Re: 5.8 EOL
On Fri, Dec 02, 2016 at 02:43:01PM +0100, Alessandro Baggi wrote: > Il 02/12/2016 00:47, OpenBSD lists ha scritto: > > Alessandro Baggi wrote: > > > Il 01/12/2016 17:01, Marko Cupać ha scritto: > > > > On Thu, 1 Dec 2016 15:59:41 +0100 > > > > Alessandro Baggi wrote: > > > > > > > > > Hi list, > > > > > I've installed some years ago OpenBSD 5.8 on apu with 3 nics. > > > > > I've tried to search but no look. What is the EOL for OpenBSD 5.8? > > > > > > > > > > Thanks in advance. > > > > > > > > > > > > > https://www.openbsd.org/faq/faq5.html#Flavors > > > > > > > > AFAIK Once 6.0 is out, 5.8 becomes unsupported (EOS). But it by no means > > > > its life ends (EOL). I have just upgraded 2 boxes that were at 5.5, > > > > but were quite alive and kicking :) > > > > > > > > -- > > > > Before enlightenment - chop wood, draw water. > > > > After enlightenment - chop wood, draw water. > > > > > > > > Marko Cupać > > > > https://www.mimar.rs/ > > > > > > > > > > > Then, when 6.1 will be released, > > Somewhere between March and May of next year. Depends on when the code > > is in a releasable state. > > > > > 5.9 will become unsupported. > > Yep, it won't be getting patches anymore. > > > > > How do you provide to security patch for 5.5? > > We don't. Supporting a release that old would require quite a lot more > > volunteers to back-port and test every patch that would apply and we'd > > rather not waste resources on supporting the old stuff and use our time > > to move the project forward. Upgrading is painless and major changes > > are very rare, so I can't think of any compelling reasons to stay on an > > old version (well, unless it is the last version your platform supports) > > > > > Thanks to all for your answer. > > It's time to upgrade. Please take note of the upgrade guides in the FAQ and upgrade one version at a time, first from 5.8 to 5.9, then from 5.9 to 6.0 -- NOT directly from 5.8 to 6.0. The upgrade guides can be found here: http://www.openbsd.org/faq/upgrade59.html http://www.openbsd.org/faq/upgrade60.html Be sure to read both guides carefully. There may be files that needs to be removed manually, and services that may require configuration. Have fun! :) -- Erling Westenvik
support
# 0 # C Indonesia # P West Java # T Bandung # Z 40191 # A # O Consultant # I Andi Maulana # M ko...@bsdmail.com # U # B +62 812 2082 3025 # X # N IT Security Network System, Open Source Platforms, Sysadmin System, Unix Operating System, FreeBSD, OpenBSD, NetBSD, FreeNAS, Linux Support Services
Re: HP Proliant MicroServer G8: not seeing disks [solved]
Some off-list questions reminded me that I never followed up properly on
this one. The machine is now in service and runs cooler and quieter than
the aging (P4) Fujitsu-Siemens it replaced.
My only complaint is that due to the maze of twisty nonsense that is the
HPE web site I never got the BIOS upgrade, but it doesn't seem to matter
much in our context. The machine runs well, and I upgraded it to the
latest snapshot just over half an hour ago.
dmesg:
OpenBSD 6.0-current (GENERIC.MP) #1: Fri Dec 2 00:32:07 MST 2016
bu...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Celeron(R) CPU G1610T @ 2.30GHz ("GenuineIntel"
686-class) 2.30 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,XSAVE,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT
real mem = 4057341952 (3869MB)
avail mem = 3966910464 (3783MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 12/31/99, BIOS32 rev. 0 @ 0xf, SMBIOS rev.
2.7 @ 0xf3bdb000 (64 entries)
bios0: vendor HP version "J06" date 07/16/2015
bios0: HP ProLiant MicroServer Gen8
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP SPCR MCFG HPET SPMI ERST APIC BERT
HEST SSDT SSDT SSDT SSDT SSDT
acpi0: wakeup devices PCI0(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xf400, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Celeron(R) CPU G1610T @ 2.30GHz ("GenuineIntel"
686-class) 2.30 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,XSAVE,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT
ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins
acpiprt0 at acpi0: bus 13 (IPT1)
acpiprt1 at acpi0: bus -1 (IPT2)
acpiprt2 at acpi0: bus -1 (IPT3)
acpiprt3 at acpi0: bus -1 (IPT4)
acpiprt4 at acpi0: bus 3 (IPT5)
acpiprt5 at acpi0: bus -1 (IPT6)
acpiprt6 at acpi0: bus 4 (IPT7)
acpiprt7 at acpi0: bus 1 (IPT8)
acpiprt8 at acpi0: bus 7 (PT02)
acpiprt9 at acpi0: bus -1 (PT03)
acpiprt10 at acpi0: bus 2 (PT05)
acpiprt11 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C2(350@96 mwait.1@0x20), C1(1000@1 mwait.1)
acpicpu1 at acpi0: C2(350@96 mwait.1@0x20), C1(1000@1 mwait.1)
acpitz0 at acpi0: critical temperature is 31 degC
"IPI0001" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0303" at acpi0 not configured
"PNP0F13" at acpi0 not configured
"ACPI000D" at acpi0 not configured
bios0: ROM list: 0xc/0x8000 0xc8000/0x4000!
