Re: Openbsd VMM with VLAN

2021-06-01 Thread David Gwynne
Hi Irshad, Assuming I understand your layout correctly, you should be able to use hostname.if configurations files like the following: $ cat hostname.em0: up $ cat hostname.vlan20 description "Trusted (L2+L3)" vnetid 20 parent em0 inet aa.bb.cc.dd 255.255.255.0 up $ cat hostname.vlan10:

Re: Home Assistant

2021-05-11 Thread David Gwynne
> On 11 May 2021, at 05:01, pas...@pascallen.nl wrote: > > Dear David, > > How do you start homeassistant after a reboot? Manually? i have these scripts. the pexp in the rc script doesnt work, but i havent needed it to yet. apathy$ cat /etc/rc.d/hass

Re: pf ipv6 source-routing 6.9

2021-05-10 Thread David Gwynne
> On 10 May 2021, at 8:05 pm, Bastien Durel wrote: > > Le samedi 08 mai 2021 à 12:07 +0200, Bastien Durel a écrit : >> Le 08/05/2021 à 11:56, Stuart Henderson a écrit : > Does it work if you use the syntax suggested in the upgrade > notes > for the example with "pass in on pppoe1

Re: virtual cluster with rdomain(4)

2021-05-10 Thread David Gwynne
fe:e1:ba:d3:17:a0 vport2 16 flags=0<> ix# dlg > > thanks > Thomas > > On Mon, 10 May 2021 at 08:10, David Gwynne wrote: > > > > Hi Thomas, > > > > I'd give this a go with vport(4) interfaces instead of vether(4), and > join them all tog

Re: Home Assistant

2021-05-10 Thread David Gwynne
ive been running hass on openbsd for a while now, and just did a new install on 6.9 for my boss on the weekend. i set up a _hass user for it to run as, and gave it /opt/hass: hass$ getent passwd _hass _hass:*:2000:2000:Home Assistant:/opt/hass:/sbin/nologin hass$ getent group 2000 _hass:*:2000

Re: virtual cluster with rdomain(4)

2021-05-10 Thread David Gwynne
Hi Thomas, I'd give this a go with vport(4) interfaces instead of vether(4), and join them all together at layer 2 by adding them to a single veb(4). Cheers, dlg > On 10 May 2021, at 03:04, Thomas Huber wrote: > > Hi misc, > > I wanted to tinker with the cluster manager sysutils/nomad but >

Re: Working with encapsulated traffic using PF (pass incoming IPv4 from IPv6 gif tunnel)

2021-04-14 Thread David Gwynne
> On 9 Apr 2021, at 18:55, Martin wrote: > > Hello list, > > I have working IPv4 OpenBSD router. There are no problems with native IPv4 > and IPv6 traffic filtering/redirecting at all. > > Now stuck with filtering IPv4 traffic encapsulated in IPv6 tunnel using gif > interface. > > IPv6

Re: divert with rdr-to not working properly

2021-04-07 Thread David Gwynne
On Mon, Apr 05, 2021 at 09:51:53AM +0300, Hakan SARIMAN wrote: > Hello Misc, > > > I think divert-packet feature with NAT/NAPT is broken. > > I can not reach to web server when I use divert-packet with rdr-to. > > Is this a known bug or a new issue? There's no other options? Just those two?

Re: What determines source IP of traffic from OpenBSD box ?

2021-02-28 Thread David Gwynne
On Sun, Feb 28, 2021 at 01:17:01PM +0100, Rachel Roch wrote: > > > > 28 Feb 2021, 11:28 by s...@spacehopper.org: > > > On 2021/02/28 11:46, Rachel Roch wrote: > > > >> Thank you all for the suggestions, I am currently testing a few of them. > >> > >> Incase it makes any difference, the

Re: seeing carp interface state change for unknown reason ; cluestick hunting

2021-02-01 Thread David Gwynne
> On 1 Feb 2021, at 6:02 pm, Bryan Stenson wrote: > > Hi all - > > I'm trying to setup a pair of ERL3 octeon routers in master/standby > mode via carp/pfsync to route traffic from my internal lan to the > internet. I've seen strange behavior wrt carp on these machines, so > in an attempt to

Re: Switching from trunk(4) to aggr(4)

2020-12-15 Thread David Gwynne
On Tue, Dec 15, 2020 at 06:43:12PM -0500, Daniel Jakots wrote: > On Tue, 15 Dec 2020 14:30:16 +1000, David Gwynne > wrote: > > > Can you try tcpdump -p -veni em0 -D in and see if any LACP packets > > appear to come in on the port? If not, can you remove the -p and see >

Re: Switching from trunk(4) to aggr(4)

2020-12-14 Thread David Gwynne
> On 14 Dec 2020, at 08:40, Daniel Jakots wrote: > > On Sun, 13 Dec 2020 20:34:35 - (UTC), Stuart Henderson > wrote: > >> On 2020-12-12, Daniel Jakots wrote: >>> I've been using a LACP trunk on my apu (with the three em(4)). On >>> top of which I have some vlans. I've been doing that

