Re: ARM64:s finally on the market, and flooding it. OpenBSD support?
Hi team, maybe it would be a great thing if you would be able to create a list of hw developpers would be interested to develop. so any sysadmin would know what is needed for openbsd devs and send out hw to dev team. In such list i would like to see model, web to buy and a price. Thank you, sorry for spam ;] On Thu, 22 Sep 2016 22:07 Chris Cappuccio, wrote: > Tinker [ti...@openmailbox.org] wrote: > > The market is finally being flooded with ARM64:s. And some of them are > > inexpensive. > > > > I guess AllWinner A64/H64 will be the most ubiquitous one as the chip > > is/soon will be something like 5 USD. > > The Allwinner 64-bit parts are supported under 32-bit mode on armv7. > > Chris > > -- Ruslanas Gžibovskis +370 6030 7030 RHCE: 130-192-255
Re: Dual booting - can't boot OpenBSD from Windows 10 bootloader
On Fri, Sep 23, 2016 at 09:56:27PM +0200, Karel Gardas wrote: > On Fri, Sep 23, 2016 at 9:50 PM, Fred wrote: > > > > Or run it all on OpenBSD and run Windows and Linux in qemu from ports. > > > > Works for me ;~) > > How is it looking with performance difference of such combo host > versus guest? OP would like to run Xilinx ISE which is CPU/RAM hog > enough even on the fastest machines so running this in Qemu, hmm... > Given that it's software it'd be pretty abysmal. You'd want a Windows or Linux host with the other two in VMs. Personally I just triple boot using LILO for chainloading and it works fine, even with the OpenBSD partition past 128GB. (Sorry about the direct reply Karel, didn't pay attention to the To field.)
Re: FW Hardware
On Thu, 22 Sep 2016 15:29:12 -0400 Eike Lantzsch wrote: > or for a little more you get > PC Engines APU.2C2 > which is amd64, has far more RAM and three Gigabit-ports. > Interfaces: Realtek 8168 Or if you are patient, and need multiple SIM cards, you can wait for the APU3a4 or 3a2: http://www.pcengines.ch/apu3a4.htm > Look for a Bundle; it includes board, wallwart, memory-card and > cabinet. Cabinet has lower profile than the one for ALIX, only 168 x > 157 x 30 mm It will help to buy the antennae as well.
Re: SNMPD Source Address Issues
On 2016-09-23, a...@brandwatch.com wrote: >>> We tried setting "listen on $IP_Lo1" etc, and this seemed to work, but it >>> is unstable. That is, occasionally packets start being sourced from the >>> egress interface again when something changes until snmpd is restarted. >> >> I don't understand why binding on a loopback doesn't work. What is >> "when something changes" here? > > I haven't been able to figure that out yet. We have about 20 OpenBSD boxes, > and at some point or another, seemingly randomly, our monitoring system looses > connection to snmpd as it starts responding with the egress IP again and not > its loop back. That's odd, loopbacks work reliably for me and I see no reason for them to fail. (otoh I *would* expect binding to 0.0.0.0 to have problems, also snmpd can't do dual-stack v4+6). > And we still have the trap source IP problem as the monitoring system > (Observium) recognises the device by its loopback. In the absence of proper support, this could be worked around with pf nat rules.
