Re: outgoing smtpd: Too many recipients

[Gilles Chehade]

On Mon, Dec 16, 2013 at 07:08:17PM +0100, Jan Stary wrote:
> I am using smtpd as my mail server on a network
> where the relay server often replies with
> 
>4.5.3 Too many recipients
> 
> Indeed, I was sending messages with a lot of recipients
> (a group of students).
> 
> Is there a way in the smtpd configuration
> to specify that a message with >N recipients
> should be broken into N individual messages?
> 

Why so ?

Does it prevent OpenSMTPD from sending to the recipients it has
submitted already ?

It should fail the ones after 4.5.3 and mark them as tempfail
which will cause them to be retried a few seconds later while
the ones before the error will be submitted. Isn't that what
is happening ?


> If so, will smtpd create a new smtp connection
> for each of the messages? That could also be a problem.
> 

No, smtpd will always try to group and reuse connections,


-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

Re: Relayd with dsr and sticky-address

[Martin Schaupp]

Hi List,

i found a workaround for my sticky problem:

increasing the value for

timeout interval 

from 10 to 36000 sec. 

Now the src.track entries for my route to rules will live til the interval of 
10 h. The normal state-table would explode with a interval of 10h, so i clean 
it with a cron-job. I use 

pfctl -s state -vv | grep -A3 -e "FIN_WAIT_2" -e "TIME_WAIT:TIME_WAIT" \
 -e "CLOSING" -e "CLOSED" -e "NO_TRAFFIC:SINGLE" -e "SINGLE:NO_TRAFFIC" \
 -e "^all icmp .*0:0$" -e "^all udp.*:53.*MULTIPLE:SINGLE$" \
 -e "^all ipv6-icmp.*0:0$"

to find the relevant states. Do you think this is ok ? states missing or some 
states to much ?

If anybody knows a better solution than this dirty thing above please post it.

Martin

> Sorry, i forgot to mention my version 5.4
> 
> Hello,
> 
> i try to set up a load balancing machine for internal use. We have 2
> webservers serving a web-app. This application depends on sticky clients,
> because it is using sessions w/o session replication. I try to set up a dsr
> environment, which is working perfectly at first glance.
> 
> I set the
> 
> set timeout src.track 3600
> 
> in my pf.conf, but the source tracking entries in pf only shows with:
> 
> 10.66.66.2 route-to 10.243.10.4 ( states 0, connections 0, rate 0.0/0s )
>age 00:00:01, expires in 00:00:00, 0 pkts, 0 bytes, rule 0
> 
> It expires with the next "timeout interval" which is 10s (default).
> 
> This ends in a stickyness of my clients only while their tcp-connection is
> alive + (max 10s).
> 
> Is there a way to increase this by relayd.conf or by setting magic timeouts
> in pf.conf?
> 
> my pf.conf:
> 
> set limit states 10
> set skip on lo
> set timeout src.track 3600
> anchor "relayd/*"
> pass in
> pass out
> 
> my relayd.conf:
> 
> table  { 10.243.10.4 10.243.11.4 }
> redirect nagios {
> listen on 10.244.2.199 port 80
> sticky-address
> session timeout 3600
> route to  mode least-states check tcp interface vlan243
> }
> 
> This is a loadbalancing only set up. So we do not need the security of pf in
> this case. We also need the dsr, because the routing from the server to the
> client is asynchronous or in some cases the clients are on the same local
> network like the balanced servers.
> 
> Greets
> 
> Martin

Re: Thinkpad x220i hangs after a few days of uptime

[Stuart Henderson]

On 2013-12-13, bsdclubho...@gmail.com  wrote:
> Hello, 
> i am using a Thinpad x220i and I have a weired problem. Most of the
> time, i just put my notebook into suspend mode (zzz), so, I do not often
> reboot. After 4 or 5 days, my notebook suddenly stops and I
> can't do anything except pressing the power button for 4 or 5 seconds
> and reboot. 
>
> Sadly enough, there are no hints in the log files. Is there a way to
> track this problem down somehow? I really want to help and provide
> better information, but for now, I can only give you a dmesg (below).
> Software I am running is firefox, xombrero, emacs, tmux and multiple
> shells, wmaker (+ a few dockapps), music with mplayer and xmms2. 
>
> Thanks for your help, 

Try disabling apmd, it is known to cause hangs on some systems.