ipmi at mainbus0 not configured
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel Core 3G Host" rev 0x09
ppb0 at pci0 dev 1 function 0 "Intel Core 3G PCIE" rev 0x09: apic 8 int 16
pci1 at ppb0 bus 7
ppb1 at pci0 dev 6 function 0 "Intel Core 3G PCIE" rev 0x09: apic 8 int 16
pci2 at ppb1 bus 2
ehci0 at pci0 dev 26 function 0 "Intel 6 Series USB" rev 0x05: apic 8 int 21
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev
2.00/1.00 addr 1
ppb2 at pci0 dev 28 function 0 "Intel 6 Series PCIE" rev 0xb5
pci3 at ppb2 bus 13
ppb3 at pci0 dev 28 function 4 "Intel 6 Series PCIE" rev 0xb5
pci4 at ppb3 bus 3
bge0 at pci4 dev 0 function 0 "Broadcom BCM5720" rev 0x00, BCM5720 A0
(0x572), APE firmware NCSI 1.3.7.0: msi, address 70:10:6f:3e:df:d4
brgphy0 at bge0 phy 1: BCM5720C 10/100/1000baseT PHY, rev. 0
bge1 at pci4 dev 0 function 1 "Broadcom BCM5720" rev 0x00, BCM5720 A0
(0x572), APE firmware NCSI 1.3.7.0: msi, address 70:10:6f:3e:df:d5
brgphy1 at bge1 phy 2: BCM5720C 10/100/1000baseT PHY, rev. 0
ppb4 at pci0 dev 28 function 6 "Intel 6 Series PCIE" rev 0xb5
pci5 at ppb4 bus 4
xhci0 at pci5 dev 0 function 0 "Renesas uPD720201 xHCI" rev 0x03: msi
usb1 at xhci0: USB revision 3.0
uhub1 at usb1 configuration 1 interface 0 "Renesas xHCI root hub" rev
3.00/1.00 addr 1
ppb5 at pci0 dev 28 function 7 "Intel 6 Series PCIE" rev 0xb5
pci6 at ppb5 bus 1
"Hewlett-Packard iLO3 Slave" rev 0x05 at pci6 dev 0 function 0 not
configured
vga1 at pci6 dev 0 function 1 "Matrox MGA G200eH" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
"Hewlett-Packard iLO3 Management" rev 0x05 at pci6 dev 0 function 2 not
configured
uhci0 at pci6 dev 0 function 4 "Hewlett-Packard USB" rev 0x02: apic 8 int 16
usb2 at uhci0: USB revision 1.0
uhub2 at usb2 confi
support
# 0 # C Indonesia # P West Java # T Bandung # Z 40191 # A # O Consultant # I Andi Maulana # M ko...@bsdmail.com # U # B +62 812 2082 3025 # X # N IT Security Network System, Open Source Platforms, Sysadmin System, Unix Operating System, FreeBSD, OpenBSD, NetBSD, FreeNAS, Linux Support Services
support
# 0 # C Indonesia # P West Java # T Bandung # Z 40191 # A # O Consultant # I Andi Maulana # M ko...@bsdmail.com # U # B +62 812 2082 3025 # X # N IT Security Network System, Open Source Platforms, Sysadmin System, Unix Operating System, FreeBSD, OpenBSD, NetBSD, FreeNAS, Linux Support Services
support
# 0 # C Indonesia # P West Java # T Bandung # Z 40191# A # O Consultant # I Andi Maulana # M ko...@bsdmail.com # U # B +62 812 2082 3025 # X # N IT Security Network System, Open Source Platforms, Sysadmin System, Unix Operating System, FreeBSD, OpenBSD, NetBSD, FreeNAS, Linux Support Services
support
# 0 # C Indonesia # P West Java # T Bandung # Z 40191# A # O Consultant # I Andi Maulana # M ko...@bsdmail.com # U # B +62 812 2082 3025 # X # N IT Security Network System, Open Source Platforms, Sysadmin System, Unix Operating System, FreeBSD, OpenBSD, NetBSD, FreeNAS, Linux Support Services
Can not read NTPd timedelta from NMEA device by sysctl hw.sensors.nmea0
Hi there! There is a problem to have time delta from NMEA device with NMEA 0183, version 4.0 (V2.3 or V4.1 configurable). # ldattach -s 9600 nmea /dev/cuaU2 # sysctl hw.sensors.nmea0 hw.sensors.nmea0.indicator0=Off (Signal), UNKNOWN While connected to cuaU2 by a terminal program all the GPS data seems ready and useful. What the problem could be? # cat ntpd.conf sensor nmea0 correction 7 weight 6 refid GPS stratum 1
OpenBSD green computing tips
Please ignore discussion about how trendy this subject is, how it is buzzword etc... Thank you. If an OpenBSD user wants to decrease energy consumption what option he/she would have? - suspend (works) - hibernate (works, i haven't used that much) - adaptive cpu speed (works) - adaptive fan speed (??) - WOL (only very limited netword cars work, not many for "mainstream" laptops) - lcd (??) - WOWLan (not supported) - cdrom (??) - hard-drives (??) - usb (??) - 802.11 power-saving (??) - vmd (suspending/hibernation for vms?) Any other device which could be "powered-off" to save energy? What are your experience with decreasing energy usage of OpenBSD boxes - laptops but also home-servers. Thank you for tips. j.
