Re: Sun Fire X2100 M2
I just picked one an X2100 M2 a few days ago... I'm running 2x 320GB Seagate SATA drives in it, no problem so it's because they're only listing what they support, not what the hardware supports. There are HD sleds, well, more like HD rails. They do the job, and will allow you to hot swap drives. You would need a slim optical drive, and the cable they provide is not standard IDE. It appears to be a smaller ide-like cable, probably what's used in notebooks but I haven't looked too closely. The same trick with disabling the broadcom nics used on the non-M2 works with the M2 also. I haven't gotten around to testing out OpenBSD on mine, just FreeBSD so far. The nvidia NIC's using the ported nfe driver appears to be working with the e1000phy patch, so I imagine they would work under OpenBSD. No luck getting serial console output through remote management, or through the serial port in service processor mode. Serial console output works fine if you force the serial port to system mode instead. By the way, anyone have any pointers on how one could make a quick hack to have OpenBSD ignore the 2nd broadcom NIC, so you can still use the 1st one and still have the remote management working? I'm reasonably familiar with C, but I haven't poked around the OpenBSD code enough to know where to start (aside from if_nfe.c). Cheers, Han Edvard Fagerholm wrote: Hi, Thanks for the input about the X2100 M2. This seems to be exactly what I was looking for. I've still got two questions, which is OT regarding OpenBSD... On Sun's webpages you'll only find options for a 250GB and 500GB SATA drive. Their manual also states that the M2 only supports drives of 250GB and 500GB. This seems like they're only listing the hardware that they provide support for and not what the BIOS actually supports? It does have an MCP 55 Pro chipset, so it should support any SATA drive, right? As I've got some 36GB WD Raptor SATA I drives, I was going to use them instead of the drives Sun provides. The second question is that are the drive bays empty or do they have HD sleds in them? Also can you install any DVD-drive you want into it and does the DVD require SATA or a PATA connection? I'm only going to need a DVD for installation. Sun didn't want to answer the first question, so I hope some of you who have seen the box could answer these questions. Thanks, Edvard
Re: qemu disk images
How do you start qemu AFTER the install is completed? Something like this? qemu -k fi -hda debian.ext2.dmg -hdb debian.swap.dmg I can't get that far: It's not possible to complete the installation because the drives used in -hda -hdb cannot be partitioned or mounted by the installtion process. I can mount them manually outside of qemu, butI'm not sure how to benefit from that in this task. I can boot from any of the the install CD images (debian, kubuntu, xubuntu) I have tried. qemu -k fi -cdrom debian-testing-i386-netinst.iso -boot d \ -hda debian.ext2.dmg-hdb debian.swap.dmg The partitioning tool finds the two images, appears to let me make and save a partition table, and format the partition, but cannot seem to actually save any changes. -Lars
New-bie pf rules question
Hi Group,
I have a server with two lan cards both with valid ips . One interface
(fxp1) is patched behind a CISCO PIX Firewall & Other outside firewall
(fxp0)
I want that there should be no greylisting/filtering on fxp1 (I have
the related ports opened in the PIX) & it should be enabled only for
fx0.
The server will be used as Mail server.
Please help. I want to check if the below rules are correct.
My Pf rules are as follows:
# PF Conf
# ###
# Macros
#
# internal and external network interfaces
int_if = "fxp0"
ext_if = "fxp1"
# Internal servers
mail_host = "a.b.c.d"
icmp_types = "{ echoreq, unreach }"
tcp_services = "{110,143,80 }"
# We should never see these coming from the Internet .
martians = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, \
0.0.0.0/8, 240.0.0.0/4 }"
# options
set block-policy return
set loginterface $ext_if
# Scrub
scrub in all
#
# Spamd
#
# grey host list
table persist
# White host list
table persist
# This whitelist we are maintaining
table persist file "/etc/whitelist.txt"
# Send whitelisted hosts to the actual mail server
rdr on $ext_if proto tcp from to \
$ext_if port smtp -> $mail_host port smtp
# send all suspects to the spamd daemon
rdr pass on $ext_if inet proto tcp from to \
$ext_if port smtp -> 127.0.0.1 port 8025
rdr pass on $ext_if inet proto tcp from ! to \
$ext_if port smtp -> 127.0.0.1 port 8025
# Send whitelisted hosts to the actual mail server
rdr on $ext_if proto tcp from to \
$ext_if port smtp -> $mail_host port smtp
# #
# Filter Rules
# #
block all
set skip on lo0
antispoof for $ext_if
antispoof for $int_if
# Martians
block drop in quick on $ext_if from $martians to any
block drop out quick on $ext_if from any to $martians
# Allow ping and path MTU discovery
pass in inet proto icmp all icmp-type $icmp_types keep state
# Allow incoming Smtp & Pop connection
pass in on $ext_if inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state
# For spamdlog to update the whitelists
# don't need to log static whitelist
pass in quick on $ext_if inet proto tcp from \
to port smtp flags S/SA keep state
pass in log quick on $ext_if inet proto tcp from \
to port smtp flags S/SA keep state
# Allow anything from the internal network out onto the Internet
pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto { udp, icmp } all keep state
pass quick on $int_if
One more question I want to ask is that will it be ok to enable
multicost routing on this server. Or is it that I need to add more
rules to the above for it to work with Multicost routing.
