testimonial of OpenBGPd users
Hello, as read here http://www.openbgpd.org/users.html, here is our testimonial of OpenBGPd users. Aquilenet (www.aquilenet.fr) member of the FFDN (www.ffdn.org), France Aquilenet is a non profit organisation and a "do it yourself ISP", member of a Federation of similar ISP in France called FFDN. We are netneutrality builders, helping for more freedom and building networks. Since 2011 our backbone network is stable due to our OpenBSD build on Carp/Pfsync/Ospf/Packet Filter magic, and our transit based on OpenBGPD. The work of the community is quite impressive and we are really happy to contribute to these projects. We encourage all ISP to use OpenBSD/OpenBGPD as simlple as efficient ! Kind regards, Sacha.
PC Engines APU2 Leds control
Dear all, I'm enjoying OpenBSD on PC Engines hardwares called APU2: https://www.pcengines.ch/apu2.htm There is 3 led, which could be very usefull to deliver informations to the endusers, but I never could control them with OpenBSD /o\ Is any way to make it work ? On PCEngines forum I got the following answer: >You cannot control the GPIOs on J20, because those are are driven by a NCT5104D and wbsio(4) only supports hardware monitoring. >The LEDs OTOH are on GPIOs of the AMD FCH. I am not a hardware guy, and OpenBSD seems to have a lot of drivers which attach - but probably none for those GPIOs. >If you want to dig deeper, there is AMD documentation for the FCH and also a linux driver called "amd-fch-gpio" >Update: There seems to be somebody, who worked on this a while ago on OpenBSD: https://marc.info/?l=openbsd-tech&m=155355977613046 Sacha.
Re: Crashing 64bit (AMD) 6.7 kernel on APU2
Le 30/08/2020 à 07:33, Damian McGuckin a écrit : > > Hi, > > For the first time ever, we have seen a crashing kernel. Having never > experienced this before on any OpenBSD release for over 20 years, I > have no debugging experience. We have simply reverted to 32bit to see > it that is the issue. The system works flawlessly with 6.3 in 32 bit > mode but we thought we should update. > > This is on an APU2 with an AMD64 release. > > Has anybody seen the same problem? As said by our friends a context would be usefull: I'm running severals APU[2|3] with OpenBSD 6.7 without any problems. Please check that you have the lastest version of the coreboot firmware too. Sacha.
Network DOS mitigation
Hello, Since a long time simple UDP flood on a state-full firewall causes a freeze of the CPU. Several works have been done to mitigate the networks DOS like DPDK on Linux/FreeBSD. I understand suchs R&D are expensive for the community, but is any works to mitigate a network DOS on OpenBSD ? Kind regards, Sacha.
Re: OpenBSD PPPOE
Hey, * /etc/hostname.vlan500 # hostname.vlan500 vnetid 835 parent parent fxp0 up * /etc/hostname.pppoe0 #hostname.pppoe0 inet 0.0.0.0 255.255.255.255 NONE \ pppoedev vlan500 authproto pap \ authname "" authkey "" up dest 0.0.0.1 !/sbin/route add default -ifp pppoe0 0.0.0.1 For debuging: ifconfig pppoe0 debug Kind regards, Sacha. Le 22/01/2020 à 02:49, Peter Wong a écrit : > Yes, my ISP operate pppoe with vlan. How to configure my fxp0 using vlan id > 500? > > > Regards, > -- > Peter Wong > 016-396 3326 > > > On Wed, Jan 22, 2020 at 6:10 AM Joe Cook wrote: > >> Hi, >> >> In my experience, PPPoE operates on a VLAN and not directly on an >> interface like fxp0. >> >> For my setup I had the ONT connect to interface em2. I ran the following: >> >> *doas tcpdump -i em2* >> >> In the output I found the following: >> >> *11:05:43.878079 802.1Q vid 10 pri 0 PPPoE-Session* >> >> This tells me that PPPoE is tagged with VLAN ID 10 (802.1Q vid 10). I had >> to create vlan10 and attach it to em2 then I could create pppoe0 and attach >> it to vlan10. >> >> >> I hope this helps. >> >> >> Joe >> On 21/01/2020 6:42 pm, peterwkc wrote: >> >> Dear All, >> >> I would like to setup my openbsd as router. >> /etc/hostname.fxp0 >> up >> >> /etc/hostname.pppoe0 >> pppoedev fxp0 authproto pap authname "" authkey "" up >> dest 0.0.0.1 >> !/sbin/route add default -ifp pppoe0 0.0.0.1 >> >> >> Not able to get a connection. What wrong with it? >> >> >> >> -- >> Sent from: >> http://openbsd-archive.7691.n7.nabble.com/openbsd-user-misc-f3.html >> >>
Re: Feeding DHCP leases into unbound
Hi, a refresh on this request, can DHCPD aknowledge Unbound on dhcpleases names ? Sacha -- Sent from: http://openbsd-archive.7691.n7.nabble.com/openbsd-user-misc-f3.html
