[Vyatta-users] Vyatta Crashing -- Have to reboot
All, I have now been using vyatta at two of my locaitons (production) and it has been very promising. However, I have run into the problem where I essentially cannot do any more 'commits'. This can randomly happen on various things, but adding / removing an interface is definitley one of them. The only thing I can do to fix the issue is to reboot (init 6) the vyatta box and then add in my new configuration once it comes back up. I would like some help just troubleshooting / debugging, so I don't have to do a full restart to get back to a working condition. I am using VC 3. Below is an example log from /var/log/messages Feb 14 09:10:57 localhost xorp_fea: [ 2008/02/14 09:10:57 ERROR xorp_fea:7163 FEA +99 /home/autobuild/builds/master/2007-10-24-0001/ofr/xorp/xorp/fea/ifconfig_set.cc push_config ] Interface error on eth0.398: interface not recognized Feb 14 09:10:57 localhost xorp_rtrmgr: [ 2008/02/14 09:10:57 ERROR xorp_rtrmgr:3936 LIBXORP +741 /home/autobuild/builds/master/2007-10-24-0001/ofr/xorp/xorp/libxorp/run_command.cc done ] Command /opt/vyatta/sbin/commit_interface.sh: exited with exit status 255. Feb 14 09:10:57 localhost xorp_rtrmgr: [ 2008/02/14 09:10:57 ERROR xorp_rtrmgr:3936 RTRMGR +1647 /home/autobuild/builds/master/2007-10-24-0001/ofr/xorp/xorp/rtrmgr/task.cc execute_done ] Error found on program stderr! Feb 14 09:10:57 localhost xorp_rtrmgr: [ 2008/02/14 09:10:57 ERROR xorp_rtrmgr:3936 RTRMGR +701 /home/autobuild/builds/master/2007-10-24-0001/ofr/xorp/xorp/rtrmgr/master_conf_tree.cc commit_pass2_done ] Commit failed: Any suggestions would be appreciated. I believe what is 'fixing' my issue is restarting the CLI and possibly router program-- perhaps I can do that on the command line without restarting the entire machine? Thanks -Aaron ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Vyatta Crashing -- Have to reboot
Unfortunately, you need to restart the system to recover from these errors in this version. However, major changes have been made in Glendale, so you won't see these issues in the next release. Alpha 1 is available, so you can give it a try now. Justin On Thu, Feb 14, 2008 at 7:27 AM, [EMAIL PROTECTED] wrote: All, I have now been using vyatta at two of my locaitons (production) and it has been very promising. However, I have run into the problem where I essentially cannot do any more 'commits'. This can randomly happen on various things, but adding / removing an interface is definitley one of them. The only thing I can do to fix the issue is to reboot (init 6) the vyatta box and then add in my new configuration once it comes back up. I would like some help just troubleshooting / debugging, so I don't have to do a full restart to get back to a working condition. I am using VC 3. Below is an example log from /var/log/messages Feb 14 09:10:57 localhost xorp_fea: [ 2008/02/14 09:10:57 ERROR xorp_fea:7163 FEA +99 /home/autobuild/builds/master/2007-10-24-0001/ofr/xorp/xorp/fea/ifconfig_set.cc push_config ] Interface error on eth0.398: interface not recognized Feb 14 09:10:57 localhost xorp_rtrmgr: [ 2008/02/14 09:10:57 ERROR xorp_rtrmgr:3936 LIBXORP +741 /home/autobuild/builds/master/2007-10-24-0001/ofr/xorp/xorp/libxorp/run_command.cc done ] Command /opt/vyatta/sbin/commit_interface.sh: exited with exit status 255. Feb 14 09:10:57 localhost xorp_rtrmgr: [ 2008/02/14 09:10:57 ERROR xorp_rtrmgr:3936 RTRMGR +1647 /home/autobuild/builds/master/2007-10-24-0001/ofr/xorp/xorp/rtrmgr/task.cc execute_done ] Error found on program stderr! Feb 14 09:10:57 localhost xorp_rtrmgr: [ 2008/02/14 09:10:57 ERROR xorp_rtrmgr:3936 RTRMGR +701 /home/autobuild/builds/master/2007-10-24-0001/ofr/xorp/xorp/rtrmgr/master_conf_tree.cc commit_pass2_done ] Commit failed: Any suggestions would be appreciated. I believe what is 'fixing' my issue is restarting the CLI and possibly router program-- perhaps I can do that on the command line without restarting the entire machine? Thanks -Aaron ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Glendale First Impressions