Re: SNMPD Source Address Issues
Sent from a teeny tiny keyboard, so please excuse typos > On 23 Sep 2016, at 20:24, Jeremie Courreges-Anglas wrote: > > Andy Lemin writes: > >> Hi, >> >> TLDR; Is there a way of fixing the "source address" that SNMPD should use? >> >> >> We are having issues with reply snmpd packets sourcing from the egress >> interface and not the loopback interface which the poll request was sent to >> :( >> >> We have many GRE tunnels and various routes which traffic can take to and >> from our OpenBSD boxes. As such we poll the loopback interfaces instead of >> a specific interface, however the snmpwalk replies reply with the source IP >> of the egress interface and not the IP which was connected to. >> >> We tried setting "listen on $IP_Lo1" etc, and this seemed to work, but it >> is unstable. That is, occasionally packets start being sourced from the >> egress interface again when something changes until snmpd is restarted. > > I don't understand why binding on a loopback doesn't work. What is > "when something changes" here? I haven't been able to figure that out yet. We have about 20 OpenBSD boxes, and at some point or another, seemingly randomly, our monitoring system looses connection to snmpd as it starts responding with the egress IP again and not its loop back. It's happened on about 4 or 5 out of the 20 so far. Restarting snmpd fixes it each time. And we still have the trap source IP problem as the monitoring system (Observium) recognises the device by its loopback. > >> Also traps are always sourced from the Egress interface regardless of >> "listen on", however our monitoring system only knows about the loopback >> interface and so the traps are dropped. >> >> Cheers, Andy. > > -- > jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Lenovo IdeaPad N22 OpenBSD Report
I just picked up an inexpensive Lenovo IdeaPad N22 from their outlet store and found that it runs OpenBSD quite nicely. It cost me $185 delivered to my door. I picked up another inexpensive Lenovo system last year and it was a terrible experience. This is a Braswell based system with a Celeron N3050 paired with 4GB of memory and 32GB of eMMC storage. I finally figured out that the BIOS is accessible via F2. I disabled Secure Boot and then did the install with a USB stick that I manually setup for UEFI booting and the install sets. I also configured softraid(4) crypto while I was at it. I used a USB Ethernet adapter to install the required firmware for iwm(4) to function and it also pulled in uvideo(4) firmware as well. Since there is no inteldrm(4) support at this point, I am using wsfb(4) which works along with efifb(4) for Xorg. My dmesg is below along with my xorg.conf and the modified auto partition layout I went with. I did see a few fatal firmware errors from iwm(4) but it seems to work fine after those errors. There is a slightly nicer model that includes 128GB of SATA storage and a slightly updated Celeron N3160 which might be an even better OpenBSD system since 32GB of storage can be a little tight. Both of these systems are the Windows 10 Home 64 models, not the Chromebook models. If someone is looking for a very inexpensive OpenBSD laptop, this is a pretty decent choice. Bryan OpenBSD 6.0-current (GENERIC.MP) #2485: Fri Sep 23 00:23:06 MDT 2016 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4117872640 (3927MB) avail mem = 3988566016 (3803MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0x77429000 (61 entries) bios0: vendor Lenovo version "0YCN17WW" date 03/31/2016 bios0: LENOVO 80S6 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP UEFI MCFG SSDT SSDT SSDT SSDT SSDT APIC UEFI MSDM BATB FPDT UEFI BGRT tCSR acpi0: wakeup devices XHC1(S4) BRC1(S0) PXSX(S4) PXSX(S4) PXSX(S4) PXSX(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimcfg0 at acpi0 addr 0xe000, bus 0-63 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz, 2160.40 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT cpu0: 1MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 79MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0.0.3.3, IBE cpu1 at mainbus0: apid 4 (application processor) cpu1: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz, 2160.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT cpu1: 1MB 64b/line 16-way L2 cache cpu1: smt 0, core 2, package 0 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 115 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (RP01) acpiprt2 at acpi0: bus -1 (RP02) acpiprt3 at acpi0: bus 2 (RP03) acpiprt4 at acpi0: bus -1 (RP04) acpiec0 at acpi0 acpicpu0 at acpi0 C2: state 6: substate 8 >= num 3 C3: state 7: substate 4 >= num 3: C1(1000@1 mwait.1), PSS acpicpu1 at acpi0 C2: state 6: substate 8 >= num 3 C3: state 7: substate 4 >= num 3: C1(1000@1 mwait.1), PSS acpipwrres0 at acpi0: CLK0 acpipwrres1 at acpi0: CLK1 acpipwrres2 at acpi0: ID3C, resource for ISP3 acpipwrres3 at acpi0: USBC, resource for XHC1 acpipwrres4 at acpi0: FN00, resource for FAN0 acpitz0 at acpi0: critical temperature is 90 degC acpibat0 at acpi0: BAT1 model "CRB Battery 1" serial Battery 1 type Real oem "-Real Battery 1-" "VPC2004" at acpi0 not configured "PNP0501" at acpi0 not configured "MSFT0001" at acpi0 not configured "SYN2F02" at acpi0 not configured sdhc0 at acpi0: SDHA addr 0x91319000/0x1000 irq 45 sdhc0: SDHC 3.0, 200 MHz base clock sdmmc0 at sdhc0: 8-bit, sd high-speed, mmc high-speed, dma sdhc1 at acpi0: SDHB addr 0x91317000/0x1000 irq 46 sdhc1: SDHC 3.0, 200 MHz base clock sdmmc1 at sdhc1: 4-bit, sd high-speed, mmc high-speed, dma acpiac0 at acpi0: AC unit online acpibtn0 at acpi0: LID0 acpibtn1 at acpi0: PWRB "INT3400" at acpi0 not configured "INT3403" at acpi0 not configured "PNP0C0B" at acpi0 not configured acpivideo0 at acpi0: GFX0 acpivout0 at acpivideo0: DD1F cpu0: Enhanced SpeedStep 2160 MHz: speeds: 1601, 1600, 1520, 1440, 1360, 1280, 1200, 1120, 1040, 960, 880, 800, 720, 640, 560, 480 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel Braswell Host" rev 0x21 "Intel HD Graphics" rev 0x21 at pci0 dev 2 fu
Re: Dual booting - can't boot OpenBSD from Windows 10 bootloader
On Fri, Sep 23, 2016 at 9:50 PM, Fred wrote: > > Or run it all on OpenBSD and run Windows and Linux in qemu from ports. > > Works for me ;~) How is it looking with performance difference of such combo host versus guest? OP would like to run Xilinx ISE which is CPU/RAM hog enough even on the fastest machines so running this in Qemu, hmm...
