On Fri, May 14, 2021 at 12:44:45AM +0300, Irshad Sulaiman wrote:
> Hi
>
> I have modified error in openrsync(1) manpage in Example section isn’t
> that ‘openrsync -t' instead of 'rsync -t ‘
> And without --rsync-path= it gives an following error 'openrsync: error:
> unexpected end of file’
I
On Wed, Mar 10, 2021 at 08:40:55PM +0100, da...@hajes.org wrote:
> Hi,
>
> I did set up OpenBSD router/firewall on PC Engines APU4d4 box.
>
> First interface is WAN that connects to Internet.
>
> Remaining three interfaces are bridged with bridge0 via vether0.
>
> firewall doesn't block
On Fri, Feb 19, 2021 at 07:48:25PM -0500, Ashton Fagg wrote:
> I'm curious as to what other folks are doing for mounting iSCSI volumes
> at boot time. I've successfully configured iscsid, and mounting the
> volume manually works as expected.
>
> I found this article [1] which suggests that
On Sat, Feb 06, 2021 at 02:16:20PM +0100, Otto Moerbeek wrote:
> On Sat, Feb 06, 2021 at 12:18:40PM +, James wrote:
>
> > I've disabled my VPN on the machine as well as dhclient, connecting via a
> > fixed static IP address and DNS servers. My routing table is still being
> > modifed by PID 0
On Tue, Feb 02, 2021 at 12:06:37PM +0700, Adiwangsa Kusumah wrote:
> Dear All,
>
> I have topology as below:
>
> UP1 UP2
> \ /
> \ /
> OBSD6.6
> /\
> /\
> OSPF1OSPF2
>
>
> I use openbgpd to upstream and openospfd to internal
> I
On Sat, Jan 30, 2021 at 09:14:50AM +, Olivier Cherrier wrote:
> On Fri, Jan 29, 2021 at 10:32:45PM +0100, bast...@durel.org wrote:
> >
>
> Hello Bastien,
>
> > It is possible, I use it myself. You have to allow multicast address on
> > wg(4) interface(s):
> > 225.0.0.5 for all OSPF routers
2 will not pass the MED on to R2 because
the system does not touch the MED and therefor bgpd considers the received
MED from rr1 and rr2 to have originated from outside and so it is excluded
from UPDATES to EBGP peers.
You should add a 'maych from ibgp set med +0' rule which makes MED learned
via IBGP to be cons
On Thu, Jan 28, 2021 at 12:41:29PM +0100, open...@kene.nu wrote:
> Hello,
>
> I am experiencing this on 6.8, fully syspatched.
>
> root@R1():~ # uname -a
> OpenBSD R1 6.8 GENERIC.MP#4 amd64
>
> The problem is that R1 sends updates with MED set to 0 even though I expect
> it not to be. Upon
On Tue, Dec 29, 2020 at 06:39:36PM +0200, Kapetanakis Giannis wrote:
> Hi,
>
> I've changed today my config from broadcast to p2p for both ipv4 and ipv6.
>
> In ospf6d I get this quite often:
>
> Dec 29 17:39:00 ospf6d[40695]: send_packet: error sending packet on interface
> vlanX: Network is
On Tue, Dec 29, 2020 at 06:39:36PM +0200, Kapetanakis Giannis wrote:
> Hi,
>
> I've changed today my config from broadcast to p2p for both ipv4 and ipv6.
>
> In ospf6d I get this quite often:
>
> Dec 29 17:39:00 ospf6d[40695]: send_packet: error sending packet on interface
> vlanX: Network is
On Tue, Dec 22, 2020 at 02:04:27PM +0100, open...@kene.nu wrote:
> Hello,
> I am seeing what I deem to be unexpected behavior with ospfd and depending
> on carp interfaces.
> Running 6.8 with latest patches applied on all three routers.
>
> # uname -a
> OpenBSD extfw1.lab.kambi.com 6.8
On Wed, Dec 09, 2020 at 05:30:48PM +0200, Mihai Popescu wrote:
> Would it be interesting from the OpenBSD point of view [1] ?
>
> [1] http://www.micromagic.com/news/RISCv-Fastest_PR.pdf
No, this is just PR. We need HW to run on.
