FreeBSD

Get faster OpenVPN on FreeBSD by enabling DCO – easily done

Leave a Comment / FreeBSD, Open Source, OpenVPN / By /

I’ve been configuring a new gateway server for use in my basement data center (home lab). I had recently read about DCO and FreeBSD’s opvn device. DCO (Data Channel Offload) let’s OpenVPN use the encryption features available in many CPUs. In my previous post, I checked; my OpenVPN server and most of the clients are DCO-capable. I decided to try it. I found documentation lacking as to how to use it. I took […]

Get faster OpenVPN on FreeBSD by enabling DCO – easily done Read More »

Problems with OpenVPN when server is FreeBSD 14.2 and client is 14.1

Leave a Comment / Bacula, FreeBSD, Open Source, OpenVPN / By /

After replacing an existing gateway with new hardware, the OpenVPN connections had issues. The clients would connect, but non-trivial amounts of traffic would cause errors. This post contains a workaround, by upgrading the OS. I would like to know the cause. In this post, these are the version in use: FreeBSD 14.2 (for the OpenVPN server and some of the clients) FreeBSD 14.1 (for some of the clients) OpenVPN 2.6.13 (on the server

Problems with OpenVPN when server is FreeBSD 14.2 and client is 14.1 Read More »

Invoking ddclient from dhclient to update 3rd party dynamic dns hosts on FreeBSD

Leave a Comment / DNS, FreeBSD / By /

In this post: FreeBSD 14.2 ddclient-3.11.2 Ansible playbook for ddclient: https://github.com/dlangille/ddclient/ forked from https://github.com/hammadrauf/ddclient/ In my previous post, I configured dhclient to setup my Hurricane Electric tunnel and notify HE of same. First attempt: [12:39 gw01 dvl ~] % sudo ddclient [12:47 gw01 dvl ~] % tail /var/log/messages … Mar 6 12:47:50 gw01 ddclient[52929]: WARNING: ” is not a valid IPv4 or IPv6 address Mar 6 12:47:50 gw01 ddclient[52929]: WARNING: found neither IPv4

Invoking ddclient from dhclient to update 3rd party dynamic dns hosts on FreeBSD Read More »

Debugging aids for pf firewall rules [on FreeBSD]

Leave a Comment / Firewalls/Gateways, FreeBSD, General, Open Source, pf / By /

It is not often that I need to debug pf firewall rules. Yet, when I do, I cannot remember the commands for what I want to do. What is being blocked First, I want to see the firewall rule numbers in the tcpdump output. I am logging all blocked packets, via pflog0. I can use that to see what is being blocked and by what rule. These are found in my /etc/pf.conf: There

Debugging aids for pf firewall rules [on FreeBSD] Read More »

Is deleting empty snapshots faster?

Leave a Comment / FreeBSD, Open Source, ZFS / By /

During the 2025-01-22 OpenZFS Production User Call, ‘atomic operations’ was mentioned with respect to ~/tmp/deleting zfs list -r -t snapshot data01/snapshots/deleting > ~/tmp/deleting 2.54s user 48.47s system 99% cpu 51.042 total 50 seconds. That’s OK. 60,000 deletes starting on the 23rd I started the delete. Actually, it’s not 60,000 deletes. It’s one destroy, of 60,000 snapshots. [12:52 r730-03 dvl ~] % time sudo zfs destroy data01/snapshots/deleting@1%60000 After starting the above command, I started

Is deleting empty snapshots faster? Read More »

Way too many snapshots

Leave a Comment / FreeBSD, Open Source, snapshots, ZFS / By /

In this post In this post, we have: FreeBSD 14.1-RELEASE-p5 r730-03 Lots of boring repetitive sections, so skip over that to find what you need This article was written over a couple of days. The zpool in question is 3 pairs of 12TB HDD: [13:44 r730-03 dvl ~/tmp] % zpool status data01 pool: data01 state: ONLINE scan: scrub in progress since Fri Jan 17 05:29:21 2025 22.1T / 26.1T scanned at 200M/s, 19.2T

Way too many snapshots Read More »

Why does the same command appear on two different ports with different times?

Leave a Comment / FreeBSD, Open Source, ZFS / By /

While I was destroying some snapshots, I found this interesting / disturbing. Why is the same destroy appearing twice, on different TTYs? [16:11 r730-03 dvl ~/tmp] % w | grep air dvl pts/2 air01.startpoint.vpn.unixathome.org 1:04PM 2:18 sudo zfs destroy data01/snapshots/homeassistant-r730-01@autosnap_2024-10-19_22:15:08_frequently dvl pts/1 air01.startpoint.vpn.unixathome.org Fri11PM – w dvl pts/4 air01.startpoint.vpn.unixathome.org 4:11PM – sudo zfs destroy data01/snapshots/homeassistant-r730-01@autosnap_2024-10-19_22:15:08_frequently dvl pts/5 air01.startpoint.vpn.unixathome.org 1:07PM 33 -zsh (zsh) What’s up with that? And why different times? It is not

Why does the same command appear on two different ports with different times? Read More »

Creating jails in a jail for testing /etc/jail.conf

Leave a Comment / Jails / By /

This is work from April 2021, and sometimes there is a need to do a jail in a jail. This shows how. I want to testing jail.conf, in a jail. I don’t want to test this on a host, because that might interfere with existing jails. This is related to a FreeBSD code review which will add support for jail.d – that means you can have something like /etc/jail.d.conf/foo.conf which is the configuration

Creating jails in a jail for testing /etc/jail.conf Read More »

PF states limit reached – on three different host at nearly the same time

Leave a Comment / DNS, FreeBSD, LibreNMS, named, Open Source / By /

What are the chances that three different hosts, in thee different datacenters all display these messages within seconds of each other? The uptimes: [dvl@r720-02:~] $ uptime 1:42PM up 62 days, 15:01, 2 users, load averages: 0.04, 0.12, 0.18 [13:42 tallboy dvl ~] % uptime 1:42PM up 62 days, 15:37, 2 users, load averages: 0.17, 0.37, 0.34 [13:42 zuul dan ~] % uptime 1:42PM up 62 days, 14:56, 2 users, load averages: 0.24, 0.25,

PF states limit reached – on three different host at nearly the same time Read More »

Converting a subversion repo to git

Leave a Comment / FreeBSD, git, Open Source, subversion / By /

This is not finished. It has been posted for review. When this paragraph is gone, the post is finished. I’ve wanted to convert my subversion repos to git for years. It’s never been a high priority. But here we go. First, I created a local temporary and insure subversion repo with a copy of my real repo. This allows me to mess up and not affect the real repo. I’m sure nothing I’m

Converting a subversion repo to git Read More »

Scroll to Top