Re: Hi There! I am trying to install OpenBSD

[Gabriele Tozzi]

> I have no solution for you but some search results
> 
> http://daemonforums.org/showthread.php?t=4752
> http://openbsd-archive.7691.n7.nabble.com/Atapiscsi-problem-on-VIA-NAB7100-VIA-VT6420-td184350.html
> http://openbsd-archive.7691.n7.nabble.com/Second-SATA-channel-in-Via-VT3237S-td191011.html

Thank you!

The third link spotted my problem: it's an old OpenBSD bug that,
apparently, never got fixed.

It looks like I'll have to install OpenBSD some other day.

Gabriele

GPG Key Fingerprint:
DAD1 E3E3 C3E9 36FB C570 F405 9B5F 7108 A1D0 2FFF

Re: Hi There! I am trying to install OpenBSD

[Gabriele Tozzi]

> I would try to install older version, to be sure, it is not related to
> installer version...
> 
> 
> Check /usr/src/sys/dev/atapiscsi/atapiscsi.c and line 1042. A bit
> above, there is the following comment:
> 1028 /* Exceptional case - drive want to transfer more
> 1029data than we have buffer for */
> 
> Though, no idea/time to see how to fix it.
> 

Thank you for your answers.

Apparently support for that chipset got broke "between 4.4 and 4.5".

I tried 5.6 before, but it didn't work, and 4.4 is way too old for my needs.
I would check the source, but I am not a C developer.

It looks like it's over.

Bests,

Gabriele

GPG Key Fingerprint:
DAD1 E3E3 C3E9 36FB C570 F405 9B5F 7108 A1D0 2FFF

Re: xauth: (argv):1: bad display name "BadSystemDetected.my.domain:0" in "remove" command

[Lô Baret]

I tried to Xorg -configure today and I get this :

(==) Using system config directory "/usr/X11R6/share/X11/xorg.conf.d"
(EE) Segmentation fault at address 0x28
Fatal server error:
(EE) Caught Signal 11 (Segmentation Fault). Server aborting

Still don't know what to do with it.


2016-01-30 18:34 GMT+01:00 Lô Baret :
> Thanks for the answer, i've already looked for solutions in the
> mailing list archive and on numerous forums.
> Now I can successfully launch i3 or awesome with startx
> /usr/local/bin/mywm but there is still the same xauth error: bad
> display name.
> $DISPLAY command returns nothing
>
> 2016-01-30 18:09 GMT+01:00 Peter N. M. Hansteen :
>> On 01/30/16 17:48, Lô Baret wrote:
>>>
>>> Hello, I recently installed OpenBSD 5.8 amd64 for the first time
>>> (default install options all the way) on my laptop (Thinkpad X200s)
>>> and everything went well until I tried to startx another window
>>> manager than the default fvwm.
>>>
>>> startx launches fvwm correctly but whenever I try with another window
>>> manager with startx /usr/bin/mywm (i3 or awesome or cwm) I get this
>>> error. I've looked for my wm packages in /usr/bin/ today and found
>>> nothing (???) but it seems to be still present on the system (don't
>>> know how to find package location)
>>
>>
>> anything that comes out of packages (or ports) tends to land somewhere
under
>> /usr/local, so the binaries you're looking for will likely be in
>> /usr/local/bin.
>>
>> Other than that, pasting the error message (minus the hostname) into a
>> favorite search engine produces a number of potentially useful hints.
>>
>>
>> --
>> Peter N. M. Hansteen, member of the first RFC 1149 implementation team
>> http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
>> "Remember to set the evil bit on all malicious network traffic"
>> delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: Can I accelerate my magnet HDD using a SSD in any way?? E.g. softraid patch/ARC, dedicated hardware e.g. Intel RCS25ZB040LX="Nytro MegaRAID", anything

[Ben Alex]

On Tue, Feb 2, 2016 at 5:19 AM, Tinker  wrote:
>  1) I need some SSD storage but don't like that it could break together - I
> mean, a bug in your system will feed your SSD at full bandwidth for ~7h-7
> days, it's completely fried - that's not OK, so putting a "redundance layer"
> in the from of an underlying magnet storage layer is really justified.
>
>  2) I need some bulk storage, and I want the terabytes to be really cheap so
> that i NEVER will run out of archival space. An 8TB magnet HDD costs in the
> range USD 500.

Last month I purchased another 400 TB of magnetic and SSD storage, so
with that recent research in mind:

* SSD models are differentiated by write endurance, interface
(SATA/SAS vs NVMe), and consumer vs data centre grade. The latter
offer continuous (24x7) workload latency guarantees and work well in
RAID configurations as there is minimal latency variability between
units. I'm unsure of the OpenBSD NVMe status, but you need NVMe if you
want to pull the rated ~2500 MB/sec out of NVMe units. Sticking with
SATA/SAS SSD means closer to 1/5th that maximum read performance,
although that may well be enough (and will save you a lot of money,
too). I'd avoid doing RAID with consumer grade SSDs if you have high
throughput expectations.

* Some magnetic drives are now also being rated with annual workload
limits and have associated warranty implications. See for example
http://www.seagate.com/au/en/products/enterprise-servers-storage/nearline-storage/.
Be careful to review the data sheets so you don't have future warranty
claims rejected.

I've found it's easy to KISS by grouping by file type (eg immutable or
mutable or append-only, sequentially accessed vs randomly accessed,
main reader bottleneck being CPU/RAM or IO etc) and putting them in
optimal primary and backup locations accordingly. I find the idea of
transparent storage tiers undesirable, as there's no way I can reason
about that and guarantee consistent throughput and latency results
(let alone how to recover when a few drives out of the 60+ fail, or a
non-JBOD controller dies).

Are you able to share more about your storage requirements (capacity,
sequential throughput, IO latency, resiliency, target chassis details
etc) so we can offer suggestions?

