Not looking so good.
tonsar@jump0.swe1$ ftp ftp.eu.openbsd.org
Trying 193.156.26.18...
Connected to ftp.eu.openbsd.org (193.156.26.18).
220 jj-prod-obsdmirror.inet6.se FTP server ready.
Name (ftp.eu.openbsd.org:tonsar): ftp
331 Guest login ok, send your email address as password.
Password:
230 Gue
Configure the interfaces into separate rdomains.
/T
2017-10-25 21:17 GMT+02:00 Christopher Paul :
> Hi Misc,
>
> I have been tasked with setting up a benchmark platform to test NICs and
> network cables. I'd like to do this on one PC. So I want to send packets of
> different protocols out of one
Or re-write next-hop to the carp address, so carp actually decides the
master firewall.
/T
Den tors 13 sep. 2018 kl 00:20 skrev Tim Jones <
b631093f-779b-4d67-9ffe-5f6d5b1d3...@protonmail.ch>:
>
> On Wednesday, 12 September 2018 20:49, Stuart Henderson <
> s...@spacehopper.org> wrote:
>
> > On
Hola,
Unrelated to wifi, I have seen a dramatic drop in forwarding performance in
6.4 and later.
I run some basic performance tests to verify the releases before we deploy
them.
For the same test on the same hardware I have this:
Release, pps
snapshot, 340k
6.4, 340k
6.3, 450k
6.2, 430k
6.1, 420k
"network inet connected" does not pick up new vlan interfaces, same problem
as 5.6.
bmr0.esp1# ifconfig vlan69 create
bmr0.esp1# ifconfig vlan69 vlandev trunk0 vlan 69 up
bmr0.esp1# ifconfig vlan69 1.1.1.1/30
bmr0.esp1# bgpctl show rib 1.1.1.1
flags: * = Valid, > = Selected, I = via IBGP, A = Anno
2015-12-17 10:29 GMT+01:00 Peter Hessler :
> 1) does "bgpctl reload" detect it?
>
> 2) does -current work as you expect?
>
>
>
1. bgpctl reload does not make any difference.
2. A quick test on my -current workstation (not the same hardware, no
trunk) also fails to work.
-current from the 14th.
/
network inet connected is broken in 5.6, 5.8 and -current.
Restarting bgpd is required when making interface changes.
/T
2016-01-20 20:36 GMT+01:00 Denis Fondras :
> Hello,
>
> I'm using -current as a BGP router and "sometimes" it won't put the right
> nexthop in FIB. The only thing I played wit
2016-01-21 11:16 GMT+01:00 Stuart Henderson :
> On 2016-01-20, Tony Sarendal wrote:
> > network inet connected is broken in 5.6, 5.8 and -current.
> > Restarting bgpd is required when making interface changes.
>
> Ah, so it was fixed in 5.7 and broken again? Now the
Tested on 5.2 and current.
routes get stuck in bgpd after ifconfig destroy.
titan# cat /etc/bgpd.conf
AS 65001
router-id 10.1.1.1
network inet connected
network inet static
titan# bgpctl show rib
flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale
origin: i = IGP, e = EGP, ?
You will likely run out of CPU before bandwidth.
Even on nice hardware I have yet to exceed 1Mpps with OpenBSD.
/T
Den ons 19 dec. 2018 kl 03:12 skrev Max Clark :
> Tom,
>
> The presentation was very interesting and it's given me a lot of food for
> thought for another project. Fortunately for
Good evening,
We inserted a 2x40G NIC into one of our old franken-pc's, and got this:
ixl0 at pci2 dev 0 function 0 "Intel XL710 QSFP+" rev 0x02: port 0, FW
5.0.40043 API 1.5, msi, address 0c:c4:7a:5e:f9:c8
ixl0: unable to query phy types
ixl1 at pci2 dev 0 function 1 "Intel XL710 QSFP+" rev 0x02
Earlier in the week I could run parallel ping-pong tests through my test
firewalls
at 300kpps without any packet loss. I updated to the latest snapshot today
and
start to see packet loss at around 80kpps.
