Slow write performance on Compaq Smart Array 64xx (ciss0)
Why is the write performance of my RAID controller so slow? I've noticed the problem on this server and another Intel Xeon based server with the same controller. Both are running OpenBSD 4.0 generic. I will focus on the amd64 box in this email. If this is fixed in current, great, I'll upgrade. If not, will it be fixed in 4.1? Here is a basic write test: (write test running bsd kernel) # dd if=/dev/zero of=/data/testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 113.978 secs (22999380 bytes/sec) (write test running bsd.mp kernel) # dd if=/dev/zero of=/data/testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 115.765 secs (2265 bytes/sec) Here is some information about the system: # sysctl hw.sensors hw.sensors.0=ciss0, sd0, drive online, OK # bioctl -h ciss0 Volume Status Size Device ciss0 0 Online 1.4T sd0 RAID5 0 Online 279G 1:0.0 noencl COMPAQ BD3008A4C6 1 Online 279G 1:1.0 noencl COMPAQ BD30089BBA 2 Online 279G 1:2.0 noencl COMPAQ BD30089BBA 3 Online 279G 1:3.0 noencl COMPAQ BD30089BBA 4 Online 279G 1:4.0 noencl COMPAQ BD30089BBA 5 Online 279G 1:5.0 noencl COMPAQ BD30089BBA # dmesg OpenBSD 4.0 (GENERIC.MP) #967: Sat Sep 16 20:38:15 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4118376448 (4021852K) avail mem = 3536994304 (3454096K) using 22937 buffers containing 412045312 bytes (402388K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xec000 (64 entries) bios0: HP ProLiant DL385 G1 mainbus0: Intel MP Specification (Version 1.4) (HP PROLIANT) cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Opteron(tm) Processor 285, 2606.23 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 200MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: AMD Opteron(tm) Processor 285, 2605.91 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu2 at mainbus0: apid 1 (application processor) cpu2: AMD Opteron(tm) Processor 285, 2605.91 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu2: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu2: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu3 at mainbus0: apid 3 (application processor) cpu3: AMD Opteron(tm) Processor 285, 2605.91 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu3: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu3: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative mpbios: bus 0 is type PCI mpbios: bus 1 is type PCI mpbios: bus 2 is type PCI mpbios: bus 3 is type PCI mpbios: bus 4 is type PCI mpbios: bus 5 is type PCI mpbios: bus 6 is type PCI mpbios: bus 32 is type ISA ioapic0 at mainbus0 apid 4 pa 0xfec0, version 11, 24 pins ioapic1 at mainbus0 apid 5 pa 0xfec1, version 11, 4 pins ioapic2 at mainbus0 apid 6 pa 0xfec2, version 11, 4 pins ioapic3 at mainbus0 apid 7 pa 0xfdc0, version 11, 4 pins ioapic4 at mainbus0 apid 8 pa 0xfdc1, version 11, 4 pins pci0 at mainbus0 bus 0: configuration mode 1 ppb0 at pci0 dev 3 function 0 AMD 8111 PCI-PCI rev 0x07 pci1 at ppb0 bus 1 ohci0 at pci1 dev 0 function 0 AMD 8111 USB rev 0x0b: apic 4 int 19 (irq 5), version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: AMD OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 3 ports with 3 removable, self powered ohci1 at pci1 dev 0 function 1 AMD 8111 USB rev 0x0b: apic 4 int 19 (irq 5), version 1.0, legacy support usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: AMD OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 3 ports with 3 removable, self powered Compaq iLO rev 0x01 at pci1 dev 2 function 0
Re: Is Theo still hiking ????
bofh wrote: On 1/27/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: that the usual pack of idiots on misc@ can't contribut adequatly agree Remember that dimwit I do let the windows machine have web contact to the outside who thinks simple packet filtering will keep his windows children safe.Real 7337,whatever that is. Oh, come now, everyone knows that doesn't work. What really works is - NAT!!! Yes, really! *smirk* We have a NotWork engineer who thinks nat is the answer to everything. The useless excuse for an oxygen sink even wanted to NAT our public IPs in our DR site instead of routing it in. Of course, for a I am CCNP, except that cisco lost my paperwork person who can't even set a damned default route on a 6509, natting _is_ the best way to do things, since *he* didn't have to do it. whats sad is how many people will never let go of NAT after they migrate to ipv6.
ccd, disklabel and partition 'a'
I am currently experimenting with ccd(4) and although it appears to work, I am uncomfortable with one point. I have configured 2 partitions as a JBOD (interleave 0). However, the first of these partitions is partition 'a' of one disk. So the first effect I had was that ccd0 appeared to have the same disklabel as the first disk. I read through the mailing list archives and found a thread explaining that the disklabel is stored around the beginning of partition 'a' and that one should allocate a small partition 'a' which should not be made part of the JBOD. What I am uncomfortable with is that 1) this does not appear to be documented in the man pages anywhere 2) that the size and position of the disklabel of partition 'a' is not clearly stated anywhere so that I can be certain that it doesn't get overwritten and that I am not wasting too much space. Can anybody please shed some light on this? Regards, -pu
Re: Is Theo still hiking ????
whats sad is how many people will never let go of NAT after they migrate to ipv6. why not start saving ipv6 adresses at the begening? -- almir
Re: PlayStation 3
check my msg below for the xbox360 on the pf list:
0.33 is the xbox ip, the port must be different for ps3
but static port is the solution
---
clinton sigmon find the solution of the problem
thank you guy
i put to the list for archive purpose and help someone:
put the nat rules in first before other nat rules:
nat on rl0 from 192.168.0.33 to any - (rl0) static-port
ant the other rules:
rdr on rl0 inet proto udp from any to rl0 port 88 - 192.168.0.33
rdr on rl0 inet proto { tcp, udp } from any to rl0 port 3074 - 192.168.0.33
pass in quick on rl0 inet proto udp from any to 192.168.0.33 port 88 keep state
pass in quick on rl0 inet proto {tcp, udp} from any to 192.168.0.33 port 3074
keep state
first time i need help for pf, a great and easy firewall :)
and must say that i'm very happy with openbsd since 2.7..(nerver forget to buy
a cd set)!
thanks to the other people who help me too.
httpd, Unable to fork new process - Resource question
Hi, On my box (3.9) I get these error messages in /var/www/logs/error_log [Sun Jan 28 11:13:30 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process [Sun Jan 28 11:13:40 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process [Sun Jan 28 11:13:50 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process [Sun Jan 28 11:14:00 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process [Sun Jan 28 11:14:10 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process [Sun Jan 28 11:14:20 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process [Sun Jan 28 11:14:30 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process [Sun Jan 28 11:14:40 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process I tried to increase the maxproc for www to infinity, but it didn't seem to solve the problem. Could you give me any hint? This problem slows down the whole webserver and it is not able to serve the clients. Here is the dmesg: OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC RTC BIOS diagnostic error 80clock_battery cpu0: Intel(R) Pentium(R) D CPU 3.00GHz (GenuineIntel 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID real mem = 2145361920 (2095080K) avail mem = 1951506432 (1905768K) using 4278 buffers containing 107372544 bytes (104856K) of memory RTC BIOS diagnostic error 80clock_battery mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 08/01/06 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown, estimated 0:00 hours apm0: flags 30102 dobusy 0 doidle 1 pcibios at bios0 function 0x1a not configured bios0: ROM list: 0xc/0xd000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82945GP rev 0x00 ppb0 at pci0 dev 1 function 0 Intel 82945GP PCIE rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon X300 rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ATI Radeon X300 Sec rev 0x00 at pci1 dev 0 function 1 not configured Intel 82801GB HD Audio rev 0x01 at pci0 dev 27 function 0 not configured ppb1 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x01 pci2 at ppb1 bus 2 em0 at pci2 dev 0 function 0 Intel PRO/1000MT (82573L) rev 0x00: irq 11, address 00:16:76:8f:d0:f2 ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x01 pci3 at ppb2 bus 3 ppb3 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x01 pci4 at ppb3 bus 4 ppb4 at pci0 dev 28 function 4 Intel 82801G PCIE rev 0x01 pci5 at ppb4 bus 5 ppb5 at pci0 dev 28 function 5 Intel 82801G PCIE rev 0x01 pci6 at ppb5 bus 6 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: irq 10 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: irq 11 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: irq 9 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: irq 11 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: irq 10 usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered ppb6 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0xe1 pci7 at ppb6 bus 7 Texas Instruments TSB43AB23 FireWire rev 0x00 at pci7 dev 5 function 0 not configured ichpcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using irq 11 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: SAMSUNG HD300LJ wd0: 16-sector PIO, LBA48, 286168MB, 586072368 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1 at pciide1 channel 1 drive 0: SAMSUNG HD300LJ wd1: 16-sector PIO, LBA48, 286168MB, 586072368 sectors wd1(pciide1:1:0): using PIO mode 4,
Re: Is Theo still hiking ????
On 2007/01/28 11:07, Almir Karic wrote: whats sad is how many people will never let go of NAT after they migrate to ipv6. why not start saving ipv6 adresses at the begening? because it's been arranged that ipv6 does not need NAT, you just use firewalls with it. 128-bit gives you a *lot* of address space. 18 million million million /64's, each of which can hold 65536 x the total number of possible 48-bit MAC addresses.
Re: ccd, disklabel and partition 'a'
On Sun, 28 Jan 2007, Patrick Useldinger wrote: I am currently experimenting with ccd(4) and although it appears to work, I am uncomfortable with one point. I have configured 2 partitions as a JBOD (interleave 0). However, the first of these partitions is partition 'a' of one disk. So the first effect I had was that ccd0 appeared to have the same disklabel as the first disk. I read through the mailing list archives and found a thread explaining that the disklabel is stored around the beginning of partition 'a' and that one should allocate a small partition 'a' which should not be made part of the JBOD. I think you misread. It's enough to make sure the a partitions starts after the first track. Just run fdisk -i on a new (ccd) disk. It takes care of that. What I am uncomfortable with is that 1) this does not appear to be documented in the man pages anywhere http://www.openbsd.org/faq/faq14.html#disklabel True, the FAQ is not 'offcial documentation' 2) that the size and position of the disklabel of partition 'a' is not clearly stated anywhere so that I can be certain that it doesn't get overwritten and that I am not wasting too much space. See above. Can anybody please shed some light on this? -Otto
destination-port-based routing for multiple links
Hi All, I'm running Postfix on OpenBSD and have multiple external links on the same box. I want outgoing smtp connections to be routed to ext_if2, but the rest to ext_if1. To achieve this, default route being ext_if1, I tried a couple of things: pass out log quick route-to ($ext_if2 $ext_gw2) \ proto tcp to any port smtp user _postfix keep state Looking at pflog, this rule really tries to send packets to ($ext_if2 $ext_gw2), but e-mails cannot be relayed (for some reason pflog reports that it duplicates the packets). I wasn't too hopeful anyway per the description of route-to in pf faq. Then again, this rule summarizes what I'm trying to achieve. (Or is this rule supposed to work, and I'm doing something else wrong?) The other option would be to set the default route to ($ext_if2 $ext_gw2), but that's not what I want. I use route-to successfully for connections originating behind the firewall, but smtp connections originate from the box itself. I use reply-to successfully too. In short, I need something like destination-port-based routing for multiple links. The situation is not specific to smtp port or Postfix, I'd like to achieve the same for any port I wish. What are my options? What can I do in such a case? (Since I'm out of ideas and since route-to works fine, my only option otherwise seems like placing another OpenBSD/pf in front of this box, which I believe would be ugly.) This is also related to a previous thread on a similar topic. I would appreciate any help. Thanks,
Re: Is Theo still hiking ????
they said the SAME thing about ipv4 :/ 65536 x the total number of possible 48-bit MAC addresses. irrelevant. -- almir
Re: Is Theo still hiking ????