Hi Guys, Lots of big changes in Glendale and I'm enjoying them. I did my usual drop test, dropping the Glendale test router into production. I even spiced up my config a bit, adding authentication where possible. So far so good guys. The new version looks exciting, and I can't wait to see the new features that are coming out in the next builds. I have noticed a couple things though. Some of this is probably me still wrapping my mind around this new CLI. It took me a while to find out how to set the OSPF RID, and get redistribution working, so I wouldn't put it past me just not grasping this new CLI yet. So here's my list: - top doesn't take you to the top of the command line hierarchy, it runs the shell top program. For example if you edit interfaces ethernet eth3, make changes and then type top it runs the top program. -Right now it appears you can't edit service dhcp-server. The command line hierarchy was one of the best features of this CLI, it should be added to everything. I know it's a new command line and I hope this is something you guys are working on. - I think I saw this about the previous release, however it appears to be the same in Glendale. Even if an interface description is set in the command line SNMP returns the following values for interface description: Found item [ifDescr='eth0'] index: 2 [from value]. Interface descriptions are a big deal in the service provider arena; it should be very easy to indentify interfaces by description. Descriptions should show up in the output of show interface system. - You don't seem to be able to use run to execute some commands from inside config mode. Just like do in Cisco IOS, run in this CLI is an essential tool that simplifies troubleshooting new configs [EMAIL PROTECTED]:~$ ping 192.168.20.10 PING 192.168.20.10 (192.168.20.10) 56(84) bytes of data. 64 bytes from 192.168.20.10: icmp_seq=1 ttl=255 time=6.44 ms 64 bytes from 192.168.20.10: icmp_seq=2 ttl=255 time=2.33 ms --- 192.168.20.10 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1002ms rtt min/avg/max/mdev = 2.335/4.389/6.444/2.055 ms [EMAIL PROTECTED]:~$ configure ru [edit] [EMAIL PROTECTED] run ping 192.168.20.10 Invalid command [edit] [EMAIL PROTECTED] - There doesn't seem to be a way to run OSPF of VIFs. Please tell me I'm crazy and this is not the case. [EMAIL PROTECTED] set interfaces ethernet eth3 vif 5 address description firewall bridge-group disable vrrp [edit] [EMAIL PROTECTED] set interfaces ethernet eth3 vif 5 - I don't mind the new CLI, however I REALLY miss the ? and the space auto completion. If there is any way we can work to getting that back I would be over the moon. I know there has been some discussion about this, but I figured I'd voice my opinion as well, as late as it is. - I noticed that you're using Quagga as the routing engine. I must admit I'll miss XORP, and it's juniper eque control but I understand that Quagga has more to offer in the way of functionality. Can we use the clear ip ospf to reset the ospf process built into Quagga in the shell? - show ospf4 database self-originate is one of the best commands to troubleshoot ospf with, can we please work towards adding it? All in all guys it looks good. I can't wait to see the builds that are coming soon. Hopefully we can upgrade our Alpha 1 routers to Alpha 2 in place with 'update package' :D. Keep up the good work, Regards, Nick ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Glendale First Impressions
Hi Nick, Thanks for the feedback. Comments inline. Hi Guys, Lots of big changes in Glendale and I'm enjoying them. I did my usual drop test, dropping the Glendale test router into production. I even spiced up my config a bit, adding authentication where possible. So far so good guys. The new version looks exciting, and I can't wait to see the new features that are coming out in the next builds. I have noticed a couple things though. Some of this is probably me still wrapping my mind around this new CLI. It took me a while to find out how to set the OSPF RID, and get redistribution working, so I wouldn't put it past me just not grasping this new CLI yet. So here's my list: - top doesn't take you to the top of the command line hierarchy, it runs the shell top program. For example if you edit interfaces ethernet eth3, make changes and then type top it runs the top program. That's http://bugzilla.vyatta.com/show_bug.cgi?id=2616 and is fixed. -Right now it appears you can't edit service dhcp-server. The command line hierarchy was one of the best features of this CLI, it should be added to everything. I know it's a new command line and I hope this is something you guys are working