Linux-Networking Digest #886, Volume #9 Fri, 15 Jan 99 07:13:32 EST
Contents:
experience w. ASIX AX88140 ([EMAIL PROTECTED])
Re: Linux Samba Domain Controller Server Problem (Martin Dworak)
Broadcast storms ("Jean Nieukoop")
Re: NIS + KDE login (Thorsten Kukuk)
Re: YPBINDPROC_DOMAIN: No bound server for domain (Thorsten Kukuk)
pppd resetting cua1 permissions! (Mark Giesbrecht)
Re: PACE MODEM (Raymond Doetjes)
Re: Linux as a simple file sharing device? (bhd)
demand dialling not supported in kernel driver... (Mark Giesbrecht)
linux to windows (or any other client) networking: an idea ("Josh Toon")
two network cards ("steve")
Re: You won't crack this one... (Troutman)
Re: mailserver ("Jonas")
Re: ppp (Sjoerd Krol)
Re: Firewall throughput? (Raymond Doetjes)
Re: Standleitung (Analog mit Modems) (Michael Lausch)
IP Tunneling ("Noone")
Adding Static Routes ??? Please ! ("test")
Re: Help! Ethernet problem II (still no clue) (Stuart R. Fuller)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: experience w. ASIX AX88140
Date: 15 Jan 1999 09:02:26 GMT
Hi,
currently there are cheap no-name PCI cards in germany showing up, based
on ASIX AX88140 and transceiver chip Davicom DM9101F. The AX chip
seems to be supported by the Linux tulip driver (at least it is listed
in the source of v0.89H) being a DEC 21140 clone.
Does anyone have experience with cards based on this chip?
Does it run stable on 100 Mbit/s ?
Thanks in advance,
Michael Taeschner
German Aerospace Center (DLR) Braunschweig
Institute of Structural Mechanics PGP-key: 1024/1191E2CD
Structural Analysis Section http://www.dlr.de/~taeschner/
------------------------------
From: Martin Dworak <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.smb
Subject: Re: Linux Samba Domain Controller Server Problem
Date: Thu, 14 Jan 1999 18:28:46 +0100
If you use the entry "security = server", the pwd will be validated by a NT-Server.
If you want to do this you have to specify the server with the following entry:
password = servername
------------------------------
From: "Jean Nieukoop" <[EMAIL PROTECTED]>
Subject: Broadcast storms
Date: 15 Jan 1999 10:01:29 GMT
I'm having serious problems with broadcast storms originating from a Linux
PC.
It happens on bootup and every hour after that. Lasts only for a few
seconds but enough to cause major problems.
The PC is a Fujitsu X364 with a build in Intel Etherexpress Pro 10/100. The
driver is v0.99c 5/31/98 Donald Becker eepro100. Linux is Suse 5.3.
I haven't done anything network related yet, just did a default
installation of Linux and told him my ip-adres, subnetmask etc. During the
installation I was asked if I wanted to load something at boot that was
necessary if Linux was to become a NFS server at some time. Answered OK to
that. Also, an Apache WWW server seems to be started at boot. As far is I
can see everything should be in it's default state.
I did start a the KDE newsreader once and managed to contact our corporate
newsserver so the IP-stack seems to be working. Using the network like this
doesn't seem to be causing any more trouble than just having the PC
running.
What could be the problem here ? Is there a newer version of the ethernet
driver ? Any help appreciated.
------------------------------
From: Thorsten Kukuk <[EMAIL PROTECTED]>
Subject: Re: NIS + KDE login
Date: 15 Jan 1999 09:17:40 GMT
Claus Gebert <[EMAIL PROTECTED]> wrote:
> Hi!
> I just set up a network between 2 computers (SuSE Linux 6.0 on them).
> One is set up as a NFS and NIS server, the other as client. On the
> client everything looks fine. However I have a little problem on the
> server. I have a graphical login (the KDE login) and there one can click
> on the users that can log in. But on the server they appear twice! I
> guess this is because it first looks in its own /etc/passwd, and then
> asks the server. This isn't that much of a problem for me, but not very
> nice either. Does anyone know, if I did something wrong, or is this
> maybe a bug in the KDE login?
> BTW, I tried to remove that last line int the /etc/passwd of the server
> (+::::::) but nothing changed.
