00:09:08 rtprio: Same local disk transfer or remote pool? 00:10:27 To be honest, I'd likely use zfs send/recv for either just for piece of mind. I know that's going to be correct. 00:11:10 But, rsync can be handy when moving data from outside a dataset into another while keeping perms correct. It just depends on exactly what you're doing, I suppose. 00:14:51 same host 00:15:23 i get the feeling it's just going to take forever regardless which way i do it 00:15:42 rtprio: Just use zfs send/recv if you don't need any changes to anything. 00:15:48 You want an exact copy? 00:15:58 yeah 00:16:12 (a different destination dataset name is fine.) 00:16:40 Yep. I'd use send/recv then. 00:16:44 rsync -rpvTa /old /new but ... yeah send/recv is probably better 00:17:02 also at least if there are many small files, i think that would be one item in favor of send-recv being faster 00:17:09 good point, for sure 00:17:38 It's be more reliable on the zfs-side of things. But, it actually might be a bit quicker since it's a supported ZFS built-in feature. 00:17:52 jmnbtslsQE: Exactly. 00:18:44 i was also going to bring up compression, but i think send-recv always decompresses/recompresses (depending if compression is enabled on the two sides), so no advantage there 00:19:54 (and i guess that's the reason why there's a send-stream compression option, for in-transit compression) 00:20:11 And it looks like rsync (given the options provided above) would compress and also encrypt the transaction? 00:20:13 some of the partitions are pretty big files, so may not make too much difference 00:20:51 no, i don't have -z to rsync 00:21:04 rsync isn't going to compress or encrypt anything operating locally, but if the zfs datasets have compression enabled, the compression will happen just to read and write the files 00:22:34 (and yeah -z isn't there, i forgot about that option) 00:22:57 though, hmm wonder if it would actually do -z if it's local 00:23:13 i think so but it would be unnecessary overhead 00:23:13 heh 00:23:19 yeah 00:36:38 Well, you could always turn compression off and turn it back on with ZFS. Of course, nothing transferred during the send/recv would be compressed, though. 00:37:19 It would remain uncompressed after transfer. So, it's not really unnecessary unless you don't need compression. 03:45:08 Hey, not sure if this is more appropriate for FreeBSD or #networking, but I'll try here first... I have a box running FreeBSD with pf acting as a firewall. I recently got a second WAN connection, delivered over PPPoE on a 10Gbit port. I want to set things up correctly so that programs can bind to the IP/interface of the WAN connection, and have the traffic be routed appropriately. I have something 03:45:10 that "kind of" works, using reply-to and route-to, but the performance seems to be abysmal even though my CPU usage is low. What's the right way to do this? 03:45:55 tun2 is "inet 76.70.104.235 --> 10.11.1.177 netmask 0xffffffff" and I have the lines "pass in quick on tun2 reply-to (tun2 10.11.1.177) keep state" and "pass out quick route-to (tun2 10.11.1.177) inet from 76.70.104.235 keep state" in my pf config. 03:46:26 It's a 3gbit symmetrical connection and I get at best 400mbit but sometimes a lot worse. The connection works at its full potential to the same test endpoints without FreeBSD in the mix 03:47:14 Also, incoming TCP connections to 76.70.104.235 seem to not work, but ICMP works fine. 03:50:36 (Don't try to test it yourself, because the IP address just changed - or if you do, replace the 76 address with 142.112.130.103) 13:14:07 hello, I've been using OpenBSD for a while on an old thinkpad x200, with 8GB of RAM and an SSD (but a Core 2 Duo). It is considerably slower than any of the Linux distros I've tried, even after tweaking OpenBSD for performance. How is the performance aspect in FreeBSD? Would it run at least faster than OpenBSD? The same? How would it fare against Linux. I am using it a desktop environment, not a server, and I would like to keep using one of the BSDs 13:15:29 probably better to just try it out and see 13:17:13 that was my plan regardless, excited to see how it differs from OpenBSD 13:23:41 Out of curiosity, slower how/where? Video playback, gaming, wifi, compiling, booting? 13:25:43 slower is extremely subjective 13:28:27 No way. If your girlfriend wants to take things "slower," you know exactly what that means. 13:33:02 psychonate: video playback, internet browsing, compiling and booting 13:42:13 Hi, ZFS gurus. can i migrate my current ZFS layout to the default FreeBSD layout shipped in images? my layout: https://termbin.com/h6h9 13:42:22 https://cgit.freebsd.org/src/tree/release/tools/vmimage.subr#n215 13:42:44 without reinstalling from scratch 14:02:23 where is / mounted? 14:05:10 lsblk shows it 14:07:16 angry_vincent: where is / mounted? 