Re: routing problem

[Jeremy Ardley]

On 22/3/21 5:17 am, Dan Ritter wrote:

ghe2001 wrote:

There are 2 computers on my LAN.  I'll call one Fast and the other Slow.  When 
I, for example, type ping www.cbs.com, Fast pings right away, Slow pauses for 
about 5 seconds ('time' says that).  When I ping something in /etc/hosts, both 
start right away.  On Slow, 'route' takes the 5 second pause, but 'route -n' is 
fast.  On Fast, both are equally snappy.


You have just described a DNS lookup problem.

-dsr-



in particular

cat /etc/resolv.conf

on each machine and then use

dig @ google.com

One or more of the digs will be slow on the slow machine telling you 
where your DNS problems are


I'd suggest copying /etc/resolv.conf from the fast machine to slow 
machine, but it's often overwritten by abominations such as NetworkManager


--
Jeremy



OpenPGP_signature
Description: OpenPGP digital signature

Re: routing problem

[Dan Ritter]

ghe2001 wrote: 
> There are 2 computers on my LAN.  I'll call one Fast and the other Slow.  
> When I, for example, type ping www.cbs.com, Fast pings right away, Slow 
> pauses for about 5 seconds ('time' says that).  When I ping something in 
> /etc/hosts, both start right away.  On Slow, 'route' takes the 5 second 
> pause, but 'route -n' is fast.  On Fast, both are equally snappy.
> 

You have just described a DNS lookup problem.

-dsr-

routing problem

[ghe2001]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Debian GNU/Linux (Buster)

There are 2 computers on my LAN.  I'll call one Fast and the other Slow.  When 
I, for example, type ping www.cbs.com, Fast pings right away, Slow pauses for 
about 5 seconds ('time' says that).  When I ping something in /etc/hosts, both 
start right away.  On Slow, 'route' takes the 5 second pause, but 'route -n' is 
fast.  On Fast, both are equally snappy.

It didn't used to be that way.  They both used to be snappy.  And I can't 
figure out why.

Routing tables:

Fast:

route
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
default 10.200.184.254  0.0.0.0 UG0  00 enp8s0
localnet0.0.0.0 255.255.255.0   U 0  00 enp8s0
216.17.134.00.0.0.0 255.255.255.0   U 0  00 enp7s0

route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
0.0.0.0 10.200.184.254  0.0.0.0 UG0  00 enp8s0
10.200.184.00.0.0.0 255.255.255.0   U 0  00 enp8s0
216.17.134.00.0.0.0 255.255.255.0   U 0      0    0 enp7s0

Slow:

route
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
default 10.200.184.254  0.0.0.0 UG0  00 eth0
10.200.184.00.0.0.0 255.255.255.0   U 0  00 eth0
link-local  0.0.0.0 255.255.0.0 U 1000   00 eth0
216.17.134.00.0.0.0 255.255.255.0   U     0  00 eth0

route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
0.0.0.0 10.200.184.254  0.0.0.0 UG0  00 eth0
10.200.184.00.0.0.0 255.255.255.0   U 0  00 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000   00 eth0
216.17.134.00.0.0.0 255.255.255.0   U 0  00 eth0

(169.254.0.0 in IANA -- no idea why that's in there.  It's not mentioned in 
/etc/network/interfaces.)


Both these are built by the same version of the OS on boot.  Why they're 
different, I have no idea -- Fast has 2 Ethernet holes, Slow has 1 (configured 
as eth0 and eth0:1 to get to the 2 nets).  I've tried removing the link-local 
line from the Slow's table -- doesn't seem to make any difference.

Other than routing, Slow (with i5 CPU, DDR4 RAM, same clock speed) runs circles 
around Fast.

--
Glenn English


-BEGIN PGP SIGNATURE-
Version: ProtonMail

wsBzBAEBCAAGBQJgV7EKACEJEObKK1bRaqt3FiEExEbtoeXBeE9fruv35sor
VtFqq3dWDQgAtpKNGULtszPvWr6Gk9k0ZdPngzUf7zlNNpKLob9H8RgsWOYJ
i7zwPNp4sL8mRce24wIJGDukln40JLSSWp6QMbtHtdpVM54anmF7VWRihqFJ
l2+tUxcVeLb6wG5m/x5ly1OnSs4C7oHbQAntON1O4q51sn/5egiLMaIypBsY
CzmbH/GuBM+cmr8vBc2HHq8CA16gD5CzUvYHKlyeN58OWUvQcrTjnMveYZ+I
Z1dFIYT+9vLV+dVlvpAhYIUbhwYW1hP6QhdeVKHGaLjV+zu8cEov0kQhhFtH
J0m7yVmp681Xzxp2dCvrjLW7u6duPCLyqb94z/xX+UJyJ551gjf/OQ==
=MuPr
-END PGP SIGNATURE-

Re: Multiple routing tables

[deloptes]

Vincenzo Villa wrote:

> It seem a sort of cache, but no effect with ip route flush or ip rule
> flush.

look at arp 

Re: Multiple routing tables

[Zoltán Herman]

Hi,

you need restarting network service or/and network-manager.

Vincenzo Villa  ezt írta (időpont: 2020. júl.
9., Cs 22:12):

> Hi all
>
> I have a router (Buster) with two Internet connection. Some workstation
> use the first connection, others the second one, based on their private
> IP address.
>
> I have two routing tables and some rule to select actual route. For
> example:
> ip route add 192.168.111.0/24 dev ens192 table ISPB
> ip route add default via 192.168.111.254 table ISPB
> ip route add 192.168.10.0/24 dev ens256 table ISPA
> ip route add default via 192.168.10.1 table ISPA
> There is also the main routing table with gateway
> It work  fine.
>
> If I change rules or delete a table, routing stop to work for some
> application (ping, traceroute) but it still works with other (http,
> after a short hang). Sometime routing works again restarting
> workstation application. There is no firewall rules.
>
> It seem a sort of cache, but no effect with ip route flush or ip rule
> flush.
>
> Thanks
>
> --
> Vincenzo Villa
> www.VincenzoV.net
>

Multiple routing tables

[Vincenzo Villa]

Hi all

I have a router (Buster) with two Internet connection. Some workstation
use the first connection, others the second one, based on their private
IP address.

I have two routing tables and some rule to select actual route. For
example:
ip route add 192.168.111.0/24 dev ens192 table ISPB
ip route add default via 192.168.111.254 table ISPB
ip route add 192.168.10.0/24 dev ens256 table ISPA
ip route add default via 192.168.10.1 table ISPA
There is also the main routing table with gateway
It work  fine.

If I change rules or delete a table, routing stop to work for some
application (ping, traceroute) but it still works with other (http,
after a short hang). Sometime routing works again restarting
workstation application. There is no firewall rules.

It seem a sort of cache, but no effect with ip route flush or ip rule
flush.

Thanks

-- 
Vincenzo Villa
www.VincenzoV.net

Re: iptables, routing problems

[Richard Hector]

On 17/12/19 5:06 pm, Richard Hector wrote:
> Hi all,
> 
> I've got a networking issue that's confusing me.

Got it, I think.

I had previously been applying rules before switching to iptables-legacy
- so I'd been adding nftables rules. Then I switched, without flushing
(or rebooting), so both rulesets were in effect.

I had thought that both were interfaces to the same internal stuff, so
hadn't realised that iptables -F wouldn't flush nftables rules (or even
thought about it, really).

Richard



signature.asc
Description: OpenPGP digital signature

iptables, routing problems

[Richard Hector]

Hi all,

I've got a networking issue that's confusing me.

When I try to ssh out, I can see the packets being accepted by the rule
in the OUTPUT chain, but I can't see them with TCPDUMP. Nothing is
hitting the rules in the nat POSTROUTING chain, either.

I can see from the ACCEPT rule (in the iptables output) that the packet
is going through the interface I expect (enp4s0.1441)

Any ideas? I suspect it's something silly I've just failed to spot ...

Note that yesterday, when I was on site, I wasn't trying this, but had
similar problems with traffic going out - dns packets were being
accepted, but not hitting the postrouting snat rule. Today, I can't get
to the machine I was testing from, which is how I found the current problem.

In both cases, ping works - I can ping the machine I'm trying to ssh to
(10.144.1.10), and yesterday I could ping the dns server (8.8.8.8 for
test purposes)

Background and other info:

The system is (supposed to be) a router, based on an old (atom-based) HP
thin client connected to a VLAN switch. It's running buster.

I've built routers before, but not using VLANs and not (I think) on buster.

I'm using iptables-legacy (because I'm relatively familiar with it).

Other oddities are:

- it's running OpenVPN (which is working; that's how I'm connecting to
it today)
- there's an odd route I've added to allow talking to bits of my home
LAN, despite the external interface of this router being on the same
address range (too many people choose 192.168.1.0/24)

Here's the routing table:
8<
richard@svrouter:~$ sudo ip route
default via 192.168.1.1 dev enp4s0.1 onlink
10.144.1.0/24 dev enp4s0.1441 proto kernel scope link src 10.144.1.1
10.144.2.0/24 dev enp4s0.1442 proto kernel scope link src 10.144.2.1
192.168.1.0/24 dev enp4s0.1 proto kernel scope link src 192.168.1.15
192.168.1.96/27 via 192.168.94.1 dev tun0
192.168.94.0/24 dev tun0 proto kernel scope link src 192.168.94.10
8<

/etc/network/interfaces:
8<
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# # The primary network interface
# auto enp4s0
# iface enp4s0 inet dhcp

auto enp4s0.1
iface enp4s0.1 inet static
  address 192.168.1.15/24
  gateway 192.168.1.1

auto enp4s0.1441
iface enp4s0.1441 inet static
  address 10.144.1.1/24

auto enp4s0.1442
iface enp4s0.1442 inet static
  address 10.144.2.1/24
8<
(interfaces.d is empty)

iptables -vnL:
8<
Chain INPUT (policy ACCEPT 26 packets, 8528 bytes)
 pkts bytes target prot opt in out source
destination
0 0 LOGtcp  --  *  *   0.0.0.0/0
0.0.0.0/0tcp spt:22 LOG flags 0 level 4
 1109 99188 ACCEPT all  --  *  *   0.0.0.0/0
0.0.0.0/0ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp --  *  *   0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT tcp  --  *  *   0.0.0.0/0
0.0.0.0/0tcp dpt:22

Chain FORWARD (policy ACCEPT 25 packets, 1750 bytes)
 pkts bytes target prot opt in out source
destination
0 0 ACCEPT all  --  *  *   0.0.0.0/0
0.0.0.0/0ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp --  *  *   0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT tcp  --  enp4s0.1 enp4s0.1441  0.0.0.0/0
  0.0.0.0/0tcp dpt:22
0 0 ACCEPT tcp  --  enp4s0.1441 enp4s0.1  0.0.0.0/0
  0.0.0.0/0tcp dpt:22
0 0 ACCEPT tcp  --  enp4s0.1441 enp4s0.1  0.0.0.0/0
  0.0.0.0/0tcp dpt:53
0 0 ACCEPT tcp  --  enp4s0.1441 enp4s0.1  0.0.0.0/0
  0.0.0.0/0tcp dpt:80
0 0 ACCEPT tcp  --  enp4s0.1441 enp4s0.1  0.0.0.0/0
  0.0.0.0/0tcp dpt:443
0 0 ACCEPT tcp  --  enp4s0.1441 enp4s0.1  0.0.0.0/0
  0.0.0.0/0tcp dpt:587
  676 46636 LOGudp  --  enp4s0.1441 enp4s0.1  0.0.0.0/0
  0.0.0.0/0udp dpt:53 LOG flags 0 level 4 prefix "PRE-ACCEPT "
  676 46636 ACCEPT udp  --  enp4s0.1441 enp4s0.1  0.0.0.0/0
  0.0.0.0/0udp dpt:53
   25  1750 LOGall  --  *  *   0.0.0.0/0
0.0.0.0/0LOG flags 0 level 4 prefix "FWD "

Chain OUTPUT (policy ACCEPT 53 packets, 3180 bytes)
 pkts bytes target prot opt in out source
destination
  731  128K ACCEPT all  --  *  *   0.0.0.0/0
0.0.0.0/0ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp --  *  *   0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT udp  --  *  *   0.0.0.0/0
203.118.153.20   udp spt:1194 dpt:1194
0 0 ACCEPT udp  --  *  * 

Source-specific routing

[Alexandre Garreau]

Hi,

I don’t know if this is the right place to ask, if my problem is not too
specific or something.

Is source-specific routing possible under debian?  I think this is what
I need in my case ("multihoming" I think): on my laptop I'm generally
connected too zero up to two differents networks (from different ISP),
and therefore have from 0 to 6-7 different IP addresses (currently: two
local IPv4 addresses and two public IPv6 addresses from my physical home
ISP (possibly counting the public IPv4 whose my NATed network is behind
and that I could use modulo some config and negotiations with flatmate),
and two public IP addresses (v6 and v4) from a VPN: misleadingly, that's
3 network interfaces: one (tun0) for my VPN ISP, and two (enp0s25 and
wlp2s0) for my physical home ISP).

I host my mail server on this machine (my laptop yes, though it is not
always up (it stays on during night, but is offline when I travel
sometimes, between two different places with internet access, but this
wasn't the case at the time I had an unlimited 3G data access through a
WWAN card (I need to get and fit another one now)).

I'd like my computer to be able to receive mail from all network
interfaces (including local networks) at any time, and preferably send
from the VPN (tun0, openvpn, and I connect through Network Manager), but
possibly also from my home physical ISP when available (without
disconnecting from my VPN, if I'm ever connected to it), and to be able
to change the default route for opening connections (for exemple
accessing web or FTP services from a local network (intranet), as I need
to in my college).

So I guess source-specific routing is what I need, so that for any
connection using any IP my computer send the packet on the right
interface with the right IP.

I feel like that's an interesting networking problem for learning
networking stuff as I'd like ^^

So any idea? place to find information?

Re: Routing all traffic trough VPN

[Piotr Martyniuk]

On 2018-08-16, john doe  wrote:
> This configuration assumes that the clients will get "all configuration" 
> from the server.

Initially I had a problem importing my VPN settings to network
manager. Now I see it is working and I was able to fill in the gaps so
I got a working VPN connection.

I did not have the resolvconf package installed, so I had to install
it.

Thanks for guidance.

Regards,
Piotr

Re: Routing all traffic trough VPN

[john doe]

On 8/16/2018 8:53 AM, Piotr Martyniuk wrote:

On 2018-08-16, john doe  wrote:

On the vpn client are you getting the proper DNS in '/etc/resolv.conf'
when connected to your vpn server?


It changes (adds nameserver 192.168.2.1 on top), but this does not
seems to be valid as the IP's I got are from the network 10.8.0.xx and
the one I got is the local IP of one of my machines at home.

What should be there instead? Can this update-resolv-conf script be
used to use different valid entry unstead?



To be sure that we are on the same page:

This configuration assumes that the clients will get "all configuration" 
from the server.

On the server in my config file I have:

$ grep -i 'dns\|redirect' *.conf
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.220.220"


If you have the 'resolvconf' package that should be all you need to do.
The script 'update-resolv-conf' should only be used if the 'resolvconf' 
pkg is not installed.


At the top of 'update-resolv-conf' I have:
"#!/bin/bash
#
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf

Add those two lines in your server's config file.

