Re: openBGPd - 2/4byte AS prepend

2013-07-30 Thread OCEANET - Cédric BASSAGET 
Hello Claudio,

I'm using AS 65426.

This is the UPDATE message my bgpd sends to my neighbor :

Update Message (2), length: 54
   Origin (1), length: 1, Flags [T]: IGP
 0x:  00
   AS Path (2), length: 4, Flags [T]: 23456
 0x:  0201 5ba0
   Next Hop (3), length: 4, Flags [T]: 192.168.53.113
 0x:  c0a8 3571
   AS4 Path (17), length: 6, Flags [OT]: <4 bytes AS>
 0x:  0201 0003 039c
   Updated routes:
 46.226.x.x/21


Regards,
Cédric

Le 29/07/2013 23:37, Claudio Jeker a écrit :
> On Mon, Jul 29, 2013 at 09:33:55AM +0200, OCEANET - Cédric BASSAGET wrote:
>> Hello,
>>
>> I'm trying to replace two cisco routers by two openBGPd routers.
>> A have 3 neighbors, two with 4-bytes AS, and one which only supports
>> 2-bytes AS for now.
>> I have a 4-bytes AS too.
>>
>> So in my bgpd.conf, I have :
>>
>> ...
>> AS  
>> network z.z.z.z/21
>> ...
>> neighbor #a neighbor which supports 4 bytes AS
>> {
>>   remote-as 
>>   set prepend-self 1
>> }
>> ...
>> neighbor #a neighbor which supports 2 bytes
>> AS only
>> {
>>   remote-as 
>>   set prepend-self 2
>> }
>> ...
>>
>> My problem is that my second neighbor return this message :
>>
>> neighbor : received notification: error in UPDATE message, AS-Path
>> unacceptable
>>
>> I think bgpd is trying to prepend the neighbor which does not support
>> 4bytes AS with... a 4 bytes AS, due to the "set prepend-self 2".
>>
>> Now, time for the questions :
>> - Is it openBGPd's normal behavior ?
>> - Is there a way to force prepending with the 2 bytes AS ? I saw
>> "announce as-4byte (yes|no)" in manpage, is this option designed for that ?
>>
> OpenBGPD will prepend with AS_TRANS (23456) if the system has a 4-byte AS.
> This comes from the fact that internally all AS_PATHes are 4-byte and we
> "deflate" the AS_PATH for those session that can only handle the 2-byte
> ones. Doing that causes all 4-byte AS nummbers to be replaced with
> AS_TRANS.
>
> What 2-byte AS are you using for the old connection? By default AS_TRANS
> would be used and then enforce neighbor-as would not trigger.
>


-- 
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14

[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00

http://www.oceanet.com
http://www.oceanet-telecom.com

Re: nut-2.7.1

2013-07-30 Thread Stuart Henderson 
On 2013-07-29, lilit-aibolit  wrote:
> Using existing bestuferrups.8 manual page, since 'asciidoc' was not found.
> Using existing bestups.8 manual page, since 'asciidoc' was not found.
> Using existing bestfcom.8 manual page, since 'asciidoc' was not found.
> Using existing blazer.8 manual page, since 'asciidoc' was not found.
> make: don't know how to make blazer_ser.8 (prerequisite of: all-am)
> Stop in docs/man
> *** Error 1 in docs (Makefile:511 'all-recursive')
> *** Error 1 in /root/nut (Makefile:499 'all-recursive')

I suspect that installing asciidoc might get you further here.

Re: openBGPd - 2/4byte AS prepend

2013-07-30 Thread OCEANET - Cédric BASSAGET 
So is my problem a configuration issue, a problem in openbgpd or just 
something that is undoable ?
Regards,
Cédric