On Sun, Jan 28, 2007 at 12:36:38AM -0800, Joe wrote: bofh wrote: On 1/27/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: that the usual pack of idiots on misc@ can't contribut adequatly agree Remember that dimwit I do let the windows machine have web contact to the outside who thinks simple packet filtering will keep his windows children safe.Real 7337,whatever that is. Oh, come now, everyone knows that doesn't work. What really works is - NAT!!! Yes, really! *smirk* We have a NotWork engineer who thinks nat is the answer to everything. The useless excuse for an oxygen sink even wanted to NAT our public IPs in our DR site instead of routing it in. Of course, for a I am CCNP, except that cisco lost my paperwork person who can't even set a damned default route on a 6509, natting _is_ the best way to do things, since *he* didn't have to do it. whats sad is how many people will never let go of NAT after they migrate to ipv6. _if_ such a migration ever takes pace. I think IPV6 is a solution that was too late for it's problem. Many large companies are using non routeable blocks as their internal address space, thus the need for a larger address space has decreased, if not vanished. At least until the net needs to extend off planet :-) -- Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: Is Theo still hiking ????
you are missing some things, the most important of which are that ipv6 is supposed to last for DECADES and all computers behind nat should get their public ips (that is what someone suggested earlier). those are two by far the most important things you ommited from your calculation, others are some ips won't be availible to ''average'' human beings (private ip ranges, broadcast adresses, router adresses...), also enterprise will grab crapload of ips for business needs. On 1/28/07, Michael Jensen [EMAIL PROTECTED] wrote: On 1/28/07, Almir Karic [EMAIL PROTECTED] wrote: they said the SAME thing about ipv4 :/ 65536 x the total number of possible 48-bit MAC addresses. irrelevant. -- almir Why not try to calculate a bit. well the number is a bit big so it hard to just imagine it and hard to compare to other numbers. But if there are forexample 6 billion people on earth. They could each have 2^128-2^33=2^95 ip adresses. 2^95 = 39.614.081.257.132.168.796.771.975.168 I think i can cope a year or two before i i need more than that. :) -- almir
Re: Is Theo still hiking ????
On 1/28/07, Almir Karic [EMAIL PROTECTED] wrote: you are missing some things, the most important of which are that ipv6 is supposed to last for DECADES and all computers behind nat should get their public ips (that is what someone suggested earlier). those are two by far the most important things you ommited from your calculation, others are some ips won't be availible to ''average'' human beings (private ip ranges, broadcast adresses, router adresses...), also enterprise will grab crapload of ips for business needs. On 1/28/07, Michael Jensen [EMAIL PROTECTED] wrote: On 1/28/07, Almir Karic [EMAIL PROTECTED] wrote: they said the SAME thing about ipv4 :/ 65536 x the total number of possible 48-bit MAC addresses. irrelevant. -- almir Why not try to calculate a bit. well the number is a bit big so it hard to just imagine it and hard to compare to other numbers. But if there are forexample 6 billion people on earth. They could each have 2^128-2^33=2^95 ip adresses. 2^95 = 39.614.081.257.132.168.796.771.975.168 I think i can cope a year or two before i i need more than that. :) -- almir Yes i purposefully omitted that. What i was trying to say is that it is a huge number, even if large areas of the ip adresses was preserved or given to large entities, like companies, universities whatever, Or otherwise reserved for special purposes. Even if some numbers was taken and never released, and others reserved , i am pretty sure though not certain that i couldnt find an effective way of wasting away all that,. look again at the numbers that is there, and think about how to use up all of them.in a couple of decades, i cant see it. Also there is some kind of of number blindness for such huge numbers, I Would have to do some more calculations to be sure i didnt miss something. however with just the small calculations ive done in previous post, i cannot see that we run dry not for decades either. My smartphones could have a billion ip adresses each, and EVERYBODY could do that without exhausting the adress space. And i could have 1 billion smartphones and more. i could then have 1 billion RFID chips for each smartphone. I might then have to limit myself a bit since As you say a crapload of adress ranges are given to enterprises (I might no be able to use all my smartphones before i die and i hope they come in more than one colour!) I think! that might last us at least 1 decade. But i could be wrong :) please suggest a good way to use up all adresses in just 20 years. cognacc
How to use bioctl with ciss0?
Good day, What do I have to do to get info about a raid array on a HP DL380 G4 with bioctl? Is this supported? # bioctl -v -h ciss0 bioctl: Can't locate ciss0 device via /dev/bio man 8 biosctl says RAID device drivers which support management functionality can register their services with the bio(4) driver. man 4 bio says Only drivers which have registered with the bio device can be accessed via this interface. but does not explain how to register a driver. Part of dmesg below . .. OpenBSD 4.0 (GENERIC) #1107: Sat Sep 16 19:15:58 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(TM) CPU 3.80GHz (GenuineIntel 686-class) 3.81 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT, PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST, TM2,CNXT-ID,CX16 . . . ciss0 at pci3 dev 3 function 0 Compaq Smart Array 64xx rev 0x01: irq 5 ciss0: 2 LDs, HW rev 1, FW 2.58/2.58 scsibus0 at ciss0: 2 targets sd0 at scsibus0 targ 0 lun 0: HP, LOGICAL VOLUME, 2.58 SCSI0 0/direct fixed sd0: 286095MB, 286095 cyl, 64 head, 32 sec, 512 bytes/sec, 585922680 sec total sd1 at scsibus0 targ 1 lun 0: HP, LOGICAL VOLUME, 2.58 SCSI0 0/direct fixed sd1: 858293MB, 858293 cyl, 64 head, 32 sec, 512 bytes/sec, 1757784604 sec total Any clues will be greatly appreciated. Thanks very much, Vijay -- Vijay Sankar ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: +1 (204) 885-9535, E-Mail: [EMAIL PROTECTED]
Re: ccd, disklabel and partition 'a'
On Sunday 28 January 2007 11:02, Patrick Useldinger wrote: I am currently experimenting with ccd(4) and although it appears to work, I am uncomfortable with one point. I have configured 2 partitions as a JBOD (interleave 0). However, the first of these partitions is partition 'a' of one disk. So the first effect I had was that ccd0 appeared to have the same disklabel as the first disk. man ccd: Note that the `raw' partitions of the disks should not be combined. Each component partition should be offset at least one cylinder from the beginning of the component disk. see also thread on misc: CCD: started on 17 jan 2007 by Chris Mika how much one cylinder is, can be calculated with the numbers given by disklabel. ight about the following point but: i would not use partition 'a' for anything else then my boot partition. thus i never used 'a' as a member of a ccd, nor did i create an 'a' on a ccd. unfortunatly disklabel -E ccd0 did not work for me after 'fdisk -i ccd0', since 'ccd0c' had type '4.2BSD' not 'unused' as for raw devices. since the FAQ sais: Just use disklabel on it like you normally would to make the partition or partitions you want to use. Again, don't use the 'c' partition as an actual partition that you put stuff on. i used 'disklabel -e ccd0' to change the type to 'unused'. after that i created one big partition 'd' on the ccd0 drive. //llx I read through the mailing list archives and found a thread explaining that the disklabel is stored around the beginning of partition 'a' and that one should allocate a small partition 'a' which should not be made part of the JBOD. What I am uncomfortable with is that 1) this does not appear to be documented in the man pages anywhere 2) that the size and position of the disklabel of partition 'a' is not clearly stated anywhere so that I can be certain that it doesn't get overwritten and that I am not wasting too much space. Can anybody please shed some light on this? Regards, -pu
Re: Is Theo still hiking ????
On Sun, Jan 28, 2007 at 01:10:11PM +0100, Almir Karic wrote: you are missing some things, the most important of which are that ipv6 is supposed to last for DECADES and all computers behind nat should get their public ips (that is what someone suggested earlier). those are two by far the most important things you ommited from your calculation, others are some ips won't be availible to ''average'' human beings (private ip ranges, broadcast adresses, router adresses...), also enterprise will grab crapload of ips for business needs. All true enough, but, at least in the the organization that I work for, there is a HUGE amount of inertia, and between that and the FUD the homeland security department is perpetuating on the world, I doubt that they will _ever_ go to anything besides non-routables. BTW, if we thought the M$ was the mother of all FUD, well, let's just say Homeland Security is the father of all FUD! Dud everyone catch the statement made by a senior official of the organization last week? He said technology going forward is going to _increase_ risk. His rationale was that single people would be able to cause more damage. Guess he missed that technology, properly applied, is a huge fact in _reducing_ risk. Oh wait, maybe he can't comprehend properly applied. Sigh. -- Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: Is Theo still hiking ????
On Sun, Jan 28, 2007 at 01:10:11PM +0100, Almir Karic wrote: you are missing some things, the most important of which are that ipv6 is supposed to last for DECADES and all computers behind nat should get their public ips (that is what someone suggested earlier). Everything should have a public IP is a dumb argument. Having all appliances with crappy security and even crapier OS on them have public IPs makes me shiver. People are not even capable to keep their computer at home free from worms and backdoors, how should they manage thier TiVos, AppleTVs, PS3s and all the other internet enabled crap that is comming to their house in the next years? NAT was a cheap and effective way to keep stuff out of reach of script kiddies. those are two by far the most important things you ommited from your calculation, others are some ips won't be availible to ''average'' human beings (private ip ranges, broadcast adresses, router adresses...), also enterprise will grab crapload of ips for business needs. -- :wq Claudio
Re: ccd, disklabel and partition 'a'
On Sun, Jan 28, 2007 at 12:14:00PM +0100, christian widmer wrote: On Sunday 28 January 2007 11:02, Patrick Useldinger wrote: I am currently experimenting with ccd(4) and although it appears to work, I am uncomfortable with one point. I have configured 2 partitions as a JBOD (interleave 0). However, the first of these partitions is partition 'a' of one disk. So the first effect I had was that ccd0 appeared to have the same disklabel as the first disk. man ccd: Note that the `raw' partitions of the disks should not be combined. Each component partition should be offset at least one cylinder from the beginning of the component disk. see also thread on misc: CCD: started on 17 jan 2007 by Chris Mika how much one cylinder is, can be calculated with the numbers given by disklabel. ight about the following point but: i would not use partition 'a' for anything else then my boot partition. thus i never used 'a' as a member of a ccd, nor did i create an 'a' on a ccd. unfortunatly disklabel -E ccd0 did not work for me after 'fdisk -i ccd0', since 'ccd0c' had type '4.2BSD' not 'unused' as for raw devices. since the What version of OpenBSD are you using? On -current ccd0c should no longer appear as 4.2BSD. Ken FAQ sais: Just use disklabel on it like you normally would to make the partition or partitions you want to use. Again, don't use the 'c' partition as an actual partition that you put stuff on. i used 'disklabel -e ccd0' to change the type to 'unused'. after that i created one big partition 'd' on the ccd0 drive. //llx I read through the mailing list archives and found a thread explaining that the disklabel is stored around the beginning of partition 'a' and that one should allocate a small partition 'a' which should not be made part of the JBOD. What I am uncomfortable with is that 1) this does not appear to be documented in the man pages anywhere 2) that the size and position of the disklabel of partition 'a' is not clearly stated anywhere so that I can be certain that it doesn't get overwritten and that I am not wasting too much space. Can anybody please shed some light on this? Regards, -pu
Re: destination-port-based routing for multiple links
One correction, keep state in the rule prevents the duplicate to $ext_if2. So to have the duplicate, it should have been like the following: pass out log quick route-to ($ext_if2 $ext_gw2) \ proto tcp to any port smtp user _postfix Sorry, On Sun, 2007-01-28 at 13:03 +0200, Soner Tari wrote: Hi All, I'm running Postfix on OpenBSD and have multiple external links on the same box. I want outgoing smtp connections to be routed to ext_if2, but the rest to ext_if1. To achieve this, default route being ext_if1, I tried a couple of things: pass out log quick route-to ($ext_if2 $ext_gw2) \ proto tcp to any port smtp user _postfix keep state Looking at pflog, this rule really tries to send packets to ($ext_if2 $ext_gw2), but e-mails cannot be relayed (for some reason pflog reports that it duplicates the packets). I wasn't too hopeful anyway per the description of route-to in pf faq. Then again, this rule summarizes what I'm trying to achieve. (Or is this rule supposed to work, and I'm doing something else wrong?) The other option would be to set the default route to ($ext_if2 $ext_gw2), but that's not what I want. I use route-to successfully for connections originating behind the firewall, but smtp connections originate from the box itself. I use reply-to successfully too. In short, I need something like destination-port-based routing for multiple links. The situation is not specific to smtp port or Postfix, I'd like to achieve the same for any port I wish. What are my options? What can I do in such a case? (Since I'm out of ideas and since route-to works fine, my only option otherwise seems like placing another OpenBSD/pf in front of this box, which I believe would be ugly.) This is also related to a previous thread on a similar topic. I would appreciate any help. Thanks,
Re: Is Theo still hiking ????
