Just read up the man page for route(8). Seems the metric isn't actually used by the kernel. Oh, well.
Which means that we'll have to run some sort of daemon like gated instead. -Philip Ron Byer wrote: > Philip, > > Thanks. I will dig into this deeper as you suggest. I've been planning > on getting tcpdump involved with figuring out what's going on with > nslookup. > > Ron > Philip Prindeville wrote: >> The correct answer is, "Well, it all depends". >> >> Different services deal with multihoming differently... and even amongst >> the same service, different implementations can be more or less >> enlightened in dealing with multihoming. >> >> First, you don't want to assign equal metrics to your "backup" >> interface, or it won't be a back up at all. It needs to have a higher >> metric. A significantly higher metric. >> >> I'll look into adding that to the scripts. (use "netstat -n -r" to get >> better routing info, or else "route -n"). >> >> As for the DNS issue, I can't really say without seeing "nslookup" with >> debug turned on, and possibly also tcpdumps. >> >> For SIP, you can force Asterisk to only bind to the primary address... >> but a better choice might be to use SRV records, and set higher costs on >> the backup addresses. >> >> -Philip >> >> >> Ron Byer Jr. wrote: >> >>> Greetings – >>> >>> I’ve been using 0.6 (trunk-1725) in a soekris 5501 for a number of >>> months now. Been working quite well. (sk2) >>> >>> We have another sk5501 running in another office using 0.6 >>> (trunk-1805) that we use as well. (sk1) >>> >>> >>> Earlier today I had the bright idea of adding an additional external >>> interface to sk2 for the rare occurrences when our connection is dead. >>> I configured in the 2^nd external interface as EXT2IF and was able to >>> immediately bring up a backup trunk on sk1. It came up quickly, but >>> then I started to notice some problems. >>> >>> The first casualty was DNS lookups, which are broken. Doesn’t matter >>> what the DNS Server is, it comes back immediately. I have to look into >>> why and where it is getting hosed, but as soon as I take out the 2^nd >>> interface, it comes back. >>> >>> Secondly, we noticed that the SIP registration packets sent by sk1 to >>> both interfaces were also responded to by a single interface on sk2. >>> >>> The local routing table has two default routes, and the 1^st so-called >>> default route is the one in use. >>> >>> sk2 os # ip route >>> >>> 96.56.230.72/29 dev eth0 proto kernel scope link src 96.56.230.77 >>> >>> 68.236.211.0/24 dev eth1 proto kernel scope link src 68.236.211.19 >>> >>> 192.168.17.0/24 dev eth2 proto kernel scope link src 192.168.17.5 >>> >>> default via 68.236.211.11 dev eth1 >>> >>> default via 96.56.230.73 dev eth0 >>> >>> The comments in rc.conf would seem to indicate that the 2^nd interface >>> will serve as a backup default route, so possibly it is not unexpected >>> that there are two. Is this expected ? >>> >>> I’ve been reading quite a bit today on whether multiple default routes >>> are good, bad, or evil. There seem to be plenty of opinions in the >>> latter categories. >>> >>> The alternative seems to be that we could set up policy based routing >>> with additional routing tables to address this, but then it appears >>> that the benefits of having a second, transparent route plan would be >>> largely shot. >>> >>> I’ve included our rc.conf below if of any value. Any insight on the >>> direction we should pursue here would be appreciated. >>> >>> Thanks, >>> >>> Ron Byer Jr. >>> >>> NetWeave Integrated Solutions, Inc. >>> >>> +1.732.786.8830 x120 >>> >>> Here’s our rc.conf if useful, >>> >>> =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2008.09.26 19:19:59 >>> =~=~=~=~=~=~=~=~=~=~=~= >>> >>> cat <rc.conf >>> >>> ## AstLinux Main Configuration file >>> >>> ## >>> >>> ## Web: http://www.astlinux.org >>> >>> ## Support: http://lists.kriscompanies.com >>> >>> ## Donate: Paypal [EMAIL PROTECTED] >>> >>> ## >>> >>> ## Don't uncomment any line with more than one #! >>> >>> ## >>> >>> ## >>> >>> ## Begin rc.conf ## >>> >>> ###Basic Stuff >>> >>> ##Hostname >>> >>> DOMAIN=astlinux >>> >>> HOSTNAME=sk2 >>> >>> ##Timezone >>> >>> ##If you define this variable, AstLinux will link this file from >>> >>> ##/usr/share/zoneinfo/$TIMEZONE to /tmp/etc/localtime on startup >>> >>> ##GMT (UTC) is the default >>> >>> TIMEZONE=America/New_York >>> >>> ##uClibc Timezone >>> >>> ##See >>> http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html >>> >>> TZ_TIMEZONE=EST5EDT >>> >>> ###Interfaces >>> >>> ##IFRENAME Support >>> >>> ##If for some reason you need to move your interfaces around before >>> >>> ##they are configured, you can do that here if you built your system >>> >>> ##with wireless-tools enabled (it's included by default. >>> >>> #IFRENAME="eth0:8139too:i10 eth1:8139too:i12 eth2:8139too:i11" >>> >>> ##Physical Ethernet Configuration >>> >>> ##If you need to manually specify any speed and duplex settings, you can >>> >>> ##do that here NOTE: This will disable auto-negotiation for any devices >>> >>> ##you enable it for. You CANNOT use variables like $EXTIF, $INTIF, etc. >>> >>> ##Note that this code runs AFTER the ifrename support above. >>> >>> ## INTERFACE:speed:duplex >>> >>> #PHYETH="eth0:10:half eth1:100:half" >>> >>> ##VLANS >>> >>> ##Configure vlans here. These will be created on boot BEFORE INTIF, >>> etc are >>> >>> ##brought up. You can then use these values for INTIF, EXTIF, etc. >>> >>> #VLANS="eth1.110 eth1.120" >>> >>> ##Set 802.1p CoS on VLAN >>> >>> #VLANCOS="yes" >>> >>> ##BRIDGES >>> >>> ##If configured with bridge-utils AstLinux can setup layer 2 bridges >>> for you >>> >>> ##Very useful for access points, small "switches" etc. You can define >>> up to >>> >>> ##three total (BRIDGE0, BRIDGE1, BRIDGE2). This example creates device >>> "br0" >>> >>> ##and adds the interfaces (seperated by spaces) to the bridge. Bridges can >>> >>> ##include vlans as defined above. >>> >>> #BRIDGE0="eth1 ap0" >>> >>> #BRIDGE1="ap1 eth0" >>> >>> #BRIDGE2="ath0 eth1" >>> >>> ##MTU Changes >>> >>> ##If you need to specifically set the MTU for a given interface, do >>> that here. >>> >>> ##You can try to set the MTU for any valid type of interface. With >>> ethernet it >>> >>> ##works most of the time. Everything else, caveat emptor... >>> >>> ##If you are using PPPoE don't worry. We automatically handle those >>> MTU issues >>> >>> #IFMTU="eth2.41:1496 eth0:1492" >>> >>> ##WIFI >>> >>> ##Wireless configuration. Currently only Atheros chipsets (via madwifi-ng) >>> >>> ##are supported if built with madwifi. You can define up to three AP's and >>> >>> ##three stations. WIFIMODS are the modules to load in order before >>> trying to >>> >>> ##configure the wireless devices. >>> >>> #WIFIMODS="ath_pci" >>> >>> ##Access points >>> >>> #AP0="wifi0:ap0:1" >>> >>> #AP1="wifi0:ap1:1" >>> >>> #AP2="wifi0:ap2:1" >>> >>> ##Client support >>> >>> #ATH0="wifi0:sta" >>> >>> #ATH1="wifi1:sta" >>> >>> #ATH2="wifi2:sta" >>> >>> # Note: If you're putting your external interfaces into a bridge, such >>> >>> # as br0 being eth0 and w1ad, then keep in mind that a bridge seems to >>> >>> # want to use the address of the first Ethernet controller added to it >>> >>> # (and never the address of the ADSL interface). >>> >>> # In such a case, you'll probably want: >>> >>> # EXTIF=br0 >>> >>> # BRIDGE0="eth0 w1ad" >>> >>> # and not the reverse. >>> >>> ##Change EXTIF's MAC address here (for some cable connections) >>> >>> #EXTIFMAC="01:02:03:04:05:06" >>> >>> ##Change EXT2IF's MAC address here (for some cable connections) >>> >>> #EXT2IFMAC="01:02:03:04:05:06" >>> >>> ##External Interface >>> >>> ##The external interface has a fairly restrictive firewall when not in PBX >>> >>> ##only mode. See the Firewall section in this file for more details. >>> >>> EXTIF=eth0 >>> >>> ##Backup External Interface >>> >>> ##The backup external interface will be used as a backup default route >>> >>> ##in case the primary becomes unavailable. The firewall rules, >>> routing, etc >>> >>> ##apply identically to both interfaces. THIS CURRENTLY ONLY WORKS IF BOTH >>> >>> ##EXTIF AND EXT2IF HAVE STATIC IP ADDRESSES. >>> >>> EXT2IF=eth1 >>> >>> ##Fancy External interface support >>> >>> ##THIS HAS CHANGED FROM PREVIOUS VERSIONS!!! >>> >>> ##You will still need to set EXTIF to your external interface (wp*). >>> >>> ##If EXTIF=hdlc0, I will start zaptel and run sethdlc. >>> >>> ##If EXTIF=pvc0. I will start zaptel and run sethdlc. You will also >>> need to >>> >>> ##fill in HDLCLMI and HDLCDLCI >>> >>> ##See more options below. >>> >>> ##Use wancfg first! >>> >>> #EXTIF=wp1chdlc >>> >>> ##Use cisco encapsulation and be done >>> >>> #EXTIF=hdlc0 >>> >>> #EXTENC="cisco" >>> >>> ##Zaptel Data Support >>> >>> ##If you set EXTIF=hdlc0 above, you will probably