--
:wq Claudio
On Mon, Nov 16, 2020 at 06:37:50PM -0700, John McGuigan wrote:
> On Mon, Nov 16, 2020, 6:05 PM Stuart Henderson wrote:
>
> >
> > bridge (and theoretically switch but I never got it to do anything
> > useful) make a group of ports act like a network switch (maybe with
> > filtering between the
On Fri, Oct 30, 2020 at 11:15:31AM +0100, js-openbsd-m...@webkeks.org wrote:
> > Am 30.10.2020 um 01:28 schrieb Theo de Raadt :
> >
> > js-openbsd-m...@webkeks.org wrote:
> >
> >> I just saw
> >> https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/002_icmp6.patch.sig,
> >> however, it's
On Sun, Sep 20, 2020 at 08:00:45PM +0300, Kihaguru Gathura wrote:
> > The Primepower is bigger and needs more power but if you find a box with
> > good CPUs and memory it should run faster than a V215
>
> How did the performance of the PrimePower 250 SCSI drives compare to Sun
> Fire V215 SAS
On Sun, Sep 20, 2020 at 09:02:55AM +0300, Kihaguru Gathura wrote:
> Hi,
>
> For those who have experience with older Sparc machines, Which hardware
> offers better reliability/stability?
>
> Fujitsu Primepower 250 or Sun fire V215.
>
Depends mostly on how well they were handled. Also if they
On Fri, Aug 28, 2020 at 11:40:17AM -0400, Daniel Jakots wrote:
> On Fri, 28 Aug 2020 16:06:48 +0200, Sebastien Marie
> wrote:
>
> > - generate lot of postgresql access. from postgresql thread, the
> > statement seems to be a SELECT, so it would be fine to ran in loop
> > (hopping no cache and
On Mon, Aug 24, 2020 at 04:36:10PM +, Laura Smith wrote:
> Hi,
>
> Let's say I've got a scenario where I've got transit ISPs and peering
> connections.
>
> My general config rule is that I use med to prioritise peering over transit
> (because localpref is too high up in the BGP selection
On Fri, Aug 21, 2020 at 08:45:36AM +0200, open...@kene.nu wrote:
> Hello,
>
> I am seeing rather strange, or maybe expected, behaviour. I utilise
> rtables to send internal traffic towards the internet via a default
> route in rtable 2. The traffic is punted to rtable 2 with pf. The
> strangeness
On Mon, Jul 27, 2020 at 02:54:25PM +0100, Stuart Henderson wrote:
> Replying back on-list, I don't do support-type mails off-list, and other
> people know more about sparc64 hardware than me.
>
> On 2020/07/26 22:38, Kihaguru Gathura wrote:
> > Hi Stuart,
> >
> > For legacy, single-core CPU's
On Tue, Jun 30, 2020 at 10:23:07AM +0200, Laurent CARON wrote:
> Hi,
>
>
> I'm running a pretty busy OpenBGPd router (~250 bgp sessions) with 4 IPv4
> and 4 IPv6 full views, plus a few IX sessions.
>
>
> # bgpctl show rib mem
> RDE memory statistics
> 820983 IPv4 unicast network entries
On Wed, May 20, 2020 at 11:30:00AM +0300, Михаил Попов wrote:
> > "Possible" is irrelevant. Lots of things are _possible_ but not done.
>
> Then only rsyncing?
There is also dump and restore.
> Why not adding at least one of a well tested journaled FS like XFS to OpenBSD?
> Is XFS too fat and
t is 8 bits instead of 16 in earlier releases.
> >
> >
> >
> > пн, 18 мая 2020 г. в 11:51, Bars Bars :
> >
> >> Hi, Claudio
> >>
> >> I mean these in sys/socket.h
> >> /*
> >> * Maximum number of alternate routing tables
> >>
On Sun, May 17, 2020 at 10:16:28PM +0300, Bars Bars wrote:
> it seems the things work just when i rebuild userland completely (im pretty
> sure i did it only with compiling kernel in past, correct me if i wrong?).
>
> btw, questions for the Devs.
> Looking at the cvs history, i really worried
On Wed, May 06, 2020 at 03:23:06PM +0100, Richard Chivers wrote:
> Hi,
>
> Thanks so much for the diff, it appears to have resolved the issue.
