Re: Any serious production servers yet?
On 2006-05-30, Danial Thom <[EMAIL PROTECTED]> wrote: > And what kind of volume are you pushing through > your firewalls peak, in terms of bandwidth and > pps? The main reason that we chose DragonFlyBSD was that it could *install* on a Siemens RX200S2 when all the other BSDs failed (and we prefer pf for packet filtering). 1.2.0 at the begining and _Preview now. Our bottleneck in terms of pps was our cisco card (which we now changed and we do not see any problems). The last thrity minutes it served 23,112 connections, 3,369,221 packets and 2,578,423,409 bytes at a load arround 0.02. The only thing that goes slow (compared to inferior and IDE DragonFlyBSD systems that we also run elswhere) is make buildworld and I am guessing that it has to do with the disks. However it is more of a nuissance than a problem and have not investigated further. > I guess I should have qualified my question. If > you're pushing less than 100Kb/s then there's > really no reason to spend 3X the dollars on a > multi-core system. So the only real value of an > MP system is how it performs under heavy load, if > you're talking about a server and not a desktop > box. Well for now we use uniprocessor systems, so my mistake - it did not cross my mind that you wanted oppinions on MP systems only.
Re: Any serious production servers yet?
On 2006-05-29, Danial Thom <[EMAIL PROTECTED]> wrote: > Is anyone using DragonflyBSD in any serious > production servers yet? Any feelings about how > it measures up in its current state > performance-wise? We run firewalls on DragonFlyBSD with pf. We are very pleased with the performance and only had one small problem with ftp-proxy which is resolved as described here: http://www.dbnet.ece.ntua.gr/~adamo/howto/DragonFlyBSD/ftp-proxy.txt Apart from that we are very very happy! -- #include /* Yiorgos Adamopoulos */
Strange sshd problem with 1.5.3-PREVIEW
Hi! I upgraded two servers to 1.5.3-PREVIEW and noticed that although sshd is compiled to use libwrap.so, it does not consult it (server name mangled): XYZW# uname -a DragonFly XYZW.tee.gr 1.5.3-PREVIEW DragonFly 1.5.3-PREVIEW #0: Fri Apr 28 16:46:54 EEST 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 XYZW# ldd /usr/sbin/sshd /usr/sbin/sshd: libopie.so.3 => /usr/lib/libopie.so.3 (0x280a5000) libmd.so.3 => /usr/lib/libmd.so.3 (0x280af000) libcrypt.so.3 => /usr/lib/libcrypt.so.3 (0x280b9000) libutil.so.4 => /usr/lib/libutil.so.4 (0x280d2000) libz.so.3 => /usr/lib/libz.so.3 (0x280df000) libwrap.so.4 => /usr/lib/libwrap.so.4 (0x280f) libpam.so.3 => /usr/lib/libpam.so.3 (0x280f8000) libssh.so.4 => /usr/lib/libssh.so.4 (0x280ff000) libcrypto.so.4 => /usr/lib/libcrypto.so.4 (0x28136000) libc.so.6 => /usr/lib/libc.so.6 (0x28284000) XYZW# cat /etc/hosts.allow ALL: 127.0.0.1 : ALLOW ALL: ALL : DENY However, ssh connections to XYZW are allowed and accepted. TIA for any ideas or flames. -- #include /* Yiorgos Adamopoulos */
Re: why do you use DragonFly? (writing an article)
On 2005-12-01, Jeremy C. Reed <[EMAIL PROTECTED]> wrote: > Why do you use DragonFly? Actually we started using DragonFly because all the other BSDs refused to install on a Siemens Primergy RX200 server. Contrary to the other three, it liked to talk to the LSI Logic SCSI controller that this machine has. > What did you use before DragonFly? Our original goal was to run OpenBSD. > What primary software do you use on DragonFly? PF and ipaudit > What features or support are you looking forward to? We want something that changes more frequently than the stable version of OpenBSD and is easer to upgrade from source. That is why we are tracking Preview. I would like to see (but do not care that it's not there) a version of Apache 1.x in the base system (just like OpenBSD does) but since it's in the pkgsrc system, no problem. Now if we can get Oracle to support DragonFly natively... :-) -- #include /* Yiorgos Adamopoulos */
Re: pkgsrc and /etc/defaults/rc.conf
On 2005-09-16, Joerg Sonnenberger <[EMAIL PROTECTED]> wrote: > On Fri, Sep 16, 2005 at 03:02:50PM +0300, Yiorgos Adamopoulos wrote: >> Since it is decided that pkgsrc is the default packaging system for >> DragonFly, >> should ldconfig_paths in /etc/defaults/rc.conf should be changed to include >> /usr/pkg/lib ? I've done this in /etc/rc.conf.local, but should it be a >> default for 1.3? > > Anything which needs that is broken and should be reported as bug. In Well, one of the administrators here compiled by hand OpenVPN for DFLY (he installed liblzo from pkgsrc though). openvpn would not start unless we either run ldconfig -m /usr/pkg/lib or set it via rc.conf.local > fact, once I have fixed libtool you wouldn't ldconfig for normal > programs at all. Thank you! -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
pkgsrc and /etc/defaults/rc.conf
Hi! Since it is decided that pkgsrc is the default packaging system for DragonFly, should ldconfig_paths in /etc/defaults/rc.conf should be changed to include /usr/pkg/lib ? I've done this in /etc/rc.conf.local, but should it be a default for 1.3? -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
net-snmp from pkgsrc ?
