Hi Misc,
Has anyone else come across any issues recently with Openvpn, Libressl and
TLS on OpenBSD 6.1?
I am using an .ovpn file with TLS auth static key and cert inline within
the file, to connect to VPN service. Running openvpn binary from command
line without any special params, just .ovpn fil
t; Sent from a teeny tiny keyboard, so please excuse typos
>
> On 20 Jun 2017, at 20:23, Andrew Lemin wrote:
>
> Hi Misc,
>
> Has anyone else come across any issues recently with Openvpn, Libressl and
> TLS on OpenBSD 6.1?
>
> I am using an .ovpn file with TLS auth static key
Hi list,
I use an OpenVPN based internet access service (like NordVPN, AirVPN etc).
The issue with these public VPN services, is the VPN servers are always
congested. The most I’ll get is maybe 10Mbits through one server.
Local connection is a few hundred mbps..
So I had the idea of running mu
Hi list,
I really need some help mounting an install.fs disk image, and hope someone
can help :)
I have been trying and failing to create an auto-installing USB flash drive
for OpenBSD.
All of the below steps are being performed using an existing OpenBSD VM
1) Create /auto_install.conf file
https
Hi,
I am running an ASRock J4105B-ITX board and wanting to run OpenBSD on this.
https://www.asrock.com/MB/Intel/J4105B-ITX/index.asp#BIOS
It boots up, and at the 'boot>' prompt I can use the keyboard find.
However after it boots up, the keyboard stops working, and no disks are
found by the insta
Hi gents,
Sorry for the slow reply, and thank you for all your responses! :D
Raf, you are correct. It seems that the ftp client is performing an http(s)
downloads.
To me this seems unusual (was expecting 'curl' or 'wget' etc to avoid code
duplication) and confusing? What do you think?
Stuart, th
Hi all,
Hope this finds you well.
I have discovered that PF's queueing is still limited to 32bit bandwidth
values.
I don't know if this is a regression or not. I am sure one of the
objectives of the ALTQ rewrite into the new queuing system we have in
OpenBSD today, was to allow bandwidth values l
Hi Stuart.
On Wed, Sep 13, 2023 at 12:25 AM Stuart Henderson
wrote:
> On 2023-09-12, Andrew Lemin wrote:
> > Hi all,
> > Hope this finds you well.
> >
> > I have discovered that PF's queueing is still limited to 32bit bandwidth
> > values.
> >
>
On Wed, Sep 13, 2023 at 3:43 AM Andrew Lemin wrote:
> Hi Stuart.
>
> On Wed, Sep 13, 2023 at 12:25 AM Stuart Henderson <
> stu.li...@spacehopper.org> wrote:
>
>> On 2023-09-12, Andrew Lemin wrote:
>> > Hi all,
>> > Hope this finds you well.
>
On Wed, Sep 13, 2023 at 8:22 PM Stuart Henderson
wrote:
> On 2023-09-12, Andrew Lemin wrote:
> > A, thats clever! Having bandwidth queues up to 34,352M would
> definitely
> > provide runway for the next decade :)
> >
> > Do you think your idea is worth ci
On Wed, Sep 13, 2023 at 8:35 PM Stuart Henderson
wrote:
> On 2023-09-13, Andrew Lemin wrote:
> > I have noticed another issue while trying to implement a 'prio'-only
> > workaround (using only prio ordering for inter-VLAN traffic, and HSFC
> > queuing for i
On Thu, Sep 14, 2023 at 7:23 PM Andrew Lemin wrote:
>
>
> On Wed, Sep 13, 2023 at 8:35 PM Stuart Henderson <
> stu.li...@spacehopper.org> wrote:
>
>> On 2023-09-13, Andrew Lemin wrote:
>> > I have noticed another issue while trying to implement a 'pr
Hi,
I have been testing the Wireguard implementation on OpenBSD and noticed
that the ToS field is not being copied from the inner unencrypted header to
the outer Wireguard header, resulting in ALL packets going into the same PF
Prio / Queue.
