Re: (S)ATA performance in FBSD 6.2/7.0

[Ted Mittelstaedt]

- Original Message - 
From: "Cheffo" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: ; "O. Hartmann"
<[EMAIL PROTECTED]>; 
Sent: Friday, March 02, 2007 3:38 AM
Subject: Re: (S)ATA performance in FBSD 6.2/7.0


> Hi,
>
>
> I think the problem is that the benchmark runs with small files and most
> files are in cache that's why it shows higher speeds

I think the problem is O Hartmann (the OP) has proven by his lack of
followup that he was just trolling.  Kind of what I guessed yesterday.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: (S)ATA performance in FBSD 6.2/7.0

[Ted Mittelstaedt]

- Original Message - 
From: "O. Hartmann" <[EMAIL PROTECTED]>
To: ; 
Sent: Friday, March 02, 2007 1:38 AM
Subject: (S)ATA performance in FBSD 6.2/7.0 


> The last days I tried to figure out why some of my lab's FreeBSD boxes 
> and also mine at home seem to be outperformed by some Linux setups 
> around here and I saw something interesting.
> 

blah blah blah deleted

> 
> Before digging into this problem deeper with benchmarks, could anyone 
> explain why FreeBSD reaches this 33 MB/s limit (sounds like UDMA 33 

man mount

read section on "async"

linux by default mounts async

freebsd by default mounts sync

you can change FBSD to async

then watch your fs scramble during a power failure

no big deal, it's only your data.

Ted
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Serial Port Problems

[Ted Mittelstaedt]

- Original Message - 
From: "Dan D Niles" <[EMAIL PROTECTED]>
To: 
Sent: Thursday, March 01, 2007 1:27 PM
Subject: Serial Port Problems


>
> More Dell 2950 woes.
>
> I use serial ports to manage my FreeBSD machines remotely.  I've never
> had any problems until now.  I've installed FreeBSD 6.2 on a Dell 2950.
>
> The install goes without problems over the serial port.  After the
> reboot, I get the typical:
>
> FreeBSD/i386 (test.host.net) (ttyd0)
>
> login:
>
> and I can log in just fine.  If I disconnect and come back later
> (sometimes), or if I hit return without entering a login name (always)
> it starts spitting out junk like:
>

Get a cheapie pci serial port card, plug it in, and see if it works any
better

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Day Light Savings time changes on March 11

[Ted Mittelstaedt]

- Original Message - 
From: "DAve" <[EMAIL PROTECTED]>
To: 
Sent: Tuesday, February 27, 2007 6:06 AM
Subject: Re: Day Light Savings time changes on March 11
> 
> Personally, I think someone just wanted on extra hour on the tee during 
> the week after work.
> 

That is exactly why AZ doesen't do DST.  The golfers all want morning
tee times due to the heat.

Ted
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: kernel panic at boot on any 6.x OS

[Ted Mittelstaedt]

- Original Message - 
From: "Mike Meyer" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Joe Auty" <[EMAIL PROTECTED]>; "Daan Vreeken [PA4DAN]"
<[EMAIL PROTECTED]>; "Kip Macy" <[EMAIL PROTECTED]>;
; 
Sent: Monday, February 26, 2007 8:36 AM
Subject: Re: kernel panic at boot on any 6.x OS

> > and do a "make deinstall" followed by downloading and compiling the
program
> > the "old fashioned way"  I shoot for a min of 3 years on the OS before
even
> > thinking about updating, and when it's time to update the hardware has
> > generally reached the old rag stage anyway.
>
> This works great for servers, that don't have any real users on them,
> and is pretty much how I do things. I'll try updating the ports tree
> and installing from that rather than building the old fashioned way,
> because that works a surprising percentage of the time.
>
> On desktop and development systems, the users tend to get pissed if I
> let things get that old. So I do upgrade them more often.

That depends on who's paying for it.  If your in-house support your screwed
of course, since all of them think your labor hours are inexhaustable.

But if the users are in a small business or whatever that has to actually
pay
real money to have their systems updated, then they are usually a lot less
enthusiastic about new updates (at least, their owners are)

> There are a
> couple of things you can do to make reinstalling to a clean disk a bit
> less painfull.
>
> 1) Intelligent file system layout. I put all the things that aren't
> installed from the FreeBSD disks on their own partitions (/home and
> /local). I can then wipe and reinstall /, /var and /usr without
> clobbering the non-system data.
>
> 2) Mirrored disks. Disks for consumer systems are cheap. Throwing a
> second one in a system and mirroring the system disk is a cheap way to
> improve the reliability of the system. When it's time to upgrade, take
> a drive out of the mirror, and install to that drive. You can reboot
> to the old system if you need to interrupt the process and run the old
> system for some reason. With a file system layout as per #1, you can
> even mount the users files under both versions of the OS. When you're
> happy with the new system, mirror the new system drive to the old one.
>

I do the mirroring thing too but the one thing you have to watch is
inadequate
cooling in some of these minitowers.  Stacking the disks on top of each
other
with no cooling fan blowing air on them is not a good idea.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Patches in FreeBSD

[Ted Mittelstaedt]

- Original Message - 
From: "Jerry McAllister" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, February 26, 2007 1:23 PM
Subject: Re: Patches in FreeBSD


> On Mon, Feb 26, 2007 at 10:53:20AM -0800, Josh Carroll wrote:
>
> > >My question is:   How do I respond to this?
> > >I have seen the word patch used in security update messages - but
> > >didn't follow that path.   Is that real?   Does it cover kernel
> > >things essentially on the fly or is a 'time consuming' rebuild
> > >still needed?
> >
> > 6.2 now official supports binary patches via freebsd-update(8). From
> > the 6.2-RELEASE announcement
> > (http://www.freebsd.org/releases/6.2R/announce.html):
> >
> > "freebsd-update(8) provides officially supported binary updates for
> > security fixes and errata patches"
> >
> > So there's your response. :)
>
> Thank you.
> I didn't realize my question is to cutting edge - so to speak.
> I saw a few posts mentioning update, but didn't take the time to
> follow them and didn't realize their possible relevance.
> So, good news!
>

No, it isn't.

They will just find some other excuse to try to switch you over to Linux.
The
patch excuse was one of the lamest.  Even in the "pre binary" patch days it
didn't require the entire system to be rebuilt just to patch a daemon.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Outlook With FreeBSD IMAP

[Ted Mittelstaedt]

- Original Message - 
From: "Josh Tolbert" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;

Sent: Monday, February 26, 2007 7:30 AM
Subject: Re: Outlook With FreeBSD IMAP


> On Mon, Feb 26, 2007 at 07:16:58AM -0800, [EMAIL PROTECTED] wrote:
> > >> > How do I use the Cram-MD5 passwords with Outlook?
> > >> > Or do I have to go plain text?
> > >>
> > >> Off-topic for FreeBSD-Questions but I don't believe
> > >> Outlook supports CRAM-MD5 out of the box.
> > >
> > > *Not* off-topic, the context being how best to configure Outlook
> > > for use with FreeBSD IMAP.  One hopes something more secure than
> > > plain-text passwords can be made to work.
> > >
> > > My answer is "Don't use Outlook.  For anything.  Period."
> > > but the OP may be stuck with it for some reason.
> > >
> >
> > Thank You, if I was talking about Anna Nichole Smith or something, that
> > would be *OFF* topic. ;o).
> >
> > I am stuck with outlook if I want to synch my PDA phone to my e-mail.
It
> > seems to work ok with gmail pop3.  Maybe I can just have sendmail
foreward
> > a copy of all my mail to gmail.
> >
> > Thanks Guys,
> >
> > Chris Maness
>
> I run imap-uw. Outlook 2003 works just fine with my mail server. However,
I
> haven't been able to get Outlook 2002 to work properly.

If your using self-signed certificates the secret is you create a
self-signed CA
certificate, then import a copy of that into Internet Explorer, and then
when
you create the CSR for the imap server, sign it with your self-signed root
CA
certificate.  This same restriction existed for all prior Outlook clients.

In outlook 2003 MS finally got rid of that and allowed you to use
self-signed
imap certificates directly.

Ted

Outlook Express also
> works fine for me.
>
> My (quite popular) page about running both sendmail and imap-uw with
SSL/TLS
> and authentication can be found here:
> . The page
states
> that one of the goals of the described mail setup is compatibility with
> Microsoft e-mail clients.
>
> Thanks,
>
> Josh
> -- 
> Josh Tolbert
> [EMAIL PROTECTED]  ||  http://www.puresimplicity.net/~hemi/
>
> Security is mostly a superstition. It does not exist in nature, nor
> do the children of men as a whole experience it. Avoiding danger
> is no safer in the long run than outright exposure. Life is either
> a daring adventure, or nothing.
> -- Helen Keller
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: kernel panic at boot on any 6.x OS

[Ted Mittelstaedt]

- Original Message - 
From: "Joe Auty" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Daan Vreeken [PA4DAN]" <[EMAIL PROTECTED]>; "Kip Macy"
<[EMAIL PROTECTED]>; ;

Sent: Monday, February 26, 2007 10:01 AM
Subject: Re: kernel panic at boot on any 6.x OS


>
> On Feb 26, 2007, at 8:01 AM, Ted Mittelstaedt wrote:
>
> >
> > - Original Message -
> > From: "Joe Auty" <[EMAIL PROTECTED]>
> > To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> > Cc: "Daan Vreeken [PA4DAN]" <[EMAIL PROTECTED]>; "Kip Macy"
> > <[EMAIL PROTECTED]>; ;
> > 
> > Sent: Sunday, February 25, 2007 10:39 PM
> > Subject: Re: kernel panic at boot on any 6.x OS
> >
> >
> >> -BEGIN PGP SIGNED MESSAGE-
> >> Hash: SHA1
> >>
> >>
> >> On Feb 25, 2007, at 7:56 PM, Ted Mittelstaedt wrote:
> >>
> >>>
> >>> - Original Message -
> >>> From: "Joe Auty" <[EMAIL PROTECTED]>
> >>> To: "Daan Vreeken [PA4DAN]" <[EMAIL PROTECTED]>
> >>> Cc: "Kip Macy" <[EMAIL PROTECTED]>;  >>> [EMAIL PROTECTED]>;
> >>> 
> >>> Sent: Sunday, February 25, 2007 8:14 AM
> >>> Subject: Re: kernel panic at boot on any 6.x OS
> >>>
> >>>
> >>>>
> >>>> Any idea how this could have happened after disabling everything in
> >>>> my /etc/loader.conf, and simply running a:
> >>>>
> >>>> make buildworld
> >>>> make buildkernel KERNCONF=myconfig
> >>>> make installkernel KERNCONF=myconfig
> >>>>
> >>>
> >>> well your supposed to do this single-user, run mergemaster and a
> >>> few other
> >>> things.
> >>> I also don't see a make installworld.
> >>>
> >>
> >> I usually perform those steps after I've rebooted to ensure that my
> >> system will boot off the new kernel, as per the instructions in the
> >> FreeBSD handbook.
> >>
> >>> Joe, please try booting from a 6.2-release install ISO.  If it
> >>> works without
> >>> panicing,
> >>> then you did something wrong during the upgrade.
> >>>
> >>
> >> Downloading the image now, I'll let you know if I'm able to boot from
> >> it...
> >>
> >>> Since by your own admission your not an expert, you would be well
> >>> advised
> >>> to simply back up your files the old fashioned way, reformat your
> >>> hard disk,
> >>> install from a 6.2 boot ISO, then restore your files.  Leave the
> >>> fancy
> >>> in-place
> >>> updating to someone else.  It's a big PIA and doesen't work half
> >>> the time
> >>> anyway.
> >>>
> >>
> >>
> >> How well does simply upgrading with the CD work (as opposed to wiping
> >> clean)? I've upgraded several times to new releases simply by
> >> rebuilding world, it has never failed me in the past. I don't doubt
> >> what you are saying here, but since I will have to change how I work,
> >> assuming that I can boot off of the 6.2 CD, I'd appreciate any
> >> general upgrade tips that don't involve wiping the disk clean (which
> >> is not really an option).
> >>
> >
> > If wiping the disk really isn't an option then you have one or more
> > of the
> > following
> > problems:
> >
> > 1) Production system with a lack of hardware spares
> >
> > 2) inadequate backup plan and execution.
> >
> > People who state that wiping the disk isn't an option are screaming
> > at the top of their lungs for the hardware gremlins to explain what
> > MTBF is
> > all about.
> >
> > The gremlins will visit you, I guarentee.  And they always pick the
> > very
> > best
> > times for it too.  I just hope (if this is your workplace) that
> > your job
> > survives.
> >
>
> My production system is backed up daily to two different sites,
> that's not an issue. The system I'm thinking of upgrading to 6.2 is
> my test server I run out of my house that stores movie files and
> other non-essential files. Technically, wiping it clean *would* be an
> option if it came down to it, just an inconvenience. Perhaps I should
> in

Re: kernel panic at boot on any 6.x OS

[Ted Mittelstaedt]

- Original Message - 
From: "Joe Auty" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Daan Vreeken [PA4DAN]" <[EMAIL PROTECTED]>; "Kip Macy"
<[EMAIL PROTECTED]>; ;

Sent: Sunday, February 25, 2007 10:39 PM
Subject: Re: kernel panic at boot on any 6.x OS


> -BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> On Feb 25, 2007, at 7:56 PM, Ted Mittelstaedt wrote:
>
> >
> > - Original Message -
> > From: "Joe Auty" <[EMAIL PROTECTED]>
> > To: "Daan Vreeken [PA4DAN]" <[EMAIL PROTECTED]>
> > Cc: "Kip Macy" <[EMAIL PROTECTED]>; ;
> > 
> > Sent: Sunday, February 25, 2007 8:14 AM
> > Subject: Re: kernel panic at boot on any 6.x OS
> >
> >
> >>
> >> Any idea how this could have happened after disabling everything in
> >> my /etc/loader.conf, and simply running a:
> >>
> >> make buildworld
> >> make buildkernel KERNCONF=myconfig
> >> make installkernel KERNCONF=myconfig
> >>
> >
> > well your supposed to do this single-user, run mergemaster and a
> > few other
> > things.
> > I also don't see a make installworld.
> >
>
> I usually perform those steps after I've rebooted to ensure that my
> system will boot off the new kernel, as per the instructions in the
> FreeBSD handbook.
>
> > Joe, please try booting from a 6.2-release install ISO.  If it
> > works without
> > panicing,
> > then you did something wrong during the upgrade.
> >
>
> Downloading the image now, I'll let you know if I'm able to boot from
> it...
>
> > Since by your own admission your not an expert, you would be well
> > advised
> > to simply back up your files the old fashioned way, reformat your
> > hard disk,
> > install from a 6.2 boot ISO, then restore your files.  Leave the fancy
> > in-place
> > updating to someone else.  It's a big PIA and doesen't work half
> > the time
> > anyway.
> >
>
>
> How well does simply upgrading with the CD work (as opposed to wiping
> clean)? I've upgraded several times to new releases simply by
> rebuilding world, it has never failed me in the past. I don't doubt
> what you are saying here, but since I will have to change how I work,
> assuming that I can boot off of the 6.2 CD, I'd appreciate any
> general upgrade tips that don't involve wiping the disk clean (which
> is not really an option).
>

If wiping the disk really isn't an option then you have one or more of the
following
problems:

1) Production system with a lack of hardware spares

2) inadequate backup plan and execution.

People who state that wiping the disk isn't an option are screaming
at the top of their lungs for the hardware gremlins to explain what MTBF is
all about.

The gremlins will visit you, I guarentee.  And they always pick the very
best
times for it too.  I just hope (if this is your workplace) that your job
survives.

> For instance, is rebuilding world between point releases (e.g. 5.4 to
> 5.5) an okay idea, compared to across major releases (e.g. 5.5 to 6.2)?
>
>
> I'll do my own homework regarding this too, but I appreciate any
> nuggets of wisdom you might have! As far as me being an expert, I
> guess I'd categorize me somewhere in between complete newb and
> FreeBSD developer =)
>

The problem is that all of the ports and packages that you put on a server
change from release to release.  The developers of openssl, for example,
don't give a tinkers damn about how FreeBSD's upgrade process works,
when they are making changes in their code.

I run a number of FreeBSD servers and what I do is simply keep them patched
with security updates.  Every once in a while a security hole will be
discovered in a non-core program and if it's serious enough I'll go into the
port
and do a "make deinstall" followed by downloading and compiling the program
the "old fashioned way"  I shoot for a min of 3 years on the OS before even
thinking about updating, and when it's time to update the hardware has
generally reached the old rag stage anyway.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: pf and keep/modulate state on 6.2

[Ted Mittelstaedt]

any reason you need to use pf instead of ipfw?

Ted

- Original Message - 
From: "J.D. Bronson" <[EMAIL PROTECTED]>
To: 
Sent: Sunday, February 25, 2007 2:02 PM
Subject: pf and keep/modulate state on 6.2


> I was noticing sporadic FTP transfers DOWN to my fbsd 6.2 machine
> over my DSL line...it would go/pause/go/pause - just a bit, but
> overall slowed the transfers down quite a bit.
>
> I looked at my pf.conf file and changed MODULATE state to KEEP state
> in all places and my issues went awayfast clean consistent downloads.
>
> If I changed it back...the issues came back.
>
> is this expected behavior? - the machine is a p4-3.06 with 1GB ram
> and hardly doing anything but PPPoE and pf with NAT.
>
> Anyone have any comments they could share?
>
> -JD
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: kernel panic at boot on any 6.x OS

[Ted Mittelstaedt]

- Original Message - 
From: "Joe Auty" <[EMAIL PROTECTED]>
To: "Daan Vreeken [PA4DAN]" <[EMAIL PROTECTED]>
Cc: "Kip Macy" <[EMAIL PROTECTED]>; ;

Sent: Sunday, February 25, 2007 8:14 AM
Subject: Re: kernel panic at boot on any 6.x OS


>
> Any idea how this could have happened after disabling everything in
> my /etc/loader.conf, and simply running a:
>
> make buildworld
> make buildkernel KERNCONF=myconfig
> make installkernel KERNCONF=myconfig
>

well your supposed to do this single-user, run mergemaster and a few other
things.
I also don't see a make installworld.

Joe, please try booting from a 6.2-release install ISO.  If it works without
panicing,
then you did something wrong during the upgrade.

Since by your own admission your not an expert, you would be well advised
to simply back up your files the old fashioned way, reformat your hard disk,
install from a 6.2 boot ISO, then restore your files.  Leave the fancy
in-place
updating to someone else.  It's a big PIA and doesen't work half the time
anyway.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Could we get the FreeBSD torrent servers back?

[Ted Mittelstaedt]

- Original Message - 
From: "Chris Slothouber" <[EMAIL PROTECTED]>
To: 
Sent: Saturday, February 24, 2007 10:02 PM
Subject: Re: Could we get the FreeBSD torrent servers back?


> Ted Mittelstaedt wrote:
> > - Original Message - 
> > From: "Andrew Lentvorski" <[EMAIL PROTECTED]>
> > To: 
> > Sent: Saturday, February 24, 2007 6:38 PM
> > Subject: Could we get the FreeBSD torrent servers back?
> >
> >
> >> Can we please get the FreeBSD torrent tracker and/or server back?
> >>
> >> (snip)
> >>
> >
> > Nobody pays the mirrors for their bandwidth.  They are hosting and
> > paying for the bandwidth out of the goodness of their hearts.
> >
> > Nothing is stopping you from setting up your own torrent server on a big
> > fast
> > pipe that everyone else can use, and not pay you for.
> >
> > I don't know for sure how other ISP's do it but we definitely use
> > bandwidth limitations on the servers we host, customers that pay a lot
> > get a lot, customers that pay less get less, and the freebie servers
> > get whatever is left over after the paying customers have had their
fill.
> >
> > (snip)
> >
> > I would suspect if you examined the financing scheme used for the Linux
> > download servers you would find that it is quite different than FreeBSD.
>
> But isn't the whole point of peer to peer file distribution to
> *distribute* the bandwidth requirements to the point that the costs
> involved for each of the individual peers is trivial but the client
> receiving the file still obtains full speed of a direct download?

Most of the time the way peer-to-peer filesharing is used, the point is to
hide the sources of the streams, in order to distribute illicit material.

What your talking about only works if you have a large group of FreeBSD
volunteers
that are willing to run the torrent servers.  Let's assume that only 0.01%
of any
population group would step up to the plate to offer a torrent server.  Well
I can see a Linux torrent network working because Linux has an order of
magnitude
greater number of users than FreeBSD.  But I think you would find it
impossible
to recruit something like 1000 FreeBSD users to step up to the plate and
offer a torrent server.  The population numbers just aren't there.  Worse,
the
initial people that offer the server are going to get the brunt of the load
and
you can't give them any guarentee that your going to be able to recruit
future
torrent servers to lessen the work on them.

Like out-of-control-broadcating on an Ethernet nework, sometimes in
networking
things just coalesce out of nowhere when the network gets large enough.  I
don't
think we have enough FreeBSD users in the population to depend on things
like
this just appearing by themselves.

FreeBSD came to the "grow big or grow well" crossroads many years ago and
took the "grow well" path.  Linux took the "grow big" path.  It is very much
like
what happened to MacOS and Windows.  One grew big, the other grew well.
Today, though, neither can really change.  FreeBSD can no more displace
Linux
in terms of numbers and in terms of newbies using it, than Linux could
displace
FreeBSD in terms of being able to be usable for commercial products, or
displace
FreeBSD in terms of being able to collect the absolute best developers in
the
industry.  I think the Open Source world is much better off for this
happening since
it gives more different choices for the consumers, but by the same coin your
going to be frustrated if you try to make FreeBSD look, walk and talk just
like
Linux.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Could we get the FreeBSD torrent servers back?

[Ted Mittelstaedt]

- Original Message - 
From: "Andrew Lentvorski" <[EMAIL PROTECTED]>
To: 
Sent: Saturday, February 24, 2007 6:38 PM
Subject: Could we get the FreeBSD torrent servers back?


> Can we please get the FreeBSD torrent tracker and/or server back?
>
> I was sitting here staring at an FTP from ftp5.us.freebsd.org that was
> bouncing around between 200-250KB/s.  Even switching over to
> ftp1.us.freebsd.org is only getting me around 450KB/s-and that is
> bouncing up and down (my upload is only showing 12.7KB/s, so it's not
> choking for lack of return ACK's).
>
> That's about 1/3 - 2/3 compared with even a lightly seeded Bittorrent
> cluster pulling a Linux ISO torrent.  A Linux torrent will saturate my
> download somewhere north of 600KB/s and park it there until the ISO
> completes.
>
> For reference, the old FreeBSD torrent file, even *without* the FreeBSD
> tracker, operating solely from 10 old seeders, and the Azureus
> distrubuted hash table, is delivering almost the same download as
> ftp5.us.freebsd.org.  And that's effectively an abandoned torrent.
>
> I have read some of the previous comments about using torrents, but the
> fact that the mirrors are clearly *not* as fast as a torrent cluster
> warrants some discussion.
>

Nobody pays the mirrors for their bandwidth.  They are hosting and
paying for the bandwidth out of the goodness of their hearts.

Nothing is stopping you from setting up your own torrent server on a big
fast
pipe that everyone else can use, and not pay you for.

I don't know for sure how other ISP's do it but we definitely use
bandwidth limitations on the servers we host, customers that pay a lot
get a lot, customers that pay less get less, and the freebie servers
get whatever is left over after the paying customers have had their fill.

Trust me, the admins that run the mirrors -do know- how to give you
your 600Kbps on an FTP transfer.  The reason your not getting it, is
because they are choosing not to give that out, for one or more of a
host of reasons, some of which are undoubtedly related to how the pipe
is being paid for.

I would suspect if you examined the financing scheme used for the Linux
download servers you would find that it is quite different than FreeBSD.

There are quite a lot of Linux users out there who think nothing of
paying $100 for a Linux distribution in a cardboard box that they could
download for free from the same distributor.  They are subsidizing all
the other Linux users who are downloading Linux for free, and everyone
in the Linux world seems to be perfectly happy with this.

I used to get around 600Kbps from the old Walnut Creek CDROM server
when I pulled down FreeBSD, via FTP, years ago.  Routinely.  And
that server had an upper limit of something around 2-3000 users.  But
of course, Walnut Creek went out of business.

FreeBSD isn't Linux, and this is one of the ways that it shows.  I
personally
am very happy to trade a few hundred kbps on downloading an ISO that I
do a couple of times a year, in exchange for having Red Ha.. I mean the
FreeBSD
Foundation suddenly announce that "FreeBSD Enterprise" is now a chargable
item and you will have to download Fedor... I mean FreeBSD Lite, if you want
your free operating system.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: dual monitors

[Ted Mittelstaedt]

You probably need to ask on one of the xorg mailing lists since this is an X
thing, not a FreeBSD thing.

Ted

- Original Message - 
From: "Eric Stringer" <[EMAIL PROTECTED]>
To: 
Sent: Saturday, February 24, 2007 7:55 PM
Subject: dual monitors


> I've got FreeBSD 6.2 running with KDE 3.5 with an ATI 9700Pro card.  I
have
> my 37" LCD TV attached to the digital out, and my 17" lcd monitor attached
> to the analog out.  In the console (not running X) it outputs the same
thing
> to both TV and monitor, which is fine.  However, when I get into KDE it
only
> outputs to my 17" monitor.  I really just want it to output to the TV, but
> dual monitors would be nice also.  Any advice would be greatly
appreciated.
> Thanks,
> Eric
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Licensing question about GPL/LGPL binaries

[Ted Mittelstaedt]

- Original Message - 
From: "Jeffrey Goldberg" <[EMAIL PROTECTED]>
To: "Kövesdán Gábor" <[EMAIL PROTECTED]>
Cc: 
Sent: Friday, February 23, 2007 9:02 AM
Subject: Re: Licensing question about GPL/LGPL binaries


> [freebsd-emulation cut from cc]
>
>
> On Feb 23, 2007, at 5:53 AM, Kövesdán Gábor wrote:
>
> > The question is that can we extract and provide these binaries in a
> > simple tar.gz file or is that considered a GPL/LGPL violation? The
> > sources are freely available on slackware.com, but we are not sure
> > doing so is legally correct. What do you think about this?
>
> Gábor,
>
> What you plan to do is perfectly fine under the GPL as long as
>
> (1) What you distribute is under the GPL license
> (2) You let people know where they can freely get the source
> (3) You don't take credit for work that isn't yours.
>

Jeffrey,

  Kovesdan is not modifying the binaries or the sources, thus there is no
need for him to GPL license his distribution - the files in his distribution
already carry their own GPL license.  He just needs to include all of the
files, which by GPL requirement, are going to include a copies of the GPL
licenses that are applied to those files, as well as instructions as to
where
to get the sources.  He does not need to further apply some kind
of 'overall' GPL license to his distribution.

  It's a similar issue as someone running an FTP server with GPL software
on it, they are merely serving as a venue for the distribution.

  It's a fine point to be sure, but an important one espically as the FSF is
aiming to have multiple, incompatible, versions of the GPL floating around.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Enet driver for Marvell

[Ted Mittelstaedt]

That driver isn't in FreeBSD 6.2 release

you can get it here for 6.2 plus instructions to install it:

http://www.se.hiroshima-u.ac.jp/~shigeaki/software/freebsd-nfe.html

It will be in FBSD 7

Ted
- Original Message - 
From: "jekillen" <[EMAIL PROTECTED]>
To: "FreeBSD Mailing List" 
Sent: Monday, February 19, 2007 8:21 PM
Subject: Enet driver for Marvell


> Hello;
> A while ago, a matter of a few months I inquired of this list regarding
> installation of FreeBSD v6.0 on ASUS M2N32 WS Pro motherboard.
> I was not able to set up dual ethenet inter faces as the only option
> presented by sysinstall when configuring enet interface was
> fw30 as firewire ethernet emulation. I was advise to upgrade to v6.2
> which I have just done. I still do not have more than the fwe interface
> presented.
> The response to the original message, I can not find, but I was told
> that the motherboard was probably one with new Marvell interfaces.
> Now, I have looked at the features listed on the motherboard package
> and there it is;
> 2x Marvell 88E1116 PHY
> Is there a driver that has to be activated by kernel config setting or
> what is the status of support for this hardware in FreeBSD?
> I just looked through the supported hardware/ethernet devices for
> the i386 architecture and did not find any reference to Marvell.
> I purchase a cd set of v6.2 cds from FreeBSD Mall (not inplying
> any criticism, just that it represents a method of contribution to
> this project).
> This is frustrating because this machine is supposed to be a production
> web server. Hardware including dual 15K SCSI drives and adapter  has run
> in the neighborhood of $1000 and it still is not useful for it'
> intended purpose
> Any info or advice appreciated
> Thanks in advance;
> Jeff K
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ADSL-2 internal modem ?