Thanx & Regards
Ram
yelp...bit screwed, cyrus-imap not starting after switch to 64bit
Okay, sorry to pester list, but I jumped and fell short on an active mail machine, about 6 hours ago. I knew doing this on a cyrus-imapd server was insane I "Upgraded" from i386 openbsd 4.0 to amd64 openbsd 4.0 So if someone experienced with cyrus-imapd on amd64 can send me some suggestions, can be off list, I would appreciate because I've getting stumped and tired and have users waiting. I have a real fear the dbd and cyrus database stuff may have squirreled going form i386 to amd64 - please tell me I am wrong... I promise to do a write up of the fubar for others who may need to google in the future... I had deleted all the ports prior, and added same ones back as amd64 after. THE database for openldap was toast, since I knew how to get that up faster, I used my backup ldiff to reload it... I have a fear that the berkeley dbd is different for amd64 than i386. with that experience.. so... I got sendmail to work with saslauthd and openldap to authenticate, and other parts... So now the authentication with ldap should be working, I can test it with testsaslautd but cyrus-imapd is not working yet. And the log is not even getting to authentication, so that is not the issue I think... from /var/log/imapd.log Mar 5 08:22:48 mail master[13640]: process started Mar 5 08:22:48 mail master[1831]: about to exec /usr/local/libexec/cyrus-imapd/ctl_cyrusdb Mar 5 08:22:48 mail master[13640]: process 1831 exited, signaled to death by 11 Mar 5 08:22:48 mail master[13640]: ready for work Mar 5 08:22:48 mail master[6753]: about to exec /usr/local/libexec/cyrus-imapd/ctl_cyrusdb Mar 5 08:23:21 mail master[19218]: about to exec /usr/local/libexec/cyrus-imapd/pop3d Mar 5 08:24:13 mail master[15189]: about to exec /usr/local/libexec/cyrus-imapd/imapd I see the bad message "signaled to death by 11" And if I telnet to pop3 or imapd they just don't refuse, just never finish answering, Connected to localhost. Escape character is '^]' and it just will timeout... Perhaps I need to repair mailboxes? geez I am getting fuzzy here... may need to take a break even though the server is down. Crazy I am going through all the configuration files I can think of, I have an rsync of the i386 setup so I can look at files from yesterday and did remember to put back the /usr/local/lib/sasl2/Cyrus.conf I fear I am seeing trees, not the forest.. tia.
Re: RFC1323 problems
If someone want to reproduce the problem, here it is the address of the web site: https://www.bancadipalermo.it/index.jsp In this first page, often (about half of times) the "Sella.it Banca di Palermo" image in the top left corner doesn't load. Inside the site, there are many other parts that often don't load. Disabling RFC1323 everything works perfectly. Bye. Federico Giannici wrote: Since I upgraded my two desktops to OpenBSD i386 4.0-stable I started experiencing problems with the web site of my Bank. Often, but not always, some pages and images don't load and go in timeout. This happens with both Firefox and Konqueror. Now I just found that if I disable the RFC1323 with "sysctl net.inet.tcp.rfc1323=0" the problem disappear! Since I had no problem with that web site until the upgrade and there is no problem with Windows (from 98 to XP), I suspect that something broked in the OpenBSD implementation of RFC1323 between 3.9 and 4.0. Is there some known problem? Thanks. P.S. In one of my PC I upgraded to 4.1-beta of a week ago (for the i386 freezes with amd64) and the problem remains... -- ___ __ |- [EMAIL PROTECTED] |ederico Giannici http://www.neomedia.it ___
Re: yelp...bit screwed, cyrus-imap not starting after switch to 64bit
* Paul Pruett <[EMAIL PROTECTED]> [2007-03-05 07:04]: > Okay, sorry to pester list, > but I jumped and fell short on an active mail machine, about 6 hours ago. > I knew doing this on a cyrus-imapd server was insane > I "Upgraded" from i386 openbsd 4.0 to amd64 openbsd 4.0 > > So if someone experienced with cyrus-imapd on amd64 > can send me some suggestions, can be off list, > I would appreciate because I've getting stumped > and tired and have users waiting. > > I have a real fear the dbd and cyrus database stuff may have squirreled > going form i386 to amd64 - please tell me I am wrong... > Running an "upgrade" to move arch's is just bloody nuts, and unsupported. * You should have reinstalled * You should have tested first. If you actually ran the upgrade from the install media to do this I have no idea what sort of cruft you've left messed up. Most of us on the list are probably shaking our heads My advice? get another box, start from scratch on i386 and see what you can salvage. My suspicion is it's pretty messed. Hope you've got some sort of backup on tape or elsewhere. -Bob
Re: daily system hangs
Hello, On Wed, 21.02.2007 at 10:21:09 +0100, Toni Mueller <[EMAIL PROTECTED]> wrote: > I have a strange problem: A machine I have to tend locks up once or > twice a day. after moving from that 4.0-stable MP kernel to a 4.0 -release + patches UP kernel, the machine held up for about a week. pf has lots of "bad state" messages on the console, but the last messages there are pppoe0: LCP timeout pppoe1: LCP timeout or so (I have no physical access to the machine). I've tried to obtain a ddb 'ps' and 'trace' output, but the user (using HyperTerminal) wasn't able to send a 'Ctrl-Alt-Escape' to the machine, so he used the menu entry saying "send BREAK" (or so). That, at least, didn't work, the machine didn't react. The machine also didn't react to other key combinations. Any other ideas, please? TIA! Best, --Toni++
/bsd: proc: table is full (OpenBSD server 4.0 GENERIC#1107 i386)
Hello list,
I am having problems with my server, this box has been running OBSD
for the last 3/4 years without problems. A few months ago the box
begun to experience lockups once time at week during peak hours, now
the lockup is several times a week.
The last messages in the system logs are "/bsd: proc: table is full", I
think that the load (which isn't very high) is stressing the machine and
finally hangs the server. If I don't get it wrong a properly configurated
system doesn't fail under stress.
I tunned some system variables but the problem persist so I am going to
ask for advice about how I can monitor to discover the culprit.
does anyone knows that system parameters I must monitor?
below I attach the relevant files and dmesg.
Thank you.
/etc/sysctl.conf:
=
net.inet.ip.redirect = 0
ddb.console=1 # 1=Permit entry of ddb from the console
kern.securelevel=0
vm.swapencrypt.enable=1
machdep.kbdreset=1 # permit console CTRL-ALT-DEL to do a nice halt
kern.maxfiles=8192
kern.maxproc=2048
/etc/login.conf:
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin:\
:umask=022:\
:datasize-max=192M:\
:datasize-cur=75M:\
:maxproc-max=128:\
:maxproc-cur=64:\
:openfiles-cur=64:\
:stacksize-cur=4M:\
:localcipher=blowfish,6:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=256:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,8:\
:tc=default:
staff:\
:datasize-cur=75M:\
:datasize-max=infinity:\
:maxproc-max=256:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:
user001:\
:path=/usr/local/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/bin:\
:maxproc=512:\
:coredumpsize=0:\
:openfiles-cur=4096:\
:tc=default:
users:\
:tc=default:
vpn:\
:datasize-cur=128M:\
:maxproc=256:\
:openfiles-cur=512:\
:stacksize-cur=18M:\
:tc=default:
Mar 5 12:32:55 server /bsd: proc: table is full
Mar 5 12:33:31 server last message repeated 3 times
Mar 5 12:35:10 server last message repeated 9 times
Mar 5 12:35:20 server /bsd: proc: table is full
Mar 5 12:35:52 server last message repeated 3 times
Mar 5 12:37:45 server last message repeated 10 times
Mar 5 12:38:37 server last message repeated 4 times
Mar 5 12:38:44 server pppd[4222]: Serial link appears to be disconnected.
