relayd and header directives

[Bogdan Andu]

Hello,

I have the follwing setup on a single machine:

RELAYD[PUBLIC IP]:443
-> WEB_SERVER[127.0.0.1]:8080


pf is disbaled for testing purposes

relayd is
configured like this (snip):


/etc/relayd.conf:
###

table  { 127.0.0.1}

http protocol
www_ssl_prot {
#    header append "$REMOTE_ADDR" to "X-Forwarded-For"
#    header append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By"
#    header change "Keep-Alive" to "$TIMEOUT"

    # Various TCP
performance options
    tcp { nodelay, sack, socket buffer 65536, backlog
128 }

    ssl { sslv3, tlsv1, ciphers "HIGH" }
    ssl session cache
disable

}

relay www_ssl {
    # Run as a SSL accelerator
    listen
on $ext_addr port 443 ssl
    protocol www_ssl_prot

    # Forward to
hosts in the webhosts table using a src/dst hash
    forward to 
port 8080
}
###

The problem is that when I want
to append  or modify a header, this results in the error below


relay
www_ssl, session 1 (1 active), 0, 10.10.11.66 -> 127.0.0.1:8080, invalid


A
failed tcpdump session looks like this:

$ sudo tcpdump -A -i lo0 port 8080
tcpdump: listening on lo0, link-type LOOP


09:15:56.710348 localhost.24156 >
localhost.8080: S 2366115149:2366115149(0) win 65535  (DF)
M.v.X...
$qb.
09:15:56.710356 localhost.8080 >
localhost.24156: S 1050504178:1050504178(0) ack 2366115150 win 16384  (DF)
N..@X...>.k...

.b.$qb.
09:15:56.710362 localhost.24156 >
localhost.8080: . ack 1 win 8192  (DF)
N>.k... ^\
$qb.
.b.
tcpdump: WARNING: compensating for
unaligned libpcap packets
09:15:56.711365 localhost.24156 > localhost.8080: F
1:1(0) ack 1 win 8192  (DF)
N>.k...
^\
$qb.
.b.
09:15:56.711373 localhost.8080 > localhost.24156:
. ack 2 win 2048  (DF)
O.^\>.k...

.b.$qb.
09:15:56.711390 localhost.8080 >
localhost.24156: F 1:1(0) ack 2 win 2048  (DF)
O.^\>.k...

.b.$qb.
09:15:56.711398
localhost.24156 > localhost.8080: . ack 2 win 8192  (DF)
O>.k... ^\
$qb.
.b.


It seems that
after the connection is established, the client side of the relayd instead of
Pushing data and send at least the HTTP header it sends the FIN flag and the
handshake of closing the connection with local web server begins.

If all
header directives are commented out, then everything works fine.

A successful
tcpdump session looks like this:

$ sudo tcpdump -A -i lo0 port 8080
tcpdump:
listening on lo0, link-type LOOP

09:27:05.334568 localhost.14030 >
localhost.8080: S 2866784757:2866784757(0) win 65535  (DF)
E..@.2@.@...6[.X...
.G..
09:27:05.334576 localhost.8080 > localhost.14030: S 3002945289:3002945289(0)
ack 2866784758 win 16384  (DF)
E..@..@.@.{...6...O
..@.1
.X...
'.MO.G..
09:27:05.334582 localhost.14030 >
localhost.8080: . ack 1 win 8192  (DF)
E..4.n@.@.]S6.O
}.
.G..'.MO
tcpdump: WARNING: compensating
for unaligned libpcap packets
09:27:05.335528 localhost.14030 >
localhost.8080: P 1:199(198) ack 1 win 8192  (DF)
q]@.@...6.O
.. 
.G..'.MOPOST
/cereri/noi/cgi-bin/query?lang=ro HTTP/1.1
User-Agent:
09:27:05.335535
localhost.8080 > localhost.14030: . ack 199 win 2023  (DF)
.C@.@..~..6...O
$..
'.MO.G..POST
09:27:05.671832 localhost.8080 > localhost.14030: P
1:11455(11454) ack 199 win 2048  (DF)
E.,..9@.@.6...O

    e.
'.MO.G..HTTP/1.1 200 OK
Date: Tue, 13 Nov 2012 07:27:05 GMT
Server
09:27:05.671851 localhost.14030 >
localhost.8080: . ack 11455 win 6760 
(DF)
E..4..@.@.936.{h...
.G..'.MO
09:27:05.673411
localhost.8080 > localhost.14030: P 11455:11460(5) ack 199 win 2048
 (DF)
..@.@.6...{
'.MP.G..0

/cer
09:27:05.673418
localhost.14030 > localhost.8080: . ack 11460 win 8191  (DF)
E..4.K@.@.cv6.{
.G..'.MP
09:27:05.675649 localhost.14030 > localhost.8080: F 199:199(0) ack
11460 win 8192  (DF)
b.@.@...6.{... 
.G..'.MP0

09:27:05.675658
localhost.8080 > localhost.14030: . ack 200 win 2048  (DF)
E..4..@.@.w...6...{
'.MP.G..
09:27:05.675688 localhost.8080 > localhost.14030: F 11460:11460(0)
ack 200 win 2048  (DF)
..@.@.Q...6...{
'.MP.G..0

09:27:05.675697
localhost.14030 > localhost.8080: . ack 11461 win 8192  (DF)
E..4x   @.@...6.{... 
.G..'.MP

Here the client side of the relayd does not begins to close the
connections, but actually Pushes data to the local web server and the dialog
carries on normally



Please advice me what should I do.

