Re: [Vyatta-users] vyatta in a fully-virtualized (hvm) domU; console issues
I have an almost identical setup, and I have no such issue. Can you post your .cfg for the domU? -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Jan 30, 2008, at 12:23 AM, snowcrash+vyatta wrote: hi, i've installed vyatta community edition, from vyatta-livecd-vc3.iso, as a fully-virutalized (HVM) Xen DomU on a Fedora8 Dom0. install went without a noticeable hitch. on domain shutdown/restart, xm create -c vyatta_run.cfg @ console, i see, Using config file /etc/xen/vyatta_run.cfg. Started domain vyatta xenconsole: Could not read tty from store: No such file or directory searching, i find http://readlist.com/lists/lists.xensource.com/xen-users/3/16722.html which suggests adding to vyatta domain's /etc/inittab, co:2345:respawn:/sbin/mingetty console mounting the domain's LV from Dom0 with, kpartx -av /dev/VG00/vyatta mount -t ext2 /dev/mapper/vyatta1 /mnt i note in /sbin only 'getty' -- no 'minggetty'. so, instead, i add a similar co:2345:respawn:/sbin/getty console to /mnt/etc/inittab but on domain restart i see the same, Using config file /etc/xen/vyatta_run.cfg. Started domain vyatta xenconsole: Could not read tty from store: No such file or directory @ Dom0, the vyatta DomU's console displays, Press F10 to select boot device. Booting from Hard Disk ... GRUB Loading stage 2.. Press any key to continue. and there it sits. doing nothing. other DomU's, e.g. Fedora8, have no probs so far ... anyone here have any hints as to how to get past this? thanks! ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Managing different subnet with different gateway
Hi guys, I revisited the issue after getting a box to test I have set up a vyatta router with 4 ports eth0: 192.168.1.232 (WAN) - simulate gateway#1 eth1: 192.168.1.233 (WAN) - simulate gateway#2 eth2: 192.168.20.1 (LAN) - simulate LAN #1, represented by a laptop 192.168.20.2 :: to route through eth0 for gateway 192.168.1.1 eth3: 192.168.30.1 (LAN) - simulate LAN #2, represented by a laptop 192.168.30.2 :: to route through eth1 for gateway 192.168.1.2 I can't get eth3 to work somehow.. I think the laptop needs to be connected using a cross cable (using different laptops) but .20.x side is working fine. As attached is the config. I then run the ip tool on 192.168.30.0.. but i still can't route out. when i set the gateway, it routes out, but via that gateway... both 192.168.1.1 abd 1.2 and adsl modems... or should I be ensuring both eth0 and eth1 are of different subnet? below is the config i did... vyatta:~# ip route add default via 192.168.1.2 dev eth1 tab 2 vyatta:~# ip rule add from 192.168.30.0/24 tab 2 priority 600 vyatta:~# ip route list 192.168.20.0/24 dev eth2 proto kernel scope link src 192.168.20.1 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.232 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.233 192.168.30.0/24 dev eth3 proto kernel scope link src 192.168.30.1 vyatta:~# ip rule list 0: from all lookup 255 600:from 192.168.30.0/24 lookup 2 32766: from all lookup main 32767: from all lookup default = Food for thought? More testing to be done tomorrow! Thanks folks! Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Daren Tay Sent: Tuesday, January 08, 2008 11:50 AM To: Robert Bays Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Ok roberts, will take note of that. My concern is just to ensure the 2 subnet have their traffic routed through their respective gateways as different bandwidth is purchased for them :) Thanks man! Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Robert Bays Sent: Tuesday, January 08, 2008 2:59 AM To: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Daren, I would still setup a global default route in the router to handle traffic not explicitly source routed. Cheers, Robert. Daren Tay wrote: Hi guys, one more question: say I do the below mentioned way to have multi-gateway setup, but there'll still be a default gateway set in xorpsh yeah? Will this affect how traffic is routed out? Or should I just do away with the default gateway setup? Thanks! Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Daren Tay Sent: Saturday, January 05, 2008 12:32 PM To: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Ah silly me, the obvious Thanks! Daren -Original Message- From: Robert Bays [mailto:[EMAIL PROTECTED] Sent: Saturday, January 05, 2008 7:00 AM To: Daren Tay Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Running traceroute from a system on each subnet should show you different paths. cheers. Daren Tay wrote: Cool guys :) I'm gonna give the ip rule a test when I head back to office on monday, but how do I determine that it is working? Once that is done, I'll look into the bandwidth throttling. Daren -Original Message- From: Robert Bays [mailto:[EMAIL PROTECTED] Sent: Saturday, January 05, 2008 5:17 AM To: Daren Tay Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Daren, Yep. The tool is the standard linux ip command. The ip rule from part tells the system that anything from this address should go to table n. Each table has a separate default route. XORP *shouldn't* kill these routes since they aren't in the master table. YMMV. As Aubrey correctly pointed out, you will want to add these commands to your startup files so they are added at each boot. As for tracking bandwidth, you could also poll interface stats using SNMP and rrdtool/mrtg. (ifOutOctets) Good Luck! Cheers, Robert. Daren Tay wrote: Hi guys, yeah I want to route them out different gateway. what is this ip tool you are refering to? you mean the standard 'ip' command over the linux kernel? And if I issue these command, won't xorp override it everytime i do a commit within it? I thought Vyatta overrides any routing/settings the kernel has.. so base on what you are advicing me, #ip route add default via 10.0.0.1 dev eth0 tab 1 #ip route add default via 10.1.0.1 dev eth1 tab 2 #ip rule add from 192.168.16.0/24 tab 1
