Re: ar5xxx.h
Dimitri schrieb: Sep 2 19:26:28 babilonia /bsd: ath0: unable to reset hardware; hal status 0 Sep 2 19:26:49 babilonia /bsd: ath0: unable to reset hardware; hal status 0 Sep 2 19:27:03 babilonia /bsd: ath0: unable to reset hardware; hal status 4096 I read man and I see: Do you see your wlan chip in the man ath? It's not yet supported. PS. Sorry, I forgot this... I run OpenBSD 4.6 snapshots whit last version of ar5xxx.h, but 4.5 has the same problem. my dmesg show this wireless: ath0: AR5424 14.2 phy 7.0 rf 0.0, WOR5_ETSIC, address 00:24:2b:a0:10:3d Thanks. Dimitri.- http://deoxyt2.livejournal.com OpenBSD - Free, Functional & Secure
Re: Accessing lan from internet
halcon schrieb: El miC), 02-09-2009 a las 18:48 +, Daniel Bolgheroni escribiC3: On Wed, 2 Sep 2009, halcon wrote: Hello I am administering a small linux/windows lan from my laptop/OpenBSD-4.5 base, without any problem, using # ssh u...@192.168.0.xxx; how could i accesss the lan from internet? u...@hostname? u...@external ip? I have read many docs without success, thanks in advance. francisco Are you using these cheap routers available everywhere? "Port forwarding", "forwarding", "virtual server", etc. Yes, i am, my gateway is 192.168.0.1 it is a cheap D-Link, behind, there are 2 Linux boxes (Ubuntu and Slackware), and 2 windows boxes (Windows Pro 2000 and Windows XP Home). If i understood well; it could be: ssh [hostname|IP] -- log into hostname as current username ssh Slackware|192.168.0.1 ssh au...@[hostname|IP] --log into hostname as auser or ssh j...@slackware|192.168.0.1 where IP is the current gateway to your lan. Is it correct, Dhu? I use ssh -l
Re: OT rack mount monitor/keyboards
On Thu, Sep 3, 2009 at 02:57, Steve Shockley wrote: > stan wrote: >> >> I have a few locations where I have installed 1U rack mount >> KVM/monitor/keyboards, and quite frankly. I'm not happy with any of the >> ones I have tried. >> >> I recognize this is off topic, but the people on this list are pretty hard >> to please. Given that I was wondering if anyone would like to recomend >> anything that they have used for these, and been happy with? > > A few people mentioned serial connections, but that doesn't really answer > your question, since you'd still need a KVM. B You'd also need computers that > properly do serial console. > > The 1U KVM consoles I've used range from adequate to suck. B My best > suggestion is KVM/IP (Avocent, etc.), serial as others have mentioned, or > ILO/DRAC. B That way you don't have to stand next to the servers. > > We use Cyclades at work... you can SSH to that, and then connect to the server using the serial connection.
duo core mac mini, bluetooth keyboard?
does a usb keyboard work in GENERIC on intel duo core mac mini? or is it still necessary to pair a bluetooth keyboard in osx before starting the install?