need to set the >>> >>> ##protocol here. See sethdlc for valid types, but you PROBABLY want >>> >>> ##"cisco". DO NOT USE THIS WITH SANGOMA HARDWARE!!! Use wancfg!!! >>> >>> #EXTENC="cisco" >>> >>> ##Frame relay with LMI and DLCI (will use hdlc0) >>> >>> #EXTIF=pvc0 >>> >>> #HDLCLMI=ansi >>> >>> #HDLCDLCI=100 >>> >>> ##Sometimes it takes a while for the WAN interface to come up... >>> >>> ##This can happen with frame relay and PPPoE, for example. >>> >>> ##Set this variable in seconds, and I will sleep on startup before >>> >>> ##I attempt to bring up the WAN interface. >>> >>> #WANDELAY=60 >>> >>> ##If EXTIP is set, the remaining STATIC config is read instead of the >>> >>> ##default, which is DHCP client on $EXTIF. If you are using a T1/E1 >>> >>> ##EXTGW is also the PtP address. You can enter as many DNS servers as >>> >>> ##you wish. They will be added in order. >>> >>> EXTIP="96.56.230.77" >>> >>> EXTNM="255.255.255.248" >>> >>> EXTGW="96.56.230.73" >>> >>> DNS="167.206.112.138 167.206.7.4" >>> >>> ##These variables are required for internet failover. They will do nothing >>> >>> ##if either EXTIF or EXT2IF are set to dhcp. They will use the same DNS >>> >>> ##servers as above. >>> >>> EXT2IP="68.236.211.19" >>> >>> EXT2NM="255.255.255.0" >>> >>> EXT2GW="68.236.211.11" >>> >>> ##Internet failover timeout. How long to wait before switching default >>> routes. >>> >>> ##If failover is otherwise setup - EXTIP, EXT2IP, EXT2IF, EXT2GW the >>> default >>> >>> ##will be 10 seconds. You can change that here. >>> >>> #FAILTIME=10 >>> >>> ##Use local dnsmasq >>> >>> ##This setting controls whether or not we will use the local dnsmasq >>> instance >>> >>> ##for DNS resolution on THIS machine. >>> >>> #LOCALDNS=yes >>> >>> ##You don't have to use DHCP + DNS with all of your internal interfaces. >>> >>> ##Here you can specify a list of interfaces that will not have a DHCP >>> range >>> >>> ##associated with them. You can use real interface names or variables. >>> >>> ##I recommend variables. Seperate multiple IFs with spaces. >>> >>> NODHCP="$INTIF" >>> >>> ##DHCP Range >>> >>> ##Here you can define the range of IP addresses for your local networks. >>> >>> ##This value will apply to all of your INTIFs. We will automatically >>> calculate >>> >>> ##the first three octets. Just tell me which range I should give out >>> leases for. >>> >>> ##In this example, if INTIP=192.168.0.1, we will give out leases for >>> >>> ##192.168.0.100 - 192.168.0.252 >>> >>> #DHCPRANGE="200:252" >>> >>> ##If you do not define the INTIF, I will not try to start one. >>> >>> ##If you do not define any INTIF(s), I will also not start the >>> following services: >>> >>> ##dnsmasq iptables astshape (PBX only mode) >>> >>> ##PBX Only mode is enabled by default from 0.2.8.10 >>> >>> INTIF=eth2 >>> >>> ##Internal IP address and netmask >>> >>> INTIP="192.168.17.5" >>> >>> INTNM="255.255.255.0" >>> >>> INTGW="192.168.17.1" >>> >>> ##Additional "Internal" interfaces >>> >>> ##By default they will be brought up identically to INTIF. >>> >>> ##They will be able to access the AstLinux machine and go >>> >>> ##out via EXTIF, but routing between them is not permitted. >>> >>> INT2IF=eth3 >>> >>> #INT2IP=192.168.102.1 >>> >>> #INT2NM=255.255.255.0 >>> >>> #INT3IF=eth2 >>> >>> #INT3IP=192.168.103.1 >>> >>> #INT3NM=192.168.103.1 >>> >>> ##DMZ Support >>> >>> ##Uncomment the following to utilize a DMZ network. The DMZ network by >>> >>> ##default is only allowed to access the internet (via EXTIF). It is not >>> >>> ##able to access services on the AstLinux machine, or any of the machines >>> >>> ##on INTIF. To allow access to services on the AstLinux machine >>> >>> ##(Asterisk, etc.) set DMZTYPE=extme >>> >>> DMZTYPE=extonly >>> >>> #DMZIF="eth2" >>> >>> #DMZIP="192.168.102.1" >>> >>> #DMZNM="255.255.255.0" >>> >>> ##IP DMZ Support >>> >>> ##Uncomment the following lines to support more traditional DMZ setups. >>> >>> ##If you define DMZIP astfw will automatically forward any new/unknown >>> >>> ##tcp and udp connections coming in on EXTIF to the IP address that you >>> >>> ##specify. If you say "auto", AstLinux will use the first DHCP lease from >>> >>> ##the instance of dnsmasq running on INTIF. >>> >>> #DMZIP="auto" >>> >>> ##You can also specify a IP/hostname/netblock of IPs that should still >>> have >>> >>> ##access to the AstLinux system, i.e. not be forwarded to the DMZ host. >>> >>> ##Define