Mar 5 12:38:48 server /bsd: proc: table is full
Mar 5 12:39:08 server last message repeated 2 times
Mar 5 12:39:49 server last message repeated 3 times
Mar 5 12:39:57 server pppd[8989]: Serial link appears to be disconnected.
Mar 5 12:40:00 server /bsd: proc: table is full
Mar 5 12:40:40 server last message repeated 3 times
Mar 5 12:41:44 server last message repeated 5 times
Mar 5 12:42:01 server pppd[22398]: Serial link appears to be disconnected.
Mar 5 12:42:01 server /bsd: proc: table is full
Mar 5 12:42:41 server last message repeated 3 times
Mar 5 12:44:51 server last message repeated 10 times
Mar 5 12:55:02 server syslogd: restart
Mar 5 12:55:02 server /bsd: OpenBSD 4.0 (GENERIC) #1107: Sat Sep 16 19:15:58
MDT 2006
Mar 5 12:55:02 server /bsd: [EMAIL
PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
Mar 5 12:55:02 server /bsd: cpu0: Intel(R) Pentium(R) 4 CPU 1.70GHz
("GenuineIntel" 686-class) 1.72 GHz
Mar 5 12:55:02 server /bsd: cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM
Mar 5 12:55:02 server /bsd: real mem = 536424448 (523852K)
Mar 5 12:55:02 server /bsd: avail mem = 481374208 (470092K)
Mar 5 12:55:02 server /bsd: using 4256 buffers containing 26923008 bytes
(26292K) of memory
Mar 5 12:55:02 server /bsd: mainbus0 (root)
Mar 5 12:55:02 server /bsd: bios0 at mainbus0: AT/286+(3d) BIOS, date
04/30/02, BIOS32 rev. 0 @ 0xf1380, SMBIOS rev. 2.3 @ 0xf3460 (50 entries)
Mar 5 12:55:02 server /bsd: bios0: ASUSTeK Computer INC. P4S533
Mar 5 12:55:02 server /bsd: apm0 at bios0: Power Management spec V1.2 (BIOS
mgmt disabled)
Mar 5 12:55:02 server /bsd: apm0: APM power management enable: unrecognized
device ID (9)
Mar 5 12:55:02 server /bsd: apm0: APM engage (device 1): power management
disabled (1)
Mar 5 12:55:02 server /bsd: apm0: AC on, battery charge unknown
Mar 5 12:55:02 server /bsd: apm0: flags b0102 dobusy 0 doidle 1
Mar 5 12:55:02 server /bsd: pcibios0 at bios0: rev 2.1 @ 0xf/0x1bb2
Mar 5 12:55:02 server /bsd: pcibios0: PCI IRQ Routing Table rev 1.0 @
0xf1af0/192 (10 entries)
Mar 5 12:55:02 server /bsd: pcibios0: PCI Interrupt Router at 000:02:0 ("SiS 85C503
System" rev 0x00)
Mar 5 12:55:02 server /bsd: pcibios0: PCI bus #1 is the last bus
Mar 5 12:55:02 serv
Re: yelp...bit screwed, cyrus-imap not starting after switch to 64bit
Bob Beck wrote: * Paul Pruett <[EMAIL PROTECTED]> [2007-03-05 07:04]: Running an "upgrade" to move arch's is just bloody nuts, and unsupported. * You should have reinstalled * You should have tested first. If you actually ran the upgrade from the install media to do this I have no idea what sort of cruft you've left messed up. Most of us on the list are probably shaking our heads paul, i am surprised that you didn't reinstall. seems easy enough provided you backup your mail directories, or, better yet, you move them to a different machine and then mount them via NFS until you're ready to migrate them back to the local machine, assuming that's where you want them. even if you have a very complex setup (e.g. lots of patched and tuned ports), it shouldn't be too hard to copy the relevant files and install the ports. My advice? get another box, start from scratch on i386 and see what you can salvage. My suspicion is it's pretty messed. Hope you've got some sort of backup on tape or elsewhere. i sincerely hope that you made a dump/backup of the machine prior to the "upgrade". best of luck, jake -Bob
Re: RFC1323 problems
Are you using pf at all? This sounds similar to the issue I had with my pf rules not too long ago. In a nutshell rfc1323 defines tcp window scaling and the scaling factor only shows up in the syn packet of a tcp connection. So you have to make sure you only match state based on the syn packet (ie use "flags S/SA"). If you are matching state based on anything else you miss the scaling factor and thinks are messed up. >From your description it sounds like these machines are endpoints and not firewalls. If that is the case you could just temporarily turn off the firewall and see if it fixes things. Tim On Monday 05 March 2007 7:07 am, Federico Giannici wrote: > If someone want to reproduce the problem, here it is the address of the > web site: > > https://www.bancadipalermo.it/index.jsp > > In this first page, often (about half of times) the "Sella.it Banca di > Palermo" image in the top left corner doesn't load. Inside the site, > there are many other parts that often don't load. > > Disabling RFC1323 everything works perfectly. > > > Bye. > > Federico Giannici wrote: > > Since I upgraded my two desktops to OpenBSD i386 4.0-stable I started > > experiencing problems with the web site of my Bank. Often, but not > > always, some pages and images don't load and go in timeout. This happens > > with both Firefox and Konqueror. > > > > Now I just found that if I disable the RFC1323 with "sysctl > > net.inet.tcp.rfc1323=0" the problem disappear! > > > > Since I had no problem with that web site until the upgrade and there is > > no problem with Windows (from 98 to XP), I suspect that something broked > > in the OpenBSD implementation of RFC1323 between 3.9 and 4.0. > > > > Is there some known problem? > > > > Thanks. > > > > > > P.S. > > In one of my PC I upgraded to 4.1-beta of a week ago (for the i386 > > freezes with amd64) and the problem remains... -- Tim Kuhlman Network Administrator ColoradoVnet.com
Re: qemu disk images -- resolved
