Re: Problem with WireGuard on OpenBSD 7.3
On Sat, 6 May 2023 02:18:30 +0200 Odd Martin Baanrud wrote: > Hello Stuart, > > Thanks for a detailed and good explenation! > > I choosed the WireGuard-tools solution, because I understood how it works, > and it is easy to configure. > I*ve read a bit in the wg(4) manual, and I get confused of how things > actually works. > Is it possible to use wireguard-tools*s private/public key e.g? > If not, is the actual configuration using the included tools easy to do? > > I*m blind, so reading lots of documentation, when not knowing what to look > for, can be pritty time consuming. > So, if it is an easy way to set up a wireguard-tools style vpn using tools > from the base system, please let me know. > > Regarding pf, thanks for good advice regarding how to use NAT rules. > > Regards, Martin. Hello Martin. I just recently started using WireGuard, as a client only, using commercial VPN service. I did not have to use wireguard-tools. In addition to the manual pages for wireguard and rdomain, I also consulted several online guides that helped clarify how everything should work (DNS is the tricky part). 1. Solene Rapenne - "Full WireGuard setup with OpenBSD" Solene explains how to setup both wireguard server and client on OpenBSD without using wireguard-tools. She uses openssl to generate private keys. Note: page has one ASCII network diagram. https://dataswamp.org/~solene/2021-10-09-openbsd-wireguard-exit.html 2. Matthieu Herrb - "Setting up a WireGuard client with routing domains on OpenBSD". Matthieu explains step-by-step how to setup OpenBSD as wireguard client for 3rd party VPN. He uses wireguard-tools, but only to generate the private key initially. Note: page includes one long output of ps command. https://md.laas.fr/s/NMc3qt5PQ Since both of the above guides use rdomains for their setup, I found this writeup about rdomains and rtables useful: 3. Joel Knight - "Virtualizing the OpenBSD Routing Table" Note: page has four images of network diagramms. https://www.packetmischief.ca/2011/09/20/virtualizing-the-openbsd-routing-table/ It is a lot of reading, and I apologize for that. I can see, but it still took me couple days to figure out how to get just the client part working right, and you are trying to do both server and client at once. I hope you succeed. -- Andre
Re: Problem with WireGuard on OpenBSD 7.3
Hello Stuart, Thanks for a detailed and good explenation! I choosed the WireGuard-tools solution, because I understood how it works, and it is easy to configure. I’ve read a bit in the wg(4) manual, and I get confused of how things actually works. Is it possible to use wireguard-tools’s private/public key e.g? If not, is the actual configuration using the included tools easy to do? I’m blind, so reading lots of documentation, when not knowing what to look for, can be pritty time consuming. So, if it is an easy way to set up a wireguard-tools style vpn using tools from the base system, please let me know. Regarding pf, thanks for good advice regarding how to use NAT rules. Regards, Martin.
mail command - change "from address" for Charlie Root
Hello, I am trying to work out how to change the “From address” for when the daily output reports are run. I want to use a real email address rather than the default of Charlie Root “root@hostname”. I have tried to use a /root/.mailrc option and set the “from” address but this seems to be ignored when the daily output reports are generated. I send the daily reports to my personal email and have configure /etc/mail/aliases so that “root” is using my personal email. I am using openBSD 7.3 AMD64. Thank you
Re: PC Engines APU platform EOL
Don't know if this collides with the 'network plumbing' point but this is what I know eg... in Europe, Germany and you can start from eg... here: https://5md.at/l/cee9399 -- Daniele Bonini May 5, 2023 17:46:47 Daniele B. : > Sorry, I haven't followed the thread and I do not know > what exactly you are searching for. > I realized only now you are searching some specific > device on the market.. > I do not know..any chinese national can eventually help like us.. but > here we can have access to the chinese version > of Taobao, that mostly means access to whole range of products > actually on the market including accessories and often past articles. > The only obstacle is the translation of the technical features > to my wife that sometimes result difficult. > Anyway we are glad to help you in your reasearch if it is possible. > > Give me a private ping if we can help. > > > -- Daniele Bonini
