Various ACPI problems on various IBM hardware

2015-08-14 Thread Frederic URBAN 
Hello,

We have some ACPI problems with various IBM server X. Since it's a very 
early panic when kernel boot there is now access to ddb to print the 
trace. You are prompted to press any key to reboot :) It has been 
verified on IBM Server x3650 M1, M2 and M3. We are using OpenBSD 5.7, 
this panic happends with bsd.rd and bsd.mp

The system is usable when I disable acpi when booting on RAMDISK_CD and 
after the installation on GENERIC.MP

I can provide a screenshot of the KVM over LAN if you guys wants. Like 
we did in the past (Adding support of Intel 82576 on em(4)), I also can 
provide you a remote access to both oldest machines (a Server x3650 M1 
and a Server x3650 M2) with serial cable to help you to fix this. We are 
big users of OpenBSD on various systems (Dell, HP) for the first time i 
need to install a firewall on IBM hardware so if we can help, i'm ready 
to setup a lab for you.

Frédéric.
-- 
Frédéric URBAN
*Frédéric URBAN*
Ingénieur Réseaux

frederic.ur...@ircad.fr mailto:frederic.ur...@ircad.fr
Tél. : +33 (0)3 88 119 038
IRCAD France
http://www.ircad.fr/ http://www.ircad.fr/

Suivez l'IRCAD sur Facebook 
http://www.facebook.com/pages/IRCAD/193785273990141

*IRCAD France*
Hôpitaux Universitaires - 1, place de l'Hôpital - 67091 Strasbourg Cedex 
- FRANCE

Re: relayd url redirection

2015-03-25 Thread Frederic URBAN 
Hi all,

I'm try to reproduce such a setup with relayd on OpenBSD 5.7-current. 
Many change between the latest stable and the -current... I followed 
changes in relayd.conf(5) but i'm still not able to get a working solution.

This is a draft, my first contact with relayd. My objective is to use 
one virtual IPv4 public address to reach multiple webservices.

here is my relayd.conf, the behavior is quite simple, every GET goes on 
web1 host, any clue ?

table web1 { 192.168.228.73 }
table web2 { 192.168.228.50 }

http protocol http_tls {
 match header append X-Forwarded-For value $REMOTE_ADDR
 match header append X-Forwarded-By value 
$REMOTE_ADDR:$SERVER_PORT
 match header set Keep-Alive value $TIMEOUT

 match request url web1/ forward to web1
 match request url web2/ forward to web2

 tls { tlsv1, ciphers MEDIUM:HIGH }
 tls ca key /etc/ssl/private/server.key password ReallyWantIt?
 tls ca cert /etc/ssl/ca.crt
}

relay tls_accel {
 listen on 192.168.228.101 port 443 tls
 protocol http_tls
 forward to web1 port 80 check tcp
 forward to web2 port 80 check tcp
}

Frédéric.


Le 11/07/2014 14:12, Reyk Floeter a écrit :
 Hi,

 On Fri, Jun 20, 2014 at 10:35:13PM -0400, Predrag Punosevac wrote:
 I am seriously reading realyd man pages for the first time in my life.
 Namely I am after url suffix redirection. I will try to explain little
 bit better.

 I have close to 10 virtual hosts running behind OpenBSD firewall which
 has a single public IP address. My boss insists that all virtual hosts
 be reachable on the port 80. Can relayd do url suffix redirection? What
 I mean is a map:

 www.autonlab.org   10.0.0.0 host
 www.autonlab.org/web1  10.0.0.1 host
 www.autonlab.org/web2  10.0.0.2 host
 www.autonlab.org/web3  10.0.0.3 host

 and so on. Until now I was using nginx as a proxy and port redirection

 www.autonlab.org    10.0.0.0
 www.autonlab.org:8080   10.0.0.1

 and so on so forth.

 I didn't answer before because it was not supported by relayd but I
 was working on the filter upgrade that got committed yesterday.

 Your mail was almost a month ago, so you probably found another
 solution now, but it works in -current and the upcoming release with
 something like the following:

 ---snip---
 table web0 { 10.0.0.0 }
 table web1 { 10.0.0.1 }
 table web2 { 10.0.0.2 }
 table web3 { 10.0.0.3 }

 http protocol autonlab {
   return error
   pass
   match request patch /web1* forward to web1
   match request patch /web2* forward to web2
   match request patch /web3* forward to web3
 }

 relay autonlab {
   listen on 128.2.204.171 port 80
   protocol autonlab

   # Main server table
   forward to web0 check tcp port 80

   # Additional server tables used by custom rules
   forward to web1 check tcp port 80
   forward to web2 check tcp port 80
   forward to web3 check tcp port 80
 }
 ---snap---

 Reyk

-- 
Frédéric URBAN
*Frédéric URBAN*
Ingénieur Réseaux

frederic.ur...@ircad.fr mailto:frederic.ur...@ircad.fr
Tél. : +33 (0)3 88 119 038
IRCAD France
http://www.ircad.fr/ http://www.ircad.fr/

Suivez l'IRCAD sur Facebook 
http://www.facebook.com/pages/IRCAD/193785273990141

*IRCAD France*
Hôpitaux Universitaires - 1, place de l'Hôpital - 67091 Strasbourg Cedex 
- FRANCE

Kernel TCP recv / send buffer auto scaling

2013-10-18 Thread Frederic URBAN 

Hello guys,

Since 4.9, there is a auto-scaling tcp buffer size, good functionnality 
but i've a question. I'm using a pair of OpenBSD servers as squid 
proxies. Our internet bandwidth is 1Gb/s so we are able to download @ 90 
Mbytes /s if needed.


When I was using OpenBSD 4.8, i was tuning kernel parameters 
(net.inet.tcp.recv/sendbuffer) to allow faster downloads through the 
proxy but with 5.1 and now 5.3 i'm not able to download faster than 3.5 
Mbytes/s, any idea how i could achieve that with 5.3/5.4 ?


Fred !