Re: NFS zfs serveur (hardware question)
On Sat, Jun 25, 2011 at 5:07 AM, Peter Toth free...@snap.net.nz wrote: There is still a way to increase NFS performance in 9.0 (without a ZIL SSD) by setting zfs property sync=disabled, which will disable synchronous writes - comes with some risks, research it before switching it off. Also, this will only disable sync for the ZFS filesystem not for the whole pool. Thanks, I'll look into that. I do appreciate that ZFS tries to be more careful about sync writes than most filesystems. But I also have users who expect tar xvf to complete in a reasonable amount of time, and having the ZIL enabled reduces file creation performance by a factor of ten. ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Performance of a USB ZIL for ZFS
In the last episode (Jun 26), Joshua Isom said: On 6/25/2011 9:32 PM, Damien Fleuriot wrote: On 25 Jun 2011, at 19:17, Joshua Isomjri...@gmail.com wrote: I was wondering if anyone had tried using a decent USB flash drive for the ZIL. I know it'd be hard finding one fast enough, but some from patriot seem like they might be suitable for home use. Part of the idea is to just minimize hard drive thrashing and the wear and tear associated with it. If it helps prevent the drives from going bad, and doesn't hurt performance too bad all the better. But if it's going to hurt performance too much or not help prevent thrashing there isn't a point. I stopped reading at the title. The answer is no. Grab a SSD for $80-120ish. Perhaps it would have helped to read the email. Part of the concern is making sure the drives don't fail and not just throughput. Given that Kingston sells an SATA SSD for $40 that only gets writes at 30mb/s write, and some USB drives might get up to 20mb/s. If I get two drives and put them on different controllers, mirrored, I might get acceptable performance. I may still loose performance, but if my drives last a year longer, I can probably accept it. I'm ok with loosing some performance, but I just don't want it dragging down the system. And if it won't help the drives last longer there's no point. A seaparate ZIL isn't meant to extend the lifetime of the hard drives; it's meant to accelerate the speed of sync writes. Those are pretty infrequent themselves, unless you're an NFS server. You'll see a couple syncs per commit on a database server, but compared to the amount of regular reads and writes on your average system, you'll save under 1% of the writes by adding a fast ZIL. And remember, the ZIL is just a write log. Everything that gets written to it will get flushed to disk when zfs writes the next transaction group. -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Performance of a USB ZIL for ZFS
On 25 Jun 2011, at 19:17, Joshua Isomjri...@gmail.com wrote: I was wondering if anyone had tried using a decent USB flash drive for the ZIL. I know it'd be hard finding one fast enough, but some from patriot seem like they might be suitable for home use. Part of the idea is to just minimize hard drive thrashing and the wear and tear associated with it. If it helps prevent the drives from going bad, and doesn't hurt performance too bad all the better. But if it's going to hurt performance too much or not help prevent thrashing there isn't a point. You question is a good one, but I think the reason for your question may be off. If you want the ZIL in a separate location it is to cut down on latency rather than thrashing. See: http://www.solarisinternals.com/wiki/index.php/ZFS_Evil_Tuning_Guide#Disabling_the_ZIL_.28Don.27t.29 If your concern really really is thrashing please consider the cost of flash memory vs a hard drive. Replacing a bad hard drive is cheaper. After a cursory glance at newegg, you can see the price per MB for: HDD $0.09 USB flash $0.64 SSD $1.875 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
negative sbsize
