Hi Greg,
I haven't done this myself, but take a look at the man pages of httpd.conf
under the servers sections.
You can create multiple a-records pointing to the same ip address, and then
pick up the incoming traffic by inspecting the http header in order to find
which virtual server to send the t
Hello,
I am setting up an ospf lab, and have a quick question.
The answer is probably right in front of me, but I just can't seem to find
it.
I have a basic ospfd.conf including some active and some passive interfaces.
Working just fine.
usg2# cat /etc/ospfd.conf | grep -v "^#"
password="secret"
Hi all,
On 6.3, using both octeon and amd64.
While ospfd is running, I would like to add another interface (let’s say a
loopback if). After adding the loopback if to ospf as passive I reload
with ospfctl, but it does not start advertising the new interface. Only
when I restart ospfd will it star
> On Fri, Sep 28, 2018 at 10:22:42PM +0200, Simen Stavdal wrote:
> > Hi all,
> >
> > On 6.3, using both octeon and amd64.
> >
> > While ospfd is running, I would like to add another interface (let’s say
> a
> > loopback if). After adding the loopback if
Thanks Stuart,
-vd just said the same, i.e interface unknown, will try -current and report
back :)
Thanks,
Simon
On Sat, 29 Sep 2018 at 13:06, Stuart Henderson wrote:
> I've had problems at times with ospfd not seeing interfaces properly
> after adding them, please try a -current snapshot and
So, with 6.4 recently released, I just installed it rather than using
latest current - worked flawlessly - thank you.
ospfctl reload now picks up new interfaces added.
/S
On Sat, 29 Sep 2018 at 13:40, Stuart Henderson wrote:
> On 2018/09/29 13:36, Simen Stavdal wrote:
> > Than
Hi Lucas,
Have you tried to manipulate the mss during conversation setup?
This is done with the max-mss directive in pf.conf.
Basically, it takes the three way handshake, and overrides the MSS value in
the handshake to something lower than the default.
Client (1500 bytes) -> pf (change to 1300 b
?
Cheers,
Simon.
On Mon, 10 Feb 2020 at 12:06, Janne Johansson wrote:
> Den mån 10 feb. 2020 kl 11:58 skrev Simen Stavdal :
>
>> Hi Lucas,
>> Have you tried to manipulate the mss during conversation setup?
>> This is done with the max-mss directive in pf.conf.
>> Bas
v4 (which would include TCP, UDP and ICMP).
Would be interesting to find if UDP enforces DF in most cases.
Cheers,
Simon.
On Mon, 10 Feb 2020 at 13:50, Janne Johansson wrote:
> Den mån 10 feb. 2020 kl 12:15 skrev Simen Stavdal :
>
>> True, but issue was related to downloading over http, w
On Mon, 10 Feb 2020 at 17:00, Janne Johansson wrote:
> Den mån 10 feb. 2020 kl 16:27 skrev Simen Stavdal :
>
>> This is more a discussion about scalability and practical implementation.
>> We both know that PMTU will work partly at best, your entire path back
>> must sup
If a client and a server set up a new conversation over tcp.
They both have an MTU of 1500 and DF=1
How will you fragment this, even being a L3 tunnel?
/S
On Tue, 11 Feb 2020 at 08:22, Janne Johansson wrote:
> Den mån 10 feb. 2020 kl 20:53 skrev Simen Stavdal :
>
>> I think the m
Hi Ricardo/list,
You could also use pfflowd (which exports netflow compatible datagrams).
Then you could set up ntop as a receiver, to give you long term stats.
Cheers,
Simon.
On Thu Jan 15 15:24 , "Ricardo Augusto de Souza" sent:
Hi list,
i have an openBSD 4.3 with PF as a gateway/router.
Hello,
Checking on my own box (running 4.1), $PKG_PATH echoes ;
ftp://ftp.stacken.kth.se/pub/OpenBSD/4.1/packages/i386/
# uname -a
OpenBSD ## 4.1 GENERIC.MP#1225 i386
I have
export PKG_PATH=ftp://ftp.stacken.kth.se/pub/OpenBSD/4.1/packages/i386/
Set in my .profile, and it works for me
Hello,
I've had a similar issue before, and cannot quite remember in detail, but
it was something like this ;
Check that you have a /etc/hostname.vlan203 config file, and modify the
netmask here.
Do you have any carp interfaces layered over vlan203 that may be
conflicting with the netmask?
If you
Hello,
What sort of box is your default gateway?
(Possibilities for running tcpdump on the gateway?)
If you do, you could check the interfaces on the gateway, that the
packets get routed to another interface on the gateway.
There could be a number of configuration options on the gateway producing
Hello,
I have three routers connected in a chain.
A<->B<->C
All routers have a host address as loopback 100 (192.168.5.x/32, A=1, B=2,
C=3).
The segments between the routers are 192.168.1.0/30 (AB) and 192.168.2.0/30
(BC).