#
# Used snippets of resolvconf script by Thomas Hood and Chris Hanson.
# Licensed under the GNU GPL.  See /usr/share/common-licenses/GPL.
#
# Example envs set from openvpn:
#
# foreign_option_1='dhcp-option DNS 193.43.27.132'
# foreign_option_2='dhcp-option DNS 193.43.27.133'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
#

[ -x /sbin/resolvconf ] || exit 0"

If "/sbin/resolvconf" is executable, there is no need to use 
'update-resolv-conf'.


--
John Doe

Re: Routing all traffic trough VPN

[Piotr Martyniuk]

On 2018-08-16, john doe  wrote:
> On the vpn client are you getting the proper DNS in '/etc/resolv.conf' 
> when connected to your vpn server?

It changes (adds nameserver 192.168.2.1 on top), but this does not
seems to be valid as the IP's I got are from the network 10.8.0.xx and
the one I got is the local IP of one of my machines at home.

What should be there instead? Can this update-resolv-conf script be
used to use different valid entry unstead?

Regards,
Piotr

Re: Routing all traffic trough VPN

[john doe]

On 8/16/2018 7:56 AM, Piotr Martyniuk wrote:

On 2018-08-06, Joe  wrote:

I believe it should happen by default, this is almost always what you
want. I'm fairly sure I've never had to ask for this.

When the VPN connects, Network Manager should adjust routing so that
the VPN becomes the default gateway. To disable this behaviour, there
is a tick box somewhere in IP properties of the VPN connection, I think.


It actually does the thing automatically, but I cannot get any
Internet connection when the VPN is enabled.


From the other side, when I use the OpenVPN on the android all traffic

is rerouted correctly via VPN (my router) so I can have internet
connection as I would sit at home. How can I configure it on Debian so
I will have the same situation? Which Info sould I provide you in
oorder to give some concrete help?

Regards,
Piotr



On the vpn client are you getting the proper DNS in '/etc/resolv.conf' 
when connected to your vpn server?


Hint:

https://serverfault.com/questions/590706/openvpn-client-force-dns-server

The script 'update-resolv-conf' is in:

/etc/openvpn/update-resolv-conf

--
John Doe

Re: Routing all traffic trough VPN

[Piotr Martyniuk]

On 2018-08-06, Joe  wrote:
> I believe it should happen by default, this is almost always what you
> want. I'm fairly sure I've never had to ask for this.
>
> When the VPN connects, Network Manager should adjust routing so that
> the VPN becomes the default gateway. To disable this behaviour, there
> is a tick box somewhere in IP properties of the VPN connection, I think.

It actually does the thing automatically, but I cannot get any
Internet connection when the VPN is enabled. 

>From the other side, when I use the OpenVPN on the android all traffic
is rerouted correctly via VPN (my router) so I can have internet
connection as I would sit at home. How can I configure it on Debian so
I will have the same situation? Which Info sould I provide you in
oorder to give some concrete help?

Regards,
Piotr

Re: Routing all traffic trough VPN

[Roberto C . Sánchez]

On Mon, Aug 06, 2018 at 11:24:21AM +0100, Joe wrote:
> On Mon, 6 Aug 2018 09:48:02 - (UTC)
> zaxonxp  wrote:
> 
> > Hi,
> > 
> > On Debian Stretch I managed to configure VPN connection using network-
> > manager. Now I would like to redirect all traffic to VPN (whenever
> > VPN is available) and revert back to current state (if VPN is not
> > available).
> > 
> > The only problem is that I do not know how to do this.
> 
> I believe it should happen by default, this is almost always what you
> want. I'm fairly sure I've never had to ask for this.
> 
> When the VPN connects, Network Manager should adjust routing so that
> the VPN becomes the default gateway. To disable this behaviour, there
> is a tick box somewhere in IP properties of the VPN connection, I think.
> 
That is usually something that is managed by the VPN server pushing a
default route to the client.  However, please note that network-manager
handling of DNS is still likely to leak DNS queries to DNS servers
outside of the VPN.  This was recently discussed in this thread:
https://lists.debian.org/debian-user/2018/07/msg01012.html

Regards,

-Roberto

-- 
Roberto C. Sánchez

Re: Routing all traffic trough VPN

[Joe]

On Mon, 6 Aug 2018 09:48:02 - (UTC)
zaxonxp  wrote:

> Hi,
> 
> On Debian Stretch I managed to configure VPN connection using network-
> manager. Now I would like to redirect all traffic to VPN (whenever
> VPN is available) and revert back to current state (if VPN is not
> available).
> 
> The only problem is that I do not know how to do this.

I believe it should happen by default, this is almost always what you
want. I'm fairly sure I've never had to ask for this.

When the VPN connects, Network Manager should adjust routing so that
the VPN becomes the default gateway. To disable this behaviour, there
is a tick box somewhere in IP properties of the VPN connection, I think.

-- 
Joe

Routing all traffic trough VPN

[zaxonxp]

Hi,

On Debian Stretch I managed to configure VPN connection using network-
manager. Now I would like to redirect all traffic to VPN (whenever VPN is 
available) and revert back to current state (if VPN is not available).

The only problem is that I do not know how to do this.

Kind regads,
Piotr

Routing all traffic trough VPN

[zaxonxp]

Hi,

On Debian Stretch I managed to configure VPN connection using network-
manager. Now I would like to redirect all traffic to VPN (whenever VPN is
available) and revert back to current state (if VPN is not available).

The only problem is that I do not know how to do this.

Kind regads,
Piotr

Routing all traffic trough VPN

[Piotr]

[This mail was also posted to linux.debian.user.]

Hi,

On Debian Stretch I managed to configure VPN connection using network-
manager. Now I would like to redirect all traffic to VPN (whenever VPN is
available) and revert back to current state (if VPN is not available).

The only problem is that I do not know how to do this.

Kind regads,
Piotr

pppoe setup <- Re: Testing AT&T, so routing setup

[ken]

On 05/06/2016 04:43 AM, Pascal Hambourg wrote:

Le 05/05/2016 21:05, ken a écrit :


Working on the Pi just from the bash prompt as root, how do I set the
routing table (etc.) to connect directly to the DSL modem?  The routing
table on my router currently shows:

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse
Iface
77.219.160.10.0.0.0 255.255.255.255 UH 0 00 ppp0
192.168.0.0 0.0.0.0 255.255.255.0   U 0 00 br0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 00 br0
127.0.0.0   0.0.0.0 255.0.0.0   U 0 00 lo
0.0.0.0 77.219.160.10.0.0.0 UG 0 00 ppp0

Here's the Pi's current routing table:

Destination Gateway Genmask Flags Metric RefUse
Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG0 0 0 eth0
10.10.0.0   0.0.0.0 255.255.255.0   U 0 0 0 wlan0
192.168.0.0 0.0.0.0 255.255.255.0   U 0 0 0 eth0

To plug the Pi directly into the modem, I think I'm going to need to run
ppp and then run some commands to temporarily set the IP address of the
ethernet port (eth0) and the routing table.  I much prefer to do all
this without changing config files so that when I reboot the Pi, the
settings go back to their original.  What do I need to 'apt-get' for the
ppp executables?


The interface type is PPP so you need the package "ppp" providing pppd.

The DSL provider probably uses PPP over Ethernet (PPPoE). You can 
check on your router. pppd can handle PPPoE direclty through a plugin 
and a kernel module or in userland though the package "pppoe" (more 
overhead and more options). The extra package "pppoeconf" eases the 
creation of a PPPoE configuration file in /etc/ppp/peers. Once 
created, the connection can be started and stopped manually with "pon" 
and "poff".


Some DSL providers may use the PPTP protocol instead. Then you need 
the package "pptp-linux".


Thanks for the very helpful reply.

The router is a dd-wrt, set up years ago and I don't recall anymore how 
I set it up.  So I called the ISP: they said they use pppoe.  I 
installed that on the Pi... along with ppp.






And... I'm more accustomed to using the 'route'
command to manually set up a routing table, but have used 'ip' commands
too, if that's more familiar to you.


You should not need to issue any commands. Just make sure the PPP 
config file has the options "defaultroute" to set the default route 
through the PPP connection and "replacedefaultroute" to override the 
existing default route.


I *want* to use commands.  As said in my original (& probably seemingly 
wordy, hence redacted) email, this is going to be temporary use of this 
Pi, so I don't want to set up a new configuration on it.  I want the 
default networking configuration to remain as is, plug it into a 
different connection, run some commands to change the networking to run 
ppp, and then, when I'm done with this new connection, reboot and go 
back to the previous networking config which doesn't even run ppp.


Reading "man pon" I found I can do "pon testconfig" and pon will load 
the specified "testconfig" settings file  instead of the default 
config... and then after a reboot, go back to the previous network 
settings (with no ppp running and the default route to what it was 
previously).


Said another way, this Pi is currently just part of my LAN and is 
configured to connect to a router (192.168.0.1).  I'm going to unplug it 
from that, connect it directly to the DSL modem (temporarily) to test my 
ISP.  Then, when I'm done with the test, I'll unplug it, put it back 
onto the LAN, and boot into it's previous network config.


So I expect that, after the Pi is connected directly to the modem, I'll 
need to do "ifdown eth0" first, then do "pon testconfig".  The 
/etc/ppp/peers/testconfg file is going to be somewhat different from the 
default one... on these items:


1) I have static ip addresses (2 of them), not dynamic.  So where, if 
anywhere, do I need to specify one?  And what other setting(s) to 
specify a static IP?


2) My setup needs to specify a user and password.  I'm guessing the 
'user "myusername@realm"' line should serve for that, yes?


3) The Pi has two network interfaces (shown above, in my original 
post).  How do I tell ppp to use eth0 and leave wlan0 alone?



This is actually a cool, little project... might be helpful for other 
folks who want to run tests on their ISP isolated from their LAN.  
Again, thanks for your help.

Re: Testing AT&T, so routing setup

[Pascal Hambourg]

Le 05/05/2016 21:05, ken a écrit :


Working on the Pi just from the bash prompt as root, how do I set the
routing table (etc.) to connect directly to the DSL modem?  The routing
table on my router currently shows:

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse
Iface
77.219.160.10.0.0.0 255.255.255.255 UH 0  00 ppp0
192.168.0.0 0.0.0.0 255.255.255.0   U 0  00 br0
169.254.0.0 0.0.0.0 255.255.0.0 U 0  00 br0
127.0.0.0   0.0.0.0 255.0.0.0   U 0  00 lo
0.0.0.0 77.219.160.10.0.0.0 UG 0  00 ppp0

Here's the Pi's current routing table:

Destination Gateway Genmask Flags Metric RefUse
Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG0 00 eth0
10.10.0.0   0.0.0.0 255.255.255.0   U 0 00 wlan0
192.168.0.0 0.0.0.0 255.255.255.0   U 0 00 eth0

To plug the Pi directly into the modem, I think I'm going to need to run
ppp and then run some commands to temporarily set the IP address of the
ethernet port (eth0) and the routing table.  I much prefer to do all
this without changing config files so that when I reboot the Pi, the
settings go back to their original.  What do I need to 'apt-get' for the
ppp executables?


The interface type is PPP so you need the package "ppp" providing pppd.

The DSL provider probably uses PPP over Ethernet (PPPoE). You can check 
on your router. pppd can handle PPPoE direclty through a plugin and a 
kernel module or in userland though the package "pppoe" (more overhead 
and more options). The extra package "pppoeconf" eases the creation of a 
PPPoE configuration file in /etc/ppp/peers. Once created, the connection 
can be started and stopped manually with "pon" and "poff".


Some DSL providers may use the PPTP protocol instead. Then you need the 
package "pptp-linux".



And... I'm more accustomed to using the 'route'
command to manually set up a routing table, but have used 'ip' commands
too, if that's more familiar to you.


You should not need to issue any commands. Just make sure the PPP config 
file has the options "defaultroute" to set the default route through the 
PPP connection and "replacedefaultroute" to override the existing 
default route.

Testing AT&T, so routing setup

[ken]

Test context:

Having problems with my internet connection, technicians came out, said 
they fixed the problem, and left.  The connection was a bit better 
(fewer lost ping packets), but nowhere close to where it should be.  
They say they see no other problem with their equipment, the problem is 
probably with my equipment.  Repeat that exact same story two more times 
in the following week.


Here's what mtr shows me:

HOST: yes.mynet.net Loss%   Snt   Last   Avg Best  Wrst StDev
  1.|-- 192.168.0.1  0.0%   1000.4   0.8 0.3  20.1   2.4
  2.|-- 77.219.160.153.0%   100   71.3 100.7 9.1 321.5  90.4

So what I'm thinking is to take an RPi and my DSL modem and plug it in 
directly to the box outside (on the customer side, of course) and test 
it from there.  If I get the same results from there, I've eliminated 
everything on my side as the source of the problem except the DSL modem 
and the RPi.  Since, however, I get the same results on four other nodes 
inside the house as I get from the Pi, the problem is likely not the Pi's.



Setting up for testing:

Working on the Pi just from the bash prompt as root, how do I set the 
routing table (etc.) to connect directly to the DSL modem?  The routing 
table on my router currently shows:


# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse 
Iface

77.219.160.10.0.0.0 255.255.255.255 UH 0  00 ppp0
192.168.0.0 0.0.0.0 255.255.255.0   U 0  00 br0
169.254.0.0 0.0.0.0 255.255.0.0 U 0  00 br0
127.0.0.0   0.0.0.0 255.0.0.0   U 0  00 lo
0.0.0.0 77.219.160.10.0.0.0 UG 0  00 ppp0

Here's the Pi's current routing table:

Destination Gateway Genmask Flags Metric RefUse 
Iface

0.0.0.0 192.168.0.1 0.0.0.0 UG0 00 eth0
10.10.0.0   0.0.0.0 255.255.255.0   U 0 00 wlan0
192.168.0.0 0.0.0.0 255.255.255.0   U 0 00 eth0

To plug the Pi directly into the modem, I think I'm going to need to run 
ppp and then run some commands to temporarily set the IP address of the 
ethernet port (eth0) and the routing table.  I much prefer to do all 
this without changing config files so that when I reboot the Pi, the 
settings go back to their original.  What do I need to 'apt-get' for the 
ppp executables?  And... I'm more accustomed to using the 'route' 
command to manually set up a routing table, but have used 'ip' commands 
too, if that's more familiar to you.


Thanks.

Re: Strange entry in my routing table.

[Juan R. de Silva]

On Wed, 04 Mar 2015 23:18:08 +, Juan R. de Silva wrote:

> Here is my routing table:
> 
> 0.0.0.0   192.168.25.68   0.0.0.0 UG0  00
> eth0 192.168.24.0  0.0.0.0 255.255.252.0   U 1  0   
> 0 eth0
> 
> The first entry IS my default gateway as I expected.
> 
> The second line, however, is something I cannot neither recognize nor
> explain. It obviously belongs to something on a different LAN segment,
> which I do not have. I mean I do not have any subnets on my LAN.
> 
> I tried to ping 192.168.24.0 with no response.
> Trying 'ping -b 192.168.24.255' gives me only my own LAN IP address with
> "Destination Host Unreachable".
> 
> The wireless on my router is disabled from GUI interface. The router is
> flashed with dd-wrt. Should I assume my router has been hacked and re-
> flash it?
> 
> Can somebody help me to understand this, please?

Thanks for all replied. You were very helpful.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/mdanff$4pv$1...@ger.gmane.org

Re: Strange entry in my routing table.