Re: dhclient on carp

2020-07-23 Thread David Gwynne
he backup. i suggest using an address like one in 169.254.x.y/16 so the carps can elect. > > Le 23/07/2020 à 03:15, David Gwynne a écrit : >>> On 22 Jul 2020, at 22:59, Guy Godfroy wrote: >>> >>> Hello, >>> >>> So I read in 6.7 release note th

Re: dhclient on carp

2020-07-22 Thread David Gwynne
> On 22 Jul 2020, at 22:59, Guy Godfroy wrote: > > Hello, > > So I read in 6.7 release note that it's finally possible to use dhclient on > CARP interface. That's great news. > > However, I'm not sure how to use it on a hostname.if file. I tried to replace > inet instruction directly with

Re: non-checksummed UDP packets

2020-07-20 Thread David Gwynne
> On 20 Jul 2020, at 05:30, Stuart Henderson wrote: > > On 2020-07-19, obs...@loopw.com wrote: >> >>> Is this normal? >> >> Checksum is OPTIONAL in UDP, not required. This is covered in RFC 768. > > For IPv4, anyway. It's required for v6. Or is it? https://tools.ietf.org/html/rfc6935

Re: using aggr interface instead of trunk

2020-05-19 Thread David Gwynne
> On 14 May 2020, at 4:22 pm, mabi wrote: > > Hi Iain, > > ‐‐‐ Original Message ‐‐‐ > On Wednesday, May 13, 2020 7:55 PM, Iain R. Learmonth wrote: > >> More details are at:https://marc.info/?l=openbsd-cvs=156229058006706=2 > > I actually already read that one after seeing the

Re: small aggr problem ( on current )

2019-12-22 Thread David Gwynne
On Thu, Dec 19, 2019 at 01:59:30PM +0100, Hrvoje Popovski wrote: > On 15.12.2019. 23:01, Hrvoje Popovski wrote: > > On 15.12.2019. 12:45, Holger Glaess wrote: > >> hi > >> > >> > >> ?? runing version > >> > >> > >> /etc 16>dmesg | more > >> Copyright (c) 1982, 1986, 1989, 1991, 1993 > >>

Re: ipv6 via he.net connectivity issues - possible regression?

2019-12-13 Thread David Gwynne
aggr(4) didn't exist in OpenBSD 6.6, so maybe that's the difference. Does the problem go away if you use trunk(4) instead of aggr(4)? Alternatively, could you build a -current kernel and make sure you have src/sys/net/if_aggr.c r1.25 and see what effect that has? Cheers, dlg > On 13 Dec 2019,

Re: issues configuring vlan on top of aggr device

2019-12-05 Thread David Gwynne
On Tue, Dec 03, 2019 at 02:11:16PM +, Pedro Caetano wrote: > Hi again, > > I'm sorry, but since the boxes do not (yet) have working networking it is > not easy for me to get the text output. > I'm attaching a few pictures with the requested output. > >

Re: Changes to VLAN and promiscuous mode in 6.6

2019-11-03 Thread David Gwynne
Hey, This should be fixed in current as of r1.199 of src/sys/net/if_vlan.c Sorry for the inconvenience. Cheers, dlg > On 29 Oct 2019, at 19:49, Zé Loff wrote: > > > Hi all > > Some changes in VLAN-related code went into 6.6 and I think some of them > changed the way the parent interface

Re: 6.6-beta (RAMDISK_CD) #281 hangs on fsck

2019-09-09 Thread David Gwynne
This should be fixed in -current now. A snapshot should pick it up in a day or so. Sorry for the inconvenience. Cheers, dlg > On 9 Sep 2019, at 11:08 am, Luke Small wrote: > > Yay! > -Luke > > > On Sun, Sep 8, 2019 at 8:07 PM David Gwynne wrote: > I think I see

Re: 6.6-beta (RAMDISK_CD) #281 hangs on fsck

2019-09-08 Thread David Gwynne
I think I see the problem. We're going to try and test this locally and will hopefully have something committed in a few hours time. dlg > On 9 Sep 2019, at 10:33, Luke Small wrote: > > I have mfii too: > dmesg | grep mfii: > > mfii0 at pci11 dev 0 function 0 "Symbios Logic MegaRAID SAS2208"

Re: Controlling OSPFD based on HAProxy state

2019-04-24 Thread David Gwynne
I've used relayd to insert routes to a service based on a health check, and then had ospfd advertise those routes. That might be good enough for you. On Fri., 19 Apr. 2019, 00:40 Henry Bonath, wrote: > Does anyone suggest any clever way of controlling OSPFD based on the > status of an HAProxy

Re: Viewing SFP diagnostic data in OpenBSD ?

2019-04-07 Thread David Gwynne
> On 6 Apr 2019, at 01:54, Rachel Roch wrote: > > > > > Apr 2, 2019, 11:19 PM by da...@gwynne.id.au: > >> >> >>> On 3 Apr 2019, at 04:52, Stuart Henderson <>> s...@spacehopper.org >>> >> > wrote: >>> >>> On 2019-04-02, Rachel Roch <>> rr...@tutanota.de

Re: Viewing SFP diagnostic data in OpenBSD ?

