Issue using X on Hyper-V
Hello @misc people. Im having an issue when using 66 as guest for hyper-v. Screen cant get 1366x768 size. Anyone can give a suggestion? clue? Thanks in advance, Leonardo obsdVirtual# dmesg OpenBSD 6.6 (GENERIC.MP) #372: Sat Oct 12 10:56:27 MDT 2019 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4278124544 (4079MB) avail mem = 4135747584 (3944MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf93d0 (338 entries) bios0: vendor American Megatrends Inc. version "090008" date 12/07/2018 bios0: Microsoft Corporation Virtual Machine acpi0 at bios0: ACPI 2.0 acpi0: sleep states S0 S5 acpi0: tables DSDT FACP WAET SLIC OEM0 SRAT APIC OEMB acpi0: wakeup devices acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihve0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat ioapic0 at mainbus0: apid 0 pa 0xfec0, version 11, 24 pins, remapped cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz, 1244.16 MHz, 06-8e-0c cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,SSE3,PCLMUL,SSSE3,FMA3,CX16,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 151MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz, 1367.28 MHz, 06-8e-0c cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,SSE3,PCLMUL,SSSE3,FMA3,CX16,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz, 1367.28 MHz, 06-8e-0c cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,SSE3,PCLMUL,SSSE3,FMA3,CX16,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 0, core 1, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz, 1367.28 MHz, 06-8e-0c cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,SSE3,PCLMUL,SSSE3,FMA3,CX16,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 1, core 1, package 0 acpiprt0 at acpi0: bus 0 (PCI0) acpicpu0 at acpi0: C1(@1 halt!) acpicpu1 at acpi0: C1(@1 halt!) acpicpu2 at acpi0: C1(@1 halt!) acpicpu3 at acpi0: C1(@1 halt!) acpipci0 at acpi0 PCI0: _OSC failed acpicmos0 at acpi0 "VMBus" at acpi0 not configured "Hyper_V_Gen_Counter_V1" at acpi0 not configured cpu0: using VERW MDS workaround pvbus0 at mainbus0: Hyper-V 10.0 hyperv0 at pvbus0: protocol 4.0, features 0x2e7f hyperv0: heartbeat, kvp, shutdown, timesync hvs0 at hyperv0 channel 2: ide, protocol 6.2 scsibus1 at hvs0: 2 targets sd0 at scsibus1 targ 0 lun 0: naa.600224808d2752f4ce69d28116d815eb sd0: 16384MB, 512 bytes/sector, 33554432 sectors, thin hvn0 at hyperv0 channel 13: NVS 5.0 NDIS 6.30, address 00:15:5d:a3:3d:19 hvs1 at hyperv0 channel 14: scsi, protocol 6.2 scsibus2 at hvs1: 2 targets pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel 82443BX" rev 0x03 pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x01 pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility pciide0: channel 0 disabled (no drives) atapiscsi0 at pciide0 channel 1 drive 0 scsibus3 at atapiscsi0: 2 targets cd0 at scsibus3 targ 0 lun 0: removable cd0(pciide0:1:0): using PIO mode 4, DMA mode 2 piixpm0 at pci0 dev 7 function 3 "Intel 82371AB Power" rev 0x02: SMBus disabled vga1 at pci0 dev 8 function 0 "Microsoft VGA" rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) isa0 at pcib0 isadma0 at isa0 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0
X problem on Intel HD Graphics 2000
amage tracking initialized [ 1900.097] (II) modeset(0): Setting screen physical size to 361 x 203 [ 1900.458] (II) config/wscons: checking input device /dev/wskbd [ 1900.458] (II) wskbd: using layout latam [ 1900.458] (II) LoadModule: "kbd" [ 1900.459] (II) Loading /usr/X11R6/lib/modules/input/kbd_drv.so [ 1900.482] (II) Module kbd: vendor="X.Org Foundation" [ 1900.482]compiled for 1.20.5, module version = 1.9.0 [ 1900.482]Module class: X.Org XInput Driver [ 1900.482]ABI class: X.Org XInput driver, version 24.1 [ 1900.482] (II) Using input driver 'kbd' for '/dev/wskbd' [ 1900.482] (**) /dev/wskbd: always reports core events [ 1900.482] (**) /dev/wskbd: always reports core events [ 1900.482] (**) Option "Protocol" "standard" [ 1900.482] (**) Option "XkbRules" "base" [ 1900.482] (**) Option "XkbModel" "pc105" [ 1900.482] (**) Option "XkbLayout" "latam" [ 1900.482] (II) XINPUT: Adding extended input device "/dev/wskbd" (type: KEYBOARD, id 6) [ 1901.123] (II) config/wscons: checking input device /dev/wsmouse0 [ 1901.123] (II) LoadModule: "ws" [ 1901.124] (II) Loading /usr/X11R6/lib/modules/input/ws_drv.so [ 1901.125] (II) Module ws: vendor="X.Org Foundation" [ 1901.125]compiled for 1.20.5, module version = 1.3.0 [ 1901.125]Module class: X.Org XInput Driver [ 1901.125]ABI class: X.Org XInput driver, version 24.1 [ 1901.126] (II) Using input driver 'ws' for '/dev/wsmouse0' [ 1901.126] (**) /dev/wsmouse0: always reports core events [ 1901.126] (II) ws: /dev/wsmouse0: debuglevel 0 [ 1901.126] (**) Option "Device" "/dev/wsmouse0" [ 1901.126] (**) ws: /dev/wsmouse0: ZAxisMapping: buttons 4 and 5 [ 1901.126] (**) ws: /dev/wsmouse0: WAxisMapping: buttons 6 and 7 [ 1901.126] (**) ws: /dev/wsmouse0: associated screen: 0 [ 1901.633] (II) ws: /dev/wsmouse0: minimum x position: 0 [ 1901.633] (II) ws: /dev/wsmouse0: maximum x position: 1365 [ 1901.633] (II) ws: /dev/wsmouse0: minimum y position: 0 [ 1901.633] (II) ws: /dev/wsmouse0: maximum y position: 767 [ 1901.633] (==) ws: /dev/wsmouse0: Buttons: 7 [ 1901.698] (**) ws: /dev/wsmouse0: YAxisMapping: buttons 4 and 5 [ 1901.698] (II) XINPUT: Adding extended input device "/dev/wsmouse0" (type: MOUSE, id 7) [ 1902.215] (**) /dev/wsmouse0: (accel) keeping acceleration scheme 1 [ 1902.215] (**) /dev/wsmouse0: (accel) acceleration profile 0 [ 1902.215] (**) /dev/wsmouse0: (accel) acceleration factor: 2.000 [ 1902.215] (**) /dev/wsmouse0: (accel) acceleration threshold: 4 [ 1902.216] (II) config/wscons: checking input device /dev/wsmouse [ 1902.216] (II) Using input driver 'ws' for '/dev/wsmouse' [ 1902.216] (**) /dev/wsmouse: always reports core events [ 1902.216] (II) ws: /dev/wsmouse: debuglevel 0 [ 1902.216] (**) Option "Device" "/dev/wsmouse" [ 1902.216] (**) ws: /dev/wsmouse: ZAxisMapping: buttons 4 and 5 [ 1902.216] (**) ws: /dev/wsmouse: WAxisMapping: buttons 6 and 7 [ 1902.216] (**) ws: /dev/wsmouse: associated screen: 0 [ 1902.216] (EE) PreInit returned 2 for "/dev/wsmouse" [ 1902.216] (II) UnloadModule: "ws" pcidump pcidump Domain /dev/pci0: 0:0:0: Intel Core 2G Host 0:2:0: Intel HD Graphics 2000 0:20:0: Intel 7 Series xHCI 0:22:0: Intel 7 Series MEI 0:26:0: Intel 7 Series USB 0:27:0: Intel 7 Series HD Audio 0:28:0: Intel 7 Series PCIE 0:28:1: Intel 7 Series PCIE 0:29:0: Intel 7 Series USB 0:31:0: Intel HM76 LPC 0:31:2: Intel 7 Series AHCI 0:31:3: Intel 7 Series SMBus 1:0:0: Attansic Technology AR8162 2:0:0: Atheros AR9485 xenodm.log xenodm info (pid 66816): Starting xenodm info (pid 66816): Starting X server on :0 X.Org X Server 1.20.5 X Protocol Version 11, Revision 0 Build Operating System: OpenBSD 6.6 amd64 Current Operating System: OpenBSD ntbLeo.my.domain 6.6 GENERIC.MP#372 amd64 Build Date: 12 October 2019 11:22:22AM Current version of pixman: 0.38.4 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.0.log", Time: Sun Oct 27 11:05:05 2019 (==) Using system config directory "/usr/X11R6/share/X11/xorg.conf.d" (II) modeset(0): Initializing kms color map for depth 24, 8 bpc. xenodm info (pid 18115): sourcing /etc/X11/xenodm/Xsetup_0 No extra config / no kernel manipulation. Just started xenodm using rcctl and the result is a black screen Anyone that can give me a clue will be really appreciated. Regards! -- Saludos.- Leonardo Santagostini
Re: DigitalOcean and OpenBSD
My two cents: Ramnode. Im using it since 5.6 withou anu issues. Regards El ago 25, 2016 9:34 a.m., "Gilles Chehade"escribió: > On Thu, Aug 25, 2016 at 12:22:21PM +0300, li...@wrant.com wrote: > > Wed, 24 Aug 2016 18:59:46 -0300 "R0me0 ***" > > [...] > > > Thank you everyone that gime directions really appreciated ( all those > in > > > pvt as well ) > > > > > > Cheers guys ! > > > > Thu, 25 Aug 2016 11:07:17 +0800 Tinker > > [...] > > > Guys, www.kimsufi.com is the best combination of inexpensive and > > > reliable, for dedicated servers. > > > > Hi R0me0, > > > > Indeed, recommending even more self managed affordable SSD servers: > > > > OVH: SoYouStart, FR (EUR) > > [https://www.soyoustart.com/ie/essential-servers/] > > > > OVH: SoYouStart, CA (USD) > > [https://www.soyoustart.com/us/essential-servers/] > > > > NB: Not affiliate, years of OpenBSD in KVM on SSD servers reliably. > > > > As a former customer, I would recommand against them. > > There are other alternatives with better hardware, services and policies > within the same price ranges. online.net to name one, hetzner.de to name > another one. > > I'm only commenting because your mail didn't mention competitors and I'd > hate the idea that people went there by default, but I'm off this thread > now ;-) > > -- > Gilles Chehade > > https://www.poolp.org @poolpOrg
Re: Question about NTP server
Just to say thank you all for your responses. I will tell you the final set of NTP servers =) Yours, Leonardo Saludos.- Leonardo Santagostini <http://ar.linkedin.com/in/santagostini> 2016-06-30 18:08 GMT-03:00 Zé Loff <zel...@zeloff.org>: > > On 30/06/2016, at 20:30, Martin Schröder <mar...@oneiros.de> wrote: > > > > 2016-06-30 21:24 GMT+02:00 Leonardo Santagostini < > lsantagost...@gmail.com>: > >> 1) Is there some calculus for making those ntp boxes efficient in terms > of > >> not overstate (sorry, but english is not my mothers tongue) or right > size > >> the hardware. > > > > A Rasberry Pi would suffice (but it's not supported by OpenBSD). > > Any old server you have lying around will be more than enough. > > Not too old, though. I've had problems with clocks in aging hardware (e.g. > a > Pentium II machine about 5 years ago) starting to drift so bad that not > even > NTP could keep them in sync. That being said, prices drop fast enough so > that > you can find fairly recent machines at very low prices. > > > > >> 2) Im wondering also to set up this boxes virtualized using KVM. I know > >> that using RTC its a really pain in the ass, but maybe you can give me > some > >> advice for this config. > > > > Don't virtualize your ntp servers. > > > > Best > > Martin
Question about NTP server
Hi @misc, i am about to mount 4 ntp servers. Main goal is to serve approximately 300 servers and 300 hundreds workstations Servers are located at one datacenter and office in other place. I have a couple of doubts for asking to you. 1) Is there some calculus for making those ntp boxes efficient in terms of not overstate (sorry, but english is not my mothers tongue) or right size the hardware. 2) Im wondering also to set up this boxes virtualized using KVM. I know that using RTC its a really pain in the ass, but maybe you can give me some advice for this config. Thank you all, Best regards/Saludos.- Leonardo Santagostini <http://ar.linkedin.com/in/santagostini>
Re: Question about logo
Thank you all, for answer me. OpenBSD its amazing, thankyou for your work. Happy user since 5.1 =) Yours Leonardo Saludos.- Leonardo Santagostini <http://ar.linkedin.com/in/santagostini> 2016-03-03 16:09 GMT-03:00 Theo de Raadt <dera...@cvs.openbsd.org>: > > There are people selling shirts on Zazzle, CafePress, etc. which have the > > OpenBSD logo - easy to find via google. I'm assuming those people are > not > > authorized by OpenBSD nor do they pass on profits, alas. > > That is correct. > > There are layers of cheaters and enablers out there. Like playing > whack-a-mole. > > I haven't put much effort into fighting it because it isn't fun.