Where is the
problem?

The digital certificate is issued by GeoTrust, if this matters.

Why
relaying the HTTP headers has this effect?

Thank you,

Bogdan


P.S. Sorry
for this long post





relay www_ssl, session 1 (1 active), 0, 10.10.11.

Re: Possible regression on dhclient (current)

[Tomas Bodzar]

On Mon, Nov 12, 2012 at 11:12 PM, Ville Valkonen  wrote:
> On 13 November 2012 00:09, Joerg Zinke  wrote:
>>
>> Are you really on latest -current?
>> There was a fix committed for a descriptor leak, which results in the
>> problems you describe.
>> http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/dhclient/kroute.c.diff?r1=1.12;r2=1.13;f=h
>
> Noup, and thanks for the pointer. Will upgrade asap and sorry for the noise.

Saw that for one day as well, but update to latest did help.

Re: Internet Connection - Load Balancing and Failover

[Tomas Bodzar]

On Mon, Nov 12, 2012 at 11:09 PM, Walter Neto  wrote:
> Hello guys,
>
> I have two internet connections, and I want to make load balancing and
> failover service, I had read about pf load balancing and multi-path route,
> what is the difference between them.
>
> Which is the better to use in my scenario?
>
> And for failover, the best solution is ifstated(8)?

One of the possible approaches, but maybe easier for you will be
http://www.openbsd.org/cgi-bin/man.cgi?query=trunk&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html

>
> thanks in advance.
>
> Walter Neto

Re: Unified BSD?

[Mike.]

On 11/12/2012 at 5:20 PM Nick Holland wrote:

|On 11/12/12 15:37, Robin  Björklin wrote:
|
| [snip]
}
|"compromise".  That is almost always an evil word.
|
| [snip]
|
 =

Agreement abounds.

"Compromise" takes two good ideas and results in a mediocre idea that
is in the average of those two good ideas.

Many like a compromised idea, because the idea is exactly that -
compromised.



If your goal is to please as many people as possible, then compromise
is the way to go.

If your goal is to produce outstanding software then, well, you're
gonna have to piss off a few people.

Re: Unified BSD?

[Martin]

The reason was actually intellectual property based between AT&T and the
proprietary BSD/386 if your talking BSD4.4. That was the core reason for
why FreeBSD and NetBSD started.
So really it isn't that crazy, more highly unlikely that your going to get
the core developers of each project to abandon years of work to start again
on a unified BSD.

It is a cool thought, one i have thought about.

Which is why i reckon your far more likely to get support for a new BSD
system that takes the foundation of one of the existing BSD's and create a
project that aims for compatibility between the major BSD players.

At least then its not like restarting.

On Tue, Nov 13, 2012 at 8:36 AM, Justin Mayes  wrote:

> Yes, your bat crap crazy :-)
>
> All of these variants inherit from the same unified BSD 4.4 base code as
> far
> as I know. So years ago  there were reasons that groups wanted to spilt off
> and focus on specific goals. Some of these goals are mutually exclusive.
> These BSD variants are not really competing with each other or Linux for
> that matter.
>
>
> Justin Mayes
>
>
> -Original Message-
> From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of
> Robin Björklin
> Sent: Monday, November 12, 2012 2:38 PM
> To: us...@dragonflybsd.org; netbsd-us...@netbsd.org;
> freebsd-c...@freebsd.org; misc@openbsd.org
> Subject: Unified BSD?
>
> Hi!
>
> First and foremost I'd like to present myself, I'm a young and naive junior
> sys admin that think people should be able to compromise and see the bigger
> picture and the good of the cause.
>
> Now over to the reason for my post.
>
> As all of you probably know there's a lot of buzz around Gnu/Linux these
> days and I'm pretty sure you couldn't care less. What I'm wondering is why
> the BSD community which from what I can gather isn't as big as the Linux
> community have decided to split their resources into several different
> projects/forks/distributions. To me it seems *BSD would be in a more
> competitive shape if all developers would get in under one roof?
>
> Am I bat crap crazy for thinking it could be good to merge the four largest
> BSD variants out there, take the best bits and pieces out of each and
> create
> a Unified BSD?
>
> Kind Regards,
> Robin Bjorklin

Re: Unified BSD?

[Greg 'groggy' Lehey]

On Monday, 12 November 2012 at 21:37:41 +0100, Robin  Björklin wrote:

> First and foremost I'd like to present myself, I'm a young and naive
> junior sys admin that think people should be able to compromise and
> see the bigger picture and the good of the cause.

It shows :-)

> As all of you probably know there's a lot of buzz around Gnu/Linux
> these days and I'm pretty sure you couldn't care less. What I'm
> wondering is why the BSD community which from what I can gather
> isn't as big as the Linux community have decided to split their
> resources into several different projects/forks/distributions. To me
> it seems *BSD would be in a more competitive shape if all developers
> would get in under one roof?

There's 20 years of history to explain that.  Where should I begin?
Should I begin?

- The initial split was between Bill Jolitz and the rest of the world.
  This was partially personality driven, partially goal driven.  Bill
  soon faded out, leaving just the NetBSD project.

- Next came the split between NetBSD and FreeBSD.  That was mainly
  goal driven, but there was also a fair amount of personality
  involved.

- Then came the Unix wars, where AT&T sued BSDI (a commercial variant
  that no longer exists) over perceived copyright infringement.  The
  free BSDs weren't really directly involved, but the suit would have
  been just as relevant, and people were worried.