Re: Hi There! I am trying to install OpenBSD

[Stuart Henderson]

On 2016-02-01, Gabriele Tozzi  wrote:
>> I have no solution for you but some search results
>> 
>> http://daemonforums.org/showthread.php?t=4752
>> http://openbsd-archive.7691.n7.nabble.com/Atapiscsi-problem-on-VIA-NAB7100-VIA-VT6420-td184350.html
>> http://openbsd-archive.7691.n7.nabble.com/Second-SATA-channel-in-Via-VT3237S-td191011.html
>
> Thank you!
>
> The third link spotted my problem: it's an old OpenBSD bug that,
> apparently, never got fixed.
>
> It looks like I'll have to install OpenBSD some other day.
>
> Gabriele

That report "As indicated by PR6117 it appears to have arisen between
4.4 and 4.5" is based on faulty reading of kernel/6117, what it's
actually saying is that the system was previously running 4.4 and it was
broken there too, but the report was made after testing on -current.

--snip--
Turns out the VIA VT6421 SATA controller has 3 channels, two sata and
one pata. The first sata and the pata port work on OpenBSD, the second
sata port does not. Linux/FreeBSD/NetBSD all have special code to handle
this chip, OpenBSD does not.

E.g. see these files:

http://cvsweb.netbsd.org/bsdweb.cgi/~checkout~/src/sys/dev/pci/viaide.c
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/ata/chipsets/ata-via.c?rev=HEAD;content-type=text%2Fplain
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=drivers/ata/sata_via.c

Putting this information here so it does not get lost.
Maybe a pciide guru can look at this problem.
--snip--

i.e. it's just missing support for a quirky chip that needs the OS
to do some weird setup.

Re: Hi There! I am trying to install OpenBSD

[Philipp Buehler]

Am 01.02.2016 23:52 schrieb Stuart Henderson:

i.e. it's just missing support for a quirky chip that needs the OS
to do some weird setup.


Or just use only that first SATA (and PATA) port?
e.g., Gabriele, if there's only one disk in there, try to recable it to 
the other SATA slot.


--
pb

Re: Can I accelerate my magnet HDD using a SSD in any way?? E.g. softraid patch/ARC, dedicated hardware e.g. Intel RCS25ZB040LX="Nytro MegaRAID", anything

[Adam Thompson]

On 16-02-01 12:19 PM, Tinker wrote:

My purpose with asking for SSD-accelerated HDD was DOUBLE:

 1) I need some SSD storage but don't like that it could break 
together - I mean, a bug in your system will feed your SSD at full 
bandwidth for ~7h-7 days, it's completely fried - that's not OK, so 
putting a "redundance layer" in the from of an underlying magnet 
storage layer is really justified.


...so what?  I don't understand what your concern is here.  If you buy a 
batch of HDDs from the same lot, they'll probably all die around the 
same time, too.  I don't think I understand what you're trying to say.


If you're worried about SSD write endurance, I'd say... don't.  Or buy 
better-quality SSDs ;-).


See http://ssdendurancetest.com/  for real-world stress-test data. 
Especially 
http://ssdendurancetest.com/ssd-endurance-test-report/Intel-SSD-520-60.


The Intel DC P3700 series should last about 1.5yrs in an absolutely 
worst-case scenario.  Even the worst-case DC series I could find should 
still last about a month and a half under murderous stress-test conditions.


http://estimator.intel.com/ssdendurance/

This report 
(http://techreport.com/review/27909/the-ssd-endurance-experiment-theyre-all-dead) 
confirms that even if you completely fill an SSD, that's no big deal.


If your application has a "bug" it's unlikely the sort of bug that would 
fill the entire SSD, erase it all, fill it again, erase it all again, 
etc... and most SSDs can handle ~3000 full-device writes nowadays.


Also remember to factor in the fact that UFS/UFS2 doesn't (usually) 
saturate a block device with I/O write requests.  Maybe if it was just 
writing to a single enormous file it might, but could that actually 
happen in your situation?



2) I need some bulk storage, and I want the terabytes to be really 
cheap so that i NEVER will run out of archival space. An 8TB magnet 
HDD costs in the range USD 500.


Here, I like it to be stored "symmetrically" with how I store the 
other stuff, that is having separate disks, directories, mount points 
etc. for the two doesn't really appeal to me in this particular case -


Simply knowing that the less frequently accessed data will be 
taken from magnet and the more frequently accessed data from SSD seems 
both convenient and practical for my usecase, and, I'll try to have 
SSD volume to cover for *MORE THAN ALL* of my frequently stored data.


Perhaps knowing the prioritization algorithm as to be able to 
calculate more closely what's in the SSD and what's on the HDD only 
would make some sense, BUT, training it by telling it what's to load 
fast using "cat `find the-relevant-data/` > /dev/null" single-shot and 
perhaps via crontab, should deliver really well.


Cheap storage is a valid argument.  HDD vs SSD is still easily an order 
of magnitude difference in price.


So go run FreeNAS (or TrueNAS, or Solaris, or FreeBSD, or even 
Linux...), run ZFS with both a L2ARC and ZIL device on fast SSD, and 
remote-mount the directory.  You even have a choice of protocols :-).  
(NFS or iSCSI.  I suspect you'd want to use NFS, but YMMV.)


Short answer: I don't think any part of OpenBSD does what you're asking, 
natively.  Some supported hardware devices (like the MegaRAID Cachecade, 
et al.) do this for you.  But at that point, what's the difference 
between having the disks hooked up to some speciality hardware in an 
OpenBSD box, versus having the disks hooked up to generic, not-special 
hardware on a non-OpenBSD box? (Particularly given that UFS/UFS2 on 
OpenBSD isn't exactly known for its award-winning performance in the 
first place?)


FYI, even if Intel SRT was available on a Xeon board, you'd still be out 
of luck, because it requires device driver support  - it relies on the 
Intel fake-raid technology which, IIRC, is not supported at all under 
OpenBSD.


I'd also like to see something like this available in OpenBSD's VFS 
layer, but I'm not holding my breath.


IIRC there was some interest in integrating Hammer/Hammer2 into OpenBSD 
instead of ZFS due to licensing issues, but even Hammer2 doesn't appear 
to have tiered storage in its feature list.