On Sun, Jan 28, 2007 at 12:36:38AM -0800, Joe wrote: whats sad is how many people will never let go of NAT after they migrate to ipv6. It's not sad; for many people it would be essential. How would you like your 48-bit MAC address to become a permanent cookie, following you about whenever you access the Internet? And if you need to change ISP, and therefore get a new address allocation, many people would rather just put in some NAT at the border than take the pain of network renumbering (which IPv6 doesn't make any easier than IPv4) Stuart Henderson wrote: 128-bit gives you a *lot* of address space. 18 million million million /64's, each of which can hold 65536 x the total number of possible 48-bit MAC addresses. Nope. One year ago, France Telecom applied for, and was granted, a /19 of IPv6 address space. Since the first three bits are fixed in the unicast addressing plan, this means that a single ISP has already taken 1/65,536th of the total available. This all boils down to dogma on the part of the IPv6 designers - e.g. thou shalt not have server-based address autoconfiguration. If IPv6 had stuck with DHCP, which everyone knows and understands, then you could just give each customer a /96, rather than a /48 as demanded by IPv6, and we would have addresses for aeons. Not so now. So I argue that IPv6 doesn't solve any of the problems which IPv4 has - not even address depletion - and adds plenty of its own. As a result, I don't see much commercial reason to roll it out, and certainly no commercial reason to switch off the existing IPv4 Internet. Arguments here: http://pobox.com/~b.candler/doc/misc/ipv6.txt Regards, Brian.
Re: ccd, disklabel and partition 'a'
On Sunday 28 January 2007 15:19, Kenneth R Westerback wrote: On Sun, Jan 28, 2007 at 12:14:00PM +0100, christian widmer wrote: On Sunday 28 January 2007 11:02, Patrick Useldinger wrote: I am currently experimenting with ccd(4) and although it appears to work, I am uncomfortable with one point. I have configured 2 partitions as a JBOD (interleave 0). However, the first of these partitions is partition 'a' of one disk. So the first effect I had was that ccd0 appeared to have the same disklabel as the first disk. man ccd: Note that the `raw' partitions of the disks should not be combined. Each component partition should be offset at least one cylinder from the beginning of the component disk. see also thread on misc: CCD: started on 17 jan 2007 by Chris Mika how much one cylinder is, can be calculated with the numbers given by disklabel. ight about the following point but: i would not use partition 'a' for anything else then my boot partition. thus i never used 'a' as a member of a ccd, nor did i create an 'a' on a ccd. unfortunatly disklabel -E ccd0 did not work for me after 'fdisk -i ccd0', since 'ccd0c' had type '4.2BSD' not 'unused' as for raw devices. since the What version of OpenBSD are you using? On -current ccd0c should no longer appear as 4.2BSD. 4.0 Ken FAQ sais: Just use disklabel on it like you normally would to make the partition or partitions you want to use. Again, don't use the 'c' partition as an actual partition that you put stuff on. i used 'disklabel -e ccd0' to change the type to 'unused'. after that i created one big partition 'd' on the ccd0 drive. //llx I read through the mailing list archives and found a thread explaining that the disklabel is stored around the beginning of partition 'a' and that one should allocate a small partition 'a' which should not be made part of the JBOD. What I am uncomfortable with is that 1) this does not appear to be documented in the man pages anywhere 2) that the size and position of the disklabel of partition 'a' is not clearly stated anywhere so that I can be certain that it doesn't get overwritten and that I am not wasting too much space. Can anybody please shed some light on this? Regards, -pu
Re: Slow write performance on Compaq Smart Array 64xx (ciss0)
On Sun, Jan 28, 2007 at 12:29:21AM -0800, Joe wrote: Why is the write performance of my RAID controller so slow? ... (write test running bsd kernel) # dd if=/dev/zero of=/data/testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 113.978 secs (22999380 bytes/sec) That's about 22MB per second. Sounds plausible to me, given that RAID5 arrays intrinsically have very poor write performance. What value were you expecting to see? For comparison, what do you get for the same test but for read speed? i.e. # dd if=/data/testfile of=/dev/null bs=128k RAID5 writes are slow because a single block write involves 4 disk operations (read old data block, read old parity, write new data block, write new parity). A non-volatile write-through cache can speed things up to a degree though. If you want high write performace, try setting up your six-disk array as three separate mirrored pairs, or as a single RAID-01 (strip/mirror) and see what you get. Of course your available storage size will be reduced to 3/5ths of what it was. Regards, Brian.
Questions about configuring the shell prompt
I have some questions about configuring the shell prompt. I have created a normal user account and set it to use the csh shell. I have the following in the .cshrc file. ... if ($?prompt) then # An interactive shell -- set some stuff up set nobeep set filec set history = 1000 set ignoreeof set mail = (/var/mail/$USER) set u = `id -un` set h = `hostname -s` alias prompt 'set prompt = [EMAIL PROTECTED] $cwd:t]% ' ... The prompt looks like the following. [EMAIL PROTECTED] phusion]% There are a few things I would like to change though. 1) How can I get it to display the home directory as ~? 2) How can I get it to do filename completion using the tab key? 3) How can I get it to backspace when I mistype a filename incorrectly? 4) How can I get it to display previous commands using the up and down arrow? Let me know how to do the following in the csh. Phusion
Re: spamd openbsd 4.0 query
On Sun, Jan 28, 2007 at 09:17:15AM +, John . wrote: ...or maybe I've answered my own question :) Sometimes it helps to type it out. So, presumably spamd as actuated by PF takes care of the 100% certain spam, what is then accepted per user depends on invoking spamc/d via a procmail ruleset individually? Am I correct? I'm using Exim btw All that spamd does is tarpit any blacklisted IPs -- and, *if* you're using greylisting, eliminate the obviously fake MTAs. That's all. It does eliminate a great deal of spam, but... 1) it does not examine headers (beyond tuple for greylisting) 2) it does not examine content. [demime 1.01d removed an attachment of type application/pgp-signature]
Re: Slow write performance on Compaq Smart Array 64xx (ciss0)
On Sunday 28 January 2007 08:45, Brian Candler wrote: On Sun, Jan 28, 2007 at 12:29:21AM -0800, Joe wrote: Why is the write performance of my RAID controller so slow? ... (write test running bsd kernel) # dd if=/dev/zero of=/data/testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 113.978 secs (22999380 bytes/sec) That's about 22MB per second. Sounds plausible to me, given that RAID5 arrays intrinsically have very poor write performance. What value were you expecting to see? This is what I see on a DL 380 G4. It has two 300GB drives in RAID1 configuration and 4 300 GB drives on RAID 5 configuration.: RAID5 with 4 300GB drives # dd if=/dev/zero of=testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 31.360 secs (83589627 bytes/sec) RAID 1 with 2 300 GB drives #dd if=/dev/zero of=testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 43.803 secs (59845997 bytes/sec) bioctl -h ciss0 gives me bioctl: Can't locate ciss0 device via /dev/bio If possible, please let me know what has to be set up to get the info from bioctl. sysctl hw gives me hw.machine=i386 hw.model=Intel(R) Xeon(TM) CPU 3.80GHz (GenuineIntel 686-class) hw.ncpu=1 hw.byteorder=1234 hw.physmem=2147000320 hw.usermem=2146467840 hw.pagesize=4096 hw.disknames=sd0,sd1,cd0,fd0 hw.diskcount=4 hw.cpuspeed=3801 hw.vendor=HP hw.product=ProLiant DL380 G4 It does not give me the type of output hw.sensors.0 etc. If possible, please let me know how to get this also. I can then run another test that makes it more comparable. For comparison, what do you get for the same test but for read speed? i.e. # dd if=/data/testfile of=/dev/null bs=128k RAID5 writes are slow because a single block write involves 4 disk operations (read old data block, read old parity, write new data block, write new parity). A non-volatile write-through cache can speed things up to a degree though. If you want high write performace, try setting up your six-disk array as three separate mirrored pairs, or as a single RAID-01 (strip/mirror) and see what you get. Of course your available storage size will be reduced to 3/5ths of what it was. Regards, Brian. !DSPAM:1,45bcb760150711234514069! -- Vijay Sankar ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: +1 (204) 885-9535, E-Mail: [EMAIL PROTECTED]
Re: Is Theo still hiking ????
Brian Candler wrote: On Sun, Jan 28, 2007 at 12:36:38AM -0800, Joe wrote: whats sad is how many people will never let go of NAT after they migrate to ipv6. It's not sad; for many people it would be essential. How would you like your 48-bit MAC address to become a permanent cookie, following you about whenever you access the Internet? *sigh* read RFC3041 to 'solve' that part and of course dhcpv6 exists and everything else you have in IPv4. And if you need to change ISP, and therefore get a new address allocation, many people would rather just put in some NAT at the border than take the pain of network renumbering (which IPv6 doesn't make any easier than IPv4) Depends on the size of your network of course. But you can actually get IPv6 PI space already, you will have to cash out a bit for it, just like for IPv4 address space, but it is there. Problem for that solved. Same non-scaling solution as in IPv4. No differences there. And otherwise read RFC4193 to get your unique local goo for free. Stuart Henderson wrote: 128-bit gives you a *lot* of address space. 18 million million million /64's, each of which can hold 65536 x the total number of possible 48-bit MAC addresses. Nope. One year ago, France Telecom applied for, and was granted, a /19 of IPv6 address space. Since the first three bits are fixed in the unicast addressing plan, this means that a single ISP has already taken 1/65,536th of the total available. The first three bits (2000::/3 ;) are used now only that in case this whole idea of giving people huge chunks of addresses goes bad that there are 7 (8-1 ;) tries left to do it correctly. So if the 2000::/3 space runs out, then the world has another 7 tries left to screw it up again. Thus no issue there. Of course if you have better ideas, you can always bring it up on the various RIR forums. Also note that FT serves the whole country of France, you might not like them, but they also have a right to use the Internet ;) Most ISP's get only a /32 and there are millions of those. Getting a /19 is really something that only a few ISP's will be able to claim that they will actually be able to get customers for. This all boils down to dogma on the part of the IPv6 designers - e.g. thou shalt not have server-based address autoconfiguration. If IPv6 had stuck with DHCP, which everyone knows and understands, then you could just give each customer a /96, rather than a /48 as demanded by IPv6, and we would have addresses for aeons. Not so now. There is *NO* demand from anyone for giving /48's to customers. It is only a suggestion. RIR's do allocate address space towards ISP's based on the fact that they will be providing the /48's to endusers. The reason btw for doing that is so that the prefix size is always the same. You can then 'easily' (ahum) renumber by just swapping out the first 48 bits, the rest you can keep the same. At least the numbering plan will thus be easy that way. (the editing and getting everything else isn't ;) The only sort-of requirement that there is is the /64 boundary, because of autoconfig, which you can easily avoid too by using static addresses or DHCPv6. You can perfectly use /126's if you want. BTW: Don't use /127's that will break your IPv6 as the lowest address is the anycast address. Just like the network address in IPv4. So I argue that IPv6 doesn't solve any of the problems which IPv4 has - not even address depletion - and adds plenty of its own. Address depletion is the only one thing that IPv6 really solves it perfectly well. As a result, I don't see much commercial reason to roll it out, and certainly no commercial reason to switch off the existing IPv4 Internet. Arguments here: http://pobox.com/~b.candler/doc/misc/ipv6.txt I suggest you start doing some background reading, read a good book or something as you clearly are missing a LOT of information, as I've easily shown by the answering the FUD you where trying to spread above. Don't read this as rant, it will probably sound like it, but that is because you have so much wrong in the text ;) To address the points in that document: 1. ROUTING TABLE EXPLOSION IPv6 is an ADDRESSING system, it has nothing (not much at least) to do with routing. BGP/ISIS/OSPF are ROUTING systems. Subscribe to [EMAIL PROTECTED] if you want to solve that problem. 2. THE RENUMBERING PROBLEM Impossible to solve as well documented by the IETF. The second there is an external factor (eg a place where you have to put your IP in a remote firewall or DNS server) this ain't easy any more. Valid argument, but the same for IPv4 and IPX and any other. problem there is here 3. THE MULTI-HOMING PROBLEM See 1) Same problem in effect. Btw, phone numbers are analogous to DNS, not to IP addresses. 4. ADDRESS DEPLETION Your arguments are bullshit, and you know it. 5. NETWORK ADDRESS TRANSLATION Unfortunately, it does. There are people running NAT for IPv6, right now. I have never seen or heared
Re: Is Theo still hiking ????