>
> We are now trying to establish whether we need the fix widely deployed or
> only on the box that originates with the large LSA updates, pushing it
On Wed, May 06, 2020 at 09:33:11AM +0100, Richard Chivers wrote:
> Hi,
>
> Some progress has been made, we can now replicate this consistently and it
> appears that whenever a LS update exceeds the mtu (1500) we get this issue
> of lsa_check bad age.
>
> When running with the diff Claudio sent
On Tue, May 05, 2020 at 10:51:40AM +0200, Claudio Jeker wrote:
> On Tue, May 05, 2020 at 09:07:34AM +0100, Richard Chivers wrote:
> > After some more work this morning we have managed to extract the
> > information from tcpdump of the full LS-Update packet, we couldn't se
On Tue, May 05, 2020 at 09:07:34AM +0100, Richard Chivers wrote:
> After some more work this morning we have managed to extract the
> information from tcpdump of the full LS-Update packet, we couldn't see it
> on bsd, but running:
>
> tcpdump -v -r ~/Downloads/ospf.pcap on osx did the trick.
>
>
On Wed, Apr 29, 2020 at 05:45:30PM +0200, Marko Cupać wrote:
> Hi,
>
> on 6.6-RELEASE amd64, (sys)patched up to 019_smtpd_exec, I am noticing
> these:
>
> Apr 29 17:23:33 bgp1 bgpd[42338]: neighbor IP.ADD.RE.SS (desc): bad
> AGGREGATOR, AS 0 not allowed, attribute discarded
>
> My bgpd.conf is
>
> Is that the best/general practise in general?
I would use a -blackhole route (no need to send out ICMP messages) but
yes, that is what I normally use in such a case (at least for the DFZ).
> Cheers
>
> Richard
>
> On Mon, Apr 27, 2020 at 8:25 AM Claudio Jeker
>
On Sun, Apr 26, 2020 at 08:44:42PM +0100, Richard Chivers wrote:
> Not sure how I missed the clear information in the man page...
>
> "If set to default, a default route pointing to this router will be
> announced over OSPF"
>
> It seems I am just having an issue and it should work as I
On Tue, Apr 21, 2020 at 10:48:46PM -0300, Gustavo Rios wrote:
> Dear gentleman,
>
> i have the an ANSI C code that do the following:
>
> 0. open a socket
> 1. write data to the socket
> 2. close the writing end of the socket
> 3. read data from the socket
> 4. close the read end of the socket
>
On Sun, Apr 19, 2020 at 08:07:48AM +0100, Richard Chivers wrote:
> Hi,
>
> Just been building a copy of our production system in vagrant to test
> upgrading to the latest version, in order to resolve an issue we were
> having.
>
> In our current config we have:
>
> group "core" {
>
On Wed, Apr 15, 2020 at 08:16:14PM +0100, Richard Chivers wrote:
> Hi,
>
> Just wondering if anyone can help.
>
> I saw back in late 2018 that there were some initial plans for ADD_PATH and
> Multipath in bgpd, it was in a list on a slide right after the portable
> version.
On Mon, Apr 13, 2020 at 02:08:31PM +0200, Remi Locherer wrote:
> On Mon, Apr 13, 2020 at 12:05:10PM +0100, Richard Chivers wrote:
> > Thanks. Please see my comments below.
> >
> > On Mon, 13 Apr 2020, 10:18 Remi Locherer, wrote:
> >
> > > Hi Richard,
> > >
> > > On Mon, Apr 13, 2020 at
On Thu, Apr 02, 2020 at 11:34:21AM +0200, Luca Bodini wrote:
> Hi folks,
>
> I’m just having a strange issue using OpenBSD 6.6 and BGP .
> I have two OpenBSD firewalls with a carp configuration, let’s suppose the
> shared IP is 10.10.10.100, and I am able to announce 10.10.10.100/32 via BGP.
>
On Mon, Mar 16, 2020 at 09:49:30AM +0100, pebwindkraft wrote:
> Hi,
>
> I have a question concerning static routes and default gateways for a DMZ
> setup, with internal and external firewall.
> A DNS in the DMZ shall be used from internal machines, and later a http
> proxy from internal and
On Thu, Feb 27, 2020 at 02:07:36PM +0100, zeurk...@volny.cz wrote:
> Haai,
>
> "Claudio Jeker" wrote:
> > This has not much to do with OpenBSD.
