hardware crypto acceleration card to transparently accelerate OpenSSL calls. Is it possible to use this ability to hw accelerate OpenVPN's SSL calls ? Any suggestions for a hw crypto card for this usage ? I want to replace Linux with OpenBSD on the server and permanent end-points and hw acceleration could be internesting improvement. what for ? unless you have something small like a soekris there is no need for it, even an old PIII should handle this amount of traffic easily. -sm
Re: OpenBSD and the money
Hi, ... It would be lot easier for a business to write a check to OpenBSD then to Theo de Raadt. look, it's really not about making it easier for some big few letter companies. If they would have been interested to donate they would've done it. Making it easier might give some more money from smaller companies at a price though and this is not the point here. We as regular users do our share, I bought my CD as with every release since 2.x , will continue to do so and donate something the next weeks. But even though it helps it's just a drop on the hot stone, we all are keeping it wet by combined effort but we still need the river to drown it. So the question here is not optimizing the current process of donation or merchandise but: --- How do we get some big company to finally donate the 100.000 which are long overdue ? --- Being friendly doesn't help anymore, one has to find a way to apply pressure. Just the amount of pressure, not to much, not to little, so that someone says: Okay let's pay so we get some positive feedback instead of this bad publicity, no use starting a lawsuit against that one. Obviously being on Slashdot and heise is not enough. More is needed. That is the only chance, so far nobody found an answer to this, changing the donation system and inventing merchandise is not the answer. I don't have the answer either, but maybe this mail stopped a few people digging in the wrong corner or helped someone dig up the right idea. bye, siggi. PS. Please do not see these as a reason to stop donating or buying CDs, we do not wan't the stone being baked by the sun. Everything counts.
Re: Pre-orders for our releases.
Hi, On 3/8/06, Theo de Raadt [EMAIL PROTECTED] wrote: But financially we are under strain, and it is not letting us grow any of our bigger plans. It sounds like you really have big plans. Maybe it is a good idea to tell about them, maybe that will make the big companies interested in sponsoring some of that work. I think they are more interested in pulling money out of pockets then putting it in there, that's what the game is about. So if, one would need to show them that by putting some money into OpenBSD pockets it will help them a) keep more of their money b) get more of other peoples money. The oldschool bussiness model, based on cooperation ist not very popular these days, claims of not being evil is the best you can find, the rest is war. We are livin' in interesting times. Bye, Siggi.
OT Re: OpenBSD USB question
Hi, Please continue posting your help and suggestions. (If there is any other way I can do this authentication, I would be too glad to hear about it) don't know how often this device is going to be used every day, but you should pay attention to the lifetime of the card-reader slot. When doing consulting for a company which had chipcard authentication in place, I noticed that they had failure rates even with the high-end readers, with lift contacts instead of sliders. But there they had hundreds of people going through the gates every day, so in your case this might not be a big issue. In any case have them keep the cards in some sort of case, so you get less dirt into the reader. Bye, Siggi.
Re: OpenBSD hardware router
Hi, On 2006/02/03 20:34, Josh Tolley wrote: All that being said, we 1) didn't have an encryption accelerator in the box that would tend to make things worse anyway - you'll just increase the rate of interrupts and that seems to be the main problem. for a something fast like aes it might be true, for 3des this statement ist wrong. never did stuff with the 45xx but I can remember that for pushing 1mbit/s 3des I needed 133MHz on old 486er CPU and a P1-166MMX could barely handle 2mbit/s. so with the accelerater you can handle T1/E1 easily, without it you are lost. some benchmarks from years ago... bye, siggi.
Re: Bug Hunting 101 - Finding The Alpha Bug
Hi, As far as I can tell, the bug smells like a race condition of some sort and if my wild guess is correct, it will be difficult to reproduce consistently. With some (but not all) race conditions, you can increase the chance of triggering them by increasing loads. Since I want the race condition to occur, what is the best way stress to the systems while also doing make build? well, I have three alphas in the basement where I am trying to figure this one out, nothing provable yet but everything is pointing into some hardware problem with the low-end alpha cpus and second-level cache. llsc errors, stuck cachelines and stuff but I didn't dive deep enough into the code and processor documentations to figure out what's going on there and will not be in the next weeks/months since I have a few more pressing issues to take care of first before having the spare time for this ;) only thing I can tell is that with netbsd the machines stay up for weeks/months and with obsd they crash latest after a few days. no flame, doesn't show that netbsd is better, probably just missing the tripwire or doesn't care wether it blows. good luck, siggi.
Re: solutions that interoperate with win xp
Hi, Hello I'm trying to do the same thing as you are. LAN - OpenBSD - internet - NAT - windows_xp_client maybe you should get the NAT out of the way first and get it working without, getting IPSEC to work over nat ist not trivial and depending on the natter sometimes impossible. bye, siggi.
Offtopic. Re: OpenBSD website Design.
Mexico's greatest exports to the US are poverty and disease. I believe you wanted to say: The US greatest exports to Mexico are poverty and disease. Ansonsten: Wenn man keine Ahnung hat, einfach mal Fresse halten.
Re: BSD PPPoA Hardware
Hi, You beat me to the post. Unfortunately for me it doesn't support ADSL over ISDN. I'm one of those poor souls that uses iDSL to connect to the Big-I, to far away from the CO, then I could ditch my ancient iDSL router. you could give this one a try. http://accoom.kd85.com/ iDSL is very similar to SDSL at 144kbit/s, physical layer is identical, the differences are at the protocol layer. there is no guarantee there, but one could experiment... bye, Siggi.
Re: Network performance
Hi, More Mhz. Not crappy nics, get xl,fxp,dc etc. Or maybe gigabit nics like em(4). I think he has xl and sk in the machine, sk is probably the most decent thing one can get at the moment. xl I had quite mixed results in the past, so changing that one into another sk might be all the change needed. the high irq load points into that direction, sk is a lot better there. Dont have a crappy mobo chipset and anything over 800 mhz would be able to do plenty filterings. I guess a P2 450 could work also.. yes, but a P2-233 should have enough HP for standard stuff, routing of 100mbit + some not so complex filtering with normal packet sizes should be possible. one can still stick a celeron 500 into the box, they are very cheap on ebay, in case changing the xl to sk is not enough. bye, siggi.