[Ted Mittelstaedt]

- Original Message - 
From: "Norberto Meijome" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Derek Ragona" <[EMAIL PROTECTED]>;

Sent: Monday, February 19, 2007 3:18 PM
Subject: Re: ADSL-2 internal modem ?


> On Sun, 18 Feb 2007 13:01:51 -0800
> "Ted Mittelstaedt" <[EMAIL PROTECTED]> wrote:
>
> > From: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> > To: "Norberto Meijome" <[EMAIL PROTECTED]>, "Derek Ragona"
> > <[EMAIL PROTECTED]> Cc: 
> > Subject: Re: ADSL-2 internal modem ?
> > Date: Sun, 18 Feb 2007 13:01:51 -0800
> > X-Mailer: Microsoft Outlook Express 6.00.2800.1807
> >
> >
> > Get the instructions from your ISP for setting up a bridged modem
> > with PPP under Windows.  Do the same thing for FreeBSD except
> > use PPPoE under FreeBSD.
>
> Thanks Ted - I was wondering whether such thing as an internal PCI ADSL2
modem
> exists

Regular ADSL.  It does, I have one on the shelf at my office.  Intel made
them for a
while and Qwest used them on the Qwest DSL network.  I bought the one we
have
mainly as a curiosity.

> (and is supported by FreeBSD )

No, no support there.

> - I can easily do the bridged modem
> connected via ethernet to my BSD box.
>

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Apache 1.3.x bandwich limiter

[Ted Mittelstaedt]

In my opinion,

  Your best of setting the maximum number of simultaneous sessions
that your Apache will spawn, (MaxClient setting) rather than trying to
limit bandwidth.  Read the following:

http://httpd.apache.org/docs/1.3/misc/perf-tuning.html

The reason for doing it this way is if you server gets hit at 5:00pm with
100
simultaneous requests of 10K each, and you want to limit your bandwith
to 500k, you better off having 50 of those requests served out the 10K,
and 50 of them simply denied, than all 100 of them being served out the 10K
at half-speed.  (or 200 requests being served out at quarter speed, etc.)

The 50 people who get denied will simply retry a few minutes later.
But, if you respond to all 100 requests, then a lot of the respondents may
think your server is too slow, and terminate the browser session when
30% of the data has been transferred to them, then wait and retry later.
You may have this happen with some of them 2 or 3 times.  The end result
is a lot of the connection requests will cause your server to ultimate
transmit
16 or19K for every 10K request, thus increasing your overall bandwidth
usage.

Needless to say, I assume you have ALREADY done the normal things like
change all your images on your site to highly compressed jpgs, rewrite your
webpages to reduce graphic load and increase text to make them smaller,
get rid of bullcrap like macromedia flash, etc. in other words, put your web
pages on a diet.

Ted

- Original Message - 
From: "Grzegorz Pluta" <[EMAIL PROTECTED]>
To: 
Sent: Sunday, February 18, 2007 4:29 AM
Subject: RE: Apache 1.3.x bandwich limiter


> BANDWIDTH is what I ment ofcourse ;]
> sorry for the mistake.
> cheers,
>
> > -Original Message-
> > From: Grzegorz Pluta [mailto:[EMAIL PROTECTED]
> > Sent: Sunday, February 18, 2007 1:27 PM
> > To: 'freebsd-questions@freebsd.org'
> > Subject: Apache 1.3.x bandwich limiter
> >
> > Hello!
> > Id like to limit my both incoming and outgoing bandwich
> > to/from my apache 1.3.x server... I know there are modules
> > that can do the trick, but could you possibly reccomend me
> > any good ones?
> >
> > thanks in advance,
> > Greg
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ADSL-2 internal modem ?

[Ted Mittelstaedt]

Get the instructions from your ISP for setting up a bridged modem
with PPP under Windows.  Do the same thing for FreeBSD except
use PPPoE under FreeBSD.

Ted

- Original Message - 
From: "Norberto Meijome" <[EMAIL PROTECTED]>
To: "Derek Ragona" <[EMAIL PROTECTED]>
Cc: 
Sent: Saturday, February 17, 2007 4:10 PM
Subject: Re: ADSL-2 internal modem ?


> On Sat, 17 Feb 2007 08:08:39 -0600
> Derek Ragona <[EMAIL PROTECTED]> wrote:
>
> > Use an external and connect it to your server via ethernet.
> >
> >  -Derek
> >
>
> thanks Derek, i knew i can do this anytime easily - i was just wondering
about
> doing the lot in BSD...
>
> thanks!
> _
> {Beto|Norberto|Numard} Meijome
>
> We've been wrong so many times before, why stop now?
>
> I speak for myself, not my employer. Contents may be hot. Slippery when
wet.
> Reading disclaimers makes you go blind. Writing them is worse. You have
been
> Warned.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Support for Silicon Image 3124 SATA controller?

[Ted Mittelstaedt]

Send an e-mail to the maintainer of the ata driver.  I
belive this is Soren right now.  Look in the header of the
source code to find out who is maintaining it.

Ted

- Original Message - 
From: "Dieter" <[EMAIL PROTECTED]>
To: 
Sent: Friday, February 16, 2007 7:12 AM
Subject: Support for Silicon Image 3124 SATA controller?


> I don't see the Sil 3124 SATA controller listed in the
> 6.2 ata(4) man page.  Are there any plans to support it?
> I'm told that it is a significant improvement over previous
> Sil chips.  It even has documentation!
>
> Overview:
> http://www.siliconimage.com/products/product.aspx?id=27
> Datasheet:
> http://www.siliconimage.com/docs/SiI-DS-0160-C.pdf
> Another, longer, datasheet
> http://gkernel.sourceforge.net/specs/sii/
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: serious performance problems with 6.2 Release

[Ted Mittelstaedt]

SOFTWARE defects that are specific to hardware that are
not documented in the PR database generally do not get fixed.

You usually don't document hardware defects in the PR database
since by definition these generally cannot be corrected by fixes in
the FreeBSD code.

Ted

- Original Message - 
From: "Freminlins" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: 
Sent: Friday, February 16, 2007 2:45 AM
Subject: Re: serious performance problems with 6.2 Release


> Ted,
>
> On 16/02/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> >
> >
> > I don't know where your getting the impression that I said this was a
> > hardware bug.
> >
>
> Umm, quoted from you above: "Defects that are specific to hardware that
are
> not documented in the PR database generally do not get fixed. "
>
> If I didn't know this is simply the way you are at times I would think you
> have gone mad.
>
> Ted
>
>
> Frem.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: serious performance problems with 6.2 Release

[Ted Mittelstaedt]

- Original Message - 
From: Freminlins
To: Ted Mittelstaedt
Cc: freebsd-questions@freebsd.org
Sent: Thursday, February 15, 2007 11:14 AM
Subject: Re: serious performance problems with 6.2 Release


>Please sort out your formatting. It looks horrible.

funny how nobody else that quoted it seemed to have a problem.

>I've snipped your assumption that this is a hardware problem
> because it is misleading at this stage. It could well be a configuraiton
issue.

I'll quote then from the OP's post:

...This is a supermicro superserver 6022c dual 2.0 Xeon with 2GB RAM.
 These CPUs do support hyperthreading
...If we disable hyperthreading in the bios and have it disabled in the OS
then FreeBSD sees one physical and one logical processor (from dmesg)
and only uses processor 0

Disabling or enabling hyperthreading on a dual-Xeon BIOS has nothing to
do with the number of physical CPU's FreeBSD sees.  If there are 2 physical
CPU's on the motherboard and both CPU's are "enabled" (regardless of
whether hyperthreading is turned on or off in BIOS) then FreeBSD should
be seeing 2 physical CPUs.  The fact that it is not is a kernel bug that is
very related to hardware.

I don't know where your getting the impression that I said this was a
hardware
bug.  Clearly it is not a hardware bug if -other- operating systems are
seeing and
using both CPUs.  The hardware is operating as it was designed to do.  The
problem is that FreeBSD has a defect in that it cannot properly detect and
setup
for this hardware.  If you object to the use of the word "defect" then
substitute
"lack of code" instead.

I never siad that the OP's SuperMicro motherboard adhered to any industry
"standard" for SMP systems.  I myself have had mixed luck with SuperMicro
motherboards back in the early days of FreeBSD SMP, both uniprocessor
and SMP boards.

Unfortunately, these problems are usually only fixed by getting a sample of
the motherbord in the hands of a developer.  I assume this particular board
is
no longer in production, so most likely the OP won't ultimately be able to
get it fixed unless he parts with one of his machines - although a number of
folks
with hardware/software problems like this have been able to get developers
to fix them by putting their hardware online and giving the developer remote
access.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: **questions** Re: serious performance problems with 6.2 Release

[Ted Mittelstaedt]

- Original Message - 
From: "Kris Kennaway" <[EMAIL PROTECTED]>
To: "Steven H. Baeighkley" <[EMAIL PROTECTED]>
Cc: 
Sent: Thursday, February 15, 2007 10:28 AM
Subject: Re: **questions** Re: serious performance problems with 6.2 Release


> On Thu, Feb 15, 2007 at 10:50:18AM -0700, Steven H. Baeighkley wrote:
> > If bugs is the correct list then that's where we'll send it. However we
> > were not initially thinking it was a bug. We were thinking it was a
> > configuration error on our part. We certainly weren't expecting kernel
> > patches, just advice on where next to proceed. Thanks for the send-pr
> > suggestion. We have verbose dmesg logs for all of our testing, I didn't
> > want to send them initially because they are large and we have 12 of
them.
>
> bugs isn't correct either, that's only for automated mailing of
> problem reports.  I'd recommend either freebsd-stable or
> freebsd-performance, those are technical lists read by developers.
>
> Kris
>
> P.S. I second the recommendation to ignore Ted :-)

Oh, your answer is then to just send him to another list?

So, I'm wrong for telling him to get out of here and go to send-pr,
and your right for telling him to get out of here and go to another mailing
list.  Uh huh.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: serious performance problems with 6.2 Release

[Ted Mittelstaedt]

- Original Message - 
From: "Greg Barniskis" <[EMAIL PROTECTED]>
To: 
Cc: "Steven H. Baeighkley" <[EMAIL PROTECTED]>
Sent: Thursday, February 15, 2007 10:12 AM
Subject: Re: serious performance problems with 6.2 Release


> Ted Mittelstaedt wrote:
> >>> questions isn't for bugs.  I don't mean to be rude but you won't get
the
> >>> problem fixed by bitching about it on this mailing list.
>
> Good gravy. They're not asking -questions for a fix, they're asking
> for guidance on how to isolate the root cause of the problem. Quoth
> the OP: "*what are we missing?*"
>
> That is perfectly germane for -questions and only /after/ that
> question is answered

Then, post some steps and quit metadiscussing.

 would it be appropriate to use send-pr. Using
> send-pr to submit a poorly defined problem ("too much load") is not
> going to result in a project committer magically finding and fixing
> an unknown OS bug.
>

The original post was not poorly defined.  Certainly not compared to
the average PR.  The only things missing were BIOS and board revisions
and the diagnostic log.

>
> > Steven H. Baeighkley wrote:
> >> If bugs is the correct list then that's where we'll send it. However we
> >> were not initially thinking it was a bug. We were thinking it was a
> >> configuration error on our part.
>
> That's a reasonable assumption actually. Sorry I don't have any
> specific suggestions for you except to second the motion that you
> ignore Ted's assertion that you should give up on -questions. It's
> entirely possible that there's a tunable knob or app compilation
> option that will help you out.
>

If you would care to suggest something I'm sure the OP would be
all ears.  So far you have only posted sheer speculation.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: **questions** Re: serious performance problems with 6.2 Release

[Ted Mittelstaedt]

- Original Message - 
From: "Steven H. Baeighkley" <[EMAIL PROTECTED]>
To: 
Sent: Thursday, February 15, 2007 9:50 AM
Subject: Re: **questions** Re: serious performance problems with 6.2 Release


> If bugs is the correct list then that's where we'll send it. However we
> were not initially thinking it was a bug. We were thinking it was a
> configuration error on our part. We certainly weren't expecting kernel
> patches, just advice on where next to proceed. Thanks for the send-pr
> suggestion. We have verbose dmesg logs for all of our testing, I didn't
> want to send them initially because they are large and we have 12 of them.
>

If you have 4 CPU's and FreeBSD is only seeing 2 of them then I'd say it's
a bug!

You can always post a link to where the logs are.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: serious performance problems with 6.2 Release

[Ted Mittelstaedt]

- Original Message - 
From: "Freminlins" <[EMAIL PROTECTED]>
To: 
Sent: Thursday, February 15, 2007 8:49 AM
Subject: Re: serious performance problems with 6.2 Release


> On 15/02/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> >
> > please use send-pr and include a dmesg output with debugging turned on,
> > and exact model of motherboard and bios revision.
> >
> > questions isn't for bugs.  I don't mean to be rude but you won't get the
> > problem fixed by bitching about it on this mailing list.
>
>
> Ignore Ted.
>
> There is nothing wrong with your post to questions. There wasn't any
> bitching. Your post was very appropriate. Indeed, all you askedin the end
> was "please help". You won't get that from Ted.
>

We are all ears for your suggestions to help him fix this, Frem.  I'm sure
we
all expect to see some kernel patches from you any day now.

Please review the charter of this list.  If this was supposed to be fixed on
a
mailling list, freebsd-bugs would be at least a bit closer to the mark.

To the Original Poster - no, what you are seeing is not appropriate
behaviour for
the operating system.  Yes, it is a defect.  No, you won't see any patches
to
fix the behavior from the yahoos that post here.  As I said originally, you
need to
use send-pr.  Defects that are specific to hardware that are not documented
in
the PR database generally do not get fixed.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: GMail [and other free email] and these lists?

[Ted Mittelstaedt]

- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Cc: 
Sent: Thursday, February 15, 2007 1:36 AM
Subject: Re: GMail [and other free email] and these lists?


> > > > space on my ancient PII.
> > >
> > > wow, PII these days..
> > > is anybody still running on 486? :D
> >
> > I am. :P As a small router, I does it's work just fine. :D
>
> I've got a 486 FreeBSD-based GNATbox firewall, temporarily in
> retirement until I get around to switching DSL ISPs, but my entry
> in the geriatric-hardware-still-in-use dept. is a Sun-3/50, with
> SunOS 4.1.1_U1, as UUCP-connected mailhost :)
>
> The Sun has a goofy MTU problem though -- anyone been around long
> enough to remember what magic is needed to get one of those to work
> properly when talking through a 10Base-T hub?

I think the patch here is what you want:

http://stuff.mit.edu/afs/sipb/project/doc/ikernel/ikernel.ps

You will need postscript to print it out.

you might look here too:

http://www.sunmanagers.org/archives/1996/0771.html

Under SunOS, I typically apply the multicast patches (available from
ftp://parcftp.xerox.com/pub/net-research/ipmulti/), as well as support for
the Berkeley Packet Filter (ftp://ftp.ee.lbl.gov/bpf.tar.Z). I'm alsocareful
to turn on UDP checksums5, increase the size of tcpsendspace and
tcprecvspace, and increase theTCP MSS (Maximum Segment Size) from the lame
default of 512 to 14606. To accomplish this, I addthese lines to my config
file7:# Various parameters in in_proto.c:options "TCPSENDSPACE=\(1024*64\)"
# We liv e in a world of high bw*delay,options "TCPRECVSPACE=\(1024*64\)" #
so lets try and deal.options "TCPDEFAULTMSS=1460" # Tcp max. segment
size.options "UDPCKSUM=-1"# Udp checksumsAnd then apply the following patch
to /sys/netinet/in_proto.c:*** in_proto.c1996/02/21 04:33:251.2--- 
in_proto.c1996/02/21 05:01:391.35It used to be thought that UDP checksums
weren't very important because packets wouldn't get corruptedvery often and
they were expensive to compute. At this point computation isn't very
expensive at all, and nothaving UDP checksums turned on can lead to
corrupted data in surprising places, like the Domain Name Sys-tem (DNS). You
really want them on.6Because SunOS doesn't support Path MTU Discovery
(RFC1191), this may result in some packets beingfragmented by routers just
before low-MTU links. IMHO, folks maintaining links with MTUs beneath
1500deserve to lose, so this result is just fine.7note. this whole section
needs reformatting


  Page 5
-4-** 153,165 * Default TCP Maximum Segment Size - 512
to be conservative,* Higher for high-performance routers*/! int
tcp_default_mss = 512;/** Default TCP buffer sizes (in bytes)*/! int
tcp_sendspace = 1024*4;! int tcp_recvspace = 1024*4;/** size of "keep alive"
probes.--- 153,174 * Default TCP Maximum Segment Size - 512 to be
conservative,* Higher for high-performance routers*/! #ifndef TCPDEFAULTMSS!
#define TCPDEFAULTMSS 512! #endif! int tcp_default_mss = TCPDEFAULTMSS;/**
Default TCP buffer sizes (in bytes)*/! #ifndef TCPSENDSPACE! #define
TCPSENDSPACE (1024*4)! #endif! #ifndef TCPRECVSPACE! #define TCPRECVSPACE
(1024*4)! #endif! int tcp_sendspace = TCPSENDSPACE;! int tcp_recvspace =
TCPRECVSPACE;/** size of "keep alive" probes.


  Page 6
-5-** 170,176 int tcp_keepidle = TCPTV_KEEP_IDLE;/* for
Keep-alives */int tcp_keepintvl = TCPTV_KEEPINTVL;! int udp_cksum = 0;/*
turn on to check & generate udp checksums */int udp_ttl = 60; /* default
time to live for UDPs *//*--- 179,188 int tcp_keepidle =
TCPTV_KEEP_IDLE;/* for Keep-alives */int tcp_keepintvl = TCPTV_KEEPINTVL;!
#ifndef UDPCKSUM! #define UDPCKSUM 0! #endif! int udp_cksum = UDPCKSUM; /*
turn on to check & generate udp checksums */int udp_ttl = 60; /* default
time to live for UDPs *//*5. Interactively debugging a kernelkadb, kgdb,
ddb, symmon5.1. Using kadbkadb is the Sun kernel debugger. It may be booted
with boot kadb at which point it the boot loaderloads the kernel debugger,
and the kernel debugger then loads the SunOS or Solaris kernel.kadb accepts
standard adb commands, including $c to continue (resume exection of the OS)
and $qto quit (exit to the ROM monitor).6. Configuring kernel crash dumps7.
Forcing a kernel crash dumpOn an OpenBOOT SPARC:0 set-pcgo8. Debugging a
kernel crash dump8.1. Using adb or dbx8.2. Using crash9. Patching the
kernel9.1. Patching variables9.2. Patching code


  Page 7
-6-9.2.1. Patching the running kernelDungeon would ask you, "Do you wish me
to try to patch you?", and if you said "No", it wouldreport:What? You don't
trust me? Why, only last week I patched a runningRSX system and it survived
for over thirty seconds. Oh, well.10. Acknowl

Re: serious performance problems with 6.2 Release

[Ted Mittelstaedt]

please use send-pr and include a dmesg output with debugging turned on,
and exact model of motherboard and bios revision.

questions isn't for bugs.  I don't mean to be rude but you won't get the
problem fixed by bitching about it on this mailing list.

Ted

- Original Message - 
From: "Steven H. Baeighkley" <[EMAIL PROTECTED]>
To: 
Sent: Wednesday, February 14, 2007 4:09 PM
Subject: serious performance problems with 6.2 Release


> Greetings,
>
> We are having some bizarre performance problems on a freshly installed
> 6.2 Release server. This is a supermicro superserver 6022c dual 2.0 Xeon
> with 2GB RAM. These CPUs do support hyperthreading. We have done
> significant testing with both hyperthreading turned on and off in the
> bios and in the OS, to no avail.
>
> The server is configured as a web server with apache 2.2.4 php 5.2.0 and
> ZendOptimizer. We are running proftpd 1.3.1rc1 and perl 5.8.8. We have
> another server running 4.11 with the same exact hardware and software
> versions. We have updated to the newest bios that Supermicro provides.
>
> The trouble is that the 6.2 box performs significantly worse than the
> 4.11 server. The load on the 6.2 server is regularly between 2.0 and
> 6.0. The load on the 4.11 server is between .57 and 1 despite often
> servicing more connections.
>
> We began this process to upgrade into the 6 tree because 4 is EOL. We
> kept the old 4.11 drive from this machine and when replacing it into the
> box performance is excellent just like our other 4.11 box. We have tired
> multiple tuning variables as recommended by both FreeBSD and apache and
> tried the recommendations in the 6.2 errata as well. The 6.2 errata
> states that kern.ipc.nmbclusters="0" will help the kernel memory
> allocator properly deal with high network traffic. We tried this and
> initially thought that the box was showing wonderful performance, but
> then we realized that the box was not allowing much network access at
> all. A single ssh and proftpd connection were all it would accept.
> Apache wouldn't even start giving a MaxClients error. Removing this
> option returned it to functional though poor performance mode. Are we
> missing something with how to use this variable? IS this expected
behavior?
>
> This particular hardware does display some oddities on both machines,
> running either 6.2 or 4.11. We know that FreeBSD has hyperthreading
> turned off by default. We have done some additional testing with
> hyperthreading turned on in the OS, but we wish for it to remain off due
> to security concerns. If we disable hyperthreading in the bios and have
> it disabled in the OS then FreeBSD sees one physical and one logical
> processor (from dmesg) and only uses processor 0. If we enable
> hyperthreading in the bios and leave it disabled in the OS it will show
> 4 CPUs but only use 0 and 2. Top will show that there is 50% idle CPU
> despite the fact that the box is 100% loaded, CPU 1 and 3 are idle. We
> would expect that FreeBSD would not see logical processors when
> hyperthreading was disabled in either the BIOS or the OS. This may just
> be a communication problem between the BIOS and FreeBSD, but we don't
> see this behavior on other supermicro servers with hyperthreading.
>
> VMSTAT, NETSTAT, NFSSTAT and FSTAT show similar numbers between both
> servers, certainly nothing that would explain why a single httpd process
> requires 20% of a CPU on the 6.2 box and only 5-7% on the 4.11, but we
> could easily be missing something.  We suspected NFS or disk
> bottlenecks, but ran IOZONE tests and found that the 6.2 box is actually
> having better performance on nfs and disk access. We are running a
> slightly customized SMP kernel with device polling enabled. The only
> bottleneck apears to be CPU usage, which works fine on 4.11.
>
>  From what we've read we should not be seeing these performance problems
> with 6.2. So what are we missing? We assume its something stupid that
> will fix this problem quickly and easily, but so far, despite all the
> resources, we have been unable to find a problem with enough in common
> with our own to suggest possible solutions.
>
> Please Help.
>
> thanks
> Steve B
>
> -- 
> ---
> Steven H. Baeighkley - Systems Administrator
> Front Range Internet, Inc.
> [EMAIL PROTECTED] - (970) 212-0756
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Low-cost dedicated FreeBSD server or non-jail VPS?

[Ted Mittelstaedt]

- Original Message - 
From: "Preston Hagar" <[EMAIL PROTECTED]>
To: 
Sent: Monday, February 12, 2007 11:02 AM
Subject: Re: Low-cost dedicated FreeBSD server or non-jail VPS?


> On 2/10/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> >
> >
> > - Original Message -
> > From: "Jay Chandler" <[EMAIL PROTECTED]>
> > To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> > Cc: "FreeBSD Questions" 
> > Sent: Friday, February 09, 2007 9:57 AM
> > Subject: Re: Low-cost dedicated FreeBSD server or non-jail VPS?
> > >
> > > Maybe that's an option for you, but I'm looking at spending a minimum
of
> > > another $60 every month to my ISP if I want those services.  I haven't
> > > been sufficiently impressed to feel that they warrant that extra fee.
> > >
> >
> > Maybe they haven't significantly impressed you because you bought the
> > cheap service?
> >
> > Hell - $60 compared to a colo feel of $50?  (the cheapest I've seen
> > someone post here)  In other words, you have a choice between
> > actually having the physical box right there, vs having it 1000 miles
> > away, and your in a -learning- situation?  And your going to cut off
your
> > nose to spite your face just because of some issue with your ISP?
> > What are they currently doing to you to warrant that?
> >
> > Without knowing your connectivity and how good/reliable/bad it is it's
> > difficult to make a judgement call.  But, I can say from experience that
> > there isn't any -TECHNICAL- reason that cheaper DSL or cable
> > connectivity can't be made as reliable as, say, a T1.
> >
> > There's not many places in the United
> > States that you can't find multiple competing broadband providers.  It's
> > a lot different overseas, but here in the US if you don't like your ISP
> > there's
> > usually another one around the corner.
> >
> > Ted
>
>
> But the problem in the US is that the physical lines are owned by one
> company that all other providers are at the mercy of.  There are federal
> regulations in place to try to keep the line owners (Verizon, SBC, etc.)
> from abusing their powers, but they are pretty weak.  I had this exact
> situation bite a customer of mine not too long ago.  They hosted their
> server out of their office on DSL with a static IP through Speakeasy (a
> reseller).  Speakeasy informed them that the people that owned the lines
> (Covad) had sold them to Verizon and that they would have to switch DSL
> modems, but that the outage should be minimal.  I told them to plan for a
> full day of outage (even though the rep told us 2-3 hours), so they did.
> Well, when they switched over, something was wrong and the new modem would
> not connect.  After several hours on the phone with Speakeasy, Speakeasy
had
> determined that it was a problem at the CO and that Verizon would have to
> fix it.  We could not call Verizon, they would not speak to us and
Speakeasy
> only had the ability to submit trouble tickets and escalate them (common
to
> all third party providers in our area).  Although we screamed and shouted
> and threatened lawsuits (the customer was a law firm), there was nothing
> Speakeasy could do.  I was then informed that if we had a T1, regulations
> would require a 24 hour response time, but since this was "only" Business
> DSL without a SLA (service level agreement), that it could be a week or
two
> before they got someone to check it out at the CO.
>
> Long story short, they were out for a week.  Finally it was fixed.  We
> learned then and there that although they may call it Business class DSL
and
> although the company you write your check to every month may have a
stellar
> customer service record, if there is a problem in the last mile or at the
> CO, then you are at the mercy of whatever major telco owns your lines, and
> that if you do not have a T1 or higher, or at least DSL service with a
SLA,
> then you are treated no better that a residential customer in terms of
> returning you back to service (could be 1-2 weeks).
>

I hate to spoil your rant, (it's a great rant, by the way) but I've been
dealing
with Verizon for years.  What Speakeasy told you wasn't true.  Yes, Verizon
has an extensive trouble ticket system and they tell all their ISPs that
they have to
use it.  However, Verizon also has a secret set of phone numbers that are
direct lines to the support techs.  (and no, I ain't giving you or anyone
those
numbers)  For example I just had a situation like that last week - customer
DSL line problem.  I submitted the trou

Re: GMail [and other free email] and these lists?

[Ted Mittelstaedt]

- Original Message - 
From: "Gerard Seibert" <[EMAIL PROTECTED]>
To: "User Questions" 
Sent: Monday, February 12, 2007 2:16 PM
Subject: Re: GMail [and other free email] and these lists?