Ok. I figured out how to resolve the problem, but through a work-around. One main difference was I had to use qemu-img instead of dd to create the disk images. The other was during the guest system install to make logical partitions *not* primary partitions. qemu-img create -f qcow d4.debian.ext2.qcow 400M qemu-img create -f qcow d4.debian.swap.qcow 200M Then I fire up a vncserver and connect. Inside the vnc client I could then boot the install CD and go through the installation: qemu -k fi -cdrom debian-testing-i386-netinst.iso -boot d \ -hda debian2.ext2.dmg-hdb debian.swap.dmg Once the installation was done, I can then boot the new system in d4.debian.ext2.qcow : qemu -k en-us -boot c \ -hda d4.debian.ext2.qcow \ -hdb d4.debian.swap.qcow \ -cdrom debian-testing-i386-netinst.iso I'm not quite sure how to ssh to the guest system, but since I seem to be able to initiate outbound connections, it should be within reach to solve that, too. -Lars Lars NoodC)n ([EMAIL PROTECTED]) Ensure access to your data now and in the future http://opendocumentfellowship.org/about_us/contribute
Re: /bsd: proc: table is full (OpenBSD server 4.0 GENERIC#1107 i386)
Bob Beck wrote: I am having problems with my server, this box has been running OBSD for the last 3/4 years without problems. A few months ago the box begun to experience lockups once time at week during peak hours, now the lockup is several times a week. The last messages in the system logs are "/bsd: proc: table is full", I think that the load (which isn't very high) is stressing the machine and finally hangs the server. If I don't get it wrong a properly configurated system doesn't fail under stress. "load" meaning load average measures the run queue. Your kernel is screaming that it's out of processes. perhaps you should sorry about not being more contrete here. I said "load" in a more general sense, not "load average" as reported by some system utilities. the CPU is idle 50% of the time, there is sufficient memory for regular processes and the machine is not swapping. Only sporadic and bursty read/ write operations happen at the disks. run a ps -auwx and see what's chewing them all up? When you are out of processes, not much happens. unfortunatelly when I get the "table is full" error is too late and the machine is hang :-(
pf state limits
I know this has come up in the past but I haven't been able to track down a definitive answer (I'm sure there's a reason why), so I'll ask the question again. Given a i386 kernel, assume I can toss as much RAM at the box as needed (I know this isn't the limitation, it's a kernel memory issue), what's the maximum I can set the state table size to? I have a couple boxes that are running around 200K states with the limit set at 256K. I expect that I will see a growth in that state table size as the traffic to the servers behind these machines increases during our peak season. I can tune the tcp.closed parameter a bit on the external rules as 75% of these states are fin_wait_2:fin_wait_2, but before I start messing with that I'd rather increase the state limit some more. I can also try adaptive timeouts on those rules, but I'm more than a little paranoid about having the system dynamically change timeout values. Any suggestions on what the max might be and how I can monitor the system to see where I'm at in relationship to the max (if there's no hard number, I'm guessing the number depends on hardware and other system options that affect kernel memory). --Bill
Re: yelp...bit screwed, cyrus-imap not starting after switch to 64bit
If you actually ran the upgrade from the install media to do this I have no idea what sort of cruft you've left messed up. Most of us on the list are probably shaking our heads My advice? get another box, start from scratch on i386 and see what you can salvage. My suspicion is it's pretty messed. Hope you've got some sort of backup on tape or elsewhere. -Bob YEP fools go where I had booted cdrom and used UPGRADE, and then redid ports and ran mergemaster afterards Actually other than the cyrus-imapd and openldap it seems to be running. php5/mysql was okay, so far Best I can tell everywhere I had a berkely db in use, I may be having problems., but I likely would have had problems on migrating the data to a new install, just less pressure and more time to figure. Yes thank god I have backups and an rsync of the important partitions. Fortunately my backup script included a command to create a plain text file for cyrus mboxlist and I am able something like young frankenstein... don't try this kiddies something like mv /var/imap /var/imap-fubar mkdir /var/imap sudo -u _cyrus /usr/local/share/examples/cyrus-imapd/tools/mkimap sudo -u _cyrus /usr/local/libexec/cyrus-imapd/ctl_mboxlist -u < \ path-to-plaintextbackup-ofmbox/mboxlist.txt sudo -u _cyrus /usr/local/libexec/cyrus-imapd/reconstruct :( I am close, for squirrelmail we have to resubscribe to imap folders... and its working! its sort of working, pop3 is retrieving and so is imap... NOW LMAO its not working!!! the sendmail can't deliver to to the cyrus, my oh my mailq is showing a lot waiting CLOSE! maybe someting silly I think that even with a fresh install, I would have had a bitch with the imap migration, but more time to figure it out I'll document for other fools...
Re: Simple OpenBSD gateway
Hi: I found two links, maybe can help you to do that, but these links are on spanish: http://www.eldemonio.org/documentos/26060513247.html http://www.eldemonio.org/documentos/050406152235.html Salu2. 2007/3/4, Shohrukh Shoyokubov <[EMAIL PROTECTED]>: > > I want to implement an OpenBSD gateway with two interfaces like the > following > > ISP (xxx.yyy.zzz.0/25) <---> OpenBSD Gateway <---> Internal network > (xxx.yyy.zzz.128/25) > > My ISP will give me a pool of IP addresses (xxx.yyy.zzz.128/25). My OBSD > box will have one default static route, which is going to be my ISP's > gateway. I need to allow machines in my subnet to access the rest of the > world and do bandwidth management based on IP addresses at the same > time. I have a small checklist, but it seems to be so simple, am I > missing something? > > 1. Enable net.inet.ip.forwarding > 2. Create a CBQ queue and define the allowed bandwidth for the IP > addresses > 3. Create pass rules and assing queue for them > > Thanks, > Shohrukh
note - upgrading from i386 to amd64 sameversion.
