Re: Bottleneck in httpd. I need help to address capacity issues on max parallel and rate connections
On Tue, May 08, 2007 at 07:13:27PM -0400, Daniel Ouellet wrote: Nope. I sent updates on that too with a more powerful server. And I am doing tests now with three clients at once to see and I can get a bit more process running on the server side, but still no more output of that server. It is cap somehow and I am not sure what does it yet. I'm new at this so please ignore if its not helpful. Is this a bandwidth (hardware) limitation on the computer itself? If so then a faster processor won't help. Bus contention? Doug.
Re: Equivalent to linux disk delete?
On Sun, May 06, 2007 at 09:49:18PM +0300, [EMAIL PROTECTED] wrote: On Sun, May 06, 2007 at 07:51:14PM +0200, Sebastian Rother wrote: doesn`t know about a delete Command and disklabel so far shows just the OpenBSD (4th) partition. Set their type to 0 with fdisk (fdisk -e, e #part, 0 to disable, etc). That said, I wouldn't recommend anyone to use the OpenBSD fdisk, unless they really know what they're doing :) It's too obtuse and error prone. Don't you _have_ to use it to run the install? Doug.
Re: Help needed with server setup at work
On Tue, Apr 24, 2007 at 12:48:46AM +0200, Rico Secada wrote: On Tue, 24 Apr 2007 00:05:51 +0200 Joachim Schipper [EMAIL PROTECTED] wrote: On Mon, Apr 23, 2007 at 09:28:53PM +0200, Rico Secada wrote: This is a public mailing list. Trim your message at 72 columns. Meaning? The following line is as I received it. It is 401 characters wide. I have left it as is for your edification. Using OpenBSD as a server works perfectly. The server needs nothing more than SSH. About the client I have succesfully setup Debian with fuse and it works perfectly with OpenBSD serving. I also know that FreeBSD has a port for client installation. Fuse uses the sftp part of SSH. On Debian all it takes is installing the package and using modprobe. On FreeBSD it should be almost as easy and quick. This line was also received. It is 471 characters wide. I have wrapped it. Using vim I only had to do a gqap. The only consern I have is users snooping around because they are able to ssh in, besides that sshfs works like a charm and its so easy and quick to setup. I have combined scponly with the servers, and that works well too, but since scponly isn't safe, as in a lot of work is done security wise, I would not want to run with that as a permanent solution. I trust OpenSSH over any VPN solution anyday, but SSH might cause a problem in other areas, hence the question. [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] I have got no idea what this is about. I havent made any attachments. _somebody_ signed a post on this thread and instead of a signature the mail list server put a message that it was removed. Doug.
Re: a question kinda pff topic
On Thu, Apr 12, 2007 at 11:38:12AM -0400, Dave wrote: I have a question not about the software but where you put your network stuff has any one built there own rack out of wood I am looking at building my own. Another option is solid used commercial wire racking. The units take a lot of load while the wire shelves allow good airflow. I'm not talking about the Walmartish clones but stuff used, for example, in commercial kitchens. Doug.
Re: running OpenBSD on switch hardware
On Thu, Apr 05, 2007 at 06:52:25PM +0200, Karl Sjvdahl - dunceor wrote: On 4/5/07, RedShift [EMAIL PROTECTED] wrote: I've got this linksys SRW2016 managed 16 port gigabit switch at home. The only problem with it, is that the firmware well eh, sucks. The telnet interface can't configure everything (just basic setup, you can't even set up SNMP or VLANs) and the webinterface only works correctly with Internet Explorer. Now during the bootup messages I see that the processor is an ARM946E-S. Since OpenBSD should run on ARM processors (armish port?) I wonder if it would be possible to replace the current firmware with an OpenBSD install. I don't think the ARM 946 has a MMU which I'm pretty it needs to run OpenBSD. So I think you are out of luck. Don't know if Linux runs on systems without MMU but it's worth a try. NetBSD says it will run anything, will it run this? Doug.
