Re: Problme parsing the BGP UPDATE file

On Tue, May 16, 2017 at 11:53:22AM +, Stuart Henderson wrote: > On 2017-05-16, Nagarjun G wrote: > > Hi Team, > > > > We are running an OpenBGPD router inside an AS we own. We are collecting > > BGP RIB files every 2 hours and UPDATE files every 5 mins. I tried parsing > > these files using so

Re: OpenBSD 6.1 current relayd TLS error "cannot load certificates"

On Fri, Jun 02, 2017 at 08:38:50PM -0700, Dillon Jay Pena wrote: > I'm not understanding why I'm getting a relayd error. Thanks in advance. > > According to > http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/relayd.conf.5#listen_on, > I just need address.crt and private/address.key to

Re: What's changing the default route?

On Sat, Jul 01, 2017 at 04:48:05PM +0200, tonypon...@mail.com wrote: > I use an ssh tunnel for a VPN on OpenBSD 6.1. To initiate the VPN > connection, I type the following on the local machine > > # ssh -f -w 0:1 R true > # ifconfig tun0 10.1.1.1 10.1.1.2 netmask 255.255.255.252 > # route add

Re: What's changing the default route?

On Sun, Jul 02, 2017 at 08:27:36AM +, Stuart Henderson wrote: > On 2017-07-01, Claudio Jeker wrote: > > On Sat, Jul 01, 2017 at 04:48:05PM +0200, tonypon...@mail.com wrote: > >> I use an ssh tunnel for a VPN on OpenBSD 6.1. To initiate the VPN > >> connection,

Re: Gbit performance parameters

On Wed, Jul 12, 2017 at 06:07:28PM +0200, Per-Olov Sjöholm wrote: > Hi > > I have seen net.inet.ip.ifq.drops on my firewall after upgrading the internet > connection and therefor try to tweak it a little. The FW has 4 (but only two > used) physical Intel Gig interfaces. The internal interface ha

Re: Choice of sis(4) versus vr(4) ?

On Mon, Jul 17, 2017 at 09:07:04PM +0300, Lars Noodén wrote: > I'm looking to refurbish an old device and will probably add a network > card to it. Are there any reasons based on the current drivers or the > hardware itself to choose sis(4) or vr(4) over one or the other on > i386 -curren? > The

Re: relayd l7 loadbalancing

On Wed, Aug 16, 2017 at 10:27:58AM +0200, Maxim Bourmistrov wrote: > > Once connection is established, state is created in PF. Subsequent requests > will be ???pipelined???. > It is possible to influence this behavior by manipulating tcp.established in > pf.conf, > but I don???t think this is wh

Re: bgpd.conf invalidated on 6.2

On Mon, Oct 16, 2017 at 12:13:14PM +0200, Marko Cupa?? wrote: > Hi, > > I've just upgraded one of my firewalls to 6.2, but bgpd won't start > with bgpd.conf which worked for 5 releases or so. > > Here's error message: > /etc/bgpd.conf:11: duplicate prefix in network statement > config file /etc/b

Re: Dell PowerEdge R430/R440 support

On Wed, Apr 25, 2018 at 12:22:43PM +0200, Jan Vlach wrote: > Hello misc, > > has anybody Dell PowerEdge R430 or E440 running with OpenBSD? Is the > hardware supported? > > I can't really get the exact chipsets from vendor to cross check with > drivers in OpenBSD and I can't find dmesg or mention

Re: relayd for TLS termination

On Sat, Apr 28, 2018 at 09:39:56AM -0400, David Higgs wrote: > I run several services on the same host and would like to consolidate > certificate management with the help of relayd. > > Before: > - acme-client generates certificates via LE > - kibana running https on port 5601 > - unifi running h

Re: attach chroot-jail to switchd(8) ?

On Thu, May 24, 2018 at 09:22:32AM -0400, trondd wrote: > On Wed, May 23, 2018 4:35 am, Thomas Huber wrote: > > Hi all, > > > > I´m just tinkering a little bit and try to mimic some "containerization" > > on > > OpenBSD with chroot. Is it somehow possible to attach a chrooted > > envirionment to s

Re: edgerouter 6 / rdomain at boot

On Sun, Jul 01, 2018 at 06:26:04AM +0200, Holger Glaess wrote: > hi > > > normaly work this on intel , > > farin# cat /etc/hostname.lo2 > > rdomain 2 > inet 127.0.0.1/8 This stopped working some time ago. Now lo2 is automatically created when rdomain 2 is created. The problem is that actually

Re: clearing the disk cache

On Tue, Jul 03, 2018 at 09:42:46AM +0200, Maximilian Pichler wrote: > I'm doing some performance tests that include reading files from disk > and want to make sure that each test takes place under similar > conditions. > > In particular, how can one clear the disk cache? (I want to make sure > tha

