Re: Failure in building a -current kernel

[Theo de Raadt]

> Compiling a kernel fails.  I just updated my tree about an hour
> ago from anoncvs1.ca.openbsd.org.

Some changes require people to delete their compile/KERNEL/lib directory
and it's contents.

There are other parts of tree that care less.

Failure in building a -current kernel

[STeve Andre']

Compiling a kernel fails.  I just updated my tree about an hour
ago from anoncvs1.ca.openbsd.org.

--STeve Andre'

(tail of kernel compile output of 'make clean ; make depend')

rm -f llib-lkern.ln  __main.ln imax.ln imin.ln lmax.ln lmin.ln max.ln min.ln 
ulmax.ln ulmin.ln strlcat.ln strlcpy.ln strncmp.ln strncpy.ln strncasecmp.ln 
adddi3.ln anddi3.ln ashldi3.ln ashrdi3.ln cmpdi2.ln divdi3.ln iordi3.ln 
lshldi3.ln lshrdi3.ln moddi3.ln muldi3.ln negdi2.ln notdi2.ln qdivrem.ln 
subdi3.ln ucmpdi2.ln udivdi3.ln umoddi3.ln xordi3.ln getsn.ln srandom.ln 
bcd.ln strchr.ln
cleaning the compat library objects

rm -f eddep *bsd bsd.gdb tags *.[io] [a-z]*.s  [Ee]rrs linterrs makelinks 
assym.h
paladin /sys/arch/i386/compile/GENERIC make depend
mkdir -p /usr/src/sys/arch/i386/compile/GENERIC/lib/kern
depending the kern library objects

depending the compat library objects
make: don't know how to make machine/types.h. Stop 
in /usr/src/sys/arch/i386/compile/GENERIC.
paladin /sys/arch/i386/compile/GENERIC

Help for Tyan

[MySHOP]

Hi

I have Tyan Tomcat i7230A (S5160)

But OpenBSD can not install

Can you make i386 version support it?

How can add raid device for SATA Harddisk?


Processor
 . Single Socket-T (LGA775 Socket)
 . Supports Intel. "Prescott/Smithfield/Cedar Mill"
 (Pentium. 4 w/ HT or Pentium. D) processor;
 FSB support 1.066GHz

Chipset
 . Intel. "Mukilteo" E7230 MCH + ICH7R chipset
 . Support for 1066MHz (1.066GHz) FSB
 . SMSC SCH5017 Super I/O chip

Memory
 . Four 240-pin DDR2 DIMM sockets
 . Dual channel memory bus
 . Up to 8GB unbuffered ECC DDR2-533/667 mem.

Expansion Slots
 . (1) PCI Express  x16 slot (with x8 signal) from
 E7230 MCH
 . (1) PCI Express  x16 slot (with x4 signal) from
 ICH7R
 . (4) PCI 32-bit, 33MHz slots
 . Total of six usable expansion slots

Integrated I/O
 . One 9-pin 16550 UART serial port
 . One ECP/EPP/SPP parallel port (via header)
 . One 15-pin VGA port
 . Eight USB 2.0 ports (four at rear, three headers
 via cable, one internal vertical USB connector)
 . Stacked PS/2 mouse and keyboard connectors
 . Standard/integrated SATA connectors
 . Two RJ-45 10/100/1000 LAN ports

System Management
 . CPU thermal & voltage monitor support
 . 2-pin chassis intrusion header
 . 4-pin fan monitoring header w/ PWM

Integrated Serial ATA
 . Four SATA 2.0 ports from Intel ICH7/ICH7R
 . Integrated Host RAID 0, 1 support

Integrated Video
 . XGI Volari^(TM) 27
  - PCI interface with 16MB DDR memory

Intelligent Platform Management Interface (optional)
 . Renesas Baseboard Management Controller
 (BMC)
 . Tailored for IPMI 2.0 specification
 . Supports remote Power on/off and reset support
 (IPMI-over-LAN)
 . Server Management Daughter card via built-in
 2x25 header

Integrated LAN Controllers
 . Two Broadcom. BCM5721 LAN controllers
  - Two PCI Express x1 interface
  - Speed of 1000/100/10MB/sec.
  - Two RJ-45 LAN connectors with LEDs
 . Two front panel LED headers

BIOS
 . PhoenixBIOS. on 8Mbit Flash ROM
 . Supports APM 1.2 & ACPI 1.0b
 . Serial Console Redirect
 . PXE via Ethernet, USB device boot
 . PnP, DMI2.0, WfM2.0 Power Management
 . User-configurable H/W monitoring
 . Auto-configuration of hard disk types
 . Watchdog timer (from Super I/O)
 . Multiple boot options
 . 48-bit LBA support
 . Power management: S0, S1, S3, S4, S5

Form Factor
 . ATX footprint (12" x 9.6", 305x244mm)
 . EPS12V/SSI (24 + 8pin) power connectors

Regulatory
 . FCC Class B (Declaration of Conformity)
 . European Community CE (DoC)

Man

3.8 not properly detecting SCSI disk during initial install

[Steve Bernacki]

Greetings,

I am trying to install OpenBSD 3.8 on an old server that I have lying
around.  I boot the 3.8 floppy (the system does not have a CDROM drive) and
see the following pertinent bits fly by in dmesg:

ahc1 at pci2 dev 14 function 0 "Adaptec AHA-29160 U160" rev 0x02: irq 10
scsibus0 at ahc1: 16 targets
sd0 at scsibus0 targ 0 lun 0:  SCSI2 0/direct
fixed
sd0: 8727MB, 13614 cyl, 4 head, 328 sec, 512 bytes/sec 17873040 sec total

[then further down, prior to "root on rd0a"]

sd0: could not mode sense (4/5): using ficticious geometry
sd0(ahc1:0:0): could not get size
dkcsum: open of sd0 failed

When I enter the install program, entering "sd0" results in a series of:

fdisk: sd0: Input/Output error
fdisk: sd0: Input/Output error

fdisk: sd0: Input/Output error
ERROR: No root partition (sd0a)

... at which point I get kicked back to the "Do you want to use *all* of sd0
for OpenBSD? [no]"  prompt which repeats all of the above over again.

I've tried to install both 3.7 and 3.8... no joy with either.  Booting the
floppyB38.fs doesn't work; the disk isn't even detected.

I'm pretty confident that the hardware is in working order: I managed to
install FreeBSD 5.4 without a hitch.  Under FreeBSD, a "fdisk da0" reveals:

cylinders=1112 heads=255 sectors/track=63 (16085 blks/cyl)

..which looks bogus to me, but FreeBSD makes it work, somehow.

I'd really like to get OpenBSD installed on this system, as I want it to
serve as a DSL firewall.  Any help would be appreciated.  Please note that
this system doesn't have a serial console so I typed the above messages by
hand.  If a full dmesg is necessary I'll figure out some way to capture it
all.

Thanks,
Steve

Re: No File uploads in Horde

[Chris]

Stupid mistake...

Never mind...  It works.