2019-04-04 Thread David Gwynne
you have em(4) with sfp? > On 4 Apr 2019, at 18:55, Marco Prause wrote: > > I second that +1 for ix, but em would also be nice ;-) > > > On 03.04.19 00:40, Tom Smyth wrote: >> +1 for me also :) ix :) >> >> On Tue, 2 Apr 2019 at 23:38, Stuart Henderson wrote: >> >>> :-) >>> >

Re: Trouble forwarding between mpw's in bridge (6.4)

2019-04-02 Thread David Gwynne
ting router. > > Thank you to everyone!!! > > On Tue, Apr 2, 2019 at 4:52 AM Mitchell Krome wrote: >> >> >> >> On 2/04/2019 7:57 pm, Mitchell Krome wrote: >>> >>> >>> On 2/04/2019 7:24 pm, David Gwynne wrote: >>>> >>>&

Re: Viewing SFP diagnostic data in OpenBSD ?

2019-04-02 Thread David Gwynne
> On 3 Apr 2019, at 04:52, Stuart Henderson wrote: > > On 2019-04-02, Rachel Roch wrote: >> Hi, >> >> Hopefully I'm just searching the man pages wrong but I can't seem to find >> any hints as to how I can view SFP diagnostics in OpenBSD (i.e. light power >> etc.) >> >> Perhaps someone

Re: Trouble forwarding between mpw's in bridge (6.4)

2019-04-02 Thread David Gwynne
> On 2 Apr 2019, at 6:41 pm, Mitchell Krome wrote: > > On 2/04/2019 2:08 pm, David Gwynne wrote: >> Can you send me the hostname.* files and the output of ifconfig (showing all >> interfaces)? >> >> You're using -current now, right? >> >&

Re: Trouble forwarding between mpw's in bridge (6.4)

2019-04-01 Thread David Gwynne
Can you send me the hostname.* files and the output of ifconfig (showing all interfaces)? You're using -current now, right? dlg > On 2 Apr 2019, at 08:15, lnel...@nelnet.org wrote: > > >> Until recently >> (https://github.com/openbsd/src/commit/dc68b945bbc883db108ac48a07bb89 >> 778b75582a)

Re: dhcrelay multiple instances possible bug

2019-03-04 Thread David Gwynne
Hi Riccardo, dhrelay only operates on a single interface, so you're not missing anything there. Can you show me the ps output for the dhcrelay processes you start? The rcctl commands you show below don't include the rcctl start dhcrelay and dhcrelay_second bits. I have the following in

Re: Packet loss with latest snapshot

2019-03-04 Thread David Gwynne
On Mon, Mar 04, 2019 at 10:36:23AM +0100, Tony Sarendal wrote: > On Mon, 4 Mar 2019, 09:43 Tony Sarendal, wrote: > > > > > > > Den m??n 4 mars 2019 kl 09:26 skrev Tony Sarendal : > > > >> Den s??n 3 mars 2019 kl 21:35 skrev Theo de Raadt : > >> > >>> Tony, > >>> > >>> Are you out of your mind?

Re: PPPoE vlan issue 6.4

2019-02-10 Thread David Gwynne
Hi Adam, It sounds like you're on an ISP with very similar requirements to me. The exec summary of what my ISP wants is pppoe on vlan2, with the vlan priority forced to a single value. Our (OpenBSD's) understanding of the priority field in VLAN headers is that it uses 802.1p for the fields

Re: SNMP reporting on VXLAN interfaces

2018-08-16 Thread David Gwynne
On Thu, Aug 16, 2018 at 10:51:25AM +1000, Jason Tubnor wrote: > Hi, > > Not sure if anyone else here is using SNMP for obtaining VXLAN(4) adapter > throughput but after some testing (clamping with PF queues), I have > discovered that throughput on VXLAN interfaces via SNMP are reporting > exactly

Re: OSPF over gif on top of IPsec transport -current

2018-03-13 Thread David Gwynne
> On 10 Mar 2018, at 08:01, Remi Locherer wrote: > > > With below diff the setup works as expected: tcpdump shows OSPF hellos > on gif0 and ospfd sees the neighbour. > > I don't think it's the correct fix though. functionally it is the correct fix. when i reworked

Re: OSPF over gif on top of IPsec transport -current

2018-03-13 Thread David Gwynne
> On 11 Mar 2018, at 05:30, Atanas Vladimirov wrote: > > On 2018-03-10 00:01, Remi Locherer wrote: >>> >> With below diff the setup works as expected: tcpdump shows OSPF hellos >> on gif0 and ospfd sees the neighbour. >> I don't think it's the correct fix though. >> Index:

Re: gif(4) changes vs tunnelbroker

2018-02-28 Thread David Gwynne
> On 1 Mar 2018, at 02:22, Andreas Bartelt <o...@bartula.de> wrote: > > On 02/27/18 22:35, Pavel Korovin wrote: >> On 02/28, David Gwynne wrote: >>> what is the status of sysctl net.inet.ipip ? >> David, thank you! That was easy :) >> Sorry for