Some more random thoughts:
- the Dell H800 supports up to 1GB NVRAM, which is just a CacheCade 
implementation.
- CacheVault is the newer version of CacheCade (AFAICT), and is 
supported on newer MegaRAID cards.  See 
http://www.avagotech.com/products/server-storage/raid-controllers/cache-protection#overview 
for some pretty skimpy info.
- moving your data from HDD to SSD isn't going to dramatically speed up 
READ operations.  Carefully examine the specsheets on both the HDDs and 
SSDs and compare read bandwidths.  Access time (latency) is where SSDs 
are useful, along with acting as write-back caches.
- Areca raid controllers support up to 8GB of cache and a sh*tload of 
SAS ports; this might be good enough for your needs - have a look.



Either iSCSI or NFS against a ZFS-based NAS is probably still your best 
bets 

Re: xauth: (argv):1: bad display name "BadSystemDetected.my.domain:0" in "remove" command

[Edgar Pettijohn]

I always get that error.  I have been ignoring it and so far no problems 
that I can tell.


On 02/01/16 14:58, Lô Baret wrote:

I tried to Xorg -configure today and I get this :

(==) Using system config directory "/usr/X11R6/share/X11/xorg.conf.d"
(EE) Segmentation fault at address 0x28
Fatal server error:
(EE) Caught Signal 11 (Segmentation Fault). Server aborting

Still don't know what to do with it.


2016-01-30 18:34 GMT+01:00 Lô Baret :

Thanks for the answer, i've already looked for solutions in the
mailing list archive and on numerous forums.
Now I can successfully launch i3 or awesome with startx
/usr/local/bin/mywm but there is still the same xauth error: bad
display name.
$DISPLAY command returns nothing

2016-01-30 18:09 GMT+01:00 Peter N. M. Hansteen :

On 01/30/16 17:48, Lô Baret wrote:

Hello, I recently installed OpenBSD 5.8 amd64 for the first time
(default install options all the way) on my laptop (Thinkpad X200s)
and everything went well until I tried to startx another window
manager than the default fvwm.

startx launches fvwm correctly but whenever I try with another window
manager with startx /usr/bin/mywm (i3 or awesome or cwm) I get this
error. I've looked for my wm packages in /usr/bin/ today and found
nothing (???) but it seems to be still present on the system (don't
know how to find package location)


anything that comes out of packages (or ports) tends to land somewhere

under

/usr/local, so the binaries you're looking for will likely be in
/usr/local/bin.

Other than that, pasting the error message (minus the hostname) into a
favorite search engine produces a number of potentially useful hints.


--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: any questions of Relayd proxy on OpenBSD 5.8 ...

[Stuart Henderson]

On 2016-02-01, Luis Coronado  wrote:
> Anything based on calomel.org is ignored, real reference is the manual
> pages.

You know a guide is going to be good when the dates shown in examples
are from 8 years ago and it says "If you have OpenBSD v4.3 or later"...

Re: Lanp equivalent web server working on OpenBSD no Apache

[bruce]

I didn't, that's direct from the man page for doas.conf

> On February 1, 2016 at 12:16 AM Bernd Schoeller  wrote:
>
>
> On 30/01/16 21:10, bruce wrote:
> > I've been working on this for several weeks now.
> > Results with instructions can be seen here:
> > http://tonyevil.zapto.org/serendipity/
> > Any feedback welcome.
> > httpd is too new for this to be well documented, so here is my small
> > contribution.
>
> Beyond the usual problems of posting HowTos (search the list archives),
> I find it remarkable that you give tedu access to your procmap command ...
>
> Bernd

Re: Can I accelerate my magnet HDD using a SSD in any way?? E.g. softraid patch/ARC, dedicated hardware e.g. Intel RCS25ZB040LX="Nytro MegaRAID", anything

[Janne Johansson]

2016-01-31 9:16 GMT+01:00 Tinker :

> This could be made in software with benefit, as a Softraid patch.
> So the frequently accessed stuff ends up cached on the SSD for faster read
> speed.
> There is some hardware solution, e.g. Intel made the
> http://ark.intel.com/products/70029/Intel-RAID-SSD-Cache-Controller-RCS25ZB040LX
> using the "Nytro MegaRAID" chip.
> Also in the past there was a "Adaptec MaxIQ". Those are the only two "Raid
> controller cache" hardware solutions I am aware of, do you know any more?
>
>
Intel Z68 motherboards also have this in hardware. A bit tiresome to set up
for bootdrives (since the disk type changes from normal SATA to raid)
but should be transparent to the OS after it is set up.

Re: Lanp equivalent web server working on OpenBSD no Apache

[Bernd Schoeller]

On 30/01/16 21:10, bruce wrote:

I've been working on this for several weeks now.
Results with instructions can be seen here:
http://tonyevil.zapto.org/serendipity/
Any feedback welcome.
httpd is too new for this to be well documented, so here is my small
contribution.


Beyond the usual problems of posting HowTos (search the list archives), 
I find it remarkable that you give tedu access to your procmap command ...


Bernd

Re: No more proxy on ftp(1)?

[chohag]

arrowscr...@mail.com writes:
> Thank you for your help Stuart. I'll just use curl for now. Actually use
torsocks seems a bad practice for any situation, I should just set a
transparent proxy (but the pf.conf
> from torproject.org does not work, I'll need to write is myself some day).
> Thanks again.

For the benefit of your lazy bone, and anyone else who comes across it,
here's the configuration I worked out. In OpenBSD's favour, I managed
this despite being relatively new to OpenBSD administration and
completely new to pf, so I don't know if it's 'right', but it is
'successful'.

Tor router sits on a lan as any other server would at 10.42.0.8 and the
subnet it anonymises at 10.172.192.2. 10.172.192.0/24 route through it
(enforced by the switch/bridge they all plug in to).