Chris wrote:

>Hello.  I am hoping that someone here can help me.  I have tried getting help 
>on the horde lists, but no one answers me.
>
>I have installed horde 3.0.9 on my openbsd 3.8 system with an apache chroot 
>jail.  I have most things working now, but there are a few problems.
>
>I noticed that when composing an email (imp 4.0.4), that the attachments icon 
>is not present.  There is no way to attach a file when composing email!  At 
>first, I thought that this was an imp issue.  Then I noticed that when I tried 
>to upload an address book (csv) on turba (2.0.5), that it would not permit me 
>to upload anything.  It gave me this error:  "File Uploads not supported".  I 
>get the same error when I try to import something in my tasks (nag 2.0.4).   
>So... now I think that these problems are all related.
>
>I have the http_uploads pear module installed, I have file uploads set to 
>"yes" in php.ini and I have a file size limit of 10M in my php.ini as well.  
>So I have no idea what I did wrong here.  Do I need to move anything else to 
>the jail?  My horde VFS is set to /tmp.  The perms on /var/www/tmp are set to 
>be writable by www.  If I use the CLI tool on the horde panel, I can 
>demonstrate that it is fully writable thusly:  "echo Hi >/tmp/Hello". I ssh 
>into my server, and find Hello in /var/www/tmp.  I do not see anything unusual 
>in my horde.log file...  Since there is no error output, I am at a loss here.
>
>Can someone please help?
>
>Thank you.
>
>Chris

No File uploads in Horde

[Chris]

Hello.  I am hoping that someone here can help me.  I have tried getting help 
on the horde lists, but no one answers me.

I have installed horde 3.0.9 on my openbsd 3.8 system with an apache chroot 
jail.  I have most things working now, but there are a few problems.

I noticed that when composing an email (imp 4.0.4), that the attachments icon 
is not present.  There is no way to attach a file when composing email!  At 
first, I thought that this was an imp issue.  Then I noticed that when I tried 
to upload an address book (csv) on turba (2.0.5), that it would not permit me 
to upload anything.  It gave me this error:  "File Uploads not supported".  I 
get the same error when I try to import something in my tasks (nag 2.0.4).   
So... now I think that these problems are all related.

I have the http_uploads pear module installed, I have file uploads set to "yes" 
in php.ini and I have a file size limit of 10M in my php.ini as well.  So I 
have no idea what I did wrong here.  Do I need to move anything else to the 
jail?  My horde VFS is set to /tmp.  The perms on /var/www/tmp are set to be 
writable by www.  If I use the CLI tool on the horde panel, I can demonstrate 
that it is fully writable thusly:  "echo Hi >/tmp/Hello". I ssh into my server, 
and find Hello in /var/www/tmp.  I do not see anything unusual in my horde.log 
file...  Since there is no error output, I am at a loss here.

Can someone please help?

Thank you.

Chris

request for new dmesg reports

[Theo de Raadt]

We're getting about halfway between releases, and around now it is
nice for us to see what kind of hardware people are seeing out there,
and how well it is supported.

If people have 3.8 dmesg's that they can mail in to

[EMAIL PROTECTED]

that would be much appreciated.

If they are able to test -current, that is even better.

In the mail Subject, please detail the release (or -current) and
roughly state what the machine is.  In the body, you can perhaps
perhaps provide some other details about what does or does not work.
For our parsers, it is better if the mail is not MIME encoded, but
just plain boring ascii.

As well as telling us what works, and what doesn't work, it also
gives us hints as to what new hardware people are starting to see
in their machines...

Thanks a lot.

Re: trouble with linking verlihub shared plugins (.so libs)

[Jacob Meuser]

On Sun, Jan 08, 2006 at 01:58:19AM +0300, Dmitij Lebed wrote:
> May be I wrote in wrong place, excuse me... :)
> I've standard openbsd-3.8 on i386 machine.
> I've compiled verlihub (dc++ hub - http://verlihub.sourceforge.net/).
> In installation of this hub there are some plugins, which are shared
> libraries and loaded when hub starts, but this plugins weren't linked in
> .so libs. I got this messages:
> 
> ...
> /bin/sh ../libtool --mode=link g++  -g -O2 -I/usr/src/include/
> -I/usr/local/www/mysql/include -DHAVE_MYSYS_NEW -I/usr/local/include
> -I/usr/local/include-o libverlihub.la -rpath /usr/local/lib
> -no-undefined -rdynamic -L/usr/local/lib -lpcre
> -L/usr/local/www/mysql/lib -lmysqlclient -lz -lm -lc -lcrypto
> -L/usr/local/lib -lGeoIP  -pthread cantiflood.lo casyncconn.lo
> casyncsocketserver.lo  cban.lo cbanlist.lo ccallbacklist.lo
> cchatconsole.lo ccmdr.lo  ccommand.lo cconfigbase.lo cconfigfile.lo
> cconfigitembase.lo  cconfmysql.lo cconnchoose.lo cconndc.lo cconnpoll.lo
>  cconnselect.lo cconntypes.lo cdbconf.lo cdcclients.lo  cdccommand.lo
> cdcconf.lo cdcconsole.lo cdcproto.lo cdctag.lo  cfreqlimiter.lo
> cgeoip.lo cinfoserver.lo cinterpolexp.lo  ckick.lo ckicklist.lo
> cmeanfrequency.lo cmessagedc.lo cmutex.lo  cmysql.lo cobj.lo
> coperator.lo cpcre.lo cpenaltylist.lo  cpluginbase.lo cpluginloader.lo
> cpluginmanager.lo cprotocol.lo  cprotocommand.lo cquery.lo creglist.lo
> creguserinfo.lo  cserverdc.lo csetuplist.lo ctempfunctionbase.lo
> cthread.lo  cthreadwork.lo ctime.lo ctimeout.lo ctrigger.lo ctriggers.lo
>  cusercollection.lo cuser.lo cvhplugin.lo cvhpluginmgr.lo
> cworkerthread.lo script_api.lo stringutils.lo thasharray.lo
> tpluginbase.lo -L/usr/local/lib -lGeoIP -lssl -lcrypto
> 
> *** Warning: linker path does not have real file for library -lmysqlclient.
> *** I have the capability to make that library automatically link in when
> *** you link to this library.  But I can only do this if you have a
> *** shared version of the library, which you do not appear to have
> *** because I did check the linker path looking for a file starting
> *** with libmysqlclient and none of the candidates passed a file format test
> *** using a file magic. Last file checked:
> /usr/local/www/mysql/lib/libmysqlclient.a

you need to build a shared libmysqlclient.

> *** Warning: linker path does not have real file for library -lsupc++.
> *** I have the capability to make that library automatically link in when
> *** you link to this library.  But I can only do this if you have a
> *** shared version of the library, which you do not appear to have
> *** because I did check the linker path looking for a file starting
> *** with libsupc++ and none of the candidates passed a file format test
> *** using a file magic. Last file checked: /usr/lib//libsupc++.a
> 
> *** Warning: linker path does not have real file for library -lgcc.
> *** I have the capability to make that library automatically link in when
> *** you link to this library.  But I can only do this if you have a
> *** shared version of the library, which you do not appear to have
> *** because I did check the linker path looking for a file starting
> *** with libgcc and none of the candidates passed a file format test
> *** using a file magic. Last file checked:
> /usr/lib/gcc-lib/i386-unknown-openbsd3.8/3.3.5//libgcc.a

looks like both libsupc++.a and libgcc.a are relocatable, but libtool
is ignorant of that.

you might want to try installing the libtool port/package and using
'make LIBTOOL=/usr/local/bin/libtool', instead of just 'make'.  not
sure if that will fix this, but it might ..

-- 
<[EMAIL PROTECTED]>

Failure to detect second CPU on IBM Netfinity 4000R

[Bo Lind]

Hello,

I am attempting to install OpenBSD 3.8 on an IBM Netfinity 4000R
server. This is a dual PIII 650 MHz machine with 1 GB of RAM.

I can boot bsd.mp / GENERIC.MP successfully, but dmesg only shows cpu0
as being found, no sign of cpu1.

The BIOS claims both CPUs to be installed and working.

I had to disable uhci, as it hangs during boot with a "host controller
halted" error message. This has to do with an "Intel 82371AB USB"
device, and since I have nothing to use USB for on this server, I
assumed it was safe to disable it. Am I right in assuming this has
nothing to do with the failure to detect the second CPU?

The server runs fine with the GENERIC.MP kernel, just only on half my
processors.

