Re: iked rsa pki configuration

On Tue, Aug 18, 2015 at 09:22:14PM +0200, Reyk Floeter wrote: > On Tue, Aug 18, 2015 at 02:26:29PM +, Jona Joachim wrote: > > Hi, > > I'm currently trying to setup a road warrior IKEv2 IPSEC tunnel between > > two OpenBSD boxes running a recent amd64 snapshot. The client is behing > > a NAT. >

Re: 64 Queue Sizes in OpenBSD 5.8

Andy Lemin [a...@brandwatch.com] wrote: > > Simply we need to impose shaping to ensure the CDR is not breached. We > really need to upgrade the CDR to 6Gbps, but the penalties for taking our > 95% percentile above the CDR are very expensive. > If you are buying hardware right now, you might try

Re: Openbsd 5.7: IPv6 autoconf not working

@Michael: I deactivate PF to make my tests (I want to have IPv6 working before I think of fw rules) @Giancarlo: yes, I have no log even with debug Please find below the new tcpdump: 11:25:26.017135 fe80::200:24ff:fed1:86bc > ff02::2: icmp6: router solicitation (src lladdr: 00:00:24:d1:86:bc) [ic

Re: Ubiquiti EdgeRouter Lite

On 2015-08-18 11:42, Tobias Ulmer wrote: On Tue, Aug 18, 2015 at 01:59:49PM +, Jona Joachim wrote: On 2015-08-18, Ted Unangst wrote: > Predrag Punosevac wrote: >> Dear All, >> >> I am contemplating buying a new machine which will act as a router/DNS >> caching server for my home network. Is

Re: iked rsa pki configuration

On 2015-08-18, Reyk Floeter wrote: > On Tue, Aug 18, 2015 at 02:26:29PM +, Jona Joachim wrote: >> Hi, >> I'm currently trying to setup a road warrior IKEv2 IPSEC tunnel between >> two OpenBSD boxes running a recent amd64 snapshot. The client is behing >> a NAT. >> The setup works with a PSK bu

Re: USB mouse spontaneously detaching

Same problem, build #1024. This output not just flood all tty, but also my dmesg (no output in "# dmesg" except the bellow): wsmouse1 detached ums1 detached uhidev2 detached uhidev2 at uhub3 port 6 configuration 1 interface 0 "Logitech USB Optical Mouse" rev 2.00/63.00 addr 4 uhidev2: iclass 3/1

Re: DHCPv6 server - send_packet6: Network is unreachable

> From: Claus Lensbøl > I am running openbsd 5.6 GENERIC.MP#333 amd64. > Using isc-dhcp-server 4.3.0. I had no route to host w/ ISC DHCP 4.3.0 on OpenBSD 4.9 -- the patch at end of message got it working. Hint was need for '%' using ping6. I applied the patch on OpenBSD 5.5 w/o checking whether

Re: NSA transition to quantum resistant algorithms

On 18 August 2015 at 21:30, Артур Истомин wrote: > On Tue, Aug 18, 2015 at 07:09:30PM +0200, Tim Kuijsten wrote: > > Op 15-08-15 om 21:14 schreef Devin Reade: > > >Interesting background info, including recommended minimum key sizes > during the interim: > > > > > >

Re: Ubiquiti EdgeRouter Lite

On Tue, Aug 18, 2015 at 5:11 AM, Ted Unangst wrote: > Predrag Punosevac wrote: > > Dear All, > > > > I am contemplating buying a new machine which will act as a router/DNS > > caching server for my home network. Is anybody currently running OpenBSD > > on the Ubiquiti Networks EdgeRouter LITE in

Re: NSA transition to quantum resistant algorithms

On Tue, Aug 18, 2015 at 07:09:30PM +0200, Tim Kuijsten wrote: > Op 15-08-15 om 21:14 schreef Devin Reade: > >Interesting background info, including recommended minimum key sizes during > >the interim: > > > > > > > > I find it interest

Re: iked rsa pki configuration

On Tue, Aug 18, 2015 at 02:26:29PM +, Jona Joachim wrote: > Hi, > I'm currently trying to setup a road warrior IKEv2 IPSEC tunnel between > two OpenBSD boxes running a recent amd64 snapshot. The client is behing > a NAT. > The setup works with a PSK but I cannot make it work with RSA > certific

Re: Openbsd 5.7: IPv6 autoconf not working

Em 17-08-2015 22:41, Alexandre Westfahl escreveu: > I activated debug but don't get any output​ anywhere. Since I couldn't find > anything, I tried a global grep but without success (cat /var/log/* |grep > inet6 and ipv6). Kernel messages will appear on /var/log/messages, IIRC. And on dmesg and

Re: Ubiquiti EdgeRouter Lite

> I would say it's an interesting alternative if you're specifically looking for > a non-PC router. I'm not sure it's the best router platform in general. mips64: - mmu lacks support for W^X - pmap module only supports 32-bit mappings, so weaker ASLR

Re: DHCPv6 server - send_packet6: Network is unreachable

Em 18-08-2015 04:30, Claus Lensbøl escreveu: > I tried setting a custom link-local address, didn't help. The weird > thing is that I have tested a similar set up on a 5.3 router > that has no vlan interfaces and a much less strict pf than this one, > and that just worked out of the box. It might b

Re: NSA transition to quantum resistant algorithms

Op 15-08-15 om 21:14 schreef Devin Reade: Interesting background info, including recommended minimum key sizes during the interim: I find it interesting that symmetric ciphers like 256 bit AES are probably quantum resistant[0],