Re: Dual booting - can't boot OpenBSD from Windows 10 bootloader
On 09/23/16 13:28, yra ten wrote: I've been looking for a solution, and then stumbled on this: https://marc.info/?l=openbsd-misc&m=138477729520448&w=2 So it looks like OpenBSD's bootloader needs too be in first 128 GB of the disk. As for dualbooting I want to use OpenBSD but I'll sonn start college, and we have digital logic class in firs semester, and I will be required to use Xilinx ISE on their machines so I want to have it on my PC too. As far as I know Xilinx ISE supports only Windows and Linux, and OpenBSD 6.0 no longer supports linux_compat, so that's why I went with dual booting. Or run it all on OpenBSD and run Windows and Linux in qemu from ports. Works for me ;~) Fred
Re: SNMPD Source Address Issues
Andy Lemin writes: > Hi, > > TLDR; Is there a way of fixing the "source address" that SNMPD should use? > > > We are having issues with reply snmpd packets sourcing from the egress > interface and not the loopback interface which the poll request was sent to > :( > > We have many GRE tunnels and various routes which traffic can take to and > from our OpenBSD boxes. As such we poll the loopback interfaces instead of > a specific interface, however the snmpwalk replies reply with the source IP > of the egress interface and not the IP which was connected to. > > We tried setting "listen on $IP_Lo1" etc, and this seemed to work, but it > is unstable. That is, occasionally packets start being sourced from the > egress interface again when something changes until snmpd is restarted. I don't understand why binding on a loopback doesn't work. What is "when something changes" here? > Also traps are always sourced from the Egress interface regardless of > "listen on", however our monitoring system only knows about the loopback > interface and so the traps are dropped. > > Cheers, Andy. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
ftp5.usa.openbsd.org going down Saturday September 24th at 10pm - Back Sunday morning
Due to a power outage happening this Sunday morning, ftp5.usa.openbsd.org will be going down around 10pm EDT (UTC-4) on Saturday September 24th. I will bring it back up when the power comes back at 9:30am EDT on Sunday September 25th, so it should be back up by 11am EDT. FYI --Kurt Mosiejczuk
Re: FW Hardware
I have 2 ALIX.2D2 from ebay that I got for about $60 each. Compared to the APU, the ALIX.2D2 are older, slower, and dont support gigibit networking, but should be more than enough for your use case. On Thu, Sep 22, 2016 at 4:04 PM, Eike Lantzsch wrote: > On Donnerstag, 22. September 2016 20:17:28 PYT Christian Weisgerber wrote: > > On 2016-09-22, Eike Lantzsch wrote: > > > PC Engines APU.2C2 > > > which is amd64, has far more RAM and three Gigabit-ports. > > > Interfaces: Realtek 8168 > > > > Actually, the APU2C2 has Intel i211AT interfaces, em(4). > my error, what I got here on my desk is an APU1 not APU2 > Thank you for the correction
Re: Dual booting - can't boot OpenBSD from Windows 10 bootloader
Hi Eric,
On Fri, 23 Sep 2016 08:04:19 -0400
Eric Furman wrote:
> NO professional dual boots OS's
Apart from those who are sick and tired of Windows, and sick and tired
of Microsoft controlling their PCs. Many a professional will use
Windows to do their work-related work, and the Linux distro to do the
rest of their stuff.