Any ideas?

trouble with linking verlihub shared plugins (.so libs)

[Dmitij Lebed]

May be I wrote in wrong place, excuse me... :)
I've standard openbsd-3.8 on i386 machine.
I've compiled verlihub (dc++ hub - http://verlihub.sourceforge.net/).
In installation of this hub there are some plugins, which are shared
libraries and loaded when hub starts, but this plugins weren't linked in
.so libs. I got this messages:

...
/bin/sh ../libtool --mode=link g++  -g -O2 -I/usr/src/include/
-I/usr/local/www/mysql/include -DHAVE_MYSYS_NEW -I/usr/local/include
-I/usr/local/include-o libverlihub.la -rpath /usr/local/lib
-no-undefined -rdynamic -L/usr/local/lib -lpcre
-L/usr/local/www/mysql/lib -lmysqlclient -lz -lm -lc -lcrypto
-L/usr/local/lib -lGeoIP  -pthread cantiflood.lo casyncconn.lo
casyncsocketserver.lo  cban.lo cbanlist.lo ccallbacklist.lo
cchatconsole.lo ccmdr.lo  ccommand.lo cconfigbase.lo cconfigfile.lo
cconfigitembase.lo  cconfmysql.lo cconnchoose.lo cconndc.lo cconnpoll.lo
 cconnselect.lo cconntypes.lo cdbconf.lo cdcclients.lo  cdccommand.lo
cdcconf.lo cdcconsole.lo cdcproto.lo cdctag.lo  cfreqlimiter.lo
cgeoip.lo cinfoserver.lo cinterpolexp.lo  ckick.lo ckicklist.lo
cmeanfrequency.lo cmessagedc.lo cmutex.lo  cmysql.lo cobj.lo
coperator.lo cpcre.lo cpenaltylist.lo  cpluginbase.lo cpluginloader.lo
cpluginmanager.lo cprotocol.lo  cprotocommand.lo cquery.lo creglist.lo
creguserinfo.lo  cserverdc.lo csetuplist.lo ctempfunctionbase.lo
cthread.lo  cthreadwork.lo ctime.lo ctimeout.lo ctrigger.lo ctriggers.lo
 cusercollection.lo cuser.lo cvhplugin.lo cvhpluginmgr.lo
cworkerthread.lo script_api.lo stringutils.lo thasharray.lo
tpluginbase.lo -L/usr/local/lib -lGeoIP -lssl -lcrypto

*** Warning: linker path does not have real file for library -lmysqlclient.
*** I have the capability to make that library automatically link in when
*** you link to this library.  But I can only do this if you have a
*** shared version of the library, which you do not appear to have
*** because I did check the linker path looking for a file starting
*** with libmysqlclient and none of the candidates passed a file format test
*** using a file magic. Last file checked:
/usr/local/www/mysql/lib/libmysqlclient.a

*** Warning: linker path does not have real file for library -lsupc++.
*** I have the capability to make that library automatically link in when
*** you link to this library.  But I can only do this if you have a
*** shared version of the library, which you do not appear to have
*** because I did check the linker path looking for a file starting
*** with libsupc++ and none of the candidates passed a file format test
*** using a file magic. Last file checked: /usr/lib//libsupc++.a

*** Warning: linker path does not have real file for library -lgcc.
*** I have the capability to make that library automatically link in when
*** you link to this library.  But I can only do this if you have a
*** shared version of the library, which you do not appear to have
*** because I did check the linker path looking for a file starting
*** with libgcc and none of the candidates passed a file format test
*** using a file magic. Last file checked:
/usr/lib/gcc-lib/i386-unknown-openbsd3.8/3.3.5//libgcc.a
*** The inter-library dependencies that have been dropped here will be
*** automatically added whenever a program is linked with this library
*** or is declared to -dlopen it.

*** Since this library must not contain undefined symbols,
*** because either the platform does not support them or
*** it was explicitly requested with -no-undefined,
*** libtool will only create a static version of it.
...
/bin/sh ../libtool --mode=link g++  -g -O2 -I/usr/src/include/
-I/usr/local/www/mysql/include -DHAVE_MYSYS_NEW -I/usr/local/include
-I/usr/local/include-o libvhapi.la -rpath /usr/local/lib -module
-shared -dy script_api.lo  -lssl -lcrypto

*** Warning: linker path does not have real file for library -lsupc++.
*** I have the capability to make that library automatically link in when
*** you link to this library.  But I can only do this if you have a
*** shared version of the library, which you do not appear to have
*** because I did check the linker path looking for a file starting
*** with libsupc++ and none of the candidates passed a file format test
*** using a file magic. Last file checked: /usr/lib//libsupc++.a

*** Warning: linker path does not have real file for library -lgcc.
*** I have the capability to make that library automatically link in when
*** you link to this library.  But I can only do this if you have a
*** shared version of the library, which you do not appear to have
*** because I did check the linker path looking for a file starting
*** with libgcc and none of the candidates passed a file format test
*** using a file magic. Last file checked:
/usr/lib/gcc-lib/i386-unknown-openbsd3.8/3.3.5//libgcc.a

*** Warning: libtool could not satisfy all declared inter-library
*** dependencies of module libvhapi.  Therefore, libtool will create
*** a static module, that should work as long as the dlopening
*** application i

Re: OpenBSD T/TCP support

[Denis Doroshenko]

OpenBSD AFAIK never had T/TCP implemented. FreeBSD had. but what the heck:

http://www.freebsd.org/releases/6.0R/relnotes-i386.html

"...RFC 1644 T/TCP support has been removed. This is because the
design is based on a weak security model that can easily permit
denial-of-service attacks. This TCP extension has been considered a
defective one in a recent Internet Draft."

well, you can see how wise was OpenBSD's decision. i do love the
evolutionary approach! it looks like T/TCP was a pile of poo from the
very beginning...

On 1/7/06, Gustavo Rios <[EMAIL PROTECTED]> wrote:
> Dear folks,
>
> i am trying to figure it out whether OpenBSD support T/TCP or not, but
> until so far, i could not see.
>
> Thanks in advance.

Re: Moving to a bigger HD, is dump still the best way

[Bill]

On Sat, 07 Jan 2006 00:42:18 -0500
Nick Holland <[EMAIL PROTECTED]> spake:

> Bill wrote:
> > I found one of my firewalls has a 4Gig drive.  While it is still
> > working fine, I am thinking maybe I should remove the 10 year old thing
> > and maybe move it somewhere a little less stressed).
> > 
> > I googled and faq'd and nothing recent came up, so I was wondering if
> > this was the best way to move the stuff over.
> > 
> >  * Put in the new drive
> >  * Boot with cd / floppy
> >  * Partition new drive with the same layout, but bigger partitions
> 
> Only do this if you really need it.
> Leaving much of your disk unallocated has lots of advantages.  4G is a
> lot for a firewall...look at all the people putting firewalls on 256M
> and 512M flash media.
> 
> If you don't have something to put in them, making partitions bigger
> just makes it take longer to reboot after you trip over the power cord.
>  If you leave a Big Empty at the end of the disk, you can always create
> a new partition there if something actually gets filled.  There's just
> no reason to allocate every block of a 40G (or 80G, or 160G) disk to a
> partition in a firewall...
> 
> Stick your Most Likely to Grow partition at the end of the disk, you can
> then use growfs to enlarge it, rather than copying the data.
> 
> >  * For each, mount old and new and dump from one to the other (per faq)
> >  * Recreate devices
> >  * Remove old drive reboot
> > 
> > Does this seem sane?
> 
> +reinstall boot blocks.
> 
> Just did this today on a system, myself.  Saw your note, read it, and
> thought, "...and install boot block".  Saw the reply reminding you to
> reinstall boot block.  Did my upgrade, thinking, "don't forget to
> install the boot blocks"...of course, I then forgot to install the boot
> blocks. :-/
> 
> But yes, this process works.  AFTER you remember to install the boot blocks.
> 
> ON THE OTHER HAND, if all the machine is is a simple firewall, this is a
> really good time to simply re-install from scratch, just as you wanted
> it to be, copying over the config as needed.  It will very possibly be
> faster to simply install OpenBSD on the new disk, enable PF, copy over
> pf.conf, and get to work, rather than manually copying over all the
> partitions, one at a time.
> 
> Forgetting to install the boot blocks is annoying on some systems. :)
> 
> Nick.
> 

What was that about boot blocks? :)

I see the wisdom in much of what you are saying.  I would like a bit
more space, but I think your right and I will not use up all the space.