Re: gif(4) changes vs tunnelbroker

2018-02-27 Thread David Gwynne
> On 27 Feb 2018, at 4:10 am, Pavel Korovin wrote: > > Dear all, > > After upgrading several hosts to -current I noticed that all my IPv6 tunnels > via tunnelbroker stopped working. Recently introduced changes to gif(4) > (since > late December 2017) are too complex for me

Re: re0 and re1 watchdog timeouts, and system freeze

2017-06-11 Thread David Gwynne
On Fri, Jun 09, 2017 at 07:19:34PM +0200, Bj??rn Ketelaars wrote: > On Fri 09/06/2017 12:07, Martin Pieuchot wrote: > > On 08/06/17(Thu) 20:38, Bj??rn Ketelaars wrote: > > > On Thu 08/06/2017 16:55, Martin Pieuchot wrote: > > > > On 07/06/17(Wed) 09:43, Bj??rn Ketelaars wrote: > > > > > On Sat

Re: SCSI Enclosure Service

2017-06-08 Thread David Gwynne
hey jens, from what i can tell, you talk to the ami mg9071 chips on that enclosure using sgpio, not in band using smp (sas mgmt protocol) or ses as a scsi device. i get the impression that mpii hardware does have some understanding of enclosures connected via sgpio, but i'm not sure what

Re: Does CARP need Layer 2 ?

2017-04-17 Thread David Gwynne
> On 18 Apr 2017, at 03:54, Bob Jones > wrote: > > Hi, > > Looking at the docs, unlike pfsync, sasyncd and everything else, you > seem to be unable to define a "different" interface to CARP for the > purposes of monitoring. Everything seems to need

Re: Per-device multiqueuing would be fantastic. Are there any plans? Are donations a matter here?

2017-02-10 Thread David Gwynne
> On 9 Feb 2017, at 7:11 pm, Mikael <mikael.ml...@gmail.com> wrote: > > 2017-02-09 16:41 GMT+08:00 David Gwynne <da...@gwynne.id.au>: > .. > hey mikael, > > can you be more specific about what you mean by multiqueuing for disks? even a > reference to an implem

Re: Per-device multiqueuing would be fantastic. Are there any plans? Are donations a matter here?

2017-02-09 Thread David Gwynne
> On 9 Feb 2017, at 12:42 pm, Mikael wrote: > > Hi misc@, > > The SSD reading benchmark in the previous email shows that per-device > multiqueuing will boost multithreaded random read performance very much > e.g. by ~7X+, e.g. the current 50MB/sec will increase to

Re: NVM Express (NVMe) support status

2016-04-15 Thread David Gwynne
> On 12 Feb 2016, at 7:01 PM, Evgeniy Sudyr wrote: > > Hi all, > > I'm looking status of NVM Express support in -current (got Intel 750 > consumer device > https://www-ssl.intel.com/content/www/us/en/solid-state-drives/solid-state-dr ives-750-series.html > for home desktop,

Re: Gif tunnel / pf / queueing

2016-03-02 Thread David Gwynne
> On 2 Mar 2016, at 1:51 AM, Christopher Sean Hilton wrote: > > I would like to apply queueing to packets traversing a gif tunnel. I'd > like to know what works better, Tagging outbound packets on the gif > interface and applying them to queues by tag when they leave on the >

Re: PF: can't make queueing and priority work as expected

2016-01-15 Thread David Gwynne
> On 15 Jan 2016, at 9:07 PM, Craig Skinner <skin...@britvault.co.uk> wrote: > > On 2016-01-15 Fri 12:53 PM |, David Gwynne wrote: >>> On 13 Jan 2016, at 19:19, Marko Cupa?? <marko.cu...@mimar.rs> wrote: >>> >>> Have we come to conclusion that cur

Re: PF: can't make queueing and priority work as expected

2016-01-14 Thread David Gwynne
> On 13 Jan 2016, at 19:19, Marko Cupać <marko.cu...@mimar.rs> wrote: > > On Tue, 12 Jan 2016 16:40:58 +0100 > Claudio Jeker <cje...@diehard.n-r-g.com> wrote: > >> On Tue, Jan 12, 2016 at 05:33:06AM -0700, Daniel Melameth wrote: >>> On Mon, Jan 11, 2016 at

Re: PF: can't make queueing and priority work as expected

2016-01-11 Thread David Gwynne
> On 11 Jan 2016, at 22:43, Daniel Melameth wrote: > > On Sun, Jan 10, 2016 at 7:58 AM, Marko Cupać wrote: >> On Sat, 9 Jan 2016 11:11:27 -0700 >> Daniel Melameth wrote: >>> You NEED to set a max on your ROOT queues. >> I came to

Re: authentication infra structure

2015-12-10 Thread David Gwynne
> On 10 Dec 2015, at 5:25 AM, Friedrich Locke wrote: > > If you had about 10k users and 5k machine how would you manage > authenticating issues? Keep in mind that this is a very heterogenous > environment with ldap, ftp, smtp, pop3, traditional unix boxes etc we

Re: Chelsio T4 10g adapters support ?

