Allied Telesyn AT-2701FTX fibre card dysfunctional?
Hi list, I'd like to build a firewall (OpenBSD 4.3 i386) using one em0 interface (management only), and two pcnX interface, which are based AT-2701FTX cards. Those cards are seen by OpenBSD as the following devices: pcn0 at pci1 dev 7 function 0 AMD 79c970 PCnet-PCI rev 0x54, Am79c976, rev 4: irq 9, address 00:15:77:77:6a:b2 acphy0 at pcn0 phy 1: AC101 10/100 PHY, rev. 11 ifmedia_set: no match for 0x20/0x pcn1 at pci1 dev 8 function 0 AMD 79c970 PCnet-PCI rev 0x54, Am79c976, rev 4: irq 11, address 00:15:77:9c:17:b4 acphy1 at pcn1 phy 1: AC101 10/100 PHY, rev. 11 ifmedia_set: no match for 0x20/0x The interfaces are up and running, but as soon as there's traffic on those interfaces, they throw CRC errors; from dmesg: Jul 18 12:00:02 puffy newsyslog[28063]: logfile turned over Jul 18 12:00:02 puffy syslogd: restart Jul 18 12:00:03 puffy /bsd: pcn0: CRC error Jul 18 12:00:53 puffy /bsd: pcn0: CRC error Jul 18 12:01:27 puffy last message repeated 3 times Jul 18 12:10:34 puffy last message repeated 2 times Jul 18 12:16:55 puffy last message repeated 6 times Jul 18 12:17:03 puffy /bsd: pcn0: CRC error Jul 18 12:17:18 puffy last message repeated 3 times Jul 18 12:18:03 puffy /bsd: pcn0: CRC error Jul 18 12:18:07 puffy /bsd: pcn0: CRC error Jul 18 12:20:46 puffy last message repeated 10 times and so on. Is that known behaviour on this cards? How can I help to fix this problem? Best, Timo - full dmesg: OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) 4 CPU 2.26GHz (GenuineIntel 686-class) 2.26 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF real mem = 534810624 (510MB) avail mem = 509075456 (485MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 04/28/03, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf0450 (67 entries) bios0: vendor Dell Computer Corporation version A06 date 04/28/2003 bios0: Dell Computer Corporation OptiPlex GX260 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfeae0/176 (9 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801BA LPC rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xb800! 0xcb800/0xe800 0xda000/0xe800 0xe8800/0x1800 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82845G Host rev 0x01 agp0 at pchb0: aperture at 0xe800, size 0x800 vga1 at pci0 dev 2 function 0 Intel 82845G Video rev 0x01 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 9 uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 11 uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 10 ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 3 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb0 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0x81 pci1 at ppb0 bus 1 pcn0 at pci1 dev 7 function 0 AMD 79c970 PCnet-PCI rev 0x54, Am79c976, rev 4: irq 9, address 00:15:77:77:6a:b2 acphy0 at pcn0 phy 1: AC101 10/100 PHY, rev. 11 ifmedia_set: no match for 0x20/0x pcn1 at pci1 dev 8 function 0 AMD 79c970 PCnet-PCI rev 0x54, Am79c976, rev 4: irq 11, address 00:15:77:9c:17:b4 acphy1 at pcn1 phy 1: AC101 10/100 PHY, rev. 11 ifmedia_set: no match for 0x20/0x em0 at pci1 dev 12 function 0 Intel PRO/1000MT (82540EM) rev 0x02: irq 10, address 00:0b:db:4f:18:8f ichpcib0 at pci0 dev 31 function 0 Intel 82801DB LPC rev 0x01: 24-bit timer at 3579545Hz pciide0 at pci0 dev 31 function 1 Intel 82801DB IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: ST310211A wd0: 16-sector PIO, LBA, 9541MB, 19541088 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: HL-DT-ST, CD-ROM GCR-8481B, 1.06 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x01: irq 11 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 256MB DDR SDRAM non-parity PC2100CL2.5 spdmem1 at iic0 addr 0x51: 256MB DDR SDRAM non-parity PC2100CL2.5 auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x01: irq 11, ICH4 AC97 ac97: codec id 0x41445374 (Analog Devices AD1981B) ac97: codec features headphone, 20 bit DAC, No 3D Stereo audio0 at auich0 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB
Re: Panic in latest snapshot - vr, perhaps
