Re: SCSI Enclosure Service

hey jens, from what i can tell, you talk to the ami mg9071 chips on that enclosure using sgpio, not in band using smp (sas mgmt protocol) or ses as a scsi device. i get the impression that mpii hardware does have some understanding of enclosures connected via sgpio, but i'm not sure what benefi

Re: re0 and re1 watchdog timeouts, and system freeze

On Fri, Jun 09, 2017 at 07:19:34PM +0200, Bj??rn Ketelaars wrote: > On Fri 09/06/2017 12:07, Martin Pieuchot wrote: > > On 08/06/17(Thu) 20:38, Bj??rn Ketelaars wrote: > > > On Thu 08/06/2017 16:55, Martin Pieuchot wrote: > > > > On 07/06/17(Wed) 09:43, Bj??rn Ketelaars wrote: > > > > > On Sat 03/0

Re: SNMP reporting on VXLAN interfaces

On Thu, Aug 16, 2018 at 10:51:25AM +1000, Jason Tubnor wrote: > Hi, > > Not sure if anyone else here is using SNMP for obtaining VXLAN(4) adapter > throughput but after some testing (clamping with PF queues), I have > discovered that throughput on VXLAN interfaces via SNMP are reporting > exactly

Re: using aggr interface instead of trunk

> On 14 May 2020, at 4:22 pm, mabi wrote: > > Hi Iain, > > ‐‐‐ Original Message ‐‐‐ > On Wednesday, May 13, 2020 7:55 PM, Iain R. Learmonth wrote: > >> More details are at:https://marc.info/?l=openbsd-cvs&m=156229058006706&w=2 > > I actually already read that one after seeing the a

Re: non-checksummed UDP packets

> On 20 Jul 2020, at 05:30, Stuart Henderson wrote: > > On 2020-07-19, obs...@loopw.com wrote: >> >>> Is this normal? >> >> Checksum is OPTIONAL in UDP, not required. This is covered in RFC 768. > > For IPv4, anyway. It's required for v6. Or is it? https://tools.ietf.org/html/rfc6935

Re: dhclient on carp

> On 22 Jul 2020, at 22:59, Guy Godfroy wrote: > > Hello, > > So I read in 6.7 release note that it's finally possible to use dhclient on > CARP interface. That's great news. > > However, I'm not sure how to use it on a hostname.if file. I tried to replace > inet instruction directly with

Re: dhclient on carp

is the backup. i suggest using an address like one in 169.254.x.y/16 so the carps can elect. > > Le 23/07/2020 à 03:15, David Gwynne a écrit : >>> On 22 Jul 2020, at 22:59, Guy Godfroy wrote: >>> >>> Hello, >>> >>> So I read in 6.7 release no

Re: 6.6-beta (RAMDISK_CD) #281 hangs on fsck

I think I see the problem. We're going to try and test this locally and will hopefully have something committed in a few hours time. dlg > On 9 Sep 2019, at 10:33, Luke Small wrote: > > I have mfii too: > dmesg | grep mfii: > > mfii0 at pci11 dev 0 function 0 "Symbios Logic MegaRAID SAS2208"

Re: 6.6-beta (RAMDISK_CD) #281 hangs on fsck

This should be fixed in -current now. A snapshot should pick it up in a day or so. Sorry for the inconvenience. Cheers, dlg > On 9 Sep 2019, at 11:08 am, Luke Small wrote: > > Yay! > -Luke > > > On Sun, Sep 8, 2019 at 8:07 PM David Gwynne wrote: > I think I see the

Re: Changes to VLAN and promiscuous mode in 6.6

Hey, This should be fixed in current as of r1.199 of src/sys/net/if_vlan.c Sorry for the inconvenience. Cheers, dlg > On 29 Oct 2019, at 19:49, Zé Loff wrote: > > > Hi all > > Some changes in VLAN-related code went into 6.6 and I think some of them > changed the way the parent interface get

Re: issues configuring vlan on top of aggr device

On Tue, Dec 03, 2019 at 02:11:16PM +, Pedro Caetano wrote: > Hi again, > > I'm sorry, but since the boxes do not (yet) have working networking it is > not easy for me to get the text output. > I'm attaching a few pictures with the requested output. > > https://picpaste.me/images/2019/12/03/ca

Re: ipv6 via he.net connectivity issues - possible regression?

aggr(4) didn't exist in OpenBSD 6.6, so maybe that's the difference. Does the problem go away if you use trunk(4) instead of aggr(4)? Alternatively, could you build a -current kernel and make sure you have src/sys/net/if_aggr.c r1.25 and see what effect that has? Cheers, dlg > On 13 Dec 2019,

Re: small aggr problem ( on current )

On Thu, Dec 19, 2019 at 01:59:30PM +0100, Hrvoje Popovski wrote: > On 15.12.2019. 23:01, Hrvoje Popovski wrote: > > On 15.12.2019. 12:45, Holger Glaess wrote: > >> hi > >> > >> > >> ?? runing version > >> > >> > >> /etc 16>dmesg | more > >> Copyright (c) 1982, 1986, 1989, 1991, 1993 > >> ??

