Re: PC Engines APU NIC (RTL8111E) performance
On Thu, Aug 04, 2016 at 02:46:44PM +0200, Momtchil Momtchev wrote: [...] > What is the problem with software interrupt moderation? That it has a > fixed timer while the hardware one scales with the RX rate? The hardware moderation can do per-N-packets in addition to a timer. > This shouldn't > halve the performance? It should be more like 10% to 15% and some latency > benefit? I have also noticed that the TX rate is higher than the RX rate > (about 320 Mbit/s vs 260 Mbit/s). Could it be that the FreeBSD driver uses > MSI interrupts and the OpenBSD one does not? Dunno. If I knew what the cause was I'd have fixed it :-( > PS. On the APU my interrupt rate is about 6000 IRQ/s when doing 320 > MBit/s, this is one IRQ every 165us or one IRQ for about 3 or 4 packets. I > will make rl_sim_time tunable and I will test if it affects performance. I dug up my patch. If you're experimenting, making the value used to set the RL_IM register tunable then seeing what impact various values have on throughput would be interesting. Index: dev/ic/re.c === RCS file: /cvs/src/sys/dev/ic/re.c,v retrieving revision 1.192 diff -u -p -r1.192 re.c --- dev/ic/re.c 20 Apr 2016 12:15:24 - 1.192 +++ dev/ic/re.c 5 Aug 2016 00:31:04 - @@ -747,7 +747,7 @@ re_attach(struct rl_softc *sc, const cha sc->rl_flags |= RL_FLAG_PHYWAKE | RL_FLAG_PHYWAKE_PM | RL_FLAG_PAR | RL_FLAG_DESCV2 | RL_FLAG_MACSTAT | RL_FLAG_CMDSTOP | RL_FLAG_AUTOPAD | RL_FLAG_JUMBOV2 | - RL_FLAG_WOL_MANLINK; + RL_FLAG_WOL_MANLINK | RL_FLAG_HWIM; sc->rl_max_mtu = RL_JUMBO_MTU_9K; break; case RL_HWREV_8168E_VL: @@ -821,13 +821,19 @@ re_attach(struct rl_softc *sc, const cha /* Reset the adapter. */ re_reset(sc); - sc->rl_tx_time = 5; /* 125us */ - sc->rl_rx_time = 2; /* 50us */ - if (sc->rl_flags & RL_FLAG_PCIE) - sc->rl_sim_time = 75; /* 75us */ - else - sc->rl_sim_time = 125; /* 125us */ - sc->rl_imtype = RL_IMTYPE_SIM; /* simulated interrupt moderation */ + if (sc->rl_flags & RL_FLAG_HWIM) { + /* hardware interrupt moderation */ + sc->rl_imtype = RL_IMTYPE_HW; + sc->rl_tx_time = 5; /* 125us */ + sc->rl_rx_time = 2; /* 50us */ + } else { + /* simulated interrupt moderation */ + sc->rl_imtype = RL_IMTYPE_SIM; + if (sc->rl_flags & RL_FLAG_PCIE) + sc->rl_sim_time = 75; /* 75us */ + else + sc->rl_sim_time = 125; /* 125us */ + } if (sc->sc_hwrev == RL_HWREV_8139CPLUS) sc->rl_bus_speed = 33; /* XXX */ @@ -2233,6 +2239,8 @@ re_stop(struct ifnet *ifp) void re_setup_hw_im(struct rl_softc *sc) { + u_int16_t im; + KASSERT(sc->rl_flags & RL_FLAG_HWIM); /* @@ -2258,11 +2266,15 @@ re_setup_hw_im(struct rl_softc *sc) * Currently we only know how to set 'timer', but not * 'number of packets', which should be ~30, as far as I * tested (sink ~900Kpps, interrupt rate is 30KHz) -*/ - CSR_WRITE_2(sc, RL_IM, - RL_IM_RXTIME(sc->rl_rx_time) | - RL_IM_TXTIME(sc->rl_tx_time) | - RL_IM_MAGIC); +* +* According to the Linux driver, supposedly: +* (TxTimer << 12) | (TxPackets << 8) | (RxTimer << 4) | RxPackets +* Linux uses hard coded 0x5151. +*/ + im = RL_IM_TXTIME(sc->rl_tx_time) | RL_IM_TXPKTS(4) | + RL_IM_RXTIME(sc->rl_rx_time) | RL_IM_RXPKTS(4); + printf("setting interrupt moderation %hx\n", im); /* XXX */ + CSR_WRITE_2(sc, RL_IM, im); } void Index: dev/ic/rtl81x9reg.h === RCS file: /cvs/src/sys/dev/ic/rtl81x9reg.h,v retrieving revision 1.98 diff -u -p -r1.98 rtl81x9reg.h --- dev/ic/rtl81x9reg.h 20 Apr 2016 12:15:24 - 1.98 +++ dev/ic/rtl81x9reg.h 5 Aug 2016 00:31:04 - @@ -570,7 +570,9 @@ #define RL_IM_MAGIC0x5050 #define RL_IM_RXTIME(t)((t) & 0xf) +#define RL_IM_RXPKTS(t)(((t) & 0xf) << 4) #define RL_IM_TXTIME(t)(((t) & 0xf) << 8) +#define RL_IM_TXPKTS(t)(((t) & 0xf) << 12) struct rl_chain_data { u_int16_t cur_rx; -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Re: [Job] Security Architect, Edinburgh, Scotland - £50k+
At first I though it was spam, then I notice it was addressed to misc. Oh, okay.