# cat /etc/pf.conf
# 

pass in quick inet proto tcp from 10.172.192.0/24 to 10.172.192.2 port tor

pass in quick inet proto udp from 10.172.192.0/24 to port domain
pass in quick inet from 10.172.192.0/24 divert-to 127.0.0.1 port transtor
pass out quick inet from 10.172.192.0/24 divert-reply
block in quick inet from 10.172.192.0/24


# getent services tor transtor
tor9050/tcp
transtor   9040/tcp


# grep -v ^# /etc/tor/torrc | hand-grep _RELEVANT_LINES_
OutboundBindAddress 10.42.0.8 # Bind to the lan for outgoing connections

SocksPort 127.0.0.1:9050
SocksPort 10.172.192.2:9050
SocksPolicy accept 127.0.0.0/8
SocksPolicy accept 10.172.192.0/24
SocksPolicy reject *

VirtualAddrNetworkIPv4 10.127.0.0/16
AutomapHostsOnResolve 1
TransPort 127.0.0.1:9040
TransPort 10.172.192.2:9040
DNSPort 127.0.0.1:53
DNSPort 10.172.192.2:53
TransProxyType pf-divert


Cheers,

Matthew

Re: Hi There! I am trying to install OpenBSD

[Ville Valkonen]

Hi,

On 1 February 2016 at 08:21, Gabriele Tozzi  wrote:
> This is my first message on the list so, first of all, hello everybody! :)
>
> I've recently bought a dedicated PC, planning to use it as a firewall by
> installing OpenBSD on it.
>
> I have downloaded the install80.iso, checked the sha sum, and read the
> installation guide.
> I have burned the iso to a cd-rom and checked the sha sum again on the
> machine I am trying to install.
> I have tested the hardware and the general functionality of the machine
> with common open source tools (memtest and succesfully installing a
> linux distro).
>
> When I boot the i386 OpenBSD 5.8 CD, it loads the kernel and writes a
> lot of blue stuff, then stops at:
>
> wdc_atapi_intr: warning: reading only 0 of 18 bytes
>
> For those who have a browser, here is a full screenshoot:
> http://imagebin.ca/v/2VR8MRMArdG7
>
> I've tried to look for this error using a search engine, but I
> surprisingly got zero results.

Check /usr/src/sys/dev/atapiscsi/atapiscsi.c and line 1042. A bit
above, there is the following comment:
1028 /* Exceptional case - drive want to transfer more
1029data than we have buffer for */

Though, no idea/time to see how to fix it.

--
Regards,
Ville Valkonen

Re: No more proxy on ftp(1)?

[Jiri B]

On Mon, Feb 01, 2016 at 04:33:00AM +0100, arrowscr...@mail.com wrote:
> Thank you for your help Stuart. I'll just use curl for now. Actually use 
> torsocks seems a bad practice for any situation, I should just set a 
> transparent proxy (but the pf.conf from torproject.org does not work, I'll 
> need to write is myself some day).
> Thanks again.

netcat uses socks, so maybe ftp could benefit from its code.

j.

Re: Can I accelerate my magnet HDD using a SSD in any way?? E.g. softraid patch/ARC, dedicated hardware e.g. Intel RCS25ZB040LX="Nytro MegaRAID", anything

[Janne Johansson]

I saw it on a desktop, didn't think to see if it was ever used or not on
motherboards for other types of machines, I just assumed that Z68 could be
used on other places also.


2016-02-01 11:00 GMT+01:00 Tinker :

> On 2016-02-01 16:33, Janne Johansson wrote:
>
>> 2016-01-31 9:16 GMT+01:00 Tinker :
>>
>> This could be made in software with benefit, as a Softraid patch.
>>> So the frequently accessed stuff ends up cached on the SSD for faster
>>> read
>>> speed.
>>> There is some hardware solution, e.g. Intel made the
>>>
>>> http://ark.intel.com/products/70029/Intel-RAID-SSD-Cache-Controller-RCS25ZB040LX
>>> using the "Nytro MegaRAID" chip.
>>> Also in the past there was a "Adaptec MaxIQ". Those are the only two
>>> "Raid
>>> controller cache" hardware solutions I am aware of, do you know any more?
>>>
>>>
>>> Intel Z68 motherboards also have this in hardware. A bit tiresome to set
>> up
>> for bootdrives (since the disk type changes from normal SATA to raid)
>> but should be transparent to the OS after it is set up.
>>
>
> Thanks for mentioning, however, this tech (called "Intel Smart Response")
> is a laptop/desktop thing only currently isn't it, you don't see it on any
> 1-2-4x Xeon:s at least now right?
>
>


-- 
May the most significant bit of your life be positive.

Re: assigning ipv6 addresses to interfaces

[LÉVAI Dániel]

obsd @ 2016-01-31T17:49:04 +0100:
> On 31-01-16 17:13, LÉVAI Dániel wrote:
[...]
> >So turns out, that if I request anything other than sla_id 0 or 1, I get
> >another subnet, but with a /72 prefix. Also, using:
> >ia_pd 1 re1/1 athn0/2 athn1/3
> >... resulted in the same subnet/prefix sent to me, for all interfaces.
> >
> >For some reason I had to increment the sla_ids by 4 to get another
> >subnet. So:
> >ia_pd 1 re1/1 athn0/4 athn1/8
> >... actually worked, and got three different subnets, but all came with
> >a /72 prefix. And for some other reason, none of my devices (Linux,
> >Android, Chromecast...) would accept a /72 address advertised, so
> >although they all got a reply for their rtsol, they ignored it...


> A /72 should not work (and indeed does not work as you found out)! The
> smallest subnet (with the exception of a /127 /128) is /64. Your ISP is
> doing The Wrong Thing (tm). Instead your ISP should provide you with a /56
> (for 256 subnets) or, even better, with a /48, where you would have 65536
> subnets. The latter is the preferred standard although some ISP's do not
> understand the sheer size of IPv6, and therefore think that they are wasting
> space handing out /48's. NANOG is full of discussions about this.
> 
> See 
> http://serverfault.com/questions/426183/how-does-ipv6-subnetting-work-and-how-does-it-differ-from-ipv4-subnetting
> for example.

Interesting. I even tried to specifically request a prefix with
ia_pd 1/::/64 [...]
... but alas it didn't make any difference.

Could it be that this is the error of dhcpcd's implementation of the
request, and not the ISP's? Before I try the customer services, I just
want to make sure this is not PEBKAC.