ar5xxx.h
Hi guys. I have a problem with ath wireles driver, when I try configure this in /etc/hostname.ath0 I received this error (/var/log/messages): Sep 2 19:26:28 babilonia /bsd: ath0: unable to reset hardware; hal status 0 Sep 2 19:26:49 babilonia /bsd: ath0: unable to reset hardware; hal status 0 Sep 2 19:27:03 babilonia /bsd: ath0: unable to reset hardware; hal status 4096 I read man and I see: ath%d: unable to reset hardware; hal status %u The Hardware Access Layer was unable to reset the hardware as requested. The status code is ex-plained in the HAL include file /sys/dev/ic/ar5xxx.h. This should not happen. I review ar5xxx.h library but I do not understand this function (I am researching more about this and how programming driver but the process is slow). /* Reset functions */ \ _t HAL_BOOL (_a _n##_reset)(struct ath_hal *, HAL_OPMODE, \ HAL_CHANNEL *, HAL_BOOL change_channel, HAL_STATUS *status); \ _t void (_a _n##_set_opmode)(struct ath_hal *); \ _t HAL_BOOL (_a _n##_calibrate)(struct ath_hal*, \ HAL_CHANNEL *); \ So, I try setting linux in a pendrive, config the wireless and... eureka, this run what is the difference between ar5k and madwifi?, how I can help to find a solution for this problem. PS. Sorry, I forgot this... I run OpenBSD 4.6 snapshots whit last version of ar5xxx.h, but 4.5 has the same problem. my dmesg show this wireless: ath0: AR5424 14.2 phy 7.0 rf 0.0, WOR5_ETSIC, address 00:24:2b:a0:10:3d Thanks. Dimitri.- http://deoxyt2.livejournal.com OpenBSD - Free, Functional & Secure
Re: OT rack mount monitor/keyboards
stan wrote: I have a few locations where I have installed 1U rack mount KVM/monitor/keyboards, and quite frankly. I'm not happy with any of the ones I have tried. I recognize this is off topic, but the people on this list are pretty hard to please. Given that I was wondering if anyone would like to recomend anything that they have used for these, and been happy with? A few people mentioned serial connections, but that doesn't really answer your question, since you'd still need a KVM. You'd also need computers that properly do serial console. The 1U KVM consoles I've used range from adequate to suck. My best suggestion is KVM/IP (Avocent, etc.), serial as others have mentioned, or ILO/DRAC. That way you don't have to stand next to the servers.
ifstated not honouring my if clauses ?
Hi all, I'm setting up a firewall with 2 load-balanced redundant Internet links. To ensure the host itself can load balance its outbound connections (and fail-over correctly if one of those links dies) I'm configuring ifstated to handle updating the default routes for the host based on a simple ping test to assess if I can contact the next hop for each interface. The configuration I've included below works fine if both links are active, and in a single link failure on either link it fails over correctly and fails back if both links are found to be available again. However there's a worst-case where both links go, for which I've included the 'alldown' state to prevent my host flapping, but it never manage to reach 'alldown', it just flap back and forth between 'link1only' and 'link2only' - note my test situation is included below including ifconfig output for the IF's, ping test output, ifstated output, and a trascription of my ifstated.conf. My reading of the ifstated.conf man page is that the BNF definitely supports the && clauses I'm using, and executes the body in-order, so does anyone know why I'm not reaching state 'alldown' ?? All help is greatly appreciated :-) Cheers Dave -- re0: flags=8843 mtu 1500 lladdr 00:14:d1:13:78:25 priority: 0 media: Ethernet autoselect (none) status: no carrier inet6 fe80::214:d1ff:fe13:7825%re0 prefixlen 64 scopeid 0x1 inet 192.168.5.10 netmask 0xff00 broadcast 192.168.5.255 re1: flags=8843 mtu 1500 lladdr 00:14:d1:13:71:e8 priority: 0 groups: egress media: Ethernet autoselect (none) status: no carrier inet6 fe80::214:d1ff:fe13:71e8%re1 prefixlen 64 scopeid 0x2 inet 192.168.6.10 netmask 0xff00 broadcast 192.168.6.255 # ping -I 192.168.5.10 -q -c 1 -w 1 192.168.5.2; echo $? PING 192.168.5.2 (192.168.5.2): 56 data bytes --- 192.168.5.2 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss 1 # ping -I 192.168.6.10 -q -c 1 -w 1 192.168.6.1; echo $? PING 192.168.6.1 (192.168.6.1): 56 data bytes --- 192.168.6.1 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss 1 --- # ifstated -vvd net_inet1 = "( "ping -I 192.168.5.10 -q -c 1 -w 1 192.168.5.2 > /dev/null" every 20 )" net_inet2 = "( "ping -I 192.168.6.10 -q -c 1 -w 1 192.168.6.1 > /dev/null" every 20 )" initial state: primary changing state to primary running ping -I 192.168.5.10 -q -c 1 -w 1 192.168.5.2 > /dev/null running ping -I 192.168.6.10 -q -c 1 -w 1 192.168.6.1 > /dev/null running route add -mpath default 192.168.5.2 add net default: gateway 192.168.5.2 running route add -mpath default 192.168.6.1 route: writing to routing socket: File exists add net default: gateway 192.168.6.1: File exists changing state to link1only running ping -I 192.168.5.10 -q -c 1 -w 1 192.168.5.2 > /dev/null running ping -I 192.168.6.10 -q -c 1 -w 1 192.168.6.1 > /dev/null running route delete default 192.168.6.1 delete net default: gateway 192.168.6.1 running route add -mpath default 192.168.5.2 route: writing to routing socket: File exists add net default: gateway 192.168.5.2: File exists changing state to link2only running ping -I 192.168.5.10 -q -c 1 -w 1 192.168.5.2 > /dev/null running ping -I 192.168.6.10 -q -c 1 -w 1 192.168.6.1 > /dev/null running route delete default 192.168.5.2 delete net default: gateway 192.168.5.2 running route add -mpath default 192.168.6.1 add net default: gateway 192.168.6.1 changing state to link1only running ping -I 192.168.5.10 -q -c 1 -w 1 192.168.5.2 > /dev/null ping: sendto: Host is down running ping -I 192.168.6.10 -q -c 1 -w 1 192.168.6.1 > /dev/null running route delete default 192.168.6.1 delete net default: gateway 192.168.6.1 running route add -mpath default 192.168.5.2 add net default: gateway 192.168.5.2 changing state to link2only ... --- net_inet1 = '( "ping -I 192.168.5.10 -q -c 1 -w 1 192.168.5.2 > /dev/null" every 20 )' net_inet2 = '( "ping -I 192.168.6.10 -q -c 1 -w 1 192.168.6.1 > /dev/null" every 20 )' init-state "primary" state primary { init { run "route add -mpath default 192.168.5.2" run "route add -mpath default 192.168.6.1" } # both links are down if (!$net_inet1) && (!$net_inet2) set-state alldown # link1 is down - go to link2 if ! $net_inet1 set-state link2only # link2 is down - go to link1 if ! $net_inet2 set-state link1only } # only link1 is up state link1only { init { run "route delete default 192.168.6.1" run "route add -mpath default 192.168.5.2" } # both links are up (all metrics are go) if $net_inet1 && $net_inet2 set-state primary # both links are down if (! $net_inet1) && (! $net_inet2) set-state alldown # this link (link1) is down if ! $net_inet1 set-state link2only } # only link2 is up state link2only { init { run "route
Re: brgphy(4) diff needs testing. | hijacked thread: jetway nf76-n1g5
-- 401.837.8417 jasonbeaud...@gmail.com On Wed, Sep 2, 2009 at 7:51 PM, Stuart Henderson wrote: > On 2009-08-29, Jason Beaudoin wrote: > > > > Hiya Kevin, > > > > I'm hoping this dmesg is from a jetway NF76-N1G: > > http://www.mini-box.com/Jetway-NF76-N1G6-mini-ITX_2 > > try again. > > might you know what it actually is? (curious) I'm trying to determine which (if any) chips from this board might be a problem in openbsd. Between this dmesg (which shares some of the chipsets) and a few snippets I've seen elsewhere it looks good, the only thing I haven't determined is the sound chipset. ~jason
Re: IrDA
On 2009-09-02, Fred Crowson wrote: > On 8/30/09, soko.tica wrote: >> On 8/28/09, Mike Hammer wrote: >> >>> Does anyone have IrDA working on a T60 Thinkpad? >> >> FAQ http://openbsd.org/i386.html#hardware >> says: >> >> Unsupported Hardware: >> Infrared devices, such as commonly found on laptops >> > > I have in the past successfully used the birda package on i386 laptops > to get IrDA working with OpenBSD. > > YMMV - I've not done this recently... > > hth > > Fred I successfully use IrDA on a T60 with OpenBSD -CURRENT amd64 together with the birda package cheers, Jona -- Worse is better Richard P. Gabriel
Re: Accessing lan from internet
El miC), 02-09-2009 a las 18:48 +, Daniel Bolgheroni escribiC3: > On Wed, 2 Sep 2009, halcon wrote: > > > Hello > > > > I am administering a small linux/windows lan from my laptop/OpenBSD-4.5 > > base, without any problem, using # ssh u...@192.168.0.xxx; how could i > > accesss the lan from internet? > > > > u...@hostname? u...@external ip? > > > > I have read many docs without success, thanks in advance. > > > > francisco > > Are you using these cheap routers available everywhere? > > "Port forwarding", "forwarding", "virtual server", etc. Yes, i am, my gateway is 192.168.0.1 it is a cheap D-Link, behind, there are 2 Linux boxes (Ubuntu and Slackware), and 2 windows boxes (Windows Pro 2000 and Windows XP Home). If i understood well; it could be: >>ssh [hostname|IP] -- log into hostname as current username ssh Slackware|192.168.0.1 >>ssh au...@[hostname|IP] --log into hostname as auser or ssh j...@slackware|192.168.0.1 >>where IP is the current gateway to your lan. Is it correct, Dhu?