You have configure your /etc/nsswitch.conf wrong. You could use
passwd: files nis
then you need to remove the + at the end of /etc/passwd, or
you should use
passwd: compat
Please read man nsswitch.conf
Thorsten
--
Thorsten Kukuk [EMAIL PROTECTED] http://home.pages.de/~kukuk/
SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg
Linux is like a Vorlon. It is incredibly powerful, gives terse,
cryptic answers and has a lot of things going on in the background.
------------------------------
From: Thorsten Kukuk <[EMAIL PROTECTED]>
Subject: Re: YPBINDPROC_DOMAIN: No bound server for domain
Date: 15 Jan 1999 09:14:59 GMT
Hello,
David Steuber <[EMAIL PROTECTED]> wrote:
> Thorsten Kukuk <[EMAIL PROTECTED]> writes:
> -> Hello,
> ->
> -> David Steuber <[EMAIL PROTECTED]> wrote:
> -> > I keep seeing the following error message:
> ->
> -> > YPBINDPROC_DOMAIN: No bound server for domain david-steuber.com
> ->
> -> > I don't know what it means or what to do about it. Any ideas?
> ->
> -> Please write the next time, which Linux Distribution or libc you
> -> are using. It seems, you use RH 5.0 with an broken glibc version.
> -> Update your glibc to a 2.0.7-xx version.
> I'm using SuSE 5.3 which is a Lib5 system.
> Isn't there some configuration somewhere I have wrong?
The first question is: Do you wish to use NIS ? If not, disable
starting of ypbind, don't set an domainname, and remove the
/var/yp/binding directory. If you wish to use NIS, make sure that
ypserv is running before ypbind is started, and that ypbind could
always find a NIS server. And that the NIS server doesn't have a
high load, the ypbind 3.3 timeout is very short.
Thorsten
--
Thorsten Kukuk [EMAIL PROTECTED] http://home.pages.de/~kukuk/
SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg
Linux is like a Vorlon. It is incredibly powerful, gives terse,
cryptic answers and has a lot of things going on in the background.
------------------------------
Date: Thu, 14 Jan 1999 10:51:46 -0700
From: Mark Giesbrecht <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: pppd resetting cua1 permissions!
Hey all,
I'm perplexed. I'm running RH5.1 kernel 2.0.34, and recently upgraded
from ppp-2.2.0f to ppp-2.3.5, and ever since then, my /dev/cua1 gets
it's permissions reset to :
crwxr-xr-x 1 root users 5, 65 Jan 14 09:19 /dev/cua1
after two or three (perfect) connections.
Now, I'm the only one on the machine (except my wife), so I'm not too
worried about having crwxrwxr on cua1. Has anyone had this problem? I
alternate between wvdial and /etc/ppp/ppp-on (standard scripts that
worked flawlessly before the upgrade).
Why upgrade? I wanted to try demand dialling, and I read that I
needed at least ppp-2.3.4. Go figure. Any comments or help would be
appreciated.
Ciao for now,
Mark
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Subject: Re: PACE MODEM
Date: Thu, 14 Jan 1999 17:21:30 +0100
This is a multi-part message in MIME format.
==============A407961EE9CDBE5A31607F31
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
This depends on how you like to do it and wich distribution you've got.
With RedHat you can configure a ppp device in the network installation tool.
With SuSE you can do it from the YaST manager
and with de KDE desktop you can you kppp
And the real die hards just read the man pages on pppd and chat.
Raymond
J.A Nothling wrote:
> I have a Pace modem 28.8 v34 external.
>
> it is connected to cua1. Minicom communicates fine, but what do I have to do
> to get it connectted to my ISP so that I can surf with Netscape Navigator?
>
> Regards
> J.A Nothling
==============A407961EE9CDBE5A31607F31
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Raymond Doetjes
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Raymond Doetjes
n: Doetjes;Raymond
org: SYNAPSES IT
adr: Overijsselhaven 47;;;Nieuwegein;Utrecht;3433 PH;The Netherlands
email;internet: [EMAIL PROTECTED]
title: programmeur VAB
tel;work: 030 6066411
tel;fax: 030 6067871
x-mozilla-cpt: ;0
x-mozilla-html: FALSE
version: 2.1
end: vcard
==============A407961EE9CDBE5A31607F31==
------------------------------
From: bhd <[EMAIL PROTECTED]>
Subject: Re: Linux as a simple file sharing device?