Re: firewall stopped working unexpectedly
Hi Steve, I've interspersed my comments, but first a preface: I've never used (although read a bit on) DHCP. I use Debian (looking at switching to BSD). I run old hardware boxes so can troubleshoot. I'm not expecting this to be a definitive answer but I hope its more help than noise. Doug. On Tue, Apr 03, 2007 at 02:21:07PM -0700, [EMAIL PROTECTED] wrote: Covad DSL Modem --[ne3] firewall [xl0] -- switch -- internal network firewall = PII/256MB running Open BSD 3.5 with 2 NICs ne3 = external interface configured using DHCP (192.168.1.1) xl0 = internal interface fixed internal network (192.168.0.0/24) Nobody on the internal network can get out to check email or surf the net. Something happended in the hours between Sunday night around 8:30 pm and Monday morning at 8:00 am. But what? Network Cards - substituted known good network cards in firewall - no change. Where they the same kind (same drivers, or did you change /etc/hostname.* to match? Firewall PC - rebooted; then substituted known good backup firewall machine no change. Does the modem (never used one) remember hardware ethernet address so get confused when a different box requests the same stuff? Did you reset the modem each time you changed boxes or NICs? Since you know the x10 NIC (internal interface) works, what happens if you swap them in your configuration? If the ne3 is now internal, does it work? In other words, first ensure that you have two NICs funtioning in all respects. ping - I can ping from internal network to the internal interface on the firewall. I can SSH into the firewall from the internal network. What happens if you log into the firewall via the console (not ssh)? DHCPACK from 192.168.1.1 New Network Number: 66.166.238.0 New Broadcast Address: 66.166.238.255 bound to 66.166.238.189 -- renewal in 30 seconds. ^^^ It seems to get the IP address from the COVAD DHCP server but then things go haywire. Within a few seconds I start seeing error messages on the console: Apr 2 14:54:18 gateway dhclient: send_fallback: No route to host Apr 2 14:54:18 gateway dhclient: send_fallback: No route to host #ifconfig ne3 inet 66.166.238.189 netmask 0xff00 broadcast 66.166.238.255 which seems to be correct. But running ifconfig a few times eventually it appears to lose the correct IP address and go down: ifconfig ne3 inet 0.0.0.0 netmask 0xff00 broadcast 255.255.255.255 interface assignments -- /etc/hostname.ne3 dhcp /etc/hostname.xl0 inet 192.168.0.1 255.255.255.0 NONE /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1 Hardware? -- dmesg gateway# dmesg OpenBSD 3.5 (GENERIC) #1: Sat May 1 08:18:25 PDT 2004 . xl0 at pci0 dev 14 function 0 3Com 3c905B 100Base-TX rev 0x30: irq 11 address 00:50:da:4f:e1:10 exphy0 at xl0 phy 24: 3Com internal media interface ne3 at pci0 dev 16 function 0 Winbond Linksys EtherPCI II rev 0x00: irq 9 ne3: address 00:20:78:14:f5:ed
Re: Is OpenBSD good/best for my 486?
On Sun, Mar 25, 2007 at 12:44:46PM -0400, Nick Holland wrote: Shawn K. Quinn wrote: On Fri, 2007-03-23 at 10:49 -0400, Douglas Allan Tutty wrote: On Fri, Mar 23, 2007 at 06:56:32AM -0500, Shawn K. Quinn wrote: On Wed, 2007-03-21 at 22:37 -0400, Douglas Allan Tutty wrote: I've got a 486DX4-100 with 32 MB ram, ISA bus, with two drives: 840 MB and 1280 MB IDE. Currently running Debian GNU/Linux Sarge. 32M is at a point where if it isn't enough, you need a better machine. Tweaking the kernel to make it run better in 32M is just perfume on the pig. If that's what you need to do, get a less smelly pig. As I indicated recently, probably on this thread, ssh on a 486 is painful. Works fine, but painfully slow. X? oh, ick. It will work, but you may need the XF3 support, as a lot of old, 486-vintage video chips haven't been ported to X.org. If you need to use the XF3 servers, you will be out of luck starting with OpenBSD v4.2, as (hopefully) we will have switched to Xenocara, and probably drop XF3 support. I believe at some point, it was indicated that this 486 is or may be the OP's first OpenBSD experience. If that is true, I'd highly recommend a better machine to get your feet wet with. MY recommendation for minimum HW for OpenBSD for a first-timer would be a Pentium, 100MHz or better, 32M RAM or better. If you want X, I'd bump that up to a P200, 64M RAM or better. Again, it isn't that it won't run on slower machines, it is just that you will skip important steps in the learning process if your machine is too slow. Right now, I only have two boxes: my 486 and my Athlon. The Athlon runs Debian Etch amd64. Its the box that does all my work so I don't want to get on a BSD learning curve on it. The 486 is only a convenience piece. Yes, X is a problem no matter Debian or BSD. Right now, the 486 has Debian Sarge on it but I've tweaked the XFree86 configs so it uses the previous versions S3 driver since its not available for the current version. That wont be an option in Debian Etch eiter. Bottom line, I may have to give up on X. Its not that great a loss. Debian's Sarge installer doesn't work on it and neither will Etch's. If ever I need to reinstall or change something fundamental (e.g. the hard drive crashes), I have to install woody base and