Re: brgphy(4) diff needs testing.
On 2009-08-29, Jason Beaudoin wrote: > > Hiya Kevin, > > I'm hoping this dmesg is from a jetway NF76-N1G: > http://www.mini-box.com/Jetway-NF76-N1G6-mini-ITX_2 try again. > On Thu, Jun 11, 2009 at 3:51 AM, Kevin Lo wrote: >> bios0: iDOT Computers, Inc. iDOT VED8900 Series.
Re: Accessing lan from internet?
halcon a icrit : Hello I am administering a small linux/windows lan from my laptop/OpenBSD-4.5 base, without any problem, using # ssh u...@192.168.0.xxx; how could i accesss the lan from internet? u...@hostname? u...@external ip? I have read many docs without success, thanks in advance. francisco Hello, you must forward (using the NAT) the port 22 from your external IP address to the internal IP address of your network (the system you want to join). Caution : it is not very secure to permit to join your LAN from Internet, you should install your servers in a DMZ (for example). Remi.
Re: Accessing lan from internet
On Wed, 2 Sep 2009, halcon wrote: > Hello > > I am administering a small linux/windows lan from my laptop/OpenBSD-4.5 > base, without any problem, using # ssh u...@192.168.0.xxx; how could i > accesss the lan from internet? > > u...@hostname? u...@external ip? > > I have read many docs without success, thanks in advance. > > francisco Are you using these cheap routers available everywhere? "Port forwarding", "forwarding", "virtual server", etc. -- Daniel Bolgheroni FEI - Faculdade de Engenharia Industrial http://www.dbolgheroni.eng.br/mykey ASCII ribbon campaign ( ) against HTML e-mail X / \
Fique a conhecer os Gadgets mais interessantes desta semana!
caso nco visualize correctamente este e-mail, clique aqui Consulte aqui outros Summer Products a PREGOS FANTASTICOS: Encomende ja online, por telefone ou por e-mail www.loja21.pt|214 151 492 |ap...@loja21.pt Morada: Rua Professor Reinaldo dos Santos, N:13, 9:Esq. 1500-501 Lisboa. Horario: 2* a 6* feira das 10h00 `s 19h00. Este e-mail promocional foi enviado para o enderego misc@openbsd.org Caso nco deseje voltar a receber a nossa newsletter, por favor clique aqui.
Accessing lan from internet?