Date: Fri, 15 Jan 1999 10:28:32 +0100
Hi Brian,
linux is definitely the answer, but be aware, installing these boxes in
your own company would avoid a lot of overhead. In my opinion it only needs
to have one persons who should install the "black box". And then you have
erything under our own control.
As a experience of my work, it is even better to have all the components
you want to ship in one hand. Otherwise you will get lot's of Problems with
third party companies.
Benedikt
===============================================================================
Name : Dr. Benedikt Haas-Deppe
Company : Genossenschaftliches Rechenzentrum Frankfurt GmbH
Address : Hahnstra�e 46, D-60528 Frankfurt am Main
Phone : +49 69 7447 5490
Fax : +49 69 7447 5599
E-Mail : [EMAIL PROTECTED]
__o
_`\<,_
==============================(_)/
(_)----------------------------------------
------------------------------
Date: Thu, 14 Jan 1999 10:56:52 -0700
From: Mark Giesbrecht <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: demand dialling not supported in kernel driver...
Hey all,
I'm trying to get demand dialling going on my RH5.1. (2.0.34 installed
kernel) I followed the howto from http://www.nic.com/~cannon/Linux and
am having one problem. Within my options file as:
demand
idle 60
ipcp-accept-remote
ipcp-accept-local
lock
noauth
defaultroute
user giesbrej
remotename cadvision.com
modem 115200 crtscts
connect '/usr/sbin/chat -v -f /etc/ppp/call-isp'
Once I try /usr/sbin/pppd :10.0.0.2, I get an error stating:
/usr/sbin/pppd : demand dialling not supported in kernel driver 2.2.0.
I'm confused, as I'm using ppp-2.3.5 (upgraded rpm from 2.3.3-4).
Anyone have any ideas?
Mark
------------------------------
From: "Josh Toon" <[EMAIL PROTECTED]>
Subject: linux to windows (or any other client) networking: an idea
Date: Thu, 14 Jan 1999 11:56:04 -0600
Instead of reverse engineering native windows networking to work with Linux
why not develop a native windows networking client like the NetWare client
or the Microsoft Networking client for Linux. WindowsNT and 98 both have
installable networking redirectors. If you could have a native system client
(I guess it could be on any OS that supports these kind of things which
would be most) then developers in the public domain could use best of breed
authentication services as they are developed in the universities. NT won't
support Kerberos until the next release, but when was kerberos developed?
Active directory and NDS support LDAP, but how much better would it be if
there was a completely open source way to do the same things and no one had
to wait for IBM or Microsoft or Novell to decide how they will implement
public standards. Microsoft already gets paid on the actual station
license, why pay them for CAL's too? (do they deserve it? I personally don't
think so. Licensing for the NT product family really drives me nuts.)
I truly wish there was a way that I could use my NT workstations and
completely remove MS and Novell from the backend. NDS is by far better than
anything that MS has to offer but it is still under Novell's control. Any
time that some one is making money from these things their vested interest
doesn't necessarily mean better technology, it's answering to shareholders.
All of the pieces are at least partially there. (in experimental form in
some cases)
It would be great if you could make Linux the cornerstone of the network
instead of integrating it with antiquated proprietary technology.
If anyone is interested please email me directly at
mailto:[EMAIL PROTECTED]
I'm not a programmer, but I would like to help however I can. (web hosting,
testing, page maintenance..etc)
------------------------------
From: "steve" <[EMAIL PROTECTED]>
Subject: two network cards
Date: Thu, 14 Jan 1999 11:43:43 -0600
I am trying to get two network cards running in my box but the second card
is not working gives error 3c509.0 io not found
Thanks Steve
------------------------------
From: Troutman <[EMAIL PROTECTED]>
Subject: Re: You won't crack this one...
Date: Thu, 14 Jan 1999 10:02:03 -0500
Reply-To: [EMAIL PROTECTED]
Martin Edelius wrote:
> When I came back to my office I hooked up the Linux box to our network and
> nothing happens. It boots without any problems but it's absolutely dead as
> far as networking is concerned.
Maybe a bad ethernet card driver. Try a new card.
------------------------------
From: "Jonas" <[EMAIL PROTECTED]>
Subject: Re: mailserver
Date: Fri, 15 Jan 1999 11:36:21 +0100
Use fetchmail to collect the mail.