upgrade. The trouble is that its a pain to do that over dial-up. This is one of my reasons for looking at OpenBSD. So I want to learn BSD on the 486. As for taking a long time to install, everything is relative. It takes a long time to upgrade Debian over dial-up too. I _think_ I can download the tarballs from the ftp site, burn them onto a CD so I have a local repository to point the install at, then I _think_ the time-consuming thing is something about generating keys. Assuming that it can do that without me sitting there, I can get it started then go camping :) Besides, I'm a bit attached to my trusty 486. It has never given me a moments trouble (hardware wise) since I bought it new from IBM in 1993/4. My P-100 is so unreliable its unusable except as a terminal emulator. My PII was given to me full of cat hair; not one fan turned. It dies after 45 seconds. The 486 runs quiet, cool, and error free. My only concern is that I upgraded the memory from 8 MB to 16 then 32 and in the process of SIMM swapping, I don't have IBM ECC memory anymore. Rather than compare it to a smelly pig, try an old uncle. I want to get BSD on it before it gets Alzheimer's (memory loss) or Parkinson's (as in Parkinson's Law about available space). Then there's aesthetics. I learn best by understanding. Since UNIX culture was born on slow (by today's standards) machines, why not learn in that mode to start? What steps would I skip if my machine is too slow if I'm dedicated to learning on it and not trying to cut corners to make it run faster? Once I have a working OpenBSD system and learn about it, I can decide if I want to make the switch on my Athlon. Thanks for your comments. Doug.
Re: Request for links to BSD adminstration docs
On Fri, Mar 23, 2007 at 12:07:54AM -0500, Marco Peereboom wrote: However, is it correct that when a new release comes out every six months, you have to reboot into that? How long does an upgrade from one release to the next take? Minutes on a fast machine. I have seen a HPPA B180 take like 25 minutes but that is the exception and not the norm. The OpenBSD man pages are outstanding. Start with the FAQ and then move on to the man pages and life will be good. How does an HPPA B180 compare with a 486? I think I'll see if I can download the manpages separatly and view them with debian's groff (or more simply, with Midnight Commander). Thanks, Doug.
Re: Request for links to BSD adminstration docs
On Thu, Mar 22, 2007 at 10:08:02PM -0700, Darrin Chandler wrote: On Fri, Mar 23, 2007 at 12:40:48AM -0400, Douglas Allan Tutty wrote: However, is it correct that when a new release comes out every six months, you have to reboot into that? How long does an upgrade from one release to the next take? Yes, you must reboot and perform the upgrade. If you read the upgrade guide and get your ducks in a row you can be all done *easily* in 30 minutes. If there were some kind of contest with cash prizes it could probably be done much quicker. However, it's much more important to get the steps right than to do it quickly, IMHO. So on a production machine, it has to be off-line for 30 minutes every six months (not complaining, just clarifying). history you can pick up some interesting bits around the net. The Wikipedia pages on this aren't as bad as they could be. http://en.wikipedia.org/wiki/OpenBSD http://en.wikipedia.org/wiki/Berkeley_Software_Distribution I've read them and they seem like a good introduction. I'd like to track down the origional BSD SMM (assuming that it was released under a BSD licence), from before it was printed by O'Reily and hense copywritten. Thanks Doug.
Re: Is OpenBSD good/best for my 486?
On Fri, Mar 23, 2007 at 06:56:32AM -0500, Shawn K. Quinn wrote: On Wed, 2007-03-21 at 22:37 -0400, Douglas Allan Tutty wrote: Hello, I've got a 486DX4-100 with 32 MB ram, ISA bus, with two drives: 840 MB and 1280 MB IDE. Currently running Debian GNU/Linux Sarge. Assuming you don't try to do more with it than you have CPU and RAM for, you should be fine. However, once you've tested that all your hardware works with the GENERIC kernel, I would strongly recommend you compile a custom kernel and run that (do a Web search for a Perl program called dmassage which will help immensely), but keep a copy of GENERIC around in case problems do creep in. The reason for compiling a custom kernel in this case is to save memory; I saved about 2.5M on a similar system, which is a lot when you only have 32M to begin with (with any system much newer it's usually not worth it). I thought compiling a custom kernel was _discouraged_? I just loaded the 486 to the most I ever do: ssh to the big box (titan) to pon courer (the modem) and run bwm ssh to titan for mutt run aptitude, update the package list run top to watch everything run X with icewm: rxvt ssh titan, to run conquorer go to theweathernetwork.com I'm using 6 MB swap, but the system is not spending any time waiting for I/O. Aptitude is taking 75% of the CPU, top on a 2 second delay is taking 10%. I can still browse the net; the wait is a slow dial-up connection. I don't know how to tell how big the kernel in memory is since its modular. So I'll have to see how the generic kernel does. Doug.