debugging via EHCI debug port
Are we able to get something like console via EHCI debug port? Eg. to get traces etc. from laptops which do not include real serial console? Some info from Coreboot page https://www.coreboot.org/EHCI_Debug_Port I see my Thinkpad T440s shows EHCI controller has 'Debug Port': # pcidump -v 0:29:0 0:29:0: Intel 8 Series USB 0x: Vendor ID: 8086 Product ID: 9c26 0x0004: Command: 0006 Status: 0290 0x0008: Class: 0c Subclass: 03 Interface: 20 Revision: 04 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 00 0x0010: BAR mem 32bit addr: 0xf063d000/0x0400 0x0014: BAR empty () 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 220c 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 07 Min Gnt: 00 Max Lat: 00 0x0050: Capability 0x01: Power Management State: D0 0x0058: Capability 0x0a: Debug Port 0x0098: Capability 0x13: PCI Advanced Features j.
Re: help with pf queueing in ipsec over gre
On Fri, 2 Dec 2016 12:14:56 + (UTC) Stuart Henderson wrote: > On 2016-11-25, Marko Cupać wrote: > > Hi, > > > > I'd like to do limit bandwidth on gre tunnel protected with ipsec in > > transport mode. > I haven't tried this exact scenario. But I understand the general way > things work and I think this is correct: > > Assign packets to queue names as you are doing already, on the gre > interface. But for the "queue XX on YY bandwidth ZZ" bits, YY should > be the physical interface. Hi, this works as far as limiting total bandwidth that passes gre tunnel is concerned, thanks! I'd like to push this even further, and queue different types of traffic that passes gre tunnel into different queues (granting minimal bandwidth to ssh, limiting maximum bandwidth for http/https etc.). Is this possible? If so, how? I don't want to sound like some cisco guy (actually I am trying to gradually switch my 18-node wan from cisco to openbsd), but on cisco this is possible by setting 'qos pre-classify' on tunnel interface, and applying 'service policy output POLYCYNAME' on physical interface, where parent policy shapes total per-tunnel traffic, and child policy shapes different types of traffic. Something like this: policy-map BANDWIDTH class BANDWIDTH::WEB bandwidth percent 30 class BANDWIDTH::RDP bandwidth percent 15 class BANDWIDTH::E-MAIL bandwidth percent 10 class BANDWIDTH::DFS bandwidth percent 10 class BANDWIDTH::MSSQL bandwidth percent 3 class BANDWIDTH::NETMON bandwidth percent 2 class BANDWIDTH::EBANK bandwidth percent 5 class class-default bandwidth percent 25 policy-map APPLYTOPHYSICAL class TUNNEL1 shape average 960 service-policy BANDWIDTH Any pointers highly appreciated. -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/
Disable memory bank via sysctl, LOM or other on Sun V100?
Hi, Is there a way to make the kernel think a full bank of memory is in use by any chance on a Sun V100? I have what appear to be a bad memory in it and the server crash however it is on a remote server that I will not be able to get physically to for a week if lucky. I wonder if there is a way to make the kernel think it is full, or no there so that the DMA doesn't try to use it and then as such crash. I use the LOM to reset the server when that happen, but it does crash a lots always with the same DMA error messages. I know ti is dumm, but I just need to buy some time if that's possible until I can replace the hardware totally. A quick work around the issue for now. Just thought to try this may be, if not then so be it. Best, Daniel
Re: High loadavg on recent snapshots?