/T
OpenBSD 6.5-beta (GENERIC.MP) #764: Sun Mar 3 10:24:08 MST 2019
dera...@amd64.openbs
Den sön 3 mars 2019 kl 21:35 skrev Theo de Raadt :
> Tony,
>
> Are you out of your mind? You didn't provide even a rough hint about
> what your firewall configuration looks like. You recognize that's
> pathetic, right?
>
> > Earlier in the week I could run parallel ping-pong tests through my tes
Den mån 4 mars 2019 kl 09:26 skrev Tony Sarendal :
> Den sön 3 mars 2019 kl 21:35 skrev Theo de Raadt :
>
>> Tony,
>>
>> Are you out of your mind? You didn't provide even a rough hint about
>> what your firewall configuration looks like. You recognize that&#x
On Mon, 4 Mar 2019, 09:43 Tony Sarendal, wrote:
>
>
> Den mån 4 mars 2019 kl 09:26 skrev Tony Sarendal :
>
>> Den sön 3 mars 2019 kl 21:35 skrev Theo de Raadt :
>>
>>> Tony,
>>>
>>> Are you out of your mind? You didn't provide even a rou
On Mon, 4 Mar 2019, 13:29 David Gwynne, wrote:
> On Mon, Mar 04, 2019 at 10:36:23AM +0100, Tony Sarendal wrote:
> > On Mon, 4 Mar 2019, 09:43 Tony Sarendal, wrote:
> >
> > >
> > >
> > > Den m??n 4 mars 2019 kl 09:26 skrev Tony Sarendal :
> > >
Back in 2007 I tested with 4k VLAN interfaces, it wasn't fast, but it
worked.
/T
2017-04-03 5:46 GMT+02:00 Nick Holland :
> On 04/02/17 22:08, Edgar Pettijohn wrote:
> > Is there a maximum number of network interfaces that can be configured?
> > I looked around in /usr/include to see if I could
>From 5.5 and up it looks like bgpd macros are broken.
ton...@obc2.rad$ cat bgpd.conf
good="{ 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"
AS 65001
deny from any prefix { $good }
ton...@obc2.rad$
On 5.4:
ton...@obc2.rad$ bgpd -f bgpd.conf
-n
configuration OK
ton...@obc2.rad$
On 5.5:
ton...@obc0.
How is this going ?
/T
On Fri, Mar 20, 2015 at 8:57 PM, Martin Pieuchot wrote:
> If you've been following my contributions to OpenBSD's kernel, you
> already know that in the past years I've been working on the Network
> Stack [1] to make it more SMP friendly [2].
>
> All the network hackers p
Is there any chance of getting "network inet connected" fixed to 5.9 ?
Regards Tony
2016-03-08 15:38 GMT+01:00 Matt Schwartz :
> I did not even know it was broken?
>
> On Mar 8, 2016 1:26 AM, "Tony Sarendal" wrote:
> >
> > Is there any chance of getting "network inet connected" fixed to 5.9 ?
> >
> > Regards Tony
>
>
Hola amigos,
I'm doing some testing in the lab at the moment and just though I'd share.
pf0.swe69# pfctl -si | grep current
current entries 50239413
pf0.swe69# vmstat -m | tail -n 1
In use 22035659K, total allocated 5678936K; utilization 388.0%
pf0.swe69#
4 tcpbench sessions th
Hola,
I got a pair of mini-pc's to play with for the summer vacation, small
fanless
thingies with 4xGE and wifi.
http://www.qotom.net/goods-129-QOTOM-Q190G4+4+LAN+Mini+PC.html
When testing with the latest snapshot USB wont play.
Any ideas ?
Regards Tony
# dmesg
OpenBSD 6.0-beta (GENERIC.MP) #2
What a horrible article. I thought the kebab I just had for lunch ruined my
day, reading that was worse.
On Mon, Aug 18, 2014 at 2:27 AM, Rod Whitworth wrote:
> http://www.smh.com.au/technology/technology-news/how-flakey-is-the-inter
> net-20140816-104t8p.html
>
> I would love to hear that our
PM, Matthias Appel
wrote:
> > -Ursprüngliche Nachricht-
> > Von: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] Im
> > Auftrag von Tony Sarendal
> > Gesendet: Montag, 18. August 2014 12:55
> > An: misc
> > Betreff: Re: Does OpenBGPd suffer collateral dam
Good morning,
I'm having issues with pfsync on trunk interfaces, although I suspect it to
be
any interface that is slow to start. When I run pfsync on a vlan interface
on a trunk(4),
the pfsync bulk transfer never completes.