Daniel

-- 
LÉVAI Dániel
PGP key ID = 0x83B63A8F
Key fingerprint = DBEC C66B A47A DFA2 792D  650C C69B BE4C 83B6 3A8F

Re: Can I accelerate my magnet HDD using a SSD in any way?? E.g. softraid patch/ARC, dedicated hardware e.g. Intel RCS25ZB040LX="Nytro MegaRAID", anything

[Tinker]

On 2016-02-01 16:33, Janne Johansson wrote:

2016-01-31 9:16 GMT+01:00 Tinker :


This could be made in software with benefit, as a Softraid patch.
So the frequently accessed stuff ends up cached on the SSD for faster 
read

speed.
There is some hardware solution, e.g. Intel made the
http://ark.intel.com/products/70029/Intel-RAID-SSD-Cache-Controller-RCS25ZB040LX
using the "Nytro MegaRAID" chip.
Also in the past there was a "Adaptec MaxIQ". Those are the only two 
"Raid
controller cache" hardware solutions I am aware of, do you know any 
more?



Intel Z68 motherboards also have this in hardware. A bit tiresome to 
set up

for bootdrives (since the disk type changes from normal SATA to raid)
but should be transparent to the OS after it is set up.


Thanks for mentioning, however, this tech (called "Intel Smart 
Response") is a laptop/desktop thing only currently isn't it, you don't 
see it on any 1-2-4x Xeon:s at least now right?

Re: Can I accelerate my magnet HDD using a SSD in any way?? E.g. softraid patch/ARC, dedicated hardware e.g. Intel RCS25ZB040LX="Nytro MegaRAID", anything

[patric conant]

On Sun, Jan 31, 2016 at 8:42 PM, Tinker  wrote:

> Patrick,
>
> On 2016-02-01 07:10, Patrick Dohman wrote:
>
>> There is some hardware solution, e.g. Intel made the
>>>
>>
>>
http://ark.intel.com/products/70029/Intel-RAID-SSD-Cache-Controller-RCS25ZB04
>> 0LX using the "Nytro MegaRAID" chip.
>>
>>>
>>> Someone would need to port its driver to OpenBSD.
>>>
>>> Also in the past there was a "Adaptec MaxIQ". Those are the only two
>>> "Raid
>>>
>> controller cache" hardware solutions I am aware of, do you know any more?
>>
>>>
>>>
>>>
>>>
>> Some of the MegaRaid cards feature cache cade.
>>
>
> Do you know any MegaRaid that a) supports that, b) is modern and not
> archaic, and c) is supported by OpenBSD?
>
> Essentially disk cache is written to SSD before being “copied” to
spinning
>> disk.
>>
>
> I was mostly considering read acceleration.
>
> (
>
>> Keep in mind DRAM based cache can improve performance when implemented in
>> conjunction with hardware write back.
>>
>
> Sure.
>
> Also magnetic disk & SSD with super cap / fault tolerant on disk cache can
>> seed up I/O significantly..
>>
>
> Can you give a practical example of this?
> )
>
> Thanks,
> Tinker
>
>
Why can't the solution be all flash? $400 for 1 TB flash, * 7 sata ports on
a decent $100 Motherboard, gets you 7TB of flash for under $3000

Re: Can I accelerate my magnet HDD using a SSD in any way?? E.g. softraid patch/ARC, dedicated hardware e.g. Intel RCS25ZB040LX="Nytro MegaRAID", anything

[andrew fabbro]

On Mon, Feb 1, 2016 at 8:16 AM, patric conant 
wrote:

> Why can't the solution be all flash? $400 for 1 TB flash, * 7 sata ports on
> a decent $100 Motherboard, gets you 7TB of flash for under $3000
>

Well, yes, and for a few hundred thousand you can get persistent DRAM
fusion-io.

OTOH, you can get 4TB SATA drives for $250.

The OP was just pointing out that SSD-acceleted (aka SSD-cached) SATA/SAS
is very common in Win/Lin/OSX and was wondering what the status is on
OpenBSD.


-- 
andrew fabbro
and...@fabbro.org

Re: Karel, some followup Q:s on your RAID1C patch

[Karel Gardas]

Tinker, adding block number to sector data and calculate chksum over
this should be relatively easy. I'll ping you once I send another WIP
patch to tech@ so you will get a chance to hack on it...

Besides this, I've observed you are huge fan of ZFS. Perhaps even
better for you may be to work on proper zfs-fuse port to OpenBSD?

Re: Squid slow in connecting to SSL

[Kim Zeitler]

Sorry for the long wait, but had a free weekend and none of the site 
techs got back to me until later today.


On 01/29/16 22:03, Stuart Henderson wrote:

If you have contact with any of the site admins see if they are
running on linux with tcp_tw_recycle=1, I think there is a strong
possibility that they are, and if so then they should fix their
configuration.

I wrote to our contact there and am trying to get the information if
they are using this setting.

I managed to get the information from their server and sadly

net.ipv4.tcp_tw_recycle = 0




Typical Linux behaviour (at least the version I tried) is to use a single
counter for all TCP sessions from the host so it would be more likely to
use 1,2,3 - 7,8,9 - 49,50,51 - 67,68,69.

This isn't required by TCP though - that only needs timestamps *within a
session* i.e src+dest host-port quad - to be increasing. Multiple sessions
are treated separately and can be in any order wrt each other. If I understand
correctly tw_recycle reduces it to just src+dest *host*.

If you have two hosts with the simple behaviour (single counter) going
through a NAT, it doesn't usually touch timestamps so they will be
out of order - maybe 49,50,51 - 67,68,69 - 1,2,3 - 7,8,9. This is
OK as far as TCP goes but breaks with tw_recycle. But in the NAT case
it's usually only noticed if two people from behind the same NAT visit
the site within the TIME_WAIT timeout window.

For a proxy, there is a cutoff. There are two TCP sessions end-to-end,
the packet data are copied across but not headers. The headers are subject
to the proxy's OS's behaviour.

Now... OpenBSD randomizes these per session. A random offset is applied
and stored as part of the TCP state. This is good because it's extra
entropy to help protect against blind spoofing, and avoids leaking
information about the host's uptime. So simplified example you could
have 4 consecutive sessions using 1,2,3 - 49,50,51 - 67,68,69 - 7,8,9 --
and that's ok. In spec for TCP, suggested by the newer RFC, and as you
can see above, it's totally normal for a natted connection to act like
this. It's just that Linux's tw_recycle misfeature gets confused.