On 02/12/2016 12:45, Otto Moerbeek wrote: On Fri, Dec 02, 2016 at 09:55:23AM +, Joe Holden wrote: Hi guys, Is anyone else seeing abnormally high load averages on recent snapshots? Seeing load reported as ~1 on idle machines (both VM and physical, amd64 and octeon): 9:48AM up 34 mins, 1 user, load averages: 1.21, 1.13, 1.01 (octeon snapshot as of 30th Nov) This is known and due to a different way some kernel threads operate. Maybe a bit unexpected, but not harmful, the processor(s) as seen in top(1) should be idle most if the time. -Otto Yeah - not concerned just a huge increase in idle average that doesn't correlate to any activity compared to snapshots from a week or so ago Another example on KVM guest: USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND root 1 0.0 0.1 416 496 ?? Is 6:54PM0:01.23 /sbin/init root 50624 0.0 0.1 632 536 ?? Is 6:55PM0:00.38 dhclient: vio2 [priv] (dhclient) _dhcp42339 0.0 0.1 736 696 ?? Isp6:55PM0:00.19 dhclient: vio2 (dhclient) root 26736 0.0 0.4 364 1976 ?? Isp6:55PM0:00.27 syslogd: [priv] (syslogd) _syslogd 7398 0.0 0.3 968 1488 ?? Sp 6:55PM0:00.68 /usr/sbin/syslogd root 64373 0.0 0.3 872 1452 ?? Is 6:55PM0:00.12 /usr/sbin/sshd root 38751 0.0 0.2 676 1188 ?? Isp6:55PM0:00.35 /usr/sbin/cron root 80570 0.0 0.7 980 3396 ?? Ss 9:20PM0:54.17 sshd: root@ttyp0 (sshd) root 30271 0.0 0.1 612 744 p0 Ssp9:20PM0:00.34 -ksh (ksh) root 84509 0.0 0.1 356 412 p0 R+p/0 4:03AM0:00.00 ps -auxw root 99508 0.0 0.1 608 736 00 Is+p 6:55PM0:02.80 -ksh (ksh) 4:03AM up 9:09, 2 users, load averages: 1.26, 1.18, 1.11 (amd64 snapshot as of 27th Nov) Thanks
Re: 5.8 EOL
Il 02/12/2016 00:47, OpenBSD lists ha scritto: Alessandro Baggi wrote: Il 01/12/2016 17:01, Marko Cupać ha scritto: On Thu, 1 Dec 2016 15:59:41 +0100 Alessandro Baggi wrote: Hi list, I've installed some years ago OpenBSD 5.8 on apu with 3 nics. I've tried to search but no look. What is the EOL for OpenBSD 5.8? Thanks in advance. https://www.openbsd.org/faq/faq5.html#Flavors AFAIK Once 6.0 is out, 5.8 becomes unsupported (EOS). But it by no means its life ends (EOL). I have just upgraded 2 boxes that were at 5.5, but were quite alive and kicking :) -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/ Then, when 6.1 will be released, Somewhere between March and May of next year. Depends on when the code is in a releasable state. 5.9 will become unsupported. Yep, it won't be getting patches anymore. How do you provide to security patch for 5.5? We don't. Supporting a release that old would require quite a lot more volunteers to back-port and test every patch that would apply and we'd rather not waste resources on supporting the old stuff and use our time to move the project forward. Upgrading is painless and major changes are very rare, so I can't think of any compelling reasons to stay on an old version (well, unless it is the last version your platform supports) Thanks to all for your answer. It's time to upgrade. Best regards.
Re: High loadavg on recent snapshots?