Use a pop3 server to deliver mail to the clients. If you are using redhat
it's in the imap rpm.
/Jonas
------------------------------
From: Sjoerd Krol <[EMAIL PROTECTED]>
Subject: Re: ppp
Date: 14 Jan 1999 13:21:15 GMT
B Phillips <[EMAIL PROTECTED]> wrote:
: Just installed RedHat 5.2 and can connect to my ISP, but can't ping anything
: out on the Net. It seems that my ethernet card is setup as the default
: route.
: How do I set ppp0 as the default? I know I did it on my 4.1 installation,
: but don't remember and haven't been able to find in the docs.
Just remove the default route before connecting to your ISP. With the right options
for pppd (defaultroute) it will add the default route to the ppp interface when it's
up and running.
You can also remove the default route from /etc/rc.d/rc.inet1 if you want.
Greetings,
Sjoerd
+-------------------------------------------------------+
| E-mail : [EMAIL PROTECTED] |
| [EMAIL PROTECTED] |
| World Wide Web : http://web.inter.NL.net/users/S.Krol |
+-------------------------------------------------------+
Modesty: the gentle art of enhancing your charm by pretending
not to be aware of it.
-- Oliver Herford
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Subject: Re: Firewall throughput?
Date: Thu, 14 Jan 1999 18:12:53 +0100
This is a multi-part message in MIME format.
==============D499ABDBBB2C077C7F3E8B12
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
A 486 can do the job easily for a 100% loaded 10 Mb netwoksegment. Since
you only need to check very small pieces of data at a time. (Just the IP
header). I think when you are talking about a 100% loaded 100Mb/sec network
that you need a P133. In the so called "real" firewalls there are small
CPU's like a 68000 doing that job.
So no problem at all.
Raymond
Raymond
Chris Goebel wrote:
> We are currently using a PC w/linux as our corporate firewall and the
> question came
> up about throughput.
>
> How big a pipe can you connect to a PC before you have a problem?
> How small a PC can you use for packet filtering? Application filtering?
>
> Chris Goebel
> [EMAIL PROTECTED]
==============D499ABDBBB2C077C7F3E8B12
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Raymond Doetjes
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Raymond Doetjes
n: Doetjes;Raymond
org: SYNAPSES IT
adr: Overijsselhaven 47;;;Nieuwegein;Utrecht;3433 PH;The Netherlands
email;internet: [EMAIL PROTECTED]
title: programmeur VAB
tel;work: 030 6066411
tel;fax: 030 6067871
x-mozilla-cpt: ;0
x-mozilla-html: FALSE
version: 2.1
end: vcard
==============D499ABDBBB2C077C7F3E8B12==
------------------------------
From: Michael Lausch <[EMAIL PROTECTED]>
Crossposted-To:
de.comp.os.unix.linux.hardware,alt.os.linux,alt.sex.fetish.linux,at.linux,fido.ger.linux,fido.linux-ger,maus.os.linux,de.comp.os.unix.linux.misc,de.comp.os.unix.linux.newusers
Subject: Re: Standleitung (Analog mit Modems)
Date: 15 Jan 1999 12:06:06 +0100
>>>>> "db" == Detlef Bosau <[EMAIL PROTECTED]>
>>>>> wrote the following on 14 Jan 1999 21:39:00 +0200
db> [EMAIL PROTECTED] meinte am 14.01.99
db> zum Thema "Re: Standleitung (Analog mit Modems)":
>>
>> Detlef,
>>
>> da ich einer von solchen bin, die ihren (vernetzten)
>> Linux-Rechner mit ipfwadm geschuetzt haben (oder zumindest
>> dachten es gemacht zu haben :-) ), waere ich Dir dankbar, wenn
>> Du mir die Referenz auf ein Artikel/Text/Howto geben koenntest,
>> in dem beschrieben ist warum ein mit ipfwadm eingerichtetes
>> Filter keinen Schutz anbietet.