If you run the proxy on an OS which doesn't offset timestamps like this
(note that OpenBSD has done this for many years), you won't trigger it,
but run it on OpenBSD and it's easy. You'll also be able to trigger it
by connecting from a single machine with a simple timestamp but running
the connection through a PF nat with the "modulate timestamps" option.

It can be worked around your side. But if you do that the server admins
will likely never fix things (and maybe blame it on OpenBSD) so I'm
reluctant to mention it on list - and that workaround will throttle tcp
for all connections to/from the server, limiting you to about 5Mb max
for transatlantic connections.



Thank you Stuart again for this great explanation of this behaviour.
Sadly as noted above the server doesn't have this option set.

I am currently at a lose and gladly provide more information.

Cheers
Kim

carp dhclient

[sven falempin]

Dear Readers,
Without IP carp is marked as inactive,
i tried to set up a stupid IP on it and then call dhclient.
It sends packet but does configure interface.
:'(
Any particular reason for this ?
Thank you.

-- 
-
() ascii ribbon campaign - against html e-mail
/\

Re: Karel, some followup Q:s on your RAID1C patch

[Tinker]

Janne,

ZFS includes the sector number in the checksum input because that 
provides a safeguard against any form of disk breakdown.


Most filesystems except for ZFS are susceptible to this kind of error 
because either it's not checksummed, or the checksums are locally stored 
so data relocations wouldn't be caught (and Karel's is something in 
between as checksums are stored separately).


The purpose is to add data integrity guarantees. This is not "how it is 
done" in filesystems that not are intended to provide such guarantees 
anyhow. The risk there is that in extremely rare cases, parts or whole 
of files may be swapped, and that is not OK for "high value data".



On 2016-02-01 18:40, Janne Johansson wrote:
I did not oppose adding the sector number, just the "idea" that 
internal

relocations would make this number change.
If it did, then everything would break for all filesystems, so that is
obviously not how it is done.

Re: carp dhclient

[Jack J. Woehr]

Josh Grosse wrote:

On 2016-02-01 11:32, sven falempin wrote:

Dear Readers,
Without IP carp is marked as inactive,


See https://sites.google.com/site/bsdstuff/dhcarp and adapt
to your requirements.


The Book of PF, 3rd Edition
A No-Nonsense Guide to the OpenBSD Firewall
by Peter N. M. Hansteen
ISBN-10: 1-59327-589-7
ISBN-13: 978-1-59327-589-1
Copyright 2015.


--
Jack J. Woehr # Science is more than a body of knowledge. It's a way of
www.well.com/~jax # thinking, a way of skeptically interrogating the universe
www.softwoehr.com # with a fine understanding of human fallibility. - Carl Sagan

Re: assigning ipv6 addresses to interfaces

[Stuart Henderson]

On 2016-02-01, LÉVAI Dániel  wrote:
> obsd @ 2016-01-31T17:49:04 +0100:
>> On 31-01-16 17:13, LÉVAI Dániel wrote:
> [...]
>> >So turns out, that if I request anything other than sla_id 0 or 1, I get
>> >another subnet, but with a /72 prefix. Also, using:
>> >ia_pd 1 re1/1 athn0/2 athn1/3
>> >... resulted in the same subnet/prefix sent to me, for all interfaces.
>> >
>> >For some reason I had to increment the sla_ids by 4 to get another
>> >subnet. So:
>> >ia_pd 1 re1/1 athn0/4 athn1/8
>> >... actually worked, and got three different subnets, but all came with
>> >a /72 prefix. And for some other reason, none of my devices (Linux,
>> >Android, Chromecast...) would accept a /72 address advertised, so
>> >although they all got a reply for their rtsol, they ignored it...
>
>
>> A /72 should not work (and indeed does not work as you found out)! The
>> smallest subnet (with the exception of a /127 /128) is /64. Your ISP is
>> doing The Wrong Thing (tm). Instead your ISP should provide you with a /56
>> (for 256 subnets) or, even better, with a /48, where you would have 65536
>> subnets. The latter is the preferred standard although some ISP's do not
>> understand the sheer size of IPv6, and therefore think that they are wasting
>> space handing out /48's. NANOG is full of discussions about this.
>> 
>> See 
>> http://serverfault.com/questions/426183/how-does-ipv6-subnetting-work-and-how-does-it-differ-from-ipv4-subnetting
>> for example.
>
> Interesting. I even tried to specifically request a prefix with
> ia_pd 1/::/64 [...]
> ... but alas it didn't make any difference.
>
> Could it be that this is the error of dhcpcd's implementation of the
> request, and not the ISP's? Before I try the customer services, I just
> want to make sure this is not PEBKAC.

I think the ISP are probably only handing out one /64, and while I'm
not sure how dhcpcd copes in that situation (you could ask on the dhcpcd
mailing list), it's probably doing the best it can under the conditions
(but not good enough for SLAAC).

Our tcpdump(8) doesn't decode dhcpv6 but if you use e.g. wireshark
you'll see something like this in the ISP's reply,

# tshark -i pppoe1 -V port 546 or port 547
[...]
Identity Association for Prefix Delegation
Option: Identity Association for Prefix Delegation (25)
Length: 41
Value: 0002001a0019...
IAID: 0002
T1: infinity
T2: infinity
IA Prefix
Option: IA Prefix (26)
Length: 25
Value: 302a028011700300...
Preferred lifetime: infinity
Valid lifetime: infinity
Prefix length: 48
Prefix address: 2a02:8011:7003::

And in your case I think it will probably have "Prefix length: 64".
If so, I'd start by asking the ISP if they can configure things to
let you have a /48 or /56.

Re: Hi There! I am trying to install OpenBSD

[Ruslanas Gžibovskis]

Hi Gabriele,

I would try to install older version, to be sure, it is not related to
installer version...