2015-12-09 Thread David Gwynne
> On 10 Dec 2015, at 12:28, Brendan Horan wrote: > > Hi, > > I am looking at building a system running OpenBSD to deal with 10g networks. > > It would seem there is good support for Intel cards via the "ix" driver. > However I was looking at Chelsio cards. > It seems

Re: em(4) watchdog timeouts

2015-11-15 Thread David Gwynne
On Fri, Nov 13, 2015 at 10:18:51AM -0500, Sonic wrote: > On Wed, Nov 11, 2015 at 9:20 AM, Gregor Best wrote: > > I've done some further testing and I think I've narrowed it down to the > > "Unlocking em(4) a bit further"-patch [0]. could you try this? its not written with the

Re: Dell S300 controller

2015-05-08 Thread David Gwynne
On 8 May 2015, at 12:41 pm, Jim Giannoules j...@devio.us wrote: On Tue, May 05, 2015 at 06:54:37PM +, Stuart Henderson wrote: On 2015-05-05, Jack Peirce jpei...@sourcecode.com wrote: On Mon, May 04, 2015 at 08:22:28PM -0400, Steve Shockley wrote: Does anyone know if the Dell PERC S300

Re: Not Detecting Broadcom NetXtreme II 10GBase-T adapter

2015-03-10 Thread David Gwynne
i havent written a driver for it yet. On 10 Mar 2015, at 10:07 pm, Ninad Shaha ninadsh...@iitb.ac.in wrote: Dear All, I have installed OpenBSD 5.6 on IBM X3650 M4 server. This server contains 2 numbers of Broadcom NetXtreme II BCM57712 10GBase-T dual port adapter. This adapter is not

Re: Emulate apache mod_rewrite feature with new httpd

2015-02-22 Thread David Gwynne
On 22 Feb 2015, at 20:23, Romain FABBRI romain.fab...@alienconsulting.net wrote: I've managed to configure the new httpd server to use as a replacement for apache. (With is really great. Thanks to Reyk !) I'm strugling to make my drupal site work, because of the clean url module. I

Re: YP Alternative

2015-01-04 Thread David Gwynne
auth with http, but the solarish things i run almost certainly dont. however, linux and solaris still support krb5 auth out of the box, so its only a problem i really have to solve on openbsd. or use ldap auth. On 1/4/2015 2:26 AM, David Gwynne wrote: On 2 Jan 2015, at 9:52 pm, Brian Empson

Re: YP Alternative

2015-01-04 Thread David Gwynne
On 5 Jan 2015, at 06:14, Jiri B ji...@devio.us wrote: On Sun, Jan 04, 2015 at 06:40:09PM +1000, David Gwynne wrote: i dunno. ideally i would just do basic auth over https against something that just returns 200 or 403. bsdauth on openbsd means i could probably implement that with a crappy

Re: YP Alternative

2015-01-03 Thread David Gwynne
On 2 Jan 2015, at 9:52 pm, Brian Empson br...@teamhandbanana.com wrote: I'm looking into a way to sync up group and user information across a network of OpenBSD machines. I like YP, except that I don't need the password hashes transferred across the network. I like that it's built right

Re: ixgbe_tx_ctx_setup crash

2014-12-28 Thread David Gwynne
On 27 Dec 2014, at 6:09 pm, Kapetanakis Giannis bil...@edu.physics.uoc.gr wrote: On 27/12/14 10:05, Kapetanakis Giannis wrote: On 26/12/14 12:23, Kapetanakis Giannis wrote: Hi, Any ideas on this? I'm getting at least one panic every day. G On 24/12/14 06:13, Kapetanakis Giannis

Re: ixgbe_tx_ctx_setup crash

2014-12-28 Thread David Gwynne
On Sun, Dec 28, 2014 at 08:00:57PM +1000, David Gwynne wrote: On 27 Dec 2014, at 6:09 pm, Kapetanakis Giannis bil...@edu.physics.uoc.gr wrote: On 27/12/14 10:05, Kapetanakis Giannis wrote: On 26/12/14 12:23, Kapetanakis Giannis wrote: Hi, Any ideas on this? I'm getting

Re: Dell R630 high interrupts on acpi0

2014-12-15 Thread David Gwynne
On 16 Dec 2014, at 15:16, Jonathan Matthew jonat...@d14n.org wrote: On Sun, Dec 14, 2014 at 06:22:37PM +0100, Hrvoje Popovski wrote: Hi all, I have got two new Dell R630 and have current on them from Sun Dec 14 15:07:17. Installation went great and very fast. The problem is that I see

Re: bridge + vlan broke after 5.5 5.6 upgrade

2014-11-03 Thread David Gwynne
On 4 Nov 2014, at 06:41, Pieter Verberne pieterverbe...@xs4all.nl wrote: On 2014-11-02 13:51, Jorge Schrauwen wrote: Hey All, TL;DR: traffic leaving a bridge over a vlan does not get tagged but leaves untagged after upgrade. Is this by design? Looks exactly like my problem. Running 5.6

Re: Making tftp download large files from tftpd

2014-10-21 Thread David Gwynne
your diff got stripped when sending to this list. i did a fix which has now been committed to the tree as src/usr.bin/tftp/tftp.c r1.24. thanks for the report :) dlg On 21 Oct 2014, at 10:28, Justin Mayes jma...@careered.com wrote: I could. My original problem was with cisco rommon