14:07:50 la_mettrie: that's not a freebsd program 14:28:34 rtprio: vixen/os/main is my / 14:31:30 i think it could be done 14:32:06 take a snapshot with bectl, install a new environment to vixen/ROOT/default 14:32:32 boot off of it. then go back and add the rest of /var and /usr in single user mode 14:55:09 I just installe freebsd on my x200, but I can only boot in (and could only install it) in safe mode? is there a reason for this? I have already upgraded the system, but I still need to boot in safe mode. How can I make this the default? 15:01:38 Safe mode? 15:03:22 for me each mode with FreeBSD is safe 15:03:43 Does it only boot in single user mode? 15:05:06 not single user mode, safe mode 15:05:17 it's a special boot option 15:05:35 I wonder, has anyone encountered an issue where an NFSv4 FreeBSD export mounts fine on a Linux client machine, but any attempt to access it returns "Input/output error"? 15:06:32 Does anyone know how I could begin to start debugging this? 15:07:06 lil_lasagna: I don't have a safe mode option in my boot loader. What are you using? 15:09:06 vkarlsen: I am using an x200 thinkpad. When I boot it gives me a welcome screen, and if I press 7 it goes into boot options. From there you can disable/enable stuff like safe mode, acpi, single user and verbose. I have tried all combinations and works only with safe mode on and acpi on 15:10:06 lil_lasagna: Ah, I see! Now we just need to find out exactly what this does. What happens if you don't turn on safe mode? 15:13:04 well, this time it did not get stuck 15:14:03 I guess this is it, from stand/forth/menu-commands.4th: https://paste.karlsen.tech/?e4971616fcf2851e#F16ve5vTCyNJha151HFUpqsavLgKbri51QE1oAfd1KGg 15:15:03 I'll reboot just in case it was just a fluke, but before it would get stuck at random parts. Right now it is stuck after starting the dhclient 15:15:51 I'll set all of those in the /boot/loader.conf and report back 15:16:06 I already had some of those set from testing stuff 15:16:31 Rather try one by one to find out which one(s) you actually need 15:17:38 You shouldn't need to disable smp 15:18:20 I'll test them all one by one 15:19:51 it also gets stuck after starting devd 15:20:10 iwn_read_firmware 15:40:00 vkarlsen: seems like it works if I disable smp 15:57:30 dch, you around? 15:57:45 * dch waves to jbo 15:58:05 dch, I was wondering whether there was a "misunderstanding" regarding D49360 approval 15:58:16 just to be clear: I am very good at being patient - just wanted to check :) 15:58:57 jbo np, whats missing? 15:59:10 dch, approval :p 15:59:43 I wasn't sure whether this was given implicitly we fought thru my brain meltdown on IRC 16:00:04 aah ok so this is reasonably common. to avoid another round of minor changes we just go "approved, just tidy up this last thing" 16:00:39 dch, indeed - but I didn't see/hear that either - unless that was implicit :p 16:00:42 weird, I definitely accepted the revision, but theres no green tick in phabricator 16:01:16 so it's not just me then 16:01:39 so I just clicked send again 16:01:52 thank you! 16:02:00 I think I didn't click send again this morning 16:02:06 the kids stole my coffee 16:02:27 how dare them 16:03:04 for all port changes I use `portfmt` and `portclippy` and try to keep them happy, and for new ports, `portlint -AC` as well 16:03:08 btw I did go thru portfmt/portclippy as usual. however, I decided to leave the variable order because having github before gitlab is misleading in this case (at least in my opinion) 16:03:36 given that gitlab is the "primary source" 16:03:47 the `nodefault` tells me its fetching multiple sources 16:04:09 it does. but the primary upstream source is coming from gitlab. the github ones are submodules 16:04:17 and I just let auto-formatting tools have their way, its not worth the effort of swimming upstream 16:04:21 so I figured having gitlab before github is "more sane" 16:04:28 but as i said those are quibbles, not required changes 16:04:42 ooh I'm asking for _your_ personal opinion :) 16:05:04 you might get a stroke if you'd ever decide to run portfmt/portclippy over the whole tree. there is some nasty stuff in there :x 16:05:33 as for pkg-descr: upstream doesn't give me a lot to work with that seems reasonable :p 16:05:39 but I'll try harder! 16:13:45 yep the tree is a moving target indeed 16:14:03 occasionally I go back and check my old ports, that guy was terrible 17:16:43 Dooshki: check with tcpdump what message nfs is sending back. it might say "unk 10020", or it might say something about authentication or similar 17:18:43 i think usually it's because your client isn't in the ACL specified in the export, or it's because mountd hasn't been restarted since something was mounted over that exported path 17:46:39 "programname[3766]: stack overflow detected; terminated" <- interesting, what part of system takes care of guarding the stack ? 17:47:37 SSP maybe? 17:59:44 client to server: NFS request xid 2623060516 208 getattr fh 0,2/53 17:59:50 server to client: NFS reply xid 2623060516 reply ok 96 getattr ERROR: unk 10020 18:13:06 Dooshki: tried restarting mountd? 