Re: yelp...bit screwed, cyrus-imap not starting after switch to 64bit i am surprised that you didn't reinstall. seems easy enough provided you backup your mail directories, or, better yet, you move them to a different machine and then mount them via NFS until you're ready to migrate them back to the local machine, assuming that's where you want them. best of luck, jake thanks for pointers Steve and other I think I made it. WHOOT!, sleep tonite! As promised, a RECAP for other fools googling about upgrading existing computers from i386 to amd64 For OpenBSD 4.0 stable the OpenBSD upgrade from cdrom from i386 to amd64 was a success. The script knew to take care of the bootblock, and everything came up. Using the port mergemaster I did not see anything critical in /etc that was different from amd64 and i386. A few files needed updating, but I think that may be just that those etc files like disktab may have changed between BASE and STABLE. Of course all the i386 ports needed to be changed to amd64 ports, and to be safer I deleted ports before upgrade, then installed usint saved pkg_info list I made before deleting. The SNAFU was the data for some port packages, but that would likely be a problem migrating to a new install if you just copied the files over. The mysql server did not give issues, nor PHP5. I did not need a port like mod_frontpage that only emulates on 32bit, so that was good. Gotta check to make sure your ports are availabe on amd64 also. Ughs... The openldap server would not with same database after changing. Fortunately my backupscript does a ldiff, so I had reinstall use ldapad to import from the plain text backup file. (note I had to delete misc commands in the ldif before it would import...) The cyrus-imap server sould not run with same database. The logs hinted that the issue was when cyrus tried to recover the data, "ctl_cyrusdb -r" Having never had a serious cyrus-imapd failure, I panicked, and recreated doing the following inelegantly... # kill cyrus master if working mv /var/imap /var/imap-fubar mkdir /var/imap sudo -u _cyrus /usr/local/share/examples/cyrus-imapd/tools/mkimap sudo -u _cyrus /usr/local/libexec/cyrus-imapd/ctl_mboxlist -u < mboxlist.txt sudo -u _cyrus /usr/local/libexec/cyrus-imapd/reconstruct #pray and restart cyrus master I am sure their maybe a better way to recontruct or avoid recontructing but the above worked for me, EXCEPT the imap folders for squirrelmail had to be resubscribed. -epilogue- I suspect that anywhere ad berkely datafile was created under i386 it may have problems being used under amd64 unless exported on i386 and imported on amd64? And I am extremely grateful to past admins in postings that advised adding these things to backups: /usr/local/sbin/slapcat -f /etc/openldap/slapd.conf \ | /usr/bin/gzip > /var/openldap-data/backup.ldif.gz su - _cyrus -c "/usr/local/libexec/cyrus-imapd/ctl_mboxlist -d" \ > /var/imap/mboxlist.txt And I close by sincerely hoping that the hangup/freezing some see with 4.0 i386 on K8ahtlons is gone for good, because using a current i386 on an older stable, was not stabe :) rock on.
Re: note - upgrading from i386 to amd64 sameversion.
On Mon, Mar 05, 2007 at 06:14:17PM +, Paul Pruett wrote: > I suspect that anywhere ad berkely datafile was created > under i386 it may have problems being used under amd64 > unless exported on i386 and imported on amd64? Yes, that's how Berkeley DB works. > And I am extremely grateful to past admins in postings that > advised adding these things to backups: > > /usr/local/sbin/slapcat -f /etc/openldap/slapd.conf \ > | /usr/bin/gzip > /var/openldap-data/backup.ldif.gz Best practice anywhere a binary data format is involved, but doubly so with bdb. Good luck. And next time, set up a test box and pilot this stuff without hosing your users. Also a best practice. :) -- David Terrell [EMAIL PROTECTED] ((meatspace)) http://meat.net/
ssh in to a qemu guest
qemu is now running on an OpenBSD host, with Debian as the guest system. I can reach the net from inside the guest systems. What changes must be made to the networking on the host so that I can ssh *into* the guest systems from outside? -Lars Lars NoodC)n ([EMAIL PROTECTED]) Ensure access to your data now and in the future http://opendocumentfellowship.org/about_us/contribute
Re: ssh in to a qemu guest
On 3/5/07, Lars D. Noodin <[EMAIL PROTECTED]> wrote: > > qemu is now running on an OpenBSD host, with Debian as the guest system. > I can reach the net from inside the guest systems. > > What changes must be made to the networking on the host so that I can ssh > *into* the guest systems from outside? Depends on whether how the networking has been setup for qemu; if the guest system has it's own ip..use ssh like you would otherwise. If the guest shares an IP with the host, well then, you'll have to look into qemu's configuration - something I'm not terribly familiar with. VMware also has an option for host <-> guest only networking..but if you've got the debian guest connected to the net already..I'm assuming this isn't setup. Good luck ~Jason
Re: ssh in to a qemu guest
Hi Lars, On Monday, 5. March 2007 19:43, Lars D. Noodin wrote: > qemu is now running on an OpenBSD host, with Debian as the guest system. > I can reach the net from inside the guest systems. > > What changes must be made to the networking on the host so that I can ssh > *into* the guest systems from outside? You are posting to the wrong list. This is OpenBSD misc, not qemu users. What you are trying to solve is perfectly described on the qemu homepage in the qemu manual. Just use the "-redir" option when starting your qemu guest. I suggest you take a good look at the qemu documentation. It's all there. regards, Tobias W.
daily logfile rotation: example C code
there is data coming over a UDP broadcast every second that i would like to log to a file that rotates each day. writing the data to a file as it comes in is easy enough but i believe that the time-based rotation is replicated in many existing applications. could someone please refer me to a good example of C code that does time-based log rotation? i see no need to reinvent the wheel and examples from openbsd source are preferred for educational purposes. cheers, jake
Re: daily logfile rotation: example C code