Re: Is OpenBSD good/best for my 486?
On Wed, Mar 21, 2007 at 10:16:24PM -0500, Travers Buda wrote: * Douglas Allan Tutty [EMAIL PROTECTED] [2007-03-21 22:37:01]: I've got a 486DX4-100 with 32 MB ram, ISA bus, with two drives: 840 MB and 1280 MB IDE. Currently running Debian GNU/Linux Sarge. *snip* Is there any reason that OpenBSD wouldn't be my best choice for this box? I've run OpenBSD on a 486DX2 with 20 megs of ram. When you're talking about the 486es, you're going to want a FPU with openbsd. It does not look like there is any emulation (however, I remember seeing something in the GENERIC config a year or so back...) or else it won't work. The system was fine, and quite responsive for just ssh, tip, etc. OpenBSD is a fine choice, the biggest bottleneck you're probably going to see is virtual memory-related stuff like the encrypted swap, which you can turn off via the vm.swapencrypt.enable sysctl. You're probably not going to be swapping too darn much unless you decide to use X, then it's going to be a bit over the line, however, this does not mean it's not going to work. =) 486DX4-100 has FPU. All I need is a basic X window manager (for moving windows around), an xterm, and ssh that port forwards X11. Right now, I have no problem sshing to my athlon in the basement and running Konqueror for web browsing when I need java and https. The only other memory and compute intensive thing I do is run debian's aptitude package manager. You mean OpenBSD has encrypted swap out-of-the-box? That's fantastic. It took a while to set up on my debian etch box. Thanks, Doug.
Re: Microsoft gets the Most Secure Operating Systems award
On Thu, Mar 22, 2007 at 08:12:23AM -0700, Ben Calvert wrote: On Thu, 22 Mar 2007 18:58:31 +0530, Siju George [EMAIL PROTECTED] wrote: Hi, http://www.internetnews.com/security/article.php/3667201 From the article: Microsoft is doing better overall than its leading commercial competitors. ^^ No wonder. they stacked the deck before doing the comparison As I see it they compared: Microsoft: 12 serious vulnerabilities in the OS Red Hat: 2 serious vulnerabilities in the kernel + packages Mac OS X:1 serious vulnerability in the OS HP-UX: ?? _serious_ out of 98 total Solaris:?? _serious_ out of 36 total for OS + third-party apps The article seems to rank by the number of patches. If a vendor waits and sends out a mega-patch even monthly, to fix more bugs than anyone else, then that's only two patches over a 6 month period. Its a poorly constructed survey. Doug.
Re: Saving memory on small machines
On Thu, Mar 22, 2007 at 12:09:04PM -0600, Bob Beck wrote: * Artur Grabowski [EMAIL PROTECTED] [2007-03-22 10:32]: Kamil Monticolo [EMAIL PROTECTED] writes: # ls -lhS /usr/lib/libcrypto*a -r--r--r-- 1 root bin 11.7M Mar 22 13:53 /usr/lib/libcrypto_pic.a -r--r--r-- 1 root bin 11.6M Mar 22 13:53 /usr/lib/libcrypto_p.a -r--r--r-- 1 root bin 11.5M Mar 22 13:53 /usr/lib/libcrypto.a # strip -s /usr/lib/libcrypto*a # ls -lhS /usr/lib/libcrypto*a -r--r--r-- 1 root bin 909K Mar 22 13:53 /usr/lib/libcrypto_pic.a -r--r--r-- 1 root bin 865K Mar 22 13:53 /usr/lib/libcrypto_p.a -r--r--r-- 1 root bin 835K Mar 22 13:53 /usr/lib/libcrypto.a I'm speechless. This is the low water mark on misc@ this week. How can you call it a low water mark art? I wasn't speechless, I laughed my ass off. I needed the humor this morning, I'm hung over and spent the morning in a stupid meeting. That message made my day. Definately not a low water mark ;) My applogies. I don't get the humour. Take a lib, strip the debugging symbols, you get a functional lib that's 10% of the size. However, since BSD relies on the ability to recompile things, don't you need those libs to have the debugging symbols? Or is it that strip -s removes all symbols and it was only intended to remove the debug symbols. The libs won't work? Sorry, I'm from debian. I never compile C. The last thing I compiled was Fortran 77. I try not to mouth-breathe but, when I do, at least I don't drool. Could some kind soul gently explain the humour? Thanks, Doug.