Re: em(4) watchdog timeouts

On Fri, Nov 13, 2015 at 10:18:51AM -0500, Sonic wrote: > On Wed, Nov 11, 2015 at 9:20 AM, Gregor Best wrote: > > I've done some further testing and I think I've narrowed it down to the > > "Unlocking em(4) a bit further"-patch [0]. could you try this? its not written with the wdog stuff in mind,

Re: Chelsio T4 10g adapters support ?

> On 10 Dec 2015, at 12:28, Brendan Horan wrote: > > Hi, > > I am looking at building a system running OpenBSD to deal with 10g networks. > > It would seem there is good support for Intel cards via the "ix" driver. > However I was looking at Chelsio cards. > It seems the "che" driver only supports

Re: authentication infra structure

> On 10 Dec 2015, at 5:25 AM, Friedrich Locke wrote: > > If you had about 10k users and 5k machine how would you manage > authenticating issues? Keep in mind that this is a very heterogenous > environment with ldap, ftp, smtp, pop3, traditional unix boxes etc we use ypldapd talking to our di

Re: PF: can't make queueing and priority work as expected

> On 11 Jan 2016, at 22:43, Daniel Melameth wrote: > > On Sun, Jan 10, 2016 at 7:58 AM, Marko Cupać wrote: >> On Sat, 9 Jan 2016 11:11:27 -0700 >> Daniel Melameth wrote: >>> You NEED to set a max on your ROOT queues. >> I came to this conclusion as well. But not only on root queues. For >> examp

Re: PF: can't make queueing and priority work as expected

> On 13 Jan 2016, at 19:19, Marko Cupać wrote: > > On Tue, 12 Jan 2016 16:40:58 +0100 > Claudio Jeker wrote: > >> On Tue, Jan 12, 2016 at 05:33:06AM -0700, Daniel Melameth wrote: >>> On Mon, Jan 11, 2016 at 9:37 PM, David Gwynne >>> wrote: >>

Re: PF: can't make queueing and priority work as expected

> On 15 Jan 2016, at 9:07 PM, Craig Skinner wrote: > > On 2016-01-15 Fri 12:53 PM |, David Gwynne wrote: >>> On 13 Jan 2016, at 19:19, Marko Cupa?? wrote: >>> >>> Have we come to conclusion that currently prio makes no sense at all? >> >> it won

Re: gif(4) changes vs tunnelbroker

> On 27 Feb 2018, at 4:10 am, Pavel Korovin wrote: > > Dear all, > > After upgrading several hosts to -current I noticed that all my IPv6 tunnels > via tunnelbroker stopped working. Recently introduced changes to gif(4) > (since > late December 2017) are too complex for me to grasp, maybe an

Re: gif(4) changes vs tunnelbroker

> On 1 Mar 2018, at 02:22, Andreas Bartelt wrote: > > On 02/27/18 22:35, Pavel Korovin wrote: >> On 02/28, David Gwynne wrote: >>> what is the status of sysctl net.inet.ipip ? >> David, thank you! That was easy :) >> Sorry for the noise. >> $ sysctl ne

Re: OSPF over gif on top of IPsec transport -current

> On 11 Mar 2018, at 05:30, Atanas Vladimirov wrote: > > On 2018-03-10 00:01, Remi Locherer wrote: >>> >> With below diff the setup works as expected: tcpdump shows OSPF hellos >> on gif0 and ospfd sees the neighbour. >> I don't think it's the correct fix though. >> Index: if_gif.c >> =

Re: OSPF over gif on top of IPsec transport -current

> On 10 Mar 2018, at 08:01, Remi Locherer wrote: > > > With below diff the setup works as expected: tcpdump shows OSPF hellos > on gif0 and ospfd sees the neighbour. > > I don't think it's the correct fix though. functionally it is the correct fix. when i reworked gif(4) in src/sys/net/if_gi

Re: Switching from trunk(4) to aggr(4)

> On 14 Dec 2020, at 08:40, Daniel Jakots wrote: > > On Sun, 13 Dec 2020 20:34:35 - (UTC), Stuart Henderson > wrote: > >> On 2020-12-12, Daniel Jakots wrote: >>> I've been using a LACP trunk on my apu (with the three em(4)). On >>> top of which I have some vlans. I've been doing that fo