that here. These are examples of what is possible, only >>> define one. >>> >>> #DMZSRC="www.astlinux.org" >>> >>> ##-or >>> >>> #DMZSRC="169.207.1.3" >>> >>> ##-or >>> >>> #DMZSRC="10.17.69.0/255.255.255.0" >>> >>> ##If your DMZIP is not on INTIF, define the other interface here. You >>> can use >>> >>> ##a real name or another variable from this file. >>> >>> #DMZIPIF="$INT2IF" >>> >>> ##You can also specify a list of ports to bypass your DMZSRC exclusion. >>> >>> ##Use this if you need to connect to a specific service on DMZIP from >>> DMZSRC >>> >>> #NODMZPORTS="t25 t110 t143" >>> >>> ##PPPoE support from Roaring Penguin. If you define PPPOEUSER below, >>> AstLinux >>> >>> ##will run rp-pppoe on your $PPPOEIF. You will also need to set EXTIF >>> to "ppp0". >>> >>> ##PPPoE kernel support >>> >>> ##Experimental, but kernel mode PPPoE cuts down on CPU usage >>> DRASTICALLY and >>> >>> ##improves throughput. Give it a try first, disable if you have >>> problems (and >>> >>> ##make sure to let me know about it. >>> >>> #PPPOEUSER="[EMAIL PROTECTED]" >>> >>> #PPPOEPASS="mypassword" >>> >>> #PPPOEIF="w1ad" >>> >>> PPPOEKERNEL="YES" >>> >>> #PPPOEDEBUG="yes" >>> >>> ### Firewall support. Two firewall scripts are now available. Set that >>> variable >>> >>> ### here. Values are astfw or arno. If not set, defaults to astfw. >>> >>> ### Settings for Arno's firewall should be made by copying the config >>> file from >>> >>> ### /stat/etc/arno-iptables-firewall.conf to /mnt/kd. REBOOT or >>> restart iptables >>> >>> ### If using Arno's firewall, the firewall settings in rc.conf are >>> presently ignored. >>> >>> FWVERS="astfw" >>> >>> ### astfw Firewall (iptables) >>> >>> ##If you have more than one IP on the EXTIF, here is where you >>> configure 1:1 NAT maps >>> >>> ##These have to start at 10!!!!!! (DEPRECATED) >>> >>> #EXTMAP10="192.168.25.11=192.168.1.100" >>> >>> #OPENMAP10="22" >>> >>> ##If you would like to open some ports on your external interface to >>> internal machines >>> >>> ##do that here. As usualy multiple entries can be seperated with spaces. >>> >>> ##In the example - forward external TCP port 222 to 192.168.111.17 port 22 >>> >>> ##and UDP 4569 to 192.168.111.12 >>> >>> #EXTPORTMAP="t222:192.168.111.17:22 u4569:192.168.111.12:4569" >>> >>> ##If you have multiple IP addresses on your external interface and you >>> want 1:1 NAT >>> >>> ##sometimes called binat (bidirectional NAT), define that here. Use >>> spaces for >>> >>> ##multiple address maps. There is no filtering for these, beware! >>> >>> #EXTIPMAP="4.2.2.1:192.168.111.20" >>> >>> ##Default "deny action" - you want either DROP or REJECT (returns with >>> icmp filtered) >>> >>> DENYACT="DROP" >>> >>> ##EXTOPEN >>> >>> ##A list of ports (with protocol) that will be opened on the external >>> >>> #interface to the AstLinux machine. Here you can add access to IAX >>> >>> ##SIP, etc. >>> >>> ##t= tcp u= udp >>> >>> EXTOPEN="t22 t8088 u4569 t80 u5060" >>> >>> ##EXTOPENSRC >>> >>> ##We will allow any traffic from these IP addresses. As usual, >>> multiple entries >>> >>> ##can be specified using spaces. Standard iptables netmask and CIDR >>> notation is >>> >>> ##accepted. >>> >>> #EXTOPENSRC="4.2.2.1 4.2.2.2" >>> >>> ##MASQPORTS >>> >>> ##By default the Linux kernel will attempt to use the same source and >>> destination port >>> >>> ##for a MASQUERADED connection as long as it is above 1023. This >>> option allows you to >>> >>> ##force TCP and UDP connections to always be natted within the range >>> of ports defined. >>> >>> #MASQPORTS="30000-60000" >>> >>> ##NONAT >>> >>> ##By default we do NAT/PAT on all of the internal interfaces. If you >>> don't want to, >>> >>> ##define that here. As usual, multiple arguments can be seperated by >>> spaces. >>> >>> #NONAT="$INT2IF" >>> >>> ##Master NTP server. This is the NTP server that AstLinux will sync >>> against >>> >>> ##upon bootup. It is also the server that the running ntpd process >>> will use >>> >>> ##to maintain that time sync. >>> >>> NTPSERV="us.pool.ntp.org" >>> >>> #NTPSERV="europe.pool.ntp.org" >>> >>> #NTPSERV="north-america.pool.ntp.org" >>> >>> #NTPSERV="south-america.pool.ntp.org" >>> >>> #NTPSERV="asia.pool.ntp.org" >>> >>> #NTPSERV="oceania.pool.ntp.org" >>> >>> #NTPSERV="africa.pool.ntp.org" >>> >>> ##If you would like to specify several servers to be used at the same >>> time, >>> >>> ##you can specify them in