  This was the time that Linux was in the ascendancy.  Users had the
  choice of a free GPL system or one which might land them in
  trouble.  Most chose the safe option.

- Then OpenBSD split from NetBSD.  Mainly personality driven AFAICT.
  This doesn't imply any criticism of the founder of the new project.

  Round about this time I wrote a paper on the subject, which I
  presented in various conferences.  You can find numerous versions at
  http://www.lemis.com/grog/Papers/, including "Why BSD is better than
  Linux", presented at the Linux.conf.au in Brisbane.

- Then DragonflyBSD split from FreeBSD.  Mainly personality driven
  AFAICT.  Again, this doesn't imply any criticism of the founder of
  the new project.

And that's where we are.  We have 4 different BSD kernels which
regularly borrow from each other.  Some projects, such as PCBSD, take
these kernels and package them differently.

Looking across the fence, I see that there is no distribution of Linux
with a completely standard kernel (I think), and lots of different
distributions with significantly different interfaces.  On the whole,
I'd say that BSD is more uniform than Linux.

> Am I bat crap crazy for thinking it could be good to merge the four
> largest BSD variants out there, take the best bits and pieces out of
> each and create a Unified BSD?

Maybe not, but there are many reasons it won't happen.  One is the
structure of the individual projects, and another is that the current
system works well.  If you only have one kernel, you don't have people
implementing different solutions for a problem, so you don't find out
which is better.

Greg
--
Sent from my desktop computer.
Finger g...@freebsd.org for PGP public key.
See complete headers for address and phone numbers.
This message is digitally signed.  If your Microsoft MUA reports
problems, please read http://tinyurl.com/broken-mua

[demime 1.01d removed an attachment of type application/pgp-signature]

Re: Unified BSD?

[Brett Glass]

You seem to be laboring under the misapprehension that the Linux 
world is unified. It isn't.


The big difference between Linux and the BSDs is that it alienates 
itself from the BSDs and many other projects by using a viral, 
business-hostile license. The BSDs can draw on one another's work 
because there are no licensing barriers between them.


--Brett Glass

Re: Unified BSD?

[Johan Beisser]

On Mon, Nov 12, 2012 at 5:14 PM, Greg 'groggy' Lehey  wrote:

> - Then DragonflyBSD split from FreeBSD.  Mainly personality driven
>   AFAICT.  Again, this doesn't imply any criticism of the founder of
>   the new project.

There were some very valid technical reasons at the time as well, IMHO.

Re: Best Performance Server Strategy(Probably OBSD OffTopic)

[Eric Furman]

Your clear solution is Tru64.

On Mon, Nov 12, 2012, at 06:04 PM, Friedrich Locke wrote:
> Hi folks,
> 
> i am planning to write a simple web server. My initial ideia for this
> server is that it will only serve static content.
> So, i would like to have the best possible performance.
> 
> I don't feel like going for multiple process since i would like to reduce
> context switch required by multiple process send data to clients. I would
> like to implement it using kqueue. On a single cpu/core machine it is
> fairly simple to solve, but when in SMP/multicore machines i could take
> two
> approaches (Suppose we have n cores in the system):
> 
> First approach:
> 
> A connection multiplexer process listens for incoming connections on port
> tcp/80. When i new connection arrives it (the process) accepts it (the
> new
> connection) and sends the fd from the incoming connection to one of the n
> http server process instances and from that point on the http server
> process handles it.
> 
> Second approach:
> 
> Starts a http server process. This process opens a socket for listening
> incoming connection on port tcp/80. Than, this process forks n-1
> processes.
> These n-1 process will share the listening socket and starts listening to
> this socket too. When a new connection arrives, the kernel wakes up one
> of
> the n proccess and this one handles the incoming connection. While this
> process is serving a request, we will have n-1 process listening and if a
> new connection arrives the kernel wakes up one of the n-1 process and do
> everything again and again 
> 
> I am no OpenBSD kernerl expert. I would like to hear from which of the
> approaches would deliver better performance (this is critical for me).
> What
> you have to say.
> 
> Thanks a lot for your time and cooperation.
> 
> Best regards,
> 
> Fried.

Re: Unified BSD?

[Anders N.]

If there's to be any hope of a rational discussion, we need to remember to CC 
each list as the OP did.

On Mon, Nov 12, 2012, Tony  wrote:
>Ain't that what OpenBSD is though - the best from all worlds?

Especially with comments like these..

Re: Unified BSD?

[Tony]

On Mon, Nov 12, 2012 at 9:37 PM, Robin Björklin
wrote:

>
> Am I bat crap crazy for thinking it could be good to merge the four largest
> BSD variants out there, take the best bits and pieces out of each and
> create a Unified BSD?
>

Ain't that what OpenBSD is though - the best from all worlds?

Tony
http://soundcloud.com/abletony84

Re: Unified BSD?

[pete wright]

On Mon, Nov 12, 2012 at 12:37 PM, Robin  Björklin
 wrote:

>
>
> Am I bat crap crazy for thinking it could be good to merge the four largest
> BSD variants out there, take the best bits and pieces out of each and
> create a Unified BSD?
>

you are not crazy for thinking this, and fortunately there is nothing
prohibiting you from doing so (or a collective group of people, or
company etc...).  One thing you will see in the BSD Unix systems is
there is quite a bit of cross pollination between projects.  The
largest example current example of this from my perspective is support
for OpenBSD's "pf" packet filter in FreeBSD.  This is a packet filter
built to suit the OpenBSD developers goals, but it did not restrict
FreeBSD from supporting this packet filter and hopefully both projects
benefit from this collaboration (wider code exposure of the pf code,
and wider choice of packet filters for FreeBSD users).

