hi, guys, how long can an image be written using dd? Because my writing takes a long time compared to linux.

oops, or should I have asked that in #freebsd-ops? Sorry

No, that channel is for requesting channel operatoes/moderators attention.

s/operatoes/operators/

What dd options did you use? Specifically, what blocl size?

s/blocl/block/

I used exactly: dd if=FreeBSD-13.1-RELEASE-amd64-memstick.img of=/dev/da0 bs=1M conv=sync

osin, that command looks OK to me. If that's a USB stick, your USB port and the stick itself may be limiting factors, unless the speed you're getting with Linux is on the same computer and USB port.

(Note, however, that 13.1 no longer gets security updates. If that matters to you, use either 13.5 or 14.3.)

yes opera toes!

i wonder what errors it reports in syslog

maybe

and you can add speed stats with status=progress

maybe write it full of zeros first

then comes the question what is it, how old, what port

what is the actual question? "how long can an image be written?" doesn't seem to make sense

hopefully that won't happen

over usb2 it goes like 20m/s

I took it to mean "how long can writing an image take?"

V_PauAmma_V: yeah, but that's unanswerable

it depends entirely on the size of the image and the speed of the storage device

See also, "Because my writing takes a long time compared to linux."

so 37-40s

okay, but unless OP just wants to have a rant about this, there is no actual question there

maybe it has weird speeds

I think there is one implied, in addition to the semi-explicit one. Namely, "is this normal, or am I making a mistake somewhere?"

takes as long as it takes, if its a rare task so probably not worth wasting much time on it

I find the quality of the storage device is also critical to the time it takes to write it.

dmesg can be your friend for things that are inexplicably hanging

osin: ^

i bet that usb flash just shat itself

even finding the usb 1.1 hub won't do this

what's the most efficient way to output the last 10 lines from /var/log/messages?

oh tail duh

ivy: sorry, I needed to be more clear.

how well will FreeBSD work with ThinkPad X1 Carbon G12/G13 I wondering if I should buy a new laptop and run FreeBSD to replace my macbook.

nwe: actualy, my Thinkpad is a X270 i7 16Gb ram 1Tb SSD, 100% FreeBSD 14.3 and 15 Friendly, but my next will be a X1 Carbon G13 32Gb ram + 1Tb to replace my M1PRO

hugohagogo: =)

nwe: probably be ok, it is quite new so some stuff might be on the bleeding edge

hitch would be if the intel wifi is a be model

but I will ensure everything is working with it like,wifi,sound,webcam,suspend/resume etc :) so I dont throw 2328 usd, and the computer will be laying on the shelf.

assuming the webcam is uvc it should be fine, if it is that new thing then there is no support I'm aware of

everything else should be supported or close to it

[tj]: oki!

thanks for answering :)

good luck, please let us know how support actually is

nwe: Intel WIFI AX210, here, with new drivers (iwx and iwlwifi), fully functional with VHT access points

nwe: ThinkPads in general are very BSD friendly, except of rthose that use an Nvidia GPU, but that has more to do with the GPU than with the laptop.

i'm on x1 carbon g7? maybe? it's working pretty well except the fn keys

rtprio: doesnt fn keys working for you on your x1 carbon?

Fn keys are a hardware level thing.

f'n keys indeed

I see what you did there.

yeah the f'n keys don't work

btw, anyone who uses 1-wire or dht sensors, what's the expected way configure gpios for them?

because right now it's about as hard as it could get

phrasing!

merry halloween

it goes through device tree onto which one should apply an overlay

that thing is not clear or easy either

the gpio pins are even fine, at least for this, have labels, etc

ended up making ketas.si.pri.ee/misc/gen-h3-gpio-fdt-overlay.1761919232.sh

that's not good

but that way i could almost understand it

got it working without full understanding eh

happy accident

unsure how many days i spent in src, manpages, in google... and funnily i found all the others trying the same thing

someone was even bruteforcing bitmask for hint.gpioths.pins

[tj]: but that's the same?

yeah, but isn't it the answer?

no

my bad

right way of creating overlays is somewhere via fdt in src

imagine if changing ip or interface would be that hard

hi there

meow

I have a question regarding multiple gateway on freebsd, setfib and redirect response packets came from certain interface towards proper gate

without running multiple instances with setfib xxx service ....

is it possible to accomplish something like that ?

someone was asking for that just short time ago :p

can I find logs ?

