Re: [OT] Bonehead DNS question
JB wrote: This got a bit long. My apologies to those not interested. In [EMAIL PROTECTED], walt [EMAIL PROTECTED] shouted to everyone in earshot, Using a packet sniffer, I can see that my server fetches the names of at least four backup servers at BBC -- but then my server insists on resolving those names by using the primary server which is *down*, and so the whole effort fails. What's your nameserver software and version? Care to post (or e-mail to me) your named.conf if it's BIND? (Just the global settings and such probably don't need any zones you have configured, unless one of them is bbc.co.uk or bbc.net.uk. =) ) Is your nameserver reachable from the Internet? If so, do I have your permission to run some queries against it? You can e-mail me its IP address if you'd rather not post it. I have a virtually identical problem, no doubt for the same reason, almost eery day, as I relay on 'news.bbc.co.uk'. Likewise I can help (from HKG or Zurich) if it is MaraDNS (which, AFAIK uses the same record-types as the perhaps more common djbdns). I'm seeing some sort of weird stuff, too. I used to consider myself quite knowledgable in DNS matters, but the dwindling of my youthful conceit combined with my decreasing effort to keep up with more than basic DNS practises has me wondering if what I'm seeing is truly odd or sort of normal. So I'll post it here in case anyone more clueful than me can see what's going on. Try the '-v' flag (FreeBSD 4.11, Zurich) su-2.05b# host -v www.bbc.co.uk Trying null domain rcode = 0 (Success), ancount=2 The following answer is not authoritative: The following answer is not verified as authentic by the server: www.bbc.co.uk 900 IN CNAME www.bbc.net.uk www.bbc.net.uk 300 IN A 212.58.224.36 rcode = 0 (Success), ancount=1 The following answer is not authoritative: The following answer is not verified as authentic by the server: www.bbc.net.uk 300 IN A 212.58.224.36 (newer - FreeBSD 6.2 Hong Kong) triligon# host -v www.bbc.co.uk Trying www.bbc.co.uk ;; -HEADER- opcode: QUERY, status: NOERROR, id: 32519 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.bbc.co.uk. IN A ;; ANSWER SECTION: www.bbc.co.uk. 257 IN CNAME www.bbc.net.uk. www.bbc.net.uk. 300 IN A 212.58.227.74 ;; AUTHORITY SECTION: bbc.net.uk. 161127 IN NS ns0.thny.bbc.co.uk. bbc.net.uk. 161127 IN NS ns0.thdo.bbc.co.uk. ;; ADDITIONAL SECTION: ns0.thdo.bbc.co.uk. 74727 IN A 212.58.224.20 ns0.thny.bbc.co.uk. 74729 IN A 212.58.240.20 Received 151 bytes from 203.194.239.32#53 in 234 ms Trying www.bbc.co.uk ;; -HEADER- opcode: QUERY, status: NOERROR, id: 6150 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.bbc.co.uk. IN ;; ANSWER SECTION: www.bbc.co.uk. 257 IN CNAME www.bbc.net.uk. Received 57 bytes from 203.194.239.32#53 in 235 ms Trying www.bbc.co.uk Host www.bbc.co.uk not found: 2(SERVFAIL) Received 31 bytes from 203.194.239.32#53 in 547 ms --- triligon# host -v news.bbc.co.uk Trying news.bbc.co.uk ;; -HEADER- opcode: QUERY, status: NOERROR, id: 1616 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;news.bbc.co.uk.IN A ;; ANSWER SECTION: news.bbc.co.uk. 900 IN CNAME newswww.bbc.net.uk. newswww.bbc.net.uk. 300 IN A 212.58.226.33 ;; AUTHORITY SECTION: bbc.net.uk. 161862 IN NS ns0.thny.bbc.co.uk. bbc.net.uk. 161862 IN NS ns0.thdo.bbc.co.uk. ;; ADDITIONAL SECTION: ns0.thdo.bbc.co.uk. 75462 IN A 212.58.224.20 ns0.thny.bbc.co.uk. 75464 IN A 212.58.240.20 Received 156 bytes from 203.194.239.32#53 in 462 ms Trying news.bbc.co.uk ;; -HEADER- opcode: QUERY, status: NOERROR, id: 22344 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;news.bbc.co.uk.IN ;; ANSWER SECTION: news.bbc.co.uk. 899 IN CNAME newswww.bbc.net.uk. Received 62 bytes from 203.194.239.32#53 in 229 ms Trying news.bbc.co.uk Host news.bbc.co.uk not found: 2(SERVFAIL) Received 32 bytes from 203.194.239.32#53 in 545 ms -- triligon# host -v bbc.net.uk Trying bbc.net.uk ;; -HEADER- opcode: QUERY, status: NOERROR, id: 50727 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;bbc.net.uk.IN A ;; ANSWER SECTION: bbc.net.uk. 300 IN A 212.58.226.232 ;; AUTHORITY SECTION: bbc.net.uk. 160971 IN NS ns0.thdo.bbc.co.uk. bbc.net.uk. 160971 IN NS ns0.thny.bbc.co.uk. ;; ADDITIONAL SECTION: ns0.thdo.bbc.co.uk. 74571 IN
