Re: help gateway 4.8

[Muhammad Muntaza bin Hatta]

 * dhcpd **

 # $OpenBSD: dhcpd.conf,v 1.2 2008/10/03 11:41:21 sthen Exp $
 #
 # DHCP server options.
 # See dhcpd.conf(5) and dhcpd(8) for more information.
 #

 # Network:192.168.1.0/255.255.255.0
 # Domain name:my.domain
 # Name servers:   192.168.1.3 and 192.168.1.5
 # Default router: 192.168.1.1
 # Addresses:  192.168.1.32 - 192.168.1.127
 #
 option  domain-name my.domain;
 option  domain-name-servers 192.168.1.1;

 subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.1;

range 192.168.0.32 192.168.0.127;

 }
network 192.168.0.0/24 for client


 *** var_log_messages **

 Dec  1 00:31:33 gateway dhcpd[21708]: Can't listen on xl1 - dhcpd.conf
 has no subnet declaration for 192.168.0.1.
 Dec  1 00:31:33 gateway dhcpd[21708]: No interfaces to listen on.
 Dec  1 00:31:33 gateway dhcpd[21708]: exiting.


 xl1: flags=8a43UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST mtu 1500
lladdr 00:60:97:be:ca:2a
priority: 0
media: Ethernet autoselect (none) -- cable problem
status: no carrier --- cable problem
inet 192.168.0.1 netmask 0xff00 broadcast 192.168.0.255
inet6 fe80::260:97ff:febe:ca2a%xl1 prefixlen 64 scopeid 0x2

thanks

Re: Daily digest, Issue 1987 (37 messages)

[brett mm]

 Subject: TP-LINK TL-WN722N
 Message-ID: op.vmzwflwzspg...@lenovo-63187d4c

 Hi Misc@,
 Right now I'm trying to make this work in my OpenBSD machine. Google said
 that it is an otus(4) chipset (ATHEROS2)5416 and an ar9271 (Windows driver
 *.inf).
 otus0: echo command failed

Hi,
I recently got a TP-LINK TL-WN821N (different Ateros chipset to yours)
and it works fine with OpenBSD 4.8 (both x86 and amd64 versions). They
are pretty cheap (in Australia at least).
The otus driver does not yet support 11g but 11n works. For amd64 you
need to specify -mode 11g or it reverts to slow 11b protocol. It will
not autoconfigure on boot so you will need to write a small ifconfig
script to connet to the net, apart from that very reliable for me.
Brett.

Re: Daily digest, Issue 1987 (37 messages)

[Insan Praja SW]

Hi,
On Thu, 02 Dec 2010 06:35:29 +0700, brett mm brett.ma...@gmail.com wrote:


Subject: TP-LINK TL-WN722N
Message-ID: op.vmzwflwzspg...@lenovo-63187d4c

Hi Misc@,
Right now I'm trying to make this work in my OpenBSD machine. Google  
said
that it is an otus(4) chipset (ATHEROS2)5416 and an ar9271 (Windows  
driver

*.inf).
otus0: echo command failed


Hi,
I recently got a TP-LINK TL-WN821N (different Ateros chipset to yours)
and it works fine with OpenBSD 4.8 (both x86 and amd64 versions). They
are pretty cheap (in Australia at least).


As Damien said it is a different h/w. TL-WN821N also available here, the  
attraction of these TL-722N is that it had a detachable antenna so it had  
wider options of usage.



The otus driver does not yet support 11g but 11n works. For amd64 you
need to specify -mode 11g or it reverts to slow 11b protocol. It will
not autoconfigure on boot so you will need to write a small ifconfig
script to connet to the net, apart from that very reliable for me.
Brett.



Thanks,


Insan Praja SW
--
Using Opera's revolutionary email client: http://www.opera.com/mail/

Lenovo

[Jean-Francois]

Hi All,

Are Lenovo, say for example T410 or equivalent professional laptops ok with 
OpeNBSD in terms of compatibility ? Any things to take care about ?

Regards

JF

Re: help gateway 4.8

[david carrasco]

answer your question,
i believe the problern is static routing setting on all
cable is okey
please help, with set up static client,gateway, and router (dsl ext)

On gateway start tcpdump -i xl1

gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static
? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0
*


 then on client start ping
 192.168.0.1. Do you see the packets?
/
--- 192.168.0.1 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss
///


 After you stop the ping run arp -a on both client and gateway.
 Do you see an entry for the other host?
in gateway

gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static
? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0



in client
///
nothing out screen
///
























2010/12/2, Jan Johansson janj+open...@wenf.org:
 david carrasco dacar...@gmail.com wrote:
 Greetings to all good I hope to help me
 I followed the manual gateway-firewall openbsd 4.8
 but still can not get or have no internet Conexxion client

 ADSL (router ext)

 192.168.1.1
|
|
  xl0
  192.168.1.101
 gatewayopenbsd4.8-
 xl1
   192.168.0.1
   |
   |
 Client
   192.168.0.10

 On gateway start tcpdump -i xl1 then on client start ping
 192.168.0.1. Do you see the packets?