>
> On the contrary: these issues touch the fundaments of UNIX programming.
>
> > As for OpenBSD, it o
This has not much to do with OpenBSD.
As for OpenBSD, it only runs on two types of machines: ILP32 and I32LP64.
Any other type of machine that is not covered by these two types will
not run OpenBSD.
In both cases size_t is defined as unsigned long which is the same as
uintptr_t and the same size
On Wed, Feb 19, 2020 at 02:34:40PM +0100, Thomas Meulendijks wrote:
> Hi OpenBSD Mailing list,
>
> I am trying to install Openbsd via the install66.fs on a Thinkpad X220
> [amd64] with coreboot.
> I have the problem that it does not recognize any USB or SATA device may it
> be storage or
On Tue, Jan 21, 2020 at 09:17:20PM +, Tom Smyth wrote:
> in testing tap(4) performance on the same box with the following config
> using claudios userlandbridge (tbridge) in between two tap interfaces
> each tap was also added their own standard bridge(4) along with 1 physical
> interface.
>
s the usage message and gives an errorlevel of 1
> every time use the -k or -t or -s or -p arguments see terminal
> conversation below
>
Shit, I added a last minute check and as usual introduced a bug.
Line 189 change if (ch != 0) to if (mode != 0)
--
:wq Claudio
/*
* Copyright (
' to wire tun0 and tun1 together.
You can select between, select(2), poll(2), kqueue(2) and pthreads as the
way on how to multiplex the reads.
For me the code triggers scheduler inefficencies and causes packets drops
on the output queue when there are multiple packet producers.
--
:wq Cl
On Sun, Dec 29, 2019 at 01:29:12PM +0100, Henry Jensen wrote:
> Greetings,
>
> for those who didn't watched it, there is an accompanied site at
> https://isopenbsdsecu.re/
>
> Summary: There are a lot of claims. The speaker basically said, that
> some mitigations are "cool", but other, more or
On Mon, Dec 23, 2019 at 08:17:37AM -0800, Philip Guenther wrote:
> On Mon, Dec 23, 2019 at 5:04 AM Raymond, David
> wrote:
>
> > The "timeout" error was numerically 60. Curiously, boards with RTL
> > 8111GR chips did not produce these errors, but those with RTL 8111H
> > chips did.
On Sun, Dec 15, 2019 at 08:57:48PM +0100, Denis Fondras wrote:
> Hi,
>
> I have this setup :
>
> em3: flags=8843 mtu 1500
> lladdr
> index 4 priority 0 llprio 3
> media: Ethernet autoselect (1000baseSX full-duplex)
> status: active
> inet6
On Sat, Nov 09, 2019 at 01:30:32PM +0100, Markus Wernig wrote:
> Hm, also no replies to that one :-)
>
> On 11/6/19 8:15 PM, Markus Wernig wrote:
>
> > So just to make sure: Is anybody using syncookies and/or synproxy in
> > production in a similar setup?
>
> So nobody is using
On Thu, Oct 24, 2019 at 02:06:47PM +0200, Martijn van Duren wrote:
> On 10/24/19 1:50 PM, Robert Klein wrote:
> > Hi,
> >
> >
> >
> > On Thu, 24 Oct 2019 05:26:49 +0200,
> > Predrag Punosevac wrote:
> >>
> >> Kapetanakis Giannis wrote:
> >>
> >>> On 23/10/2019 19:14, Predrag Punosevac wrote:
>
On Thu, Oct 24, 2019 at 12:01:35PM +0100, Thomas Habets wrote:
> $ cd /usr/src/sys
> $ grep mpls_inkloop -r .
> ./netmpls/mpls.h: _inkloop, \
> ./netmpls/mpls.h:extern int mpls_inkloop;
> ./netmpls/mpls_raw.c:int mpls_inkloop = MPLS_INKERNEL_LOOP_MAX;
> $ grep -r
On Fri, Oct 18, 2019 at 03:12:37PM +0100, cho...@jtan.com wrote:
> OK this has started to get on my nerves now.