NTPSERVS seperated by spaces. >>> >>> #NTPSERVS="ntp1.cs.wisc.edu us.pool.ntp.org" >>> >>> ##Dynamic DNS Support >>> >>> ##For a list of valid DDSERVICE names, see the ouput of "inadyn". >>> >>> #DDSERVICE= >>> >>> #DDUSER= >>> >>> #DDPASS= >>> >>> #DDHOST= >>> >>> ##Netmon Support >>> >>> ##Netmon is a daemon that runs to monitor your internet connection. By >>> default, >>> >>> ##it will try to ping the default gateway of the system. If the >>> gateway cannot >>> >>> ##be reached, netmon will take the action you have defined in your >>> action script. >>> >>> ##/etc/netmon.script and /mnt/kd/netmon.script - if they are executable. >>> >>> ##AND attempt to restart the connection, based on the connection type. >>> >>> ##You can also set the destination address manually, if you wish. >>> >>> #NETMON=YES >>> >>> #CHKHOST="www.google.com" >>> >>> #CHKMETH="ICMP" # ICMP ping >>> >>> #CHKMETH="ARP" #arping (remember uses ARP - layer 2) >>> >>> ##WAN Simulator >>> >>> ##AstLinux is built with nistnet, a great WAN simulator. >>> >>> ##It is supported in the web interface, but you can also use the cnistnet >>> >>> ##command line application. It does interfere with Asterisk operation, >>> so it >>> >>> ##is not loaded by default. Uncomment this variable to enable it. >>> >>> #NISTNET=yes >>> >>> ###Traffic Shaping (AstShape) >>> >>> ##This is typical for a lot of cable ISPs (at least for RR here in >>> Wisconsin...) >>> >>> ##Please change it after some testing, and make sure that it is %90 of >>> your tested >>> >>> ##link speed. This prevents queing that destroys latency - very >>> important for VOIP. >>> >>> ##Disabled by default. Uncomment EXTUP & EXTDOWN to enable... >>> >>> #EXTUP=300 >>> >>> #EXTDOWN=2000 >>> >>> ##VoIP Ports >>> >>> ##Traffic in this port range will automatically be mapped into the >>> VoIP queue. >>> >>> ##Only UDP traffic is marked. Standard iptables syntax is allowed. >>> >>> VOIPPORTS="5060 10000:20000" >>> >>> ##Interactive Ports >>> >>> ##Traffic in this port range will automatically be mapped into the >>> interactive >>> >>> ##queue. TCP and UDP traffic is marked. >>> >>> #INTPORTS="110" >>> >>> ##Shapetype. This defines the qdisc type. AstShape currently supports htb >>> >>> ##(default and well tested) or the new HFSC version (untested). You can >>> >>> ##select which one you'd like here >>> >>> #SHAPETYPE="hfsc" >>> >>> ##low priority OUTGOING traffic - you can leave this blank if you want >>> >>> ##low priority source netmasks >>> >>> NOPRIOHOSTSRC= >>> >>> ##low priority destination netmasks >>> >>> NOPRIOHOSTDST= >>> >>> ##low priority source ports >>> >>> NOPRIOPORTSRC= >>> >>> ##low priority destination ports >>> >>> NOPRIOPORTDST= >>> >>> ###Upgrade Config >>> >>> ##This is a list of pathnames to exclude in an upgrade attempt. # >>> >>> ##The update script will not touch/replace/look in any directory >>> >>> ##specified below. For help you should look at the rsync man pages >>> >>> ##or "rsync --help". >>> >>> ##This does not work and has been replaced by a static /etc/astup.ex >>> (for now) >>> >>> #ASTUPEX="/dev/* /proc/* /mnt/kd/* /tmp/* /stat/* /var/*" >>> >>> ###Service Advertisement >>> >>> ##If you define ADNAME, I will advertise all of the available services on >>> >>> ##your AstLinux machine in a way that is compatible with >>> bonjour/rendezvous. >>> >>> ##THIS IS VERY INSECURE, THIS SHOULD BE THE FIRST THING YOU DISABLE >>> >>> #ADNAME="AstLinux PBX" >>> >>> ###Hardware >>> >>> ##Module options >>> >>> ##If you define this variable, we will automatically generate >>> modprobe.conf >>> >>> ##for you. modprobe reads this file before loading any modules in the OS. >>> >>> ##Format is modulename:option >>> >>> ##As always, you can pass multiple options and modules with spaces. >>> >>> #MODOPTS="wctdm:opermode=UK" >>> >>> ##Autoload Modules >>> >>> ##If /etc/rc.modules does not exist, then I will load these modules upon >>> >>> ##system startup. >>> >>> AUTOMODS="rtc 3c59x typhoon tulip eepro100 natsemi forcedeth >>> >>> 8139cp 8139too via-rhine pcnet32 acenic e1000 ns83820 r8169 tg3 ztdummy" >>> >>> ##LMSensors Modules >>> >>> ##List your hardware modules, seperated by spaces >>> >>> ##You will also need to create a sensors.conf >>> >>> #SENSEMODS="vt1211" >>> >>> ##Zaptel hardware support (NOT Sangoma - use "wancfg") >>> >>> ##These are the modules that will get loaded\unloaded by the Zaptel >>> >>> ##Init