Re: Dropping UDP Packets
On 2014/07/20 22:15, Darryl Wisneski wrote: How is fragmentation being handled? In OpenVPN or relying on the kernel to do it? Or are you using small mtu anyway to avoid frags? We are not tuning for fragmentation, nor are we setting mtu on the endpoint. Doing that might be worth a try. i.e. try to avoid sending UDP packets that require extra kernel work (i.e. fragmentation) seeing as openvpn can handle that itself. Counters match3349507 23.3/s [snip] everything else 0.0/s I was really after absolute numbers from the counters if any are non-zero, not rate. We have toggled net.inet.udp.sendspace and net.inet.udp.recvspace between 131028 and 262144 with no improvements. Anything higher and we get a hosed system... Breaking for 256K is expected. net.inet.ip.ifq.maxlen=1536 Monitor net.inet.ip.ifq.drops, is there an increase? No increases in net.inet.ip.ifq.drops through time. This is already a fairly large buffer though (especially as I think you mentioned 100Mb). How did you choose 1536? google and trial and error. Is that 1536 is the lowest value that avoid an increase in ifq.drops or something else? kern.bufcachepercent=90 # kernel buffer cache memory percentage This won't help OpenVPN. Is this box also doing other things? This box is running IPSEC It's got four openvpn tunnels terminated on it. We are running collectd, symon, dhcpd. The load lives between 2 - 4. Presumably a lot of disk i/o from rrd writes then. Hmm.. Pity symon doesn't do rrdcache yet. Are you at least using rrdcache for collectd?
Re: l2tp / ipsec issue
I’d made cable modem act as bridge and let OpenBSD handle public IP/firewall
(guessing it is DHCP).
In this setup you’d eliminate this extra device with forwarding ports and
simplified debugging.
//mxb
On 21 jul 2014, at 02:35, Gordon Turner tur...@ftn.net wrote:
Hey List,
I am trying to use OpenBSD 5.5 as an VPN end point for iOS 7.0 and OSX 10.9
native VPN clients, using L2TP / IPsec.
At the moment I am running the VPN end point on an internal server and
forwarding appropriate ports from the router:
- UDP 500 - Internet Key Exchange (IKE)
- UDP 1701 - L2TP traffic
- UDP 4500 - IPSec Network Address Translation (NAT-T)
(Long term plan is to replace the router with an OpenBSD box and terminate
the VPN there.)
It would seem that I am close, but can't over come this last issue.
When I attempt to connect from an iOS device, in /var/log/messages I see this
error message repeated several times:
--
Jul 20 17:51:52 access isakmpd[2979]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 25.1.65.61, responder id
XXX.XXX.XXX.XXX
Jul 20 17:51:52 access isakmpd[2979]: dropped message from YYY.YYY.YYY.YYY
port 16659 due to notification type INVALID_ID_INFORMATION
--
Where XXX.XXX.XXX.XXX is the public ip address (in my case the cable modem's
external ip) and YYY.YYY.YYY.YYY is the iOS device attempting to establish
the vpn connection.
(The 25.1.65.61 address I don't recognize and appears to be UK Ministry of
Defence, so ah, wat? Assuming this is some weird misconfiguration...)
The network topo looks like:
Internet - Cable Modem (XXX.XXX.XXX.XXX public ip) - Router Firewall
(forwarding ports) - OpenBSD
Any suggestions, even You can't do that, would be appreciated.
Gord.