was there any solution?

i guess setfib and pf routing options were they key

I have logs starting from 8am

nothing is there there

it was days ago :)

false

so in order to send packet out somewhere you need to know where

so yeah

i recall sorts of hacks i did

if dest is fixed, you can add routes

back in bsd ~6 I can recall I did it via ipfw forwards things

ipfw still exists

but firewall was modified and in BSD 8 this method stops working

hmm

ipfw2 ...

so you have service that youn need to access from both networks?

common methodology I found is that to run services at different port and then use a port forwarding mambojambo

and reply goes to src?

which I kinda dont like

I would love to ...

i had to battle with it in openvpn

I see a bad strategu to accomplish that but ...

still sucks i think

so, pf reply-to?

even that had issues

I kinda IPFW guy, once I migrated to pf, but had a bad experience with GRE protocol ... back in that time pf doesn't seems to support it ...

so I dropped it ,,

i mean lets says ip 1.2.3.4 comes from em1, but machine has fib 0 default route to 9.9.9.9 via em0

meh

i hate routings

yeah ...

BSD and routing and advanced firewall thing is hell to me as well

so how does the reply packet to dst 1.2.3.4 get out via correct if?

complex routing is cancer

isn't so complex even

it's like C++ namespaces, "we kinda fucked things up so we're gonna wrap the different shits and make one multi-shit"

just two nets

nwe: that's correct. so no vol/brightness/etc

but yeah that sucks

hmm what my current openvpn used hmm

unfortunately I cannot afford deep dive into freebsd routing and firewall staff reading ... It will be nice to have similar config samples on BSD manpages

nothing even remotely advanced is there ...

fun actually

as two uplinks is totally unknown

as if

pf rdr works i think

works excelletn

i could try it more

please don't hesitate to try PF

maybe nerozero is ipfw dude

i have used ipf before pf

and ipfw where ipf failed

damn, eh

yep, we all have this background

like how many firewalls you need in one machine :)

one

ipfw is closest to fbsd

it's a tight hug

as i get it

but with a hell of a syntax

ipf is somewhere in middle and then there's pf

clearer syntax less features

or different features

obsd examples won't work either :å

:p

Darren's work was removed from OpenBSD long time ago

i think some people told they use obsd for pf only but couldn't use it for anything else

darren?

so they won't help you

yep

weren't you following mailing lists and usenet back then ?

i can't find who he is, found two guys

well no

when, even?

and i don't think it's humanly possible to follow all

i think proper and easy multihome routing methods should be added somewhere

and also what about that ow/ths thing

i get reasons for why fdt is a thing

I used to read majority of fbsd mailing lists a few decades ago

and yes, IPFilter was removed from OpenBSD like 25 years ago now

but using fdt or it's overlays to tell volatile configuration data to driver is hard

I remember it very well since my back-then cow-orker was maintaining IPFilter for OpenBSD and he was rather peeved that it was just kicked out of OpenBSD without any warning

cow orker :p

I like FDT very much. makes things much simpler than some unholy complex mess of dynamic resource allocation gizmo designed and implemented by drunken lemurs at microsoft

did he have special pin needle for theo's ass?

the classic "plug 'n pray"

or how why

meh

embedded platforms have different issues though; namely, no standards and often poor or nonexistent documentation

oh the no std is fun indeed

nerozero: /usr/share/examples/pf

fishing out correct gpio was somehow easier than finding way to put it somewhere

rtprio, will look into it

thanks a lot

nothing special in there what I cannot implement in IPFW

nerozero: if you know IPFW syntax, you are used to it, not missing any feature, why would you switch to PF ?

I dont, I thought there was an opportunity to implement multi-gateway things easier ...

but imagine if each time you need for change ip you need to get the machine readable address of nic you want based on human readable one, then translate your ip into special format it eats, the put the magical key and magical val into file, compile it into binary, then put it into said machine... i can imagine air would be thick of profanities

TBH I don't know how to do it in IPFW, but it's most likely doable

I'm tooling around with putting copyparty in a jail... question is, where on the filesystem should I dump the contents of the tarball? /usr/local/share/copyparty? Should I build a package? Contribute a port?

I see only one path - kinda DMZ on and natting into services listening on say 127.0.0.1 interface

port forwarding with respect to fibs ...

zip: i put unknowns into subdirs under /root

but IT IS TOO DAMN UGLY !

but that could be a port

nerozero: there are fib and setfib arguments for ipfw, this approach is probaly seamless when you seek for multi-gateway support scenario

ketas: fair enough

yes, you can use fibs in IPFW rules ...

with nat things ...

