Re: network problem with latest snapshots
Hello, I was hoping it could have been some "bad timing" with the snapshots back then but the problem is still there with the latest snapshot: this ethernet card cannot work under -current, but works fine under 6.3, and used to work under -current up to july-august (I'm sorry I can't be more exact). The dmesg from the **working** (6.3) box: bge0 at pci3 dev 0 function 0 "Broadcom BCM5761" rev 0x10, BCM5761 A1 (0x5761100), APE firmware DASH 1.54.1.0bge0: APE event 0x00020510 send timed out brgphy0 at bge0 phy 1: BCM5761 10/100/1000baseT PHY, rev. 0 Any help on how I can provide further info that might be useful..? Problem description in the original message: On Sat, Sep 8, 2018 at 2:45 PM Thanos Tsouanas wrote: > So, my box was working fine from a relatively recent snapshot (first > days of Aug). Then I upgraded to a snapshot of Sep 5th, and I can no > longer connect to my local network: > dhclient responds with "got link" but ends with "no lease", and bge0 > has no IP assigned to it. > Even if I assign inet IP, netmask, and gateway manually, there is no > connectivity. > I cannot ping my gateway (or anything else, for that matter). > On the other hand, booting with the miniroot63.fs and exiting to > shell, indeed everything works fine. > I tried the miniroot64.fs's of 5/sep and the most recent one of 7/sep, > and both behave the same way. I believe this is a card-specific > problem because the same snapshots work fine on a different machine on > the same network (my laptop for example). > > The interface is a bge, and I do get some error messages from the kernel: > > APE event 0x... send timed out > > But I've always had those error messages with this particular ethernet > card and never experienced any problems, and when I boot on the > miniroot63.fs, the same messages appear, but the interface is still > working fine. > > Any help on how to debug this / or how to provide more useful > information, would be appreciated! Cheers -- Thanos Tsouanas http://www.tsouanas.org/
Re: Monitoring system
I am using Icinga2 on all our machines - you'll find it in packages and the newest version you'll get with OpenBSD 6.4 On 10/05/18 05:09, Tom Smyth wrote: > Both of of the ones I emailed to you are in ports > > also there is pmmact by the Legend paulo Lucende > that can aggregate and convert multiple logs to different formats > worth having a look at that also ... > On Fri, 5 Oct 2018 at 04:08, Tom Smyth wrote: >> >> >> Librenms would be worth a look i believe it has email alerting >> and snmp support needs php and mysql >> Zabbix ...havent used this one but it has monitoring functionality ... >> If you are monitoring alot of systems, make sure your storage can >> cope with alot of I/O or you will see annoying gaps in your graphs >> so use SSDs and make sure that when formatting the system >> that you align with 1MB offset ... 2048 sectors (instead the default >> 64 bytes) >> >> Peace >> Tom Smyth >> >> >> On Thu, 4 Oct 2018 at 23:57, flipchan wrote: >>> >>> Greetings all, >>> >>> I need to install a monitoring system with email notifications, I have used >>> mmonit which is great but it's a little too pricey for personal use. >>> >>> Can anyone recommend a open source monitoring system that support email >>> notifications and monitoring of multiple hosts running openbsd. >>> >>> >>> Something more modern then nagios would be great, I just need it to work so >>> as long as it supports email notifications and monitoring of more then one >>> host it's good >>> >>> >>> Thanks in advance >>> >>> >>> >>> -- >>> Take Care Sincerely flipchan layerprox dev >> >> >> >> -- >> Kindest regards, >> Tom Smyth >> >> Mobile: +353 87 6193172 >> The information contained in this E-mail is intended only for the >> confidential use of the named recipient. If the reader of this message >> is not the intended recipient or the person responsible for >> delivering it to the recipient, you are hereby notified that you have >> received this communication in error and that any review, >> dissemination or copying of this communication is strictly prohibited. >> If you have received this in error, please notify the sender >> immediately by telephone at the number above and erase the message >> You are requested to carry out your own virus check before >> opening any attachment. > > > -- GPG-KEY: 0x5C5C239D81121B35 GPG-FP: 49CC8250 CDCF2183 6209C1AE 625677C1 F7783D5F Threema: DN8PJX4Z
Re: Monitoring system
