Re: Speeding up scp over 10GigE, suggestions?

use mosh or LFTP with pget i.e lftp -c pget -n10 sftp://someuser@someserver:somefile mosh is a bit weirder in that it will multiplex transfers via udp sessions... Try lftp first IMHO it is the best swiss army knife of filetransfer utils. -JoelW @aenertia

Re: Skype.

On 16 October 2012 19:48, David Coppa dco...@gmail.com wrote: On Tue, Oct 16, 2012 at 7:40 AM, Jay Patel rockworl...@gmail.com wrote: Hi ... i copied the libskype.so under /usr/local/purple/ but it wont show up under adding account or in plugin options ...how to link this library to pidgin

Re: Why anyone in their right mind would like to use NAT64

As someone working for a 'Carrier' vendor - I can tell you straight up that LSN(Large Scale) or CGN(Carrier Grad) NAT are big sell points (i.e customers are asking for them). Personally out of the various RFC's and schemes i've had the displeasure of perusing for V6 to V4 access NAT64 to me

Re: Hardware hunting

Have Soekris put out a Gbit NIC platform yet? I stopped using them because of this reason. -Joel On 16 November 2012 11:02, Justin Mayes jma...@careered.com wrote: Check out http://soekris.com/. I have a low end one and it works great. Little costly though. Justin Mayes -Original

Hunning HA over multiple ARCH's

Kia ora/hello, I am currently redesigning one of our border edge Firewalls and want to split the existing SPARC64 v215 into several DL140's in an HA - Active/Load-balanced configuration. The Sparc64 hasn't been without issues - and is currently running 4.9 release + some patches and is due for a

Re: Hunning HA over multiple ARCH's

BLOT, expertise en systèmes UNIX, sécurité et réseaux Frost Sapphire Studios Le mercredi 05 décembre 2012 à 10:15 +1300, Joel Wirāmu Pauling a écrit : Kia ora/hello, I am currently redesigning one of our border edge Firewalls and want to split the existing SPARC64 v215 into several DL140's

Re: DNS Proxy

Also given dns is a user of UDP by default you need to use some other tunnel mechanism other than ssh. -Joel Johan Beisser j...@caustic.org wrote: DNS proxy uses less bandwidth on your end. There are a dozen DNS proxy services out there for media, they all work on the same basic principle. On

Re: OpenZFS announcement

It is still CDDL with all the (dis)advantages that brings; depending on your perspective - nothing has changed in that respect. I.e it's purely a branding relaunch from what I can see. -Joel patric conant mirage.comput...@gmail.com wrote: http://www.open-zfs.org/wiki/Announcement It supposed

Re: IPv6 is not working at Hetzner

I've had problems with Hetzner and v6 also. When I was configuring v6 sub-subnets from the /64 they give out, on containers, I would get the same behavior. From what I could tell because the container bridges also use the fe80::1 link local route for the sub-subnets hetzners next-hop would get

Re: OpenBSD <> Commercial VPNs

You could try using Linux Binary emulation layer to connect using the cisco vpnc client. For the old proprietary Cisco IPSec implementation: http://www.openbsd.org/papers/slack2k11-on_compat_linux.pdf I've recently been using softether for my personal VPN's it's on Github I haven't tried to

Re: OpenBSD on SBC?

I've been playing with the Lanner FW7525 - It's a Nice piece of Kit. Can be had for just under 400$ Depends on what your purposes are - but for Firewall appliance it's pretty hard to beat at the moment. On 12 June 2016 at 14:25, wrote: > There's some reports of

Re: recommendations for 10GBase Ethernet on OpenBSD

Has any one used the Melanox X3 or the Intel 720's? I ask for the vxlan offload features, which are pretty useful if you are going the SDN way (or potentially might do) -Joel On 9 April 2016 at 09:54, Kapetanakis Giannis wrote: > On 08/04/16 19:35, Joe Crivello

Re: OT: Any experience connecting OpenBSD via ONT ?

​Oh one other caveat; your dhcpclient MUST support dhcp-option-82 in some situations. On 27 April 2016 at 11:20, Joel Wirāmu Pauling wrote: > In New Zealand - 802.11ad VLAN's are stripped at the fibre Side of the ONT > and the Layer2 (whatever it is ) is preserved

Re: OT: Any experience connecting OpenBSD via ONT ?

In New Zealand - 802.11ad VLAN's are stripped at the fibre Side of the ONT and the Layer2 (whatever it is ) is preserved throughout the access network to the ISP handover. If you get VLAN's (802.1q) on the customer ethernet port side, it will be entirely entirely dependent on the service that you

Re: vi vs emacs, which one makes me look more smart in front of my friends?

ed() QED. On 18 May 2016 at 14:33, Lyndon Nerenberg wrote: > > acme(1) > > Or sam(1) if you are a purist.

Re: Why on earth would online voting be insecure?

So yes, back to my original point. A Civic's blockchain, one that does not rely on the integrity (or rather is resilient to) the system it runs on, or the security of the transmission media ; as a platform for use in civic's - needs to exist first. Block-chains are relatively new and we are still

Re: Why on earth would online voting be insecure?