Re: Switching from trunk(4) to aggr(4)

On Tue, Dec 15, 2020 at 06:43:12PM -0500, Daniel Jakots wrote: > On Tue, 15 Dec 2020 14:30:16 +1000, David Gwynne > wrote: > > > Can you try tcpdump -p -veni em0 -D in and see if any LACP packets > > appear to come in on the port? If not, can you remove the -p and see >

Re: seeing carp interface state change for unknown reason ; cluestick hunting

> On 1 Feb 2021, at 6:02 pm, Bryan Stenson wrote: > > Hi all - > > I'm trying to setup a pair of ERL3 octeon routers in master/standby > mode via carp/pfsync to route traffic from my internal lan to the > internet. I've seen strange behavior wrt carp on these machines, so > in an attempt to

Re: What determines source IP of traffic from OpenBSD box ?

On Sun, Feb 28, 2021 at 01:17:01PM +0100, Rachel Roch wrote: > > > > 28 Feb 2021, 11:28 by s...@spacehopper.org: > > > On 2021/02/28 11:46, Rachel Roch wrote: > > > >> Thank you all for the suggestions, I am currently testing a few of them. > >> > >> Incase it makes any difference, the underlyi

Re: divert with rdr-to not working properly

On Mon, Apr 05, 2021 at 09:51:53AM +0300, Hakan SARIMAN wrote: > Hello Misc, > > > I think divert-packet feature with NAT/NAPT is broken. > > I can not reach to web server when I use divert-packet with rdr-to. > > Is this a known bug or a new issue? There's no other options? Just those two? I

Re: Working with encapsulated traffic using PF (pass incoming IPv4 from IPv6 gif tunnel)

> On 9 Apr 2021, at 18:55, Martin wrote: > > Hello list, > > I have working IPv4 OpenBSD router. There are no problems with native IPv4 > and IPv6 traffic filtering/redirecting at all. > > Now stuck with filtering IPv4 traffic encapsulated in IPv6 tunnel using gif > interface. > > IPv6 int

Re: virtual cluster with rdomain(4)

Hi Thomas, I'd give this a go with vport(4) interfaces instead of vether(4), and join them all together at layer 2 by adding them to a single veb(4). Cheers, dlg > On 10 May 2021, at 03:04, Thomas Huber wrote: > > Hi misc, > > I wanted to tinker with the cluster manager sysutils/nomad but >

Re: Home Assistant

ive been running hass on openbsd for a while now, and just did a new install on 6.9 for my boss on the weekend. i set up a _hass user for it to run as, and gave it /opt/hass: hass$ getent passwd _hass _hass:*:2000:2000:Home Assistant:/opt/hass:/sbin/nologin hass$ getent group 2000 _hass:*:2000 ha

Re: virtual cluster with rdomain(4)

fe:e1:ba:d3:17:a0 vport2 16 flags=0<> ix# dlg > > thanks > Thomas > > On Mon, 10 May 2021 at 08:10, David Gwynne wrote: > > > > Hi Thomas, > > > > I'd give this a go with vport(4) interfaces instead of vether(4), and > join them al

Re: pf ipv6 source-routing 6.9

> On 10 May 2021, at 8:05 pm, Bastien Durel wrote: > > Le samedi 08 mai 2021 à 12:07 +0200, Bastien Durel a écrit : >> Le 08/05/2021 à 11:56, Stuart Henderson a écrit : > Does it work if you use the syntax suggested in the upgrade > notes > for the example with "pass in on pppoe1 r

Re: Home Assistant

> On 11 May 2021, at 05:01, pas...@pascallen.nl wrote: > > Dear David, > > How do you start homeassistant after a reboot? Manually? i have these scripts. the pexp in the rc script doesnt work, but i havent needed it to yet. apathy$ cat /etc/rc.d/hass

Re: Openbsd VMM with VLAN

Hi Irshad, Assuming I understand your layout correctly, you should be able to use hostname.if configurations files like the following: $ cat hostname.em0: up $ cat hostname.vlan20 description "Trusted (L2+L3)" vnetid 20 parent em0 inet aa.bb.cc.dd 255.255.255.0 up $ cat hostname.vlan10: descri

Re: ipsec hardware recommendation

> On 11 Aug 2023, at 21:08, Marko Cupać wrote: > > Hi, > > I have star topology network where dozens of spokes communicate with > other spokes through central hub over GRE tunnels protected with > transport-mode ipsec. > > This worked great for years, but lately all the locations got bandwid