[Gene Heskett]

On Wednesday 04 March 2015 21:39:16 David Wright wrote:
> Quoting Gene Heskett (ghesk...@wdtv.com):
> > On Wednesday 04 March 2015 18:34:17 Juan R. de Silva wrote:
> > > > That looks 10% legit to me.
> > >
> > > 10% ? Is it a typo or a joke? :-)
> >
> > Thats a genuine typu, s/b 100%. 80yo fingers don't always type what
> > my brain tells them... :(
>
> However, your response was not particularly helpful because in your
> case the numbers you substituted with xx are the same.
>
> I know I had to look carefully to see where the OP's confusion lay.
> Like most people with a home router, I don't often see a netmask that
> isn't 255.255.255.0.
>
> Thanks to Bob for a very clear exposition.

Yes David.  When I get this install tuned up a bit better, I should troll 
thru the kernel's networking and see if I could borrow some of that math 
for netmask and such.

Bob is likely 100% correct, but I'd like to learn how its done.

> Cheers,
> David.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201503042216.29474.ghesk...@wdtv.com

Re: Strange entry in my routing table.

[David Wright]

Quoting Gene Heskett (ghesk...@wdtv.com):
> 
> 
> On Wednesday 04 March 2015 18:34:17 Juan R. de Silva wrote:
> > > That looks 10% legit to me.
> >
> > 10% ? Is it a typo or a joke? :-)
> 
> Thats a genuine typu, s/b 100%. 80yo fingers don't always type what my 
> brain tells them... :(

However, your response was not particularly helpful because in your
case the numbers you substituted with xx are the same.

I know I had to look carefully to see where the OP's confusion lay.
Like most people with a home router, I don't often see a netmask that
isn't 255.255.255.0.

Thanks to Bob for a very clear exposition.

Cheers,
David.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150305023916.ga22...@alum.home

Re: Strange entry in my routing table.

[Matthew Chong]

Did you mean typo? :P (Yeah I understand typos from you now.)

The table does not appear to have problems, you can always nmap it though,
it tells what it is, in terms of operating system and open ports.

(sudo apt-get install nmap)

nmap -sV [IPv4 Address]

On Thursday, March 5, 2015, Gene Heskett  wrote:

>
>
> On Wednesday 04 March 2015 18:34:17 Juan R. de Silva wrote:
> > > That looks 10% legit to me.
> >
> > 10% ? Is it a typo or a joke? :-)
>
> Thats a genuine typu, s/b 100%. 80yo fingers don't always type what my
> brain tells them... :(
>
> Cheers, Gene Heskett
> --
> "There are four boxes to be used in defense of liberty:
>  soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author)
> Genes Web page 
>
>
> --
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
> 
> with a subject of "unsubscribe". Trouble? Contact
> listmas...@lists.debian.org 
> Archive: https://lists.debian.org/201503042126.45588.ghesk...@wdtv.com
>
>

Re: Strange entry in my routing table.

[Gene Heskett]

On Wednesday 04 March 2015 18:34:17 Juan R. de Silva wrote:
> > That looks 10% legit to me.
>
> 10% ? Is it a typo or a joke? :-)

Thats a genuine typu, s/b 100%. 80yo fingers don't always type what my 
brain tells them... :(

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201503042126.45588.ghesk...@wdtv.com

Re: Strange entry in my routing table.

[Bob Proulx]

Juan R. de Silva wrote:
> Here is my routing table:
> 
> 0.0.0.0   192.168.25.68   0.0.0.0 UG0  00 eth0
> 192.168.24.0  0.0.0.0 255.255.252.0   U 1  00 eth0
> 
> The first entry IS my default gateway as I expected. 
> 
> The second line, however, is something I cannot neither recognize nor 
> explain. It obviously belongs to something on a different LAN segment, 
> which I do not have. I mean I do not have any subnets on my LAN.

If those are your only two entries then your IP address *must* be in
the 192.168.24.0/255.255.252.0 subnet.  Right?  That is the route for
your local subnet which is associated with your IP address.

> I tried to ping 192.168.24.0 with no response.

Good.  Because that is the network address.  In the old days every
host on the net would have responded to you.  If you are at home then
you might have no other hosts on the network.  If you were in a big
company or university then you might have thousands of replies coming
back to your system.  It would generally overwhelm both your system
and the switches handling your network.

> Trying 'ping -b 192.168.24.255' gives me only my own LAN IP address with 
> "Destination Host Unreachable".

That is not your broadcast address.  You list 255.255.252.0 as the
netmask for that lan segment.  That makes your broadcast address on
that network 192.168.27.255.  If you were to ping the broadcast
address then again every host on the network should respond.  Not
usually what you want.

> The wireless on my router is disabled from GUI interface. The router is 
> flashed with dd-wrt. Should I assume my router has been hacked and re-
> flash it?

No.  You should tell us what your IP address is so that we can confirm
that it is on the 192.168.24.0/255.255.252.0 network.

  $ ipcalc 192.168.24.0/255.255.252.0
  Address:   192.168.24.0 1100.10101000.000110 00.
  Netmask:   255.255.252.0 = 22   ..11 00.
  Wildcard:  0.0.3.255..00 11.
  =>
  Network:   192.168.24.0/22  1100.10101000.000110 00.
  HostMin:   192.168.24.1 1100.10101000.000110 00.0001
  HostMax:   192.168.27.254   1100.10101000.000110 11.1110
  Broadcast: 192.168.27.255   1100.10101000.000110 11.
  Hosts/Net: 1022  Class C, Private Internet

> Can somebody help me to understand this, please?

When you configure an IP address on your system it always includes a
netmask for the subnet.  That information is used to create a routing
table entry for the local subnet.  It allows your system to determine
whether an address is directly accessible or if the address needs to
connect using a gateway.  If a remote address can be routed to by your
subnet then it will speak directly to it.  If it isn't on a local
subnet then it will route through a gateway route.  If no gateway
route is configured then the address is unreachable.

Hope that helps.

Bob

P.S. I have a pet peeve about the routing table printing order on
newer Linux kernels.  In the old kernels and in legacy Unix systems
the route table was top down.  Adress matching was done top to bottom.
First are the local routes and the last one listed was the default
route.  Routing was selected by walking the table top to bottom.  If
none of the local entries matched then the default route was listed at
the bottom and the packet matched that and was sent to the router.

Back in some Linux version that I don't recall they flipped the order
printed to be the opposite way.  The order you show is the new
upsidedown order.  In your order and the newer Linux kernels you match
from bottom to top.  Start at the bottom with the last entry listed
and then walk through the listing from bottom to top.  If nothing else
hits then the last entry is the default entry on top and the packet is
sent to the default route.  Needing to look at it upsidedown I find
very inconvenient and a break from traditional practice for no good
reason.

My preference now is to use this to work around the issue.

  ip route | tac


signature.asc
Description: Digital signature

Re: Strange entry in my routing table.

[Matt Ventura]

On 03/04/2015 03:18 PM, Juan R. de Silva wrote:

Here is my routing table:

0.0.0.0   192.168.25.68   0.0.0.0 UG0  00 eth0
192.168.24.0  0.0.0.0 255.255.252.0   U 1  00 eth0

The first entry IS my default gateway as I expected.

The second line, however, is something I cannot neither recognize nor
explain. It obviously belongs to something on a different LAN segment,
which I do not have. I mean I do not have any subnets on my LAN.

I tried to ping 192.168.24.0 with no response.
Trying 'ping -b 192.168.24.255' gives me only my own LAN IP address with
"Destination Host Unreachable".

The wireless on my router is disabled from GUI interface. The router is
flashed with dd-wrt. Should I assume my router has been hacked and re-
flash it?

Can somebody help me to understand this, please?


Looks perfectly fine to me. 192.168.24.0 with a netmask of 255.255.252.0 
(a /22 subnet) means the address range is 192.168.24.0 - 192.168.27.255. 
Both your PC and router are on this network. Generally, an 
internet-connected interface will always have two entries, one for the 
network itself (the second line here) and one for the gateway (the first 
line).



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/54f79f62.3050...@mattventura.net

Re: Strange entry in my routing table.

[Juan R. de Silva]

> That looks 10% legit to me.

10% ? Is it a typo or a joke? :-)


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/md84pp$t22$1...@ger.gmane.org

Re: Strange entry in my routing table.

[Gene Heskett]

On Wednesday 04 March 2015 18:18:08 Juan R. de Silva wrote:
> Here is my routing table:
>
> 0.0.0.0   192.168.25.68   0.0.0.0 UG0  00
> eth0 192.168.24.0  0.0.0.0 255.255.252.0   U 1  0 
>   0 eth0
>
> The first entry IS my default gateway as I expected.
>
> The second line, however, is something I cannot neither recognize nor
> explain. It obviously belongs to something on a different LAN segment,
> which I do not have. I mean I do not have any subnets on my LAN.
>
> I tried to ping 192.168.24.0 with no response.
> Trying 'ping -b 192.168.24.255' gives me only my own LAN IP address
> with "Destination Host Unreachable".
>
> The wireless on my router is disabled from GUI interface. The router
> is flashed with dd-wrt. Should I assume my router has been hacked and
> re- flash it?
>
> Can somebody help me to understand this, please?

That looks 10% legit to me.
Mine:
gene@coyote:~$ sudo route -n
[sudo] password for gene: 
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
0.0.0.0 192.168.xx.10.0.0.0 UG0  00 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000   00 eth0
192.168.xx.00.0.0.0 255.255.255.0   U 0  00 eth0

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201503041830.07987.ghesk...@wdtv.com

Strange entry in my routing table.

[Juan R. de Silva]

Here is my routing table:

0.0.0.0   192.168.25.68   0.0.0.0 UG0  00 eth0
192.168.24.0  0.0.0.0 255.255.252.0   U 1  00 eth0

The first entry IS my default gateway as I expected. 

The second line, however, is something I cannot neither recognize nor 
explain. It obviously belongs to something on a different LAN segment, 
which I do not have. I mean I do not have any subnets on my LAN.

I tried to ping 192.168.24.0 with no response.
Trying 'ping -b 192.168.24.255' gives me only my own LAN IP address with 
"Destination Host Unreachable".

The wireless on my router is disabled from GUI interface. The router is 
flashed with dd-wrt. Should I assume my router has been hacked and re-
flash it?

Can somebody help me to understand this, please?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/md83rg$hrb$1...@ger.gmane.org

Re: Re: VPN routing on Sid

[Luis Finotti]

> On 13/11/14 11:10, Luis Finotti wrote:
> > Ah, that worked!  Could you explain the "192.168.29.0/24" syntax
> > though?  I'm having a hard time finding what it means.  (Is it a range
> > 0 to 24?)
>
> The "/24" means that only the first 24 bits of the address are
> significant for matching purposes. So, 192.168.29.0/24 matches all
> addresses in the range 192.168.29.0 through 192.168.29.255.
>
> (Do say if that's not enough detail.)

Thanks for your help!  It makes sense now.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/camo809vus3pkwtr9dxszh4wemrr-qfgfhd-wh5dnqshda8g...@mail.gmail.com

Re: VPN routing on Sid

[Martin Read]

On 13/11/14 11:10, Luis Finotti wrote:

Ah, that worked!  Could you explain the "192.168.29.0/24" syntax
though?  I'm having a hard time finding what it means.  (Is it a range
0 to 24?)


The "/24" means that only the first 24 bits of the address are 
significant for matching purposes. So, 192.168.29.0/24 matches all 
addresses in the range 192.168.29.0 through 192.168.29.255.


(Do say if that's not enough detail.)


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/5464afe0.2010...@zen.co.uk

Re: VPN routing on Sid

[Luis Finotti]

On Thu, Nov 13, 2014 at 3:43 AM, Pascal Hambourg  wrote:
> Luis Finotti a écrit :
>>
>> When I first started using the VPN service, I could not SSH to my
>> desktop from outside the network anymore.  After a lot of googling, I
>> found out a solution (https://forums.openvpn.net/topic7163-15.htm):
>> I've added the following script to /etc/network/if-up.d:
>>
>> --
>> !/bin/bash
>>
>> ip rule add from 192.168.29.120 table 10
>> ip route add default via 192.168.29.1 table 10
>> 
>>
>> where 192.168.29.120 is the IP of the desktop and 192.168.29.1 is the
>> IP of the router.
>>
>> recently, when I run the script above (as I've been doing for a
>> while), I can still connect from *outside* my network, but *not* from
>> inside (i.e., other computers connected to the same router).  From
>> within the network, nothing works (SSH, Samba, minidlna...).
>
> Apparently your router is doing a bad job, not forwarding packets from
> LAN to LAN. Anyway, it is better to add an exception to the default
> route for the LAN subnet in table 10 to make the routing direct :
>
> ip route add 192.168.29.0/24 dev eth0 table 10
>
> (If required, replace "eth0" with whatever the LAN interface is.)

Ah, that worked!  Could you explain the "192.168.29.0/24" syntax
though?  I'm having a hard time finding what it means.  (Is it a range
0 to 24?)

I wonder how the problem started as I've made no changes in the router
configuration...

Thanks for the help.  I greatly appreciate it!

Luis


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAMo809X6Ur8BwVyZ+k=jovhh2errcrdxewfzfkjsu0x37xg...@mail.gmail.com

Re: VPN routing on Sid

[Pascal Hambourg]

Luis Finotti a écrit :
> 
> When I first started using the VPN service, I could not SSH to my
> desktop from outside the network anymore.  After a lot of googling, I
> found out a solution (https://forums.openvpn.net/topic7163-15.htm):
> I've added the following script to /etc/network/if-up.d:
> 
> --
> !/bin/bash
> 
> ip rule add from 192.168.29.120 table 10
> ip route add default via 192.168.29.1 table 10
> 
> 
> where 192.168.29.120 is the IP of the desktop and 192.168.29.1 is the
> IP of the router.
> 
> recently, when I run the script above (as I've been doing for a
> while), I can still connect from *outside* my network, but *not* from
> inside (i.e., other computers connected to the same router).  From
> within the network, nothing works (SSH, Samba, minidlna...).

Apparently your router is doing a bad job, not forwarding packets from
LAN to LAN. Anyway, it is better to add an exception to the default
route for the LAN subnet in table 10 to make the routing direct :

ip route add 192.168.29.0/24 dev eth0 table 10

(If required, replace "eth0" with whatever the LAN interface is.)


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/54646f2c.3000...@plouf.fr.eu.org

Re: VPN routing on Sid

[Luis Finotti]

On Wed, Nov 12, 2014 at 5:00 PM, Igor Cicimov  wrote:
>
> On 13/11/2014 6:17 AM, "Luis Finotti"  wrote:
>>
>> I'm having problems connecting to my desktop (running actually
>> aptosid, which is virtually simply Debian Sid with a different kernel
>> and a few extra tools and customizations).
>>
>> Here is the situation: my desktop is connected to a VPN service.  (The
>> router to which the desktop is connected is not, only the desktop.
>> So, the VPN client runs on the desktop and the other computers on the
>> network connect to the Internet directly.)
>>
>> When I first started using the VPN service, I could not SSH to my
>> desktop from outside the network anymore.  After a lot of googling, I
>> found out a solution (https://forums.openvpn.net/topic7163-15.htm):
>> I've added the following script to /etc/network/if-up.d:
>>
>> --
>> !/bin/bash
>>
>> ip rule add from 192.168.29.120 table 10
>> ip route add default via 192.168.29.1 table 10
>> 
>>
>> where 192.168.29.120 is the IP of the desktop and 192.168.29.1 is the
>> IP of the router.
>>
> And the rules in table 10 are?? Send the output of:
>
> # ip rule show
> # ip route show table 10

Thanks for the reply!

