Re: acme-client(1) and http_proxy

On 2017-04-25 05:27, Stuart Henderson wrote: On 2017-04-25, Adam Thompson wrote: By definition, you will (probably) not be able to use the ACME protocol - it only works (normally) when your system is connected directly to the public internet with a static IP address. Simply because you say

Re: Advice requested -- how best to copy a disk

7;ve used these (http://www.startech.com/HDD/Adapters/Bi-Directional-SATA-IDE-Adapter-Converter~PATA2SATA3) in production before, Startech has a few others with more convenient form factors (click on "Related Products"). -- -Adam Thompson athom...@athompso.net

undeadly.org status?

Anyone know what happened to undeadly? (The|A) host seems to be up but doesn't answer on any port. -- -Adam Thompson athom...@athompso.net

5.5-to-5.6 upgrade with mtier binpatch pkgs?

better way to handle this? 2) for the not-yet-upgraded system, should I remove the patches normally, reverting to 5.5-RELEASE, or ... ? Thanks, -Adam -- -Adam Thompson athom...@athompso.net Cell: +1 204 291-7950 Fax: +1 204 489-6515

Re: 5.5-to-5.6 upgrade with mtier binpatch pkgs?

On 14-11-24 12:28 PM, David Higgs wrote: On Mon, Nov 24, 2014 at 1:12 PM, Adam Thompson wrote: I just upgraded one of a matched pair of 5.5 systems to 5.6, and after the upgrade finished, it occured to me to wonder "what about the binpatch55-amd64-* packages from m:tier"? They&#x

Re: Packet Filter router i368 vs 64bit

CPUs and 48GB of RAM. It's massive, massive overkill for routing, no matter how many full tables I have in memory. (Top tells me I'm only using 338MB of memory, which seems suspect.) They're fast enough for my needs; the fastest usable connection they have is 1Gbps and they can easily saturate that. -- -Adam Thompson athom...@athompso.net

Re: OpenBSD Trademark Policy

ld have to change the default motd, the installation scripts, Theo's welcome root mail and xdm. Is there anything that I have missed? You might want to ask on the BitRig mailing lists/forums/whatevers, since I believe they would have already had to tackle this. -- -Adam Thompson athom...@athompso.net

Re: OpenBSD Trademark Policy

ter? Or the audio track for every release? The source code is, I think, the only thing that's obvious - both the BSD license and years of jurisprudence about that license establish its situation. -- -Adam Thompson athom...@athompso.net

BGP, PF and CARP together

Admittedly, I know very little about running pf in this situation. Cluebats welcome.) -- -Adam Thompson athom...@athompso.net

Re: DigitalOcean's BSD debut is FreeBSD only

KVM (or Xen or whatever happens to work for you). If you're not so lucky, or you need better guarantees that "it might work", then your options are quite limited. -- -Adam Thompson athom...@athompso.net Cell: +1 204 291-7950 Fax: +1 204 489-6515

Re: DigitalOcean's BSD debut is FreeBSD only

On 14-12-18 12:57 PM, Mike Larkin wrote: On Thu, Dec 18, 2014 at 12:24:45PM -0600, Adam Thompson wrote: On 14-12-18 12:06 PM, andrew fabbro wrote: In short - the list of VPS providers who can support OpenBSD is actually very big. I have to take issue with that statement... The list of VPS

suggested change to upgrade56.html

sure PKG_PATH (and +/etc/pkg.conf if applicable) is pointing to the 5.6 packages directory on your CD or nearest FTP mirror, and use something like -- -Adam Thompson athom...@athompso.net

Re: OpenBSD projects

HP/UX, AIX and UnixWare/OpenServer all support LDAP authentication without going through the PAM layer. Theoretically, any BSDauth-enabled OS could do so but most others (NetBSD, FreeBSD) take the, umm... "easy" way out and do it through PAM. -- -Adam Thompson athom...@athompso.net

Re: AMD64 packages - Reflecting dynamic linking

to use the word "schadenfreude" in regular conversation :). -- -Adam Thompson athom...@athompso.net

Re: 1U / 2 Computers? For redundant FW pair

so I can put one router in each chassis, thus ensuring complete separation all the way out to the ethernet switch and/or the shared UPS (take your pick). -- -Adam Thompson athom...@athompso.net

Re: vpn performance - C2750 vs C2758

hat work can be used here. -- -Adam Thompson athom...@athompso.net

Re: What's wrong with script(1)?

