Re: experience with supermicro based Network Devices for 1Gb/s Ipsec throughput
On 01/10/2019 21:17, Lyndon Nerenberg wrote: >> SYS-5018A-FTN4 > > If you have any of these, replace them. They have known buggy CPUs > and will randomly fail without warning. We replaced about a dozen > of them after >50% failed within the first year of installation. I have several of these boards that need RMA'ing. Fingers are crossed, and holding thumbs, that this gets a positive result. > Note this isn't an OpenBSD problem -- the 5018As are just bad hardware. > (They also have APIC interrupt issues, most likely due to a buggy ACPI > implementation.) I know a lot about the above bricking issue ("Erratum AVR.54") but I never heard anything about an ACPI problem. Do you have a link to further information please? I also have several servers that were produced *after* the SoC was fixed (C0 stepping instead of B0). I don't know if any ACPI fixes were implemented though. It would be good to get some kind of understanding on this. > We replaced all our SYS-5018A-FTN4s with SYS-5018D-FN8Ts. Did the slightly more powerful cores (and potential for much more RAM, plus other various improvements) in the replacement server compensate sufficiently for the number of cores being halved? Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: Home NAS
On 15/11/2019 10:11, gwes wrote: On 11/14/19 3:52 PM, Andrew Luke Nesbit wrote: On 15/11/2019 07:44, Raymond, David wrote: I hadn't heard about file corruption on OpenBSD. It would be good to get to the bottom of this if it occurred. I was surprised when I read mention of it too, without any real claim or detailed analysis to back it up. This is why I added my disclaimer about "correcting me if I'm wrong because I don't want to spread incorrect information". [...] There was a thread a couple of months ago started by someone either pretty ignorant or a troll. The consensus answer: no more than any other OS, less than many. Thank you gwes, for the clarification. The thread is vaguely coming back to my memory now. I was dipping in and out of it at the time as I didn't have time to study the details at the time. One size definitely doesn't fit all. That is pretty obvious. I never mentioned a blanket rule, and I assume that OP is able to tailor any suggestion to their needs. Backup strategies depend on user's criteria, cost of design and cost of doing the backups - administration & storage, etc. Sure. I don't have a personal archival storage system yet for long term storage that satisfies my specifications because I don't have the infrastructure and medium yet to store it. I plan on investing in LTO tape but I can not afford the initial cost yet. In an ideal world every version of every file lasts forever. Given real limitations, versioning filesystems can't and don't. Indeed. But having archival snapshots at various points in time increases the _probability_ that the version of the file that you need will be present if+when you need it. If your data are critical, invest in a dozen or more portable USB drives. Cycle them off-site. Reread them (not too often) to check for decay. Yes, this is part of the backup system that I'm designing for my NAS, but it's not so much for archiving. If you have much available, get a modern tape system. Yes, as I mentioned above LTO would be great if+when I can afford it. The backup system used over 50 years ago still suitable for many circumstances looks something like this: daily backups held for 1 month weekly backups held for 6-12 months monthly backups held indefinitely offsite. Hold times vary according to circumstances. I think something like this is a good plan. The backup(8) program can assist this by storing deltas so that more frequent backups only contain deltas from the previous less frequent backup. I've not used backup(8) before, thanks for the suggestion. I will have a look. The compromise between backup storage requirements and granularity of recovery points can be mitigated. The way to do it depends on the type and structure of the data: Some data are really transient and can be left out. Source code control systems (or whatever the name is this week) are a good way for intermittent backups to capture a good history of whatever data is around if it's text. I don't understand how SCM's are supposed to help with this... DBs often have their own built-in backup mechanisms. This underscores the difference between file system-level backups, block-level backups, and (for DBs) application-level backups. In particular I'm trying to figure out a generally applicable way of taking a _consistent_ backup of a disk without resorting to single user mode. I think COW file systems might help in this regard but I don't think anything like this exists in OpenBSD. Binary files can be regenerated if the source *and* environment are backed up. Storing the environment is a tricky problem that I haven't found an entirely satisfactory solution for, yet. been there, mounted the wrong tape... what write protect ring? O yeah... me too. My team inherited a hosted service and upon auditing we discovered its backup system was stranger than fiction. But it was so bizarre that we couldn't determine whether it was _supposed_ to be that way or if our reasoning was flawed. A classic type of problem. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: Home NAS