On Sun, Jan 28, 2007 at 03:17:14PM +, Jeroen Massar wrote: Also note that FT serves the whole country of France, you might not like them, but they also have a right to use the Internet ;) Most ISP's get only a /32 and there are millions of those. Getting a /19 is really something that only a few ISP's will be able to claim that they will actually be able to get customers for. Bullshit. We've had deregulation for a while now, and FT is just the historical operator. There's no reason to treat them differently than other ISPs. Them getting a whole hefty chunk of address space looks like some political game on their part to try and keep their position, for which they have no actual right these days. Wouldn't be the first time they try to rig the game.
IPv6 allocations (Was: Is Theo still hiking ????)
Marc Espie wrote: On Sun, Jan 28, 2007 at 03:17:14PM +, Jeroen Massar wrote: Also note that FT serves the whole country of France, you might not like them, but they also have a right to use the Internet ;) Most ISP's get only a /32 and there are millions of those. Getting a /19 is really something that only a few ISP's will be able to claim that they will actually be able to get customers for. Bullshit. Do you have a valid argument for calling it bullshit? We've had deregulation for a while now, and FT is just the historical operator. There's no reason to treat them differently than other ISPs. How are they treated differently then? They are just a LIR like every other ISP. They apparently requested address space, demonstrated their need for it, and got it allocated. Same procedure for every other ISP. Btw TELEKOM in Germany also got a /19, same premise: enough clients. Every other ISP that simply got a /32 prolly didn't do their homework and didn't request for more, but they always can do it, they just need to justify it. Also there are atm 5 other ISP's globally with /20's, 4x /21, etc... see http://www.sixxs.net/tools/grh/dfp/ Them getting a whole hefty chunk of address space looks like some political game on their part to try and keep their position, for which they have no actual right these days. Wouldn't be the first time they try to rig the game. Clearly they where able to convince RIPE NCC that they have enough customers that they will fill that amount of address space. Complain to RIPE if you think that it was not fair. I don't think that OpenBSD-misc is the ml for that ;) Greets, Jeroen [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: Is Theo still hiking ????
On 28/01/07, Brian Candler [EMAIL PROTECTED] wrote: On Sun, Jan 28, 2007 at 12:36:38AM -0800, Joe wrote: whats sad is how many people will never let go of NAT after they migrate to ipv6. It's not sad; for many people it would be essential. How would you like your 48-bit MAC address to become a permanent cookie, following you about whenever you access the Internet? And if you need to change ISP, and therefore get a new address allocation, many people would rather just put in some NAT at the border than take the pain of network renumbering (which IPv6 doesn't make any easier than IPv4) I don't see your point here -- IPv6 has a notion of prefix. ISP should give your site a /64 (or /48 if you are a medium-size company with many sites), and then the rest of your address space will be the same regardless of the prefix. I.e. as far as DNS is concerned, you just do a simple search and replace. And as far as the reverse zone modifications are concerned, then they are so trivial that it's not even funny. [...] Nope. One year ago, France Telecom applied for, and was granted, a /19 of IPv6 address space. Since the first three bits are fixed in the unicast addressing plan, this means that a single ISP has already taken 1/65,536th of the total available. Last I checked, France Telecom was an NSP, not a single ISP. So I don't see a problem for them having a /19, as long as they will not request any more IPv6 allocations within the foreseeable future. Cheers, Constantine.
Re: How to use bioctl with ciss0?
On Sunday 28 January 2007 14:19, Vijay Sankar wrote: Good day, What do I have to do to get info about a raid array on a HP DL380 G4 with bioctl? Is this supported? # bioctl -v -h ciss0 bioctl: Can't locate ciss0 device via /dev/bio That's interesting, I can replicate this problem on my HP DL365 machines and current, but not on HP DL385 and current. dmesg, 365 then 385... bioctl -v ciss0 bioctl: Can't locate ciss0 device via /dev/bio OpenBSD 4.0-current (GENERIC.MP) #1: Mon Nov 27 17:16:55 CET 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 1073082368 (1047932K) avail mem = 907214848 (885952K) using 22937 buffers containing 107515904 bytes (104996K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xee000 (59 entries) bios0: HP ProLiant DL365 G1 acpi at mainbus0 not configured ipmi0 at mainbus0: version 2.0 interface KCS iobase 0xca2/2 spacing 1 mainbus0: Intel MP Specification (Version 1.4) cpu0 at mainbus0: apid 0 (boot processor) cpu0: Dual-Core AMD Opteron(tm) Processor 2210, 1800.37 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 200MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Dual-Core AMD Opteron(tm) Processor 2210, 1800.07 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative mpbios: bus 0 is type PCI mpbios: bus 1 is type PCI mpbios: bus 2 is type PCI mpbios: bus 4 is type PCI mpbios: bus 8 is type PCI mpbios: bus 9 is type PCI mpbios: bus 10 is type PCI mpbios: bus 11 is type PCI mpbios: bus 12 is type PCI mpbios: bus 13 is type PCI mpbios: bus 16 is type PCI mpbios: bus 19 is type PCI mpbios: bus 21 is type PCI mpbios: bus 241 is type ISA ioapic0 at mainbus0 apid 8 pa 0xfec0, version 11, 16 pins ioapic1 at mainbus0 apid 9 pa 0xfec01000, version 11, 16 pins pci0 at mainbus0 bus 0: configuration mode 1 vga1 at pci0 dev 3 function 0 ATI ES1000 rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) Compaq iLO rev 0x03 at pci0 dev 4 function 0 not configured Compaq iLO rev 0x03 at pci0 dev 4 function 2 not configured uhci0 at pci0 dev 4 function 4 Hewlett-Packard USB rev 0x00: apic 9 int 10 (irq 11) usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Hewlett-Packard UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered Hewlett-Packard IPMI rev 0x00 at pci0 dev 4 function 6 not configured ppb0 at pci0 dev 5 function 0 ServerWorks HT-1000 PCI rev 0x00 pci1 at ppb0 bus 1 ppb1 at pci1 dev 13 function 0 ServerWorks HT-1000 PCIX rev 0xc0 pci2 at ppb1 bus 2 piixpm0 at pci0 dev 6 function 0 ServerWorks HT-1000 rev 0x00: polling iic0 at piixpm0: disabled to avoid ipmi0 interactions pciide0 at pci0 dev 6 function 1 ServerWorks HT-1000 IDE rev 0x00: DMA atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TEAC, DW-224E-C, C.8D SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 0 pcib0 at pci0 dev 6 function 2 ServerWorks HT-1000 LPC rev 0x00 ohci0 at pci0 dev 7 function 0 ServerWorks HT-1000 USB rev 0x01: apic 8 int 5 (irq 5), version 1.0, legacy support usb1 at ohci0: USB revision 1.0 uhub1 at usb1 uhub1: ServerWorks OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered ohci1 at pci0 dev 7 function 1 ServerWorks HT-1000 USB rev 0x01: apic 8 int 5 (irq 5), version 1.0, legacy support usb2 at ohci1: USB revision 1.0 uhub2 at usb2 uhub2: ServerWorks OHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 7 function 2 ServerWorks HT-1000 USB rev 0x01: apic 8 int 5 (irq 5) usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: ServerWorks EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 4 ports with 4 removable, self powered pchb0 at pci0 dev 24 function 0 AMD AMD64 HyperTransport rev 0x00 pci3 at pchb0 bus 8 ppb2 at pci3 dev 15 function 0 ServerWorks HT-2100 PCIE rev 0xa2 pci4 at ppb2 bus 19 ppb3 at pci3 dev 16 function 0 ServerWorks HT-2100 PCIE rev 0xa2 pci5 at ppb3 bus 16 ppb4 at pci3 dev 17 function 0 ServerWorks HT-2100 PCIE rev 0xa2 pci6 at ppb4 bus 9 ppb5 at pci6 dev 0 function 0 ServerWorks PCIE-PCIX rev 0xc2 pci7 at ppb5 bus 10 bnx0 at pci7 dev 0 function 0 Broadcom
Re: Slow write performance on Compaq Smart Array 64xx (ciss0)
* Vijay Sankar [EMAIL PROTECTED] [2007-01-28 16:07]: bioctl -h ciss0 gives me bioctl: Can't locate ciss0 device via /dev/bio ciss doesn't support bio yet. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: Is Theo still hiking ????
On Sun, Jan 28, 2007 at 03:17:14PM +, Jeroen Massar wrote: Brian Candler wrote: On Sun, Jan 28, 2007 at 12:36:38AM -0800, Joe wrote: whats sad is how many people will never let go of NAT after they migrate to ipv6. It's not sad; for many people it would be essential. How would you like your 48-bit MAC address to become a permanent cookie, following you about whenever you access the Internet? *sigh* read RFC3041 to 'solve' that part and of course dhcpv6 exists and everything else you have in IPv4. Oh glory a new RFC fixing something that should not have been an issue. IPv6 starts to be like VoIP a huge collection of junk RFC. And if you need to change ISP, and therefore get a new address allocation, many people would rather just put in some NAT at the border than take the pain of network renumbering (which IPv6 doesn't make any easier than IPv4) Depends on the size of your network of course. But you can actually get IPv6 PI space already, you will have to cash out a bit for it, just like for IPv4 address space, but it is there. Problem for that solved. Same non-scaling solution as in IPv4. No differences there. Not in Europe. RIPE will not give away PI space. This is actually a religious problem with the IPv6 belivers that still think that 10'000 IPv6 routes will cover the world. And otherwise read RFC4193 to get your unique local goo for free. And another RFC that nobody cares about. Stuart Henderson wrote: 128-bit gives you a *lot* of address space. 18 million million million /64's, each of which can hold 65536 x the total number of possible 48-bit MAC addresses. Nope. One year ago, France Telecom applied for, and was granted, a /19 of IPv6 address space. Since the first three bits are fixed in the unicast addressing plan, this means that a single ISP has already taken 1/65,536th of the total available. The first three bits (2000::/3 ;) are used now only that in case this whole idea of giving people huge chunks of addresses goes bad that there are 7 (8-1 ;) tries left to do it correctly. So if the 2000::/3 space runs out, then the world has another 7 tries left to screw it up again. Thus no issue there. Good that we still have a few bits left in the IP version header... Of course if you have better ideas, you can always bring it up on the various RIR forums. They did not listen when people mentionend issues about IPv6 while they were working on the initial standard so why should they now. Also note that FT serves the whole country of France, you might not like them, but they also have a right to use the Internet ;) Most ISP's get only a /32 and there are millions of those. Getting a /19 is really something that only a few ISP's will be able to claim that they will actually be able to get customers for. This all boils down to dogma on the part of the IPv6 designers - e.g. thou shalt not have server-based address autoconfiguration. If IPv6 had stuck with DHCP, which everyone knows and understands, then you could just give each customer a /96, rather than a /48 as demanded by IPv6, and we would have addresses for aeons. Not so now. There is *NO* demand from anyone for giving /48's to customers. It is only a suggestion. RIR's do allocate address space towards ISP's based on the fact that they will be providing the /48's to endusers. The reason btw for doing that is so that the prefix size is always the same. You can then 'easily' (ahum) renumber by just swapping out the first 48 bits, the rest you can keep the same. At least the numbering plan will thus be easy that way. (the editing and getting everything else isn't ;) The only sort-of requirement that there is is the /64 boundary, because of autoconfig, which you can easily avoid too by using static addresses or DHCPv6. You can perfectly use /126's if you want. The /64 boundery is the most supid thing ever invented. In the end of those 128-bit only half of them are usable. BTW: Don't use /127's that will break your IPv6 as the lowest address is the anycast address. Just like the network address in IPv4. So I argue that IPv6 doesn't solve any of the problems which IPv4 has - not even address depletion - and adds plenty of its own. Address depletion is the only one thing that IPv6 really solves it perfectly well. The price for a bit more address space is just not worth it. As a result, I don't see much commercial reason to roll it out, and certainly no commercial reason to switch off the existing IPv4 Internet. Arguments here: http://pobox.com/~b.candler/doc/misc/ipv6.txt I suggest you start doing some background reading, read a good book or something as you clearly are missing a LOT of information, as I've easily shown by the answering the FUD you where trying to spread above. Don't read this as rant, it will probably sound like it, but that is because you have so much wrong in the text ;) To
SDL game crashing