), vi(1), etc... anything where the non-visible output is actually the important part. -- -Adam Thompson athom...@athompso.net +1 (204) 291-7950 - cell +1 (204) 489-6515 - fax

where to start troubleshooting pfsync?

= flags S/SA keep state (sloppy, pflow) My workstation - where I see the effect of this problem most immediately - and my local DNS resolvers - all live in that 198.yyy.yyy.yyy/25 subnet; I don't know if this is relevant or not. So... at this point, what problem indicators (counters?

Re: Any experience with D-Link DGS-1100 and static trunk aggregation?

. I don't have a copy of the standard on hand to verify my recollection, though. (And I'm not going to pay that much just for this, sorry.) Also, note that 802.3ad was renumbered, effectively, to 802.1AX-2008 which has since been superceded by 802.1AX-2014... not that anyone really

Re: CPU criteria for OpenBSD firewall

n the embedded world is that QuickAssist is a really, really nice feature *if* you can figure out how to use it properly. Reminds me of the buzz surrounding the Cell processor when it came out. -- -Adam Thompson athom...@athompso.net

Re: CPU criteria for OpenBSD firewall

started. http://undeadly.org/cgi?action=article&sid=20150218085759&mode=expanded&count=0 If I've got my timeline right, we're already post-5.7-freeze, so I assume 5.8 is probably when us mere users will see a partially-SMP network stack. -- -Adam Thompson athom...@athomp

Re: Dial Cellular connection on boot amd64

of that message. However, there's no explicit support for ppp in /etc/netstart so I think your approach is otherwise probably the best way to do it. -- -Adam Thompson athom...@athompso.net +1 (204) 291-7950 - cell +1 (204) 489-6515 - fax

Re: OpenBSD Tablet-ish

internal disk is correctly formatted with an MBR and boot sector... catch-22! -- -Adam Thompson athom...@athompso.net

Re: OpenBSD Tablet-ish

'll probably still have to carry around a USB keyboard, which might make the whole exercise pointless. Good luck, anyway. -- -Adam Thompson athom...@athompso.net

Re: Any experience with D-Link DGS-1100 and static trunk aggregation?

will produce similar results on a DGS-1100 because all ports on the switch are limited to 1Gbps no matter what... so the fact that loadbalance is limited to 1Gbps per stream and roundrobin 2Gbps per stream becomes irrelevant. But it's still strange that one works and one doesn't. -- -Adam T

Very-small fully-functional systems?

hat can choose between soundfonts.) Thanks, -Adam -- -Adam Thompson athom...@athompso.net

Re: Route for a special IP

On 2015-03-11 10:58 PM, Zhi-Qiang Lei wrote: > It was just a router which does NAT for local devices in > 192.168.1.0/24. The external interface, of cause, was pppoe0. Now for > some reason, I want one of the device with IP 192.168.1.200 > communicate with outside through the tunnel interface tu

Re: OpenBSD hosting in Hong Kong?

For the usual reasons - most VPS providers do not allow you to install from arbitrary ISOs, and even fewer are willing to give you any assistance at all with unsupported OSes. ("You're only getting 1kbps? Let's see... oh, you're running OpenBSD. Have a nice day, bye.") -Adam On 04/17/2015 0

5.7 bootloader hang on Toshiba Portege M400

ions. Do I need to recompile the bootloader with some debug flag set? Did I just zone out while reading the relevant part of a manpage? (FWIW, WinXP, Ubuntu 15.04 and current Sysresccd all boot OK, so I'm pretty sure the hardware is fine.) -- -Adam Thompson athom...@athompso.net

Re: which netbook not to buy?