on. I think that's been fixed, but I'll let someone else confirm. - I think I saw this about the previous release, however it appears to be the same in Glendale. Even if an interface description is set in the command line SNMP returns the following values for interface description: Found item [ifDescr='eth0'] index: 2 [from value]. Interface descriptions are a big deal in the service provider arena; it should be very easy to indentify interfaces by description. Descriptions should show up in the output of show interface system. I'll look into the snmp issue, but at lease we now do show the description in the various show interface commands (although it didn't make the cut for alpha1). We now also default to a brief style output if the command could show multiple interfaces. For example: [EMAIL PROTECTED]:~$ show interfaces InterfaceIP Address State Link Description br0 - up up bridge eth0 and eth1 eth0 172.16.117.15/24 up up Link to Internet eth0 6.9.9.9/32 up up Link to Internet eth0.100 - up up Switch to vlan 100 eth0.200 - up up Switch to vlan 200 eth1 15.0.0.15/24 up up eth2 2.2.2.3/24 admin down down Testing eth2 172.16.139.15/24 admin down down Testing eth3 - up up lo 127.0.0.1/8up up tun0 10.0.0.1/24up up GRE tunnel over IPSEC [EMAIL PROTECTED]:~$ show interfaces ethernet eth0 eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0c:29:1a:08:62 brd ff:ff:ff:ff:ff:ff inet 172.16.117.15/24 brd 172.16.117.255 scope global eth0 inet 6.9.9.9/32 scope global eth0 inet6 fe80::20c:29ff:fe1a:862/64 scope link valid_lft forever preferred_lft forever Last clear: Thu Feb 14 11:45:22 PST 2008 Description: Link to Internet RX: bytespackets errorsdroppedoverrun mcast 775 11 0 0 0 0 TX: bytespackets errorsdroppedcarrier collisions 1972 19 0 0 0 0 Any thoughts on that as a default? In the detailed output you can see the description and you might notice the Last clear which means we've added a clear counters command. - You don't seem to be able to use run to execute some commands from inside config mode. Just like do in Cisco IOS, run in this CLI is an essential tool that simplifies troubleshooting new configs We do support run in config mode: [EMAIL PROTECTED] run show version Version :glendale (alpha 1) Built by:[EMAIL PROTECTED] Built on:Thu Feb 14 06:03:10 UTC 2008 Build ID:08021406038278164 Boot via:livecd Uptime :11:48:18 up 13:23, 1 user, load average: 0.00, 0.00, 0.00 Not sure why ping doesn't work with that (I'll file a bug), but you can use the linux ping from config mode: [EMAIL PROTECTED] ping 172.16.117.1 PING 172.16.117.1 (172.16.117.1) 56(84) bytes of data. 64 bytes from 172.16.117.1: icmp_seq=1 ttl=64 time=0.666 ms - There doesn't seem to be a way to run OSPF of VIFs. Please tell me I'm crazy and this is not the case. That's my fault as I forgot to also add it under the vif. I fixed it yesterday, so it'll be in the next release. [EMAIL PROTECTED] set interfaces ethernet eth3 vif 5 address description firewall bridge-group disable vrrp [edit] [EMAIL PROTECTED] set interfaces ethernet eth3 vif 5 - I don't mind the new CLI, however I REALLY miss the ? and the space auto completion. If there is
Re: [Vyatta-users] Glendale First Impressions
Hi Nick, Thanks for the great feedback! We love to see this kind of input from the community. It's incredibly helpful. Glendale has undergone a huge number of changes and some of them, such as the CLI, are revolutionary as opposed to evolutionary. The goal is to have Glendale's new features be useful as opposed to just different. External feedback helps to keep us honest to that goal. Comments inline.. Nick Davey wrote: - top doesn't take you to the top of the command line hierarchy, it runs the shell top program. For example if you edit interfaces ethernet eth3, make changes and then type top it runs the top program. This was bug 2616 and has been fixed. It will be available in the next release. -Right now it appears you can't edit service dhcp-server. The command line hierarchy was one of the best features of this CLI, it should be added to everything. I know it's a new command line and I hope this is something you guys are working on. Not sure, but this may be related to 2614 which was fixed and should be in the next release. - I think I saw this about the previous release, however it appears to be the same in Glendale. Even if an interface description