[Job] Security Architect, Edinburgh, Scotland - ?50k+
Hello, This has been repeatedly advertised over the last few weeks;- http://www.JobServe.Co.UK/Eo4Sa I've no connection with it, or the agency, but it might be somebody's cup of tea. Usual British hours are 37.5/week, ~30 days paid holiday & monthly pay.
Re: How to configure OpenBSD L2TP/IPSEC VPN to work with Windows 10?
ike passive esp transport proto udp from egress to 0.0.0.0/0 port 1701 \ main auth hmac-sha1 enc 3des group modp2048 \ quick auth hmac-sha1 enc 3des psk "YOURSECRET" You are welcome (: 2016-08-04 13:15 GMT-03:00 Sebastian Wain: > I can't figure out how to make an OpenBSD VPN work. I followed the guide at > [1] to set up > a VPN, modified the network interface there to tun0 instead of pppoe0, and > didn't > configure the pf.conf. When I tried to connect from Win10 using the > "L2TP/IPsec with pre-shared key" VPN type I see the issues below in phase > 2: > > Thanks > Sebastian > > [1] http://blog.fuckingwith.it/2015/08/openbsd-l2tpipsec-vpn- > works-with.html > > Aug 3 responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: > initiator id 192.168.0.129, responder id 192.168.0.253 > Aug 3 11:17:13 fw isakmpd[7947]: dropped message from 192.168.0.129 > port 500 due to notification type INVALID_ID_INFORMATION > Aug 3 11:17:14 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id > 192.168.0.253 > Aug 3 11:17:14 fw isakmpd[7947]: dropped message from 192.168.0.129 > port 500 due to notification type INVALID_ID_INFORMATION > Aug 3 11:17:15 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id > 192.168.0.253 > Aug 3 11:17:15 fw isakmpd[7947]: dropped message from 192.168.0.129 > port 500 due to notification type INVALID_ID_INFORMATION > Aug 3 11:17:18 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id > 192.168.0.253 > Aug 3 11:17:18 fw isakmpd[7947]: dropped message from 192.168.0.129 > port 500 due to notification type INVALID_ID_INFORMATION > Aug 3 11:17:25 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id > 192.168.0.253 > Aug 3 11:17:25 fw isakmpd[7947]: dropped message from 192.168.0.129 > port 500 due to notification type INVALID_ID_INFORMATION > Aug 3 11:17:40 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id > 192.168.0.253 > Aug 3 11:17:40 fw isakmpd[7947]: dropped message from 192.168.0.129 > port 500 due to notification type INVALID_ID_INFORMATION > Aug 3 11:17:55 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id > 192.168.0.253 > Aug 3 11:17:55 fw isakmpd[7947]: dropped message from 192.168.0.129 > port 500 due to notification type INVALID_ID_INFORMATION > Aug 3 11:18:38 fw isakmpd[7947]: transport_send_messages: giving up on > exchange peer-default, no response from peer 192.168.0.129:500
Re: Weird cursor problem
Just to clarify, I see the left-pointing hand, but that's just a symptom, I can't do anything with the mouse like use the pager or any other application. Cursor movement isn't restricted to one window. I get out of it by using the keyboard shortcuts of Ctrl-arrow which normally jumps to another pane in the pager. So ctrl-right, ctrl-left and I'm usually back where I started with the problem cleared. I use fvwm which is the default window manager. I don't know what the version history of that is but it could be the problem. > It would be helpful if I could get the synaptics driver running first. ;) > The problem is I am unsure what kind of driver my touchpad uses, and > xinput reveals this: Take a look at the mouse stuff in your /var/log/Xorg.0.log, it should show you what mouse driver you're using. I know what you mean, I've gone to great lengths to turn off "tap to click" in a few laptops. With my current Dell Latitude D530 it defaults to off, at least I couldn't find where I'm turning it off and I don't remember doing it. I don' t have an Xorg.conf, everything works (almost) perfectly without one. I am using the synaptics driver and no tap to click. It was just the default. -- Credit is the root of all evil. - AB1JX
How to configure OpenBSD L2TP/IPSEC VPN to work with Windows 10?