 After you stop the ping run arp -a on both client and gateway.
 Do you see an entry for the other host?

 If the answer to thease questions are No then you have a layer
 two (or below) problem. Check cabling, vlan configuration and
 such.

 It the answer to thease questions are Yes then you have a layer
 three (or above) problem. Check your packet filters.

Re: Lenovo

[David Vasek]

On Thu, 2 Dec 2010, Jean-Francois wrote:


Hi All,

Are Lenovo, say for example T410 or equivalent professional laptops ok with
OpeNBSD in terms of compatibility ? Any things to take care about ?


Yes. Nvidia. Avoid it.

Regards,
David

Re: help gateway 4.8

[Jan Johansson]

david carrasco dacar...@gmail.com wrote:
 answer your question,
 i believe the problern is static routing setting on all
 cable is okey
 please help, with set up static client,gateway, and router (dsl ext)
 
 On gateway start tcpdump -i xl1
 
 gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static
 ? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0
 *
 
 
  then on client start ping
  192.168.0.1. Do you see the packets?
 /
 --- 192.168.0.1 ping statistics ---
 3 packets transmitted, 0 packets received, 100.0% packet loss
 ///
 
 
  After you stop the ping run arp -a on both client and gateway.
  Do you see an entry for the other host?
 in gateway
 
 gateway.my.domain (192.168.0.1) at 00:60:97:be:ca:2a on xl1 static
 ? (192.168.1.1) at 00:1d:0f:fc:95:de on xl0
 
 
 
 in client
 ///
 nothing out screen
 ///

I am having a hard time following what you are saying.

On the gateway run ping 192.168.0.10 when you stop that run
arp -a in the output you should see one of thease lines:

This one means your layer 2 such as cable is broken.
? (192.168.0.10) at (incomplete) on xl1

This one means your layer 3 such as packet filter is broken.
 ? (192.168.0.10) at 00:0c:76:bb:00:5a on xl1

But as another subscriber noted:

vr0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
media: Ethernet autoselect (none)
status: no carrier

and

xl1: flags=8a43UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST mtu 1500
media: Ethernet autoselect (none)
status: no carrier

which means neither your gateway or your client has a working
cable.

Are you using a switch or are these machines connected to each
other with a direct cable? If you are using a direct cable you
will need a crossover cable as 100baseTX does not support auto
MDI/MDI-X.

Re: Lenovo

[Amit Kulkarni]

NVIDIA while still sucky is now better supported than ever before.

On Thu, Dec 2, 2010 at 9:11 AM, David Vasek va...@fido.cz wrote:
 On Thu, 2 Dec 2010, Jean-Francois wrote:

 Hi All,

 Are Lenovo, say for example T410 or equivalent professional laptops ok
 with
 OpeNBSD in terms of compatibility ? Any things to take care about ?

 Yes. Nvidia. Avoid it.

 Regards,
 David

Re: Lenovo

[Peter Miller]

On 12/02/10 13:36, Jean-Francois wrote:

Hi All,

Are Lenovo, say for example T410 or equivalent professional laptops ok with
OpeNBSD in terms of compatibility ? Any things to take care about ?

Regards

JF



I'm running a T410i. There are some wonky issues with X, switching to 
consoles and external screens. Assuming you want to use X11 and end up 
with the same intel card as me. Intel Mobile HD graphics. I'm sure it 
will be fixed soon as X11 is updated.


Use xdm or gdm or shutdown directly from X11. Otherwise you'll exit X11 
to a blank screen.


Don't plug in a vga monitor until the computer has given you a login 
prompt. If you use vga you have to shutdown from X11.

http://marc.info/?l=openbsd-miscm=128872912228529w=2

Wireless doesn't work on the Realtek 8192SE (thinkpad b/g/n). I use a 
Planex GW-USMicroN usb wireless card.. uses run driver, works great


Sound works, the buttons for sound work, display brightness buttons 
work. Haven't tried my esata or hdmi. I think the camera works, but i 
forget.


I'm very happy with my laptop. It runs super quiet and cool with OpenBSD.