Le 30/07/2013 09:01, OCEANET - Cédric BASSAGET a écrit :
> Hello Claudio,
>
> I'm using AS 65426.
>
> This is the UPDATE message my bgpd sends to my neighbor :
>
> Update Message (2), length: 54
>   Origin (1), length: 1, Flags [T]: IGP
> 0x:  00
>   AS Path (2), length: 4, Flags [T]: 23456
> 0x:  0201 5ba0
>   Next Hop (3), length: 4, Flags [T]: 192.168.53.113
> 0x:  c0a8 3571
>   AS4 Path (17), length: 6, Flags [OT]: <4 bytes AS>
> 0x:  0201 0003 039c
>   Updated routes:
> 46.226.x.x/21
>
>
> Regards,
> Cédric
>
> Le 29/07/2013 23:37, Claudio Jeker a écrit :
>> On Mon, Jul 29, 2013 at 09:33:55AM +0200, OCEANET - Cédric BASSAGET wrote:
>>> Hello,
>>>
>>> I'm trying to replace two cisco routers by two openBGPd routers.
>>> A have 3 neighbors, two with 4-bytes AS, and one which only supports
>>> 2-bytes AS for now.
>>> I have a 4-bytes AS too.
>>>
>>> So in my bgpd.conf, I have :
>>>
>>> ...
>>> AS  
>>> network z.z.z.z/21
>>> ...
>>> neighbor #a neighbor which supports 4 bytes AS
>>> {
>>>   remote-as 
>>>   set prepend-self 1
>>> }
>>> ...
>>> neighbor #a neighbor which supports 2 bytes
>>> AS only
>>> {
>>>   remote-as 
>>>   set prepend-self 2
>>> }
>>> ...
>>>
>>> My problem is that my second neighbor return this message :
>>>
>>> neighbor : received notification: error in UPDATE message, AS-Path
>>> unacceptable
>>>
>>> I think bgpd is trying to prepend the neighbor which does not support
>>> 4bytes AS with... a 4 bytes AS, due to the "set prepend-self 2".
>>>
>>> Now, time for the questions :
>>> - Is it openBGPd's normal behavior ?
>>> - Is there a way to force prepending with the 2 bytes AS ? I saw
>>> "announce as-4byte (yes|no)" in manpage, is this option designed for that ?
>>>
>> OpenBGPD will prepend with AS_TRANS (23456) if the system has a 4-byte AS.
>> This comes from the fact that internally all AS_PATHes are 4-byte and we
>> "deflate" the AS_PATH for those session that can only handle the 2-byte
>> ones. Doing that causes all 4-byte AS nummbers to be replaced with
>> AS_TRANS.
>>
>> What 2-byte AS are you using for the old connection? By default AS_TRANS
>> would be used and then enforce neighbor-as would not trigger.
>>
>
>
> -- 
> OCEANET
> ---
> [AGENCE DU MANS]
> 7, rue des Frênes
> ZAC de la Pointe
> 72190 SARGE LES LE MANS
> [t] +33 (0)2.43.50.26.50
> [f] +33 (0)2.43.72.21.14
>
> [AGENCE D'ANGERS]
> 5, rue Fleming
> Angers Technopole
> 49066 ANGERS
> [t] +33 (0)2.41.19.28.65
> [f] +33 (0)2.52.19.22.00
>
> http://www.oceanet.com
> http://www.oceanet-telecom.com
>


-- 
OCEANET
---
[AGENCE DU MANS]
7, rue des Frênes
ZAC de la Pointe
72190 SARGE LES LE MANS
[t] +33 (0)2.43.50.26.50
[f] +33 (0)2.43.72.21.14

[AGENCE D'ANGERS]
5, rue Fleming
Angers Technopole
49066 ANGERS
[t] +33 (0)2.41.19.28.65
[f] +33 (0)2.52.19.22.00

http://www.oceanet.com
http://www.oceanet-telecom.com

Re: Default software in the base

2013-07-30 Thread Zoran Kolic 
For clang just see freebsd lists. I will not say more, since those
posts speak for themself. Anyway, it is the future, for sure.
Regarding st, I use suckless browser named surf from time to time,
but I found both luakit and conkeror better suiting me. That post to
mean that people like different things and it is not easy to find
just one app everybody fancies. I tried st and let it go.
My point is: default is small enough to enable user to install what
he/she wants. It is pure luck fvwm is my favorite manager. But I
put vi before mg and...
Best regards

 Zoran

Re: Default software in the base

2013-07-30 Thread hub 
 Thanks for your answer, Zoran. Apparently it's true that everyone will want 
their own set
of prefered applications, especially when it comes to something like a web 
browser. And as
for me, I didn't like neither surf, nor luakit, nor conkeror as well. But after 
all, I think
it's been pointed right by Chris Cappuccio - it doesn't matter what your 
opinion about any
of the mentioned terminal emulator is as Xenocara bundle leans to be classic X 
tree hence
the its default XTerm. Now this sounds fine for me.

As for the distressful Clang thing... well, now that read about OpenBSD's PCC 
proposions,
I actually stopped caring about it. PCC looks much better than the Apple+Google 
co-owned Clang
stuff. And they are both far away from being relied on the whole set of 
arhitectures. Sorry
for the re-telling part, I just want to ensure that I got it right. The last 
thing I want to
ask - couldn't you actually provide an example link on freebsd lists clang 
discussion that
you found untolerable/suspicious?