. If you want small + light, don't get the tablet model, and IMHO get at least the x220 or newer. Of course, none of us are actually answering your original question :-/. -- -Adam Thompson athom...@athompso.net

Re: rdomain with BGP dynamic route

amic prefix from BGP session. Right now all prefix learned from BGP goes to rdomain 0. I want to put prefix learned from BGP into the rdomain I specify. Thanks, -Yang ____ From: Adam Thompson [athom...@athompso.net] Sent: 24 July 2015 20:33 To: XU, YANG (

Re: rdomain with BGP dynamic route

On 07/30/2015 10:26 AM, XU, YANG (YANG) wrote: Adam, Your comments and links are very helpful, they made some concepts clear for me. Many thanks! What I need essentially is VRF function which converts IPv4 prefix to VPNv4 prefix dynamically. I hope experts can help on this. After spending so

Re: rdomain with BGP dynamic route

rvice provider point of view, I guess that's not a popular use case. Regards, -Yang -Original Message- From: Adam Thompson [mailto:athom...@athompso.net] Sent: Thursday, July 30, 2015 6:04 PM To: XU, YANG (YANG) Cc: misc@openbsd.org Subject: Re: rdomain with BGP dynamic route On

Re: update/upgrade

On 09/20/2015 10:26 PM, Quartz wrote: It looks like the M:tier thing is pretty close, my only concern is how long it'll last before the maintainers lose interest and the project gets abandoned. Handling updates/upgrades in OpenBSD has always been one of the more difficult parts for ordinary u

Re: Recommended miniPCI express wireless module for PC Engines' APU system board?

On 15-09-23 05:01 PM, Mike Bregg wrote: I'm using an APU as a firewall/router and it works very well. However, after experimenting with some different wireless cards, I actually opted to install a separate EnGenius EAP600 Access Point on the main floor of my house, using PoE to run to the rout

New, compatible laptops with warranty?

e thing rebuilt at least twice in the last 6 years, it doesn't really owe me anything. So I'm not devastated, but still not looking forward to buying a new desktop-replacement-class laptop. P.S. If any of you need ThinkPad X2xx-generation parts, feel free to let me know :-( -- -Adam Thompson athom...@athompso.net

firefox and ssh(1) -D behaviour vs. localhost

When using "ssh -D" to establish a SOCKS-type proxy, I can specify the bind_address for the local end of the connection, but how do I control the bind address on the far end? I'm accustomed to using -D to remotely administer various web services that are behind a firewall/bastion-host instead

Re: OT: True hardware UNIX terminal

On 16-03-30 03:07 AM, Sean Kamath wrote: Still using a Wyse (50?) on my Ultrasparc 80. In college, we had these weird DEC PC’s that we used as VT100 compatible terminals. That would either have been a DEC Rainbow, which was a hybrid-dual-processor 8088/Z80 machine that ran MS/DOS, CP/M *and* ha

Re: OT: True hardware UNIX terminal

On 2016-04-01 11:07, ropers wrote: And if anyone has ever operated the OpenBSD installer via a teleprinter, I want to hear that story. I think there's still a first-generation TI Silent 700 somewhere in my parents' basement. If, when they either die and/or move out to a seniors' residence pr

Re: openbsd vs freebsd NAT performance

On 16-04-16 11:55 AM, Mihai Popescu wrote: Hi, beside OpenBSD 5.8 i installed FreeBSD 10.3 on my router-pc. For routing i use pf. I noticed that the routing/NAT-performance is in FreeBSD noticeable higher than in OpenBSD. I think that is due to the SMP-support of pf in FreeBSD. I would point yo

Re: OT: Any experience connecting OpenBSD via ONT ?

On 16-04-26 05:29 PM, Jeremy wrote: Yeah, that's half the problem. My ISP isn't telling me much. Their helpdesk is handled out of the Philippines and it seems they're reading off a script. They don't mention PPPoE but from what I've tried so far, this looks like it will be necessary. Jeremy

Re: Wrong Shutdown

On May 26, 2014 9:16:17 AM CDT, "Martin Schröder" wrote: >2014-05-26 15:52 GMT+02:00 Walter Souza : >> Why OpenBSD has no interest in using journal file system? > >http://www.openbsd.org/faq/faq8.html#Journaling > >Please read the FAQ. > >Best > Martin Arguably, Walter might be better served b

Re: debugging vio issue?