This is my system as per Lenovo order.
12516CT CONFIGURED SYSTEM
75Y0808 SBB ICI3-330MPRT410IT510I2.13
45M3092 VBB GENWIN7HOMEPREM64
60Y5846 SBB GEN WIN 7 HM PR 64 US ENG
45M4798 SBB 14.1WXGA+TFT,W/LEDBACKLIG.
45M4788 SBB IN.GR.M.A.5700MHD-AMT,TPM
42X6306 VBB 2GBPC3-8500 1067MHZ1DIMM
45M4839 SBB KEYBOARDUS ENGLISH
45M4801 SBB ULNAV(T.POINT+TOUCHPAD)
45M4834 SBB CAMERA SUBCARD
45M4823 SBB 250GB HARDDISKDRIVE5400RPM
45M4820 SBB DVDREC8XMAXD.L.U.SLIMS.ATA
45M4814 SBB 4CELLLI-ION BATTERY
41W1787 SBB CPK NORTH AMERICA
44C8733 SBB THINKPAD B/G/N
44C7950 SBB INT WRLSSWDAREANTWRK UPGR
45M4874 SBB LANG.PACK US ENGLISH

OpenBSD 4.8-current (GENERIC.MP) #627: Fri Nov 12 23:00:53 MST 2010
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1998045184 (1905MB)
avail mem = 1930944512 (1841MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe0010 (78 entries)
bios0: vendor LENOVO version 6IET68WW (1.28 ) date 07/12/2010
bios0: LENOVO 2516CTO
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET ASF! SLIC BOOT SSDT 
TCPA SSDT SSDT SSDT
acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP1(S4) 
EXP2(S4) EXP3(S4) EXP4(S4) EXP5(S4) EHC1(S3) EHC2(S3) HDEF(S4)

acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz, 2128.41 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT,NXE,LONG

cpu0: 256KB 64b/line 8-way L2 cache
cpu0: apic clock running at 133MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz, 2128.00 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT,NXE,LONG

cpu1: 256KB 64b/line 8-way L2 cache
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz, 2128.00 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT,NXE,LONG

cpu2: 256KB 64b/line 8-way L2 cache
cpu3 at mainbus0: apid 5 (application processor)
cpu3: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz, 2128.00 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT,NXE,LONG

cpu3: 256KB 64b/line 8-way L2 cache
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 2, remapped to apid 1
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG_)
acpiprt2 at acpi0: bus 2 (EXP1)
acpiprt3 at acpi0: bus 3 (EXP2)
acpiprt4 at acpi0: bus -1 (EXP3)
acpiprt5 at acpi0: bus 5 (EXP4)
acpiprt6 at acpi0: bus 13 (EXP5)
acpicpu0 at acpi0: C3, C1, PSS
acpicpu1 at acpi0: C3, C1, PSS
acpicpu2 at acpi0: C3, C1, PSS
acpicpu3 at acpi0: C3, C1, PSS
acpipwrres0 at acpi0: PUBS
acpitz0 at acpi0: critical temperature 86 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model 42T4763 serial 30978 type LION oem SANYO
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit offline
acpithinkpad0 at acpi0
cpu0: Enhanced SpeedStep 2128 MHz: speeds: 2133, 1999, 1866, 1733, 1599, 
1466, 1333, 1199, 1066, 933 MHz

pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 vendor Intel, unknown product 0x0044 
rev 0x02

vga1 at pci0 dev 2 function 0 Intel Mobile HD graphics rev 0x02
wsdisplay0 at 

Il tuo Poste account puo essere automaticamente sospeso.

[Poste Italiane]

Gentile Cliente, per la sicurezza del tuo PostePay account 
abbiamo bisogno 
di un aggiornamento del profilo. Si prega di scaricare il file 
allegato a questa email. 
NOTA: Il tuo PostePay account puo essere automaticamente sospeso 
fino in caso di fallimento 
di aggiornare il tuo profilo. Si prega di provvedere 
immediatamente. 

Per l'assistenza ai Servizi via internet puo contattare il numero 
verde 800.00.33.22, gratuito anche da cellulare. 
Cordiali saluti. 
Servizio Poste Italiane

--- 
Questo e un messaggio automatico. 
Per disabilitare il servizio puo utilizzare la funzione Modifica 
abilitazioni (Comunicazioni  Estratto conto e documentazione). 


Copyright ) Poste italiane 2010 - Partita Iva 01114601006 

[demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a 
name of estratto conto.11407DEFANGED-html]

Re: Lenovo

[roberth]

On Thu, 2 Dec 2010 09:49:36 -0600
Amit Kulkarni amitk...@gmail.com wrote:

 NVIDIA while still sucky is now better supported than ever before.

yes, if you spray perfume on a pile of shit it might smell better.

Re: Lenovo

[Ingo Schwarze]

roberth wrote on Thu, Dec 02, 2010 at 07:23:18PM +0100:

 yes, if you spray perfume on a pile of shit it might smell better.