Running pfsync on an interface that starts quickly I see:
07:41:45.98240
nce he's clearly indicating currently supported OpenBSD versions 5.4
> and 5.5 near the bottom...)
>
> On 30 Aug 2014 at 14:22, Chuck Burns wrote:
>
> > On Saturday, August 30, 2014 8:27:24 AM Tony Sarendal wrote:
> > > Good morning,
> > >
> > > I&#
orid: b33d7f45 age: 00:00:00 status: start
/T
On Tue, Sep 2, 2014 at 12:07 PM, Tony Sarendal wrote:
> As Chuck pointed out this has nothing to do with pfsense or freebsd.
>
> While I dig deeper I'm running with the following config to get around the
> problem:
> pf1.
On Sat, Sep 13, 2014 at 10:17 AM, Henning Brauer
wrote:
> * Tony Sarendal [2014-09-03 06:48]:
> > The initial request disappearing and the firewalls staying demoted
> > "forever" are independent issues.
>
> sure about that? the demotion counter for the inter
bgpctl show rib nei out
On Mon, Sep 15, 2014 at 3:55 AM, Adam Thompson
wrote:
> Is there any functionality in bgpctl(8) that will show me precisely what
> I'm advertising to a neighbor?
> If not, is there any easier way - assuming I don't have access to my
> neighbor's router, and they don't r
I'm currently looking into some logging strangeness in we are seeing.
Does anyone know why this is logged ?
obc3.rad# cat /etc/pf.conf
pass quick all
obc3.rad# pfctl -sr
pass quick all flags S/SA
obc3.rad# tcpdump -n -e -ttt -i pflog0
tcpdump: WARNING: snaplen raised from 116 to 160
tcpdump: liste
On Tue, Sep 16, 2014 at 12:20 AM, Alexander Salmin
wrote:
> Did you see it in previous versions?
> I would compare the same ruleset with a fresh 5.5 and see if you
> experience the same and in that case continue compare the relevant
> sourcecode.
>
The behaviour is the same as far back as 5.4 at
Good afternoon,
Friday question:
Does anyone have recommendation on graphics hardware to use for 4k screens
and OpenBSD ?
I'm thinking about improving my workstation. I run lots of terminal
windows, a web browser,
and the default window manager. As I like eye candy I may even do "xsetroot
-solid
On Fri, Sep 19, 2014 at 6:07 PM, Jonathan Gray wrote:
> On Fri, Sep 19, 2014 at 02:22:49PM +0200, Tony Sarendal wrote:
> > Good afternoon,
> >
> > Friday question:
> > Does anyone have recommendation on graphics hardware to use for 4k
> screens
> > and
Good evening,
the last two days we have experienced panics sequentially across all of our
peering boxes.
After one day of coffee, thinking and reading, I found this in 4.9. (5.0+
looks good):
target49# ifconfig vlan69
vlan69: flags=8843 mtu 1500
lladdr 00:0c:29:38:f3:c5
priority:
When testing new boxes with Intel E3-1270 cpu I don't see AES on the cpu's
in dmesg.
Does this mean that the aes-ni stuff isn't used on these ? I was a bit
curious to see if it had any effect on ipsec performance.
Regards Tony
test3.pio# dmesg
OpenBSD 5.1-current (GENERIC.MP) #258: Mon Apr 2 12:
On Tue, Apr 3, 2012 at 3:41 PM, Jonathan Gray wrote:
> On Tue, Apr 03, 2012 at 03:09:37PM +0200, Tony Sarendal wrote:
> > When testing new boxes with Intel E3-1270 cpu I don't see AES on the
> cpu's
> > in dmesg.
> > Does this mean that the aes-ni stuff
On Tue, Apr 3, 2012 at 10:49 PM, mxb wrote:
>
> On Apr 3, 2012, at 4:31 PM, Tony Sarendal wrote:
>
> > On Tue, Apr 3, 2012 at 3:41 PM, Jonathan Gray wrote:
> >
> >> On Tue, Apr 03, 2012 at 03:09:37PM +0200, Tony Sarendal wrote:
> >>> When testing new bo
I performed some quick additional tests with OpenBSD and vlan's just
for the fun of it, although I belive these tests were more about OpenBSD's
performance with lots of interfaces.