Re: update of sound infrastructure
Simon, I get this error when trying to compile kernel with your patch: /usr/src/sys/dev/sound/pcm/channel.c:28:21: opt_isa.h: No such file or directory Petr Simon 'corecode' Schubert wrote: Simon 'corecode' Schubert wrote: Simon 'corecode' Schubert wrote: 2. xmms acts weird (plays fine, but the UI laggs 5-10 seconds) I think it has something to do with poll(2), but I don't know what. maybe somebody could have a look at this (mplayer works fine)? Okay, it is our non-blocking IO. I fixed it, please re-fetch the patch. Now I consider it stable and without regression. cheers simon
Re: update of sound infrastructure
On Fri, Oct 20, 2006 at 12:37:47AM +1000, Petr Janda wrote: Simon, I get this error when trying to compile kernel with your patch: /usr/src/sys/dev/sound/pcm/channel.c:28:21: opt_isa.h: No such file or directory Do you have ISA support enabled on your kernel config? -- La prueba más fehaciente de que existe vida inteligente en otros planetas, es que no han intentado contactar con nosotros.
Re: update of sound infrastructure
Applies and compiles, no errors. I just don't know how to set up audio properly. :-( Does anybody have a howto on this? The handbook seems outdated. I have this card (pciconf -lv): [EMAIL PROTECTED]:31:5:class=0x040100 card=0x1250103c chip=0x24158086 rev=0x02 hdr=0x00 vendor = 'Intel Corporation' device = 'Intel 82801DBM IDE Controller (UltraATA/100) Aureal (AD1881 SOUNDMAX) Placa M saki P3-141' class= multimedia subclass = audio
Please help with NAT
Sorry for the stupid question, but I can't get NAT working properly on my machine. Generally speaking, I cannot reach internet from LAN machines, while natd is running and packets are being forwarded to the 'external' interface. Please tell me, if there is a problem with natd configuration or I miss something while configuring system or what? The machine itself can access internet and ping any host in LAN. My config files are: /etc/rc.conf: ifconfig_rl0=inet 193.138.X.Y netmask 255.255.255.240 ifconfig_rl1=inet 192.168.1.1 netmask 255.255.255.0 defaultrouter=193.138.X.Z sshd_enabled=YES sshd_enable=YES ftp_enable=yes inetd_enable=yes router_enable=YES gateway_enable=YES named_enable=YES firewall_enable=YES firewall_type=OPEN natd_enable=YES natd_interface=rl0 natd_flags=-f /etc/natd.conf # -- END of DragonFly BSD Installer automatically generated configuration -- # /etc/natd.conf log yes log_denied yes interface rl0 redirect_address 193.138.X.Z 0.0.0.0 and tcpdump pruduces following output while brouser on a machine 192.168.1.16 tries to connect to internet: 14:55:46.731888 IP 192.168.1.16.44870 84.252.139.237.80: S 2051121078:2051121078(0) win 5840 mss 1460,sackOK,timestamp 3568779 0,nop,wscale 2 14:55:49.729395 IP 192.168.1.16.44870 84.252.139.237.80: S 2051121078:2051121078(0) win 5840 mss 1460,sackOK,timestamp 3569529 0,nop,wscale 2 14:55:55.729911 IP 192.168.1.16.44870 84.252.139.237.80: S 2051121078:2051121078(0) win 5840 mss 1460,sackOK,timestamp 3571029 0,nop,wscale 2 14:56:04.948095 IP 192.168.1.16.44871 84.252.139.237.80: S 2069944697:2069944697(0) win 5840 mss 1460,sackOK,timestamp 357 0,nop,wscale 2 14:56:05.423392 IP 192.168.1.16.44872 84.252.139.237.80: S 2074811363:2074811363(0) win 5840 mss 1460,sackOK,timestamp 3573452 0,nop,wscale 2 14:56:05.959721 IP 192.168.1.16.44873 