Re: pf state-table-induced instability

On Mon, Aug 28, 2023 at 01:46:32PM +0200, Gabor LENCSE wrote: > Hi Lyndon, > > Sorry for my late reply. Please see my answers inline. > > On 8/24/2023 11:13 PM, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote: > > Gabor LENCSE writes: > > > > > If you are interested, you can find the results in Tables 18

Re: pf state-table-induced instability

me spare > time) takes 5 minutes. This is a way too long overhead, if I need to do it > between every single elementary steps (that is, the steps of the binary > search) which are in the order of magnitude of 1 minute. :-( 5 minules of VALUE ADDING. pretty sure dell thinks you sho

Re: pf state-table-induced instability

On Thu, Aug 31, 2023 at 04:10:06PM +0200, Gabor LENCSE wrote: > Dear David, > > Thank you very much for all the new information! > > I keep only those parts that I want to react. > > > > It is not a fundamental issue, but it seems to me that during my tests not > > > only four but five CPU cores

Re: Netstat output

> On 7 Sep 2023, at 08:00, Steven Shockley wrote: > > When running netstat -I [interface], what do the "fails" and "errs" columns > mean? When my firewall is under network load, the output interface fails and > total errs increases. fails are the sum of qdrops and errs. qdrops are when the

Re: OpenBSD Wireguard implementation not copying ToS from inner to outer WG header

On Mon, Sep 18, 2023 at 12:47:52PM -, Stuart Henderson wrote: > On 2023-09-17, Andrew Lemin wrote: > > I have been testing the Wireguard implementation on OpenBSD and noticed > > that the ToS field is not being copied from the inner unencrypted header to > > the outer Wireguard header, resulti

Re: Bridging em and vlan

> On 5 Oct 2023, at 11:17, David Higgs wrote: > > On Tue, Oct 3, 2023 at 10:10 AM David Higgs wrote: > >> On Mon, Oct 2, 2023 at 9:26 AM David Higgs wrote: >> >>> On Sun, Oct 1, 2023 at 9:13 AM Zé Loff wrote: >>> On Sat, Sep 30, 2023 at 11:39:36AM -0400, David Higgs wrote: > All

Re: Bridging em and vlan

> On 6 Oct 2023, at 01:50, David Higgs wrote: > > Logically, I wanted three hosts in the same broadcast domain (ISP CPE, IoT > device, OpenBSD router), so tpmr(4) didn't seem appropriate - was I missing > something? No, you were right to reach for veb in your setup.

Re: Realtek 8723BE unsupported

On Sun, Dec 03, 2023 at 06:02:03PM +0100, Jan Stary wrote: > (please keep replies on the list) > > On Dec 03 12:08:08, kolip...@exoticsilicon.com wrote: > > On Sun, Dec 03, 2023 at 02:35:11PM +0100, Jan Stary wrote: > > > This is current/amd64 on a HP 260 G2 mini PC (dmesg below). > > > Everything

Re: sec interface and rdomain

which bit doesnt work? the "tunneldomain" command or actual packets moving? sec transport is provided entirely by the ipsec stack, ie, you configure the ipsec SAs associated with the interface to operate in a specific rdomain, sec doesn't support configuration that with tunneldomain. if you tcp

Re: Stretch/L2VPN between two datacenters

On Fri, Dec 16, 2022 at 11:39:02AM +0100, Hrvoje Popovski wrote: > On 16.12.2022. 11:33, Lars Bonnesen wrote: > > We are about to migrate VM's from one datacenter to another and the VMware > > L2VPN we are using for this is simply not stable for some reason that we > > cannot figure out why. > > >

Re: DHCP server ignoring PF rules?

dhcpd reads packets off the wire using BPF, which happens as packets come off the network interface, but before the IP stack where pf runs. > On 17 Dec 2022, at 22:40, Cristian Danila wrote: > > Good day! > I finished setup an DHCP server and for some reason it seems DHCP > server is ignoring P

Re: Stretch/L2VPN between two datacenters

ch site, and I am planning to > > tunnel tpmr through this - I guess that tpmr itself is not encrypted in any > > way? > > > > Regards, Lars. > > > > On Fri, Dec 16, 2022 at 4:30 PM deich...@placebonol.com < > > deich...@placebonol.com> wrote: > > > >> I've run L2 over an IPsec tunnel using egre (gre(4)) and bridge (bridge > >> (4)) to connect systems in different locations together. > >> > >> This was done before David Gwynne created tpmr(4). I've been to lazy to > >> reimplement my current configuration. > >> > >> 73 > >> diana > >> > >