Don't have a good answer for you, but I have similar problems with vio(4). Switching to e1000 on the KVM side solved my random hangs completely. -Adam -- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: 5.5 pf priority

;re just building a pf policy, setting inbound VoIP traffic to a high priority does NOT magically make your upstream provider send you VoIP packets with high priority - you don't control their behaviour from your local pf.conf! -Adam Thompson athom...@athompso.net

Re: 5.5 pf priority

My apologies, I have no idea why roundcube decided to format the plain-text version of my last message that way. -Adam

Re: 5.5 pf priority

nd policing on egress *for every interface* will (generally) give you the flexibility you need without painting yourself into a corner. I'm trying to figure out how to formulate my old garden-hose analogy, but apparently I've forgotten how to make it sound meaningful - stay tuned. -- -Adam Thompson athom...@athompso.net

Re: 5.5 installer does not recognize USB keyboard on Acer Iconia W700

On June 15, 2014 12:35:01 AM CDT, vadi...@gmail.com wrote: >Hi, > >I'm trying to install OpenBSD on Acer Iconia W700. It has one USB port >and no other input ports, so it is only possible to attach a USB >keyboard to this device. I've got stuck at the installer prompt: > >pckbc0: using irq 1 for kb

Re: LAN vs VLAN interface performance

be measurement error or some other hidden bias. For that matter, it could even be the switch that was slowing things down - I didn't exactly do exhaustive tests. -- -Adam Thompson athom...@athompso.net

Re: opensmtpd

If you're running any supported version of OpenBSD, they're already installed. ("man smtpd") Otherwise, please provide more details about your system, and why you think they're missing. -Adam On June 19, 2014 9:56:08 PM CDT, Edgar Pettijohn wrote: >Is it possible to install the man pages for

Re: LAN vs VLAN interface performance

Yes, OT... But unless you've chosen to do something silly (like enabling MVRP, or blindly allowing all VLANs to an untrusted host) saying "VLANs aren't secure" is about as useful as "ICMP isn't secure". Please explain how VLANs are not secure when you have control of the devices on both ends of

Re: procfs to die [was: CVS: cvs.openbsd.org: src]

I do use it occasionally, and I don't run -current so I wouldn't have noticed any breakage yet. I don't rely on it, however, it's a convenience feature that I very occasionally use, and only manually when I do. I can live without it if it dies; it was never a fully-featured implementation IMHO a

Re: LAN vs VLAN interface performance

On 14-06-21 01:03 PM, Chris Cappuccio wrote: Adam Thompson [athom...@athompso.net] wrote: Yes, OT... But unless you've chosen to do something silly (like enabling MVRP, or blindly allowing all VLANs to an untrusted host) saying "VLANs aren't secure" is about as useful as

Re: CARP without IP on the physical interfaces of carp group?

On 2014-06-30 11:11, Peus, Christoph wrote: > Henning, thanks for your quick reply. > >>> Which disadvantages could this mode of operation have compared to the classic mode with IPs assigned? >> the backup node might not be able to reach the network on the carp if > > Hmm... what does this mean

Re: CARP without IP on the physical interfaces of carp group?

On 2014-06-30 14:06, Henning Brauer wrote: >> FWIW, I don't use carppeer even though it could save me substantial IP address space, for a couple of reasons: 1) I want the canary-in-the-coal-mine to inform me of any layer 2 weirdness 2) I prefer predictability and "normal" use cases 3) if I ever s

Re: Firewall cluster.

On July 6, 2014 2:51:03 AM CDT, Mxher wrote: >Le 06/07/2014 04:34, Giancarlo Razzolini a écrit : >> Em 05-07-2014 16:20, Mxher escreveu: >>> 1) Can I group multiple virtuals ips to make them switch all at the >same >>> time using CARP ? >> AFAIK, no. But you can use ifstated. >I have to admit that

Re: X200 tablet doesn't work

Unfortunately, it's a known issue. The X200's integrated Wacom device still uses a serial protocol, for which there is currently no support in OpenBSD. The X60 and X201 are both affected also. I believe the X210 switched to a USB device which does work. There once was support AFAIK, but our X11

immutable-ish version control repo?