Re: [Vyatta-users] vyatta in a fully-virtualized (hvm) domU; console issues
hi, I have an almost identical setup, and I have no such issue. Can you post your .cfg for the domU? good to know -- then it's likely a local phenomenon. tho, it's probably worth metioning that other similar, standalone hvm installs (e.g., smoothwall) have no such prob here. here's the .cfg -- pretty straightforward, name = 'vyatta' builder = 'hvm' kernel = '/usr/lib/xen/boot/hvmloader' device_model = '/usr/lib64/xen/bin/qemu-dm' disk = [ 'phy:/dev/VG01/vyatta,hda,w' ] root = '/dev/hda' boot = 'c' maxmem = 1024 memory = 1024 vcpus= 2 vif = [ 'mac=aa:bb:01:01:01:01,bridge=eth0' ] on_poweroff = 'destroy' on_reboot= 'restart' on_crash = 'restart' cheers! ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Unable to login, solved by reboot
As you can see, nothing jumps out in the log. A detailed search may turn up more information; otherwise, at least you've got a work-around :-) Justin On Jan 29, 2008 2:48 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Log result attached. I managed to login if I changed the passwords for my troubled users. Somethimes the encrypted-password didn't get encrypted. 2008/1/29, Justin Fletcher [EMAIL PROTECTED]: Give show log | match ERROR a try. Justin On Jan 29, 2008 2:00 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: I have this problem again. Now i was able to login to a user account I created, but unable to view logfiles since im in xorpsh. 2008/1/28, Justin Fletcher [EMAIL PROTECTED]: Anything untoward in the log files? Justin On Jan 28, 2008 7:29 AM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Today I had a wierd experience with Vyatta. I was unable to login on any account. Did a reboot, then everything was normal. What is going on? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Managing different subnet with different gateway
Yes, eth0 and eth1 should be on different subnets; if not, the router doesn't know which interface should be used to send traffic to another device on that subnet. Best, Justin On Jan 30, 2008 7:47 AM, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, I revisited the issue after getting a box to test I have set up a vyatta router with 4 ports eth0: 192.168.1.232 (WAN) - simulate gateway#1 eth1: 192.168.1.233 (WAN) - simulate gateway#2 eth2: 192.168.20.1 (LAN) - simulate LAN #1, represented by a laptop 192.168.20.2 :: to route through eth0 for gateway 192.168.1.1 eth3: 192.168.30.1 (LAN) - simulate LAN #2, represented by a laptop 192.168.30.2 :: to route through eth1 for gateway 192.168.1.2 I can't get eth3 to work somehow.. I think the laptop needs to be connected using a cross cable (using different laptops) but .20.x side is working fine. As attached is the config. I then run the ip tool on 192.168.30.0.. but i still can't route out. when i set the gateway, it routes out, but via that gateway... both 192.168.1.1 abd 1.2 and adsl modems... or should I be ensuring both eth0 and eth1 are of different subnet? below is the config i did... vyatta:~# ip route add default via 192.168.1.2 dev eth1 tab 2 vyatta:~# ip rule add from 192.168.30.0/24 tab 2 priority 600 vyatta:~# ip route list 192.168.20.0/24 dev eth2 proto kernel scope link src 192.168.20.1 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.232 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.233 192.168.30.0/24 dev eth3 proto kernel scope link src 192.168.30.1 vyatta:~# ip rule list 0: from all lookup 255 600:from 192.168.30.0/24 lookup 2 32766: from all lookup main 32767: from all lookup default = Food for thought? More testing to be done tomorrow! Thanks folks! Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Daren Tay Sent: Tuesday, January 08, 2008 11:50 AM To: Robert Bays Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Ok roberts, will take note of that. My concern is just to ensure the 2 subnet have their traffic routed through their respective gateways as different bandwidth is purchased for them :) Thanks man! Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Robert Bays Sent: Tuesday, January 08, 2008 2:59 AM To: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Daren, I would still setup a global default route in the router to handle traffic not explicitly source routed. Cheers, Robert. Daren Tay wrote: Hi guys, one more question: say I do the below mentioned way to have multi-gateway setup, but there'll still be a default gateway set in xorpsh yeah? Will this affect how traffic is routed out? Or should I just do away with the default gateway setup? Thanks! Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Daren Tay Sent: Saturday, January 05, 2008 12:32 PM To: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Ah silly me, the obvious Thanks! Daren -Original Message- From: Robert Bays [mailto:[EMAIL PROTECTED] Sent: Saturday, January 05, 2008 7:00 AM To: Daren Tay Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Running traceroute from a system on each subnet should show you different paths. cheers. Daren Tay wrote: Cool guys :) I'm gonna give the ip rule a test when I head back to office on monday, but how do I determine that it is working? Once that is done, I'll look into the bandwidth throttling. Daren -Original Message- From: Robert Bays [mailto:[EMAIL PROTECTED] Sent: Saturday, January 05, 2008 5:17 AM To: Daren Tay Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Managing different subnet with different gateway Daren, Yep. The tool is the standard linux ip command. The ip rule from part tells the system that anything from this address should go to table n. Each table has a separate default route. XORP *shouldn't* kill these routes since they aren't in the master table. YMMV. As Aubrey correctly pointed out, you will want to add these commands to your startup files so they are added at each boot. As for tracking bandwidth, you could also poll interface stats using SNMP and rrdtool/mrtg. (ifOutOctets) Good Luck! Cheers, Robert. Daren Tay wrote: Hi guys, yeah I want to route them out different gateway. what is this ip tool you are refering to? you mean the
Re: [Vyatta-users] Unable to login, solved by reboot
Maybe . . . However, much of this has been resolved with associated changes in Glendale. Give Alpha 1 a try - I doubt you'll see it there :-) Best, Justin On Jan 30, 2008 12:43 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: But i feel that the only reason I didn't have to reboot is luck :( Maybe next time i'm unable to login with any account? 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: As you can see, nothing jumps out in the log. A detailed search may turn up more information; otherwise, at least you've got a work-around :-) Justin On Jan 29, 2008 2:48 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Log result attached. I managed to login if I changed the passwords for my troubled users. Somethimes the encrypted-password didn't get encrypted. 2008/1/29, Justin Fletcher [EMAIL PROTECTED]: Give show log | match ERROR a try. Justin On Jan 29, 2008 2:00 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: I have this problem again. Now i was able to login to a user account I created, but unable to view logfiles since im in xorpsh. 2008/1/28, Justin Fletcher [EMAIL PROTECTED]: Anything untoward in the log files? Justin On Jan 28, 2008 7:29 AM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Today I had a wierd experience with Vyatta. I was unable to login on any account. Did a reboot, then everything was normal. What is going on? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Unable to login, solved by reboot
How production ready are Glendale. I'm using vyatta as router/firewall in front of a couple of servers that soon will go live... Since it's alpha, do you think I should do it? Just printed the whole manual... 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: Maybe . . . However, much of this has been resolved with associated changes in Glendale. Give Alpha 1 a try - I doubt you'll see it there :-) Best, Justin On Jan 30, 2008 12:43 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: But i feel that the only reason I didn't have to reboot is luck :( Maybe next time i'm unable to login with any account? 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: As you can see, nothing jumps out in the log. A detailed search may turn up more information; otherwise, at least you've got a work-around :-) Justin On Jan 29, 2008 2:48 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Log result attached. I managed to login if I changed the passwords for my troubled users. Somethimes the encrypted-password didn't get encrypted. 2008/1/29, Justin Fletcher [EMAIL PROTECTED]: Give show log | match ERROR a try. Justin On Jan 29, 2008 2:00 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: I have this problem again. Now i was able to login to a user account I created, but unable to view logfiles since im in xorpsh. 2008/1/28, Justin Fletcher [EMAIL PROTECTED]: Anything untoward in the log files? Justin On Jan 28, 2008 7:29 AM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Today I had a wierd experience with Vyatta. I was unable to login on any account. Did a reboot, then everything was normal. What is going on? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Unable to login, solved by reboot