My opinion is that with the current state of the BSD's this is one of
its stronger suits - we have multiple projects right now building
entire operating systems to suit each of the projects stated goals and
developer wishes.  this would be opposed to gnu/linux where you are
cobbling together many disparate sources to build your distribution
(some of which will have goals that may not line up with your goals).
with this diversity we still cross pollinate ideas and methods, but
are still allowed to spend our limited resources focusing on our
projects core goals.

-pete

-- 
pete wright
www.nycbug.org
@nomadlogicLA

Re: Unified BSD?

[Nick Holland]

On 11/12/12 15:37, Robin  Björklin wrote:
> Hi!
> 
> First and foremost I'd like to present myself, I'm a young and naive junior
> sys admin that think people should be able to compromise and see the bigger
> picture and the good of the cause.

"compromise".  That is almost always an evil word.

In school in the United States, they taught us the "glories" of the art
of compromise, and told us about the "wonderful compromises of our
founding fathers" (mothers need not apply).  If you look at them, with
one major exception, which I would call a "nifty win-win solution"
rather than a "compromise", most of them devalued people or kicked
decisions down the road, clearly bad solutions that the wrong were glad
to get and the right were willing to live with.

By the logic of my teachers, if you wished to shoot me four times and I
didn't wish to be shot at all, a good compromise would be to shoot me
twice.  How could either of us object?  I have two fewer holes, you got
to do some of what you wanted to do. yay.

And of course, a compromised computer is a bad thing.

You can accuse me of linguistic games, but I don't think the uses of
"compromise" are as different as people like to pretend.

Realistically, OpenBSD refuses to "compromise" on things it thinks are
important.  The small number of OpenBSD users like that; in fact, that's
the reason we use OpenBSD.  The lack of compromise results in high
resistance to compromise.  WE like it that way.

> Now over to the reason for my post.
> 
> As all of you probably know there's a lot of buzz around Gnu/Linux these
> days and I'm pretty sure you couldn't care less.

bingo.

>  What I'm wondering is why
> the BSD community which from what I can gather isn't as big as the Linux
> community have decided to split their resources into several different
> projects/forks/distributions. To me it seems *BSD would be in a more
> competitive shape if all developers would get in under one roof?

That is an opinion.  It may be right.

As someone who has watched the Unix world since the 1980s, I disagree.
It's been diverse for decades; in fact, it's been diverse since it
escaped from the first computers it was developed on.  That's been both
a strength and a weakness of Unix.  Lots of attempts to unify it have
been made in the past, all failed.  All involved committees and
"compromise".

And back to what you said earlier...yes, we couldn't care less.  I
suspect a number of OpenBSD developers would probably freak out if next
year we were the #1 (or #3) OS in popularity...it would be a sign we are
probably doing something terribly wrong.

> Am I bat crap crazy for thinking it could be good to merge the four largest
> BSD variants out there, take the best bits and pieces out of each and
> create a Unified BSD?

I wholeheartedly support your right to give it a shot and see what
happens.  Maybe you can break the Winux mindset.  The BSD license begs
you to take your dream and run with it.  I hope you succeed, but only on
my terms, of course. :)

Your theory has been thought of many times before:
  http://xkcd.com/927/
(and many people reading this list know exactly what cartoon that is
BEFORE clicking on it!)

And realistically, that's to be expected.  Why are there solutions A and
B?  Because some people prefer A, some prefer B.  Try to make a
"compromise" solution C, you will have people who STILL prefer A, others
that STILL prefer B, and a few that think the compromise version is good.

OpenBSD's goal has never been to be The Biggest or Most Successful.
Just The Best, by the definition we chose.  We don't see "the good of
the cause" to compromise being the best (by our terms) for being the
"biggest", or "bigger".

Personally, I think there are bigger issues that the computer world
needs to address, very high on my list is the level of craptastic design
and implementation people tolerate and even encourage in the computer
world.  Why are your credit cards splattered all over the 'net?  Well, I
can say with confidence, compromise was involved -- between good design
and an arbitrary deadline, between good design and pretty pictures,
between good design by a skilled (and expensive) programmer and the
$5/day that a programmer in Elbonia charged.

Nick.

Re: Possible regression on dhclient (current)

[Ville Valkonen]

On 13 November 2012 00:09, Joerg Zinke  wrote:
>
> Are you really on latest -current?
> There was a fix committed for a descriptor leak, which results in the
> problems you describe.
> http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/dhclient/kroute.c.diff?r1=1.12;r2=1.13;f=h

Noup, and thanks for the pointer. Will upgrade asap and sorry for the noise.

Internet Connection - Load Balancing and Failover

[Walter Neto]

Hello guys,

I have two internet connections, and I want to make load balancing and
failover service, I had read about pf load balancing and multi-path route,
what is the difference between them.

Which is the better to use in my scenario?

And for failover, the best solution is ifstated(8)?

thanks in advance.

Walter Neto

Re: Possible regression on dhclient (current)

[Joerg Zinke]

Am 12.11.2012 um 23:01 schrieb Ville Valkonen :

> Hello all,
> 
> I was surfing on a Web when suddenly all traffic stopped. Closer examination
> revealed "Too many open files" failure with the dhclient. Since there have 
> been
> improvements in the dhclient lately, could this be related?