is set in the command line SNMP returns the following values for interface description: Found item [ifDescr='eth0'] index: 2 [from value]. Interface descriptions are a big deal in the service provider arena; it should be very easy to indentify interfaces by description. Descriptions should show up in the output of show interface system. If you get a second would you take a look at bug 369 and submit some feedback? - You don't seem to be able to use run to execute some commands from inside config mode. Just like do in Cisco IOS, run in this CLI is an essential tool that simplifies troubleshooting new configs In config you should be able to just type in the command. For example... [edit] [EMAIL PROTECTED] ping 1.1.1.1 will work. - There doesn't seem to be a way to run OSPF of VIFs. Please tell me I'm crazy and this is not the case. This looks like it has been fixed in the latest nightly build. - I don't mind the new CLI, however I REALLY miss the ? and the space auto completion. If there is any way we can work to getting that back I would be over the moon. I know there has been some discussion about this, but I figured I'd voice my opinion as well, as late as it is. I've talked with An-Cheng about ? help. I think we agreed that he would set it up that ? would bind to help by default, but that it could be turned on or off on a per user basis. I need to follow up with him on that. Space completion has been submitted as bug 2771. Can we use the clear ip ospf to reset the ospf process built into Quagga in the shell? - show ospf4 database self-originate is one of the best commands to troubleshoot ospf with, can we please work towards adding it? I will open bugs on these and let you know what the bug numbers are. Thanks again! Cheers, Robert. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Glendale First Impressions
Robert Bays wrote: Nick Davey wrote: - I don't mind the new CLI, however I REALLY miss the ? and the space auto completion. If there is any way we can work to getting that back I would be over the moon. I know there has been some discussion about this, but I figured I'd voice my opinion as well, as late as it is. I've talked with An-Cheng about ? help. I think we agreed that he would set it up that ? would bind to help by default, but that it could be turned on or off on a per user basis. I need to follow up with him on that. The fix is a one-line change to the default '?' binding, and I've just been waiting for a decision on this... An-Cheng ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Installing VC3 on a WRAP
After upgrading my WRAP with to an ALIX board, I thought I would try repurposing the old WRAP board as a VC3 based router, especially as I do not plan on implementing BGP or OSPF. I just want some simple static routing, multiple VLANs and a testing tool to play around with. However, I am running into an issue booting VC3 on the WRAP that I am hoping someone can assist me with. I was able to flash the 2GB compact flash card without issue ( well, I should say that it was without issue after I turned off the Plug Play operating system option in the BIOS of the system I was using), but the boot process seems to stall at the end of the disk detection phase. The relevant portion of the boot log is as follows: ---SNIP--- SC1200: IDE controller at PCI slot :00:12.2 SC1200: chipset revision 1 SC1200: not 100% native mode: will probe irqs later ide0: BM-DMA at 0xfc00-0xfc07, BIOS settings: hda:pio, hdb:pio ide1: BM-DMA at 0xfc08-0xfc0f, BIOS settings: hdc:pio, hdd:pio hda: , ATA DISK drive SC1200: set xfer mode failure ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 hdc: IRQ probe failed (0xbefa) hdc: IRQ probe failed (0xbefa) hdd: IRQ probe failed (0xbefa) hdd: IRQ probe failed (0xbefa) hda: max request size: 128KiB hda: 3964464 sectors (2029 MB) w/1KiB Cache, CHS=3933/16/63 hda: hda1 hda2 TSC appears to be running slowly. Marking it as unstable Time: pit clocksource has been installed. hdc: IRQ probe failed (0xbefa) hdc: IRQ probe failed (0xbefa) hdd: IRQ probe failed (0xbefa) hdd: IRQ probe failed (0xbefa) hdd: no response (status = 0x0a), resetting drive hdd: IRQ probe failed (0xbefa) hdd: no response (status = 0x0a) ---SNIP--- The boot process stalls at the last line of the log shown above, and will just sit there indefinitely. I've read in the WRAP documentation that