Jacob Yocom-Piatt wrote: there is data coming over a UDP broadcast every second that i would like to log to a file that rotates each day. writing the data to a file as it comes in is easy enough but i believe that the time-based rotation is replicated in many existing applications. could someone please refer me to a good example of C code that does time-based log rotation? i see no need to reinvent the wheel and examples from openbsd source are preferred for educational purposes. oops! read the newsyslog manual more closely. guess i'll use syslog. sorry for the noise. 8) cheers, jake
raid dmesg output and raidctl -sv output shows differrent status for raidframe mirror on OpenBSD 4.0 amd64
Hi, The dmesg Output Shows Clean: Yes for both Raid Components as shown below raid0: Component /dev/wd0d being configured at row: 0 col: 0 Row: 0 Column: 0 Num Rows: 1 Num Columns: 2 Version: 2 Serial Number: 200612010 Mod Counter: 820 Clean: Yes Status: 0 raid0: Component /dev/wd1d being configured at row: 0 col: 1 Row: 0 Column: 1 Num Rows: 1 Num Columns: 2 Version: 2 Serial Number: 200612010 Mod Counter: 820 Clean: Yes Status: 0 raid0 (root) = but raidctl shows Clean: No as shown below Could Some one tell me why this is so? it is the same state even after reboots. Which one should i beleive? Is the Raid not working properly? = # raidctl -sv raid0 raid0 Components: /dev/wd0d: optimal /dev/wd1d: optimal No spares. Component label for /dev/wd0d: Row: 0, Column: 0, Num Rows: 1, Num Columns: 2 Version: 2, Serial Number: 200612010, Mod Counter: 825 Clean: No, Status: 0 sectPerSU: 128, SUsPerPU: 1, SUsPerRU: 1 Queue size: 100, blocksize: 512, numBlocks: 231085824 RAID Level: 1 Autoconfig: Yes Root partition: Yes Last configured as: raid0 Component label for /dev/wd1d: Row: 0, Column: 1, Num Rows: 1, Num Columns: 2 Version: 2, Serial Number: 200612010, Mod Counter: 825 Clean: No, Status: 0 sectPerSU: 128, SUsPerPU: 1, SUsPerRU: 1 Queue size: 100, blocksize: 512, numBlocks: 231085824 RAID Level: 1 Autoconfig: Yes Root partition: Yes Last configured as: raid0 Parity status: clean Reconstruction is 100% complete. Parity Re-write is 100% complete. Copyback is 100% complete. # = Thankyou so much :-) Kind Regards Siju For the full dmesg == # dmesg OpenBSD 4.0 (GENERIC.RAID2) #0: Fri Nov 24 20:28:14 IST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.RAI D2 real mem = 1039593472 (1015228K) avail mem = 878211072 (857628K) using 22937 buffers containing 104165376 bytes (101724K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xfc650 (54 entries) bios0: Acer Aspire Series cpu0 at mainbus0: (uniprocessor) cpu0: AMD Athlon(tm) 64 Processor 3400+, 2193.90 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CF LUSH,MMX,FXSR,SSE,SSE2,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 1 6-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 "ATI RS480 Host" rev 0x10 ppb0 at pci0 dev 1 function 0 "ATI RS480 PCIE" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 5 function 0 "ATI Radeon XPRESS 200" rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pciide0 at pci0 dev 17 function 0 "ATI IXP400 SATA" rev 0x80: DMA pciide0: using irq 11 for native-PCI interrupt pciide0: port 0: device present, speed: 1.5Gb/s wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 114473MB, 234441648 sectors wd0(pciide0:0:0): using BIOS timings, Ultra-DMA mode 6 pciide0: port 1: device present, speed: 1.5Gb/s wd1 at pciide0 channel 1 drive 0: wd1: 16-sector PIO, LBA48, 114473MB, 234441648 sectors wd1(pciide0:1:0): using BIOS timings, Ultra-DMA mode 6 pciide1 at pci0 dev 18 function 0 "ATI IXP400 SATA" rev 0x80: DMA pciide1: using irq 5 for native-PCI interrupt ohci0 at pci0 dev 19 function 0 "ATI IXP400 USB" rev 0x80: irq 4, version 1.0, l egacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: ATI OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 4 ports with 4 removable, self powered ohci1 at pci0 dev 19 function 1 "ATI IXP400 USB" rev 0x80: irq 4, version 1.0, l egacy support usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: ATI OHCI root hub, rev 1.00/1.00, addr 1 uhub1: 4 ports with 4 removable, self powered ehci0 at pci0 dev 19 function 2 "ATI IXP400 USB2" rev 0x80: irq 4 usb2 at ehci0: USB revision 2.0 uhub2 at usb2 uhub2: ATI EHCI root hub, rev 2.00/1.00, addr 1 uhub2: 8 ports with 8 removable, self powered piixpm0 at pci0 dev 20 function 0 "ATI IXP400 SMBus" rev 0x81: SMI iic0 at piixpm0 "unknown" at iic0 addr 0x2f not configured pciide2 at pci0 dev 20 function 1 "ATI IXP400 IDE" rev 0x80: DMA, channel 0 conf igured to compatibility, channel 1 configured to compatibility azalia0 at pci0 dev 20 function 2 "ATI IXP450 HD Audio" rev 0x01: irq 5 azalia0: host: High Definition Audio rev. 1.0 azalia0: codec: Realtek ALC880 (rev. 8.0), HDA version 1.0 audio0 at azalia0 pcib0 at pci0 dev 20 function 3 "ATI IXP400 ISA" rev 0x80 pp
Re: HP ML110 failed install
On 2/22/07, Steve <[EMAIL PROTECTED]> wrote: Ron, Jonathan is after a dmesg and the output of "usbdevs -v" for the ML110. My box is currently parked with another tech. Is this something you can provide ? Apologies for the delay, but here it is: Controller /dev/usb0: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered Controller /dev/usb1: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered Controller /dev/usb2: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered Controller /dev/usb3: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 addr 2: full speed, self powered, config 1, SE USB Device(0x), ServerEngines(0x), rev 0.01 port 2 powered Controller /dev/usb4: addr 1: high speed, self powered, config 1, EHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered port 3 powered port 4 powered port 5 powered port 6 powered port 7 powered port 8 powered -- Ron Oliver
Re: HP ML110 failed install
Forgot the dmesg. Here it is:
OpenBSD 4.0 (GENERIC) #1107: Sat Sep 16 19:15:58 MDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Xeon(R) CPU 3040 @ 1.86GHz ("GenuineIntel" 686-class) 1.87 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16
cpu0: unknown Core FSB_FREQ value 0 (0x41c8)
cpu0: EST: unknown system bus clock
real mem = 1071788032 (1046668K)
avail mem = 969670656 (946944K)
using 4256 buffers containing 53690368 bytes (52432K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(7a) BIOS, date 12/31/99, BIOS32 rev. 0 @
0xfd460, SMBIOS rev. 2.4 @ 0xdc010 (47 entries)
bios0: HP ProLiant ML110 G4
pcibios0 at bios0: rev 2.1 @ 0xfd460/0xba0
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdee0/256 (14 entries)
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82371FB ISA" rev 0x00)
pcibios0: PCI bus #10 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xdc000/0x4000!