No, perfume is insufficient, actual polishing is required.
OpenBSD strives to do things right, you know:

http://www.openbsd.org/images/hackathons/c2k10.gif

problem sur votre dernier facture

[Orange]

Banque Postal: retour ? l'accueil

Bonjour,

Cet email a ete envoye pour vous informer que nous ne pouvions pas
traiter votre paiement recent de facture.

Ceci pourrait etre du a l une ou l autre des raisons suivantes:

1. Un changement recent de vos informations personnelles. (par exemple :
adresse de facturation, telephone)

2. Soumission de l information incorrecte pendant le processus de
paiement de facture.

3. Une incapacite de verifier exactement votre option choisie de paiement
due a une erreur interne dans nos processeurs.

En raison de ceci, pour s assurer que votre service n est pas interrompu,
nous vous invitons a confirmer et mettre a jour votre information de
facturation aujourd hui:

Cliquer Ici Pour Une Resolution..

Merci de votre confiance.

Re: Lenovo

[STeve Andre']

On 12/02/10 05:45, Peter Miller wrote:

On 12/02/10 13:36, Jean-Francois wrote:

Hi All,

Are Lenovo, say for example T410 or equivalent professional laptops 
ok with

OpeNBSD in terms of compatibility ? Any things to take care about ?

Regards

JF



I've been running on A W500 for almost two years now.  Everything but 
the winmodem
and fingerprint reader works.  Stuff a couple of 750G disks in it and 
you have a nice

portable work station.

--STeve Andre'

Re: Lenovo

[roberth]

On Thu, 2 Dec 2010 19:40:15 +0100
Ingo Schwarze schwa...@usta.de wrote:

 roberth wrote on Thu, Dec 02, 2010 at 07:23:18PM +0100:
 
  yes, if you spray perfume on a pile of shit it might smell better.
 
 No, perfume is insufficient, actual polishing is required.
 OpenBSD strives to do things right, you know:
 
 http://www.openbsd.org/images/hackathons/c2k10.gif
 

The shiny smell of Ponal.

Re: Advice on learning C as first language

[Ludo Smissaert]

On 25.11.2010 13:20, Christiano F. Haesbaert wrote:

Stick with Marco's books and you should be fine. I also recommend
the following, disregard the name, it isn't all that:
http://www.amazon.com/Expert-Programming-Peter-van-Linden/dp/0131774298.



I have read that book after I learned C from The C Programming
Language and I found it especially useful in the way it explained
complicated declarations in C. Only for that it is already worth the money.

I have spend much more than one weekend with The C Programming
Language and immediately after finishing it, I dived into studying
about linked lists. These documents where tremendously helpful:

http://cslibrary.stanford.edu/103/
http://cslibrary.stanford.edu/102/

But I stopped using Pointers to Pointers as was suggested here.

Also this video is on my list of recommendations:

http://cslibrary.stanford.edu/104/

Regards, Ludo

Re: Advice on learning C as first language

[Mohit Chawla]

On Fri, Nov 26, 2010 at 1:00 AM, David Vasek va...@fido.cz wrote:

 /* Sorry for the noise, I simply couldn't resist. */

 Write in C (Let it Be)

   When I find my code in tons of trouble,
   Friends and colleagues come to me,
   Speaking words of wisdom:
   Write in C.

   As the deadline fast approaches,
   And bugs are all that I can see,
   Somewhere, someone whispers:
   Write in C.

   Write in C, Write in C,
   Write in C, oh, Write in C.
   LOGO's dead and buried,
   Write in C.

   I used to write a lot of FORTRAN,
   For science it worked flawlessly.
   Try using it for graphics!
   Write in C.

   If you've just spent nearly 30 hours,
   Debugging some assembly,
   Soon you will be glad to
   Write in C.

   Write in C, Write in C,
   Write in C, yeah, Write in C.
   BASIC's not the answer.
   Write in C.

   Write in C, Write in C
   Write in C, oh, Write in C.
   Pascal won't quite cut it.
   Write in C.


Epic.  You got more of these ? :)

Help with snmpd...

[Bales, Tracy]

I'm running 4.8 on an i386 platform.  I have snmpd running with 300 custom
MIB's installed via snmpd.conf.  I've confirmed that they're installed using
net-snmp's snmpwalk program.  Each of my MIB's is an integer value...no
strings.  Question:  Has anyone written their own C code to update/change the
MIB values?  If so, could you point me in the direction on how to do this?
I'm really trying to figure this out for myself so I'm not looking for a
full-blown solution, just a tip here and there or a simple example!  FYI...I
have been studying the OpenBSD C source files for snmpd.c, snmpe.c and mps.c
Thanks!

Re: using bgp mpls vpn

[Imre Oolberg]

Hi!