hi, On Sun, Jul 20, 2008 at 08:28:57AM -0600, Mark Zimmerman wrote: Greetings: Sorry for not using sendbug, but I wanted to get something out quickly while I have a moment. it is always better to use sendbug because it helps us to remember and to track the bug. Summary: I have a jetway board with two interfaces. vr0 (external) and ral0 (wireless access point). When I boot up a laptop that uses the wireless access point, the jetway board panics. This is repeatable. the strange thing is that the mbuf seems to be NULL before feeded into ether_input_mbuf(). can you try to build a -current kernel, test it, and revert vr to the previous version, test it again, to see if it makes a difference? # cd /usr/src # rm sys/dev/pci/if_vr*.? # cvs up -r1.73 sys/dev/pci/if_vr.c # cvs up -r1.20 sys/dev/pci/if_vrreg.h are you using a bridge (not seen in the ifconfig output)? are you using ipv6 before the panic? dmesg, ifconfig, trace, ps follow... OpenBSD 4.4-beta (GENERIC) #979: Wed Jul 16 09:40:32 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Esther processor 1200MHz (CentaurHauls 686-class) 1.21 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2 cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 1005023232 (958MB) avail mem = 963469312 (918MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 01/15/08, BIOS32 rev. 0 @ 0xfa130, SMBIOS rev. 2.3 @ 0xf (34 entries) bios0: vendor Phoenix Technologies, LTD version 6.00 PG date 01/15/2008 apm0 at bios0: Power Management spec V1.2 (slowidle) apm0: AC on, battery charge unknown acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xf/0xc964 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc890/208 (11 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 11 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x1 cpu0 at mainbus0 cpu0: Enhanced SpeedStep 1200 MHz (860 mV): speeds: 1200, 1000, 800, 600, 400 MHz pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 VIA CN700 Host rev 0x00 pchb1 at pci0 dev 0 function 1 VIA CN700 Host rev 0x00 pchb2 at pci0 dev 0 function 2 VIA CN700 Host rev 0x00 pchb3 at pci0 dev 0 function 3 VIA PT890 Host rev 0x00 pchb4 at pci0 dev 0 function 4 VIA CN700 Host rev 0x00 pchb5 at pci0 dev 0 function 7 VIA CN700 Host rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 VIA S3 Unichrome PRO IGP rev 0x01 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: v3, aperture at 0xe800, size 0x1000 ral0 at pci0 dev 8 function 0 Ralink RT2561S rev 0x00: irq 11, address 00:0e:2e:b3:0a:a1 ral0: MAC/BBP RT2561C, RF RT2527 VIA VT6306 FireWire rev 0x80 at pci0 dev 10 function 0 not configured pciide0 at pci0 dev 15 function 0 VIA VT6420 SATA rev 0x80: DMA pciide0: using irq 11 for native-PCI interrupt pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility pciide1: channel 0 disabled (no drives) wd0 at pciide1 channel 1 drive 0: ST340014A wd0: 16-sector PIO, LBA48, 38166MB, 78165360 sectors wd0(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 5 uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x81: irq 10 uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x81: irq 10 uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x81: irq 11 uhci3 at pci0 dev 16 function 3 VIA VT83C572 USB rev 0x81: irq 11 ehci0 at pci0 dev 16 function 4 VIA VT6202 USB rev 0x86: irq 5 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 VIA EHCI root hub rev 2.00/1.00 addr 1 viapm0 at pci0 dev 17 function 0 VIA VT8237 ISA rev 0x00 iic0 at viapm0 spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-4200CL5 auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x60: irq 5 ac97: codec id 0x56494170 (VIA Technologies 70) ac97: codec features headphone, 18 bit DAC, 18 bit ADC, KS Waves 3D audio0 at auvia0 vr0 at pci0 dev 18 function 0 VIA RhineII-2 rev 0x78: irq 10, address 00:30:18:a6:91:2e ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI 0x004063, model 0x0032 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 VIA UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 VIA UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 VIA UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 VIA UHCI root hub rev 1.00/1.00 addr 1 isa0 at mainbus0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port
Re: Light HTTP servers.
On 2008-07-20, Marc Balmer [EMAIL PROTECTED] wrote: * Henning Brauer wrote: lighttpd. can it do reverse proxying, as needed for zope? it definitely can in 1.5, I'm not sure about the in-tree version but I think it's likely.
Re: Light HTTP servers.