Re: Saving memory on small machines
On Thu, Mar 22, 2007 at 04:42:57PM -0500, David Terrell wrote: On Thu, Mar 22, 2007 at 01:29:33PM -0700, Ted Unangst wrote: On 3/22/07, Douglas Allan Tutty [EMAIL PROTECTED] wrote: Or is it that strip -s removes all symbols and it was only intended to remove the debug symbols. The libs won't work? yes, libs without symbols aren't especially useful for future development. Also, stripping static libs has ZERO impact on your installed system, it only affects things you compile from source on that box. (and, as you mention -- negatively). So the laugh was that the poor fellow has hosed his machine and won't know it until the next time he has to compile a patch? Sort of like /bin/rm -rf / instead of rm -f /bin/laden? Doug.
Request for links to BSD adminstration docs
Hello, I'm considering moving my 486 from Debian to OpenBSD. I haven't the money to spend on a new e.g. UNIX System Administration. 4.4 BSD System Manager's Manual is out of print. I haven't been able to google anything freely available on the internet. My local library has had their only UNIX book stolen (not by me). Since BSD came from a university, did they ever publish under the BSD licence a SMM, and if so is it avilable free anywhere? Is there a BSD repository of free documents similar to IBM's for AIX? I've got the basic Linux CLI admin skills. What I'm looking for is indoctrination into the BSD way of doing things and the wisdom behind it. I'm looking for a bit of the historical culture; the wisdom of ages past. As a simple example. I'm used to Debian where updates can happen without disturbing users (clones of myself mostly). On a new fast box, one can build a patch in a short time, but then the system has to be brought down, install the patch, then bring it back up. In years past, how did a sysadmin with one VAX handle that? Take the computer off line at 1700, do the build, install, and hope to have everything back up by 0800? I figure that if I get an old BSD book and combine it with the OpenBSD FAQ plus man pages, I'll be off to a good start. I'm not, as someone here referred to themselves as, an old fart. I'm not _that_ old (40), but I don't want a book that starts off Click on I wouldn't mind one that starts Turn on your terminal and hit enter. Thanks, Doug.
Re: Request for links to BSD adminstration docs
On Thu, Mar 22, 2007 at 09:00:01PM -0700, Darrin Chandler wrote: On Thu, Mar 22, 2007 at 11:30:06PM -0400, Douglas Allan Tutty wrote: I'm considering moving my 486 from Debian to OpenBSD. I haven't the money to spend on a new e.g. UNIX System Administration. 4.4 BSD System Manager's Manual is out of print. I haven't been able to google anything freely available on the internet. My local library has had their only UNIX book stolen (not by me). I figure that if I get an old BSD book and combine it with the OpenBSD FAQ plus man pages, I'll be off to a good start. As for your simple example above, I've seen more than once someone talk about bringing a box down for extended periods to update. I just don't get that. It's easy enough to update sources or apply the patch and rebuild while the system is up. Sure, it can add a lot of load, but OpenBSD is fairly stable under load in terms of still serving web pages, or doing mail, etc. Then the only total downtime is during reboot if you've updated the kernel, or restart time on daemons if you've only updated userland. Sounds similar to debian which also has to reboot a new kernel. Do you run the rebuild niced? However, is it correct that when a new release comes out every six months, you have to reboot into that? How long does an upgrade from one release to the next take? Thanks for your suggestions re used books. I'll try some of Kingston's used book stores and see what I can get at the Queen's book store. Doug.
Is OpenBSD good/best for my 486?
Hello, I've got a 486DX4-100 with 32 MB ram, ISA bus, with two drives: 840 MB and 1280 MB IDE. Currently running Debian GNU/Linux Sarge. Box has two uses: under normal cirumstance, as a thin client to my athlon box elsewhere in the house. As a toolbox incase anything goes wrong with my new athlon, I still can dial out to the net for help and downloads. Debian Etch will need more than 32 MB ram so am starting the planning. I've compared Open-, Net-, and Free-BSD (via google search and reading the three web-sites) and like the security-by-default nature of Open- and its reputation for solid documentation. I'm used to the command line (hate GUI) and vi. Is there any reason that OpenBSD wouldn't be my best choice for this box? Thanks, Doug.