I am definitely holding ipfw NAT wrong, which is why I can't make it work for me to run the IPv4 for my jails; my only question is, how is it supposed to be held "right"?

When I'm doing a scrub with ZFS, what's, in the status, the difference between "122 G / 180G scanned" and "1G / 180G issued". What's issued? I'd expect that a scan already means that all hashes have been checked

please read zpool-scrub(8)

if you then still have questions, ask;)

manpage is not clear about it, and googling found out it's completely backwards?

like i assumed issued is ready to process and scanned is processed

but scanned is before

that explains why issued is lower

that's the real thing

to issue is such a fancy word that no wonder it confused living hell out of people

i mean zfs is full of weirdness, have to be sun engineeri to get why i guess

like how zfs talks in full confusing messages, spanning 2-3 sentences long to say errors

and put mysterious long error number or id there

as if one needs to fish it out of manuals or phone support or so

maybe they actually did

applications unaffected and applications affected is one of that weirdness

seems like lawyers also entered zfs dev back then and so on

it's wtf to everyone else

zfs also has invented new words to existing methods

you never know which ones are patented etc;)

:p

there are almost no issues reported, probably people no longer use FreeBSD and just hang here out of curiosity

am I right ?

not sure that existing methods were really standardized enough that it would make any sense for the ZFS terms to just be changed to match them

are you joking, mzar?

cats here?

curious

???

mzars

megaTherion, does that work when one has vnet jails? like, can the jails have their own firewall rules?

mzar: bugs.freebsd.org/bugzilla would disagree with you. They even have a handy show bugs filed in the last 24hrs link. Feel free to fix some of them!

MelMalik: vnet jails can have their own firewalling, yes

MelMalik: In fact, I recently learned that if the host has ipfw enabled, I need to add rules to jails or they pick up a default deny.

mason, hellofa coincidence, i also recently learned that

but I was asking about pf, not ipfw, as I am (mostly-unseriously) considering converting my setup to pf

Is there an elevator pitch that would recommend such a conversion? ipfw seems fine here.

I can't work out how I'm holding ipfw NAT wrong that makes me unable to set nexthop the host in one of the VMs and have stuff work

MelMalik: Ah, make sure that you don't have TSO enabled. From the bottom of the ipfw man page: "Due to the architecture of libalias(3), ipfw nat is not compatible with the TCP segmentation offloading (TSO). Thus, to reliably nat your network traffic, please disable TSO on your NICs using ifconfig(8)."

This bit me.

I believe I did that already. However, vlanhwtso was up - is that by change the same?

Not sure, but it's a good question.

With that arranged, should it be sufficient to have `ipfw nat 1 config if ix0 log; ipfw add 00500 nat 1 log ip4 from 10.6.0.0/16 to any out via ix0; ipfw add 00502 nat 1 log ip4 from any to me in via ix0"?

[mismatched quotes]

update: later rule was misconfigured

xD

Ah, glad you found it. I don't have enough internalized to debug without going back to the docs.

I had been using allow ip from any to me/me to any; I had forgotten to also use any to 10.6/16 and 10.6/16 to any

looks like my ancient supermicro 1u X8 has a panic on boot on fbsd :/ that sucks.

i thought that thing would be smooth sailing

zie: fixed, but only one ;-)

zie: I don't think this fix will pass further, but problems can be solved in many ways ;-)

does zfs create mirror supports disk labels ?

hernan604: Yeah, you can use GPT labels if that's what you mean.

hernan604: so please follow mason amd don't use glabel(8)

Oddly enough, glabel talks about GPT labels in the glabel(8) man page, but they are indeed distinct.