Compiling code with GLU and GLUT
Hello misc@, First my appoligy for this intrusion, for I am a former member of this list. Second I am not sure if this has to go to ports@ or [EMAIL PROTECTED] I have installed 3.7 recently on my laptop allong with most SDL packages, GLU and GLUT from ports. The system further itself is pretty basic. Generic kernel. No further modifications While ports depending on glu and glut compile and install fine. I am not able to compile custom code or example code with glu or glut. I took for a test SDLgears from the SDL website and tried to configure and compile it. Configure halted with: checking for OpenGL support... no configure: error: Unable to find OpenGL headers and libraries Compiling the suplied gears.c, the first error was: $ gcc gears.c gears.c:39:21: GL/glut.h: No such file or directory I've tried adding -gl,-glu,-glut,-I/usr/local/include/GL/glut.h in several combinations (some capped) without result. Can somebody help me, give pointers and rants into the right direction into fixing this library problem? Thanks in advance and greetings, Sacha Ligthert PS: Compiling PyOpenGL results in the same batch of errors.
Can OpenBSD connect to MS L2TP VPN?
Hi, I've searched the internet every way I could think of, but cannot find an easy answer to whether it's possible for OpenBSD as a client to connect to a Microsoft (Windows Server-provided) L2TP VPN? Obviously, there are countless guides to setting up OpenBSD as a server, to which Windows, macOS, iOS and Linux/Android clients can connect. While I should be able to work out how to do the reverse, I haven't succeeded. The first question is: can OpenBSD, using base packages or xl2tpd, actually connect to this type of Windows VPN? If it can, and one of you has done so, could you please provide a pointer? I have read up on base tools, but as far as I get it, they can be used to set up a server, or as a gateway with another IPSEC gateway. From what little I understand, xl2tpd can be used as a client, but I have not managed to create a connection - or to establish 'flows' - as per the instructions that package provides at: /usr/local/.../xl2tpd-1.3.11. Thanks, Sacha
Re: Vultr hosting of OpenBSD
> Without digging them up I did a quick google on openbsd issues vultr. > It pulled some things I saw before with 6.2 and timing, as well as > issues with the base image, and other ones talking about a setting in > KVM that was causing issues on certain servers. I use Vultr, happily, but I _can_ confirm what you said. Randomly, instances will 'freeze', and be unresponsive to the network, as well as to the provided console. Looking at the settings, CPU has jumped up to 105% and plateaued, and that's it - you have to restart the instance. I spoke to their support who were very helpful, telling me: "This is an issue with OpenBSD on KVM/QEMU platforms that has yet to be patched by the developers. ... The issue is a bug in the kernel virtual machine (KVM) subsystem of the Linux kernel; the flaw was introduced in version 4.10. It's fixed in Linux kernel versions above 4.15.0." Their solution is to use their 6.3 image, which automatically applies the patch (on their end of the infrastructure), or set up your machine your way, then open a ticket, letting them know the IP and they will apply the patch manually and reboot the machine. I've done this, and will monitor for any further erratic crashes. Overall, their support has been good, and I can't speak to the speed of their network, but my OpenBSD webservers have worked flawlessly (apart from the above issue) on their infrastructure for many years. Sacha
Multi-head support
A lot has been asked (and answered) about dual head cards. Is anyone out there currently using quad-head (quad-port) cards? How are they/what's the support like? What are you using and are there any problems I need to be aware of? I'd like to have a three monitor setup, but am wary of going to buy/ordering a quad card only to return it, get another one, return that too, etc... Any insights would be appreciated. Many thanks, Sacha El Masry
opensmtpd crashing intermittently
Gilles (or anybody),
I've been using smtpd since 4.6-RELEASE, for one domain-several email
addresses, plus one constantly receiving mailing list emails (including
misc@). It's been great.