Details:
Internal network is 192.168.2.x
/etc/rc.conf.local
--
isakmpd_flags=-K
ipsec=YES
--
/etc/npppd/npppd.conf
--
authentication LOCAL type local {
users-file /etc/npppd/npppd-users
}
tunnel L2TP_ipv4 protocol l2tp {
listen on 0.0.0.0
}
ipcp IPCP {
pool-address 192.168.2.150-192.168.2.199
dns-servers 8.8.8.8
}
interface pppx0 address 192.168.2.1 ipcp IPCP
bind tunnel from L2TP_ipv4 authenticated by LOCAL to pppx0
--
/etc/npppd/npppd-users
--
juser:\
:password=SEEKRIT:\
:framed-ip-address=192.168.2.150:
--
/etc/ipsec.conf
--
public_ip = 192.168.2.232
ike passive esp transport \
proto udp from $public_ip to any port 1701 \
main auth hmac-sha1 enc aes group modp1024 \
quick auth hmac-sha1 enc aes \
psk SEEKRIT
--
/etc/pf.conf
--
pass quick proto { esp, ah } from any to any
pass in quick on egress proto udp from any to any port {500, 4500, 1701} keep
state
pass on enc0 from any to any keep state (if-bound)
--
/etc/sysctl.conf
--
net.inet.ip.forwarding=1
net.pipex.enable=1
--
--
$ dmesg
OpenBSD 5.5 (GENERIC) #271: Wed Mar 5 09:31:16 MST 2014
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 520081408 (495MB)
avail mem = 497725440 (474MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xfd9c0 (10 entries)
bios0: vendor Bochs version Bochs date 01/01/2007
bios0: Bochs Bochs
acpi0 at bios0: rev 0
acpi0: sleep states S3 S4 S5
acpi0: tables DSDT FACP SSDT APIC HPET
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
acpihpet0 at acpi0: 1 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
mpbios at bios0 not configured
cpu0 at mainbus0: (uniprocessor)
cpu0: QEMU Virtual CPU version 1.0, 3210.36 MHz
cpu0:
FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,VMX,CX16,POPCNT,NXE,LONG,LAHF
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel 82441FX rev 0x02
pcib0 at pci0 dev 1 function 0 Intel 82371SB ISA rev 0x00
pciide0 at pci0 dev 1 function 1 Intel 82371SB IDE rev 0x00: DMA, channel 0
wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: QEMU, QEMU DVD-ROM, 1.0 ATAPI 5/cdrom
removable
cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
uhci0 at pci0 dev 1 function 2 Intel 82371SB USB rev 0x01: irq 11
piixpm0 at pci0 dev 1 function 3 Intel 82371AB Power rev 0x03: irq 10
iic0 at piixpm0
iic0: addr 0x4c 48=00 words 00= 01= 02= 03= 04= 05=
06= 07=
iic0: addr 0x4e 48=00 words 00= 01= 02= 03= 04= 05=
Re: l2tp / ipsec issue
On 2014-07-21 01:36, chenghan tv wrote: the public_ip in your ipsec.conf should be the external ip of your router, not the openbsd box. Thanks, After making this change, I no long see errors in /var/log/messages, but the device times out trying to connect. I will check other logs to see if there are other issues. http://undeadly.org/cgi?action=articlesid=20120427125048 This was my starting point, but the npppd configuration file has changed since this article. Gord.
Re: zzz, /dev/wsmouse
On 20/07/14(Sun) 17:34, Mike Burns wrote: On 2014-07-19 16.43.30 +0200, Martin Pieuchot wrote: On 13/07/14(Sun) 18:22, Mike Burns wrote: Thinkpad X1 Carbon with a touchscreen, running 5.5-stable. When I resume from suspend my Xorg.0.log is flooded with: (EE) ws: /dev/wsmouse1: read error Input/output error In my dmesg: wsmouse1: can't attach mux (error=5) I did a lot of work after 5.5 to prevent races like this one. Could you try a snapshot and tell me if you still see this error during suspend- resume? This race is indeed fixed in the snapshot from 18 July. Thanks! In this snapshot, the touchscreen no longer works at all. The only mention of wsmouse in dmesg is now: wsmouse0 at pms0 mux 0 That is, no mention of wsmouse1. That's why you don't see the error message: no device, no error (8 More seriously, can you plug external USB devices to your laptop and see if they are correctly recognized? Do they attach to uhub2 or uhub3? After resume, my normal mouse no longer works. Even if you restart X? Does it work after suspend/resume under wsmoused(8)? Could you also check if you have a disable legacy option in your BIOS that would make your keyboard and mouse appear as USB devices once toggled. Could you try that if it exists? Suspend/resume is much more erratic now, too: sometimes zzz(1) will immediately suspend and then pressing the power button will cause it to immediately resume - this is typically what happens the first time I suspend after booting. Other times it will blank the screen and spin the fans loudly instead of suspending. Once it seemed to suspend just