Hi Dave, On 15/11/2019 07:44, Raymond, David wrote: I hadn't heard about file corruption on OpenBSD. It would be good to get to the bottom of this if it occurred. I was surprised when I read mention of it too, without any real claim or detailed analysis to back it up. This is why I added my disclaimer about "correcting me if I'm wrong because I don't want to spread incorrect information". The reason why I brought it up on a public mailing list was to find out if anybody else has heard any inkling _at all_ regarding this, even a skerrick of a mention. I have a feeling I may have even heard about it on this list but I'm not sure. If somebody out there genuinely suspects that this happened then it would be good to know so we can clear it up. Kind regards, Andrew On 11/14/19, U'll Be King of the Stars wrote: On 15/11/2019 04:45, Raymond, David wrote: I have done similar things on Linux for years and am now doing them on OpenBSD. Sounds like what you want to do can be done with a simple rsync script. OpenBSD ffs (ufs) should be stable, it has been around for decades in various incarnations. I have never noticed bit rot in this system, though I imagine it could happen if a disk is gradually going bad. Please correct me if I'm wrong because I don't want to spread incorrect information. A couple of months ago I read a couple of reports of filesystem corruption on OpenBSD. I didn't have time to investigate deeply and I don't know if these issues were even real. Even if they were real I don't know if the problem was due to user error or a defect in the OS. Does anybody know anything about this? That's why multiple backups help. Agreed. See below. You might want to set up a raid5 backup, as this detects parity errors. More complicated though. This is exactly the kind of reason that hybrid volume management systems + filesystems such as Btrfs and ZFS have become popular. I do not know anything about OpenBSD's LVM. One weakness in such as system (ask me how I know!) is that if the NAS goes gradually bad, the errors will propagate to the backup. Using rsync without the --delete option most of the time alleviates this somewhat. Only run with --delete when the backup starts getting full and you are confident that your NAS drive is ok. This is an excellent reason for implementing a system that includes not only backups, but long term storage /archives/ too. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9 -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: Tools for writers
On 05/11/2019 17:38, Ingo Schwarze wrote: Hi, Hello Ingo! Andrew wrote on Sun, Nov 03, 2019 at 12:56:58PM +: [ Pandoc ] is one of the most useful tools I have ever used. If you are writing any sort of documentation then I *highly* recommend checking it out I strongly oppose that point. There is no need at all to bother with pandoc when you write documentation. I think you shoud re-read that, especially the second sentence. Do you realize how ridiculous it is? Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: Skype alternatives for OpenBSD
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 03/11/2019 10:55, Frank Beuth wrote: > Not sure about the original poster but I would be interested in > any end-to-end encrypted video/audio/chat programs that are > available. Have a look at Tox. It might work out for you on a technical level. I don't use Tox. I got involved with the project's development and I left very quickly. Personally I don't even want to be a user if I can help it. This is my own personal issue. If you check it out I sincerely hope you have a better experience than I did. Sociotechnologically it is an important project and I hope it succeeds on that level in the long run. Andrew - -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9 -BEGIN PGP SIGNATURE- iQGzBAEBCgAdFiEE/ASxpcFcqIVqgGgxgfJdKbhCoRcFAl2+tisACgkQgfJdKbhC oRdBugv+P/BIwuNWxmC0kEDiQUWt/E6TjXDwToMch71w0VsWASzM9dUErBTBMOhM BsW2s4J+vbec9PWlBqKogPcU57OlqnzPQgqiBQiCfsf/405DpSIfQcC/U/ZNTG3W RBiWzXFRKzfO3hbRQq8G5Q+mPB9fOffmJLJDosTDdSiPefdPNuH6ClcTTpi98pEZ 67ZQhTAE1IZp6pB1t124LMAz50VRY7mfPYuZBqLCPzFmpflilB0qjWmoH0T9BgMa hFQl8Yd/Bv5ypDTH3n13SsR9uXBR1wGic5j0XmZbaKtygn2eGfZqKBwLCmt+Cfvm ESLP3lG89hK95KstxIRFbPoWhsp+zuMCooIXr62Ik/a0FqHLw8nj9HQCv4FnAoQY KObNvTXsoQec5ojDoRWfPtM+LtjQJ+pYD6xEMYT04OPTKg5/K+HyOaVwCcZFzqdI IpdnO8TeKjNA/qLDAd3z49xgzet+IJDKUYx380XJDSVENkZcz2FNsIrhghXny4lQ ZA0JuJhZ =QUzB -END PGP SIGNATURE-
Re: SCM