Re: clearing the disk cache

On Tue, Jul 03, 2018 at 01:30:20PM +0200, Maximilian Pichler wrote: > On Tue, Jul 3, 2018 at 11:47 AM, Janne Johansson wrote: > > https://www.tedunangst.com/flak/post/2Q-buffer-cache-algorithm > > Thanks. If I'm reading this correctly upon access (read or write), an > action is performed dependin

Re: cannot get re(4) to use 1000baseT

On Wed, Jul 18, 2018 at 04:27:45PM +0200, Jan Stary wrote: > This is 6.3-current on and amd64 PC (dmesg below), using > > re0 at pci2 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E-VL > (0x2c80), msi, address 50:e5:49:36:ec:0d > > as the NIC. With a hostname.re0 that says > > in

Re: Intel i350 Offloading not working

On Sat, Jul 21, 2018 at 07:02:08PM +, Stuart Henderson wrote: > On 2018-07-21, Adonis Peralta wrote: > > Is there a reason why the offloading features shouldn???t work correctly > > on OpenBSD? > > If you can figure out why it doesn't work, you'll be well on the way to > fixing it. > > > i35

Re: how to switch to a snapshot?

On Wed, Jul 25, 2018 at 12:57:33PM +0200, Rudolf Sykora wrote: > Hello, > > I'd perhaps like to switch to a recent snapshot. > I read > https://www.openbsd.org/faq/current.html > but do not quite understand it. > > If I download the snapshot (ie bsd.rd), boot from it, choose Upgrade > at the prom

Re: openBGPd crashes in 6.2 and 6.3: "a politician in the decision process"

On Thu, Aug 23, 2018 at 10:05:30AM +0200, Pietro Stäheli wrote: > Hi, > > openBGPd is running at an internet exchange, two openBSD route servers > (rs3 on openBSD 6.3 and rs4 on openBSD 6.2, both virtual machines on > different hypervisors in different locations) connect with peering > customers.

Re: netstat - process names

On Sun, Aug 26, 2018 at 01:19:05PM +0100, he...@ezaquarii.com wrote: > Hi, > > I'm looking for a way to see which processes are listening > on incoming tcp/udp connections. > > So, here is my output of netstat -f inet -p udp -l > > Proto Recv-Q Send-Q Local Address Foreign Address

Re: "Transit" BGPD not announcing learnt routes to neighbors

On Sun, Sep 09, 2018 at 01:17:40PM +, Tim Jones wrote: > Hi, > > I'm working with something in a lab environment at the moment, testing out > OpenBGPD to see if it can replace "something else" on an internal network. > > I have three OpenBSD instances (A <->B<->C), and whilst B is learning r

Re: Minimum Holdtime for BGP OpenBGPd in Production

On Tue, Sep 18, 2018 at 05:11:24AM +0100, Tom Smyth wrote: > Hello all, > I was wondering what is the lowest values of BGP holdtime that you > recommend running in production ? I recomend using the default especially against ebgp peers. > I would like to set them to a lower value to detect an is

Re: PF possibly causing weird SSL issues ?

On Wed, Sep 19, 2018 at 10:00:28AM +, Tim Jones wrote: > > > This feels like it might be an MTU related problem, especially likely > > if the connection is going via pppoe or a tunnel - you may need "scrub > > (max-mss ##)". > > > > The way Google's TLS server handshake is setup, it fits in pp

Re: Adding interfaces to ospf

On Wed, Sep 26, 2018 at 11:31:21PM +0200, Simen Stavdal wrote: > Hello, > > I am setting up an ospf lab, and have a quick question. > The answer is probably right in front of me, but I just can't seem to find > it. > > I have a basic ospfd.conf including some active and some passive interfaces. >

Re: Routing stops after ipsec/gre tunnel activates

On Mon, Oct 01, 2018 at 04:16:48PM +0100, Kaya Saman wrote: > > On 10/1/18 4:12 PM, Janne Johansson wrote: > > > > > > Den mån 1 okt. 2018 kl 16:56 skrev Kaya Saman > >: > > > > Hi, > > I've got an issue where something strange is happening with the > >

Re: Redistributing between bgpd and ospfd

On Mon, Oct 15, 2018 at 02:48:31PM +0300, Gregory Edigarov wrote: > On 15.10.18 12:58, Sebastian Benoit wrote: > > open...@kene.nu(open...@kene.nu) on 2018.10.15 11:05:41 +0200: > > > Hello, > > > > > > I am trying to get bgpd and ospfd play nicely with route redistribution. > > > > > > So far th