Are you really on latest -current?
There was a fix committed for a descriptor leak, which results in the 
problems you describe.
http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/dhclient/kroute.c.diff?r1=1.12;r2=1.13;f=h


> Tried to do pkill -TERM dhclient && sudo dhclient trunk0 but no cigar. Any
> hints what to try the next time if this occurs?

route flush 

> Uptime was 3 days if it happens
> to matter. I'm also testing Brain Fuck Scheduler patch since it makes videos
> playable. Yes, I can rule it out by running GENERIC if necessary.
> 
> Complete dmesg at the bottom of this message.
> 
> But now, here's some information:
> $ dmesg |tail -100
> ...
> arpresolve: 192.168.50.101: route without link local address
> arpresolve: 192.168.50.101: route without link local address
> arpresolve: 192.168.50.101: route without link local address
> arpresolve: 192.168.50.101: route without link local address
> arpresolve: 192.168.50.101: route without link local address
> ...
> 
> /var/log/daemon:
> Nov 12 23:08:38  dhclient[9627]: DHCPDISCOVER on trunk0 to
> 255.255.255.255 port 67 interval 3
> Nov 12 23:08:38  dhclient[9627]: DHCPOFFER from 192.168.50.101
> (00:30:18:a4:f8:e3)
> Nov 12 23:08:38  dhclient[9627]: DHCPREQUEST on trunk0 to
> 255.255.255.255 port 67
> Nov 12 23:08:38  dhclient[9627]: DHCPACK from 192.168.50.101 
> (00:30:18:a4:f8:e3)
> Nov 12 23:08:38  dhclient[7427]: socket open failed: Too many open files
> Nov 12 23:08:38  dhclient[9627]: bound to 192.168.50.102 -- renewal in
> 300 seconds.
> Nov 12 23:08:38  dhclient[9627]: DHCPDISCOVER on trunk0 to
> 255.255.255.255 port 67 interval 3
> Nov 12 23:08:38  dhclient[9627]: DHCPOFFER from 192.168.50.101
> (00:30:18:a4:f8:e3)
> Nov 12 23:08:38  dhclient[9627]: DHCPREQUEST on trunk0 to
> 255.255.255.255 port 67
> Nov 12 23:08:38  dhclient[9627]: DHCPACK from 192.168.50.101 
> (00:30:18:a4:f8:e3)
> Nov 12 23:08:38  dhclient[7427]: socket open failed: Too many open files
> Nov 12 23:08:38  dhclient[9627]: bound to 192.168.50.102 -- renewal in
> 300 seconds.
> 
> /var/log/messages
> Nov 12 23:11:59  /bsd: arpresolve: 192.168.50.101: route without link
> local address
> Nov 12 23:12:21  /bsd: arpresolve: 192.168.50.101: route without link
> local address
> Nov 12 23:14:58  last message repeated 15 times
> Nov 12 23:22:22  last message repeated 32 times
> Nov 12 23:22:24  dhclient[9276]: SIOCDIFADDR failed (192.168.50.102):
> Can't assign requested address
> Nov 12 23:22:24  dhclient[9276]: SIOCDIFADDR failed (192.168.50.102):
> Can't assign requested address
> Nov 12 23:22:27  /bsd: arpresolve: 192.168.50.101: route without link
> local address
> Nov 12 23:23:04  last message repeated 5 times
> 
> $ ulimit -a
> time(cpu-seconds)unlimited
> file(blocks) unlimited
> coredump(blocks) unlimited
> data(kbytes) 716800
> stack(kbytes)4096
> lockedmem(kbytes)1298308
> memory(kbytes)   3881796
> nofiles(descriptors) 500
> processes128
> 
> NOTICE: Closed Chromium since it had several descriptors opened. After that
> fstat |wc -l   showed ~400. Tried to restart dhclient again but with no luck.
> 
> 
> $ route -n show # (not using inet6)
> Routing tables
> 
> Internet:
> DestinationGatewayFlags   Refs  Use   Mtu  Prio Iface
> default192.168.50.101 UGS4  192 - 8 trunk0
> 127/8  127.0.0.1  UGRS   00 33152 8 lo0
> 127.0.0.1  127.0.0.1  UH 2 2935 33152 4 lo0
> 192.168.50/24  link#5 UC 10 - 4 trunk0
> 192.168.50.101 00:30:18:a4:f8:e3  UHLc   0   55 - 4 trunk0
> 192.168.50.102 127.0.0.1  UG 00 3315256 lo0
> 224/4  127.0.0.1  URS00 33152 8 lo0
> 
> 
> OpenBSD 5.2-current (GENERIC.MP) #0: Fri Nov  9 15:19:24 EET 2012
>weezel@:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> real mem = 4121640960 (3930MB)
> avail mem = 3989434368 (3804MB)
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe0010 (44 entries)
> bios0: vendor LENOVO version "6JET93WW (1.51 )" date 03/26/2012
> bios0: LENOVO 284756G
> acpi0 at bios0: rev 4
> acpi0: sleep states S0 S3 S4 S5
> acpi0: tables DSDT FACP HPET MCFG APIC BOOT SLIC SSDT SSDT SSDT
> acpi0: wakeup devices P0P2(S4) P0P1(S4) USB0(S3) USB1(S3) USB2(S3)
> USBR(S3) EHC1(S3) USB3(S3) USB4(S3) USB5(S3) EHC2(S3) HDEF(S4)
> PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4)
> RP04(S4) PXSX(S4) RP05(S4) RP06(S4) BLAN(S4) LID_(S3) SLPB(S3)
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpihpet0 at acpi0: 14318179 Hz
> acpimcfg0 at acpi0 ad

Re: Unified BSD?