AFAIR IPFW was always faster than PF, but haven't seen any recent benchmarks

way faster

especially natting things

almost no implact on CPU for high loads

now, when we have content avaliable over ip6, nat is no longer bottlenek

bottleneck

it's fun how v6 has stalled

kind of

my lame ISP doesn't support ipv6

everyone hates it ( everyone around me )

i have native for >10y

but mobile don't do that yet

funnily it has hidden ip what runs volte iirc, that's v6

damnit

ipv4 - 4 bytes - 32 bits, easy to see each byte... subnets ....

so i have used v6 since ~2004 and adoption rate is lower than v4

:)

so v4 went live 1983 and in 10 years it was like full swing already

and in 20y nobody even talked about migrating to v4

ipv6 went live, let's say 30y ago

On servers I never have any problems with IPv6. Cloud hosting rentals always work perfectly. (Mostly. Why do some vendors split IPv4 on one virtual interface and IPv6 on a separate virtual interface? No idea!)

maybe they have separate networks

which is fun

On all other systems though I continuously have problems with IPv6! My Nokia fiber modem at the house is quite buggy for IPv6 using SLAAC to assign addresses. It assigns multiple IPv6 addresses! And only one of them works. The others are off prefix and do not function. Impossible to just plug in a client and have working IPv6 networking with it. Buggy!

since when v6 was already swinging around pretty well, all clouds just started

If I manually assign IPv6 addresses to client devices behind the Nokia then they will work. But I have to make manual assignments to have them work.

This is just an example of why IPv6 is /still/ having problems becoming pervasive.

multi slaac eh?

it's device thing maybe

my phone took 3

unsure what google smoked

i didn't check if they privacy change too

rwp: any chance you could tell me which Nokia modem that is? (model or ISP..)

wait, it announces wrong prefixes?

funnily it all could happen if...

as if nobody uses v6

with god awful CGNAT people may started demanding ipv6 more

stl, It's a Nokia WiFi Gateway 3.

may start*

stl, nokia.com/sites/default/files/2019-07/wifi-user-guide.pdf

no cgnat here yet

in mobile, yes

but yeah, no servers, no clients

offical introduction years of 4 and 6 are 1980 and 1995 actually

I don't really have a good way to debug at the protocol level to determine exactly where things go wrong but setting ifconfig_em0_ipv6="inet6 accept_rtadv" for example results in multiple inet6 addresses with the default one being out of prefix and not routing. But if I ping -S pick the other source addresses in prefix then they work. If I assign a working address statically then it works.

but at this pace last machines get v6 in >2100

Setting ifconfig_em0_ipv6="DHCP" results in a slightly better result in that it seems to randomly default to one of the working addresses in that case. But it all depends. And over time as the inet6 addresses change things phase from working to not working depending upon which default inet6 address is used for the outgoing source address.

That's why I blame the Nokia firmware as being buggy and the problem. That seems the most likely place for the problem to be existing. It does route if I set static IPv6 addresses and router.

can you get rid of it

but i'm more like how can v6 be still the nonserious plaything

unsure how accurate google.com/intl/en/ipv6/statistics.html is

Time has passed and our city's municipal fiber has switched to the next newer model of that fiber modem. If I complained I am sure they would start the debug by swapping me to the next version of the modem. Which I will probably do soon. I have simply been too busy to deal with it. And if I assign a static address then it works.

i have fiber bridge here

they supply a separate router which you can decline

I /feel/ that most of those IPv6 users in that graph are mobile phone users. Because mobile networks are running out and it is either CG-NAT or IPv6 and they control both ends so IPv6 is very common here.

next fiber also follows same path

rwp, when you say "out of prefix and not routing," what is the address in question? Does it start with a 2 or a 3?

if you order 2.5/2.5g they replace huawei with adtran

i recall when first ever actual routers went live in this isp, all sorts of problems appeared

CrtxReavr, For example using RA or DHCPv6 it will assign multiple IPv6 addresses 2605:b40:13a3:8c00:2e0:4cff:fe14:5d27/64 2605:b40:1516:a200:2e0:4cff:fe14:5d27/64 with the first one 2605:b40:13a3:8c00 being the default that will be selected for the outbound source address. But it will not route out. If I select the second address, and it is never the default one, then it will work.

tcpdump time

2605:b40:1516:a200:2e0:4cff:fe14:5d27/64

That one is your MAC-based EUI-64 address.