Here they are:

root@debian[/home/finotti]#  ip rule show
0:  from all lookup local
32763:  from 192.168.29.120 lookup 10
32764:  from 192.168.29.120 lookup 10
32765:  from 192.168.29.120 lookup 10
32766:  from all lookup main
32767:  from all lookup default


root@debian[/home/finotti]#  ip route show table 10
default via 192.168.29.1 dev eth0


Let me know if anything else would help.

Luis


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAMo809XTZa_=budhp4_+mzrq72tt2qf3eiuq8a3+coqdvhn...@mail.gmail.com

VPN routing on Sid

[Luis Finotti]

I'm having problems connecting to my desktop (running actually
aptosid, which is virtually simply Debian Sid with a different kernel
and a few extra tools and customizations).

Here is the situation: my desktop is connected to a VPN service.  (The
router to which the desktop is connected is not, only the desktop.
So, the VPN client runs on the desktop and the other computers on the
network connect to the Internet directly.)

When I first started using the VPN service, I could not SSH to my
desktop from outside the network anymore.  After a lot of googling, I
found out a solution (https://forums.openvpn.net/topic7163-15.htm):
I've added the following script to /etc/network/if-up.d:

--
!/bin/bash

ip rule add from 192.168.29.120 table 10
ip route add default via 192.168.29.1 table 10


where 192.168.29.120 is the IP of the desktop and 192.168.29.1 is the
IP of the router.

That worked perfectly and until recently.  (I'm sorry I cannot be more
precise about when, but I'd say within the last 30 days or so it
stopped working.)  I could connect to the desktop from anywhere.  But
recently, when I run the script above (as I've been doing for a
while), I can still connect from *outside* my network, but *not* from
inside (i.e., other computers connected to the same router).  From
within the network, nothing works (SSH, Samba, minidlna...).  As soon
as remove the rules (with "ip rule/route del ..."), I can connect
again from inside (but, of course, not from outside anymore).

I'd appreciate any comments or suggestions.  (The desktop is up to
date with Sid repositories, by the way.)

Thanks,

Luis


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/camo809u8lto9mvce_r7m_p21brbtj0jrrabnqxzk31cdl3c...@mail.gmail.com

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Andrei POPESCU]

On Ma, 05 aug 14, 13:01:48, Bob Proulx wrote:
> Andrei POPESCU wrote:
> > 
> > I'm not very familiar with Gmail's interface, but Outlook definitely 
> > does have threaded views.
> 
> As of the last time I used Outlook a couple of years ago Outlook did
> not have threads but had "conversations".  Outlook sorted by subject
> line.  Any message with the same subject was grouped together into a
> "conversation" whether it was related or not.  And similarly if you
> had a discussion thread and changed the subject then in Outlook that
> started a new "conversation".  Outlook "conversations" grouped by
> subject is a poor substitute for message threading.  Are you sure it
> is really threads and not conversations?

Yes, that's exactly what I meant and I prefer real threading anytime. 
There are two advantages of Outlook however:

 - the conversation view can show messages in any folder
 - search folders

I can recreate some of that with notmuch, but I would like to experiment 
with mutt-kz (RFP #698672) as I don't use emacs.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Paul E Condon]

On 20140804_2358+0300, Andrei POPESCU wrote:
> On Du, 03 aug 14, 13:28:06, Bob Proulx wrote:
> > 
> > P.S. I still think digests are less desirable because I don't see a
> > way to view the discussion in a threaded view.  Threaded views have
> > been around for so long that I couldn't live without them.  Of course
> > Gmail and Outlook users don't have threaded views.  But I am sure that
> > if they did they wouldn't want to not have them either.
> 
> I'm not very familiar with Gmail's interface, but Outlook definitely 
> does have threaded views. Unfortunately by activating it you also have 
> to use reverse chronological sorting by the newest message in the 
> thread, which is very annoying for me.
> 
> Kind regards,
> Andrei

I think my main objection to gmail user interface is that spam is
built-in in the form of paid advertisements that blend into the visual
clutter. It is tasteless design, IMHO

-- 
Paul E Condon   
pecon...@mesanetworks.net


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140806182736.ga26...@big.lan.gnu

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Jerry Stuckle]

On 8/5/2014 10:24 PM, Paul E Condon wrote:
> On 20140805_0004+0300, Andrei POPESCU wrote:
>> On Lu, 04 aug 14, 08:52:17, Paul E Condon wrote:
>>>
>>> I've spent some time recently, trying to use the Gmail browser
>>> interface. I would never switch to it from Mutt, excepting only if
>>> Microsoft does a corporate take-over of Debian (They are both
>>> corporations under the Law, and under the Law, strange, unnatural
>>> things can happen, as explained in a recent post by Lisi)
>>
>> Debian is definitely not a corporation under any law and any thing 
>> resembling a takeover would involve controlling something like 2 thirds 
>> of its members (to be able to change Foundation documents, etc.).
>>
>> You might want to read the Constitution:
>> http://www.debian.org/devel/constitution
>>
> 
> In USA, where I live, a recent Supreme Court decision is that a
> Corporation has more standing Law than a Human if the Human is a
> female. In USA, things are very strange, by standards of Europe. More
> like what Lisi describes in Australia, but without a living, human
> Sovereign person.
>

You have no idea what the decision was about.  It had nothing to do with
humans - male or female.

Jerry


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53e22705.9040...@attglobal.net

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Paul E Condon]

On 20140805_0004+0300, Andrei POPESCU wrote:
> On Lu, 04 aug 14, 08:52:17, Paul E Condon wrote:
> > 
> > I've spent some time recently, trying to use the Gmail browser
> > interface. I would never switch to it from Mutt, excepting only if
> > Microsoft does a corporate take-over of Debian (They are both
> > corporations under the Law, and under the Law, strange, unnatural
> > things can happen, as explained in a recent post by Lisi)
> 
> Debian is definitely not a corporation under any law and any thing 
> resembling a takeover would involve controlling something like 2 thirds 
> of its members (to be able to change Foundation documents, etc.).
> 
> You might want to read the Constitution:
> http://www.debian.org/devel/constitution
>

In USA, where I live, a recent Supreme Court decision is that a
Corporation has more standing Law than a Human if the Human is a
female. In USA, things are very strange, by standards of Europe. More
like what Lisi describes in Australia, but without a living, human
Sovereign person.

But I really don't think Microsoft has much interest in a take-over of
Debian. It would be more difficult than running Ukraine, IMHO. ;)

-- 
Paul E Condon   
pecon...@mesanetworks.net


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140806022414.ga25...@big.lan.gnu

Re: Network routing on multi-homed system

[Isaac Freeman]

I changed the gateway lines to include the whole network, so, i.e.,

post-up ip route add 172.1.1.62/32 dev eth1 src 172.1.1.41 table
external

became

post-up ip route add 172.1.1.32/27 dev eth1 src 172.1.1.41 table
external

and everything starting working great. Thanks! :)

--
Isaac Freeman - Systems Administrator
IBM SmartCloud Managed Backup
is...@us.ibm.com
919-254-0245



From:   Pascal Hambourg 
To: debian-user@lists.debian.org,
Cc: Isaac Freeman/Raleigh/IBM@IBMUS
Date:   08/02/2014 02:45 PM
Subject:Re: Network routing on multi-homed system



Hello,

Isaac Freeman a écrit :
>
> iface eth1 inet static
>address 172.1.1.40
>netmask 255.255.255.224
>
>    # routing
>post-up ip route add 172.1.1.62/32 dev eth1 src 172.1.1.40
table external
>post-up ip route add default via 172.1.1.62 table external
>post-up ip rule add from 172.1.1.40 table external
>post-down ip rule del from 172.1.1.40 table external

IMO, your special routing is broken. Not all packets with the given
source address should be sent to the gateway, but only packets with a
destination address outside the LAN. Packets with a destination address
inside the LAN should be sent directly.

Either route the LAN prefix using the main table :

 post-up ip rule add to 172.1.1.32/27 table main

(to be created after thus inserted before the "from" rule)
or add a direct route for the prefix in the special table :

 post-up ip route add 172.1.1.32/27 dev eth1 table external

Same for both interfaces and servers.

Note : the routes to the gateways should not be necessary.

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Bob Proulx]

Andrei POPESCU wrote:
> Bob Proulx wrote:
> > P.S. I still think digests are less desirable because I don't see a
> > way to view the discussion in a threaded view.  Threaded views have
> > been around for so long that I couldn't live without them.  Of course
> > Gmail and Outlook users don't have threaded views.  But I am sure that
> > if they did they wouldn't want to not have them either.
> 
> I'm not very familiar with Gmail's interface, but Outlook definitely 
> does have threaded views.

As of the last time I used Outlook a couple of years ago Outlook did
not have threads but had "conversations".  Outlook sorted by subject
line.  Any message with the same subject was grouped together into a
"conversation" whether it was related or not.  And similarly if you
had a discussion thread and changed the subject then in Outlook that
started a new "conversation".  Outlook "conversations" grouped by
subject is a poor substitute for message threading.  Are you sure it
is really threads and not conversations?

Gmail also only supports the same group by subject model.  However for
the Google Groups web forum postings they do thread those.  If you use
the web to post a reply to a Google Group web forum then that message
stays attached to the message it was a reply.  But as far as I can see
all email only has subject grouping.  I am currently using Gmail and
Google Groups in conjuction with a school which uses it and I find it
quite annoying compared to a real mailer.

This grouping by subject means that I now routinely tag subject lines
of generic messages such as "Dinner?" with a date code in order to
make routine subjects different.  Otherwise they would all get grouped
into one long conversation.

> Unfortunately by activating it you also have to use reverse
> chronological sorting by the newest message in the thread, which is
> very annoying for me.

I find that upside-down sorting annoying too.

Bob


signature.asc
Description: Digital signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Lisi Reisz]

On Monday 04 August 2014 21:58:36 Andrei POPESCU wrote:
> I'm not very familiar with Gmail's interface

Lucky you. ;-)

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140804.08619.lisi.re...@gmail.com

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Andrei POPESCU]

On Lu, 04 aug 14, 08:52:17, Paul E Condon wrote:
> 
> I've spent some time recently, trying to use the Gmail browser
> interface. I would never switch to it from Mutt, excepting only if
> Microsoft does a corporate take-over of Debian (They are both
> corporations under the Law, and under the Law, strange, unnatural
> things can happen, as explained in a recent post by Lisi)

Debian is definitely not a corporation under any law and any thing 
resembling a takeover would involve controlling something like 2 thirds 
of its members (to be able to change Foundation documents, etc.).

You might want to read the Constitution:
http://www.debian.org/devel/constitution

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Andrei POPESCU]

On Du, 03 aug 14, 13:28:06, Bob Proulx wrote:
> 
> P.S. I still think digests are less desirable because I don't see a
> way to view the discussion in a threaded view.  Threaded views have
> been around for so long that I couldn't live without them.  Of course
> Gmail and Outlook users don't have threaded views.  But I am sure that
> if they did they wouldn't want to not have them either.

I'm not very familiar with Gmail's interface, but Outlook definitely 
does have threaded views. Unfortunately by activating it you also have 
to use reverse chronological sorting by the newest message in the 
thread, which is very annoying for me.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt


signature.asc
Description: Digital signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Paul E Condon]

On 20140803_1328-0600, Bob Proulx wrote:
> Bob Proulx wrote:
> > I used a variety of mailers back then and I don't recall which ones
> > handled digests nicely and which did not.
> 
> I just tested mutt and digests and mutt handles message digests quite
> well.  And furthermore because the Debian lists includes the
> individual messages as MIME attements it doesn't need to burst the
> digest apart first.  That is an improvement over previous digests I
> have seen.
> 
> To test I subscribed to the digest form of the list in order to get
> some digest messages to test.  Looking at a message in mutt I see that
> each message comes as an message/rfc822 MIME attachment.
> 
> In mutt I view the MIME attachment structure with 'v' in order to see
> the individual messages.  I select one message and view it with
> .  Mutt displays that message individually.  I can
> forward-message, reply, group-reply, list-reply all normally.  Mutt
> sets the message headers appropriately.  Everything works.
> 
> This should work with any mailer that gives the ability to view MIME
> attached message/rfc822 parts individually and list-reply to them.
> Don't list-reply to the digest.  Instead list-reply to the individual
> message that is MIME attached to the digest.
> 
> Bob
> 
> P.S. I still think digests are less desirable because I don't see a
> way to view the discussion in a threaded view.  Threaded views have
> been around for so long that I couldn't live without them.  Of course
> Gmail and Outlook users don't have threaded views.  But I am sure that
> if they did they wouldn't want to not have them either.

I've spent some time recently, trying to use the Gmail browser
interface. I would never switch to it from Mutt, excepting only if
Microsoft does a corporate take-over of Debian (They are both
corporations under the Law, and under the Law, strange, unnatural
things can happen, as explained in a recent post by Lisi)

I think the digest form is a thing of the past. It is impossible to 
keep up with all the different threads of thought that are mixed together
in a single digest. The digest form is probably slower than individual
emails *because*of* the extra mental effort of disentangling the threads.

YMMV, etc.

-- 
Paul E Condon   
pecon...@mesanetworks.net


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140804145217.gb19...@big.lan.gnu

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Lisi Reisz]

On Sunday 03 August 2014 15:48:54 Steve Litt wrote:
> LOL, Kmail2 breaks your entire email universe:
>
> http://troubleshooters.com/lpm/201202/201202.htm

Steve, that article basically refers to KDE4 (Nepomuk? Akonadi? Ubuntu 
11.10?), which we can agree is a monstrosity, IMHO anyway.

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201408041417.17797.lisi.re...@gmail.com

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Eduardo M KALINOWSKI]

On Dom, 03 Ago 2014, Bob Proulx wrote:

The inability of people to deal with digest messages these days is the
main reason I think digests should be removed as a mailing list
option.


+1 to that.

I'd also like a filter that rejects mails that have Re: (and  
variations) in the Subject and no In-Reply-To or References. (That's  
very easy to circumvent, but I guess the people that would have mails  
blocked by that filter are exactly the ones that would have trouble  
with this very simple thing.)


--
Eduardo M KALINOWSKI
edua...@kalinowski.com.br



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: 
https://lists.debian.org/20140804131209.horde.i_qgknuexeaob1-se8r0...@mail.kalinowski.com.br

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Bob Proulx]

Bob Proulx wrote:
> I used a variety of mailers back then and I don't recall which ones
> handled digests nicely and which did not.

I just tested mutt and digests and mutt handles message digests quite
well.  And furthermore because the Debian lists includes the
individual messages as MIME attements it doesn't need to burst the
digest apart first.  That is an improvement over previous digests I
have seen.

To test I subscribed to the digest form of the list in order to get
some digest messages to test.  Looking at a message in mutt I see that
each message comes as an message/rfc822 MIME attachment.

In mutt I view the MIME attachment structure with 'v' in order to see
the individual messages.  I select one message and view it with
.  Mutt displays that message individually.  I can
forward-message, reply, group-reply, list-reply all normally.  Mutt
sets the message headers appropriately.  Everything works.

This should work with any mailer that gives the ability to view MIME
attached message/rfc822 parts individually and list-reply to them.
Don't list-reply to the digest.  Instead list-reply to the individual
message that is MIME attached to the digest.