Re: bridge(4) question new network setup

On Fri, Jan 20, 2023 at 11:09:47AM -0800, patrick keshishian wrote: > Hello, > > I am trying get a new ISP setup working. The Router is > causing some pain. There is a /28 public block assigned. > The DSL router can't be configured in transparent bridge > mode (they say). It holds on to one of

Re: bridge(4) question new network setup

On Sat, Jan 21, 2023 at 01:32:18PM -0800, patrick keshishian wrote: > On 1/20/23, Hrvoje Popovski wrote: > > On 20.1.2023. 20:09, patrick keshishian wrote: > >> Hello, > >> > >> I am trying get a new ISP setup working. The Router is > >> causing some pain. There is a /28 public block assigned. >

Re: bridge(4) question new network setup

On Sat, Jan 21, 2023 at 01:46:34PM -0800, patrick keshishian wrote: > On 1/20/23, David Gwynne wrote: > > On Fri, Jan 20, 2023 at 11:09:47AM -0800, patrick keshishian wrote: > >> Hello, > >> > >> I am trying get a new ISP setup working. The Router is >

Re: bridge(4) question new network setup

> On 22 Jan 2023, at 10:44, David Gwynne wrote: > > On Sat, Jan 21, 2023 at 01:46:34PM -0800, patrick keshishian wrote: >> On 1/20/23, David Gwynne wrote: >>> On Fri, Jan 20, 2023 at 11:09:47AM -0800, patrick keshishian wrote: >>>> Hello, >>>&g

Re: veb(4) with multiple vlan(4)'s

On Sun, Jan 22, 2023 at 10:25:13AM +0100, Hrvoje Popovski wrote: > On 22.1.2023. 3:27, Scott Colby wrote: > > Hello, > > > > I am trying to set up a router with a fresh install of OpenBSD 7.2, > > and I'm having a hard time grokking how to use veb. > > > > I have organized my network into 4 subne

Re: do i need to move to veb?

On Sat, Jan 21, 2023 at 03:41:56PM +0300, kasak wrote: > Hello misc! > > I'm using bridge for integrating remote clients to my network with this > simple config: > > $ cat /etc/hostname.bridge0 > add vether0 > add em1 > add tap1 > up > > I see in this commit that veb is supposed to replace bridg

Re: veb(4) with multiple vlan(4)'s

> On 23 Jan 2023, at 05:42, Hrvoje Popovski wrote: > > On 22.1.2023. 12:45, David Gwynne wrote: >>> hostname.veb1 >> description "LAN" >> >>> link1 >> you don't want to enable link1 unless you want pf to filter traffic on >>

Re: OpenBSD as a transparent switch filter

I think you can do this on OpenBSD with https://github.com/eait-itig/commarp and just routing on em0. I don’t think any layer 2 things like bridge or veb are needed, and probably won’t work anyway because as Claudio said, they don’t want to hairpin anyway. That code doesn’t have any manpages un

Re: OpenBSD as a transparent switch filter

uses. Do you have a definition of what you think it means before I say yes or no? > > On Tue, 24 Jan 2023 at 23:45, David Gwynne wrote: >> >> I think you can do this on OpenBSD with https://github.com/eait-itig/commarp >> and just routing on em0. I don’t think any layer

Re: OpenBSD as a transparent switch filter

> On 25 Jan 2023, at 10:03, Martin Schröder wrote: > > Am Mi., 25. Jan. 2023 um 00:45 Uhr schrieb David Gwynne : >> I think you can do this on OpenBSD with https://github.com/eait-itig/commarp >> and just routing on em0. I don’t think any layer 2 things like bridge or ve

Re: athn on a bridge

On Thu, Feb 09, 2023 at 11:44:56AM -, Stuart Henderson wrote: > On 2023-02-08, Martin Kj??r J??rgensen wrote: > > > > When configuring the athn0 with no IP address, and adding the interface to a > > bridge0 interface along with the em1 device and a vether0 device, clients > > still connects fi

Re: How to use VM as router to other VMs or Host?

On Sat, Mar 11, 2023 at 11:30:52AM +0100, lisper.drea...@tutanota.com wrote: > Hi Misc, > I'm trying to use alpine linux as a router/gateway to my OpneBSD machine. > I can set up alpine linux with vmm and configure its network, no problem so > far. > I'd like my host network traffic to get in and

Re: Using veb instead of bridge at vpls section

> On 21 Mar 2023, at 05:05, Valdrin MUJA wrote: > > Hello folks, > > I have successfully configured the VPLS by following the instruction on > https://pawa.lt/posts/2018/01/vpls-with-openbsd/. > Everything worked like a charm. > > But when I tried to use veb(4) instead of bridge(4) , I got