Hello I am administering a small linux/windows lan from my laptop/OpenBSD-4.5 base, without any problem, using # ssh u...@192.168.0.xxx; how could i accesss the lan from internet? u...@hostname? u...@external ip? I have read many docs without success, thanks in advance. francisco
interesting article about gpl and bsd license
http://www.informit.com/articles/article.aspx?p=1390172 -f -- light doesn't emit energy; it emits little dark eaters
Re: gif tunnel with ipv6 end points
Penned by Thomas Schoeller on 20090902 21:50.14, we have: | hello, | | i'm trying to make a ipv4 over ipv6 tunnel, but ifconfig tells me: | | ifconfig: error in parsing address string: temporary failure in name | resolution | | when i'm issueing: | | ifconfig gif0 tunnel XX:XX:XX:0:0:0:0:1 XX:XX:XX:0:0:0:0:2 | | best regards | | thomas hint: you're missing 'inet6'. If you're doing OpenBSD <-> OpenBSD gif(4) tunneling (or know how to bump MTU on the remote end in general) you might find that 1200 is leaving way too much overhead per packet out. Try this in /etc/hostname.gif0 on one end: mtu 1400 !ifconfig \$if inet6 tunnel XX:XX:XX:XX::1 XX:XX:XX::2 inet 10.0.0.2 255.255.255.255 dest 10.0.0.1 And this on the other: mtu 1400 !ifconfig \$if inet6 tunnel XX:XX:XX:XX::2 XX:XX:XX:XX::1 inet 10.0.0.1 255.255.255.255 dest 10.0.0.2 -- Todd Fries .. t...@fries.net _ | \ 1.636.410.0632 (voice) | Free Daemon Consulting, LLC \ 1.405.227.9094 (voice) | http://FreeDaemonConsulting.com \ 1.866.792.3418 (FAX) | "..in support of free software solutions." \ sip:freedae...@ekiga.net | \ sip:4052279...@ekiga.net \\ 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A http://todd.fries.net/pgp.txt
Re: IrDA
On 8/30/09, soko.tica wrote: > On 8/28/09, Mike Hammer wrote: > >> Does anyone have IrDA working on a T60 Thinkpad? > > FAQ http://openbsd.org/i386.html#hardware > says: > > Unsupported Hardware: > Infrared devices, such as commonly found on laptops > I have in the past successfully used the birda package on i386 laptops to get IrDA working with OpenBSD. YMMV - I've not done this recently... hth Fred
8 va. Promoción Distancia del Curso de Postgrado de Alta Dirección en Turismo Rural
FACULTAD DE AGRONOMIA Universidad de Buenos Aires AREA DE TURISMO RURAL 8 va. Promocisn Distancia del Curso de Postgrado de Alta Direccisn en Turismo Rural Ultimos dmas de Inscripcisn para el CURSO MODALIDAD DISTANCIA de Turismo Rural que inicia el 7 de Septiembre del 2009. OBJETIVO Se espera que el alumno esti capacitado para diseqar e implementar un Plan de Negocios o un Plan Estratigico destinado a poner en marcha una inversisn privada o un proyecto institucional de Turismo Rural, utilizando estrategias que permitan generar ventajas competitivas en la empresa y en el territorio. DIRIGIDO A: Jsvenes emprendedores, mujeres empresarias que quieran desempeqarse en el ambito rural, lmderes de Pueblos Rurales que buscan desarrollar su comunidad, interesados en el armado de rutas alimentarias, circuitos turmsticos, profesionales y directivos vinculados a organizaciones, empresas e instituciones del sector agropecuario y turmstico, funcionarios nacionales, provinciales y municipales del area econsmica, agropecuaria y turmstica y docentes y capacitadotes, entre otros DURACION Y MODALIDAD 7 Meses de cursada mntegramente a travis de Internet con tutores a cargo. Cuenta con mas de 240 egresados en esta modalidad de los siguientes pamses: Alemania, Argentina, Bolivia, Brasil, Chile, Colombia, Cuba, Ecuador, El Salvador, Espaqa, Guatemala, Honduras, Mixico, Nicaragua, Panama, Perz, Portugal, Puerto Rico, Reino Unido, Uruguay, Venezuela. A travis de este curso el alumno logra armar su proyecto, obtiene un reconocimiento acadimico y realiza contactos de negocios. En nuestra pagina web encontrara un video informativo acerca del Curso http://www.agro.uba.ar/catedras/turismo/presentacion.htm Para mayor informacisn complete los siguientes datos y reenvmelos a campo...@agro.uba.ar Nombre y Apellido: E-mail 1: E-mail 2: Telifono particular y csdigo de area: Telifono laboral y csdigo de area: Telifono celular y csdigo de area: Profesisn: Ocupacisn: Entidad: Ciudad: Provincia/Estado: Pams: Lo saluda cordialmente, Area de Turismo Rural Facultad de Agronomma Universidad de Buenos Aires campo...@agro.uba.ar Tel/Fax: 00 54 11 4523-9700 Pabellsn de Agronegocios Av. San Martmn 4453 Ciudad Autsnoma de Buenos Aires Argentina
gif tunnel with ipv6 end points
hello, i'm trying to make a ipv4 over ipv6 tunnel, but ifconfig tells me: ifconfig: error in parsing address string: temporary failure in name resolution when i'm issueing: ifconfig gif0 tunnel XX:XX:XX:0:0:0:0:1 XX:XX:XX:0:0:0:0:2 best regards thomas
crimemapping.edmontonpolice.ca
With regards to your mapping application, If this software is licensed under any other regime than that of an open source code license, then the Edmonton City Police and the City of Edmonton are running stolen intellectual property and should immediately desist from further use and operation of this system. I intend to examine the site and collect evidence on it's functioning to support the case that this is an artless reworking of the invention, visible at http://www.indx.ca, and in operation for some ten years. I am also inviting the examination of your site by other technically capable parties. For this reason you should consider that I have not checked the box agreeing to terms and conditions for use of the site. Should I find that your system is available in the public domain, that is to other police departments and organizations globally under either the terms of the GPL (GNU Public License) or a similar Berkely copyright then I would have no grounds to sue for financial recompense for the use of my invention. Sincerely, Duncan (Dhu) Patton, a Campbell
Re: gcc to 4.1 openbsd
On Mon, Aug 17, 2009 at 5:20 PM, Yamidt Henao wrote: > Hi, > > where I find the gcc version for OpenBSD 4.1. > > Best Regards, > > Y.H > > http://www.openbsd.org/41.html -- Jason
Now OT Re: Recommended Switches for Trunking?