Bob

P.S. I still think digests are less desirable because I don't see a
way to view the discussion in a threaded view.  Threaded views have
been around for so long that I couldn't live without them.  Of course
Gmail and Outlook users don't have threaded views.  But I am sure that
if they did they wouldn't want to not have them either.


signature.asc
Description: Digital signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Bob Proulx]

David Baron wrote:
> > Replying from the digest breaks threads.  I eschew KDE 4, so I don't know 
> > about KMail in KDE4, but KDE3 KMail does not break threads.
> 
> I do not understand the difference. If I hit reply, so I get the
> title of the digest which I replace with the desired re:  Should
> not this be OK.

It is not okay because you have not set In-Reply-To nor References
properly.  That breaks threading.

> Or is there some header or marker I should be hitting as well?

The inability of people to deal with digest messages these days is the
main reason I think digests should be removed as a mailing list
option.  Since so few people understand how email works it means that
the majority of digest users do things that cause problems.  I know it
isn't malicious.  But it causes problems just the same.  We should
stop offering the option of digest problems.

In the old days of UUCP mail a digest was useful to bundle a bunch of
mail up into one phone call.  In the old days in the mid 1980's one
would receive a message digest for a bundle of messages from the
mailing list for the entire day all in one phone call rather than
individually all throughout the day in possibly several hundred phone
calls.  It was more efficient and didn't tie up the phone long as
long.  IMNHO if you don't have a POTS phone line UUCP connection then
you don't need digests.  :-)   Of course if you are still using a POTS
phone line and UUCP then a tip-of-the-hat to you for keeping such
history alive and running!

In order to read a digest (or at least to reply to a message within
it) one would "burst" the digest open into individual messages.  Or
"undigestify" it.  This splits the single digest into the same
individual messages that we all normally see.  It allows your mailer
to thread messages into discussion threads.  Then reply to the
individual message normally.

I used a variety of mailers back then and I don't recall which ones
handled digests nicely and which did not.  Some possibilities were
Elm, Emacs GNUS or Emacs RMAIL, and other specialized scripts for
dealing with digests.  These days digests are so rarely used that most
mailers do not include the commands needed to burst the digest open
into individual messages anymore.  The user base for such a feature
would be extremely small.  I see it as basically dead technology now.

The digest itself will include the Message-Id of each message.  When
burst apart and replied to individually your mailer will set the
In-Reply-To properly to preserve threading.  Unfortunately the Debian
list digests do not include any References header and so will breaking
threading if there are previous missing messages but that is minor.

To summarize the above, if you are subscribed to the digest then you
should burst it apart into individual messages before replying.  Then
reply to the individual message.  If you understand mail headers and
are doing all of that work manually that is okay too.  But if you are
not doing anything like that then you are causing trouble for all of
the rest of us trying to make sense of your replies.

Bob


signature.asc
Description: Digital signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Brad Rogers]

On Sun, 3 Aug 2014 12:38:16 -0400
AW  wrote:

Hello AW,

>lists.  So, I don't know what I'm doing with regards to top/bottom
>postings, quoting, etc...  There are many good reasons why a particular

Based on  that and what you go on to say, it's obvious you're willing to
learn about what is or isn't acceptable in various places.  Highly
commendable.

On the non-tech lists I referred to in my post there are plenty of
people that simply have no idea how to configure their MUA (or web i/f
if that's what they use).  They simply mash away at the keyboard and
hope for the best.  Even if I had access to the software they use, any
attempt to walk them through a sensible set-up procedure would
undoubtedly fail.  Given the various issues with quote styles, etc. my
strategy is to ignore their posts;  Life's too short to try and fathom
who said what to whom in their mails.  I may miss out on a few gems of
info, but that's my problem.

-- 
 Regards  _
 / )   "The blindingly obvious is
/ _)radnever immediately apparent"
Keep your drink just give em the money
U & Ur Hand - P!nk


signature.asc
Description: PGP signature

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Lisi Reisz]

On Sunday 03 August 2014 15:48:54 Steve Litt wrote:
> On Tue, 29 Jul 2014 21:41:06 +0100
>
> Lisi Reisz  wrote:
> > On Tuesday 29 July 2014 20:09:41 Brian wrote:
> > > When you reply threading is broken. Surely you can see that. Could
> > > be kmail of course.
> >
> > Replying from the digest breaks threads.  I eschew KDE 4, so I don't
> > know about KMail in KDE4, but KDE3 KMail does not break threads.
> >
> > Lisi
>
> LOL, Kmail2 breaks your entire email universe:
>
> http://troubleshooters.com/lpm/201202/201202.htm

LOL  Back in them thar days I wasn't using threading. ;-)

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201408031933.50042.lisi.re...@gmail.com

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[AW]

On Sun, 3 Aug 2014 16:41:17 +0100
Brad Rogers  wrote:

 >Quite an achievement, given that
 >99.% of MUAs quote correctly "out of the box".

I'm fairly old to Debian.  I run a few email servers.  I know the ins
and outs of lots of things.  And yet, I've rarely posted to mailing
lists.  So, I don't know what I'm doing with regards to top/bottom
postings, quoting, etc...  There are many good reasons why a particular
person's mail client is configured to be incompatible with the
"correct" list methodology.  Mine is probably horrible configured -- or
was.  I'm working on getting it "right."  However, this requires a few
test sends, and it also means that regular email to other people needs
to be configured differently.  I know a tremendously large number of
people who truly are angered when they receive a 72 character limited,
bottom posted, indented with > replies...  So, many people don't bother
reconfiguring their mail client just to be "correct"

--Andrew


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/20140803123816.927ed73411035eb443cb0...@1024bits.com

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Brad Rogers]

On Sun, 3 Aug 2014 10:55:00 -0400
Steve Litt  wrote:

Hello Steve,

>Yes, but *not* changing the Subject is an atrocity. I've often thought
>of piping everything with digest type Subjects to /dev/null. Another
>atrocity is these guys who leave the entire digest intact when replying.

I tend to agree with you, Steve.  On a list like this one where people
are, usually quite au fait with the relevant technology.

Unfortunately, I'm subscribed to many, *many* mailing lists that are
populated by people that have no idea how an MUA /actually/ works.  I
see umpteen ways of quoting text, many of which don't show as quoted
here, due to the way it's been done.  Quite an achievement, given that
99.% of MUAs quote correctly "out of the box".   Then there's the
top posting, bottom posting, not trimming, changing the Subject to
(falsely) start a new thread but *not* changing the Subject of the
digest

I could go on.  And on.  Frankly, I've given up.

Personally, I feel that Sheldon Cooper(1) has the right idea;  We
shouldn't kill everyone that can't cope with the technology, but if we
make an example of a few, it'll give the rest incentive to learn.

(1) A 'Big Bang Theory' character for those that don't know.

-- 
 Regards  _
 / )   "The blindingly obvious is
/ _)radnever immediately apparent"
You couldn't find your feet, if you were looking for them
I Don't Like You - Stiff Little Fingers


signature.asc
Description: PGP signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Steve Litt]

On Wed, 30 Jul 2014 09:42:53 +0100
Brad Rogers  wrote:

> On Wed, 30 Jul 2014 10:14:20 +0300
> David Baron  wrote:
> 
> Hello David,
> 
> >Or is there some header or marker I should be hitting as well?
> 
> Reference and/or Reply-To headers.  The digest, depending on /exactly/
> how it as constructed and /exactly/ how you reply, won't necessarily
> carry the right headers to put your response into the original thread.
> In fact, more often than not, they don't.
> 
> Unfortunately, simply changing the Subject to the correct one is
> rarely enough.   :-(

Yes, but *not* changing the Subject is an atrocity. I've often thought
of piping everything with digest type Subjects to /dev/null. Another
atrocity is these guys who leave the entire digest intact when replying.

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140803105500.3b053...@mydesq2.domain.cxm

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Steve Litt]

On Tue, 29 Jul 2014 21:41:06 +0100
Lisi Reisz  wrote:

> On Tuesday 29 July 2014 20:09:41 Brian wrote:
> > When you reply threading is broken. Surely you can see that. Could
> > be kmail of course.
> 
> Replying from the digest breaks threads.  I eschew KDE 4, so I don't
> know about KMail in KDE4, but KDE3 KMail does not break threads.
> 
> Lisi

LOL, Kmail2 breaks your entire email universe:

http://troubleshooters.com/lpm/201202/201202.htm

SteveT

Steve Litt*  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140803104854.7ba6c...@mydesq2.domain.cxm

Re: Network routing on multi-homed system

[Pascal Hambourg]

Hello,

Isaac Freeman a écrit :
> 
> iface eth1 inet static
>   address 172.1.1.40
>   netmask 255.255.255.224
> 
>   # routing
>   post-up ip route add 172.1.1.62/32 dev eth1 src 172.1.1.40 table 
> external
>   post-up ip route add default via 172.1.1.62 table external
>   post-up ip rule add from 172.1.1.40 table external
>   post-down ip rule del from 172.1.1.40 table external

IMO, your special routing is broken. Not all packets with the given
source address should be sent to the gateway, but only packets with a
destination address outside the LAN. Packets with a destination address
inside the LAN should be sent directly.

Either route the LAN prefix using the main table :

post-up ip rule add to 172.1.1.32/27 table main

(to be created after thus inserted before the "from" rule)
or add a direct route for the prefix in the special table :

post-up ip route add 172.1.1.32/27 dev eth1 table external

Same for both interfaces and servers.

Note : the routes to the gateways should not be necessary.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53dd31b7.9080...@plouf.fr.eu.org

Network routing on multi-homed system

[Isaac Freeman]

I'm not subscribed to the list, so please make sure my actual e-mail
address is on copy if you reply.

This is a slightly complicated network routing issue so please bear with me
while I try to organize all the relevant info.

So, I'm setting up a secondary DNS server to act as a slave of my existing
primary. The primary has two NICs each on different subnets which are
VLAN'd and firewalled from each other. One is our external/DMZ, the other
is our internal network. My problem is that I keep getting time-outs trying
to transfer the external zones across the external NICs. Looking at packet
traces what I see happening is that the request packet comes out of the DMZ
NIC on ns1 (the slave (don't ask)) with the DMZ IP as the source and the
DMZ IP of ns2 (master) as the destination. I see the packet come in on ns2,
which generates a response packet coming from the DMZ IP on the DMZ NIC
with ns1's DMZ IP as the destination, *BUT* the destination MAC is that of
the DMZ gateway, not the DMZ NIC on ns1. For some reason ns2 wants to route
the return packet to the gateway instead of directly to ns1 even though
it's on the same subnet.

Now, with a prose outline of the problem out of the way, here it is in
detail (I've redacted/substituted the 172.1.1 prefix for our actual public
IP range in all relevant snippets, etc.)

Internal network: 10.1.10.0/24
ns1 Internal IP (MAC): 10.1.10.105 (00:50:56:8b:70:de)
ns2 Internal IP (MAC): 10.1.10.5 (00:50:56:85:26:6e)
Internal gateway IP (MAC): 10.1.10.254 (00:10:db:ff:10:01)

DMZ network: 172.1.1.32/27
ns1 DMZ IP (MAC): 172.1.1.40 (00:50:56:8b:64:4c)
ns2 DMZ IP (MAC): 172.1.1.41 (00:50:56:85:0b:72)
DMZ gateway IP (MAC): 172.1.1.62 (00:10:db:ff:10:02)

The basic network flow looks like this from ns1's perspective (forgive me
if the formatting gets messed up, I'm unfortunately writing this in Lotus
Notes...):

UDP DNS query: ns2 172.1.1.40 (00:50:56:8b:64:4c) -> ns1 172.1.1.41
(00:50:56:85:0b:72)
ARP query: ns2 00:50:56:8b:64:4c  -> ns1
00:50:56:85:0b:72
ARP reply: ns2 00:50:56:8b:64:4c  <- ns1
00:50:56:85:0b:72
TCP DNS query: ns2 172.1.1.40 (00:50:56:8b:64:4c) -> ns1 172.1.1.41 (
00:50:56:85:0b:72)

Etc, etc... Odd that I get ARP replies from ns2 but not TCP or UDP replies.
However, from the perspective of ns2 I see:
UDP DNS query: ns2 172.1.1.40 (00:50:56:8b:64:4c) -> ns1 172.1.1.41
(00:50:56:85:0b:72)
UDP DNS reply: ns2 172.1.1.40 (00:10:db:ff:10:02) <- ns1 172.1.1.41
(00:50:56:85:0b:72)
ARP query: ns2 00:50:56:8b:64:4c  -> ns1
00:50:56:85:0b:72
ARP reply: ns2 00:50:56:8b:64:4c  <- ns1
00:50:56:85:0b:72
TCP DNS query: ns2 172.1.1.40 (00:50:56:8b:64:4c) -> ns1 172.1.1.41
(00:50:56:85:0b:72)
TCP DNS reply: ns2 172.1.1.40 (00:10:db:ff:10:02) <- ns1 172.1.1.41
(00:50:56:85:0b:72)

Here is what I have in the /etc/network/interfaces for each host:

ns1:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 10.1.10.105
netmask 255.255.255.0
gateway 10.1.10.254

# dns-* options are implemented by the resolvconf package, if
installed
dns-nameservers 10.1.10.105

# routing
post-up ip route add 10.1.10.254/32 dev eth0 src 10.1.10.105 table
internal
post-up ip route add default via 10.1.10.254 table internal
post-up ip rule add from 10.1.10.105 table internal
post-down ip rule del from 10.1.10.105 table internal


allow-hotplug eth1
iface eth1 inet static
    address 172.1.1.40
netmask 255.255.255.224

# routing
post-up ip route add 172.1.1.62/32 dev eth1 src 172.1.1.40 table
external
post-up ip route add default via 172.1.1.62 table external
post-up ip rule add from 172.1.1.40 table external
post-down ip rule del from 172.1.1.40 table external


ns2:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 10.1.10.5
netmask 255.255.255.0
gateway 10.1.10.254

# dns-* options are implemented by the resolvconf package, if
installed
dns-nameservers 10.1.10.5

# routing
post-up ip route add 10.1.10.254/32 dev eth0 src 10.1.10.5 table
internal
post-up ip route add default via 10.1.10.254 table internal
post-up ip rule add from 10.1.10.5 table internal
post-down ip rule del from 10.1.10.5 table internal


allow-hotplug eth1
iface eth1 inet static
    address 172.1.1.41
netmask 25

Re: Threading using digest and KMail (was Re: Exim4 not routing local mail ... )

[Lisi Reisz]

On Wednesday 30 July 2014 08:14:20 David Baron wrote:
> I do not understand the difference. If I hit reply, so I get the title of
> the digest which I replace with the desired re:  Should not this be OK.

No.  It gives rise to a new thread, with the digest data, which is not the 
same as the header data for the individual mails.

This is a perennial problem.  Is there no way you could subscribe properly?

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201407301956.47292.lisi.re...@gmail.com

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Brad Rogers]

On Wed, 30 Jul 2014 08:26:04 -0400
The Wanderer  wrote:

Hello The,

>(References: and In-Reply-To:, surely?)

You are, of course, right.  My brain was waaay ahead of my fingers at
the time.  My apologies for any confusion caused.

-- 
 Regards  _
 / )   "The blindingly obvious is
/ _)radnever immediately apparent"
I don't believe you have to be an idiot to get somewhere these days
Bombsite Boy - The Adverts


signature.asc
Description: PGP signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[The Wanderer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 07/30/2014 04:42 AM, Brad Rogers wrote:

> On Wed, 30 Jul 2014 10:14:20 +0300 David Baron 
> wrote:
> 
> Hello David,
> 
>> Or is there some header or marker I should be hitting as well?
> 
> Reference and/or Reply-To headers.