I have been there with tcpdump but I can't tcpdump the WAN side of the fiber modem.

IT's beeing assigned by stateless autoconfig.

The others are temporary IPs to be used as source addresses to obfucate your MAC address. . . at least across the router.

Yes. Agreed.

Um, actually. .I was looking a bit too fast.

Notice that 3rd and 4th quads differ.

and what isp thinks of this?

I haven't opened a support ticket. But have discussed this with other friends on the same municipal fiber. All of us have the same result. Which results in only IPv4 working for us. But I am the only one talking about trying to make IPv6 work. No one else cares.

so yeah, after all sorts of problems appeared with first gen router, isp was confused and one of their guys told but we like tested it in lab, we bittorrented using two machines

seems like production is hard

Thsoe are all SLAAC addresss, for for different prefixes. . . it's like your ISP is changing them too fast on you.

rwp: that's really sad story.... "No one else cares."

and they all run like absolute lowest bidder hw and sw

if they actually provide v6 too they should fix it :p

They have not run into something they can't do using only IPv4, they can stream Netflix, so they don't have any itch to scratch.

I think what I've learned is I don't want to use copyparty

copyparty seems funthing

but what you actually want?

CrtxReavr, Yes. It does seem like that. Through the course of a day there might be 15+ inet6 addresses pass through a Debian/Devuan system I have sitting there for debugging. My house FreeBSD system I need to work and I have it configured with the static IPv6 address so that I can rely upon it working.

I haven't had time to put into debugging this further but I hope to have some time in the next couple of months. I will open a support ticket. They will swap my modem for the newer model. And likely nothing will change. I have been hesitant to do this because I have been traveling away from home and what I have is working and it is the devil you know versus new devils that I will need to get to know.

hopefully it's your allocated /64 or more

Another bug in that Nokia firmware is that if I let it run without a reboot for "a while" like maybe two months then the IPv4 DHCP server will stop working at some point. Probably a memory leak or something. It will keep routing okay. But if you reboot the client such that the ethernet link drops then it will never give out another DHCP address and the client can't get back online.

My workaround is that whenever I depart from the house I always power cycle the Nokia before leaving. That resets the resource leak or whatever and then it is good for at least another month and will survive until I return home again.

It takes a while to debug something that must run for 2-3 months before exhibiting the problem!

that's a hell

so no way go get rid of it or hack or?

rwp: perhaps they have just buggy and not fully ip6 capable equipment ?

What do you suggest? Open up the ISP modem, solder an ICE fixture onto the circuit board and start reverse engineering it?

burn the modem

i would be very pissed if it were main required device

and wouldn't even work

I think mzar's assessment matches mine. It's just buggy and not yet working. It is likely the configuration on the ISP side of things. I keep hoping that it will get fixed and then updated and then magically start working.

you can't access it otherwise0

?

like via ip

Burning the modem is not really an option because I really like having the GigE fiber connection. I am NOT going back to Comcast's 30MbpsDn/4MbpsUp cable modem.

what they do there anyway

gpon?

PON?

ketas, I don't understand your question. Of course we access the Nokia web admin interface by IP. But that only exposes the web interface. It does not have any capability to debug the internal workings of the firmware.

no telnet there eh? :p

but yeah

well most likely your fiber comes in either as P2P or *PON, and only latter requires special equipment. former you can just hook up to any fiber module you have and rock on

i have high bets it won't work better later either

^^

like dhcp dying

classic shit isp cpe

failure is sad, but it won't even recover

it's absolutely not beyond nokia to just consider it normal for customer to powercycle a device periodically to keep it running

Nokia should have stuck to cellphones - they had a good run with those.

except they didn't

nokia does still make networking gear but

yeah who knows

I am also in a squeeze between having time to work on things I need to work on and having this be the devil I know how to workaround already. Once you get something working and known it is hard to break it just because.

