Re: ipsec vpn unexpected flow

2010-11-27 Thread Andrea Parazzini
On Thu, 11/25/10, Andrea Parazzini wrote: > Hi, > we have a vpn connection with a customer. > The remote peer is not under our management. > Our box is an OpenBSD 4.7 i386. > We have configured the vpn as follows: > > /etc/rc.conf.local > ipsec=YES > isakmpd_flags=&

Re: ipsec vpn unexpected flow

2010-11-26 Thread Andrea Parazzini
On Fri, 26 Nov 2010 12:58:09 + (UTC), Stuart Henderson wrote: > On 2010-11-25, Andrea Parazzini wrote: >> As you can see there is a flow that is not configured on our box. >> It is probably configured on the remote peer. >> Is a normal behavior? > > Yes. This is

Re: ipsec vpn unexpected flow

2010-11-26 Thread Andrea Parazzini
On Fri, 26 Nov 2010 10:32:59 +0330, Bahador NazariFard wrote: > On Fri, Nov 26, 2010 at 8:50 AM, Andrea Parazzini < > a.parazz...@sirtisistemi.net> wrote: > >> Hi, >> "from 10.1.0.0/16" is the network id that I would negotiate with the >> remote >&g

Re: ipsec vpn unexpected flow

2010-11-25 Thread Andrea Parazzini
ecting traffic in > the > tunnel?3. is nat allowed in the tunnel? 4. you may have let in more > networks > than you realize > -damon > > --- On Thu, 11/25/10, Andrea Parazzini > wrote: > > From: Andrea Parazzini > Subject: ipsec vpn unexpected flow > To: mi

ipsec vpn unexpected flow

2010-11-25 Thread Andrea Parazzini
Hi, we have a vpn connection with a customer. The remote peer is not under our management. Our box is an OpenBSD 4.7 i386. We have configured the vpn as follows: /etc/rc.conf.local ipsec=YES isakmpd_flags="-K -v" /etc/ipsec.conf ike active esp tunnel \ from 10.1.0.0/16 (0.0.0.0/0) to 192.168.90

Re: Any good/bad experiences on OpenBSD4.6-release & Dell R(2|4|6)10 or HP DL320 G6

2010-01-16 Thread Andrea Parazzini
cific Information field is 0200 (512). Additional sense code: 20 Additional sense code qualifier: 00 sense (32 of 48): 70 00 05 08 22 dc 00 00 00 00 02 00 20 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 On Sat, 16 Jan 2010 02:20:58 + (UTC), Stuart Henderson wrote: > On 20

Re: Any good/bad experiences on OpenBSD4.6-release & Dell R(2|4|6)10 or HP DL320 G6

2010-01-15 Thread Andrea Parazzini
a diff to enable that by default. > > On Thu, Jan 14, 2010 at 11:46:18PM +0100, Andrea Parazzini wrote: >> We have some Dell R610 and they do not work very well with OpenBSD: >> - very bad disk performance, perhaps the mpi(4) driver. >> - the optional Intel PRO/1

Re: Any good/bad experiences on OpenBSD4.6-release & Dell R(2|4|6)10 or HP DL320 G6

2010-01-14 Thread Andrea Parazzini
We have some Dell R610 and they do not work very well with OpenBSD: - very bad disk performance, perhaps the mpi(4) driver. - the optional Intel PRO/1000 QP does not work well (see my previous post). - amd64 version does not work. I have not tried the latest snapshots. Regards, Andrea On Tue, 12

Intel PRO/1000 QP

2009-11-18 Thread Andrea Parazzini
Hi, we have a Dell PowerEdge R610 with two Intel PRO/1000 QP cards connected to a Cisco 2960G switch. Each card has four giga interfaces, but only two interfaces per card work properly. Works only the first and third interface of each card. The other interfaces do not negotiate the correct speed.

iwi(4) does not work with latest snapshot

2008-07-29 Thread Andrea Parazzini
Hi misc, iwi(4) does not work, it worked well with 4.3: iwi0: timeout waiting for ucode to initialize iwi0: could not load microcode iwi0: fatal firmware error iwi0: timeout waiting for firmware initialization to complete iwi0: could not load main firmware Regards, Andrea Parazzini OpenBSD 4.4

bnx and vlan

2007-04-19 Thread Andrea Parazzini
ef:30:12 brgphy1 at bnx0 phy 1: BCM5708C 10/100/1000baseT PHY, rev. 6 tcpdump shows something like 10:55:40.124521 802.1Q vid 512 pri 1 cfi arp who-has 10:55:40.124841 802.1Q vid 768 pri 1 cfi arp who-has 10:55:40.133313 802.1Q vid 1024 pri 3 CARPv2-advertise 36: vlan id don't match t