Hi, I compiled and installed version 0.2.8.2.1 of the armagetronad game client (with default configure). (http://www.armagetronad.net/) When I play it on OpenBSD 4.0 it just works, but the game crashes every single time with 4.0-current when I die. I tried this on different boxes and it is the all the same. (Vmware server with 4.0 works too.) Currently I am out of ideas, maybe someone else can point out some changes since 4.0-release that could lead to this strange behavior? Any help is really appreciated. - Michael
Re: ccd, disklabel and partition 'a'
Otto Moerbeek wrote: I read through the mailing list archives and found a thread explaining that the disklabel is stored around the beginning of partition 'a' and that one should allocate a small partition 'a' which should not be made part of the JBOD. I think you misread. It's enough to make sure the a partitions starts after the first track. Just run fdisk -i on a new (ccd) disk. It takes care of that. I am talking about the physical disk, not the ccd disk. In this case, the physical disk is wd1, which has been initialized by fdisk -i. I then created wd1a and wd1b. wd1's disklabel gets put into the beginning of wd1a if I understood correctly. Because when I create ccd0 with wd1a and wd1b as members, ccd0 has the same disklabel as wd1. What I am uncomfortable with is that 1) this does not appear to be documented in the man pages anywhere http://www.openbsd.org/faq/faq14.html#disklabel True, the FAQ is not 'offcial documentation' To me it is. But the information isn't there. What comes close is disklabel(5) which states: The label is located in sector number LABELSECTOR of the drive, usually sector 0 where it may be found without any information about the disk ge ometry. Usually sector 0 is a little vague. Still confused, -pu
Re: ccd, disklabel and partition 'a'
On Sun, 28 Jan 2007, Patrick Useldinger wrote: Otto Moerbeek wrote: I read through the mailing list archives and found a thread explaining that the disklabel is stored around the beginning of partition 'a' and that one should allocate a small partition 'a' which should not be made part of the JBOD. I think you misread. It's enough to make sure the a partitions starts after the first track. Just run fdisk -i on a new (ccd) disk. It takes care of that. I am talking about the physical disk, not the ccd disk. In this case, the physical disk is wd1, which has been initialized by fdisk -i. I then created wd1a and wd1b. wd1's disklabel gets put into the beginning of wd1a if I understood correctly. Because when I create ccd0 with wd1a and wd1b as members, ccd0 has the same disklabel as wd1. What I am uncomfortable with is that 1) this does not appear to be documented in the man pages anywhere http://www.openbsd.org/faq/faq14.html#disklabel True, the FAQ is not 'offcial documentation' To me it is. But the information isn't there. What comes close is disklabel(5) which states: The label is located in sector number LABELSECTOR of the drive, usually sector 0 where it may be found without any information about the disk ge ometry. Usually sector 0 is a little vague. Still confused, How are we supposed to help if you omit all relevant info? dmesg, disklabels, fdisk info... -Otto
Re: Slow write performance on Compaq Smart Array 64xx (ciss0)
On Sunday 28 January 2007 10:32, Henning Brauer wrote: * Vijay Sankar [EMAIL PROTECTED] [2007-01-28 16:07]: bioctl -h ciss0 gives me bioctl: Can't locate ciss0 device via /dev/bio ciss doesn't support bio yet. Thank you very much, I will wait, for sure. I thought it was supported because of the dmesg submitted by joe [EMAIL PROTECTED] and the output quoted in his original message # sysctl hw.sensors hw.sensors.0=ciss0, sd0, drive online, OK # bioctl -h ciss0 Volume Status Size Device ciss0 0 Online 1.4T sd0 RAID5 0 Online 279G 1:0.0 noencl COMPAQ BD3008A4C6 1 Online 279G 1:1.0 noencl COMPAQ BD30089BBA 2 Online 279G 1:2.0 noencl COMPAQ BD30089BBA 3 Online 279G 1:3.0 noencl COMPAQ BD30089BBA 4 Online 279G 1:4.0 noencl COMPAQ BD30089BBA 5 Online 279G 1:5.0 noencl COMPAQ BD30089BBA Vijay -- Vijay Sankar ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: +1 (204) 885-9535, E-Mail: [EMAIL PROTECTED]
Re: ccd, disklabel and partition 'a'
Otto Moerbeek wrote: How are we supposed to help if you omit all relevant info? dmesg, disklabels, fdisk info... A good start would be to read my post, all the information is there. Except for dmesg, which is not useful in this case. -pu
Re: advice on router and routing books
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 1/27/07 6:57 AM, tony sarendal wrote: On 27/01/07, earx [EMAIL PROTECTED] wrote: hi everyone i want to learn more in BGP, and ospf routing. can u have an advice on a good book about routing ? or documentation ? and better, with openbsd router. i have seen some book on amazon, but there is not great reviews. thanks The cisco website contains lots of quality documentation about routing and routing protocols. The book Internet Routing Architectures by Sam Halabi is also good. BGP4: Inter-Domain Routing in the Internet by John W. Stewart is short and easily accessible. Halabi is the standard reference. It's longer and Cisco-centric in places. Routing in the Internet by Christian Huitema is a useful general-purpose introduction to multiple IP routing protocols, not just BGP but also OSPF, RIP, and IS-IS. I'm not aware of any book that specifically covers bgpd, ospfd, etc. The manpages are fine (as usual) but only cover proper configuration of the daemons. understanding the protocols is much more important. dn Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFvN3fyPxGVjntI4IRAkf0AJ9SnUyS8C8puXUYUMVaChSBn/O4HQCeMqo+ 1QwZsf5tM20BDc6hfcMpvcY= =9bVP -END PGP SIGNATURE-
Re: ccd, disklabel and partition 'a'
christian widmer wrote: man ccd: Note that the `raw' partitions of the disks should not be combined. Each component partition should be offset at least one cylinder from the beginning of the component disk. What is a raw partition in that case? In the examples I found, the members of the ccd disk were always wdxy such as wd1a, wd1b, which is exactly what I did. see also thread on misc: CCD: started on 17 jan 2007 by Chris Mika I did. But in that thread it doesn't become clear how much space to skip. i used 'disklabel -e ccd0' to change the type to 'unused'. after that i created one big partition 'd' on the ccd0 drive. Does the name really matter? Whether your partition is called 'a' or 'd', doesn't the disklabel get stored into the beginning of the first partition anyway? -pu
Re: ccd, disklabel and partition 'a'
Patrick Useldinger wrote: Does the name really matter? Yes. Whether your partition is called 'a' or 'd', doesn't the disklabel get stored into the beginning of the first partition anyway? No. Actually, you have 16 partitions stored in the disklabel. This is OpenBSD not DOS.
Re: ccd, disklabel and partition 'a'
Patrick Useldinger wrote: Otto Moerbeek wrote: I read through the mailing list archives and found a thread explaining that the disklabel is stored around the beginning of partition 'a' and that one should allocate a small partition 'a' which should not be made part of the JBOD. I think you misread. It's enough to make sure the a partitions starts after the first track. Just run fdisk -i on a new (ccd) disk. It takes care of that. I am talking about the physical disk, not the ccd disk. In this case, the physical disk is wd1, which has been initialized by fdisk -i. I then created wd1a and wd1b. wd1's disklabel gets put into the beginning of wd1a if I understood correctly. Because when I create ccd0 with wd1a and wd1b as members, ccd0 has the same disklabel as wd1. What I am uncomfortable with is that 1) this does not appear to be documented in the man pages anywhere http://www.openbsd.org/faq/faq14.html#disklabel True, the FAQ is not 'offcial documentation' To me it is. But the information isn't there. What comes close is disklabel(5) which states: The label is located in sector number LABELSECTOR of the drive, usually sector 0 where it may be found without any information about the disk ge ometry. Usually sector 0 is a little vague. Still confused, -pu I'm far from an expert, but seems like OpenBSD manages to run on more than one architecture. Some of these even do something intelligent like having more than one way to bootstrap from disk, which has to be equivalent to having some means of chosing which hardware sector to boot from. Easiest way to test (assuming i386) is to do a DOS FORMAT /MBR
Re: httpd, Unable to fork new process - Resource question
Adam PAPAI wrote: Hi, On my box (3.9) I get these error messages in /var/www/logs/error_log [Sun Jan 28 11:13:30 2007] [error] (35)Resource temporarily unavailable: fork: Unable to fork new process Damn, it work's but if I start it as sudo apachectl start, it inherits my limits, which is still 64 for maxproc. Solved. -- Adam PAPAI D i g i t a l Influence http://www.digitalinfluence.hu E-mail: [EMAIL PROTECTED] Phone: +36 30 33-55-735 (Hungary) Phone: +49 176-67264167 (Germany)
Re: ccd, disklabel and partition 'a'
On Sun, 28 Jan 2007, Patrick Useldinger wrote: Otto Moerbeek wrote: How are we supposed to help if you omit all relevant info? dmesg, disklabels, fdisk info... A good start would be to read my post, all the information is there. Except for dmesg, which is not useful in this case. 1. I browsed through your posts and I did not see any post containing the requested info. Now I may have deleted it by accident, but for now I assume you did not post the requested info. If I'm wrong I apologize in advance for the two point below. 2. You are asking for help. I offered to help, but to be able to do that I need extra info. Hard info. Not some vague description. I think the one offering the help is the one deciding which info is relevant and in which form he wants it. 3. I think I just lost any motivation to help you furter. So long. -Otto
Re: Slow write performance on Compaq Smart Array 64xx (ciss0)
Brian Candler wrote: On Sun, Jan 28, 2007 at 12:29:21AM -0800, Joe wrote: Why is the write performance of my RAID controller so slow? ... (write test running bsd kernel) # dd if=/dev/zero of=/data/testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 113.978 secs (22999380 bytes/sec) That's about 22MB per second. Sounds plausible to me, given that RAID5 arrays intrinsically have very poor write performance. What value were you expecting to see? For comparison, what do you get for the same test but for read speed? i.e. # dd if=/data/testfile of=/dev/null bs=128k RAID5 writes are slow because a single block write involves 4 disk operations (read old data block, read old parity, write new data block, write new parity). A non-volatile write-through cache can speed things up to a degree though. If you want high write performace, try setting up your six-disk array as three separate mirrored pairs, or as a single RAID-01 (strip/mirror) and see what you get. Of course your available storage size will be reduced to 3/5ths of what it was. Regards, Brian. Some more tests: # dd if=/dev/zero of=./testfile count=100 100+0 records in 100+0 records out 51200 bytes transferred in 16.354 secs (31306797 bytes/sec) # dd if=./testfile of=/dev/null count=100 100+0 records in 100+0 records out 51200 bytes transferred in 6.013 secs (85137347 bytes/sec) So is 30MBps acceptable write speed for RAID 5 on a Compaq Smart Array 64xx controller? Could this be a driver issue? BTW, I have another box with the same controller, but in 2 disks in RAID 0. # bioctl -h ciss0 Volume Status Size Device ciss0 0 Online 136G sd0 RAID0 0 Online 67.8G 0:0.0 noencl COMPAQ BD0728A4B4 1 Online 67.8G 0:1.0 noencl COMPAQ BD0728A4B4 # dd if=/dev/zero of=/nsm/testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 29.696 secs (88274982 bytes/sec)
How similar is the network stack between OpenBSD and FreeBSD
I've done full packet capture in FreeBSD for 100-200 Mbps networks. Can I expect similar performance numbers for doing full packet capture in OpenBSD? And out of curiousity, how different are the two stacks in capture packets?
Re: ccd, disklabel and partition 'a'
Patrick Useldinger wrote: Otto Moerbeek wrote: How are we supposed to help if you omit all relevant info? dmesg, disklabels, fdisk info... A good start would be to read my post, all the information is there. Except for dmesg, which is not useful in this case. -pu Bullshit. You ask for help. One of the most qualified people to assist you AND a very skilled developer attempted to help you and says you you did not provide enough info. Guess what? That means you either didn't provide it, or it is organized too poorly to be worth a busy person's time. In your case, both. The value of the dmesg was already demonstrated (see KRW's post). CCD works great as you are trying to use it. BTW: This message is coming to you from a computer with a ccd stripped /usr partition. It works. I used the man page documentation to implement it. It works. Your attitude is completely and totally rude and arrogant. I'll now give you all the assistance you so deserve:
Can a brige have more than 2 members?