ipmi0 at mainbus0: version 2.0 interface KCS iobase 0xca2/2 spacing 1
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel E7230 MCH" rev 0xc0
ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01
pci1 at ppb0 bus 2
ppb1 at pci0 dev 28 function 4 "Intel 82801G PCIE" rev 0x01
pci2 at ppb1 bus 3
vga1 at pci2 dev 0 function 0 vendor "Matrox", unknown product 0x0522 rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb2 at pci0 dev 28 function 5 "Intel 82801G PCIE" rev 0x01
pci3 at ppb2 bus 4
bge0 at pci3 dev 0 function 0 "Broadcom BCM5721" rev 0x21, BCM5750 C1
(0x4201): irq 12, address 00:18:fe:79:02:af
brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: irq 10
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: irq 5
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: irq 11
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: irq 7
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: irq 10
ehci0: timed out waiting for BIOS
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
ppb3 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0xe1
pci4 at ppb3 bus 10
twe0 at pci4 dev 0 function 0 "3ware 7000/8000 series RAID" rev 0x01: irq 7
twe0: Escalade V1.3
scsibus0 at twe0: 16 targets
sd0 at scsibus0 targ 0 lun 0: <3WARE, Host drive #00, > SCSI2 0/direct fixed
sd0: 238474MB, 238474 cyl, 64 head, 32 sec, 512 bytes/sec, 488395120 sec total
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01: PM disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: SCSI0
5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 disabled (no drives)
pciide1 at pci0 dev 31 function 2 "Intel 82801GB SATA" rev 0x01: DMA,
channel 0 configured to native-PCI, channel 1 configured to native-PCI
pciide1: using irq 5 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 0:
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0:
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
biomask efe5 netmask ffe5 ttymask ffe7
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
uhidev0 at uhub3 port 1 configuration 1 interface 0
uhidev0: ServerEngines SE USB Device, rev 1.10/0.01, addr 2, iclass 3/1
ukbd0 at uhidev0: 8 modifier keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub3 port 1 configuration 1 interface 1
uhidev1: ServerEngines SE USB Device, rev 1.10/0.01, addr 2, iclass 3/1
ums0 at uhidev1: 8 buttons and Z dir.
wsmouse0 at um
Re: raid dmesg output and raidctl -sv output shows differrent status for raidframe mirror on OpenBSD 4.0 amd64
"Siju George" writes: > Hi, > > The dmesg Output Shows > > Clean: Yes > > for both Raid Components as shown below > > > > raid0: Component /dev/wd0d being configured at row: 0 col: 0 > Row: 0 Column: 0 Num Rows: 1 Num Columns: 2 > Version: 2 Serial Number: 200612010 Mod Counter: 820 > Clean: Yes Status: 0 > raid0: Component /dev/wd1d being configured at row: 0 col: 1 > Row: 0 Column: 1 Num Rows: 1 Num Columns: 2 > Version: 2 Serial Number: 200612010 Mod Counter: 820 > Clean: Yes Status: 0 > raid0 (root) > > = > > but raidctl shows > > Clean: No > > as shown below > > Could Some one tell me why this is so? > it is the same state even after reboots. The value "Yes" or "No" comes directly from the component labels on the disks. If the parity is "known good" (i.e. the set is "clean") when the RAID sets are unconfigured (actually, when the last open partition is unmounted), then the value in the component labels will be set to "Yes". When a RAID set is configured and a partition is opened/mounted, the value is the component labels will be set to "no". And so unless things get unmounted/unconfigured correctly, the value will remain at "no" until the parity gets checked. What you are seeing here is: a) the values reported by dmesg are from *before* any partitions on raid0 get opened. So if the RAID set was "known clean", you'll see a value of "Yes" printed for each component, because that's what they got set to at the last shutdown/unmount/unconfigure/etc. b) the values reported by raidctl are from *after* a partition on raid0 has been opened (even 'raidctl -vs raid0' ends up opening /dev/raid0c or whatever, resulting in that clean flag being changed from "Yes" to "No"). So it will always say "No" here, since that will be the current value in the component labels. > Which one should i beleive? Both of them :) They are both correct for the time at which they are examining the datapoint in question. That said, the line to really care about is this one: Parity status: clean > Is the Raid not working properly? It's working just fine... just probably telling you a bit more than you really wanted to know :) Later... Greg Oster
Re: Save ports
Hi, On Thu, 22.02.2007 at 22:36:21 +0100, Joachim Schipper <[EMAIL PROTECTED]> wrote: > Just filtering aggressively using pf works as well, of course. it depends. My current impression is that if you can get away with having the TCP stack reject packets w/o spending the effort of running it through pf, than that's a performance benefit. But I'm not sure that the person asking will be in such a situation. Best, --Toni++
Re: Best way to do failover default route? (ifstated, pf route-to, etc)
Hello, On Wed, 21.02.2007 at 12:00:51 -0600, Chris Black <[EMAIL PROTECTED]> wrote: > 1) ifstated with ping and if.up tests and executing route commands > The idea here would be ifstated would trigger commands something like: > route delete default rtr0.ip; route add default rtr1.ip you didn't give too many details, so I speculate. If your two routers don't have the same IP set (eg, you're running two DSL lines to two different ISPs), then (1) is your only easy option (unless in your LAN ONLY). For the options below, you need either a specific application profile that lets you do NAT on one of the lines, or you need a common set of IP numbers. I'm not sure that multipath routing gives you failover, "only" load balancing. > 4) ospf, bgp > I am aware of these routing daemons but really don't know too much about > them. I read some docs and it seemed overly complex for setting up just > a simple failover default route on internal machines. This should be 4 and 5, imho. If you can use NAT, you might be able to inject a default route from both routers using OSPF. The client would also talk OSPF and learn both routes from your routers. If you have your own IP numbers (PI space, or you're a LIR), then you can (and usually must) use BGP. Best, --Toni++
Re: raid dmesg output and raidctl -sv output shows differrent status for raidframe mirror on OpenBSD 4.0 amd64
On 3/6/07, Greg Oster <[EMAIL PROTECTED]> wrote: "Siju George" writes: > Is the Raid not working properly? It's working just fine... just probably telling you a bit more than you really wanted to know :) Thanks a million Greg :-) I really appreciate your Detailed reply :-)) Kind Regards Siju
newsgroups
I've been looking into finding some news groups for openbsd but have not found any that resolve, have they all died?