>
> I use vi to enter emails despite using evil emacs for development and
> other general editing. Rather than linking them together (they're on
> seperate machines) to enter emails in
On Thu, Oct 17, 2019 at 09:50:28PM +0200, Bastian Kanbach wrote:
> Hello,
>
> recently I was performing some checks that relate to the "Strong Host
> Model" and "Weak Host Model", and I noticed that OpenBSD was behaving
> different than I expected. I always assumed that the network stack of
>
On Fri, Oct 18, 2019 at 07:21:42AM +0200, Remi Locherer wrote:
> On Thu, Oct 17, 2019 at 10:33:41PM -0600, Theo de Raadt wrote:
> > > Setting net.inet.ip.check_interface=1 on FreeBSD stopped any ICMP Echo
> > > replies immediately.
> > >
> > > On NetBSD I set net.inet.ip.checkinterface=1 and it
On Mon, Oct 07, 2019 at 04:48:34PM -0500, Adam Thompson wrote:
> [OpenBSD 6.5-STABLE, up to date]
>
> When using bgpctl(8), I'm able to do almost everything I need, but I'm
> having trouble figuring out how to do one thing:
>
> How do I show routes that do NOT have a community (or ext-community,
On Thu, Oct 03, 2019 at 02:07:58PM -0400, Henry Bonath wrote:
> Hello Misc,
>
> I had thought that I had configured the looking glass correctly per the man
> page,
> I have everything else working correctly, with custom header and footer
> with CSS and all works great.
> Whenever I attempt to
On Sun, Sep 22, 2019 at 04:48:18PM -, Stuart Henderson wrote:
> On 2019-09-22, Rachel Roch wrote:
> > Hi,
> >
> > Hopefully I'm not missing something silly here but I've read the paragraph
> > in the man page and it only lists 15 variables:
> >
> > "The printed numbers are the sent and
On Fri, Sep 20, 2019 at 10:36:11AM +0200, Rachel Roch wrote:
> Claudio,
>
> pkg_add node_exporter ?
>
> I already had a good look at the package list on the FTP mirror and
> can't see any node_exporter there ? pkg_add seems to agree with me, it
> says "can't find node_exporter" ?
>
> Certainly
On Fri, Sep 20, 2019 at 07:16:15AM +0100, Tom Smyth wrote:
> Hi all, hope those of you at eurobsdcon are enjoying your selves
> wish I was there
> I waswondering what is the 3rd column in the learned mac address list in
> the column is a number 0 or 1 after the interface name in
> ifconfig
On Thu, Sep 19, 2019 at 10:13:23PM +, Travis Cole wrote:
>
> Looks like they are assuming GNU make.
>
>
> Try doing the build with 'gmake'.
>
>
> If you don't already have gmake installed:
>
>
> # pkg_add gmake
>
Or just do `pkg_add node_exporter`. While prometheus does not provide
a
On Wed, Aug 28, 2019 at 03:17:05PM -0400, Allan Streib wrote:
> Allan Streib writes:
>
> > Running a rather busy ldapd host, and seeing some hangs in responses to
> > queries.
>
>
> I see that fstat -u _ldapd always ends at FD 119 when the hang occurs:
>
> [...]
> _ldapd ldapd 42641
On Tue, Aug 20, 2019 at 07:36:11PM +0200, Peter J. Philipp wrote:
> Hi,
>
> On the NANOG list there is a thread about something synflooding:
> https://mailman.nanog.org/pipermail/nanog/2019-August/102713.html
>
> Most of my hosts are synflooded, and I was wondering why my OpenBSD
> hosts don't
On Wed, Aug 07, 2019 at 08:44:07AM +0100, Andy Lemin wrote:
> Morning Stuart,
>
> So I’ve tested with the base build options properly, the initial errors I saw
> before have gone which is good. But I have a more fundamental issue with
> Unbound now sadly.
>
> Swig successfully built
On Fri, Aug 02, 2019 at 12:28:58PM +0100, Andy Lemin wrote:
> Ahhh, thank you!
>
> I didn’t realise this had changed and now the drivers are written with
> full knowledge of the interface.
That is an overstatement but we know for sure a lot more about these cards
then many other less open ones.