Re: Redistributing between bgpd and ospfd

On Tue, Oct 16, 2018 at 09:13:20AM +0200, open...@kene.nu wrote: > Hello, > > Only relying on OSPF hellos effectively makes it mimic BGP with its > keepalives. I will ponder the value of transporting the underlay in > OSPF, effectively transporting loopback peering addresses for BGP in > OSPF. I a

Re: Redistributing between bgpd and ospfd

..@nevtelen.com) on 2018.10.16 15:11:51 +0200: > > > > On Tue, Oct 16, 2018 at 10:21:37AM +0200, Claudio Jeker wrote: > > > > > On Tue, Oct 16, 2018 at 09:13:20AM +0200, open...@kene.nu wrote: > > > > > > Hello, > > > > > > > > > > &g

Re: bgp match to $neighbor set nexthop $carp_ip on 6.4

On Mon, Oct 22, 2018 at 01:17:30PM +0200, Marko Cupa? wrote: > Hi, > > I am struggling to announce nexthop to my bgp peers after default > ruleset change in 6.4's bgpd.conf. > > On 6.3, I used to have: > > match to $ISP1 set nexthop $CARP_TO_ISP1 > match to $ISP2 set nexthop $CARP_TO_ISP2 > deny

Re: bgpctl not showing rib entries, pftables empty

On Mon, Oct 29, 2018 at 09:30:44AM +0100, Peter Hessler wrote: > Hi Ashe > > Sorry about that, I forgot a part of the config file. > > You'll need to add "nexthop qualify via default" to the global part of > the configuration. Since the routers sending you the information are > not on your local

Re: bgpd: announce loopback / local prefix

On Mon, Oct 29, 2018 at 09:51:46PM +0100, Pierre Emeriaud wrote: > Le lun. 29 oct. 2018 à 14:43, Pierre Emeriaud > a écrit : > > > > Is there a good way to redistribute those local prefixes? like what > > "network local" would do. > > denis@ informed me about the recently introduced "network inet

Re: bgpd: announce loopback / local prefix

On Mon, Oct 29, 2018 at 10:26:40PM +0100, Pierre Emeriaud wrote: > Le lun. 29 oct. 2018 à 22:04, Claudio Jeker a > écrit : > > > > Another option is to set the rtlabel on the interface and then use network > > rtlabel to redistribute it. > > I tried that, b

Re: [OpenIKED] Is it impossible to differentiate the policies by dstid?

On Tue, Nov 06, 2018 at 05:42:08PM -0500, Daniel Ouellet wrote: > The source ID does default yes, but I have a tunnel gateway for multiple > VPN and I HAD to specify the dstid on the passive side as well or ONLY > the last rule was picked up for the 0.0.0.0/0 of some of them as an > example for all

Re: performance of intel multithreading

On Wed, Nov 07, 2018 at 07:34:57PM +0300, Kihaguru Gathura wrote: > Hi, > > > On Wednesday, November 7, 2018, Nick Holland > wrote: > > On 11/05/18 23:51, Kihaguru Gathura wrote: > >> Hi, > >> > >> From a security standpoint, > >> which platform will offer better performance > > > > huh? What's

Re: BGPlooking glass in 1 RDOMAIN BGPD in another RDomain

On Sun, Nov 18, 2018 at 10:57:01PM +, Tom Smyth wrote: > Hello, > > I have a Looking glass that I want to run on a management interface > that is in a separate rdomain to the BGP router ... > > is there away we can have the the bgprocess in one RDomain (main Rdomain) > and the the bgp loo

Re: routing with DMZ between internal and external firewall

On Mon, Mar 16, 2020 at 09:49:30AM +0100, pebwindkraft wrote: > Hi, > > I have a question concerning static routes and default gateways for a DMZ > setup, with internal and external firewall. > A DNS in the DMZ shall be used from internal machines, and later a http > proxy from internal and extern

Re: BGP and carp slaves

On Thu, Apr 02, 2020 at 11:34:21AM +0200, Luca Bodini wrote: > Hi folks, > > I’m just having a strange issue using OpenBSD 6.6 and BGP . > I have two OpenBSD firewalls with a carp configuration, let’s suppose the > shared IP is 10.10.10.100, and I am able to announce 10.10.10.100/32 via BGP. > No

Re: OSPF seems to stops processing updates

On Mon, Apr 13, 2020 at 02:08:31PM +0200, Remi Locherer wrote: > On Mon, Apr 13, 2020 at 12:05:10PM +0100, Richard Chivers wrote: > > Thanks. Please see my comments below. > > > > On Mon, 13 Apr 2020, 10:18 Remi Locherer, wrote: > > > > > Hi Richard, > > > > > > On Mon, Apr 13, 2020 at 08:38:31A

Re: MultiPath / ADD_PATH for bgpd

On Wed, Apr 15, 2020 at 08:16:14PM +0100, Richard Chivers wrote: > Hi, > > Just wondering if anyone can help. > > I saw back in late 2018 that there were some initial plans for ADD_PATH and > Multipath in bgpd, it was in a list on a slide right after the portable > version. https://youtu.be/4gOoP