On Mon, 1 Feb 2016 at 13:16 Ville Valkonen  wrote:

> Hi,
>
> On 1 February 2016 at 08:21, Gabriele Tozzi  wrote:
> > This is my first message on the list so, first of all, hello everybody!
> :)
> >
> > I've recently bought a dedicated PC, planning to use it as a firewall by
> > installing OpenBSD on it.
> >
> > I have downloaded the install80.iso, checked the sha sum, and read the
> > installation guide.
> > I have burned the iso to a cd-rom and checked the sha sum again on the
> > machine I am trying to install.
> > I have tested the hardware and the general functionality of the machine
> > with common open source tools (memtest and succesfully installing a
> > linux distro).
> >
> > When I boot the i386 OpenBSD 5.8 CD, it loads the kernel and writes a
> > lot of blue stuff, then stops at:
> >
> > wdc_atapi_intr: warning: reading only 0 of 18 bytes
> >
> > For those who have a browser, here is a full screenshoot:
> > http://imagebin.ca/v/2VR8MRMArdG7
> >
> > I've tried to look for this error using a search engine, but I
> > surprisingly got zero results.
>
> Check /usr/src/sys/dev/atapiscsi/atapiscsi.c and line 1042. A bit
> above, there is the following comment:
> 1028 /* Exceptional case - drive want to transfer more
> 1029data than we have buffer for */
>
> Though, no idea/time to see how to fix it.
>
> --
> Regards,
> Ville Valkonen
>
> --

Ruslanas Gžibovskis
+370 6030 7030
RHCE: 130-192-255

Re: any questions of Relayd proxy on OpenBSD 5.8 ...

[Luis Coronado]

Anything based on calomel.org is ignored, real reference is the manual
pages.

-luis


On Mon, Feb 1, 2016 at 10:49 AM, zje.net.cn  wrote:

> Recently I have encountered some difficulties in debugging the relayd
> proxy on OpenBSD 5.8.
> The relevant rules are derived from
>  https://calomel.org/relayd.html
>
> Example 5: Service Redirector
>
> ..with the rules about pf.conf and relayd.conf above the article, i
> had the wrong reminder,
> such as 'rdr-anchor "relayd/*"' change to 'anchor "relayd/*"' and ”match
> in log... ” may be
> "pass in log ..." It looks as if the rule definition associated with the
> new version of the system has changed.
> ..then i have not not yet successful for making the rules with
> pf to
> achieve site load balancing on tcp service layer, how can i do? thanks for
> helps.

any questions of Relayd proxy on OpenBSD 5.8 ...

[zje.net.cn]

Recently I have encountered some difficulties in debugging the relayd proxy on 
OpenBSD 5.8.
The relevant rules are derived from 
 https://calomel.org/relayd.html
 
Example 5: Service Redirector
 
..with the rules about pf.conf and relayd.conf above the article, i had the 
wrong reminder,
such as 'rdr-anchor "relayd/*"' change to 'anchor "relayd/*"' and ¡±match in 
log... ¡± may be
"pass in log ..." It looks as if the rule definition associated with the new 
version of the system has changed.
..then i have not not yet successful for making the rules with pf to
achieve site load balancing on tcp service layer, how can i do? thanks for 
helps.

Re: carp dhclient

[Josh Grosse]

On 2016-02-01 11:32, sven falempin wrote:

Dear Readers,
Without IP carp is marked as inactive,
i tried to set up a stupid IP on it and then call dhclient.
It sends packet but does configure interface.
:'(
Any particular reason for this ?
Thank you.


Carp requires static addresses. You can establish carp on
an inward network, and use carp advertisements in concert
with ifstated(8) to transfer the use of a MAC address between
active systems on the outer, dynamic network.

See https://sites.google.com/site/bsdstuff/dhcarp and adapt
to your requirements.

Re: Trying to newfs an old 128 compactflash

[Chris Cappuccio]

Monah Baki [monahb...@gmail.com] wrote:
> # newfs /dev/rsd0a
> /dev/rsd0a: 123.0MB in 251840 sectors of 512 bytes
> 4 cylinder groups of 30.74MB, 3935 blocks, 7872 inodes each
> newfs: wtfs: write error on block 16: Input/output error
> 
> Same error. I never seen this error before and I've used newfs before.
> 

you're writing a disklabel from another size image to a flash that is probably 
smaller. try:
dd if=/dev/zero of=/dev/rsd0c bs=1m count=1
fdisk -i sd0
disklabel -E sd0



> On Sat, Jan 30, 2016 at 8:10 PM, Edgar Pettijohn
>  wrote:
> > On 01/30/16 18:15, Monah Baki wrote:
> >>
> >> Hi all,
> >>
> >> Trying to newfs an old 128MB flashcard on my OpenBSD 5.7, so I can
> >> install OpenBSd on it to run on a Soekris.
> >>
> >> # dmesg | grep sd0
> >> sd0 at scsibus5 targ 1 lun 0:  SCSI4
> >> 0/direct removable serial.0bda0309201209010309
> >> sd0: 123MB, 512 bytes/sector, 251904 sectors
> >>
> >> # disklabel sd0
> >> # /dev/rsd0c:
> >> type: SCSI
> >> disk: vnd-a43c9e59
> >> label:
> >> duid: 770fe5cc30020c20
> >> flags:
> >> bytes/sector: 512
> >> sectors/track: 63
> >> tracks/cylinder: 255
> >> sectors/cylinder: 16065
> >> cylinders: 15
> >> total sectors: 251904
> >> boundstart: 0
> >> boundend: 0
> >> drivedata: 0
> >
> >
> > http://marc.info/?l=openbsd-misc=105156642420865=2
> > The math doesn't add up.
> >
> >> 3 partitions:
> >> #size   offset  fstype [fsize bsize  cpg]
> >>a:   251840   64  4.2BSD   1024  81920
> >>c:   2519040  unused
> >>
> >>
> >> # fdisk sd0
> >> Disk: sd0   geometry: 15/255/63 [251904 Sectors]
> >> Offset: 0   Signature: 0xAA55
> >>  Starting Ending LBA Info:
> >>   #: id  C   H   S -  C   H   S [   start:size ]
> >>
> >> ---
> >>   0: 00  0   0   0 -  0   0   0 [   0:   0 ]
> >> unused
> >>   1: 00  0   0   0 -  0   0   0 [   0:   0 ]
> >> unused
> >>   2: 00  0   0   0 -  0   0   0 [   0:   0 ]
> >> unused
> >> *3: A6  0   1   2 - 14 254  63 [  64:  240911 ]
> >> OpenBSD
> >>
> >>
> >> # newfs -S 512 /dev/rsd0a
> >> /dev/rsd0a: 123.0MB in 251840 sectors of 512 bytes
> >> 4 cylinder groups of 30.74MB, 3935 blocks, 7872 inodes each
> >> newfs: wtfs: write error on block 16: Input/output error
> >
> > Have you tried:
> > #newfs /dev/rsd0a
> >
> > I've done a few flashcards and never had to use anything but the default.
> >
> >
> >>
> >> I tried 3 other 128MB flashcards, and a 32MB too, same results.
> >>
> >> Any help will be highly appreciated, and if you need any additional info
> >> too.
> >>
> >>
> >>
> >> Thanks
> >> Monah

Re: Lanp equivalent web server working on OpenBSD no Apache

[Dan Farrell]

Except that you state it as something people should include as part of
their proper configuration.