I can't figure out how to make an OpenBSD VPN work. I followed the guide at [1] to set up a VPN, modified the network interface there to tun0 instead of pppoe0, and didn't configure the pf.conf. When I tried to connect from Win10 using the "L2TP/IPsec with pre-shared key" VPN type I see the issues below in phase 2: Thanks Sebastian [1] http://blog.fuckingwith.it/2015/08/openbsd-l2tpipsec-vpn-works-with.html Aug 3 responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id 192.168.0.253 Aug 3 11:17:13 fw isakmpd[7947]: dropped message from 192.168.0.129 port 500 due to notification type INVALID_ID_INFORMATION Aug 3 11:17:14 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id 192.168.0.253 Aug 3 11:17:14 fw isakmpd[7947]: dropped message from 192.168.0.129 port 500 due to notification type INVALID_ID_INFORMATION Aug 3 11:17:15 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id 192.168.0.253 Aug 3 11:17:15 fw isakmpd[7947]: dropped message from 192.168.0.129 port 500 due to notification type INVALID_ID_INFORMATION Aug 3 11:17:18 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id 192.168.0.253 Aug 3 11:17:18 fw isakmpd[7947]: dropped message from 192.168.0.129 port 500 due to notification type INVALID_ID_INFORMATION Aug 3 11:17:25 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id 192.168.0.253 Aug 3 11:17:25 fw isakmpd[7947]: dropped message from 192.168.0.129 port 500 due to notification type INVALID_ID_INFORMATION Aug 3 11:17:40 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id 192.168.0.253 Aug 3 11:17:40 fw isakmpd[7947]: dropped message from 192.168.0.129 port 500 due to notification type INVALID_ID_INFORMATION Aug 3 11:17:55 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id 192.168.0.253 Aug 3 11:17:55 fw isakmpd[7947]: dropped message from 192.168.0.129 port 500 due to notification type INVALID_ID_INFORMATION Aug 3 11:18:38 fw isakmpd[7947]: transport_send_messages: giving up on exchange peer-default, no response from peer 192.168.0.129:500
Re: write all files in /mnt to usb using dd
I mis-understood your first post, Teng. The .iso image confused me and I thought you were trying to write to optical media. It sounds like you needed to simply mount the USB removable mass storage to /mnt. Oddly enough, I can't find a directly relevant entry for this in the OpenBSD FAQ to link to, though it seems like a common-enough task. I'll outline some simple steps for you (and maybe submit a diff for the Multimedia FAQ with some more refinement). Typically, /mnt doesn't have any files in it before you mount it. You should move them somewhere else to avoid confusion. Use disklabel(8) to determine the partition you want to mount. Many pre-formatted USB drives have a MSDOS/FAT filesystem on partition i. For example, on my laptop, the USB stick I inserted showed up as sd2, since sd1 is taken by the built-in media card reader. disklabel shows two entries (c is always a meta-partition that means "whole disk") and the one I want to mount is sd2i. [axon@zodiac ~]$ doas disklabel sd2 # /dev/rsd2c: type: SCSI disk: SCSI disk label: Windrunner duid: flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 7 total sectors: 118672 boundstart: 0 boundend: 118672 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] c: 1186720 unused i: 118543 32 MSDOS [axon@zodiac ~]$ doas mount /dev/sd2i /mnt As you can see below, /mnt is on /dev/sd2i and ready to use. [axon@zodiac ~]$ df -h Filesystem SizeUsed Avail Capacity Mounted on /dev/sd0a 8.2G7.3G533M93%/ /dev/sd0l 59.6G4.1G 52.5G 7%/home /dev/sd2i 57.8M 30.4M 27.4M53%/mnt [axon@zodiac ~]$ Any files you copy to /mnt ought to show up on the removable media now. Remember to umount /mnt when you're done. As Ted stated, you may also wish to use tar to