> On Monday February 12, 2007 at 04:45:44 (PM) Jeff Rollin wrote:
>
>
> > In what way does Gmail suck?
>
> 1) No White Listing
> 2) No configurable SPAM Filtering
> 3) Bcc doesn't work
> 4) 500 message a day limit.
> 5) No PGP or S/MIME support
> 6) No able to 'Forward as Attachment'
> 7) Doesn't handle 'sig delimiter'
> 8) No ability to create or sort to folders.
> 9) No IMAP support
> 10. Is routinely blacklisted by SORBS, among other blacklisting services.
>
> The list just goes on and on. Get on the GMail discussion list and see
> what some of it's users have to say about it. It is good enough for
> someone who's greatest need is writing to Grandma, but that is about it.
>

Hey, gmail rocks, I use it as a test mail account all of the time.  Not for
production of course, but for sending test messages there's nothing wrong
with it. ;-)

Could anyone speculate as to why a user on gmail would have the nerve to
bitch about the service?  They are getting what they paid for, after all!
;-)

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Onpening and Closing ports

[Ted Mittelstaedt]

- Original Message - 
From: "Robert C Wittig" <[EMAIL PROTECTED]>
To: 
Sent: Monday, February 12, 2007 1:53 PM
Subject: Re: Onpening and Closing ports


> Dave Carrera wrote:
> > Hi All,
> >
> > Had a little nasty person trying to break my sshd on port 22.
> >
> > I need to change and open a new port for sshd but i do not know how.
> >
> > Can one of you kind people help me with this please
> >
> > Many kind regards
> >
>
> Instead of changing the sshd port, I set a PF rule that only permits
> port 22 logins from a specific list of IP addresses, where I expect ssh
> logins from.
>
> This would definitely not work on a production machine, with a lot of
> people logging in from random IP's,

Au-contraire!

We are finding with production systems that the cracking attacks are getting
so bad that we are starting to recommend to corporate customers that
they do exactly that!

These days when we setup a new corporate network there's only ONE port on
the firewall that is open to the outside - the VPN port, whatever that may
be.
(usually IPSec vpns but MS PPTP is also still quite popular)

Everything else is restricted to specificed source IP number.  Any road
warriors
out there either have to VPN in then go to where they want, or they have to
be coming from a static IP number.

Their websites are never hosted on inside servers.  Either they are hosted
at
our NOC or they are on a DMZ network that is outside their LAN, and the
website carries nothing of value on it - because the expectation is that
ultimately it
will be broken into and destroyed by a cracker.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Mail server recomendations (was: is the list the right place toask?)

[Ted Mittelstaedt]

- Original Message - 
From: "John Nielsen" <[EMAIL PROTECTED]>
To: 
Cc: "Ray" <[EMAIL PROTECTED]>
Sent: Friday, February 09, 2007 10:57 PM
Subject: Re: Mail server recomendations (was: is the list the right place
toask?)


> On Saturday 10 February 2007 01:33, Ray wrote:
> > I'm looking for a package (or set of packages) that would provide a mail
> > server with the following capabilities
> >
> > minimally:
> > pop and smtp access that could handle 20 to 100 domains and 200 to 2000
> > mail boxes.(allowing some room for future growth)
>
> SMTP: sendmail is part of the base system and is pretty powerful but has a
> steep learning curve. There are alternatives available in the ports, one
of
> the more popular being postfix. Others such as qmail may also be worth
> researching.
>

I would caution anyone against using the alternatives.  There are a lot of
people
that use them successfully, but sendmail is far more popular in terms of
total
installs - this is no doubt because it is used in the larger mail servers on
the
Internet, and the alternatives are more used on home or small servers.  The
reason you want to use Sendmail is that once you learn how to use it, that
is knowledge that you have a much higher chance of re-using in the future.

>
> I use clamAV on my mailserver, works great and keeps itself up-to-date
> pretty well. Easy integration with sendmail via a milter. For spam you'll
> likely want a combination of techniques. SpamAssassin is a good starting
> point. Also look at the DNS black- or greylisting features of your SMTP
> program (I use a couple realtime DNS blacklists with sendmail).

you can also use greylist-milter with sendmail, it works well.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Can I use an HP printer

[Ted Mittelstaedt]

Yes, that is how I do it also - with slightly different options of course.
With those
printers, gimp is your friend.  With the one that the OP has, there's a
specific
driver for it.

Ted

- Original Message - 
From: "Yuri Grebenkin" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Cc: 
Sent: Saturday, February 10, 2007 5:32 AM
Subject: Re: Can I use an HP printer


> I have an Epson Stylus C43SX and have made it print PostScript
> through the following filter using GIMP Print and Ghostscript:
>
> # /usr/local/libexec/ps2eps.sh
> gs -DSAFER -sDEVICE=ijs -sIjsServer=ijsgimpprint \
>-sDeviceManufacturer=EPSON -sDeviceModel=escp2-c42sx \
>-DIjsUseOutputFD -q -sOutputFile=- -DNOPAUSE -DBATCH - \
>   && exit 0
>
> Also, to turn on extended mode for my local lpt0 I use this:
>
> lptcontrol -e /dev/lpt0
>
> Yuri
>
>
> On Thu, 8 Feb 2007 23:31:31 -0800
> "Ted Mittelstaedt" <[EMAIL PROTECTED]> wrote:
>
> > I myself have an Epson C84 inkjet in my home that has the same issues.
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Low-cost dedicated FreeBSD server or non-jail VPS?

[Ted Mittelstaedt]

- Original Message - 
From: "Jay Chandler" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "FreeBSD Questions" 
Sent: Friday, February 09, 2007 9:57 AM
Subject: Re: Low-cost dedicated FreeBSD server or non-jail VPS?
>
> Maybe that's an option for you, but I'm looking at spending a minimum of
> another $60 every month to my ISP if I want those services.  I haven't
> been sufficiently impressed to feel that they warrant that extra fee.
>

Maybe they haven't significantly impressed you because you bought the
cheap service?

Hell - $60 compared to a colo feel of $50?  (the cheapest I've seen
someone post here)  In other words, you have a choice between
actually having the physical box right there, vs having it 1000 miles
away, and your in a -learning- situation?  And your going to cut off your
nose to spite your face just because of some issue with your ISP?
What are they currently doing to you to warrant that?

Without knowing your connectivity and how good/reliable/bad it is it's
difficult to make a judgement call.  But, I can say from experience that
there isn't any -TECHNICAL- reason that cheaper DSL or cable
connectivity can't be made as reliable as, say, a T1.

There's not many places in the United
States that you can't find multiple competing broadband providers.  It's
a lot different overseas, but here in the US if you don't like your ISP
there's
usually another one around the corner.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Bad sector on drive ...

[Ted Mittelstaedt]

If your going to continue to use the disk at least turn on S.M.A.R.T. in the
BIOS (if it's not
on already) and load one of the S.M.A.R.T.-aware tools in the ports
directories (like smartmontools)
to keep an eye on it.  I still think though that it's just a matter of time
before you have more
problems.  Disks are so cheap I can't understand why anyone would want to
try nursing
one along that's going bad these days.

Ted

- Original Message - 
From: "Marc G. Fournier" <[EMAIL PROTECTED]>
To: "John Nielsen" <[EMAIL PROTECTED]>; 
Cc: "Marc G. Fournier" <[EMAIL PROTECTED]>; "Dan Nelson"
<[EMAIL PROTECTED]>
Sent: Saturday, February 10, 2007 3:17 PM
Subject: Re: Bad sector on drive ...


> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Didn't work, ended up newfs'ng the file system, since the data on the
drive is
> recreatable, and seems to have worked fine ...
>
> the error I was getting was when fsck'ng, so suspect that a file got
written
> over top of the bad sector and was causng the problem ...
>
> - --On Saturday, February 10, 2007 11:05:35 -0500 John Nielsen
> <[EMAIL PROTECTED]> wrote:
>
> > On Saturday 10 February 2007 09:47, Marc G. Fournier wrote:
> >> --On Saturday, February 10, 2007 01:00:21 -0600 Dan Nelson
> >>
> >> <[EMAIL PROTECTED]> wrote:
> >> > In the last episode (Feb 10), Marc G. Fournier said:
> >> >> Short of a reformat, any way of marking the following as bad? :(
> >> >>
> >> >> Feb 10 02:27:20 ganymede kernel: ad4: FAILURE - READ_DMA
> >> >> status=51 error=40 LBA=176887263 Feb
> >> >> 10 02:27:25 ganymede kernel: ad4: TIMEOUT - READ_DMA retrying (1
retry
> >> >>  left) LBA=176887324 Feb 10 02:27:30 ganymede kernel: ad4: TIMEOUT -
> >> >> READ_DMA retrying (0 retries  left) LBA=176887324 Feb 10 02:27:35
> >> >> ganymede kernel: ad4: FAILURE - READ_DMA timed out LBA=176887324
> >> >
> >> > Try writing to the block causing the error, using dd and the seek=
> >> > option; if the write succeeds, you're done (and the drive will have
> >> > either reused the block or reassigned it to a spare). 176887324 If it
> >> > doesn't succeed, copy what you can off the drive and toss it, since
all
> >> > its spares are used up.
> >> >
> >> > I think LBA numbers map directly to seek= values assuming you keep
> >> > bs=512 and access /dev/ad4 .  I'd try reading the bad block with dd
to
> >> > verify it's the right one before doing a write, though.
> >>
> >> 'k, how do you use dd to write to a specific sector?
> >>
> >> dd of=/dev/ad4 seek=176887324 bs=512 if=/dev/null
> >
> > dd of=/dev/ad4 seek=176887324 bs=512 count=1 if=/dev/zero
> >
> > JN
> >
>
>
>
> - 
> Marc G. Fournier   Hub.Org Networking Services
(http://www.hub.org)
> Email . [EMAIL PROTECTED]  MSN . [EMAIL PROTECTED]
> Yahoo . yscrappy   Skype: hub.orgICQ . 7615664
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.5 (FreeBSD)
>
> iD8DBQFFzlJ14QvfyHIvDvMRAicNAJ9Fvx3B7p8ibsne3lV+HSd6rnkLEwCgmKBz
> IsS5cm2DUlwcC3fKbnyiT9c=
> =G+Wn
> -END PGP SIGNATURE-
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Bad sector on drive ...

[Ted Mittelstaedt]

no, not even with a reformat.

you MIGHT get something with the manufacturers "re-format" tools but keep in
mind
that the way that these tools work is they simply wipe out the "grown
defects" list in
the disk drive, then re-test all of the defect areas that had been listed in
the grown defect
list, any that test out bad get added back into the list.

IDE/ATA/SATA drives all auto-remap bad sectors on the fly to a set of
"spare" sectors
in a special area of the disk.  What you have going on is a drive with an
increasing number
of bad sectors, to the point that it has used up all of it's spares and the
auto-remap can't
work anymore, so now the drive is starting to report the sectors bad.

What a wise person does in this scenario is go buy a new disk, and "dd" the
contents of the
old disk to the new disk.  What the unwise person does is continue to screw
around with
the old disk, trying various things, until one day the entire works crashes
and cannot be
recovered.

Ted Mittelstaedt

- Original Message - 
From: "Marc G. Fournier" <[EMAIL PROTECTED]>
To: 
Sent: Friday, February 09, 2007 10:45 PM
Subject: Bad sector on drive ...


> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Short of a reformat, any way of marking the following as bad? :(
>
> Feb 10 02:27:20 ganymede kernel: ad4: FAILURE - READ_DMA
> status=51 error=40 LBA=176887263
> Feb 10 02:27:25 ganymede kernel: ad4: TIMEOUT - READ_DMA retrying (1 retry
> left) LBA=176887324
> Feb 10 02:27:30 ganymede kernel: ad4: TIMEOUT - READ_DMA retrying (0
retries
> left) LBA=176887324
> Feb 10 02:27:35 ganymede kernel: ad4: FAILURE - READ_DMA timed out
LBA=176887324
>
>
> - 
> Marc G. Fournier   Hub.Org Networking Services
(http://www.hub.org)
> Email . [EMAIL PROTECTED]  MSN . [EMAIL PROTECTED]
> Yahoo . yscrappy   Skype: hub.orgICQ . 7615664
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.5 (FreeBSD)
>
> iD8DBQFFzWoG4QvfyHIvDvMRAmJ6AKDh1PP4WuoW4xh7ZFlZ6lQOHc9uxgCbBsaW
> E00joed8d7Ij7w1P/qZKUqg=
> =lr6d
> -END PGP SIGNATURE-
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Can I use an HP printer

[Ted Mittelstaedt]

Chris,

  Your HP 4550N is a real commercial printer with a PostScript interpreter
in it, that is why you can just send the print jobs directly to it and the
printer will
do the work of rasterizing them.

  Bob doesen't have a PostScript printer like your 4550N  His is a cheapie
home "winprinter" that has no engine in the printer and can only do very
limited
processing.  It definitely ain't going to understand PostScript fed to it,
and likely
not even ASCII.

  For Bob to get his printer to work means he's going to have to install
Ghostscript,
and a special driver that interprets the intermediate output from
Ghostscript into
something that the 2600n can digest.

  Here is a driver that someone wrote that can do this:

http://foo2hp.rkkda.com/

  I assume it's somewhere in the FreeBSD ports.

  What Bob needs to do to get his printer to work involves hours of labor
and a lot of knowledge of how the various pieces fit together under FreeBSD.
If he was installing it under Linux he could use these instructions:

http://www.linuxprinting.org/show_printer.cgi?recnum=HP-Color_LaserJet_2600n

but I'll repost the warning from that page here:

"...the printer works like a charm, but for printing photos
the colors are horrible - at least with the default settings and the driver
dated May 18..."

In other words, after a Herculean effort he is only going to end up with
something
that works.  Not something that works well.

If he just bought this printer the smartest thing he could do is take it
back to the
store and get a better printer that could speak PostScript - like your
4550N.  It
will be a bit more expensive but it's not cost-justifyable in a business
environment
to waste the labor getting a non-PostScript printer to work with a UNIX like
FreeBSD.

I myself have an Epson C84 inkjet in my home that has the same issues.  I
bought
it knowing all this full well, and I did in fact spend the time to get it to
work, and
it does work well.  Since we only use the thing probably 6 times a year to
print
color (we also have a PostScript laserjet at home) I decided that since my
labor was
free that I'd rather spend my money on something other than a printer, so I
bought
a cheap printer.

But, since that purchase a year ago I've seen at least 5 of these printers
in excellent
shape at the local Goodwill store.  So I have to conclude that a lot of
people out
there have gone down the non-Postscript route, found it wanting, and said
hell
with it and went back to the store and got a real printer.

The other thing that they don't tell you when you go the Ghostscript route,
is
that unless you have a screamingly fast CPU, it takes a long, LONG time for
the driver to rasterize a page in your computer!

Ted

- Original Message - 
From: "Chris Hill" <[EMAIL PROTECTED]>
To: "Bob" <[EMAIL PROTECTED]>
Cc: 
Sent: Monday, February 05, 2007 8:14 PM
Subject: Re: Can I use an HP printer


> On Tue, 6 Feb 2007, Bob wrote:
>
> >   I recently purchased a Hewlett Packard Color LaserJet 2600n printer.
> >   It works perfectly under Windows XP but I cannot get it to work under
> >   FreeBSD 6.2.
> >   I have set it up as a network printer on a LAN and it has it's own
> >   permanent IP. I can ping the IP  but that is all I can do.
>
> I have been using HP printers under FreeBSD for years now. Since your
> printer has an IP, I presume it has a JetDirect card.
>
> >   Can this printer actually be made to work or am I wasting my (and
> >   your) time even trying?
>
> You may need to set up some things in /etc/printcap. Here is the
> relevant portion of mine:
>
> # HP color laser
> lp|snow|snowball|lj|ps|HP ColorLaserJet 4550N:\
>  :sh:\
>  :sd=/var/spool/output/lpd:\
>  :mx#0:\
>  :lp=:rm=snowball:rp="auto":
>
> I'm using lpr, so I had to enable that in /etc/rc.conf. I also had to
> manually create the directory /var/spool/output/lpd. The snowball part
> is a hostname for the printer, which you can set up in /etc/hosts or a
> split DNS. (My printers are named after Devo songs.)
>
> HTH.
>
> --
> Chris Hill   [EMAIL PROTECTED]
> ** [ Busy Expunging <|> ]
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Low-cost dedicated FreeBSD server or non-jail VPS?

[Ted Mittelstaedt]

- Original Message - 
From: "Jerry McAllister" <[EMAIL PROTECTED]>
To: "Jay Chandler" <[EMAIL PROTECTED]>
Cc: "FreeBSD Questions" 
Sent: Thursday, February 08, 2007 5:28 AM
Subject: Re: Low-cost dedicated FreeBSD server or non-jail VPS?


> On Wed, Feb 07, 2007 at 05:34:47PM -0800, Jay Chandler wrote:
>
> > Derek Ragona wrote:
> > >FreeBSD runs on most i386 based hardware as long as you have 64 MB ram
> > >or more.  So you can recycle an old desktop PC to run FreeBSD and then
> > >have at it.  Or buy a cheap new desktop or refurbished.
> > >
> > >-Derek
> > >
> >
> > The problem with this approach is that it doesn't get you a static IP
> > with proper rDNS and a host of other things...
>
> It does if you buy an ISP account that includes a static IP and
> does DNS for you or you set up your own DNS and register the server.
>

But that might actually cost a whole extra $6 a month and isn't it
preferable to
spend $100 a month at some colo house?

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Can't Login at the Console on FreeBSD 6.0 Release

[Ted Mittelstaedt]

- Original Message - 
From: "Lowell Gilbert" <[EMAIL PROTECTED]>
To: "JP" <[EMAIL PROTECTED]>
Cc: 
Sent: Thursday, February 08, 2007 6:54 AM
Subject: Re: Can't Login at the Console on FreeBSD 6.0 Release


> JP <[EMAIL PROTECTED]> writes:
> 
> > So I'm not quite sure what happened here, someone with root access,
> > who probably shouldn't have had it managed to make a mess of things.
> > He claims he was trying to install source files and on reboot he
> > could no longer login to the system.  I am able to boot into single
> > user mode, I see that login is core-dumping on signal 11 and as such
> > I can't login to the box.  Ftp, SSH, and other services are not
> > responsive and don't even attempt to allow me to login remotely.
> >   
> > I'd like to be able to login at the console, and be able to FTP into
> > the box so I can pull everything down and do a fresh install.  Any
> > suggesitons on how to do this?  I already did a passwd root and
> > created a new password thinking it would fix things, but it didn't.
> > At the console, it just asks for Login, and then password and then
> > keeps looping if though I am putting in the right information.
> 
> If it were my machine to fix, I would start with a binary "upgrade"
> off of CD.

Same here - and make sure to delete and recreate the partitions for
good measure.

Ted
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Anyone running FreeBSD 6.x on HP DL320 G5?

[Ted Mittelstaedt]

We are running a pretty busy mail hub on a DL320 G4 without trouble.

Ted

- Original Message - 
From: "William" <[EMAIL PROTECTED]>
To: 
Sent: Thursday, February 08, 2007 4:58 AM
Subject: Anyone running FreeBSD 6.x on HP DL320 G5?


> Hello,
>
> If anyone is running FreeBSD 6.x on a HP DL320 G5, can they please hit
> me off-list with their stories?
>
> Kind Regards,
>
> Will
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: 'borrowing' 6.1 drivers for use in 6.2 (sata)

[Ted Mittelstaedt]

- Original Message - 
From: "Steve Franks" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "FreeBSD Users Questions" ;
<[EMAIL PROTECTED]>
Sent: Sunday, February 04, 2007 8:38 AM
Subject: Re: 'borrowing' 6.1 drivers for use in 6.2 (sata)


> On 2/3/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> > Hi Steve,
> >
> >   I should have been more clear, sorry!  You cannot just replace a .ko
file
> > that is a binary file.  You have to install the kernel sources, then go
into
> > the
> > directory that the driver .c and .h files are, back those up, and
replace
> > them,
> > then recompile the kernel.
> >
> >   Here's probably what you want to do:
> >
> > Go to here:
> >
> > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/ata/
> >
> > examine the files.  For example, assume it was ata-disk.c  Examine the
> > history
> > by clicking on the file you will see the different changes.  For example
> > according to this revision 1.189.2.5  was used for 6.2-release, revision
> >  1.189.2.4  was used for 6.1-release.  If the bug is in this file it was
> > introduced
> > in one of the intermediate revisions between these 2.
> >
> > You will note this cooresponds with:
> >
> > /sys/dev/ata
> >
> > on your system assuming you installed the kernel sources.  If you wanted
to
> > backrev this driver you would install sources, recompile the kernel and
> > install it and reboot to make sure you know how to build a running
> > kernel, then you would go to this directory, replace the file you want
> > (ata-disk.c for example) and recompile the kernel and install it and
reboot
> > and
> > cross your fingers.  Rebuilding the kernel is covered in the online
handbook
> > on the website.
> >
> > It most likely won't work the first time.  You will need to try this
with
> > several files.  You also want to try newer revisions of this file.  Or
you
> > can
> > get bold and tar up the entire directory from a 6.1-release system and
> > move /sys/dev/ata to /sys/dev/ata.bak and untar the old directory into
your
> > 6.2 system than try that.  Obviously you need a 6.1 system around for
this.
> >
> > If Soren has a guess to this he may send you patches to one or more
> > of these files for testing, you will need to apply them and rebuild and
> > reboot to see
> > if it works.
> >
> > This sort of thing can take a lot of time.  But it is really critical
that
> > you get
> > on it right away.  Since right now there wern't many changes between
> > the drivers and it will be very easy to narrow it down to precisely what
> > revision change causes the problem.  It is much worse when people post
> > things like such-and-such piece of hardware worked under FreeBSD 2.2
> > 5 years ago and not under 6.2 today.
> >
> > Ted
> >
> > - Original Message -
> > From: "Steve Franks" <[EMAIL PROTECTED]>
> > To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> > Cc: "FreeBSD Users Questions" 
> > Sent: Saturday, February 03, 2007 10:19 AM
> > Subject: Re: 'borrowing' 6.1 drivers for use in 6.2 (sata)
> >
> >
> > > Ted,
> > >
> > > I emailed [EMAIL PROTECTED] with that info, since that was who was under
> > > "man ata".
> > >
> > > In the meantime, I replaced /boot/kernel/atapci.ko with the one from
> > > my 6.1 install cd, and it seriously #$%#^'ed my system.  Restored now,
> > > but, do you suggest I need ata*.ko, not just atapci.ko?  Or am I on
> > > the wrong track entirely?  Also, where do I find info on the server
> > > and folder structure I should be looking for in cvs when you mention
> > > getting the latest thing?
> > >
> > > Steve
> > >
> > > On 2/3/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> > > >
> > > > You shouldn't have any trouble downgrading to the 6.1 drivers but
> > > > I would suggest instead that you e-mail Soren the maintainer of the
SATA
> > > > driver before doing anything.  He may have patched it already.  At
> > least,
> > > > try the current driver from CVS first.
> > > >
> > > > All you really have to do is copy the current driver to a backup
file
> > > > then download the older driver from the cvs webinterface on
freebsd.org
> > > > and recompile your kernel.
> > > >
> > > > If 

Re: Assembly language on FreeBSD

[Ted Mittelstaedt]

openssl also uses assembler in some of it's files

Ted

- Original Message - 
From: "Daniel Molina Wegener" <[EMAIL PROTECTED]>
To: 
Cc: "Rico Secada" <[EMAIL PROTECTED]>
Sent: Wednesday, February 07, 2007 3:07 PM
Subject: Re: Assembly language on FreeBSD


> On Wednesday 07 February 2007 19:45, Rico Secada wrote:
> > Hi
> >
> > I am brushing up on my assembler language and I wonder if
> > anyone could recommend any particular reading well suited for
> > FreeBSD?
>
>   Try looking as(1) manual page, the gas info page (info gas)
> and looking on the internet for guides regarding AT&T assembler
> syntax.
>
>   Also, is assembler code in the kernel source, the X.Org
> distribution and some multimedia tools that are using mmx, sse
> 3dnow instruction sets.
>
> > Best and kind regards,
> > Rico Secada.
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "[EMAIL PROTECTED]"
>
>
> Regards,
> -- 
>  .O. | Daniel Molina Wegener   | C/C++ Developer
>  ..O | dmw [at] unete [dot] cl | FOSS Coding Adict
>  OOO | BSD & Linux User| Standards Rocks!
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: memory above 4Gb ignored

[Ted Mittelstaedt]

you might check your bios settings for some weird memory reallocation
but otherwise file a PR on this.

Ted

- Original Message - 
From: "Thomas Sparrevohn" <[EMAIL PROTECTED]>
To: "Bill Moran" <[EMAIL PROTECTED]>
Cc: 
Sent: Wednesday, February 07, 2007 6:12 PM
Subject: Re: memory above 4Gb ignored


>
> On 6 Feb 2007, at 12:23, Bill Moran wrote:
>
> I don't know whether its related - I just got a brand new Dell XPS
> 710 H2C with a QX6700 - The
> system uses the Nvidia 590 chipset - It has 4GB memory and Two GTX
> 8800 7xx MB
> graphics cards even with PAE enabled it only finds 2,5GB - However I
> am not sure how
> well the Nvidia 590 for Intel Works - Identcpu states that there is
> only 4MB of cache etc
>
>
> > In response to Jim Pazarena <[EMAIL PROTECTED]>:
> >
> >> I do not see any reference to resolving the
> >> "786432K of memory above 4Gb ignored" anywhere in Google or
> >> otherwise.
> >>
> >> I see references to it for FreeBSD 4.XX, but I am running 6.2, and
> >> have
> >> the same problem.
> >>
> >> Is there any easy solution? For a hoot, I installed SuSe 10.2 on
> >> my machine
> >> and it recognized the full 4Gb; FreeBSD does not.
> >
> > Your searches didn't find this?:
> > http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/
> > troubleshoot.html#PAE
> >
> > -- 
> > Bill Moran
> > Collaborative Fusion Inc.
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "freebsd-questions-
> > [EMAIL PROTECTED]"
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Fast SCSI RAID controller

[Ted Mittelstaedt]

- Original Message - 
From: "Josef Grosch" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Philippe Lang" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Saturday, February 03, 2007 5:18 PM
Subject: Re: Fast SCSI RAID controller


> On Sat, Feb 03, 2007 at 09:19:27AM -0800, Ted Mittelstaedt wrote:
> > he still ought to look at them, cheaper faster disk arrays are nothing
> > to sneeze at.
> >
> > SCSI is only a win these days if your running the most expensive 10K
> > RPM drives in a mirrored configuration, which is common on database
> > servers.  And raid-5 in particular unless you have a minimum of 5 drives
> > in your array, you are going to just be throwing the performance edge
> > of the more expensive scsi drives into the toilet, so what is the point
of
> > buying them?
> >
> > If your doing raid 5 for redundancy, there's no argument, sata is the
> > clear winner on the 3ware or highpoint cards.
> >
> > Ted
>
>
> This system is going to be a testbuild server to answer the question,
"Will
> this commit break the build?" It needs to be really fast.

Have you tried the Qlogic ISP12160?

I don't believe there's stable RAID cards supported under FreeBSD that are
much faster than the 3ware/highpoint cards with the 7200 rpm sata drives.
If it
was me building the machine I would dispense with raid entirely and just
stripe
the disks.  Your dealing with transient info and who gives a poop if a disk
dies, you just replace, restore and march onward.

I suspect though your dealing with the same problem I ran into a decade
ago when I was admining at the now defunct Central Point Software - you
got a house full of developers who all want the quickest things under their
desks so they can build their own trees.  For a while they got that but code
production
ultimately slowed because too much time was wasted repairing blown up
developers personal systems.  Finally the department head forced all of
them to give up local storage on their systems and store everything on the
network servers, they put into effect several build machines that that was
all they did all day long.

> I'm looking at
> 15K RPM drives most likley either RAID 10 or RAID 0. Most of our systems
> that have local disk are RAID 10. We have used SCSI disks becuase they are
> fast and reliable. For data that we can not loose we use NetApps either
> attached via Gige copper or fiber.
>

Just my opinion only but I think you ought to use NASes for everything and
dispense with local storage entirely.  To get speed and redundancy, gigE
is the future.  Just my opinion!

In the corporate arena that I play in these days we have been doing that for
years.  Most companies have really crunched down very hard on laptops,
you can't use a laptop at work unless your a roaming sales person and
policies are setup on those so that local storage is replicated to the
server
without user control when they dock to the network.  And laptops are
about the only reason you can justify local storage on a computer.

The liabilities today and federal reporting and document retention laws
today
are such that it's a huge problem to allow people to create and save work
on their local machines.  Everything is put on the servers, all of the
systems
are configured so that the users are pretty well locked down that they can't
store data anywhere else BUT the servers.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Port upgrade/install problem: MySQL and Perl I/F

[Ted Mittelstaedt]

Stuff like this happens, you can e-mail the port maintainer and
bitch him out for making a stupid change to the dependency
requirement, or you can simply dispense with ports, download
the perl module and compile and install it "the old fashioned way"

You ought to have nuked and repaved that server, your just lucky
that this very minor thing was the only thing that blew up.

