I know it's not a direct answer to your question, but OpenBSD's PXE
installation is extremely easy to implement. It is probably the best
option you have at the moment.
On Mon, 2008-11-03 at 07:20 -0500, Bob Hope wrote:
When (if ever) will support for installing OpenBSD with a USB CD-ROM
be
I'd recommend building some Supermicro boxes on the 512L-260B/PDSBM-LN2+
(1u, s775, 946gz) platform. You can build a very nice box and pair it
with riser card and a quad port DFE-570TX NIC and come in well under
your $1500 budget. If you need exact part numbers, I can get you the
ones we use.
On
Has anybody successfully installed and tested OpenBSD on a Routerboard
450G? I searched the archive for a dmesg and/ or confirmation, but
couldn't find a definitive answer.
http://routerboard.com/RB450G
Thank you,
James Shupe
Thank you. After doing a bit more research and finding no mention of the
RB450G in INSTALL.socppc, I decided to go with the Alix.2D13 board.
On 10/17/11 1:31 PM, Christiano F. Haesbaert wrote:
On 17 October 2011 16:26, James Shupe jsh...@osre.org wrote:
Has anybody successfully installed
What's it take to get an actual dmesg around here? Just post the output
for us to look at regardless of whether or not you think the messages at
boot are important. They're needed to troubleshoot any problem like
this.
Run
ifconfig carp | grep status
on both machines... If they're pre 4.8, do:
ifconfig carp | grep 'carp: '
.
If both think they're masters, they'll do what you're seeing.
Thank you,
James Shupe
On 11/28/11 12:53 PM, Stuart Henderson wrote:
dmesg?
On 2011-11-28, rik rikc...@gmail.com
are in backup status (and the
backup, using the phisical interface, can ping without any packet loss).
Thanks
Alessandro
On Mon, Nov 28, 2011 at 8:08 PM, James Shupe jsh...@osre.org wrote:
Run
ifconfig carp | grep status
on both machines... If they're pre 4.8, do:
ifconfig carp | grep 'carp
The Trentnet, or another from this list:
http://www.openbsd.org/cgi-bin/man.cgi?query=axesektion=4
--
James Shupe
No. Modifying a general purpose tool for a specific (albeit common) use
case is stupid. Any properly implemented warning would cause pfctl to
exit non-zero, which would break automated scripts that check the exit
code of pfctl. You would have to add a whole new option to ignore your
specific use
server running the software of your choice.
Thanks for the very good and hard work on the system.
I would be interested to hear any thoughts even off-list.
Regards,
Kostas
--
James Shupe
On 12/15/11 9:40 AM, David Coppa wrote:
On Thu, Dec 15, 2011 at 3:49 PM, James Shupe jsh...@osre.org wrote:
I've never used it, but I wouldn't even bother because there are no
native Java builds available for OpenBSD, and thus it's going to be
untested and completely unsupported.
Uh
On 12/16/11 4:57 AM, Kostas Zorbadelos wrote:
James Shupe jsh...@osre.org writes:
I can't speak for anycast DNS deployments, but I use OSPF heavily in
large production environments and have had a great experiences with it.
This is very nice to know, thank you.
- what is your opinion
On Fri, 2011-12-16 at 21:33 +, Stuart Henderson wrote:
On 2011-12-16, James Shupe jsh...@osre.org wrote:
Reporting shouldn't be done on your production servers. Set up a
centralized syslog server and send your query logs there for analysis.
sending dns query logs via syslog to a remote
On 02/06/2012 03:10 AM, David Walker wrote:
Hey.
Currently my backup regime is woeful.
I have years worth of work on a Windows machine and some stuff
scattered across OpenBSD machines.
You might want to look at Bacula.
[demime 1.01d removed an attachment of type application/pgp-signature
I'll try scripting NFS maybe in combination with dump on the OpenBSD
machines and see how that goes.
Best wishes.
Seriously, look at Bacula. It'll do a better job and be less headache.
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
exactly what you tell it to. The OS
is by the devs, for the devs, and if you're fortunate enough to be able
to use it, good for you. But don't complain about user friendliness
being at the bottom of their list.
--
James Shupe
case -- especially for
those of us with mass deployments.
Take your one-off, single user PC installs and RTFM.
--
James Shupe
I'm pretty sure this was just a cheap shot at marketing their website.
-James
for free advertising.
--
Thank you,
James Shupe
this post came
along.
Thank you,
James Shupe
Barrera
On Thu, Apr 8, 2010 at 00:54, James Shupe professio...@jamesshupe.com
wrote:
Use log (all) and tcpdump to figure out exactly what is being blocked.