> There is NO REAL reason to dual boot ANY OS's
See above, although with the event of vmm(4) and vmd(8) and other
virtualisation, I predict that eventually your point will be valid, as
people can simply run the secondary OS in a virtual environment.
> This is why OpenBSD has stopped supporting such nonsense.
Just because OpenBSD doesn't support it doesn't mean that it is "such
nonsense." However since there are plenty of other boot managers
out there, many of which support this configuration, there is no need
for OpenBSD's boot loader to support it, as this just duplicates work.
> Sorry.
> I AM NOT AN OPENBSD DEVELOPER
> NEVER HAVE BEEN
> NEVER WILL BE.
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/geo/openbsd-developers/files/OpenBSD
Then there is no need to shout at everyone.
> On Fri, Sep 23, 2016, at 06:57 AM, Lampshade wrote:
> > I have installed OpenBSD before it had UEFI support,
> > so I installed in Legacy Boot mode (I have UEFI capable
> > laptop).
> > I personally use Grub2 installed via
> > debian live amd64 standard image.
> >
> > I don't have Gnu/Linux installed.
> > I only have bootloader from Debian.
> >
> > I have Windows 8.1 and OpenBSD amd64.
> >
> > # cat /mnt/ext2/grub/grub.cfg \
> > > | grep -v -e ^# -e ^[:space:]*$
> > GRUB_DEFAULT=0
> > GRUB_TIMEOUT=5
> > GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
> > GRUB_CMDLINE_LINUX_DEFAULT="quiet"
> > GRUB_CMDLINE_LINUX=""
> > menuentry "Windows" --class os {
> > set root=(hd0,2)
> > chainloader (hd0,msdos2)+1
> > }
> > menuentry "OpenBSD" {
> > set root=(hd0,4)
> > chainloader +1
> > }
> >
> > Grub2 is faster than Windows bootloader.
Re: Dual booting - can't boot OpenBSD from Windows 10 bootloader
I've been looking for a solution, and then stumbled on this:
https://marc.info/?l=openbsd-misc&m=138477729520448&w=2
So it looks like OpenBSD's bootloader needs too be in first 128 GB of
the disk. As for dualbooting I want to use OpenBSD
but I'll sonn start college, and we have digital logic class in firs
semester, and I will be required to use Xilinx ISE on their
machines so I want to have it on my PC too. As far as I know Xilinx
ISE supports only Windows and Linux, and OpenBSD
6.0 no longer supports linux_compat, so that's why I went with dual booting.
2016-09-23 14:04 GMT+02:00 Eric Furman :
> NO professional dual boots OS's
> There is NO REAL reason to dual boot ANY OS's
> This is why OpenBSD has stopped supporting such nonsense.
> Sorry.
> I AM NOT AN OPENBSD DEVELOPER
> NEVER HAVE BEEN
> NEVER WILL BE.
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/geo/openbsd-developers/files/OpenBSD
>
>
> On Fri, Sep 23, 2016, at 06:57 AM, Lampshade wrote:
>> I have installed OpenBSD before it had UEFI support,
>> so I installed in Legacy Boot mode (I have UEFI capable
>> laptop).
>> I personally use Grub2 installed via
>> debian live amd64 standard image.
>>
>> I don't have Gnu/Linux installed.
>> I only have bootloader from Debian.
>>
>> I have Windows 8.1 and OpenBSD amd64.
>>
>> # cat /mnt/ext2/grub/grub.cfg \
>> > | grep -v -e ^# -e ^[:space:]*$
>> GRUB_DEFAULT=0
>> GRUB_TIMEOUT=5
>> GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
>> GRUB_CMDLINE_LINUX_DEFAULT="quiet"
>> GRUB_CMDLINE_LINUX=""
>> menuentry "Windows" --class os {
>> set root=(hd0,2)
>> chainloader (hd0,msdos2)+1
>> }
>> menuentry "OpenBSD" {
>> set root=(hd0,4)
>> chainloader +1
>> }
>>
>> Grub2 is faster than Windows bootloader.
Re: Dual booting - can't boot OpenBSD from Windows 10 bootloader
On Fri, Sep 23, 2016 at 12:57:35PM +0200, Lampshade wrote:
> I have Windows 8.1 and OpenBSD amd64.