After the last firefox update and flash, I've been getting thousands and thousands of kernel: negative sbsize for uid = 1001 in my logs, and google appears to show a bug from 2001, http://www.freebsd.org/cgi/query-pr.cgi?pr=27275 with no solution. Flash sites now crawl, hang firefox, midori and opera . I even updated sources and rebuilt world and kernel, and still getting the error/issues. firefox-5.0,1 linux-f10-flashplugin-10.3r181.26 nspluginwrapper-1.4.2 midori-0.3.6 opera-11.11 opera-linuxplugins-11.11 FreeBSD jimmiejaz.org 8.2-STABLE FreeBSD 8.2-STABLE #0: Sun Jun 26 08:42:45 EDT 2011 jim...@jimmiejaz.org:/usr/obj/usr/src/sys/FORTYTWO i386 Anyone have an idea what's going on or seeing this as well, and how to fix it? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
I have a error in freebsd 8.2, an internal system error has ocurred
Hi guys!, i am new on freebsd, but i had installed freebsd 8.2 with graphical interface (gnome), i was very happy, but suddendly i saw a message, exactly the message said: we were not expecting has ocurred ..., look the photo, i don't understand exactly, 30 min the message appears, is dangerous the message? http://subefotos.com/ver/?46893c74c902254a3d7789bb38a6b457o.png ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
cvs vs. DVD
hey, be warned, you are dealing with a 'newbie' i have one machine that has internet access and another that does not both machines were installed with FreeBSD_RELEASE_8_1 with a DVD i am now using cvsup to upgrade the RELENG_8_1_RELEASE tree my second machine does not have working ethernet how do i transfer the updated ports tree to the other machine using only storage media (DVD, USB) my guess (hack) is to find all relavent files/data trees and simply copy over, then run necessary updates (portsdb, make world...) if that is correct then can you tell where those files are ? if not then how should i do this ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dual Boot 8.2 and Windows 7
On Fri, 24 Jun 2011 16:47:26 -0700 per...@pluto.rain.com wrote: d...@safeport.com wrote: If FreeBSD can be installed in an extended partition, that would be a very useful howto. _Installing_ it in an extended partition is easy enough. geom(8) understands extended partitions (although sysinstall does not, so you need to install using Fixit# as for other non-sysinstall cases such as ZFS). The problem is _booting_ it. The code in i386/boot2 and lib/libstand is written to find the / (or /boot) FS on a BSD partition of an fdisk primary partition (aka slice), or in a GPT partition, and would need additions to handle fdisk extended partitions. Some years ago I ran into a similar problem. I ran out of primary partitions (using MBR-speak) and had to move FreeBSD into an extended partition. Here the simple patch I wrote for the FreeBSD boot loader: http://parvati.thanelange.no/freebsd/boot_loader/boot_loader.diff http://parvati.thanelange.no/freebsd/boot_loader/ To update your source use: patch -d /usr/src/sys/boot/i386/libi386/ boot_loader.diff The FreeBSD loader has since a very long time ago attempted to work with MBR extended partitions but a simple logical error has prevented it from succeeding: How it normally works. - | 1 | - | 2 | -- - | | | | - - | 5 | - | | -- - | | | | - - | 6 | - | | - How /boot/loader (incorrectly) works. - | 1 | - | 2 | -- - | | | | - - | 5 | - | 6 | -- - | | | | - - | 7 | - | 8 | - It has been a long time since I installed my system but I seem to remember that all that is required is to copy the /boot/loader binary from a patched system onto the newly installed one. (I have included a copy of my /boot/loader at the URL above.) The next challenge is to find a boot manager that will pick up FreeBSD in an extended partition. For myself I use a self patched GRUB. (GRUB also nearly worked out of the box, but had a different problem.) You're welcome to have those patches as well if you need them. Lastly I have the following in my kernel configuration file: include GENERIC ... nooptions GEOM_PART_BSD nooptions GEOM_PART_MBR options GEOM_BSD options GEOM_MBR That is because I am not fond of the new mangled device names, but prefer the old ones. Hope any of this helps. Best regards, Gyrd ^_^ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: cvs vs. DVD