[Ville Valkonen]

On 12 November 2012 22:37, Robin  Björklin  wrote:
> As all of you probably know there's a lot of buzz around Gnu/Linux these
> days and I'm pretty sure you couldn't care less. What I'm wondering is why
> the BSD community which from what I can gather isn't as big as the Linux
> community have decided to split their resources into several different
> projects/forks/distributions. To me it seems *BSD would be in a more
> competitive shape if all developers would get in under one roof?

Different BSDs have different interests. Also, "competitive shape" is
ambiguous (competitive in speed?, portability?, security?, market
share?).

> Am I bat crap crazy for thinking it could be good to merge the four largest
> BSD variants out there, take the best bits and pieces out of each and
> create a Unified BSD?

Doesn't that apply for Linux too?

Best Performance Server Strategy(Probably OBSD OffTopic)

[Friedrich Locke]

Sorry for the last message. I did not finnish and hitted send wrongly.

Possible regression on dhclient (current)

[Ville Valkonen]

Hello all,

I was surfing on a Web when suddenly all traffic stopped. Closer examination
revealed "Too many open files" failure with the dhclient. Since there have been
improvements in the dhclient lately, could this be related?

Tried to do pkill -TERM dhclient && sudo dhclient trunk0 but no cigar. Any
hints what to try the next time if this occurs? Uptime was 3 days if it happens
to matter. I'm also testing Brain Fuck Scheduler patch since it makes videos
playable. Yes, I can rule it out by running GENERIC if necessary.

Complete dmesg at the bottom of this message.

But now, here's some information:
$ dmesg |tail -100
...
arpresolve: 192.168.50.101: route without link local address
arpresolve: 192.168.50.101: route without link local address
arpresolve: 192.168.50.101: route without link local address
arpresolve: 192.168.50.101: route without link local address
arpresolve: 192.168.50.101: route without link local address
...

/var/log/daemon:
Nov 12 23:08:38  dhclient[9627]: DHCPDISCOVER on trunk0 to
255.255.255.255 port 67 interval 3
Nov 12 23:08:38  dhclient[9627]: DHCPOFFER from 192.168.50.101
(00:30:18:a4:f8:e3)
Nov 12 23:08:38  dhclient[9627]: DHCPREQUEST on trunk0 to
255.255.255.255 port 67
Nov 12 23:08:38  dhclient[9627]: DHCPACK from 192.168.50.101 (00:30:18:a4:f8:e3)
Nov 12 23:08:38  dhclient[7427]: socket open failed: Too many open files
Nov 12 23:08:38  dhclient[9627]: bound to 192.168.50.102 -- renewal in
300 seconds.
Nov 12 23:08:38  dhclient[9627]: DHCPDISCOVER on trunk0 to
255.255.255.255 port 67 interval 3
Nov 12 23:08:38  dhclient[9627]: DHCPOFFER from 192.168.50.101
(00:30:18:a4:f8:e3)
Nov 12 23:08:38  dhclient[9627]: DHCPREQUEST on trunk0 to
255.255.255.255 port 67
Nov 12 23:08:38  dhclient[9627]: DHCPACK from 192.168.50.101 (00:30:18:a4:f8:e3)
Nov 12 23:08:38  dhclient[7427]: socket open failed: Too many open files
Nov 12 23:08:38  dhclient[9627]: bound to 192.168.50.102 -- renewal in
300 seconds.

/var/log/messages
Nov 12 23:11:59  /bsd: arpresolve: 192.168.50.101: route without link
local address
Nov 12 23:12:21  /bsd: arpresolve: 192.168.50.101: route without link
local address
Nov 12 23:14:58  last message repeated 15 times
Nov 12 23:22:22  last message repeated 32 times
Nov 12 23:22:24  dhclient[9276]: SIOCDIFADDR failed (192.168.50.102):
Can't assign requested address
Nov 12 23:22:24  dhclient[9276]: SIOCDIFADDR failed (192.168.50.102):
Can't assign requested address
Nov 12 23:22:27  /bsd: arpresolve: 192.168.50.101: route without link
local address
Nov 12 23:23:04  last message repeated 5 times

$ ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 716800
stack(kbytes)4096
lockedmem(kbytes)1298308
memory(kbytes)   3881796
nofiles(descriptors) 500
processes128

NOTICE: Closed Chromium since it had several descriptors opened. After that
fstat |wc -l   showed ~400. Tried to restart dhclient again but with no luck.


$ route -n show # (not using inet6)
Routing tables

Internet:
DestinationGatewayFlags   Refs  Use   Mtu  Prio Iface
default192.168.50.101 UGS4  192 - 8 trunk0
127/8  127.0.0.1  UGRS   00 33152 8 lo0
127.0.0.1  127.0.0.1  UH 2 2935 33152 4 lo0
192.168.50/24  link#5 UC 10 - 4 trunk0
192.168.50.101 00:30:18:a4:f8:e3  UHLc   0   55 - 4 trunk0
192.168.50.102 127.0.0.1  UG 00 3315256 lo0
224/4  127.0.0.1  URS00 33152 8 lo0


