Cristian Bradiceanu

I signed up with rsync.net for an off-site filesystem. Opted for geo-redundant version (automated nightly replication to other site) located in Zurich, Switzerland. Very fast speed from Europe and Qatar, good speed with US hosts. Very easy to use from Mac OS X, FreeBSD, Linux and Windows (rsync, ftp, scp, sftp, ssh, WebDAV). Direct integration in Finder, just use “Connect to Server” and enter the hostname address with https. On Linux and FreeBSD 6.x sshfs works like a charm. Easy to install on FreeBSD using ports, just cd /usr/ports/sysutils/fusefs-sshfs and run make install clean.

sysctl kern.geom.debugflags=16

gmirror label -v -b round-robin gm0 /dev/ad0

echo geom_mirror_load="YES" >> /boot/loader.conf

sed -i .orig 's/ad0/mirror/gm0/' /etc/fstab

reboot

gmirror insert gm0 /dev/ad2

Replace ad0 with your FreeBSD bootdisk, ad2 with the second (same or larger capacity) disc.

Add to rc.conf:

cloned_interfaces=”bridge0″

ifconfig_bridge0=”addm rl0 addm rl1″

Make sure you have if_bridge loaded as module or set up as ‘device if_bridge’ in your kernel configuration file.

Configure your switch to trunk (802.1q) desired VLANs on port connected to rl0 on FreeBSD box.

/etc/rc.conf:
ifconfig_rl0=”up”
cloned_interfaces=”vlan5 vlan6″
ifconfig_vlan5=”inet 192.168.5.254 netmask 255.255.255.0 vlan 5 vlandev rl0″
ifconfig_vlan6=”inet 192.168.6.254 netmask 255.255.255.0 vlan 6 vlandev rl0″

vlan5 and vlan6 interfaces will show up:

vlan5: flags=8843 mtu 1500
inet 192.168.5.254 netmask 0xffffff00 broadcast 192.168.5.255
ether 00:11:XX:XX:XX:XX
media: Ethernet autoselect (100baseTX )
status: active
vlan: 5 parent interface: rl0

vlan6: flags=8843 mtu 1500
inet 192.168.6.254 netmask 0xffffff00 broadcast 192.168.6.255
ether 00:11:XX:XX:XX:XX
media: Ethernet autoselect (100baseTX )
status: active
vlan: 6 parent interface: rl0

It seems that PowerDNS’s pdns_recursor crashes on FreeBSD under load.

I’ve replaced it by a bind recursor. Excerpt from named.conf:


options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";

zone "." {
type hint;
file "named.root";
};


I have installed FreeBSD 6.0 on some old computer, seems to work very fast! I have rebuild world and kernel.

dmesg:

Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-RELEASE #0: Sun Nov 6 00:13:58 EET 2005
root@XXXX:/usr/obj/usr/src/sys/XXXX
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Pentium II/Pentium II Xeon/Celeron (350.80-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0x652 Stepping = 2
Features=0x183f9ff
real memory = 201261056 (191 MB)
avail memory = 191619072 (182 MB)
ACPI disabled by blacklist. Contact your BIOS vendor.
npx0: [FAST]
npx0:
$on\; motherboard$
npx0: INT 16 interface
cpu0 on motherboard
pcib0: pcibus 0 on motherboard
pir0: on motherboard
pci0: on pcib0
agp0: mem 0xe0000000-0xe3ffffff at device 0.0 on pci0
pcib1: at device 1.0 on pci0
pci1: on pcib1
pci1: at device 0.0 (no driver attached)
isab0: at device 7.0 on pci0
isa0: on isab0
atapci0: port 0×1f0-0×1f7,0×3f6,0×170-0×177,0×376,0×9080-0×908f at device 7.1 on pci0
ata0: on atapci0
ata1: on atapci0
uhci0: port 0×9040-0×905f irq 11 at device 7.2 on pci0
uhci0: [GIANT-LOCKED]
usb0: on uhci0
usb0: USB revision 1.0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
pci0: at device 7.3 (no driver attached)
fxp0: port 0×9000-0×901f mem 0×82300000-0×82300fff,0×82100000-0×821fffff irq 3 at device 16.0 on pci0
miibus0: on fxp0
inphy0: on miibus0
inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp0: Ethernet address: 00:00:e2:13:39:e0
rl0: port 0×7000-0×70ff mem 0×80100000-0×801000ff irq 10 at device 18.0 on pci0
miibus1: on rl0
rlphy0: on miibus1
rlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
rl0: Ethernet address: 00:0e:2e:56:b7:83
pmtimer0 on isa0
orm0: at iomem 0xc0000-0xc7fff on isa0
atkbdc0: at port 0×60,0×64 on isa0
atkbd0: irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
psm0: irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
psm0: model Generic PS/2 mouse, device ID 0
fdc0: at port 0×3f0-0×3f5,0×3f7 irq 6 drq 2 on isa0
fdc0: [FAST]
fd0: <1440-KB 3.5″ drive> on fdc0 drive 0
ppc0: at port 0×378-0×37f irq 7 on isa0
ppc0: Generic chipset (EPP/NIBBLE) in COMPATIBLE mode
ppbus0: on ppc0
sc0: at flags 0×100 on isa0
sc0: VGA <16 virtual consoles, flags=0×300>
sio0 at port 0×3f8-0×3ff irq 4 flags 0×10 on isa0
sio0: type 16550A
sio1: configured irq 3 not in bitmap of probed irqs 0
sio1: port may not be enabled
vga0: at port 0×3c0-0×3df iomem 0xa0000-0xbffff on isa0
unknown: can’t assign resources (memory)
unknown: can’t assign resources (port)
unknown: can’t assign resources (port)
unknown: can’t assign resources (irq)
unknown: can’t assign resources (port)
unknown: can’t assign resources (port)
unknown: can’t assign resources (port)
Timecounter “TSC” frequency 350797222 Hz quality 800
Timecounters tick every 1.000 msec
ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding enabled, default to accept, logging limited to 1 packets/entry by default
ad0: 6179MB at ata0-master UDMA33
acd0: CDROM at ata1-master PIO4
Trying to mount root from ufs:/dev/ad0s1a


It seems that pdns_recursor from 2.9.19 dies under light load on FreeBSD.

New production DNS server is up since Saturday night.

It runs PowerDNS with a MySQL 4.1 backend on FreeBSD 5.4. Complete with web (SSL) administration and statistics.

So far:

Uptime: 18 hours Queries/second, 1, 5, 10 minute averages: 6.4, 5.12, 5.15. Max queries/second: 40.1
Cache hitrate, 1, 5, 10 minute averages: 24%, 22%, 20%
Backend query cache hitrate, 1, 5, 10 minute averages: 63%, 62%, 62%
Backend query load, 1, 5, 10 minute averages: 10, 8.2, 8.59. Max queries/second: 26.7
Total queries: 313999. Question/answer latency: 0.678ms


No luck in IPSEC between a FreeBSD 5.4 (racoon) and a D-Link DI-804HV
Tried manual and IKE, SAs up but no traffic through the gif device. Perhaps D-Link could add more troubleshooting functions into their firmware (e.g. show routing table, SAs, disable NAT, routes through PPTP or L2TP tunnels).