On 15 November 2016 at 09:47, gwes wrote: > On 11/15/2016 00:55, Joel Wirāmu Pauling wrote: > >> So yes, back to my original point. A Civic's blockchain, one that does not >> rely on the integrity (or rather is resilient to) the system it runs on, >> or >> the security of the

Re: Why on earth would online voting be insecure?

You need a civic blockchain or some-such that guarantee's data integrity and agnosticism of the platform that anyone can verify. The interface into / mechanics once you have a blockchain which you can issue tokens from is the simple bit. Not sure this is relevant for this list tho. -Joel On 14

Re: Why isn't "sort -R" random?

Pipe through uniq and you'll get what you are after. Design intent for sort, as others point out this behaviour is documented. On 4 November 2016 at 11:47, Christian Gruhl wrote: > Hi minek, > > On 11/04/2016 04:41 PM, minek van wrote: > > Hello, > > > > # strings

Re: Hardware recommendations for compact 1U firewall

If someone hasn't already mentioned it : Lanner http://www.lannerinc.com/ On 19 December 2016 at 18:08, Aaron Mason wrote: > Thanks for some additional fleabay search terms :) > > On Sat, Dec 17, 2016 at 2:59 PM, Nick Holland > wrote: > >

Re: Can I bind USB/other interface/device number (e.g. cdceX) to particular MAC, USB serial number or the like?

ght? > > Anyhow sure that is an effective workaround if needed. > > > On 2017-06-02 02:20, Joel Wirāmu Pauling wrote: > >> There are several ways of doing this. >> >> I suggest just using a bridge and adding a bunch of sub-devices into >> it. >> &

Re: Time management under QEMU-KVM

That works too - On 15 September 2017 at 21:28, Maksym Sheremet <mshere...@sheremets.com> wrote: > On Thu, 14 Sep 2017 23:46:14 +1200 > Joel Wirāmu Pauling <aener...@aenertia.net> wrote: > > > Run NTPd on the hypervisor and NTP client In VM. Run ntpdate at boot

Re: Time management under QEMU-KVM

wrote: > On 2017-09-15, Maksym Sheremet <mshere...@sheremets.com> wrote: > > On Thu, 14 Sep 2017 23:46:14 +1200 > > Joel Wirāmu Pauling <aener...@aenertia.net> wrote: > > > >> Run NTPd on the hypervisor and NTP client In VM. Run ntpdate at boot > before >

Re: Time management under QEMU-KVM

Run NTPd on the hypervisor and NTP client In VM. Run ntpdate at boot before starting NTPd on the client to ensure the stepping is not too far off first. On 14 Sep. 2017 11:35 pm, "Aaron Marcher" wrote: Hi all, I have a weird problem on my OpenBSD server. It is a virtualized

Re: Time management under QEMU-KVM

:46, Rui Ribeiro <ruyrybe...@gmail.com> wrote: > Hi, > > Does NTPDd supports "tinker panic 0" as the linux one? > > On 14 September 2017 at 12:46, Joel Wirāmu Pauling <aener...@aenertia.net> > wrote: > >> Run NTPd on the hypervisor and NTP client In V

Re: Re : Suggestions home server

Agree with the j1900 experiences. The n3160's can be had for roughly same price (2 port) variants and are a generation newer 14nm and support AES-NI and are far more capable for mixed workloads. On 18 December 2017 at 11:48, Oliver Marugg wrote: > On 14 Dec 2017, at 20:24,

Re: Chip cheaper than chips

You can get barebone c3xxx series atom boards from Supermicro. My personal interest is the variants that come with dual SFP+ interfaces. It's a pity that there is no thunderbolt3 on them by default (free 10/40gbit networking). On 3 December 2017 at 08:54, Rupert Gallagher

Re: OT: Temperature sensors suggestions?

I would suggest bme280 sensor. If you have a spare VGA port you can use the d2c bus as i2c and plug directly into it with a modified VGA cable. Other wise yeah esp8266 module + bme280 for 5$ is going to give you the best result. On Fri., 18 May 2018, 4:01 pm Base Pr1me,

Re: Need an advice: Raspberry Pi3 B+ or Pine64 ROCK64

Management Engine or SMT - which at least makes them slightly less dire than more beefy SoC's from Chipzilla. On 26 August 2018 at 23:00, Stuart Henderson wrote: > On 2018-08-26, Carlos López wrote: >> >> >> On 26/08/2018 11:46, Joel Wirāmu Pauling wrote: >>> netboot

Re: Need an advice: Raspberry Pi3 B+ or Pine64 ROCK64

Hi Aaron - I have a Rangely c2xxx sitting on my desk right now. It's a lanner rebadged as Nuage NSG-E. This platform is able to do around 3.6gbit through it without encryption (and around 1.3gbit total if encryption is turned on everything). This one has 4 Intel igb 345 cards and 2 i210's - it's

Re: Need an advice: Raspberry Pi3 B+ or Pine64 ROCK64

bad in comparison. (Some of the newer arms do have AES offloads but - implementations are varied, the H3/H5 sunxi platform is where I am focused on at the moment - but not for network stuff) > > On August 27, 2018 5:51 PM, Joel Wirāmu Pauling wrote: >> I do actually have an rk3399 (firefly) - like you I also had high hopes for >> it.

