headers
VEDI express | 14 May 03:38

Votre PopUp 3x3 à 690 euros: maintenant chez Vedi

Existe aussi en modhle 3x4

Impression HD et valise de transport incluses !

Idial pour la promotion (points de vente, stands,...)

Installation aisie: 10 minutes ` 1 personne
Dij` disponible 4 jours aprhs la commande !

Commandez-le en 5 minutes: facile & rapide !

ROLLUP ORIGINAL

Congu pour vos points de vente et salons commerciaux. 3 tailles disponibles.
Doti d'un caisson rigide et de 2 pieds rotatifs
renforcis. Usage allant jusqu'` 20 ivinements. Housse de transport incluse.

A partir de 49 eur (htva) dhs le 1er acheti.

COMPTOIRS
Structures flexibles pour un montage aisi en moins de
2 minutes. Fournis avec sac de transport. Image
au choix (vendue sipariment).

A partir de 122 eur (prix htva) .

PORTE-
BROCHURES
5 modhles de stock. Finitions en acier chromi ou en alu. Ricepteurs rigides
ou souples. Repliables. Sac de transport inclus.
(Continue reading)

Permalink | Reply | 0 comments |
headers
wdgqxdlpftq | 12 May 03:13
Picon
Favicon

Ⅱ正}{规︺单¤据∮代ⅶ开㊣

U18ba2OIGu1B

bQbHUINy**4**iuYoQA
Permalink | Reply | 0 comments |
headers
Simon Perreault | 21 Feb 14:36
Picon
Favicon

IPv6 fragment handling

FYI, OpenBSD looks good in this analysis thanks to recent work by 
Alexander Bluhm!

http://blog.si6networks.com/2012/02/ipv6-nids-evasion-and-improvements-in.html

Simon
Permalink | Reply | 0 comments |
headers
Axel Rau | 15 Sep 09:48
Picon

duplicate CARP address

Hi all,

I'm getting
---
 /bsd: nd6_na_input: duplicate IP6 address fe80:000d::0200:5eff:fe00:0103
---
on one CARP device.
Why does this happen?
It started after I used
	ifconfig -f CARP carpdemote
with a flapping CARP device.
Should I use different CARP devices for IP and IP6?

Axel
---
PGP-Key:29E99DD6  b +49 151 2300 9283  b computing @ chaos claudius
Permalink | Reply | 0 comments |
headers
William Wilson | 8 Mar 15:16
Picon

IPsec in a multiprocessor environment

Hello,

I wish to use IPsec(IPv6 only) in a multiprocessing environment.
I am using GENERIC.MP but "locking" within IPsec code looks suitable only
for a single processor (splnet/splx etc).

Am I missing something?
Permalink | Reply | 0 comments |
headers
Axel Rau | 3 Feb 10:59
Picon

IPv6 connectivity via IPSEC tunnel

Hi all,

anybody out there with IPv6 default route going through an IPSEC tunnel?

I have a kernel memory corruption problem with my 4.8/4.9 IPSEC clients.

I just filed kern/6556:
	http://article.gmane.org/gmane.os.openbsd.bugs/16632

Axel
---
axel.rau <at> chaos1.de  PGP-Key:29E99DD6  +49 151 2300 9283  computing @
chaos claudius
Permalink | Reply | 0 comments |
headers
nothingness | 4 Jan 17:30
Picon
Favicon

Re: can't route traffic from lan out via the aiccu connection

My int_if is configured via hostname.dc0 with an inet6 entry. The lan
get's its addresses from rtadvd running on dc0 and tun1:

bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:0d:9d:9b:70:d2
        priority: 0
        groups: egress
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet6 fe80::20d:9dff:fe9b:70d2%bge0 prefixlen 64 scopeid 0x1
        inet 85.218.10.62 netmask 0xffffff00 broadcast 85.218.10.255
dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:80:ad:75:17:60
        priority: 0
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet 192.168.50.1 netmask 0xffffff00 broadcast 192.168.50.255
        inet6 fe80::280:adff:fe75:1760%dc0 prefixlen 64 scopeid 0x2
        inet6 2001:1620:f2e1::1 prefixlen 64
enc0: flags=0<>
        priority: 0
        groups: enc
        status: active
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33200
        priority: 0
        groups: pflog
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        priority: 0
        groups: gif egress
        physical address inet 85.218.10.62 --> 213.144.148.74
(Continue reading)