Aside from the practice / experience of doing this under a non-panic
solution I'd probably just do a full install - so I can see your point
there also.

Thanks for all for the comments, suggestions and OPPS to avoid

Bill

Re: CGD

[Travers Buda]

I'd like to apologize to all.

Fortune told me yesterday that assumptions are the mother of all 
screw-ups.

I assumed I was educated about the subject. I was not.

I forget it's not my tree.

I assumed that the OpenBSD developers desired cryptographic disks. There 
may be a want for them, but its obvious to me now that they are not as 
desireable as other functionality in the system. And, nobody has 
unlimited time to work on whatever. Hence, I realize that crypo-disks 
are somewhat unimportant. Especially in the light of other mechanisms 
such as physical security and _practicality_. Practically speaking, few 
people have top-secret info!

I accused people who did not deserve such accusations. 

I wish I could aid you to stamp this kind of malarky out of existence on 
these forums. I can only shut myself up, yet I will try to impart my 
new-found virtue of doing your research and homework first on the few 
open source utilizing people who look up to me.

Thanks for a great OS. I'm deeply sorry and ashamed for the blather and 
being an ass. 

Travers Buda 

3.8 panic on boot (rd0)

[Charles Sprickman]

Hello all,

I have an older i386 pc that I've been using as my home firewall for some 
years now.  It currently runs 3.3 and I was hoping to do an upgrade, so I 
did go ahead and buy the full CD set (impressive packaging, btw) after 
having trouble with boot floppies (marginal drive) and the boot CD ISO.


However, the kernel panics every time I try and boot the 3.8 CD.  I've 
also tried 3.7, 3.6 and 3.5 boot CDs that I downloaded from the OpenBSD 
ftp server.  Hardware seems fine; I ran memtest86+ for a day and it did 
about 30 passes with no errors, I tried different CD-ROM drives, different 
IDE cables, removed all network cards, etc., but still it panics in the 
same place (right after "rd0: fixed, 3800 blocks").  CPU is an AMD 
K6-2-500 clocked down to 300 - temperature is fine (about 110F), mainboard 
is an old Epox.


On the suggestion of a bsdforums.org user, I tried downloading bsd.rd and 
booting that from the 3.3 install, and that failed.  I'm guessing it has 
something to do with the exec format changing; perhaps the old loader 
doesn't understand the new kernel exec format?


rebooting...
boot> /bsd.rd
booting hd0a:/bsd.rd:  failed(79). will try /obsd
boot> ls bsd.rd
-rwxr-xr-x 0,0  4658297 hd0a:bsd.rd
boot> ls obsd
-rwxr-xr-x 0,0  2487309 hd0a:obsd
boot>

...snip...

gw# cd /
gw# file bsd.rd
bsd.rd: ELF 32-bit LSB executable, Intel 80386, version 1, statically 
linked, not stripped

gw# file obsd
obsd: OpenBSD/i386 demand paged executable not stripped
gw#

I have this thing hooked up via serial now, so if someone can point me in 
the right direction (how to get a dump when booting from CD, how to look 
at that dump, etc.), I will gladly do so.  I have also included the 3.3 
dmesg below.


Thanks,

Charles

_

Here is the partial boot message booting 3.8:

>> OpenBSD/i386 CDBOOT 1.04
boot>
booting cd0a:/3.8/i386/bsd.rd: 4369156+828044 [52+151072+137381]=0x53b600
entry point at 0x100120

Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved. 
http://www.OpenBSD.org


OpenBSD 3.8 (RAMDISK_CD) #794: Sat Sep 10 15:58:32 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: AMD-K6(tm) 3D processor ("AuthenticAMD" 586-class) 301 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,PGE,MMX
real mem  = 133799936 (130664K)
avail mem = 116502528 (113772K)
using 1658 buffers containing 6791168 bytes (6632K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(ee) BIOS, date 01/03/00, BIOS32 rev. 0 @ 
0xfb390

apm0 at bios0: Power Management spec V1.2
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0xb80c
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdde0/128 (6 entries)
pcibios0: PCI Exclusive IRQs: 5 10 11
pcibios0: PCI Interrupt Router at 000:07:0 ("VIA VT82C586 ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x2000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "VIA VT82C598 PCI" rev 0x04
ppb0 at pci0 dev 1 function 0 "VIA VT82C598 AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Rage Pro" rev 0x5c
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
pcib0 at pci0 dev 7 function 0 "VIA VT82C586 ISA" rev 0x47
pciide0 at pci0 dev 7 function 1 "VIA VT82C571 IDE" rev 0x06: ATA33, 
channel 0 configured to compatibility, channel 1 configured to compatibility

wd0 at pciide0 channel 0 drive 0: 
wd0: 32-sector PIO, LBA, 1916MB, 3924360 sectors
wd0(pciide0:0:0): using PIO mode 4, DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0 
5/cdrom removable

cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
uhci0 at pci0 dev 7 function 2 "VIA VT83C572 USB" rev 0x02: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
"VIA VT82C586 Power" rev 0x10 at pci0 dev 7 function 3 not configured
sis0 at pci0 dev 17 function 0 "NS DP83815 10/100" rev 0x00: DP83816A, irq 
10, address 00:09:5b:22:4a:ee

nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1
xl0 at pci0 dev 18 function 0 "3Com 3c900 10Base-T" rev 0x00: irq 5, 
address 00:a0:24:ce:11:02

isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom0: console
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask fbc5 netmask ffe5 ttymask ffe7
rd0: fixed, 3800 blocks
fatal page fault in supervisor mode
trap type 6 code 2 eip d02b9015 cs 50 eflags 10002 cr2 1ffec1c6 cpl a0
panic: trap type 6, code=2, pc=d02b9015
syncing disks... done

dumpi

Re: OpenBSD T/TCP support

[Theo de Raadt]

> > i am trying to figure it out whether OpenBSD support T/TCP or not, but
> > until so far, i could not see.
> 
> T/TCP is fundamentally broken as discovered by Newsham and Ptaceck in
> 1998 or so.  So, no.

Ah, or maybe it was route who found it:

http://www.zone-h.org/files/32/t_tcp_vulnerability.txt

But I seem to remember something else found by the previous two as
well.

Anyways, why play fast and loose -- and thus make TCP worse -- when it
already has a number of difficult to resolve problems.

It is so easy to make things worse by adding extra gunk, yet we see
people doing it all the time.  Things should be kept simple, but they
are not.

Re: Analogue of "sort -M" option in OpenBSD?

[Zoong PHAM]

On Saturday,  7 January 2006 at 20:29:50 +, Pavel M. Ivanchev wrote:
> > I have just installed sarg 2.1 on OpenBSD and everything during build> was 
> > ok. I applyed all the patches also.> The probles is when i start sarg to 
> > build report i have this output:
> 
>   >   SARG: Records in file: 1842, reading: 0.00%  >   sort: illegal field 
> descriptor  >   SARG: (index) Cannot open file:  >   
> /var/www/htdocs/squid-reports/index.sort
> 

sarg-2.1 without any patches is built and runs fine with OBSD-3.8 .