Both of of the ones I emailed to you are in ports also there is pmmact by the Legend paulo Lucende that can aggregate and convert multiple logs to different formats worth having a look at that also ... On Fri, 5 Oct 2018 at 04:08, Tom Smyth wrote: > > > Librenms would be worth a look i believe it has email alerting > and snmp support needs php and mysql > Zabbix ...havent used this one but it has monitoring functionality ... > If you are monitoring alot of systems, make sure your storage can > cope with alot of I/O or you will see annoying gaps in your graphs > so use SSDs and make sure that when formatting the system > that you align with 1MB offset ... 2048 sectors (instead the default > 64 bytes) > > Peace > Tom Smyth > > > On Thu, 4 Oct 2018 at 23:57, flipchan wrote: > > > > Greetings all, > > > > I need to install a monitoring system with email notifications, I have used > > mmonit which is great but it's a little too pricey for personal use. > > > > Can anyone recommend a open source monitoring system that support email > > notifications and monitoring of multiple hosts running openbsd. > > > > > > Something more modern then nagios would be great, I just need it to work so > > as long as it supports email notifications and monitoring of more then one > > host it's good > > > > > > Thanks in advance > > > > > > > > -- > > Take Care Sincerely flipchan layerprox dev > > > > -- > Kindest regards, > Tom Smyth > > Mobile: +353 87 6193172 > The information contained in this E-mail is intended only for the > confidential use of the named recipient. If the reader of this message > is not the intended recipient or the person responsible for > delivering it to the recipient, you are hereby notified that you have > received this communication in error and that any review, > dissemination or copying of this communication is strictly prohibited. > If you have received this in error, please notify the sender > immediately by telephone at the number above and erase the message > You are requested to carry out your own virus check before > opening any attachment. -- Kindest regards, Tom Smyth Mobile: +353 87 6193172 The information contained in this E-mail is intended only for the confidential use of the named recipient. If the reader of this message is not the intended recipient or the person responsible for delivering it to the recipient, you are hereby notified that you have received this communication in error and that any review, dissemination or copying of this communication is strictly prohibited. If you have received this in error, please notify the sender immediately by telephone at the number above and erase the message You are requested to carry out your own virus check before opening any attachment.
Re: Monitoring system
Librenms would be worth a look i believe it has email alerting and snmp support needs php and mysql Zabbix ...havent used this one but it has monitoring functionality ... If you are monitoring alot of systems, make sure your storage can cope with alot of I/O or you will see annoying gaps in your graphs so use SSDs and make sure that when formatting the system that you align with 1MB offset ... 2048 sectors (instead the default 64 bytes) Peace Tom Smyth On Thu, 4 Oct 2018 at 23:57, flipchan wrote: > > Greetings all, > > I need to install a monitoring system with email notifications, I have used > mmonit which is great but it's a little too pricey for personal use. > > Can anyone recommend a open source monitoring system that support email > notifications and monitoring of multiple hosts running openbsd. > > > Something more modern then nagios would be great, I just need it to work so > as long as it supports email notifications and monitoring of more then one > host it's good > > > Thanks in advance > > > > -- > Take Care Sincerely flipchan layerprox dev -- Kindest regards, Tom Smyth Mobile: +353 87 6193172 The information contained in this E-mail is intended only for the confidential use of the named recipient. If the reader of this message is not the intended recipient or the person responsible for delivering it to the recipient, you are hereby notified that you have received this communication in error and that any review, dissemination or copying of this communication is strictly prohibited. If you have received this in error, please notify the sender immediately by telephone at the number above and erase the message You are requested to carry out your own virus check before opening any attachment.