Question about logo
Hello @misc, Just wondering and bothering you, if i can use for my twitter account and mi personal blog, a puffy image. Kind regards Saludos.- Leonardo Santagostini <http://ar.linkedin.com/in/santagostini>
Just want to say thanks to all OpenBSD developers
Hello @all, today i have upgraded from 5.7 to 5.8 on a VPS with a WordPress for my personal site. Following the guide at http://www.openbsd.org/faq/upgrade58.html everything went fine. Wow i was surprised because documentation was 100% accurated and the process was staightforward At work we use linux, and the upgrade process its a pain in the ass. So guys, you rock and OpenBSD for me its a breath of fresh air. Thanks thanks thanks. Kind regards, one happy user ! PS: Sorry for my english but is not my mothers tongue. Saludos.- Leonardo Santagostini <http://ar.linkedin.com/in/santagostini>
Re: 5.8 Snap from Sep 24
0x00c0: 0x00d0: 0x00e0: 0x00f0: 08040f87 0:31:3: Intel 7 Series SMBus 0x: Vendor ID: 8086 Product ID: 1e22 0x0004: Command: 0003 Status: 0280 0x0008: Class: 0c Subclass: 05 Interface: 00 Revision: 04 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 00 0x0010: BAR mem 64bit addr: 0xe0615000/0x0100 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR io addr: 0x3040/0x0020 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 3977 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 03 Line: 0a Min Gnt: 00 Max Lat: 00 0x: 1e228086 0283 0c050004 0x0010: e0615004 0x0020: 3041 397717aa 0x0030: 030a 0x0040: 0001 0x0050: 0x0060: 00040403 0808 0x0070: 0x0080: 0004 0x0090: 0x00a0: 0x00b0: 0x00c0: 0x00d0: 0x00e0: 0x00f0: 08040f87 1:0:0: Attansic Technology AR8162 0x: Vendor ID: 1969 Product ID: 1090 0x0004: Command: 0007 Status: 0010 0x0008: Class: 02 Subclass: 00 Interface: 00 Revision: 10 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 10 0x0010: BAR mem 64bit addr: 0xe050/0x0004 0x0018: BAR io addr: 0x2000/0x0080 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 3979 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 0b Min Gnt: 00 Max Lat: 00 0x0040: Capability 0x01: Power Management 0x0058: Capability 0x10: PCI Express Link Speed: 2.5 / 2.5 GT/s Link Width: x1 / x1 0x00c0: Capability 0x05: Message Signaled Interrupts (MSI) 0x00d8: Capability 0x11: Extended Message Signaled Interrupts (MSI-X) 0x: 10901969 0017 0210 0010 0x0010: e054 2001 0x0020: 397917aa 0x0030: 0040 010b 0x0040: f9c35801 0008 0x0050: 0001c010 0590ffc5 0x0060: 00112000 0007fc11 10110143 0003 0x0070: 0x0080: 10901969 0x0090: 0x00a0: 0x00b0: 0x00c0: 0188d805 0x00d0: 000f0011 2000 0x00e0: 3000 0x00f0: 2:0:0: Atheros AR9485 0x: Vendor ID: 168c Product ID: 0032 0x0004: Command: 0007 Status: 0010 0x0008: Class: 02 Subclass: 80 Interface: 00 Revision: 01 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 10 0x0010: BAR mem 64bit addr: 0xe040/0x0008 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 3218 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 0a Min Gnt: 00 Max Lat: 00 0x0040: Capability 0x01: Power Management 0x0050: Capability 0x05: Message Signaled Interrupts (MSI) 0x0070: Capability 0x10: PCI Express Link Speed: 2.5 / 2.5 GT/s Link Width: x1 / x1 0x: 0032168c 0017 0281 0010 0x0010: e044 0x0020: 321817aa 0x0030: 0040 010a 0x0040: ffc25001 0000 0000 0000 0x0050: 01847005 0x0060: 0000 0000 0x0070: 00020010 05908dc0 00102010 00036c11 0x0080: 10110042 0x0090: 0010 0002 0x00a0: 0x00b0: 0x00c0: 0x00d0: 0x00e0: 0000 0000 0x00f0: 0000 I started to read http://www.openbsd.org/faq/faq4.html#Multibooting for dual booting between windows and openbsd =) So, in short, backup, make some install disks/sticks and on the route again with openbsd. Thanks for all, regards Saludos.- Leonardo Santagostini <http://ar.linkedin.com/in/santagostini> 2015-09-26 21:43 GMT-03:00 Leonardo Santagostini <lsantagost...@gmail.com>: > Hi @misc, just tested on my hardware this snap, and im very excited to get > X working again. > > As soon as i can get the logs out from my pen drive (test install on > pendrive) i will submit then. > > Thanks for your effort. Just wondering how to get dual booten with Win10 =) > > Regards/Saludos.- > > Leonardo Santagostini > > <http://ar.linkedin.com/in/santagostini>
5.8 Snap from Sep 24
Hi @misc, just tested on my hardware this snap, and im very excited to get X working again. As soon as i can get the logs out from my pen drive (test install on pendrive) i will submit then. Thanks for your effort. Just wondering how to get dual booten with Win10 =) Regards/Saludos.- Leonardo Santagostini <http://ar.linkedin.com/in/santagostini>
About HD Graphics
rev 2.00/0.00 addr 2 ugen0 at uhub2 port 3 Atheros Communications Bluetooth USB Host Controller rev 1.10/0.01 addr 3 ugen1 at uhub2 port 4 Generic USB2.0-CRW rev 2.00/39.60 addr 4 uhub3 at uhub1 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 uhidev0 at uhub3 port 3 configuration 1 interface 0 Primax Electronics USB Optical Mouse rev 2.00/2.00 addr 3 uhidev0: iclass 3/1 ums0 at uhidev0: 3 buttons, Z dir wsmouse1 at ums0 mux 0 run0 at uhub3 port 4 Linksys Linksys WUSB600N Wireless-N USB Network Adapter with Dual-Band ver. 2 rev 2.00/1.01 addr 4 run0: MAC/BBP RT3572 (rev 0x0223), RF RT3052 (MIMO 2T2R), address 98:fc:11:e0:59:0a uvideo0 at uhub3 port 6 configuration 1 interface 0 Vimicro Corp. Lenovo EasyCamera rev 2.00/39.55 addr 5 video0 at uvideo0 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on sd0a (e6bde91fd35dc49f.a) swap on sd0b dump on sd0b ugen0 detached ugen1 detached uhub2 detached uhub0 detached wsmouse1 detached ums0 detached uhidev0 detached run0 detached video0 detached uvideo0 detached uhub3 detached uhub1 detached uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 uhub2 at uhub0 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 ugen0 at uhub2 port 3 Atheros Communications Bluetooth USB Host Controller rev 1.10/0.01 addr 3 ugen1 at uhub2 port 4 Generic USB2.0-CRW rev 2.00/39.60 addr 4 uhub3 at uhub1 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 uhidev0 at uhub3 port 3 configuration 1 interface 0 Primax Electronics USB Optical Mouse rev 2.00/2.00 addr 3 uhidev0: iclass 3/1 ums0 at uhidev0: 3 buttons, Z dir wsmouse1 at ums0 mux 0 run0 at uhub3 port 4 Linksys Linksys WUSB600N Wireless-N USB Network Adapter with Dual-Band ver. 2 rev 2.00/1.01 addr 4 run0: MAC/BBP RT3572 (rev 0x0223), RF RT3052 (MIMO 2T2R), address 98:fc:11:e0:59:0a uvideo0 at uhub3 port 6 configuration 1 interface 0 Vimicro Corp. Lenovo EasyCamera rev 2.00/39.55 addr 5 video0 at uvideo0 umass0 at uhub2 port 2 configuration 1 interface 0 Kingston DataTraveler 2.0 rev 2.00/1.00 addr 5 umass0: using SCSI over Bulk-Only scsibus4 at umass0: 2 targets, initiator 0 sd1 at scsibus4 targ 1 lun 0: Kingston, DataTraveler 2.0, 1.00 SCSI2 0/direct removable serial.09306544CE51D95769B7 sd1: 7396MB, 512 bytes/sector, 15148608 sectors Thank you very much Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini
Re: OpenBSD 5.6 - amd64 on Lenovo G480
Yup, il install 5.5 again and will wait to 5.7 maybe will work in 5.7 Regards and thanks! Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2014-12-15 2:10 GMT-03:00 bodie bodz...@openbsd.cz: On 15.12.2014 04:46, Leonardo Santagostini wrote: Hello bodie, Tried snapshot with same results. Mmm I have similar crap at home. Lenovo G580 model 20150. I would be surprised if anything behind Windows and Linux (with a lot of complications as I found) will be running properly here. One of those - hey we propagate this inside, but in fact there's this inside secretely hidden :-) --- dmesg --- Dec 14 20:14:41 notleo syslogd: start Dec 14 20:14:41 notleo /bsd: OpenBSD 5.6-current (RAMDISK_CD) #631: Sun Dec 14 10:45:08 MST 2014 Dec 14 20:14:41 notleo /bsd: dera...@amd64.openbsd.org: /usr/src/sys/arch/amd64/compile/RAMDISK_CD Dec 14 20:14:41 notleo /bsd: RTC BIOS diagnostic error 80clock_battery Dec 14 20:14:41 notleo /bsd: real mem = 4138713088 (3946MB) Dec 14 20:14:41 notleo /bsd: avail mem = 4026851328 (3840MB) Dec 14 20:14:41 notleo /bsd: mainbus0 at root Dec 14 20:14:41 notleo /bsd: bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe6fd0 (59 entries) Dec 14 20:14:41 notleo /bsd: bios0: vendor LENOVO version 5ECN95WW(V9.00) date 12/19/2012 Dec 14 20:14:41 notleo /bsd: bios0: LENOVO 20150 Dec 14 20:14:41 notleo /bsd: acpi0 at bios0: rev 2 Dec 14 20:14:41 notleo /bsd: acpi0: sleep states S0 S3 S4 S5 Dec 14 20:14:41 notleo /bsd: acpi0: tables DSDT FACP SLIC UEFI ASF! HPET APIC MCFG SSDT BOOT ASPT DBGP FPDT MSDM SSDT SSDT Dec 14 20:14:41 notleo /bsd: acpimadt0 at acpi0 addr 0xfee0: PC-AT compat Dec 14 20:14:41 notleo /bsd: cpu0 at mainbus0: apid 0 (boot processor) Dec 14 20:14:41 notleo /bsd: cpu0: Intel(R) Pentium(R) CPU B980 @ 2.40GHz, 2394.92 MHz Dec 14 20:14:41 notleo /bsd: cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA, CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM, PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16, xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE, NXE,LONG,LAHF,PERF,ITSC Dec 14 20:14:41 notleo /bsd: cpu0: 256KB 64b/line 8-way L2 cache Dec 14 20:14:41 notleo /bsd: cpu0: apic clock running at 99MHz Dec 14 20:14:41 notleo /bsd: cpu at mainbus0: not configured Dec 14 20:14:41 notleo /bsd: ioapic0 at mainbus0: apid 0 pa 0xfec0, version 20, 24 pins Dec 14 20:14:41 notleo /bsd: acpiprt0 at acpi0: bus 0 (PCI0) Dec 14 20:14:41 notleo /bsd: acpiprt1 at acpi0: bus -1 (P0P1) Dec 14 20:14:41 notleo /bsd: acpiprt2 at acpi0: bus 1 (RP01) Dec 14 20:14:41 notleo /bsd: acpiprt3 at acpi0: bus 2 (RP02) Dec 14 20:14:41 notleo /bsd: acpiprt4 at acpi0: bus -1 (RP03) Dec 14 20:14:41 notleo /bsd: acpiprt5 at acpi0: bus -1 (RP04) Dec 14 20:14:41 notleo /bsd: acpiprt6 at acpi0: bus -1 (RP05) Dec 14 20:14:41 notleo /bsd: acpiprt7 at acpi0: bus -1 (RP06) Dec 14 20:14:41 notleo /bsd: acpiprt8 at acpi0: bus -1 (RP07) Dec 14 20:14:41 notleo /bsd: acpiprt9 at acpi0: bus -1 (RP08) Dec 14 20:14:41 notleo /bsd: acpiprt10 at acpi0: bus -1 (PEG0) Dec 14 20:14:42 notleo /bsd: acpiprt11 at acpi0: bus -1 (PEG1) Dec 14 20:14:43 notleo /bsd: acpiprt12 at acpi0: bus -1 (PEG2) Dec 14 20:14:43 notleo /bsd: acpiprt13 at acpi0: bus -1 (PEG3) Dec 14 20:14:43 notleo /bsd: pci0 at mainbus0 bus 0 Dec 14 20:14:43 notleo /bsd: pchb0 at pci0 dev 0 function 0 Intel Core 2G Host rev 0x09 Dec 14 20:14:43 notleo /bsd: vga1 at pci0 dev 2 function 0 Intel HD Graphics 2000 rev 0x09 Dec 14 20:14:43 notleo /bsd: wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) Dec 14 20:14:43 notleo /bsd: xhci0 at pci0 dev 20 function 0 Intel 7 Series xHCI rev 0x04: msi Dec 14 20:14:43 notleo /bsd: usb0 at xhci0: USB revision 3.0 Dec 14 20:14:43 notleo /bsd: uhub0 at usb0 Intel xHCI root hub rev 3.00/1.00 addr 1 Dec 14 20:14:43 notleo /bsd: Intel 7 Series MEI rev 0x04 at pci0 dev 22 function 0 not configured Dec 14 20:14:43 notleo /bsd: ehci0 at pci0 dev 26 function 0 Intel 7 Series USB rev 0x04: apic 0 int 16 Dec 14 20:14:43 notleo /bsd: ehci0: timed out waiting for BIOS Dec 14 20:14:43 notleo /bsd: usb1 at ehci0: USB revision 2.0 Dec 14 20:14:43 notleo /bsd: uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 Dec 14 20:14:43 notleo /bsd: Intel 7 Series HD Audio rev 0x04 at pci0 dev 27 function 0 not configured Dec 14 20:14:43 notleo /bsd: ppb0 at pci0 dev 28 function 0 Intel 7 Series PCIE rev 0xc4: msi Dec 14 20:14:43 notleo /bsd: pci1 at ppb0 bus 1 Dec 14 20:14:43 notleo /bsd: Attansic Technology AR8162 rev 0x10 at pci1 dev 0 function 0 not configured Dec 14 20:14:43 notleo /bsd: ppb1 at pci0 dev 28 function 1 Intel 7 Series PCIE rev 0xc4: msi Dec 14 20:14:44 notleo /bsd: pci2 at ppb1 bus 2 Dec 14 20:14:44 notleo /bsd: Atheros AR9485 rev 0x01 at pci2 dev 0 function 0 not configured Dec 14 20:14:44 notleo /bsd: ehci1 at pci0 dev 29 function 0 Intel 7 Series USB rev 0x04: apic 0 int 23 Dec
Re: OpenBSD 5.6 - amd64 on Lenovo G480