OpenBSD 5.2-current (GENERIC.MP) #0: Fri Nov  9 15:19:24 EET 2012
weezel@:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4121640960 (3930MB)
avail mem = 3989434368 (3804MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe0010 (44 entries)
bios0: vendor LENOVO version "6JET93WW (1.51 )" date 03/26/2012
bios0: LENOVO 284756G
acpi0 at bios0: rev 4
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET MCFG APIC BOOT SLIC SSDT SSDT SSDT
acpi0: wakeup devices P0P2(S4) P0P1(S4) USB0(S3) USB1(S3) USB2(S3)
USBR(S3) EHC1(S3) USB3(S3) USB4(S3) USB5(S3) EHC2(S3) HDEF(S4)
PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4)
RP04(S4) PXSX(S4) RP05(S4) RP06(S4) BLAN(S4) LID_(S3) SLPB(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz, 1995.34 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF
cpu0: 2MB 64b/line 8-way L2 cache
cpu0: apic clock running at 494MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Cor

Re: Gdm and Gnome with OpenBSD 5.2

[Antoine Jacoutot]

On Mon, Nov 12, 2012 at 09:40:51PM +0100, Jean-François SIMON wrote:
> Dear all,
> 
> I am sorry, I can't work out finding gdm or running Gnome with OpenBSD 5.2,
> could someone please send a link or some informations ?
> I used to have it working before, just now I would like xdm to launch gnome
> but starting gnome-session ends up with various errors and back to xdm
> console.
> 
> Sorry again and thanks for help

# pkg_add gnome

Then read this:
/usr/local/share/doc/pkg-readmes/gnome-*

If it still fails, provide error messages..

-- 
Antoine

Unified BSD?

[Robin Björklin]

Hi!

First and foremost I'd like to present myself, I'm a young and naive junior
sys admin that think people should be able to compromise and see the bigger
picture and the good of the cause.

Now over to the reason for my post.

As all of you probably know there's a lot of buzz around Gnu/Linux these
days and I'm pretty sure you couldn't care less. What I'm wondering is why
the BSD community which from what I can gather isn't as big as the Linux
community have decided to split their resources into several different
projects/forks/distributions. To me it seems *BSD would be in a more
competitive shape if all developers would get in under one roof?

Am I bat crap crazy for thinking it could be good to merge the four largest
BSD variants out there, take the best bits and pieces out of each and
create a Unified BSD?

Kind Regards,
Robin Bjorklin

Gdm and Gnome with OpenBSD 5.2

[Jean-François SIMON]

Dear all,

I am sorry, I can't work out finding gdm or running Gnome with OpenBSD 5.2,
could someone please send a link or some informations ?
I used to have it working before, just now I would like xdm to launch gnome
but starting gnome-session ends up with various errors and back to xdm
console.

Sorry again and thanks for help

JF

Re: Issue with U of A hosting site

[David Walker]

James Woodward 
> Thank you,
> James

Thank you.

While it's expected that universities will support the wider community
it's probably entirely optional. Thank you for supporting us.
In this case you happen to be supporting something very cool ...

Re: afsd?

[Janne Johansson]

>> nnpfs (ie arla) has been discontinued in openbsd.
>>
>> > is afsd working in 5.2?
>> >
>> > If yes, where can I read about the error "arla[13196]:
>> > kern_open /dev/nnpfs0: Operation not supported by device" besides
>> > in /var/log/daemon?
>> > If no, where can I read about why?
>
> So now it's just net/openafs for afs support?
>

Yes, for the arches where it works.
There is nothing that prevents you from trying an arla compile
yourself though, its just not supplied with openbsd anymore. I had
some success with arla loaded as an LKM long time ago, except on
macppcs.

-- 
 To our sweethearts and wives.  May they never meet. -- 19th century toast

Re: afsd?

[Anders Trobäck]

Den Mon, 12 Nov 2012 17:52:17 +0100
skrev Janne Johansson :

> nnpfs (ie arla) has been discontinued in openbsd.
> 
> 2012/11/12 Anders Trobäck :
> > Hi,
> >
> > is afsd working in 5.2?
> >
> > If yes, where can I read about the error "arla[13196]:
> > kern_open /dev/nnpfs0: Operation not supported by device" besides
> > in /var/log/daemon?
> >
> > If no, where can I read about why?
> >
> > Thanks!
> >
> >
> > Br/Anders
> >
> 
> 
> 

So now it's just net/openafs for afs support?

Re: afsd?

[Janne Johansson]

nnpfs (ie arla) has been discontinued in openbsd.

2012/11/12 Anders Trobäck :
> Hi,
>
> is afsd working in 5.2?
>
> If yes, where can I read about the error "arla[13196]:
> kern_open /dev/nnpfs0: Operation not supported by device" besides
> in /var/log/daemon?
>
> If no, where can I read about why?
>
> Thanks!
>
>
> Br/Anders
>



-- 
 To our sweethearts and wives.  May they never meet. -- 19th century toast

Re: Issue with U of A hosting site

[James Woodward]

The issue in the datacenter was resolved around 2:00am last night. Everything 
should be back up now.

James

On 2012-11-11, at 5:38 PM, James Woodward wrote:

> There is an issue at the U of A hosting site. The servers hosted in that data 
> center will unavailable.
> 
> I will do my best to post again when more information is available. 
> 
> Thank you,
> 
> James

afsd?

[Anders Trobäck]

Hi,

is afsd working in 5.2?

If yes, where can I read about the error "arla[13196]:
kern_open /dev/nnpfs0: Operation not supported by device" besides
in /var/log/daemon?

If no, where can I read about why?

Thanks!