>
> # cat /mnt/ext2/grub/grub.cfg \
> > | grep -v -e ^# -e ^[:space:]*$
> GRUB_DEFAULT=0
> GRUB_TIMEOUT=5
> GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
> GRUB_CMDLINE_LINUX_DEFAULT="quiet"
> GRUB_CMDLINE_LINUX=""
> menuentry "Windows" --class os {
> set root=(hd0,2)
> chainloader (hd0,msdos2)+1
> }
> menuentry "OpenBSD" {
> set root=(hd0,4)
> chainloader +1
> }
This config is questionable as there is no 'lsb_release' command
either on Windows (huh) or OpenBSD. I have no idea why you share
a config from Debian here, ie. you have tripple-boot?
j.
Re: Dual booting - can't boot OpenBSD from Windows 10 bootloader
NO professional dual boots OS's
There is NO REAL reason to dual boot ANY OS's
This is why OpenBSD has stopped supporting such nonsense.
Sorry.
I AM NOT AN OPENBSD DEVELOPER
NEVER HAVE BEEN
NEVER WILL BE.
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/geo/openbsd-developers/files/OpenBSD
On Fri, Sep 23, 2016, at 06:57 AM, Lampshade wrote:
> I have installed OpenBSD before it had UEFI support,
> so I installed in Legacy Boot mode (I have UEFI capable
> laptop).
> I personally use Grub2 installed via
> debian live amd64 standard image.
>
> I don't have Gnu/Linux installed.
> I only have bootloader from Debian.
>
> I have Windows 8.1 and OpenBSD amd64.
>
> # cat /mnt/ext2/grub/grub.cfg \
> > | grep -v -e ^# -e ^[:space:]*$
> GRUB_DEFAULT=0
> GRUB_TIMEOUT=5
> GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
> GRUB_CMDLINE_LINUX_DEFAULT="quiet"
> GRUB_CMDLINE_LINUX=""
> menuentry "Windows" --class os {
> set root=(hd0,2)
> chainloader (hd0,msdos2)+1
> }
> menuentry "OpenBSD" {
> set root=(hd0,4)
> chainloader +1
> }
>
> Grub2 is faster than Windows bootloader.
Dual booting - can't boot OpenBSD from Windows 10 bootloader
I have installed OpenBSD before it had UEFI support,
so I installed in Legacy Boot mode (I have UEFI capable
laptop).
I personally use Grub2 installed via
debian live amd64 standard image.
I don't have Gnu/Linux installed.
I only have bootloader from Debian.
I have Windows 8.1 and OpenBSD amd64.
# cat /mnt/ext2/grub/grub.cfg \
> | grep -v -e ^# -e ^[:space:]*$
GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
GRUB_CMDLINE_LINUX=""
menuentry "Windows" --class os {
set root=(hd0,2)
chainloader (hd0,msdos2)+1
}
menuentry "OpenBSD" {
set root=(hd0,4)
chainloader +1
}
Grub2 is faster than Windows bootloader.
Re: 6.0-stable bridge doesn't "forward"
LÉVAI Dániel @ 2016-09-23T11:50:21 +0200: > Hi! > > Yesterday I've upgraded to 6.0, and my Wi-Fi AP (bridge) kind of stopped > working. > It's a setup like this: [...] > I start dhclient on 'Client', then trace the discover packet to the router's > dhcpd(8), and the offer back. > The DHCPDISCOVER is received on the router, it sends back the DHCPOFFER, which > in turn gets back to the AP, alas I only see it on re0, but not on bridge0 or > athn1 -- The bridge(4) ate the offer! :) [...] Ah... It's the same problem as the first paragraph from this article: http://undeadly.org/cgi?action=article&sid=20160725144108 I *knew* this error was somehow familiar... I indeed have dhclient running on re0 on the AP. Daniel
Re: dnscrypt-proxy config question