Hello bodie, ill try -current snapshot today at nigth and let you know the results. Thanks for the reply =) Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2014-12-14 4:59 GMT-03:00 bodie bodz...@openbsd.cz: On 13.12.2014 15:47, Leonardo Santagostini wrote: Ok, thanks all for reply me. Situation Fresh New Install. 5.6 Release. OpenBsd Installed fine. Logged in as root - startx - blank screen. I have to press CTRL+ALT+F1 to get console(blank) close the lid - suspend the machine - open the lid - on console again. Done my homework Not yet. Did you try -current snapshot? ;-) --- DMESG --- OpenBSD 5.6 (RAMDISK_CD) #303: Fri Aug 8 00:25:26 MDT 2014 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD RTC BIOS diagnostic error 80clock_battery real mem = 4138713088 (3946MB) avail mem = 4023148544 (3836MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe6fd0 (59 entries) bios0: vendor LENOVO version 5ECN95WW(V9.00) date 12/19/2012 bios0: LENOVO 20150 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SLIC UEFI ASF! HPET APIC MCFG SSDT BOOT ASPT DBGP FPDT MSDM SSDT SSDT acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Pentium(R) CPU B980 @ 2.40GHz, 2203.97 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA, CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM, PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16, xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE, NXE,LONG,LAHF,PERF,ITSC cpu0: 256KB 64b/line 8-way L2 cache cpu0: apic clock running at 99MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 0 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P1) acpiprt2 at acpi0: bus 1 (RP01) acpiprt3 at acpi0: bus 2 (RP02) acpiprt4 at acpi0: bus -1 (RP03) acpiprt5 at acpi0: bus -1 (RP04) acpiprt6 at acpi0: bus -1 (RP05) acpiprt7 at acpi0: bus -1 (RP06) acpiprt8 at acpi0: bus -1 (RP07) acpiprt9 at acpi0: bus -1 (RP08) acpiprt10 at acpi0: bus -1 (PEG0) acpiprt11 at acpi0: bus -1 (PEG1) acpiprt12 at acpi0: bus -1 (PEG2) acpiprt13 at acpi0: bus -1 (PEG3) pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel Core 2G Host rev 0x09 vga1 at pci0 dev 2 function 0 Intel HD Graphics 2000 rev 0x09 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) Intel 7 Series xHCI rev 0x04 at pci0 dev 20 function 0 not configured Intel 7 Series MEI rev 0x04 at pci0 dev 22 function 0 not configured ehci0 at pci0 dev 26 function 0 Intel 7 Series USB rev 0x04: apic 0 int 16 ehci0: timed out waiting for BIOS usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 Intel 7 Series HD Audio rev 0x04 at pci0 dev 27 function 0 not configured ppb0 at pci0 dev 28 function 0 Intel 7 Series PCIE rev 0xc4: msi pci1 at ppb0 bus 1 Attansic Technology AR8162 rev 0x10 at pci1 dev 0 function 0 not configured ppb1 at pci0 dev 28 function 1 Intel 7 Series PCIE rev 0xc4: msi pci2 at ppb1 bus 2 Atheros AR9485 rev 0x01 at pci2 dev 0 function 0 not configured ehci1 at pci0 dev 29 function 0 Intel 7 Series USB rev 0x04: apic 0 int 23 ehci1: timed out waiting for BIOS usb1 at ehci1: USB revision 2.0 uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 Intel HM76 LPC rev 0x04 at pci0 dev 31 function 0 not configured ahci0 at pci0 dev 31 function 2 Intel 7 Series AHCI rev 0x04: msi, AHCI 1.3 scsibus0 at ahci0: 32 targets sd0 at scsibus0 targ 0 lun 0: ATA, ST1000LM024 HN-M, 2AR1 SCSI3 0/direct fixed naa.50004cf20a2e7a39 sd0: 953869MB, 512 bytes/sector, 1953525168 sectors cd0 at scsibus0 targ 2 lun 0: PLDS, DVD-RW DS8A8SH, KL31 ATAPI 5/cdrom removable Intel 7 Series SMBus rev 0x04 at pci0 dev 31 function 3 not configured isa0 at mainbus0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 uhub2 at uhub0 port 1 vendor 0x8087 product 0x0024 rev 2.00/0.00 addr 2 umass0 at uhub2 port 2 configuration 1 interface 0 Kingston DataTraveler 2.0 rev 2.00/1.00 addr 3 umass0: using SCSI over Bulk-Only scsibus1 at umass0: 2 targets, initiator 0 sd1 at scsibus1 targ 1 lun 0: Kingston, DataTraveler 2.0, 1.00 SCSI2 0/direct removable serial.09306544CE51C98D948F sd1: 7396MB, 512 bytes/sector, 15148608 sectors Atheros Communications Bluetooth USB Host Controller rev 1.10/0.01 addr 4 at uhub2 port 3 not configured Generic USB2.0-CRW rev 2.00/39.60 addr 5 at uhub2 port 4 not configured uhub3 at uhub1 port 1 vendor 0x8087 product 0x0024 rev 2.00/0.00 addr 2 uhidev0 at uhub3 port 3 configuration 1 interface 0 vendor 0x0461 USB Optical Mouse rev 2.00/2.00 addr 3 uhidev0: iclass 3/1 uhid at uhidev0 not configured run0 at uhub3 port 4 Linksys Linksys WUSB600N Wireless-N USB Network Adapter with Dual-Band ver. 2 rev 2.00
Re: OpenBSD 5.6 - amd64 on Lenovo G480
Hi Zoran thanks for the reposnse. I dont have the option to lower or raise the memory asigned for video in my BIOS. I have a few options regarding working mode for hard disk, and setting optimized for W8 and Other OS But, on 5.5 i was able to work on the same notebook without issues. Best regards ! Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2014-12-14 12:30 GMT-03:00 Zoran Kolic zko...@sbb.rs: If it is intel 2000, it should work, just as on my current right now. To have it on, I had to go to bios and lower how much memory I set for graphics. It might not be your case, but nothing stops you to try out. Best regards Zoran
Re: OpenBSD 5.6 - amd64 on Lenovo G480
Hello bodie, Tried snapshot with same results. --- dmesg --- Dec 14 20:14:41 notleo syslogd: start Dec 14 20:14:41 notleo /bsd: OpenBSD 5.6-current (RAMDISK_CD) #631: Sun Dec 14 10:45:08 MST 2014 Dec 14 20:14:41 notleo /bsd: dera...@amd64.openbsd.org: /usr/src/sys/arch/amd64/compile/RAMDISK_CD Dec 14 20:14:41 notleo /bsd: RTC BIOS diagnostic error 80clock_battery Dec 14 20:14:41 notleo /bsd: real mem = 4138713088 (3946MB) Dec 14 20:14:41 notleo /bsd: avail mem = 4026851328 (3840MB) Dec 14 20:14:41 notleo /bsd: mainbus0 at root Dec 14 20:14:41 notleo /bsd: bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe6fd0 (59 entries) Dec 14 20:14:41 notleo /bsd: bios0: vendor LENOVO version 5ECN95WW(V9.00) date 12/19/2012 Dec 14 20:14:41 notleo /bsd: bios0: LENOVO 20150 Dec 14 20:14:41 notleo /bsd: acpi0 at bios0: rev 2 Dec 14 20:14:41 notleo /bsd: acpi0: sleep states S0 S3 S4 S5 Dec 14 20:14:41 notleo /bsd: acpi0: tables DSDT FACP SLIC UEFI ASF! HPET APIC MCFG SSDT BOOT ASPT DBGP FPDT MSDM SSDT SSDT Dec 14 20:14:41 notleo /bsd: acpimadt0 at acpi0 addr 0xfee0: PC-AT compat Dec 14 20:14:41 notleo /bsd: cpu0 at mainbus0: apid 0 (boot processor) Dec 14 20:14:41 notleo /bsd: cpu0: Intel(R) Pentium(R) CPU B980 @ 2.40GHz, 2394.92 MHz Dec 14 20:14:41 notleo /bsd: cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,NXE,LONG,LAHF,PERF,ITSC Dec 14 20:14:41 notleo /bsd: cpu0: 256KB 64b/line 8-way L2 cache Dec 14 20:14:41 notleo /bsd: cpu0: apic clock running at 99MHz Dec 14 20:14:41 notleo /bsd: cpu at mainbus0: not configured Dec 14 20:14:41 notleo /bsd: ioapic0 at mainbus0: apid 0 pa 0xfec0, version 20, 24 pins Dec 14 20:14:41 notleo /bsd: acpiprt0 at acpi0: bus 0 (PCI0) Dec 14 20:14:41 notleo /bsd: acpiprt1 at acpi0: bus -1 (P0P1) Dec 14 20:14:41 notleo /bsd: acpiprt2 at acpi0: bus 1 (RP01) Dec 14 20:14:41 notleo /bsd: acpiprt3 at acpi0: bus 2 (RP02) Dec 14 20:14:41 notleo /bsd: acpiprt4 at acpi0: bus -1 (RP03) Dec 14 20:14:41 notleo /bsd: acpiprt5 at acpi0: bus -1 (RP04) Dec 14 20:14:41 notleo /bsd: acpiprt6 at acpi0: bus -1 (RP05) Dec 14 20:14:41 notleo /bsd: acpiprt7 at acpi0: bus -1 (RP06) Dec 14 20:14:41 notleo /bsd: acpiprt8 at acpi0: bus -1 (RP07) Dec 14 20:14:41 notleo /bsd: acpiprt9 at acpi0: bus -1 (RP08) Dec 14 20:14:41 notleo /bsd: acpiprt10 at acpi0: bus -1 (PEG0) Dec 14 20:14:42 notleo /bsd: acpiprt11 at acpi0: bus -1 (PEG1) Dec 14 20:14:43 notleo /bsd: acpiprt12 at acpi0: bus -1 (PEG2) Dec 14 20:14:43 notleo /bsd: acpiprt13 at acpi0: bus -1 (PEG3) Dec 14 20:14:43 notleo /bsd: pci0 at mainbus0 bus 0 Dec 14 20:14:43 notleo /bsd: pchb0 at pci0 dev 0 function 0 Intel Core 2G Host rev 0x09 Dec 14 20:14:43 notleo /bsd: vga1 at pci0 dev 2 function 0 Intel HD Graphics 2000 rev 0x09 Dec 14 20:14:43 notleo /bsd: wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) Dec 14 20:14:43 notleo /bsd: xhci0 at pci0 dev 20 function 0 Intel 7 Series xHCI rev 0x04: msi Dec 14 20:14:43 notleo /bsd: usb0 at xhci0: USB revision 3.0 Dec 14 20:14:43 notleo /bsd: uhub0 at usb0 Intel xHCI root hub rev 3.00/1.00 addr 1 Dec 14 20:14:43 notleo /bsd: Intel 7 Series MEI rev 0x04 at pci0 dev 22 function 0 not configured Dec 14 20:14:43 notleo /bsd: ehci0 at pci0 dev 26 function 0 Intel 7 Series USB rev 0x04: apic 0 int 16 Dec 14 20:14:43 notleo /bsd: ehci0: timed out waiting for BIOS Dec 14 20:14:43 notleo /bsd: usb1 at ehci0: USB revision 2.0 Dec 14 20:14:43 notleo /bsd: uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 Dec 14 20:14:43 notleo /bsd: Intel 7 Series HD Audio rev 0x04 at pci0 dev 27 function 0 not configured Dec 14 20:14:43 notleo /bsd: ppb0 at pci0 dev 28 function 0 Intel 7 Series PCIE rev 0xc4: msi Dec 14 20:14:43 notleo /bsd: pci1 at ppb0 bus 1 Dec 14 20:14:43 notleo /bsd: Attansic Technology AR8162 rev 0x10 at pci1 dev 0 function 0 not configured Dec 14 20:14:43 notleo /bsd: ppb1 at pci0 dev 28 function 1 Intel 7 Series PCIE rev 0xc4: msi Dec 14 20:14:44 notleo /bsd: pci2 at ppb1 bus 2 Dec 14 20:14:44 notleo /bsd: Atheros AR9485 rev 0x01 at pci2 dev 0 function 0 not configured Dec 14 20:14:44 notleo /bsd: ehci1 at pci0 dev 29 function 0 Intel 7 Series USB rev 0x04: apic 0 int 23 Dec 14 20:14:44 notleo /bsd: ehci1: timed out waiting for BIOS Dec 14 20:14:44 notleo /bsd: usb2 at ehci1: USB revision 2.0 Dec 14 20:14:44 notleo /bsd: uhub2 at usb2 Intel EHCI root hub rev 2.00/1.00 addr 1 Dec 14 20:14:44 notleo /bsd: Intel HM76 LPC rev 0x04 at pci0 dev 31 function 0 not configured Dec 14 20:14:44 notleo /bsd: ahci0 at pci0 dev 31 function 2 Intel 7 Series AHCI rev 0x04: msi, AHCI 1.3 Dec 14 20:14:44 notleo /bsd: scsibus0 at ahci0: 32 targets Dec 14 20:14:44 notleo /bsd: sd0 at scsibus0 targ 0 lun 0: ATA, ST1000LM024 HN-M, 2AR1 SCSI3 0/direct fixed naa.50004cf20a2e7a39 Dec 14 20:14:44 notleo /bsd: sd0: 953869MB, 512 bytes/sector, 1953525168
Re: OpenBSD 5.6 - amd64 on Lenovo G480
) 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 3979 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 0b Min Gnt: 00 Max Lat: 00 0x0040: Capability 0x01: Power Management 0x0058: Capability 0x10: PCI Express Link Speed: 2.5 / 2.5 GT/s Link Width: x1 / x1 0x00c0: Capability 0x05: Message Signaled Interrupts (MSI) 0x00d8: Capability 0x11: Extended Message Signaled Interrupts (MSI-X) 2:0:0: Atheros AR9485 0x: Vendor ID: 168c Product ID: 0032 0x0004: Command: 0007 Status: 0010 0x0008: Class: 02 Subclass: 80 Interface: 00 Revision: 01 0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size: 10 0x0010: BAR mem 64bit addr: 0xe040/0x0008 0x0018: BAR empty () 0x001c: BAR empty () 0x0020: BAR empty () 0x0024: BAR empty () 0x0028: Cardbus CIS: 0x002c: Subsystem Vendor ID: 17aa Product ID: 3218 0x0030: Expansion ROM Base Address: 0x0038: 0x003c: Interrupt Pin: 01 Line: 0a Min Gnt: 00 Max Lat: 00 0x0040: Capability 0x01: Power Management 0x0050: Capability 0x05: Message Signaled Interrupts (MSI) 0x0070: Capability 0x10: PCI Express Link Speed: 2.5 / 2.5 GT/s Link Width: x1 / x1 After enabling machdep.allowaperture as xorg.0.log says, it still haappening the same behaviour. Regards, Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2014-12-12 9:29 GMT-03:00 Ville Valkonen weezeld...@gmail.com: On 12 December 2014 at 03:50, Leonardo Santagostini lsantagost...@gmail.com wrote: Hello @misc, This mail is regarding about issues that im facing after doing a fresh install of 5.6 RELEASE and snapshot on my latptop The point is that after installing sucessfully i am trying to start X but screen goes black. The only way i have to go to console is pressing CTRL+ALT+F1 after lid close, suspend and resume. Just wanting to know what is the best way i can help you regarding this. i know sending: 1) dmesg 2) x.org.log Is ok, but i have no idea what else could help. So, please, just let me know what else is needed, so i can do my homework. (Also i tried snapshot from 12/08 but an libc version problem appears when x starts) Regards, Leonardo Santagostini http://ar.linkedin.com/in/santagostini Hello Leonardo, have you done fw_update -v ? Hard to say if it's needed since you didn't include the dmesg. -- Regards, Ville Valkonen
OpenBSD 5.6 - amd64 on Lenovo G480
Hello @misc, This mail is regarding about issues that im facing after doing a fresh install of 5.6 RELEASE and snapshot on my latptop The point is that after installing sucessfully i am trying to start X but screen goes black. The only way i have to go to console is pressing CTRL+ALT+F1 after lid close, suspend and resume. Just wanting to know what is the best way i can help you regarding this. i know sending: 1) dmesg 2) x.org.log Is ok, but i have no idea what else could help. So, please, just let me know what else is needed, so i can do my homework. (Also i tried snapshot from 12/08 but an libc version problem appears when x starts) Regards, Leonardo Santagostini http://ar.linkedin.com/in/santagostini
RS/600 install
Hello @misc, yesterday at work i've found an RS/6000 Model 140 http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=ddsubtype=smhtmlfid=897/ENUS7043-140 so, i was wondering how about installing release 5.5 macppc on it. Just want to know if somebody try it and if you have some clue on installation/configuration. Regards, Leonardo Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini
Re: RS/600 install
Thank yo very much for your feedback. =) Kind regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2014-10-28 17:16 GMT-03:00 Peter Kay syllops...@syllopsium.co.uk: If I remember correctly that's a PReP model, the PowerPC Reference Platform. You might be able to get NetBSD running on it, Windows NT and if you're a masochist, possibly OS/2 PPC... (Plus AIX, of course) On 28 October 2014 14:40:09 GMT+00:00, David Coppa dco...@gmail.com wrote: On Tue, Oct 28, 2014 at 3:36 PM, Leonardo Santagostini lsantagost...@gmail.com wrote: Hello @misc, yesterday at work i've found an RS/6000 Model 140 http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=ddsubtype=smhtmlfid=897/ENUS7043-140 so, i was wondering how about installing release 5.5 macppc on it. Just want to know if somebody try it and if you have some clue on installation/configuration. Unsupported powerpc architecture. It's not a macppc. Ciao, David -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Strange behaviour with X
(type: MOUSE, id 8) [38.627] (**) /dev/wsmouse: (accel) keeping acceleration scheme 1 [38.627] (**) /dev/wsmouse: (accel) acceleration profile 0 [38.627] (**) /dev/wsmouse: (accel) acceleration factor: 2.000 [38.627] (**) /dev/wsmouse: (accel) acceleration threshold: 4 [ 307.465] (II) intel(0): EDID vendor SEC, prod id 17740 [ 307.465] (II) intel(0): Printing DDC gathered Modelines: [ 307.465] (II) intel(0): Modeline 1366x768x0.0 75.17 1366 1414 1446 1586 768 770 775 790 -hsync -vsync (47.4 kHz eP) [ 2156.685] [mi] Increasing EQ size to 512 to prevent dropped events. [ 2181.040] (II) AIGLX: Suspending AIGLX clients for VT switch [ 2192.890] (II) AIGLX: Resuming AIGLX clients after VT switch [ 2192.890] (II) intel(0): switch to mode 1366x768@60.0 on LVDS1 using pipe 0, position (0, 0), rotation normal, reflection none Thanks for the work, im a happy user since 5.4 (when i discovered OpenBSD) !!! Regards / Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini
Re: Pidgin/Lync success stories?