Re: Periodic DNS resolution

2014-09-28 Thread David Gwynne
i run some scripts out of cron (and from rc.local on boot) to keep some tables in sync with DNS. the scripts are perl so i can use Net::DNS, but apart from that its been pretty robust and straightforward. dlg On 29 Sep 2014, at 11:44, Austin Gilbert austin.gilb...@gmail.com wrote: A problem

Re: 5.5 panic in ffs_blkfree

2014-08-25 Thread David Gwynne
you can go show panic in ddb if you werent watching the console for the panic string. On 25 Aug 2014, at 4:39 am, Roger Hammerstein cheek...@live.com wrote: sorry, i could not get the panic string ddb{3} trace Debugger() at Debugger+0x5 panic() at panic+0xee ffs_blkfree() at

Re: Broadcom BCM5709 and BCM57711 driver features

2014-07-25 Thread David Gwynne
On 24 Jul 2014, at 19:37, def d...@fromru.com wrote: Hi! Currently using 5.5-stable and It seems (as per hwfeatures) that driver for BCM 5709 (1GE dual port adapter) doesnt support jumbo frames at all which is critical for activation mpls on bnx. The card supports jumbo itself. Return

Re: 'newer' Qlogic HBA support on amd64

2014-05-16 Thread David Gwynne
hey pete, could you try enabling the emc driver too? cheers, dlg On 16 May 2014, at 7:47 pm, Pete Vickers peter.vick...@gmail.com wrote: Hi, Sorry for the delay. I finally upgraded the box (very quick and easy process - nice ) and the HBA is now attached by the qle driver. However whilst

Re: uvm_fault on resume with athn(4)

2013-11-22 Thread David Gwynne
hey josh, this should be fixed in src/sys/dev/pci/if_athn_pci.c r1.13. sorry for the inconvenience, but thank you for the report, especially the backtrace. cheers, dlg On 23 November 2013 16:37, Josh Grosse j...@jggimi.homeip.net wrote: Summary: with src/sys/dev/pci/if_athn_pci.c at

Re: 10G NIC recommendation

2013-08-14 Thread David Gwynne
im using myx(4). im biased though. On 15/08/2013, at 9:09 AM, Diana Eichert deich...@wrench.com wrote: What I want to do. create a netflow collector using OpenBSD by looking at data fed from a tap I know which 10G NICs are supported by OpenBSD, what I'd like to hear is a recommendation

Re: PF sync doesn't not work very well

2013-07-04 Thread David Gwynne
On 03/07/2013, at 10:11 PM, Mark Felder f...@feld.me wrote: On Wed, 03 Jul 2013 07:00:02 -0500, Loïc Blot loic.b...@unix-experience.fr wrote: Hello, no carp is used at this time. pfsync needs to be used with carp... without it you're just playing whack-a-mole with your session table.

Re: PF sync doesn't not work very well

2013-07-04 Thread David Gwynne
On 03/07/2013, at 6:23 PM, Loïc Blot loic.b...@unix-experience.fr wrote: Okay, defer is now enabled on pfsync interface (sorry for my last idea, i haven't the man on me :) ). It seems the problem isn't resolved. The transfer starts but blocked at random time. i have hit this too, despite

Re: PF sync doesn't not work very well

2013-07-04 Thread David Gwynne
you could try using sloppy states like henning suggested. you'll still get to write stateful rules and get the tcp state machine checks but not the tcp window checks. if it works with sloppy states it narrows the issue down to the pfsync state merge code. at the moment im kind of guessing

Re: tftpd loop

2013-07-01 Thread David Gwynne
what does host -- -c say? On 29/06/2013, at 3:54 AM, Peter Fraser p...@thinkage.ca wrote: tftpd -l -c xxx resulting from a mistyping causes tftpd to into a loop

Re: BCM5720, LACP and CARP serious problem

2013-05-05 Thread David Gwynne
do you have a real serial console hooked up to the machines? more specifically, can you break into ddb when the machine breaks and get a trace? i use carp on vlans on lacp trunks on top of myx(4) and em(4) quite a lot without trouble, so its likely to be bge(4) if you ask me. unfortunately that

Re: hint on starting tftpd -r

2013-02-26 Thread David Gwynne
On 24/02/2013, at 11:38 AM, russell russ...@dotplan.dyndns.org wrote: On 02/24/2013 11:32 PM, David Gwynne wrote: what are you using the rewrite stuff for? netbooting. me too! we unconditionally netboot all our labs (and most of our staff machines). by default we want netboot to fall out

Re: hint on starting tftpd -r

2013-02-24 Thread David Gwynne
what are you using the rewrite stuff for? On 23/02/2013, at 5:45 PM, russell russ...@dotplan.dyndns.org wrote: So I am using tftpd -r socket and my rewrite script works however I am at a loss as to the best way to start tftpd. From my experiments, the rewrite engine has to start before

Re: OpenBSD changes virtual nic driver in vmware workstation?