Permalink | Reply | 0 comments |
headers
nothingness | 4 Jan 15:28
Picon
Favicon

can't route traffic from lan out via the aiccu connection

Hi all,

  I've been trying for a few days to get my ipv6 tunnel to work from my
lan. I've got a sixxs.net tunnel with a /48 assigned for my lan. I can
connect from the router to irc networks over ipv6 but I'm unable to run
traffic out via the gif0 for anything originating from the lan. I can
also connect to the router over ipv6 for ssh stuff for ex. I'm
completely out of ideas on what to do to get this to work, hope someone
will have a suggestion. Here's my pf.conf (I'm running  openbsd 4.8 with
a generic kernel, patched to latest release):

ext_if="bge0"

ipv6_if="gif0"
ipv6_ip="2001:1620:f00:56::2"
ipv6_gw="2001:1620:f00:56::1"
ipv6_lan="2001:1620:f2e1::/64"
ipv6_lan2="2001:1620:f2e3::/64"

int_if="dc0"
vpn1_if="tun1"
vpn2_if="tun2"
vpn3_if="tun3"
tcp_services="{ 179, 2027:2037, 5002, 7777, 8296, 46411 }"
udp_services="{ 1194, 5003, 5501, 7777, 30000, 46411 }"
icmp_types="echoreq"
ssh_ports="{ ssh , 1194 }"
im_ports="{ icq, msn, ircd, ircd-ssl }"

table <ssh-violations> persist file "/etc/ssh-violations"
(Continue reading)

Permalink | Reply | 9 comments |
headers
Axel Rau | 20 Dec 13:12
Picon

How to propagate default route from ipsec?

Hi all,

besides some other, I have these ipsec routes on my (routing) CARPed
tunnel endpoint pair (netstat -rn):
--------
Encap:
Source             Port  Destination             Port  Proto
SA(Address/Proto/Type/Direction)
...
default               0     2001:1234:2:10::/60     0     0   1.2.3.40/
esp/use/in
2001:1234:2:10::/60   0     default                 0     0   1.2.3.40/
esp/require/out
...
--------
How can I announce this as ipv6 default route in the connected nets
(some /64 subnets from the above /60)?
I have tried route6d and ospf6d without success.
My ipv6 sysctls are:
--------
net.inet6.ip6.forwarding=1
net.inet6.ip6.redirect=1
net.inet6.ip6.hlim=64
net.inet6.ip6.mrtproto=103
net.inet6.ip6.maxfragpackets=200
net.inet6.ip6.accept_rtadv=0
net.inet6.ip6.keepfaith=0
net.inet6.ip6.log_interval=5
net.inet6.ip6.hdrnestlimit=10
net.inet6.ip6.dad_count=1
(Continue reading)

Permalink | Reply | 14 comments |
headers
Forman, Jeffrey | 9 Dec 00:36

possible misunderstanding of rtadvd providing ipv6 IPs of prefixlen 80

Hi All,

Short version: Trying to provide IPv6 connectivity to my LAN via rtadvd.
Something seems amiss in my understanding or configuration handing out an
/80's worth of IP's.

Long version:
My ISP (Comcast) has started an IPv6 trial where their customers can tunnel
ipv6 traffic over ipv4 through Comcast infrastructure for ipv6 connectivity.
We're given a /64 to play with, in my context I have 2001:55c:dead:beef/64
(dead:beef inserted to obscure the innocent). My OpenBSD 4.8 router/fw is
configured with the gif0 interface as 2001:55c:dead:beef::1. This works
great from the openbsd fw itself. I can access ipv6 sites, traceroute6,
ping6, etc etc.

Now I am trying to hand out IPv6 addresses to my local LAN (mix of Linux,
Free/OpenBSD, and OSX boxes) to eventually provide them all with IPv6
connectivity out to the Internet. I figured i would carve out a /16 of
addresses for my home LAN under the subnet 2001:55c:dead:beef:10::/80. I
configured my internal LAN interface's ipv6 address as
2001:55c:dead:beef:10::1/80

ifconfig vr1 (output truncated):
        inet6 2001:55c:dead:beef:10::1 prefixlen 80

and set up my rtadvd.conf as the following:
vr1:\
        :addr="2001:55c:dead:beef:10::":prefixlen#80:

sysctl settings:
(Continue reading)

Permalink | Reply | 5 comments |
headers
Eric C. | 17 Aug 06:24
Picon
Favicon

Router advertisement and carp interface

Hi,

On OpenBSD 4.7 i have enabled net.inet6.ip6.accept_rtadv=1 for the 
automatic configuration of my default gateway. The system have
a vlan interface with 2 carp interface on it.
I changed net.inet6.ip6.use_deprecated=0 and set pltime 0
on the carp interfaces to force the usage of the vlan interface ip 
as source address for packets.

When i check the default router list, i see that the carp interfaces are 
available as default gateway.

# ndp -r 
fe80::*00%carp2 if=carp2, flags=M, pref=medium, expire=31m33s
fe80::*00%carp3 if=carp3, flags=M, pref=medium, expire=31m33s
fe80::*00%vlan2901 if=vlan2901, flags=M, pref=medium, 
expire=31m33s

How can i disable the use of carp interface as the gateway interface ?

When the carp interfaces are not master, the system can't reach 
remote networks.

# netstat -rn | grep fe80::*00
default fe80::*00%carp2 G          0        0     -     4 carp2
fe80::*00%vlan2901  00:*:*:*:*:00 UHLc       0        0     -     4 vlan2901
fe80::*00%carp2     00:*:*:*:*:00 HLc        1        0     -     4 carp2
fe80::*00%carp3     00:*:*:*:*:00 HLc        0        0     -     4 carp3

Any idea how i can resolve this ?
(Continue reading)

Permalink | Reply | 4 comments |

Gmane