On Wed, 2 Sep 2009, tico wrote: I much prefer Procurve over the cheap SMC or NetGear or Dell managed switches I've had to deal with in the past -- yuck! -T Dell announced today they are going to private label Brocade AKA Foundry switches. diana
Has IPsec slowed down?
I seem to remember that I could push some bulk data (scp) to my laptop at .11g speed and the net5501 doing the IPsec encryption for the wireless link had under 50% CPU usage. Now it's more like 80%. Standard AES(-128-CBC), which is accelerated by glxsb(4), and HMAC-SHA1. Am I simply misremembering or has the IPsec performance suffered substantially sometime during the last two years? -- Christian "naddy" Weisgerber na...@mips.inka.de
Re: Recommended Switches for Trunking?
* J.C. Roberts [2009-09-02 17:53]: > Also, you might want to note the innards of *most* HP ProCurve gear was > actually rebranded Foundry hardware. > > Since Brocade bought out Foundry, I believe HP is now using Force10 > Networks hardware inside of their newer (rebranded) "ProCurve" line. I > might be wrong on this, but I remember being told about it at InterOp > Vegas earlier this year. you are wrong. the 9000 (_huge_ chassis switches) series was foundry with an HP label. that was about the only change, the sticker. otherwise just the successor of the bigiron 8000 line (forgot the name). that is a very good choice tho anyway. they don't sell that line any more. there was one smaller one that was a foundry as well, 8 port 1000BaseSX. forgot the model number, i even have one somewhere (but not in use). not sold any more either. all the rest of their product line - and that is a LOT of models - is their own line. i don't see any connection to force10. the successor of the 9000 line is the 8200zl and from all i can tell (i never touched on of those myself) has no relation to force10. force10's fabric is faster than the 692 GBit/s HP specs for the 8200, and the force10s are way way way more expensive. different league, entirely. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
Re: Recommended Switches for Trunking?
Hi, thanks for all your answers! -- Kind regards, --Toni++
isakmpd tunnels dropping routes to subnet
Hi List I have several Soekris OpenBSD boxes running a mix of 4.3, 4.4 and 4.5 all connecting multiple subnets together on a central server running OpenBSD 4.5 (this server is a Dell Poweredge 860). Most of the routers work, but some of them drop the routes to one of my subnets. This happens to be the most critical subnet and so causes quite a problem. The really odd thing is that when I run isakmpd in debug mode (on the problem routers) the subnet route does not get dropped. Even more odd/annoying is this problem is intermittent and tends to only affect one of the routers at any one time. The problem routers all have an internal network of 10.x.0.0/24. My central location is 10.100.0.0/24 (this is the one that gets dropped by the remote routers). My routers that don't have a problem are either on a 192.168.x.0/24 network and/or are running IPCOP. A sample of one of the problem router ipsec.conf:- ---snip--- local_network="10.30.0.0/24" remote_networks="{ 10.100.0.0/24, 192.168.10.0/24, 192.168.254.0/24, 10.10.0.0/24, 10.20.0.0/24, 10.40.0.0/24, 10.50.0.0/24, 10.60.0.0/24 }" local_peer="10.30.0.1" remote_peer="xxx.xxx.xxx.xxx" key="**" # IPSec tunnel ike active esp from $local_network to $remote_networks local $local_peer peer $remote_peer psk $key ---snip--- The central location routers has this entry for this router:- ---snip--- ike esp from { 10.100.0.0/24, 192.168.10.0/24, 192.168.254.0/24, 10.10.0.0/24, 10.20.0.0/24, 10.40.0.0/24, 10.50.0.0/24, 10.60.0.0/24 } to 10.30.0.0/24 local $me peer xxx.xxx.xxx.xxx psk ** ---snip--- Thanks in advance!!! Danny This message has been scanned for viruses
Re: Recommended Switches for Trunking?