Regards, Hans.

Re: Kerberos disabled in SSH now?

2013-07-30 Thread Stephen Jahl 
> Kerberos is disabled per default in SSH now?
>
> Any plans to enable it again?

I would also like to know about this (was a nasty surprise when I couldn't log 
into work after a snapshot upgrade!).

Are there also plans to remove this from openssh-portable, or is this just 
limited to OpenBSD's ssh?

-Steve

Re: Default software in the base

2013-07-30 Thread Alexandre Ratchov 
On Mon, Jul 29, 2013 at 10:48:11PM +0400, h...@riseup.net wrote:
> 
> I realize that everything has its pros and cons (like URXVT is
> GPL-licensed, st is pretty much hackish for an ordinary user and Clang
> is not, well, "mature" yet). But ain't pros of the programs above not
> enough to actually make it in the base?
> (replacing XTerm and GCC)
> 

there seem to be many pros, but nobody did the work yet (hint ;)

-- Alexandre

Re: Default software in the base

2013-07-30 Thread Martin Schröder 
2013/7/30  :
> than the Apple+Google co-owned Clang stuff.

Source for that claim? All I can find is
> Copyright (c) 2007-2013 University of Illinois at Urbana-Champaign.
http://llvm.org/viewvc/llvm-project/cfe/trunk/LICENSE.TXT?revision=171342&view=markup

Best
   Martin

Re: Default software in the base

2013-07-30 Thread STeve Andre' 

On 07/30/13 18:15, Alexandre Ratchov wrote:

On Mon, Jul 29, 2013 at 10:48:11PM +0400, h...@riseup.net wrote:

I realize that everything has its pros and cons (like URXVT is
GPL-licensed, st is pretty much hackish for an ordinary user and Clang
is not, well, "mature" yet). But ain't pros of the programs above not
enough to actually make it in the base?
(replacing XTerm and GCC)


there seem to be many pros, but nobody did the work yet (hint ;)

-- Alexandre



Hub,

If the software is GPL'd, it won't go into base, period.

However, making this stuff available as a port seems a reasonable
thing to do.  The more ports the better.  I can't speak to things
like urxvt so I don't know how much of a pain they'd be to incorporate
into OpenBSD but making them available is reasonable from a
user point of view.

--STeve Andre'

"route get" syntax fror ipv6 ?

2013-07-30 Thread Илья Шипицин 
Hello!

# ping6 www.ripe.net
PING6(56=40+8+8 bytes) 2001:1bb0:e000:d::2 --> 2001:67c:2e8:22::c100:68b
^C
--- www.ripe.net ping6 statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss

# route get 2001:67c:2e8:22::c100:68b
route: 2001:67c:2e8:22::c100:68b: bad address
#



is there "route get" equivalent for ipv6 ?

Cheers,
Ilya Shipitsin

Re: "route get" syntax fror ipv6 ?

2013-07-30 Thread Theo de Raadt 
> # route get 2001:67c:2e8:22::c100:68b
> route: 2001:67c:2e8:22::c100:68b: bad address
> #
> 
> 
> 
> is there "route get" equivalent for ipv6 ?

route get -inet6 2001:67c:2e8:22::c100:68b

(as documented in the manual page)

Re: "route get" syntax fror ipv6 ?

2013-07-30 Thread Loïc BLOT 
Hello,

I think it's route get -inet6 

Like when you do route add -inet6 default 
--
Best regards,
Loïc BLOT,
UNIX systems, security and network expert
http://www.unix-experience.fr


Le mercredi 31 juillet 2013 à 10:19 +0600, Илья Шипицин a écrit
:
> Hello!
>
> # ping6 www.ripe.net
> PING6(56=40+8+8 bytes) 2001:1bb0:e000:d::2 --> 2001:67c:2e8:22::c100:68b
> ^C
> --- www.ripe.net ping6 statistics ---
> 2 packets transmitted, 0 packets received, 100.0% packet loss
>
> # route get 2001:67c:2e8:22::c100:68b
> route: 2001:67c:2e8:22::c100:68b: bad address
> #
>
>
>
> is there "route get" equivalent for ipv6 ?
>
> Cheers,
> Ilya Shipitsin

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]

Centrino wifi donation for someone

2013-07-30 Thread Sha'ul ben Avraham Yitzhak 
I have a Intel Centrino Advanced-N 6205 Wifi adapter card I can give to
anyone that wants it. If someone emails me their address I will pay
to mail it to them as a free donation.

The card works, my BIOS is giving me problems so that card only works
under Windows, BSD and Linux says there is no wireless hardware
installed.