Re: Performance impact of PF on APU2
I am very brave indeed :) OpenBSD 6.4 (GENERIC.MP) #0: Wed Oct 3 13:49:29 CEST 2018 hrv...@r620-2.srce.hr:/sys/arch/amd64/compile/GENERIC.MP real mem = 1996279808 (1903MB) avail mem = 1926565888 (1837MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0x77fd7020 (7 entries) bios0: vendor coreboot version "v4.0.19" date 20180902 bios0: PC Engines apu2 But I see even worst performance now: 458 Mbits/sec On Thu, 2018-10-04 at 22:26 +0200, Hrvoje Popovski wrote: > On 4.10.2018. 5:58, Benjamin Petit wrote: > > Ok so I compared 6.3-release, 6.3-release+syspatches(=stable?) and > > the latest snapshot from October 2. > > > > I measured iperf3 throughput between A and B, like this: > > PC A <---> APU2 <---> PC B > > > > pf rules are the one shipped by default in 6.3: > > > > gw# pfctl > > -sr > > > > block return all > > pass all flags S/SA > > block return in on ! lo0 proto tcp from any to any port 6000:6010 > > block return out log proto tcp all user = 55 > > block return out log proto udp all user = 55 > > > > OpenBSD 6.3 RELEASE: > > - pf enabled: 841 Mbits/sec > > - pf disabled: 935 Mbits/sec > > > > OpenBSD 6.3 + Syspatch: > > - pf enabled: 803 Mbits/sec > > - pf disabled: 936 Mbits/sec > > > > OpenBSD CURRENT: > > - pf enabled: 526 Mbits/sec (541 with kern.pool_debug=0) > > - pf disabled: 934 Mbits/sec > > > > So there is a small perf drop when applying all syspatches to 6.3 > > (not sure which one cause the drop), > > but the performance drop SIGNIFICANTLY using the latest snapshot. > > > > Am I missing something? (I really hope I am) > > > > Hi, > > if you're feeling brave enough and you can test/experiment > with pf you can download openbsd kernel with experimental MP support > from here http://kosjenka.srce.hr/~hrvoje/zaprocvat/smpfbsd > > SHA256 (smpfbsd) = > e95e94190a0e52de7690b3278cfab14985817089e7a53615cd2599420593b32c > > this kernel is compiled with option WITH_PF_LOCK and NET_TASKQ=4 > > before you download it please backup your active kernel so if > something > goes wrong you can put it back .. > > cp /bsd /goodbsd > cp smpfbsd /bsd > reboot > > if something goes wrong at boot prompt before kernel starts to boot > you > can boot old kernel with command - boot goodbsd > > i'm running this kernel for few days and i'm hitting pf, pfsync and > pflow quite hard and it seems stable :) >
Monitoring system
Greetings all, I need to install a monitoring system with email notifications, I have used mmonit which is great but it's a little too pricey for personal use. Can anyone recommend a open source monitoring system that support email notifications and monitoring of multiple hosts running openbsd. Something more modern then nagios would be great, I just need it to work so as long as it supports email notifications and monitoring of more then one host it's good Thanks in advance -- Take Care Sincerely flipchan layerprox dev
Re: httpd and cgi
On Thu, October 4, 2018 12:54 pm, Kihaguru Gathura wrote: > Hi, > > For the following httpd setup, cgi scripts give a 403 Page not found > on browser. However after removing the line: > > location "/*" { > authenticate "Staff Only" with "/htpasswds" > } > > cgi scripts run fine but no authentication for document root of course. > > Please explain the situation. > > > > ... ># $OpenBSD: httpd.conf,v 1.18 2018/03/23 11:36:41 florian Exp $ > > server "xyz.co.ke" { > listen on * port 80 > listen on :: port 80 > location "/.well-known/acme-challenge/*" { > root "/acme" > root strip 2 > } > location * { > block return 302 "https://$HTTP_HOST$REQUEST_URI; > } > } > > server "xyz.co.ke" { > listen on * tls port 443 > listen on :: tls port 443 > hsts > tls { > certificate "/etc/ssl/xyz.co.ke.fullchain.pem" > key "/etc/ssl/private/xyz.co.ke.key" > } > location "/.well-known/acme-challenge/*" { > root "/acme" > root strip 2 > } > root "/xyz.co.ke" > location "/*" { > authenticate "Staff Only" with "/htpasswds" > } > > location "/public/*" { > directory auto index > } > location "/xyz/*" { > root "/" > fastcgi > authenticate "Staff Only" with "/htpasswds" > } > } > .. > > Thank you, > > Regards > > Kihaguru. > Move the location "/*" block to the bottom of the server block after the specific paths. location path {...} Specify server configuration rules for a specific location. The path argument will be matched against the request path with shell globbing rules. In case of multiple location statements in the same context, the first matching location statement will be put into effect, while all later ones will be ignored. Therefore it is advisable to match for more specific paths first and for generic ones later on.