Re: Are xdm configs overwritten on upgrade?

[Ryan Freeman]

On Sat, Dec 14, 2013 at 01:32:04PM +, Laurence Rochfort wrote:
> Hello,
> 
> I want to prevent xconsole starting with xdm. I see it is started in
> /etc/X11/xdm/Xsetup_0.
> 
> Is there a user or system specific file for xdm conf files as there are for
> /etc/rc.conf? If not, and I modify Xsetup_0 will it be overwritten on OS
> upgrade?

While I don't believe there is any .local version of Xsetup_0, I myself
put pkill xconsole in my .xsession to rid myself of the xconsole once
i login.  That way I see the xconsole on boot, then can transition
to a root-tail after login.

This doesn't prevent it from starting up with xdm of course, so if
your problem is that you don't want it showing up on the login screen
I can only think modifying Xsetup_0 and merging changes via sysmerge
is the way to go.

Cheers,

-ryan

> 
> Many thanks,
> Laurence

(5.4-stable i386) framebuffer console with tmux - poor performance

[Adam Jensen]

I recently installed 5.4-stable on a machine with an intel graphics 
device so I can tinker with the framebuffer console.


[dmesg]: http://pastebin.com/raw.php?i=eKgZzNa8

I notice that when running tmux on the console, output to the screen is 
very sluggish and text seems to scroll with a wave-like effect.


I built the kernel from source a few times to collect some rough data 
that might demonstrate the extent of the performance problem.


From /usr/src/sys/arch/i386/compile/GENERIC.MP

# framebuffer console
time make -j 4
4m43.97s real 8m20.15s user 0m53.01s system

# framebuffer console with tmux
time make -j 4
   22m53.03s real 8m22.85s user11m3.58s system

# ssh from remote
time make -j 4
4m37.65s real 8m16.88s user 0m45.16s system

# ssh from remote with tmux on local
time make -j 4
4m40.15s real 8m16.46s user 0m45.28s system

Re: (5.4-i386) framebuffer console

[Adam Jensen]

On 12/15/2013 08:16 PM, Adam Jensen wrote:

For the sake of others who might also be confused by this, the
framebuffer console is probably configured and *on by default* when
5.4-release (or -stable or -current) is installed on machine with an
appropriate *intel* graphics device. I say "probably" because I haven't
verified this on an intel graphics equipped machine. Machines without an
appropriate graphics device won't/can't have a framebuffer console (yet).

If anyone has knowledge of how the framebuffer console is configured and
controlled, a short tutorial would be grand!



I now have 5.4-stable running on a machine with an intel graphics device 
and the framebuffer console is indeed on by default.


[dmesg]: http://pastebin.com/raw.php?i=eKgZzNa8

When the monitor is connected directly to the machine - rather than the 
KVM switch - the machine boots with 1600x1200 resolution and there is 
plenty of text on the screen. At this resolution the text size is almost 
perfect for me but the default font is a bit thick, jagged, and overly 
stylized for my taste.


Has anyone figured out how to configure the framebuffer console?

Re: Is Ext2 stable enough for normal use?

[Donald Allen]

On Mon, Dec 16, 2013 at 5:48 PM, Tekk  wrote:
> I've got an ext3 /home partition which I use under linux, how likely is
> it that files will get clobbered if I use the same /home under a dual
> boot with openbsd?
>

Your subject asks about the stability of the ext2 support in OpenBSD,
but your message says you have an ext3 partition you want to access.
ext2 and ext3 are not the same thing -- ext3 is a journaled variant of
ext2 that OpenBSD does not support. See

http://www.openbsd.org/faq/faq9.html

Don't do it.

Re: Is Ext2 stable enough for normal use?

[Jérémie Courrèges-Anglas]

"Tekk"  writes:

> I've got an ext3 /home partition which I use under linux, how likely is
> it that files will get clobbered if I use the same /home under a dual
> boot with openbsd?

This is a really really really bad idea, even without taking into
account that ext2fs support is minimal (eg. some recent modifications
made on ext2/3 created on Linux make the FS unusable on OpenBSD).

-- 
jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90  8961 6191 8FBF 06A1 1494

Is Ext2 stable enough for normal use?

