Re: Default rdomain for CLI commands

8:39:33AM -, Stuart Henderson wrote: >>> On 2023-10-24, Andy Lemin wrote: >>> Hi all, >>> >>> Just a quick question. >>> >>> I have multiple rdomains. My outside rdomain (rdomain 0) has a single >>> default route to my ISP. And my

Re: Default rdomain for CLI commands

routes, so now have to _always_ prefix with route -T0 exec (to support automated route changes etc). This must be unexpected behaviour to change dynamically like this? Thanks for your help, Andy. > On 24 Oct 2023, at 14:09, Lyndon Nerenberg (VE7TFX/VE6BBM) > wrote: > > Andy

Default rdomain for CLI commands

Hi all, Just a quick question. I have multiple rdomains. My outside rdomain (rdomain 0) has a single default route to my ISP. And my internal rdomain 9 has multiple default routes pointing to various pairX interfaces for some funky routing stuff. Everything works beautifully, however, every co

Re: OpenBSD Wireguard implementation not copying ToS from inner to outer WG header

> On 29 Sep 2023, at 00:09, Sonic wrote: > >  > Hopefully not as dumb of a question as I suspect it might be. > Does the generic... > = > match out on $ext_if inet proto tcp from ($ext_if) set prio (3, 7) > match in on $ext_if inet proto tcp to ($ext_if) set prio (3, 7) > = > ...take

Re: OpenBSD Wireguard implementation not copying ToS from inner to outer WG header

On 19 Sep 2023, at 20:07, Janne Johansson wrote:Den sön 17 sep. 2023 kl 09:19 skrev Andrew Lemin :Hi, I have been testing the Wireguard implementation on OpenBSD and noticed that the ToS field is not being copied from the inner unencrypted header to the outer Wireguard he

Re: PF queue bandwidth limited to 32bit value

> On 15 Sep 2023, at 18:54, Stuart Henderson wrote: > > On 2023/09/15 13:40, Andy Lemin wrote: >> Hi Stuart, >> >> Seeing as it seems like everyone is too busy, and my workaround >> (not queue some flows on interfaces with queue defined) seems of no >>

Re: PF queue bandwidth limited to 32bit value

Hi Stuart,Seeing as it seems like everyone is too busy, and my workaround (not queue some flows on interfaces with queue defined) seems of no interest, and my current hack to use queuing on Vlan interfaces is a very incomplete and restrictive workaround;Would you please be so kind as to provide me

problems with outbound load-balancing (PF sticky-address for destination IPs)

Hi smart people :) The current implementation of ‘sticky-address‘ relates only to a sticky source IP. https://www.openbsd.org/faq/pf/pools.html This is used for inbound server load balancing, by ensuring that all socket connections from the same client/user/IP on the internet goes to the same

Re: Disable ftp in pkg_add syspatch sysupgrade

For completeness, I discovered I was having issues with downloading the sources for the sysupgrade command on my edge firewall also! So it was not limited to internet servers as first thought. Since upgrading the 6.6 (had to run sysupgrade 4 times to get it to complete the downloads), the issue

Re: Disable ftp in pkg_add syspatch sysupgrade

Hahaha Thanks Theo, that made me smile. But you have answered my question perfectly, albeit in a round about way. Indeed it doesn’t matter what it is called, and would be clearer with a generic name, as we got caught out by a program calling another program with colliding name. For example, Ha

Disable ftp in pkg_add syspatch sysupgrade

Hi guys, Does anyone know if it is possible to completely disable ftp in the package management utilities; pkg_add, syspatch, sysupgrade etc? My PKG_PATH references http:// urls, as does /etc/install. But I cannot stop these tools trying to use ftp which does not work! :( Every time I try and

Re: Building Unbound with Python module support

fresh eyes the next day ;) All working now. You guys are heros. Thank you for the gentle nudges in the right direction. Kindest regards. Andy Lemin Sent from a teeny tiny keyboard, so please excuse typos > On 7 Aug 2019, at 09:01, Claudio Jeker wrote: > >> On Wed, Aug 07, 2019 a

Re: Building Unbound with Python module support

. Sent from a teeny tiny keyboard, so please excuse typos > On 7 Aug 2019, at 00:03, Andy Lemin wrote: > > Hi Stuart, > > Thanks for your reply. > > So I put in some leg work to set myself up so I could build a new release > base system, and went digging. > >