(References: and In-Reply-To:, surely?)

There was a somewhat more detailed, albeit considerably less concise,
thread discussing this on this list just over a month ago. See here:

https://lists.debian.org/debian-user/2014/06/msg01552.html

- --
   The Wanderer

Secrecy is the beginning of tyranny.

A government exists to serve its citizens, not to control them.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJT2ORbAAoJEASpNY00KDJrZR8P/3QzvbrhsjQvFCrGPioMd3ZJ
gODe4H8DsC9eS/GUwgCdi85pZZhn2Hib+OlyLg0V367EG+GFNeVzsff5FhsPLHTU
gnDHFnbb1xRMJC56B2HEiDkGC7Hd/SswFRsXVHjQsvLouimpyQ13bzTA07VRDE84
7bhQ9ckWPL9E2FUuTht0hrwZ2zCmZsJYaAgeFttgD/NWB6LIW3iRuuiMU9QpxMGR
IAm0kkNq9w1KZljOvNw4lQskHxQFRzGaYrfSuV9b5tBQ6VaI/INdtcSx7MKR7doV
myqhDtd7Y9LQIYRLVIpTHjEmtMpU7gRfH7fGx4GFiQfoeYO7b/CxkerAyllbAnzO
rvzgkB+76INwW0uBubR0naLKx50EOTQJgc+ocxIhYeCSxUELYschrVeDWFYt1P2b
xDgg0e8HdczHYNEKYrdPnOk7X/EVwis4G8pqjK1cmopR48DK9HGg1JBO/b22pYom
kk73wC+IHKJWhRxcKIpW1MflzhM9JrSByH8fAgqj0Mlv2POqqc3jmo2XxXw9/Wpm
goPGOAHRCjCDE7CTQlE3/3hQn0cEA8qQLDP+lQh1YUI4vyjZSGC2aeEWeTZ92/m+
k8SwzN23am3i6T67jTxcvLE8nb1cYwoauG7qG6lvtxeKfV6/usTy/xneDljDYOH6
qVHk0RafkBcpbSP+NYVS
=SUDK
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53d8e45c.50...@fastmail.fm

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[Brad Rogers]

On Wed, 30 Jul 2014 10:14:20 +0300
David Baron  wrote:

Hello David,

>Or is there some header or marker I should be hitting as well?

Reference and/or Reply-To headers.  The digest, depending on /exactly/
how it as constructed and /exactly/ how you reply, won't necessarily
carry the right headers to put your response into the original thread.
In fact, more often than not, they don't.

Unfortunately, simply changing the Subject to the correct one is rarely
enough.   :-(

-- 
 Regards  _
 / )   "The blindingly obvious is
/ _)radnever immediately apparent"
Now I found you out, I don't think you're so smart
Who Are You - Black Sabbath


signature.asc
Description: PGP signature

Re: Threading using digest and kmail (was Re: Exim4 not routing local mail ... )

[David Baron]

On Wednesday 30 July 2014 02:52:38 debian-user-digest-requ...@lists.debian.org 
wrote:
> > When you reply threading is broken. Surely you can see that. Could be
> > kmail of course.
> 
> Replying from the digest breaks threads.  I eschew KDE 4, so I don't know 
> about KMail in KDE4, but KDE3 KMail does not break threads.

I do not understand the difference. If I hit reply, so I get the title of the 
digest which I replace with the desired re:  Should not this be OK.

Or is there some header or marker I should be hitting as well?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/2739965.9pxbZbNjM1@dovidhalevi

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Lisi Reisz]

On Tuesday 29 July 2014 20:09:41 Brian wrote:
> When you reply threading is broken. Surely you can see that. Could be
> kmail of course.

Replying from the digest breaks threads.  I eschew KDE 4, so I don't know 
about KMail in KDE4, but KDE3 KMail does not break threads.

Lisi


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/201407292141.06686.lisi.re...@gmail.com

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Brian]

On Tue 29 Jul 2014 at 21:44:36 +0300, David Baron wrote:

> On Tuesday 29 July 2014 16:23:21 debian-user-digest-requ...@lists.debian.org 
> wrote:
> > system_notification is qualified by the mailname, dovidhalevi.homelinux.net.
> > dovidhalevi.homelinux.net is regarded as a local domain. The mail is routed
> > and transported by procmail.
> >  
> > 
> > > Sure looks in order. But it doesn't work.
> > 
> > The mail is returned. I would look at your procmail setup.
> 
> Will do. It is the same procmailrc I had in the previous installation that 
> did 
> work, however.

Would you also post what 'exim -bt' gives for a a user address; that is,
one that is delivered.

> > (I do not want to make a big thing of this but this series of messages is
> > horribly broken and becoming difficult to follow. It is probably due to your
> > using the digest. Is there a reason why you cannot subscribe to the list?)
> Agreed. I am subscribed to the list.
> Elected to receive it as digests--this is an option.
> What is the difference?

When you reply threading is broken. Surely you can see that. Could be
kmail of course.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/29072014200546.09881984a...@desktop.copernicus.demon.co.uk

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[David Baron]

On Tuesday 29 July 2014 16:23:21 debian-user-digest-requ...@lists.debian.org 
wrote:
> system_notification is qualified by the mailname, dovidhalevi.homelinux.net.
> dovidhalevi.homelinux.net is regarded as a local domain. The mail is routed
> and transported by procmail.
>  
> 
> > Sure looks in order. But it doesn't work.
> 
> The mail is returned. I would look at your procmail setup.

Will do. It is the same procmailrc I had in the previous installation that did 
work, however.
> 
> (I do not want to make a big thing of this but this series of messages is
> horribly broken and becoming difficult to follow. It is probably due to your
> using the digest. Is there a reason why you cannot subscribe to the list?)
Agreed. I am subscribed to the list.
Elected to receive it as digests--this is an option.
What is the difference?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/2054057.5uYv5C2WLr@dovidhalevi

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Brian]

On Mon 28 Jul 2014 at 19:01:16 +0300, David Baron wrote:

> > 'exim -bt ' might help.
> 
> ~$ sudo exim4 -bt system_notification
> R: system_aliases for system_notificat...@dovidhalevi.homelinux.net
> R: userforward for system_notificat...@dovidhalevi.homelinux.net
> R: procmail for system_notificat...@dovidhalevi.homelinux.net
> system_notificat...@dovidhalevi.homelinux.net
>   router = procmail, transport = procmail_pipe

system_notification is qualified by the mailname, dovidhalevi.homelinux.net.
dovidhalevi.homelinux.net is regarded as a local domain. The mail is routed
and transported by procmail.
 
> Sure looks in order. But it doesn't work.

The mail is returned. I would look at your procmail setup.

(I do not want to make a big thing of this but this series of messages is
horribly broken and becoming difficult to follow. It is probably due to your
using the digest. Is there a reason why you cannot subscribe to the list?)


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140729143908.gg19...@copernicus.demon.co.uk

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[David Baron]

On Monday 28 July 2014 17:38:14 debian-user-digest-requ...@lists.debian.org 
wrote:
> Are you sure there is a route from (i) whichever machine has the alias 
> record, and (ii) whichever machine is reached, on port 25, at the IP 
> address in an MX record at
> dovidhalevi.homelinux.net
> or, if there is no MX record, whatever machine is reached on port 25 
> at the IP address pointed to by
> dovidhalevi.homelinux.net ?

I am not sure I understand the question. In any event, this routing is meant 
for internal mail only.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/8425823.LLvu8mB5GH@dovidhalevi

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Ron Leach]

On 28/07/2014 17:01, David Baron wrote:

~$ sudo exim4 -bt root
R: system_aliases for r...@dovidhalevi.homelinux.net
R: system_aliases for system_notificat...@dovidhalevi.homelinux.net
R: userforward for system_notificat...@dovidhalevi.homelinux.net
R: procmail for system_notificat...@dovidhalevi.homelinux.net
system_notificat...@dovidhalevi.homelinux.net
 <-- r...@dovidhalevi.homelinux.net
   router = procmail, transport = procmail_pipe''

~$ sudo exim4 -bt system_notification
R: system_aliases for system_notificat...@dovidhalevi.homelinux.net
R: userforward for system_notificat...@dovidhalevi.homelinux.net
R: procmail for system_notificat...@dovidhalevi.homelinux.net
system_notificat...@dovidhalevi.homelinux.net
   router = procmail, transport = procmail_pipe

Sure looks in order. But it doesn't work.




Are you sure there is a route from (i) whichever machine has the alias 
record, and (ii) whichever machine is reached, on port 25, at the IP 
address in an MX record at

dovidhalevi.homelinux.net
or, if there is no MX record, whatever machine is reached on port 25 
at the IP address pointed to by

dovidhalevi.homelinux.net ?

I had a similar problem to this, when using a NAT router on an ADSL 
line, behind which was my exim server.  The exim server tried to find
xxx.homelinux.net, found an IP address for it from DNS, tried to reach 
the address, but the ADSL router would not - for some reason - accept 
outgoing SMTP packets back into itself on port 25, whether looped back 
itself, or tromboned by a router upstream in the ISP's network.  Or 
maybe tromboning like that was blocked by the ISP.  Whatever the 
reason, I solved the problem in either of 2 ways.


(a) Routed outbound SMTP on a different route, different IP, than the 
IP that xxx.homelinux.net pointed to (I used a 3G network), or
(b) set /etc/hosts on the exim machine to point xxx.homelinux.net to 
itself so that exim made no attempt to signal externally.


You may already have checked this, but this just seems to me to have a 
sense of being a routing problem, rather than an mailserver problem.


Apologies if I'm off-track there.


regards, Ron


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: https://lists.debian.org/53d677d4.9010...@tesco.net

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[David Baron]

On Monday 28 July 2014 15:21:36 debian-user-digest-requ...@lists.debian.org 
wrote:
> > Now, if I simply send to a user, the mail will be delivered.
> > If I simply send to "root," it gets correctly aliased over to 
> > "system_notifications," but then gets returned!
> >
> > 
> >
> > So original problem remains !?!
> 
> 'exim -bt ' might help.

~$ sudo exim4 -bt root
R: system_aliases for r...@dovidhalevi.homelinux.net
R: system_aliases for system_notificat...@dovidhalevi.homelinux.net
R: userforward for system_notificat...@dovidhalevi.homelinux.net
R: procmail for system_notificat...@dovidhalevi.homelinux.net
system_notificat...@dovidhalevi.homelinux.net
<-- r...@dovidhalevi.homelinux.net
  router = procmail, transport = procmail_pipe''

~$ sudo exim4 -bt system_notification
R: system_aliases for system_notificat...@dovidhalevi.homelinux.net
R: userforward for system_notificat...@dovidhalevi.homelinux.net
R: procmail for system_notificat...@dovidhalevi.homelinux.net
system_notificat...@dovidhalevi.homelinux.net
  router = procmail, transport = procmail_pipe

Sure looks in order. But it doesn't work.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/2153879.IyOjCRrjZ7@dovidhalevi

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Brian]

On Mon 28 Jul 2014 at 10:34:04 +0300, David Baron wrote:

> On Sunday 27 July 2014 23:45:44 debian-user-digest-requ...@lists.debian.org 
> wrote:
> > > >   /etc/mailname
> > > 
> > > localhost.localdomain
> > >
> > > 
> > >
> > > This is the first answer on the reconfig, probably should not be this?
> > 
> > This is not ok. Exim uses what is in /etc/mailname to qualify an address
> > without a domain name. For example, if the mail is sent to david then
> > exim cannot let it go out like that so will add localhost.localdomain
> > and send it david@localhost.localdomain. smtp.012.net.il will be unable
> > to deliver it because localhost.localdomain in not in the DNS. The mail
> > should be returned to you.
> 
> Thought so. Why was that even offered? I had replaced it previously with the 
> proper domain so did so again.

It was offered because your system was set up tell exim what the
mailname was when it asked.

> Now, if I simply send to a user, the mail will be delivered.
> If I simply send to "root," it gets correctly aliased over to 
> "system_notifications," but then gets returned!
> 
> So original problem remains !?!

'exim -bt ' might help.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/28072014145715.2d781cca7...@desktop.copernicus.demon.co.uk

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Curt]

On 2014-07-28, David Baron  wrote:
>
> Now, if I simply send to a user, the mail will be delivered.
> If I simply send to "root," it gets correctly aliased over to 
> "system_notifications," but then gets returned!

I don't know what "aliased over to system notifications" means, but "the
forwarding of mail for root to the regular user account is configured in
/etc/aliases."

In other words

root: localuser_you_want_to_receive_root's_mail


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/slrnltcg40.2l1.cu...@einstein.electron.org

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[David Baron]

On Sunday 27 July 2014 23:45:44 debian-user-digest-requ...@lists.debian.org 
wrote:
> > >   /etc/mailname
> > 
> > localhost.localdomain
> >
> > 
> >
> > This is the first answer on the reconfig, probably should not be this?
> 
> This is not ok. Exim uses what is in /etc/mailname to qualify an address
> without a domain name. For example, if the mail is sent to david then
> exim cannot let it go out like that so will add localhost.localdomain
> and send it david@localhost.localdomain. smtp.012.net.il will be unable
> to deliver it because localhost.localdomain in not in the DNS. The mail
> should be returned to you.

Thought so. Why was that even offered? I had replaced it previously with the 
proper domain so did so again.

Now, if I simply send to a user, the mail will be delivered.
If I simply send to "root," it gets correctly aliased over to 
"system_notifications," but then gets returned!

So original problem remains !?!


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/2338197.LsyDOn3Mkp@dovidhalevi

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[Brian]

On Sun 27 Jul 2014 at 17:34:54 +0300, David Baron wrote:

> #dc_eximconfig_configtype='internet'
> dc_eximconfig_configtype='smarthost'
> dc_other_hostnames='dovidhalevi.homelinux.net'
> dc_local_interfaces=''
> #dc_readhost='d_baron'
> dc_readhost='dovidhalevi.homelinux.net'
> dc_relay_domains=''
> dc_minimaldns='false'
> dc_relay_nets=''
> dc_smarthost='smtp.012.net.il'
> CFILEMODE='644'
> ec_use_split_config='true'
> dc_hide_mailname='true'
> dc_mailname_in_oh='true'
> dc_localdelivery='mail_spool'
> dc_use_split_config='true'

Looks ok. Apart from the line "ec_use_split_config='true'". You have
"dc_use_split_config='true'"; I do not know what "ec" is. Probably no
harm is done.

> 127.0.0.1   localhost
> 127.0.1.1   dovidhalevi.homelinux.net   dovidhalevi

Again looks ok. "homelinux.net" is some sort of dyndns thing, isn't it?

> >   /etc/mailname
> localhost.localdomain
> 
> This is the first answer on the reconfig, probably should not be this?

This is not ok. Exim uses what is in /etc/mailname to qualify an address
without a domain name. For example, if the mail is sent to david then
exim cannot let it go out like that so will add localhost.localdomain
and send it david@localhost.localdomain. smtp.012.net.il will be unable
to deliver it because localhost.localdomain in not in the DNS. The mail
should be returned to you.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140727154848.ga19...@copernicus.demon.co.uk

Re: Exim4 not routing local mail, even after exim4-config (was New 64bit installation: Exim4 Send to Root)

[David Baron]

> > Cannot send mail to user@localhost.localdomain. Fully formed address will 
> > work.
> 
> What is a "Fully formed address"? Please post here the contents of
Something with real name@hostname.domainname rather than 
localhost.localdomain.