ry (none,read,write). Should ideally be in packages or ports, obviously. We have a bunch of version control systems in ports that I've never even heard of before! Suggestions on which one I should learn how to configure? -- -Adam Thompson athom...@athompso.net

Re: Are nc -lu < /dev/zero > /dev/null a good throughput test?

thing else) are your friends here, unless you have the budget to install 10Gbps switches... -- -Adam Thompson athom...@athompso.net

Re: Are nc -lu < /dev/zero > /dev/null a good throughput test?

y a lot more attention to the underlying OS than I'd like. Hardware zone/partition support like some of the high-end sun4v(??) machines looks better and better all the time. (Not too sure of the terminology right now.) -- -Adam Thompson athom...@athompso.net

Working ThinkPads? (Was: Re: openbsd and chromebooks)

So to get back on topic a bit, I know most of the devs use ThinkPads... My x201t is showing its age (already! *sigh*) as a Windows machine, but since much of the hardware (notably the serial Wacom touch-screen, rotation, fingerprint sensor) is nonfunctional under OpenBSD, I'm not sure that's wha

Re: Not able to pass BIOS drive check with OpenBSD drive attached

ions. Obviously the quality of any given vendor's CSM will vary :-/. Looking for details on it, the original vendor of it, etc. is about as useful as trying to track down who's responsible for this "MBR" stuff - barking up the wrong tree altogether, there's no single piece of software named CSM. -- -Adam Thompson athom...@athompso.net

Re: Looking for version advice

x27;d be better off running 5.5 and upgrading to 5.6 when it is released in November, since that will be a fully-supported upgrade path. -- -Adam Thompson athom...@athompso.net

Re: rc.local mystery executables

isn't terribly competent, mixing arches and leaving traces behind. The most innocent thing I can think of is that someone is playing a prank of you... -- -Adam Thompson athom...@athompso.net

Re: rc.local mystery executables

osely interconnected, not just the one compromised server you've noticed. I haven't used them under OpenBSD, so not sure how effective they'll be (both projects claim to support OpenBSD), but they're probably more appropriate than clamscan(1) which looks for mostly MS Windows-based viruses, not rootkits. -- -Adam Thompson athom...@athompso.net

Re: PDF FAQ [Was: Donations to OpenBSD]

omatic way to do the conversion? If not, I certainly don't think it's worth the time to change it by hand. -- -Adam Thompson athom...@athompso.net

Re: Can I turn off sndio?

/etc/rc.d/service_name stop && /etc/rc.d/service_name start should do the trick. -Adam On August 18, 2014 11:51:39 AM CDT, Worik Stanton wrote: >On 18/08/14 19:58, Alexandre Ratchov wrote: > >[snip] > >>> What is the proper way to turn it off? >>> >> >> set sndiod_flags=NO in /etc/rc.conf.local

Re: rsync -a doesnt keep owner and permissions

The remote rsync command runs as your user, not as root, and so cannot set ownership. IIRC there's an environment variable you can set that specifies how to invoke the remote rsync (post-ssh, there's an end var for establishing the ssh connection, too). Set that to "sudo rsync", would be my gues

Re: VMWare vmx NIC order

ernet NIC order to OpenBSD's NIC's order? If what you want to know is how to identify them, look at the MAC addresses in the VMware machine and inside the OpenBSD VM. I don't know of any way to re-arrange them, if that's what you meant. -- -Adam Thompson athom...@athompso.net

Re: is there app like xosview available in OpenBSD?

sysstat(1) is in base, but is not graphical. What does using Gnome or KDE matter? As long as the necessary libraries are installed, both Gnome and KDE apps will run under any X11 environment. -Adam On August 19, 2014 8:13:31 PM CDT, Long Wind wrote: >I find xosview is available in FreeBSD >(I

Re: VMWare vmx NIC order

make the >aligned to what is configured in VMWare's vmx file. > >Do you think its not possible? > >On Tue, Aug 19, 2014 at 4:57 PM, Adam Thompson >wrote: >> On 14-08-19 06:48 PM, Dan Shechter wrote: >>> >>> I am installing amd64 snapshot from aug 8 o