[Tekk]

I've got an ext3 /home partition which I use under linux, how likely is
it that files will get clobbered if I use the same /home under a dual
boot with openbsd?

PC Engines apu.1b system board dmesg

[Byron Klippert]

http://pcengines.ch/apu.htm


Introduction: Thank you for taking the time to test our first round
prototypes of the new apu system board. Since this is a prototype, there
are a few bugs... Use at your own risk, don't use these boards for
anything critical.


 BIOS boot capture:

coreboot-EDK_2.08.00_20130410_221-1434-g871c820-dirty Tue Aug 20
15:46:42 MDT 2013 booting...
PCI: Left over static devices:
PCI: 00:15.1
PCI: 00:15.2
PCI: 00:15.3
PCI: Check your devicetree.cb.
APIC: 00 missing read_resources
APIC: 01 missing read_resources
Start bios (version ?-20130820_154629-owner-HP)
CPU Mhz=1001
Found 30 PCI devices (max PCI bus is 06)
Found 2 cpu(s) max supported 2 cpu(s)
Copying PIR from 0x7e16f000 to 0x000fdb40
Copying MPTABLE from 0x7e17/7e170010 to 0x000fda00
Copying ACPI RSDP from 0x7e171000 to 0x000fd9e0
Copying SMBIOS entry point from 0x7e17c400 to 0x000fd9c0
Scan for VGA option rom
EHCI init on dev 00:12.2 (regs=0xfeb08420)
EHCI init on dev 00:13.2 (regs=0xfeb08520)
OHCI init on dev 00:14.5 (regs=0xfeb06000)
EHCI init on dev 00:16.2 (regs=0xfeb08620)
Found 1 lpt ports
Found 1 serial ports
ATA controller 1 at 1f0/3f4/4010 (irq 14 dev a1)
ATA controller 2 at 170/374/4018 (irq 15 dev a1)
AHCI controller at 11.0, iobase feb08000, irq 0
Searching bootorder for: /rom@img/sortbootorder
Searching bootorder for: /rom@img/memtest
Searching bootorder for: /pci@i0cf8/*@11/drive@0/disk@0
AHCI/0: registering: "AHCI/0: SuperSSpeed S238 16GB ATA-7 Hard-Disk
(15258 MiBytes)"
Searching bootorder for: /pci@i0cf8/usb@16,2/storage@1/*@0/*@0,0
Searching bootorder for: /pci@i0cf8/usb@16,2/usb-*@1
USB MSC vendor='Multiple' product='Card  Reader' rev='1.00' type=0
removable=1
Searching bootorder for: /pci@i0cf8/usb@12,2/storage@1/*@0/*@0,0
Searching bootorder for: /pci@i0cf8/usb@12,2/usb-*@1
USB MSC vendor='Lexar' product='JD FireFly' rev='1100' type=0
removable=1
USB MSC blksize=512 sectors=7831552
USB MSC blksize=512 sectors=7995392
All threads complete.
Scan for option roms
Press F12 for boot menu.

Select boot device:

1. USB MSC Drive Multiple Card  Reader 1.00
2. USB MSC Drive Lexar JD FireFly 1100
3. AHCI/0: SuperSSpeed S238 16GB ATA-7 Hard-Disk (15258 MiByte
4. Payload [sortbootorder]
5. Payload [memtest]

drive 0x000fd8d0: PCHS=0/0/0 translation=lba LCHS=971/128/63 s=7831552
drive 0x000fd900: PCHS=0/0/0 translation=lba LCHS=991/128/63 s=7995392
drive 0x000fd930: PCHS=16383/16/63 translation=lba LCHS=1024/255/63
s=31248704
Space available for UMB: 000c-000ee000
Returned 49152 bytes of ZoneHigh
e820 map has 6 items:
  0:  - 0009fc00 = 1 RAM
  1: 0009fc00 - 000a = 2 RESERVED
  2: 000f - 0010 = 2 RESERVED
  3: 0010 - 7e16ac00 = 1 RAM
  4: 7e16ac00 - 7efffc00 = 2 RESERVED
  5: f800 - f900 = 2 RESERVED
enter handle_19:
  NULL
Booting from Hard Disk...
Booting from :7c00
Using drive 0, partition 3.
Loading.
probing: pc0 com0 apm pci mem[639K 2016M a20=on]
disk: hd0+ hd1+ hd2*
>> OpenBSD/i386 BOOT 3.21
boot> stty com0 115200
boot> set tty com0
switching console to com0



