From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oa0-x234.google.com (mail-oa0-x234.google.com [IPv6:2607:f8b0:4003:c02::234]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 2874121F09E for ; Tue, 14 Jan 2014 04:36:56 -0800 (PST) Received: by mail-oa0-f52.google.com with SMTP id o6so9485947oag.39 for ; Tue, 14 Jan 2014 04:36:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=ChIBBoeStMZl/GHS6QmivOZ5iUzON7tLGwNnSO1mfo4=; b=Rc8JGY2n8n6mlBjuqK1zXHv+b22UbxrC5akeb6SLb0w4R8otd1t6Kk1n+BrLj0LtcF M68IW4ZeNI8wiBzqHUpWQ+TLNTBM9TLnB4o7vvxPyqU2mAOKF5iLTrNWhn3e84UmODwm q0WvFi3WA1KvzYJNzV7t6uuqMEurZ7wXmiEgyxQQyDTnm0uFDhKnovFMGk8ufh4tReZm CAcUko1tcVUjbskD7nL4hwSbknkfEenOBpZOZuWD1w4yT67Rp9YSZY2/WQJRQJAQKQFV 3kLJmEJlUX875Wx9jz58AULTvRIKNx/sOxBjFZFha1BwTvzhL2S6KIcv0aAYLwbmvK+8 CO8g== X-Received: by 10.182.135.194 with SMTP id pu2mr919992obb.38.1389703015228; Tue, 14 Jan 2014 04:36:55 -0800 (PST) MIME-Version: 1.0 Received: by 10.182.38.194 with HTTP; Tue, 14 Jan 2014 04:36:34 -0800 (PST) In-Reply-To: References: From: David Personette Date: Tue, 14 Jan 2014 07:36:34 -0500 Message-ID: To: Dave Taht Content-Type: multipart/alternative; boundary=089e0122a6c090e9f804efed72c0 Cc: "cerowrt-devel@lists.bufferbloat.net" Subject: Re: [Cerowrt-devel] notes on going for a stable release X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jan 2014 12:37:19 -0000 --089e0122a6c090e9f804efed72c0 Content-Type: text/plain; charset=UTF-8 On Tue, Jan 14, 2014 at 1:07 AM, Dave Taht wrote: > ** Instruction traps > > The instruction trap problem has resurfaced on boot. It is unknown > what triggers it. It doesn't happen very much after boot in my limited > testing. > > The last time it bit me was on doing tests on a busy ipv6-enabled > network where it thoroughly blew up the tests. (even when not doing > ipv6 itself) It also made cerowrt unreliable. > > oot@davedesk:~# cd /sys/kernel/debug/mips/ > root@davedesk:/sys/kernel/debug/mips# cat unaligned_instructions > 7884 > > What values do you see, both on boot and after some uptime? > > For more details on how to actually fix the bug: > http://www.bufferbloat.net/issues/419 > I updated to the 3.10.26-1 build, so not much uptime. Also, I don't have my IPv6 hurricane tunnel active ATM. root@outpost:~# uname -a Linux outpost 3.10.26 #1 Sun Jan 12 14:50:55 PST 2014 mips GNU/Linux root@outpost:~# cat /sys/kernel/debug/mips/unaligned_instructions 0 root@outpost:~# uptime 06:49:16 up 20:28, load average: 0.00, 0.03, 0.04 root@outpost:~# dmesg | grep "checksum failed" root@outpost:~# > ** BCP38 compliance > Cerowrt does not currently stop unknown rfc1918 addresses from going out > ge00. > ** Squash incoming diffserv bits > many providers pee on the diffserv bits. It would be good to detect it > and reset to BE incoming packets. (note: IPv6 is far less peed on.). > There was a nice idea discussed last year on using conntrack to match > incoming with outgoing diffserv bits. > I'd added this into my /etc/firewall.user. I'd be happy to work on adding it into the official script if you would like. I'm a sysadmin, what development skills I have are in scripting. > ** SSL support for the configuration interfaces > All the plumbing exists for this in cero, it just has to be made to > work. the key generation routine needs to be fixed in uci-defaults and > lighttpd config updated. It's embarrassing to not have SSL running. > If it's scripting and web server config, I'll work on this too. > * Bufferbloat.net problems > the bufferbloat.net servers are undermaintained and obsolete. I long > ago swapped out my sysadmin and ruby skills for other things. > > ** huchra replacement (one disk currently crashed, the other going) > In addition to running this mailing list this used to be 1/5th of the > openwrt build cluster. > > lists needs to move to a virtual server ASAP. > > openwrt could really use a good build cluster. been running most of > theirs now for a couple years, out of machines pulled from the junk > bin. > > ** Web Site updates > the redmine implementation on bufferbloat.net has been overrrun by > spam and I stopped > accepting new contributors that didn't contact me also via email > long ago. > > given how hard it would be to update the present website, perhaps > moving to cerowrt.org > on a virtual server will be simpler. > This I can work on now, if you like, I can spin up a Digital Ocean VM that should be able to run a mailing list with no problems. Getting Postfix setup should be a snap, I'm not sure what else is needed for the mailing list, but we can discuss it off the mailing list. Did you want a new name or keep huchra for the VM? Once it's up, getting a list of needed software from huchra, certs, and the data can be synced over, do some testing, then the DNS A and MX records can be updated. Hmm, just saw that Digital Ocean still doesn't have IPv6 yet. Will that be a problem? Any other suggestions for hosting it? I've used them for several little projects, they have a good interface and rates, IMHO. Thanks. -- David P. --089e0122a6c090e9f804efed72c0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
On Tue, Jan 14, 2014 at 1:07 AM, Dave Taht <dave.taht@g= mail.com> wrote:
** Instruction traps