fine, but instead of resuming it just spun the fans loudly. Just now the system suspended then immediately resumed by itself - interestingly, the mouse works fine when that happens. If the systems immediately resumes by itself that means something failed in the suspend path. Could you try the diff below and tell me if you get more information? Here's an Xorg.0.log from a successful suspend: [...] [ 124.548] (II) AIGLX: Suspending AIGLX clients for VT switch [ 131.466] (II) AIGLX: Resuming AIGLX clients after VT switch [ 131.466] (II) intel(0): switch to mode 1600x900@60.0 on LVDS1 using pipe 0, position (0, 0), rotation normal, reflection none [ 131.479] (II) intel(0): EDID vendor LGD, prod id 898 [ 131.479] (II) intel(0): Printing DDC gathered Modelines: [ 131.479] (II) intel(0): Modeline 1600x900x0.0 108.00 1600 1648 1680 1924 900 903 908 936 -hsync -vsync (56.1 kHz eP) [ 131.601] (EE) xf86OpenSerial: Cannot open device /dev/wsmouse Device busy. [ 131.601] (EE) ws: /dev/wsmouse: cannot open input device [ 131.601] (EE) ws: /dev/wsmouse: wsOpen failed Device busy [ 131.601] [dix] couldn't enable device 7 This might be the reason with you can't use your mouse after resume. Here's a dmesg from a successful suspend/resume: OpenBSD 5.6-beta (GENERIC.MP) #288: Fri Jul 18 19:04:06 MDT 2014 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP How many suspend resumes did you do? [...] uhub2 at uhub0 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 ugen0 at uhub2 port 3 Auth Biometric Coprocessor rev 1.10/0.01 addr 3 ugen1 at uhub2 port 4 Broadcom Corp BCM20702A0 rev 2.00/1.12 addr 4 uvideo0 at uhub2 port 6 configuration 1 interface 0 SunplusIT INC. Integrated Camera rev 2.00/36.22 addr 5 video0 at uvideo0 uhub3 at uhub1 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets sd1 at scsibus3 targ 1 lun 0: OPENBSD, SR CRYPTO, 005 SCSI2 0/direct fixed sd1: 227906MB, 512 bytes/sector, 466751982 sectors root on sd1a (a1a57dffe6790454.a) swap on sd1b dump on sd1b - here I suspended ugen0 detached ugen1 detached video0 detached uvideo0 detached uhub2 detached uhub0 detached uhub3 detached uhub1 detached Here the resume starts from the USB point of view: uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 - here I resumed uhub2 at uhub0 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 ugen0 at uhub2 port 3 Auth Biometric Coprocessor rev 1.10/0.01 addr 3 ugen1 at uhub2 port 4 Broadcom Corp BCM20702A0 rev 2.00/1.12 addr 4 uvideo0 at uhub2 port 6 configuration 1 interface 0 SunplusIT INC. Integrated Camera rev 2.00/36.22 addr 5 video0 at uvideo0 uhub3 at uhub1 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 Here it looks like you suspended once again: ugen0 detached ugen1 detached video0 detached uvideo0 detached uhub2 detached uhub0 detached uhub3 detached uhub1 detached And resumed: uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 uhub2 at uhub0 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2 ugen0 at uhub2 port 3
faq/current.html: Lynx removed
Since lynx has been removed from base, should something like this be added to the Following -current page? --- faq/current.html.orig Mon Jul 21 20:00:14 2014 +++ faq/current.htmlMon Jul 21 20:18:02 2014 @@ -62,6 +62,7 @@ lia href=#201407102014/07/10 - ifconfig(8) ABI break/a lia href=#201407112014/07/11 - IPv6 autoconf changes/a lia href=#201407132014/07/13 - Addition of sendsyslog(2) system call/a +lia href=#201407162014/07/16 - lynx(1) moved to ports/a /ul @@ -628,6 +629,17 @@ p A kernel containing the system call is required perhaps even for getting single user; so use of upgrades is recommended. + +a name=20140716/a +h32014/07/16 - lynx(1) moved to ports/h3 +Lynx has been removed from the base system and has been moved to ports. +The following files and directories should be deleted: +pre + rm -f /usr/bin/lynx + rm -f /etc/lynx.cfg + rm -f /usr/share/man/man1/lynx.1 + rm -rf /usr/share/doc/html/lynx_help +/pre hr br
/etc/rc: no closing quote