For example, ACKs (for Wireguard encrypted packets) end
On Mon, Sep 18, 2023 at 10:59 PM Stuart Henderson
wrote:
> On 2023-09-17, Andrew Lemin wrote:
> > I have been testing the Wireguard implementation on OpenBSD and noticed
> > that the ToS field is not being copied from the inner unencrypted header
> to
> > the outer Wir
On Fri, Sep 22, 2023 at 12:27 PM David Gwynne wrote:
> On Mon, Sep 18, 2023 at 12:47:52PM -, Stuart Henderson wrote:
> > On 2023-09-17, Andrew Lemin wrote:
> > > I have been testing the Wireguard implementation on OpenBSD and noticed
> > > that the ToS field i
m,
least-states and source-hash
If I change the 'route-to' pool to "{ (tun2 10.8.8.1), (tun1 10.8.8.1) }",
then only tun2 is used instead.. :(
So 'route-to' seems to only use the first tunnel in the pool.
Any advice on what is going wrong here. I am wondering if
Wed, Nov 21, 2018 at 3:42 AM Chris Cappuccio wrote:
> Andrew Lemin [andrew.le...@gmail.com] wrote:
> > Hi,
> >
> > I am running an ASRock J4105B-ITX board and wanting to run OpenBSD on
> this.
> > https://www.asrock.com/MB/Intel/J4105B-ITX/index.asp#BIOS
> &g
Hi. Sorry for extremely slow reply!
Did you add the return routes for your internal subnets into each of the
per-tun rdomains?
To test your tunnels are setup correctly;
Once you have the external interface in rdomain 0, and each VPN instance's
tun interface is bound to different rdomains etc, you
Hi. I hope everyone is well and having a great day :)
Just a quick question about the mcx (Mellanox 5th generation Ethernet
device) drivers
https://man.openbsd.org/mcx.4
The man page says nothing more than it supports;
ConnectX-4 Lx EN
ConnectX-4 EN
ConnectX-5 EN
ConnectX-6 EN
I am looking for s
I see this question died on its arse! :)
This is still an issue for outbound load-balancing over multiple internet
links.
PF's 'sticky-address' parameter only works on source IPs (because it was
originally designed for use when hosting your own server pools - inbound
load balancing).
I.e. There i
hat you want to know can be found by reading the source, or the
> commit logs. Since this is a locally written driver, the code is
> surprisingly approachable.
>
> Andrew Lemin wrote:
>
> > Hi. I hope everyone is well and having a great day :)
> >
> > Just a quick qu
where one
path goes down, it will migrate all the entries only for that failed path
onto the remaining good paths (like ecmp-fast-reroute ?)
Thanks for your time, Andy.
On Wed, Sep 29, 2021 at 5:21 PM Claudio Jeker
wrote:
> On Wed, Sep 29, 2021 at 02:17:59PM +1000, Andrew Lemin wrote:
> &g
n Wed, Sep 29, 2021 at 08:07:43PM +1000, Andrew Lemin wrote:
> > Hi Claudio,
> >
> > So you probably guessed I am using 'route-to { GW1, GW2, GW3, GW4 }
> random'
> > (and was wanting to add 'sticky-address' to this) based on your reply :)
> >
&
the mcx driver! So we should be able to see the super low latency
capabilities with this card :)
I will keep pushing myself.. Thanks again Theo
On Wed, Sep 29, 2021 at 2:21 PM Andrew Lemin wrote:
> Hi Theo :)
>
> Ok sure, I will put on my cape-of-courage and start reading the source.
the ConnectX-4 Lx cards are pretty cheap now.
Warning to others reading my comments, me poking around in kernel code is
akin to a blind person in a library before learning braille, so take
nothing I say as fact, merely optimistic opinion :)
On Wed, Sep 29, 2021 at 9:08 PM Andrew Lemin wrote:
>
Hi all,
I am totally stumped with issues while upgrading/installing 7.1 and I need
some help!
Server; Supermicro X10SLV-Q (Intel Q87 Express), Xeon E3-1280 v3, 8G RAM,
Mellanox 10G NIC
This server has been running OpenBSD flawlessly for years. I followed the
upgrade instructions and was able to
sibus1 targ 5 lun 0:
naa.55cd2e438062
sd1: 171705MB, 512 bytes/sector, 351651888 sectors, thin
ichiic0 at pci0 dev 31 function 3 "Intel 8 Series SMBus" rev 0x05: apic 8
int 18
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 4GB DDR3 SDRAM PC3-12800 SO-DIMM
spdmem1 at iic0 addr 0x52: 4GB DDR
27 matches
Mail list logo