El día Sunday, June 26, 2011 a las 07:02:57PM +0100, wayne mitchell escribió: hey, be warned, you are dealing with a 'newbie' i have one machine that has internet access and another that does not both machines were installed with FreeBSD_RELEASE_8_1 with a DVD i am now using cvsup to upgrade the RELENG_8_1_RELEASE tree my second machine does not have working ethernet how do i transfer the updated ports tree to the other machine using only storage media (DVD, USB) my guess (hack) is to find all relavent files/data trees and simply copy over, then run necessary updates (portsdb, make world...) if that is correct then can you tell where those files are ? if not then how should i do this ? Hey, this is easy (because it is FreeBSD). # cd /var/db/pkg # ls /tmp/pkgs # cd (you need some Gbyte of space there) # mkdir PKGDIR # cd PKGDIR # sh # while read pkgname; do pkg_create -Rnb $pkgname; done /tmp/pkgs this will create a binary packages ready for installation of all your ports and other packages you have installed; move the result over with DVD/USB and install them with pkg_add(1M); HIH matthias -- Matthias Apitz t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e g...@unixarea.de - w http://www.unixarea.de/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Traffic ignore security policies for SA in IPSec site-to-site connection
First af all, I apologize if I chose the wrong mailing list. I need to establish IPSec site-to-site connection between two offices as it shown below: LAN1 (192.168.1.0/24) | FreeBSD 8.2 (192.168.1.2) + ipfw NAT over PPTP(X.X.X.X) | | internet | | FreeBSD 8.2 (192.168.1.2) + ipfw NAT over PPPoE(X.X.X.X) | LAN2 (192.168.10.0/24) The connection between two gatways has been successfully established. All traffic between two VPN-gateways with global addresses X.X.X.X and Y.Y.Y.Y has been sucessfully encapsulated and encrypted. I see this traffic as packets with ESP headers in my sniffer. Then I added static routes to each LAN. But when I ping any private address in LAN2 from my computer (192.168.1.102) I see the next output in tcpdump on LAN1 gateway: 19:33:42.506971 IP X.X.X.X Y.Y.Y.Y : IP 192.168.1.102 192.168.10.1: ICMP echo request, id 13941, seq 4, length 64 (ipip-proto-4) Traffic hasn't been encrypted and processed by ipsec! It has rather been placed only in gif-interface and of course remote site is not responding. So IP-packets ignore security policies for SA: 192.168.10.0/24[any] 192.168.1.0/24[any] any in ipsec esp/tunnel/Y.Y.Y.Y-X.X.X.X/use spid=6 seq=1 pid=23533 refcnt=1 192.168.1.0/24[any] 192.168.10.0/24[any] any out ipsec esp/tunnel/X.X.X.X-Y.Y.Y.Y/use spid=5 seq=0 pid=23533 refcnt=1 As I understand, the traffic from client machines in any direction should look like this: 21:34:16.486698 IP Y.Y.Y.Y X.X.X.X: ESP(spi=0x043488c2,seq=0x66), length 116 Please help me to solve this strange problem. I have created a test environment (5 virtual machines) and everything was ok! The only difference was that the tests were run in a several private local networks, without ISP and pptp/pppoe-interfaces. Also, on the advice of other people I need to try it without gif-interface, but all my tests was made according by handbook article. P.S. I have attached my configs and output of any commands, because my message is too big. [19:00]root@beta:/home/NutipA# cat /usr/local/etc/racoon/setkey.conf flush; spdflush; # To the second office network spdadd 192.168.1.0/24 192.168.10.0/24 any -P out ipsec esp/tunnel/X.X.X.X-Y.Y.Y.Y/require; spdadd 192.168.10.0/24 192.168.1.0/24 any -P in ipsec esp/tunnel/Y.Y.Y.Y-X.X.X.X/require; --- [19:02]root@beta:/home/NutipA# cat /usr/local/etc/racoon/racoon.conf pathpre_shared_key /usr/local/etc/racoon/psk.txt; #location of pre-shared key file log debug; #log verbosity setting: set to 'notify' when testing and debugging is complete padding # options are not to be changed { maximum_length 20; randomize off; strict_checkoff; exclusive_tail off; } timer # timing options. change as needed { counter 5; interval20 sec; persend 1; # natt_keepalive 15 sec; phase1 30 sec; phase2 15 sec; } listen # address [port] that racoon will listening on { isakmp X.X.X.X [500]; isakmp_natt X.X.X.X [4500]; } remote Y.Y.Y.Y [500] { exchange_mode main,aggressive; doi ipsec_doi; situation