With OBSD-3.6, you need some patches that I can send you off list if you
want.

HTH,
Zoong

Re: OpenBSD T/TCP support

[Theo de Raadt]

> i am trying to figure it out whether OpenBSD support T/TCP or not, but
> until so far, i could not see.

T/TCP is fundamentally broken as discovered by Newsham and Ptaceck in
1998 or so.  So, no.

OpenBSD T/TCP support

[Gustavo Rios]

Dear folks,

i am trying to figure it out whether OpenBSD support T/TCP or not, but
until so far, i could not see.

Thanks in advance.

Re: Keyboard trouble...

[Fred Crowson]

Limaunion wrote:

Fred Crowson wrote:


Limaunion wrote:







sorry, forgot about that detail, it's a PS2 keyboard attached to a 5pin 
DIN adapter connected to the motherboard .

Jorge.-



Hi Jorge,

I believe this is a BIOS issue - had a similar problem with an old 
Cyrix 6x86MX ("CyrixInstead" 686-class) 234 MHz machine, that had a 5pin 
 DIN keyboard socket on the motherboard - but I found the problem 
disappeared if I used 5pin DIN keyboard.  The keyboard is left plugged 
in as the BIOS didn't have an option to boot on all errors. I suspect 
that the BIOS options on a 486 might be a bit limiting...


Not sure this helps.

Fred

Re: issue with mtu/mss and in-kernel pppoe

[Jason McIntyre]

On Sat, Jan 07, 2006 at 05:49:34PM +0100, Thomas Schoeller wrote:
> hi misc,
> i have installed a new firewall with my new WRAP board. and have tried the
> new
> in-kernel pppoe. and i had a problem with the mtu/mss. i have set the pf.conf
> entry "scrub out on pppoe0 max-mss 1440". and also have put the mtu on the
> internal nic to 1492. but no success.
> after some googling i found http://www.pro-bono-publico.de/openbsd/pppoe/.
> i put "scrub in all max-mss 1452" in my pf.conf and it works.
> 
> have i forgot something or is the pppoe(4) manpage wrong/notcomplete?
> 

as noted in the man page, 1452 should work fine but 1440 is a safer bet.
i use 1453 (i can't remember why). whatever, it just needs to be small
enough...

i don't know why 1452 would work for you and not 1440. you mention
changing the "scrub out" rule to "scrub in all" so perhaps sth else in
your ruleset is affecting it. you should not need to clamp max-mss on
incoming packets...

jmc

Analogue of "sort -M" option in OpenBSD?

[Pavel M. Ivanchev]

Hi people!
My problem is explained below and also i get an answer for the eventual 
solution.
Because i am not so advanced with openbsd and i am asking you what option 
should i use instead of "-M" or 

>>Unfortunately, 'sort' program in OpenBSD doesn't support the -M option.
>>That's why you get "sort: illegal field descriptor" message.
>>You can try editing the index.c file and change the string
>>  "sort -t';' +6.5n +6.2M +6.0n"
>>to something that works on OpenBSD.

>Hi there!

> I have just installed sarg 2.1 on OpenBSD and everything during build> was 
> ok. I applyed all the patches also.> The probles is when i start sarg to 
> build report i have this output:

  >   SARG: Records in file: 1842, reading: 0.00%  >   sort: illegal field 
descriptor  >   SARG: (index) Cannot open file:  >   
/var/www/htdocs/squid-reports/index.sort

issue with mtu/mss and in-kernel pppoe

[Thomas Schoeller]

hi misc,
i have installed a new firewall with my new WRAP board. and have tried the
new
in-kernel pppoe. and i had a problem with the mtu/mss. i have set the pf.conf
entry "scrub out on pppoe0 max-mss 1440". and also have put the mtu on the
internal nic to 1492. but no success.
after some googling i found http://www.pro-bono-publico.de/openbsd/pppoe/.
i put "scrub in all max-mss 1452" in my pf.conf and it works.

have i forgot something or is the pppoe(4) manpage wrong/notcomplete?

cheers
thomas

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]

Newsletter della 2� settimana 2006

[Borghi Toscani News]

[IMAGE]

[IMAGE]

Borghi Toscani | E - mail | Registrati | Inserisci un locale | Meteo |
News

[IMAGE]

NUOVI
INSERIMENTI

Newsletter della 2B0 settimana 2006

LINK
CONSIGLIATI

Podere gli Olmi

LAST MINUTE IN TOSCANA

OFFERTE SOGGIORNI IN TOSCANA

OFFERTE LAST MINUTE FIRENZE

Last Minute Abetone

Offerte Abetone

SCARICA I DESKTOP DI GENNAIO

abetone.com
[IMAGE]

borghitoscani.com
[IMAGE]

Sanvincenzo.com
[IMAGE]

Arcipelagotoscano.com
[IMAGE]

News, eventi e manifestazioni in Toscana questa settimana

Data

Evento

Tipologia

06/01/2006

La Befana vien in Toscana FIRENZE

(Folklore)

06/01/2006

Cavalcata dei Re Magi

(Folklore)

06/01/2006

Arriva la Befana dal campanile PISTOIA

(Folklore)

06/01/2006

Collezionisti in piazza SCARPERIA

(Mercatini)

06/01/2006

Mercantico CASCINA

(Mercatini)

07/01/2006

III^ Edizione Luca Baroni ABETONE

(Gare)

08/01/2006

Miss Befana 2006 SAN MARCELLO

(Feste Paesane)

08/01/2006

XIIIB0 Memorial Pagnini ABETONE

(Gare)

08/01/2006

Memorandia ANGHIARI

(Mercatini)

08/01/2006

Donna Donne FIRENZE

(Mostre)

08/01/2006

Che mondo che fa FUCECCHIO

(Mostre)

08/01/2006

Esposizione Nazionale canina CARRARA

(Mostre)

09/01/2006

Da Puccio Di Simone a Giottino FIRENZE

(Mostre)

10/01/2006

Note di memoria PISTOIA

(Concerti)

11/01/2006

Psiche Pathos Logos FIRENZE

(Mostre)

12/01/2006

Cibi e sapori nel mondo FIRENZE

(Mostre)

13/01/2006

Oleovagando FIRENZE

(Sagre e Fiere)

14/01/2006

Mercato artigianato e antiquariato PIOMBINO

(Mercatini)

14/01/2006

4B0 Tour.it CARRARA

(Mostre)

15/01/2006

Antiquariato in piazza QUARRATA

(Mercatini)

15/01/2006

Antiquariando BUTI

(Mercatini)

escursioni toscana

PITTI IMMAGINE UOMO N. 69

PALIO DI SANT'ANTONIO ABATE

Settembre lucchese11 - 14 gennaio 2006
Firenze, Fortezza da Basso
Organizzata da Pitti Immagine, promossa dal Centro di Firenze per la Moda
Italiana.
Pitti Immagine Uomo C( la manifestazione che come ogni anno

Pitti immagine uomo n. 69

Settembre luccheseIl Palio di SantbAntonio Abate si terrC  questbanno
Domenica 22 Gennaio.
Questo palio, diventato uno fra i piC9 importanti dbItalia, consiste in
una corsa di cavalli preceduta, in mattinata, da una sfilata in costume
di tutte le contrade del paese.