archive files to external media instead. On Thu, Aug 4, 2016 at 8:21 AM, Teng Zhangwrote: > excellent idea! > i bought two DVD+R discs,and storage 01.iso using the way you told me > (the FAQ), it works fine. Thank you very much for your advice. > And at the same time,i realize that the DVD+RW actually can replace the > USB at > least in terms of storaging files(because they can both be written a > thousound > times) > > > On 08/04/16 10:15, Noah wrote: > > If you look carefully at the man page for dd(1), you'll see that you can > use it to write an image file directly to the block device. This is good > for writing the contents of installXX.fs to a USB stick, or for making > images of removable media. It's not the recommended way to burn an ISO to > optical media, though. > > The steps you're looking for are outlined nicely in the FAQ: > http://www.openbsd.org/faq/faq13.html#burnCD > The man pages for mkhybrid(8) and cdio(1) are also worth a look. > > To directly answer your question, the steps you likely need to take > (assuming your burner is cd1... you didn't paste your entire dmesg, so I > can't tell what we're dealing with here): > > mkhybrid -R -o 01.iso /mnt > cdio -f cd1c tao 01.iso > > On Wed, Aug 3, 2016 at 8:43 PM, Teng Zhang wrote: > >> hi, i want to write all files in /mnt to usb,so i issued the command: >> >> doas dd if=/mnt of=/dev/rsd1c bs=5M >> >> but it failed. I'm not pretty understand the way to operate dd, so >> could you please tell me how can i operate it to write the files to >> usb? >> Some information about my system: >> >> the files in /mnt is created like this: >> >> $ doas vnconfig vnd0 01.iso >> $ doas mount /dev/vnd0c /mnt >> >> $ uname -a >> OpenBSD zhangteng.my.domain 5.9 GENERIC.MP#1888 amd64 >> >> $ mount >> /dev/sd0a on / type ffs (local) >> /dev/sd0m on /home type ffs (local, nodev, nosuid) >> /dev/sd0d on /tmp type ffs (local, nodev, nosuid) >> /dev/sd0f on /usr type ffs (local, nodev) >> /dev/sd0g on /usr/X11R6 type ffs (local, nodev) >> /dev/sd0h on /usr/local type ffs (local, nodev) >> /dev/sd0l on /usr/obj type ffs (local, nodev, nosuid) >> /dev/sd0k on /usr/src type ffs (local, nodev, nosuid) >> /dev/sd0e on /var type ffs (local, nodev, nosuid) >> /dev/vnd0c on /mnt type cd9660 (local, read-only) >> >> dmesg: >> umass0 at uhub2 port 1 configuration 1 interface 0 "SanDisk Cruzer Edge" >> rev 2.10/1.00 addr 3 >> umass0: using SCSI over Bulk-Only >> scsibus2 at umass0: 2 targets, initiator 0 >> sd1 at scsibus2 targ 1 lun 0: SCSI4 0/direct >> removable serial.0781556b970715105252 >> sd1: 7632MB, 512 bytes/sector, 15630336 sectors
Re: PC Engines APU NIC (RTL8111E) performance
On 04/08/16 09:13, Darren Tucker wrote: On Wed, Aug 3, 2016 at 8:07 PM, Momtchil Momtchevwrote: Does anyone with a working knowledge of re(4) have any idea why the PC Engines APU NICs perform so poorly in OpenBSD? Most likely lack of hardware interrupt moderation in the driver. There's code in re_setup_hw_im() that looks like might do something plausible with the interrupt moderation register but AFAICT it'll never be called because rl_imtype is always set to "RL_IMTYPE_SIM". What is the problem with software interrupt moderation? That it has a fixed timer while the hardware one scales with the RX rate? This shouldn't halve the performance? It should be more like 10% to 15% and some latency benefit? I have also noticed that the TX rate is higher than the RX rate (about 320 Mbit/s vs 260 Mbit/s). Could it be that the FreeBSD driver uses MSI interrupts and the OpenBSD one does not? PS. On the APU my interrupt rate is about 6000 IRQ/s when doing 320 MBit/s, this is one IRQ every 165us or one IRQ for about 3 or 4 packets. I will make rl_sim_time tunable and I will test if it affects performance.