The instruction trap problem has resurfaced on boot. It is unknown
what triggers it. It doesn't happen very much after boot in my limited<= br> testing.

The last time it bit me was on doing tests on a busy ipv6-enabled
network where it thoroughly blew up the tests. (even when not doing
ipv6 itself) It also made cerowrt unreliable.

oot@davedesk:~# cd /sys/kernel/debug/mips/
root@davedesk:/sys/kernel/debug/mips# cat unaligned_instructions
7884

What values do you see, both on boot and after some uptime?

For more details on how to actually fix the bug:
http://= www.bufferbloat.net/issues/419

I updated to th= e 3.10.26-1 build, so not much uptime. Also, I don't have my IPv6 hurri= cane tunnel active ATM.

root@outpost:~# uname -a
Linux outpost 3.10.26 #1 Sun Jan 12 14:50:5= 5 PST 2014 mips GNU/Linux
root@outpost:~# cat /sys/kernel/debug/mips/una= ligned_instructions
0
root@outpost:~# uptime
=C2=A006:49:16 up 20:= 28,=C2=A0 load average: 0.00, 0.03, 0.04
root@outpost:~# dmesg | grep "checksum failed"
root@outpost:~#= =C2=A0
=C2=A0
** BCP38 compliance
Cerowrt does not currently stop unknown rfc1918 addresses from going out ge= 00.
** Squash incoming diffserv bits
many providers pee on the diffserv bits. It would be good to detect it
and reset to BE incoming packets. (note: IPv6 is far less peed on.).
There was a nice idea discussed last year on using conntrack to match
incoming with outgoing diffserv bits.

I= 'd added this into my /etc/firewall.user. I'd be happy to work on a= dding it into the official script if you would like. I'm a sysadmin, wh= at development skills I have are in scripting.
=C2=A0
** SSL support for the configuration interfaces
All the plumbing exists for this in cero, it just has to be made to
work. the key generation routine needs to be fixed in uci-defaults and
lighttpd config updated. It's embarrassing to not have SSL running.
=

If it's scripting and web server confi= g, I'll work on this too.
=C2=A0
* Bufferbloat.net problems
the bufferbloat.net servers are undermaintained and obsolete. I long
ago swapped out my sysadmin and ruby skills for other things.

** huchra replacement (one disk currently crashed, the other going)
In addition to running this mailing list this used to be 1/5th of the
openwrt build cluster.

lists needs to move to a virtual server ASAP.

openwrt could really use a good build cluster. been running most of
theirs now for a couple years, out of machines pulled from the junk
bin.

** Web Site updates
=C2=A0 =C2=A0the redmine implementation on bufferbloat.net has been overrrun by
spam and I stopped
=C2=A0 =C2=A0accepting new contributors that didn't contact me also via= email
=C2=A0 =C2=A0long ago.

=C2=A0 =C2=A0given how hard it would be to update the present website, perh= aps
moving to cerowrt.org<= br> =C2=A0 =C2=A0on a virtual server will be simpler.

Thi= s I can work on now, if you like, I can spin up a Digital Ocean VM that sho= uld be able to run a mailing list with no problems. Getting Postfix setup s= hould be a snap, I'm not sure what else is needed for the mailing list,= but we can discuss it off the mailing list. Did you want a new name or kee= p huchra for the VM? Once it's up, getting a list of needed software fr= om huchra, certs, and the data can be synced over, do some testing, then th= e DNS A and MX records can be updated.

Hmm, just saw that Digital Ocean still doesn't have IPv6= yet. Will that be a problem? Any other suggestions for hosting it? I'v= e used them for several little projects, they have a good interface and rat= es, IMHO. Thanks.

--
David P.

--089e0122a6c090e9f804efed72c0--