>>
>> Gott, was fuer ein langer Satz! :-)
>>
>> Cheers, alex.
db> Nun, es ist ganz einfach.
db> Du kannst mit ipfwadm statische Regeln konfigurieren, z.B. dass externe Rechner
db> nicht auf die reservierten Dienste (<1024) in Deinem Firmennetz
db> zugreifen koennen. Umgekehrt kannst Du konfigurieren, dass Deine
db> internen Rechner nur auf bestimmte, reservierte, Dienste
db> nach aussen zugreifen koennen.
db> Du kannst gewisse Ports fuer gewisse Rechner sperren. Aber letztlich nur
db> statisch.
db> Nun damit Dein Netz plattzukriegen, ist schon mit einem ganz
db> simplen Sync-Attack moeglich. Sobald Du auch nur einen einzigen
db> Port fuer Deine internen Rechner statisch freigibst, kannst Du
db> von aussen mit Sync-Paketen den Rechner zuballern bis zum Abwinken.
Sync packete kommen nicht durch, nur Sync Packete mit Ack bit (-k
option vom ipfwadm) und dann kmmot sofort ein RST zurueck. Von aussen
kann ich den rechner nur dann "zuballern bis zum Abwinken", wenn die
bandbreite am "aussen/dirty" interface ausreicht. Meist ist aber die
nach externe bandbreite (standleitung) sowieso geringer als die
interne. Also kann ich die externe leitung auch mit UDP packeten
zumachen, ausser mein _backbone_ provider filtert auf senem router
(was er sicher nicht machen wird).
Gegen Sync attacken generell hilft die Syn Cookie option beim kernel
konfigurieren.
Weiters macht die `masquerading' option des iopfwadm genau dieses
dynamische erlauben von verbindung, von dem du behauptest das kann
ipfwadm nicht.
--
Michael Lausch/g.a.m.s. edv dienstleistungen gmbh
See my web page <http://www.lausch.at/> or query PGP key server for PGP key.
"Reality is that which, when you stop believing in it, doesn't go away".
-- Philip K. Dick
------------------------------
From: "Noone" <[EMAIL PROTECTED]>
Subject: IP Tunneling
Date: Thu, 14 Jan 1999 12:02:06 -0600
Greetings!
Here's an excellent challenge....I have two LINUX boxes set up as firewalls
to my network. We are switching over to NT with Exchange as our email
server.
What I want to do is set it up so that my NT box is behind the firewall but
taht POP3 clients can access their email. My solution is to set up IP
Tunneling between my NT box and my Linux box.
Has anyone ever done this? Does anyone know where I can get more
information? I have consulted the /usr/src/linux/drivers/net/README.tunnel
file. It is kinda cryptic though.
Thanks for any help!
Patty Calcaterra
[EMAIL PROTECTED]
------------------------------
From: "test" <[EMAIL PROTECTED]>
Subject: Adding Static Routes ??? Please !
Date: Fri, 15 Jan 1999 11:01:26 +0100
Ok. I have a Classe A Network with tcp/ip :
Network 1 : 77.0.0.0 with Netmask 255.0.0.0
I have a linux machine on this network, i can ping all machine.
I have a other network with 2 routers.
Network 2 : 71.0.0.0 with Netmask 255.0.0.0
But on my linux machine, i can't ping the network 71.0.0.0...
because it doesn't have the route...
I add the route manually : route add 71.0.0.0 netmask 255.0.0.0 gw
77.73.80.241
and then, It work fine i can ping any machine on 71.0.0.0 but after i few
moment
the machine lose the route to 71.0.0.0 !!
What is wrong, how can i put the route static ???
I use the Redhat distribution.
thank's a lot.
Fran�ois VINCENT.
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Stuart R. Fuller)
Subject: Re: Help! Ethernet problem II (still no clue)
Reply-To: [EMAIL PROTECTED]
Date: Thu, 14 Jan 1999 17:00:02 GMT
Kyle J. Lee ([EMAIL PROTECTED]) wrote:
: This is what i get if type "ifconfig eth0":
: eth0 Link encpa:Ethernet HWaddr 00:08:C7:8C:AD:06
: inet addr: xxx.xxx.xxx.xxx Bcast: xxx.xxx.xxx.xxx Mask:
: 255.255.255.0
: UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
: RX packets:0 errors:0 dropped:0 overruns:0
: TX packets: 1603 errors: 0 dropped:0 overruns:0
^^^^
The non-zero error count on TX packets might have something to do with this.
Does your card have multiple connectors on the back (RJ45, BNC, AUI)? If so,
is it configured to use the connector that you have plugged the wire into?
Stu
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