Re: Encrypting carp traffic with ipsec
On Tue 2.Aug'16 at 7:54:08 +, C. L. Martinez wrote: > On Mon 1.Aug'16 at 7:54:57 +, C. L. Martinez wrote: > > On Fri 29.Jul'16 at 10:55:01 +0300, Kapetanakis Giannis wrote: > > > On 28/07/16 22:47, C. L. Martinez wrote: > > > > Hi all, > > > > > > > > I will try to encrypt all carp traffic between two OpenBSD 5.9 fws > > > > (fully patched). According to ifconfig(8) man page: > > > > > > > > carppeer peer_address > > > > Send the carp advertisements to a specified point-to-point peer or > > > > multicast group instead of sending the messages to the default carp > > > > multicast group. The peer_address is the IP address of the other host > > > > taking part in the carp cluster. With this option, carp(4) traffic can > > > > be protected using ipsec(4) and it may be desired in networks that do > > > > not allow or have problems with IPv4 multicast traffic. > > > > > > > > And the last sentence describes the type of problem that I want to > > > > avoid: "carp(4) traffic can be protected using ipsec(4) and it may be > > > > desired in networks that do not allow or have problems with IPv4 > > > > multicast traffic". > > > > > > > > But I don't see how to implement this feature. If I am not wrong, I > > > > need to configure ipsec in transport mode. But how to encrypt carp > > > > protocol only and keep all others services and protocols out of ipsec > > > > tunnels?? > > > > > > > > Any tip or sample?? > > > > > > > > > > > > > check proto (from protocol) in ipsec.conf(5) > > > > > > G > > > > > > > Ok, after doing several tests these days, I have configured ipsec.conf > > instead of iked.conf. But carp interfaces remains in MASTER mode in both > > firewalls: > > > > FwA: > > > > carp0: flags=8843mtu 1500 > > lladdr 01:00:5e:00:01:01 > > priority: 15 > > carp: carpdev vio0 advbase 1 balancing ip carppeer 172.22.55.13 > > state MASTER vhid 1 advskew 100 > > state MASTER vhid 2 advskew 0 > > groups: carp > > status: master > > inet 172.22.55.14 netmask 0x19f0 broadcast 172.22.247.15 > > carp1: flags=8843 mtu 1500 > > lladdr 01:00:5e:00:01:03 > > priority: 15 > > carp: carpdev vio1 advbase 1 balancing ip carppeer 172.30.77.3 > > state MASTER vhid 3 advskew 100 > > state MASTER vhid 4 advskew 0 > > groups: carp > > status: master > > inet 172.30.77.1 netmask 0xfff8 broadcast 172.30.77.7 > > > > > > > > > > FwB: > > > > carp0: flags=8843 mtu 1500 > > lladdr 01:00:5e:00:01:01 > > priority: 15 > > carp: carpdev vio0 advbase 1 balancing ip carppeer 172.22.55.12 > > state MASTER vhid 1 advskew 0 > > state MASTER vhid 2 advskew 100 > > groups: carp > > status: master > > inet 172.22.55.14 netmask 0x19f0 broadcast 172.22.247.15 > > carp1: flags=8843 mtu 1500 > > lladdr 01:00:5e:00:01:03 > > priority: 15 > > carp: carpdev vio1 advbase 1 balancing ip carppeer 172.30.77.2 > > state MASTER vhid 3 advskew 0 > > state MASTER vhid 4 advskew 100 > > groups: carp > > status: master > > inet 172.30.77.1 netmask 0xfff8 broadcast 172.30.77.7 > > > > > > IPsec flows are established in both firewalls: > > > > FwA: > > > > FLOWS: > > flow esp in proto carp from 172.22.57.3 to 172.22.57.2 peer 172.22.57.3 > > srcid 172.22.57.2/32 dstid 172.22.57.3/32 type use > > flow esp out proto carp from 172.22.57.2 to 172.22.57.3 peer 172.22.57.3 > > srcid 172.22.57.2/32 dstid 172.22.57.3/32 type require > > flow esp in proto carp from 172.22.58.3 to 172.22.58.2 peer 172.22.58.3 > > srcid 172.22.58.2/32 dstid 172.22.58.3/32 type use > > flow esp out proto carp from 172.22.58.2 to 172.22.58.3 peer 172.22.58.3 > > srcid 172.22.58.2/32 dstid 