Speaking of which I must focus on work until the top of the hour and then I must afk. Later!

i currently run Huawei EchoLife HG8010H

it seems factory def cfg

I use a FreeBSD box full of NICs.

it's not meant to be accessed on l3

No one to blame but myself.

ketas: basically some encrypted storage for personal shit and some less-encrypted storage for media

CrtxReavr: nokia basically just got lucky with their early cellphones - the company far exceeded itself and was in no way prepared to actually perform well consistently, or as it turns out, almost ever.

so, probably, a machine running samba, some kinda DLNA (probably rclone serve?) and then sshfs

currently they only rent cpes or stbs, don't sell them anymore

the main problem to solve is that of how to secure data

otherwise they have modified openwrt shitshow genexis

I expect there's a way to zfs-encrypt mountpoints and unlock them with user passwords, though that'd be annoying if it breaks ssh

i didn't take it

it's as if it's normal for customers to keep rebooting their routers like windows machines

it sw as well as hw problem actually

I guess freebsd doesn't really have a nice way to encrypt filesystems using TPM storage, so no shenanigans with that. I suppose the best option there is perhaps to deploy the spare raspberry pi or something and do some kind of juxtaposed auto-decryption

or to treat it as insecure storage and make sure whatever I've got running backups acts accordingly

Huawei is a good example of how stewed western networking companies are. EU had to come up with a bunch of FUD propaganda to block them from market (and Intel stopped selling the x86 chips entirely too) just because their gear is far too good and cheap

cisco, nokia, netapp etc have all grown fat and lazy, banking on continued profits based on past merits and brand name alone

btw from isp internal semipublic data i got that this is the best hw available on market that worked... but if i look inside on what the top quality is it looks like something where if rip one piece of ductape off, whole contraption comes tumbling down

so sad

so it goes

encrypted is hassle

i looked into openzfs implemented encryption and it looks weird

oracle one is as bad too?

for good encryption we have a geli

but i have no idea how well it runs over or under zfs

or ufs even

Stefano talks about it in his blog: it-notes.dragas.net/2025/07/29/make…rging-the-freebsd-backup-stronghold

Koston: i laughed at attempts to use lawyers to make gpon devices interoperate

lawyers failed

:p

unsurprising

but amusing, hehe

imagine if you try to be isp and you step into cowshed and you have to choose where you step

where's the less damage

:p

capitalism basics dictates companies only produce interoperable standards when it benefits them, and making gpon ones interoperable would benefit none of them

ericsson and what else was tested

huawei specific downstream ecryption

what the hell

I suppose the other thing I should do is get on with working out disk layout for my local, blu-ray backups. You simply cannot beat a readonly offline backup.

that was probably blurted out because ton of people asked how come you selected like last possible manuf

hehe, they're certainly shameless in cracking competitor products, modifying and then reselling them with their own heavy tamper proofing

but of course it's a pain, ideally I'd want to make sure each disc is independent but it'd also be helpful if I wasn't manually shuffling files around to put on them

hmm are blus good for bak0

?

depends how much data and how often you want to backup, I think

should backup more

mm. mostly stuff like photos and music

I learned this lesson the gentle way when it turned out a file was missing and none of my backups had it because they all just cycled out old shit and it had been too long

however, in 2008 I'd backed up my music onto DVD, and that DVD? Still perfectly readable, still had the file I wanted

no idea if they work though lol

thanks for sharing

how long is the average optical media lifetime? at least things like original playstation 2 games are now suffering major disc rot

also if I ever got some ransomware on my system I'd really, really be wanting backups that can't be fucked with using credentials on my system

isn't cost effective way just to rotate disks around

I'd be tempted to get tape drives but I reckon blu-ray and maybe making new backups of the old stuff every few years will do

tapes have crazy price

yeh, I think tapes are more industrial strength solution, when you also have a big tape robot for automated rotation etc..

unsure what their lifetime is

tape wasn't so shove and forget too

can't beat read only media like optical tho

i only have had cd burner and i have unchecked cd backups

one (rather gung-ho) backup method is just uploading heavily encrypted archives onto multiple public services, counting on that at least one of them will still be up if/when you need it

disk space in general isn't very expensive

unsure how real complete compromise risk is

what's bluray prices btw

risk of something getting compromised is roughly [interest * difficulty] of the hacking, so unless your backup becomes a very interesting target to someone, the risk should be very low for a long, long time

and

tpm isn't support but

i wonder

actually

I still wouldn't use such a method for anything beyond something like, my illegally obtained .mkv movies collection or such..

wtf everyone uses?