If you want a openbsd router/firewall with 4000 interfaces don't go for a
low-end CPU =)
http://www.layer17.net/open
On 10/20/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-20 09:49]:
> > I performed some quick additional tests with OpenBSD and vlan's just
> > for the fun of it, although I belive these tests were more about
>
On 10/20/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-20 13:24]:
> > Once I have a few moments free I'll check the impact of pf with urpf and
> > basic stateless filters
> > filters enabled. Tim
On 10/20/07, Timo Schoeler <[EMAIL PROTECTED]> wrote:
>
> Hi list,
>
> on a customers' site I have a problem connecting from within their
> LAN (OpenBSD machine) crossing their router (Linksys BEFSX41, doing
> NAT) to a machine on the internet via SSH: Sessions die after some time
> due to 'timeout
On 10/21/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-20 18:06]:
> > On 10/20/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > >
> > > * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-20 13:24]:
On 10/21/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-21 14:50]:
> > > stateless is poop.
> > What will happen when the limit of maximum concurrent states is reached
> ?
> > Will it stop forwarding new flo
On 10/21/07, Can Erkin Acar <[EMAIL PROTECTED]> wrote:
>
> Tony Sarendal <[EMAIL PROTECTED]> wrote:
> > On 10/21/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> >>
> >> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-21 14:50]:
> >> &
On 10/21/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-21 17:22]:
> > On 10/21/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > >
> > > * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-21 14:50]:
On 10/22/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-22 01:19]:
> > On 10/21/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > > well, you can go stateful up to a certain point and handle stuff above
>
On 10/22/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-22 14:59]:
> > On 10/22/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > > * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-22 01:19]:
> > > &
On 10/23/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-22 18:33]:
> > I didn't get that opinion from marketing.
> > No matter, we disagree, lets leave it at that.
>
> well, yeah, nontheless, I wanna point
On 10/23/07, ropers <[EMAIL PROTECTED]> wrote:
>
> On 23/10/2007, Tony Sarendal <[EMAIL PROTECTED]> wrote:
> > On 10/23/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > >
> > > * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-22 18:33]:
> &
I'm testing openbsd and routing in a basic setup.
router-01 and router-02 are access routers with dynamic routing,
both connect to a lan where firewall-01 resides.
Both router-01 and router-02 have a static route for the network
behind firewall-01.
router-01# cat
/etc/hostname.em1
inet 192.168.1.
On 10/27/07, Jake Conk <[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> I have my OpenBSD machine setup as a router and when I moved my
> network from my office to my new datacenter I was no longer able to
> connect to the internet from machines behind the obsd router. When I
> try to ping a domain such a
On 10/27/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
>
> On 10/27/07, Jake Conk <[EMAIL PROTECTED]> wrote:
>
> > Hello,
> >
> > I have my OpenBSD machine setup as a router and when I moved my
> > network from my office to my new datacenter I was no lo
I set up a test network with bgpd/ospfd, a standard service provider design
where ospf carries the network links and loopbacks and bgp carries
everything,
bgp routers doing nexthop self, core full mesh and access routers rr-clients
of the two nearest core routers.
I'm seeing some pretty odd behavi
On 10/30/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-30 02:28]:
> > bgp rib and fib look out of sync.
> > Any ideas why it behaves this way ?
> >
> > It seems like the networks that only exist in bgp fai
On 10/30/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-30 11:25]:
> > On 10/30/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > >
> > > * Tony Sarendal <[EMAIL PROTECTED]> [2007-10-30 02:28]:
On 11/3/07, Florian Fuessl <[EMAIL PROTECTED]> wrote:
>
> Hi Gregory,
>
> we have multiple redundant FE upstream peerings to the same AS. So I guess
> the best solution would be in our case to let the upstream provider assign
> different community flags for packets passing each FE line which we can
bgpd does not re-route correctly when I shut down a transit when I
use a bgp-only design, causing black-holes for some prefixes.
router-01 and router-02 are in the same AS and peer with the same transit
provider.
router-01 and router-02 have two ibgp peerings, primary and standby path.
router-01 s
On 11/4/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
>
>
> bgpd does not re-route correctly when I shut down a transit when I
> use a bgp-only design, causing black-holes for some prefixes.