Br/Anders

Re: question about built-in support for full disk encryption

[Stuart Henderson]

On 2012-11-11, Jiri B  wrote:
> On Sun, Nov 11, 2012 at 11:20:53AM +, hepta tor wrote:
>> Thanks for the pointer. Do you know if there are any guidelines on how
>> to configure FDE with what's implemented in -current?
>> At 
>> http://geekyschmidt.com/2011/01/19/configuring-openbsd-softraid-fo-encryption
>> there is a kind of mini tutorial on how to configure softraid for
>> encryption - does anyone know if this is compatible with what's
>> implemented in -current?
>>   -h
>
> 1. During installation jump to shell
> 2. fdisk sd0
> 3. disklabel sd0, so sd0a is RAID, no sd0b as swap!
> 4. cd /dev ; sh ./MAKEDEV sd1 ; cd /
> 5. bioctl -c C -l /dev/sd0a softraid0
> 6. dd if=/dev/zero of=/dev/rsd1c bs=1m count=1
> 7. /install and use sd1 as your disk for usual installation
> 8. couple of enters...
> 9. change /mnt/etc/sysctl.conf to have 'vm.swapencrypt.enable=0'
> 10. reboot
>
> Of course, no warranty.
>
> jirib
>
>

This is missing a very important step 11: Configure backups.

MS Nano Transceiver

[Kārlis Miķelsons]

Hello,

Is here anyone who got Microsoft Wireless Mobile mouse to work on 
OpenBSD? Before OpenBSD 5.2 wouldn't even recognise device and disable 
USB port whenever transceiver was plugged in. Now it seems to recognise 
device just fine:


uhidev0 at uhub1 port 1 configuration 1 interface 0 "Microsoft 
Microsoft\M-. Nano Transceiver v2.0" rev 2.00/6.34 addr 2

uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub1 port 1 configuration 1 interface 1 "Microsoft 
Microsoft\M-. Nano Transceiver v2.0" rev 2.00/6.34 addr 2

uhidev1: iclass 3/1, 28 report ids
uhid0 at uhidev1 reportid 18: input=0, output=0, feature=1
uhid1 at uhidev1 reportid 22: input=4, output=0, feature=0
uhid2 at uhidev1 reportid 23: input=0, output=0, feature=1
ums0 at uhidev1 reportid 26: 5 buttons, Z dir
wsmouse1 at ums0 mux 0
uhid3 at uhidev1 reportid 28: input=3, output=0, feature=0
uhidev2 at uhub1 port 1 configuration 1 interface 2 "Microsoft 
Microsoft\M-. Nano Transceiver v2.0" rev 2.00/6.34 addr 2

uhidev2: iclass 3/0, 8 report ids
uhid4 at uhidev2 reportid 3: input=1, output=0, feature=0
uhid5 at uhidev2 reportid 4: input=1, output=0, feature=0
uhid6 at uhidev2 reportid 7: input=7, output=0, feature=0
uhid7 at uhidev2 reportid 8: input=1, output=0, feature=0

wsconsctl also sees the mouse (not sure that mouse1.scale is correct 
though):

# wsconsctl
keyboard.type=pc-xt
keyboard.bell.pitch=400
keyboard.bell.period=100
keyboard.bell.volume=50
keyboard.bell.pitch.default=400
keyboard.bell.period.default=100
keyboard.bell.volume.default=50
wsconsctl: Use explicit arg to view keyboard.map.
keyboard.repeat.del1=400
keyboard.repeat.deln=100
keyboard.repeat.del1.default=400
keyboard.repeat.deln.default=100
keyboard.ledstate=0
keyboard.encoding=us
keyboard1.type=usb
keyboard1.bell.pitch=400
keyboard1.bell.period=100
keyboard1.bell.volume=50
keyboard1.bell.pitch.default=400
keyboard1.bell.period.default=100
keyboard1.bell.volume.default=50
wsconsctl: Use explicit arg to view keyboard1.map.
keyboard1.repeat.del1=400
keyboard1.repeat.deln=100
keyboard1.repeat.del1.default=400
keyboard1.repeat.deln.default=100
keyboard1.ledstate=0
keyboard1.encoding=us
mouse.type=synaptics
mouse.rawmode=0
mouse.scale=1472,5472,1408,4448,0,63,109
mouse1.type=usb
mouse1.rawmode=1
mouse1.scale=0,0,0,0,0,0,0
display.type=vga-pci
display.emulations=vt100
display.screentypes=80x25,80x25bf,80x40,80x40bf,80x50,80x50bf
display.focus=4
display.screen_on=250
display.screen_off=60
display.vblank=off
display.kbdact=off
display.msact=off
display.outact=off

But nothing happens when mouse is attached and turned on, xinput is 
complaining about being unable to find device:

# xinput --test /dev/wsmouse1
unable to find device '/dev/wsmouse1'

This specific mouse is Microsoft Wireless Mobile Mouse 4000, nothing 
except mouse is attached to wireless transceiver. wsmouse0 is notebook's 
touchpad.


Thanks!

--
Karlis

ypserv

[Friedrich Locke]

Does OpenBSD ypserv serve multiple nis domain simultaneously ?

Thanks in advance.

Re: Thinkpad choice? -Is Nvidia tolerable for generic X?

[Christian Weisgerber]

Rod Whitworth  wrote:

> >I have a Thinkpad T430s with sandybridge (or ivybridge, I can never
> >remember), and life isn't too bad.  I can suspend/resume, watch
> >(smaller) movies and dvds, and generally use it.
> 
> Thanks for replying Peter.
> 
> Can you switch from X to a virtual console and back again?

With -current, I can on my Ivy Bridge laptop (Thinkpad X230).

However, the text consoles are gone (all blank) after a suspend-resume.

xbacklight(1) can control the screen brightness, but, bizarrely,
only if it's been adjusted at least once with the hotkeys during
the BIOS phase of the boot.

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de