identity_only; my_identifier address X.X.X.X; peers_identifieraddress Y.Y.Y.Y; lifetimetime 8 hour; passive off; proposal_check obey; # nat_traversal off; generate_policy off; proposal { encryption_algorithm3des; hash_algorithm md5; authentication_method pre_shared_key; lifetime time 30 sec; dh_group1; } } sainfo (address 192.168.1.0/24 any address 192.168.10.0/24 any)# address $network/$netmask $type address $network/$netmas { # $network must be the two internal networks you are joining. pfs_group 1; lifetimetime36000 sec; encryption_algorithm3des,des; authentication_algorithmhmac_md5,hmac_sha1; compression_algorithm deflate; } --- [18:53]root@beta:/home/NutipA# ifconfig em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=2098VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC ether 00:17:31:55:a6:07 inet 192.168.1.2 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (1000baseT full-duplex) status: active output ommitted tun0: flags=8151UP,POINTOPOINT,RUNNING,PROMISC,MULTICAST metric 0 mtu 1400 options=8LINKSTATE inet
Re: [UPDATE] host-setup(1): a dialog(1)-based utility for configuring FreeBSD
On Apr 23, 2011, at 4:42 AM, Thomas Dickey wrote: On Sat, Apr 23, 2011 at 08:54:51AM +0100, Bruce Cran wrote: On Fri, 22 Apr 2011 09:52:44 -0700 Devin Teske dte...@vicor.com wrote: Looks like `--hline' is not supported anymore. Thinking this should either be patched or documented in ERRATA/UPGRADING. I think you mean UPDATING :) perhaps. But reporting bugs is nicer than long discussion threads. I've released a new version of my host-setup utility. Available here: http://druidbsd.sourceforge.net/download/host-setup.txt or here: http://druidbsd.sourceforge.net/ Now at version 3.2, here's the delta: - Added support for FreeBSD-9.x's new dialog(1) (which lacks `--hline' support). - Added support for /usr/ports/x11/Xdialog You can now execute this on the console or in X windows. Default is console, to execute in X windows, execute: host-setup -X -- Cheers, Devin Teske - LEGAL DISCLAIMER - This message contains confidential and proprietary information of the sender, and is intended only for the person(s) to whom it is addressed. Any use, distribution, copying or disclosure by any other person is strictly prohibited. If you have received this message in error, please notify the e-mail sender immediately, and delete the original message without making a copy. - FUN STUFF - -BEGIN GEEK CODE BLOCK- Version 3.12 GAT/CS/B/CC/E/IT/MC/M/MU/P/S/TW d+(++) s: a- C+++@$ UB$ P@$ L$ E- W+++ N? o? K? w@ O M++$ V- PS+++ PE@ Y+ PGP- t(+) 5? X(+) R(-) tv+ b+++ DI+ D+(++) G++ e h r+++ z+++ --END GEEK CODE BLOCK-- http://www.geekcode.com/ - END TRANSMISSION - _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Using a special proxy for ports
I have a requirement where I need to archive ports used across twenty hosts for a year or more. I've decided to do this using Squid and to take advantage of Squid's cache when updating common ports across those hosts. (BTW, at another site I used rsync to sync /usr/ports/distfiles across the hosts to a local master site then specified _MASTER_SITES_DEFAULT in make.conf to a FTP server on the local site. That method works when the port is previously cached however if the file isn't in the cache and I simultaneously install the port across ten hosts, the port is fetched ten times. Sigh.) I have a Squid proxy installed that isn't meant for every-day/every-user use and requires authentication. (Users either go through another Squid proxy or direct.) The special Squid proxy works. No surprise there. Authentication works. No surprise there. What I need is a method to embed into make.conf a proxy specification for fetch. Setting the environment variable HTTP_PROXY from the login shell /is not/ preferred because the account is used by different administrators, I don't what the special proxy accidentally polluted with non-port stuff, and it would only create confusion. Setting http_proxy in make.conf does not work. .netrc doesn't appear to be a viable method (if it did, I could specify FETCH_ARGS in make.conf). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org