Re: Ubiquiti EdgeRouter Lite

Jona Joachim wrote: > Thank you very much for the write-up! I'm looking into buying hardware > to build a small OpenBSD home router and this looks interesting. > You say that the machine will not be able to serve as an IPSEC gateway. > Is that when you consider Gigabit ethernet or do you think that

Re: USB mouse spontaneously detaching

Hi guys I tested with a wired Logitech keyboard (same as originally posted) and wireless Logitech mouse (that I use for my laptops) and nothing detached. This seems very strange that from a wired mouse to a wireless mouse would stop the detachment. Since Luciano tried his Microsoft wired/wireless m

Re: Ubiquiti EdgeRouter Lite

On Sun, Aug 16, 2015 at 1:47 PM, Ted Unangst wrote: > Predrag Punosevac wrote: > > Dear All, > > > > I am contemplating buying a new machine which will act as a router/DNS > > caching server for my home network. Is anybody currently running OpenBSD > > on the Ubiquiti Networks EdgeRouter LITE in

Re: USB mouse spontaneously detaching

Just out of curiousity, I tried this on my desktop workstation (5.7 -stable, AMD64) with a Microsoft Mouse and a Microsoft Keyboard. I normally use KDE4 so don't see any of the console messages. So wanted to check if the messages come up on a system without the KVM. It does on this system a

Re: Ubiquiti EdgeRouter Lite

On Tue, Aug 18, 2015 at 01:59:49PM +, Jona Joachim wrote: > On 2015-08-18, Ted Unangst wrote: > > Predrag Punosevac wrote: > >> Dear All, > >> > >> I am contemplating buying a new machine which will act as a router/DNS > >> caching server for my home network. Is anybody currently running Open

Re: USB mouse spontaneously detaching

That´s exactly my approach as well. (-: Boot the machine and switch to another tty. So looks like issue is much older than I thought. By the way, I have a mechanical brown cherry switch japanese keyboard and also I HHKB, and both work perfectly. On the other hand, both mice have this behaviour.

Re: Ubiquiti EdgeRouter Lite

"Ted Unangst" wrote: > Predrag Punosevac wrote: > > Dear All, > > > > I am contemplating buying a new machine which will act as a router/DNS > > caching server for my home network. Is anybody currently running OpenBSD > > on the Ubiquiti Networks EdgeRouter LITE in that capacity? I saw that in >

iked rsa pki configuration

Hi, I'm currently trying to setup a road warrior IKEv2 IPSEC tunnel between two OpenBSD boxes running a recent amd64 snapshot. The client is behing a NAT. The setup works with a PSK but I cannot make it work with RSA certificates. No matter what I tried, the client seems to fail connecting with: ca

Re: Ubiquiti EdgeRouter Lite

2015-08-18 15:59 GMT+02:00 Jona Joachim : > On 2015-08-18, Ted Unangst wrote: >> Predrag Punosevac wrote: >>> Dear All, >>> >>> I am contemplating buying a new machine which will act as a router/DNS >>> caching server for my home network. Is anybody currently running OpenBSD >>> on the Ubiquiti Ne

Re: Openbsd 5.7: IPv6 autoconf not working

Alexandre Westfahl wrote: > I have a problem with IPv6, I'm not getting "public" IP but router > advertisement/solicitations are being exchanged. Are you sure pf isn't interfering? What does your pf.conf look like? I've had that problem in the past with IPv6.

Re: Ubiquiti EdgeRouter Lite

On 2015-08-18, Ted Unangst wrote: > Predrag Punosevac wrote: >> Dear All, >> >> I am contemplating buying a new machine which will act as a router/DNS >> caching server for my home network. Is anybody currently running OpenBSD >> on the Ubiquiti Networks EdgeRouter LITE in that capacity? I saw th

Re: Ubiquiti EdgeRouter Lite

Here are my notes, which are basic, but should be enough to get you through if you're familiar with openbsd. http://www.tedunangst.com/flak/post/OpenBSD-on-ERL Hi Ted, I just worked through the /pub/OpenBSD/snapshots/octeon/INSTALL.octeon write up and also read through your notes. Had proble

Re: USB mouse spontaneously detaching

I have had the same issue going back to OpenBSD 4.x ever since I changed the KVM that had PS2 mouse and keyboard to a KVM with USB mouse etc. As a result I always thought it was because of my KVM, so did not report it all these years!!! Anyways, my caveman like approach to solve this was to

Re: Openbsd 5.7: IPv6 autoconf not working

On 18/08/15(Tue) 10:41, Alexandre Westfahl wrote: > ​Hi, > > Thank you for your explanations. > I activated debug but don't get any output​ anywhere. Since I couldn't find > anything, I tried a global grep but without success (cat /var/log/* |grep > inet6 and ipv6). > > Since my tcpdump result a

Re: Ubiquiti EdgeRouter Lite

Predrag Punosevac wrote: > Dear All, > > I am contemplating buying a new machine which will act as a router/DNS > caching server for my home network. Is anybody currently running OpenBSD > on the Ubiquiti Networks EdgeRouter LITE in that capacity? I saw that in > June 2015 USB support was added wh

Re: DHCPv6 server - send_packet6: Network is unreachable

On 17-08-2015 23:08, Giancarlo Razzolini wrote: Em 17-08-2015 17:55, Claus Lensbøl escreveu: all the vlan interfaces has the same link-local address. Each vlan interface has a scope though, which I do not know how works. Not sure either. But you could try forcing each VLAN to have a different l