* Stuart Henderson wrote: On 2008-07-20, Marc Balmer [EMAIL PROTECTED] wrote: * Henning Brauer wrote: lighttpd. can it do reverse proxying, as needed for zope? it definitely can in 1.5, I'm not sure about the in-tree version but I think it's likely. nice. btw, there is also a light http server called nostromo, developed by [EMAIL PROTECTED]
Re: Light HTTP servers.
nice. btw, there is also a light http server called nostromo, developed by [EMAIL PROTECTED] That's nhttpd, didn't you rtfm? The monkeys will eat you alive if you didn't (beats masturbating the whole day). -- Nuno MagalhC#es
Re: GPL version 4
On Thu, 17 Jul 2008 00:51:53 -0500 Travers Buda [EMAIL PROTECTED] wrote: I'd like to present GPL version 10^100^100! (that's not an exclaimation, that's a factorial.) Over the years, clauses have been _removed_ from BSD-like licenses. The GPL keeps getting things _added_. *insert some sort of wisdom here about how this means BSD-like is better* Less is more. Dhu Reading (and actually understanding) the GPL could easily drive a sane man, with no drug abuse or family history of mental illness, completely insane due to its ever-increasing complexity. -- Travers Buda
ping: sendto: No buffer space available when using bittorrent or another p2p
Hi all,
I run OpenBSD 4.3 on my gateway. But when a machine behind the
NAT/gateway uses bittoreent (or gtk-gnutella) I loss packets.
For example when I try to do a ping www.google.com I can see ping:
sendto: No buffer space available (on my gateway)
It's the same if I use gtk-gnutella. I think it's related to the huge
number of states (about 1500 for bittorent)
Any idea to the problem ?
Thanks for help.
Amaury De Ganseman
infos:
-
dmesg in attach
I use user-space pppoe
I use traffic shaping:
#ALTQ CBQ
altq on $ext_if cbq bandwidth 350Kb queue {std}
queue std bandwidth 100% { hprio, lprio}
queue lprio bandwidth 80% priority 0 cbq(default, borrow,red, ecn )
queue hprio bandwidth 20% priority 7 cbq(borrow, red, ecn)
gateway# netstat -m
37 mbufs in use:
32 mbufs allocated to data
1 mbuf allocated to packet headers
4 mbufs allocated to socket names and addresses
32/306/6144 mbuf clusters in use (current/peak/max)
708 Kbytes allocated to network (10% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
I use user-space pppoe
[demime 1.01d removed an attachment of type application/octet-stream which had
a name of obsd.dmesg]
Re: it's possible using cd43.iso when make OpenBSD 4.3 ISO?
my mail wrote: i have success build OpenBSD 4.3 ISO using floppy43.fs, and after testing, this iso work perfectly. but when i build OpenBSD 4.3 ISO using cd43.iso, my ISO can't boot, i have using options -no-emul-boot because this file to large. it's possibel to using cd43.iso when make OpenBSD 4.3 ISO file? thx the cd4x.iso is a full install disc including the kernel without the install sets. you can use the cd43.iso as a boot media without adding any additional files. you can then install from ftp / http. If i'm right the cd4x.iso cannot be used as a bootstrap image for a new disc like the floppy4x.fs marco
Re: it's possible using cd43.iso when make OpenBSD 4.3 ISO?
On Sun, Jul 20, 2008 at 10:53:36PM -0700, my mail wrote: | i have success build OpenBSD 4.3 ISO using floppy43.fs, and after | testing, this iso work perfectly. | | but when i build OpenBSD 4.3 ISO using cd43.iso, my ISO can't boot, | i have using options -no-emul-boot because this file to large. | | it's possibel to using cd43.iso when make OpenBSD 4.3 ISO file? Well, yes and no. What do you want to do, exactly ? How did you build your non-booting ISO based on cd43.iso ? The cd43.iso is already a usable ISO image, ready to be written to a CD and booted from. If you want to use what's on this CD, you can mount the image (or a CD written with this image) and copy the contents of it, but then it's probably easier to download cdboot, cdbr and bsd.rd from the same mirror where you found cd43.iso. Does your machine require floppy emulation for booting ? In that case, you can try creating an ISO with floppy43.fs (or floppy44.fs, if you want to use the latest snapshot). It all depends a bit on what it is that you want, exactly. My suggestion would be, use cd43.iso (or cd44.iso) and simply write that to a blank CD and boot from it. It should just work. Cheers, Paul 'WEiRD' de Weerd -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/
Re: ping: sendto: No buffer space available when using bittorrent or another p2p
Does the issue go away when you make ping part of the high priority queue?