Re: BGPD announce deprecation query

On Sun, Apr 19, 2020 at 08:07:48AM +0100, Richard Chivers wrote: > Hi, > > Just been building a copy of our production system in vagrant to test > upgrading to the latest version, in order to resolve an issue we were > having. > > In our current config we have: > > group "core" { > local

Re: socket I/O on openbsd

On Tue, Apr 21, 2020 at 10:48:46PM -0300, Gustavo Rios wrote: > Dear gentleman, > > i have the an ANSI C code that do the following: > > 0. open a socket > 1. write data to the socket > 2. close the writing end of the socket > 3. read data from the socket > 4. close the read end of the socket >

Re: Ospfd default route query

On Sun, Apr 26, 2020 at 08:44:42PM +0100, Richard Chivers wrote: > Not sure how I missed the clear information in the man page... > > "If set to default, a default route pointing to this router will be > announced over OSPF" > > It seems I am just having an issue and it should work as I expected.

Re: Ospfd default route query

> > Is that the best/general practise in general? I would use a -blackhole route (no need to send out ICMP messages) but yes, that is what I normally use in such a case (at least for the DFZ). > Cheers > > Richard > > On Mon, Apr 27, 2020 at 8:25 AM Claudio Jeker >

Re: bad AGGREGATOR, AS 0 not allowed

On Wed, Apr 29, 2020 at 05:45:30PM +0200, Marko Cupać wrote: > Hi, > > on 6.6-RELEASE amd64, (sys)patched up to 019_smtpd_exec, I am noticing > these: > > Apr 29 17:23:33 bgp1 bgpd[42338]: neighbor IP.ADD.RE.SS (desc): bad > AGGREGATOR, AS 0 not allowed, attribute discarded > > My bgpd.conf is a

Re: OSPF lsa_check issue

On Tue, May 05, 2020 at 09:07:34AM +0100, Richard Chivers wrote: > After some more work this morning we have managed to extract the > information from tcpdump of the full LS-Update packet, we couldn't see it > on bsd, but running: > > tcpdump -v -r ~/Downloads/ospf.pcap on osx did the trick. > >

Re: OSPF lsa_check issue

On Tue, May 05, 2020 at 10:51:40AM +0200, Claudio Jeker wrote: > On Tue, May 05, 2020 at 09:07:34AM +0100, Richard Chivers wrote: > > After some more work this morning we have managed to extract the > > information from tcpdump of the full LS-Update packet, we couldn't se

Re: OSPF lsa_check issue

On Wed, May 06, 2020 at 09:33:11AM +0100, Richard Chivers wrote: > Hi, > > Some progress has been made, we can now replicate this consistently and it > appears that whenever a LS update exceeds the mtu (1500) we get this issue > of lsa_check bad age. > > When running with the diff Claudio sent we

Re: OSPF lsa_check issue

On Wed, May 06, 2020 at 03:23:06PM +0100, Richard Chivers wrote: > Hi, > > Thanks so much for the diff, it appears to have resolved the issue. > > We are now trying to establish whether we need the fix widely deployed or > only on the box that originates with the large LSA updates, pushing it ove

Re: RT_TABLEID_MAX behavior changed?

On Sun, May 17, 2020 at 10:16:28PM +0300, Bars Bars wrote: > it seems the things work just when i rebuild userland completely (im pretty > sure i did it only with compiling kernel in past, correct me if i wrong?). > > btw, questions for the Devs. > Looking at the cvs history, i really worried that

Re: RT_TABLEID_MAX behavior changed?

> limit is 8 bits instead of 16 in earlier releases. > > > > > > > > пн, 18 мая 2020 г. в 11:51, Bars Bars : > > > >> Hi, Claudio > >> > >> I mean these in sys/socket.h > >> /* > >> * Maximum number of alternate routing tables >

Re: Convert ffs1 to ffs2?

On Wed, May 20, 2020 at 11:30:00AM +0300, Михаил Попов wrote: > > "Possible" is irrelevant. Lots of things are _possible_ but not done. > > Then only rsyncing? There is also dump and restore. > Why not adding at least one of a well tested journaled FS like XFS to OpenBSD? > Is XFS too fat and c

Re: OpenBGPD fatal in RDE: rde_dispatch_imsg_session: imsg_get error: Cannot allocate memory

On Tue, Jun 30, 2020 at 10:23:07AM +0200, Laurent CARON wrote: > Hi, > > > I'm running a pretty busy OpenBGPd router (~250 bgp sessions) with 4 IPv4 > and 4 IPv6 full views, plus a few IX sessions. > > > # bgpctl show rib mem > RDE memory statistics >     820983 IPv4 unicast network entries usi