On Mon, Jul 15, 2019 at 11:33:45PM -0700, BSD user wrote:
>
>
> On 7/14/19 11:24 PM, Claudio Jeker wrote:
> > On Sun, Jul 14, 2019 at 07:28:29PM -0700, BSD user wrote:
> > >
> > >
> > > On 7/14/19 12:52 AM, Denis Fondras wrote:
> > > > On
On Sun, Jul 14, 2019 at 07:28:29PM -0700, BSD user wrote:
>
>
> On 7/14/19 12:52 AM, Denis Fondras wrote:
> > On Sat, Jul 13, 2019 at 09:44:28PM -0700, BSD user wrote:
> > > Hello,
> > >
> > > My apologies for sending this email multiple times.
> > >
> > > I was so mortified by Tutanota's
On Thu, Jul 04, 2019 at 12:52:15PM +0300, Kihaguru Gathura wrote:
> Hereby attached the new multiprocessor kernel with umsm working ok.
>
> The error message appears for each connection made to cuaU. This might
> potentially populate dmesg logs over time.
>
> Error message:
> umsm0: this device
On Fri, Jun 28, 2019 at 10:52:01PM +, Mik J wrote:
> Hello,
> I have a syntax error with announce none
> group "spam-bgp" {
> remote-as $spamASN
> multihop 64
> announce none
>
> I was told recently that everything is filtered by default from 6.4 and read
> on
ging on"
--
:wq Claudio
> ‐‐‐ Original Message ‐‐‐
> On Friday, June 21, 2019 8:27 PM, Brian Brombacher
> wrote:
>
> > You’ll also need PF rules to allow incoming traffic from your squid clients
> > to go to the routing table where your squid process is run
On Fri, Jun 21, 2019 at 02:11:53PM +, slackwaree wrote:
> Hello,
>
> I wonder if the following scenario can be solved with OpenBSD on 1 single
> machine or with VMM:
>
> I got 3 OpenBSD vms, all of them are exactly the same running squid except
> they use different default routers to route
On Thu, Jun 20, 2019 at 07:05:57PM +, Victor Camacho wrote:
> Hi,
>
> Using OpenBSD 6.4 and I wanted to run some alias ip addresses on one of the
> interfaces.
> My question is, can I use a different network as an alias?
>
> Example:
> fw3# more hostname.bge0
> inet 10.2.0.1 255.255.0.0
>
On Wed, Jun 19, 2019 at 08:37:28AM +0200, Paul de Weerd wrote:
> Morning folks,
>
> I ran into a problem after upgrading my ALIX to a more recent snapshot
> in that it won't boot anymore. It gets to "entry point 0x2d0" and
> then stops. I tried using the PXE bootloader to load the local
On Fri, Jun 07, 2019 at 03:43:39PM +0200, Paul de Weerd wrote:
> I've just replaced my home gateway with a brandless machine with an
> i5-7200U. While preparing, I noticed the message "ucode too large"
> scrolling by on the serial console, just before the kernel starts.
>
> The dmesg shows cpu0
On Sat, May 25, 2019 at 03:53:03PM +0100, Maurice McCarthy wrote:
> On 25/05/2019, Timo Myyrä wrote:
> > Tristan Pilat writes:
> >
> >> Hi OpenBSD users and devs!
> >>
> >> I got a new laptop in January, a thinkpad x280. At that time my system
> >> running 'current' was very slow and I assumed
On Thu, May 16, 2019 at 12:18:53PM +0300, kasak wrote:
> Hello! I have a litle problem with my unbound:
>
> unbound: notice: sendto failed: No buffer space available
>
> I think, I should increase net.inet.udp.sendspace, but I don't really
> understand what size do i need.
>
> Is there any
On Thu, May 09, 2019 at 10:58:54AM -0500, Adam Thompson wrote:
> I've upgraded my looking glass from 6.4 to 6.5, and an experiencing an
> unexpected problem - routes learned from one (iBGP) peer are not being
> automatically exported to other (eBGP) peers.
>
> I did not change /etc/bgpd.conf, but
On Fri, May 03, 2019 at 11:52:07AM +0200, open...@kene.nu wrote:
> Much appreciated, will test. Did this also affect previous versions
> (specifically thinking about 6.3 and 6.4)?
No. This code was changed after 6.4
> On Fri, May 3, 2019 at 11:43 AM Claudio Jeker
> wrote:
> &g
On Fri, May 03, 2019 at 09:59:40AM +0200, open...@kene.nu wrote:
> Hello,
>
> I am seeing strange behaviour of bgpd in 6.5.