 dmesg capture:

switching console to com0
  òzÁ¹  M½i386 BOOT 3.21
boot> boot bsd.rd.amd64.snapshot
booting hd0a:bsd.rd.amd64.snapshot: 3118100+960644+2897040+0+528720
[80+338136+2
   19474]=0xbb16d0
entry point at 0x10001e0
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights
reserved.
Copyright (c) 1995-2013 OpenBSD. All rights reserved. 
http://www.OpenBSD.org

OpenBSD 5.4-current (RAMDISK_CD) #147: Mon Dec  9 16:39:35 MST 2013
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
RTC BIOS diagnostic error
ff
real mem = 2098634752 (2001MB)
avail mem = 2037907456 (1943MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0x7e17c420 (6 entries)
bios0: vendor coreboot version
"EDK_2.08.00_20130410_221-1434-g871c820-dirty" date 08/20/2013
bios0: PC Engines APU
acpi0 at bios0: rev 0, ACPI control unavailable
mpbios at bios0 not configured
cpu0 at mainbus0: (uniprocessor)
cpu0: AMD G-T40N Processor, 1000.13 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC
cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB
64b/line 16-way L2 cache
cpu0: 8 4MB entries fully associative
cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully
associative
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD AMD64 14h Host" rev 0x00
ppb0 at pci0 dev 4 function 0 "AMD AMD64 14h PCIE" rev 0x00
pci1 at ppb0 bus 1
re0 at pci1 dev 0 function 0 "Realtek 8168" rev 0x06: couldn't map
interrupt
ppb1 at pci0 dev 5 function 0 

outgoing smtpd: Too many recipients

[Jan Stary]

I am using smtpd as my mail server on a network
where the relay server often replies with

 4.5.3 Too many recipients

Indeed, I was sending messages with a lot of recipients
(a group of students).

Is there a way in the smtpd configuration
to specify that a message with >N recipients
should be broken into N individual messages?

If so, will smtpd create a new smtp connection
for each of the messages? That could also be a problem.

Jan

Re: Live usb stick quite slow

[Jérôme Frgacic]

msgid CAJO05K02bX+YsbbW6aT1G3mBALt3=TgMPifKeJFWHMtim=k...@mail.gmail.com
Thanks for your replies. :)

On 15/12/2013 18:54, Nick Holland wrote:
> Would be interesting to try your test on a non-nvidia machine.

I do the same test on an intel based machine and, effectively, there
is an improvement: it tooks ~12min to achieve the installation (I add
the dmesg of that machine at the end of this mail).


On 15/12/2013 18:54, Nick Holland wrote:
> Keep in mind, dividing total package size by time required produces a
> number with units of "bytes of packages installed per second", which is
> not overly interesting, and VERY different from "bytes written per
> second", as a lot of work goes into a package install beyond a single
> linear file write.

Yes, sorry.
Here is the bytes/sec average of the two machines (respectively, nvidia
based and intel based) obtain when writing a 256Mo file:

# dd if=/dev/zero of=/home/jerome/buf bs=4k count=65535
65535+0 records in
65535+0 records out
268431360 bytes transferred in 33.194 secs (8086542 bytes/sec)
# umount /home
# mount /home
# dd if=/home/jerome/buf of=/var/tmp/buf
524280+0 records in
524280+0 records out
268431360 bytes transferred in 65.854 secs (4076129 bytes/sec)

# dd if=/dev/zero of=/home/jerome/buf bs=4k count=65535
65535+0 records in
65535+0 records out
268431360 bytes transferred in 38.509 secs (6970545 bytes/sec)
# umount /home
# mount /home
# dd if=/home/jerome/buf of=/var/tmp/buf
524280+0 records in
524280+0 records out
268431360 bytes transferred in 51.639 secs (5198138 bytes/sec)


On 15/12/2013 18:54, Nick Holland wrote:
> First of all... USB isn't fast, flash is not fast.

Ok, so it is normal that it tooks ~12min (on the intel based machine)
to install all the packages listed previously ?