I'm using just full disc zfs encryption

i don't believe every company uses some closed hsm's and stuff they click click click install pray and sue

trade secret for sure but

wtf do they use :)

uh.. ones I've been at, the most they've done is ask me "pls setup your desktop/laptop with disk encryption"

with no further instructions or guidelines or requirements whatsoever

i mean more like inside

i bet they could blame you for leaks

:)

I'm not legally bound by any NDA anymore

funnily companies have been hit by windows ransomware

and havr lost data

so

hell knows

oh security is fun

not so long ago, one cloud provider imploded entirely after being hit by hackers. their entire infra got owned and utterly destroyed.

whooops

all hw, keys, backups?

like wipe zero and retry?

:/

the name is forgotten at this location

The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data.

yikes

that's a bad day

i mean i'm not sure if large data provider can do offlines but

definitely a good "on today's episode of how fucked up is fucked up"

apart from hacker you could also get this from fired worker, etc

must have some segmentation here

CloudNordic could not be reached for comment. Its website notice said that the company had difficulty in communicating. An email with questions about the incident bounced back with an error message saying the message could not be delivered.

lol

but yeah

how to not do exactly this

almost like fb crashed and couldn't get into office even as door entry is also ip

and that's the company that can build whole large dc

Hey there! I set up a backup server a few years back with GELI encryption. I've been able to get the password correct a few times, but seemingly only when the installer USB stick is in. I've sorta given up and just want to wipe the system at this point, but I seemingly can't boot the USB image, even when trying to bypass it in the bios, it just goes to this disk. IDK if this is a EFI thing?

I wish I could have it display what I'm typing into GELI. I have to be hitting something wrong. It really dosn't help that I use dvorak, and it's in qwerty until I get the system up.

how can passphrase be correct if installer is there?

and then installer won't work

That's the odd thing, with the USB installer inserted, it goes to the GELI prompt, and if I get it correct, it starts the installer rather than the image that GELI is on. I have the something like this going on with another image,

unsure where and when those ade enteted but

it's an EFI thing yes

can't you test keyboard

hmm

if you can switch to legacy bios boot only, then use that to bootup from usb stick and wipe the hdd

never used geli eh :/

I dunno exactly what the loader is doing; automatically searching all connected disks if they're encrypted and then requiring password to continue

decryption works?

then it boots wrong thing?

nah if you input correct password then you can continue booting up from the usb stick

with geli?

anyway if pass is still known why wipe it

It's almost like there's a bug in it. I'm entering the same thing everytime, but seemingly only on the third try will it go through. Got the installer up, just going to nuke this.

3rd boot?

i wonder why

well you can wipe whatever you wish

if you want

just curious about random faults

what's the hw and sw config of this?

I assume 1st stage bootloader wants to be accommodating for situations where full disk encryption setup changes and disk names change

as a side effect, well, you can have trouble when trying to bootup from usb stick

with efi, there's just one loader anyway?

i should try geli sometimes

there's also no efi hw at hand :p

ketas: third time I try entering the password. It prompts 3 times, if you don't get it, it fails.

hmm

It's an old Xeon low power system, I think this is something like a 1220-Lv3, ECC RAM, all ZFS

18 watt processor, my main is a 13 watt processor with ECC

unless things are really wrong keyboard can't emit password right 33% of time

ketas: loader.efi is now combined stage 1-3 bootloader when booting under UEFI, but full disk encryption with GELI works equally well under MBR and I assume that extremely constrained amount of loader code is shared between both

I really need sleep now though, but what wipt describes sounds like a bug

Or I just am really bad with a keyboard :/

wipe would wipe the bug away too

so

again

without installer, it won't boot?

at all?

that would be fun

that would mean you managed to put installer as part of your boot

eg loader

actually how did geli even work

have to have something outside of disk

My other system, I forgot to update gpt when updating ZFS, tried installing another system, did the GPT update, but now I have the new system boot, but it boots into the old system. I can NOT remove the new system and have the old system boot. Absolute kludge.

meh

gpt?

loader?

ketas: idk, again, this system was set up like three years ago.

ketas: the new disk descriptors, what replaced MBR

but this was gpt?

GUID Partition Table

corrupting a gpt has recover method

if it's that

wipt: it looks like you have messed with the loaders, you have to fix it

where are the old and new systems anyway

I dug around in the forums and elsewhere, tried a bunch of things, didn't have any luck. I'll have to wipe that system too. It's an old install from like 2014, so it's probably due for that anyways.

under my desk