Ted

- Original Message - 
From: "Robert Inder" <[EMAIL PROTECTED]>
To: 
Sent: Saturday, February 03, 2007 11:58 AM
Subject: Port upgrade/install problem: MySQL and Perl I/F


> p5-DBD-mysql50 and mysql itself
> Date: 03 Feb 2007 19:58:22 +
> Message-ID: <[EMAIL PROTECTED]>
> Lines: 128
> User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3
> MIME-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
>
>
> I've upgraded Perl (via "portupgrade"), but the ports I need
> to re-install to restore my perl-to-MySQL interface won't!
>
> I'm working on a rather long-neglected server running
>
>  FreeBSD 5.2.1-RELEASE-p7 FreeBSD 5.2.1-RELEASE-p7
>
> It was running Perl 5.6, but I'm trying to install some code that
> needs 5.8.  So I did "cvsup" and then
>
> portupgrade -o lang/perl5.8 perl
>
> All went smoothly, and "perl-after-upgrade" gave me a list of
> perl packages to re-install, and I did "portupgrade" on each of them.
>
> Super!
>
> EXCEPT for the Perl to MySQL interface package:  p5-DBD-mysql50
>
> This is causing me two problems.
>
> Currently, "mysql" is installed and working.
>
> # pkg_info -Ia | grep mysql
> mysql-client-5.0.0_2 Multithreaded SQL database (client)
> mysql-server-5.0.0_2 Multithreaded SQL database (server)
>
> When I try to portupgrade the perl interface, it starts trying to
> build mysql for itself, even without a "-R" option.  And it does the
> same thing even if I change to the ports directory and type "make".
>
> I don't understand why it is doing that.  I am guessing the installed
> version of mysql is too old for the perl interface.  But I didn't
> think upgrade (or a port "make") would recurse unless "told" to
> But here's what it says...
>
> ===>   p5-DBD-mysql50-4. depends on file:
/usr/local/lib/perl5/site_perl/5.8.8/mach/DBI.pm - found
> ===>   p5-DBD-mysql50-4. depends on file:
/usr/local/bin/perl5.8.8 - found
> ===>   p5-DBD-mysql50-4. depends on shared library:
mysqlclient.15 - not found
> ===>Verifying install for mysqlclient.15 in
/usr/ports/databases/mysql50-client
> ===>  Building for mysql-client-5.0.33
>
> The second problem is that the mysql port won't actually compile.  It
> announces that it is "Configuring for mysql-client-5.0.33", and then
> proceeds to report a whole slew (hundreds) of "checking..." activities.
> About a dozen that start "pthread_", and some of them succeed.  Then
> it starts compling, but this process finishes with
>
> mkdir .libs
> cc -DDBUG_OFF -O -pipe -mcpu=pentiumpro -D_THREAD_SAFE -o factorial
my_main.o factorial.o  libdbug.a ../mysys/libmysys.a
../strings/libmystrings.a -lcrypt -lm
> ../mysys/libmysys.a(my_thr_init.o): In function
`my_thread_global_end':
> my_thr_init.o(.text+0x1b7): undefined reference to
`pthread_cond_timedwait'
> *** Error code 1
>
> Stop in
/data/ports_build/usr/ports/databases/mysql50-client/work/mysql-5.0.33/dbug.
> *** Error code 1
>
> Stop in
/data/ports_build/usr/ports/databases/mysql50-client/work/mysql-5.0.33.
> *** Error code 1
>
> Stop in
/data/ports_build/usr/ports/databases/mysql50-client/work/mysql-5.0.33.
> *** Error code 1
>
> Stop in /usr/ports/databases/mysql50-client.
> *** Error code 1
>
> Stop in /usr/ports/databases/p5-DBD-mysql50.
>
> I've tried googling for this, but although I've found a handful of
> people with broadly similar problems, nobody has actually been offered
> anything I recognise as an applicable solution!
>
> The upshot of this is that the previous Perl application is now broken
> because it cannot access the MySQL database.
>
> So I need to either...
>
> get the latest MySQL port to compile, or
>
> somehow get p5-DBD-mysql50 to work with the existing MySQL.
>
> ...but I'm not sure how to start on either.
>
> Help?  Any advice welcome!
>
> I have tried putting the p5-DBD-mysql50 package back the way it was
> (albeit in a rather simple-minded way -- just copying
> /usr/ports/databases/p5-DBD-mysql50 from its sister machine).  But
> this didn't make any difference.  It still decides that even this
> version (which was working) is incompatible with the existing mysql...
>
> boru/p5-DBD-mysql50# make
> ===>  Vulnerability check disabled, database not found
> ===>  Extracting for p5-DBD-mysql50-2.9003
> => MD5 Checksum OK for DBD-mysql-2.9003.tar.gz.
> ===>   p5-DBD-mysql50-2.9003 depends on file:
/usr/local/bin/perl5.8.8 - found
> ===>  Patching for p5-DBD-mysql50-2.9003
> ===>   p5-DBD-mysql50-2.9003 depends on file:
/usr/local/bin/perl5.8.8 - found

Re: 'borrowing' 6.1 drivers for use in 6.2 (sata)

[Ted Mittelstaedt]

Hi Steve,

  I should have been more clear, sorry!  You cannot just replace a .ko file
that is a binary file.  You have to install the kernel sources, then go into
the
directory that the driver .c and .h files are, back those up, and replace
them,
then recompile the kernel.

  Here's probably what you want to do:

Go to here:

http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/ata/

examine the files.  For example, assume it was ata-disk.c  Examine the
history
by clicking on the file you will see the different changes.  For example
according to this revision 1.189.2.5  was used for 6.2-release, revision
 1.189.2.4  was used for 6.1-release.  If the bug is in this file it was
introduced
in one of the intermediate revisions between these 2.

You will note this cooresponds with:

/sys/dev/ata

on your system assuming you installed the kernel sources.  If you wanted to
backrev this driver you would install sources, recompile the kernel and
install it and reboot to make sure you know how to build a running
kernel, then you would go to this directory, replace the file you want
(ata-disk.c for example) and recompile the kernel and install it and reboot
and
cross your fingers.  Rebuilding the kernel is covered in the online handbook
on the website.

It most likely won't work the first time.  You will need to try this with
several files.  You also want to try newer revisions of this file.  Or you
can
get bold and tar up the entire directory from a 6.1-release system and
move /sys/dev/ata to /sys/dev/ata.bak and untar the old directory into your
6.2 system than try that.  Obviously you need a 6.1 system around for this.

If Soren has a guess to this he may send you patches to one or more
of these files for testing, you will need to apply them and rebuild and
reboot to see
if it works.

This sort of thing can take a lot of time.  But it is really critical that
you get
on it right away.  Since right now there wern't many changes between
the drivers and it will be very easy to narrow it down to precisely what
revision change causes the problem.  It is much worse when people post
things like such-and-such piece of hardware worked under FreeBSD 2.2
5 years ago and not under 6.2 today.

Ted

- Original Message - 
From: "Steve Franks" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "FreeBSD Users Questions" 
Sent: Saturday, February 03, 2007 10:19 AM
Subject: Re: 'borrowing' 6.1 drivers for use in 6.2 (sata)


> Ted,
>
> I emailed [EMAIL PROTECTED] with that info, since that was who was under
> "man ata".
>
> In the meantime, I replaced /boot/kernel/atapci.ko with the one from
> my 6.1 install cd, and it seriously #$%#^'ed my system.  Restored now,
> but, do you suggest I need ata*.ko, not just atapci.ko?  Or am I on
> the wrong track entirely?  Also, where do I find info on the server
> and folder structure I should be looking for in cvs when you mention
> getting the latest thing?
>
> Steve
>
> On 2/3/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> >
> > You shouldn't have any trouble downgrading to the 6.1 drivers but
> > I would suggest instead that you e-mail Soren the maintainer of the SATA
> > driver before doing anything.  He may have patched it already.  At
least,
> > try the current driver from CVS first.
> >
> > All you really have to do is copy the current driver to a backup file
> > then download the older driver from the cvs webinterface on freebsd.org
> > and recompile your kernel.
> >
> > If you really want this fixed, find the exact revision in cvs where the
> > support broke, obviously it will be between 6.1-release and 6.2-release,
> > and let Soren know.  It will take a few kernel recompiles to do that.
> > Fortunately your system boot isn't on the controller, not many folks I'm
> > sure have that setup.  When you do figure it out, please create a PR
> > using send-pr
> >
> > Ted
> >
> > - Original Message -
> > From: "Steve Franks" <[EMAIL PROTECTED]>
> > To: "FreeBSD Users Questions" 
> > Sent: Saturday, February 03, 2007 7:57 AM
> > Subject: 'borrowing' 6.1 drivers for use in 6.2 (sata)
> >
> >
> > > If anyone has read my earlier posts, they know the acer/uli/asus
> > > motherboard sata chipset simply won't work in 6.2.  It worked fine in
> > > 6.1, so I wonder if I can steal the driver from a 6.1 install?  Or do
> > > I just have to downgrade?  Having my server offline (even though it's
> > > only my personal files) is simply not an option.  FYI, several others
> > > have complained about the same chipset with no resolution, so I'm
> > > fairly ce

Re: firefox, mozilla won't display PHP (Was: Re: firefox, extensions, and *.php pages)

[Ted Mittelstaedt]

- Original Message - 
From: "Gary Kline" <[EMAIL PROTECTED]>
To: "Joe Holden" <[EMAIL PROTECTED]>
Cc: "Gary Kline" <[EMAIL PROTECTED]>; "FreeBSD Mailing List"

Sent: Friday, February 02, 2007 11:08 PM
Subject: Re: firefox, mozilla won't display PHP (Was: Re: firefox,
extensions,and *.php pages)


> On Sat, Feb 03, 2007 at 06:38:10AM +, Joe Holden wrote:
> > Gary Kline wrote:
> > >On Fri, Feb 02, 2007 at 04:53:39PM -0800, Gary Kline wrote:
> > >
> > >
> > >
> > > Well, the fact that my trying seever firefox addson and the
> > > failure of firefox and mozilla to display my PHP  files just
> > > happened to be co-incident.  As of this writing, none of my
> > > browsers displays my php pages.   I am rebuilding php5; php4
> > > refuses to build.
> > >
> > > If anybody knows if I ought to be building php4, please let me
> > > know. --I've surfed the web looking for answers; so far,
> > > nothing-works
> > >
> > > (***)
> > >
> > >> "You have chosen to open
> > >>
> > >> [  ]  (blank)
> > >>
> > >> which is a: appplication/x-httpd-php
> > >> from http://www.thought.org
> > >>
> > >>   What should Firefox do with this file?"
> > >>
> > >> The one of three options *not* greyed out is:
> > >>
> > >> (*) Save to Disk
> > >>
> > >>
> > >> What's going on?  And/or: how did I shoot myself in the foot?
> > >>
> > >> thanks for any insights; a couple of these addon are useful...
> > >>
> > >> gary
> > >>
> >
> > You've added AddType lines to config, but the module is missing, or
> > isn't being loaded presumably.
>
>
>
> Right; after a couple hours tracing, I find that for some reason,
> devel/libtool15 says that regex/regcomp.lo isn't valid.
>
>
> 
> [EMAIL PROTECTED]:/usr/ports/lang/php4/work/php-4.4.4# k
> "Makefile", line 496: warning: duplicate script for target
> "main/internal_functions.lo" ignored
> /bin/sh /usr/local/bin/libtool --preserve-dup-deps --mode=link cc
> -export-dynamic -pipe -g -Wall regex/regcomp.lo regex/regexec.lo
>
> [[ ... ]
>
> Zend/zend_ini.lo Zend/zend_qsort.lo Zend/zend_multibyte.lo
> Zend/zend_strtod.lo Zend/zend_canary.lo Zend/zend_execute.lo
> sapi/cgi/libfcgi/fcgi_stdio.lo sapi/cgi/libfcgi/fcgiapp.lo
> sapi/cgi/libfcgi/os_unix.lo sapi/cgi/cgi_main.lo sapi/cgi/getopt.lo
> main/internal_functions.lo -lcrypt -lcrypt -lm -lcrypt -lcrypt  -o
> sapi/cgi/php
> libtool: link: `regex/regcomp.lo' is not a valid libtool object
> *** Error code 1
>
> 
>
> I have php4 and apache running on other servers, and there,
> when I point mozilla at a php file, it works, of course..
> --So: nothing to do with the "extensions"; for unknown reasons,
> php4 will not build.
>
> Has anybody else experienced this snufu??
>

Yes.  I assume your building php from the ports?

What you have to do is do a make deinstall in -all- the php4
directories, as well as apache, then cvsupdate your ports,
then do a make install to put everything back together.

If you don't go through the correct make deinstall procedure and you
just try overwriting stuff you will end up with a mess.  That is
probably what happened here.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: 305 GB hard drive reduced to 266 GB (why?)

[Ted Mittelstaedt]

- Original Message - 
From: "Peter" <[EMAIL PROTECTED]>
To: 
Cc: "Peter A. Giessel" <[EMAIL PROTECTED]>
Sent: Friday, February 02, 2007 4:18 PM
Subject: Re: 305 GB hard drive reduced to 266 GB (why?)


> Le Vendredi 2 Février 2007 18:46, Peter A. Giessel a écrit :
> > On 2007/02/02 14:39, Peter seems to have typed:
> > > I am installing a new 6.2 STABLE system and I am troubled by the
> > > amount of available disk space I'm getting on one of my IDE
> > > devices:
> >
> > Its in the FAQ:
> > http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/disks.html#MANUF
> >ACTURER-DISK-SIZE
>
> I already took account of manufacturer disk size.  However, I didn't
> know about the FreeBSD 8% rule which accounts for the discrepancy
> between my disk size of 289 GB and its available space of 266 GB.
>
> So now my question becomes "Where does FreeBSD get 289 from 305?".

Whall, on Ford small blocks you get a 302 when you bore out a 289, you
could probably go the other direction if you sleeved an old tired
302 block down. ;-)

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Fast SCSI RAID controller

[Ted Mittelstaedt]

he still ought to look at them, cheaper faster disk arrays are nothing
to sneeze at.

SCSI is only a win these days if your running the most expensive 10K
RPM drives in a mirrored configuration, which is common on database
servers.  And raid-5 in particular unless you have a minimum of 5 drives
in your array, you are going to just be throwing the performance edge
of the more expensive scsi drives into the toilet, so what is the point of
buying them?

If your doing raid 5 for redundancy, there's no argument, sata is the
clear winner on the 3ware or highpoint cards.

Ted

- Original Message - 
From: "Philippe Lang" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Saturday, February 03, 2007 5:47 AM
Subject: RE: Fast SCSI RAID controller


> [EMAIL PROTECTED] wrote:
> > [EMAIL PROTECTED] wrote:
> >
> >> Can anyone suggest a fast SCSI RAID controller for FreeBSD 6.2 ? Our
> >> vendor is having trouble with the latest Adaptec
> >
> > Have a look at 3WARE controllers, they work great. All the necessary
> > tools are available in the kernel and in FBSD ports.
>
> Sorry, 3WARE are SATA controllers...
>
> Philippe
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: 'borrowing' 6.1 drivers for use in 6.2 (sata)

[Ted Mittelstaedt]

You shouldn't have any trouble downgrading to the 6.1 drivers but
I would suggest instead that you e-mail Soren the maintainer of the SATA
driver before doing anything.  He may have patched it already.  At least,
try the current driver from CVS first.

All you really have to do is copy the current driver to a backup file
then download the older driver from the cvs webinterface on freebsd.org
and recompile your kernel.

If you really want this fixed, find the exact revision in cvs where the
support broke, obviously it will be between 6.1-release and 6.2-release,
and let Soren know.  It will take a few kernel recompiles to do that.
Fortunately your system boot isn't on the controller, not many folks I'm
sure have that setup.  When you do figure it out, please create a PR
using send-pr

Ted

- Original Message - 
From: "Steve Franks" <[EMAIL PROTECTED]>
To: "FreeBSD Users Questions" 
Sent: Saturday, February 03, 2007 7:57 AM
Subject: 'borrowing' 6.1 drivers for use in 6.2 (sata)


> If anyone has read my earlier posts, they know the acer/uli/asus
> motherboard sata chipset simply won't work in 6.2.  It worked fine in
> 6.1, so I wonder if I can steal the driver from a 6.1 install?  Or do
> I just have to downgrade?  Having my server offline (even though it's
> only my personal files) is simply not an option.  FYI, several others
> have complained about the same chipset with no resolution, so I'm
> fairly certain it's not something I did.
>
> Steve
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD Torrent Server

[Ted Mittelstaedt]

- Original Message - 
From: "Javier Henderson" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: 
Sent: Wednesday, January 31, 2007 5:24 AM
Subject: Re: FreeBSD Torrent Server


>
> On Jan 31, 2007, at 3:44 AM, Ted Mittelstaedt wrote:
>
> > The FreeBSD server operators don't pay a dime for bandwidth and
> > if the bandwidth supplier for freebsd.org made the slightest complaint
> > about the bandwidth they are donating, there's a passel of ISP's and
> > networks that would fight each other for the chance of the feather
> > in the
> > cap that hosting freebsd.org is.
>
> What, exactly, is the benefit to an ISP to wear such a feather?
>

Mainly marketing, if the ISP can handle hosting of freebsd.org, then
they obviously can handle hosting of most other things on the Internet.

Remember, the people that buy seriously large amounts of bandwidth
don't use television commercials to make decisions on providers.  They
use tools like whois to see who is hosting major sites then go talk to
those people.

It also isn't a bad thing to be the landlord if the provider happens to have
a
lot of FreeBSD in use themselves, I'm sure it helps get developer attention
to
problems rather quickly.  Have you ever seen a post from anyone at
Yahoo with a problem with one of their FreeBSD servers?

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD Torrent Server

[Ted Mittelstaedt]

- Original Message - 
From: "Jeremy Faulkner" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Eric Hildebrandt" <[EMAIL PROTECTED]>; 
Sent: Wednesday, January 31, 2007 1:34 PM
Subject: Re: FreeBSD Torrent Server


> On 1/31/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> >
> > Why?
> >
> > FreeBSD isn't commercial software, there's no need to go through
> > all the hocus pocus to conceal the uploader so the RIAA doesen't
> > sue him.  Standard FTP works perfectly fine at any of the mirror sites,
> > and you will get your ISO no slower.
> >
> > Ted
>
> Bittorrent does nothing to conceal the uploader's identity.
>
> The RIAA (Recording Industry Association of Amarica) doesn't give a
> damn about the piracy of commercial software, the RIAA cares about the
> piracy of music distributed by their member companies. The
> RIAA exists to be the bully for their member companies and to draw the
> negative public relations away from those member companies.
>

Which is exactly why I cannot understand why anyone would want to
use bittorrent to legitimately distribute anything.  Why use a service that
the RIAA is actively attacking, because such service is being used to
illegally distribute pirated music?

It's called guilt by association.

For the same reason I would be very dismayed if a large porno site like
playboy.com, hustler.com, etc. put a bunch of banners on their website
offering free downloads of FreeBSD.  Those porno sites are being used
for the perfectly legal distribution of images legally obtained, by willing
participants, all above board, monitored, and such.  From a technical
perspecitve, the porno sites have some of the best bandwidth available.
You could make a dozen freedom of speech, etc. arguments about how
it would be a great thing if those sites started distributing FreeBSD.

But, it would be nothing more than a public relations disaster.

Sure, bittorrent can be used to legally distribute software.  So can porno
sites.
But,  with all the number of willing FTP mirrors out there, who are engaged
in
noncontroversial businesses, is it really necessary to deal with bittorrent?

The FreeBSD Beastie was struck from his position as logo for FreeBSD
for some EXTREMELY minor controversy surrounding religions icons.
Well, using  a Devil image didn't pirate anyone software or break a law.
Yet Beastie was axed for exactly the same "guilt by association" reasons.

It seems to be EXTREMELY hipocritical to on one hand, strike out Beastie
for some morons based on a guilt by association reason, then on the other
hand turn a blind eye to the guilt by association of using a service,
bittorrent,
that is extremely heavily used for distribution of pirated software and
music,
to distribute FreeBSD.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD Torrent Server

[Ted Mittelstaedt]

- Original Message - 
From: "Garrett Cooper" <[EMAIL PROTECTED]>
To: 
Sent: Wednesday, January 31, 2007 12:40 AM
Subject: Re: FreeBSD Torrent Server


> Ted Mittelstaedt wrote:
> > - Original Message - 
> > From: "Eric Hildebrandt" <[EMAIL PROTECTED]>
> > To: 
> > Sent: Monday, January 29, 2007 11:10 AM
> > Subject: FreeBSD Torrent Server
> > 
> > 
> >> I was wondering if the FreeBSD torrent server will be back online any 
> >> time soon?  Tryed to download version 6.2 and comes server not there.
> >>
> > 
> > Why?
> > 
> > FreeBSD isn't commercial software, there's no need to go through
> > all the hocus pocus to conceal the uploader so the RIAA doesen't
> > sue him.  Standard FTP works perfectly fine at any of the mirror sites,
> > and you will get your ISO no slower.
> > 
> > Ted
> 
> The only plus behind using torrents really for getting ISOs is reducing 
> server load on the freebsd.org folks (well, not from a tracker point of 
> view but rather from a network point of view perhaps?). 

The FreeBSD server operators don't pay a dime for bandwidth and
if the bandwidth supplier for freebsd.org made the slightest complaint
about the bandwidth they are donating, there's a passel of ISP's and
networks that would fight each other for the chance of the feather in the
cap that hosting freebsd.org is.

Ted
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD Torrent Server

[Ted Mittelstaedt]

- Original Message - 
From: "Eric Hildebrandt" <[EMAIL PROTECTED]>
To: 
Sent: Monday, January 29, 2007 11:10 AM
Subject: FreeBSD Torrent Server


> I was wondering if the FreeBSD torrent server will be back online any 
> time soon?  Tryed to download version 6.2 and comes server not there.
> 

Why?

FreeBSD isn't commercial software, there's no need to go through
all the hocus pocus to conceal the uploader so the RIAA doesen't
sue him.  Standard FTP works perfectly fine at any of the mirror sites,
and you will get your ISO no slower.

Ted
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: HP Embedded SATA RAID controller (FreeBSD 6.2)

[Ted Mittelstaedt]

- Original Message - 
From: "George Vanev" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "FreeBSD Questions" 
Sent: Thursday, January 25, 2007 1:33 AM
Subject: Re: HP Embedded SATA RAID controller (FreeBSD 6.2)


>
> - Original Message - 
> From: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> To: "George Vanev" <[EMAIL PROTECTED]>; "FreeBSD Questions"
> 
> Sent: Thursday, January 25, 2007 10:57 AM
> Subject: Re: HP Embedded SATA RAID controller (FreeBSD 6.2)
>
>
> >
> > Hi George!
> >
> > Common problem.  The issue isn't that the FreeBSD driver cannot talk
> > to the SATA controller.  It can do that just fine.
> >
> > The problem is that HP is using a modified metadata format on the
> > disk drives.
> >
> > What you need to do is go into the Proliant BIOS and DISABLE
> > the SATA raid.  This of course means any raid arrays, mirrored or
> > otherwise, that you have created, cannot be used from BIOS.  Just
> > leave the BIOS settings so that the SATA controller is enabled, but
> > the RAID on the SATA controller isn't.
> >
> > Then boot FreeBSD 6.2.  It will see 2 disk drives.  (or more or however
> > many you got)
> >
> > Now, if you want a raid mirror here is what you do.  Load a scratch
> > install of FreeBSD 6.2 on the first disk.  Run atacontrol to create a
> > mirror on both disks.  This writes out a metadata format that FreeBSD's
> > disk driver understands.  This will trash your freebsd install of
course.
> > No problem.  Reboot from the installation CD and now you will see
> > the 2 disks, plus ar0 (the mirror)   Install to that and your all set.
> >
> > Basically the only difference between doing it HP's way by creating
> > the RAID from HP BIOS and doing it the FreeBSD way is that
> > the HP BIOS is unaware of the FreeBSD metadata format so you
> > cannot see or rebuild an array from BIOS that was created in
> > FreeBSD, and FreeBSD is unaware
> > of HP's metadata format so you cannot see or rebuild an array
> > from FreeBSD that was created in BIOS
> >
> > As far as how the actual raid mirror works, it's exactly the same.
> > In fact, better, since you can rebuild a FreeBSD array from
> > FreeBSD and it's about 10 times faster than rebuilding it from
> > HP's BIOS.
> >
> > Ted
> >
> > - Original Message - 
> > From: "George Vanev" <[EMAIL PROTECTED]>
> > To: "FreeBSD Questions" 
> > Sent: Wednesday, January 24, 2007 4:35 AM
> > Subject: HP Embedded SATA RAID controller (FreeBSD 6.2)
> >
> >
> >> I have HP ProLiantML 110 G3 server.
> >> I am trying to install FreeBSD 6.2.
> >> But it doesn't seem to recognise the RAID controller.
> >> I don't know what exactly is the controller.
> >> In the hp site I didn't find anything usefull,
> >> except that this is "HP embedded SATA RAID controller"
> >> Not much, uh?!
> >>
> >> Any one could help?!
> >> Regards
> >> --
> >> George Vanev
> >>
> >> ___
> >> freebsd-questions@freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >> To unsubscribe, send any mail to
> > "[EMAIL PROTECTED]"
> >>
> >
> >
> >
>
> Just great!!!
> Thanks a lot!!!
>
> But still it will use the hardware RAID controller, right?!
> It is not a software RAID, I hope.
>
>

I hate to disappoint you but the embedded SATA controller chip is
a software raid chip, whether you set it up with BIOS or with FreeBSD's
drivers.  Not that this matters, however.  Mirroring does not do parity
calculation and so there is no need for a hardware controller.  All the
SATA chip does when the driver sees a mirror is it sets a flag in the
SATA chip that tells the chip to duplicate any writes to both disks. Reads
always happen from the primary disk.

For true SATA hardware raid you need a card like a 3ware or highpoint
card, these can do raid 5, etc.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD challenged by Internet

[Ted Mittelstaedt]

- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: 
Sent: Wednesday, January 24, 2007 12:40 AM
Subject: Re: FreeBSD challenged by Internet


> > > > > > What I don't get is I see guys walking in
> > > > > > dropping $1000 on associated Mac hardware crap
> > > ...
> > > > > The most expensive system around here is a Mac Sawtooth that cost
> > > > > $225 -- including a 17" monitor -- last September.  The (Dell)
> > > > > FreeBSD box I'm using at the moment cost $10 at a flea market,
> > > ...
> > > > This is a totally unfair comparison.  They guy dropping $1K on a
> > > > Mac is walking out with a machine that is fully configured and
> > > > ready to run.
> > >
> > > As was the Sawtooth.
> >
> > Hmm - "Mac Sawtooth" to me is a circa 1999 Power Mac G4.
> > I think we are talking about something different since you
> > couldn't possibly be just buying used devices and -not-
> > nuking and repaving.. or could you?
>
> The seller wiped the drives and reloaded the OS.  When I turned
> it on, I got the "new MacOS" sequence -- or whatever it might
> officially be called -- just as if it had been brand-new from
> Apple.  I suppose the seller figured that the $225 he charged
> was sufficient to cover both the value of the hardware and his
> time reinitializing it.
>

Well I'd have to say based on my experience with used gear that
this was a rarity.

> > > > When you get an old clunker by the time you tally up the time you
> > > > have spent on getting it ready to run, your at the same amount.
> > > ...
> > > > Skilled UNIX tech time is at min $95 an hour.  Your talking a
> > > > min of 4 hours to get a Goodwill find up and going on FreeBSD
> > > > by the time you work out the quirks, assuming that the ram in it
> > > > doesen't have a flaw and the disk is good, if you have to replace
> > > > that stuff you count the hours it takes to drive to Fry's and
> > > > back, buy the disk, etc..  well your getting pretty close to that
> > > > $1K in my book.
> > >
> > > It took me *zero* more time to get this box (Dell #1) ready for
> > > FreeBSD than if it had come direct from Dell with Windoze preloaded.
> >
> > Not fair - you aren't including the time spent "preloading" FreeBSD.
>
> Totally fair, if the goal is to end up with a FreeBSD system.
>

The 2 systems, Windows or FreeBSD, cost the same.  That is,
assuming that time=money.  Which everyone does, except for those
who have so much money they don't have to work for a living, or
those who have nothing and are perectly content to live with - nothing.