On 15/12/2013 18:54, Nick Holland wrote:
> you *MIGHT* find a small improvement if your OpenbSD partition is
> aligned to a 4k (8 sector) count.  Would be interesting, I would bet it
> wouldn't be "human noticable" (i.e., at least 2x performance), but might
> be statistically significant.  And I might be wrong -- it might be
> noticable.

Thanks for this advice, I will keep it in mind for a future installation.


On 15/12/2013 22:58, Jan Lambertz wrote:
> you didnt post your /etc/fstab, so i can only assume your mounting.
> if you want a fast openbsd usb stick consider using MFS and options like
> noatime,softdeps.

Sorry, I forgot it.
I also add it at the end of this mail.

Kind regards,

Jérôme.


---

# cat /etc/fstab
5f3fafcf8302435d.b none swap sw
5f3fafcf8302435d.a / ffs noatime,rw,softdep 1 1
5f3fafcf8302435d.f /home ffs noatime,rw,softdep,nodev,nosuid 1 2
5f3fafcf8302435d.e /usr ffs noatime,rw,softdep,nodev 1 2
5f3fafcf8302435d.d /var ffs noatime,rw,softdep,nodev,nosuid 1 2
swap /var/log mfs rw,async,nodev,nosuid,-s=64m 0 0
swap /tmp mfs rw,async,nodev,nosuid,-s=64m 0 0

# dmesg # of the intel based machine
OpenBSD 5.4 (GENERIC.MP) #44: Tue Jul 30 12:13:32 MDT 2013
    dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Celeron(R) CPU B830 @ 1.80GHz ("GenuineIntel" 686-class) 1.80 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,LAHF,PERF,ITSC
real mem  = 2006949888 (1913MB)
avail mem = 1962696704 (1871MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 12/22/11, SMBIOS rev. 2.7 @ 0xeb220 (42 
entries)
bios0: vendor American Megatrends Inc. version "4.6.5" date 07/21/2012
bios0: CLEVO CO. W55xEU
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT MCFG SSDT HPET SSDT SSDT SSDT ASF! BGRT
acpi0: wakeup devices P0P1(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) 
USB6(S3) USB7(S3) PXSX(S5) RP01(S4) PXSX(S5) RP03(S4) PXSX(S5) RP04(S4) 
JMC2(S4) JMC3(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 99MHz
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Celeron(R) CPU B830 @ 1.80GHz ("GenuineIntel" 686-class) 1.80 GHz
cpu1: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,LAHF,PERF,ITSC
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (RP01)
acpiprt2 at acpi0: bus 2 (RP03)
acpiprt3 at acpi0: bus 3 (RP04)
acpiprt4 at acpi0: bus 4 (RP05)
acpiprt5 at acpi0: bus -1 (RP06)
acpiec0 at acpi0
acpicpu0 at acpi0: C2, C1, PSS
acpicpu1 at acpi0: C2, C1, PSS
acpitz0 at 

Re: PgUp and PgDown on a Serial Console?

[Christian Weisgerber]

Evan Root  wrote:

> Tmux is a very good idea, I hadn't thought of it before but I'm already
> using screen as the serial console client,

So why don't you use screen's scrollback buffer?

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

FAQ: 7.3 - Accessing the Console Scrollback Buffer (amd64, i386, some Alpha)

[Alexei Malinin]

Hello.

The key combinations [SHIFT]+[PGUP] and [SHIFT]+[PGDN] do not work by
default.
Is it possible to make the above key combinations to work?