On Mon, Jul 21, 2008 at 7:55 AM, Amaury De Ganseman
[EMAIL PROTECTED] wrote:
Hi all,
I run OpenBSD 4.3 on my gateway. But when a machine behind the
NAT/gateway uses bittoreent (or gtk-gnutella) I loss packets.
For example when I try to do a ping www.google.com I can see ping:
sendto: No buffer space available (on my gateway)
It's the same if I use gtk-gnutella. I think it's related to the huge
number of states (about 1500 for bittorent)
Any idea to the problem ?
Thanks for help.
Amaury De Ganseman
infos:
-
dmesg in attach
I use user-space pppoe
I use traffic shaping:
#ALTQ CBQ
altq on $ext_if cbq bandwidth 350Kb queue {std}
queue std bandwidth 100% { hprio, lprio}
queue lprio bandwidth 80% priority 0 cbq(default, borrow,red, ecn )
queue hprio bandwidth 20% priority 7 cbq(borrow, red, ecn)
gateway# netstat -m
37 mbufs in use:
32 mbufs allocated to data
1 mbuf allocated to packet headers
4 mbufs allocated to socket names and addresses
32/306/6144 mbuf clusters in use (current/peak/max)
708 Kbytes allocated to network (10% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
I use user-space pppoe
Re: ping: sendto: No buffer space available when using bittorrent or another p2p
Daniel Melameth escreveu:
Does the issue go away when you make ping part of the high priority queue?
On Mon, Jul 21, 2008 at 7:55 AM, Amaury De Ganseman
[EMAIL PROTECTED] wrote:
Hi all,
I run OpenBSD 4.3 on my gateway. But when a machine behind the
NAT/gateway uses bittoreent (or gtk-gnutella) I loss packets.
For example when I try to do a ping www.google.com I can see ping:
sendto: No buffer space available (on my gateway)
It's the same if I use gtk-gnutella. I think it's related to the huge
number of states (about 1500 for bittorent)
Any idea to the problem ?
Thanks for help.
Amaury De Ganseman
infos:
-
dmesg in attach
I use user-space pppoe
I use traffic shaping:
#ALTQ CBQ
altq on $ext_if cbq bandwidth 350Kb queue {std}
queue std bandwidth 100% { hprio, lprio}
queue lprio bandwidth 80% priority 0 cbq(default, borrow,red, ecn )
queue hprio bandwidth 20% priority 7 cbq(borrow, red, ecn)
gateway# netstat -m
37 mbufs in use:
32 mbufs allocated to data
1 mbuf allocated to packet headers
4 mbufs allocated to socket names and addresses
32/306/6144 mbuf clusters in use (current/peak/max)
708 Kbytes allocated to network (10% in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
I use user-space pppoe
Take a look at the list archives. I recall someone having the same
issue, and it was something to do with the network card. It was a
hardware problem. I already had this sometimes, and only rebooting the
machine solved the problem.
My regards,
--
Giancarlo Razzolini
http://lock.razzolini.adm.br
Linux User 172199
Red Hat Certified Engineer no:804006389722501
Verify:https://www.redhat.com/certification/rhce/current/
Moleque Sem Conteudo Numero #002
OpenBSD Stable
Ubuntu 8.04 Hardy Heron
4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
Re: ping: sendto: No buffer space available when using bittorrent or another p2p
On Mon, Jul 21, 2008 at 03:55:41PM +0200, Amaury De Ganseman wrote:
Hey there,
I run OpenBSD 4.3 on my gateway. But when a machine behind the
NAT/gateway uses bittoreent (or gtk-gnutella) I loss packets.
For example when I try to do a ping www.google.com I can see ping:
sendto: No buffer space available (on my gateway)
It's the same if I use gtk-gnutella. I think it's related to the huge
number of states (about 1500 for bittorent)
The default limit for number of states is quite low. Try adding the
following to pf.conf and running pfctl -vf /etc/pf.conf
set limit { states 5000, frags 5000, src-nodes 5000 }
You can up the values if they are too low.
Use pfctl -s info to view how many entries there are in the state
table beforehand and compare it to afterwards.
HTH.
-- joe.
Denim is old news. Who wants to look like a member of B*witched?
Re: ping: sendto: No buffer space available when using bittorrent or another p2p
On Mon, Jul 21, 2008 at 10:39 AM, Joe Warren-Meeks [EMAIL PROTECTED] wrote:
The default limit for number of states is quite low. Try adding the
following to pf.conf and running pfctl -vf /etc/pf.conf
set limit { states 5000, frags 5000, src-nodes 5000 }
You can up the values if they are too low.