Problem is, I've just set up smtpd on 4.7-RELEASE, using a very simple
ruleset, with the aim of using this as an outgoing only smtp server, for
an in-house weekly newsletter, going out to 3000+ recipients. The
server crashes intermittently. With smtpd started with the -dvf
arguments, I can see where it breaks:
...
lookup_a mx2.mail.eu.yahoo.com:0
fatal: dns: fork: Resource temporarily unavailable
lookup_ptr success
mta: getting datafd
lost child: lookup agent exited abnormally
queue handler exiting
mail filter exiting
mail delivery agent exiting
control process exiting
mail transfer agent exiting
smtp server exiting
runner handler exiting
parent terminating
lookup_a success
loolookup_ptr success
kup_a mx1.mail.eu.yahoo.com:0
lookup_ptr success
lookup_a success
lookup_mx success
fatal: dns_dispatch_parent: msgbuf_write: Broken pipe
# (command prompt)
# lookup_ptr success
fatal: dns_dispatch_parent: msgbuf_write: Broken pipe
Obviously, the record being looked up constantly changes, but the crash
is always the same: msgbuf_write: Broken pipe.
Now, I realise, from reading this list, that smtpd is not meant to be
production-ready, but I'm happy to use it (so long as it works) and test
it, and send information back to the developers, where relevant.
Is this a bug that's been looked at and fixed since -RELEASE?
My ruleset:
ext_if= "re0"
listen on $ext_if
map "aliases" { source db "/etc/mail/aliases.db" }
accept for local alias aliases deliver to maildir
accept from all for all relay
accept for all relay
My dmesg follows:
OpenBSD 4.7 (GENERIC.MP) #130: Wed Mar 17 20:48:50 MDT 2010
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2145255424 (2045MB)
avail mem = 2078703616 (1982MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf0100 (39 entries)
bios0: vendor Award Software International, Inc. version "F4" date 04/03/2009
bios0: Gigabyte Technology Co., Ltd. EP41-UD3L
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP HPET MCFG APIC SSDT SSDT SSDT SSDT SSDT
acpi0: wakeup devices PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) PEX4(S5) PEX5(S5)
HUB0(S5) UAR1(S3) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USBE(S3) AZAL(S5) PCI0(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz, 2600.28 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR,NXE,LONG
cpu0: 2MB 64b/line 8-way L2 cache
cpu0: apic clock running at 199MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz, 2599.94 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR,NXE,LONG
cpu1: 2MB 64b/line 8-way L2 cache
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 2 (PEX0)
acpiprt2 at acpi0: bus -1 (PEX1)
acpiprt3 at acpi0: bus -1 (PEX2)
acpiprt4 at acpi0: bus 3 (PEX3)
acpiprt5 at acpi0: bus -1 (PEX4)
acpiprt6 at acpi0: bus -1 (PEX5)
acpiprt7 at acpi0: bus 4 (HUB0)
acpicpu0 at acpi0: C3, C2, C1, FVS, 1600, 1200 MHz
acpicpu1 at acpi0: C3, C2, C1, FVS, 1600, 1200 MHz
acpibtn0 at acpi0: PWRB
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel G41 Host" rev 0x03
ppb0 at pci0 dev 1 function 0 vendor "Intel", unknown product 0x2e31 rev 0x03:
apic 2 int 16 (irq 10)
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Radeon HD 4550" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
azalia0 at pci1 dev 0 function 1 "ATI Radeon HD 4000 HD Audio" rev 0x00: apic 2
int 17 (irq 12)
azalia0: no supported codecs
azalia0: initialization failure, detaching
azalia1 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x01: apic 2 int
16 (irq 10)
azalia1: codecs: Realtek ALC888
audio0 at azalia1
ppb1 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01: apic 2 int 16
(irq 10)
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 3 "Intel 82801GB PCIE" rev 0x01: apic 2 int 19
(irq 11)
pci3 at ppb2 bus 3
re0 at pci3 dev 0 function 0 "Realtek 8168" rev 0x02: RTL8168C/8111C (0x3c00),
apic 2 int 19 (irq 11), address 00:24:1d:d0:a2:d8
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: apic 2 int 23
(irq 5)
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: apic 2 int 19
(irq 11)
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: apic 2 int 18