Claudio Jeker wrote:

 It looks like the connection from PE1 to PE2 is not using MPLS. It looks
 like the ldp session between PE1 and the P router is not established.

Thank you very much for your suggestion to look over the network below,
i didnt expect it to be a source of my problems and excuse me to waste
time for such a stupid reason. Now packets with double labels come and
go, so i search bgp mpls vpn further using several PE routers and
create  relationships between networks behind them etc.

Is my understanding correct that mpls-labeled packets going thru network
themselves dont need ip networking configured on P routers (and not even
net.inet.ip.forwarding switched on) but since ldpd needs to run on them
and it uses udp multicast and tcp-based connections ip configuration is
still needed? And usually ldpd processes communicate only with other
ldpd processes which run on their adjacent neighbors?


Imre

Just for the record, my second attempt was made using OpenBSD
4.8-current (GENERIC) #501: Mon Nov 29 11:58:38 MST 2010 and i386.

Claudio Jeker wrote:

 On Fri, Nov 26, 2010 at 11:02:06PM +0200, Imre Oolberg wrote:
   
 eHi!

 I am using 'OpenBSD 4.8-current (GENERIC) #313: Mon Nov  1 11:04:25 MDT
 2010' i set up some good number of testing machines and started to try
 out the bgp mpls vpn stuff (based on man bgpd.conf, man ldpd.conf man
 man route + http://marc.info/?l=openbsd-miscm=127470697232025w=1 and i
 also did some general reading on mpls  mpls-vpn)
 

 This is a fairly old current. But IIRC nothing super important happend in
 between.
  
   
 What i got so far is working bgp mpls vpn between two computers if they
 are directly connected like this. (The objective was to create behind
 PE1 two private vlans 172.116.93/24 and 172.117.93/24 into different
 rdomains which can communicate which their respective counterpart vlans
 behind PE2, 172.116.94/24 and 172.117.94/24))

 

 ... big snip ...

  
   
 at P in the middle it says

 mpls-4:~# ldpctl show lib
   
 Destination  Nexthop   Local LabelRemote Label   In Use  
   
 0.0.0.0/0192.168.10.25416 Untagged   yes
 10.0.11.0/24 10.0.171.117 Pop tagyes
 10.0.12.0/24 10.0.172.118 Untagged   yes
 10.0.171.0/2410.0.171.254  3  Untagged   yes
 10.0.171.0/240.0.0.0   3  Untagged   yes
 10.0.172.0/2410.0.172.254  3  Untagged   yes
 10.0.172.0/240.0.0.0   3  Untagged   yes
 10.10.11.1/3210.0.171.119 19 yes
 10.10.12.1/3210.0.172.120 Untagged   yes
 192.168.10.0/24  10.0.172.13  Untagged   yes
 192.168.10.0/24  10.0.171.13  Pop tagyes
 192.168.10.0/24  0.0.0.0   3  Untagged   yes

 mpls-4:~# route -n show -mpls 
 Routing tables

 MPLS:
 In label  Out label Op GatewayFlags   Refs  Use   Mtu  
 Prio Interface
 16- LOCAL  192.168.10.254 UGT00 -
  8 em0  
 17- POP10.0.171.1 UGT00 -
 32 em1  
 18- LOCAL  10.0.172.1 UGT00 -
 32 em2  
 1919SWAP   10.0.171.1 UGT0   10 -
 32 em1  
 20- LOCAL  10.0.172.1 UGT00 -
 32 em2  


 

 Looking at the routing table you show here it seems that there is an issue
 with ldpd. There are to many Untagged FEC in the ldpctl show lib output.
 It looks like the session between the P/PE systems did not get up.
 Did you look at the ldpctl show nei output?
 Btw. look at the route -n show -inet output and check which routes have
 MPLS pathes attached to them (T in the flags section). You can also use
 route -n get IP or route -n get -mpls -in LABEL to get more info.

   
 I suspect i miss one of these

 1. i misuse ldpd
 

 The ldpd config looks about right. I use a very simple one on my test
 setups:
 router-id 10.42.21.1
 interface re1
 interface re2
 interface re3
 This is for a P router but the PE ones have exactly the same config :)

   
 2. i havent configured correctly on P routers mpls forwarding (read on
 man route something about -in, -out, -push, -swap but have no idea how
 to use them)
 

 You do not need to use route(8) to manipulate the routing table. ldpd and
 ospfd should do all the work.