172.22.58.3/32 type require > > flow esp in proto carp from 172.22.55.13 to 172.22.55.12 peer 172.22.55.13 > > srcid 172.22.55.12/32 dstid 172.22.55.13/32 type use > > flow esp out proto carp from 172.22.55.12 to 172.22.55.13 peer 172.22.55.13 > > srcid 172.22.55.12/32 dstid 172.22.55.13/32 type require > > flow esp in proto carp from 172.30.77.3 to 172.30.77.2 peer 172.30.77.3 > > srcid 172.30.77.2/32 dstid 172.30.77.3/32 type use > > flow esp out proto carp from 172.30.77.2 to 172.30.77.3 peer 172.30.77.3 > > srcid 172.30.77.2/32 dstid 172.30.77.3/32 type require > > flow esp in proto carp from 172.22.54.3 to 172.22.54.2 peer 172.22.54.3 > > srcid 172.22.54.2/32 dstid 172.22.54.3/32 type use > > flow esp out proto carp from 172.22.54.2 to 172.22.54.3 peer 172.22.54.3 > > srcid 172.22.54.2/32 dstid 172.22.54.3/32 type require > > flow esp in proto carp from 172.22.56.3 to
Best way to hardware AES.
I'm thinking about getting some intel or sparc system with AES hardware. What would be the cleanest way to access the Open Cryptographic Framework to access the hardware. I'm writing in C. I'd like to do 256 bit aes-ctr or preferably aes-gcm and use ultrasparc T2 and above, slightly older Xeons or i7s. I'm looking at using openssl/evp.h, but would it be better to do some sort of internal ssl session for what would mostly be an app with pre-shared symmetric keys?
Re: Install OpenBSD on disks larger than 2TB
Am 08/04/16 um 12:20 schrieb Leo Unglaub: > yes, thats true and it works fine. The problem here seams to be the raid > 1. Booting from an Raid 1 with disks larger than 2 TB seams to be > broken. Maybe its not intended to work, but i am unable to find a hint > about that in the bioctl,bio,softraid manual page. (Maybe thats the > wrong place?) > > Greetings > Leo > Works for me: ~ $ sudo disklabel -p m sd2 # /dev/rsd2c: type: SCSI disk: SCSI disk label: SR RAID 1 duid: 7e4e73c2d1d85347 flags: bytes/sector: 512 sectors/track: 255 tracks/cylinder: 511 sectors/cylinder: 130305 cylinders: 44975 total sectors: 5860532576 # total bytes: 2861588.2M boundstart: 256 boundend: 5860532576 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a: 5153.5M 256 4.2BSD 2048 163841 # / b: 8144.1M 10554688swap # none c: 2861588.2M0 unused d: 15397.4M 27233760 4.2BSD 2048 163841 # /usr e: 5090.0M 58767552 4.2BSD 2048 163841 # /tmp f: 10180.1M 69191936 4.2BSD 2048 163841 # /home g: 51154.9M 90040736 4.2BSD 2048 163841 # /var h:921551.5M194806016 4.2BSD 8192 655361 # /var/www i:921551.6M 2082143488 4.2BSD 8192 655361 # /mail j:923364.9M 3969481088 4.2BSD 8192 655361 # /dumps hth, Marc
Re: Install OpenBSD on disks larger than 2TB
Hey, On 07/29/16 18:13, Noth wrote: OpenBSD can boot off UEFI & GPT since 5.9. Are you booting on MBR or UEFI? yes, thats true and it works fine. The problem here seams to be the raid 1. Booting from an Raid 1 with disks larger than 2 TB seams to be broken. Maybe its not intended to work, but i am unable to find a hint about that in the bioctl,bio,softraid manual page. (Maybe thats the wrong place?) Greetings Leo
Re: lyrics.html nit.
this is what i hear: -With twitchy fingers on flashing keys +Twitchy fingers, flashing keys -always claiming "it was just a prank!" +Claiming "it was just a prank!" regards, michal bozon
Re: ksh, PS1 and PWD
If you like it coloured, and also would appreciate to know which terminal you're in, here's my way: TTY=$(tty) TTY=${TTY##*/} export PS1="\[\e[32;1m\][\[\e[31;1m\]\u\[\e[32;1m\]@\h:\[\e[36;1m\]$TTY\[\e[32;1m\]:\[\e[34;1m\]\w\[\e[32;1m\]] " I usually put this in /etc/profile so that I have it system-wide.