Re: VMWare vmx NIC order

en. For that matter, upgrading OpenBSD could also - at least in theory - change the detection order, too. I have not seen this happen since the 2.x days, I think, and I could easily be mistaken even there. -- -Adam Thompson athom...@athompso.net

Re: ifconfig command for IPv6 tunnel

can't remember whether (in the non-BGP case) I added the route command as "!route -n add -inet6 default 2001:470:1f04:204::1" to the hostname.gif0 file, or if I added it to /etc/mygate - one or the other should work, anyway. -- -Adam Thompson athom...@athompso.net

Re: ifconfig command for IPv6 tunnel

ftware. Beware following guides that are too old - I see some old material referencing transition mechanisms (like FAITH - did anyone ever actually use that?), which probably aren't what you want to be looking at now. -- -Adam Thompson athom...@athompso.net

Re: Strip private AS# from AS-PATH with OpenBGPd

I'm still baffled - why do you want to reject routes containing private ASNs? It's strange and odd, but not invalid or illegal. AFAICT, it's analogous to routing public IP traffic across a link that uses RFC1918 addresses - completely irrelevant to the end-user. Am I missing something? -Adam

Re: New queueing system and HZ value limits

Unless I've mis-understood all the emails and reports about this, it affects low-bandwidth queues, not low-bandwidth interfaces. In other words, limiting traffic to 50Mbps on a 1Gb link will work fine, limiting it to 50kbps on the same link will not. Yes/no? -Adam On August 21, 2014 12:03:12 P

n00b spamd/spamdb question

x errors, bad recipients, etc. My best guess so far is that I've got the -G passtime too low, and everyone talking to me so far is really aggressive and actually retries correctly...? This server is still only a secondary MX for the domains that get hit with lots of spam, so that

Re: n00b spamd/spamdb question

recommend using the default spamd values. Easy enough. We'll see what happens when this becomes the primary MX. Absent content filtering, I anticipate a large upswing in the amount of spam landing in my inbox... [1] http://www-plan.cs.colorado.edu/diwan/3308-07/p17-armour.pdf -- -Adam Thompson athom...@athompso.net

dual separator?

m them all into "+", but I don't see a way to do that here. Am I missing anything that could help me? -- -Adam Thompson athom...@athompso.net

Re: dual separator?

On 14-08-22 12:09 PM, Claus Assmann wrote: On Fri, Aug 22, 2014, Adam Thompson wrote: I have a large number of email "tags", but use both "+" and "-" as a separator. So far, I'm entering all the "-" ones into aliases; is there a better way to do t

Dell PE2900 instant-reboot with 5.5-RELEASE

then I'll try an actual CD-ROM. I can take video of the boot screen, not sure how to get serial console output that early in the process. -- -Adam Thompson athom...@athompso.net

Re: Dell PE2900 instant-reboot with 5.5-RELEASE

On 14-08-23 05:49 PM, Adam Thompson wrote: Copying install55.fs to a USB stick and booting from it starts to boot, gets part-way through the boot process, then suddenly reboots. All amd64 images fail in exactly the same way. The server logs a Machine Check Exception on CPU1 along with a

Re: Help, please, understanding AHCI error on amd64

now for some reason. Most people boot a Linux CD to do this, but atactl(8) appears to support the "secerase" command. There are all sorts of things that could prevent you from doing this, and if you can't work past them, you probably should just throw the drive away. -- -Adam Thompson athom...@athompso.net

Re: Managed DNS recommendation

That means they screwed up somewhere. Yes, you'll have to create a new account on their new system - that's kind of the point, they acquired the business and transitioned it to their own platform. I've been dealing with (and recommending) EasyDNS since 1999, and their technical support is easi

Re: OpenBGPD not installing routes that happen to originate from the same ASN in another location into the RIB

/article.php/3617346/Networking-101--Understanding-iBGP.htm (not necessarily the best article, just the first one I found describing the iBGP/same-AS stuff you're talking about). -- -Adam Thompson athom...@athompso.net

Re: How to run smokeping with slowcgi?

k wait $FPID done ) & ===EOF=== There are a handful of fcgi launchers in ports/pkgs that should do a much cleaner job of it. -- -Adam Thompson athom...@athompso.net

bgpctl show advertisements?