Hi. After upgrade from iso file (21 july) local daemons from /etc/rc.conf.local not started. During boot process 1 odd messages has been seen : /etc/rc: no closing quote ( on i386 amd64). Alex OpenBSD 5.6-beta (GENERIC) #236: Mon Jul 21 02:35:53 MDT 2014 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Atom(TM) CPU N270 @ 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,LAHF,PERF real mem = 1600483328 (1526MB) avail mem = 1561890816 (1489MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 08/26/08, BIOS32 rev. 0 @ 0xfdc40, SMBIOS rev. 2.5 @ 0xdf010 (24 entries) bios0: vendor LENOVO version 14CN34WW date 08/26/2008 bios0: LENOVO Lenovo acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC HPET MCFG TCPA TMOR APIC BOOT ASF! SSDT SSDT SSDT acpi0: wakeup devices HDEF(S4) PXS1(S4) PXS2(S4) PXS3(S4) USB1(S4) USB2(S4) USB3(S4) USB4(S4) USB7(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 132MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpihpet0 at acpi0: 14318179 Hz acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 2 (RP01) acpiprt2 at acpi0: bus 3 (RP02) acpiprt3 at acpi0: bus 5 (RP03) acpiprt4 at acpi0: bus 6 (PCIB) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature is 95 degC acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT0 model LE30_S serial type LION oem Sanyo acpibtn2 at acpi0: LID_ acpivideo0 at acpi0: GFX0 bios0: ROM list: 0xc/0xec00! 0xcf000/0x1e00 0xdf000/0x800! 0xe/0x1800! cpu0: Enhanced SpeedStep 1597 MHz: speeds: 1600, 1333, 1067, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82945GME Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GME Video rev 0x03 intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: 1024x600 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: msi azalia0: codecs: Realtek ALC269 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 1 int 17 pci1 at ppb0 bus 2 bge0 at pci1 dev 0 function 0 Broadcom BCM5906M rev 0x02, BCM5906 A2 (0xc002): msi, address 00:1e:68:ae:1a:f0 brgphy0 at bge0 phy 1: BCM5906 10/100baseTX PHY, rev. 0 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 1 int 16 pci2 at ppb1 bus 3 ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 1 int 18 pci3 at ppb2 bus 5 Broadcom BCM4315 rev 0x01 at pci3 dev 0 function 0 not configured uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 1 int 23 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 1 int 19 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 1 int 18 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 1 int 16 ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb3 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci4 at ppb3 bus 6 ichpcib0 at pci0 dev 31 function 0 Intel 82801GBM LPC rev 0x02: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 31 function 2 Intel 82801GBM SATA rev 0x02: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using apic 1 int 19 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: TOSHIBA MK5059GSX wd0: 16-sector PIO, LBA48, 476940MB, 976773168 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x02: apic 1 int 19 iic0 at ichiic0 iic0: addr 0x4a 00=29 01=00 02=4b 03=50 04=50 05=50 06=50 07=50 08=50 09=50 0a=50 0b=50 0c=50 0d=50 0e=50 0f=50 22=4b 40=29 41=00 42=4b 43=50 44=50 45=50 46=50 47=50 48=29 49=50 4a=29 4b=50 4c=50 4d=50 4e=29 4f=50 ee=50 words 00=4e80 01=3000 02=4b00 03=5000 04=5000 05=5000 06=5000 07=5000 spdmem0 at iic0 addr 0x51: 1GB DDR2 SDRAM non-parity PC2-5300CL5 SO-DIMM
Re: /etc/rc: no closing quote
On Mon, Jul 21, 2014 at 11:50:19PM +0400, pae3 wrote: Hi. After upgrade from iso file (21 july) local daemons from /etc/rc.conf.local not started. During boot process 1 odd messages has been seen : /etc/rc: no closing quote ( on i386 amd64). Did you run sysmerge? OpenBSD 5.6-beta (GENERIC) #236: Mon Jul 21 02:35:53 MDT 2014 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Atom(TM) CPU N270 @ 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,LAHF,PERF real mem = 1600483328 (1526MB) avail mem = 1561890816 (1489MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 08/26/08, BIOS32 rev. 0 @ 0xfdc40, SMBIOS rev. 2.5 @ 0xdf010 (24 entries) bios0: vendor LENOVO version 14CN34WW date 08/26/2008 bios0: LENOVO Lenovo acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC HPET MCFG TCPA TMOR APIC BOOT ASF! SSDT SSDT SSDT acpi0: wakeup devices HDEF(S4) PXS1(S4) PXS2(S4) PXS3(S4) USB1(S4) USB2(S4) USB3(S4) USB4(S4) USB7(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 132MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpihpet0 at acpi0: 14318179 Hz acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 2 (RP01) acpiprt2 at acpi0: bus 3 (RP02) acpiprt3 at acpi0: bus 5 (RP03) acpiprt4 at acpi0: bus 6 (PCIB) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature is 95 degC acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT0 model LE30_S serial type LION oem Sanyo acpibtn2 at acpi0: LID_ acpivideo0 at acpi0: GFX0 bios0: ROM list: 0xc/0xec00! 