On Wed, 2 Sep 2009 10:39:54 -0400 Jason Dixon wrote: > On Wed, Sep 02, 2009 at 01:26:27PM +0200, Toni Mueller wrote: > > Hi, > > > > I'm looking into getting switches to be used in port-extender style, > > and found a thread from last year recommending Cisco switches. I > > need about 20-50 ports atm, and would like to avoid Cisco. My > > current preference is using Procurve (2810 or 29xx). Do they work? > > > > What do you recommend? Any gotchas? > > We use Foundry LS 648 switches throughout our infrastructure. They've > worked great with OpenBSD features. > > P.S. Foundry was bought out by Brocade last year, so the model line > is now sold as Brocade FastIron. Also, you might want to note the innards of *most* HP ProCurve gear was actually rebranded Foundry hardware. Since Brocade bought out Foundry, I believe HP is now using Force10 Networks hardware inside of their newer (rebranded) "ProCurve" line. I might be wrong on this, but I remember being told about it at InterOp Vegas earlier this year. -- J.C. Roberts
Re: gcc to 4.1 openbsd
On 8/17/09, Yamidt Henao wrote: > Hi, > > where I find the gcc version for OpenBSD 4.1. > > Best Regards, > > Y.H By ordering OpenBSD 4.1 CD set from http://www.openbsd.org/orders.html tbox:fred ~> gcc --version gcc (GCC) 3.3.5 (propolice) Copyright (C) 2003 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. tbox:fred ~> uname -a OpenBSD tbox.crowsons.net 4.1 GENERIC#1435 i386 hth Fred
Re: Recommended Switches for Trunking?
On Wed, Sep 02, 2009 at 01:26:27PM +0200, Toni Mueller wrote: > Hi, > > I'm looking into getting switches to be used in port-extender style, > and found a thread from last year recommending Cisco switches. I need > about 20-50 ports atm, and would like to avoid Cisco. My current > preference is using Procurve (2810 or 29xx). Do they work? > > What do you recommend? Any gotchas? We use Foundry LS 648 switches throughout our infrastructure. They've worked great with OpenBSD features. P.S. Foundry was bought out by Brocade last year, so the model line is now sold as Brocade FastIron. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
Re: Recommended Switches for Trunking?
Toni Mueller wrote: Hi, I'm looking into getting switches to be used in port-extender style, and found a thread from last year recommending Cisco switches. I need about 20-50 ports atm, and would like to avoid Cisco. My current preference is using Procurve (2810 or 29xx). Do they work? What do you recommend? Any gotchas? FWIW, I've had no trouble with Allied Telesys, either. -John
Re: Recommended Switches for Trunking?
Toni Mueller wrote: Hi, I'm looking into getting switches to be used in port-extender style, and found a thread from last year recommending Cisco switches. I need about 20-50 ports atm, and would like to avoid Cisco. My current preference is using Procurve (2810 or 29xx). Do they work? What do you recommend? Any gotchas? They work excellently! ... and the (free) Procurve support has been surprisingly sane in my experience. I much prefer Procurve over the cheap SMC or NetGear or Dell managed switches I've had to deal with in the past -- yuck! -T TIA!