>
> router-01 and router-02 are in the same AS and peer with the same transit
>
On 11/4/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
>
> On 11/4/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
>
> >
> > bgpd does not re-route correctly when I shut down a transit when I
> > use a bgp-only design, causing black-holes for some prefixes.
>
On 11/4/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
>
>
>
> On 11/4/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
> >
> > On 11/4/07, Tony Sarendal <[EMAIL PROTECTED] > wrote:
> >
> > >
> > > bgpd does not re-route correctly when
On 11/5/07, Claudio Jeker <[EMAIL PROTECTED]> wrote:
>
> On Sun, Nov 04, 2007 at 11:30:20PM +, Tony Sarendal wrote:
> > On 11/4/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
> > >
>
> Thanks for all the info. I will have a look at this as well. Curren
I have not yet checked how other implementations handle the
situation where an update with a as-path loop hides the fact
that the neighbor just lost a path.
But I made a quick patch if anyone feel like testing.
The black-hole condition does not appear anymore when
I test.
Be gentle, I only browse
diff -u version.
/Tony
Index: rde.c
===
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving revision 1.228
diff -u -r1.228 rde.c
--- rde.c 16 Sep 2007 15:20:50 - 1.228
+++ rde.c 6 Nov 2007 10:38:23 -
@@ -919
path_update(peer, fasp, &prefix,
+ prefixlen,F_LOCAL);
/* free modified aspath */
if (fasp != asp)
--
---
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
-= The scorpion replied,
"I couldn't help it, it's my nature" =-
On 11/6/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
>
> New version. Less duplication and a nice feature as bonus.
> With softreconfig in enabled the looped prefixes are accepted
> into the Adj-RIB-In.
>
> This means that I can tell if my neighbor AS is using
> a path v
On 11/7/07, Martin Toft <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> I'm experiencing some mysterious transfer speed differences. I have a
> virtual Linux-server at HostEurope, Germany, and it appears that
> machines running OpenBSD can only download from the Linux-server with
> approx 300 kB/s, whereas
On 11/12/07, Claudio Jeker <[EMAIL PROTECTED]> wrote:
>
> On Tue, Nov 06, 2007 at 06:26:47PM +0100, Tony Sarendal wrote:
> > New version. Less duplication and a nice feature as bonus.
> > With softreconfig in enabled the looped prefixes are accepted
> > into the Adj-R
On 12/4/07, John Rodenbiker <[EMAIL PROTECTED]> wrote:
>
> On Dec 4, 2007, at 12:14 AM, visc wrote:
> > So, my question is this - what are the current best practices for
> > setting up a hub and spoke topology using OpenBSD, allowing for
> > traffic to securely flow from Branch to Branch on occasio
On 12/4/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
>
>
>
> On 12/4/07, John Rodenbiker <[EMAIL PROTECTED]> wrote:
> >
> > On Dec 4, 2007, at 12:14 AM, visc wrote:
> > > So, my question is this - what are the current best practices for
> >
not great reviews.
> thanks
>
>
The cisco website contains lots of quality documentation about
routing and routing protocols. The book Internet Routing Architectures
by Sam Halabi is also good.
/Tony
--
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
-= The scorpion replied,
On 16/02/07, Michael Kreikenbaum <[EMAIL PROTECTED]> wrote:
>
> Hi
>
> Am 12.02.2007 um 03:27 schrieb Peter:
>
> > Le Vendredi 9 Fivrier 2007 13:55, Rafa3 Brodewicz a icrit :
> >> Hello.
> >>
> >> While trying to configure pf to pass dhcp requests I've build a
> >> simple rule:
> >>
> >> block log
http://www.openbsd.org/mail.html
---
*security-announce* Security announcements. This low volume list receives
OpenBSD security advisories and pointers to security patches as they become
available.---Martin and Karl have valid points in their initial emails.