0xcf000/0x1e00 0xdf000/0x800! 0xe/0x1800! cpu0: Enhanced SpeedStep 1597 MHz: speeds: 1600, 1333, 1067, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82945GME Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GME Video rev 0x03 intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: 1024x600 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: msi azalia0: codecs: Realtek ALC269 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 1 int 17 pci1 at ppb0 bus 2 bge0 at pci1 dev 0 function 0 Broadcom BCM5906M rev 0x02, BCM5906 A2 (0xc002): msi, address 00:1e:68:ae:1a:f0 brgphy0 at bge0 phy 1: BCM5906 10/100baseTX PHY, rev. 0 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 1 int 16 pci2 at ppb1 bus 3 ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 1 int 18 pci3 at ppb2 bus 5 Broadcom BCM4315 rev 0x01 at pci3 dev 0 function 0 not configured uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 1 int 23 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 1 int 19 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 1 int 18 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 1 int 16 ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb3 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci4 at ppb3 bus 6 ichpcib0 at pci0 dev 31 function 0 Intel 82801GBM LPC rev 0x02: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 31 function 2 Intel 82801GBM SATA rev 0x02: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using apic 1 int 19 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: TOSHIBA MK5059GSX wd0: 16-sector PIO, LBA48, 476940MB, 976773168 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x02: apic 1 int 19 iic0 at ichiic0 iic0: addr 0x4a 00=29 01=00 02=4b 03=50 04=50 05=50 06=50 07=50 08=50 09=50 0a=50 0b=50 0c=50 0d=50 0e=50 0f=50 22=4b 40=29 41=00 42=4b 43=50 44=50 45=50 46=50 47=50 48=29 49=50 4a=29 4b=50 4c=50 4d=50 4e=29 4f=50
Re: immutable-ish version control repo?
Em 17-07-2014 23:27, Adam Thompson escreveu: git - unknown I've used svn for many years. It's centralized structure means you can't alter the past. At least not from a client, AFAIK. Now I only use git, with gitolite for management. You can do lot's of things, including barring past alteration. It's just a matter of putting a + sign or not in the access for a particular client. Also it has a great logging system. Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: /etc/rc: no closing quote
On 07/22/2014 00:04, Antoine Jacoutot wrote: On Mon, Jul 21, 2014 at 11:50:19PM +0400, pae3 wrote: Hi. After upgrade from iso file (21 july) local daemons from /etc/rc.conf.local not started. During boot process 1 odd messages has been seen : /etc/rc: no closing quote ( on i386 amd64). Did you run sysmerge? OpenBSD 5.6-beta (GENERIC) #236: Mon Jul 21 02:35:53 MDT 2014 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Atom(TM) CPU N270 @ 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,LAHF,PERF real mem = 1600483328 (1526MB) avail mem = 1561890816 (1489MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 08/26/08, BIOS32 rev. 0 @ 0xfdc40, SMBIOS rev. 2.5 @ 0xdf010 (24 entries) bios0: vendor LENOVO version 14CN34WW date 08/26/2008 bios0: LENOVO Lenovo acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC HPET MCFG TCPA TMOR APIC BOOT ASF! SSDT SSDT SSDT acpi0: wakeup devices HDEF(S4) PXS1(S4) PXS2(S4) PXS3(S4) USB1(S4) USB2(S4) USB3(S4) USB4(S4) USB7(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 132MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpihpet0 at acpi0: 14318179 Hz acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 2 (RP01) acpiprt2 at acpi0: bus 3 (RP02) acpiprt3 at acpi0: bus 5 (RP03) acpiprt4 at acpi0: bus 6 (PCIB) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature is 95 degC acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT0 model LE30_S serial type LION oem Sanyo acpibtn2 at acpi0: LID_ acpivideo0 at acpi0: GFX0 bios0: ROM list: 0xc/0xec00! 0xcf000/0x1e00 0xdf000/0x800! 