Personally, I'd use it to take advantage of major changes and fixes, and I'm running it to access all 40 lab systems - but that's me :-) It still needs more polish, and there's a good chance you'll find things that aren't perfect (or maybe even a bug or two), and you'll have to re-enter and/or substantially modify your existing configuration. If you want to be cautious and prudent, review the bugs in the bug list, and try it on a backup system. Best, Justin On Jan 30, 2008 3:06 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: How production ready are Glendale. I'm using vyatta as router/firewall in front of a couple of servers that soon will go live... Since it's alpha, do you think I should do it? Just printed the whole manual... 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: Maybe . . . However, much of this has been resolved with associated changes in Glendale. Give Alpha 1 a try - I doubt you'll see it there :-) Best, Justin On Jan 30, 2008 12:43 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: But i feel that the only reason I didn't have to reboot is luck :( Maybe next time i'm unable to login with any account? 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: As you can see, nothing jumps out in the log. A detailed search may turn up more information; otherwise, at least you've got a work-around :-) Justin On Jan 29, 2008 2:48 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Log result attached. I managed to login if I changed the passwords for my troubled users. Somethimes the encrypted-password didn't get encrypted. 2008/1/29, Justin Fletcher [EMAIL PROTECTED]: Give show log | match ERROR a try. Justin On Jan 29, 2008 2:00 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: I have this problem again. Now i was able to login to a user account I created, but unable to view logfiles since im in xorpsh. 2008/1/28, Justin Fletcher [EMAIL PROTECTED]: Anything untoward in the log files? Justin On Jan 28, 2008 7:29 AM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Today I had a wierd experience with Vyatta. I was unable to login on any account. Did a reboot, then everything was normal. What is going on? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Unable to login, solved by reboot
Glendale probably hasn't had enough widespread alpha testing to know for sure, but having said that, I think the general consensus from people at Vyatta as well as some other comments we have gotten from outside is that it feels a lot more stable. By stable, I specifically mean a lot less random behavior. Generally, with Glendale things either work or they don't. Now, having said that, there is a *lot* of stuff that doesn't work (a lot of loose ends, rough edges, etc.), but if you don't need those features, then the stuff that does work seems to work well. Put another way, if you can configure it and you test it and it works, it will probably keep working well. Vyatta currently uses Glendale everyday in our production network, for instance, and we don't see crashes. So... If servers that soon will go live means an intranet, internal company web site that can afford to be down for a few hours to upgrade to Glendale Alpha 2 and Beta in a month or two and your company won't go out of business if there is a problem, then I'd probably install Glendale Alpha 1 and I think you would probably be happy with it. If servers that soon will go live refer to multi-million dollar, revenue-generating, business-critical systems that have limited maintenance windows, etc., where you would be fired outright if things suddenly stopped working, then I definitely wouldn't do it. It's simply too risky at this point and at a minimum you'll want to upgrade to Alpha 2 and/or Beta when those become available, which would require possibly large amounts of downtime. But if you decide to go for it, we'd be very interested in any feedback you have. ;-) -- Dave _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jostein Martinsen-Jones Sent: Wednesday, January 30, 2008 3:06 PM To: Justin Fletcher Cc: vyatta-users Subject: Re: [Vyatta-users] Unable to login, solved by reboot How production ready are Glendale. I'm using vyatta as router/firewall in front of a couple of servers that soon will go live... Since it's alpha, do you think I should do it? Just printed the whole manual... 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: Maybe . . . However, much of this has been resolved with associated changes in Glendale. Give Alpha 1 a try - I doubt you'll see it there :-) Best, Justin On Jan 30, 2008 12:43 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: But i feel that the only reason I didn't have to reboot is luck :( Maybe next time i'm unable to login with any account? 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: As you can see, nothing jumps out in the log. A detailed search may turn up more information; otherwise, at least you've got a work-around :-) Justin On Jan 29, 2008 2:48 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Log result attached. I managed to login if I changed the passwords for my troubled users. Somethimes the encrypted-password didn't get encrypted. 2008/1/29, Justin Fletcher [EMAIL PROTECTED]: Give show log | match ERROR a try. Justin On Jan 29, 2008 2:00 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: I have this problem again. Now i was able to login to a user account I created, but unable to view logfiles since im in xorpsh. 2008/1/28, Justin Fletcher [EMAIL PROTECTED]: Anything untoward in the log files? Justin On Jan 28, 2008 7:29 AM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: Today I had a wierd experience with Vyatta. I was unable to login on any account. Did a reboot, then everything was normal. What is going on? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Munin and Vyatta
Can you up date us on this mini-itx system, does it support multiple NICs? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users