Has anyone succeeded in building it. I am running 1.3.5-PREVIEW and I get: cc -I../../include -I. -I../../agent -I../../agent/mibgroup -I../../snmplib -I/usr/pkgsrc/net/net-snmp/work/.buildlink/include -DINET6 -O2 -Ddragonfly1 -c mibII/ipv6.c -fPIC -DPIC -o mibII/.libs/ipv6.o mibII/ipv6.c: In function `if_getname': mibII/ipv6.c:531: warning: return discards qualifiers from pointer target type mibII/ipv6.c: In function `if_getifnet': mibII/ipv6.c:584: error: structure has no member named `if_next' mibII/ipv6.c: In function `var_ifv6Entry': mibII/ipv6.c:815: error: cannot convert to a pointer type mibII/ipv6.c:836: error: structure has no member named `ifa_next' mibII/ipv6.c: In function `var_udp6': mibII/ipv6.c:1251: error: structure has no member named `in6p_next' mibII/ipv6.c:1344: error: structure has no member named `in6p_next' mibII/ipv6.c: In function `var_tcp6': mibII/ipv6.c:1665: error: structure has no member named `in6p_next' mibII/ipv6.c:1773: error: structure has no member named `in6p_next' *** Error code 1 -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
Re: Purpose of lukemftpd?
On 2005-09-06, Gabriel Ambuehl <[EMAIL PROTECTED]> wrote: > I've found the ftpd in FreeBSD to be powerful enough for most things. If > you need encrypted transmissions, chances are you should be using SFTP > in first place (as anon FTP over SSL doesn't make much sense in my book OTOTH, having the control connection SSLed and the data connection unencrypted is faster than SFTP sometimes the only thing that you want to securely exchange is the username and password. -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
make release question
Accodring to release(7) if you setenv MAKE_ISOS: "If defined, bootable ISO CD-ROM images will be created, from the contents of the CD-ROM stage directory." But, after a "make install_fetchpkgs release" I get: # ls /usr/release/ /usr/release: dfly.iso root/ And dfly.iso does not have the installer :-( I tried this with yesterday's preview (2005/09/05). -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
/usr/pkg/{bin,sbin} - where in $PATH ?
Hello!
Where do you place in your $PATH /usr/pkg/{bin,sbin} ? First? Last?r
Do the pkg_* utils from pkgsrc interract safely with the ones from FreeBSD's
ports (which I assume are the ones in /usr/sbin/) ?
--
#include
#define POWERED_BY "http://www.DragonFlyBSD.org/";
Re: console on serial port
On 2005-09-01, Simon 'corecode' Schubert <[EMAIL PROTECTED]> wrote: > Yiorgos Adamopoulos wrote: >> How? > > echo -h > /boot.config > sed -i '/^console/s/off/on /' /etc/ttys > Thank you! I did it as it was mentioned in http://leaf.dragonflybsd.org/~justin/handbook/serialconsole-setup.html section 17.6.2 -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
console on serial port
How? -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
Re: booting problems with the cdrom
On 2005-08-07, scalopus <[EMAIL PROTECTED]> wrote: > 2) Later i tryed the development iso: > 2CSNAP-20050724-2330-Devel.iso.bz2 > This cd boots, i can see the Boot menu, but when booting > the kernel it crashes when accessing to the ata, suppose the > atapi, the acd0 cdrom, with the following error: > > acd0: MODE_SENSE_BIG command timeout - resetting > ata0: WARNING: atapi resetting donecount 28 for retry > ata0: resetting devices .. done > > It repeats about 5-7 times, and after it kernel crashes: At the boot menu drop to the loader's command line (IIRC, option 6) and type: set hw.ata.ata_dma=0 set hw.ata.atapi_dma=0 boot Then continue with the installation. If the installation completes sucessfully, upon reboot remember to drop again to the command line menu of the loader (so as to boot normally). Then to have these changes permanet you can place the at /boot/loader.conf.local as follows: hw.ata.ata_dma=0 hw.ata.atapi_dma=0 - Yiorgos -
cvsupfile targets
I have gotten a little confused with the cvsupfile targets one can have to download the sources. From what I gather: *default release=cvs tag=DragonFly_Preview <- PREVIEW *default release=cvs tag=. <- HEAD right? And what is the tag for STABLE ? -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
Re: Hacking my own firewall :-)
On 2005-08-01, =?windows-1250?Q?Przemys=B3aw_Szczygielski?= <[EMAIL PROTECTED]> wrote: >> TTBOMK, there is no service started that accepts connection on the ethernet >> interface, so you cannot have any incoming connections. I run 1.3-PREVIEW >> and >> the only service that shows up in an nmap scan is 22/tcp and this only after >> putting sshd_enable="YES" in /etc/rc.conf.local. > > Eeeerm, nope. I am not as stupid as that! :-> I've started SSH and I > can SSH to localhost... tcpdump on the ethernet interface? -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
Re: Hacking my own firewall :-)
On 2005-07-31, =?windows-1250?Q?Przemys=B3aw_Szczygielski?= <[EMAIL PROTECTED]> wrote: > I do have outgoing traffic, but incoming is totally blocked. And TTBOMK, there is no service started that accepts connection on the ethernet interface, so you cannot have any incoming connections. I run 1.3-PREVIEW and the only service that shows up in an nmap scan is 22/tcp and this only after putting sshd_enable="YES" in /etc/rc.conf.local. -- #include #define POWERED_BY "http://www.DragonFlyBSD.org/";