I'm trying to setup a little configuration that looks like this: A / \ /\ B C I want to brige so that machines B and C can see a network on the inside of machine A. I'm doing this using isakmpd (ipsecctl) gif, and brige. I can make C _or_ B work to the network behind A, but when I try to add the other gif, I'm having dificulty. This _should_ work, right? -- Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
pf and ipsec troubles
Hi guys, I just overcome some configuration issues with pf and ipsecctl and I'd like to share my experience with these tools. Firstly, I played with pf and a new feature named 'urpf'. It simplify a lot antispoofing configurations but be aware that it can cause you troubles. After enabling urpf with the following line at the begining of my ruleset : block in quick on ! enc0 from urpf-failed I was unable to telnet my email gateway. I was systematically getting a Connection reset. Nothing was found in tcpdump -ni pflog0, and the mail service was perfectly working locally. After some reseach I found that urpf was the cause of my troubles. It sends back a RST on urpf-failed instead of dropping packets (default behavior) and filtered my rdr. I don't know if its a bug, but the packet should not have been blocked according the documentation. The workaround was to add the pass keyword to the rdr rules, in order to bypass the block from urpf-failed. I also added the log keyword to the antispoofing rule, so that I can diagnose faster the next time :-) Second big problem was the IPSEC negociation between another OpenBSD box and a Cisco PIX. Here is my small setup : 192.168.4.0/24_-_PIX_-_(random lan)_-_OpenBSD_-_172.16.[123].0/24 [10.10.2.253] [10.10.3.253] I inserted the following in my ipsec.conf : ike esp from 172.16.1.0/24 to 192.168.4.0/24 peer 10.10.2.253 \ main auth hmac-sha1 enc aes group modp1024 \ quick auth hmac-sha1 enc aes \ psk openbsd flow esp from 172.16.1.0/24 to 192.168.4.0/24 peer 10.10.2.253 The negociation never happened from the OpenBSD to the Pix. But a ping from the 192.168.4.0 network create the tunnel. ipsecctl -nf reported no error, everything seems to be OK. With the network tech. (the one who configured the pix), we saw that OpenBSD is trying to negociate the tunnel with 3des!! Reviewing the man pages many times, I finally figured that I missed the keyword group none for the quick phase negociation. Then I changed the configuration to something more correct : ike dynamic esp tunnel \ from 172.16.1.0/24 to 192.168.4.0/24 peer 10.10.2.253 \ main auth hmac-sha1 enc aes group modp1024 \ quick auth hmac-sha1 enc aes group none \ psk openbsd flow esp from 172.16.1.0/24 to 192.168.4.0/24 peer 10.10.2.253 The tunnel worked fine since that moment :-) A happy user, Claer
Re: Slow write performance on Compaq Smart Array 64xx (ciss0)
On 1/28/07, Henning Brauer [EMAIL PROTECTED] wrote: * Vijay Sankar [EMAIL PROTECTED] [2007-01-28 16:07]: bioctl -h ciss0 gives me bioctl: Can't locate ciss0 device via /dev/bio ciss doesn't support bio yet. Unless I'm mistaken, mickey@ added it pre-4.0 here: http://marc.theaimsgroup.com/?l=openbsd-cvsm=115671197617717w=2 and bio(4) man page claims it's supported as does ciss(4) (albeit with a caveat) --Bill
Re: Can a brige have more than 2 members?
On 1/28/07, stan [EMAIL PROTECTED] wrote: I'm doing this using isakmpd (ipsecctl) gif, and brige. I can make C _or_ B work to the network behind A, but when I try to add the other gif, I'm having dificulty. This _should_ work, right? I have a few machines with 20 or 30 gif tunnels all bridged together. CK -- GDB has a 'break' feature; why doesn't it have 'fix' too?
Re: How similar is the network stack between OpenBSD and FreeBSD
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 1/28/07 11:33 AM, Joe wrote: I've done full packet capture in FreeBSD for 100-200 Mbps networks. Can I expect similar performance numbers for doing full packet capture in OpenBSD? With equivalent hardware, yes And out of curiousity, how different are the two stacks in capture packets? See /etc/pf.os and the ps.of(5) manpage. Even within an OS family, different versions have different fingerprints, especially wrt TCP behavior. dn iD8DBQFFvQ+zyPxGVjntI4IRApseAJwMo6SGNEk+4M/9dDUTqto4DATRwwCdGgXE vNi60j4a1f6NViESQ31UYvs= =G0CD -END PGP SIGNATURE-
Re: spamd openbsd 4.0 query
On Sun, Jan 28, 2007 at 09:54:07AM -0500, Josh Grosse wrote: All that spamd does is tarpit any blacklisted IPs -- and, *if* you're using greylisting, eliminate the obviously fake MTAs. That's all. It does eliminate a great deal of spam, but... 1) it does not examine headers (beyond tuple for greylisting) 2) it does not examine content. OK. Many thanks for your help. I seem to have a working config now! cheers -- John
Aironet MPI-350 Wireless
Aironet MPI-350 Wireless rev 0x00 at pci2 dev 2 function 0 not configured I've been googling for a while and it seems that there's no way to configure this one... I am just asking here in case of. Has anybody fixed that one or found a way whatsoever? gosh... I bought this ibmx31 because I wanted to have a laptop compatible with openbsd... well, I still have 28 days to give it back... me cago en la puta... This is _really_ disappointing...
Re: Slow write performance on Compaq Smart Array 64xx (ciss0)
On Sun, Jan 28, 2007 at 11:28:27AM -0800, Joe wrote: Some more tests: # dd if=/dev/zero of=./testfile count=100 100+0 records in 100+0 records out 51200 bytes transferred in 16.354 secs (31306797 bytes/sec) # dd if=./testfile of=/dev/null count=100 100+0 records in 100+0 records out 51200 bytes transferred in 6.013 secs (85137347 bytes/sec) So is 30MBps acceptable write speed for RAID 5 on a Compaq Smart Array 64xx controller? Could this be a driver issue? I doubt it: clearly it can transfer data at 85MBps, and it's unlikely that the SCSI bus can transfer data faster in one direction than the other. I don't know this controller specifically, but maybe a better controller would give you better RAID5 write performance. Or maybe something isn't quite set up correctly on the card (e.g. if there's NVRAM write-through cache, maybe the battery isn't present or it's disabled for some other reason) I have another box with the same controller, but in 2 disks in RAID 0. # bioctl -h ciss0 Volume Status Size Device ciss0 0 Online 136G sd0 RAID0 0 Online 67.8G 0:0.0 noencl COMPAQ BD0728A4B4 1 Online 67.8G 0:1.0 noencl COMPAQ BD0728A4B4 # dd if=/dev/zero of=/nsm/testfile count=2 bs=128k 2+0 records in 2+0 records out 262144 bytes transferred in 29.696 secs (88274982 bytes/sec) RAID 0 is just striping, so half the data gets written to one disk while half gets written to the other, so that would be expected to have better performance than a single disk. Regards, Brian.
ACPI succes: MacBook Pro
All, I hadn't seen this confirmed on the list yet, so here goes. Thanks to the great effort made by devs in the ACPI department, my MacBook Pro now works with the latest -current. I can now type at the boot probmpt and I can enable acpi in UPC. Audio doesn't work yet and I'm still trying to get X to run at 1440x900, but this is already quite a step up from the shoddyness of Mac OSX (it's just not me). Here's the dmesg and sysctl hw output. Thanks, Marco, Mark and Jordan and all the other OpenBSD developers. Paul 'WEiRD' de Weerd PS: I boot this with a custom cd.iso which has a boot.conf containing set image hd0a:bsd.mp (so I can dual boot between MacOSX and OpenBSD, since I sometimes need OSX to connect to the WPA network at the office) $ dmesg OpenBSD 4.0-current (GENERIC.MP) #1145: Wed Jan 24 20:44:47 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Genuine Intel(R) CPU T2500 @ 2.00GHz (GenuineIntel 686-class) 2 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2 real mem = 2131050496 (2081104K) avail mem = 1935601664 (1890236K) using 4256 buffers containing 106676224 bytes (104176K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+ BIOS, date 07/29/05, SMBIOS rev. 2.4 @ 0xe73d0 (40 entries) bios0: Apple Computer, Inc. MacBookPro1,1 pcibios at bios0 function 0x1a not configured bios0: ROM list: 0xc/0xfa00 acpi0 at mainbus0: rev 0 acpi0: tables DSDT FACP HPET APIC MCFG ASF! SBST ECDT SSDT SSDT SSDT acpitimer at acpi0 not configured acpimadt0 at acpi0 addr 0xfee0: PC-AT compat LAPIC: acpi_proc_id 0, apic_id 0, flags 0x1 cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166 MHz LAPIC: acpi_proc_id 1, apic_id 1, flags 0x1 cpu1 at mainbus0: apid 1 (application processor) cpu1: Genuine Intel(R) CPU T2500 @ 2.00GHz (GenuineIntel 686-class) 2 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,VMX,EST,TM2 IOAPIC: acpi_ioapic_id 1, address 0xfec0, global_int_base 0x0 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: duplicate apic id, remapped to apid 2 OVERRIDE: bus 0, source 0, global_int 2, flags 0 OVERRIDE: bus 0, source 9, global_int 9, flags d apic_type 4 apic_type 4 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PEGP) acpiprt2 at acpi0: bus 2 (RP01) acpiprt3 at acpi0: bus 3 (RP02) acpiprt4 at acpi0: bus 4 (RP03) acpiprt5 at acpi0: bus 12 (PCIB) acpiec at acpi0 not configured acpiac at acpi0 not configured acpibtn at acpi0 not configured acpibtn at acpi0 not configured acpibtn at acpi0 not configured acpibat at acpi0 not configured pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82945GM MCH rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82945GM PCIE rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon Mobility X1600 rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) vendor Intel, unknown product 0x27a3 (class DASP subclass Time and Frequency, rev 0x03) at pci0 dev 7 function 0 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 2 int 22 (irq 11) azalia0: host: High Definition Audio rev. 1.0 azalia0: codec: Sigmatel STAC9221 (rev. 52.1), HDA version 1.0 audio0 at azalia0 ppb1 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02 pci2 at ppb1 bus 2 mskc0 at pci2 dev 0 function 0 Marvell Yukon 88E8053 rev 0x22, Yukon-2 EC rev. A3 (0x2): apic 2 int 16 (irq 11) msk0 at mskc0 port A, address 00:16:cb:89:e1:6f eephy0 at msk0 phy 0: Marvell 88E Gigabit PHY, rev. 2 ppb2 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02 pci3 at ppb2 bus 3 ath0 at pci3 dev 0 function 0 Atheros AR5424 rev 0x01: apic 2 int 17 (irq 11) ath0: AR5424 10.3 phy 6.1 rf 10.2, WOR5_ETSIC, address 00:16:cb:06:8f:73 ppb3 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02 pci4 at ppb3 bus 4 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 2 int 23 (irq 11) usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 2 int 19 (irq 11) usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 2 int 18 (irq 11) usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 2 int 16 (irq 10) usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0
Re: ccd, disklabel and partition 'a'
On 1/28/07 11:09 PM, Patrick Useldinger wrote: Guys, this is all turning to complete bullshit, and it's not only my fault. If anyone actually cared reading my post, my question was simple: == where is the disklabel stored, and what is its size? == If you don't know the answer you don't know if the questions is simple. If you really want to know, read the published code, obviously you don't want to do so. No problem that's why people offered their help. The question was generic, and I wanted a generic answer. Not the answer to the question where is MY disklabel stored in MY specific case. Now asking for a dmesg, fdisk or disklabel output makes no sense. Nor do the answers from your RTFM-bots. What's next - my social security number? If I would be you I would post what's asked. No problem if you repeat your question above it but if you want help and at least 3 very skillful people try to help you just do what they ask. +++chefren
Re: ccd, disklabel and partition 'a'
On Sun, Jan 28, 2007 at 11:09:17PM +0100, Patrick Useldinger wrote: Guys, this is all turning to complete bullshit, and it's not only my fault. If anyone actually cared reading my post, my question was simple: == where is the disklabel stored, and what is its size? == Being that I'm a ccd newbie, not an OpenBSD developer, etc., take the following with a grain of salt... In ccd(4)... Note that the `raw' partitions of the disks should not be combined. Each component partition should be offset at least one cylinder from the be- ginning of the component disk. This avoids potential conflicts between the component disk's disklabel(8) and the concatenated disk's disklabel. which, along with other things, leads me to believe that the underlying real partitions are combined and then accessed through a pseudo-device. Seems from there that disklabel would operate as normal, but on the pseudo-device. Unless there's some odd reason why that can't be done, it makes the most sense. If so, then the disklabel is just like any other disklabel, except that it'll be striped across real partitions, etc. People who actually know what they're talking about can tell us how off base I am. The question was generic, and I wanted a generic answer. Not the answer to the question where is MY disklabel stored in MY specific case. Now asking for a dmesg, fdisk or disklabel output makes no sense. Nor do the answers from your RTFM-bots. What's next - my social security number? Yes, that can be frustrating. It happens in mailing lists all over, and in real life, too. It used to happen to me *much* more often, but I've learned over the years to be careful how I ask things. Not that there was anything exceptionally wrong with how you asked, but it did NOT get the results you wanted. So... You expect me to read through all the documentation and the mailing list archives before posting. I did. Now I expect you to read my post before giving me unhelpful, rude and standard answers. Makes sense, no? Do you think you are helping OpenBSD in any way? Do you think that this kind of behaviour is going to make me respond another time when Theo asks for funding? Of course not. Go empty your own purse. Being arrogant is probably bearable if you are really really skilled. But if you are unable to read a post properly, then you should by all means stay humble. Think about it. I am used to the Slackware Linux community which is both skilled and helpful. Boy what a difference that makes. I do this for fun and I am not willing to take your bullshit just because you feel like it. I am sorry for this project, and I am sorry for Theo. I do respect him and the work he coordinates. But the moron index on this mailing list is just too high for me. So sad for a good idea. Sounds like you've donated money in the past, and that you've read this list before. So you know the terrain. Funny, I've gotten a lot of help here, and it's been damned good help. There's a lot of crap and nastiness on this list, but somehow I stay out of it without too much thought or effort. I've hardly ever drawn much heat on here, except for a couple of deserved corrections from Theo. How do I manage that? I don't care, because I'm not having a problem. You might want to think about it, though. As for donations, *I* donate because I get more back from this project than any other I've ever dealth with, not because people are nice to me. I like the code, and the direction the code has gone and is headed. That's exactly what I'm donating for. If you want to stop donating because people were mean to you - that's fine. The code will still be here if you want to use it. You can always use OpenBSD and hang out with the slack guys. -- Darrin Chandler | Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/darrin/ |
Re: advice on router and routing books
Great book but I don't see OSPF or BGP anywhere in the table of
contents of my copy nor below.