/Tony S
--
Tony Sarendal - [EMAIL
On 16/03/07, Travers Buda <[EMAIL PROTECTED]> wrote:
>
> * tony sarendal <[EMAIL PROTECTED]> [2007-03-16 06:03:49]:
>
> > http://www.openbsd.org/mail.html
> > ---
> > *security-announce* Security announcements. This low volume list
> receives
>
On 9/17/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Gregory Edigarov <[EMAIL PROTECTED]> [2007-09-17 17:12]:
> > Just a pure interest: has somebody bgpd in production for, say, 2 or 3
> > fullview routing? I have 6 routers with bgpd but they are IBGP, and
> > therefore does not do fullview
On 9/19/07, Nick Holland <[EMAIL PROTECTED]> wrote:
>
> did anyone notice that this thread was accidentally brought back
> from almost a year ago?
>
> Raimo Niskanen wrote:
> > A lot of people has praised the current OpenBSD installer.
> > I too. I think it is at the right level and does the right
On 9/21/07, Kent Watsen <[EMAIL PROTECTED]> wrote:
>
> Some commercial firewalls (i.e. Juniper/NetScreen ScreenOS-based gear)
> have been offering virtual-systems for years now. I think the negative
> comments received here may be appropriate when sharing the system with
> non-secure guest OSs, bu
On 9/21/07, Claudio Jeker <[EMAIL PROTECTED]> wrote:
>
> On Fri, Sep 21, 2007 at 11:16:37PM +0200, Luca Corti wrote:
> > On Fri, 2007-09-21 at 20:51 +0100, Stuart Henderson wrote:
> > > On 2007/09/21 14:29, bofh wrote:
> > > > That's why god created competant network admins and NAT.
> > > And VRF.
On 9/26/07, Tom Bombadil <[EMAIL PROTECTED]> wrote:
>
> > net.inet.ip.ifq.maxlen defines how many packets can be queued in the IP
> > input queue before further packets are dropped. Packets comming from the
> > network card are first put into this queue and the actuall IP packet
> > processing is d
On 9/27/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-09-27 10:36]:
> > On 9/26/07, Tom Bombadil <[EMAIL PROTECTED]> wrote:
> > > > net.inet.ip.ifq.maxlen defines how many packets can be queued in the
> IP
&
On 9/27/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> * Tony Sarendal <[EMAIL PROTECTED]> [2007-09-27 10:59]:
> > I meant if the input queue length was per physical or logical interface.
>
> neither. there is one per protocol. i. e. typically two (inet
On 9/27/07, Claudio Jeker <[EMAIL PROTECTED]> wrote:
>
> On Thu, Sep 27, 2007 at 09:54:00AM +0100, Tony Sarendal wrote:
> > On 9/27/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > >
> > > * Tony Sarendal <[EMAIL PROTECTED]> [2007-09-27 10:36]:
&g
On 9/27/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
>
> On 9/27/07, Claudio Jeker <[EMAIL PROTECTED]> wrote:
>
> > On Thu, Sep 27, 2007 at 09:54:00AM +0100, Tony Sarendal wrote:
> > > On 9/27/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
> > > &
On 10/3/07, Claudio Jeker <[EMAIL PROTECTED]> wrote:
>
> On Tue, Oct 02, 2007 at 08:46:43PM +0100, Tony Sarendal wrote:
> > On 9/27/07, Tony Sarendal <[EMAIL PROTECTED]> wrote:
> > >
> > > On 9/27/07, Claudio Jeker <[EMAIL PROTECTED]> wrote:
>
On 10/3/07, Daniel Ouellet <[EMAIL PROTECTED]> wrote:
>
> Claudio Jeker wrote:
> > Could you add the dmesg of the test box to the website?
> > Do you have any other network cards you could test? (I'm mostly
> interested
> > in bnx but sk, msk, bge and nfe could be interesting as well).
