OK. First you need to get the SSL authentication working on homer and this
can be best verified by logging into homer and trying to do a 'vsdadm
vs_details homer.office.fubra' at the command prompt. You do not need to
execute vsboot on homer as it is not intended to host virtual servers. If
your vs_details command does not work you need to 'tail var/log/messages' to
see if there is any information. Anything cryptic and strange about files
not being found is probably an SSL error that a file was not located. You
need the following files in place on homer.office.fubra:
/usr/local/etc/vsd/ca/cacert.pem, /usr/local/etc/vsd/crl.pem,
/usr/local/etc/vsd/certs/homer.office.fubra.crt and
/usr/local/etc/vsd/certs/homer.office.fubra.key (possibly even
/usr/local/etc/vsd/certs/cacert.pem)
These files should come from the machine you have established as your VSD CA
server. I know the directory structure is a bit strange, the problem is
fixed in the latest sources (where all locations are dictated by
openssl.cnf) but I suspect you are using 1.4.8 so it will be expecting the
locations I describe above.
If your vs_details command is still not working you are going to need some
more information so add the '-p local6 -l 4' switch to the svsd entry in
inetd.conf, send a SIGHUP, and define local6 in syslog.conf, ie
'*.info;mail.none;news.none;authpriv.none;local6.*
/var/log/messages' and again SIGHUP. This should give you some syslog
information on the certficates being used in authentication. If there is
still nothing pointing you in the right direction (pass on any errors which
you cannot fathom) build libvsd and vsd with debug (add -DDEBUG to the
CFLAGS in the respective Makefile's and rebuild).
Also, I am sure you are aware of the complications which can ensue if your
hostname does not correspond to the true FQDN of your machine - so check the
output of the hostname command on homer and consult the mailing list
archives for Damions's explanations of what is going on...
Actually, rereading your post it sounds like the problem is more basic -
check your /etc/services and /etc/inetd.conf and try to get something
listening on port 1726... bear in mind that a reboot seldom does any harm...
Tim
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Ben Kennish
> Sent: 18 June 2001 10:59
> To: [EMAIL PROTECTED]
> Subject: mod_BIND
>
>
> Dear all,
>
> We are attempting the following...
>
> We have a host called homer.office.fubra who is already a functioning
> DNS. I want to install FreeVSD on this but not to create VSs on it; I
> want to allow chiefwigham.office.fubra (who is host to our test VSs) to
> talk to homer and ask it to add entries to its resource records so that
> I can add an entry to my script to allow resolution of new VS domain
> names to their IPs.
>
> But I'm having problems. I've set up freeVSD on homer (openSSL ver.
> from source.) I've created certs for it and copied with .crt and .key
> files to chiefwigham. After running vsd-install and checking
> inetd.conf, I run vsboot --start. It says...
>
> start all VSes: stage [1]
> start all VSes: stage [2]
>
> But netstat -nat doesn't show it listening on port 1726 (secure freeVSD
> port). And trying to run a vsdadm bind_addvs on chiefwigham gives a
> "connection refused" message.
>
> Any ideas anyone? Thanks in advance,
>
> --
> Ben Kennish
>
> e: [EMAIL PROTECTED]
> w: www.fubra.com
------------------------ The freeVSD Support List -------------------------
Join: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support
Remove: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support
Archives: http://freevsd.org/support/mail-archives/freevsd-support
---------------------------------------------------------------------------