Re: Building Unbound with Python module support

make this project native/portable so other users can use this project without having to rebuild Unbound? Thanks Andy. Sent from a teeny tiny keyboard, so please excuse typos > On 6 Aug 2019, at 19:36, Stuart Henderson wrote: > >> On 2019-08-06, Andy Lemin wrote: >> Hi guys

Re: Best 1Gbe NIC

ote: > > I find cheap PCI-Express and PCI-X em(4) cards suffice for my needs. 990-992 > Mbps with tcpbench. > > >>> On Aug 2, 2019, at 11:26 AM, Claudio Jeker wrote: >>> >>> On Fri, Aug 02, 2019 at 12:28:58PM +0100, Andy Lemin wrote: >>> Ahhh, tha

Building Unbound with Python module support

Hi guys, I’m just after some general advice as I feel like I’m doing something wrong, and having to hack around too much for what I believe should be simple. I am developing a simple Python plugin for Unbound, and the default Unbound install on OpenBSD sadly wasn’t built with “—with-pythonmodul

Re: Best 1Gbe NIC

> On 2 Aug 2019, at 09:52, Jonathan Gray wrote: > >> On Fri, Aug 02, 2019 at 09:19:09AM +0100, Andy Lemin wrote: >> Hi list, >> >> I know this is a rather classic question, but I have searched a lot on this >> again recently, and I just cannot find a

Best 1Gbe NIC

Hi list, I know this is a rather classic question, but I have searched a lot on this again recently, and I just cannot find any conclusive up to date information? I am looking to buy the best 1Gbe NIC possible for OpenBSD and the only official comments I can find relate to 3COM for ISA, or comm

Re: DNS Race Condition on Boot

9:14:19AM +0100, Andy Lemin wrote: >> >> Hi guys, >> >> Is anyone else aware of the Unbound and PF race condition that exists when >> FQDNs are used in pf.conf with a local Unbound server? > > Yes, it's an obvious one isn't it? > >> &g

DNS Race Condition on Boot

Hi guys, Is anyone else aware of the Unbound and PF race condition that exists when FQDNs are used in pf.conf with a local Unbound server? The issue occurs when pf starts before unbound, but where pf fails to start as it cannot resolve some DNS names.. and so unbound also fails to work when it

Re: PF Outbound traffic Load Balancing over multiple tun/openvpn interfaces/tunnels

Hi, So for completeness, I did some more testing with your suggestions. First I tried using different nexthop’s in each of the interface-nexthop pairs in the route-to pool (as the next hop doesn’t really matter with p2p interfaces). And it did start to work! :) But after some more testing it s

Re: PF Outbound traffic Load Balancing over multiple tun/openvpn interfaces/tunnels

Hi Andreas, Thanks for your reply. Sorry I should have been more clear. I know that rdomains are the correct method with overlapping addressing. The challenge is that I cannot figure out how to get openvpn to initialise it’s resulting tunX interface directly into the correct rdomain? You norma

Re: van Sprundel

allegation to cite so many vulnerabilities as still being unfixed today? Is this true? Thanks for your reply :) A Sent from a teeny tiny keyboard, so please excuse typos > On 28 Jan 2018, at 14:11, Hiltjo Posthuma wrote: > >> On Sun, Jan 28, 2018 at 12:56:26PM +, Andy

van Sprundel

Really, did he actually post any real vulnerabilities to OpenBSD! This article has to be govt propaganda.. https://www.csoonline.com/article/3250653/open-source-tools/is-the-bsd-os-dying-some-security-researchers-think-so.amp.html I was laughing with tears when I read this.. OpenBSD is the only

Re: Libressl issue verifying self-signed certs with tls-auth and Openvpn

Hi Stuart and Joel, Just to confirm for others reading, you are very correct. And patch 014_libcrypto has fixed this :) So just run syspatch (or openup) and you'll be working again. Thanks for the commits ;) PS; good to hear from you again Stuart! Long time.. I'm on this email now rather than

Re: Libressl issue verifying self-signed certs with tls-auth and Openvpn

t openvpn is still linking to 2.5.2. > > It would be great if someone would be kind enough to confirm if this CVE is > indeed the same issue, and if 2.5.4 includes the relevant fixes for it? > > And if yes, a gentle nudge as to how to get openvpn to link to the 2.5.4 > install? > > Thanks for your time. > Kind regards, Andy Lemin > > > > Sent from a teeny tiny keyboard, so please excuse typos