84.252.139.237.80: S 2073211947:2073211947(0) win 5840 mss 1460,sackOK,timestamp 3573586 0,nop,wscale 2 14:56:07.096896 IP 192.168.1.16.44874 84.252.139.237.80: S 2077539703:2077539703(0) win 5840 mss 1460,sackOK,timestamp 3573870 0,nop,wscale 2 14:56:07.694483 IP 192.168.1.16.44875 84.252.139.237.80: S 2083789125:2083789125(0) win 5840 mss 1460,sackOK,timestamp 3574019 0,nop,wscale 2 14:56:08.166094 IP 192.168.1.16.44876 84.252.139.237.80: S 2085750571:2085750571(0) win 5840 mss 1460,sackOK,timestamp 3574137 0,nop,wscale 2 14:56:11.163282 IP 192.168.1.16.44876 84.252.139.237.80: S 2085750571:2085750571(0) win 5840 mss 1460,sackOK,timestamp 3574887 0,nop,wscale 2 14:56:17.728987 IP 192.168.1.16.56867 216.240.41.25.80: S 2087596188:2087596188(0) win 5840 mss 1460,sackOK,timestamp 3576528 0,nop,wscale 2 14:56:20.728123 IP 192.168.1.16.56867 216.240.41.25.80: S 2087596188:2087596188(0) win 5840 mss 1460,sackOK,timestamp 3577278 0,nop,wscale 2 14:56:26.728672 IP 192.168.1.16.56867 216.240.41.25.80: S 2087596188:2087596188(0) win 5840 mss 1460,sackOK,timestamp 3578778 0,nop,wscale 2 14:56:38.729702 IP 192.168.1.16.56867 216.240.41.25.80: S 2087596188:2087596188(0) win 5840 mss 1460,sackOK,timestamp 3581778 0,nop,wscale 2 14:57:02.731812 IP 192.168.1.16.56867 216.240.41.25.80: S 2087596188:2087596188(0) win 5840 mss 1460,sackOK,timestamp 3587778 0,nop,wscale 2 I'm running DragonFly 1.6.0 with generic kernel. Do please tell me what is the thing I misconfigured! Sorry for this stupid question, but I can't understand what is the matter by digging manuals. -- Sorry for my poor English...
Re: Please help with NAT
Eugene wrote: Sorry for the stupid question, but I can't get NAT working properly on my machine. Generally speaking, I cannot reach internet from LAN machines, while natd is running and packets are being forwarded to the 'external' interface. Please tell me, if there is a problem with natd configuration or I miss something while configuring system or what? The machine itself can access internet and ping any host in LAN. Is it a must for you to use IPFW? If not, you should really try out pf which is far easier to configure.
Re: Please help with NAT
In [EMAIL PROTECTED], Eugene [EMAIL PROTECTED] shouted to everyone in earshot, /etc/natd.conf log yes log_denied yes interface rl0 redirect_address 193.138.X.Z 0.0.0.0 I'm not an ipfw user, but I quick scan of the natd man page makes me think that redirect_address isn't something you want there, at least not with that first address. I get the impressing that it's for passing all incoming TCP SYNs (and probably UDP and ICMP packets) to the named machine, but I think you want to list the address of an internal host, not an address on your router. You shouldn't need that directive at all if you don't need to pass incoming connections to internal hosts, and even if you do want to do that, you could probably take it out until you have outbound NAT working. I don't know for sure that it's causing you any problems, but removing it could simplify things in the interim. and tcpdump pruduces following output while brouser on a machine 192.168.1.16 tries to connect to internet: 14:55:46.731888 IP 192.168.1.16.44870 84.252.139.237.80: S 2051121078:2051121078(0) win 5840 mss 1460,sackOK,timestamp 3568779 0,nop,wscale 2 Is this from interface rl0 (public) or rl1 (internal)? If rl1, what does rl0 see? Did you rebuild your kernel with 'OPTIONS IPFIREWALL' and 'OPTIONS IPDIVERT' as the natd man page suggests? (Is that still necessary? I'm still just reading the natd man page and don't see those options in DFly 1.4.2 GENERIC.) I second the recommendation for using pf, especially if you aren't familiar with ipfw. You won't need to rebuild your kernel, for example. Jeff
Re: silo overflows -- what can I do about this?
