k with peaks around 130K - peaks do not seem to correlate to
the outages;
number of pf states are in the range of 200k to 400k, well below configured
limit of 1M;
If anybody has any suggestions where to look for next clues, i would be
grateful.
Kind Regards
Joosep
o problems when host0 was running 4.7 and host1 4.9.
Problem occurs with SHA1 and MD5, which are both supported by CA. When
using SHA2(that is not supported by CA) everything
works. Problem exist with tunnel and transport mode.
Any debugging hints and ideas to get sha1 working are welcome,
Joosep
if
> > it's possible. I know some kind of nat-t should be used though.
> >
> > Does anyone
> > have this configuration in place ?
> >
> > Thanks
>
> [demime 1.01d removed an attachment of type application/pgp-signature
> which had a name of signature.asc]
>
>
Hi!
I think the problem in your case is HMAC-SHA2 incompatibility between
releases before 4.7 and 4.7(and upwards) releases. Please check this link
http://www.openbsd.org/faq/upgrade47.html#hmac-sha2
regards,
Joosep
ometimes times out. Not sure about the reason for this
> yet.
>
> //maxim
>
> Hi!
There is a patch for 4.8 and 4.9 that probably fixes your timeouts problem.
Please read this thread:
http://marc.info/?l=openbsd-misc&m=130959664208980&w=2
It's not a critical bugfix, so it's not on the errata page, but it is in the
cvs.
Joosep
Hi!
ubsec0 at pci5 dev 0 function 0 "Broadcom 5862" rev 0x01: 3DES MD5 SHA1 AES
PK, apic 9 int 0 (irq 10)
Joosep
On Wed, May 18, 2011 at 8:56 PM, Maxim Bourmistrov
wrote:
> How does it look in dmesg for this card?
>
> Sent from my iPhone
>
> On May 18, 2011, at 10:42
uch power left on
machines main cpu (10% idle).
So i guess the limiting factor here is main cpu not the CA card.
I have done the same tests with 1,8 GHz opteron and in that case the result
was around 270mbps.
Joosep
et around 400Mbps asynchronous
throughput(the result may ofcourse vary depending on packet size and other
factors), wich was twice as much as without it. We used iperf with UDP
protocol for testing.
All the best,
Joosep
ub1 port 1 configuration 1 interface 1 "HP Virtual
Keyboard" rev 1.10/0.02 addr 2
uhidev1: iclass 3/1
ums0 at uhidev1: 3 buttons
wsmouse0 at ums0 mux 0
uhub5 at uhub1 port 2 "HP Virtual Hub" rev 1.10/0.01 addr 3
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
root on sd0a swap on sd0b dump on sd0b
bnx0: address 00:1b:78:ce:da:22
brgphy0 at bnx0 phy 1: BCM5708C 10/100/1000baseT PHY, rev. 6
bnx1: address 00:1b:78:ce:da:0c
brgphy1 at bnx1 phy 1: BCM5708C 10/100/1000baseT PHY, rev. 6
I have an understanding, that there is no configuration changes
needed when using crypto accelerators on OpenBSD.
For now, i have run out of ideas what to try, in order to
get it working. Am i doing something wrong?
I would be very grateful, for any hints and
suggestions for further debuging.
All the best,
Joosep
8 matches
Mail list logo