Re: Fan Speed - Supermicro

his is the default, but it is a server... Cheers, Andy. On Mon, Nov 21, 2016 at 2:10 PM, Delan Azabani wrote: > At 19:11, Andy Lemin wrote: > > but we cannot figure out how to control the fan speed at all. > > Every board in the X9DRW series should have a BMC with IPMI, and this >

Fan Speed - Supermicro

Hi, I know this is probably a simple question, but we have searched, found very little, and tried various things to no effect. We have a Supermicro server running OpenBSD which is _screaming_ loud due to fan noise. BIOS is latest and power mode is "Balanced" (during POST it is nice and quiet (ho

Re: Output Errors on VLAN interfaces

st I have the code open, I am also going to have another go at trying to find the missing 64bit counter/range check etc for the HFSC queue size tomorrow (if I dont get dragged onto anything else). Thanks for your time and help guys, Kind regards, Andy Lemin On Tue, Aug 9, 2016 at 2:48 AM, Ch

SNMPD Source Address Issues

Hi, TLDR; Is there a way of fixing the "source address" that SNMPD should use? We are having issues with reply snmpd packets sourcing from the egress interface and not the loopback interface which the poll request was sent to :( We have many GRE tunnels and various routes which traffic can take

Re: OSPFD, setting point-to-point

local ethernet p2p link. This causes local traffic to briefly traverse another remote router via the GRE's for a moment, whilst waiting for the local adjacency via the ethernet cable to finish their election etc. Thanks, Andy. On Mon, Aug 8, 2016 at 5:12 PM, Andy Lemin wrote: > Hi, &g

OSPFD, setting point-to-point

Hi, Does anyone know if it is possible to set an ethernet crossover cable between two OpenBSD firewalls running OpenOSPFD as point-to-point? OpenOSPFD recognises GRE's as point-to-point so the logic is there for handling a point-to-point adjacency, but cannot see how to set this on the ethernet p

Output Errors on VLAN interfaces

Hi guys, Has anyone else seen issues with "output errors" occurring on only VLAN interfaces since upgrading to 5.9? (and after using openup to get latest kernel). It does not happen on all VLAN interfaces, only ones under load. The underlying trunk does not report any Rx or Tx errors at all. An

Re: is 'set prio' in pf unidirectional or bidirectional?

many HP switches, you cannot modify this DiffServ <-> CoS mapping. So the suggestion at the bottom is just to set a ToS that HP switches will prioritise.. Have fun, all the best. Andy Lemin On Wed, Jun 15, 2016 at 8:18 PM, Andy Lemin wrote: > Peter is quite right, to add some e

Re: is 'set prio' in pf unidirectional or bidirectional?

Peter is quite right, to add some examples to his suggestion; tcpdump -nettti pflog0 <- Shows only dropped packets tcpdump -nettti em0 <- Shows all packets on the interface, including ToS values and VLAN ID etc. tcpdump -nettti vlanX <- Shows only packets on the VLAN without the extra info. Sure

Re: pf changes port on udp nat-to and rdr-to reply packets (RTP stream)

Because of this "Remember that static-port means you can't have two machines behind the same NAT using the same source port and destination.", you should instead probably use "binat-to" as a good practice. This will help force you to not be able to accidentally reuse the same public IP for another

5.9 is the best release yet, very excited for 6.0 - but worried some things will be missing that will ruin the fanfare

Not to say previous releases haven't been as great (they all are), but I must say that 5.9 really does feel like a huge step towards a massive milestone (well done), and 6.0 will hopefully be the release that kills the GIANT lock for OpenBSD as a firewall. So really thank you.. For ourselves, the

Possible SNMPD Bug - IF-MIB::ifInDiscards (and maybe ifOutDiscards) report the same value for every single interface :(

Hi list :) We have noticed our monitoring systems are reporting and alerting the wrong data for OpenBSD Interface Discards since adding all the OpenBSD firewalls to our new Monitoring system. And we have proven that it is SNMPD which is returning the same value for every single interface with; r

Re: hostname.carp - CARP Bootup Woes Correct layout / format for >=5.9 - man page for hostname.carp

->Backup (without a Master flap), and no errors are seen in dmesg. This is not obvious after working with the ifconfig commands, and there is no man so I hope this helps some people :) Cheers, All the best, Andy. On Wed, May 18, 2016 at 11:24 AM, Andy Lemin wrote: > Hi Martin, > >