Lenovo T430 dmesg:
OpenBSD 5.4 (GENERIC.MP) #41: Tue Jul 30 15:30:02 MDT 2013
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 3989151744 (3804MB)
avail mem = 3875233792 (3695MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdae9d000 (70 entries)
bios0: vendor LENOVO version "G1ET41WW (1.16 )" date 05/25/2012
bios0: LENOVO 234455G
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SLIC TCPA SSDT SSDT SSDT HPET APIC MCFG ECDT FPDT ASF! 
UEFI UEFI POAT SSDT SSDT DMAR UEFI
acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP3(S4) XHCI(S3) EHC1(S3) 
EHC2(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.58 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
cpu0: apic clock running at 99MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.12 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.12 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 1, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.12 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiec0 at acpi0
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG_)
acpiprt2 at acpi0: bus 2 (EXP1)
acpiprt3 at acpi0: bus 3 (EXP2)
acpiprt4 at acpi0: bus 4 (EXP3)
acpicpu0 at acpi0: C2, C1, PSS
acpicpu1 at acpi0: C2, C1, PSS
acpicpu2 at acpi0: C2, C1, PSS
acpicpu3 at acpi0: C2, C1, PSS
acpipwrres0 at acpi0: PUBS
acpitz0 at acpi0: critical temperature is 104 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model "45N1005" serial 30383 type LION oem "LGC"
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
cpu0: Enhanced SpeedStep 2594 MHz: speeds: 2601, 2600, 2500, 2400, 2300, 2200, 
2100, 2000, 1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core 3G Host" rev 0x09
vga1 at pci0 dev 2 function 0 "Intel HD Graphics 4000" rev 0x09
intagp0 at vga1
agp0 at intagp0: aperture at 0xe000, size 0x1000
inteldrm0 at vga1
drm0 at inteldrm0
inteldrm0: 1600x900
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
"Intel 7 Series xHCI" rev 0x04 at pci0 dev 20 function 0 not configured
"Intel 7 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured
em0 at pci0 dev 25 function 0 "Intel 82579LM" rev 0x04: msi, address 
00:21:cc:d0:27:69
ehci0 at pci0 dev 26 function 0 "Intel 7 Series USB" rev 0x04: apic 2 int 16
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 7 Series HD Audio" rev 0x04: msi
azalia0: codecs: Realtek ALC269, Intel/0x2806, using Realtek ALC269
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 7 Series PCIE" rev 0xc4: msi
pci1 at ppb0 bus 2
sdhc0 at pci1 dev 0 function 0 "Ricoh 5U823 SD/MMC" rev 0x04: apic 2 int 16
sdmmc0 at sdhc0
ppb1 at pci0 dev 28 function 1 "Intel 7 Series PCIE" rev 0xc4: msi
pci2 at ppb1 bus 3
iwn0 at pci2 dev 0 function 0 "Intel Centrino Advanced-N 6205" rev 0x34: msi, 
MIM

Re: NPPPD and IPSec

[YASUOKA Masahiko]

The mail I replied to was too old..  sorry.

On Mon, 16 Dec 2013 18:52:25 +0900 (JST)
YASUOKA Masahiko  wrote:
> On Mon, 2 Dec 2013 19:34:57 +0200 (IST)
> Or Elimelech  wrote:
>> I'm having trouble configuring Windows clients with l2tp over ipsec, 
>> This config works great on OSX/iOS/Android/Linux 
>> 
>> I do not know which type of auth/enc/group I should use for Windows clients 
>> 
>> I currently use OpenBSD 5.4 with the following 
>> 
>> ike passive esp transport \ 
>> proto udp from 1.2.3.4 to any port 1701 \ 
>> main auth hmac-sha1 enc aes group modp1024 \ 
>> quick auth hmac-sha1 enc aes group modp1024 \ 
>> psk "secret" 
> 
> As far as my test with Windows 7, changing the main mode config to
> 
>   main auth hmac-sha1 enc aes group modp2048
> 
> or
> 
>   main auth hmac-sha1 enc 3des group modp1024
> 
> will fix the problem.
> 
> --yasuoka

Re: NPPPD and IPSec

[YASUOKA Masahiko]

Hi,

On Mon, 2 Dec 2013 19:34:57 +0200 (IST)
Or Elimelech  wrote:
> I'm having trouble configuring Windows clients with l2tp over ipsec, 
> This config works great on OSX/iOS/Android/Linux 
> 
> I do not know which type of auth/enc/group I should use for Windows clients 
> 
> I currently use OpenBSD 5.4 with the following 
> 
> ike passive esp transport \ 
> proto udp from 1.2.3.4 to any port 1701 \ 
> main auth hmac-sha1 enc aes group modp1024 \ 
> quick auth hmac-sha1 enc aes group modp1024 \ 
> psk "secret" 

As far as my test with Windows 7, changing the main mode config to

  main auth hmac-sha1 enc aes group modp2048

or

  main auth hmac-sha1 enc 3des group modp1024

will fix the problem.

--yasuoka