It is like owning property.  One person can have a plot he bought 40
years ago for $5000  Right next to it another person can have the same
size plot that's similar features he bought for $100K a week ago.

The tax man is not going to say to the first person that your plot is only
worth $5K  The plot has equity in it that makes it just as expensive as
the $100K plot.

Sure, you can go pull an old system and load FreeBSD on it and pay
maybe $50 out of pocket.  But the running system that results cost
nearly the same as the new Windows system because it has the equity in it
that you built up over the years in learning about FreeBSD.  To
anyone that has no specialized FreeBSD experience, which is 99.9% of
the population, to obtain that running FreeBSD system they either have
to pay the time/money to learn how to build it, or pay someone to build
it for them.

I can flip this the other way.  I've been doing FreeBSD and Windows
for years and have a big collection of install CDs and floppies for
each.  I can take that same old clunker you got for $20 and build
a complete Windows system plus Microsoft Office on it, that will
work perfectly well.  Sure, it might be Windows 98 since that runs
on the old clunker and Win XP doesen't.  Sure it is pirated software
rather than freeware (since Win98 isn't available anymore)  but
the market doesen't give a crap about that as long as they seem
to be sucking down used Macs with upgraded MacOS on them that come
without install CD's and old PC clones with Windows on them that
come without Windows install CD's.  (not that I'm saying your Sawtooth
didn't come
with install CD's but you know perfectly well most of the used
computers out there do not come with install CDs for the version of
operating system that is running on them when they are sold.)

> > The entire point is of the labor to get it to where you can start
> > the userland configuration.  Not to get it to where you can insert
> > the operating system install CD and boot it.
> >
> > When you buy them new, the windows is already loaded and ready to
> > start the userland configuration (which in my experience mainly
> > consists of uninstalling all the trialware and crap on them)
>
> Yeah, if you want a !!@@##$$ Windoze box, but AFAIK you can't go
> out and buy a box with FreeBSD preloaded and ready for userland
> configuration (and kernel hacking :)  Linux, maybe, but not any
> of the *BSD.  It takes *z

Re: HP Embedded SATA RAID controller (FreeBSD 6.2)

[Ted Mittelstaedt]

Hold on there.  HP makes SCSI and SATA versions of many of their
servers, the model numbers are almost identical between them.  I think
the only difference in the servers is the SCSI ones have an additional
card.

Now, before you go any further on Windows drivers you got to understand
something.  Win XP came out before SATA and Microsquash never put
in the primitives to support the higher SATA speeds in XP.  So in order
to get faster speed you gotta write your Windows driver to look like a
SCSI miniport driver.  MS also don't certify SATA for WCHL so if you
are selling SATA raid chipsets and you want to slap their filthy WCHL
certification sticker on your product box, once more you got to write
your driver to look like a SCSI driver.

You take a very serious risk whenever you compare features of
windows drivers and FreeBSD drivers and attempt to draw conclusions
on hardware.

Ted


- Original Message - 
From: <[EMAIL PROTECTED]>
To: "George Vanev" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, January 25, 2007 12:58 AM
Subject: Re: HP Embedded SATA RAID controller (FreeBSD 6.2)


> George Vanev <[EMAIL PROTECTED]> wrote:
>
> > AHA-3985 is SCSI controller. The one I have is SATA.
> > Yes, I'm sure that it's Adaptec, but what is the model?!
> > If FreeBSD didn't recognised it during the installation
> > does that mean that it is incompatible with FreeBSD?
>
> Yes, I understand that AHA-3985 is SCSI HostRAID and that you've SATA one.
> But look at the driver for your SATA RAID for Windows. You can find in
> driver's files both 'SATA'/'Serial ATA' and 'SCSI' words. There is
> definitely 'AHA3985' string in .sys file for Windows. Maybe it was remade
> for SATA. Probably FreeBSD hasn't working driver for this SATA HostRAID
> now.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: HP Embedded SATA RAID controller (FreeBSD 6.2)

[Ted Mittelstaedt]

I forgot to mention, ONLY install to ar0.  do NOT install to any of
the other disks that show up.

Ted

- Original Message - 
From: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
To: "George Vanev" <[EMAIL PROTECTED]>; "FreeBSD Questions"

Sent: Thursday, January 25, 2007 12:57 AM
Subject: Re: HP Embedded SATA RAID controller (FreeBSD 6.2)


>
> Hi George!
>
> Common problem.  The issue isn't that the FreeBSD driver cannot talk
> to the SATA controller.  It can do that just fine.
>
> The problem is that HP is using a modified metadata format on the
> disk drives.
>
> What you need to do is go into the Proliant BIOS and DISABLE
> the SATA raid.  This of course means any raid arrays, mirrored or
> otherwise, that you have created, cannot be used from BIOS.  Just
> leave the BIOS settings so that the SATA controller is enabled, but
> the RAID on the SATA controller isn't.
>
> Then boot FreeBSD 6.2.  It will see 2 disk drives.  (or more or however
> many you got)
>
> Now, if you want a raid mirror here is what you do.  Load a scratch
> install of FreeBSD 6.2 on the first disk.  Run atacontrol to create a
> mirror on both disks.  This writes out a metadata format that FreeBSD's
> disk driver understands.  This will trash your freebsd install of course.
> No problem.  Reboot from the installation CD and now you will see
> the 2 disks, plus ar0 (the mirror)   Install to that and your all set.
>
> Basically the only difference between doing it HP's way by creating
> the RAID from HP BIOS and doing it the FreeBSD way is that
> the HP BIOS is unaware of the FreeBSD metadata format so you
> cannot see or rebuild an array from BIOS that was created in
> FreeBSD, and FreeBSD is unaware
> of HP's metadata format so you cannot see or rebuild an array
> from FreeBSD that was created in BIOS
>
> As far as how the actual raid mirror works, it's exactly the same.
> In fact, better, since you can rebuild a FreeBSD array from
> FreeBSD and it's about 10 times faster than rebuilding it from
> HP's BIOS.
>
> Ted
>
> - Original Message - 
> From: "George Vanev" <[EMAIL PROTECTED]>
> To: "FreeBSD Questions" 
> Sent: Wednesday, January 24, 2007 4:35 AM
> Subject: HP Embedded SATA RAID controller (FreeBSD 6.2)
>
>
> > I have HP ProLiantML 110 G3 server.
> > I am trying to install FreeBSD 6.2.
> > But it doesn't seem to recognise the RAID controller.
> > I don't know what exactly is the controller.
> > In the hp site I didn't find anything usefull,
> > except that this is "HP embedded SATA RAID controller"
> > Not much, uh?!
> >
> > Any one could help?!
> > Regards
> > --
> > George Vanev
> >
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> >
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: HP Embedded SATA RAID controller (FreeBSD 6.2)

[Ted Mittelstaedt]

Hi George!

Common problem.  The issue isn't that the FreeBSD driver cannot talk
to the SATA controller.  It can do that just fine.

The problem is that HP is using a modified metadata format on the
disk drives.

What you need to do is go into the Proliant BIOS and DISABLE
the SATA raid.  This of course means any raid arrays, mirrored or
otherwise, that you have created, cannot be used from BIOS.  Just
leave the BIOS settings so that the SATA controller is enabled, but
the RAID on the SATA controller isn't.

Then boot FreeBSD 6.2.  It will see 2 disk drives.  (or more or however
many you got)

Now, if you want a raid mirror here is what you do.  Load a scratch
install of FreeBSD 6.2 on the first disk.  Run atacontrol to create a
mirror on both disks.  This writes out a metadata format that FreeBSD's
disk driver understands.  This will trash your freebsd install of course.
No problem.  Reboot from the installation CD and now you will see
the 2 disks, plus ar0 (the mirror)   Install to that and your all set.

Basically the only difference between doing it HP's way by creating
the RAID from HP BIOS and doing it the FreeBSD way is that
the HP BIOS is unaware of the FreeBSD metadata format so you
cannot see or rebuild an array from BIOS that was created in
FreeBSD, and FreeBSD is unaware
of HP's metadata format so you cannot see or rebuild an array
from FreeBSD that was created in BIOS

As far as how the actual raid mirror works, it's exactly the same.
In fact, better, since you can rebuild a FreeBSD array from
FreeBSD and it's about 10 times faster than rebuilding it from
HP's BIOS.

Ted

- Original Message - 
From: "George Vanev" <[EMAIL PROTECTED]>
To: "FreeBSD Questions" 
Sent: Wednesday, January 24, 2007 4:35 AM
Subject: HP Embedded SATA RAID controller (FreeBSD 6.2)


> I have HP ProLiantML 110 G3 server.
> I am trying to install FreeBSD 6.2.
> But it doesn't seem to recognise the RAID controller.
> I don't know what exactly is the controller.
> In the hp site I didn't find anything usefull,
> except that this is "HP embedded SATA RAID controller"
> Not much, uh?!
>
> Any one could help?!
> Regards
> --
> George Vanev
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD challenged by Internet

[Ted Mittelstaedt]

- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: 
Sent: Monday, January 22, 2007 12:24 AM
Subject: Re: FreeBSD challenged by Internet


> > > > What I don't get is I see guys walking in
> > > > dropping $1000 on associated Mac hardware crap
> ...
> > > The most expensive system around here is a Mac Sawtooth that cost
> > > $225 -- including a 17" monitor -- last September.  The (Dell)
> > > FreeBSD box I'm using at the moment cost $10 at a flea market,
> ...
> > This is a totally unfair comparison.  They guy dropping $1K on a
> > Mac is walking out with a machine that is fully configured and
> > ready to run.
>
> As was the Sawtooth.
>

Hmm - "Mac Sawtooth" to me is a circa 1999 Power Mac G4.  I think
we are talking about something different since you couldn't possibly be
just buying used devices and -not- nuking and repaving.. or could you?

> > When you get an old clunker by the time you tally up the time you
> > have spent on getting it ready to run, your at the same amount.
> ...
> > Skilled UNIX tech time is at min $95 an hour.  Your talking a
> > min of 4 hours to get a Goodwill find up and going on FreeBSD
> > by the time you work out the quirks, assuming that the ram in it
> > doesen't have a flaw and the disk is good, if you have to replace
> > that stuff you count the hours it takes to drive to Fry's and
> > back, buy the disk, etc..  well your getting pretty close to that
> > $1K in my book.
>
> It took me *zero* more time to get this box (Dell #1) ready for
> FreeBSD than if it had come direct from Dell with Windoze preloaded.

Not fair - you aren't including the time spent "preloading" FreeBSD.
The entire point is of the labor to get it to where you can start the
userland configuration.  Not to get it to where you can insert the
operating system install CD and boot it.  When you buy them new,
the windows is already loaded and ready to start the userland
configuration (which in my experience mainly consists of uninstalling
all the trialware and crap on them)

Granted, you might have FBSD installs down pat and get a machine
where you can just insert the CD, and 2 hours later your ready to
start userland config.   But, you had to spend time LEARNING HOW
to do this, and typical L-user (Low level user) who bought a brand new box
for a
grand, DIDN'T.  As a matter of fact they didn't even have to spend
time learning how to use a screwdriver to open the case!

So, in TOTAL time you have spent on these boxes, including all
the time you have spent learning how to use the OS, L-User is
still ahead of you in that they have spent a lot less time on the
box in front of them.  Remember, Windows preloads are designed
so morons can get the machine working.  You don't have to know
-anything-, you don't even have to spend time learning how to use
Windows.  At least, I have to conclude this based on the actions of
many many people I have dealt with, in corporations even, who
are behind Windows boxes.

> Yes, the hard drive did fail after a while, but that is not unheard
> of with brand new boxes either.  I'm not convinced that a trip to
> Fry's for a new drive takes any longer than packing up a dead drive
> and taking it to the post office to ship back for warranty replacement.
>

If you're an L-User, when this happens you don't save files, take disk out,
ship
it back, get new disk, install, test.  You take it back to store where
you bought it under the extended warranty, give it to them, say fix it,
and come back a week later.  It isn't necessary to actually spend time
learning how to fix your system or how to unscrew the case for that
matter

Sure, some tech is going to spend time fixing the 'doze box.  But,
said tech -isn't- the person who -paid- for the box.

> > In any case I was really speaking about the delta in a more
> > general sense.  I see a lot of folks going to comcast - who
> > as I understand their pricing, for Internet service only over
> > comcast, you pay more too.
>
> You really shouldn't have given me an excuse to bash Comcast :)
>
> They claim they are faster, but since I seldom see anywhere near
> rated speed on DSL I don't think the DSL line is the limiting factor.
> Given that, I would not expect cable to be any faster *in practice*
> than DSL.  When I tried to explain this to the door-to-door droid
> who was trying to sell me Comcast a while back, it was completely
> beyond his comprehension.  I don't care for their TOS either -- as
> I understand it, I can't even leave an SSH port open to enable me
> to log in from the office because that would be considered "running
> a server".
>

Correct, they block all incoming ports for well known services.  Obviously,
people can and do run servers on ports above 1024.

What do you mean you seldom see rated speed on your DSL line?
Are you talking from world to you, or are you talking from ISP to you?

> > The real point is how much do you value something?  Are you
> > going to say that PPP-only DSL service from a

Re: Loosing Ethernet Connectivity

[Ted Mittelstaedt]

Either that or replace the network card.  Or put a dumb little 4 port
hub between the card and the switch.

it's funny but sometimes the cheaper nics have autonegotiation
issues with the better quality hubs, and don't with the cheaper hubs.

The network gods like to throw us these things from time to
time to remind us the Universe has no fundamental logic

Ted

- Original Message - 
From: "David Schulz" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Sunday, January 21, 2007 9:06 PM
Subject: Re: Loosing Ethernet Connectivity


> Hi,
> 
> thats harsh, because before i used a cheaper Mitsubishi, forgot the  
> Model, but before Christmas i purchased a Cisco ws-c2960-48tt-l ,  
> which i thought was not too bad for what i needed. I just cant  
> replace it easily now. Really, is that it? Im gonna have to go with  
> the cronjob / shell script option?
> 
> So sad,
> David
> 
> 
> 
> On Jan 22, 2007, at 1:00 PM, Ted Mittelstaedt wrote:
> 
> > Been there.  You need to replace your ethernet switch.  It's what
> > they call an ethernet hardware incompatability.
> >
> > Forcing the card to 10baset half or 100 base t full might fix it but
> > probably not.
> >
> > Ted
> > .
> > - Original Message -
> > From: "David Schulz" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Sunday, January 21, 2007 7:12 PM
> > Subject: Loosing Ethernet Connectivity
> >
> >
> >> Hello all,
> >>
> >> every once in a while i have a machine (6.1) that out of the blue,
> >> sometimes after days, some after 6 months, looses Ethernet
> >> Connectivity. My Machines just run some Service, and have no
> >> Keyboard / Mouse or Monitor. When the Machine goes down, eg, i am
> >> unable to ping it from another Machine on the Network, even
> >> restarting the machine using "reboot" will not fix the Problem. The
> >> only way to fix it is to login as root, and issue a "ifconfig vr0
> >> down && ifconfig vr0 up". Then a dmesg Message appears : "vr0: Using
> >> force reset command.", and after that i can successfully ping the
> >> machine again. I have had this Problem on different machines with
> >> different Network Cards, on different Ethernet Cables, and with
> >> FreeBSD Versions 5.5 until 6.1.
> >>
> >> Can anyone please help me to understand and possibly even fix this
> >> Problem?
> >>
> >> Thanks a lot,
> >> David
> >> ___
> >> freebsd-questions@freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >> To unsubscribe, send any mail to
> > "[EMAIL PROTECTED]"
> >>
> >
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "freebsd-questions- 
> > [EMAIL PROTECTED]"
> 
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Loosing Ethernet Connectivity

[Ted Mittelstaedt]

Been there.  You need to replace your ethernet switch.  It's what
they call an ethernet hardware incompatability.

Forcing the card to 10baset half or 100 base t full might fix it but
probably not.

Ted
.
- Original Message - 
From: "David Schulz" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, January 21, 2007 7:12 PM
Subject: Loosing Ethernet Connectivity


> Hello all,
>
> every once in a while i have a machine (6.1) that out of the blue,
> sometimes after days, some after 6 months, looses Ethernet
> Connectivity. My Machines just run some Service, and have no
> Keyboard / Mouse or Monitor. When the Machine goes down, eg, i am
> unable to ping it from another Machine on the Network, even
> restarting the machine using "reboot" will not fix the Problem. The
> only way to fix it is to login as root, and issue a "ifconfig vr0
> down && ifconfig vr0 up". Then a dmesg Message appears : "vr0: Using
> force reset command.", and after that i can successfully ping the
> machine again. I have had this Problem on different machines with
> different Network Cards, on different Ethernet Cables, and with
> FreeBSD Versions 5.5 until 6.1.
>
> Can anyone please help me to understand and possibly even fix this
> Problem?
>
> Thanks a lot,
> David
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD challenged by Internet

[Ted Mittelstaedt]

- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: 
Sent: Saturday, January 20, 2007 3:51 PM
Subject: Re: FreeBSD challenged by Internet


>
> What really grates is that I have to pay Verizon *more* if I want
> *less* from them!  Would you pay $40K for a pickup, if you could get
> the same truck, from the same dealer, for $35K including a camper?
> That sort of pricing, by a monopoly, is supposed to be illegal (at
> least in the U.S.).
>

That's $5K difference not $10.  Thieves can get away with a lot if they
steal it in small bits.

> > What I don't get is I
> > see guys walking in dropping $1000 on associated Mac hardware crap
> > without blinking, then they squawk about paying an additional $9
> > a month on DSL?  That grand on Mac crap will pay for 9 years of
> > DSL at this so-called "unreasonable" rate.
>
> The most expensive system around here is a Mac Sawtooth that cost
> $225 -- including a 17" monitor -- last September.  The (Dell)
> FreeBSD box I'm using at the moment cost $10 at a flea market,
> plus something like $40 for a 160GB hard drive to replace the
> original 10GB that failed after a few months.  The one I'm going
> to be installing 6.2 on -- also a Dell -- was less than $5 at a
> yard sale.
>

This is a totally unfair comparison.  They guy dropping $1K on a
Mac is walking out with a machine that is fully configured and
ready to run.

When you get an old clunker by the time you tally up the time you
have spent on getting it ready to run, your at the same amount.

Cheap independent desktop support goes for about $35-$50
and hour, and none of those guys could load an Open Source
OS and do any serious configuration on it if their lives depended
 on it.

Skilled UNIX tech time is at min $95 an hour.  Your talking a
min of 4 hours to get a Goodwill find up and going on FreeBSD
by the time you work out the quirks, assuming that the ram in it
doesen't have a flaw and the disk is good, if you have to replace
that stuff you count the hours it takes to drive to Fry's and back,
buy the disk, etc..  well your getting pretty close to that $1K in
my book.

Of course, I understand you might be regarding that time as
"free" but it's only "free" to you - not to anyone else who can't
do this - they have to pay for it.  Thus, you have to factor it
in when making comparisons.

In any case I was really speaking about the delta in a more general
sense.  I see a lot of folks going to comcast - who as I understand
their pricing, for Internet service only over comcast, you pay more
too.  The real point is how much do you value something?  Are
you going to say that PPP-only DSL service from an ISP (verizon.net)
that does not give you a static IP number, and has a support desk
that is based in India and only speaks Windowease (and does a
poor job of that) is worth the same as all-the-time-on fully bridged
DSL service with a static IP and no goofy MTU size restrictions
and is supported by the same people that built the system and
who run Windows, FreeBSD and Linux both on their desktops
and servers?

Naturally, as an ISP employee this is my personal soapbox, but
let me put it another way.  Right now there is a revolution going on
with food.  40 years ago you went to the grocery store and bought
bread and all they had was Wonder air bread.  You went to the
bar and bought a beer and all they had was Bud.  Restaurants
either came in Burger, Steak, or American Menu.  In short, the
quality of food had descended into the toilet as a result of the
constant push to sell it cheaper that started in the late 1940's.
(epomized by Brother McDonald)

Today, you go to the grocery store and sure you can still get the
air-bread.  But for more money you can get bread that tastes
far, far better, and was baked locally.  You go to the bar and sure
you can still get the cheap Bud that was peed out of some horse
back in the Midwest and carried in 1000 gallon tank trucks,
or you can pay more money and get the better tasting microbrewed
stuff that someone brewed in small batches right there.

What has happened is that people stopped comparing food
based solely on price and started looking for quality, and when
that happened, all the sudden companies appeared that supplied
the better quality, albet at a bit higher price.

I'd rather drink a milkshake from a place like Baskin Robbins and
pay more for it than a cheaper milkshake at McDonalds.  Lots of
people would rather pay more for the better tasting coffee at
Starbucks than the cheap stuff out of the office vending machine.

Why is it OK for the food industry to be like this, and it's not
OK for the Internet Service industry to be like this?  It seems like
everyone only wants Internet Service to be as cheap as possible
and couldn't give a damn about quality.

>
> When I was looking, I couldn't find any for much less than double,
> but it has been a while.  Do you happen to know of any low-cost
> DSL providers who offer service in Washington County, Orego

Re: FreeBSD challenged by Internet

[Ted Mittelstaedt]

- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: 
Sent: Friday, January 19, 2007 12:47 AM
Subject: Re: FreeBSD challenged by Internet


> > > I doubt there is any reasonably priced ISP that will help in
> > > troubleshooting a problem that's not reproducible on Windows.
> >
> > $19.95 a month for DSL (ISP charges) is not reasonably priced?
> > WTF?
>
> Dunno about your neck of the woods, but last time I checked around
> here Verizon was charging something like $5 or $10 a month more for
> just the DSL line to connect to a third-party ISP than for the whole
> package using their own ISP.  Makes it difficult for independents to
> compete, at least on price :(

Well, if your not willing to pay the extra $5 or $10 a month to connect
your FreeBSD system to DSL then I have to seriously question your
leel of commitment to decent Internet service.  What I don't get is I
see guys walking in dropping $1000 on associated Mac hardware crap
without blinking, then they squawk about paying an additional $9
a month on DSL?  That grand on Mac crap will pay for 9 years of DSL at
this so-called "unreasonable" rate.

In any case, that pricing delta only exists if the independent hasn't signed
a wholesale agreement with Verizon.  If the independent has, it's a whole
different ball game, pricing is completely different and quite a bit less.

Basically IMHO the Verizon pricing program was designed to push the
really tiny independents, ie: the guys that might have a grand total
of 5 or 10 Verizon DSL customers, off of their network.  (and
it worked well I think)  Verizon didn't want independent ISPs that
wern't willing to put investment dollars into their interconnect to stay
on their network.  And I really can't say I blame them to be perfectly
honest.  The days of a guy starting an ISP in his garage for $500 and
a pile of old networking gear he pulled out of a Dumpster behind some
tech corporation are over.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Mail etiquette (was: What is this mean by this term)

[Ted Mittelstaedt]

- Original Message - 
From: "Jay Chandler" <[EMAIL PROTECTED]>
To: "freebsd-questions" 
Sent: Thursday, January 18, 2007 5:33 PM
Subject: Re: Mail etiquette (was: What is this mean by this term)

> >
> >
>
> Have any of these disclaimers ever proven to be even the slightest bit
> legally enforceable?
>

No they are not.  You cannot enforce something when you do not have
the recipient make an informed commitment to it.

For example, you can hold a gun to someone's head and make them
sign a contract.  The second you walk away they take the contract
to a court and bam, it's invalidated because they signed under duress.

And if you look at recent court decisions, the definition of signing under
duress has been -exceedingly- stretched these days.  Nowadays if
someone can convince a court that the contract holder ddn't completely
inform them of every last little condition, they can invalidate the
contract.

And this is a signed, notarized, witnessed contract we are talking about.
The idea that something like these disclaimers, or for that matter, software
shrink wrap licenses, would hold any legal water is just preposterous.

> I mean, for God's sake, they're at the bottom of the message,
> essentially telling you not to read the message you just read.
>

It would make no difference where they were in the message.  The
people insisting on these disclaimers have absolutely no legal knowledge
whatsoever.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD challenged by Internet

[Ted Mittelstaedt]

- Original Message - 
From: "RW" <[EMAIL PROTECTED]>
To: 
Sent: Thursday, January 18, 2007 7:43 AM
Subject: Re: FreeBSD challenged by Internet


> On Thu, 18 Jan 2007 00:43:02 -0800
> "Ted Mittelstaedt" <[EMAIL PROTECTED]> wrote:
> 
> > Also, these companies simply
> > cannot afford to put their best programming and design
> > talent on solving things like slow DNS resolver queries
> > through their proxy, when these problems are reported.
> 
> The OP said that there was no problem with linux and windows, and
> that's consistent with what I saw on my d-link ADSL router. Presumably
> FreeBSD is doing something slightly different.

Yes, it is, it's making IPv6 DNS queries.  There's a long story to this
that started a couple years ago when the roots inserted (against a number
of people's recommendations)  records

Things are fine if a downstream nameserver only speaks ipv4.  The
problem is the newer versions of bind have been coming with IPv6
transition support.  If they are run on hosts that have 
IPv6 support that are connected to IPv4 networks, your supposed to
run named with the -4 option.  Unfortunately this isn't widely known.
As a result when a resolver like FreeBSD's that is IPv6 compliant
makes a DNS lookup it will often make a IPv6 lookup, and this
trashes the DNS caches in these little routers.

If you recompile the kernel with INET6 removed from the config
I think it will fix the problem.  Not an obvious or easy solution for
a lot of people.  Or you can contact all the hosts you lookup and
tell them to have the admins check their nameservers. ;-)

> I wouldn't have expected
> these things to be tested against *BSD, but you would think that OS-X
> would behave like FreeBSD.
>

Well, Windows Vista will probably do this too so a lot more folks
are going to piss and moan I think before too long.
 
> 
> > Yet, do the customers that actually have these devices,
> > after going through 2 or 3 of them in that many years,
> > actually stop one day and say "Gee, I'm really stupid
> > to keep urinating my money away on these cheezy
> > little routers when I could spend $600 on a nice new
> > Cisco 800 series and get expert Cisco support on it, and
> > it would work and I could then just forget about it"
> 
> Draytek is a useful halfway house for domestic and soho use -  I've
> never heard anyone have a bad word to say about their wired
> dsl-routers. Cisco is overkill for most people. 
> 

There's others.  Your local ISP will have their favorites.

> > config your DSL modem out of routing mode and into bridging
> > mode.
> 
> That's doesn't really buy you all that much, cheap hardware isn't
> going to be more reliable in bridged-mode. DNS proxy problems are
> not a big deal since it's easy to manually configure servers, or turn-on
> recursive lookups. It does eliminate the problems that some
> NAT routers have with large numbers of simultaneous connections though.
> 
> These problems is particularly acute in countries where PPPoA is the
> norm. FreeBSD has no significant support for usb or pci PPPoA modems,
> that leaves us with routers, half-bridge modems, and full-bridging
> (where the ISP supports PPPoE over atm). And these bridged modems are
> really just adapted nat-routers.

Not true.  For example the Westell 36R 516 series are true bridges.  They
are DMT devices and have worked on every DMT ADSL line I've tried.
Of course, you have to firmware update them (not obvious) and configure
the vpi/vci in them (also not obvious, and requires windows 98 and their
program to do it)  And they are cheap as dirt on Ebay.

And the other thing is that just about all the DSL setups I've seen in
bridging mode do the PPPoE/PPPoA conversion automagically.  You
plug in your PC to the modem, send it PPPoE frames, the modem
encapsulates the PPPoE frames in PPPoA packets, sends them out
to the DSLAM, the DSLAM strips off the PPPoA header and forwards
the PPPoE packets onward to the BRAS/LNS (the PPP server) at
the ISP.

If you have an internal PPPoA card, all that happens is when the
recieving DSLAM gets the "pure" PPPoA frames from your DSL
modem over the DSL line, it adds a PPPoE header before sending
it onwards (over ethernet) to the BRAS/LNS (the PPP server) So
the ISP's PPP server sees PPPoE in either case.

> I do envy Linux's support for pci
> PPPoA modems.
>

If they are implemented like winmodems where most of the work is
offloaded to the CPU then you should be thankful FreeBSD doesen't
support them.
 