script. Please move the zaptel modules from /etc/rc.modules >>> >>> ##or AUTOMODS to here. If you don't have any zap hardware, leave >>> >>> ##this undefined and ztdummy will be loaded automatically. >>> >>> ##Take a look at the MODOPTS variable if you need to pass any options. >>> >>> #ZAPMODS="wctdm" >>> >>> ##Configure watchdog >>> >>> ##The first is the kernel module to load >>> >>> ##Next is the timeout period >>> >>> #WDMODULE=scx200_wdt >>> >>> #WDTIME=60 >>> >>> ##ISDN Configuration >>> >>> ##If this variable exists I will try to load the proper modules, but you >>> >>> ##need to tell me how you want to setup your card. >>> >>> ##Documentation can be found at: >>> http://www.beronet.com/download/card_installation_guide_en.pdf >>> >>> ##More can be found at: >>> http://home.foni.net/~jolly1/download/PBX4Linux-2.5.html >>> >>> ##Don't forget to edit misdn.conf and modules.conf in /etc/asterisk. >>> >>> ##Examples: >>> >>> #ISDN_MODPROBE="hfcpci protocol=0x2 layermask=0xf" >>> >>> #ISDN_MODPROBE="hfcmulti type=0x08 >>> protocol=0x12,0x12,0x12,0x12,0x2,0x2,0x2,0x2 >>> layermask=0x3,0x3,0x3,0x3,0xf,0xf,0xf,0xf" >>> >>> #ISDN_MODPROBE="hfcmulti type=0x04 protocol=0x12,0x12,0x2,0x2 >>> layermask=0x3,0x3,0xf,0xf" >>> >>> #ISDN_MODPROBE="avmfritz protocol=0x2 layermask=0xf debug=0x0" >>> >>> ##IDE Drive configuration >>> >>> ##From 0.2.5.6 onwards, DMA is disabled on the GRUB command line. >>> >>> ##I was having too many problems with motherboards detecting CF's >>> >>> ##as capable of DMA. Now I turn DMA off for eveything except the >>> >>> ##devices listed below. >>> >>> #DMA_DEV="/dev/hdc" >>> >>> ##I/O Scheduler configuration >>> >>> ##The Linux kernel has several I/O schedulers available. >>> >>> ##It is important to optimize everything you can in an embedded system >>> >>> ##AstLinux lets you use this variable to change the I/O scheduler per >>> device >>> >>> ##IOSCHED="hda:noop" >>> >>> ##Blinkenlights >>> >>> ##I have a simple script to make the lights on Soekris/WRAP boards blink. >>> >>> ##It supports a few options. LED_NUM is the number to blink. >>> >>> ##WRAP supports 2 (error), or 3 (extra) - default >>> >>> ##Soekris supports 2 (error) >>> >>> ##LED_TIME is the number of seconds to wait between blinking cycles. 1 >>> is the default. >>> >>> #LED_NUM=3 >>> >>> #LED_TIME=1 >>> >>> ##APC UPS Support via apcupsd >>> >>> ##If you have built AstLinux with apcupsd support, you can monitor and >>> safely shut down >>> >>> ##the system (as well as perform other actions) upon the loss of power >>> when connected to >>> >>> ##a UPS that monitors this. Here you can specify the UPS type and UPS >>> cable. I like >>> >>> ##usb because it is very simple to configure. >>> >>> ##If you are using something OTHER than usb, you can specify the >>> device node to >>> >>> ##communicate with the device using UPSDEVICE. IF YOU ARE USING USB, >>> LEAVE THIS BLANK!! >>> >>> #UPSTYPE="usb" >>> >>> #UPSCABLE="usb" >>> >>> #UPSDEVICE="" >>> >>> ###Misc. AstLinux >>> >>> ##AstBack Configuration >>> >>> ASTBACK_PATHS="/etc/asterisk/* /var/spool/asterisk/voicemail/* >>> /mnt/kd/rc.conf" >>> >>> ##If you use the web interface for backup you CANNOT change the following >>> >>> ASTBACK_FILE="/tmp/backup.tar.gz" >>> >>> ##Custom tmpfs sizes >>> >>> ##here is where you can increase or decrease the size of the various >>> >>> ##tmpfs filesystems. If you set these too large, it is possible for >>> >>> ##the system to use all available RAM, in which case the Linux kernel >>> >>> ##will start randomly killing processes to free up memory. You have >>> >>> ##been warned! >>> >>> #VAR_SIZE="25000k" >>> >>> #TMP_SIZE="10000k" >>> >>> ###Daemons >>> >>> ##Asterisk Manager Proxy >>> >>> ##Here you can define the username and password used to connect to >>> >>> ##the Asterisk manager interface. You will need to make sure that >>> >>> ##the manager is enabled and this username and password are the same. >>> >>> #ASTMANPROXY_USER="admin" >>> >>> #ASTMANPROXY_PASS="password" >>> >>> ##Asterisk Verbose Logging Support >>> >>> ##This will automatically set the verbosity level after Asterisk >>> >>> ##starts up. >>> >>> #ASTVERBOSE="15" >>> >>> ##Asterisk G729 Support >>> >>> ##I added code to the init script to support auto detection and loading >>> >>> ##of different G729 modules based on CPU type. If you don't define this >>> >>> ##variable, Asterisk will just use modules.conf. If you