Palio di Sant'Antonio Abate

Raccolta delle informazioni e Registrazione ai servizi
Piramedia srl, in qualitC  di titolare del trattamento, Ti informa che i
dati personali che ci avrai fornito, volontariamente o automaticamente
attraverso i nostri portali, saranno trattati, con il tuo consenso allo
scopo di trasmetterti i servizi da te richiesti. In particolare ti
verranno inviate tramite posta elettronica o sms, informative o offerte a
carattere commerciale o pubblicitario, inerenti al Turismo. Ti verranno
inviate inoltre comunicazioni circa modifiche, miglioramenti, o
cambiamenti dei servizi da noi proposti. In coda ad ognuno di questi
messaggi sarC  sempre presente il modo perchC) tu possa rimuovere i tuoi
dati dal nostro archivio.
Piramedia srl, non raccoglierC  in nessun modo dati ritenuti sensibili e
si impegna a non utilizzare i tuoi dati, o cederli a terzi, per finalitC 
che siano diverse da quelle qui sopra elencate.
Formula di acquisizione del consenso dell'interessato.
Il/la sottoscritto/a, acquisite le informazioni fornite dal titolare del
trattamento ai sensi dell'articolo 13 del D.Lgs. 196/2003, l'interessato:
- presta il suo consenso al trattamento dei dati personali per i fini
indicati nella suddetta informativa.
- presta il suo consenso per la comunicazione dei dati personali per le
finalitC  ed ai soggetti indicati nell'informativa.
- presta il suo consenso per la diffusione dei dati personali per le
finalitC  e nell'ambito indicato nell'informativa.

DISDETTA
Se non vuoi piC9 ricevere l'edizione gratuita di "BorghiToscani.com"
clicca su questo link: disdetta

Vecoli

Cottage Vecoli

Tenuta il Cicalino

Tenuta il Cicalino

Centro Velico Naregno

Centro Velico Naregno

Tirrenia Ferries

Tirrenia
Ferries

Hotel Le Acacie

Hotel Le Acacie

Hotel Tornese

Hotel
Tornese

MaranathC 

Youth Residence

PLP guest house

Rooms with a view

Althea rooms

Park Hotel

Argentario Camping

Il Gabbiano

Le Cannelle

Argentario Osa

Talamone Camping

Hotel Telamonio

Hotel Capo Duomo

Pian dei Pini

La Valentina

Cavalleggeri

Hotel L'Etrusco

Le Colombe

Borgo Dolciano

Locanda dei Guelfi

Villino Il Magnifico

Villa Elea

Fontecastello

Hotel Massimo

Hotel Alex

A casa di Dante

B&B Gilda

Podere Giarlinga

Fonte del Cieco

Ninna Nanna

Campo di Carlo

Hotel La Pergola

Podere Saliciaia

Hotel Galli

Villa Conti

Albergo La Scogliera

Valle Santa Maria

Hotel Fontalleccio

Hotel Il Ponte

Casa del Golfo

Il Viottolo

Hotel Riva del Sole

Hotel Montecristo

Villa Cristina

1999 - 2005 - Copyright and Project by Piramedia srl - Tutti I Diritti
Riservati -Privacy

[IMAGE]

Re: Updrading to stable branch --->> rebuilding ports?

[Ramiro Aceves]

steven mestdagh wrote:

> 
> no. keeping stuff in sync is much more of an issue when running -current.
> 
> 
>>Or perhaps,  can I "asume" that the STABLE patch branch does
>>not modify the base system enough to break the ports?
> 
> 
> yes.

I understand now...

> 
> 
>>This is a very
>>time consuming task as my computer has got a slow Internet connection
>>(5kB/s) and a not too fast processor (1200 MHz). A friend of mine
>>downloaded for me all 3.8 packages from OpenBSD servers and perhaps I
>>have to discard them from now.  :-(
> 
> 
> the stable ports branch mostly adds security fixes. for some
> architectures the updated packages are on the ftp servers, for others
> you need to build them yourself.

> 
> you don't need to rebuild all your packages.
> maybe just a few which have had security fixes... if your friend did not
> already download the updated packages.
> 

Thanks Steven.

I understand the picture better now. Then, I can still use 3.8 release
packages. I will build or download only those security fixed packages. I
think I will track OPENBSD _stable_ until the next release. -current
seems to be too much for me as an OpenBSD beginer.. ;-) On the next
release I will do a binary upgrade.

Oh yes, I have just found the "errata" page in with one can download the
security patches for source code to apply by hand and only recompile the
needed sources, not everything. It is faster than rebuild everything!
Updating via AnonCVS was a very slow task trough my Internet dialup ppp
connection.

Anyway, thank you very much for clarifing my doubts.

Ramiro.
Happy New Year for you all.

Re: MegaRaid i4

[Marco Peereboom]

I was talking about the cache on the disks, not on the controller.  The issues
you experienced were due to the OpenBSD driver not marking the i4 as broken.
The workaround code is now in tree implying that only 1 IO can be outstanding
and bioctl will no longer function.  So update to the latest -stable or
-current and besides some slower performance the system should be stable and
useful.

I tried to fix this before but I haven't been able to determine what causes
these issues.  I will give this another go at some point.

On Sat, Jan 07, 2006 at 10:35:25AM +0100, Pailloncy Jean-Gerard wrote:
> >Yes, ide vs scsi benchmarks are usually skewed due to caching.   
> >SCSI disables
> >drive cache by default whereas IDE enables it by default.
> Yes, I disable caching. So I get (really) bad performance.
> 
> I see the other thread about some broken MegaRaid i4.
> 
> What I can say is taht with 3.8-release, I have no problem to use  
> bioctl.
> # bioctl -i ami0
> Volume  Status Size   Device
> ami0 0 Online   249998344192 sd0 RAID1
>   0 Online   249998344192 0:0.0   noencl  4A250J0  RAMB>
>   1 Online   249998344192 2:1.0   noencl  4A250J0  RAMB>
> ami0 1 Online   249998344192 sd1 RAID1
>   0 Online   249998344192 3:0.0   noencl  4A250J0  RAMB>
>   1 Online   249998344192 1:1.0   noencl  4A250J0  RAMB>
> ami0 2 Degraded 46688384 sd2 RAID5
>   0 Online   249998344192 3:1.0   noencl  4A250J0  RAMB>
>   1 Rebuild  249998344192 1:0.0   noencl  4A250J0  RAMB>
>   2 Online   249998344192 2:0.0   noencl  4A250J0  RAMB>
> ami0 3 Hot spare249998344192 0:1.0   noencl  4A250J0  RAMB>
> 
> I broke the RAID-5 and it starts rebuilding.
> I can setup new Hot-Spare.
> 
> 
> But nothing was perfect, I had two crashes. I do not have ps and  
> trace because I was using "ddb.panic=0" to reboot the prod server  
> automatically. The crash happens when I was on console, I disable  
> "ddb.panic=1", but "luckily" I get no other crash. And I can not do  
> postmortem analysis because /var is to small to keep coredump in /var/ 
> crash. I did not have test current. I do not want to stop this server  
> too long.
> 
> So, here is the partial crash report (the dmesg is in one of my other  
> mails in this thread). I hope it will be partially useful ;-)
> 
> fsync failed: type VDIR, usecount 0, writecount 0, holdcount 1, flags  
> (VBIOONFREELIST|VBIOONSYNCLIST)
> tag VT_UFS, ino 6987542, on dev 0, 9 flags 0x0, effnlink 2,  
> nlink 2
> mode 040755, owner 1000, group 1000, size 512 not locked
> mounted on: /mnt
> panic: sched_sync: fsync failed
> Starting stack trace...
> panic(d057fa84,d7c73960,ea077f5c,d7c73960,d7c73960) at panic+0x71
> panic(d04f9970,d1b8b29c,d7d078f8,d17b4620,4) at panic+0x71
> sched_sync(d7d078f8) at sched_sync+0x17a
> Bad frame pointer: 0xd06f1ed8
> End of stack trace.
> syncing disks... 250 250 248 244 230 212 199 181 164 150 135 124 112  
> 108 102 89 69 45 23 1 giving up
> rebooting...
> 
> fsync failed: type VDIR, usecount 0, writecount 0, holdcount 1, flags  
> (VBIOONFREELIST|VBIOONSYNCLIST)
> tag VT_UFS, ino 7011086, on dev 0, 9 flags 0x0, effnlink 2,  
> nlink 2
> mode 040755, owner 1000, group 1000, size 512 not locked
> mounted on: /mnt
> panic: sched_sync: fsync failed
> Starting stack trace...
> panic(d057fa84,d7c53e60,ea077f5c,d7c53e60,d7c53e60) at panic+0x71
> panic(d04f9970,d18eda9c,d7d078f8,d17b467c,4) at panic+0x71
> sched_sync(d7d078f8) at sched_sync+0x17a
> Bad frame pointer: 0xd06f1ed8
> End of stack trace.
> syncing disks... 320 320 318 318 318 318 318 318 314 311 303 293 285  
> 280 269 254 240 233 230 221 giving up
> sd2: WARNING: cache synchronization failed
> rebooting...
> 
> Cordialement,
> Jean-Girard Pailloncy