>
> Not sure what causes the networks in bgpd to disappear but they do
> disappear and performing a netstart pick the network back up again in
> bgpd. I cannot see this in
On Mon, Apr 08, 2019 at 05:08:32PM -0400, Henry Bonath wrote:
> Hello, I am seeing some BGP VPNv4 routes staying populated in
> the RIB of route-reflector clients even after dropping the originating
> neighbor.
>
> I'm on OpenBSD 6.4, running MPLS L3VPN.
>
> I have 2 IBGP route-reflectors, both
On Fri, Mar 29, 2019 at 08:36:26AM +0100, open...@kene.nu wrote:
> I forgot to add to my previous email. One thing that could be useful
> in this case is to mimic the Cisco option "neighbor x.x.x.x
> remove-private-as" which removes any private ASes from the path on any
> updates to a peer. Just
On Tue, Mar 12, 2019 at 11:48:01PM -0700, Mike Larkin wrote:
> On Tue, Mar 12, 2019 at 05:37:04PM -0700, Chris Cappuccio wrote:
> > Is there any archive of serial console bootable images (w/virtio support)
> > for Linux or other OSes to boot under vmd?
> >
>
> You mean installer images? Like
On Fri, Feb 08, 2019 at 03:56:12PM -0600, Adam Thompson wrote:
> In bgpd.conf(5), for the "dump" directive there is an optional "timeout"
> parameter. What is its purpose? I assume from the examples that it's
> denominated in seconds...
Yes it is.
> my first guess was to time out on
On Mon, Feb 04, 2019 at 10:58:31PM -0800, Larry Gadallah wrote:
> Hi all:
>
> Does anyone know how to accomplish the equivalent of the Linux:
>
> PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j
> ACC
> EPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>
On Wed, Jan 02, 2019 at 05:05:20PM +0100, Stéphane wrote:
> Hello Guys and happy news year to all !
>
> I have recently setups a news BGP router for peering purpose using OpenBSD.
>
> In order to do input filtering I have tried to use an as-set looking like
> that :
>
>
> ## use as-set to
On Sat, Dec 22, 2018 at 12:28:46PM +0100, Aham Brahmasmi wrote:
> Hi,
>
> > On Sat, Dec 22, 2018 at 07:07:58AM +0100, Flipchan wrote:
> > > Hello,
> > > Does anyone know how to get this working with multiple letsencrypt certs?
> > >
> >
> > You need individual IP:port settings for each of the
On Sat, Dec 22, 2018 at 07:07:58AM +0100, Flipchan wrote:
> Hello,
>
> im trying to get relayd to work with multiple letsencrypt certificates,
>
> i want to go user -> https -> http backendhost based on Host header
>
> relayd:
>
> table { 192.168.3.3 192.168.3.3 }
> table { 127.0.0.1 }
>
On Thu, Dec 20, 2018 at 04:52:34PM -0500, Henry Bonath wrote:
> Hello, I am having an issue with some route-reflectors I set up to try
> to support a new MPLS backbone.
> The majority of the MPLS Routers are Cisco IOS, with some of the PE
> devices running OpenBSD.
> The Route Reflectors are
On Mon, Dec 17, 2018 at 06:05:00PM +0100, Sebastian Benoit wrote:
> Sebastian Benoit(benoit-li...@fb12.de) on 2018.12.17 17:59:49 +0100:
> > Claudio Jeker(cje...@diehard.n-r-g.com) on 2018.12.17 08:25:07 +0100:
> > > On Sun, Dec 16, 2018 at 05:09:06PM -0500, Ted Unangst wrot
On Sun, Dec 16, 2018 at 05:09:06PM -0500, Ted Unangst wrote:
> Claudio Jeker wrote:
> > On Fri, Dec 14, 2018 at 01:26:25PM -0500, Ted Unangst wrote:
> > > Philip Guenther wrote:
> > > > And, perhaps more directly, how would I block this in pf.conf?
> > >
On Fri, Dec 14, 2018 at 01:26:25PM -0500, Ted Unangst wrote:
> Philip Guenther wrote:
> > And, perhaps more directly, how would I block this in pf.conf?
> > >
> >
> > Excellent choice, blocking dhclient from receiving the leases that it
> > requests.
> > "What problem are you trying to solve?"