define this >>> >>> ##variable, Asterisk will load the module you specify shortly after >>> >>> ##startup. If you say "auto", the init script will try to detect the >>> >>> ##best module for you and load it automatically. >>> >>> #ASTG729="auto" >>> >>> ##FTP support >>> >>> ##vsftpd no longer starts by default. To start it from inetd, set >>> >>> ##inetd. For standalone mode, set vsftpd >>> >>> FTPD=inetd >>> >>> ##Configure TFTPD support >>> >>> ##Works the same as FTPD above. >>> >>> TFTPD=inetd >>> >>> ##TFTP Server options (flags to pass to TFTP) >>> >>> ##This only works in standalone TFTP server mode >>> >>> #TFTPDOPTIONS="-l -s /tftpboot" >>> >>> ##FTP Server options (flags to pass to vsftpd) >>> >>> ## This only works in standalone vsftpd server mode >>> >>> #FTPDOPTIONS="/etc/vsftpd.conf" >>> >>> ##Use ISC-dhcpd >>> >>> ##Uncomment the following to use ISC dhcpd. If you do this, you will be >>> >>> ##solely responsible for maintaining /etc/dhcpd.conf, and dnsmasq will be >>> >>> ##disabled. Advanced users only! >>> >>> ##YOU WILL NEED ASTLINUX-OPT TO USE ISC-DHCPD! >>> >>> #DHCPDOPTS="eth1" >>> >>> ##Use Bind Named >>> >>> ##Uncomment the following to use BIND. If you do this, you will be >>> >>> ##solely responsible for maintaining /etc/named.conf, and dnsmasq will be >>> >>> ##disabled. Advanced users only! >>> >>> ##YOU WILL NEED ASTLINUX-OPT TO USE NAMED! >>> >>> #NAMEDOPTS="-n1" >>> >>> ##Secondary HTTP only server >>> >>> ##If you set HTTPDIR, I will startup another instance of mini_httpd to >>> >>> ##serve files from that directory. HTTPUSER is the user the server will >>> >>> ##run as. >>> >>> HTTPDIR="/tftpboot" >>> >>> HTTPUSER="nobody" >>> >>> HTTPCGI="no" # yes|no to enable CGI (just like for HTTPS) >>> >>> ##HTTPS Variables >>> >>> HTTPSDIR="/stat/var/www" # Define the location to serve HTTPS from >>> >>> HTTPSCGI="yes" # Whether to enable CGI in the above path >>> >>> HTTPSCERT="/etc/ssl/mini_httpd.pem" # Path to the https certificate >>> >>> HTTPSUSER="root" #user to run HTTPS under >>> >>> ##NTPD Variables >>> >>> #Enable NTP broadcasts to local LAN(s). Use with something like >>> >>> #Tardis (win32) or ntpd (listen mode). >>> >>> #NTPBROADCAST=no >>> >>> ##Static hosts for local resolver + DNSMasq >>> >>> ##This should be a space-seperated list of hostname and IP >>> >>> ##address pairs seperated by colons. Configure as many >>> >>> ##as you wish >>> >>> #STATHOSTS="server1:192.168.1.11 server2:192.168.1.12" >>> >>> ##Remote Syslog Config >>> >>> ##The machine below will receive all logging messages from this >>> machine via >>> >>> ##syslog's remote logging features. >>> >>> #SYSLOGHOST="" >>> >>> ##Persistent Logs >>> >>> ##If this variable is defined, logs are saved to the keydisk instead >>> of RAM >>> >>> #PERSISTLOG=yes >>> >>> ##NFSROOTPATH >>> >>> ##For diskless clients, the path to use for a root filesystem. >>> >>> #NFSROOTPATH="$INTIP:/mnt/kd/nfsroot" >>> >>> ##NFS Server support (read only exports) >>> >>> #NFS_EXPORTS_RO="/tftpboot" >>> >>> ##Read/write >>> >>> #NFS_EXPORTS_RW="/home" >>> >>> ##BOOTPFILE >>> >>> ##For diskless clients, the image to use for booting. >>> >>> #BOOTPFILE="/pxelinux.0" >>> >>> ##OpenSER Support >>> >>> ##If your build was compiled with OpenSER, you can configure that here >>> >>> ##OpenSER will not start until you define a user and group to run under >>> >>> #OPENSERUSER="openser" >>> >>> #OPENSERGROUP="openser" >>> >>> ##rtpproxy support >>> >>> ##If your build was built with rtpproxy support, you can configure the >>> >>> ##listen IP here. This is really only useful if you have OpenSER too >>> >>> ##You can use other variables from this file >>> >>> #RTPPROXY_IP="$EXTIP" >>> >>> #RTPPROXY_SOCKET="udp:127.0.0.1:7890" >>> >>> #RTPPROXY_TOS="0x18" >>> >>> ###Mail Config >>> >>> ##This is the SMTP server that all mail from cron, etc. on this >>> >>> ##system will be sent through. This includes Asterisk VM notifications. >>> >>> SMTP_SERVER="192.168.17.10" >>> >>> ##SMTP_DOMAIN >>> >>> ##The from domain of SMTP messages. >>> >>> SMTP_DOMAIN="sk2.com" >>> >>> ##SMTP_HOSTNAME >>> >>> ##The from hostname of SMTP messages. >>> >>> SMTP_HOSTNAME="sk2" >>> >>> ##If SMTP_TLS is defined, we will use TLS. You should have a trusted >>> cert list and define its location with SMTP_CA. Optionally, you can >>> turn off the certificate verification. This is a security risk! >>> >>> ##to the location