Re: veb Interface Max Cache Size Restrict

On Tue, Apr 18, 2023 at 07:51:08PM +, Samuel Jayden wrote: > Hello, > I have one veb interface in OpenBSD 7.2 and 5 ethernet ports are paired > with this veb. As I understand from the ifconfig output, 4096 mac address > cache values can be kept in this veb interface . > > ifconfig veb10 > veb1

Re: Will tags length influence the performance in PF?

inside the kernel tags are given numeric identifiers, and these numbers are used everywhere. the length of the tag name doesnt affect performance. > On 21 Apr 2023, at 04:10, Cristian Danila wrote: > > Hello Misc, > > I have a technical question in regards to PF tags. > I was always wondering

Re: small issue with mpe

On Fri, May 19, 2023 at 04:44:38PM +0200, Holger Glaess wrote: > hi > > > if you do an "ifconfig mpeX" , will not show the configured tunneldomain. > > /etc 59>ifconfig mpe1 > mpe1: flags=51 rdomain 200 mtu 1500 > ??index 82 priority 0 llprio 3 > ??encap: txprio 0 rxprio packet >

Re: small issue with mpe

20 > you are on farin as root > /usr/src/sbin/ifconfig 165>./ifconfig mpe1 > mpe1: flags=51 rdomain 200 mtu 1500 > ??index 82 priority 0 llprio 3 > ??encap: txprio 0 rxprio packet > ??mpls: label 200 rdomain 20 > ??groups: mpe > ??inet 172.16

Re: small issue with mpe

> On 23 May 2023, at 17:40, Claudio Jeker wrote: > > On Tue, May 23, 2023 at 07:09:51AM -, Stuart Henderson wrote: >> On 2023-05-23, David Gwynne wrote: >>> On Sat, May 20, 2023 at 09:44:51AM +0200, Holger Glaess wrote: >>>> hi >>>>

Re: Usage of pf(4) with tap(4) and veb(4)

On Thu, May 25, 2023 at 02:11:29AM +0200, Joel Carnat wrote: > Hi, > > I'd like confirm I understood how pf works in a mixed veb/vport/tap > environment. I'm using OpenBSD 7.3/amd64 (if that matters). > > I have a physical host that runs services (relayd, httpd...) the "classical" > way and also

Re: Route based IPsec

> On 27 May 2023, at 21:40, Stuart Henderson wrote: > > On 2023-05-27, Valdrin MUJA wrote: >>Does OpenBSD have routed based IPsec support? > > Not yet. while you wait, it might be possible to configure a gif tunnel protected by ipsec transport mode. dlg

Re: Route based IPsec

> On 31 May 2023, at 18:33, Claudio Jeker wrote: > > On Wed, May 31, 2023 at 08:35:45AM +1000, David Gwynne wrote: >> >> >>> On 27 May 2023, at 21:40, Stuart Henderson >>> wrote: >>> >>> On 2023-05-27, Valdrin MUJA wrote: >>

Re: Using pf route-to to Route Network Traffic a tun interface and Replying from it

On Tue, May 30, 2023 at 06:07:32PM +0300, Nick Andersen wrote: > Hi Folks, hi. > > I am writing to seek assistance regarding an issue I am experiencing in > trying to route my Personal Computer's network traffic to a TUN interface. > My objective is to modify some of its content and subsequently

Re: veb and vport on apu2 -- config feedback

looks good to me after a quick read. > On 23 Jun 2023, at 12:15, Amarendra Godbole > wrote: > > I am planning to experiment with veb on my PC Engines apu2e4 board. It > has three ports (em0, 1 and 2). Current configuration has em0 hooked > up to cable modem, while em1 and em2 are internal LAN.

Re: tftpd loop

what does "host -- -c" say? On 29/06/2013, at 3:54 AM, Peter Fraser wrote: > tftpd -l -c xxx > > resulting from a mistyping causes tftpd to into a loop

Re: PF sync doesn't not work very well

On 03/07/2013, at 10:11 PM, Mark Felder wrote: > On Wed, 03 Jul 2013 07:00:02 -0500, Loïc Blot > wrote: > >> Hello, >> no carp is used at this time. > > pfsync needs to be used with carp... without it you're just playing > whack-a-mole with your session table. no it doesnt. pfsync just does

Re: PF sync doesn't not work very well

On 03/07/2013, at 6:23 PM, Loïc Blot wrote: > Okay, defer is now enabled on pfsync interface (sorry for my last idea, > i haven't the man on me :) ). > It seems the problem isn't resolved. > The transfer starts but blocked at random time. i have hit this too, despite being the person most respon

Re: PF sync doesn't not work very well

you could try using sloppy states like henning suggested. you'll still get to write stateful rules and get the tcp state machine checks but not the tcp window checks. if it works with sloppy states it narrows the issue down to the pfsync state merge code. at the moment im kind of guessing thats