Use pfctl -s info to view how many entries there are in the state
table beforehand and compare it to afterwards.
FWIW, the default state and src-nodes limit is twice what you have above.
Re: CARP not leaving backup state
Hello everyone, I am sorry for not mentioning it was a vmWare instance. The packet replay seemed to be the culprit. This occured when we moved the image to a vmWare host running vmWare ESX 3.5 from 3.0. Our working theory is that under 3.5 pernicious mode works differently than under 3.0 and replays all of the traffic. Has anyone else experienced this problem? Stuart Henderson wrote: On 2008-07-19, William Stuart [EMAIL PROTECTED] wrote: Thanks everyone I figured it out! 19:13:46.334037 CARPv2-advertise 36: vhid=50 advbase=1 advskew=0 demote=0 (DF) [tos 0x10] 19:13:46.334299 CARPv2-advertise 36: vhid=50 advbase=1 advskew=0 demote=0 (DF) [tos 0x10] Something is mirroring and replaying all the packets back. Grrr. Must be a vmWare config issue. Anyone asking about any wierd problems, _please_ mention any VMs that may be involved early on in the thread... as always, a dmesg would be a good starting point.
Re: Panic in latest snapshot - vr, perhaps
On Mon, Jul 21, 2008 at 09:51:10AM +0200, Reyk Floeter wrote: hi, On Sun, Jul 20, 2008 at 08:28:57AM -0600, Mark Zimmerman wrote: Greetings: Sorry for not using sendbug, but I wanted to get something out quickly while I have a moment. it is always better to use sendbug because it helps us to remember and to track the bug. You are right, of course. Bug ID is system/5881
Can't scp, ssh is slow to authenticate.
I'm trying to scp from Debian to OpenBSD on two local machines but it's obviously not working. They're connected through a router and i can scp to another local Debian machine. Here's the output: [EMAIL PROTECTED]:~ scp -vr ~/folder/folder/ 192.168.2.80:~ Executing: program /usr/bin/ssh host 192.168.2.80, marksandman (unspecified), command scp -v -r -t ~ OpenSSH_4.7p1 Debian-12, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.2.80 [192.168.2.80] port 22. debug1: Connection established. debug1: identity file /home/marksandman/.ssh/id_rsa type -1 debug1: identity file /home/marksandman/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.8 debug1: match: OpenSSH_4.8 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-12 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-cbc hmac-md5 none debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '192.168.2.80' is known and matches the RSA host key. debug1: Found key in /home/marksandman/.ssh/known_hosts:6 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received Then it hangs for about a minute or so... the same delay happens if i run ssh 192.168.2.80 (only ssh works without a problem). debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/marksandman/.ssh/id_rsa debug1: Trying private key: /home/marksandman/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password [EMAIL PROTECTED]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug1: Sending command: scp -v -r -t ~ 6:52PM up 4 days, 56 mins, 0 marksandmans, load averages: 0.11, 0.09, 0.08 [EMAIL PROTECTED]:~ debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: channel 0: free: client-session, nchannels 1 debug1: fd 0 clearing O_NONBLOCK debug1: fd 1 clearing O_NONBLOCK debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.8 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0 debug1: Exit status 0 And i get my local prompt again, no files copied. I've also tried scp -vr -o User marksandman ~/folder/folder/ 192.168.2.80:~ with the same results. Yes, it's the same username on both machines. I can scp to my college account and to a friend's server without issues. I can also scp to my college from OpenBSD. Any suggestions to this? Quite obviously the scp manpage doesn't really give a solution to this. I've also tried forcing ssh protocol 2 as well as IPv4. -- Nuno MagalhC#es
Re: Can't scp, ssh is slow to authenticate.