18:14:19 jmnbtslsQE: Several times 18:16:44 I've even updated the Linux kernel on the client machine from 6.1 to 6.12 (debian bookworm -> debian bookworm backports) 18:16:49 hmm, i forgot what else that error can mean - maybe there's a synax error in the export line and it's not being added correctly. i think showmount -e is the tool to check that. or check your var/log/messages for an error for that exports line 18:17:15 it's NFS4 right? 18:18:47 jmnbtslsQE: Yeah, NFSv4. I was actually setting up a kerberized setup, but while I got the kerberos authentication to work, NFS file access itself doesn't. Right now, I'm testing it with a bare/unsecured configuration 18:20:05 # cat /etc/exports 18:20:07 V4: /test_export -sec=sys 18:20:31 hmm, you need an export line aside from your V4 declaration 18:20:52 at least, i think you do. that's always been my understanding 18:21:43 yeah, just checked. so add an export line for /test_export and see then 18:23:05 i don't remember if the export line needs to be relative to the root under "V4" 18:23:14 Oh, that actually works, thanks! Interesting how the mount command did work without that 18:25:02 Fascinating 18:25:36 yeah i think that's related to how state is organized in NFS4, i guess those conditions are held at the lvel of requests instead of the overall mount 18:25:39 however, now I'm getting the following warning in the messages file: mountd[4193]: Warning: exporting /test_export exports entire / file system 18:26:00 not sure about that one, it might be that it's just talking about your export is the same as the "root" defined in your "V4" 18:26:29 Yeah, could be, I'll try to play around with it 18:26:47 OK 18:30:08 It's actually working, that's amazing, even with Kerberos now :D Thanks a lot! 18:30:47 ah great. sure 18:31:23 quick question, just wanna make sure this is an across-the-board thing: is there any legitimate way to have direct memory access in userland in any BSD system? 18:31:42 by legitimate i mean officially supported 19:25:13 <[tj]> Matt|home: yes, mmap 19:25:54 <[tj]> Look at how vpp works with dpdk as an example 19:26:07 <[tj]> It’s not a simple example, I’m sorry 19:38:03 lil_lasagna: That's unfortunate. I was hoping it would be one of the others. 20:12:15 jmnbtslsQE: I found out something fascinating: If I enable NFSv4-only mode by setting nfsv4_server_only="YES" in /etc/rc.conf, mountd rejects the existing /etc/exports file that worked before, and if I remove them and only have the V4 line, I get the same "Input/Output Error" as before 20:12:50 *if I remove the NFSv3-style export lines 20:13:58 With NFSv3 enabled, and the NFSv3-style lines present, Linux is able to work with it properly, and it is using the NVSv4.2 protocol, I see it in the mount options 20:19:16 So for some reason, you need to have NFSv3 enabled and configured in order for NFSv4 to work... 20:33:52 Dooshki: not sure how to explain that, but i also have nfsv4_server_only and it works (without nfs3). i wonder if there is a problem with your export line(s) 20:35:56 to be sure though, NFS config certainly can be a mysterious subject, so i don't blame you for being fascinated 20:45:24 jmnbtslsQE: Well, here's the export lines: 20:45:27 V4: /shared -sec=krb5p -network 192.168.100.0 -mask 255.255.255.0 20:45:29 /shared/dooshki -sec=krb5p -network 192.168.100.0 -mask 255.255.255.0 20:45:31 /shared/dooshki_bulk -sec=krb5p -network 192.168.100.0 -mask 255.255.255.0 20:46:10 with NFSv3 enabled, this works perfectly. With it disabled, named complains that the two lower lines are invalid 20:46:18 *mountd 20:47:29 i seem to remember something about -mask no longer working in nfsv4. and/or also maybe something with -network. can you try -network=192.168.100.0/24 20:47:51 but you should have seen messages in /var/log/messages about this 20:52:09 I might take a look at it next weekend. For now, I'm happy it works, and I appreciate your help. I thought setting up this NFS server would be a quick 2-hour ordeal, since I already had everything ready for it (DNS with reverse look-up, NTP, etc.), but I've spent the entire day on it :) 20:53:13 OK 20:53:32 this thing is accessible over the internet? 20:53:55 nope, but it's a network with potentially hostile devices attached on it 20:53:56 ah, maybe not, i see your ACL is private addresses 20:54:01 OK 20:54:04 that's why kerberos 21:02:36 jmnbtslsQE: Out of sheer curiosity, may I see a sample working configuration? I think I might try to see if I can reproduce this behavior between two VMs next weekend 21:18:32 Dooshki: 21:18:34 V4: / 21:18:37 /mnt/mountpoint -mapall=root -alldirs -network=192.168.1.0/24 21:18:58 not sure if -alldirs still does anything anymore, but it doesn't seem to break anything 21:19:24 this is with nfsv4_server_only="YES" 21:20:10 Thanks, I'll try experimenting around with it 21:20:32 OK 23:15:54 anyone running on AMD Ryzen Embedded V1500B? I can't get past the loader screen on the installer. i had opnsense running on this before, so i know it's capable. i'm guessing there's some loader option i need to pass.