Re: Performance impact of PF on APU2
On 2018-10-04, Benjamin Petit wrote: > I don't think the APU2 uses HT correct
Re: Performance impact of PF on APU2
On 4.10.2018. 5:58, Benjamin Petit wrote: > Ok so I compared 6.3-release, 6.3-release+syspatches(=stable?) and the latest > snapshot from October 2. > > I measured iperf3 throughput between A and B, like this: > PC A <---> APU2 <---> PC B > > pf rules are the one shipped by default in 6.3: > > gw# pfctl -sr > > block return all > pass all flags S/SA > block return in on ! lo0 proto tcp from any to any port 6000:6010 > block return out log proto tcp all user = 55 > block return out log proto udp all user = 55 > > OpenBSD 6.3 RELEASE: > - pf enabled: 841 Mbits/sec > - pf disabled: 935 Mbits/sec > > OpenBSD 6.3 + Syspatch: > - pf enabled: 803 Mbits/sec > - pf disabled: 936 Mbits/sec > > OpenBSD CURRENT: > - pf enabled: 526 Mbits/sec (541 with kern.pool_debug=0) > - pf disabled: 934 Mbits/sec > > So there is a small perf drop when applying all syspatches to 6.3 (not sure > which one cause the drop), > but the performance drop SIGNIFICANTLY using the latest snapshot. > > Am I missing something? (I really hope I am) > Hi, if you're feeling brave enough and you can test/experiment with pf you can download openbsd kernel with experimental MP support from here http://kosjenka.srce.hr/~hrvoje/zaprocvat/smpfbsd SHA256 (smpfbsd) = e95e94190a0e52de7690b3278cfab14985817089e7a53615cd2599420593b32c this kernel is compiled with option WITH_PF_LOCK and NET_TASKQ=4 before you download it please backup your active kernel so if something goes wrong you can put it back .. cp /bsd /goodbsd cp smpfbsd /bsd reboot if something goes wrong at boot prompt before kernel starts to boot you can boot old kernel with command - boot goodbsd i'm running this kernel for few days and i'm hitting pf, pfsync and pflow quite hard and it seems stable :)
httpd and cgi
Hi, For the following httpd setup, cgi scripts give a 403 Page not found on browser. However after removing the line: location "/*" { authenticate "Staff Only" with "/htpasswds" } cgi scripts run fine but no authentication for document root of course. Please explain the situation. ... # $OpenBSD: httpd.conf,v 1.18 2018/03/23 11:36:41 florian Exp $ server "xyz.co.ke" { listen on * port 80 listen on :: port 80 location "/.well-known/acme-challenge/*" { root "/acme" root strip 2 } location * { block return 302 "https://$HTTP_HOST$REQUEST_URI; } } server "xyz.co.ke" { listen on * tls port 443 listen on :: tls port 443 hsts tls { certificate "/etc/ssl/xyz.co.ke.fullchain.pem" key "/etc/ssl/private/xyz.co.ke.key" } location "/.well-known/acme-challenge/*" { root "/acme" root strip 2 } root "/xyz.co.ke" location "/*" { authenticate "Staff Only" with "/htpasswds" } location "/public/*" { directory auto index } location "/xyz/*" { root "/" fastcgi authenticate "Staff Only" with "/htpasswds" } } .. Thank you, Regards Kihaguru.