Re: CPU usage of httpd+slowcgi

On Mon, Jul 27, 2020 at 02:54:25PM +0100, Stuart Henderson wrote: > Replying back on-list, I don't do support-type mails off-list, and other > people know more about sparc64 hardware than me. > > On 2020/07/26 22:38, Kihaguru Gathura wrote: > > Hi Stuart, > > > > For legacy, single-core CPU's suc

Re: rtables and kernel routes

On Fri, Aug 21, 2020 at 08:45:36AM +0200, open...@kene.nu wrote: > Hello, > > I am seeing rather strange, or maybe expected, behaviour. I utilise > rtables to send internal traffic towards the internet via a default > route in rtable 2. The traffic is punted to rtable 2 with pf. The > strangeness

Re: bgpd config advice needed

On Mon, Aug 24, 2020 at 04:36:10PM +, Laura Smith wrote: > Hi, > > Let's say I've got a scenario where I've got transit ISPs and peering > connections. > > My general config rule is that I use med to prioritise peering over transit > (because localpref is too high up in the BGP selection al

Re: pf, send(2) and EACCES

On Fri, Aug 28, 2020 at 11:40:17AM -0400, Daniel Jakots wrote: > On Fri, 28 Aug 2020 16:06:48 +0200, Sebastien Marie > wrote: > > > - generate lot of postgresql access. from postgresql thread, the > > statement seems to be a SELECT, so it would be fine to ran in loop > > (hopping no cache and rea

Re: Primepower 250 vs Sunfire v215

On Sun, Sep 20, 2020 at 09:02:55AM +0300, Kihaguru Gathura wrote: > Hi, > > For those who have experience with older Sparc machines, Which hardware > offers better reliability/stability? > > Fujitsu Primepower 250 or Sun fire V215. > Depends mostly on how well they were handled. Also if they ar

Re: Primepower 250 vs Sunfire v215

On Sun, Sep 20, 2020 at 08:00:45PM +0300, Kihaguru Gathura wrote: > > The Primepower is bigger and needs more power but if you find a box with > > good CPUs and memory it should run faster than a V215 > > How did the performance of the PrimePower 250 SCSI drives compare to Sun > Fire V215 SAS driv

Re: Moving from Bird to OpenBGPD

On Sun, Jul 14, 2019 at 07:28:29PM -0700, BSD user wrote: > > > On 7/14/19 12:52 AM, Denis Fondras wrote: > > On Sat, Jul 13, 2019 at 09:44:28PM -0700, BSD user wrote: > > > Hello, > > > > > > My apologies for sending this email multiple times. > > > > > > I was so mortified by Tutanota's awful

Re: Moving from Bird to OpenBGPD

On Mon, Jul 15, 2019 at 11:33:45PM -0700, BSD user wrote: > > > On 7/14/19 11:24 PM, Claudio Jeker wrote: > > On Sun, Jul 14, 2019 at 07:28:29PM -0700, BSD user wrote: > > > > > > > > > On 7/14/19 12:52 AM, Denis Fondras wrote: > > > > On

Re: Best 1Gbe NIC

On Fri, Aug 02, 2019 at 12:28:58PM +0100, Andy Lemin wrote: > Ahhh, thank you! > > I didn’t realise this had changed and now the drivers are written with > full knowledge of the interface. That is an overstatement but we know for sure a lot more about these cards then many other less open ones.

Re: Building Unbound with Python module support

On Wed, Aug 07, 2019 at 08:44:07AM +0100, Andy Lemin wrote: > Morning Stuart, > > So I’ve tested with the base build options properly, the initial errors I saw > before have gone which is good. But I have a more fundamental issue with > Unbound now sadly. > > Swig successfully built “/usr/src/u

Re: missing SYN_RECV in netstat

On Tue, Aug 20, 2019 at 07:36:11PM +0200, Peter J. Philipp wrote: > Hi, > > On the NANOG list there is a thread about something synflooding: > https://mailman.nanog.org/pipermail/nanog/2019-August/102713.html > > Most of my hosts are synflooded, and I was wondering why my OpenBSD > hosts don't sh

Re: ldapd hangs/stalls

On Wed, Aug 28, 2019 at 03:17:05PM -0400, Allan Streib wrote: > Allan Streib writes: > > > Running a rather busy ldapd host, and seeing some hangs in responses to > > queries. > > > I see that fstat -u _ldapd always ends at FD 119 when the hang occurs: > > [...] > _ldapd ldapd 42641 11

Re: Prometheus node_exporter on OpenBSD - anyone managed ?