2012-08-14 Thread David Gwynne
On 13/08/2012, at 5:42 PM, C. L. Martinez wrote: Hi all, I am trying to do some tests with OpenBSD 5.1 and FreeBSD 9.1 beta in my laptop virtual lab based on vmware workstation 8. But I have found a problem when I try to configure OpenBSD vms: I can't use e1000 driver with these OpenBSD

Re: myricom not listed in supported hardware list

2012-05-29 Thread David Gwynne
yes, they work well. dlg On 29/05/2012, at 11:38 PM, Pierre Berthier wrote: Hi it seems to me the Myricom 10GB Ethernet devices should be supported by OpenBSD, according to myx(4) and the What's new page of 5.0 http://www.openbsd.org/50.html#new and actually also 4.2

Re: 10G router without polling ?

2011-12-22 Thread David Gwynne
On 22/12/2011, at 6:20 PM, PP;Q Q P(P8P?P8QP8P= wrote: am I right that OpenBSD does NOT use device polling like FreeBSD or Linux (called NAPI) do ? yes. any router (even at 10G rate) will perfectly work without polling ? my understanding is that polling is to limit/cap the amount of work

Re: OpenBSD and shebang line to a script not supported?

2011-10-31 Thread David Gwynne
linux runs infinite loops in 5 minutes, so thats not a huge problem for them. On 01/11/2011, at 2:05 PM, Andres Perera wrote: how does linux handle that without going into infinite loops? On Mon, Oct 31, 2011 at 6:55 PM, Mikolaj Kucharski miko...@kucharski.name wrote: Hi, Attached

Re: pfsync0 MTU

2011-10-22 Thread David Gwynne
mike, might have to tweak hardmtu in attach too. maybe. dlg On 23/10/2011, at 6:18 AM, Mike Belopuhov wrote: On Sat, Oct 22, 2011 at 20:14 +0200, Maxim Bourmistrov wrote: On both sides I use em(4) with MTU 9000. Then tried to set the same value to the pfsync with success (ifconfig pfsync0

Re: various documentation for Silicon Image chipsets

2011-07-24 Thread David Gwynne
i believe a lot of these docs were opened up due to jeff garzik talking to silicon image as part of his work on libata in linux. credit where credit is due... dlg On 23/07/2011, at 10:49 PM, Sevan / Venture37 wrote: Hi, Someone posted a series of links to the freebsd-hardware mailing list

Re: 4.7 ospfd FIB/RIB synchronization

2011-07-24 Thread David Gwynne
On 24/07/2011, at 8:27 PM, Jonathan Lassoff wrote: On Wed, Apr 20, 2011 at 7:10 AM, David Gwynne l...@animata.net wrote: On 20/04/2011, at 11:08 PM, Jonathan Lassoff wrote: On Wed, Apr 20, 2011 at 4:22 AM, David Gwynne l...@animata.net wrote: you might be able to upgrade your passive

Re: splassert: assertwaitok: want -1 have 1 (bnx)

2011-06-29 Thread David Gwynne
On 30/06/2011, at 6:56 AM, Ted Unangst wrote: On Wed, 29 Jun 2011, Tom Murphy wrote: /bsd: bnx0: Watchdog timeout occurred, resetting! /bsd: splassert: assertwaitok: want -1 have 1 /bsd: Starting stack trace... /bsd: assertwaitok() at assertwaitok+0x1c /bsd: pool_get() at pool_get+0x95

Re: openbsd hard disk information

2011-06-27 Thread David Gwynne
On 27/06/2011, at 9:31 PM, Friedrich Locke wrote: Dear list member, i have installed OpenBSD on my desktop; every thing is ok, expect for disk information report. It is showed as wd0. I am confused because as far as i know it is a sata device. Why does it (OpenBSD) see it as an old wd.

Re: Routing Issue

2011-05-17 Thread David Gwynne
hey david, pf is run twice on packets going through a box, once before the network stack and again as it leaves it. this means you have to allow a packet in one side as well as when it goes out the other. dlg On 17/05/2011, at 10:16 PM, David Schulz wrote: Hi all, i have a LAN within a LAN

Re: impact of unaligned partitions/slices on 4kB sector drives (wd10ears)

2011-05-14 Thread David Gwynne
On 14/05/2011, at 6:43 PM, Abel Abraham Camarillo Ojeda wrote: I'm starting to get angry about the _horrible_ performance on this drive (WD10EARS-00Y), some developer ever got a chance to see something about this? don't get angry, it's just a disk. we changed the default alignment of

4.9 firewalls

2011-05-11 Thread David Gwynne
anyone replaced firewalls with 4.9 boxes yet? noticed a difference?

Re: pfsync bulk transfer performance

2011-05-05 Thread David Gwynne
when doing a bulk update pfsync only generates 100 packets a second. each packet will be filled with as many full state update messages as possible. unfortunately the full state update message is about 264 bytes so you can only fit 5 in a packet. that means 5 * 100 or 500 messages a second, which

Re: pfsync bulk transfer performance

2011-05-05 Thread David Gwynne
On 05/05/2011, at 10:27 PM, Kapetanakis Giannis wrote: On 05/05/11 13:37, David Gwynne wrote: i do this on my firewalls sometimes: root@passive ~# ssh master pfctl -S /dev/stdout | pfctl -L /dev/stdin its a bit faster... dlg I've tried your trick and it took just a second to copy

Re: use DUIDs rather than device names in fstab?

