On Thu, Jun 05, 2014 at 08:02:58PM +, Miod Vallat wrote:
If you can't trust people to apply one-liner fixes correctly, can you
trust them for anything serious?
I really don't like to point fingers, but...
It is done by the same people that introduced
the Debian random number bug back in
On Sun, Jan 26, 2014 at 03:44:14PM -0500, ido...@gmail.com wrote:
Hi misc@,
From http://marc.info/?l=openbsd-cvsm=133217901415880w=2
The ``sleep until we have a writer'' behaviour of an open() on a fifo
does so with the file descriptor table locked, so if we are waiting for
another thread
On Wed, Jul 25, 2012 at 12:07:25PM +0200, Henning Brauer wrote:
* Lee Verberne l...@blarg.org [2012-07-19 23:46]:
A power supply failed in my 2-node OpenBSD 5.1 unicast CARP cluster
recently. After the failure I noticed that the carp demote counter was
being increased by output errors:
On Fri, Mar 02, 2012 at 09:23:38AM +0100, Marios Makassikis wrote:
The demotion counter is decremented when you lose connectivity (ip_output
errors for instance), but shouldn't it be reincremented when you regain
connectivity?
Well, that's a chicken and egg problem there.
It won't send out
Hi,
so far, the 82579LM em(4) was only working by luck.
This should be fixed in -current.
On Fri, Oct 14, 2011 at 08:38:50AM +0200, Maxim Bourmistrov wrote:
Hi,
I'm getting em1 watchdog timeout from bsd.rd while tried to snapshot
already -current box.
However, manually moving in bsd from
On Tue, Jul 26, 2011 at 10:00:48AM +0200, Marcus M|lb|sch wrote:
Hello all,
Since I added another physical and carp interface to our firewalls, I
get strange error messages, and strange behaviour for carp failover.
Jul 25 15:00:03 fw2 /bsd: carp32: ip_output failed: 64
Jul 25 15:00:03
On Sat, Apr 23, 2011 at 09:15:51PM +, Stuart Henderson wrote:
On 2011-04-21, ??? chipits...@gmail.com wrote:
Dear Sirs,
I need to configure ipv6 over carp interface. It seems that carp doesn't
like things in one line
ifconfig carp470 vhid 70 pass xxx carpdev vlan470
On Tue, Dec 21, 2010 at 09:34:01AM +0100, David Coppa wrote:
On Tue, Dec 21, 2010 at 2:23 AM, Fernando Quintero
fernando.a.quint...@gmail.com wrote:
some comment?
http://seclists.org/bugtraq/2010/Dec/200
I'm not able to provide a solution, but this is of course a bug that
needs to be
On Tue, Apr 13, 2010 at 04:32:12PM +0900, william dunand wrote:
Dear list,
I am currently setting up two 4.6 boxed to act as carp'ed firewalls.
[...]
Even though I got to quite satisfying results, I am confused about the
net.inet.carp.preempt definition given in the carp(4) man page:
On Thu, Nov 26, 2009 at 03:56:37PM +0100, Henning Brauer wrote:
* Derek Buttineau de...@csolve.net [2009-11-26 15:07]:
On 2009-11-25, at 6:23 PM, Henning Brauer wrote:
check ifconfig -g carp on both
Right now both are at:
carp: carp demote count 0
However, I did check
On Tue, Oct 20, 2009 at 01:30:01AM -0600, Anathae E. Townsend wrote:
Off topic, I know, but I'm hoping some USB programming smart readers
might know the answer to my question.
Are there available usb interface chips that an OEM can program the
PID, VID, and Serial Number without having to
On Tue, Oct 06, 2009 at 11:22:11PM +0300, Imre Oolberg wrote:
Hallo!
I have used carp ip-stealth balancing for only pass and block rules with
two openbsd 4.5 firewalls and https server quite successfully, like this
Hi,
finally someone who got IP balancing to work :)
to isp
On Tue, Aug 04, 2009 at 03:15:25PM +0200, Federico wrote:
Rosen Iliev wrote:
Hi Federico,
Did you try to change the balancing mode to ip-unicast or ip-stealth?
from man carp(4)
I just tried with ip-unicast, but both machines stop working.