On 4/7/10 10:40 PM, Hugo Osvaldo Barrera wrote:
I'm using OpenBSD 4.6 at home as an access point, firewall and home
server (with pf).
I've
solution that would work in future.
BTW James: Thank you very much, pointing out that XMPP's
video-conference implementation uses RTP helped me google A LOT more
info on the subject :)
quote who=Hugo Osvaldo Barrera
On Thu, Apr 8, 2010 at 10:21, James Shupe professio...@jamesshupe.com
wrote
of production simulation before deploying them, and they
passed with flying colors. Running 4.6-stable.
Thanks,
James Shupe
On 3/10/10 9:22 AM, Brad Tilley wrote:
We're considering this card for an OpenBSD Snort box. I think em
supports it well. It uses the 82576EB controller. Has anyone used the
card
RAIDframe activated
raid0 at root: (RAID Level 1) total number of sectors is 312046464
(152366 MB) as root
softraid0 at root
root on raid0a
swapmount: no device
Thank you,
James Shupe
Check into smtp_bind_address in Postfix. If you're still having issues,
binat rather than rdr to internal IPs so connections will originate
properly. Without seeing your pf.conf or master.cf, this is a guess, but
I think these tips should lead you in the right direction.
...master.cf:
smtp
On 03/30/2012 03:16 PM, Dewey Hylton wrote:
i'm getting ready to implement a few new site-to-site vpns using openbsd,
and am on the hunt for appropriate hardware. i have several alix (geode) and
lanner (intel atom) boxes working wonderfully as firewalls and routers, but
neither type are able to
On 03/30/2012 03:16 PM, Dewey Hylton wrote:
i'm getting ready to implement a few new site-to-site vpns using openbsd,
and am on the hunt for appropriate hardware. i have several alix (geode) and
lanner (intel atom) boxes working wonderfully as firewalls and routers, but
neither type are able to
I don't see the point with setting kern.usercrypto=1, all support for enc/dec
you get already from the hw+kernel.
IPSec stack already used the HW if supported, else you get software based
enc/dec.
//mxb
I replied to my original email about 45 seconds after I wrote it,
pointing that out. I
14.4 Mbits/sec
---
Thank you,
James Shupe
as well as your bandwidth measuring method?
You may also look at tcpbench, which is in base. It's not on the Alix
box because I'm using a stripped down flashboot image... I just grabbed
the first thing that came to mind and installed it, which happened to be
iperf.
--
James Shupe
client has been running that configuration since 4.6.
Upgrade and post your configs.
--
James Shupe
of those switches laying around to re-test with
and check the firmware version, but I know it works.
--
James Shupe
AboveNet, 1Gbit Cogent, 1Gbit I2, and 1Gbit Cogent/L3
blend through TEA (peering courtesy of OpenBGPD!).
I've tried statically routing over specific peers to no avail.
Thank you,
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
been rock solid for us.
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
On 05/30/2012 04:27 AM, Matt Hamilton wrote:
James Shupe jshupe at hermetek.com writes:
I've been running it to peer with 3 IPv4 peers and 3 IPv6 peers (full
views) and another partial IPv4 view with 12k routes (actually: varying
amounts of peers over the years, but that's the current setup
the comments to
https://plus.google.com/u/0/104027218792812194992/posts/K3NsGE2UrCe
I was just reading that and cringing.
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
feedback.
Cordialy
Nginx, especially since it's in base and works fine for that.
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
and claim that
raw OpenBSD is a firewall, you will get laughed out of the room for
lack of clue.
Guess I've been wrong all these years: see the comments to
https://plus.google.com/u/0/104027218792812194992/posts/K3NsGE2UrCe
Troll posts are often lost...
--
James Shupe
[demime 1.01d removed
On 06/10/2012 12:58 PM, Ted Unangst wrote:
some nitwit hijacked the comment thread.
I couldn't resist feeding the troll. This thread can die now, too.
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
for around $75 (Intel BOXDH61DLB3, for example) and
add whatever components you want to it. If you're on a budget, a Celeron
G530 should work and would kill an Atom or E-350 at any task.
Thank you,
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name
.
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
!
--
Regards,
Marcin
Please post the following things:
- output of `pfctl -si`
- your pf ruleset
- output of `vmstat -m`
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
throwing some used hardware into.
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
.) This patch is running on two of
our routers.
Thank you,
- --
James Shupe
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBAgAGBQJQtwhLAAoJECPibMsISQ9adq0QANQIPOXa7yqyDhRs4poH2Tis
AlPZBhRTPHtn54rCVKRMcqGJk/xy0bGHSiwgsZMXj29lxrkFPKG312SXT9VgSMnC
information from the machine, we don't have a lot of advice
we can really give.