Re: OpenBGPd filters

[Claudio Jeker]

On Sat, Jan 07, 2006 at 11:06:11AM +0100, Sylvain Coutant wrote:
> Hello Claudio,
> 
> > I just tried a filter like this:
> > match from any AS 29166 set nexthop blackhole
> >
> > and that did work:
> 
> 
> Yes. I have run more tests since my previous post, and filter apply the
> blackhole tag to the route. But packet were still forwarded.
> 

Is the blackhole tag set on the kernel route (route get )?
If the flag is set on the route it is more a kernel issue.

> After having stopped the session and restarted it, they were then dropped.
> 
> BTW, all tags (localpref, etc.) manipulations require to clear the session
> and even to restart bgpd itself. Could this be included in the doc so one
> wouldn't have to search for hours on some settings change ?

Yes after a reload only newly added prefixes getting set correctly. You
need to clear a session to update all prefixes. This can be done with
bgpctl nei  clear

-- 
:wq Claudio

Re: OpenBGP Communities

[Claudio Jeker]

On Sat, Jan 07, 2006 at 10:58:05AM +0100, Sylvain Coutant wrote:
> Hi again,
> 
> How can one see community tags associated to a route ?
> 

I have a diff to show communities in bgpctl output but I don't like it.
Need to redo some parts of it before it can be commited.
The next release will have this feature.

-- 
:wq Claudio

Re: OpenBGPd filters

[Claudio Jeker]

On Sat, Jan 07, 2006 at 12:20:59PM +0100, Xavier Beaudouin wrote:
> Hello Sylvain,
> 
> >>I just tried a filter like this:
> >>match from any AS 29166 set nexthop blackhole
> >>
> >>and that did work:
> >
> >
> >
> >Yes. I have run more tests since my previous post, and filter apply the
> >blackhole tag to the route. But packet were still forwarded.
> >
> >After having stopped the session and restarted it, they were then dropped.
> >
> >BTW, all tags (localpref, etc.) manipulations require to clear the session
> >and even to restart bgpd itself. Could this be included in the doc so one
> >wouldn't have to search for hours on some settings change ?
> 
> Yes they need the session up/down to be applyed
> 
> I think the version in -current nows handle that with a simple reload.
> 

Only output (to) filters are updated on reload. I'm working on the input
(from) filter but this is more complex. The RIB needs some major rework
because both the Adj-RIB-In and the Local-RIB need to be stored and doing
it like zebra/quagga or cisco is far from optimal.

-- 
:wq Claudio

Re: OpenBGPd filters

[Xavier Beaudouin]

Hello Sylvain,


I just tried a filter like this:
match from any AS 29166 set nexthop blackhole

and that did work:




Yes. I have run more tests since my previous post, and filter apply the
blackhole tag to the route. But packet were still forwarded.

After having stopped the session and restarted it, they were then dropped.

BTW, all tags (localpref, etc.) manipulations require to clear the session
and even to restart bgpd itself. Could this be included in the doc so one
wouldn't have to search for hours on some settings change ?


Yes they need the session up/down to be applyed

I think the version in -current nows handle that with a simple reload.

/Xavier



Thanks for your reply.

--
Sylvain COUTANT

ADVISEO
http://www.adviseo.fr/
http://www.open-sp.fr/

Re: OpenBGP & IPv6

[unixgeek]

Try:

announce IPv4 unicast
announce IPv6 unicast
Glenn


> I was just about to create a new thread when I read :
>
>>  I have not seen it discussed much on the list, but OpenBGP works *very*
>> well and is easy to setup using Hurricane Electrics free (ipv6-in-ipv4)
>
> I try to setup a BGP peering with upstream and I have (v3.8) :
>
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change
> Idle -> Connect, reason: Start
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change
> Connect -> OpenSent, reason: Connection opened
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change
> OpenSent -> OpenConfirm, reason: OPEN message received
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): received
> notification: error in OPEN message, unsupported capabil
> ity
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6):
> parse_notification: capa_len 16 exceedsremaining msg length
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change
> OpenConfirm -> Idle, reason: NOTIFICATION received
>
>
> Upstream told me about capability : "We do 'inet6.unicast' only". Upstream
> router is a Juniper.
>
> Relevant configuration is :
>
> network 2001:1b58::/32
>
> group "Upstream" {
> set localpref   xxx
> announceself
>
> neighbor x.x.x.x {
> remote-as   x
> descr   x-v4
> }
>
> neighbor 2001:x:0021 {
> remote-as   x
> descr   x-v6
> }
> }
>
>
> Any idea what I've done wrong again ?
>
>
> BR,
>
> --
> Sylvain COUTANT
>
> ADVISEO
> http://www.adviseo.fr/
> http://www.open-sp.fr/

Re: Updrading to stable branch --->> rebuilding ports?

[steven mestdagh]

On Sat, Jan 07, 2006 at 10:12:10AM +0100, Ramiro Aceves wrote:
> Hello dear OpenBSD friends.
> 
> I have just upgraded my 3.8 release CD install trough CVS to the stable
> branch (OPENBSD_3_8)( src, ports and XF4). I have rebuilt my kernel, the
> userland and X Window. Everything runs fine and smoothly as expected. I
> also removed the installed packages and I am reinstalling them again
> trough ports.
> 
> A question arises now to me: as I have read on the FAQ, everything must
> be kept "in sync". Is it mandatory to remove the packages and reinstall
> them again from ports when I upgrade the base system to the STABLE
> branch?.

no. keeping stuff in sync is much more of an issue when running -current.

> Or perhaps,  can I "asume" that the STABLE patch branch does
> not modify the base system enough to break the ports?

yes.

> This is a very
> time consuming task as my computer has got a slow Internet connection
> (5kB/s) and a not too fast processor (1200 MHz). A friend of mine
> downloaded for me all 3.8 packages from OpenBSD servers and perhaps I
> have to discard them from now.  :-(

the stable ports branch mostly adds security fixes. for some
architectures the updated packages are on the ftp servers, for others
you need to build them yourself.

you don't need to rebuild all your packages.
maybe just a few which have had security fixes... if your friend did not
already download the updated packages.

-- 
steven

Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm

Re: NIS Problems

[Otto Moerbeek]

On Sat, 7 Jan 2006, Lachlan Gunn wrote:

> Hi,
> I'm setting up NIS for my home network using OpenBSD on the
> server-side.  However, when I try to make changes (ie. to the
> passwords) on the client side (Gentoo Linux) it responds with an error
> (without any information on what that error is).  Upon attempting to
> do the same operation on the OpenBSD box, it responds with an error
> telling me "Couldn't change YP password information.".
> 
> Am I understanding correctly that I am supposed to be using chsh -y?
> chsh without the -y only changes the local data without modifying the
> NIS-stored data.