I think there's a lot of confusion out there over this PPPoE/PPPoA thing.

ADSL is a layer 1 protocol.
ATM runs over ADSL as a layer 2 protocol (as is Ethernet)
PPP is a layer 3 

Re: Transport Mode IPSEC

[Ted Mittelstaedt]

- Original Message - 
From: "Andrew Pantyukhin" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Thursday, January 18, 2007 2:07 AM
Subject: Re: Transport Mode IPSEC


> On 1/18/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> >
> > - Original Message -
> > From: "Andrew Pantyukhin" <[EMAIL PROTECTED]>
> > To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> > Cc: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>;
> > <[EMAIL PROTECTED]>
> > Sent: Thursday, January 18, 2007 12:25 AM
> > Subject: Re: Transport Mode IPSEC
> >
> >
> > > On 1/18/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> > > > Dan,
> > > >
> > > >   You do realize, don't you, that since both of these hosts are on a
> > switch,
> > > > and are using unicast traffic to communicate with each other, that
they
> > > > cannot be sniffed, don't you?
> > > >
> > > >   You might read up on ethernet switching technology a bit before
> > > > answering that.
> > >
> > > I'm sorry to be the one to make this remark but it's
> > > you who needs to read a bit to learn (a) how to sniff
> > > traffic off most Ethernet switches from D-Link to
> > > Cisco; (b) what other security risks unprotected NFSv3
> > > shares pose.
> >
> > Yeah, sure I've heard that one before.
> >
> > Why don't you go ahead and elaborate one of your favorite
> > theoretical attacks out of one of those books that "proves"
> > that an attacker can "sniff most switches" so I can have the
> > fun of knocking it down by real-world hardware implementations
> > that you can actually buy and use right now.
> >
> > Don't be a fool.  Ethernet switch manufacturers aren't stupid and
> > have read the same stuff your citing.  They combat them 2 ways.
> > The first is used on the expensive switches and it's called filtering
> > and allows switch manufacturer salespeople to have something to
> > dog and pony.  The second is used on the cheapo switches and
> > it's called using a wussy CPU on the switch so that the second
> > you try attacking the switch with one of your fancy attacks to
> > sniff it, the switch just rolls over and dies, passing so few packets
> > that every connection through it looses tremendous numbers of
> > packets, and hell breaks loose as all users start screaming.
> >
> > been there, done that.  Those work just dandy in the lab and
> > in your CCIE class with 3 hosts setup for the purpose of
> > demonstrating the attacks.  But try it on a production network some
> > day and the side-effects will kill you.
>
> Okay, I'm sorry to have sounded a bit rough before
> I even parsed your name :-) You don't need to throw
> bits of your knowledge at unsuspecting bystanders,
> too. ;)
>

OK, truce then. :-)

> Most attacks I can imagine, I read/heard about or
> seen in the worst of my nightmares - I wouldn't be
> able to reproduce or describe in detail.

Actually they sound a lot more interesting than they are
in practice.

There are two general ethernet attacks out there.  The first is
a MAC-based, you impersonate someone's MAC and IP
address (preferably a machine that happens to be switched off
at the moment) to get some sort of elevated privilege on a
server somewhere, or you do it while the other machine is
online, in order to take it offline, or do it to the gateway in
order to disrupt internet access, (usually)  Quite a lot of fun
things can be done with MAC and IP spoofing, and there
was a lot of this in early university campus dorm networks
when they were first setup.  Schools screamed about it and
switch vendors responded with intelligent switches that blurred
the distinction between layer 1, 2 and 3 and the rule of
thumb nowadays is to deploy those in networks where you
have potential attackers.  The best switches can notify the
admin when someone is pulling one of these stunts and
the admin can program in advance port lockdowns and
such, so that the wanna-be college freshman that thinks
he's smart gets a visit from campus security when he pulls
this kind of thing.

The second are in the high-speed rate family.  You send out
a lot of itty-bitty packets at a high rate of speed.  One trick is
to vary the MAC address on each packet so you overflow the
switch internal mac tables and cause the switch to basically
become a big hub - when that happens you run your sniffer
and 

Re: Transport Mode IPSEC

[Ted Mittelstaedt]

- Original Message - 
From: "Andrew Pantyukhin" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Thursday, January 18, 2007 12:25 AM
Subject: Re: Transport Mode IPSEC


> On 1/18/07, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
> > Dan,
> >
> >   You do realize, don't you, that since both of these hosts are on a
switch,
> > and are using unicast traffic to communicate with each other, that they
> > cannot be sniffed, don't you?
> >
> >   You might read up on ethernet switching technology a bit before
> > answering that.
>
> I'm sorry to be the one to make this remark but it's
> you who needs to read a bit to learn (a) how to sniff
> traffic off most Ethernet switches from D-Link to
> Cisco; (b) what other security risks unprotected NFSv3
> shares pose.

Yeah, sure I've heard that one before.

Why don't you go ahead and elaborate one of your favorite
theoretical attacks out of one of those books that "proves"
that an attacker can "sniff most switches" so I can have the
fun of knocking it down by real-world hardware implementations
that you can actually buy and use right now.

Don't be a fool.  Ethernet switch manufacturers aren't stupid and
have read the same stuff your citing.  They combat them 2 ways.
The first is used on the expensive switches and it's called filtering
and allows switch manufacturer salespeople to have something to
dog and pony.  The second is used on the cheapo switches and
it's called using a wussy CPU on the switch so that the second
you try attacking the switch with one of your fancy attacks to
sniff it, the switch just rolls over and dies, passing so few packets
that every connection through it looses tremendous numbers of
packets, and hell breaks loose as all users start screaming.

been there, done that.  Those work just dandy in the lab and
in your CCIE class with 3 hosts setup for the purpose of
demonstrating the attacks.  But try it on a production network some
day and the side-effects will kill you.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Broadcom Nics in Tyan Transport GT24 (B3992)

[Ted Mittelstaedt]

Heh - I too have had servers that had the nice little catch-22 of
you couldn't read a CD in them so you had to do an FTP install -
but the current freebsd release didn't have a working ethernet
driver for the embedded nic on the server, so while you could
boot the server with a floppy, you couldn't install freebsd on it.

Ted

- Original Message - 
From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, January 18, 2007 12:06 AM
Subject: Re: Broadcom Nics in Tyan Transport GT24 (B3992)


> On Wed, 17 Jan 2007, Ted Mittelstaedt wrote:
>
> > yes, but guess what - FBSD 6.2 is now released, so just install that and
> > the updated driver is already in the kernel
>
> You were just waiting to say that weren't you :)
>
> -Dan
>
> >
> > Ted
> >
> > - Original Message - 
> > From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
> > To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> > Cc: <[EMAIL PROTECTED]>
> > Sent: Monday, January 15, 2007 7:27 AM
> > Subject: Re: Broadcom Nics in Tyan Transport GT24 (B3992)
> >
> >
> > > On Mon, 15 Jan 2007, Ted Mittelstaedt wrote:
> > >
> > > Is the bge driver enabled by default?
> > >
> > > -Dan
> > >
> > > > I don't know what broadcom chip your MB has but the majority of
those
> > cards
> > > > are supported here:
> > > >
> > > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/bge/
> > > >
> > > > You should be able to just copy over the 2 files to your
> > src/sys/dev/bge/
> > > > directory and
> > > > recompile your 6.1-release kernel with no problems.  I did.
> > > >
> > > > Look carefully at the chip on your MB and post the BCM model number
on
> > it
> > > > if this doesen't work.
> > > >
> > > > Ted
> > > >
> > > > - Original Message -
> > > > From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
> > > > To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> > > > Cc: <[EMAIL PROTECTED]>
> > > > Sent: Saturday, January 13, 2007 5:34 AM
> > > > Subject: Re: Broadcom Nics in Tyan Transport GT24 (B3992)
> > > >
> > > >
> > > >> On Fri, 12 Jan 2007, Ted Mittelstaedt wrote:
> > > >>
> > > >>> Use the latest Broadcom driver from FreeBSD CVS.  The one included
in
> > > > 6.1
> > > >>> release is buggy.
> > > >>
> > > >> Which driver is that?  My 6.1 install won't see them at all:
> > > >>
> > > >> pci4:  on pcib4
> > > >> pci4:  at device 4.0 (no driver attached)
> > > >> pci4:  at device 4.1 (no driver attached)
> > > >>
> > > >> Also, I'm running 6.1-RELEASE, will the cvs drivers from CURRENT
work?
> > > >>
> > > >> -Dan
> > > >>
> > > >>>
> > > >>> Ted
> > > >>>
> > > >>> - Original Message -
> > > >>> From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
> > > >>> To: <[EMAIL PROTECTED]>
> > > >>> Sent: Friday, January 12, 2007 5:02 PM
> > > >>> Subject: Broadcom Nics in Tyan Transport GT24 (B3992)
> > > >>>
> > > >>>
> > > >>>> Hey all, I have a Transport GT24 (B3992 Motherboard), and while
it
> > has
> > > > one
> > > >>>> intel nic which works well, I'd like to be able to use the
onboard
> > > >>>> broadcom network cards.  Is there a known way of making them
work?  I
> > > > seem
> > > >>>> to recall some dealy where you could use a windows driver?
> > > >>>>
> > > >>>> -Dan
> > > >>>>
> > > >>>> --
> > > >>>>
> > > >>>> "I love you forever eternally."
> > > >>>>
> > > >>>> -Connaian Expression
> > > >>>>
> > > >>>> Dan Mahoney
> > > >>>> Techie,  Sysadmin,  WebGeek
> > > >>>> Gushi on efnet/undernet IRC
> > > >>>> ICQ: 13735144   AI

Re: Transport Mode IPSEC

[Ted Mittelstaedt]

You don't trust your own switch?

Your making a common mistake here.  Your confusing application
security with environment security.  If an environment is insecure
you cannot make it secure by mucking with the application. (ie:
hiding it in a tunnel)

for example you cited arp cache poisoning on an ethernet network.
running ipsec will not protect against this.  If your ethernet environment
is insecure (ie: your using unmanaged switches) and it's got hostiles
on it, you can run all the ipsec you want, an attacker can DoS your
NFS server with an arp cache poison, no problem.  Or, assume the
MAC of your default gateway and knock all users offline.

If you correct the environment security, then the application is
protected.  For example, you put in a decent managed switch, you
setup rate-limiting on it, you setup MAC/IP address filters, and
your now secure on your local LAN.

Basically, what your trying to do - use ipsec to encrypt nfs on a local
lan  - is unnecessary, adds overhead, and what you want to have happen
is better done by other mechanisms.

If your running NFS over a WAN connection where ipsec encryption
would have some validity, well, NFS isn't a good protocol for
such a connection.  Copying a file is going to be slow.  WANs are
unreliable and you don't want your NFS mounts vanishing without
being umounted.  sftp would be a much better choice I think.

NFS isn't inherently insecure unless it's improperly deployed.  I would
consider deploying NFS on a hostile ethernet network that is not secured,
to be an improper deployment and I think any security professional would
agree.

This discussion is like when Microsoft made packet signing mandatory
in SMB in Windows XP.  They said "this will enhance the security of
SMB"  No it didn't.  SMB packets in Real Life are almost always on
a local LAN, and most of those are switched.  All that did is break
connecitons to UNIX Samba servers (which was probably the real
reason they did it)

Ted

- Original Message - 
From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, January 18, 2007 12:06 AM
Subject: Re: Transport Mode IPSEC


> On Wed, 17 Jan 2007, Ted Mittelstaedt wrote:
>
> > Dan,
> >
> >   You do realize, don't you, that since both of these hosts are on a
switch,
> > and are using unicast traffic to communicate with each other, that they
> > cannot be sniffed, don't you?
>
> That implies trust of the switch, trust against arp-cache poisoning, and
> the like.  The idea of ipsec is not trusting the wire.
>
> With NIS/NFS known for being this inherently secure, would it get me a
> better answer if I said "with only a single router between them"?
>
> -Dan
>
>
> --
>
>
> Dan Mahoney
> Techie,  Sysadmin,  WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144   AIM: LarpGM
> Site:  http://www.gushi.org
> ---
>
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD challenged by Internet

[Ted Mittelstaedt]

Hi Bob,

  As I am ad administrator of an ISP that is a DSL
ISP that offers DSL, and also runs FreeBSD on it's
servers, I am going to address your point.

 The problem your having is present on MANY of
these "some box(s) which connects me to to net"
Generally, it's older Linksys and Netgear routers that
are the worst offenders.  The newer devices don't
generally have this problem - the manufacturers aren't
completely stupid, and do learn from their mistakes -
bot not always.  I'm still seeing stupid crap like this in
even the latest boxes.

Now, here's where I'm going to take you somewhat to
task.  You have to understand some things about marketing
these boxes.

When a company like Airlink101 produces a
"cable/DSL" ethernet router and sells it for $30,
or a company like 2 Wire, or Westell, or ActionTec,
produces a DSL modem/router combo that sells
for $60, it is absolutely impossible for them to make
a profit doing this unless they configure their support
offering so that the quality of technical support you
get is on the level of that which would be provided by
your average 6 year old.  Also, these companies simply
cannot afford to put their best programming and design
talent on solving things like slow DNS resolver queries
through their proxy, when these problems are reported.

Instead when they get these problems, they spend the
R&D money and talent they have building next year's
model - which is then sold for another $30, next year.

Slow DNS queries are just one of the problems on a
very long, long, long laundry list of problems with these
small cheapo routers.

Yet, do the customers that actually have these devices,
after going through 2 or 3 of them in that many years,
actually stop one day and say "Gee, I'm really stupid
to keep urinating my money away on these cheezy
little routers when I could spend $600 on a nice new
Cisco 800 series and get expert Cisco support on it, and
it would work and I could then just forget about it"

Of course not.  So, who do you think ends up picking
up the slack?  I'll tell you, it's us ISP's that's who.

If you were our DSL customer and you called in with
this problem, we would have known immediately what
it was, and instructed you in how to correct the configuration.
In your case the absolute best way is to ditch your
router and turn on pppoe on your BSD box and config
your DSL modem out of routing mode and into bridging
mode.  Or your cable modem, or whatever.

You wouldn't get that as a response if you were running
Windows - since Windows attracts security crackers like
dog shit attracts flies - but any UNIX - be it Linux, MacOS X
or whatever, you would get that response.

Anyway, I think you should have availed yourself of your ISP's
tech support department first.   And if your ISP's support
department stinks - some unfortunately do - then drop service
and get a better one.  There's plenty more ISP's in the
phone book.

Ted

- Original Message - 
From: "Bob McIsaac" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, January 15, 2007 10:32 PM
Subject: FreeBSD challenged by Internet


> Hi:
>
> This is not exactly a question rather it is wrapup for a
> series of questions.  I had a tricky, confusing problem
> getting FreeBSD on the net but I was able to solve it
> with help from this list.. Ian Smith in particular.
>
> The DHCP lease from my ISP set the nameserver
> address as being 192.168.1.254, the IP of some box
> which connects me to to net.  Correct me if wrong,
> but whois would not reveal a nameserver IP in this
> form for a net host.
>
> Linux accepted this but FreeBSD-6.1 had 10 second
> delays in TCP connects for mail and web pages.
> This does not imply a problem with BSD. It
> probably implies that Linux is more tolerant of
> loosely configured web services.  But in the
> world of security it's "casual configuration
> considered harmful".
>
> I spent many hours reading and testing before
> hitting on a solution in dhclient.conf. I think this
> would be  discouraging for most FreeBSD newbies.
> But making setup a no-brainer does not seem
> possible. It is difficult to provide a quality,
> standards-compliant OS unless all net-citizens
> share that focus on quality.
>
> Just my 2cents.
>
> Cheers,
> -Bob-
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Broadcom Nics in Tyan Transport GT24 (B3992)

[Ted Mittelstaedt]

yes, but guess what - FBSD 6.2 is now released, so just install that and
the updated driver is already in the kernel

Ted

- Original Message - 
From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, January 15, 2007 7:27 AM
Subject: Re: Broadcom Nics in Tyan Transport GT24 (B3992)


> On Mon, 15 Jan 2007, Ted Mittelstaedt wrote:
>
> Is the bge driver enabled by default?
>
> -Dan
>
> > I don't know what broadcom chip your MB has but the majority of those
cards
> > are supported here:
> >
> > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/bge/
> >
> > You should be able to just copy over the 2 files to your
src/sys/dev/bge/
> > directory and
> > recompile your 6.1-release kernel with no problems.  I did.
> >
> > Look carefully at the chip on your MB and post the BCM model number on
it
> > if this doesen't work.
> >
> > Ted
> >
> > - Original Message -
> > From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
> > To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
> > Cc: <[EMAIL PROTECTED]>
> > Sent: Saturday, January 13, 2007 5:34 AM
> > Subject: Re: Broadcom Nics in Tyan Transport GT24 (B3992)
> >
> >
> >> On Fri, 12 Jan 2007, Ted Mittelstaedt wrote:
> >>
> >>> Use the latest Broadcom driver from FreeBSD CVS.  The one included in
> > 6.1
> >>> release is buggy.
> >>
> >> Which driver is that?  My 6.1 install won't see them at all:
> >>
> >> pci4:  on pcib4
> >> pci4:  at device 4.0 (no driver attached)
> >> pci4:  at device 4.1 (no driver attached)
> >>
> >> Also, I'm running 6.1-RELEASE, will the cvs drivers from CURRENT work?
> >>
> >> -Dan
> >>
> >>>
> >>> Ted
> >>>
> >>> - Original Message -
> >>> From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
> >>> To: <[EMAIL PROTECTED]>
> >>> Sent: Friday, January 12, 2007 5:02 PM
> >>> Subject: Broadcom Nics in Tyan Transport GT24 (B3992)
> >>>
> >>>
> >>>> Hey all, I have a Transport GT24 (B3992 Motherboard), and while it
has
> > one
> >>>> intel nic which works well, I'd like to be able to use the onboard
> >>>> broadcom network cards.  Is there a known way of making them work?  I
> > seem
> >>>> to recall some dealy where you could use a windows driver?
> >>>>
> >>>> -Dan
> >>>>
> >>>> --
> >>>>
> >>>> "I love you forever eternally."
> >>>>
> >>>> -Connaian Expression
> >>>>
> >>>> Dan Mahoney
> >>>> Techie,  Sysadmin,  WebGeek
> >>>> Gushi on efnet/undernet IRC
> >>>> ICQ: 13735144   AIM: LarpGM
> >>>> Site:  http://www.gushi.org
> >>>> ---
> >>>>
> >>>> ___
> >>>> freebsd-questions@freebsd.org mailing list
> >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >>>> To unsubscribe, send any mail to
> >>> "[EMAIL PROTECTED]"
> >>>>
> >>>
> >>
> >> --
> >>
> >> "You're not normal!"
> >>
> >> -Michael G. Kessler, referring to my modem online time.
> >>
> >>
> >> Dan Mahoney
> >> Techie,  Sysadmin,  WebGeek
> >> Gushi on efnet/undernet IRC
> >> ICQ: 13735144   AIM: LarpGM
> >> Site:  http://www.gushi.org
> >> ---
> >>
> >>
> >
>
> --
>
> [23:49:00] LarpGM: Did my little TP comment scare you off?
> [23:49:22] ilzarion: no, the shrieking retarded child eating people did
>
> -Feb 06, 2001, times apparent.
>
>
> Dan Mahoney
> Techie,  Sysadmin,  WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144   AIM: LarpGM
> Site:  http://www.gushi.org
> ---
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Transport Mode IPSEC

[Ted Mittelstaedt]

Dan,

  You do realize, don't you, that since both of these hosts are on a switch,
and are using unicast traffic to communicate with each other, that they
cannot be sniffed, don't you?

  You might read up on ethernet switching technology a bit before
answering that.

  Most people don't wear 2 condoms, you know.

Ted

- Original Message - 
From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 17, 2007 11:28 PM
Subject: Transport Mode IPSEC


> Hey all,
>
> I see the handbook has a nice howto on tunnel mode ipsec.  I just want to
> protect my NFS/NIS traffic between two hosts on a switch (neither NAT'd)
> -- is there a reference as to transport-mode ipsec anywhere, or has anyone
> done it that can outline it?  I would imagine it would be drastically
> simpler than tunnel mode, but I'm not sure where it would break off.
>
> -Dan
>
> --
>
> "A mother can be an inspiration to her little son, change his thoughts,
> his mind, his life, just with her gentle hum."
>
> -No Doubt, "Different People", from "Tragic Kingdom"
>
>
> Dan Mahoney
> Techie,  Sysadmin,  WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144   AIM: LarpGM
> Site:  http://www.gushi.org
> ---
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Broadcom Nics in Tyan Transport GT24 (B3992)

[Ted Mittelstaedt]

I don't know what broadcom chip your MB has but the majority of those cards
are supported here:

http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/dev/bge/

You should be able to just copy over the 2 files to your src/sys/dev/bge/
directory and
recompile your 6.1-release kernel with no problems.  I did.

Look carefully at the chip on your MB and post the BCM model number on it
if this doesen't work.

Ted

- Original Message - 
From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, January 13, 2007 5:34 AM
Subject: Re: Broadcom Nics in Tyan Transport GT24 (B3992)


> On Fri, 12 Jan 2007, Ted Mittelstaedt wrote:
>
> > Use the latest Broadcom driver from FreeBSD CVS.  The one included in
6.1
> > release is buggy.
>
> Which driver is that?  My 6.1 install won't see them at all:
>
> pci4:  on pcib4
> pci4:  at device 4.0 (no driver attached)
> pci4:  at device 4.1 (no driver attached)
>
> Also, I'm running 6.1-RELEASE, will the cvs drivers from CURRENT work?
>
> -Dan
>
> >
> > Ted
> >
> > - Original Message -
> > From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Friday, January 12, 2007 5:02 PM
> > Subject: Broadcom Nics in Tyan Transport GT24 (B3992)
> >
> >
> >> Hey all, I have a Transport GT24 (B3992 Motherboard), and while it has
one
> >> intel nic which works well, I'd like to be able to use the onboard
> >> broadcom network cards.  Is there a known way of making them work?  I
seem
> >> to recall some dealy where you could use a windows driver?
> >>
> >> -Dan
> >>
> >> --
> >>
> >> "I love you forever eternally."
> >>
> >> -Connaian Expression
> >>
> >> Dan Mahoney
> >> Techie,  Sysadmin,  WebGeek
> >> Gushi on efnet/undernet IRC
> >> ICQ: 13735144   AIM: LarpGM
> >> Site:  http://www.gushi.org
> >> ---
> >>
> >> ___
> >> freebsd-questions@freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >> To unsubscribe, send any mail to
> > "[EMAIL PROTECTED]"
> >>
> >
>
> --
>
> "You're not normal!"
>
> -Michael G. Kessler, referring to my modem online time.
>
>
> Dan Mahoney
> Techie,  Sysadmin,  WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144   AIM: LarpGM
> Site:  http://www.gushi.org
> ---
>
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Broadcom Nics in Tyan Transport GT24 (B3992)

[Ted Mittelstaedt]

Use the latest Broadcom driver from FreeBSD CVS.  The one included in 6.1
release is buggy.

Ted

- Original Message - 
From: "Dan Mahoney, System Admin" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, January 12, 2007 5:02 PM
Subject: Broadcom Nics in Tyan Transport GT24 (B3992)


> Hey all, I have a Transport GT24 (B3992 Motherboard), and while it has one
> intel nic which works well, I'd like to be able to use the onboard
> broadcom network cards.  Is there a known way of making them work?  I seem
> to recall some dealy where you could use a windows driver?
>
> -Dan
>
> --
>
> "I love you forever eternally."
>
> -Connaian Expression
>
> Dan Mahoney
> Techie,  Sysadmin,  WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144   AIM: LarpGM
> Site:  http://www.gushi.org
> ---
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Why is sysinstall considered end-of-life?

[Ted Mittelstaedt]

- Original Message - 
From: "Tore Lund" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, January 07, 2007 3:45 PM
Subject: Re: Why is sysinstall considered end-of-life?


> Robert Huff wrote:
> > (Personally, I think there are also points where the correct user
> > behavior is not intuitively obvious.)
>
> An understatement.  There are situations where sysinstall is positively
> quixotic.  I don't mind the simple character-based interface.  But I do
> find it worrying that I sometimes cannot know what sysinstall will do
> next.  In any case, this is bad publicity for FreeBSD since sysinstall
> is the first bit of FreeBSD they encounter.
>

All of this is true.

> Time and again we hear rumors about a new installation program.  Is it
> actually nearing completion?  Keep in mind that many of us do not even
> consider getting involved as long as we believe a better program is
> under way.

There is no new installation program underway.

This comes up every year or so on the various discussion lists, everyone
bashes sysinstall and claims it makes FreeBSD look bad and when are
we going to get a replacement, etc.  The arguments die away when faced
with the following cold realities:

1) You can probably get consensus from everyone that sysinstall is ugly
and needs replacement.  But your never going to get any consensus on
what the replaement should look like.  And any replacement is going to
have places where the user cannot know what it's going to do next, that
is just the nature of install programs - it is due to the fact that
different people
interpret things differently.  What is obvious to you isn't obvious to
someone
else.  And, when is the install program going to cross the line between
acting as a install program and acting as a training video?

Review the steps needed to install a self-signed SSL certificate into
Microsoft Internet Explorer 7, and then come back and tell me that
those steps are more intuitive than sysinstall.  Yeah, right.  Face the
facts, boys.  Every year, computers get more complex to operate, and
every year, the Average User is paying more and more to have a tech
set the computer up for them.  Open your eyes and look around.  People
think nothing of paying $30 to have a tech install Microsoft Office on their
new Windows PC for God's sake.

Who really is sysinstall's audience?  The average l-user?  Or the average
technician?  If it's the average tech, then who the hell cares how ugly
sysinstall is?  You think sysinstall is bad, you ought to see the diagnostic
interface
the average auto mechanic has to use to troubleshoot your car.  If you are
not the ultimate end-user for the FreeBSD system your installing, then
you don't have any moral ground to make a call for pussifying the FreeBSD
install program.  I can tell you that for myself, every FreeBSD system I've
installed in the last year and a half has been for OTHERS to use, NOT ME.

2) There's an immense amount of effort that has gone into sysinstall and
it's libraries.  Your talking about taking on an old, established program
that
is pretty throughly debugged, a program that is like an octopus in the
amount of icky, ugly mucking around with config files and such that it does,
and replacing this with a new program that is going to have all of the
intelligence and institutional knowledge in it that the old program does.
And furthermore if this replacement is to ever get traction among the
userbase it's going to have to work PERFECTLY in the FIRST version
that is released, otherwise everyone is just going to turn their back on it
and keep using the existing sysinstall.

3) The largest complaint about sysinstall is that it's not graphical.  The
problem is that a graphical installation program has some -severe-
constraints on it.  First, it has to work in ALL instances.  That means,
640x480x16 colors VGA screen.  You have a lot of people out there
installing on systems that have, for example, monitors with inadequate
horizontal/vertical frequency ranges and very capabable video cards,
unless you force the X-server to use the original VGA resolution, it's going
to overdrive those monitors and the user is going to see a black screen
when the installation program comes up.  And the only way FreeBSD
is going to get a graphical anything is by using Xorg, and FreeBSD does
not maintain that distribution - so we are now dependent on the Xorg
group writing their code with no bugs for our installation program to work.

4) Installation programs by and large are not "fun" programs to work
on.  Most developers avoid them.  They are thankless tasks - you
don't hear squat for thanks from anyone when they work, but you make
the least mistake and everyone is on your neck.