On Thu, Sep 22, 2016 at 10:31:20PM -0700, john smith wrote: > Hello - > How do I config dnscrypt-proxy to use more than 1 resolver? I understand > how to do theunbound part but what do I put in /etc/rc.conf.local? > Currently I have: > dnscrypt_proxy_flags="-d -E -m 1 -R dnscrypt.eu-dk -a 127.0.0.1:40" As stated on https://dnscrypt.org/, I think you have to start multiple instances of dnscrypt-proxy in daemon mode in /etc/rc.local: dnscrypt-proxy -l /dev/null -R -a 127.0.0.1:40 -u _dnscrypt-proxy -d dnscrypt-proxy -l /dev/null -R -a 127.0.0.1:41 -u _dnscrypt-proxy -d ... (Note: prepend /usr/local/sbin/ to dnscrypt-proxy. I left it out to fit the lines within 80 characters.) Then, in /var/unbound/etc/unbound.conf: forward-zone: name: "." forward-addr: 127.0.0.1@40 forward-addr: 127.0.0.1@41 ... Cheers, Erling -- Erling Westenvik
6.0-stable bridge doesn't "forward"
Hi! Yesterday I've upgraded to 6.0, and my Wi-Fi AP (bridge) kind of stopped working. It's a setup like this: (Client wlan0) -- [athn1=AP=re0] -- [em1=Router=pppoe0] -- (Internet) ^bridge(4)^ Client is Linux, AP and Router is OpenBSD 6.0. AP has a bridge interface containing three interfaces: AP# ifconfig bridge0 bridge0: flags=41 index 9 llprio 3 groups: bridge priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp designated: id xx:xx:xx:x0:00 priority 0 athn0 flags=3 port 4 ifpriority 0 ifcost 0 athn1 flags=3 port 5 ifpriority 0 ifcost 0 re0 flags=3 port 1 ifpriority 0 ifcost 0 Addresses (max cache: 100, timeout: 240): xx:xx:xx:x9:95 re0 1 flags=0<> xx:xx:xx:x9:60 re0 1 flags=0<> xx:xx:xx:x5:68 re0 1 flags=0<> xx:xx:xx:x3:b8 athn1 1 flags=0<> xx:xx:xx:xd:60 re0 1 flags=0<> xx:xx:xx:x6:92 re0 1 flags=0<> xx:xx:xx:x4:a4 re0 1 flags=0<> xx:xx:xx:x3:1e re0 1 flags=0<> xx:xx:xx:x3:84 re0 1 flags=0<> AP is connected to the router's em1 via re0 (cable, ethernet), and router has dhcpd running on em1. I start dhclient on 'Client', then trace the discover packet to the router's dhcpd(8), and the offer back. The DHCPDISCOVER is received on the router, it sends back the DHCPOFFER, which in turn gets back to the AP, alas I only see it on re0, but not on bridge0 or athn1 -- The bridge(4) ate the offer! :) So essentially, if I'd write DHCPDISCOVER as DD and DHCPOFFER as DO, then: Client -DD-> [athn1=AP=re0] -DD-> [em1=Router] --- discover received [Router=em1] -DO-> [re0=AP=athn1] -!!-> Client --- offer not received ... is what's happening. While running dhclient, this is what goes through the AP: AP# tcpdump -s 600 -vv -nettti re0 port 67 or port 68 tcpdump: listening on re0, link-type EN10MB Sep 23 11:18:58.256390 xx:xx:xx:x3:b8 xx:xx:xx:xf:ff 0800 342: 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] xid:0x2e2b8f73 vend-rfc1048 DHCP:DISCOVER PR:SM+BR+TZ+DG+DN+NS+HN [tos 0x10] (ttl 128, id 0, len 328) Sep 23 11:18:58.256609 xx:xx:xx:x3:b8 xx:xx:xx:xf:ff 0800 342: 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] xid:0x2e2b8f73 vend-rfc1048 DHCP:DISCOVER PR:SM+BR+TZ+DG+DN+NS+HN [tos 0x10] (ttl 128, id 0, len 328) Sep 23 11:18:58.256622 xx:xx:xx:x3:b8 xx:xx:xx:xf:ff 0800 342: 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] xid:0x2e2b8f73 vend-rfc1048 DHCP:DISCOVER PR:SM+BR+TZ+DG+DN+NS+HN [tos 0x10] (ttl 128, id 0, len 328) Sep 23 11:18:58.256638 xx:xx:xx:x9:60 xx:xx:xx:x3:b8 0800 347: 192.168.0.1.67 > 192.168.5.10.68: [udp sum ok] xid:0x2e2b8f73 Y:192.168.5.10 S:192.168.0.1 vend-rfc1048 DHCP:OFFER SID:192.168.0.1 LT:43200 SM:255.255.0.0 BR:192.168.255.255 DG:192.168.0.1 DN:"localdomain" NS:192.168.0.1 RN:21600 