Do I have to think it's a switch related
Hmm,
are you sure this is happening with OpenBSD?
We solved that problem almost two years ago.
Dunno if FreeBSD merged any of these changes...
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ip_carp.c?f=h#rev1.152
On Mon, Jul 27, 2009 at 09:09:27AM +0200, Vadim Korschok wrote:
The
On Mon, Jul 27, 2009 at 04:01:39PM +0200, Vadim Korschok wrote:
Marco Pfatschbacher m...@mailq.de 27.07.2009 11:35
Hmm,
are you sure this is happening with OpenBSD?
We solved that problem almost two years ago.
Dunno if FreeBSD merged any of these changes...
http://www.openbsd.org/cgi
On Thu, Nov 13, 2008 at 05:51:49PM -0800, Vivek Ayer wrote:
Yay! I got ssh and http to work on the CARP interface. Thanks.
However, the httpd redirect is not working just yet on the CARP
interface for one of the computers. Does IP balancing mess up
redirect?
Well, that depends.
IP balancing
On Wed, Nov 12, 2008 at 11:40:36AM -0800, Vivek Ayer wrote:
i don't think I understand. Clarify. you mean carpdev is like your
physical interface..eth0, re0, etc.?
say you have a carp configured like:
carp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr
On Tue, Nov 11, 2008 at 03:53:54PM -0800, Vivek Ayer wrote:
[...]
# macros
[...]
carpdevs = { carp0 , carp1 }
[...]
# pass rules
[...]
pass in on $carpdevs inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state # Allow SSH Access from Outside
just from a quick
On Sat, Nov 24, 2007 at 05:14:04PM +0700, Insan Praja SW wrote:
The ifconfig:
Machine A#
[...]
vlan2: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500
lladdr 00:15:17:25:0a:9e
vlan: 2 priority: 0 parent interface: em2
groups: vlan
inet6
On Fri, Nov 02, 2007 at 09:53:46AM +0100, [EMAIL PROTECTED] wrote:
hi
yes the em0 ist member of the /22 network and the carpdev opion ist an old
setting from the start of this cluster
where i setup no ip on the interface.
should i try this ip balancing whitout this option ?
No, it's
On Sun, Nov 04, 2007 at 01:17:19PM +0100, [EMAIL PROTECTED] wrote:
but we check our switches ( HP 2824 ) and my networker says that we have old
revision of firmware inside.
we will update this at monday and that we test it again.
I don't think that's necessary. It's not a bug in the switch.
On Wed, Oct 31, 2007 at 11:26:48AM +0100, holger glaess wrote:
hi
i did the carp ip loadbalancing setup as describe at the man page.
i did it on an full funktional carp cluster that means that carp an pf is ok.
host A:
inet 10.100.0.254 255.255.252.0 10.100.3.255 carpdev em0 vhid 25
On Tue, Oct 23, 2007 at 11:10:32AM +0200, Heinrich Rebehn wrote:
Googling showed up quite a few posts of people having problems with CARP
and the incorrect hash message, but none really helped me.
the most common reason for incorrect hash messages is
that your configuration isn't in sync.
On Tue, Sep 25, 2007 at 08:57:19AM -0700, dane johansen wrote:
I went to colo, and checked what happened, as soon as a type:
ifconfig carp0 10.10.10.110 netmask 255.255.248.0 vhid 7 advskew 100
I get:
ifconfig carp0 10.10.10.110 netmask 255.255.248.0 vhid 7 advskew 100
uvm_fault(0xd6a07524,
On Wed, Sep 19, 2007 at 09:07:52PM -0700, dane johansen wrote:
Hi,
I'm trying CARP ip balancing on openbsd 4.2 (-current). I have 3 boxes (host
A, host B and host C) so I started configuring carp interfaces according
manual:
A# ifconfig carp0 10.10.10.100 netmask 255.255.248.0 vhid 7
On Sun, Mar 25, 2007 at 08:23:25PM +0200, Jeremie Le Hen wrote:
Btw, you might consider using ifstated(8)
instead of scripting sth w/ ifconfig(8).