5) Finally, sysinstall is a one-shot program.  You use it once, the system
is
installed, and you never have to touch it again.  There's lots of other
things
in FreeBSD that are critical things that will stop an installation cold.
Such
as lack of device support for some

Re: Contributing to FreeBSD documentation (was: Re: no ath0 on newsystem with good card)

[Ted Mittelstaedt]

- Original Message - 
From: "Giorgos Keramidas" <[EMAIL PROTECTED]>
To: "Steve Franks" <[EMAIL PROTECTED]>
Cc: 
Sent: Sunday, January 07, 2007 8:25 AM
Subject: Contributing to FreeBSD documentation (was: Re: no ath0 on
newsystem with good card)


> On 2007-01-07 08:54, Steve Franks <[EMAIL PROTECTED]> wrote:
> > Apologies on not hitting the list.  Alyays forget to reply-all.
>
> No problem.  I just didn't copy the list because I wasn't sure I should.
>
> > So, I figured I'd try to fix the safe-mode end of things on my own,
> > and I found a post several years old (looked like it even could have
> > been yours) about safemode, which doesn't show up anywhere on the
> > freebsd site.  So I did what it said and grep'd boot/beastie.4th for
> > safemode, which came up with this suprisingly total solution:
> >
> > add apic.0.disabled="1" to boot/device.hints.  Not only does my system
> > come up in regular boot mode, but, as you suspected, the pccard works
> > too, so all appears well.
>
> Excellent news!   Thanks for sharing the answer :)
>
> > So my final question, what in all the land is an "apic",
>
> "Advanced Programmable Interrupt Controller".  This is the part of your
> system which assigns priorities to interrupt lines of a device.  The
> full details are probably too technical for some percentage of our user
> base, but more details can be found at the following pages:
>
>   http://en.wikipedia.org/wiki/Advanced_Programmable_Interrupt_Controller
>   http://en.wikipedia.org/wiki/Programmable_Interrupt_Controller
>   http://en.wikipedia.org/wiki/Intel_8259
>   http://en.wikipedia.org/wiki/Intel_APIC_Architecture
>
> > and why isn't apic or safemode mentioned in the handbook, manpages, or
> > even on the freebsd site?
>
> IIRC it is mentioned in the Developer's Handbook, but you are right that
> it should be in the main Handbook too.
>
> > Further, I'd like to write a handbook page on "freebsd and laptops",
> > because we're on my third one here now, and I'm starting to get the
> > drift of what could usefully be added to the handbook, namely a
> > thourough discussion of booting and device.hints.
>
> That would be great!  If you can help writing such a section for the
> Handbook, a lot of users will be highly indebted to you, for sure :)
>

I'll throw my $0.02 in here on this.

Years ago on the CD distributions there was a file in the root of the distro
labeled "hints" or some such.  It was also on the website.  It contained all
the little workarounds for SPECIFIC pieces of hardware.  I know as I wrote
several entries for it.  That apic problem was listed in there as were
several
others, I know some for laptops specifically.

Sometime during the FreeBSD 4.X series one of the developers got a bug
up their ass that somehow this was the wrong place for problems to be
listed.  Something along the lines of these problems aren't FreeBSD problems
they are sucky hardware problems and it makes FreeBSD look bad to have
the workarounds even listed at all, and we have the bug database and these
icky ugly things really ought to go into the bug database.  So this file
disappeared.
As did every other easily recognizable place for submitting hints.  As did
the
specific e-mail address for hints to go to.

These installation problems IMHO  PROPERLY belong in the README for the
distribution.  That is the FIRST place that someone BRAND NEW to FreeBSD
is going to look for them.  No FreeBSD newbie who has oddball hardware
that has bugs in it, is going to take the time spending hours reading the
Handbook
or searching the questions mailing list archives for tidbits, or querying
the bug
database for PR's for their gear.  Any newbie to FreeBSD
is going to do the same thing that they do to any other OS, they are going
to stick
the CD in their oddball hardware and boot it, and if it doesen't come up
they
will look at the README file that came with the ISO image they downloaded,
and if the hardware-specific workarounds for their machine aren't there,
they will
discard the ISO cd and move on to some other Open Source OS.

For all the huffing-and-puffing on peer-review for the Handbook, well
that is fine for that.  But an install hints file's very usefulness is junk
if a
committee is reviewing it.

Hardware-specific install hints are, by their very nature, NOT guarenteed
to work.  They may even make things worse.  All they are is user-developed
workarounds that may or may not be The FreeBSD Way of doing things.
The only thing that can be said about them is that at one time, one year,
with
one particular piece of gear, someone tried some off-the-wall thing and
it worked.  It might not ever work again in any future version of FreeBSD.
There might be manufacture-specific BIOS updates that fix things.  There
might be a driver update in a later FreeBSD version that fixed that specific
thing. But, it is a last-ditch suggestion to try when the 'normal' way of
installing
something doesen't work.

I don't see much support for recreatin

Re: Perl error with Spam Assassin?

[Ted Mittelstaedt]

SA is a black box to troubleshoot, so many interrelated stuff.
portupgrading
isn't wise on a SA server.  When I deploy SA I build the initial server from
ports as well as SA, from that point on, all SA upgrades are manual.  Once
the rest of the code on the server gets too old for production, the server
is
cycled out and replaced with a new one that's a new initial build.

I realize this won't probably help you to solve the problem but may help you
avoid it in the future.

In your case since you undoubtedly don't want to take the server down to
the bear metal, all I can recommend is make deinstall SA and all dependent
programs, including
all perl modules as well as perl itself.  Then cvsup ports, and make install
SA  Good luck with it.

Ted

- Original Message - 
From: "David Kelly" <[EMAIL PROTECTED]>
To: "FreeBSD Questions" <[EMAIL PROTECTED]>
Sent: Thursday, December 28, 2006 7:40 PM
Subject: Perl error with Spam Assassin?


> I *think* the following is coming from Spam Assassin, which is
> launched by procmail, which is launched by fetchmail (so any of those
> could be the guilty party if they use perl).
>
> [31161] warn: (?:(?<=[\s,]))* matches null string many times in
> regex; marked by <-- HERE in m/\G(?:(?<=[\s,]))* <-- HERE \Z/ at /usr/
> local/lib/perl5/site_perl/5.8.8/Text/Wrap.pm line 46.
>
> Anyone else? Any suggestion as to what I may be doing wrong? Can't
> say that I can associate the occurance of the above with any
> portupgrade or similar. Might have been a portupgrade or a buildworld
> which started the error messages.
>
> --
> David Kelly N4HHE, [EMAIL PROTECTED]
> 
> Whom computers would destroy, they must first drive mad.
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Possibility for FreeBSD 4.11 Extended Support

[Ted Mittelstaedt]

I got one better than that:

A recent e-mail from Bill Gates of Microsoft stated:

" It's interesting that so far I've actually not yet seen even one person
e-mail
Microsoft since the Windows XP EoL announcement to say,

   "If I volunteer my time or pay for your time to support Windows XP for
security
patches, can we extend the EoL?".

Same difference.

Ted Mittelstaedt
Author, FreeBSD Corporate Networkers Guide.


- Original Message - 
From: "dick hoogendijk" <[EMAIL PROTECTED]>
To: "Robert Watson" <[EMAIL PROTECTED]>; "FreeBSD Users Questions"

Sent: Sunday, December 24, 2006 9:30 AM
Subject: Re: Possibility for FreeBSD 4.11 Extended Support


> On Sat, 2006-12-23 at 07:45, Robert Watson wrote:
>
> > It's interesting that so far I've actually not yet seen even one person
e-mail
> > security-team since the EoL announcement to say,
> >
> >"If I volunteer my time or pay for your time to support 4.11 for
security
> > patches, can we extend the EoL?".
> >
> > If I missed your e-mail, sorry about that, but I do read pretty fairly
> > carefully so feel some justification in making this claim.
>
> [the rest of the msg cut]
>
> Just wanted you to know I loved your message. It is very to the point
> and you took the time to elaborate on almost every aspect of this
> discussion. Not that it'll help I'm afraid. You must be willing to
> reason first ;-) But at least we can refer to your message in future
> times.
>
> -- 
> http://nagual.nl/ -- PGP/GnuPG key: F86289CE
> ++ Running FreeBSD 6.1 ++ Solaris 10 6/06 ++
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: change password without shell access

[Ted Mittelstaedt]

poppassd

Ted

- Original Message - 
From: "Perttu Laine" <[EMAIL PROTECTED]>
To: 
Sent: Wednesday, December 27, 2006 9:34 AM
Subject: Re: change password without shell access


> On 12/27/06, Derek Ragona <[EMAIL PROTECTED]> wrote:
> >
> >  That is the easy solution, as there are plug ins for the vacations and
> > password.  Otherwise you will need to roll your own.
> >
>
> Easy solution for admins - yes. Not for users. Running another webmail
just
> password change is not option. What I need is like interface for just
> changing password and nothing else. Or possibly interface where you can
> login and change password and/or .forward. I know how we can do this other
> way (moving webmail to mailserver or forwarding all mail to mailboxes in
> shell-server), but I'm looking solution to solve this problem without
> changing current webmail/mail-system.
>
> But seems like answer to my question is: there are no software for this
> available ready to run.
>
> -- 
> kpn @ IRCnet
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: SCSI Tape Drive Problems

[Ted Mittelstaedt]

That's hardware, most likely scsi termination issues or cabling issues.

I have seen these errors lots of times when using a high speed scsi
controller
on a tape drive.  Sometimes you can play with the settings on the
controller or flip switches on the drive to get things to work, sometimes
you can use better cables and get things to work, usually I just
go get an older, slower scsi controller.  There's a computer recycler
here that has stacks of aha 2940's  (not the ultra ones) for a couple
bucks a card.

Ted

- Original Message - 
From: "Mark Kane" <[EMAIL PROTECTED]>
To: 
Sent: Tuesday, December 19, 2006 8:16 PM
Subject: SCSI Tape Drive Problems


> Hi everyone. I'm experiencing some problems with two tape drives
> attached to this machine. Here is the situation:
>
> I first tried backing up 17GB of data using cpio to a six tape DDS-4
> autoloader with a fresh 20GB/40GB Fuji tape. It stopped writing after
> about 9GB and gave the following error message on the command line,
> but didn't output anything to /var/log/messages:
>
> "Internal overflow, aborting"
>
> If I try to use tar instead of cpio and backup the same 17GB directory
> to the same 20GB native tape, it will give a tape full error way before
> completing.
>
> With that six tape autoloader, I have tried with two different brand new
> DDS-4 20/40 tapes, and the unit itself is brand new from the factory
> and has only written a few GB so far (mainly smaller files, which
> seemed to work fine).
>
> I then tried backing up the same 17GB directory to a Sun DLT 4000 single
> tape unit with a 20GB/40GB tape using cpio. It wrote about 250MB and
> then quit with a "Found End of Volume" error. It outputted a lot of
> errors to /var/log/messages which can be found here:
>
> http://tntpowerhost.com/mixx941/freebsd/sun_tape_errors_1.log
>
> I did another test on the same Sun DLT 4000 with a smaller 1.5GB
> directory and a different tape. This time it wrote about 550MB and then
> gave the same "Found End of Volume" message as before. This time there
> were even more errors in /var/log/messages:
>
> http://tntpowerhost.com/mixx941/freebsd/sun_tape_errors_2.log
>
> I also tested with the smaller 1.5GB directory to the DDS-4 autoloader,
> however that did complete without error.
>
> At this point I was running "6.2-PRERELEASE #18: Wed Nov 15 11:12:09"
> from last month, so today I cvsupped to RELENG_6 and rebuilt.
>
> Trying the same 1.5GB directory using the Sun DLT 4000 after the update
> resulted in it writing about 200MB of data and then stopping with the
> "Found end of volume" message again, as well as errors
> in /var/log/messages (however not as many this time):
>
> http://tntpowerhost.com/mixx941/freebsd/sun_tape_errors_3.log
>
> Any suggestions on what to check or any ideas on how to proceed would
> be great. I don't think it's both tape drives failing or bad tapes
> because pretty much the same thing happens with two different drives
> (one of which is completely new), and four different tapes (two of those
> completely new). I suppose it could be a problem with the SCSI
> controller (Adaptec 2940U2W), but I'd like to rule out any software
> issues before having to buy any additional hardware.
>
> Thanks very much in advance.
>
> -Mark
> Dmesg: http://tntpowerhost.com/mixx941/freebsd/dmesg.121906
>
> -- 
> Internet Radio:
> Party107 (Trance/Electronic) - http://www.party107.com
> Rock 101.9 The Edge (Rock) - http://www.rock1019.net
>
> IRC:
> MIXXnet IRC Network - irc.mixxnet.net (Nick: MIXX941)
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: List Protocol (was: Major Version Upgrade 4.11 to 5.x)

[Ted Mittelstaedt]

The reason that questions doesen't require a subscription ought to be
obvious to anyone with any experience with FreeBSD.

[EMAIL PROTECTED] is used as the default contact e-mail address
for most non-financial FreeBSD dealings, such as on CD cases,
marketing materials, etc.  Why?  Because for most
newbies they think they are dealing with a cohesive organization with
a young girl in a tank top and boobs out front answering the damn
phone.

They DON'T think they are dealing with a bunch of hayseeds
sitting on their computers wanking at each other.

When your ready to field all of those questions from misguided
newbies, mistaken newspaper article writers, company wanks told
by their superiors to investigate this "freeBSd thing" then we can
make questions an opt-in list.

Until then STFU you ungrateful bastards.  All you once were
dumb newbies who didn't know FreeBSD from free beer, and
I'll bet more than a few of you sent e-mail to questions, thinking
it was an actual person who gave a damn.  Boy were you surprised!

Ted

- Original Message - 
From: <[EMAIL PROTECTED]>
To: 
Sent: Tuesday, December 12, 2006 12:52 PM
Subject: List Protocol (was: Major Version Upgrade 4.11 to 5.x)


> At 05:59 PM 12/11/2006, Gerard Seibert wrote:
> >Besides, how hard is it to subscribe to a list, post your question
> >and hopefully receive a satisfactory response and then terminate
> >your association with the list if you are so inclined.
>
> Wasn't going to say anything, but...
>
> I agree totally that you should have to be subscribed to post.  This
> isn't "AOL 101" -- some pittance of technical competence is  a
> prereq'.   "Try Googling before posting" is a repeated several times
> daily;  why not make 'em subscribe first?  Might cut down on some of
> that, as well as the spam & scam emails.  I can't recall any other
> mailing lists I've been on in the last 10 years that allow
> non-subscribed posts.
>
> And from a more personal view, the "no subscription required" has
> bitten me at least once -- I always use alias addresses for publicly
> archived lists, since they will inevitably be scrapped up by the
> spammers and abused.  I forgot to select the correct "From" on a post
> a few weeks ago;  now a "real" address is chiseled in granite on the
> web archive, and I'll probably have to abandon it soon.  Would have
> much rather had it bounced back at me.
>
>-Wayne
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Problems with sr driver and Wanic 400

[Ted Mittelstaedt]

- Original Message - 
From: "John L" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: 
Sent: Sunday, November 12, 2006 7:26 PM
Subject: Re: Problems with sr driver and Wanic 400


> > What I found works is freebsd 4.x, and a Pentium 2 350-400Mhz
> > this was using risecom n/2 cards.
> >
> > FreeBSD 6.1 doesen't work at any speed in this combo, it loses
> > packets.
>
> Phoo.  Does the pf or ipfw/altq stuff work on 4.x?

Yes, but I don't know if it has all the features you want.

> I'm currently runing
> an ISA n/2 in an old BSD/OS box which works fine except that it can't do
> priority queueing, and I have some voip phones that would benefit.
>
> > With Cisco 1601's selling on the used market for $25 or so, there's
> > little interest among the developers in fixing this.  Also the wanic 4xx
> > is no longer in production, another disincentive.
>
> Hmmn.  I think I have a Wanic 500 around that I bought on ebay.  Any
> support for those?

I've got a driver for this card that I was sent by Imagestream, they got it
from one of their developer/customers.  It's for something like FreeBSD 4.9
or 4.3, I can't remember which.  It will not compile unmodified on FreeBSD
4.11
Supposedly the programming docs for the chipset used on the WanIC 500 are
only available under NDA, so without clear direction from Imagestream
the driver would probably not be able to be distributed publically.  I never
signed an NDA, though.

The best bet for current support for these cards is to use Linux, you will
get plenty of support from Imagestream, then.

Unfortunately this is a market where the few manufacturers of synchronous
serial port chipsets - Hitachi, etc. - only have a handful of router vendors
(like Cisco, etc.) that regularly buy these chipsets.  The router vendors
are
faced with a shrinking market for these chips since more people are going to
DSL and such rather than T1s and they don't want to see an upstart
competitor
take away business, so all of them are pressuring the chipset manufacturers
to
be very sparing on providing documentation to anyone else.

Ted

  Or should I just make my BSD box ether to ether and
> sit a Cisco on top of it?
>
> Tnx.
>
> R's,
> John
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: MAC OS X connection to FreeBSD?

[Ted Mittelstaedt]

- Original Message - 
From: "Lonnie Cumberland" <[EMAIL PROTECTED]>
To: "Garrett Cooper" <[EMAIL PROTECTED]>
Cc: 
Sent: Monday, November 06, 2006 3:48 AM
Subject: Re: MAC OS X connection to FreeBSD?


> Thanks everyone for the replay to my post as it did finally occur to me
> that perhaps this question had been asked on the mailing list, but
> unfortunately it occurred to me after I sent it.
>
> So, basically the Apple team took FreeBSD and the CM micro-kernel,
> combined them, made some improvements and added some additional code and
> then used it all as the MAC OS X core (without the GUI of course)?
>

No, they used it all as the Darwin core.  Then they took Darwin and added
their own GUI (used to be called Aqua) and that is MacOSX.

Bear in mind that the MacOS X gui does not translate directly into UNIX.
For example, you can load MacOS System 7 files with a separate
resource and data fork onto MacOSX.  The MacOS X gui handles a lot
of this kind of stuff.

Apple also doesen't use the UNIX security model.  As near as I can
tell their core security model is an ACL model not a user/group model.
Once again this is something that's handled elsewhere.

> With this being said, then does anyone have any experience with the
> stability and performance?
>
> My guess is that if it is really based upon FreeBSD then the performance
> should be pretty good from my readings about FreeBSD compared to other
> operating systems.
>

Mac OS X is easily more stable than FreeBSD simply because it can
only be run on specific hardware that Apple sells.  As a result the
developers always know exactly what their enviornment is going to
be like.  As for performance, what performance metric are you looking at?

The biggest problem with MacOS X is that a lot of UNIX software that
runs on FreeBSD and such, is not ported to MacOSX, and it's very
difficult to compile on MacOSX.

Ted

> Thanks again to everyone,
> Cheers,
> Lonnie
>
> Garrett Cooper wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > Lorin Lund wrote:
> >
> >> Lonnie Cumberland wrote:
> >>
> >>> Greetings All,
> >>>
> >>> Being a long time Linux user and now looking into moving over to
> >>> FreeBSD, I decided to so some research on the web to try and get a
> >>> better idea as to the strengths and weaknesses as compared to other
> >>> operating systems like Linux (Fedora, Gentoo, etc..), OpenBSD, NetBSD,
> >>> and Opensolaris.
> >>>
> >>> From what I have found, FreeBSD seems to be at the very top in almost
> >>> every way.
> >>>
> >>> In my Internet travels, I came across a site that has this MAC OS X (
> >>> which I guess is called Darwin?) at:
> >>>
> >>> http://developer.apple.com/opensource/index.html
> >>>
> >>> and have noticed that they seem to have built the MAC OS X from a core
> >>> of FreeBSD 5.x.
> >>> Do I read this correctly?
> >>> Also, what are the differences between MAC OS X and Darwin?
> >>>
> >> I'm pretty sure that Darwin does not include the MAC gui.  I believe
> >> that the guis
> >> used on Darwin are basically the same as found on *BSD and Linux - KDE,
> >> Gnome, ...
> >>
> >
> > Darwin is the core to the OS; it doesn't contain a GUI, unless installed
> > from ports. Quartz is the "GUI platform" for OSX.
> > - -Garrett
> > -BEGIN PGP SIGNATURE-
> > Version: GnuPG v1.4.5 (GNU/Linux)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iD8DBQFFTr7s6CkrZkzMC68RAhAmAJ97ceqgoCvP8vZAh1IFq1qQyt7trgCfXe+w
> > 8SWtLI36Fbx7mFyMGbbs7W8=
> > =EgRZ
> > -END PGP SIGNATURE-
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
> >
>
> -- 
> Thanks and have a good day,
> Lonnie T. Cumberland
> OutStep Technologies Incorporated
> Tel: 866-425-7010
>
> Email: [EMAIL PROTECTED]
>   [EMAIL PROTECTED]
>
> Recommended sites:
>
>http://www.peoplesquest.com
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Problems with sr driver and Wanic 400

[Ted Mittelstaedt]

What I found works is freebsd 4.x, and a Pentium 2 350-400Mhz
this was using risecom n/2 cards.

FreeBSD 6.1 doesen't work at any speed in this combo, it loses
packets.

It's a driver bug, the sr driver needs a rethink of it's buffer
structures.

also, there's a bug with the wanic 2 port cards that isn't present
in the risecom/n2 2 port cards, they drop characters when both ports
are active.

With Cisco 1601's selling on the used market for $25 or so, there's
little interest among the developers in fixing this.  Also the wanic 4xx
is no longer in production, another disincentive.

It would be interesting benchmarking this with Imagestream's
Linux-only drivers.

Ted

- Original Message - 
From: "John Levine" <[EMAIL PROTECTED]>
To: 
Sent: Sunday, November 12, 2006 6:37 AM
Subject: Problems with sr driver and Wanic 400


> I'm trying to put together a freebsd 6.1 T1 router with an old PC and
> a Wanic 400 card I bought on ebay.  I'm using the sr driver netgraph,
> mpd, and pf with altq, since I want to do priority routing for some
> voip phones.
>
> It all works fine until the t1 gets busy, e.g., if I do a wget on
> the router, and which point it starts complaining about TX overruns
> and the traffic on the wanic stops.  Any suggestions?
>
> The PC is pretty slow, and one thought is that I also have an old
> SDL RISCom/N2 ISA card which is slower than the wanic.  Is that
> likely to work more reliably?  Speed isn't much of an issue on a
> single t1 and yes, the PC is old enough that it has ISA slots.
>
> R's,
> John
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Sendmail Smarthost Auth

[Ted Mittelstaedt]

Well Giorgos,

  For starters the advice in that section is wrong for 2 reasons:

pwcheck_method: passwd   does not work on sasl2 and FreeBSD 6.X
You don't want to use sasl1 for many reasons, you want to use
sasl2

define(`confDEF_AUTH_INFO', `/etc/mail/auth-info')dnl
is deprecated.

Fortunately the section has the link for the Sendmail auth which
has better directions.  Note:

"... Notice: the default 8.12 configuration file causes the option
DefaultAuthInfo to fail since the ruleset authinfo is in the .cf file. If
you really want to use DefaultAuthInfo (it is deprecated) then you have to
remove the ruleset.
DaemonPortOptions (DAEMON_OPTIONS())
has now suboptions (called modifiers), one of which is `a'. This tells the
daemon to require authentication for all connections to it. ..."

I think it's been a while since you used that section to setup
SMTP AUTH.

Note also the poster wants to know how to make his Sendmail
auth into another mailer, he doesen't want to setup his own
system to accept auth connections.

Ted


- Original Message - 
From: "Giorgos Keramidas" <[EMAIL PROTECTED]>
To: "Tom Grove" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, November 10, 2006 2:42 PM
Subject: Re: Sendmail Smarthost Auth


> On 2006-11-09 09:13, Tom Grove <[EMAIL PROTECTED]> wrote:
> > I just got a new Internet connection through Verizon and need
> > to be able to use a smarthost to send mail.  All servers that I
> > can use required SMTP auth and I need to figure out a way to
> > have Sendmail authenticate with the smarthost.  Is this
> > possible and could someone lead me in the right direction?
>
> You can start with:
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html
>
> If this isn't enough, or you still have questions about the way
> to set up SMTP Authentication with Sendmail on FreeBSD, let me
> know.  I'll try to answer your questions *and* update the section
> with whatever is not as clear as we would like it to be.
>
> - Giorgos
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: lpt0 printer slows system response significantly

[Ted Mittelstaedt]

You can also get a faster CPU, more cycles available for servicing
interrupts.

Ted

- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: 
Sent: Wednesday, November 01, 2006 12:02 AM
Subject: Re: lpt0 printer slows system response significantly


> > PID USERNAME  THR PRI NICE   SIZERES STATETIME   WCPU COMMAND
> >  18 root1 -60 -179 0K 8K *Giant  15:09 77.05% irq7: lpt0
> >  11 root1 171   52 0K 8K RUN 48.0H 11.13% idle
>
> The interrupt service for the parallel port is using over 3/4 of
> the CPU, and half of the rest is "idle".
>
> I take it this is a laser printer, which can consume bytes from the
> parallel port as fast as the processor can send them.  Top-of-head
> dump of ways to cut down on the interrupt traffic:
>
> * Get a DMA-capable parallel port (supposing such exist, and FreeBSD
>   supports them);
>
> * Move the printer to a network connection or dedicated print server;
>
> * Somehow tell the printer not to receive so quickly.
>
> Alternatively, one possible way to handle that sort of interrupt
> load without bogging down is to get a second CPU and run SMP, so
> you've still got a CPU available for tasks when one is swamped
> with interrupt traffic.
>
> The other thing that *might* help some is more RAM, if it happens
> that the idle time is caused by page wait due to the set of active
> threads needing more RAM than you have, but this will at best get
> your tasks up from 1/9 of the CPU to 2/9.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Problems booting on a Compaq DL360 (P21 version)

[Ted Mittelstaedt]

Then you have a hardare revision difference on the controller or
motherboard.
I think the raid cards are in slots on that server, try exchanging them.  If
the
problem follows the card you can probably pick up a replacement card from
Ebay.
Otherwise, install Windows on the server and sell it on Ebay as a running
server, you will probably get back almost what you put into it.

You could probably buy a dozen of these servers off the used market and
a couple of them are going to have this problem.  We noticed similar issues
with the first generation DL360, the difference was although FreeBSD booted
on all of them, Solaris only ran on a few of them.  I never bothered to dig
down and find out what the bad motherboard revisions were since I needed
both Solaris and FreeBSD servers and I just swapped server hardware around.
Like FreeBSD, Solaris is also not a supported OS on that hardware so we
were in the same boat, supportwise.

This is why you buy servers brand new, if you get these problems you can
return the server.  When you get them used, your playing craps.

Ted

- Original Message - 
From: "Josh Endries" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: 
Sent: Monday, October 23, 2006 9:04 AM
Subject: Re: Problems booting on a Compaq DL360 (P21 version)


> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Ted Mittelstaedt wrote:
> > Pull the disk set in the running system and put it in the non-running
> > system and see if it boots, if it does, try putting the disks that came
> > out of the non-running system into the running system and seeing if you
> > can install on them.
>
> I tried using the working computer's disks (they are all Compaq brand)
> in the non-working machine and they wouldn't boot. Just now I took the
> non-working computer's disks, put them into the working machine and
> installed to them. I rebooted (in the working machine) and it worked,
> then moved the disks back to the non-working machine and booted that,
> and no luck. Same _ screen, no booting. :(
>
> Josh
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.2.2 (FreeBSD)
>
> iD4DBQFFPOgeV/+PyAj2L+IRAgFXAJ92tOch5p8Hqf7M8yzxPfbwf+GTOwCWJ0bW
> xlr0OdXj0oLQSeYUH94NnA==
> =KLZS
> -END PGP SIGNATURE-
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Small Redundant web/mail setup

[Ted Mittelstaedt]

- Original Message - 
From: "Damian Wiest" <[EMAIL PROTECTED]>
To: 
Sent: Monday, October 23, 2006 1:00 PM
Subject: Re: Small Redundant web/mail setup


> On Wed, Oct 18, 2006 at 11:57:04PM -0700, Ted Mittelstaedt wrote:
> >
> > - Original Message - 
> > From: "Ian Lord" <[EMAIL PROTECTED]>
> > To: 
> > Sent: Wednesday, October 18, 2006 5:34 AM
> > Subject: Small Redundant web/mail setup
> >
> >
> > > Hi,
> > >
> > > I need to setup a high-availability setup for mail/web setup
> > >
> > > I was thinking about the following setup:
> > >
> > > 4 servers total:
> > >
> >
> > overkill, just asking for trouble.
> >
> > > Data Servers:
> > >  1 Server holding all the websites data and mail messages. It
> > > would serve these files via nfs to the application servers.
> > >  It would also run mysql
> > >
> > >  A second server Also sharing it's content via nfs,
> > > replicating it's data though rsync each ?? minutes. The mysql would
> > > run as a slave of theprimary
> > >
> > > Application Servers:
> > >  Both servers would be running apache, php, sendmail and
> > > posfix and would serve content from the share nfs drive.
> > >
> > > 1- Is this a viable solution, I mean by that, Is it Like this big ISP
> > > are set up ?
> > >
> >
> > no
> >
> > The really big ISP's use proprietary commercial clustering solutions
> > that make multiple systems appear as one single system.  We are talking
> > hundreds of thousands to millions of users.  We are not talking 5000
> > users or fewer.
> >
> > You can easily serve 5K users on a single server.  You just need to
> > get good hardware.  In other words, costs start at $5000 and go up.
> >
> > A lot of people are under the misconception that they can get several
> > cheap $900 servers and assemble them into a redundant setup that is
> > highly reliable.
> >
> > The real secret is in getting expensive name-brand hardware that
> > doesen't go down.  If you can afford that, your fine.  If you can't,
> > then you need to find a different table to play at.
> >
> > Ted
>
> Isn't part of the point in running a redundent configuration that you
> can buy cheap(er) hardware?