> 
>   /etc/exim4/update-exim4.conf.conf

#dc_eximconfig_configtype='internet'
dc_eximconfig_configtype='smarthost'
dc_other_hostnames='dovidhalevi.homelinux.net'
dc_local_interfaces=''
#dc_readhost='d_baron'
dc_readhost='dovidhalevi.homelinux.net'
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost='smtp.012.net.il'
CFILEMODE='644'
ec_use_split_config='true'
dc_hide_mailname='true'
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
dc_use_split_config='true'


> 
>   /etc/hosts
127.0.0.1   localhost
127.0.1.1   dovidhalevi.homelinux.net   dovidhalevi

# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
> 
>   /etc/mailname
localhost.localdomain

This is the first answer on the reconfig, probably should not be this?


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/2157501.ngKmkL0SEh@dovidhalevi

Re: Exim4 not routing local mail, even after exim4-config

[Brian]

On Sun 27 Jul 2014 at 14:06:21 +0300, David Baron wrote:

> Cannot send mail to user@localhost.localdomain. Fully formed address will 
> work.

What is a "Fully formed address"? Please post here the contents of

  /etc/exim4/update-exim4.conf.conf

  /etc/hosts

  /etc/mailname
 
> Applications such as rkhunter and cron-apt that send mail to root--mail is 
> not 
> received. There is a "system_notification" user and root is aliased to this. 
> Explicit send to root using "mail" fails regardless of whether address is 
> fully formed.

You have an unfinished thread already dealing with this issue.

  https://lists.debian.org/debian-user/2014/07/msg01219.html
> 
> Will get message rejected/timed out error message in some of these cases 
> after 
> a long while.

Too vague to be of help.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/27072014123618.c119fe131...@desktop.copernicus.demon.co.uk

Exim4 not routing local mail, even after exim4-config

[David Baron]

Cannot send mail to user@localhost.localdomain. Fully formed address will 
work.

Applications such as rkhunter and cron-apt that send mail to root--mail is not 
received. There is a "system_notification" user and root is aliased to this. 
Explicit send to root using "mail" fails regardless of whether address is 
fully formed.

Will get message rejected/timed out error message in some of these cases after 
a long while.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1495384.Hj3ZI8nz9e@dovidhalevi

Routing issue with XEN / XCP

[Andy Hawkins]

Hi all,

I have an XCP host based on Debian, that contains a number of virtual
machines for my internal network. A basic diagram of my network is here:

https://www.gently.org.uk/gently-network.jpeg

The 'gateway' vm is the only thing connected directly to the cable modem.
eth0 receives its IP address via DHCP. eth1 is a fixed 'internal'
(192.168.x.x) address, as are the ip addresses of the 'mailnews' vm, and
seperate (physical) NAS server and other machines on the internal network.

The gateway contains firewall rules to forward incoming traffic from the
internet to appropriate internal machines, allow ssh access, imap etc.

Up until recently, all was working perfectly. Last week I accidentally
rebooted the xcp host machine (typing reboot into the wrong console window!)
and since then I've been experiencing some odd behaviour:

1. From the internet, I can use the port forwarded SSH port connected to the
NAS server to perform file transfers from the NAS.

2. From any virtual machine on the XCP host, I can perform ssh transfers
from any other machine in my network (including other virtual machines on
the same XCP host).

3. If I try to perform the same transfer from the internet to the ssh port
on (say) the 'mailnews' virtual machine, I get next to no traffic at all. It
appears that a few packets will flow initially, but the connection then
stalls.

As far as I can tell all the iptables rules for forwarding are set up
correctly in the 'gateway' virtual machine (as I can successfully make
transfers from the internet to the nas server). However, any ports that are
forwarded to virtual machines on the XCP hosts show this slow behaviour.

I should point out that it's not just ssh traffic that's affected. If I use
(for example) Thunderbird from my work PC to access the imap server on the
'mailnews' virtual machine, I see the same stalling behaviour. 

Today I've installed the perdition imap proxy on the NAS machine, and
changed the forwarding rule on 'gateway' such that incoming imap traffic is
sent to the imap port on 'nas', which then makes a connection to the
'mailnews' imap port. This works perfectly, with no speed issues.

It seems to me that something is confusing the networking side of the XEN /
XCP machine, in that packets that are rewritten by iptables on the 'gateway'
machine are not being correctly handled, causing the slow connections.

Can anyone offer any suggestions as to what I can try to work out what's
going on? As I said, as far as I'm aware no changes were made other than a
reboot of the xcp host. I've even tried going back in kernel versions on
both 'gateway' vm and xcp host, without any success (that's about the only
thing I can think that would have changed as a result of the reboot).

Thanks in advance for any advice you can offer. Pointers to documentation or
more appropriate places to ask are appreciated if necessary.

Cheers

Andy


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/slrnlt4t4c.leu.a...@xcp-mailnews.gently.org.uk

Re: wireless routing broken after recent sid update

[Paul Scott]

On Wed, Jul 23, 2014 at 11:09:48PM +0200, Pascal Hambourg wrote:
> Paul Scott a écrit :
> > On Wed, Jul 23, 2014 at 09:28:41AM +0200, Pascal Hambourg wrote:
> >> As a workaround until an update fixes the bug, I guess you can manually
> >> disable the wired ethernet interface in NetworkManager when you don't
> >> use it.
> > 
> > Do mean in /etc/network/interfaces?
> 
> No. I wrote "in NetworkManager". By default it only manages interfaces
> not defined in /etc/network/interfaces.

Thank you.  That may have worked.  (I've only tried it once).

Paul



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140723222852.GA5987@joyhome

Re: wireless routing broken after recent sid update

[Pascal Hambourg]

Paul Scott a écrit :
> On Wed, Jul 23, 2014 at 09:28:41AM +0200, Pascal Hambourg wrote:
>> As a workaround until an update fixes the bug, I guess you can manually
>> disable the wired ethernet interface in NetworkManager when you don't
>> use it.
> 
> Do mean in /etc/network/interfaces?

No. I wrote "in NetworkManager". By default it only manages interfaces
not defined in /etc/network/interfaces.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53d0249c.8030...@plouf.fr.eu.org

Re: wireless routing broken after recent sid update

[Paul Scott]

On Wed, Jul 23, 2014 at 09:28:41AM +0200, Pascal Hambourg wrote:
> Paul Scott a écrit :
> > On Tue, Jul 22, 2014 at 08:36:04PM +0200, Pascal Hambourg wrote:
> >>>
> >>> route gives me:
> >>>
> >>> Destination Gateway Genmask Flags Metric RefUse 
> >>> Iface
> >>> default *   0.0.0.0 U 1002   00 
> >>> eth0
> >> You have a bogus default route on eth0. It has a lower metric (higher
> >> priority) than the one on wlan0 and basically says that the whole
> >> internet address space is on the LAN connected to eth0.
> >> Get rid of it.
> > 
> > This is generated automatically by the system (network-manager, 
> > or network-manager-gnome).  Do you know where this happens?
> 
> No. But hey, this is sid.
> As a workaround until an update fixes the bug, I guess you can manually
> disable the wired ethernet interface in NetworkManager when you don't
> use it.

Do mean in /etc/network/interfaces?
It is disabled there now.

Interestly I just booted Linux to find wireless not routing to the Internet.
I then booted to Windows.  When I booted back to Linux wireless routing 
was working correctly.

Paul



-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140723173002.GB3071@joyhome

Re: wireless routing broken after recent sid update

[Pascal Hambourg]

Paul Scott a écrit :
> On Tue, Jul 22, 2014 at 08:36:04PM +0200, Pascal Hambourg wrote:
>>>
>>> route gives me:
>>>
>>> Destination Gateway Genmask Flags Metric RefUse 
>>> Iface
>>> default *   0.0.0.0 U 1002   00 eth0
>> You have a bogus default route on eth0. It has a lower metric (higher
>> priority) than the one on wlan0 and basically says that the whole
>> internet address space is on the LAN connected to eth0.
>> Get rid of it.
> 
> This is generated automatically by the system (network-manager, 
> or network-manager-gnome).  Do you know where this happens?

No. But hey, this is sid.
As a workaround until an update fixes the bug, I guess you can manually
disable the wired ethernet interface in NetworkManager when you don't
use it.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53cf6429.6080...@plouf.fr.eu.org

Re: wireless routing broken after recent sid update

[Paul Scott]

On Tue, Jul 22, 2014 at 02:23:12PM -0700, Paul Scott wrote:
> On Tue, Jul 22, 2014 at 10:56:55PM +0200, B wrote:
> > On Tue, 22 Jul 2014 13:19:12 -0700
> > Paul Scott  wrote:
> > 
> > > No change.
> > > 
> > > > Also set a DHCP server up (link-local shouldn't be there).
> > > 
> > > I am using isc-dhcp-client.
> > 
> > Ok, but is there a functional DHCP _server_ on your LAN?
> 
> Yes.  This laptop installation worked fine until a couple of weeks 
> ago.
> 
> Wireless is now working again after reinstalling netwotk-manager-gnome.

Wireless routing is broken again.  It appears that connecting with ethernet 
may fix the routing so that I can remove the cable and then connect 
wirelessly.  Booting and letting network-manager use its defaults to 
connect wirelessly fails.  I can still ssh to the server wirelessly.

Paul

> (Wired hadn't stopped working)
> 
> route now gives:
> 
> Destination Gateway Genmask Flags Metric RefUse Iface
> default 192.168.0.1 0.0.0.0 UG1024   00 wlan0
> link-local  *   255.255.0.0 U 1000   00 wlan0
> 192.168.0.0 *   255.255.255.0   U 0  00 wlan0
> 
> > 
> > Join your /etc/network/interfaces
> 
> ???
> 
> Thank you,
> 
> Paul
> 
> 
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: https://lists.debian.org/20140722212312.GA19444@joyhome
> 
> 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140723071157.GA22847@joyhome

solved Re: wireless routing broken after recent sid update

[Paul Scott]

On Tue, Jul 22, 2014 at 10:56:55PM +0200, B wrote:
> On Tue, 22 Jul 2014 13:19:12 -0700
> Paul Scott  wrote:
> 
> > No change.
> > 
> > > Also set a DHCP server up (link-local shouldn't be there).
> > 
> > I am using isc-dhcp-client.
> 
> Ok, but is there a functional DHCP _server_ on your LAN?

Yes.  This laptop installation worked fine until a couple of weeks 
ago.

Wireless is now working again after reinstalling netwotk-manager-gnome.
(Wired hadn't stopped working)

route now gives:

Destination Gateway Genmask Flags Metric RefUse Iface
default 192.168.0.1 0.0.0.0 UG1024   00 wlan0
link-local  *   255.255.0.0 U 1000   00 wlan0
192.168.0.0 *   255.255.255.0   U 0  00 wlan0

> 
> Join your /etc/network/interfaces

???

Thank you,

Paul





-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140722212312.GA19444@joyhome

Re: wireless routing broken after recent sid update

[Bzzzz]

On Tue, 22 Jul 2014 13:19:12 -0700
Paul Scott  wrote:

> No change.
> 
> > Also set a DHCP server up (link-local shouldn't be there).
> 
> I am using isc-dhcp-client.

Ok, but is there a functional DHCP _server_ on your LAN?

Join your /etc/network/interfaces

-- 
Nikos : if theree was alcooohlin whyskt we''d kownn


signature.asc
Description: PGP signature

Re: wireless routing broken after recent sid update

[Paul Scott]

On Tue, Jul 22, 2014 at 08:36:04PM +0200, Pascal Hambourg wrote:
> Paul Scott a écrit :
> > 
> > I have a sid system on this laptop that I keep updated.  A week or two 
> > ago an update broke my ability to connect to the Internet through wireless 
> > access points.  I am now connected wirelessly to my server with ssh 
> > and can access the Internet.  
> > 
> > route gives me:
> > 
> > Destination Gateway Genmask Flags Metric RefUse 
> > Iface
> > default *   0.0.0.0 U 1002   00 eth0
> 
> You have a bogus default route on eth0. It has a lower metric (higher
> priority) than the one on wlan0 and basically says that the whole
> internet address space is on the LAN connected to eth0.
> Get rid of it.

This is generated automatically by the system (network-manager, 
or network-manager-gnome).  Do you know where this happens?

Thank you,

Paul

> 
> > default 192.168.0.1 0.0.0.0 UG1024   00 
> > wlan0
> > link-local  *   255.255.0.0 U 0  00 eth0
> > link-local  *   255.255.0.0 U 1000   00 
> > wlan0
> > 192.168.0.0 *   255.255.255.0   U 0  00 
> > wlan0
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> Archive: https://lists.debian.org/53ceaf14.4070...@plouf.fr.eu.org
> 
> 


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140722202327.GA4063@joyhome

Re: wireless routing broken after recent sid update

[Paul Scott]

On Tue, Jul 22, 2014 at 08:30:19PM +0200, B wrote:
> On Tue, 22 Jul 2014 11:04:16 -0700
> Paul Scott  wrote:
> 
> > Destination Gateway Genmask Flags Metric
> > RefUse Iface default *   0.0.0.0
> > U 1002   00 eth0 default 192.168.0.1
> > 0.0.0.0 UG1024   00 wlan0 link-local
> > *   255.255.0.0 U 0  00 eth0
> > link-local  *   255.255.0.0 U 1000
> > 00 wlan0 192.168.0.0 *   255.255.255.0
> > U 0  00 wlan0
> 
> Looks like you have a mix of static & dynamic conf.
> Try to use network-mgr ONLY (so, comment all references to
> eth0 into /etc/network/interfaces OR allow eth0 management
> by network-mgr (never tested)).

No change.

> Also set a DHCP server up (link-local shouldn't be there).

I am using isc-dhcp-client.

Thank you,

Paul

> 
> -- 
>  Fed up with live
>  You're right, you're 16, your future's before you, no money
>  problems, a PC, food, a web access, a hot bedroom, a family,
>  Christmas gifts, may be pocket money, only some homework to
>  do when back to home given by boring teachers, friends, 
>  a plasma TV, a Wii, but life is not fair, I understand you…
>  I don't have a Wii yet
>  Damn you…




-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140722201912.GA3942@joyhome

Re: wireless routing broken after recent sid update

[Pascal Hambourg]

Paul Scott a écrit :
> 
> I have a sid system on this laptop that I keep updated.  A week or two 
> ago an update broke my ability to connect to the Internet through wireless 
> access points.  I am now connected wirelessly to my server with ssh 
> and can access the Internet.  
> 
> route gives me:
> 
> Destination Gateway Genmask Flags Metric RefUse Iface
> default *   0.0.0.0 U 1002   00 eth0

You have a bogus default route on eth0. It has a lower metric (higher
priority) than the one on wlan0 and basically says that the whole
internet address space is on the LAN connected to eth0.
Get rid of it.

> default 192.168.0.1 0.0.0.0 UG1024   00 wlan0
> link-local  *   255.255.0.0 U 0  00 eth0
> link-local  *   255.255.0.0 U 1000   00 wlan0
> 192.168.0.0 *   255.255.255.0   U 0  00 wlan0


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53ceaf14.4070...@plouf.fr.eu.org

Re: wireless routing broken after recent sid update

[laurent debian]

Le 22/07/2014 14:30, B a écrit :

On Tue, 22 Jul 2014 11:04:16 -0700
Paul Scott  wrote:


Destination Gateway Genmask Flags Metric
RefUse Iface default *   0.0.0.0
U 1002   00 eth0 default 192.168.0.1
0.0.0.0 UG1024   00 wlan0 link-local
*   255.255.0.0 U 0  00 eth0
link-local  *   255.255.0.0 U 1000
00 wlan0 192.168.0.0 *   255.255.255.0
U 0  00 wlan0

Looks like you have a mix of static & dynamic conf.
Try to use network-mgr ONLY (so, comment all references to
eth0 into /etc/network/interfaces OR allow eth0 management
by network-mgr (never tested)).
Also set a DHCP server up (link-local shouldn't be there).