Ok, here i go, i downloaded pidgin from original web and sipe from their web too. This procedure does not adjust to the procedures folllowed by openbsd but, its valid to get pidgin / sipe working =) Pidgin pidgin-2.10.9 from https://pidgin.im/download/ Sipe 1.18.2 from http://sourceforge.net/projects/sipe/files/sipe/pidgin-sipe-1.18.2/pidgin-sip e-1.18.2.tar.gz/download For making pidgin: $ ./configure --disable-farstream --disable-vv --disable-nm --with-nss --with-openssl --disable-tcl $ gmake $ sudo gmake install (you can tune your installation with prefix env) For making sipe $ ./configure --enable-openssl --enable-nss --enable-debug $ gmake $ sudo gmake install (you can tune your installation with prefix env) HTH Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2014-09-27 14:34 GMT-03:00 Leonardo Santagostini lsantagost...@gmail.com: Later i will write the issue. But is before openssl/libressl switch and its related to use nss libs instead ssl. And pidgin is ssilently refusing server certs. But later i will write it more deeper with some debug. I have pidgin / sipe working without issues Regards El sep 27, 2014 1:37 p.m., Alexander Hall alexan...@beard.se escribió: On 09/26/14 11:55, Mattieu Baptiste wrote: On Fri, Sep 26, 2014 at 10:49 AM, Alexander Hall alexan...@beard.se mailto:alexan...@beard.se wrote: Hi! I'm trying to set up Pidgin to talk to our Lync servers at work, but it seems somewhere after (or in) the TLS handshaking, it just stops, and eventually times out. I installed the pidgin-sipe package and I'm using the 'office communicator' protocol. On a Debian box on the side, with the same settings, I don't have this issue. Can someone please share success stories, non-success stories, or useful hints of using Pidgin for Lync on OpenBSD? Hi, I've also failed at using Pidgin with Office 365. I tried different settings with the pidgin-sipe port, without success. I found a workaround with chrome (+ extension to change the user-agent) and Outlook web access. It let me use the Lync web client. Just to rule one possibiliy out... Was this before or after the separation from upstream openssl? /Alexander Regards, -- Mattieu Baptiste /earth is 102% full ... please delete anyone you can.
Re: Pidgin/Lync success stories?
Later i will write the issue. But is before openssl/libressl switch and its related to use nss libs instead ssl. And pidgin is ssilently refusing server certs. But later i will write it more deeper with some debug. I have pidgin / sipe working without issues Regards El sep 27, 2014 1:37 p.m., Alexander Hall alexan...@beard.se escribió: On 09/26/14 11:55, Mattieu Baptiste wrote: On Fri, Sep 26, 2014 at 10:49 AM, Alexander Hall alexan...@beard.se mailto:alexan...@beard.se wrote: Hi! I'm trying to set up Pidgin to talk to our Lync servers at work, but it seems somewhere after (or in) the TLS handshaking, it just stops, and eventually times out. I installed the pidgin-sipe package and I'm using the 'office communicator' protocol. On a Debian box on the side, with the same settings, I don't have this issue. Can someone please share success stories, non-success stories, or useful hints of using Pidgin for Lync on OpenBSD? Hi, I've also failed at using Pidgin with Office 365. I tried different settings with the pidgin-sipe port, without success. I found a workaround with chrome (+ extension to change the user-agent) and Outlook web access. It let me use the Lync web client. Just to rule one possibiliy out... Was this before or after the separation from upstream openssl? /Alexander Regards, -- Mattieu Baptiste /earth is 102% full ... please delete anyone you can.
Re: CARP cluster: howto keep pf.conf in sync?
Maybe puppet? Regards El jul 29, 2014 12:08 a.m., Nick Holland n...@holland-consulting.net escribió: On 07/28/14 07:50, Peus, Christoph wrote: Hi all, is there a standard or recommended way to keep the pf.conf on the CARP cluster members in sync? Thanks! No one standard or recommended way, but lots of ideas, as you can see. Here's mine, but for the moment, I'll leave you to develop the script. My design philosophy: 1) No additional hw, other than the two firewalls. 2) EITHER machine should be able to act as master. 3) EITHER machine should be able to provide all the info to rebuild the failed machine. 4) Change control is good, just not how managers usually like to implement it. 5) uses no other packages (rsync to move pf.conf around? I don't think that's needed) So... I wrote a relatively simple little script which * Figures out which the other machine is * does a diff -u of the changes between the local machine and the other machine (assuming the other machine is the old config) * Displays the diff to the user, and asks you to explain the change. * records the diff and your explanation to a file with a date and time stamp as a file name into a change log directory. * copies the pf.conf and the change log file to the corresponding directory in the other machine. * pfctl -f /etc/pf.conf's the other machine. So...you make a change on one box (EITHER!), test it, when satisified, you run the sync script. It compares the changed file to the other system, shows you the diff, and you can: 1) comment it and save it to both 2) Realize you made a typo, and deleted something you didn't intend to or fat-fingered something you didn't intend to, fix. 3) Realize that you made some other changes that weren't sync'd on either machine 4) etc. The script is identical between machines, so if you lose EITHER firewall, the other can be used to rebuild the missing system, including the history. If something goes horribly wrong, you just dig out the history file, and revert the change. If something goes horribly wrong before you sync it, log into the other firewall, and push the changes back. Wonder why a rule is in the firewall? Look back through the change log and read the comments. I've done the same thing with DNS zone files and config files, (in my opinion) better than the BIND master/slave model -- set up each node as a master, and sync the data through scripts like this. Nick.
Re: Thanks for ACPI
Hello all, just to add that its true !!! In my notebook also ACPI and two finger its working perfectly. Theo the way you define windows, linux and openbsd is brilliant. I will pass these words to my work colleagues =) Thank you for doing what you do. Its simply working !!! And simpler that the other OSes Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2014-06-24 22:14 GMT-03:00 Theo de Raadt dera...@cvs.openbsd.org: It's funny to me that NO power saving features work in Windows 8, nor 2 finger scrolling on the trackpad. It's a funny world, here's how, let me explain the road map for you: In 1 year, Windows will work worse on that particular laptop. In 2 years, it will be expired. In 4 years, it will barely work. That is a result of chasing new sales. In 1 year, OpenBSD will work better on that laptop. In 2 years, it will be work even better. In about 4 years, it will work as well, but the decline will start because our developers will move on. That is an aspect of minimal refinement, not chasing the curve. In 1 year, Linux might work better. In 2 years, it will not work well. But hey, don't take my word for me. Ask the net. They'll set me straight, and they'll set you straight. I don't know what they are chasing. Maybe it is the same as the first. Really, honestly, I don't have a clue what they are chasing.
Ethernet port on Lenovo G480
: PLDS, DVD-RW DS8A8SH, KL31 ATAPI 5/cdrom removable wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 7 Series SMBus rev 0x04: apic 0 int 19 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 4GB DDR3 SDRAM PC3-12800 SO-DIMM pciide1 at pci0 dev 31 function 5 Intel 7 Series SATA rev 0x04: DMA (unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI pciide1: using apic 0 int 21 for native-PCI interrupt pciide1: channel 0 ignored (not responding; disabled or no drives?) pciide1: channel 1 ignored (not responding; disabled or no drives?) isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pms0: Synaptics touchpad, firmware 7.5 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 uhub2 at uhub0 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 ugen0 at uhub2 port 3 Atheros Communications Bluetooth USB Host Controller rev 1.10/0.01 addr 3 ugen1 at uhub2 port 4 Generic USB2.0-CRW rev 2.00/39.60 addr 4 uhub3 at uhub1 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 run0 at uhub3 port 4 Linksys Linksys WUSB600N Wireless-N USB Network Adapter with Dual-Band ver. 2 rev 2.00/1.01 addr 3 run0: MAC/BBP RT3572 (rev 0x0223), RF RT3052 (MIMO 2T2R), address 98:fc:11:e0:59:0a uvideo0 at uhub3 port 6 configuration 1 interface 0 Vimicro Corp. Lenovo EasyCamera rev 2.00/39.55 addr 4 video0 at uvideo0 vscsi0 at root scsibus1 at vscsi0: 256 targets softraid0 at root scsibus2 at softraid0: 256 targets root on wd0a (6402310bd91d2df0.a) swap on wd0b dump on wd0b Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini
Re: carp+pfsync+relayd question
Hello list, painfully i had to migrate the relayd service to a linux boxes with piranha until find the issue that caused relayd exit unexpectedly. So if someone want to make some smoke test to find the issue, please tellme. Best regads, Leonardo Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Leonardo Santagostini lsantagost...@gmail.com Hello all, unfortunally i have to setup a cron entry that bounce relayd. Here the log that show how relayd stopped working Nov 18 18:34:55 v-arcbabalancer01 relayd[20347]: relay relay5, session 1961 (54 active), 0, 200.16.99.232 - 172.19.224.71:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[28629]: relay relay4, session 1959 (40 active), 0, 201.251.221.57 - 172.19.224.72:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[13074]: relay relay4, session 1990 (61 active), 0, 190.189.189.171 - 172.19.224.70:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[24546]: relay exiting, pid 24546 Nov 18 18:34:55 v-arcbabalancer01 relayd[13924]: relay relay4, session 1883 (43 active), 0, 190.228.28.250 - :0, buffer event timeout Nov 18 18:34:55 v-arcbabalancer01 relayd[27128]: relay relay4, session 2063 (49 active), 0, 201.255.217.232 - 172.19.224.71:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[24551]: pfe exiting, pid 24551 Nov 18 18:34:55 v-arcbabalancer01 relayd[3602]: hce exiting, pid 3602 Nov 18 18:34:55 v-arcbabalancer01 relayd[13924]: relay relay4, session 1964 (43 active), 0, 190.12.181.160 - 172.19.224.73:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[17688]: relay relay4, session 2080 (49 active), 0, 186.126.250.165 - 172.19.224.72:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[28629]: relay relay5, session 1891 (39 active), 0, 190.179.204.226 - :0, buffer event timeout Nov 18 18:34:55 v-arcbabalancer01 relayd[28629]: relay relay4, session 1962 (39 active), 0, 190.189.189.171 - 172.19.224.70:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[22840]: relay exiting, pid 22840 Nov 18 18:34:55 v-arcbabalancer01 relayd[5545]: relay exiting, pid 5545 Nov 18 18:34:55 v-arcbabalancer01 relayd[1089]: relay exiting, pid 1089 Nov 18 18:34:55 v-arcbabalancer01 relayd[28629]: relay exiting, pid 28629 Nov 18 18:34:55 v-arcbabalancer01 relayd[857]: relay exiting, pid 857 Nov 18 18:34:55 v-arcbabalancer01 relayd[27128]: relay exiting, pid 27128 Nov 18 18:34:55 v-arcbabalancer01 relayd[20347]: relay exiting, pid 20347 Nov 18 18:34:55 v-arcbabalancer01 relayd[13074]: relay exiting, pid 13074 Nov 18 18:34:55 v-arcbabalancer01 relayd[7637]: relay exiting, pid 7637 Nov 18 18:34:55 v-arcbabalancer01 relayd[8449]: relay exiting, pid 8449 Nov 18 18:34:55 v-arcbabalancer01 relayd[30009]: relay exiting, pid 30009 Nov 18 18:34:55 v-arcbabalancer01 relayd[13924]: relay exiting, pid 13924 Nov 18 18:34:55 v-arcbabalancer01 relayd[4542]: relay exiting, pid 4542 Nov 18 18:34:55 v-arcbabalancer01 relayd[13505]: parent terminating, pid 13505 Nov 18 18:39:11 v-arcbabalancer01 puppet-agent[20912]: Finished catalog run in 2.59 seconds Nov 18 18:58:04 v-arcbabalancer01 relayd[9964]: startup Best regards, yours Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Leonardo Santagostini lsantagost...@gmail.com Hello Jan, thanks for answering. The point was with booting without bsd.mp, now box rebooted and showing 4 procs =) By now, all is working fine. Thank for all your support. I will keep you all informed how things are going. Best regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Jan Lambertz jd.arb...@googlemail.com qemu-kvm ...-smp sockets=2 ... solved it for me. What qemu version an build are you using ? Am 14.11.2013 18:47 schrieb Leonardo Santagostini lsantagost...@gmail.com : Thanks a lot to all, i will give it a try and gives tou you feedback as soon as it get implemented. Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Andy a...@brandwatch.com On 14/11/13 15:21, Leonardo Santagostini wrote: Hello misc, Im doing my final approach to put a production system with carp+pfsync+relayd on production. The point is that im facing some trouble setting more than one ip alias address with different vhid and different passwd. So, this is the scenario. Im trying to relayd more or less 15 sites so i have conceptual doubts. 1) is it nesessary to create one carp interface for each one of my internals VIP address 2) my understanding is that i have to work with pf on my carp interfaces. I have tried to put two different VIP's on my carp, but whitout lucky. Here is the homework. [root@server ~]# uname -a OpenBSD server.internaldomain.com 5.4 GENERIC#37 amd64 [root@server ~]# [root@server ~]# cat /etc/hostname.em0 inet 172.19.224.180 255.255.255.0 [root
Re: carp+pfsync+relayd question