On Fri, Dec 02, 2016 at 09:55:23AM +, Joe Holden wrote: > Hi guys, > > Is anyone else seeing abnormally high load averages on recent snapshots? > > Seeing load reported as ~1 on idle machines (both VM and physical, amd64 and > octeon): > > 9:48AM up 34 mins, 1 user, load averages: 1.21, 1.13, 1.01 > (octeon snapshot as of 30th Nov) This is known and due to a different way some kernel threads operate. Maybe a bit unexpected, but not harmful, the processor(s) as seen in top(1) should be idle most if the time. -Otto > > Another example on KVM guest: > > USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND > root 1 0.0 0.1 416 496 ?? Is 6:54PM0:01.23 /sbin/init > root 50624 0.0 0.1 632 536 ?? Is 6:55PM0:00.38 dhclient: > vio2 [priv] (dhclient) > _dhcp42339 0.0 0.1 736 696 ?? Isp6:55PM0:00.19 dhclient: > vio2 (dhclient) > root 26736 0.0 0.4 364 1976 ?? Isp6:55PM0:00.27 syslogd: > [priv] (syslogd) > _syslogd 7398 0.0 0.3 968 1488 ?? Sp 6:55PM0:00.68 > /usr/sbin/syslogd > root 64373 0.0 0.3 872 1452 ?? Is 6:55PM0:00.12 > /usr/sbin/sshd > root 38751 0.0 0.2 676 1188 ?? Isp6:55PM0:00.35 > /usr/sbin/cron > root 80570 0.0 0.7 980 3396 ?? Ss 9:20PM0:54.17 sshd: > root@ttyp0 (sshd) > root 30271 0.0 0.1 612 744 p0 Ssp9:20PM0:00.34 -ksh (ksh) > root 84509 0.0 0.1 356 412 p0 R+p/0 4:03AM0:00.00 ps -auxw > root 99508 0.0 0.1 608 736 00 Is+p 6:55PM0:02.80 -ksh (ksh) > > 4:03AM up 9:09, 2 users, load averages: 1.26, 1.18, 1.11 > > (amd64 snapshot as of 27th Nov) > > Thanks
Re: IPv6 Setup not working on Hetzner server
Hey, On 12/02/16 13:14, Reyk Floeter wrote: This is a link-local address, you have to specify the interface scope id: $ cat /etc/mygate 144.76.102.193 fe80::1%em0 thanks for the hint. I fixed this but that alone still does not help me to send IPv6 data. Hetzner also needs to know your link-local address on em0, do they use the fe80::921b:eff:fe8b:f34%em0 derived from the MAC (I think they do) or do you have to configure something like fe80::2%em0 on your side? Thats a good question. Sadly they dont specify that in the docs and are also not willing to answer that via there support staff. All i could find in the documentation is the following line: For IPv6 on dedicated servers and virtual servers from the CX line, the gateway is fe80::1. Since this is a link-local address, the explicit specification of the network adapter (usually eth0) is necessary: # ip route add default via fe80::1 dev eth0 There answer is that it works on Linux without config and OpenBSD is not supported officially. I just found out that since i changed my mygate up to your suggestion that i now have to ping6 fe80::1%em0 first and then i am able to connecto to other hosts via IPv6. But not before i pinged the fe80::1%em0. WTF? Here are my rountes before the first ping to fe80::1 and then after the ping. Routing tables (before ping) Internet6: DestinationGatewayFlags Refs Use Mtu Prio Iface defaultfe80::1%em0UGS0 579 - 8 em0 ::/96 ::1UGRS 0 0 32768 8 lo0 ::/104 ::1UGRS 0 0 32768 8 lo0 ::1::1UHl 14 14 32768 1 lo0 ::127.0.0.0/104::1UGRS 0 0 32768 8 lo0 ::224.0.0.0/100::1UGRS 0 0 32768 8 lo0 ::255.0.0.0/104::1UGRS 0 0 32768 8 lo0 :::0.0.0.0/96 ::1UGRS 0 0 32768 8 lo0 2002::/24 ::1UGRS 0 0 32768 8 lo0 2002:7f00::/24 ::1UGRS 0 0 32768 8 lo0 2002:e000::/20 ::1UGRS 0 0 32768 8 lo0 2002:ff00::/24 ::1UGRS 0 0 32768 8 lo0 2a01:4f8:192:42d6::/64 2a01:4f8:192:42d6::10 UC 0 0 - 4 em0 2a01:4f8:192:42d6::10 90:1b:0e:8b:0f:34 UHLl 0 18 - 1 em0 fe80::/10 ::1UGRS 0 1 32768 8 lo0 fec0::/10 ::1UGRS 0 0 32768 8 lo0 fe80::%em0/64 fe80::921b:eff:fe8b:f34%em0UC 0 0 - 4 em0 fe80::921b:eff:fe8b:f34%em090:1b:0e:8b:0f:34 UHLl 0 0 - 1 em0 fe80::1%lo0fe80::1%lo0UHl0 0 32768 1 lo0 ff01::/16 ::1UGRS 0 1 32768 8 lo0 ff01::%em0/32 fe80::921b:eff:fe8b:f34%em0Um 0 1 - 4 em0 ff01::%lo0/32 ::1Um 0 1 32768 4 lo0 ff02::/16 ::1UGRS 0 1 32768 8 lo0 ff02::%em0/32 fe80::921b:eff:fe8b:f34%em0Um 0 1 - 4 em0 ff02::%lo0/32 ::1Um 0 1 32768 4 lo0 Routing tables (after ping) Internet6: DestinationGatewayFlags Refs Use Mtu Prio Iface defaultfe80::1%em0UGS0 581 - 8 em0 ::/96 ::1UGRS 0 0 32768 8 lo0 ::/104 ::1UGRS 0 0 32768 8 lo0 ::1::1UHl 14 14 32768 1 lo0 ::127.0.0.0/104::1UGRS 0 0 32768 8 lo0 ::224.0.0.0/100::1UGRS 0 0 32768 8 lo0 ::255.0.0.0/104::1UGRS 0 0 32768 8 lo0 :::0.0.