On Thu, Sep 19, 2019 at 10:13:23PM +, Travis Cole wrote: > > Looks like they are assuming GNU make. > > > Try doing the build with 'gmake'. > > > If you don't already have gmake installed: > > > # pkg_add gmake > Or just do `pkg_add node_exporter`. While prometheus does not provide a p

Re: What is the 3rd column in the learned mac address list in ifconfig

On Fri, Sep 20, 2019 at 07:16:15AM +0100, Tom Smyth wrote: > Hi all, hope those of you at eurobsdcon are enjoying your selves > wish I was there > I waswondering what is the 3rd column in the learned mac address list in > the column is a number 0 or 1 after the interface name in > ifconfig brid

Re: Prometheus node_exporter on OpenBSD - anyone managed ?

On Fri, Sep 20, 2019 at 10:36:11AM +0200, Rachel Roch wrote: > Claudio, > > pkg_add node_exporter ? > > I already had a good look at the package list on the FTP mirror and > can't see any node_exporter there ?  pkg_add seems to agree with me, it > says "can't find node_exporter" ? > > Certainly

Re: bgpctl sho ri nei terse output vs man page discrepancy

On Sun, Sep 22, 2019 at 04:48:18PM -, Stuart Henderson wrote: > On 2019-09-22, Rachel Roch wrote: > > Hi, > > > > Hopefully I'm not missing something silly here but I've read the paragraph > > in the man page and it only lists 15 variables: > > > > "The printed numbers are the sent and receiv

Re: bgplg ping/traceroute failed

On Thu, Oct 03, 2019 at 02:07:58PM -0400, Henry Bonath wrote: > Hello Misc, > > I had thought that I had configured the looking glass correctly per the man > page, > I have everything else working correctly, with custom header and footer > with CSS and all works great. > Whenever I attempt to ping

Re: bgpctl(8) community question

On Mon, Oct 07, 2019 at 04:48:34PM -0500, Adam Thompson wrote: > [OpenBSD 6.5-STABLE, up to date] > > When using bgpctl(8), I'm able to do almost everything I need, but I'm > having trouble figuring out how to do one thing: > > How do I show routes that do NOT have a community (or ext-community,

Re: Strong Host Model in OpenBSD network stack

On Fri, Oct 18, 2019 at 07:21:42AM +0200, Remi Locherer wrote: > On Thu, Oct 17, 2019 at 10:33:41PM -0600, Theo de Raadt wrote: > > > Setting net.inet.ip.check_interface=1 on FreeBSD stopped any ICMP Echo > > > replies immediately. > > > > > > On NetBSD I set net.inet.ip.checkinterface=1 and it sh

Re: Strong Host Model in OpenBSD network stack

On Thu, Oct 17, 2019 at 09:50:28PM +0200, Bastian Kanbach wrote: > Hello, > > recently I was performing some checks that relate to the "Strong Host > Model" and "Weak Host Model", and I noticed that OpenBSD was behaving > different than I expected. I always assumed that the network stack of > Open

Re: Requesting vi tips

On Fri, Oct 18, 2019 at 03:12:37PM +0100, cho...@jtan.com wrote: > OK this has started to get on my nerves now. > > I use vi to enter emails despite using evil emacs for development and > other general editing. Rather than linking them together (they're on > seperate machines) to enter emails in e

Re: Does net.mpls.maxloop_inkernel do anything?

On Thu, Oct 24, 2019 at 12:01:35PM +0100, Thomas Habets wrote: > $ cd /usr/src/sys > $ grep mpls_inkloop -r . > ./netmpls/mpls.h: &mpls_inkloop, \ > ./netmpls/mpls.h:extern int mpls_inkloop; > ./netmpls/mpls_raw.c:int mpls_inkloop = MPLS_INKERNEL_LOOP_MAX; > $ grep -r MPLSCTL_MAXI

Re: LDAP tls: handshake failure

On Thu, Oct 24, 2019 at 02:06:47PM +0200, Martijn van Duren wrote: > On 10/24/19 1:50 PM, Robert Klein wrote: > > Hi, > > > > > > > > On Thu, 24 Oct 2019 05:26:49 +0200, > > Predrag Punosevac wrote: > >> > >> Kapetanakis Giannis wrote: > >> > >>> On 23/10/2019 19:14, Predrag Punosevac wrote: > >

Re: random packet drops with syncookies/synproxy

On Sat, Nov 09, 2019 at 01:30:32PM +0100, Markus Wernig wrote: > Hm, also no replies to that one :-) > > On 11/6/19 8:15 PM, Markus Wernig wrote: > > > So just to make sure: Is anybody using syncookies and/or synproxy in > > production in a similar setup? > > So nobody is using syncookies/synpro

Re: route an IPv4 /32 to a different interface

On Sun, Dec 15, 2019 at 08:57:48PM +0100, Denis Fondras wrote: > Hi, > > I have this setup : > > em3: flags=8843 mtu 1500 > lladdr > index 4 priority 0 llprio 3 > media: Ethernet autoselect (1000baseSX full-duplex) > status: active > inet6 fe80::aa9:b803:8