On 1/27/07, Jan Mason [EMAIL PROTECTED] wrote:
Building Firewalls with OpenBSD and PF
by Jacek Artymiak
Second Edition
Copyright 2003
ISBN: 83-916651-1-9
Price: USD $40.00
https://https.openbsd.org/cgi-bin/order?B01=1B01%2b=Add
Table of Contents
Preface . 1
0.1 Acknowledgments . 3
Chapter 1: Introduction . 5
1.1 Why Do We Need to Secure Our Networks . 5
1.2 Why Do We Need Firewalls . 7
1.3 Why Open Source Software . 7
1.4 Why OpenBSD and pf . 9
1.5 Cryptography and Law . 11
1.6 How This Book Is Organized . 12
1.7 Typographic Conventions Used in This Book . 14
1.8 Staying in Touch with the OpenBSD Community . 14
1.9 Getting in Touch with the Author . 15
Chapter 2: Firewall Designs . 17
2.1 Deo,ne Your Local Packet Filtering Policy . 17
2.2 What Is a 'Firewall'? . 18
2.3 What Firewalls Are Not . 19
2.4 Hardware vs. Software Firewalls . 19
2.5 Firewalls Great and Small . 20
2.5.1 Screened Host . 20
2.5.2 Screened LAN or Screened LAN Segment . 22
2.5.3 Bastion Host . 24
2.5.4 Demilitarized Zone (DMZ) . 25
2.5.5 Large-Scale LANs . 27
2.6 Invisible Hosts and Firewalls . 27
2.6.1 Filtering Bridge . 28
2.6.2 Network Address Translation (NAT) . 30
2.7 Additional Functionality . 30
Chapter 3: Installing OpenBSD . 33
3.1 Software Requirements . 33
3.1.1 Buy Ofo,cial OpenBSD CD-ROM Sets . 34
3.1.2 Additional Software Requirements . 35
3.2 Hardware Requirements . 36
3.2.1 Which Hardware Platform Should You Choose? . 36
3.2.2 Motherboard . 38
3.2.3 BIOS . 39
3.2.4 Processor . 39
3.2.5 Memory . 41
3.2.6 Disk Space . 42
3.2.7 Network Interfaces . 43
3.2.8 Communicating with Your Computer During Installation . 46
3.2.9 How Are You Going to Install OpenBSD? . 48
3.2.10 Tape Drives . 49
3.2.11 Debugging Hardware . 49
3.2.12 Other Requirements . 49
3.2.13 When in Trouble, Use the Manual . 50
3.3 Downloading OpenBSD . 50
3.4 Preparing Installation Media . 51
3.5 Installing OpenBSD . 52
3.6 Securing Your Firewall Hardware . 65
Chapter 4: Cono,guring OpenBSD . 67
4.1 User Management . 67
4.1.1 Adding Users . 67
4.1.2 Letting Users Do As Root Does (su) . 68
4.1.3 Changing the User Password . 69
4.1.4 Giving Users Limited Access to Root Privileges (sudo) . 69
4.1.5 Removing Users . 70
4.2 Hardening OpenBSD . 70
4.2.1 Disabling Non-Essential Services . 70
4.2.2 Patching . 71
4.2.3 When a Patch Is Not Enough . 76
4.3 Cono,guring Networking . 76
4.3.1 More Than One Address on a Single Interface (Aliases) . 78
4.3.2 Pf Cono,guration Options . 80
4.3.3 Bridge Cono,guration Options . 81
4.3.4 IP Forwarding . 84
4.3.5 Fixing FTP . 85
4.3.6 Taking Control of ARP . 89
4.4 Automated System Reboot . 95
4.5 Swap Encryption . 95
4.6 Working with Securelevels . 96
4.7 Setting Time and Date . 97
4.8 Cono,guring the Kernel to Solve Hardware Problems . 97
4.8.1 Make a Copy of the Old Kernel . 98
4.8.2 User Kernel Cono,g (UKC) . 98
4.8.3 Brain Transplants for OpenBSD . 101
4.9 Adding and Compiling Software . 101
4.10 Cono,guring Disks . 102
4.10.1 RAID . 102
Chapter 5: /etc/pf.conf . 103
5.1 Inside pf.conf . 103
5.1.1 Changing the pf.conf Section Order . 105
5.1.2 Breaking Long Lines into Smaller Pieces . 105
5.1.3 Grouping Rule Elements into Lists ({}) . 105
5.2 Macros . 106
5.3 Tables (table) . 107
5.4 Anchors (anchor, nat-anchor, rdr-anchor, binat-anchor) . 109
5.5 Common Components Found in pf Rules . 110
5.5.1 Directions (in, out) . 110
5.5.2 Interfaces (on) . 110
5.5.3 Address Families (inet, inet6) . 111
5.5.4 Protocols (proto) . 111
5.5.5 Addresses (from, to, any, all) . 112
5.5.6 Dynamic Assignment of Addresses . 115
5.5.7 Ports (port) . 116
5.5.8 Ports (port) . 118
5.6 Tools for Writing and Editing pf.conf . 119
5.6.1 Why Not Edit pf.conf on Another Machine? . 119
5.6.2 Syntax Highlighting . 119
5.6.3 GUI Tools for Writing Rulesets with a Mouse . 120
5.6.4 Scripting pf.conf . 120
5.7 Managing pf.conf Versions with CVS . 120
Chapter 6: Packet Normalization ... 125
6.1 Implementing Packet Normalization (scrub) . 125
6.1.1 Scrub Rule Syntax . 125
6.2 Fine-Tuning Scrub Rules . 127
6.2.1 Pf Options (limit frags, timeout frags) . 128
6.2.2 Scrub Rule Options . 128
6.3 Who's Sending All Those Malformed Packets? . 131
Chapter 7: Packet Redirection 133
7.1 Security Applications . 133
7.2 Expanding the IPv4 Address Space . 134
7.2.1 Does IPv6 Make NAT redundant? . 136
7.2.2 What Problems Does NAT Cause? . 136
7.3 NAT Rules . 137
7.3.1 Hiding Hosts Behind a Single
Re: ccd, disklabel and partition 'a'
On Sun, 28 Jan 2007, Patrick Useldinger wrote: Guys, this is all turning to complete bullshit, and it's not only my fault. If anyone actually cared reading my post, my question was simple: == where is the disklabel stored, and what is its size? == Strange that nobody distilled that form your original post... I interpreted your questions as being why do the disklabels overlap. The question was generic, and I wanted a generic answer. Not the answer to the question where is MY disklabel stored in MY specific case. Now asking for a dmesg, fdisk or disklabel output makes no sense. Nor do the answers from your RTFM-bots. What's next - my social security number? There is no generic answer, this is dependent on platform, disk geomtry, existence of (extended) DOS partitions and who knows what more. Note your original post does not mention even which platform you are running. For i386, check sys/arch/i386/i386/disksubr.c for the gory details. But for all practical purposes, the advise from the FAQ for i386 is sound: skip the first track. As for the rest of your post. So your question got misinterpreted. Big deal, instead of just refusing to give extra info and annoying the people trying to help you, you could have reformulated or elaborated on your question to clear things up. -Otto
Re: ccd, disklabel and partition 'a'
On 2007/01/28 23:09, Patrick Useldinger wrote: == where is the disklabel stored, and what is its size? == The question was generic, and I wanted a generic answer. There isn't a generic answer, this OS runs on 17 supported platforms and it varies. On some of them, disklabel -v -r disk will tell you.