taking over a LAN I didn't set up
I realize I may get flamed or ignored here, but I need help. I hope someone will have the compassion to point me in the right direction. My husband passed away, and left this great LAN setup using OpenBSD. I LOVE using OpenBSD, but I thought we would have more time together for him to teach me, like he wanted to. Unfortunately, I didn't have him show me what's what while he was still able, and I have only used this OS as a desktop user. I CANNOT go back to Windows. He unplugged his mail and webservers before he passed away, and I need to know how in the world do I figure out what's what with this LAN? Even if I sign in as him I do not know what to look at to figure this stuff out. I am determined to teach myself this stuff, just like he did. I will be moving soon and I don't even know what files to configure with the new IPs once I get moved. I have a basic understanding of UNIX and VI. I know I can figure this stuff out but I just have to know where to start. Can anyone give me a clue? I have watched him do this stuff for years, and I know I can learn it, but I just do not know where to start. Please be nice... :(
Re: newsgroups
On 3/5/07, BradenM - Sonoma Computer <[EMAIL PROTECTED]> wrote: I've been looking into finding some news groups for openbsd but have not found any that resolve, have they all died? Welcome to the 21st century: http://undeadly.org misc@openbsd.org -Nick
Re: /bsd: proc: table is full (OpenBSD server 4.0 GENERIC#1107 i386)
Josi M. Fandiqo wrote: Bob Beck wrote: [...] run a ps -auwx and see what's chewing them all up? When you are out of processes, not much happens. unfortunatelly when I get the "table is full" error is too late and the machine is hang :-( If you have a logged-in shell you can do "exec ps -auwx" which won't require a new process table slot. It replaces the shell so you'll be effectively logged out after the ps completes, but hopefully with better information :-) Alternatively you could put the ps into a cron job and log to a file every minute or so and do post-mortem analysis. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Re: newsgroups
On Mon, Mar 05, 2007 at 12:44:21PM -0800, BradenM - Sonoma Computer wrote: > I've been looking into finding some news groups for openbsd but have not found > any that resolve, have they all died? How about comp.unix.openbsd.misc? I post regularly there, and some developers also post every now and then. Joachim
Re: taking over a LAN I didn't set up
On Mar 5, 2007, at 2:52 PM, mrs borhtej wrote:
>
> Unfortunately, I didn't have him show me what's what while he was
> still
> able, and I have only used this OS as a desktop user. I CANNOT go
> back to
> Windows. He unplugged his mail and webservers before he passed
> away, and I
> need to know how in the world do I figure out what's what with this
> LAN?
>
1. Every basic thing you need to know about setting up and
maintaining an
OpenBSD-managed LAN is documented in the OpenBSD FAQ q.v.
2. The three basic things about a typical OpenBSD-managed LAN are:
a. IP setup of both the OpenBSD box and the LAN ('ifconfig' etc.)
b. Packet filtering and Network Address Translation ('pf' etc.)
c. Name services ('bind').
Also, you might have DHCP in the mix to give other boxes on the LAN
their IP addresses as needed instead of allocating them permanently.
Read about those in the FAQ, compare to what you see in your setup,
make yourself a map of your LAN with all the boxes and their IP
addresses, and you can probably keep it running for some time to come!
--
Jack J. Woehr
Director of Development
Absolute Performance, Inc.
[EMAIL PROTECTED]
303-443-7000 ext. 527
OT: data recovery - bad blocks on AIT3 tapes
have 2 sony SDX3-100C AIT3 100 GB tapes here that have bad blocks and will not read in our tape changer. i may need to get these sent to a data recovery shop, but would prefer not to be viciously reamed w.r.t. the cost. any suggestions on good data recovery places in the US? cheers, jake
Re: OT: data recovery - bad blocks on AIT3 tapes
On Mon, Mar 05, 2007 at 05:48:45PM -0600, Jacob Yocom-Piatt wrote: > have 2 sony SDX3-100C AIT3 100 GB tapes here that have bad blocks and > will not read in our tape changer. i may need to get these sent to a > data recovery shop, but would prefer not to be viciously reamed w.r.t. > the cost. > > any suggestions on good data recovery places in the US? No, but do consider just how badly you need those couple of blocks. If 99.99% of the data is recoverable, it might not be worth it. (Then again, if the only backup for some critical production system is on that tape, and it's utterly unreadable...) Joachim
Re: RFC1323 problems
Federico Giannici wrote: If someone want to reproduce the problem, here it is the address of the web site: https://www.bancadipalermo.it/index.jsp In this first page, often (about half of times) the "Sella.it Banca di Palermo" image in the top left corner doesn't load. Inside the site, there are many other parts that often don't load. I can't reproduce this problem. I'm on 4.1-current behind a 3.9-stable firewall. Using Firefox (and privoxy) that page load without problem every time. Lars Hansson
Re: RTorrent and memory leak
jared r r spiegel <[EMAIL PROTECTED]> wrote: > i use rtorrent on 4.0 and 4.1 and see it consume large amounts > of memory while it is checking hash on a torrent (eg, resuming > a download, or restarting), sometimes dipping into swap I don't observe that. -- Christian "naddy" Weisgerber [EMAIL PROTECTED]
Re: taking over a LAN I didn't set up
Documentation will save you.
If you are unfamiliar with networking and you are moving, you are well
served to take some digital pics of the setup (specifically the back of
the boxes and which cables are going where) and take notes of them...
and label the cables (if they aren't already.) Draw a diagram of your
network.
The good thing about a LAN is that in most cases it is a relatively
simple thing... only a few elements at that. So relax, most of the
difficult parts of TCP/IP and networking aren't relevant to most LAN
users.
Jack is right, the FAQ is a great resource. It is very straight forward.
Don't merely feel free to consult it... actually use it.
You will likely post more questions here. Using the FAQ, searches of
prior posts, and Googling as references in your posts will greatly
improve your chances of receiving a respectful answer here... it's a
nice discipline builder.
Good luck. If you are truly determined to learn this, you will also
learn to enjoy it... it's fun.
Danno
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Jack J. Woehr
Sent: Monday, March 05, 2007 6:24 PM
To: mrs borhtej
Cc: misc@openbsd.org
Subject: Re: taking over a LAN I didn't set up
On Mar 5, 2007, at 2:52 PM, mrs borhtej wrote:
>
> Unfortunately, I didn't have him show me what's what while he was
> still
> able, and I have only used this OS as a desktop user. I CANNOT go
> back to
> Windows. He unplugged his mail and webservers before he passed
> away, and I
> need to know how in the world do I figure out what's what with this
> LAN?
>
1. Every basic thing you need to know about setting up and
maintaining an
OpenBSD-managed LAN is documented in the OpenBSD FAQ q.v.
2. The three basic things about a typical OpenBSD-managed LAN are:
a. IP setup of both the OpenBSD box and the LAN ('ifconfig'
etc.)
b. Packet filtering and Network Address Translation ('pf' etc.)
c. Name services ('bind').
Also, you might have DHCP in the mix to give other boxes on the LAN
their IP addresses as needed instead of allocating them permanently.
Read about those in the FAQ, compare to what you see in your setup,
make yourself a map of your LAN with all the boxes and their IP
addresses, and you can probably keep it running for some time to come!
--
Jack J. Woehr
Director of Development
Absolute Performance, Inc.
[EMAIL PROTECTED]
303-443-7000 ext. 527