I have a similar problems don't have any ideas if it is related or not 
but here it is :


/hi all, /
/Yesterday I finally upgraded my sid which I did not do for a while (i.e 
: +- 800 ppackages ) since I was lazy I did not notice aptitude was 
proposing to delete the all kde in order to do the upgrade. Since this 
is  the D.E.  I use i just reinstall it after next boot. /
/But now I cannot connect to wifi anymore and Kwallet does not seems to 
open properly. Precisely: /

//
/-Kwallet manager  after I enter my password return something like 
(translated) : /
/error while attempting to connect to "Kwallet". Please retry. (error 
code - 3 ; this is it not a wallet file ) /

//
/-network manager : if i just close Kwallet and try to enter the key for 
the wifi It just hangs a bit before re-asking the Key /

/the corresponding syslog is : /
//
/ Activation (wlan0) starting connection '' /
/ Activation (wlan0) Stage 1 of 5 (Device Prepare) scheduled... /
/ Activation (wlan0) Stage 1 of 5 (Device Prepare) started... /
/ (wlan0): device state change: disconnected -> prepare (reason 'none') 
[30 40 0] /

/ Activation (wlan0) Stage 2 of 5 (Device Configure) scheduled... /
/ Activation (wlan0) Stage 1 of 5 (Device Prepare) complete. /
/ Activation (wlan0) Stage 2 of 5 (Device Configure) starting... /
/ (wlan0): device state change: prepare -> config (reason 'none') [40 50 
0] /
/ Activation (wlan0/wireless): access point '' has security, 
but secrets are required. /
/ (wlan0): device state change: config -> need-auth (reason 'none') [50 
60 0] /

/ Activation (wlan0) Stage 2 of 5 (Device Configure) complete. /
/(NetworkManager:559): libnm-util-CRITICAL **: get_secret_flags: 
assertion 'is_secret_prop (setting, secret_name, error)' failed /

/.. /
//
/Any help would be appreciated. /
/cheers. /
/Laurent. /

Re: wireless routing broken after recent sid update

[Bzzzz]

On Tue, 22 Jul 2014 11:04:16 -0700
Paul Scott  wrote:

> Destination Gateway Genmask Flags Metric
> RefUse Iface default *   0.0.0.0
> U 1002   00 eth0 default 192.168.0.1
> 0.0.0.0 UG1024   00 wlan0 link-local
> *   255.255.0.0 U 0  00 eth0
> link-local  *   255.255.0.0 U 1000
> 00 wlan0 192.168.0.0 *   255.255.255.0
> U 0  00 wlan0

Looks like you have a mix of static & dynamic conf.
Try to use network-mgr ONLY (so, comment all references to
eth0 into /etc/network/interfaces OR allow eth0 management
by network-mgr (never tested)).
Also set a DHCP server up (link-local shouldn't be there).

-- 
 Fed up with live
 You're right, you're 16, your future's before you, no money
 problems, a PC, food, a web access, a hot bedroom, a family,
 Christmas gifts, may be pocket money, only some homework to
 do when back to home given by boring teachers, friends, 
 a plasma TV, a Wii, but life is not fair, I understand you…
 I don't have a Wii yet
 Damn you…


signature.asc
Description: PGP signature

wireless routing broken after recent sid update

[Paul Scott]

Hi All,

I have a sid system on this laptop that I keep updated.  A week or two 
ago an update broke my ability to connect to the Internet through wireless 
access points.  I am now connected wirelessly to my server with ssh 
and can access the Internet.  

route gives me:

Destination Gateway Genmask Flags Metric RefUse Iface
default *   0.0.0.0 U 1002   00 eth0
default 192.168.0.1 0.0.0.0 UG1024   00 wlan0
link-local  *   255.255.0.0 U 0  00 eth0
link-local  *   255.255.0.0 U 1000   00 wlan0
192.168.0.0 *   255.255.255.0   U 0  00 wlan0

TIA for any ideas,

Paul Scott




-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140722180416.GA2361@joyhome

Re: Multi WAN Routing

[Pascal Hambourg]

Darac Marjal a écrit :
> On Thu, Aug 22, 2013 at 12:11:38PM +0200, basti wrote:
> 
>>  - where do I place the code for multiple routing
>>(ip route add default scope global nexthop via 1.0.0.2 dev eth1 weight 1 
>> nexthop via 2.0.0.2 eth2 weight 1)
[...]
>>  - did this setup runing with SSL or SSH connections? (while the connection 
>> is keep alive they must use the same route i think?)
> 
> Yes. The routing is done one a per-connection basis.

No. The multipath routing is done on a per source+destination address
pair basis. All communications between the same source and destination
addresses will use the same route. So the balancing works well only with
multiple sources or destinations.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/52189290.1040...@plouf.fr.eu.org

Re: Multi WAN Routing

[Jeremy T. Bouse]

It sounds like what you're looking for is Policy Based Routing (PBR). 
The LARTC howto link you mentioned below is actually what I did when I 
setup a Linux laptop with a trunk interface connected to several 
different VLANs that I needed to route between.


On 22.08.2013 06:11, basti wrote:

Hallo,

i will try a Multi-WAN-Routing.

It look like:

LAN -- Router (Debian squeeze) -- ISP Line 1
 |- ISP Line 2

The ISP- Ip's are static.

Here some links i have found:


http://www.debian-administration.org/article/377/Routing_for_multiple_uplinks
http://code.google.com/p/muggles/
http://lartc.org/howto/lartc.rpdb.multiple-links.html

http://maltekueppers.de/wp/?p=1346
http://maltekueppers.de/wp/?p=1363

At the moment my routing table looks like:
rtr-0002:/var/log# route -n
Kernel-IP-Routentabelle
Ziel Router Genmask Flags Metric Ref Use
Iface
217.0.111.222 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
rtr-0002:/var/log#
rtr-0002:/var/log# ip route show
217.0.111.222 dev ppp0 proto kernel scope link src 111.222.333.444
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1
default dev ppp0 scope link
rtr-0002:/var/log#
rtr-0002:/var/log# ifconfig ppp0
ppp0 Link encap:Punkt-zu-Punkt-Verbindung
 inet Adresse:111.222.333.444 P-z-P:217.0.111.222
Maske:255.255.255.255
 UP PUNKTZUPUNKT RUNNING NOARP MULTICAST MTU:1492 Metrik:1
 RX packets:2885981 errors:0 dropped:0 overruns:0 frame:0
 TX packets:2125651 errors:0 dropped:0 overruns:0 carrier:0
 Kollisionen:0 Sendewarteschlangenlänge:3
 RX bytes:2957960607 (2.7 GiB) TX bytes:347600931 (331.4 MiB)

nx4-rtr-0002:/var/log#

At the moment I use ppp (pon/poff) dail up.
Not clear thinks are:

- how do 2 PPPoE connections at the same time?
- where do I place the code for multiple routing
 (ip route add default scope global nexthop via 1.0.0.2 dev eth1
weight 1 nexthop via 2.0.0.2 eth2 weight 1)
- did this setup runing with SSL or SSH connections? (while the
connection is keep alive they must use the same route i think?)

Thanks,
regards Basti



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/b05aba118909c43839f3c93e2624a...@undergrid.net

Re: Multi WAN Routing

[Darac Marjal]

On Thu, Aug 22, 2013 at 12:11:38PM +0200, basti wrote:
>  Hallo,
> 
>  i will try a Multi-WAN-Routing.
> 
>  It look like:
> 
>  LAN -- Router (Debian squeeze) -- ISP Line 1
> |- ISP Line 2
> 
>  The ISP- Ip's are static.
> 
>  Here some links i have found:
> 
>  
> [1]http://www.debian-administration.org/article/377/Routing_for_multiple_uplinks
>  [2]http://code.google.com/p/muggles/
>  [3]http://lartc.org/howto/lartc.rpdb.multiple-links.html
> 
>  [4]http://maltekueppers.de/wp/?p=1346
>  [5]http://maltekueppers.de/wp/?p=1363
> 
>  At the moment my routing table looks like:
>  rtr-0002:/var/log# route -n
>  Kernel-IP-Routentabelle
>  ZielRouter  Genmask Flags Metric RefUse
>  Iface
>  217.0.111.222   0.0.0.0 255.255.255.255 UH0  00 ppp0
>  192.168.1.0 0.0.0.0 255.255.255.0   U 0  00 eth0
>  0.0.0.0 0.0.0.0 0.0.0.0 U 0  00 ppp0
>  rtr-0002:/var/log#
>  rtr-0002:/var/log# ip route show
>  217.0.111.222 dev ppp0  proto kernel  scope link  src 111.222.333.444
>  192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.1
>  default dev ppp0  scope link
>  rtr-0002:/var/log#
>  rtr-0002:/var/log# ifconfig ppp0
>  ppp0  Link encap:Punkt-zu-Punkt-Verbindung
>inet Adresse:111.222.333.444  P-z-P:217.0.111.222 
> Maske:255.255.255.255
>UP PUNKTZUPUNKT RUNNING NOARP MULTICAST  MTU:1492  Metrik:1
>RX packets:2885981 errors:0 dropped:0 overruns:0 frame:0
>TX packets:2125651 errors:0 dropped:0 overruns:0 carrier:0
>Kollisionen:0 Sendewarteschlangenlänge:3
>RX bytes:2957960607 (2.7 GiB)  TX bytes:347600931 (331.4 MiB)
> 
>  nx4-rtr-0002:/var/log#
> 
>  At the moment I use ppp (pon/poff) dail up.
>  Not clear thinks are:
> 
>  - how do 2 PPPoE connections at the same time?

Add another PPP provider (/etc/ppp/providers, I think). You can then
call "pon ISP1" and "pon ISP2" (or however you call them).

>  - where do I place the code for multiple routing
>(ip route add default scope global nexthop via 1.0.0.2 dev eth1 weight 1 
> nexthop via 2.0.0.2 eth2 weight 1)

Probably the best place would be in a new script in /etc/ppp/ip-up.d/
That way it the routing table is adjusted only when the connection comes
up. You should look at the documentation on the scripts there,
especially if you want to be able to adapt to only using one ISP (for
example, it should be possible for the script to know WHICH ISP just
came up and adjust accordingly)

>  - did this setup runing with SSL or SSH connections? (while the connection 
> is keep alive they must use the same route i think?)

Yes. The routing is done one a per-connection basis.
> 


signature.asc
Description: Digital signature

Multi WAN Routing

[basti]

Hallo,

i will try a Multi-WAN-Routing.

It look like:

LAN -- Router (Debian squeeze) -- ISP Line 1
   |- ISP Line 2

The ISP- Ip's are static.

Here some links i have found:

http://www.debian-administration.org/article/377/Routing_for_multiple_uplinks
http://code.google.com/p/muggles/
http://lartc.org/howto/lartc.rpdb.multiple-links.html

http://maltekueppers.de/wp/?p=1346
http://maltekueppers.de/wp/?p=1363

At the moment my routing table looks like:
rtr-0002:/var/log# route -n
Kernel-IP-Routentabelle
ZielRouter  Genmask Flags Metric RefUse
Iface
217.0.111.222   0.0.0.0 255.255.255.255 UH0  00 ppp0
192.168.1.0 0.0.0.0 255.255.255.0   U 0  00 eth0
0.0.0.0 0.0.0.0 0.0.0.0 U 0  00 ppp0
rtr-0002:/var/log#
rtr-0002:/var/log# ip route show
217.0.111.222 dev ppp0  proto kernel  scope link  src 111.222.333.444
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.1
default dev ppp0  scope link
rtr-0002:/var/log#
rtr-0002:/var/log# ifconfig ppp0
ppp0  Link encap:Punkt-zu-Punkt-Verbindung 
  inet Adresse:111.222.333.444  P-z-P:217.0.111.222 
Maske:255.255.255.255
  UP PUNKTZUPUNKT RUNNING NOARP MULTICAST  MTU:1492  Metrik:1
  RX packets:2885981 errors:0 dropped:0 overruns:0 frame:0
  TX packets:2125651 errors:0 dropped:0 overruns:0 carrier:0
  Kollisionen:0 Sendewarteschlangenlänge:3
  RX bytes:2957960607 (2.7 GiB)  TX bytes:347600931 (331.4 MiB)

nx4-rtr-0002:/var/log#

At the moment I use ppp (pon/poff) dail up.
Not clear thinks are:

- how do 2 PPPoE connections at the same time?
- where do I place the code for multiple routing
  (ip route add default scope global nexthop via 1.0.0.2 dev eth1 weight 1 
nexthop via 2.0.0.2 eth2 weight 1)
- did this setup runing with SSL or SSH connections? (while the connection is 
keep alive they must use the same route i think?)

Thanks,
regards Basti

Xen with routing an bridging

[Thore]

Hello, merry christmas at all,
after setting aup my laptop on wheezy now I got back to the 
konfiguration of my server.

I have running there 3 dom0 with bridged IPv4.
I have an subnet for IPv6 with a lot of adresses and i want to use them 
(my home system has tunneled IPv6)
An IPv4 subnet is too expensive at the hoster and IPv6 will be 
availiable for everyone soon.
So I want to set up two more systems with IPv6 and give every system an 
own IPv6 address.  (the domU hasn't konfigured it yet)

My question is, how can I set it up?
 Something like this (from hetzner)

# Loopback-Adapter
auto lo
iface lo inet loopback
#
# LAN-Schnittstelle
auto eth0
iface eth0 inet static
  # Haupt-IP-Adresse des Servers
  address 192.168.0.250
  # Netzmaske 255.255.255.255 (/32) unabhängig von der
  # realen Netzaufteilung (z.B. /27)
  netmask 255.255.255.255
  # Explizite Hostroute zum Gateway
  gateway 192.168.0.1
  pointopoint 192.168.0.1
#
iface eth0 inet6 static
  # Haupt-IPv6-Adresse des Servers
  address 2a01:4f8:61:20e1::2
  netmask 64
  gateway fe80::1

I have only an eth0 and a xenbr0

somehow I must add the /64 subnet and tell xend that I use routing too.
I don't know can I use the xenbr0 or have I to create a xenbr1 and configure an 
eth1 in the dom0s

And how can I than use systems only with IPv6.
I had to ask my questions earlyer, now I had forgotten a lot.
Hope you can understand and help me
Sorry for my english

Thore

P.S: The Adresses are all only examples from the hetzner wiki



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/50d8e661.3030...@datensumpf.de

Re: virtual interfaces not routing properly.

[Jon Dowland]

If you set the netmask for all the aliases (eth0:0 etc.) to 
255.255.255.255, do you get the result you want?



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Archive: http://lists.debian.org/4f106590.2090...@debian.org

Re: virtual interfaces not routing properly.

[Roger Leigh]

On Fri, Jan 13, 2012 at 11:23:30AM +, Darac Marjal wrote:
> There are a number of  long-standing bugs raised against ifupdown
> (#168776, #464562 and #496591) which relate to this.

ifupdown now has an active maintainer, and I'm sure patches
would be welcome.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120113114326.gm9...@codelibre.net