IDE DMA should be disabled, but ide=nodma was already showing in the kernel boot arguments. Booting with LBA or CHS makes no difference. I've tried a few other things without success, and so far my online research hasn't led me anywhere helpful. At this point, I'd appreciate any suggestions offered. The full boot log attached, if that has relevance to anyone: Thanks in advance! Linux version 2.6.20 ([EMAIL PROTECTED]) (gcc version 4.1.1) #1 SMP Wed Oct 24 01:04:49 PDT 2007 BIOS-provided physical RAM map: sanitize start sanitize end copy_e820_map() start: size: 000a end: 000a type: 1 copy_e820_map() type is E820_RAM copy_e820_map() start: 000f size: 0001 end: 0010 type: 2 copy_e820_map() start: 0010 size: 07f0 end: 0800 type: 1 copy_e820_map() type is E820_RAM copy_e820_map() start: fff0 size: 0010 end: 0001 type: 2 BIOS-e820: - 000a (usable) BIOS-e820: 000f - 0010 (reserved) BIOS-e820: 0010 - 0800 (usable) BIOS-e820: fff0 - 0001 (reserved) 0MB HIGHMEM available. 128MB LOWMEM available. Zone PFN ranges: DMA 0 - 4096 Normal 4096 -32768 HighMem 32768 -32768 early_node_map[1] active PFN ranges 0:0 -32768 DMI not present or invalid. Allocating PCI resources starting at 1000 (gap: 0800:f7f0) Detected 233.319 MHz processor. Built 1 zonelists. Total pages: 32512 Kernel command line: root=/dev/sda1 ide=nodma console=ttyS0,9600 console=tty0 ide_setup: ide=nodma : Prevented DMA No local APIC present or hardware disabled Initializing CPU#0 PID hash table entries: 512 (order: 9, 2048 bytes) Console: colour dummy device 80x25 Dentry cache hash table entries: 16384 (order: 4, 65536 bytes) Inode-cache hash table entries: 8192 (order: 3, 32768 bytes) Memory: 121016k/131072k available (1731k kernel code, 9512k reserved, 798k data, 288k init, 0k highmem) virtual kernel memory layout: fixmap : 0xfff53000 - 0xf000 ( 688 kB) pkmap : 0xff80 - 0xffc0 (4096 kB) vmalloc : 0xc880 - 0xff7fe000 ( 879 MB) lowmem : 0xc000 - 0xc800 ( 128 MB) .init : 0xc037f000 - 0xc03c7000 ( 288 kB) .data : 0xc02b0e94 - 0xc03786b4 ( 798 kB) .text : 0xc010 - 0xc02b0e94 (1731 kB) Checking if this processor honours the WP bit even in supervisor mode... Ok. Calibrating delay using timer specific routine.. 467.95 BogoMIPS (lpj=935906) Security Framework v1.0.0 initialized SELinux: Disabled at boot. Mount-cache hash table entries: 512 Checking 'hlt' instruction... OK. SMP alternatives: switching to UP code Freeing SMP alternatives: 11k freed CPU0: NSC Unknown stepping 01 SMP motherboard not detected. Local APIC not detected. Using dummy APIC emulation. Brought up 1 CPUs NET: Registered protocol family 16 EISA bus registered PCI: PCI BIOS revision 2.10 entry at 0xfc47b, last bus=0 PCI: Using
Re: [Vyatta-users] Glendale First Impressions
An-Cheng Huang wrote: The fix is a one-line change to the default '?' binding, and I've just been waiting for a decision on this... Ok, it's in Glendale now. '?' now defaults to help (i.e., the possible-completions binding). An-Cheng ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Routing policy based on ports
For the last few years I've used a FreeBSD box as my house net gateway. It has two NICs. The inside NIC has access to the Class-C house network and a DSL router (no firewall). The outside NIC is attached to a cable modem and uses a static IP from the cable company. Using the ipfw tool, I've added a rule that says that anything from the inside net that is destined for port 80 or 443 (http and https) shall be forwarded to the NAT daemon and from there routed out the cable modem. This moves most of the household traffic off the DSL and onto the Cable modem. I'm attempting to figure out how to do the same thing with Vyatta. The goal is to have two inside nets. 192.1.1.0/25 with vyatta as the router at 192.1.1.3 which then forwards firewall approved traffic to 192.1.1.1, the DSL router. This is for my DMZ machines. The second inside net would be 192.1.1.128/25 with vyatta as the router at 192.1.1.129. Here any traffic with destined for port 80 or 443 will be NATted and sent out the cable modem and all other traffic sent to 192.1.1.1, with firewall approval. Any suggestions or pointers will be appreciated Thank you, Chris Johnson PS I'm testing VC4 right now but if somebody can show me how VC3 is fine. Just trying to avoid an upgrade in the near future.. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users