Re: hostname.carp - CARP Bootup Woes Correct layout / format for >=5.9 - man page for hostname.carp

dvbase 2 advskew 10 carppeer 10.255.12.3 pass testpass vhid 212 inet 10.255.12.1 255.255.255.0 10.255.12.255 inet6 2a00:77e0:255:12::1 64 inet6 eui64 description "4D_CDC_VPLS" Cheers, Andy. On Tue, May 17, 2016 at 5:37 PM, Martin Pieuchot wrote: > On 17/05/16(Tue) 16:37, Andy Lemin

hostname.carp - CARP Bootup Woes Correct layout / format for >=5.9 - man page for hostname.carp

Hi Misc, Since 5.9 (maybe earlier), we noticed that our CARP interfaces no longer behave as before, don't initialise properly on boot up, and throw errors at boot. I know there has been lots of changes, especially IPv6. So hopefully this is a simple question and I'm just being stupid, and unable

Re: 64 Queue Size, ARC routing, MP Networking, OpenBSD 5.9

Thanks guys :) As always I will report back on testing results. I have a lot of DR traffic (multiple TB's daily) I can push through this to see how it fairs.. Thanks Andy. On Tue, Feb 9, 2016 at 4:33 PM, Stuart Henderson wrote: > On 2016/02/09 08:22, Chris Cappuccio wrote: > >

Re: 64 Queue Size, ARC routing, MP Networking, OpenBSD 5.9

fo to the state that was created at the previous step (Packet Filtering)? Thanks everyone, Andy. On Sun, Feb 7, 2016 at 9:06 PM, Stuart Henderson wrote: > On 2016-02-07, Andy Lemin wrote: > > Hi everyone, > > > > Just a couple very quick 5.9 questions; > > > &

64 Queue Size, ARC routing, MP Networking, OpenBSD 5.9

Hi everyone, Just a couple very quick 5.9 questions; 1) Will 5.9 have a 64bit integer for the queue sizes, or are we still limited to ~4294M? 2) When 5.9 comes out, will the new ARC routing table be enabled by default? If not can we turn it on without building from source? 3) Does anyone know

64 Queue Sizes in OpenBSD 5.8

Hi, Is their any news whether we'll have 64bit PF queue sizes soon? Our link between our Primary and DR DCs needs more than 4.2Gbps, but we cannot shape traffic above this due to the 32bit queues. Simply we need to impose shaping to ensure the CDR is not breached. We really need to upgrade the C

Re: PF Packet Flow Diagram

n't the state created after the nat-to and rdr-to is applied as the state stores both the inside IP and the outside IP etc. Of does this second box also append this extra info to the state that was created at the previous step (Packet Filtering)? I haven't added this yet.. > > &

Re: pf nat and routing question

> On 25 Jun 2015, at 15:46, Marko Cupać wrote: > > On Wed, 24 Jun 2015 08:17:15 -0400 > Michel Blais wrote: > >> The solution seem his explain on this link >> >> ‎http://www.openbsd.org/faq/pf/rdr.html#reflect > > On Thu, 25 Jun 2015 14:50:42 +0100 >

Re: pf nat and routing question

Hi, We do exactly the same thing for our wifi network. Users on wifi can *only* use public IP addresses. The solution is easy, you just have to consider where you do your nat'ing; You can't do bin-at, so you will need nat-to and rdr-to rules to make it work. E.g. The following line translates t

Re: PF Packet Flow Diagram

Hi, > On 25 Jun 2015, at 10:31, Jiri B wrote: > > On Thu, Jun 25, 2015 at 10:15:08AM +0100, Andy Lemin wrote: >> Surprised I've not had any replies for this? >> http://s12.postimg.org/i4pggq465/Open_BSDPFPacket_Flow.jpg >> <http://s12.postimg.org/i4pggq465

Re: PF Packet Flow Diagram

thought I'd quickly re-do it. I can't believe nothing has changed in 5 years (I think thats when the original I saw was dated). Anyway, I try and message Henning directly and get his thoughts, and I'll post back here once its got his approval. Cheers, Andy. > On 23 Jun 2015

Re: PF Packet Flow Diagram

Haha, Oops! thanks Doug.. Here it is instead.. http://s12.postimg.org/i4pggq465/Open_BSDPFPacket_Flow.jpg <http://s12.postimg.org/i4pggq465/Open_BSDPFPacket_Flow.jpg> Cheers, Andy. > On 23 Jun 2015, at 14:13, Doug Hogan wrote: > > On Tue, Jun 23, 2015 at 11:56:17AM +0100, A