Re: OT rack mount monitor/keyboards
I used the Perle cs9000. Worked great! -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of stan Sent: Tuesday, September 01, 2009 4:57 PM To: OpenBSD general usage list Subject: OT rack mount monitor/keyboards I have a few locations where I have installed 1U rack mount KVM/monitor/keyboards, and quite frankly. I'm not happy with any of the ones I have tried. I recognize this is off topic, but the people on this list are pretty hard to please. Given that I was wondering if anyone would like to recomend anything that they have used for these, and been happy with? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs.
Re: Recommended Switches for Trunking?
slightly offtopic, but procurve works fine trunk(4) was mostly developed with procurve on the switch side On Wed, Sep 02, 2009 at 01:26:27PM +0200, Toni Mueller wrote: > Hi, > > I'm looking into getting switches to be used in port-extender style, > and found a thread from last year recommending Cisco switches. I need > about 20-50 ports atm, and would like to avoid Cisco. My current > preference is using Procurve (2810 or 29xx). Do they work? > > What do you recommend? Any gotchas? > > > TIA! > > > -- > Kind regards, > --Toni++
Recommended Switches for Trunking?
Hi, I'm looking into getting switches to be used in port-extender style, and found a thread from last year recommending Cisco switches. I need about 20-50 ports atm, and would like to avoid Cisco. My current preference is using Procurve (2810 or 29xx). Do they work? What do you recommend? Any gotchas? TIA! -- Kind regards, --Toni++
Come to celebrate the Mexico Independence day
Club Vacation DealsClub Vacation Deals Club Vacation DealsClub Vacation Deals Club Vacation DealsClub Vacation Deals Club Vacation DealsClub Vacation Deals Club Vacation DealsClub Vacation DealsClub Vacation Deals Club Vacation Deals This is an exclusive promotion fromClub Vacation Deals Telephone in Mixico +52 (322) 224 0347 Los Angeles, CA (310) 598 2091 New York, NY (212) 845 9362 All reservations are subject to availability Click here to receive more promotions Click to unsuscribe from our emailing list
Re: nat-t dropping response packets
On 01.09-21:00, Stijn wrote: > n0g0013 wrote: > >not sure where to start debugging this VPN problem. i have an ipsec, > >nat-t tunnel between a development network and the main services hub > >using isakmpd. the exchange seems to go smoothly and the tunnel gets > >established. > > > > hub(public_ip) --> {inet} <-- ext-gw(nat-ip) <-- dev-gw(private_ip) > > > >however no traffic gets through from the hub. this is a sample dump > >of a ping from the VPN hub to the development gateway. > > > > 12:02:24.890060 (authentic,confidential): SPI 0x088b62c7: > > 10.12.228.17 > 10.12.170.9: icmp: echo request > > (encap) > > 12:02:24.891659 193.200.155.117.4500 > > > 193.200.155.18.46289:udpencap: esp 193.200.155.117 > > > 193.200.155.18 > > spi 0x088B62C7 seq 2 len 116 > > 12:02:24.892778 193.200.155.18.46289 > > > 193.200.155.117.4500:udpencap: esp 193.200.155.18 > > > 193.200.155.117 > > spi 0xE99A3368 seq 27 len 116 > > > >as you can see, the echo request passes out the 'enc0' and down the > >tunnel to the remote end, where it is apparently decoded and a ping > >response is sent back. this response hits the external interface > >and disappears. > > > >i have no clue where to start tracking this down from here. can i > >somehow track this lost packet beyond the external inferace? or > >must i manually decode the packet at this stage and try to uncover > >the issue from there? also, if the packet was malformed or > >erroneous could i expect an error log of some description? > > > >any pointers would be appreciated. > > > >nb: disabling 'pf' has no effect > > > does the reply packets know the way back? i.e. is there a route defined > to route the traffic back into the tunnel? Do you see esp traffic > returning to the development gw? the dumps are on the hub using both 'enc0' and the external interface. you can see the echo request go out on 'enc0' (the first line) and the udpencap pass out the external interface toward the dev-gw. the final packet above is the returning echo-reply from the dev-gw. it does not not re-appear anywhere at the hub. you may note that the ping is sent from the gw and thus i would expect the ping response to arrive. it doesn't. in short, yes the dev-gw knows the route back and appears to use it correctly. it's possible that the returning packet is not an icmp echo-reply, of course ... although i'm pretty sure i checked that on the remote side ... i'll double check it. -- t t w