Re: PC Engines APU platform EOL
Sorry, I haven't followed the thread and I do not know what exactly you are searching for. I realized only now you are searching some specific device on the market.. I do not know..any chinese national can eventually help like us.. but here we can have access to the chinese version of Taobao, that mostly means access to whole range of products actually on the market including accessories and often past articles. The only obstacle is the translation of the technical features to my wife that sometimes result difficult. Anyway we are glad to help you in your reasearch if it is possible. Give me a private ping if we can help. -- Daniele Bonini
Re: PC Engines APU platform EOL
On Thu, May 4, 2023 at 2:47 AM Anders Andersson wrote: > > On Thu, May 4, 2023 at 8:24 AM Damian McGuckin wrote: > > > > On Thu, 4 May 2023, Maksim Rodin wrote: > > > > > Is there any problem with fanless x86_64 mini PCs with several NICs, > > > sold on aliexpress? > > > > Maybe, or give up on the rackmount and buy the R86S, as in > > > > https://www.aliexpress.com/i/1005004765507664.html > > > > An alternative is to buy 3 APU4s now 3 to cover failures and spares over > > the next few years. Hopefully, they still have some left. > > > > Thanks - Damian > > The R86S looks cute, but on closer inspection it has a fan. They even > crammed *two* fans in there for the taller version. That doesn't > necessarily mean it makes a lot of noise, but if fanless is a strict > requirement for other reasons it's out. [...] The B1, B2 and B3 models don't have a fan, if the comparison table is to be believed. That said, I did a bit of research on buying these no-name Chinese boxes from Amazon and AliExpress, and decided to get one from Amazon since I can return it in 30-days in case it does not work. Got a Minisforum GK41 (https://www.amazon.com/gp/product/B0899N2L6T/) It is not fanless and has two gigabit realtek NICs'. I currently have OpenBSD 7.3 installed on it, and noticed the wireless module is not supported (anyways I don't need that). The BIOS is customized AMI Bios, and there seems to be no way to upgrade it (which I expected). The build quality is reasonable, and I can barely hear the fan at a feet distance. dmesg below. Thanks. -ag OpenBSD 7.3 (GENERIC.MP) #1125: Sat Mar 25 10:36:29 MDT 2023 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8367906816 (7980MB) avail mem = 8094904320 (7719MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.2 @ 0x79857000 (18 entries) bios0: vendor American Megatrends Inc. version "GB7 0.08" date 05/25/2021 bios0: BESSTAR TECH LIMITED GK41 efi0 at bios0: UEFI 2.7 efi0: American Megatrends rev 0x5000d acpi0 at bios0: ACPI 6.2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP FPDT FIDT MSDM MCFG SSDT DBG2 DBGP HPET LPIT APIC NPKT SSDT SSDT SSDT SSDT SSDT SSDT TPM2 DMAR WDAT NHLT WSMT acpi0: wakeup devices HDAS(S3) XHC_(S4) XDCI(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) PXSX(S4) RP06(S4) PXSX(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimcfg0 at acpi0 acpimcfg0: addr 0xe000, bus 0-255 acpihpet0 at acpi0: 1920 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Celeron(R) J4125 CPU @ 2.00GHz, 1994.48 MHz, 06-7a-08 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,UMIP,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 24KB 64b/line 6-way D-cache, 32KB 64b/line 8-way I-cache, 4MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 19MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.2.4.2.1.1, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Celeron(R) J4125 CPU @ 2.00GHz, 1994.48 MHz, 06-7a-08 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,UMIP,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu1: 24KB 64b/line 6-way D-cache, 32KB 64b/line 8-way I-cache, 4MB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 4 (application processor) cpu2: Intel(R) Celeron(R) J4125 CPU @ 2.00GHz, 1994.48 MHz, 06-7a-08 cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,UMIP,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu2: 24KB 64b/line 6-way D-cache, 32KB 64b/line 8-way I-cache, 4MB 64b/line 16-way L2 cache cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 6 (application processor) cpu3: Intel(R) Celeron(R) J4125 CPU @ 2.00GHz, 1994.48 MHz, 06-7a-08 cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8