Is there any functionality in bgpctl(8) that will show me precisely what I'm advertising to a neighbor? If not, is there any easier way - assuming I don't have access to my neighbor's router, and they don't run a looking-glass - to find that out, short of packet sniffing?

Re: low power device

ing the C2xxx series run OpenBSD without glitches - Intel makes a big deal about how the Avoton/Rangeley line require binary blobs to initialize the chipset, which seems ... well, dumb. And barely credible, at best. -- -Adam Thompson athom...@athompso.net

Re: Question about FAQ section 10.3

east by me) a Bad Thing. -- -Adam Thompson athom...@athompso.net

Re: Upgrade dry run - restore backup from physical to virtualbox VM?

should always produce a consistent dump. For more information on that problem, read http://dump.sourceforge.net/isdumpdeprecated.html . While OpenBSD's dump(8) is not the same program, the user-visible behaviour in this respect is fundamentally similar. And OpenBSD's FFS/FFS2 does not have snapshots to take care of this. Hopefully someone will suggest a way to deal with this problem under OpenBSD that I'm not aware of... -- -Adam Thompson athom...@athompso.net

Re: rc.local and rc.conf.local

completely different function. That file remains a shell script wherein you can put whatever custom craziness you like, that gets executed once at boot time. Typically you would only use this for executing system-specific commands to initialize non-packaged software that you've compiled yourself. -- -Adam Thompson athom...@athompso.net

Re: rc.local and rc.conf.local

tion would probably be to create an rc.d script that integrates cleanly, then release your work as a port, but sometimes that's just too much work. -- -Adam Thompson athom...@athompso.net

Re: BGP changes to support CARP better

path control which would you recommend? MED or padding the AS path? I.e. is one potentially more responsive than another.. Neither! Just "set nexthop" appropriately. -- -Adam Thompson athom...@athompso.net Cell: +1 204 291-7950 Fax: +1 204 489-6515

Re: BGP changes to support CARP better

ve I missed? (Or is this yet another breakdown in OpenBSD's documentation?) -- -Adam Thompson athom...@athompso.net

Re: BGP changes to support CARP better

(Apologies for top-posting) I've seen the same thing, but I assumed I'd made a mistake somewhere. Maybe not. -Adam Andy wrote: >On 15/11/13 16:50, Adam Thompson wrote: >> On 13-11-15 04:17 AM, Andy wrote: >>> On 12/11/13 05:48, Chris Cappuccio wrote: >>

nsd sendto failure - how to debug?

53 doesn't appear to show anything useful or interesting (every query I can see has a reply). How might I find out what's causing these errors, short of recompiling nsd with additional logging output? -- -Adam Thompson athom...@athompso.net

Re: nsd sendto failure - how to debug?

t see that being relevant - I'm sure someone will quickly correct me if I'm wrong.) I can provide nsd.conf, if desired, although I'd rather not post it to a public mailing list. I have tried turning up the verbosity: flag, to no effect. I have tried debug mode, to no effect. (In fa

Re: nsd sendto failure - how to debug?

On 13-12-21 07:32 PM, Adam Thompson wrote: I'm seeing lots of "nsd[11026]: error: sendto failed: No route to host" errors in my logs on both authoritative nameservers. With a custom-compiled version of nsd, I can confirm that the error is at server.c:1491, not in xfrd.c, wh

Re: nsd sendto failure - how to debug?

mhosting.ca:/root# pfctl -si Status: Disabled Debug: err -- -Adam Thompson athom...@athompso.net

Re: nsd sendto failure - how to debug?

nge in rate. If that was the problem in the first place, wouldn't the error be different (ENOBUFS instead of EHOSTUNREACH)? If it's of any interest, the error often occurs in bursts (n>=4 within syslog's "last message repeated /n/ times" window). -- -Adam Thompson athom...@athompso.net

Re: nsd sendto failure - how to debug?

immediately. (Since presumably all the failures were for globally-routeable IPv6 addresses.) Sorry for all the noise :-( -- -Adam Thompson athom...@athompso.net

<    1   2   3   >