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
/c528h.jpg
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
On 1/3/2013 8:26 PM, Aaron Mason wrote:
On Fri, Jan 4, 2013 at 11:52 AM, James Shupe jsh...@hermetek.com wrote:
On 1/3/2013 1:08 PM, Gene wrote:
On Tue, Jan 1, 2013 at 1:31 AM, Bruno Flückiger inform...@gmx.net
wrote:
On 12/31/12 14:17, BARDOU Pierre wrote:
I would be very interested
On 1/4/2013 2:58 PM, Dan Shechter wrote:
You have all failed to mention that the ALIX devices come with Swiss
chocolates in the package!
Best regards,
Dan
Ours didn't! I was unaware of that! NETGATE?!!
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature
Why is that in the cgi-bin directory to begin with? Do you have
shorttags enabled in php.ini?
--
James Shupe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
.
Any help would be appreciated.
What VMware version? Works fine in my environment so far.
--
James Shupe
On 2013-09-30 08:18, John Tate wrote:
I am having trouble with IP forwarding to specific sites on a very
typical configuration. The router itself can access these sites but
clients can not. I have looked in obvious places on the clients, but I
cannot find a cause. I reinstalled OpenBSD on the
1440'
match on pppoe0 all scrub (max-mss 1440)
--
James Shupe
set reassemble yes no-df
match in on pppoe0 scrub (max-mss 1440 no-df reassemble tcp)
match in on? You need to match both directions.
Also, stop top posting.
--
James Shupe
Try just match on pppoe0 scrub (max-mss 1400 no-df) and remove the
reassemble line.
--
James Shupe
position, but any
applicants would unfortunately be expected to cover their own relocation
costs because of the way funding is distributed. This is an on site
position and telecommuting is off the table. Email me privately for more
information.
--
James Shupe, HermeTek
developer/ engineer
BSD
On 10/21/2013 9:08 PM, Chris Cappuccio wrote:
I wrote up a guide for all you fascists to exercise your power with
relayd.
Here's the early, unedited version:
http://www.nmedia.net/chris/url.blacklist.txt
FYI: 403 forbidden
--
James Shupe
opinions may draw at
different points.
plugIf anybody from this list needs a VM, contact me and I'll see what
kind of deal I can make you./plug
--
James Shupe, HermeTek
developer/ engineer
BSD/ Linux support hosting
jsh...@hermetek.com | www.hermetek.com
Office 8662351288 | Mobile 9035223425
It's time for a new laptop and I can't find this specific bit of
information online.
Can anybody tell me if suspend/resume works properly on the Lenovo X1C?
--
James Shupe
an inexpensive OpenBSD VPS and do it yourself. You don't have to
muck with your ISP at that point.
--
James Shupe
them from the main ipsec.conf. Then you can
ipsecctl -df /etc/ipsec/peer.conf...
When you have several dozen peers, it makes troubleshooting individual
ones a bit easier.
--
James Shupe
Why not just set up a recurring Paypal donation? Even $20/mo should
help, if enough people do it.
-James Shupe
in my pf.conf
Could someone enlighten me?
thanks,
-Alan
pfctl -sr -R rulenum
Further details can be found in the man page.
--
James Shupe
On 8/19/2015 3:39 PM, Paulo Coimbra wrote:
hi,
This is my first mail to the list. It's possible limit traffic by Vlan with
openbsd? For example I would like to limit 50mb for Vlan 100.
Br,
Paulo Coimbra
On 9/1/2015 3:40 PM, Joseph Borg wrote:
> Maybe this webpage would help you make an informed choice?
>
> https://calomel.org/pf_config.html
>
You must be new around here.
--
James Shupe
ing production OpenBSD servers on VMware?
Thanks in advance!
It runs just fine for me. I use "Other (64bit)" and change the NICs to
vmxnet3. Everything else remains the default.
--
James Shupe
0
C USA
P Texas
T Pflugerville
Z 78691
O HermeTek Network Solutions
I James Shupe
A P.O. Box 2264
M sa...@hermetek.com
U https://www.hermetek.com/bsd-linux-support
B 512.792.2525
X 512.888.9889
N We provide open infrastructure design, development, deployment,
maintenance and training. We
mance configurations but I think
> that OpenBSD can handle 400mbps without tweaking.
>
> I'm wrong?
> What am I doing bad?
>
> Thank you!
>
>
>
>
--
James Shupe, HermeTek
developer/ engineer
BSD/ Linux support & hosting
jsh...@hermetek.com | www.hermetek.com
Office 5127922525 | Mobile 5122846350
67 matches
Mail list logo