Re: 10G NIC recommendation

im using myx(4). im biased though. On 15/08/2013, at 9:09 AM, Diana Eichert wrote: > What I want to do. > > create a netflow collector using OpenBSD by looking at > data fed from a tap > > I know which 10G NICs are supported by OpenBSD, what I'd > like to hear is a recommendation on which one

Re: ahci questions

On 08/12/2008, at 8:36 PM, Alexander Hall wrote: Artur Grabowski wrote: frantisek holop <[EMAIL PROTECTED]> writes: my last question for people running ahci, is it better than ide in any perceivable way? The code is so much cleaner than the pciide mess. That's enough to make it better. I also

Re: ahci questions

On 08/12/2008, at 21:33, David Vasek <[EMAIL PROTECTED]> wrote: On Mon, 8 Dec 2008, David Gwynne wrote: On 08/12/2008, at 8:36 PM, Alexander Hall wrote: Heh. I'm so used to almost every disk nowadays attaching as sd (sata, usb, raid stuff) so I get both nostalgic and a bit un

Re: rx descriptor error

On 09/12/2008, at 9:34 AM, Chris Smith wrote: Hello, Dmesg states: "em3: unable to fill any rx descriptors" with current. what was the machine doing when that message appeared? was this the first time you brought the interface up? had the interface previously been brought up and down seve

Re: vic(4) problems with Dec 11th snap

vic seems fickle with jumbos. ive backed them out very recently, so try building your own kernel or wait for a new snapshot. it should be working now. dlg On 13/12/2008, at 6:51 PM, Brian Keefer wrote: Has anyone else had problems with vic(4) in the Dec 11th i386 snap? I have a guest on

Re: environmental prerequisites for kernel development

and time. On 29/12/2008, at 8:33 PM, Artur Grabowski wrote: Lars Noodin writes: What else is there on a wish-list for being able to do kernel-level work remotely? Serial console, a machine connected to the same net, remote power cycling, a slave willing to plug and unplug cables to see w

Re: environmental prerequisites for kernel development (was Re: Any Dev interested in SIS Ethernet/SATA driver development?)

On 30/12/2008, at 7:01 AM, bofh wrote: On Mon, Dec 29, 2008 at 3:31 PM, Marco Peereboom wrote: Still doesn't allow you to plug in cables; move cards around, insert a cd etc. Writing/debugging drivers remotely sucks. One also doesn't get any of the hints from the hardware like leds blink

Re: Testing in a virtual environment

On 04/01/2009, at 11:29 AM, Rolf Sommerhalder wrote: OpenBSD i386-current works fine in VirtualIron http://www.virtualiron.com/, which is an attractive Xen-based alternative to VMware ESX. I have not tried to run amd64 as a guest in VirtualIron yet. Nor have I checked if VItools have been por

Re: script

On 13/01/2009, at 6:37 PM, Jacek Artymiak wrote: Actually, there's a bug in the script. Should be "\$0.99". ;o) That's so wasteful. That's one keystroke too many. '$0.99' would be more appropriate for today's 'green' enterprises ;-) all those extra escapes could cost you a cup of tea.

Re: Netscape Enterprise-Server under BSD License

On 17/01/2009, at 6:01 PM, Sebastian Rother wrote: Related to a Blog entry I strumbled over (wich can get found here: http://krow.livejournal.com/630580.html) the Netscape Enterprise Server was re-licensed by SUN under the BSD license. The Project-Website at sun can be found here if I am not

Re: bsd.mp hangs with acpi enabled

looks like acpi is unmapping the pciide controllers registers/ On 19/01/2009, at 7:28 AM, llx wrote: hi so far i've upgraded the bios. it does not solve the problem but the system does not hang anymore but prompts for the root device. below there 2 dmesg versions with a current i386 mp ker

Re: Interactions between PF and enc0

if you're using ipsec for tunnel mode vpns i would strongly recommend you build the tunnels using gif(4) and then protecting them with ipsec in transport mode. having the traffic move via the gif tunnel allows more natural filtering with pf and easier to understand interactions with the r

Re: PPPoE vlan issue 6.4

Hi Adam, It sounds like you're on an ISP with very similar requirements to me. The exec summary of what my ISP wants is pppoe on vlan2, with the vlan priority forced to a single value. Our (OpenBSD's) understanding of the priority field in VLAN headers is that it uses 802.1p for the fields val