Really? They should give Ted Unangst's account access to procmap?


Dan

On Mon, Feb 1, 2016 at 7:19 PM, bruce  wrote:

> I didn't, that's direct from the man page for doas.conf
>
> > On February 1, 2016 at 12:16 AM Bernd Schoeller  wrote:
> >
> >
> > On 30/01/16 21:10, bruce wrote:
> > > I've been working on this for several weeks now.
> > > Results with instructions can be seen here:
> > > http://tonyevil.zapto.org/serendipity/
> > > Any feedback welcome.
> > > httpd is too new for this to be well documented, so here is my small
> > > contribution.
> >
> > Beyond the usual problems of posting HowTos (search the list archives),
> > I find it remarkable that you give tedu access to your procmap command
> ...
> >
> > Bernd

Re: Hi There! I am trying to install OpenBSD

[Gabriele Tozzi]

> Or just use only that first SATA (and PATA) port?
> e.g., Gabriele, if there's only one disk in there, try to recable it to
> the other SATA slot.

Yes, it works with just one drive installed, but having no USB boot
support and being unable to use a CD Drive, I'll have to find a fancy
way to install. Maybe an old IDE cd-drive.
But there is no space for it in the case, so I'll have to remove it and
reconnect it every time I'll need maintenance (eg. system upgrades).

Well, yes, this could be a way...

Thanks

Gabriele

GPG Key Fingerprint:
DAD1 E3E3 C3E9 36FB C570 F405 9B5F 7108 A1D0 2FFF

Hardware compatibility (was: Hi There! I am trying to install OpenBSD)

[Gabriele Tozzi]

I really wanted to install OpenBSD so, this morning I went back to the
shop and the kind guy accepted to replace the bugged motherboard with a
different one for a reasonable extra. This one is an overkill for my
needs (it has a 1.8Ghz 64bit atom CPU!!!), but good news: I've finally
managed to install OpenBSD.

It's amazing to see how everything fit in a bit more than 200Mb!

# df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd0a 1007M   42.3M914M 4%/
/dev/sd0d 1007M6.0K957M 0%/tmp
/dev/sd0e  7.9G164M7.3G 2%/usr
/dev/sd0f  7.9G2.6M7.5G 0%/var


Now, back to the topic, I kindly have two questions, to avoid mistakes
of the past:

1. The CPU is and Intel Atom D425.
   The OpenBSD manual says that "Some Intel processors lack support
   for important PAE NX bit. But I couldn't find a list of them.
   Is there a way for me to check if this one supports W^X on amd64?

2. Unfortunately this board has only 1 network card, but I need at
   least 3. Having only 1 PCI-E slot available for expansion, I am
   forced to buy a many-in-one network card. Because of budget
   issues, I have narrowed my choice to:
   - Intel Pro 1000 PT dual
   - Intel Pro 1000 VT quad
   The PT variant is listed in the (em) module documentation, but with
   no explicit reference to the dual version. The VT is not listed at
   all,  but also it is not explicitly excluded.
   Does anyone had some good or bad experiences with those cards and
   OpenBSD?

Thank you again

Gabriele

GPG Key Fingerprint:
DAD1 E3E3 C3E9 36FB C570 F405 9B5F 7108 A1D0 2FFF

Re: Can I accelerate my magnet HDD using a SSD in any way?? E.g. softraid patch/ARC, dedicated hardware e.g. Intel RCS25ZB040LX="Nytro MegaRAID", anything

[Tinker]

On 2016-02-01 22:13, andrew fabbro wrote:
On Mon, Feb 1, 2016 at 8:16 AM, patric conant 


wrote:

Why can't the solution be all flash? $400 for 1 TB flash, * 7 sata 
ports on

a decent $100 Motherboard, gets you 7TB of flash for under $3000



Well, yes, and for a few hundred thousand you can get persistent DRAM
fusion-io.

OTOH, you can get 4TB SATA drives for $250.

The OP was just pointing out that SSD-acceleted (aka SSD-cached) 
SATA/SAS

is very common in Win/Lin/OSX and was wondering what the status is on
OpenBSD.



My purpose with asking for SSD-accelerated HDD was DOUBLE:

 1) I need some SSD storage but don't like that it could break together 
- I mean, a bug in your system will feed your SSD at full bandwidth for 
~7h-7 days, it's completely fried - that's not OK, so putting a 
"redundance layer" in the from of an underlying magnet storage layer is 
really justified.


 2) I need some bulk storage, and I want the terabytes to be really 
cheap so that i NEVER will run out of archival space. An 8TB magnet HDD 
costs in the range USD 500.


Here, I like it to be stored "symmetrically" with how I store the 
other stuff, that is having separate disks, directories, mount points 
etc. for the two doesn't really appeal to me in this particular case -


Simply knowing that the less frequently accessed data will be taken 
from magnet and the more frequently accessed data from SSD seems both 
convenient and practical for my usecase, and, I'll try to have SSD 
volume to cover for *MORE THAN ALL* of my frequently stored data.


Perhaps knowing the prioritization algorithm as to be able to 
calculate more closely what's in the SSD and what's on the HDD only 
would make some sense, BUT, training it by telling it what's to load 
fast using "cat `find the-relevant-data/` > /dev/null" single-shot and 
perhaps via crontab, should deliver really well.



Tinker