A to B runs OSPF
B to C runs IBGP
I redistribute the BGP routes into OS
network (192.168.2.0/30) so that I can re-advertise into
OSPF.
Is there a way to add a label to a directly connected network? Can I
get router C to advertise this, and then use router B to label? etc
Cheers,
Simon.
On Mon, 14 Jan 2019 at 22:06, Sebastian Benoit wrote:
> Hi,
>
> Si
Anycast with ospf and ipv6 could be a fun tutorial...
/S
On 2 Apr 2017 22:27, "Luke Small" wrote:
> It might be a fun idea to share what a really locked down desktop system
> pf.conf would look like like if you are running a chain of DNS services (or
> something that would be good to tightly co
Hello jcr,
Not quite sure if this would meet your needs, but you could look at anue
systems :
http://www.anuesystems.com
Cheers,
Simon.
On Wed May 6 13:33 , "J.C. Roberts" sent:
I need to collect raw throughput statistics without increasing
latency
or reducing bandwidth on 10GbE fiber li
hosts
Cheers,
Simon.
On Nov 4, 2008, at 5:32 PM, Giancarlo Razzolini wrote:
Simen Stavdal escreveu:
Hello,
I have the following scenario.
A router (let's call it router A) is sending snmp traps to an nms
(Network Monitoring System).
Between the router A and the nms (let's cal
Hello,
I have the following scenario.
A router (let's call it router A) is sending snmp traps to an nms
(Network Monitoring System).
Between the router A and the nms (let's call it nms-a) is a Dell
PowerEdge 860 running OpenBSD 4.1 i386 (bsd.mp) and pf.
On the same segment as nms-a, is nms-b, nms
Hello Damian/Claer/misc,
Thanks for your feedback,
Just a bit more background...
Here is some of my reasoning for wanting to do trap handling and
duplications
There are several advantages to having the devices send only one trap to
a central system.
1) Less configuration on the devices (and a
Hi Damian/misc,
I appreciate your input -I really do.
Please see my comments below.
Cheers,
Simon.
On Wed Nov 5 14:46 , Damian Gerow sent:
Simen Stavdal wrote:
: 1) Less configuration on the devices (and also less load, though
not a
: big problem anymore). This is not really a problem
Hi Damian,
Nothing like a fiery discussion :)
On Wed Nov 5 15:39 , Damian Gerow sent:
Simen Stavdal wrote:
: I am not trying to escape the fact that one needs systems in place
: to manage large installations, I am merely looking for what *I*
: think would be a better way to deploy
d here is "round-robin" which is the only accepted argument
when using a host table.
I will give multicast a try, as it may be a better fix than "store and
forward", replacing the source address.
Ultimately, I think this is a feature request.
Thank you,
Simen.
On Wed Nov 5
mian Gerow sent:
Simen Stavdal wrote:
: Worth submitting a feature request?
: --- I looks like this would be the best solution ---
Sounds like you have your desired solution. So long as the OBSD
developers
accept your request as valid.
: --- The subject of my posting is "Dupli
re request... TBH, I don't know. I'm not
sure if
sendbug is appropriate for feature requests or not. Given the text
under
<http://www.openbsd.org/report.html>, it sounds like sendbug is
appropriate
for feature requests, but you may want to double-check that yourself.
- D
Hi Lars,
The USB 2.0 Specification says max 480Mbps, and is to be considered a
theroretical max.
This equates to about 60MBytes/second.
The devices that connect through the bus rarely get even close to this
rate.
In fact, if you compare it to the SATA-2 specification says 3000Mbps
(375MBytes/seco
and...
do you have the routing table for some of the hosts that can/cannot ping
each other?
Are there other gateways out of the networks, other than the openvpn box?
S.
Alessandro Baggi wrote:
Johan Beisser wrote:
On Mon, Jan 25, 2010 at 10:05 AM, Alessandro Baggi
wrote:
Johan Beisser w
Hello Alessandro,
Can you see any of the traffic on the inside LAN on the client side with
tcpdump?
I.e set tcpdump on $int with
tcpdump -i proto icmp
and then try to ping from a server?
Silly suggestion, but
What about client side firewalls? Do they allow to be pinged?
What is your se
addresses, can I ask
why you want to use NAT between to RFC1918 networks that don't overlap?
I am trying to understand your objective and the purpose of the setup,
maybe there is a different way of setting it up?
Cheers,
Simon.
Alessandro Baggi wrote:
Simen Stavdal wrote:
and...
do you h
Hello misc,
I have an openbsd host running that I wish to access in different
manners depending on where the users connect from.
This host runs sftp chrooted for internet users, and at the same time, I
wish to administer the box with ssh.
At the same time, I do not wish to allow ssh from the in
on.
Chris Dukes wrote:
On Mon, Sep 28, 2009 at 11:28:51PM +0200, Simen Stavdal wrote:
Hello misc,
I have an openbsd host running that I wish to access in different
manners depending on where the users connect from.
This host runs sftp chrooted for internet users, and a
33 matches
Mail list logo