Nuno MagalhC#es escreveu: I'm trying to scp from Debian to OpenBSD on two local machines but it's obviously not working. They're connected through a router and i can scp to another local Debian machine. Here's the output: [EMAIL PROTECTED]:~ scp -vr ~/folder/folder/ 192.168.2.80:~ Executing: program /usr/bin/ssh host 192.168.2.80, marksandman (unspecified), command scp -v -r -t ~ OpenSSH_4.7p1 Debian-12, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.2.80 [192.168.2.80] port 22. debug1: Connection established. debug1: identity file /home/marksandman/.ssh/id_rsa type -1 debug1: identity file /home/marksandman/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.8 debug1: match: OpenSSH_4.8 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-12 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-cbc hmac-md5 none debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '192.168.2.80' is known and matches the RSA host key. debug1: Found key in /home/marksandman/.ssh/known_hosts:6 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received Then it hangs for about a minute or so... the same delay happens if i run ssh 192.168.2.80 (only ssh works without a problem). debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/marksandman/.ssh/id_rsa debug1: Trying private key: /home/marksandman/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password [EMAIL PROTECTED]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug1: Sending command: scp -v -r -t ~ 6:52PM up 4 days, 56 mins, 0 marksandmans, load averages: 0.11, 0.09, 0.08 [EMAIL PROTECTED]:~ debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: channel 0: free: client-session, nchannels 1 debug1: fd 0 clearing O_NONBLOCK debug1: fd 1 clearing O_NONBLOCK debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.8 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0 debug1: Exit status 0 And i get my local prompt again, no files copied. I've also tried scp -vr -o User marksandman ~/folder/folder/ 192.168.2.80:~ with the same results. Yes, it's the same username on both machines. I can scp to my college account and to a friend's server without issues. I can also scp to my college from OpenBSD. Any suggestions to this? Quite obviously the scp manpage doesn't really give a solution to this. I've also tried forcing ssh protocol 2 as well as IPv4. Seems to me like you have dns issues. Try adding the machine to your /etc/hosts files. This kind of hang you've been seeing, is surely linked to dns issues. Also, some checks on permisssions on both hosts, try to see if the subsystem sftp-server is enable on the ssh server, check if you can execute the scp binary on both machines, things like this. Also, increasing the debug level at server side can also help. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
Re: PF issue
Thank you guys for your quick responses :) This mailing list(group) is awesome. So last night, I changed my 4.3 openbsd gateway to 4.2 one, slapped on the same pf rules BUT with user land pppoe and PRESTO it works like a charm. I could access my webserver in the lab totally fine. I think it could be something to do with MTU size, I will still continue my search and post it to the list once I find something. Again, really appreciate everyone's help on this. Thx a bunch! On Jul 20, 2008, at 10:01 PM, Srikant Tangirala wrote: Have you tried doing a tcpdump on fxp0 and pflog0 while trying to access the web server on home firewall? Might give you clues. Srikant.
BLOCKSIZE in .cshrc
Hi Why is the line 'setenv BLOCKSIZE 1k' present in the .cshrc file? We noticed this because csh appears to be the default shell for our 3.5 and 3.6 boxes and subsequently any functions that use sys/stat.h are messed up. Thanks Jonathan Steel
Re: BLOCKSIZE in .cshrc
On 7/21/08, Jonathan Steel [EMAIL PROTECTED] wrote: Why is the line 'setenv BLOCKSIZE 1k' present in the .cshrc file? We noticed this because csh appears to be the default shell for our 3.5 and 3.6 boxes and subsequently any functions that use sys/stat.h are messed up. It's been like that since the dawn of time. Of course, most people don't notice because the default shell has been ksh for years and nobody logs in as root anyway.
Re: Can't scp, ssh is slow to authenticate.
Your DNS is setup wrong. Too vague. Try setting UseDNS no on the server in /etc/ssh/sshd_config. That solved the slowness, thanks. I tried -HUP ing the sshd processes but that didn't solve it at once (it only killed my connections fo course); reboting the machine did, now it logs in fast. Is there another way that doesn't involve rebooting or did i do something wrong? What happens if you use a target path scp -vr ~/folder/folder/ 192.168.2.80:/path/path You mean an absolute path? Like /home/user/folder or something? No effect, same results (i.e. no transfer is done). I tried both in the source and in the destination. What does your UseDNS line look like? It was comented out, now is UseDNS no according to Michael Lechtermann's suggestion. check if you can execute the scp binary on both machines As i said, i can. some checks on permisssions on both hosts Everything's normal. try to see if the subsystem sftp-server is enable on the ssh server, It was, i comented it out. I've installed and tried to configure vsftpd without success but it's not running (neither by default). These are both local machines, why would DNS be required? I added the IP adress to the /etc/hosts file but i'm not sure if i did it right and i'm using DHCP so that wouldn't be a permanent solution. I'm probably missing something really simple... -- Nuno MagalhC#es
Re: Can't scp, ssh is slow to authenticate.
These are both local machines, why would DNS be required? Because in the modern world DNS -- or any other kind of reliable name-address + address-name mapping -- is required. You might as well get used to it.