I don't understand what you are saying here. I explicitely showed
the commands which can lead to my setup. They are usually handled
by
On Fri, Mar 23, 2007 at 04:35:31PM +0100, Jeremie Le Hen wrote:
[...]
- We are using stock OpenBSD 4.0 for our test.
[...]
Without running ifconfig(8) too often, the convergence time is a
few seconds but we managed to increase the delay up to 2 minutes
with this trick.
This is fixed in
On Fri, Mar 23, 2007 at 12:38:44PM +1200, Nigel Roberts wrote:
[...]
You can see when the state change happens. The backup host advertises
with advskew of 100, advbase of 2 and promptly decides it's the master
until the next advertisment arrives from the machine that really
should be the
On Sun, Feb 25, 2007 at 06:10:43PM +0100, Stefan Kell wrote:
Hallo list,
I want to use this machine as a dual-boot system together with windows. It
is connected to a standard PS2-KVM, no USB-mouse or keyboard. Installation
of both Windows and OpenBSD 4.0 from CDs worked without any
On Fri, Sep 15, 2006 at 12:49:20PM -0700, Tom Bombadil wrote:
Greetings all... This was probably discussed before, but I couldn't
really find anything in the archives.
1) We have a carp0 interface with a few aliases in it, and carp works
fine between master (SERVER-A) and backup
On Fri, Jul 21, 2006 at 02:50:04PM +1000, Alex Strawman wrote:
I'm experiencing some weird carp issues - it is working ok, however my
logs are being filled with this:
the systems are in an environment with ciscowned vrrp traffic - is
that the cause?
Likely,
though per default carp shouldn't
On Thu, Apr 20, 2006 at 05:42:20PM +0200, Otto Moerbeek wrote:
On Thu, 20 Apr 2006, Lars Weste wrote:
Hi,
yes, i am running 3.8 -stable, and the backup has a higher advbase than
err, for preemption to work, the advskew should be higher on the backup.
At least, that is what carp(4)
On Wed, Apr 05, 2006 at 03:16:04PM -0700, Gustavo A. Baratto wrote:
Greetings all...
We were trying to upgrade a couple of boxes (fw1 and fw2) running 3.6 to
3.8, but we came across an interesting problem with carp...
First we installed 3.8 from scratch on just fw2, and kept fw1 in
On Fri, Jan 27, 2006 at 02:18:10PM +0100, Alexander Hall wrote:
Hi!
I just noticed (the hard way) a strange behaviour of ifconfig. In short,
if I supply a netmask when removing an alias with ``-alias address'',
it is not, as one would expect, ignored, but rather used as the netmask
for
On Sun, Jan 01, 2006 at 10:52:43PM +, Karl O. Pinc wrote:
On 01/01/2006 03:09:03 PM, Marco Pfatschbacher wrote:
On Sun, Jan 01, 2006 at 12:28:42AM +, Karl O. Pinc wrote:
[...]
Suppose I have 2 firewalls, one failing over to the
other with carp. (net.inet.carp.preempt=1 on
both
On Sun, Jan 01, 2006 at 01:50:58AM +, Karl O. Pinc wrote:
man 5 ifstated.conf says:
The init block is used
to initialise the state and is executed each time the
state is entered.
But this does not seem to be true if you use 'init-state'
to enter the state. Or maybe there's something
On Sun, Jan 01, 2006 at 12:28:42AM +, Karl O. Pinc wrote:
[...]
Suppose I have 2 firewalls, one failing over to the
other with carp. (net.inet.carp.preempt=1 on
both firewalls.) Each has 3 interfaces, internet,
lan, and dmz. The dmz has, say, a webserver.
Now to connect the 2 firewalls
On Sat, Jun 11, 2005 at 02:12:55AM -0400, Michael Erdely wrote:
[...]
$ sudo ifconfig xl0 inet alias 192.168.25.49 \
netmask 255.255.255.255 broadcast 192.168.25.49
[...]
$ sudo ifconfig xl0 inet -alias 192.168.25.49 \
netmask 255.255.255.255 broadcast 192.168.25.49
[...]
Then,
38 matches
Mail list logo