>
> This box
New set of tests done with AMD64 UP kernel.
http://www.layer17.net/openbsd-router-intro.html
/Tony
I made a new more detailed latency/throughput test with ifq.maxlen set to
2500. With AMD64 UP kernel we are now looking at around 500kpps
without packet loss. From 400 to 500kpps with one command, pretty nice,
I have to remember that one.
http://www.layer17.net/openbsd-test-rfc2544-throughput-laten
On 10/18/07, Brian A. Seklecki <[EMAIL PROTECTED]> wrote:
>
> On Wed, 17 Oct 2007 10:52:34 +0200
> Henning Brauer <[EMAIL PROTECTED]> wrote:
>
> > * Brian A. Seklecki <[EMAIL PROTECTED]> [2007-10-16
> 23:01]:
> > > All:
> > >
> > > I see that IFCAP_VLAN_MTU is available, but IFCAP_VLAN_HWTAGGING, a
On 10/18/07, Brian A. Seklecki <[EMAIL PROTECTED]> wrote:
>
> On Thu, 18 Oct 2007 14:16:59 +0100
> "Tony Sarendal" <[EMAIL PROTECTED]> wrote:
>
> > Just a 5 minute quick test, nothing too scientific.
>
> Thanks! What was your IXIA platform? RHEL wit
I have seen this with pc's which had problems supporting the pci bridge on
the
network cards, usually older/cheaper pc's.
I don't remember the name of the Adaptec card I dug out of the rubbish bin,
but it looks like this in my old home firewalls.
ppb1 at pci1 dev 0 function 0 "DEC 21154 PCI-PCI"
On 06/06/06, Daniel A. Ramaley <[EMAIL PROTECTED]> wrote:
>
> On Sunday 04 June 2006 21:43, Jacob Yocom-Piatt wrote:
> >these machines need Socket A and Socket 370 heatsinks. it's a plus if
> > they're low profile for 1U and 2U rackmount units. all suggestions
> > appreciated.
>
> What i've found w
om address
by spammers, does that mean that I can't send you guys emails ?
Or do you do something else like teach spamassassin and record source
IP addresses ?
/Tony
--
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
-= The scorpion replied,
"I couldn't help it, it's my nature" =-
ute them to the spam trap. What point
would
it be to identify the spam with the To: header if all email for those
addresses end up
in a spam trap anyway ?
So if people route specific unused email addresses to spam traps,
what do they actually do with the received emails to reduce spam
to legitimat
ill. No users at your-other-domain.tld
> recieve spam.
>
> Look up the definition of the "tuple" in the spamd references.
>
> DS
>
>
>From the emails earlier in the thread I was expecting something else than
greytrapping.
Terms like "spam reporting engine&qu
m if you really think it's useful to you (or your diploma
> exercise).
>
> Cheers,
>
> Rogier
>
> --
> If you don't know where you're going, any road will get you there.
>
>
Read /etc/rc and understand everything in it.
/Tony
--
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
-= The scorpion replied,
"I couldn't help it, it's my nature" =-
On 04/07/06, Hannah Schroeter <[EMAIL PROTECTED]> wrote:
>
> Hi!
>
> On Tue, Jul 04, 2006 at 11:44:22AM -0400, Peter Blair wrote:
> >I haven't tried under OpenBSD, but mounting /tmp as a ramdisk could
> >prove viable.
>
> It *is*. I've done so since a nearly uncountable number of years.
>
> Somethi
pppoe will provide me nearly the same bandwith like
> the Windows-pppoe-Tool. :-)
> So if you4ve a DSL-connection wich is maybe faster then 4Mbit.. use the
> kernel pppoe (even I don4t know how good it performs). :)
I run the kernel pppoe on a 7616/448 kbps dsl link.
It works just fin
> >
Internet Routing Architetures by Sam Halabi.
2nd edition for $39 on amazon.
> (3) the home gateway machine is a PII-350 w/ 64MB ram. is this too slow
> for
> > doing what i have asked about in (1)?
With more memory it could in theory do what you want,
but in rea
st advertising hype...
> >
> > it also has s/mime and gpg capabilities, is text based and does your
> laundry.
I have used mutt for a while now and it does not do my laundry.
/Tony - bored to tears at the moment
--
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
-= The scorpion replied,
"I couldn't help it, it's my nature" =-
age
again a few times and consider that state is created for each interface.
An inbound keep state rule on one interface can specify which queue the
return packets
should end up in, and outbound keep state rule on the other side can specify
which queue the packets should use there.
Now it's
1 - 100 of 238 matches
Mail list logo