Re: ccd, disklabel and partition 'a'
On Sunday 28 January 2007 17:47, Patrick Useldinger wrote: christian widmer wrote: man ccd: Note that the `raw' partitions of the disks should not be combined. Each component partition should be offset at least one cylinder from the beginning of the component disk. What is a raw partition in that case? In the examples I found, the members of the ccd disk were always wdxy such as wd1a, wd1b, which is exactly what I did. the 'raw' partition of /dev/wd1d is /dev/rwd1d see also thread on misc: CCD: started on 17 jan 2007 by Chris Mika I did. But in that thread it doesn't become clear how much space to skip. but i did mention it in my first reply. 1. man page sais 'one cylinder' 2. you need to look at the output of disklabel o calculate how much this is. i used 'disklabel -e ccd0' to change the type to 'unused'. after that i created one big partition 'd' on the ccd0 drive. Does the name really matter? Whether your partition is called 'a' or 'd', doesn't the disklabel get stored into the beginning of the first partition anyway? the name at least matters sometimes. as a said i'm not sure if it matters in your case - i did not read the code. but the `a' partition of the boot disk is the root partition, and the `b' partition of the boot disk is the swap partition and the 'c' partition is the whole drive. this does not say it is not possible to use 'a' on wd1 as long a it is not your boot disk. never the less i never play with the a, b, c's where not explicitly required. //llx -pu
ACPI tests on a Jetway J7F2 board
Greetings: I almost didn't submit this because there were no outright failures, but then I noticed that with acpi enabled, the hw.setperf sysctl is missing. Without acpi, it is present and works properly. Anyhow, here are the four dmesgs in case they are illuminating. You will notice the sucky DMA of the Jetway board in all of them. -- Mark OpenBSD 4.0-current (GENERIC) #0: Sat Jan 27 12:27:40 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Esther processor 1200MHz (CentaurHauls 686-class) 1.21 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2 cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 1005023232 (981468K) avail mem = 908509184 (887216K) using 4256 buffers containing 50376704 bytes (49196K) of memory User Kernel Config UKC enable acpi 385 acpi0 enabled UKC quit Continuing... mainbus0 (root) bios0 at mainbus0: AT/286+ BIOS, date 07/18/06, BIOS32 rev. 0 @ 0xfb570, SMBIOS rev. 2.3 @ 0xf (34 entries) apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xdc84 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdbb0/208 (11 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 11 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 7 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xfc00 acpi0 at mainbus0: rev 0 acpi0: tables DSDT FACP APIC acpitimer at acpi0 not configured acpiprt0 at acpi0: bus 0 (PCI0) acpibtn at acpi0 not configured acpicpu at acpi0 not configured acpitz at acpi0 not configured cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 VIA CN700 Host rev 0x00 pchb1 at pci0 dev 0 function 1 VIA CN700 Host rev 0x00 pchb2 at pci0 dev 0 function 2 VIA CN700 Host rev 0x00 pchb3 at pci0 dev 0 function 3 VIA PT890 Host rev 0x00 pchb4 at pci0 dev 0 function 4 VIA CN700 Host rev 0x00 pchb5 at pci0 dev 0 function 7 VIA CN700 Host rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 VIA S3 Unichrome PRO IGP rev 0x01: aperture at 0xf400, size 0x1000 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) VIA VT6306 FireWire rev 0x80 at pci0 dev 10 function 0 not configured re0 at pci0 dev 11 function 0 Realtek 8169 rev 0x10, RTL8169/8110SC (0x1800): irq 5, address 00:30:18:a8:10:78 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2 pciide0 at pci0 dev 15 function 0 VIA VT6420 SATA rev 0x80: DMA pciide0: using irq 11 for native-PCI interrupt pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide1 channel 0 drive 0: SAMSUNG MP0402H wd0: 16-sector PIO, LBA48, 38204MB, 78242976 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide1: channel 1 disabled (no drives) uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x81: irq 10 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x81: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x81: irq 11 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 16 function 3 VIA VT83C572 USB rev 0x81: irq 11 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 4 VIA VT6202 USB rev 0x86: irq 7 ehci0: timed out waiting for BIOS usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered viapm0 at pci0 dev 17 function 0 VIA VT8237 ISA rev 0x00 iic0 at viapm0 auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x60: irq 7 ac97: codec id 0x56494170 (VIA Technologies 70) ac97: codec features headphone, 18 bit DAC, 18 bit ADC, KS Waves 3D audio0 at auvia0 vr0 at pci0 dev 18 function 0 VIA RhineII-2 rev 0x78: irq 10, address 00:30:18:a6:91:2e ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI 0x004063, model 0x0032 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
Re: Slow write performance on Compaq Smart Array 64xx (ciss0)
* Henning Brauer [EMAIL PROTECTED] [2007-01-28 17:37]: * Vijay Sankar [EMAIL PROTECTED] [2007-01-28 16:07]: bioctl -h ciss0 gives me bioctl: Can't locate ciss0 device via /dev/bio ciss doesn't support bio yet. err, sorry, I missed that it is now, to some extent. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: ACPI tests on a Jetway J7F2 board
Mark, This is why: $ grep cpu /usr/src/sys/arch/i386/conf/GENERIC cpu0at mainbus? #acpicpu* at acpi? The acpicpu driver provides support for extracting processor power and performance levels from ACPI tables. This information can be used to throttle processor speed to reduce power usage and extend battery life through the hw.setperf sysctl(3) mechanism. Travers Buda On Sun, 28 Jan 2007 15:52:08 -0700 Mark Zimmerman [EMAIL PROTECTED] wrote: Greetings: I almost didn't submit this because there were no outright failures, but then I noticed that with acpi enabled, the hw.setperf sysctl is missing. Without acpi, it is present and works properly. Anyhow, here are the four dmesgs in case they are illuminating. You will notice the sucky DMA of the Jetway board in all of them. -- Mark OpenBSD 4.0-current (GENERIC) #0: Sat Jan 27 12:27:40 MST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Esther processor 1200MHz (CentaurHauls 686-class) 1.21 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2 cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 1005023232 (981468K) avail mem = 908509184 (887216K) using 4256 buffers containing 50376704 bytes (49196K) of memory User Kernel Config UKC enable acpi 385 acpi0 enabled UKC quit Continuing... mainbus0 (root) bios0 at mainbus0: AT/286+ BIOS, date 07/18/06, BIOS32 rev. 0 @ 0xfb570, SMBIOS rev. 2.3 @ 0xf (34 entries) apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xdc84 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdbb0/208 (11 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 11 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 7 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xfc00 acpi0 at mainbus0: rev 0 acpi0: tables DSDT FACP APIC acpitimer at acpi0 not configured acpiprt0 at acpi0: bus 0 (PCI0) acpibtn at acpi0 not configured acpicpu at acpi0 not configured acpitz at acpi0 not configured cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 VIA CN700 Host rev 0x00 pchb1 at pci0 dev 0 function 1 VIA CN700 Host rev 0x00 pchb2 at pci0 dev 0 function 2 VIA CN700 Host rev 0x00 pchb3 at pci0 dev 0 function 3 VIA PT890 Host rev 0x00 pchb4 at pci0 dev 0 function 4 VIA CN700 Host rev 0x00 pchb5 at pci0 dev 0 function 7 VIA CN700 Host rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 VIA S3 Unichrome PRO IGP rev 0x01: aperture at 0xf400, size 0x1000 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) VIA VT6306 FireWire rev 0x80 at pci0 dev 10 function 0 not configured re0 at pci0 dev 11 function 0 Realtek 8169 rev 0x10, RTL8169/8110SC (0x1800): irq 5, address 00:30:18:a8:10:78 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2 pciide0 at pci0 dev 15 function 0 VIA VT6420 SATA rev 0x80: DMA pciide0: using irq 11 for native-PCI interrupt pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide1 channel 0 drive 0: SAMSUNG MP0402H wd0: 16-sector PIO, LBA48, 38204MB, 78242976 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide1: channel 1 disabled (no drives) uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x81: irq 10 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x81: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x81: irq 11 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 16 function 3 VIA VT83C572 USB rev 0x81: irq 11 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 4 VIA VT6202 USB rev 0x86: irq 7 ehci0: timed out waiting for BIOS usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered viapm0 at pci0 dev 17 function 0 VIA VT8237 ISA rev 0x00 iic0 at viapm0 auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x60: irq 7 ac97: codec id 0x56494170 (VIA Technologies 70) ac97: codec features headphone, 18 bit DAC, 18 bit
Re: destination-port-based routing for multiple links
On Sunday 28 January 2007 03:03, Soner Tari wrote: I'm running Postfix on OpenBSD and have multiple external links on the same box. I want outgoing smtp connections to be routed to ext_if2, but the rest to ext_if1. why? Without knowing the *problem* you are trying to solve, it looks like you're just making a big mess trying to shape/route traffic in that manner. With luck, there might be a better answer to the problem you're trying to solve.
Re: Aironet MPI-350 Wireless
On Sun, Jan 28, 2007 at 10:29:42PM +0100, Vim Visual wrote: Aironet MPI-350 Wireless rev 0x00 at pci2 dev 2 function 0 not configured I've been googling for a while and it seems that there's no way to configure this one... I am just asking here in case of. Has anybody fixed that one or found a way whatsoever? gosh... I bought this ibmx31 because I wanted to have a laptop compatible with openbsd... well, I still have 28 days to give it back... me cago en la puta... This is _really_ disappointing... This device is quite different to traditional Aironet devices in that it is native PCI (no PLX bridge) and has somewhat different firmware semantics. These devices currently aren't supported.
Re: ACPI tests on a Jetway J7F2 board
On Sun, 28 Jan 2007 15:52:08 -0700 Mark Zimmerman [EMAIL PROTECTED] wrote: Greetings: I almost didn't submit this because there were no outright failures, but then I noticed that with acpi enabled, the hw.setperf sysctl is missing. Without acpi, it is present and works properly. Anyhow, here are the four dmesgs in case they are illuminating. You will notice the sucky DMA of the Jetway board in all of them. -- Mark On Sun, Jan 28, 2007 at 06:20:32PM -0600, Travers Buda wrote: Mark, This is why: $ grep cpu /usr/src/sys/arch/i386/conf/GENERIC cpu0at mainbus? #acpicpu* at acpi? The acpicpu driver provides support for extracting processor power and performance levels from ACPI tables. This information can be used to throttle processor speed to reduce power usage and extend battery life through the hw.setperf sysctl(3) mechanism. Travers Buda I'm not sure I follow what you are saying. I am seeing hw.setperf working only when acpi is disabled. This is not what I expected. Are you saying that hw.setperf is present without acpi, but when acpi is enabled it takes over that function but fails to make it work? In the dmesgs in which acpi is disabled, I have this line: cpu0: Enhanced SpeedStep 1200 MHz (860 mV): speeds: 1200, 1000, 800, 600, 400 MHz which is missing when I enable acpi. -- Mark
Re: destination-port-based routing for multiple links
On Sun, 2007-01-28 at 16:39 -0800, J.C. Roberts wrote: On Sunday 28 January 2007 03:03, Soner Tari wrote: I'm running Postfix on OpenBSD and have multiple external links on the same box. I want outgoing smtp connections to be routed to ext_if2, but the rest to ext_if1. why? Because the ext_if2 has a DSL connection which is faster and symmetrical, and more importantly has a C class IP, which is essential if you don't want to be considered as a spammer by many MTAs. Not to mention, one might need to load-balance based on ports. Other than the smtp port and Postfix, the ability to route based on destination port may be important for a firewall with multiple external links in general. Because you might like to route the traffic originating from the firewall itself to whichever link you wish, such as those by an http proxy.
Re: ACPI tests on a Jetway J7F2 board
You're not getting hw.setperf with ACPI enabled because ACPI and APM don't and shouldn't coexist. ACPI has a hw.setperf mechanism, but you don't have it enabled in your kernel (I don't know if it's working yet.) Travers Buda On Sun, 28 Jan 2007 19:15:13 -0700 Mark Zimmerman [EMAIL PROTECTED] wrote: On Sun, 28 Jan 2007 15:52:08 -0700 Mark Zimmerman [EMAIL PROTECTED] wrote: Greetings: I almost didn't submit this because there were no outright failures, but then I noticed that with acpi enabled, the hw.setperf sysctl is missing. Without acpi, it is present and works properly. Anyhow, here are the four dmesgs in case they are illuminating. You will notice the sucky DMA of the Jetway board in all of them. -- Mark On Sun, Jan 28, 2007 at 06:20:32PM -0600, Travers Buda wrote: Mark, This is why: $ grep cpu /usr/src/sys/arch/i386/conf/GENERIC cpu0at mainbus? #acpicpu* at acpi? The acpicpu driver provides support for extracting processor power and performance levels from ACPI tables. This information can be used to throttle processor speed to reduce power usage and extend battery life through the hw.setperf sysctl(3) mechanism. Travers Buda I'm not sure I follow what you are saying. I am seeing hw.setperf working only when acpi is disabled. This is not what I expected. Are you saying that hw.setperf is present without acpi, but when acpi is enabled it takes over that function but fails to make it work? In the dmesgs in which acpi is disabled, I have this line: cpu0: Enhanced SpeedStep 1200 MHz (860 mV): speeds: 1200, 1000, 800, 600, 400 MHz which is missing when I enable acpi. -- Mark
Re: destination-port-based routing for multiple links
On 2007/01/28 13:03, Soner Tari wrote: I'm running Postfix on OpenBSD and have multiple external links on the same box. I want outgoing smtp connections to be routed to ext_if2, but the rest to ext_if1. To achieve this, default route being ext_if1, I tried a couple of things: pass out log quick route-to ($ext_if2 $ext_gw2) \ proto tcp to any port smtp user _postfix keep state if that's all you have, run tcpdump on $ext_if2 and you'll see packets going out with $ext_if1's source address because you're missing the nat rule to go with it. route-to/reply-to just change the routing, not the src/dest addresses. In short, I need something like destination-port-based routing for multiple links. The situation is not specific to smtp port or Postfix, I'd like to achieve the same for any port I wish. works perfectly.
PF keep state does'nt like Mandriva2007
Dear Lists. I have one bridge PF machine for packet queue and prio, and few new install Mandriva2007 (linux kernel) that couldn not browse the web (the other protocol work OK) if the rules keep state in PF machine is activated. but the others hosts (WinXP, BSD, Mac, Others Linux) work fine. Why PF (OpenBSD-3.9) doesnt like Mandriva2007 Plese help regards Reza Never Miss an Email Stay connected with Yahoo! Mail on your mobile. Get started! http://mobile.yahoo.com/services?promote=mail
Re: PF keep state does'nt like Mandriva2007
On 1/28/07, Reza Muhammad [EMAIL PROTECTED] wrote: Snip Why PF (OpenBSD-3.9) doesnt like Mandriva2007 Plese help because you have Mandriva configured wrong.
Unix domain socket message size
I have been trying to increase the maximum allowed size for a message when using unix domain sockets without any success... Whenever I send anything larger than 2048, it fails with EMSGSIZE. I looked at multiple sysctls and no one seems to be related to unix domain sockets. From getsockopt the maximum sizes should be 9k for recv and 40k for sending... To show my point, I created a small program that creates a server/client socket and attempts to send data between them. Whenever I reach 2049, it fails with message too long... Test output: http://pastebin.com/870008 Sample code example: http://pastebin.com/870005 *I am using OpenBSD 3.9 Generic.. *Sorry for using pastebin, but this new yahoo mail is terrible to paste stuff... Thanks, Daniel __ Fale com seus amigos de graga com o novo Yahoo! Messenger http://br.messenger.yahoo.com/