No.  The point of a redundant setup is to attain 100% uptime.

All hardware eventually dies it is just a question of how good the
chances are.  Cheaper hardware has a much higher chance of dying
unexpectedly or having incompatabilities or problems.  More expensive
hardware has a lower chance.

A $600 machine that does not have a good 6 months of burn in time
on it in my experience has about a 30% chance of unexpectedly failing.
If you put two of them together the chances of both dying at the same time
are much lower of course - but it is still higher than the chances of
a $5,000 machine dying after 24 hours of burn in time.

And once the machine does die, it costs tech time to put things back
together.  Ultimately, the pursuit of clustering as a cost-effective way
of increasing reliability is doomed.

Clustering works great if what your initending to do with it is increase
power of the cluster beyond what is attainable by a single machine.  It
also works great in life and health situations where you cannot afford
anything
less than 99.9% uptime.

> A $600 machine should be powerful enough
> to handle that many users.  Just make sure you are using RAID 1+0
> filesystems, keep replacement parts on hand and are performing regular
> backups.

Baloney.

> The real question to ask is what is the provider's SLA and
> how much does an hour of downtime cost the provider.
>
> In my experience, the only things to die on servers have been fans,
> disks (really the motors), and the occasional power supply.  The only
> things a more expensive system may give you are additional power
> supplies, hot-swap drive bays and multiple CPUs.  Other than the system
> board and possibly the processors, the server's components come from the
> same sources as your commodity hardware.
>

It's irrelevant.  It may come as a surprise to you but a Seagate ST11950N
purchased from someplace like Walmart or Costco is different than a
Seagate ST11950N that is shipped from Dell in a server, this is true of most
other expensive computer components.  The component manufacturers
make the components from cheaper materials and sloppier tolerances
for the retail/desktop market than for the server market.  For example a
builder
like Dell may spec a 20,000 MTBF sleev

Re: whois weirdness...

[Ted Mittelstaedt]

This is a side effect of the "balkiization" or more accurately, destruction,
of the
global whois database as a result of the fragmentation of domain name
registrations.

Registries are required to share whois data - but the requirements are
vague.  And
all the registries hate each other because they think that all the others
are going to suck down
their whois databases and use them for mass-mailings to try to steal
customers.  So
they bend over backwards to violate the spirit of whois data sharing if not
the letter
of the requirements.

Ted

- Original Message - 
From: "Evren Yurtesen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, October 23, 2006 12:33 PM
Subject: whois weirdness...


> Hello,
>
> When I do whois from my FreeBSD 6-stable boxes I am receiving funny
answers.
>
> For example when I do whois microsoft.com I get totally unrelated data.
However
> whois works just as expected from some linux boxes I tried.
>
> Can anybody explain why this is happening?
>
> Thanks,
> Evren
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: increasing transmit speeds in WAN setting?

[Ted Mittelstaedt]

- Original Message - 
From: "Moses Leslie" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: 
Sent: Friday, October 20, 2006 1:35 AM
Subject: Re: increasing transmit speeds in WAN setting?


> On Thu, 19 Oct 2006, Ted Mittelstaedt wrote:
>
> > Until you do what I told you to do and properly setup and test under
> > fxp0, I am just not going to waste my time on this anymore.  I will
> > leave you with a printout of a test run on a new mailserver I'm building
up
> > right now, in fact, using an fxp card, to prove it's a not a stack
problem.
> > You can choose to believe it or you can choose to continue wasting your
> > time chasing ghosts in the TP stack when the problem is the driver:
>
> I'm setting up test servers now, it's just taking time to get a good test
> environment up.
>
> I'll respond with actual numbers after testing, between autoneg and forced
> 100/full servers.  I admit, the forced 100/full is because of ancient
> lore, particularly with cisco switches not always playing nice with
> autonegotiation, we've just always done it that way (until gbit), and
> never had any problems.
>

Make absolutely sure to download the current catOS/IOS for your
switches, older firmware in them had problems with certain network
chipsets.  Cisco got egg on it's face - the old IOS in the 2950's would
not work with the new ethernet chipsets in the 1800/2800/3800 router
series when they came out - among other things.

> The servers in question all do 150-200Mbit in production, no problem,
> it's just that any one flow can't do more than ~300KB/s cross country.
> Given that they're over 100Mbit, what ethernet card is recommended if em
> has problems?
>

Your going to have to experiment, it's a crapshoot.  I had a hell of a time
with the bge adapter and 6.1 production, I produced a patch that helped,
finally the bge author updated the driver with a more comprehensive
fix.  It works fine now but you must get the driver from CVS, the
production 6.1 driver does not work.

I also have an em card, but I didn't do significant testing with it
after getting the bge fix.  Our largest feed is 45Mbt and so I
think it's pointless to plug a gigabit ethernet card into the network
since a 10/100 card has plenty of capability to saturate our largest
feed.  None of our switches are gigabit and it is very unlikely that
they will be upgraded in the near future.  We do not do significant
server-to-server data traffic, to be perfectly honest, I don't believe in
it.
 I come from
the school of you get 1 really big, powerful, expensive, reliable
server that has enough power to do what you need, rather than a
bunch of lame ones that are underpowered and try to cluster them.
I've never had one of these fail in production, although I've seen
a lot of clusters at customer sites that gave their admins a whole
lot of grief.

I only am dealing now with gigabit ethernet because I have to, since
it's coming standard on all the new server hardware.  And frankly I
think it sucks, since I've seen lots of problems with gigE adapters at
customer sites that were plugged into older switches.  We haven't been
bit by any of this yet - of course, we use 10/100 switches that
were top-of-the-line switches during their day - but I've personally
engineered 3 customer forklift upgrades to brand new top-of-the-line
Cisco switches due to gigabit lan negotiation and throughput problems.

Our customers have the dough to buy 80-100 ports of new Cisco
switches, (of course they think they don't - but they do) wheres like
most ISPs we don't.  And, since we don't need it anyay, what's the
point?

> FWIW, I am able to receive full speed on all of these servers.
> freebsd.org sends at 10Mbit, kernel.org at 20+.  It's only sending speed
> that I have a problem with, and only with freebsd.
>

My take on it is the gigabit ethernet chipset drivers are not completely
debugged under FreeBSD at this time.  Certainly, the Broadcom chipset
is just getting there.  The Intel chipsets usually lead the pack in support
so you probably will get more traction on complaining to the em developer
if you can demonstrate 100Mbt speeds on a fxp card, then 30Mbt speeds
on an em card, in the same machine on the same network.

FreeBSD tends to lag behind in the hardware support area.  I'm sorry about
that but you just have to accept it if your going to use FreeBSD.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Problems booting on a Compaq DL360 (P21 version)

[Ted Mittelstaedt]

It happens, most common is using non-compaq disk drives in
these systems.

Pull the disk set in the running system and put it in the non-running
system and see if it boots, if it does, try putting the disks that came
out of the non-running system into the running system and seeing if you
can install on them.

Ted


- Original Message - 
From: "Josh Endries" <[EMAIL PROTECTED]>
To: 
Sent: Friday, October 20, 2006 12:47 PM
Subject: Problems booting on a Compaq DL360 (P21 version)


> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hello,
>
> I recently got two of these old machines used. One installed and runs
> fine, but the other... I've been working on it for three days now and I
> can't get it to boot. I can install just fine from the CD (using 6.1-R),
> but upon reboot it goes past the RAID init and gets to a blank screen
> with only _ in the top-left corner, beeps twice, and sits there. The
> "good" machine does beeps also, but continues booting. This one sits
> there for a few minutes and then gives me a "non-system disk" error; it
> doesn't seem to find anything to boot from.
>
> I've tried resetting the dip switch for configuration and doing the
> "system erase" and using the SmartStart CD to initialize it before
> installing. It wants to know which OS when I do this and I've tried
> Linux, Windows 2000 Server and Other, and none of them work... I haven't
> gone through all the (dozens of) options. The RAID array seems to work,
> no disk problems writing during install and nothing reported in the
> SmartStart utility.
>
> I've read threads about ACPI problems with 6.0 but I don't think I'm
> even getting that far. :( I tried taking the two disks from the working
> machine and putting them into the non-working one and it didn't work, I
> still get the _ screen and it doesn't move on from there. I'm installing
> simply by using A for auto-slices and A for auto-filesystems and
> installing the standard MBR.
>
> Has anyone seen this or successfully installed on a DL360 (g1 I think,
> P21 BIOS)? If so, is there a certain setting, OS or otherwise, that I
> might need to do?
>
> Thanks,
> Josh
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.2.2 (FreeBSD)
>
> iD8DBQFFOSfdV/+PyAj2L+IRApfRAKCG/sv2EHVF6/CqJ5m/qWp/N0S7hwCeLeqb
> J8PyjnftvHo1dNXDwF1tBuc=
> =BHT/
> -END PGP SIGNATURE-
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: binary blobs in freebsd

[Ted Mittelstaedt]

I think it's only device drivers, I've not heard of anything else in
anywhere, other than 3rd party programs that might be in the ports,
that do this.

Ted
- Original Message - 
From: "Antonios Anastasiadis" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, October 20, 2006 2:30 PM
Subject: binary blobs in freebsd


> Hello.
> I am thinking about using FreeBSD in various places, however before I
> do that it would be comfortable to know what binary blobs it includes
> in any part of the system, be it binary daemon, binary driver etc.
> Two I am aware of are the Atheros Hal and an Adaptec RAID driver.
> I did not find any definitive resource of some kind anywhere, hence
> the question here.
> Thank you.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Non English Spam

[Ted Mittelstaedt]

- Original Message - 
From: "Erik Norgaard" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Beech Rintoul" <[EMAIL PROTECTED]>;

Sent: Tuesday, October 17, 2006 2:22 AM
Subject: Re: Non English Spam


>
> Also this means that later filtering on the first Received field is
> double work: You already accepted the mail based on that information.
>
> In short: Writing header filtering rules for the Received field is
> simply waste of time and proof of inefficiency.
>

I agree with this but unfortunately the real world often screws this up.

For example, SpamCop is one of the most effective blacklists on the
Internet because of it's high user participation.  Unfortunately, it
repeatedly blocks yahoomail, craigslist, and ebay because spammers
hate it and try to stuff it up so as to get people to stop using it.

As a result, you cannot use Spamcop to reject at the HELO.  Instead
you have to post-filter the mail and do your spamcop lookups, so
you can exempt domains like ebay that are legitimate.

> Just as Sendmail, Postfix is not designed for spam filtering. Postfix
> provides simple filtering mechanisms, keeping it simple postfix provides
> an effective and reliable MTA that doesn't suffer the track record of
> security bugs Sendmail does.
>
> When the native filters does not suffice you can combine with any number
> of "policy services": External filtering mechanisms such as postgrey,
> spam assassin etc. This design is clean, reliable and easy to manage.
>

Same for Sendmail, you can use milters to add all this stuff in.  Or you
can do it in the local delivery agent.

>
> OP requested a way to filter away the spam in foreign character sets
> because for some reason these were not caught by Spam Assassin or
> procmail. I gave a solution that solves that problem, and I mentioned
> the problem of false negatives for this list.
>
> Rather than get pissed, do try to offer an alternative solution to a
> real problem.
>

There really is no solution.  Fundamentally, well written spam is
not distinguishable from non-spam by a computer.  What has saved our asses
so
far is that there's not a spammer alive who has been able to resist the
temptation
to use bold, colors, blinking test, hot phrases, and other attention-getting
devices in their spams.  Since you can program a computer to look for the
attention getting stuff, what has happened is a little social engineering.

Most people today have abandonded use of attention-getting devices
in their e-mails because when they use HTMLized text and such,
their mails tend to get blocked as spam by everyone and their dog.
So, the spam content filters can still distinguish spam from non-spam
by looking for these differences.

But it is only a matter of time before the spammers all wake up and
smell the coffee, and start using standard ASCII pure text for their
spams, and then all these charset filters your loving will go gurgling
down the drain.

Granted that might make their spams less effective so they might
get less respondents.

Frankly, I think there is no technical solution, I think there are only
political solutions.  We've already made spam illegal in the US, and
the CAN-SPAM act defines the "advertised" party in the spams
also as a spammer, in addition to the actual spammer sending the
stuff.

It would be childs play for the FBI to work with the major ISP's
to create thousands of dummy e-mail addresses and use these
to capture spam runs.  Then they just go arrest the people in the
company that is being advertised and hang a few of them high.
There's no need to even go after the actual spammers themselves.

When this happens enough times, the supply of companies that
are willing to pay spammers to send spam will dry up, and the
spammers will go find some other criminal activity to engage in.

But, the FBI isn't doing this because many of the companies that
are hiring spammers have lots of money, and that gives them lots of
political power.  So, the will to curb spam just isn' t there even though
money "earned" by spammers is undoubtedly going into organized
crime, feeding terror cells, and other more nasty stuff.

>
> I asked politely if there were any consensus or best practices etc. on
> this issue. You have the regular mail on "how to get the best results"
> there are recommendations on how to use this list, they are not enforced
> but only serve as guidelines.
>
> I don't try to force people to use particular character sets, I merely
> ask whether such recommendation exist for "the best results when using
> the list", in which case filtering on charsets may be the least
> imperfect solution (until you share your perfect filter, that is).
>

Your continuing to try to muddy the issue by inferri

Re: Small Redundant web/mail setup

[Ted Mittelstaedt]

- Original Message - 
From: "Zbigniew Szalbot" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: ; "Ian Lord" <[EMAIL PROTECTED]>
Sent: Thursday, October 19, 2006 12:06 AM
Subject: Re: Small Redundant web/mail setup


> Hello,
>
> On Wed, 18 Oct 2006, Ted Mittelstaedt wrote:
>
> > The really big ISP's use proprietary commercial clustering solutions
> > that make multiple systems appear as one single system.  We are talking
> > hundreds of thousands to millions of users.  We are not talking 5000
> > users or fewer.
> >
> > You can easily serve 5K users on a single server.  You just need to
> > get good hardware.  In other words, costs start at $5000 and go up.
>
> Ian - not sure if it is appropriate to ask but because one day I will need
> to think about a server with solid hardware, what would you advise me to
> look at? I mean look company-wise? Or simply select from a list of a
> server-type machines that costs more than 5K?
>

Well, you probbaly want to start with the name brands who actually know
that FreeBSD exists!

Start here:

http://www.testdrive.hp.com

Click on the Sign Up for an Account link right under the FreeBSD logo.

Ted

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: increasing transmit speeds in WAN setting?

[Ted Mittelstaedt]

- Original Message - 
From: "Moses Leslie" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: 
Sent: Thursday, October 19, 2006 1:33 AM
Subject: Re: increasing transmit speeds in WAN setting?


> Hi Ted,
>
> While I don't totally discount that possibility, I really don't think
> that's the case.

I told you that you wouldn't believe me.

> We have over 500 servers, most of them running FreeBSD,
> and we've seen this happen in multiple cases on different hardware.

Except all of them gigabit cards, right?  So much for "different hardware"

> When
> it's linux, exact same hardware, exact same cables, this doesn't happen.
>
> It's an intel card gbit card, using the em driver.  They're uplinked to
> Cisco 2948-getx switches, which are uplinked to 65xx's, which then go to
> 12xxx borders.  There aren't any collision errors on the port at all:
>
> 24 totalCollisionCount= 0
> 25 lateCollisionCount = 0
> 26 singleCollisionFrames  = 0
> 27 multipleCollisionFrames= 0
> 28 excessiveCollisionFrames   = 0
>
> and no real errors to speak of, period.
>
> The port is auto, since it needs to be to get gbit.  All of the non-gbit
> servers we have are forced 100/full, all cisco switches, all intel 100/pro
> (fxp) drivers, they all show this same problem.
>

Well right there you are doing things wrong.  You should always set
ethernet cards to auto.  The only time you ever force 100/full or force
anything, speed/duplex, is when your plugged into a hub that does NOT
autoswitch.  There's very few of them around that are 100base T, but
there are some, and there's a lot more 10baseT stuff that wasn't
autoswitching.

Any halfway decent 100baseT hub will support nway autonegotiation and
when you hard-code post speeds you will cause drops and speed loss.
But, please don't take my word for it since you seem to like disbelieving
me, just try it out yourself.

Go to your fxp servers, login to your switches, set the switch port to the
server to autonegotiation, on the server remove all the media options in
/etc/rc.conf,
shut down the server (you must power it down for the ports to switch
into autonegotiation) and bring it up and you will see both sides negotiate
to 100base T full, and a lot of your problems in throughput will disappear.

Both the switch and the servermust be set to autonegotiation.  If they
don't autonegotiate to 100baseTfull, then you have a cable problem, simple
as that.

I've been doing ethernet since the late 80's and doing it professionally
for a decade, and I've seen and use more different types of ethernet in my
life than you will ever see in the rest of your career.

The idea that your supposed to override the autonegotiation and hard
code stuff originated from network admins who plugged early 100baseT
stuff together then couldn't figure out why it didn't autonegotiate to
100baseT
full.  What they didn't realze is that the cabling they were using - CAT-3
mostly,
or CAT-5 that had been incorrectly terminated with the wrong connectors, or
wrong plugs, or wrong wiring pattern, or bad crimps because they were using
stranded plugs on solid core wire, or some other such thing, what the real
culprit, and the autonegotiation chips were in fact detecting the problem
and trying to protect the network.

Unfortunately, 90% of network admins out there don't know the first thing
about layer-1, they assume the wiring contractors handle all that.  The
wiring
contractors by contrast are mostly minimum-wage goobers who's heads
are filled with a lot of rediculous nonsense about how Ethernet really
works.

> If the server is a 4.9 server, I can get ~400KB/s.  If it's 6.1, ~300KB/s.
> Linux 2.6, ~650KB/s, which is about what I'd expect given the latency and
> the default settings.  All on the same hardware, same switches, same
> cables.
>

The Linux device drivers are simply different than the FreeBSD drivers.
I don't know how much more I can tell you this over and over.  The em
driver has got some problems, granted.  But, this has absolutely nothing
to do with the FreeBSD version or the TCP/IP stack.

Until you do what I told you to do and properly setup and test under
fxp0, I am just not going to waste my time on this anymore.  I will
leave you with a printout of a test run on a new mailserver I'm building up
right now, in fact, using an fxp card, to prove it's a not a stack problem.
You can choose to believe it or you can choose to continue wasting your
time chasing ghosts in the TP stack when the problem is the driver:

$ whoami
tedm
$
$ fetch ftp://ftp.freebsd.org/pub/FreeBSD/ls-lR.gz
ls-lR.gz  100% of   18 MB 1057 kBps
00m00s
$
$ ping ftp.freebsd.org
PING ftp.freebsd.or

Re: Small Redundant web/mail setup

[Ted Mittelstaedt]

- Original Message - 
From: "Ian Lord" <[EMAIL PROTECTED]>
To: 
Sent: Wednesday, October 18, 2006 5:34 AM
Subject: Small Redundant web/mail setup


> Hi,
> 
> I need to setup a high-availability setup for mail/web setup
> 
> I was thinking about the following setup:
> 
> 4 servers total:
> 

overkill, just asking for trouble.

> Data Servers:
>  1 Server holding all the websites data and mail messages. It 
> would serve these files via nfs to the application servers.
>  It would also run mysql
> 
>  A second server Also sharing it's content via nfs, 
> replicating it's data though rsync each ?? minutes. The mysql would 
> run as a slave of theprimary
> 
> Application Servers:
>  Both servers would be running apache, php, sendmail and 
> posfix and would serve content from the share nfs drive.
> 
> 1- Is this a viable solution, I mean by that, Is it Like this big ISP 
> are set up ?
> 

no

The really big ISP's use proprietary commercial clustering solutions
that make multiple systems appear as one single system.  We are talking
hundreds of thousands to millions of users.  We are not talking 5000
users or fewer.

You can easily serve 5K users on a single server.  You just need to
get good hardware.  In other words, costs start at $5000 and go up.

A lot of people are under the misconception that they can get several
cheap $900 servers and assemble them into a redundant setup that is
highly reliable.

The real secret is in getting expensive name-brand hardware that
doesen't go down.  If you can afford that, your fine.  If you can't,
then you need to find a different table to play at.

Ted
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Uucp mail coming in

[Ted Mittelstaedt]

read the smtp standard to find out what the difference is between the
envelope
address and the header address is.

Ted

- Original Message - 
From: "Dale Johnston" <[EMAIL PROTECTED]>
To: 
Sent: Wednesday, October 18, 2006 8:27 AM
Subject: Uucp mail coming in


> I keep getting messages from spammers adddressed to [EMAIL PROTECTED]
Uucp
> has been eliminated from my /etc/mail/aliases, why are these still coming
> thru?  I've even tried aliasing uucp to bit-bucket. they still come thru
>
> Thanks
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: increasing transmit speeds in WAN setting?

[Ted Mittelstaedt]

Hi Moses,

I know your not going to believe me but you are running into a
driver bug of some kind.  If you have a really high quality ethernet
switch with full management in it you can probably see it - login to
the switch and look at the port statistics. Cisco routers are designed
to sense for this and you will see it in their logs, they will issue the
error message "late collissions" or any decent hardware network
sniffer will show it.

The most common problem is the switch and network card aren't
properly negotiating duplex.  Another area is flow control on full
duplex being messed up, this is particularly critical on gigabit E.

The reason your getting good throughput on local connections is
that the layer 1 is simply continuing to retransmit until the packet
goes through, and the retransmissions are happening so fast that
you don't realize it.  That is also why latency is so heavily affecting
it.

You can try several things.  First, temporarily try switching
over to a 10/100 card like an Intel EtherExpress Pro/100
if you have a PCI slot in the server.  If that works then your going
to have to try replacing your switch.  If you have a really good
switch you can try hard coding it's ports speed and duplex and
try the same on the server, and see if that does anything.

You also should be aware that many of the smaller and cheaper
gigabit switches do not have the ability to take sustained
gigabit ethernet speeds with back-to-back packets, their
internal processors aren't fast enough.  Once more, this is
a problem that won't show up on a local connection since the
retransmissions are so fast.

Ted

- Original Message - 
From: "Moses Leslie" <[EMAIL PROTECTED]>
To: 
Sent: Wednesday, October 18, 2006 10:31 PM
Subject: increasing transmit speeds in WAN setting?


> Hi,
>
> We're running 6.1-R, and are having difficulty getting decent speeds as
> latency increases.  The server is connected via gbit copper, and is gbit
> or better to the internet (depending on the path).
>
> For everything local, we're able to get what you'd expect (300+MBit
> without really any tuning).  However, when the latency is 60-80ms (IE
> across the US), we're unable to get better than around 300KB/s.
>
> It appears to be possibly related to the tcp.inflight stuff, but disabling
> it or messing with some of the related sysctls doesn't appear to help
> much.  Downloads often start quickly, but are then throttled back down to
> 300KB/s within 10 seconds or so.  We've changed the hz (100 to 1), the
> net.inet.tcp.sendspace, kern.ipc.maxsockbuf, and tried different
> variations on the inflight tunables, but nothing has made a positive
> difference of more than ~20KB/s at best.
>
> If the server is running linux (2.6 kernel with default TCP settings), we
> can get much better speeds, 600-1000KB/s easily.  If we were going for
> time/distance records, we would try changing around tcp settings on the
> client, but we're trying to maximize performance for standard surfers who
> wouldn't know how to do that, so we're looking for anything that is server
> side only.
>
> We've been searching high and low for any tuning ideas but aren't able to
> find anything that's made a difference.  From looking at how the
> congestion stuff works in the source, it appears that something like:
>
> http://www.sigusr1.org/weblog/index.php?/categories/6-Hacks
>
> might be happening here, but we're kind of stabbing in the dark.
>
> Does anyone have any tuning ideas for 6.1 in a WAN setting?
>
> Thanks,
>
> Moses
>
>
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Non English Spam

[Ted Mittelstaedt]

- Original Message - 
From: "Erik Norgaard" <[EMAIL PROTECTED]>
To: "Ted Mittelstaedt" <[EMAIL PROTECTED]>
Cc: "Beech Rintoul" <[EMAIL PROTECTED]>;

Sent: Sunday, October 15, 2006 3:47 AM
Subject: Re: Non English Spam


> Ted Mittelstaedt wrote:
>
> >> I have noted however, that some subscribers to this list write english
> >> encoded in one of the above character sets, I don't know enough about
> >> the character set definition, but it seems that English characters are
a
> >> subset of any character set?
> >>
> >> What is the recommended policy here? Should subscribers be advised to
> >> change character set when posting to the list?
> >
> > No.  It's the responsibility of the person doing the filtering - in this
> > case you -
> > to exempt any known good e-mail sender from your filters.
>
> > You know damn well that legitimate mailing list mail comes from
> >
> > mx2.freebsd.org (mx2.freebsd.org [216.136.204.119])
> >
> > it's right in the headers of the messages on the list.
>
> First: You know all too well that filtering based on "Received" header
> fields is not reliable - any decent spammer know how to forge that.

Spammers cannot forge the Received header that your own mailserver
puts into the received message.  The first Received line of the message
is always legitimate.  You can also turn on the Sendmail flag to put in
the envelope address if you have multiple aliases to a mailbox that
you want to see.

> Accepting mail from a particular host should be done even before the
> mail delivery starts.
>

Don't know what your talking about here.

> Second: If you know postfix, you also know that header filtering is
> independent of other checks, even the result of filtering on individual
> header lines are independent.
>
> So the ideal you mention is not an option until a complete public list
> of authorized mail servers is available and all mail relayed through
> these requires authentication.
>

I don't know Postfix.  So what your saying is Postfix is so defective
that you can't use it for filtering?  No wonder I never bothered to
deal with it.

And, this isn't true anyway.  You can easily tell with a little sleuthing
what all of the mail emitters are for the FreeBSD mailing lists.  Many
mailing list managers, in fact, go to the trouble of posting publically
what their mailservers are.  And if the transmitting domain really
has their shit together, they will have published SPF records in their
DNS that will tell you what the authorized mailservers for that domain
are.   Sendmail has an SPF milter and I believe Spamassassin can also
use these for weighting.  (I'm too lazy to check for sure right now)

> Or do you have the solution that does not imply accepting any of a
> myriad of character sets?
>
> I'd be happy to implement that, but I don't want to open my mail server
> to receive mail I have no means of reading and understanding just
> because it is RFC compliant.
>

You open your mailserver to known, whitelisted, legitimate sending
servers, and let everyone else deal with the charset filtering.  You know
your going to accept mail from freebsd.org (or you tell your users to
tell you if they are) and you exempt these servers from filtering.

> > You have no right to
> > force other people to conform to what you feel is acceptable formatting
> > of their message as long as they meet the SMTP rfc standards.  That's
> > why we have RFC's.
>
> You you know perfectly well that content filtering is not based on the
> RFC's on SMTP but rather on the Internet Message Format and various
> RFC's on MIME - but I assume that you meant to refer to these.
>

content filtering and message charsets aren't the same thing.  A content
filter checks for "Make Money FAST" and other obvious spam content.
You don't like Viagra?  That's a content filter that takes care of that.

However, marking a non-spam message as spam soley because it's written in
another language
that you don't read - that's not a content filter.  There's nothing in the
content
of that message that is spam.  Thus you have no moral right to force mailing
list users to conform to a specific language.  Certainly, you can say "I
don't know
Spanish so I will just setup a filter to delete anything I get written in
Spanish"
but your crossing the line when you start telling people they can't post
Spanish
to a mailing list.

> Basically what you say here is that spammers have every right to flood
> mail servers as long as they do so compliant with the RFC's?
>

I'm saying that you don't have the right to force