Re: CARP not leaving backup state
On 2008-07-21, William Stuart [EMAIL PROTECTED] wrote: I am sorry for not mentioning it was a vmWare instance. The packet replay seemed to be the culprit. This occured when we moved the image to a vmWare host running vmWare ESX 3.5 from 3.0. Our working theory is that under 3.5 pernicious mode works differently than under 3.0 and replays all of the traffic. Has anyone else experienced this problem? No vmware here, but I have noticed some emulator or other (maybe it was simh) returning transmitted ethernet frames on the receive side. Is it any better with vic(4)? (and can you check if basic functions work on ESX 3.x so the manual page, which only mentions 2.x, can be updated?)
Re: Can't scp, ssh is slow to authenticate.
2008/7/21 Nuno MagalhC#es [EMAIL PROTECTED]: I'm trying to scp from Debian to OpenBSD on two local machines but it's obviously not working. They're connected through a router and i can scp to another local Debian machine. Here's the output: [EMAIL PROTECTED]:~ scp -vr ~/folder/folder/ 192.168.2.80:~ Executing: program /usr/bin/ssh host 192.168.2.80, marksandman (unspecified), command scp -v -r -t ~ OpenSSH_4.7p1 Debian-12, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.2.80 [192.168.2.80] port 22. debug1: Connection established. debug1: identity file /home/marksandman/.ssh/id_rsa type -1 debug1: identity file /home/marksandman/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.8 debug1: match: OpenSSH_4.8 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-12 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-cbc hmac-md5 none debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '192.168.2.80' is known and matches the RSA host key. debug1: Found key in /home/marksandman/.ssh/known_hosts:6 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received Then it hangs for about a minute or so... the same delay happens if i run ssh 192.168.2.80 (only ssh works without a problem). debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/marksandman/.ssh/id_rsa debug1: Trying private key: /home/marksandman/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password [EMAIL PROTECTED]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug1: Sending command: scp -v -r -t ~ 6:52PM up 4 days, 56 mins, 0 marksandmans, load averages: 0.11, 0.09, 0.08 Am I the only one noting this line in the output. I don't think scp wants to have load averages. It think it is a problem with the shell non-interactive initialization script. [EMAIL PROTECTED]:~ debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: channel 0: free: client-session, nchannels 1 debug1: fd 0 clearing O_NONBLOCK debug1: fd 1 clearing O_NONBLOCK debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.8 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0 debug1: Exit status 0 And i get my local prompt again, no files copied. I've also tried scp -vr -o User marksandman ~/folder/folder/ 192.168.2.80:~ with the same results. Yes, it's the same username on both machines. I can scp to my college account and to a friend's server without issues. I can also scp to my college from OpenBSD. Any suggestions to this? Quite obviously the scp manpage doesn't really give a solution to this. I've also tried forcing ssh protocol 2 as well as IPv4. -- Nuno MagalhC#es -- La brigade SnW veut vous recruter - http://brigade.snw.googlepages.com
PF route-to syntax
I discovered that rules like pass in on $int_if route-to ($ext_if2 $ext_gw2) from any to any must route-to an interface and not that interface's ip address. The rule set will load without an error message but the route-to rule will not work if the ip address is specified. My first question is am I correct in this understanding. And if I am, shouldn't the ruleset fail to load if the route-to rule is not given and interface name? Thanks.
bsd.mp panic: pu0: running cpu is at apic 3 instead of at expected 0
Booting single processor generic is fine, bsd.mp panics on boot.
Jeff
(also filed with sendbug)
boot bsd.mp
booting hd0a:bsd.mp: 6085700+1035580 [52+318368+300636]=0x761d24
entry point at 0x200120
[ using 619428 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2008 OpenBSD. All rights reserved.