Re: Readv and writev failing across ethernet

On Mon, Dec 23, 2019 at 08:17:37AM -0800, Philip Guenther wrote: > On Mon, Dec 23, 2019 at 5:04 AM Raymond, David > wrote: > > > The "timeout" error was numerically 60. Curiously, boards with RTL > > 8111GR chips did not produce these errors, but those with RTL 8111H > > chips did. Unfortunatel

Re: The OpenBSD talk at 36c3

On Sun, Dec 29, 2019 at 01:29:12PM +0100, Henry Jensen wrote: > Greetings, > > for those who didn't watched it, there is an accompanied site at > https://isopenbsdsecu.re/ > > Summary: There are a lot of claims. The speaker basically said, that > some mitigations are "cool", but other, more or le

Re: tap(4) performance tuning on (amd64)

/tun0 /dev/tun1' to wire tun0 and tun1 together. You can select between, select(2), poll(2), kqueue(2) and pthreads as the way on how to multiplex the reads. For me the code triggers scheduler inefficencies and causes packets drops on the output queue when there are multiple packet produc

Re: tap(4) performance tuning on (amd64)

he usage message and gives an errorlevel of 1 > every time use the -k or -t or -s or -p arguments see terminal > conversation below > Shit, I added a last minute check and as usual introduced a bug. Line 189 change if (ch != 0) to if (mode != 0) -- :wq Claudio /* * Copyright (c)

Re: Fwd: tap(4) performance tuning on (amd64)

On Tue, Jan 21, 2020 at 09:17:20PM +, Tom Smyth wrote: > in testing tap(4) performance on the same box with the following config > using claudios userlandbridge (tbridge) in between two tap interfaces > each tap was also added their own standard bridge(4) along with 1 physical > interface. >

Re: ahci issue corebooted X220 does not recognise usb or stata

On Wed, Feb 19, 2020 at 02:34:40PM +0100, Thomas Meulendijks wrote: > Hi OpenBSD Mailing list, > > I am trying to install Openbsd via the install66.fs on a Thinkpad X220 > [amd64] with coreboot. > I have the problem that it does not recognize any USB or SATA device may it > be storage or periphe

Re: size of size_t (diff angle)

This has not much to do with OpenBSD. As for OpenBSD, it only runs on two types of machines: ILP32 and I32LP64. Any other type of machine that is not covered by these two types will not run OpenBSD. In both cases size_t is defined as unsigned long which is the same as uintptr_t and the same size a

Re: size of size_t (diff angle)

On Thu, Feb 27, 2020 at 02:07:36PM +0100, zeurk...@volny.cz wrote: > Haai, > > "Claudio Jeker" wrote: > > This has not much to do with OpenBSD. > > On the contrary: these issues touch the fundaments of UNIX programming. > > > As for OpenBSD, it only

Re: rdomain 0 and dafault route

On Tue, Oct 06, 2015 at 06:49:29AM +0200, Holger Glaess wrote: > hi > > just a simple question > > how can i setup an kind of "default route" in rdomain 0 > to , for example , rdomain 2. > > i have 3 rdomain > > the default one > one with the internet connection ( rdomain 1 ) > one for my wlan

Re: rdomain 0 and dafault route

On Tue, Oct 06, 2015 at 08:58:24AM +0200, Holger Glaess wrote: > hi > > > On Tue, Oct 06, 2015 at 06:49:29AM +0200, Holger Glaess wrote: > >> hi > >> > >> just a simple question > >> > >> how can i setup an kind of "default route" in rdomain 0 > >> to , for example , rdomain 2. > >> > >> i have 3

Re: bgpd+ospfd configuration question

On Tue, Oct 20, 2015 at 11:07:12AM -0400, John E.P. Hynes wrote: > Hi list, > > I've read through the docs and Claudio's guide, but something isn't > clear to me I'm hoping to get some direction on: > > I am about to multihome. My uplinks to my ISPs terminate on different > OpenBSD routers. The

Re: apache 2.4 - Missing mod_cgid.so?