Ok, thanks for all the replies. Im waiting to this situation appears to send to you the output of those commands. Thanks and regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 mxb m...@alumni.chalmers.se Output for 'pfctl -si', 'pfctl -sm' and 'sysctl -a|grep net.inet.ip.ifqâ would be hie to see. //mxb On 18 nov 2013, at 04:20, Leonardo Santagostini lsantagost...@gmail.com wrote: Sorry, looking more detailed at the logs i found this: /var/log/daemon Nov 17 18:36:12 v-arcbabalancer01 relayd[13984]: fatal: relay_connect: no connection in flight Nov 17 18:36:12 v-arcbabalancer01 relayd[22615]: pfe exiting, pid 22615 Nov 17 18:36:12 v-arcbabalancer01 relayd[31674]: hce exiting, pid 31674 Nov 17 18:36:12 v-arcbabalancer01 relayd[9082]: relay exiting, pid 9082 Nov 17 18:36:12 v-arcbabalancer01 relayd[701]: relay exiting, pid 701 Nov 17 18:36:12 v-arcbabalancer01 relayd[21358]: parent terminating, pid 21358 Nov 17 18:36:12 v-arcbabalancer01 relayd[24886]: relay exiting, pid 24886 Nov 17 18:36:12 v-arcbabalancer01 relayd[21395]: relay exiting, pid 21395 Nov 17 18:36:12 v-arcbabalancer01 relayd[13155]: relay exiting, pid 13155 Nov 17 18:36:12 v-arcbabalancer01 relayd[20557]: relay exiting, pid 20557 Nov 17 18:36:12 v-arcbabalancer01 relayd[14903]: relay exiting, pid 14903 Nov 17 18:36:12 v-arcbabalancer01 relayd[10686]: relay exiting, pid 10686 Nov 17 18:36:12 v-arcbabalancer01 relayd[17355]: relay exiting, pid 17355 Nov 17 18:36:12 v-arcbabalancer01 relayd[26908]: relay exiting, pid 26908 Nov 17 18:36:12 v-arcbabalancer01 relayd[6551]: relay exiting, pid 6551 Nov 17 18:36:12 v-arcbabalancer01 relayd[16649]: relay exiting, pid 16649 Nov 17 18:36:12 v-arcbabalancer01 relayd[2567]: relay exiting, pid 2567 Nov 17 18:36:12 v-arcbabalancer01 relayd[3159]: relay exiting, pid 3159 /var/log/messages Nov 17 18:36:12 v-arcbabalancer01 relayd[13984]: fatal: relay_connect: no connection in flight Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Leonardo Santagostini lsantagost...@gmail.com Hello everybody, i still having some issues whit relayd. Nov 17 21:01:56 v-arcbabalancer01 relayd[4252]: relay relay4, session 75 (1 active), 0, 190.51.90.22 - :0, buffer event timeout Nov 17 21:01:57 v-arcbabalancer01 relayd[12715]: relay relay4, session 97 (4 active), 0, 190.49.60.30 - :0, buffer event timeout Nov 17 21:01:58 v-arcbabalancer01 relayd[4781]: relay relay4, session 142 (3 active), 0, 190.188.18.202 - :0, buffer event timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[25332]: relay relay4, session 28 (1 active), 0, 181.29.46.36 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[12715]: relay relay4, session 55 (3 active), 0, 108.36.150.233 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[18695]: relay relay4, session 67 (3 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[13096]: relay relay5, session 73 (3 active), 0, 190.195.118.49 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[31990]: relay relay4, session 25 (1 active), 0, 186.188.178.215 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[4781]: relay relay4, session 144 (7 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[23317]: relay relay2, session 55 (5 active), 0, 181.109.7.31 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[22942]: relay relay4, session 93 (2 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[13862]: relay relay4, session 80 (3 active), 0, 190.111.231.50 - :0, hard timeout Nov 17 21:02:06 v-arcbabalancer01 relayd[19770]: relay relay4, session 92 (1 active), 0, 75.70.87.158 - :0, buffer event timeout Nov 17 21:02:08 v-arcbabalancer01 relayd[23317]: relay relay4, session 131 (5 active), 0, 190.113.173.36 - :0, buffer event timeout Nov 17 21:02:11 v-arcbabalancer01 relayd[10590]: relay relay4, session 103 (9 active), 0, 186.137.241.254 - :0, buffer event timeout Nov 17 21:02:15 v-arcbabalancer01 relayd[23317]: relay relay4, session 143 (2 active), 0, 24.232.115.134 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 101 (7 active), 0, 108.87.58.21 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 102 (6 active), 0, 108.87.58.21 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[10590]: relay relay5, session 142 (13 active), 0, 190.195.118.49 - 172.19.224.73:80http://172.19.224.73/, no method Nov 17 21:02:16 v-arcbabalancer01 relayd[10590]: relay relay4, session 114 (12 active), 0, 190.49.11.36 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 104 (5 active), 0, 190.49.11.36 - :0, buffer event timeout Nov 17 21:02:17 v-arcbabalancer01 relayd[10590
Re: carp+pfsync+relayd question
Hello list, i found something strange. By one side, cpu idle is at 0% [root@v-arcbabalancer01 ~]# vmstat 2 20 procsmemory pagediskstraps cpu r b wavm fre flt re pi po fr sr wd0 cd0 int sys cs us sy id 5 0 0 86576 1450072 845 0 0 0 0 0 0 0 152 2922 308 60 5 35 4 0 0 86668 1449976 31 0 0 0 0 0 0 0 435 4554 869 94 6 0 4 0 0 86732 1449896 14 0 0 0 0 0 0 0 425 4269 827 94 6 0 5 0 0 86732 14498964 0 0 0 0 0 0 0 297 4098 762 92 8 0 7 0 0 86740 14498725 0 0 0 0 0 0 0 287 3264 625 94 6 0 4 0 0 86748 1449864 14 0 0 0 0 0 0 0 370 4400 804 92 8 0 4 0 0 86756 1449836 12 0 0 0 0 0 0 0 311 3708 730 92 8 0 4 0 0 86840 1449744 30 0 0 0 0 0 0 0 331 3585 701 93 7 0 4 0 0 86840 14497284 0 0 0 0 0 0 0 453 4744 885 93 7 0 4 0 0 86840 14497284 0 0 0 0 0 0 0 355 3832 745 92 8 0 5 0 0 86876 1449668 23 0 0 0 0 0 0 0 375 5003 934 92 8 0 4 0 0 86880 14496644 0 0 0 0 0 0 0 295 3600 707 93 7 0 9 1 0 87136 1449148 13421 0 0 0 0 0 0 0 242 24373 778 87 13 0 5 1 0 91964 1445628 23388 0 0 0 0 0 0 0 273 1 1256 80 20 0 5 0 0 86892 1449624 479 0 0 0 0 0 0 0 313 4012 736 90 10 0 7 0 0 86892 14496086 0 0 0 0 0 0 0 308 3831 712 93 7 0 4 0 0 86892 14496084 0 0 0 0 0 0 0 290 3694 732 95 5 0 4 0 0 86900 1449576 14 0 0 0 0 0 0 0 345 4439 857 92 8 0 4 0 0 86900 14495764 0 0 0 0 0 0 0 337 4798 879 92 8 0 5 0 0 86964 1449492 12 0 0 0 0 0 0 0 389 4723 923 94 6 0 By the other assigned cpus are two not one as the machine sees. [root@v-arcbabalancer01 ~]# dmesg | grep cpu acpicpu0 at acpi0 cpu0 at mainbus0: apid 0 (boot processor) cpu0: Opteron or Athlon 64, 2660.64 MHz cpu0: FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,PGE,CMOV,PAT,MMX,FXSR,SSE,SSE2,SSE3,POPCN T cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 1000MHz cpu at mainbus0: not configured So i will try to do some search about gettint the proper config for openbsd hosts in kvm If anyone can give to me some clues it will realy welcome. Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Leonardo Santagostini lsantagost...@gmail.com Ok, thanks for all the replies. Im waiting to this situation appears to send to you the output of those commands. Thanks and regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 mxb m...@alumni.chalmers.se Output for 'pfctl -si', 'pfctl -sm' and 'sysctl -a|grep net.inet.ip.ifqâ would be hie to see. //mxb On 18 nov 2013, at 04:20, Leonardo Santagostini lsantagost...@gmail.com wrote: Sorry, looking more detailed at the logs i found this: /var/log/daemon Nov 17 18:36:12 v-arcbabalancer01 relayd[13984]: fatal: relay_connect: no connection in flight Nov 17 18:36:12 v-arcbabalancer01 relayd[22615]: pfe exiting, pid 22615 Nov 17 18:36:12 v-arcbabalancer01 relayd[31674]: hce exiting, pid 31674 Nov 17 18:36:12 v-arcbabalancer01 relayd[9082]: relay exiting, pid 9082 Nov 17 18:36:12 v-arcbabalancer01 relayd[701]: relay exiting, pid 701 Nov 17 18:36:12 v-arcbabalancer01 relayd[21358]: parent terminating, pid 21358 Nov 17 18:36:12 v-arcbabalancer01 relayd[24886]: relay exiting, pid 24886 Nov 17 18:36:12 v-arcbabalancer01 relayd[21395]: relay exiting, pid 21395 Nov 17 18:36:12 v-arcbabalancer01 relayd[13155]: relay exiting, pid 13155 Nov 17 18:36:12 v-arcbabalancer01 relayd[20557]: relay exiting, pid 20557 Nov 17 18:36:12 v-arcbabalancer01 relayd[14903]: relay exiting, pid 14903 Nov 17 18:36:12 v-arcbabalancer01 relayd[10686]: relay exiting, pid 10686 Nov 17 18:36:12 v-arcbabalancer01 relayd[17355]: relay exiting, pid 17355 Nov 17 18:36:12 v-arcbabalancer01 relayd[26908]: relay exiting, pid 26908 Nov 17 18:36:12 v-arcbabalancer01 relayd[6551]: relay exiting, pid 6551 Nov 17 18:36:12 v-arcbabalancer01 relayd[16649]: relay exiting, pid 16649 Nov 17 18:36:12 v-arcbabalancer01 relayd[2567]: relay exiting, pid 2567 Nov 17 18:36:12 v-arcbabalancer01 relayd[3159]: relay exiting, pid 3159 /var/log/messages Nov 17 18:36:12 v-arcbabalancer01 relayd[13984]: fatal: relay_connect: no connection in flight Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Leonardo Santagostini lsantagost...@gmail.com Hello everybody, i still having some issues whit relayd. Nov 17 21:01:56 v-arcbabalancer01 relayd[4252]: relay relay4, session 75 (1 active), 0, 190.51.90.22 - :0, buffer event timeout Nov 17 21:01:57 v-arcbabalancer01 relayd[12715]: relay relay4, session 97 (4 active
Re: carp+pfsync+relayd question
Hello Jan, thanks for answering. The point was with booting without bsd.mp, now box rebooted and showing 4 procs =) By now, all is working fine. Thank for all your support. I will keep you all informed how things are going. Best regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Jan Lambertz jd.arb...@googlemail.com qemu-kvm ...-smp sockets=2 ... solved it for me. What qemu version an build are you using ? Am 14.11.2013 18:47 schrieb Leonardo Santagostini lsantagost...@gmail.com : Thanks a lot to all, i will give it a try and gives tou you feedback as soon as it get implemented. Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Andy a...@brandwatch.com On 14/11/13 15:21, Leonardo Santagostini wrote: Hello misc, Im doing my final approach to put a production system with carp+pfsync+relayd on production. The point is that im facing some trouble setting more than one ip alias address with different vhid and different passwd. So, this is the scenario. Im trying to relayd more or less 15 sites so i have conceptual doubts. 1) is it nesessary to create one carp interface for each one of my internals VIP address 2) my understanding is that i have to work with pf on my carp interfaces. I have tried to put two different VIP's on my carp, but whitout lucky. Here is the homework. [root@server ~]# uname -a OpenBSD server.internaldomain.com 5.4 GENERIC#37 amd64 [root@server ~]# [root@server ~]# cat /etc/hostname.em0 inet 172.19.224.180 255.255.255.0 [root@server ~]# cat /etc/hostname.em1 inet 172.19.226.231 255.255.255.0 172.19.226.255 [root@server ~]# cat /etc/hostname.carp0 # inet alias 172.19.224.16 255.255.255.255 172.19.224.255 vhid 1 advskew 10 carpdev em0 pass Ahsooqu3 inet alias 172.19.224.131 255.255.255.0 172.19.224.255 vhid 2 advskew 10 carpdev em0 pass Meixo9oe # inet alias 172.19.224.41 255.255.255.255 172.19.224.255 vhid 3 advskew 10 carpdev em0 pass av5eG9Gi # inet alias 172.19.224.40 255.255.255.255 172.19.224.255 vhid 4 advskew 10 carpdev em0 pass Rei6thai # inet alias 172.19.224.181 255.255.255.0 172.19.224.255 vhid 5 advskew 10 carpdev em0 pass Toobohz3 # inet alias 172.19.224.182 255.255.255.255 172.19.224.255 vhid 6 adskew 10 carpdev em0 pass Quahng6U CARP should look like this (master); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 0 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And (backup); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 200 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And yes the subnet masks for the alias' should be /32 and you will see a warning in the logs during fail-over. This is fine, the devs just haven't muted the check warning yet. You've done it right if 'netstat -rn' shows; 172.19.224.131 127.0.0.1 UGHS 00 33152 8 lo0 172.19.224.131/32 172.19.224.131 U 00 - 4 carp0 [root@server ~]# cat /etc/hostname.pfsync0 up syncdev em1 [root@server ~]# cat /etc/pf.conf ext_if=carp0 You don't refer to CARP as an interface, it is simply a VRRP watchdog interface (for example you cannot set the MTU on a CARP interface as it is not really an interface. Use the physical.. ext_if=em0 set fingerprints /etc/pf.os set optimization aggressive set limit states 9 Definitely needs to be higher! try 1 million.. set limit src-nodes 65000 table bad_ip persist table internat_net persist file /etc/internal_net table admitted_net persist file /etc/admitted.txt # vip1_address = 172.19.224.181 # vip2_address = 172.19.224.16 vip3_address = 172.19.224.131 # vip4_address = 172.19.224.41 # vip5_address = 172.19.224.40 Just to keep you sane remember these rules; # (SNAT) NATing is done before filtering, 'pass out on $if_ext from $external_carp_ip1' (public address as src for outbound). # (DNAT) RDRing is done before filtering, 'pass in on $if_ext from any to $internal_ip1' (private address as dst for inbound). [image: OpenBSD_PF_flow] # Dejo de procesar cuando se trata de las redes internas pass in quick from internat_net to any # Dejo pasar las ips desde las redes permitidas # pass in quick from admitted_net to $vip1_address pass in quick
Re: carp+pfsync+relayd question
Hello all, unfortunally i have to setup a cron entry that bounce relayd. Here the log that show how relayd stopped working Nov 18 18:34:55 v-arcbabalancer01 relayd[20347]: relay relay5, session 1961 (54 active), 0, 200.16.99.232 - 172.19.224.71:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[28629]: relay relay4, session 1959 (40 active), 0, 201.251.221.57 - 172.19.224.72:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[13074]: relay relay4, session 1990 (61 active), 0, 190.189.189.171 - 172.19.224.70:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[24546]: relay exiting, pid 24546 Nov 18 18:34:55 v-arcbabalancer01 relayd[13924]: relay relay4, session 1883 (43 active), 0, 190.228.28.250 - :0, buffer event timeout Nov 18 18:34:55 v-arcbabalancer01 relayd[27128]: relay relay4, session 2063 (49 active), 0, 201.255.217.232 - 172.19.224.71:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[24551]: pfe exiting, pid 24551 Nov 18 18:34:55 v-arcbabalancer01 relayd[3602]: hce exiting, pid 3602 Nov 18 18:34:55 v-arcbabalancer01 relayd[13924]: relay relay4, session 1964 (43 active), 0, 190.12.181.160 - 172.19.224.73:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[17688]: relay relay4, session 2080 (49 active), 0, 186.126.250.165 - 172.19.224.72:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[28629]: relay relay5, session 1891 (39 active), 0, 190.179.204.226 - :0, buffer event timeout Nov 18 18:34:55 v-arcbabalancer01 relayd[28629]: relay relay4, session 1962 (39 active), 0, 190.189.189.171 - 172.19.224.70:80, done Nov 18 18:34:55 v-arcbabalancer01 relayd[22840]: relay exiting, pid 22840 Nov 18 18:34:55 v-arcbabalancer01 relayd[5545]: relay exiting, pid 5545 Nov 18 18:34:55 v-arcbabalancer01 relayd[1089]: relay exiting, pid 1089 Nov 18 18:34:55 v-arcbabalancer01 relayd[28629]: relay exiting, pid 28629 Nov 18 18:34:55 v-arcbabalancer01 relayd[857]: relay exiting, pid 857 Nov 18 18:34:55 v-arcbabalancer01 relayd[27128]: relay exiting, pid 27128 Nov 18 18:34:55 v-arcbabalancer01 relayd[20347]: relay exiting, pid 20347 Nov 18 18:34:55 v-arcbabalancer01 relayd[13074]: relay exiting, pid 13074 Nov 18 18:34:55 v-arcbabalancer01 relayd[7637]: relay exiting, pid 7637 Nov 18 18:34:55 v-arcbabalancer01 relayd[8449]: relay exiting, pid 8449 Nov 18 18:34:55 v-arcbabalancer01 relayd[30009]: relay exiting, pid 30009 Nov 18 18:34:55 v-arcbabalancer01 relayd[13924]: relay exiting, pid 13924 Nov 18 18:34:55 v-arcbabalancer01 relayd[4542]: relay exiting, pid 4542 Nov 18 18:34:55 v-arcbabalancer01 relayd[13505]: parent terminating, pid 13505 Nov 18 18:39:11 v-arcbabalancer01 puppet-agent[20912]: Finished catalog run in 2.59 seconds Nov 18 18:58:04 v-arcbabalancer01 relayd[9964]: startup Best regards, yours Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Leonardo Santagostini lsantagost...@gmail.com Hello Jan, thanks for answering. The point was with booting without bsd.mp, now box rebooted and showing 4 procs =) By now, all is working fine. Thank for all your support. I will keep you all informed how things are going. Best regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Jan Lambertz jd.arb...@googlemail.com qemu-kvm ...-smp sockets=2 ... solved it for me. What qemu version an build are you using ? Am 14.11.2013 18:47 schrieb Leonardo Santagostini lsantagost...@gmail.com : Thanks a lot to all, i will give it a try and gives tou you feedback as soon as it get implemented. Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Andy a...@brandwatch.com On 14/11/13 15:21, Leonardo Santagostini wrote: Hello misc, Im doing my final approach to put a production system with carp+pfsync+relayd on production. The point is that im facing some trouble setting more than one ip alias address with different vhid and different passwd. So, this is the scenario. Im trying to relayd more or less 15 sites so i have conceptual doubts. 1) is it nesessary to create one carp interface for each one of my internals VIP address 2) my understanding is that i have to work with pf on my carp interfaces. I have tried to put two different VIP's on my carp, but whitout lucky. Here is the homework. [root@server ~]# uname -a OpenBSD server.internaldomain.com 5.4 GENERIC#37 amd64 [root@server ~]# [root@server ~]# cat /etc/hostname.em0 inet 172.19.224.180 255.255.255.0 [root@server ~]# cat /etc/hostname.em1 inet 172.19.226.231 255.255.255.0 172.19.226.255 [root@server ~]# cat /etc/hostname.carp0 # inet alias 172.19.224.16 255.255.255.255 172.19.224.255 vhid 1 advskew 10 carpdev em0 pass Ahsooqu3 inet alias 172.19.224.131 255.255.255.0 172.19.224.255 vhid 2 advskew 10 carpdev em0 pass Meixo9oe # inet alias 172.19.224.41 255.255.255.255 172.19.224.255 vhid 3 advskew 10 carpdev