Re: HA / load balancing / fail-over using CARP

I’ll follow your advice and stay in active-backup mode for now. Doesn't mean you should't try active-active out (in a lab).. But if you're only talking 500mbps, stick with steady and stable ;) > > Romain > > From: Andy Lemin [mailto:a...@brandwatch.com] > Sent:

PF Packet Flow Diagram

Hi, I was updating an old copy of the PF flow diagram I had lying around and thought I'd post here quickly for comments / additions / corrections? Would be nice to update this and make it comprehensive as possible. [demime 1.01d removed an attachment of type application/pdf which had a name of

Re: HA / load balancing / fail-over using CARP

Hi, You can already do active-active CARP with OpenBSD. I believe it hashes by the MAC address (the MAC hash dictates which firewall responds to an ARP for the gateway IP). However you may have issues with states and state synchronisation depending on the pps and firewall hardware performance, mea

Re: missing snmp OID's

Hi Stuart, Thanks for this. However I think I'm still missing something.. Sorry ;) On 24 Apr 2015, at 00:37, Stuart Henderson wrote: > On 2015-04-23, andy wrote: >> Hi, >> >> This should be a simple one ;) >> >> I have configured and started snmpd, and then used snmpwalk ("snmpwalk >> -v2c -c

Re: Using percentages in the new queuing syntax

tuart Henderson wrote: > In gmane.os.openbsd.misc, Andy Lemin wrote: >> Hopefully this is just a quick question and I'm missing something here, but >> it >> seems that we can no longer use percentages in our PF child queues. > > It hasn't been implemented for t

Re: Using percentages in the new queuing syntax

ative percentages take from their parent etc.. Cheers, Andy. On 24 Feb 2015, at 15:26, Andy Lemin wrote: > Hi, > > Hopefully this is just a quick question and I'm missing something here, but it > seems that we can no longer use percentages in our PF child queues. > > For example;

Using percentages in the new queuing syntax

Hi, Hopefully this is just a quick question and I'm missing something here, but it seems that we can no longer use percentages in our PF child queues. For example; This:- altq on $if_trunk bandwidth 4294Mb hfsc queue { _local, _wan } oldqueue _local on $if_trunk bandwidth 4100Mb priority 4 hf

GRE tunnel through IPSec tunnel

Hi guys, I’m a bit confused (easily done) as to how I would configure a GRE tunnel through an IPSec tunnel? I have *many* subnets at each site, and I have a full mesh of IPSec tunnels between each site, for each and every subnet at each site.. Urghhh! :_( Its over 100 tunnels now.. If I were

Re: carp not reverting to master

Please excuse typos, sent from my phone > On 15 Oct 2014, at 19:13, Marko Cupać wrote: > > On Thu, 02 Oct 2014 18:02:23 +0100 > Andy wrote: > >> Hi >> >> Try setting the advskew to a number greater than 200 and less then >> 254. This seems to be the most stable. >> >> For best practice our p

Re: carp not reverting to master

Please excuse typos, sent from my phone > On 15 Oct 2014, at 19:13, Marko Cupać wrote: > > On Thu, 02 Oct 2014 18:02:23 +0100 > Andy wrote: > >> Hi >> >> Try setting the advskew to a number greater than 200 and less then >> 254. This seems to be the most stable. >> >> For best practice our p

Re: OpenBSD 5.5: question regarding pf syntax

> On 28 Sep 2014, at 05:00, "System Administrator" wrote: > >> On 27 Sep 2014 at 18:50, Andrew Lester wrote: >> >> Hey guys, >> >> I have what I hope is a simple syntax question for pf rules. I have not >> been able to find any example of this online or in the man pages. I >> suspect it is perh

Re: Donations to OpenBSD

We know... ;) Sent from my iPhone > On 14 Aug 2014, at 16:14, Nicolai wrote: > >> On Thu, Aug 14, 2014 at 07:16:41AM +0100, Bernte wrote: >> Could you please just clarify: I have money and I want that to go to the >> OpenBSD project. I would like as much as possible to make it there (from >> th

Re: Donations to OpenBSD

Hahaha, lol!! Yes peter :) Sent from my iPhone > On 14 Aug 2014, at 10:17, Peter Hessler wrote: > > options: > > 1) cash in envelope, put into mail > 2) bank cheque in envelope, put in mail > 3) suck it up, and stop caring about the middle man's cut > 4) bank transfers (also: see #3) > 5) fly