http://www.OpenBSD.org
OpenBSD 4.4-beta (GENERIC.MP) #804: Sun Jul 20 14:42:29 MDT 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel Pentium III (GenuineIntel 686-class) 1 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,SER,MMX,FXSR,SSE
real mem = 2146983936 (2047MB)
avail mem = 2067787776 (1971MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 03/30/01, BIOS32 rev. 0 @ 0xfd85e,
SMBIOS rev. 2.3 @ 0xef530 (51 entries)
bios0: vendor Intel Corporation version STL20.86B.0021.P01.0103301605
date 03/30/2001
bios0: Intel STL2
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC BOOT
acpi0: wakeup devices SLPB(S4) COMA(S4) COMB(S4) LAN0(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0panic: cpu0: running cpu is at apic 3 instead of at
expected 0
Stopped at Debugger+0x4: leave
Debugger(0,4,d0816500,d2a39400,d0963b70) at Debugger+0x4
panic(d0787540,d2a39414,3,0,d07b47bc) at panic+0x55
cpu_attach(d2a6efc0,d2a39400,d0963b70,d2a6efc0,d08c82e0) at cpu_attach+0xd9
config_attach(d2a6efc0,d07adce4,d0963b70,d069aacc,d0963bfc) at
config_attach+0x
fd
acpimadt_attach(d2a6cc00,d2a91fc0,d0963c50,d2a6cc00,0) at
acpimadt_attach+0x446
config_attach(d2a6cc00,d07aec38,d0963c50,d06902b8,0) at config_attach+0xfd
acpi_attach(d2a6ef80,d2a6cc00,d0963d50,d2a6ef80,0) at acpi_attach+0x3dd
config_attach(d2a6ef80,d07aeaf4,d0963d50,d061c65c) at config_attach+0xfd
biosattach(d2a6efc0,d2a6ef80,d0963e80,d2a6efc0,d020323d) at biosattach+0x367
config_attach(d2a6efc0,d07adc9c,d0963e80,d04b5324,d06f3da8) at
config_attach+0x
fd
RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC!
DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION!
ddb{0} trace
Debugger(0,4,d0816500,d2a39400,d0963b70) at Debugger+0x4
panic(d0787540,d2a39414,3,0,d07b47bc) at panic+0x55
cpu_attach(d2a6efc0,d2a39400,d0963b70,d2a6efc0,d08c82e0) at cpu_attach+0xd9
config_attach(d2a6efc0,d07adce4,d0963b70,d069aacc,d0963bfc) at
config_attach+0x
fd
acpimadt_attach(d2a6cc00,d2a91fc0,d0963c50,d2a6cc00,0) at
acpimadt_attach+0x446
config_attach(d2a6cc00,d07aec38,d0963c50,d06902b8,0) at config_attach+0xfd
acpi_attach(d2a6ef80,d2a6cc00,d0963d50,d2a6ef80,0) at acpi_attach+0x3dd
config_attach(d2a6ef80,d07aeaf4,d0963d50,d061c65c) at config_attach+0xfd
biosattach(d2a6efc0,d2a6ef80,d0963e80,d2a6efc0,d020323d) at biosattach+0x367
config_attach(d2a6efc0,d07adc9c,d0963e80,d04b5324,d06f3da8) at
config_attach+0x
fd
mainbus_attach(0,d2a6efc0,0,deff4000,d0962334) at mainbus_attach+0x3d
config_attach(0,d07ab518,0,0,0) at config_attach+0xfd
config_rootfound(d06f25cb,0,d0963f38,d0486f12) at config_rootfound+0x27
cpu_configure(d08c7f80,1,3,0,2) at cpu_configure+0x29
main(0,0,0,0,0) at main+0x39f
ps
PID PPID PGRPUID S FLAGS WAIT COMMAND
*0 -1 0 0 7 0x80200swapper
ddb{0}
bsd dmesg
booting hd0a:/bsd: 6045664+1025204 [52+315248+297754]=0x7540c8
entry point at 0x200120
[ using 613428 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2008 OpenBSD. All rights reserved.
http://www.OpenBSD.org
OpenBSD 4.4-beta (GENERIC) #980: Sun Jul 20 14:35:02 MDT 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III (GenuineIntel 686-class) 1 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,SER,MMX,FXSR,SSE
real mem = 2146983936 (2047MB)
avail mem = 2067836928 (1972MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 03/30/01, BIOS32 rev. 0 @ 0xfd85e,
SMBIOS rev. 2.3 @ 0xef530 (51 entries)
bios0: vendor Intel Corporation version STL20.86B.0021.P01.0103301605
date 03/30/2001
bios0: Intel STL2
apm at bios0 function 0x15 not configured
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC BOOT
acpi0: wakeup devices SLPB(S4) COMA(S4) COMB(S4) LAN0(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PCI1)
acpiec0 at acpi0
acpicpu0 at acpi0
acpitz0 at acpi0: critical temperature 110 degC
acpitz1 at acpi0: critical temperature 110 degC
acpitz2 at acpi0: critical temperature 80 degC
acpibtn0 at acpi0: SLPB
bios0: ROM list: 0xc/0x8000 0xc8000/0x1800 0xc9800/0x2800 0xcc000/0x5400
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 ServerWorks CNB20LE Host rev