Re: Packet loss with latest snapshot

On Mon, Mar 04, 2019 at 10:36:23AM +0100, Tony Sarendal wrote: > On Mon, 4 Mar 2019, 09:43 Tony Sarendal, wrote: > > > > > > > Den m??n 4 mars 2019 kl 09:26 skrev Tony Sarendal : > > > >> Den s??n 3 mars 2019 kl 21:35 skrev Theo de Raadt : > >> > >>> Tony, > >>> > >>> Are you out of your mind? Y

Re: dhcrelay multiple instances possible bug

Hi Riccardo, dhrelay only operates on a single interface, so you're not missing anything there. Can you show me the ps output for the dhcrelay processes you start? The rcctl commands you show below don't include the rcctl start dhcrelay and dhcrelay_second bits. I have the following in rc.loc

Re: Trouble forwarding between mpw's in bridge (6.4)

Can you send me the hostname.* files and the output of ifconfig (showing all interfaces)? You're using -current now, right? dlg > On 2 Apr 2019, at 08:15, lnel...@nelnet.org wrote: > > >> Until recently >> (https://github.com/openbsd/src/commit/dc68b945bbc883db108ac48a07bb89 >> 778b75582a) >>

Re: Trouble forwarding between mpw's in bridge (6.4)

> On 2 Apr 2019, at 6:41 pm, Mitchell Krome wrote: > > On 2/04/2019 2:08 pm, David Gwynne wrote: >> Can you send me the hostname.* files and the output of ifconfig (showing all >> interfaces)? >> >> You're using -current now, right? >>

Re: Viewing SFP diagnostic data in OpenBSD ?

> On 3 Apr 2019, at 04:52, Stuart Henderson wrote: > > On 2019-04-02, Rachel Roch wrote: >> Hi, >> >> Hopefully I'm just searching the man pages wrong but I can't seem to find >> any hints as to how I can view SFP diagnostics in OpenBSD (i.e. light power >> etc.) >> >> Perhaps someone cou

Re: Trouble forwarding between mpw's in bridge (6.4)

outer. > > Thank you to everyone!!! > > On Tue, Apr 2, 2019 at 4:52 AM Mitchell Krome wrote: >> >> >> >> On 2/04/2019 7:57 pm, Mitchell Krome wrote: >>> >>> >>> On 2/04/2019 7:24 pm, David Gwynne wrote: >>>> >>

Re: Viewing SFP diagnostic data in OpenBSD ?

you have em(4) with sfp? > On 4 Apr 2019, at 18:55, Marco Prause wrote: > > I second that +1 for ix, but em would also be nice ;-) > > > On 03.04.19 00:40, Tom Smyth wrote: >> +1 for me also :) ix :) >> >> On Tue, 2 Apr 2019 at 23:38, Stuart Henderson wrote: >> >>> :-) >>> >

Re: Viewing SFP diagnostic data in OpenBSD ?

> On 6 Apr 2019, at 01:54, Rachel Roch wrote: > > > > > Apr 2, 2019, 11:19 PM by da...@gwynne.id.au: > >> >> >>> On 3 Apr 2019, at 04:52, Stuart Henderson <>> s...@spacehopper.org >>> >> > wrote: >>> >>> On 2019-04-02, Rachel Roch <>> rr...@tutanota.de >>>

Re: Controlling OSPFD based on HAProxy state

I've used relayd to insert routes to a service based on a health check, and then had ospfd advertise those routes. That might be good enough for you. On Fri., 19 Apr. 2019, 00:40 Henry Bonath, wrote: > Does anyone suggest any clever way of controlling OSPFD based on the > status of an HAProxy p

Re: Per-device multiqueuing would be fantastic. Are there any plans? Are donations a matter here?

> On 9 Feb 2017, at 12:42 pm, Mikael wrote: > > Hi misc@, > > The SSD reading benchmark in the previous email shows that per-device > multiqueuing will boost multithreaded random read performance very much > e.g. by ~7X+, e.g. the current 50MB/sec will increase to ~350MB/sec+. > > (I didn't benchm

Re: Per-device multiqueuing would be fantastic. Are there any plans? Are donations a matter here?

> On 9 Feb 2017, at 7:11 pm, Mikael wrote: > > 2017-02-09 16:41 GMT+08:00 David Gwynne : > .. > hey mikael, > > can you be more specific about what you mean by multiqueuing for disks? even a > reference to an implementation of what you’re asking about would help me > an

Re: Does CARP need Layer 2 ?

> On 18 Apr 2017, at 03:54, Bob Jones > wrote: > > Hi, > > Looking at the docs, unlike pfsync, sasyncd and everything else, you > seem to be unable to define a "different" interface to CARP for the > purposes of monitoring. Everything seems to need to go over the one > carpdev. > > My questi

  1   2   3   4   >