On 22/07/2019 16:13, Raul Miller wrote: Both git and OpenBSD run on patches. That said, OpenBSD has a cultural restriction of requiring people to inspect the patches before incorporating them. Adopting git would be a step away from that practice. Does that help make sense of the current situation? Raul, Австин, I hope you don't mind me jumping in. Raul's answer raises fascinating questions about the nature of software development and SCM. Using _any_ SCM system and having meaningful discussion among developers before integrating changes is much more important than the choice of actual SCM system. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: Ansible install Re: Reboot and re-link
On 21/06/2019 19:02, Frank Beuth wrote: > I don't want to re-open the hostilities, but installing OpenBSD via > Ansible is very relevant to my interests. I feel exactly the same way and am surprised that Ansible caused hostilities. Can you send me a link to the thread where this happened please? I want to know why, i.e., pros and cons. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: Installing OpenBSD on Supermicro A2SDi-4C-HLN4F
On 15/06/2019 10:36, Jonathan Gray wrote: > On Sat, Jun 15, 2019 at 09:02:11AM +0100, Richard Laysell wrote: >> >> Hello, >> >> I was trying OpenBSD on a Supermicro A2SDi-4C-HLN4F which uses an Intel >> Atom CPU (Denverton). The board boots but most devices are not >> detected because ACPI can't be enabled. >> >> Does anyone know if this is likely to be supported at some point? > > Try a snapshot. ACPI changes were made for a similiar machine > (Lanner NCA-1510) in May. > > However there is no support for the integrated X553 Ethernet at the > moment. Jonathan, thank you for the update. Richard, I am in the market for one of these boards too, or some other C3000 series model. I'm a big fan of Supermicro's C2000 boards because they are so versatile for low-power applications. They are also excellent home servers due to this and the correspondingly low heat and noise. Of course if you have a C2000 series board you would need to ensure that it doesn't suffer from the notorious Erratum AVR.54 defect [1]. Please could you keep us updated re: your progress of getting OpenBSD installed along with the support status of all devices? If so this would be greatly appreciated. Thanks!! [1] A little-known fact is that if you look through Intel's data sheets and whitepapers you can find similar defects in the stepping errata for other SoC's. In my case I found an almost identical example in a recent Celeron or Pentium J-series SoC. To add to my disappointment, I later discovered, entirely coincidentally, that it was used on the controller boards for a model of Synology NAS that I was considering purchasing. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: The su manual doesn't mention use root account by default
On 13/06/2019 07:17, Theo de Raadt wrote: > Mihai Popescu wrote: > >>> ... if no account is provided, root is the default >> >> I always considered that su is coming from _s_uper _u_ser. But maybe I >> am wrong, I am not from old UNIX days. > > incorrect. > > NAME > su - substitute user identity > I never noticed this before. It's my favorite bit of *nix trivia that defies misguided assumptions since I learned that `/etc` is apparently an initialism for "editible text configuration". Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: Problems installing 6.5 on Supermicro X11SDV-8C-TP8 motherboard - can't see/find network interfaces
On 19/05/2019 02:08, Don Jackson wrote: > I recently acquired a Supermicro 1019D-FRN8TP server with a X11SDV-8C-TP8 > motherboard. > > When i attempt to install 6.5, (via PXE or USB), none of the network > interfaces are detected. > A dmesg appears below, followed by a dmesg and ifconfig -a from successful > attempt installing FreeBSD 12.0 > > Any advice/recommendations about how I can get OpenBSD to see the network > interfaces? > I’m hoping there is a BIOS setting that will help, but haven’t found it yet….. Hi Don, I had a very similar problem yesterday. It presented itself after a firmware upgrade. There are many anecdotes on the web about firmware upgrades on Supermicro boards causing these types of problems. I don't know what to suggest apart from the fact that there might be some correlation between firmware and these problems. Also, the X11SDV and C3000 boards are relatively new. They are still not fully supported by many operating systems. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Re: 6.5 PowerPC Packages
On 09/05/2019 14:56, Allan Streib wrote: > Unless https://www.openbsd.org/plat.html is out of date, it doesn't look > like OpenBSD is currently supporting POWER8 or POWER9 plaftorms. I wonder what is the best way to determine interest in getting OpenBSD to work on POWER8/9? My first thought is to ask around in the OpenBSD and OpenPOWER communities. Then to see if there is any natural rapport between them. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9 signature.asc Description: OpenPGP digital signature
Re: 6.5 PowerPC Packages
On 09/05/2019 14:26, Henry Bonath wrote: > I'm not sure how many folks out there are PowerPC users What exactly do you mean by PowerPC? I am a user of Apple PowerBook G4, POWER8, and POWER9. I am new to OpenBSD and I intend to experiment with it on these architectures. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9