>
On Fri, Nov 30, 2018 at 09:51:37PM +0100, Janne Johansson wrote:
> Den fre 30 nov. 2018 kl 21:32 skrev Chris Bennett
> :
> > I'm just curious. Is there a default method to select on this? Random?
> > Can I control this somehow?
> > It's clear how everything else selects IP, but I just wanted to
On Wed, Nov 28, 2018 at 06:33:23PM -0200, Martin Pieuchot wrote:
> On 28/11/18(Wed) 17:48, Stuart Henderson wrote:
> > On 2018-11-27, Arnaud BRAND wrote:
> > > Good evening everyone,
> > >
> > > I am stuck with a IPv6 traceroute problem in an OSPFv3 environment.
> > >
> > > Long story short :
>
On Sun, Nov 18, 2018 at 10:57:01PM +, Tom Smyth wrote:
> Hello,
>
> I have a Looking glass that I want to run on a management interface
> that is in a separate rdomain to the BGP router ...
>
> is there away we can have the the bgprocess in one RDomain (main Rdomain)
> and the the bgp
On Wed, Nov 07, 2018 at 07:34:57PM +0300, Kihaguru Gathura wrote:
> Hi,
>
>
> On Wednesday, November 7, 2018, Nick Holland
> wrote:
> > On 11/05/18 23:51, Kihaguru Gathura wrote:
> >> Hi,
> >>
> >> From a security standpoint,
> >> which platform will offer better performance
> >
> > huh?
On Tue, Nov 06, 2018 at 05:42:08PM -0500, Daniel Ouellet wrote:
> The source ID does default yes, but I have a tunnel gateway for multiple
> VPN and I HAD to specify the dstid on the passive side as well or ONLY
> the last rule was picked up for the 0.0.0.0/0 of some of them as an
> example for
On Mon, Oct 29, 2018 at 10:26:40PM +0100, Pierre Emeriaud wrote:
> Le lun. 29 oct. 2018 à 22:04, Claudio Jeker a
> écrit :
> >
> > Another option is to set the rtlabel on the interface and then use network
> > rtlabel to redistribute it.
>
> I tried that, b
On Mon, Oct 29, 2018 at 09:51:46PM +0100, Pierre Emeriaud wrote:
> Le lun. 29 oct. 2018 à 14:43, Pierre Emeriaud
> a écrit :
> >
> > Is there a good way to redistribute those local prefixes? like what
> > "network local" would do.
>
> denis@ informed me about the recently introduced "network
On Mon, Oct 29, 2018 at 09:30:44AM +0100, Peter Hessler wrote:
> Hi Ashe
>
> Sorry about that, I forgot a part of the config file.
>
> You'll need to add "nexthop qualify via default" to the global part of
> the configuration. Since the routers sending you the information are
> not on your
On Mon, Oct 22, 2018 at 01:17:30PM +0200, Marko Cupa? wrote:
> Hi,
>
> I am struggling to announce nexthop to my bgp peers after default
> ruleset change in 6.4's bgpd.conf.
>
> On 6.3, I used to have:
>
> match to $ISP1 set nexthop $CARP_TO_ISP1
> match to $ISP2 set nexthop $CARP_TO_ISP2
>
..@nevtelen.com) on 2018.10.16 15:11:51 +0200:
> > > > On Tue, Oct 16, 2018 at 10:21:37AM +0200, Claudio Jeker wrote:
> > > > > On Tue, Oct 16, 2018 at 09:13:20AM +0200, open...@kene.nu wrote:
> > > > > > Hello,
> > > > > >
> > > >
On Tue, Oct 16, 2018 at 09:13:20AM +0200, open...@kene.nu wrote:
> Hello,
>
> Only relying on OSPF hellos effectively makes it mimic BGP with its
> keepalives. I will ponder the value of transporting the underlay in
> OSPF, effectively transporting loopback peering addresses for BGP in
> OSPF. I
On Mon, Oct 15, 2018 at 02:48:31PM +0300, Gregory Edigarov wrote:
> On 15.10.18 12:58, Sebastian Benoit wrote:
> > open...@kene.nu(open...@kene.nu) on 2018.10.15 11:05:41 +0200:
> > > Hello,
> > >
> > > I am trying to get bgpd and ospfd play nicely with route redistribution.
> > >
> > > So far
1 - 100 of 925 matches
Mail list logo