of a trusted cert list. >>> >>> #SMTP_TLS=YES >>> >>> #SMTP_CA=/stat/etc/ca.crt # some file >>> >>> #SMTP_CERTCHECK=off >>> >>> ##The username and password for communicating with the SMTP server. >>> >>> #SMTP_USER=username >>> >>> #SMTP_PASS=password >>> >>> ##The SMTP login method (plain or login are supported) >>> >>> SMTP_AUTH=plain >>> >>> ##SMTP port to connect to SMTP_SERVER on. Defaults to 25 >>> >>> SMTP_PORT="25" >>> >>> ##SSHD Config >>> >>> #SSHDPORT=22 >>> >>> ##Allow sshd root logins? Yes or no are acceptable. >>> >>> #SSHDROOT=yes >>> >>> ###VPN Support >>> >>> ##AstLinux currently supports two types of VPN - racoon/KAME and >>> >>> ##openvpn. Set your type here, more to come... >>> >>> #VPN=openvpn >>> >>> ##OpenVPN specific options >>> >>> ##All certs must be created manually. >>> >>> ##Suggest using the "easy-rsa" scripts that come with OpenVPN >>> >>> ##Perhaps on different machine, then copy the appropriate files >>> >>> ##Hopefully these can be created with a web interface in the future. >>> >>> ## NOTE: if you are using astlinux in pbx only mode, you must enable >>> ip_forwarding >>> >>> ## Both astfw and arno's firewall do this for you. >>> >>> ##VPN above must be openvpn >>> >>> #OVPN_DEV="tun" >>> >>> #OVPN_PORT="1194" >>> >>> #OVPN_PROTOCOL="udp" >>> >>> #OVPN_CA="/etc/openvpn/easy-rsa/keys/ca.crt" >>> >>> #OVPN_CERT="/etc/openvpn/easy-rsa/keys/server.crt" >>> >>> #OVPN_KEY="/etc/openvpn/easy-rsa/keys/server.key" >>> >>> #OVPN_DH="/etc/openvpn/easy-rsa/keys/dh1024.pem" >>> >>> #OVPN_SERVER="192.168.15.0 255.255.255.0" >>> >>> #OVPN_VERBOSITY="1" >>> >>> #OVPN_PUSH1="route 192.168.0.0 255.255.255.0" >>> >>> #OVPN_PUSH2="" >>> >>> #OVPN_PUSH3="" >>> >>> #OVPN_PUSH4="" >>> >>> #OVPN_OTHER1="" >>> >>> #OVPN_OTHER2="" >>> >>> ## Enable LZO compression on thevpn yes|no >>> >>> ## Requires additional cpu resources >>> >>> #OVPN_LZO="yes" >>> >>> ##Stunnel support. If your AstLinux build has been built with >>> >>> ##Stunnel, you can setup local stunnel connections here like so: >>> >>> ## "astlinux listening port:remote server:remote port" >>> >>> ##Seperate multiple tunnels with spaces >>> >>> ##Don't forget to open the external port with EXTOPEN! >>> >>> #STUNNELSERVS="8443:192.168.111.11:80 993:mailserver:143" >>> >>> ##Custom stunnel cert. By default we use the same cert as >>> >>> ##mini_httpd. >>> >>> #STUNNELCERT="/mnt/kd/stunnel.pem" >>> >>> ##Stunnel user/group id. By default we will run stunnel as nobody >>> >>> ##this is fine unless you need to run as some other user because >>> >>> ##you need to bind to a port > 1023, etc. You will also need to >>> >>> ##have a group by the same name. >>> >>> #STUNNELUSER="nobody" >>> >>> ###Vendor Tweaks >>> >>> ##ISSUE is what is presented on running gettys (console) >>> >>> ISSUE="This is \n\ (\s \m \r) \t" >>> >>> ##/etc/issue.net is used by SSHD, more to come >>> >>> NETISSUE="WARNING!!! >>> >>> This system is solely for the use of authorized users for official >>> purposes. >>> >>> You have no expectation of privacy in its use and to ensure that the >>> system >>> >>> is functioning properly, individuals using this computer system are >>> subject >>> >>> to having all of their activities monitored and recorded by system >>> >>> personnel. Use of this system evidences an express consent to such >>> >>> monitoring and agreement that if such monitoring reveals evidence of >>> >>> possible abuse or criminal activity, system personnel may provide the >>> >>> results of such monitoring to appropriate officials." >>> >>> ##Upgrade URL >>> >>> ##Make it easier to do your own build by specifying your own upgrade URL >>> >>> ##here. Astup will use this server instead of the default. >>> >>> #ASTUPURL="http://mirror.astlinux.org/runnix"; >>> >>> ##Auto upgrade? >>> >>> ##If you specify AUTOUP, astup will not ask for confirmation when you run >>> >>> ##it. >>> >>> #AUTOUP=yes >>> >>> ##Runnix Device >>> >>> ##For now, you need to specify the flash device that runnix is >>> installed on >>> >>> #RUNDEV=/dev/hda1 >>> >>> ##AstLinux Extensions >>> >>> ##If you wish, you can enable some add-on extensions. These may be >>> >>> ##commercial products that require a license. You shouldn't touch >>> >>> ##this unless you know what you are doing, or have been told to. >>> >>> #EXTENSIONS="pbxware" >>> >>> ## End rc.conf ## >>> >>> sk2 kd # >>> >>> ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