Re: carp+pfsync+relayd question
Hello everybody, i still having some issues whit relayd. Nov 17 21:01:56 v-arcbabalancer01 relayd[4252]: relay relay4, session 75 (1 active), 0, 190.51.90.22 - :0, buffer event timeout Nov 17 21:01:57 v-arcbabalancer01 relayd[12715]: relay relay4, session 97 (4 active), 0, 190.49.60.30 - :0, buffer event timeout Nov 17 21:01:58 v-arcbabalancer01 relayd[4781]: relay relay4, session 142 (3 active), 0, 190.188.18.202 - :0, buffer event timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[25332]: relay relay4, session 28 (1 active), 0, 181.29.46.36 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[12715]: relay relay4, session 55 (3 active), 0, 108.36.150.233 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[18695]: relay relay4, session 67 (3 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[13096]: relay relay5, session 73 (3 active), 0, 190.195.118.49 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[31990]: relay relay4, session 25 (1 active), 0, 186.188.178.215 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[4781]: relay relay4, session 144 (7 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[23317]: relay relay2, session 55 (5 active), 0, 181.109.7.31 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[22942]: relay relay4, session 93 (2 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[13862]: relay relay4, session 80 (3 active), 0, 190.111.231.50 - :0, hard timeout Nov 17 21:02:06 v-arcbabalancer01 relayd[19770]: relay relay4, session 92 (1 active), 0, 75.70.87.158 - :0, buffer event timeout Nov 17 21:02:08 v-arcbabalancer01 relayd[23317]: relay relay4, session 131 (5 active), 0, 190.113.173.36 - :0, buffer event timeout Nov 17 21:02:11 v-arcbabalancer01 relayd[10590]: relay relay4, session 103 (9 active), 0, 186.137.241.254 - :0, buffer event timeout Nov 17 21:02:15 v-arcbabalancer01 relayd[23317]: relay relay4, session 143 (2 active), 0, 24.232.115.134 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 101 (7 active), 0, 108.87.58.21 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 102 (6 active), 0, 108.87.58.21 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[10590]: relay relay5, session 142 (13 active), 0, 190.195.118.49 - 172.19.224.73:80, no method Nov 17 21:02:16 v-arcbabalancer01 relayd[10590]: relay relay4, session 114 (12 active), 0, 190.49.11.36 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 104 (5 active), 0, 190.49.11.36 - :0, buffer event timeout Nov 17 21:02:17 v-arcbabalancer01 relayd[10590]: relay relay4, session 120 (10 active), 0, 189.237.152.81 - :0, buffer event timeout Nov 17 21:02:17 v-arcbabalancer01 relayd[31990]: relay relay4, session 117 (5 active), 0, 189.237.152.81 - :0, buffer event timeout Nov 17 21:02:17 v-arcbabalancer01 relayd[10590]: relay relay5, session 144 (9 active), 0, 190.195.118.49 - 172.19.224.71:80, no method Nov 17 21:02:17 v-arcbabalancer01 relayd[10590]: relay relay5, session 145 (9 active), 0, 190.195.118.49 - 172.19.224.70:80, no method Nov 17 21:02:19 v-arcbabalancer01 relayd[30656]: relay relay4, session 126 (4 active), 0, 190.220.108.107 - :0, buffer event timeout Nov 17 21:02:22 v-arcbabalancer01 relayd[19770]: relay relay4, session 103 (1 active), 0, 189.149.155.136 - :0, buffer event timeout Nov 17 21:02:25 v-arcbabalancer01 relayd[18695]: relay relay4, session 79 (3 active), 0, 181.167.177.45 - :0, buffer event timeout Nov 17 21:02:28 v-arcbabalancer01 relayd[12715]: relay relay4, session 109 (4 active), 0, 190.18.27.4 - :0, buffer event timeout Nov 17 21:02:30 v-arcbabalancer01 relayd[12715]: relay relay4, session 112 (3 active), 0, 181.21.154.28 - :0, buffer event timeout Here is my config dmesg: http://pastebin.com/fLU8qaTd relayd.conf: http://pastebin.com/Nn1VYRxQ pf.conf: http://pastebin.com/HcQchkgP /etc/hostname.carp0: http://pastebin.com/wyccT20r /etc/hostname.em1: http://pastebin.com/MQq9nExL /etc/sysctl.conf: http://pastebin.com/QrkwLgWN Anybody can enligth me ? Thank you in advance, best regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Leonardo Santagostini lsantagost...@gmail.com Hello Andy. Actually i proved flushing pf rules, tables and counters with no luck. But after restart relayd things come to work as expected. Thanks, Leonardo El nov 14, 2013 8:15 p.m., mxb m...@alumni.chalmers.se escribió: No, it is number of currently active sessions for this particular relay. Eg. 502 âusers. On 14 nov 2013, at 21:59, Andy Lemin a...@brandwatch.com wrote: Hi, as a complete guess (not used relayd yet let alone DSR) a 502 sounds like an error return from nginx/apache etc. could be a direct server return issue causing the TCP three way handshake
Re: carp+pfsync+relayd question
Sorry, looking more detailed at the logs i found this: /var/log/daemon Nov 17 18:36:12 v-arcbabalancer01 relayd[13984]: fatal: relay_connect: no connection in flight Nov 17 18:36:12 v-arcbabalancer01 relayd[22615]: pfe exiting, pid 22615 Nov 17 18:36:12 v-arcbabalancer01 relayd[31674]: hce exiting, pid 31674 Nov 17 18:36:12 v-arcbabalancer01 relayd[9082]: relay exiting, pid 9082 Nov 17 18:36:12 v-arcbabalancer01 relayd[701]: relay exiting, pid 701 Nov 17 18:36:12 v-arcbabalancer01 relayd[21358]: parent terminating, pid 21358 Nov 17 18:36:12 v-arcbabalancer01 relayd[24886]: relay exiting, pid 24886 Nov 17 18:36:12 v-arcbabalancer01 relayd[21395]: relay exiting, pid 21395 Nov 17 18:36:12 v-arcbabalancer01 relayd[13155]: relay exiting, pid 13155 Nov 17 18:36:12 v-arcbabalancer01 relayd[20557]: relay exiting, pid 20557 Nov 17 18:36:12 v-arcbabalancer01 relayd[14903]: relay exiting, pid 14903 Nov 17 18:36:12 v-arcbabalancer01 relayd[10686]: relay exiting, pid 10686 Nov 17 18:36:12 v-arcbabalancer01 relayd[17355]: relay exiting, pid 17355 Nov 17 18:36:12 v-arcbabalancer01 relayd[26908]: relay exiting, pid 26908 Nov 17 18:36:12 v-arcbabalancer01 relayd[6551]: relay exiting, pid 6551 Nov 17 18:36:12 v-arcbabalancer01 relayd[16649]: relay exiting, pid 16649 Nov 17 18:36:12 v-arcbabalancer01 relayd[2567]: relay exiting, pid 2567 Nov 17 18:36:12 v-arcbabalancer01 relayd[3159]: relay exiting, pid 3159 /var/log/messages Nov 17 18:36:12 v-arcbabalancer01 relayd[13984]: fatal: relay_connect: no connection in flight Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/18 Leonardo Santagostini lsantagost...@gmail.com Hello everybody, i still having some issues whit relayd. Nov 17 21:01:56 v-arcbabalancer01 relayd[4252]: relay relay4, session 75 (1 active), 0, 190.51.90.22 - :0, buffer event timeout Nov 17 21:01:57 v-arcbabalancer01 relayd[12715]: relay relay4, session 97 (4 active), 0, 190.49.60.30 - :0, buffer event timeout Nov 17 21:01:58 v-arcbabalancer01 relayd[4781]: relay relay4, session 142 (3 active), 0, 190.188.18.202 - :0, buffer event timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[25332]: relay relay4, session 28 (1 active), 0, 181.29.46.36 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[12715]: relay relay4, session 55 (3 active), 0, 108.36.150.233 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[18695]: relay relay4, session 67 (3 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[13096]: relay relay5, session 73 (3 active), 0, 190.195.118.49 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[31990]: relay relay4, session 25 (1 active), 0, 186.188.178.215 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[4781]: relay relay4, session 144 (7 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[23317]: relay relay2, session 55 (5 active), 0, 181.109.7.31 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[22942]: relay relay4, session 93 (2 active), 0, 31.221.13.210 - :0, hard timeout Nov 17 21:02:03 v-arcbabalancer01 relayd[13862]: relay relay4, session 80 (3 active), 0, 190.111.231.50 - :0, hard timeout Nov 17 21:02:06 v-arcbabalancer01 relayd[19770]: relay relay4, session 92 (1 active), 0, 75.70.87.158 - :0, buffer event timeout Nov 17 21:02:08 v-arcbabalancer01 relayd[23317]: relay relay4, session 131 (5 active), 0, 190.113.173.36 - :0, buffer event timeout Nov 17 21:02:11 v-arcbabalancer01 relayd[10590]: relay relay4, session 103 (9 active), 0, 186.137.241.254 - :0, buffer event timeout Nov 17 21:02:15 v-arcbabalancer01 relayd[23317]: relay relay4, session 143 (2 active), 0, 24.232.115.134 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 101 (7 active), 0, 108.87.58.21 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 102 (6 active), 0, 108.87.58.21 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[10590]: relay relay5, session 142 (13 active), 0, 190.195.118.49 - 172.19.224.73:80, no method Nov 17 21:02:16 v-arcbabalancer01 relayd[10590]: relay relay4, session 114 (12 active), 0, 190.49.11.36 - :0, buffer event timeout Nov 17 21:02:16 v-arcbabalancer01 relayd[12715]: relay relay4, session 104 (5 active), 0, 190.49.11.36 - :0, buffer event timeout Nov 17 21:02:17 v-arcbabalancer01 relayd[10590]: relay relay4, session 120 (10 active), 0, 189.237.152.81 - :0, buffer event timeout Nov 17 21:02:17 v-arcbabalancer01 relayd[31990]: relay relay4, session 117 (5 active), 0, 189.237.152.81 - :0, buffer event timeout Nov 17 21:02:17 v-arcbabalancer01 relayd[10590]: relay relay5, session 144 (9 active), 0, 190.195.118.49 - 172.19.224.71:80, no method Nov 17 21:02:17 v-arcbabalancer01 relayd[10590]: relay relay5, session 145 (9 active), 0, 190.195.118.49 - 172.19.224.70:80, no method Nov 17
carp+pfsync+relayd question
(pfsync init) pfsync: failed to receive bulk update carp0: state transition: BACKUP - MASTER carp0: state transition: BACKUP - MASTER nd6_na_input: duplicate IP6 address fe80:0005::0200:5eff:fe00:0102 carp0: state transition: BACKUP - MASTER nd6_na_input: duplicate IP6 address fe80:0005::0200:5eff:fe00:0102 Two more things 1) Sorry for my english, is not my mothers tongue 2) Thank you for doing this great operantig system Saludos / Regards Leonardo Santagostini
Re: carp+pfsync+relayd question
Ok, i will modify the config. But i really want to know about the carp configuration. I forget to mention that im doing DSR. Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 mxb m...@alumni.chalmers.se 15 sites and only 9? Iâd put around 50 (and have). You might need even more. On 14 nov 2013, at 16:21, Leonardo Santagostini lsantagost...@gmail.com wrote: set limit states 9
Re: carp+pfsync+relayd question
Thanks a lot to all, i will give it a try and gives tou you feedback as soon as it get implemented. Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Andy a...@brandwatch.com On 14/11/13 15:21, Leonardo Santagostini wrote: Hello misc, Im doing my final approach to put a production system with carp+pfsync+relayd on production. The point is that im facing some trouble setting more than one ip alias address with different vhid and different passwd. So, this is the scenario. Im trying to relayd more or less 15 sites so i have conceptual doubts. 1) is it nesessary to create one carp interface for each one of my internals VIP address 2) my understanding is that i have to work with pf on my carp interfaces. I have tried to put two different VIP's on my carp, but whitout lucky. Here is the homework. [root@server ~]# uname -a OpenBSD server.internaldomain.com 5.4 GENERIC#37 amd64 [root@server ~]# [root@server ~]# cat /etc/hostname.em0 inet 172.19.224.180 255.255.255.0 [root@server ~]# cat /etc/hostname.em1 inet 172.19.226.231 255.255.255.0 172.19.226.255 [root@server ~]# cat /etc/hostname.carp0 # inet alias 172.19.224.16 255.255.255.255 172.19.224.255 vhid 1 advskew 10 carpdev em0 pass Ahsooqu3 inet alias 172.19.224.131 255.255.255.0 172.19.224.255 vhid 2 advskew 10 carpdev em0 pass Meixo9oe # inet alias 172.19.224.41 255.255.255.255 172.19.224.255 vhid 3 advskew 10 carpdev em0 pass av5eG9Gi # inet alias 172.19.224.40 255.255.255.255 172.19.224.255 vhid 4 advskew 10 carpdev em0 pass Rei6thai # inet alias 172.19.224.181 255.255.255.0 172.19.224.255 vhid 5 advskew 10 carpdev em0 pass Toobohz3 # inet alias 172.19.224.182 255.255.255.255 172.19.224.255 vhid 6 adskew 10 carpdev em0 pass Quahng6U CARP should look like this (master); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 0 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And (backup); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 200 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And yes the subnet masks for the alias' should be /32 and you will see a warning in the logs during fail-over. This is fine, the devs just haven't muted the check warning yet. You've done it right if 'netstat -rn' shows; 172.19.224.131 127.0.0.1 UGHS 00 33152 8 lo0 172.19.224.131/32 172.19.224.131 U 00 - 4 carp0 [root@server ~]# cat /etc/hostname.pfsync0 up syncdev em1 [root@server ~]# cat /etc/pf.conf ext_if=carp0 You don't refer to CARP as an interface, it is simply a VRRP watchdog interface (for example you cannot set the MTU on a CARP interface as it is not really an interface. Use the physical.. ext_if=em0 set fingerprints /etc/pf.os set optimization aggressive set limit states 9 Definitely needs to be higher! try 1 million.. set limit src-nodes 65000 table bad_ip persist table internat_net persist file /etc/internal_net table admitted_net persist file /etc/admitted.txt # vip1_address = 172.19.224.181 # vip2_address = 172.19.224.16 vip3_address = 172.19.224.131 # vip4_address = 172.19.224.41 # vip5_address = 172.19.224.40 Just to keep you sane remember these rules; # (SNAT) NATing is done before filtering, 'pass out on $if_ext from $external_carp_ip1' (public address as src for outbound). # (DNAT) RDRing is done before filtering, 'pass in on $if_ext from any to $internal_ip1' (private address as dst for inbound). [image: OpenBSD_PF_flow] # Dejo de procesar cuando se trata de las redes internas pass in quick from internat_net to any # Dejo pasar las ips desde las redes permitidas # pass in quick from admitted_net to $vip1_address pass in quick from admitted_net to $vip3_address # Genero el block block in quick from bad_ip Your 'block in quick's should be above your 'pass in quick's! quick means stop evaluating and do this action now.. block in log quick on $ext_if proto tcp from any os NMAP to any label ExtNMAPScan # Proteccion contra nmap y herramientas similares # block in quick on $ext_if proto tcp flags FUP/WEUAPRSF block in quick on $ext_if proto tcp flags WEUAPRSF/WEUAPRSF block in quick on $ext_if proto tcp flags SRAFU/WEUAPRSF block in quick on $ext_if proto tcp flags /WEUAPRSF block in quick on $ext_if proto tcp flags SR/SR block in quick on $ext_if proto tcp flags SF/SF block in quick from urpf-failed # Aplico reglas de DoS y Syn Flood en site1 # pass in log on $mob_if proto tcp to $vip1_address port www keep state