Re: ksh, PS1 and PWD
Hi Uwe, On 2016-08-04 Thu 00:19 AM |, Uwe Werler wrote: > > PS1='\h:$(_pwd)\\$ ' > You may have already seen this in ksh(1): PS1 ... \W The basename of the current working directory. $HOME is abbreviated as `~'. e.g: PS1="<\u@\h:\W \j> \\$ "$ sleep 5 & [1] 24386 $ cd /var/unbound $ print $PS1 <\u@\h:\W \j>\$ Cool, -- Craig Skinner | http://linkd.in/yGqkv7
Re: PC Engines APU NIC (RTL8111E) performance
On Wed, Aug 3, 2016 at 8:07 PM, Momtchil Momtchevwrote: > Does anyone with a working knowledge of re(4) have any idea why the PC > Engines APU NICs perform so poorly in OpenBSD? Most likely lack of hardware interrupt moderation in the driver. There's code in re_setup_hw_im() that looks like might do something plausible with the interrupt moderation register but AFAICT it'll never be called because rl_imtype is always set to "RL_IMTYPE_SIM". I tried to get hardware interrupt moderation working a while back but it didn't seem to make a difference (which is probably an indication that I did something wrong). I could dig up the patch if you'd like to try it. The other thing to be aware of is that if you're following current, POOL_DEBUG is usually set in your config, which will be quite expensive when pushing packets. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Re: write all files in /mnt to usb using dd
Hi, What are you trying to do? If you're after files which are on the ISO image, then cp(1) will do just fine - simply mount the USB disk and copy the files. Unless of course, you're trying to create a bootable USB stick out of a bootable ISO image - neither cp(1) nor tar(1) will do the job in this case and you will need to use dd(1). Again, if this is indeed the case, *and* you are trying to create a bootable OpenBSD USB install medium, ISO won't work in this case - you'll need to use either the minirootXX.fs or installXX.fs images[0] Regards, Raf [0] http://www.openbsd.org/faq/faq4.html#MkInsMedia On Thu, Aug 04, 2016 at 02:43:20AM BST, Teng Zhang wrote: > hi, i want to write all files in /mnt to usb,so i issued the command: > > doas dd if=/mnt of=/dev/rsd1c bs=5M > > but it failed. I'm not pretty understand the way to operate dd, so > could you please tell me how can i operate it to write the files to > usb? > Some information about my system: > > the files in /mnt is created like this: > > $ doas vnconfig vnd0 01.iso > $ doas mount /dev/vnd0c /mnt > > $ uname -a > OpenBSD zhangteng.my.domain 5.9 GENERIC.MP#1888 amd64 > > $ mount > /dev/sd0a on / type ffs (local) > /dev/sd0m on /home type ffs (local, nodev, nosuid) > /dev/sd0d on /tmp type ffs (local, nodev, nosuid) > /dev/sd0f on /usr type ffs (local, nodev) > /dev/sd0g on /usr/X11R6 type ffs (local, nodev) > /dev/sd0h on /usr/local type ffs (local, nodev) > /dev/sd0l on /usr/obj type ffs (local, nodev, nosuid) > /dev/sd0k on /usr/src type ffs (local, nodev, nosuid) > /dev/sd0e on /var type ffs (local, nodev, nosuid) > /dev/vnd0c on /mnt type cd9660 (local, read-only) > > dmesg: > umass0 at uhub2 port 1 configuration 1 interface 0 "SanDisk Cruzer Edge" rev > 2.10/1.00 addr 3 > umass0: using SCSI over Bulk-Only > scsibus2 at umass0: 2 targets, initiator 0 > sd1 at scsibus2 targ 1 lun 0:SCSI4 0/direct > removable serial.0781556b970715105252 > sd1: 7632MB, 512 bytes/sector, 15630336 sectors