Re: 350MHz IBM Intel Pentium II runs 5.9 fine
Hello again, On Thu, 1 Dec 2016 16:08:16 -0800 sombody wrote: > Looks like something is misinterpreting ID numbers form the EEPROM on > the memory modules. But I'd like to see what is physically there > before making a call on what is going wrong, if you have any photos > of the system's motherboard. > These are IBM "Personal Computer 300GL" Model No. 6275-500 Machine type: 6275 Model: 500 They are used without X as small servers (DHCP, NTP, spamd SMTP gateways, Squid proxy, package mirror, print server, console server,...) As with the quarter rack of Sun Netras vertically Ikea racked above them, they were all made locally in Scotland, so may differ from foreign boxes. See here: http://web.Britvault.Co.UK/tmp/2016/06-rack/ I'm simply stoked OpenBSD is so solid! Cool, -- Craig Skinner | http://linkd.in/yGqkv7
Re: help with pf queueing in ipsec over gre
On 2016-11-25, Marko Cupać wrote: > Hi, > > I'd like to do limit bandwidth on gre tunnel protected with ipsec in > transport mode. > > I've set single default queue on gre interface, matched everything > that goes out to that queue, and finally passed everything out that > interface: > > # SNIP > queue mother on gre204 bandwidth 25M min 25M max 25M >queue child parent mother bandwidth 25M default > ... > match out on gre204 inet all set queue child > ... > pass out on gre 204 inet all > ... > # SNIP > > In `systat rules` i see counter for both match and pass rules > increasing, but `systat queues` doesn't count anything. > > What am I doing wrong? Do I need to queue on physical interface? If so, > how can I classify different types of traffic to separate queues later > on, since tcpdump on physical interface sees only esp traffic? I haven't tried this exact scenario. But I understand the general way things work and I think this is correct: Assign packets to queue names as you are doing already, on the gre interface. But for the "queue XX on YY bandwidth ZZ" bits, YY should be the physical interface.
Re: IPv6 Setup not working on Hetzner server
Hi, > On 02.12.2016, at 12:55, Leo Unglaub wrote: > > Hey friends, > i have the exact same problem as Heiko had more than one year ago here > on this mailinglist. See > http://marc.info/?l=openbsd-misc&m=143231965324314&w=2 > > Sadly his temporary solution does not work for me so i have to bring > this topic up again. > > I have a server at the german hoster "Hetzner". The IPv4 setup works > fine, but the IPv6 setup does not work properly. I am unable to ping6 > anything other than my gateway. The gateway is reachable over IPv6, but > thats it. Nothing more is reachable. > > My subnet is 2a01:4f8:192:42d6:: / 64 and i assigned > 2a01:4f8:192:42d6::10 to this server. The IPv6 gateway is for all > Hetzner customers fe80::1 :::::. > I have a similar setup that works fine at hostway.de, see below. > > I configured my system as follows: >> # cat /etc/hostname.em0 >> inet 144.76.102.204 255.255.255.224 144.76.102.223 description hetzner-uplink >> inet6 2a01:4f8:192:42d6::10 64 > >> # cat /etc/mygate >> 144.76.102.193 >> fe80::1 > > This is a link-local address, you have to specify the interface scope id: $ cat /etc/mygate 144.76.102.193 fe80::1%em0 Hetzner also needs to know your link-local address on em0, do they use the fe80::921b:eff:fe8b:f34%em0 derived from the MAC (I think they do) or do you have to configure something like fe80::2%em0 on your side? Reyk > This results in the following config: >> # ifconfig em0 >> em0: flags=8843 mtu 1500 >>lladdr 90:1b:0e:8b:0f:34 >>description: hetzner-uplink >>index 1 priority 0 llprio 3 >>groups: egress >>media: Ethernet autoselect (1000baseT full-duplex,master,rxpause,txpause) >>status: active >>inet 144.76.102.204 netmask 0xffe0 broadcast 144.76.102.223 >>inet6 fe80::921b:eff:fe8b:f34%em0 prefixlen 64 scopeid 0x1 >>inet6 2a01:4f8:192:42d6::10 prefixlen 64 >> > > > But IPv6 does not work. Here are some examples: > >> # ping6 -c 3 google.com >> PING6 google.com (2a00:1450:4001:80e::200e): 24 data bytes >> ping6: sendmsg: No route to host >> ping6: wrote google.com 32 chars, ret=-1 >> ping6: sendmsg: No route to host >> ping6: wrote google.com 32 chars, ret=-1 >> ping6: sendmsg: No route to host >> ping6: wrote google.com 32 chars, ret=-1 >> --- google.com ping6 statistics --- >> 3 packets transmitted, 0 packets received, 100.0% packet loss > > >> # ping6 -c 3 fe80::921b:eff:fe8b:f34%em0 >> PING6 fe80::921b:eff:fe8b:f34%em0 (fe80::921b:eff:fe8b:f34%em0): 24 data bytes >> 32 bytes from fe80::921b:eff:fe8b:f34%em0, icmp_seq=0 hlim=64 time=0.188 ms >> 32 bytes from fe80::921b:eff:fe8b:f34%em0, icmp_seq=1 hlim=64 time=0.088 ms >> 32 bytes from fe80::921b:eff:fe8b:f34%em0, icmp_seq=2 hlim=64 time=0.087 ms >> --- fe80::921b:eff:fe8b:f34%em0 ping6 statistics --- >> 3 packets transmitted, 3 packets received, 0.0% packet loss >> round-trip min/avg/max/std-dev = 0.087/0.121/0.188/0.047 ms > > > Here are my routes and my ndp > >> # ndp -an >> Neighbor Linklayer Address Netif ExpireS Flags >> 2a01:4f8:192:42d6::1090:1b:0e:8b:0f:34em0 permanent R l >> fe80::921b:eff:fe8b:f34%em0 90:1b:0e:8b:0f:34em0 permanent R l > > >> # route -n show -inet6 >> Routing tables >> >> Internet6: >> DestinationGatewayFlags Refs Use Mtu Prio Iface >> ::/96 ::1UGRS 00 32768 8 lo0 >> ::/104 ::1UGRS 00 32768 8 lo0 >> ::1::1UHl 14 14 32768 1 lo0 >> ::127.0.0.0/104::1UGRS 00 32768 8 lo0 >> ::224.0.0.0/100::1UGRS 00 32768 8 lo0 >> ::255.0.0.0/104::1UGRS 00 32768 8 lo0 >> :::0.0.0.0/96 ::1UGRS 00 32768 8 lo0 >> 2002::/24 ::1UGRS 00 32768 8 lo0 >> 2002:7f00::/24 ::1UGRS 00 32768 8 lo0 >> 2002:e000::/20 ::1UGRS 00 32768 8 lo0 >> 2002:ff00::/24 ::1UGRS 00 32768 8 lo0 >> 2a01:4f8:192:42d6::/64 2a01:4f8:192:42d6::10 UC 00 - 4 em0 >> 2a01:4f8:192:42d6::10 90:1b:0e:8b:0f:34 UHLl 00 - 1 em0 >> fe80::/10 ::1UGRS 02 32768 8 lo0 >> fec0::/10 ::1UGRS 00 32768 8 lo0 >> fe80::%em0/64 fe80::921b:eff:
IPv6 Setup not working on Hetzner server
Hey friends, i have the exact same problem as Heiko had more than one year ago here on this mailinglist. See http://marc.info/?l=openbsd-misc&m=143231965324314&w=2 Sadly his temporary solution does not work for me so i have to bring this topic up again. I have a server at the german hoster "Hetzner". The IPv4 setup works fine, but the IPv6 setup does not work properly. I am unable to ping6 anything other than my gateway. The gateway is reachable over IPv6, but thats it. Nothing more is reachable. My subnet is 2a01:4f8:192:42d6:: / 64 and i assigned 2a01:4f8:192:42d6::10 to this server. The IPv6 gateway is for all Hetzner customers fe80::1 :::::. I configured my system as follows: > # cat /etc/hostname.em0 > inet 144.76.102.204 255.255.255.224 144.76.102.223 description hetzner-uplink > inet6 2a01:4f8:192:42d6::10 64 > # cat /etc/mygate > 144.76.102.193 > fe80::1 This results in the following config: > # ifconfig em0 > em0: flags=8843 mtu 1500 > lladdr 90:1b:0e:8b:0f:34 > description: hetzner-uplink > index 1 priority 0 llprio 3 > groups: egress > media: Ethernet autoselect (1000baseT > full-duplex,master,rxpause,txpause) > status: active > inet 144.76.102.204 netmask 0xffe0 broadcast 144.76.102.223 > inet6 fe80::921b:eff:fe8b:f34%em0 prefixlen 64 scopeid 0x1 > inet6 2a01:4f8:192:42d6::10 prefixlen 64 > But IPv6 does not work. Here are some examples: > # ping6 -c 3 google.com > PING6 google.com (2a00:1450:4001:80e::200e): 24 data bytes > ping6: sendmsg: No route to host > ping6: wrote google.com 32 chars, ret=-1 > ping6: sendmsg: No route to host > ping6: wrote google.com 32 chars, ret=-1 > ping6: sendmsg: No route to host > ping6: wrote google.com 32 chars, ret=-1 > --- google.com ping6 statistics --- > 3 packets transmitted, 0 packets received, 100.0% packet loss > # ping6 -c 3 fe80::921b:eff:fe8b:f34%em0 > PING6 fe80::921b:eff:fe8b:f34%em0 (fe80::921b:eff:fe8b:f34%em0): 24 data bytes > 32 bytes from fe80::921b:eff:fe8b:f34%em0, icmp_seq=0 hlim=64 time=0.188 ms > 32 bytes from fe80::921b:eff:fe8b:f34%em0, icmp_seq=1 hlim=64 time=0.088 ms > 32 bytes from fe80::921b:eff:fe8b:f34%em0, icmp_seq=2 hlim=64 time=0.087 ms > --- fe80::921b:eff:fe8b:f34%em0 ping6 statistics --- > 3 packets transmitted, 3 packets received, 0.0% packet loss > round-trip min/avg/max/std-dev = 0.087/0.121/0.188/0.047 ms Here are my routes and my ndp > # ndp -an > Neighbor Linklayer Address Netif ExpireS > Flags > 2a01:4f8:192:42d6::1090:1b:0e:8b:0f:34em0 permanent R l > fe80::921b:eff:fe8b:f34%em0 90:1b:0e:8b:0f:34em0 permanent R l > # route -n show -inet6 > Routing tables > > Internet6: > DestinationGatewayFlags > Refs Use Mtu Prio Iface > ::/96 ::1UGRS > 00 32768 8 lo0 > ::/104 ::1UGRS > 00 32768 8 lo0 > ::1::1UHl > 14 14 32768 1 lo0 > ::127.0.0.0/104::1UGRS > 00 32768 8 lo0 > ::224.0.0.0/100::1UGRS > 00 32768 8 lo0 > ::255.0.0.0/104::1UGRS > 00 32768 8 lo0 > :::0.0.0.0/96 ::1UGRS > 00 32768 8 lo0 > 2002::/24 ::1UGRS > 00 32768 8 lo0 > 2002:7f00::/24 ::1UGRS > 00 32768 8 lo0 > 2002:e000::/20 ::1UGRS > 00 32768 8 lo0 > 2002:ff00::/24 ::1UGRS > 00 32768 8 lo0 > 2a01:4f8:192:42d6::/64 2a01:4f8:192:42d6::10 UC > 00 - 4 em0 > 2a01:4f8:192:42d6::10 90:1b:0e:8b:0f:34 UHLl > 00 - 1 em0 > fe80::/10 ::1UGRS > 02 32768 8 lo0 > fec0::/10 ::1UGRS > 00 32768 8 lo0 > fe80::%em0/64 fe80::921b:eff:fe8b:f34%em0UC > 00 - 4 em0 > fe80::921b:eff:fe8b:f34%em090:1b:0e:8b:0f:34 UHLl > 00 - 1 em0 > fe80::1%lo0fe80::1%lo0UHl > 00 32768 1 lo0 > ff01::/16 ::1UGRS > 01 32768 8 lo0 > ff01::%em0/32
High loadavg on recent snapshots?
Hi guys, Is anyone else seeing abnormally high load averages on recent snapshots? Seeing load reported as ~1 on idle machines (both VM and physical, amd64 and octeon): 9:48AM up 34 mins, 1 user, load averages: 1.21, 1.13, 1.01 (octeon snapshot as of 30th Nov) Another example on KVM guest: USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND root 1 0.0 0.1 416 496 ?? Is 6:54PM0:01.23 /sbin/init root 50624 0.0 0.1 632 536 ?? Is 6:55PM0:00.38 dhclient: vio2 [priv] (dhclient) _dhcp42339 0.0 0.1 736 696 ?? Isp6:55PM0:00.19 dhclient: vio2 (dhclient) root 26736 0.0 0.4 364 1976 ?? Isp6:55PM0:00.27 syslogd: [priv] (syslogd) _syslogd 7398 0.0 0.3 968 1488 ?? Sp 6:55PM0:00.68 /usr/sbin/syslogd root 64373 0.0 0.3 872 1452 ?? Is 6:55PM0:00.12 /usr/sbin/sshd root 38751 0.0 0.2 676 1188 ?? Isp6:55PM0:00.35 /usr/sbin/cron root 80570 0.0 0.7 980 3396 ?? Ss 9:20PM0:54.17 sshd: root@ttyp0 (sshd) root 30271 0.0 0.1 612 744 p0 Ssp9:20PM0:00.34 -ksh (ksh) root 84509 0.0 0.1 356 412 p0 R+p/0 4:03AM0:00.00 ps -auxw root 99508 0.0 0.1 608 736 00 Is+p 6:55PM0:02.80 -ksh (ksh) 4:03AM up 9:09, 2 users, load averages: 1.26, 1.18, 1.11 (amd64 snapshot as of 27th Nov) Thanks