On Fri, Oct 23, 2015 at 07:20:43PM +0200, Alessandro DE LAURENZIS wrote: > Dear misc@ reader, > > I've just upgraded my home server to 5.8, so I switched to apache 2.4 > (from 2.2); the problem is that my git server no longer works and the > root cause seems to be that httpd2 with my current confi

Re: OpenBGPd on OpenBSD 5.8 crashing during startup

On Wed, Nov 25, 2015 at 05:08:27PM +0100, Thorleif Wiik [BCIX] wrote: > Hi, > > OpenBGPd on OpenBSD 5.8 (with all patches applied) is crashing during > startup. > > On a second box with 5.7 and the same hardware/configuration there are no > problems. > OpenBGPd is configured as route-server with

Re: PF: can't make queueing and priority work as expected

On Tue, Jan 12, 2016 at 05:33:06AM -0700, Daniel Melameth wrote: > On Mon, Jan 11, 2016 at 9:37 PM, David Gwynne wrote: > >> On 11 Jan 2016, at 22:43, Daniel Melameth wrote: > >> On Sun, Jan 10, 2016 at 7:58 AM, Marko Cupa?? > wrote: > >>> On Sat, 9 Jan 2016 11:11:27 -0700 > >>> Daniel Melameth

Re: rc.d and rtable

On Wed, Jan 27, 2016 at 12:58:48PM -0500, Jiri B wrote: > On Wed, Jan 27, 2016 at 01:40:14PM +0100, Antoine Jacoutot wrote: > > On Wed, Jan 27, 2016 at 06:47:57AM -0500, Jiri B wrote: > > > Would it be worth to extend rc.d for rtable knobs? > > > > > > - daemon_rtable varible > > > - rc_* function

Re: rc.d and rtable

On Wed, Jan 27, 2016 at 09:47:04PM +0100, Antoine Jacoutot wrote: > > > rc.d framework is so nice... not sure if this is nice way but it > > > works. Maybe check for existing rtable is not great. > > > > If I see this correctly you add a foo_rtable variable to rc.conf.local. > > I think there is s

Re: can't run multiple instances of httpd, flags not visible in processes

On Thu, Jan 28, 2016 at 06:52:18PM +0100, Ingo Schwarze wrote: > Hi, > > Antoine Jacoutot wrote on Thu, Jan 28, 2016 at 10:41:52AM +0100: > > > As mentioned in another thread already: > > # ln -s /etc/rc.d/mydaemon /etc/rc.d/mydaemon2 > > Then use mydaemon2_flags ... in rc.conf.local. > > This s

Re: bgpd in snapshot from 4 feb.

On Sun, Feb 07, 2016 at 07:53:01PM +0100, mxb wrote: > Hey, > bgpd from snap of 4 feb. fails to start (according to rc): > > shell# /etc/rc.d/bgpd start > bgpd(failed) You forgot to run sysmerge. The rc scripts changed on what they pgrep to see if the parent process is running. Since the rc scrip

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On Tue, Nov 07, 2017 at 02:42:29PM +, Stuart Henderson wrote: > On 2017/11/07 15:31, Jeremie Courreges-Anglas wrote: > > On Tue, Nov 07 2017, Stuart Henderson wrote: > > > On 2017-11-07, Kim Zeitler wrote: > > >> This is a cryptographically signed message in MIME format. > > >> > > >> ---

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On Tue, Nov 07, 2017 at 04:13:51PM +0100, Jeremie Courreges-Anglas wrote: > On Tue, Nov 07 2017, Kim Zeitler wrote: > > On 11/07/17 15:31, Jeremie Courreges-Anglas wrote: > >> On Tue, Nov 07 2017, Stuart Henderson wrote: > > > > I have a question concerning routes and ospf. > We ar

Re: relayd stops processing traffic intermittently

On Sat, Dec 23, 2017 at 11:40:57AM +0100, Mischa wrote: > Hi All, > > Since OpenBSD 6.2, just confirmed this in the latest snapshot > (GENERIC.MP#305) as well, for some reason relayd stops processing traffic and > starts flooding the log file with the following message: > > Dec 23 11:19:11 lb2

Re: relayd stops processing traffic intermittently

On Sat, Dec 23, 2017 at 02:04:19PM +0100, Mischa Peters wrote: > > > On 23 Dec 2017, at 13:08, Claudio Jeker wrote: > > > >> On Sat, Dec 23, 2017 at 11:40:57AM +0100, Mischa wrote: > >> Hi All, > >> > >> Since OpenBSD 6.2, just confirmed th

Re: relayd stops processing traffic intermittently

On Sat, Dec 23, 2017 at 02:04:19PM +0100, Mischa Peters wrote: > > > On 23 Dec 2017, at 13:08, Claudio Jeker wrote: > > > >> On Sat, Dec 23, 2017 at 11:40:57AM +0100, Mischa wrote: > >> Hi All, > >> > >> Since OpenBSD 6.2, just confirmed th

Re: iked random tunnel drops

On Thu, Jan 18, 2018 at 04:57:14PM -0600, Marc West wrote: > I have an iked tunnel between two sites, both 6.2 with two machines at > each site running carp and sasyncd. This normally runs flawlessly but > there have been several events where tunnel traffic randomly drops. > Sometimes everything r

  1   2   3   4   5   6   7   8   9   10   >