RB:37800 [tos 0x10] (ttl 16, id 0, len 333) Sep 23 11:18:58.256841 xx:xx:xx:x9:60 xx:xx:xx:x3:b8 0800 347: 192.168.0.1.67 > 192.168.5.10.68: [udp sum ok] xid:0x2e2b8f73 Y:192.168.5.10 S:192.168.0.1 vend-rfc1048 DHCP:OFFER SID:192.168.0.1 LT:43200 SM:255.255.0.0 BR:192.168.255.255 DG:192.168.0.1 DN:"localdomain" NS:192.168.0.1 RN:21600 RB:37800 [tos 0x10] (ttl 16, id 0, len 333) Sep 23 11:18:58.372567 xx:xx:xx:x3:b8 xx:xx:xx:xf:ff 0800 389: 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] xid:0xfa6c8294 secs:42562 vend-rfc1048 DHCP:DISCOVER CID:255.24.122.19.184.0.1.0.1.28.222.156.84.44.96.12.14.104.63 T80: MSZ:1500 VC:100.104.99.112.99.100.45.54.46.56.46.50.58.76.105.110.117.120.45.52.46.49.46.51.51.58.120.56.54.95.54.52.58.71.101.110.117.105.110.101.73.110.116.101.108 HN:"serenity" T145:1 PR:SM+121+SR+DG+NS+HN+DN+BR+NTP+LT+SID+RN+RB+119 (ttl 64, id 6456, len 375) Sep 23 11:18:58.372790 xx:xx:xx:x3:b8 xx:xx:xx:xf:ff 0800 389: 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] xid:0xfa6c8294 secs:42562 vend-rfc1048 DHCP:DISCOVER CID:255.24.122.19.184.0.1.0.1.28.222.156.84.44.96.12.14.104.63 T80: MSZ:1500 VC:100.104.99.112.99.100.45.54.46.56.46.50.58.76.105.110.117.120.45.52.46.49.46.51.51.58.120.56.54.95.54.52.58.71.101.110.117.105.110.101.73.110.116.101.108 HN:"serenity" T145:1 PR:SM+121+SR+DG+NS+HN+DN+BR+NTP+LT+SID+RN+RB+119 (ttl 64, id 6456, len 375) Sep 23 11:18:58.372802 xx:xx:xx:x3:b8 xx:xx:xx:xf:ff 0800 389: 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] xid:0xfa6c8294 secs:42562 vend-rfc1048 DHCP:DISCOVER CID:255.24.122.19.184.0.1.0.1.28.222.156.84.44.96.12.14.104.63 T80: MSZ:1500 VC:100.104.99.112.99.100.45.54.46.56.46.50.58.76.105.110.117.120.45.52.46.49.46.51.51.58.120.56.54.95.54.52.58.71.101.110.117.105.110.101.73.110.116.101.108 HN:"serenity" T145:1 PR:SM+121+SR+DG+NS+HN+DN+BR+NTP+LT+SID+RN+RB+119 (ttl 64, id 6456, len 375) Sep 23 11:18:58.372764 xx:xx:xx:x9:60 xx:xx:xx:x3:b8 0800 347: 192.168.0.1.67 > 192.168.5.10.68: [udp sum ok] xid:0xfa6c8294 secs:42562 Y:192.168.5.10 S:192.168.0.1 v
dnscrypt-proxy config question
Hello - How do I config dnscrypt-proxy to use more than 1 resolver? I understand how to do theunbound part but what do I put in /etc/rc.conf.local? Currently I have: dnscrypt_proxy_flags="-d -E -m 1 -R dnscrypt.eu-dk -a 127.0.0.1:40" I greatly appreciate any help. --Doug
Re: Using isc-dhcp-client as alternate dhclient
On 2016-09-20, Theodore Wynnychenko wrote:
> First, I can't get the isc-dhcp-client to assign an alias to the interface,
> despite the documentation that states it should.
It seems to work if you preset the alias address on the interface
before running dhclient.
> Second, I (apparently) don't understand how to replace the base dhclient with
> the isc dhclient at boot.
>
> I tried modifying /etc/hostname.em0 from:
> ---
> dhcp NONE NONE NONE description "Uplink"
> ---
>
> To:
> ---
> ! /usr/local/sbin/dhclient -cf /etc/isc-dhclient.conf em0
> ---
>
> But this did not work.
Please define "did not work". What output did you get ("dmesg -s" might
help), what shows up in logs, etc?
> I now see in the hostname.if manpage that the command
> needs to be available in the single-user environment (/bin or /sbin)
AFAIK this is mostly for systems with /usr/local on NFS. I certainly
have some ports things successfully started from ! lines in hostname.if
files.