Re: carp+pfsync+relayd question
Ok, just added my second website to both servers like your recommendation. I will post my config before the end of the day just to share it with you. Thank you so much !!! Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Leonardo Santagostini lsantagost...@gmail.com Thanks a lot to all, i will give it a try and gives tou you feedback as soon as it get implemented. Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Andy a...@brandwatch.com On 14/11/13 15:21, Leonardo Santagostini wrote: Hello misc, Im doing my final approach to put a production system with carp+pfsync+relayd on production. The point is that im facing some trouble setting more than one ip alias address with different vhid and different passwd. So, this is the scenario. Im trying to relayd more or less 15 sites so i have conceptual doubts. 1) is it nesessary to create one carp interface for each one of my internals VIP address 2) my understanding is that i have to work with pf on my carp interfaces. I have tried to put two different VIP's on my carp, but whitout lucky. Here is the homework. [root@server ~]# uname -a OpenBSD server.internaldomain.com 5.4 GENERIC#37 amd64 [root@server ~]# [root@server ~]# cat /etc/hostname.em0 inet 172.19.224.180 255.255.255.0 [root@server ~]# cat /etc/hostname.em1 inet 172.19.226.231 255.255.255.0 172.19.226.255 [root@server ~]# cat /etc/hostname.carp0 # inet alias 172.19.224.16 255.255.255.255 172.19.224.255 vhid 1 advskew 10 carpdev em0 pass Ahsooqu3 inet alias 172.19.224.131 255.255.255.0 172.19.224.255 vhid 2 advskew 10 carpdev em0 pass Meixo9oe # inet alias 172.19.224.41 255.255.255.255 172.19.224.255 vhid 3 advskew 10 carpdev em0 pass av5eG9Gi # inet alias 172.19.224.40 255.255.255.255 172.19.224.255 vhid 4 advskew 10 carpdev em0 pass Rei6thai # inet alias 172.19.224.181 255.255.255.0 172.19.224.255 vhid 5 advskew 10 carpdev em0 pass Toobohz3 # inet alias 172.19.224.182 255.255.255.255 172.19.224.255 vhid 6 adskew 10 carpdev em0 pass Quahng6U CARP should look like this (master); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 0 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And (backup); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 200 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And yes the subnet masks for the alias' should be /32 and you will see a warning in the logs during fail-over. This is fine, the devs just haven't muted the check warning yet. You've done it right if 'netstat -rn' shows; 172.19.224.131 127.0.0.1 UGHS 00 33152 8 lo0 172.19.224.131/32 172.19.224.131 U 00 - 4 carp0 [root@server ~]# cat /etc/hostname.pfsync0 up syncdev em1 [root@server ~]# cat /etc/pf.conf ext_if=carp0 You don't refer to CARP as an interface, it is simply a VRRP watchdog interface (for example you cannot set the MTU on a CARP interface as it is not really an interface. Use the physical.. ext_if=em0 set fingerprints /etc/pf.os set optimization aggressive set limit states 9 Definitely needs to be higher! try 1 million.. set limit src-nodes 65000 table bad_ip persist table internat_net persist file /etc/internal_net table admitted_net persist file /etc/admitted.txt # vip1_address = 172.19.224.181 # vip2_address = 172.19.224.16 vip3_address = 172.19.224.131 # vip4_address = 172.19.224.41 # vip5_address = 172.19.224.40 Just to keep you sane remember these rules; # (SNAT) NATing is done before filtering, 'pass out on $if_ext from $external_carp_ip1' (public address as src for outbound). # (DNAT) RDRing is done before filtering, 'pass in on $if_ext from any to $internal_ip1' (private address as dst for inbound). [image: OpenBSD_PF_flow] # Dejo de procesar cuando se trata de las redes internas pass in quick from internat_net to any # Dejo pasar las ips desde las redes permitidas # pass in quick from admitted_net to $vip1_address pass in quick from admitted_net to $vip3_address # Genero el block block in quick from bad_ip Your 'block in quick's should be above your 'pass in quick's! quick means stop evaluating and do this action now.. block in log quick on $ext_if proto tcp from any os NMAP to any label ExtNMAPScan # Proteccion contra nmap y herramientas similares # block in quick on $ext_if proto tcp flags FUP/WEUAPRSF block in quick on $ext_if proto tcp flags WEUAPRSF/WEUAPRSF block in quick on $ext_if proto tcp
Re: carp+pfsync+relayd question
Well well well there is one thing its ocurring that i cant figure out. im getting some relay site3 session 3370 (502 active), 0, 190.179.249.128 - :0, buffer event timeout And after a couple a minutes (i couldnt take note exactly how many) relayd get restarted Is there any clue where to look into? Thanks in advance Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Leonardo Santagostini lsantagost...@gmail.com Ok, just added my second website to both servers like your recommendation. I will post my config before the end of the day just to share it with you. Thank you so much !!! Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Leonardo Santagostini lsantagost...@gmail.com Thanks a lot to all, i will give it a try and gives tou you feedback as soon as it get implemented. Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Andy a...@brandwatch.com On 14/11/13 15:21, Leonardo Santagostini wrote: Hello misc, Im doing my final approach to put a production system with carp+pfsync+relayd on production. The point is that im facing some trouble setting more than one ip alias address with different vhid and different passwd. So, this is the scenario. Im trying to relayd more or less 15 sites so i have conceptual doubts. 1) is it nesessary to create one carp interface for each one of my internals VIP address 2) my understanding is that i have to work with pf on my carp interfaces. I have tried to put two different VIP's on my carp, but whitout lucky. Here is the homework. [root@server ~]# uname -a OpenBSD server.internaldomain.com 5.4 GENERIC#37 amd64 [root@server ~]# [root@server ~]# cat /etc/hostname.em0 inet 172.19.224.180 255.255.255.0 [root@server ~]# cat /etc/hostname.em1 inet 172.19.226.231 255.255.255.0 172.19.226.255 [root@server ~]# cat /etc/hostname.carp0 # inet alias 172.19.224.16 255.255.255.255 172.19.224.255 vhid 1 advskew 10 carpdev em0 pass Ahsooqu3 inet alias 172.19.224.131 255.255.255.0 172.19.224.255 vhid 2 advskew 10 carpdev em0 pass Meixo9oe # inet alias 172.19.224.41 255.255.255.255 172.19.224.255 vhid 3 advskew 10 carpdev em0 pass av5eG9Gi # inet alias 172.19.224.40 255.255.255.255 172.19.224.255 vhid 4 advskew 10 carpdev em0 pass Rei6thai # inet alias 172.19.224.181 255.255.255.0 172.19.224.255 vhid 5 advskew 10 carpdev em0 pass Toobohz3 # inet alias 172.19.224.182 255.255.255.255 172.19.224.255 vhid 6 adskew 10 carpdev em0 pass Quahng6U CARP should look like this (master); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 0 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And (backup); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 200 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And yes the subnet masks for the alias' should be /32 and you will see a warning in the logs during fail-over. This is fine, the devs just haven't muted the check warning yet. You've done it right if 'netstat -rn' shows; 172.19.224.131 127.0.0.1 UGHS 00 33152 8 lo0 172.19.224.131/32 172.19.224.131 U 00 - 4 carp0 [root@server ~]# cat /etc/hostname.pfsync0 up syncdev em1 [root@server ~]# cat /etc/pf.conf ext_if=carp0 You don't refer to CARP as an interface, it is simply a VRRP watchdog interface (for example you cannot set the MTU on a CARP interface as it is not really an interface. Use the physical.. ext_if=em0 set fingerprints /etc/pf.os set optimization aggressive set limit states 9 Definitely needs to be higher! try 1 million.. set limit src-nodes 65000 table bad_ip persist table internat_net persist file /etc/internal_net table admitted_net persist file /etc/admitted.txt # vip1_address = 172.19.224.181 # vip2_address = 172.19.224.16 vip3_address = 172.19.224.131 # vip4_address = 172.19.224.41 # vip5_address = 172.19.224.40 Just to keep you sane remember these rules; # (SNAT) NATing is done before filtering, 'pass out on $if_ext from $external_carp_ip1' (public address as src for outbound). # (DNAT) RDRing is done before filtering, 'pass in on $if_ext from any to $internal_ip1' (private address as dst for inbound). [image: OpenBSD_PF_flow] # Dejo de procesar cuando se trata de las redes internas pass in quick from internat_net to any # Dejo pasar las ips desde las redes permitidas # pass in quick from admitted_net to $vip1_address pass in quick from admitted_net
Re: carp+pfsync+relayd question
Ok im not at the office now. But tomorrow we could do more test. Regards and thank you !!! El nov 14, 2013 8:01 p.m., Andy Lemin a...@brandwatch.com escribió: In fact thinking about it if think that is a relayd issue somewhere and not pf at all.. Sent from my iPhone On 14 Nov 2013, at 19:37, Leonardo Santagostini lsantagost...@gmail.com wrote: Well well well there is one thing its ocurring that i cant figure out. im getting some relay site3 session 3370 (502 active), 0, 190.179.249.128 - :0, buffer event timeout And after a couple a minutes (i couldnt take note exactly how many) relayd get restarted Is there any clue where to look into? Thanks in advance Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Leonardo Santagostini lsantagost...@gmail.com Ok, just added my second website to both servers like your recommendation. I will post my config before the end of the day just to share it with you. Thank you so much !!! Regards Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Leonardo Santagostini lsantagost...@gmail.com Thanks a lot to all, i will give it a try and gives tou you feedback as soon as it get implemented. Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/11/14 Andy a...@brandwatch.com On 14/11/13 15:21, Leonardo Santagostini wrote: Hello misc, Im doing my final approach to put a production system with carp+pfsync+relayd on production. The point is that im facing some trouble setting more than one ip alias address with different vhid and different passwd. So, this is the scenario. Im trying to relayd more or less 15 sites so i have conceptual doubts. 1) is it nesessary to create one carp interface for each one of my internals VIP address 2) my understanding is that i have to work with pf on my carp interfaces. I have tried to put two different VIP's on my carp, but whitout lucky. Here is the homework. [root@server ~]# uname -a OpenBSD server.internaldomain.com 5.4 GENERIC#37 amd64 [root@server ~]# [root@server ~]# cat /etc/hostname.em0 inet 172.19.224.180 255.255.255.0 [root@server ~]# cat /etc/hostname.em1 inet 172.19.226.231 255.255.255.0 172.19.226.255 [root@server ~]# cat /etc/hostname.carp0 # inet alias 172.19.224.16 255.255.255.255 172.19.224.255 vhid 1 advskew 10 carpdev em0 pass Ahsooqu3 inet alias 172.19.224.131 255.255.255.0 172.19.224.255 vhid 2 advskew 10 carpdev em0 pass Meixo9oe # inet alias 172.19.224.41 255.255.255.255 172.19.224.255 vhid 3 advskew 10 carpdev em0 pass av5eG9Gi # inet alias 172.19.224.40 255.255.255.255 172.19.224.255 vhid 4 advskew 10 carpdev em0 pass Rei6thai # inet alias 172.19.224.181 255.255.255.0 172.19.224.255 vhid 5 advskew 10 carpdev em0 pass Toobohz3 # inet alias 172.19.224.182 255.255.255.255 172.19.224.255 vhid 6 adskew 10 carpdev em0 pass Quahng6U CARP should look like this (master); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 0 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And (backup); inet 172.19.224.16 255.255.255.0 172.19.224.255 vhid 1 carpdev em0 pass Ahsooqu3 advskew 200 inet alias 172.19.224.131 255.255.255.255 inet alias 172.19.224.41 255.255.255.255 inet alias 172.19.224.40 255.255.255.255 inet alias 172.19.224.181 255.255.255.255 inet alias 172.19.224.182 255.255.255.255 And yes the subnet masks for the alias' should be /32 and you will see a warning in the logs during fail-over. This is fine, the devs just haven't muted the check warning yet. You've done it right if 'netstat -rn' shows; 172.19.224.131 127.0.0.1 UGHS 00 33152 8 lo0 172.19.224.131/32 172.19.224.131 U 00 - 4 carp0 [root@server ~]# cat /etc/hostname.pfsync0 up syncdev em1 [root@server ~]# cat /etc/pf.conf ext_if=carp0 You don't refer to CARP as an interface, it is simply a VRRP watchdog interface (for example you cannot set the MTU on a CARP interface as it is not really an interface. Use the physical.. ext_if=em0 set fingerprints /etc/pf.os set optimization aggressive set limit states 9 Definitely needs to be higher! try 1 million.. set limit src-nodes 65000 table bad_ip persist table internat_net persist file /etc/internal_net table admitted_net persist file /etc/admitted.txt # vip1_address = 172.19.224.181 # vip2_address = 172.19.224.16 vip3_address = 172.19.224.131 # vip4_address = 172.19.224.41 # vip5_address = 172.19.224.40 Just to keep you sane remember these rules; # (SNAT) NATing is done before filtering, 'pass out on $if_ext from $external_carp_ip1' (public address as src for outbound). # (DNAT) RDRing is done before filtering
Re: carp+pfsync+relayd question
Hello Andy. Actually i proved flushing pf rules, tables and counters with no luck. But after restart relayd things come to work as expected. Thanks, Leonardo El nov 14, 2013 8:15 p.m., mxb m...@alumni.chalmers.se escribió: No, it is number of currently active sessions for this particular relay. Eg. 502 âusers. On 14 nov 2013, at 21:59, Andy Lemin a...@brandwatch.com wrote: Hi, as a complete guess (not used relayd yet let alone DSR) a 502 sounds like an error return from nginx/apache etc. could be a direct server return issue causing the TCP three way handshake to not be completing properly between the endpoints, even though a 502 is usually server side issue.. I'd try removing the 'in' or 'out' direction from the rules.