Re: Need an advice: Raspberry Pi3 B+ or Pine64 ROCK64

as expensive. On 28 August 2018 at 00:15, Joseph Mayer wrote: > On August 26, 2018 3:16 PM, Joel Wirāmu Pauling wrote: > .. >> I have a bunch of various SBC and they all suck pretty bad for network >> tasks. Fine for random server tasks but don't put them in your network >&

Re: Need an advice: Raspberry Pi3 B+ or Pine64 ROCK64

Yeah I got excited about the MachiattoBin when I first saw it - it's possibly the first non-x86 SOHO router that can actually do 14MPPS needed for 10G in the home. BUT The Copper ethernet situation is problematic, the original design shares the PCI Bus with the SFP Slots to provide copper 10G

Re: Need an advice: Raspberry Pi3 B+ or Pine64 ROCK64

netboot works fine. However almost all of the Arm platforms including the Rpi3 make terrible gateways and in general l3 packet path machines. I have a bunch of various SBC and they all suck pretty bad for network tasks. Fine for random server tasks but don't put them in your network path unless

Re: 4-ports router under $150

That sounds bang on what MIPS64 Qualcomm AR7xxx platforms can do ~400-500mbit slow path operations is pretty much peak you see with them regardless of implementation. -Joel On 10 April 2018 at 20:38, Tom Smyth wrote: > Hi Michael, > > I did some brief testing on

Re: 4-ports router under $150

Not that I am shitting on the e350 platform but; a) Where are you finding 4 Gigabit port versions of the MB's with APU? b) When I had one of these to test a few years ago they have some quite bad Bus performance, which caused quite a lot of jitter/contension delay when using PCI-E peripherals -

Re: 4-ports router under $150

You can get 4 ports j1900's for sub $100 off ali-express. If you don't care about AES-NI they do 5gbit duplex slow path l3 forwarding just fine: If you want AES-NI then these are the Cheapest :

Re: 4-ports router under $150

PM, Joel Wirāmu Pauling <j...@aenertia.net> > wrote: > > Not that I am shitting on the e350 platform but; > > E350 is the Bobcat CPU, the PC Engines APU devices all have a 4 core > Jaguar CPU, which is quite a lot more powerful. > > -- > :wq! >

Re: 4-ports router under $150

, Tom Smyth <tom.sm...@wirelessconnect.eu> wrote: > Not at 150$ ... sorry will u get 10G kit let alone line rate 10G kit... > > > On Fri 13 Apr 2018, 01:46 Joel Wirāmu Pauling, <j...@aenertia.net> wrote: > >> Can they do 14MPPS aka 10GBIT ? >> >> That's wha

Re: Equipment for OBSD based firewall

But - The thing that isn't mentioned here is basically Power Cost and Consumption vs PPS(Packet Processing Speed). IMNSHO running on anything that doesn't ; A) Have passive Cooling B) Is older than a couple of years (in intel/amd terms anything with a TDPW above 65W) - is probably not a great

Re: USB-C monitors

Just be aware that if you are looking at 4k monitors ; you will be likely be limited to 30hz refresh rate via most adaptors using DP mode over USBC. Thunderbolt3 and 4 can do 4kp60 as can DP 1.4 - but there are various factors involved including the adaptors SoC, your GPU/Motherboard output.

Re: 50Gbe

SFP28 (25gbit) is the way to go for density on x86 as it matches CPU bound bus architecture well. QSFP28 to 4*SFP28 offers the best price per port density both for interconnects (the DAC TwinAX 'squid' cables are cheap as chips) Network Stack Throughput through CPU on modern Intel x86 _64 even

Re: 50Gbe

Also SFP28 ports are backwards compatible with SFP+ optics. On Fri, Aug 6, 2021 at 9:12 PM Joel Wirāmu Pauling wrote: > SFP28 (25gbit) is the way to go for density on x86 as it matches CPU > bound bus architecture well. QSFP28 to 4*SFP28 offers the best price per > port den

Re: Ryzen 9 (7x000) users: do you experience hangs?

Just a personal anecdote that might be worth something. On both my AMD chipsets motherboards ( x570/x670E Proart Wifi ) ; I was getting microstutters and odd hangs occasionally for the last year or so, reboots would often power off rather than power cycle - which I mostly wrote off as odditiy

Re: Need advice on “tcp proxy”

ssh can work in tap VPN mode (ssh -w) and will tunnel udp fine ; I'm not sure what you are trying to achieve but perhaps ssh tunnels might be an option for your use case. You are probably better off setting up something like wireguard, but in a pinch if the target and host already have ssh.

Re: Need advice on “tcp proxy”

Maybe look at Meshcentral as an alternative to Rustdesk. It allows proxying over https OOTB. On Sun, 3 Mar 2024 at 19:30, Kasak wrote: > > > > 3 марта 2024 г., в 00:46, Joel Wirāmu Pauling > написал(а): > > > > ssh can work in tap VPN mode (ssh -w) and will tunnel