Check rc.conf, yppasswd is disabled by default.

-Otto

NIS Problems

[Lachlan Gunn]

Hi,
I'm setting up NIS for my home network using OpenBSD on the
server-side.  However, when I try to make changes (ie. to the
passwords) on the client side (Gentoo Linux) it responds with an error
(without any information on what that error is).  Upon attempting to
do the same operation on the OpenBSD box, it responds with an error
telling me "Couldn't change YP password information.".

Am I understanding correctly that I am supposed to be using chsh -y?
chsh without the -y only changes the local data without modifying the
NIS-stored data.
--
Thanks,
Lachlan

Updrading to stable branch --->> rebuilding ports?

[Ramiro Aceves]

Hello dear OpenBSD friends.

I have just upgraded my 3.8 release CD install trough CVS to the stable
branch (OPENBSD_3_8)( src, ports and XF4). I have rebuilt my kernel, the
userland and X Window. Everything runs fine and smoothly as expected. I
also removed the installed packages and I am reinstalling them again
trough ports.

A question arises now to me: as I have read on the FAQ, everything must
be kept "in sync". Is it mandatory to remove the packages and reinstall
them again from ports when I upgrade the base system to the STABLE
branch?. Or perhaps,  can I "asume" that the STABLE patch branch does
not modify the base system enough to break the ports? This is a very
time consuming task as my computer has got a slow Internet connection
(5kB/s) and a not too fast processor (1200 MHz). A friend of mine
downloaded for me all 3.8 packages from OpenBSD servers and perhaps I
have to discard them from now.  :-(

Thank you very much in advance for your help and for this amazing OS.

Ramiro.

Re: OpenBGPd filters

[Sylvain Coutant]

Hello Claudio,

> I just tried a filter like this:
> match from any AS 29166 set nexthop blackhole
>
> and that did work:


Yes. I have run more tests since my previous post, and filter apply the
blackhole tag to the route. But packet were still forwarded.

After having stopped the session and restarted it, they were then dropped.

BTW, all tags (localpref, etc.) manipulations require to clear the session
and even to restart bgpd itself. Could this be included in the doc so one
wouldn't have to search for hours on some settings change ?

Thanks for your reply.

--
Sylvain COUTANT

ADVISEO
http://www.adviseo.fr/
http://www.open-sp.fr/

Re: OpenBGP & IPv6

[Sylvain Coutant]

I was just about to create a new thread when I read :

>  I have not seen it discussed much on the list, but OpenBGP works *very*
> well and is easy to setup using Hurricane Electrics free (ipv6-in-ipv4)

I try to setup a BGP peering with upstream and I have (v3.8) :

Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change Idle -> 
Connect, reason: Start
Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change Connect 
-> OpenSent, reason: Connection opened
Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change 
OpenSent -> OpenConfirm, reason: OPEN message received
Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): received 
notification: error in OPEN message, unsupported capabil
ity
Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): parse_notification: 
capa_len 16 exceedsremaining msg length
Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change 
OpenConfirm -> Idle, reason: NOTIFICATION received


Upstream told me about capability : "We do 'inet6.unicast' only". Upstream 
router is a Juniper.

Relevant configuration is :

network 2001:1b58::/32

group "Upstream" {
set localpref   xxx
announceself

neighbor x.x.x.x {
remote-as   x
descr   x-v4
}

neighbor 2001:x:0021 {
remote-as   x
descr   x-v6
}
}


Any idea what I've done wrong again ?


BR,

--
Sylvain COUTANT

ADVISEO
http://www.adviseo.fr/
http://www.open-sp.fr/

OpenBGP Communities

[Sylvain Coutant]

Hi again,

How can one see community tags associated to a route ?


BR,

--
Sylvain COUTANT

ADVISEO
http://www.adviseo.fr/
http://www.open-sp.fr/

Re: MegaRaid i4

[Pailloncy Jean-Gerard]

Yes, ide vs scsi benchmarks are usually skewed due to caching.   
SCSI disables

drive cache by default whereas IDE enables it by default.

Yes, I disable caching. So I get (really) bad performance.

I see the other thread about some broken MegaRaid i4.

What I can say is taht with 3.8-release, I have no problem to use  
bioctl.

# bioctl -i ami0
Volume  Status Size   Device
ami0 0 Online   249998344192 sd0 RAID1
  0 Online   249998344192 0:0.0   noencl 4A250J0  RAMB>
  1 Online   249998344192 2:1.0   noencl 4A250J0  RAMB>

ami0 1 Online   249998344192 sd1 RAID1
  0 Online   249998344192 3:0.0   noencl 4A250J0  RAMB>
  1 Online   249998344192 1:1.0   noencl 4A250J0  RAMB>

ami0 2 Degraded 46688384 sd2 RAID5
  0 Online   249998344192 3:1.0   noencl 4A250J0  RAMB>
  1 Rebuild  249998344192 1:0.0   noencl 4A250J0  RAMB>
  2 Online   249998344192 2:0.0   noencl 4A250J0  RAMB>
ami0 3 Hot spare249998344192 0:1.0   noencl 4A250J0  RAMB>


I broke the RAID-5 and it starts rebuilding.
I can setup new Hot-Spare.


But nothing was perfect, I had two crashes. I do not have ps and  
trace because I was using "ddb.panic=0" to reboot the prod server  
automatically. The crash happens when I was on console, I disable  
"ddb.panic=1", but "luckily" I get no other crash. And I can not do  
postmortem analysis because /var is to small to keep coredump in /var/ 
crash. I did not have test current. I do not want to stop this server  
too long.


So, here is the partial crash report (the dmesg is in one of my other  
mails in this thread). I hope it will be partially useful ;-)


fsync failed: type VDIR, usecount 0, writecount 0, holdcount 1, flags  
(VBIOONFREELIST|VBIOONSYNCLIST)
tag VT_UFS, ino 6987542, on dev 0, 9 flags 0x0, effnlink 2,  
nlink 2

mode 040755, owner 1000, group 1000, size 512 not locked
mounted on: /mnt
panic: sched_sync: fsync failed
Starting stack trace...
panic(d057fa84,d7c73960,ea077f5c,d7c73960,d7c73960) at panic+0x71
panic(d04f9970,d1b8b29c,d7d078f8,d17b4620,4) at panic+0x71
sched_sync(d7d078f8) at sched_sync+0x17a
Bad frame pointer: 0xd06f1ed8
End of stack trace.
syncing disks... 250 250 248 244 230 212 199 181 164 150 135 124 112  
108 102 89 69 45 23 1 giving up

rebooting...

fsync failed: type VDIR, usecount 0, writecount 0, holdcount 1, flags  
(VBIOONFREELIST|VBIOONSYNCLIST)
tag VT_UFS, ino 7011086, on dev 0, 9 flags 0x0, effnlink 2,  
nlink 2

mode 040755, owner 1000, group 1000, size 512 not locked
mounted on: /mnt
panic: sched_sync: fsync failed
Starting stack trace...
panic(d057fa84,d7c53e60,ea077f5c,d7c53e60,d7c53e60) at panic+0x71
panic(d04f9970,d18eda9c,d7d078f8,d17b467c,4) at panic+0x71
sched_sync(d7d078f8) at sched_sync+0x17a
Bad frame pointer: 0xd06f1ed8
End of stack trace.
syncing disks... 320 320 318 318 318 318 318 318 314 311 303 293 285  
280 269 254 240 233 230 221 giving up

sd2: WARNING: cache synchronization failed
rebooting...

Cordialement,
Jean-Girard Pailloncy