Question about relayd
Hello Misc, again me, bothering you. Im getting plenty of buffer event timeout in my /var/gol/daemon. I was trying to find what exactly means whithout success. Anyone can give me a clue? Im using OpenBSD 5.2 GENERIC#278 i386 Relayd from base install. Saludos / Regards Leonardo Santagostini http://ar.linkedin.com/in/santagostini
Re: Sorry: Facebook again
Thanks, very usefull =) Saludos.- Leonardo Santagostini http://ar.linkedin.com/in/santagostini 2013/10/21 Chris Cappuccio ch...@nmedia.net I wrote up a guide for all you fascists to exercise your power with relayd. Here's the early, unedited version: http://www.nmedia.net/chris/url.blacklist.txt Stefan Wollny [stefan.wol...@web.de] wrote: Hi there! In the last days I had an interesting and educational thread here on misc@ on how to block facebook.com. Knowing that many of the OpenBSD-pros on this list are way more educated on network-related issues than I am, I hope none feels offended with another question related to Facebook: Today I am once more off-site from home, but with access to an iMac running OpenBSD-amd64/current; PF runs out-of-the-box unchanged. I noticed that ping responses for 'facebook.com' are exceptionally faster than e.g. those for 'google.com'. This is what I did to track down on the issue: $ cat /etc/resolv.conf # Generated by nfe0 dhclient nameserver 192.168.1.1 lookup file bind $ cat /etc/hosts | grep facebook 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 facebook.de 127.0.0.1 www.facebook.de 127.0.0.1 de-de.facebook.com 127.0.0.1 ads.ak.facebook.com 127.0.0.1 creative.ak.facebook.com 127.0.0.1 facebookinc.122.2o7.net $ sudo traceroute google.com 1 netgear (192.168.1.1) 0.301 ms 0.232 ms 0.228 ms 2 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 9.933 ms 7.890 ms 11.456 ms 3 ve-cmts.mes-muc-02.de.infra.cablesurf.de (aaa.bbb.ccc.ddd) 9.556 ms 12.199 ms 9.277 ms 4 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.649 ms 22.526 ms 17.204 ms 5 google.bcix.de (aaa.bbb.ccc.ddd) 22.794 ms 23.894 ms 26.117 ms 6 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.263 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.457 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 21.597 ms 7 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 26.983 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 25.247 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 35.177 ms 8 aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 20.533 ms aaa.bbb.ccc.ddd (aaa.bbb.ccc.ddd) 22.67 ms 21.929 ms 9 * * * 10 bk-in-f100.1e100.net (aaa.bbb.ccc.ddd) 21.421 ms 23.498 ms 21.952 ms $ sudo traceroute facebook.com 1 localhost (127.0.0.1) 0.57 ms 0.23 ms 0.19 ms $ pkg_info | grep proxy libproxy-0.4.11p3 library handling all the details of proxy configuration libproxy-mozilla-0.4.11p2 pacrunner libproxy plugin for mozilla-based (gecko) browsers $ man libproxy man: no entry for libproxy in the manual. $ apropos libproxy libproxy: nothing appropriate I'd like to mention that I am in the outskirts of Munich and that the system was freshly started into a console (no X, no browser). The netgear-router at 192.168.1.1 also serves a colleague who uses facebook. MY QUESTION: What might have happened that 'facebook.com' is found on localhost at 127.0.0.1 on my machine? Actually 'google.com' is called regularly thus I'd expeced it to be as fast/show as 'facebook.com'. I have no clue and I don't have the slightest idea on how to get rid of this address - can anyone provide some more insight? Other information you need to provide advice? Thank you! Kind regards STEFAN $ dmesg OpenBSD 5.4-current (GENERIC.MP) #73: Tue Oct 15 00:08:48 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP RTC BIOS diagnostic error f7clock_battery,ROM_cksum,config_unit,memory_size,invalid_time real mem = 8279707648 (7896MB) avail mem = 8051179520 (7678MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe (43 entries) bios0: vendor Apple Inc. version IM91.88Z.008D.B08.0904271717 date 04/27/09 bios0: Apple Inc. iMac9,1 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC MCFG ASF! SBST ECDT SSDT SSDT SSDT acpi0: wakeup devices EC__(S3) OHC1(S3) EHC1(S3) OHC2(S3) EHC2(S3) GIGE(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 2500 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU E8135 @ 2.66GHz, 1592.23 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF cpu0: 6MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 265MHz cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU E8135 @ 2.66GHz, 1592.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX
Re: Issue with PF + Relayd
Hello Reyk, sorry for the inconsistencies, they was for hide the real name (for protecting internal things). Here comes the config with the homework well done (sorry again) ext_if=pcn0 set fingerprints /etc/pf.os set optimization aggressive # match on $ext_if all scrub (no-df) # Genero las tablas que voy a usar table ips_malas persist table redes_yell persist file /etc/redes.yell table redes_permitidas persist file /etc/redes_permitidas.txt # Defino la ip del balanceador para Mobile address_mobile = 10.0.1.181 address1 = 10.0.1.16 # Dejo de procesar cuando se trata de las redes internas pass in quick from redes_yell to any # Dejo pasar las ips desde las redes permitidas pass in quick from redes_permitidas to $address_mobile # Genero el block block in quick from ips_malas block in log quick on $ext_if proto tcp from any os NMAP to any label ExtNMAPScan # Proteccion contra nmap y herramientas similares # block in quick on $ext_if proto tcp flags FUP/WEUAPRSF block in quick on $ext_if proto tcp flags WEUAPRSF/WEUAPRSF block in quick on $ext_if proto tcp flags SRAFU/WEUAPRSF block in quick on $ext_if proto tcp flags /WEUAPRSF block in quick on $ext_if proto tcp flags SR/SR block in quick on $ext_if proto tcp flags SF/SF block in quick from urpf-failed # Aplico reglas de DoS y Syn Flood en tld pass in log on $ext_if proto tcp to $address_mobile port www keep state (sloppy, max 1, max-src-nodes 5000, max-src-conn 100, max-src-conn-rate 95/2, adap tive.start 6000, adaptive.end 12000, tcp.first 15, tcp.opening 5, tcp.established 3600, tcp.closing 5, tcp.finwait 15, tcp.closed 15, tcp.tsdiff 5) # Aplico reglas de DoS y Syn Flood en tld2 pass in on $ext_if proto tcp to $address1 port www keep state (sloppy, max 1, max-src-nodes 5000, max-src-conn 150, max-src-conn-rate 150/3) # Anchor Para relayd anchor relayd/* # Archivo de configuracion de balanceo ## Opciones globales interval 5 timeout 1000 prefork 5 ## Direcciones de las vip address1=10.0.1.16 address2=10.0.1.181 address3=10.0.1.182 ## Direcciones de los servidores mobileWap01=10.0.1.200 mobileWap02=10.0.1.201 webcache01=10.0.1.70 webcache02=10.0.1.71 webcache03=10.0.1.72 webcache04=10.0.1.73 ## Definicion de Tablas table mobileweb { $mobileWap01 $mobileWap02 } table webcaches { $webcache01 $webcache02 $webcache03 $webcache04 } table webcaches1 { $webcache01 } ## Definicion de protocolos (Filtros) http protocol tld { # Parametros de rendimiento tcp {nodelay, sack, socket buffer 65536, backlog 100 } ## Prueba # return error # Cerramos la conexion header change Connection to close # Block disallowed sites label URL Request DENIED request header expect tld.com.ar from Host request header expect www.tld.com.ar from Host request header expect s.tld.com.ar from Host request header expect get.tld.com.ar from Host request header expect test.tld.com.ar from Host # Block disallowed browsers label Please try a emdifferent Browser/em header filter Mozilla/4.0 * from User-Agent header append $REMOTE_ADDR to X-Forwarded-For cookie hash sessid } http protocol tld1 { # Parametros de rendimiento tcp {nodelay, sack, socket buffer 65536, backlog 100 } # return error # Cerramos la conexion header change Connection to close # Block disallowed sites label URL Request DENIED request header expect tld1.com.ar from Host request header expect *.tld1.com.ar from Host request header expect rojas.tld1.com.ar from Host # Block disallowed browsers label Please try a emdifferent Browser/em header filter Mozilla/4.0 * from User-Agent header append $REMOTE_ADDR to X-Forwarded-For cookie hash sessid } http protocol tld2 { # Parametros de rendimiento tcp {nodelay, sack, socket buffer 65536, backlog 100 } # return error # Cerramos la conexion header change Connection to close # request header expect *.tld2.com.ar from Host header append $REMOTE_ADDR to X-Forwarded-For } ## Definicion de los relays relay tld { listen on $address2 port 80 protocol tld forward to mobileweb port 80 mode roundrobin check http /relaycheck/mobileWAP/index.php code 200 } relay tld1 { listen on $address3 port 80 protocol tld1 forward to webcaches port 80 mode roundrobin check http /monitoreo/relayd.txt code 200 } relay tld2 { listen on $address1 port 80 protocol tld2 forward to webcaches1 port 80 mode roundrobin check http /monitoreo/relayd.txt code 200 } I will provide shortly the tcpdump you request me. Thanks in advance Saludos / Regards Leonardo Santagostini 2013/3/1 Reyk Floeter r...@openbsd.org: Hi, Am 01.03.2013 um 15:24 schrieb
Re: Issue with PF + Relayd
Hello Reyk, After probing using my browser without proxy all worked fine. I tried with 2 different proxies (one ISA and one Squid) without luck. Th proxy gives to me a Zero sized reply, maybe proxy doesnt like DSR Sorry for bother you all :) Saludos / Regards Leonardo Santagostini 2013/3/1 Leonardo Santagostini lsantagost...@gmail.com: Hello Reyk, sorry for the inconsistencies, they was for hide the real name (for protecting internal things). Here comes the config with the homework well done (sorry again) ext_if=pcn0 set fingerprints /etc/pf.os set optimization aggressive # match on $ext_if all scrub (no-df) # Genero las tablas que voy a usar table ips_malas persist table redes_yell persist file /etc/redes.yell table redes_permitidas persist file /etc/redes_permitidas.txt # Defino la ip del balanceador para Mobile address_mobile = 10.0.1.181 address1 = 10.0.1.16 # Dejo de procesar cuando se trata de las redes internas pass in quick from redes_yell to any # Dejo pasar las ips desde las redes permitidas pass in quick from redes_permitidas to $address_mobile # Genero el block block in quick from ips_malas block in log quick on $ext_if proto tcp from any os NMAP to any label ExtNMAPScan # Proteccion contra nmap y herramientas similares # block in quick on $ext_if proto tcp flags FUP/WEUAPRSF block in quick on $ext_if proto tcp flags WEUAPRSF/WEUAPRSF block in quick on $ext_if proto tcp flags SRAFU/WEUAPRSF block in quick on $ext_if proto tcp flags /WEUAPRSF block in quick on $ext_if proto tcp flags SR/SR block in quick on $ext_if proto tcp flags SF/SF block in quick from urpf-failed # Aplico reglas de DoS y Syn Flood en tld pass in log on $ext_if proto tcp to $address_mobile port www keep state (sloppy, max 1, max-src-nodes 5000, max-src-conn 100, max-src-conn-rate 95/2, adap tive.start 6000, adaptive.end 12000, tcp.first 15, tcp.opening 5, tcp.established 3600, tcp.closing 5, tcp.finwait 15, tcp.closed 15, tcp.tsdiff 5) # Aplico reglas de DoS y Syn Flood en tld2 pass in on $ext_if proto tcp to $address1 port www keep state (sloppy, max 1, max-src-nodes 5000, max-src-conn 150, max-src-conn-rate 150/3) # Anchor Para relayd anchor relayd/* # Archivo de configuracion de balanceo ## Opciones globales interval 5 timeout 1000 prefork 5 ## Direcciones de las vip address1=10.0.1.16 address2=10.0.1.181 address3=10.0.1.182 ## Direcciones de los servidores mobileWap01=10.0.1.200 mobileWap02=10.0.1.201 webcache01=10.0.1.70 webcache02=10.0.1.71 webcache03=10.0.1.72 webcache04=10.0.1.73 ## Definicion de Tablas table mobileweb { $mobileWap01 $mobileWap02 } table webcaches { $webcache01 $webcache02 $webcache03 $webcache04 } table webcaches1 { $webcache01 } ## Definicion de protocolos (Filtros) http protocol tld { # Parametros de rendimiento tcp {nodelay, sack, socket buffer 65536, backlog 100 } ## Prueba # return error # Cerramos la conexion header change Connection to close # Block disallowed sites label URL Request DENIED request header expect tld.com.ar from Host request header expect www.tld.com.ar from Host request header expect s.tld.com.ar from Host request header expect get.tld.com.ar from Host request header expect test.tld.com.ar from Host # Block disallowed browsers label Please try a emdifferent Browser/em header filter Mozilla/4.0 * from User-Agent header append $REMOTE_ADDR to X-Forwarded-For cookie hash sessid } http protocol tld1 { # Parametros de rendimiento tcp {nodelay, sack, socket buffer 65536, backlog 100 } # return error # Cerramos la conexion header change Connection to close # Block disallowed sites label URL Request DENIED request header expect tld1.com.ar from Host request header expect *.tld1.com.ar from Host request header expect rojas.tld1.com.ar from Host # Block disallowed browsers label Please try a emdifferent Browser/em header filter Mozilla/4.0 * from User-Agent header append $REMOTE_ADDR to X-Forwarded-For cookie hash sessid } http protocol tld2 { # Parametros de rendimiento tcp {nodelay, sack, socket buffer 65536, backlog 100 } # return error # Cerramos la conexion header change Connection to close # request header expect *.tld2.com.ar from Host header append $REMOTE_ADDR to X-Forwarded-For } ## Definicion de los relays relay tld { listen on $address2 port 80 protocol tld forward to mobileweb port 80 mode roundrobin check http /relaycheck/mobileWAP/index.php code 200 } relay tld1 { listen on $address3 port 80 protocol tld1