0xe/0x1800! cpu0: Enhanced SpeedStep 1597 MHz: speeds: 1600, 1333, 1067, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82945GME Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GME Video rev 0x03 intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: 1024x600 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: msi azalia0: codecs: Realtek ALC269 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 1 int 17 pci1 at ppb0 bus 2 bge0 at pci1 dev 0 function 0 Broadcom BCM5906M rev 0x02, BCM5906 A2 (0xc002): msi, address 00:1e:68:ae:1a:f0 brgphy0 at bge0 phy 1: BCM5906 10/100baseTX PHY, rev. 0 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 1 int 16 pci2 at ppb1 bus 3 ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 1 int 18 pci3 at ppb2 bus 5 Broadcom BCM4315 rev 0x01 at pci3 dev 0 function 0 not configured uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 1 int 23 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 1 int 19 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 1 int 18 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 1 int 16 ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb3 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci4 at ppb3 bus 6 ichpcib0 at pci0 dev 31 function 0 Intel 82801GBM LPC rev 0x02: PM disabled pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 31 function 2 Intel 82801GBM SATA rev 0x02: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using apic 1 int 19 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: TOSHIBA MK5059GSX wd0: 16-sector PIO, LBA48, 476940MB, 976773168 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x02: apic 1 int 19 iic0 at ichiic0 iic0: addr 0x4a 00=29 01=00 02=4b 03=50 04=50 05=50 06=50 07=50 08=50 09=50 0a=50 0b=50 0c=50 0d=50 0e=50 0f=50 22=4b 40=29 41=00 42=4b 43=50 44=50 45=50 46=50 47=50 48=29 49=50 4a=29 4b=50 4c=50 4d=50 4e=29 4f=50 ee=50 words 00=4e80 01=3000 02=4b00 03=5000 04=5000
Re: Are nc -lu /dev/zero /dev/null a good throughput test?
Em 20-07-2014 19:44, Adam Thompson escreveu: FWIW, you're almost certainly going to be CPU-bound. I can't get more than ~200Mbps on an emulated em(4) interface under ProxmoxVE (KVM 1.7.1) between two VMs running on the same host. Granted, the CPUs are slowish (2.2GHz Xeon L5520). I get better throughput using vio(4) but then I have to reboot the VMs once every 2 or 3 days to prevent them from locking up hard. Adam, I've been using vio(4) for quite some time now, with long uptimes in my vm machines, and never experienced lock ups. I've been using since 5.4. Now I'm running qemu-kvm 2.0.0. Now, to the OP question, I've been using a mix of tcpbench and iperf and also been using statistical data from libvirt, to measure the performance of my VM's. I've noticed similar performance and, in some cases, better than vio(4) when using the host's pci passthrough and assigning a real hardware to the VM. But you shouldn't expected very great performance between VM's hosted in the same host, unless you're using linux's macvtap with a switch that supports VEPA. Using bridge is slow. I suggest you create a virtual network and assign an interface for each of your VM's that need communicating, and also use vio(4) on the guest OS. Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: l2tp / ipsec issue
Em 21-07-2014 10:04, Gordon Turner escreveu: Thanks, After making this change, I no long see errors in /var/log/messages, but the device times out trying to connect. Probably that's because the router is dropping the packets. I'm guessing it does not have a stateful packet firewall. I will check other logs to see if there are other issues. This was my starting point, but the npppd configuration file has changed since this article. Check the logs in the router. If you can't bridge it, try using something like a DMZ setting and passing all tcp/udp ports to your OpenBSD box. That way you can ease your setup. It can still cause you problems, specifically MTU, but at least you'll be (hopefully) receiving all internet traffic on your OpenBSD box. Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: zzz, /dev/wsmouse
A partial reply; I have not yet run your patch: On 2014-07-21 16.00.01 +0200, Martin Pieuchot wrote: More seriously, can you plug external USB devices to your laptop and see if they are correctly recognized? Do they attach to uhub2 or uhub3? That seems to always work, regardless of whether the mouse works, and regardless of whether wsmoused is running. It looks like this: umass0 at uhub2 port 2 configuration 1 interface 0 SanDisk Cruzer rev 2.00/2.00 addr 6 umass0: using SCSI over Bulk-Only scsibus4 at umass0: 2 targets, initiator 0 sd2 at scsibus4 targ 1 lun 0: SanDisk, Cruzer, 8.02 SCSI0 0/direct removable serial.0781553001117562C886 sd2: 30547MB, 512 bytes/sector, 62562239 sectors (And then I removed it: sd2 detached scsibus4 detached