Re: 5.5 pf priority

Hi Henning, Thanks for your reply. We agree it's an edge case but would have an impact, albeit small. So taking your work as truth and good judgement as best as any human can (which I do), should we all just strip all our 'prio's if we use queues? I don't want things in my PF which aren't being

Re: Virtual firewalls with OpenBSD and PF

> On 20 Apr 2014, at 19:24, Henning Brauer wrote: > > * Andy Lemin [2014-04-09 00:14]: >> For PF, I wouldn't recommend using anchors as I *think* their slower > > where on earth are people getting this ridiculous ideas from? Can't remember. Thanks for confirming

Re: Virtual firewalls with OpenBSD and PF

Hi Wiesław, Definitely support your desire to try to add more structure to your PF writing! :) We use git to version control PF and many other files (over 60 files across an OBSD system now come to think of it). For PF, I wouldn't recommend using anchors as I *think* their slower and restrict

Re: OpenBGPd - iBGP next-hop translation using IGP (OSPF)

On further thought, using option 1 and randomising the next hop used wouldn't provide a very good distribution of load as it would be on a per network route basis and not on a per IP basing like proper multipath. Would also be costly in route look ups etc. So looks like we would need to use 'max

Re: upgrades no longer allow ftp for sets

Couldn't agree more! :) Andy Sent from my iPhone > On 29 Mar 2014, at 09:10, Eric Oyen wrote: > > geez! there are better technologies out here. SUre, if a technology works for > 20 years, then go with it. However, there are loads faster ways (and a lot > more secure too). Why not use bit torr

Re: IPSec Packet Loss Help

Hi, haven't read your original email but if my assumptions about your setup are correct is the VPN tunnel dropping every now and then? I had a similar issue with 4 OBSD firewalls (2 at each end), all running isakmpd and sasyncd to keep the SAs in sync between a pair. With the tunnels explicitly

Re: ospfd and L2VPN routes

Hi, it's not a good idea to distribute /32 routes around your routing domain as it will make convergence times longer and adds unnecessary load to the other routers. OSPF and other routing daemons like summary routes. I'm guessing you've assigned a 'unique' /24 network for the VPN clients which

Re: DNS resolver retries configurable? (or: Anything to make DNS resolves always work!)

Maybe try configuring bind (read the manuals and online docs) and setting resolv.conf to 127.0.0.1 would be a good start. OpenBSD's resolv logic won't be 'fixed' unless you want to change the code.. Sent from my iPhone > On 19 Dec 2013, at 22:36, Mikael wrote: > > Seems that by default OpenBS

Re: How to segregate forwarded and firewall-generated traffic in pf?

Fantastic! Thanks Camiel :) Sent from my iPhone > On 18 Dec 2013, at 21:32, Camiel Dobbelaar wrote: > >> On 18/12/13 14:50, Maxim Khitrov wrote: >>> On Wed, Dec 18, 2013 at 8:42 AM, Camiel Dobbelaar wrote: On 18/12/13 13:53, Maxim Khitrov wrote: When writing outbound rules in p

Re: carp+pfsync+relayd question

In fact thinking about it if think that is a relayd issue somewhere and not pf at all.. Sent from my iPhone > On 14 Nov 2013, at 19:37, Leonardo Santagostini wrote: > > Well well well there is one thing its ocurring that i cant figure out. > > im getting some relay site3 session 3370 (502 active

Re: carp+pfsync+relayd question

Hi, as a complete guess (not used relayd yet let alone DSR) a 502 sounds like an error return from nginx/apache etc. could be a direct server return issue causing the TCP three way handshake to not be completing properly between the endpoints, even though a 502 is usually server side issue.. I'd tr

Re: Ivy Bridge-EP Xeon (E5-2637v2) and Intel C602 Patsburg-A Chipset support

Hi, sadly OpenBSD does not boot with the latest Ivy Bridge EP (E5-2637v2) with 'Power Technology' in the supermicro BIOS set to 'Max Performance', on both 5.4 release and the snapshot dated Nov 3rd; [demime 1.01d removed an attachment of type image/jpeg which had a name of image.jpeg] If I reset

Re: new queueing subsystem

I think he did answer your question, if you read between the lines.. A session cannot be 'pushed' to max! It needs to demand the bandwidth in the first place. Try reading this; http://trash.net/~kaber/hfsc/SIGCOM97.pdf This along side /many/ other Internet pages allowed us to fully implement and