:It's just a serial console cable to a cisco device. It's a PIX in this :case. I'm using the cisco supplied blue roll over cable. Pretty much :normal. It seems to work fine when using my notebook. : :So it can either be a) the hardware on the DragonFly box, or b) :something in DragonFlyBSD. The notebook runs FreeBSD. I'm almost curious :enough to yank the hardrive out of the OpenBSD box (another box where it :works fine too) and put in the DragonFlyBSD hardrive to rule out the :hardware. : :I can do that if you want, that way we don't chase things that are :hardware related. You know what I mean? : :Joey It sounds to me like an interrupt is getting delayed too long. It is possible to track things like that down, but it's a lot of work and I don't think I can spare the time (at least not before the next release). Is this a SMP box? -Matt Matthew Dillon [EMAIL PROTECTED]
Re: update of sound infrastructure
Petr Janda wrote: This error only occurs when I include device sound in the kernel config. Whats wrong with that? From reading Simon's patch I'm guessing that the file opt_isa.h is created on the fly during the kernel build. I'm also guessing that you might be safer to delete your kernel obj directory and start a new 'make kernel' from the beginning.
Re: Please help with NAT
On Thu, October 19, 2006 10:57 am, Eugene wrote: Sorry for the stupid question, but I can't get NAT working properly on my machine. Generally speaking, I cannot reach internet from LAN machines, while natd is running and packets are being forwarded to the 'external' interface. Hmm... I have: in /etc/rc.conf: gateway_enable=YES firewall_enable=YES firewall_type=OPEN natd_enable=YES natd_interface=dc0 natd_flags= In kernel config: options IPFIREWALL options IPDIVERT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100 options TCP_DROP_SYNFIN options ICMP_BANDLIM Change natd_interface, and it should work for you after building the new kernel. Like others have said here, I plan to switch to pf; I just haven't done it yet.
Re: silo overflows -- what can I do about this?
Robert Clark wrote: Make sure the Serial port is enabled in BIOS? I've seen integrated-chipset-provided serial ports be disabled in BIOS and still be probed and in used by the OS. The ghost ports would then work depending on how the OS serviced them. I've also seen multiple ports configured on the same resources. [RC] It's enabled and it does work. I can log into the PIX, but when I say write terminal and it starts spitting out the configuration then that's when I get those error messages and it stops receiving data from the device. Now, sharing the same resources is another thing which I haven't checked for. I'll take a look when I reboot the machine. Should be 3F8 and 2F8 right? Joey
Re: silo overflows -- what can I do about this?
COM1 - 3F8 IRQ4 COM2 - 2F8 IRQ3 COM3 - 3E8 IRQ4 COM4 - 2E8 IRQ3 [RC] On Oct 19, 2006, at 1:02 PM, Joseph Garcia wrote: Robert Clark wrote: Make sure the Serial port is enabled in BIOS? I've seen integrated-chipset-provided serial ports be disabled in BIOS and still be probed and in used by the OS. The ghost ports would then work depending on how the OS serviced them. I've also seen multiple ports configured on the same resources. [RC] It's enabled and it does work. I can log into the PIX, but when I say write terminal and it starts spitting out the configuration then that's when I get those error messages and it stops receiving data from the device. Now, sharing the same resources is another thing which I haven't checked for. I'll take a look when I reboot the machine. Should be 3F8 and 2F8 right? Joey
Re: update of sound infrastructure
Mmm, another question: is there some mixer frontend like alsamixer for this sound system?
Re: Bmake fails when installing pkg_chk!
On Fri, Oct 20, 2006 at 12:19:19AM +0200, Daniel Olsson wrote: i got it from cvs cvs up -dP it worked yesterday Which server in that case. Joerg
Re: Please help with NAT
Gergo Szakal wrote: Damn, sent too soon. :-) So it has altq. other undocumented feature is filtering by uid/gid (many people don't know about this hence they don't switch to pf from ipfw). That sounds good until I recall writing high-speed driver code (machine, asm, Forth) and shudder to think of the CPU cycles it must cost. Not to mention the line-count of C code required. ;-) Bill
Re: update of sound infrastructure
Done it, but still no fix. Have you guys actually compiled the kernel with device sound or did you load sound.ko module? Petr walt wrote: Petr Janda wrote: This error only occurs when I include device sound in the kernel config. Whats wrong with that? From reading Simon's patch I'm guessing that the file opt_isa.h is created on the fly during the kernel build. I'm also guessing that you might be safer to delete your kernel obj directory and start a new 'make kernel' from the beginning.