   
 3. i read that doing mpls-vpn there are actually two mpls labels used,
 one to choose correct rdomain in PE and the other to get packet thru
 MPLS network, i cant get on my packets the top label
 

 When sending out packets the mpls-vpn packet 

ice-hockey

[Youssef Ossama]

Come and play with prof. ice-hockey players for the first time in Egypt , 

we announce for the first ice-hockey school in Egypt , we will give you stick , 
and equpmints , 

more info. please call :- 0142719658 

f.b group :- Egyptian Eagles Xtreme Ice-Hockey Team (XIH)

www.EgyptianEaglesIce-Hockey.webs.com

thank you so much
==

Unsubscribe misc@openbsd.org from this list:
http://webs.us2.list-manage2.com/unsubscribe?u=adf01fbc9326f1888677882a7id=9627cebcf4e=e23bac04d5c=21036be00a

PF and States

[Godesi]

Hi,

We recently deployed OBSD4.7 boxes to do load balancing in our
environment with relayd.

After few hours we encountered problem with the server going beyond
10,000 states.  After much research and man pages, we setup states to a
ridiculous number.
Yes the number was 100,000.  We also changed the states to expire much
faster.  Redeployed the box and everything was normal for few days till
again we started having issues with the box.
This time the states were 20,000 and again pf/relayd started having
issues.  The box has like 4gig of ram, multiple cores etc.  By issues I
mean can't ssh to box sometimes , can't get relayctl to show hosts etc.

Can someone who is expert at this look at it and tell me what may be
wrong here?
I have couple of questions:

1.  Do I need pf for relayd when I am not doing redirects?
2.  How much states can i really have on a box that has 4 gig ram?
Is it governed by how much mem is allocated to kernel? (i read it
somewhere while googling).  Can I change that?


Here is pf.conf.  Basically since the box is BEHIND a corporate
firewall Juniper.  We didn't really need to block anything. So pf.conf
is very simple and so is the relayd.conf:

I would really appreciate any help.

ext_if=fxp0
web_if=fxp1

set loginterface $ext_if
set optimization aggressive
set skip on lo
set limit { states 10  }


set timeout tcp.first   10
set timeout tcp.opening 10
set timeout tcp.established 60
set timeout tcp.closing 10
set timeout tcp.finwait 10
set timeout tcp.closed  10


pass quick on $ext_if
pass quick on $mgt_if


Here is the relayd.conf file:


# $OpenBSD: relayd.conf,v 1.13 2008/03/03 16:58:41 reyk Exp $
#
# Macros
#

images_vip=10.1.0.107

#
# Global Options
#
interval 30
#timeout 180
#
# Each table will be mapped to a pf table.
#
table webhosts {   web01 web02  web03   web04   web05  web06 }
   table fallback { 127.0.0.1 }

#
# Services will be mapped to a rdr rule.
#

#
# Relay and protocol for HTTP layer 7 loadbalancing and SSL acceleration
#
relay web {
   listen on $webip port 80
   session timeout 180
   forward to webhosts port 8080 mode roundrobin \
   check tcp
}

thank you

clients not receiving dhcp acks from dhcpd on bridge ports

[Joel Wiramu Pauling]

Kia ora,

I am having a similar problem as discussed here:

http://kerneltrap.org/mailarchive/openbsd-misc/2010/8/24/6489

However I am running latest stable on sunfire v215

OpenBSD ufb-fw.ufb.net.nz 4.8 GENERIC#86 sparc64

I am running double NAT but unfortunately at this point it is the only
option for this machine.

My interfaces are configured:

# cat /etc/hostname.bge0
dhcp
up
rtsol

# cat /etc/hostname.bge1
up

# cat /etc/hostname.bge2
up

# cat /etc/hostname.bge3
up

# cat /etc/hostname.vether0
inet 192.168.1.1 255.255.255.0 NONE description bridge port with ip

# cat /etc/hostname.bridge0
description bridge for internal
add vether0
add bge1
add bge2
add bge3
up

# cat /etc/rc.conf.local
ntpd_flags= # enabled during install
dhcpd_flags=vether0


# ifconfig
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33160
priority: 0
groups: lo
inet 127.0.0.1 netmask 0xff00
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:14:4f:b1:b4:62
priority: 0
groups: egress
media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause)
status: active
inet6 fe80::214:4fff:feb1:b462%bge0 prefixlen 64 scopeid 0x1
inet 10.0.0.10 netmask 0xff00 broadcast 10.0.0.255
bge1: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST
mtu 1500
lladdr 00:14:4f:b1:b4:63
priority: 0
media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
status: active
inet6 fe80::214:4fff:feb1:b463%bge1 prefixlen 64 scopeid 0x2
bge2: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST
mtu 1500
lladdr 00:14:4f:b1:b4:64
priority: 0
media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
status: active
inet6 fe80::214:4fff:feb1:b464%bge2 prefixlen 64 scopeid 0x3
bge3: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST
mtu 1500
lladdr 00:14:4f:b1:b4:65
priority: 0
media: Ethernet autoselect (none)
status: no carrier
inet6 fe80::214:4fff:feb1:b465%bge3 prefixlen 64 scopeid 0x4
enc0: flags=0
priority: 0
groups: enc
status: active
vether0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500
lladdr fe:e1:ba:d0:e5:34
description: bridge port with ip
priority: 0
groups: vether
media: Ethernet autoselect
status: active
inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255
inet6 fe80::fce1:baff:fed0:e534%vether0 prefixlen 64 scopeid 0x7
bridge0: flags=41UP,RUNNING
description: bridge for internal
groups: bridge
priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp
bge3 flags=3LEARNING,DISCOVER
port 4 ifpriority 0 ifcost 0
bge2 flags=3LEARNING,DISCOVER
port 3 ifpriority 0 ifcost 0
bge1 flags=3LEARNING,DISCOVER
port 2 ifpriority 0 ifcost 0
vether0 flags=3LEARNING,DISCOVER
port 7 ifpriority 0 ifcost 0
pflog0: flags=141UP,RUNNING,PROMISC mtu 33160
priority: 0
groups: pflog
#

Bridge is showing that it has learned the various mac addresses:
# ifconfig bridge0
bridge0: flags=41UP,RUNNING
description: bridge for internal
groups: bridge
priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp
designated: id 00:00:00:00:00:00 priority 0
bge3 flags=3LEARNING,DISCOVER
port 4 ifpriority 0 ifcost 0
bge2 flags=3LEARNING,DISCOVER
port 3 ifpriority 0 ifcost 0
bge1 flags=3LEARNING,DISCOVER
port 2 ifpriority 0 ifcost 0
vether0 flags=3LEARNING,DISCOVER
port 7 ifpriority 0 ifcost 0
Addresses (max cache: 100, timeout: 240):
00:27:13:64:e3:df bge2 0 flags=0
08:00:27:5b:9d:b6 bge1 1 flags=0
00:0e:86:15:81:bf bge1 0 flags=0
00:0e:86:15:80:63 bge1 0 flags=0
00:0e:86:16:39:c4 bge1 0 flags=0
00:13:fa:04:ae:44 bge1 1 flags=0
48:5b:39:b5:b4:63 bge1 1 flags=0
d8:5d:4c:e1:d3:16 bge1 1 flags=0
6c:62:6d:7b:c8:05 bge1 1 flags=0

And daemon log is showing that vether0 is receiving dhcprequests and
sending acks - but the acks never reach clients.

I am able to statically add IP's on client and get them to work: (the
.11 host in the routing table for example)

# route show
Routing tables

Internet:
DestinationGatewayFlags   Refs  Use   Mtu  Prio Iface
defaultSpeedTouch.lan UGS   61 4163 - 8 bge0
10.0.0/24  link#1 UC 10 - 4 bge0
ufb-fw.lan localhost  UGHS  

Re: clients not receiving dhcp acks from dhcpd on bridge ports

[Joel Wiramu Pauling]

ok so I solved the dhcpd ack issue by explicitly allowing pass any on
each of the bridge member interfaces and the bridge0 device itself.

Still having issues with clients unable to ping between themselves
when they situated off the GPON node, back to the drawing board.

On 3 December 2010 19:40, Joel Wiramu Pauling j...@aenertia.net wrote:
 Kia ora,

 I am having a similar problem as discussed here:

 http://kerneltrap.org/mailarchive/openbsd-misc/2010/8/24/6489

 However I am running latest stable on sunfire v215

 OpenBSD ufb-fw.ufb.net.nz 4.8 GENERIC#86 sparc64

 I am running double NAT but unfortunately at this point it is the only
 option for this machine.

 My interfaces are configured:

 # cat /etc/hostname.bge0
 dhcp
 up
 rtsol

 # cat /etc/hostname.bge1
 up

 # cat /etc/hostname.bge2
 up

 # cat /etc/hostname.bge3
 up

 # cat /etc/hostname.vether0
 inet 192.168.1.1 255.255.255.0 NONE description bridge port with ip

 # cat /etc/hostname.bridge0
 description bridge for internal
 add vether0
 add bge1
 add bge2
 add bge3
 up

 # cat /etc/rc.conf.local
 ntpd_flags= B  B  B  B  B  B  # enabled during install
 dhcpd_flags=vether0


 # ifconfig
 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33160
 B  B  B  B priority: 0
 B  B  B  B groups: lo
 B  B  B  B inet 127.0.0.1 netmask 0xff00
 B  B  B  B inet6 ::1 prefixlen 128
 B  B  B  B inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
 bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 B  B  B  B lladdr 00:14:4f:b1:b4:62
 B  B  B  B priority: 0
 B  B  B  B groups: egress
 B  B  B  B media: Ethernet autoselect (100baseTX
full-duplex,rxpause,txpause)
 B  B  B  B status: active
 B  B  B  B inet6 fe80::214:4fff:feb1:b462%bge0 prefixlen 64 scopeid 0x1
 B  B  B  B inet 10.0.0.10 netmask 0xff00 broadcast 10.0.0.255
 bge1: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST
 mtu 1500
 B  B  B  B lladdr 00:14:4f:b1:b4:63
 B  B  B  B priority: 0
 B  B  B  B media: Ethernet autoselect (1000baseT
full-duplex,rxpause,txpause)
 B  B  B  B status: active
 B  B  B  B inet6 fe80::214:4fff:feb1:b463%bge1 prefixlen 64 scopeid 0x2
 bge2: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST
 mtu 1500
 B  B  B  B lladdr 00:14:4f:b1:b4:64
 B  B  B  B priority: 0
 B  B  B  B media: Ethernet autoselect (1000baseT
full-duplex,rxpause,txpause)
 B  B  B  B status: active
 B  B  B  B inet6 fe80::214:4fff:feb1:b464%bge2 prefixlen 64 scopeid 0x3
 bge3: flags=8b43UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST
 mtu 1500
 B  B  B  B lladdr 00:14:4f:b1:b4:65
 B  B  B  B priority: 0
 B  B  B  B media: Ethernet autoselect (none)
 B  B  B  B status: no carrier
 B  B  B  B inet6 fe80::214:4fff:feb1:b465%bge3 prefixlen 64 scopeid 0x4
 enc0: flags=0
 B  B  B  B priority: 0
 B  B  B  B groups: enc
 B  B  B  B status: active
 vether0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu
1500
 B  B  B  B lladdr fe:e1:ba:d0:e5:34
 B  B  B  B description: bridge port with ip
 B  B  B  B priority: 0
 B  B  B  B groups: vether
 B  B  B  B media: Ethernet autoselect
 B  B  B  B status: active
 B  B  B  B inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255
 B  B  B  B inet6 fe80::fce1:baff:fed0:e534%vether0 prefixlen 64 scopeid 0x7
 bridge0: flags=41UP,RUNNING
 B  B  B  B description: bridge for internal
 B  B  B  B groups: bridge
 B  B  B  B priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto
rstp
 B  B  B  B bge3 flags=3LEARNING,DISCOVER
 B  B  B  B  B  B  B  B port 4 ifpriority 0 ifcost 0
 B  B  B  B bge2 flags=3LEARNING,DISCOVER
 B  B  B  B  B  B  B  B port 3 ifpriority 0 ifcost 0
 B  B  B  B bge1 flags=3LEARNING,DISCOVER
 B  B  B  B  B  B  B  B port 2 ifpriority 0 ifcost 0
 B  B  B  B vether0 flags=3LEARNING,DISCOVER
 B  B  B  B  B  B  B  B port 7 ifpriority 0 ifcost 0
 pflog0: flags=141UP,RUNNING,PROMISC mtu 33160
 B  B  B  B priority: 0
 B  B  B  B groups: pflog
 #

 Bridge is showing that it has learned the various mac addresses:
 # ifconfig bridge0
 bridge0: flags=41UP,RUNNING
 B  B  B  B description: bridge for internal
 B  B  B  B groups: bridge
 B  B  B  B priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto
rstp
 B  B  B  B designated: id 00:00:00:00:00:00 priority 0
 B  B  B  B bge3 flags=3LEARNING,DISCOVER
 B  B  B  B  B  B  B  B port 4 ifpriority 0 ifcost 0
 B  B  B  B bge2 flags=3LEARNING,DISCOVER
 B  B  B  B  B  B  B  B port 3 ifpriority 0 ifcost 0
 B  B  B  B bge1 flags=3LEARNING,DISCOVER
 B  B  B  B  B  B  B  B port 2 ifpriority 0 ifcost 0
 B  B  B  B vether0 flags=3LEARNING,DISCOVER
 B  B  B  B  B  B  B  B port 7 ifpriority 0 ifcost 0
 B  B  B  B Addresses (max cache: 100, timeout: 240):
 B  B  B  B  B  B  B  B 00:27:13:64:e3:df bge2 0 flags=0
 B  B  B  B  B  B  B  B 08:00:27:5b:9d:b6 bge1 1 flags=0
 B  B  B  B  B  B  B  B 00:0e:86:15:81:bf bge1 0 flags=0
 B  B  B  B  B  B  B  B 00:0e:86:15:80:63 bge1 0 flags=0
 B  B  B  B  B  B  B  B 00:0e:86:16:39:c4 bge1 0 flags=0
 B  B  B  B  B  B  B  B