2011-04-29 Thread David Gwynne
this is why i like duids: OpenBSD 4.9-current (GENERIC.MP) #1: Fri Apr 29 14:55:51 EST 2011 d...@hotspare.eait.uq.edu.au:/home/dlg/src/sys/arch/amd64/compile/GENERIC. MP real mem = 137428045824 (131061MB) avail mem = 133755645952 (127559MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6

Re: use DUIDs rather than device names in fstab?

2011-04-29 Thread David Gwynne
On 29/04/2011, at 4:48 PM, Otto Moerbeek wrote: Op 29 apr. 2011 om 07:00 heeft David Gwynne l...@animata.net het volgende geschreven: this is why i like duids: Is this what you get when you max out every option when ordering a machine? no...

Re: use DUIDs rather than device names in fstab?

2011-04-28 Thread David Gwynne
On 29/04/2011, at 3:33 AM, Nick Holland wrote: On 04/28/2011 10:58 AM, Bryan wrote: On Wed, Apr 27, 2011 at 19:55, David Gwynnel...@animata.net wrote: amen. anything that helps us get away from the kernels arbitrary numbering of devices to identify disks is a good thing. dlg Would

Re: use DUIDs rather than device names in fstab?

2011-04-27 Thread David Gwynne
amen. anything that helps us get away from the kernels arbitrary numbering of devices to identify disks is a good thing. dlg On 28/04/2011, at 10:20 AM, Nick Holland wrote: On 04/27/11 08:27, Kent Watsen wrote: Maybe you should tell us what happened and what you were expecting. I saw the

Re: 4.7 ospfd FIB/RIB synchronization

2011-04-20 Thread David Gwynne
that by going pfctl -S /dev/stdout | ssh activefw pfctl -L /dev/stdin as root on the passive fw. as a matter of interest, are you using ospf for failover on one side of your firewalls? dlg On 20/04/2011, at 2:45 PM, Jonathan Lassoff wrote: On Tue, Apr 19, 2011 at 7:14 PM, David Gwynne l

Re: 4.7 ospfd FIB/RIB synchronization

2011-04-20 Thread David Gwynne
On 20/04/2011, at 11:08 PM, Jonathan Lassoff wrote: On Wed, Apr 20, 2011 at 4:22 AM, David Gwynne l...@animata.net wrote: you might be able to upgrade your passive firewall to 4.9 next to the active 4.7 one. it looks like the protocol stayed the same so they should be able to talk to each other

Re: 4.7 ospfd FIB/RIB synchronization

2011-04-19 Thread David Gwynne
i had this same problem and fixed it in time for the 4.8 release. is it possible you can upgrade? On 20/04/2011, at 9:10 AM, Jonathan Lassoff wrote: I'm having a bit of an issue with OpenOSPFd on 4.7 running on i386 hardware. The gist of the problem is that it seems that changes to the kernel

Re: new upper limit with BIGMEM

2011-04-05 Thread David Gwynne
OpenBSD 4.9-current (GENERIC.MP) #36: Mon Apr 4 09:39:35 EST 2011 d...@hotspare.eait.uq.edu.au:/home/dlg/src/sys/arch/amd64/compile/GENERIC. MP real mem = 137428045824 (131061MB) avail mem = 133755703296 (127559MB) seems to work ok...

Re: network bandwith with em(4)

2011-02-24 Thread David Gwynne
id like to reiterate ryans advice to have a look at the systat mbuf output. as he said, mclgeti will try to protect the host by restricting the number of packets placed on the rx rings. it turns out you dont need (or cant use) a lot of packets on the ring, so bumping the ring size is a useless

Re: Dell R310 - H200 Raid performance problem

2011-02-20 Thread David Gwynne
i believe the diff below should work out of the box. it pulls in all mikeb's fixes. On Fri, Feb 18, 2011 at 07:54:09PM +0100, ??ukasz Czarniecki wrote: With following Mike's suggestions it worked. # scsi -f /dev/rsd0c -m 8 IC: 0 ABPF: 0 CAP: 0 DISC: 0 SIZE: 0 WCE: 1 MF: 0

Re: Dell R310 - H200 Raid performance problem

2011-02-17 Thread David Gwynne
this diff implements the disk cache ioctl handling in mpii so sd(4) can drive the change rather than have mpii(4) whack everything. modelled on the same functionality in mpi(4) and mikeb's code... could someone test this please? Index: mpii.c

Re: pf commands to discuss

2011-01-20 Thread David Gwynne
either: pass in log (all) on $int_if inet proto udp from $admin_pc to !$int_if \ port 33433 33626 keep state tag mytracert pass out log on $ext_if inet proto udp from $ext_if to any \ port 33433 33626 keep state tagged mytracert or: pass in log (all) on $int_if inet proto udp from

  1   2   3   >