umass0 detached ) After resume, my normal mouse no longer works. Even if you restart X? Does it work after suspend/resume under wsmoused(8)? This is more erratic than I had anticipated, too. The mouse seems to always work under X if I suspend/resume _without_ wsmoused. In fact, suspend/resume seems to always work if I do not have wsmoused running. With wsmoused running, sometimes it works flawlessly (or so it seems). I did get it to resume without a working mouse twice. I had a terminal open with focus, so this fixed it: xinput -disable /dev/wsmouse xinput -enable /dev/wsmouse Could you also check if you have a disable legacy option in your BIOS that would make your keyboard and mouse appear as USB devices once toggled. Could you try that if it exists? No such thing. The most relevant USB option is: USB 3.0 mode: Auto With the explanation for Auto (the current value): Connects and routes appropriate USB 3.0 or 2.0 ports. But that option is irrelevant to this (I think). If the systems immediately resumes by itself that means something failed in the suspend path. Could you try the diff below and tell me if you get more information? I'll get back to you on this, hopefully in 24 hours. Here's a dmesg from a successful suspend/resume: How many suspend resumes did you do? You caught me: I had done a few and tried to mark them, but lost track. You got it right. Additional note: without X ever running, suspend/resume works fine, regardless of whether wsmoused is running. If wsmoused is running and X has never been started, the mouse continues to work after resume. However, if I log into a console, zzz, resume, then startx, it fails. I get back to the console with ctrl-alt-backspace. Trailing output from startx: Loading extension GLX Agent pid 24099 Identity added: /home/mike/.ssh/id_rsa (rsa w/o comment) xterm: fatal IO error 35 (Resource temporarily unavailable) or KillClient on X server :0 XIO: fatal IO error 35 (Resource temporarily unavailable) on X server :0 after 107 requests (98 known processed) with 0 events remaining. XIO: fatal IO error 35 (Resource temporarily unavailable) on X server :0 after 138 requests (128 known processed) with 0 events remaining. (EE) Server terminated successfully (0). Closing log file. xterm: Xt error: Can't open display: :0 xinit: connection to X server lost waiting for X server to shut down .. xinit: X server slow to shut down, sending KILL signal Aside from the patch that I'll get to tomorrow night, let me know if there's any other data I can collect or experiments I can run. -Mike [demime 1.01d removed an attachment of type application/pgp-signature]
Re: network roaming convenience
On Jul 18, 2014, at 3:09 PM, Stuart Henderson s...@spacehopper.org wrote: On 2014-07-17, Daniel Melameth dan...@melameth.com wrote: It should have tried WEP first and, if that failed, WPA. ifconfig in -current can now discern WEP or WPA so this can readily be improved. ...as long as you have a wifi nic where ifconfig scan works, for example not Intel Centrino Advanced-N 6205 rev 0x34... Out of curiosity, what happens? Does this mean you’re flying blind when you parachute in somewhere and want to know what wi-fi networks are around? On my machine, which uses iwn, “ifconfig scan” does work, but there is an odd behavior that wiconfig happens to trigger, at least in my environment. Configuring the interface for WPA manually (or via hostname.if) works fine, but I had trouble with wiconfig until I increased its connect timeout value. This was due to an odd set of circumstances. wiconfig attempts to configure the interface with WPA, waits for a bit and, if the connection isn’t successful, tries again with WEP. My machine doesn'tt connect within the wiconfig's 3 second timeout interval, and then things get weird. After the second connection attempt (with WEP, using the “nwkey” param), the connect fails again (my AP only does WPA). After this, the interface cannot connect successfully with WPA until after a reboot. I first noticed this behavior with wiconfig and determined what it was doing specifically with help from wiconfig’s author. To confirm what was going on, I issued the same sequence of “ifconfig” invocations manually. Sure enough, an ifconfig with the nwkey parameter was a buzzkill: it prevented connection with a subsequent “ifconfig” invocation: one that certainly works if it is the first ifconfig that happens. This is certainly a corner case, but it did trip me up.
