Re: [Vyatta-users] Glendale First Impressions
Hi All, Thanks for all the responses guys. I like the new defaults for show interface, and the option to clear counters and display last cleared. The clear ospf process would be incredible as well. I'm flipping over to glendale being the primary router for home. I'm also going to give it it's own internet connection to test the DHCP, firewalling, and NAT functions. I already played with the dhcp feature, which worked great .I can't wait to see the next couple of builds. Thanks for all the help! Nick On Feb 14, 2008 8:32 PM, An-Cheng Huang [EMAIL PROTECTED] wrote: An-Cheng Huang wrote: The fix is a one-line change to the default '?' binding, and I've just been waiting for a decision on this... Ok, it's in Glendale now. '?' now defaults to help (i.e., the possible-completions binding). An-Cheng ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Glendale First Impressions
Hi Guys, Lots of big changes in Glendale and I'm enjoying them. I did my usual drop test, dropping the Glendale test router into production. I even spiced up my config a bit, adding authentication where possible. So far so good guys. The new version looks exciting, and I can't wait to see the new features that are coming out in the next builds. I have noticed a couple things though. Some of this is probably me still wrapping my mind around this new CLI. It took me a while to find out how to set the OSPF RID, and get redistribution working, so I wouldn't put it past me just not grasping this new CLI yet. So here's my list: - top doesn't take you to the top of the command line hierarchy, it runs the shell top program. For example if you edit interfaces ethernet eth3, make changes and then type top it runs the top program. -Right now it appears you can't edit service dhcp-server. The command line hierarchy was one of the best features of this CLI, it should be added to everything. I know it's a new command line and I hope this is something you guys are working on. - I think I saw this about the previous release, however it appears to be the same in Glendale. Even if an interface description is set in the command line SNMP returns the following values for interface description: Found item [ifDescr='eth0'] index: 2 [from value]. Interface descriptions are a big deal in the service provider arena; it should be very easy to indentify interfaces by description. Descriptions should show up in the output of show interface system. - You don't seem to be able to use run to execute some commands from inside config mode. Just like do in Cisco IOS, run in this CLI is an essential tool that simplifies troubleshooting new configs [EMAIL PROTECTED]:~$ ping 192.168.20.10 PING 192.168.20.10 (192.168.20.10) 56(84) bytes of data. 64 bytes from 192.168.20.10: icmp_seq=1 ttl=255 time=6.44 ms 64 bytes from 192.168.20.10: icmp_seq=2 ttl=255 time=2.33 ms --- 192.168.20.10 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1002ms rtt min/avg/max/mdev = 2.335/4.389/6.444/2.055 ms [EMAIL PROTECTED]:~$ configure ru [edit] [EMAIL PROTECTED] run ping 192.168.20.10 Invalid command [edit] [EMAIL PROTECTED] - There doesn't seem to be a way to run OSPF of VIFs. Please tell me I'm crazy and this is not the case. [EMAIL PROTECTED] set interfaces ethernet eth3 vif 5 address description firewall bridge-group disable vrrp [edit] [EMAIL PROTECTED] set interfaces ethernet eth3 vif 5 - I don't mind the new CLI, however I REALLY miss the ? and the space auto completion. If there is any way we can work to getting that back I would be over the moon. I know there has been some discussion about this, but I figured I'd voice my opinion as well, as late as it is. - I noticed that you're using Quagga as the routing engine. I must admit I'll miss XORP, and it's juniper eque control but I understand that Quagga has more to offer in the way of functionality. Can we use the clear ip ospf to reset the ospf process built into Quagga in the shell? - show ospf4 database self-originate is one of the best commands to troubleshoot ospf with, can we please work towards adding it? All in all guys it looks good. I can't wait to see the builds that are coming soon. Hopefully we can upgrade our Alpha 1 routers to Alpha 2 in place with 'update package' :D. Keep up the good work, Regards, Nick ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Managing different subnet with different gateway
I don't know if I'm understanding this right. You want to add a second subnet on a second interface of the Vyatta router? In that case, yes it will work fine, without much extra configuration (you may need to modify your NAT/firewall rules). That's a pretty straight forward setup though. If you are looking to add a second router to your network, with a second network behind that router you would need to add static routes for the network behind the second router, and a default route on the second router. Alternatively you could use a simple routing protocol like RIP. Make sense? On Jan 3, 2008 3:13 AM, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, happy 2008 wherever you guys are! I have a question: Currently my vyatta router is handling one subnet with one gateway, using NAT for the servers. SO basically its just static routing. I now need to add another subnet (different project) into the picture, which has its own gateway. Can the vyatta router handle 2 different subnet, each with its own gateway? Do advice ;) Thanks! Daren ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] All I Want for Christmas
Hi all, I'd like to publiclly share something I'd like for Christmas. Currently when the command show interfaces, or show interfaces system, or show interfaces system enabled is used the output is very terse. It very closely resembles the output of ifconfig. Not a bad thing, but it could be a little cleaner. At the very least I'd like to see the interface description listed in the output of these commands. Anything else that could be done to make the output a little more friendly/readable would be great. The one part that is perfect is the counters section. This section is much clearer than the output produced by Cisco IOS, although an option to clear these counters would be great. Thanks, Nick ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Possible Memory Leak
Hi All, I've noticed some pretty intense memory usage out of my Vyatta router: [EMAIL PROTECTED] show system memory total used free sharedbuffers cached Mem:255268 250956 4312 0 142652 32900 Swap:0 0 0 Total: 255268 250956 4312 I know the spacing is a bit off, but free memory is only 4312 bytes. Examining the process memory usage under the shell shows that the xorp daemons are using the lions share of the memory: core:~# ps aux | more USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.2 1948 636 ?Ss Oct31 0:03 init [2] root 2 0.0 0.0 0 0 ?SOct31 0:00 [migration/0] root 3 0.0 0.0 0 0 ?SN Oct31 0:00 [ksoftirqd/0] root 4 0.0 0.0 0 0 ?SOct31 0:00 [watchdog/0] root 5 0.0 0.0 0 0 ?S Oct31 0:00 [events/0] root 6 0.0 0.0 0 0 ?S Oct31 0:00 [khelper] root 7 0.0 0.0 0 0 ?S Oct31 0:00 [kthread] root31 0.0 0.0 0 0 ?S Oct31 0:00 [kblockd/0] root52 0.0 0.0 0 0 ?S Oct31 0:00 [kseriod] root86 0.0 0.0 0 0 ?SOct31 0:00 [pdflush] root87 0.0 0.0 0 0 ?SOct31 0:00 [pdflush] root88 0.0 0.0 0 0 ?S Oct31 0:00 [kswapd0] root89 0.0 0.0 0 0 ?S Oct31 0:00 [aio/0] root 1494 0.0 0.0 0 0 ?S Oct31 0:00 [khubd] root 1580 0.0 0.0 0 0 ?S Oct31 0:00 [ata/0] root 1581 0.0 0.0 0 0 ?S Oct31 0:00 [ata_aux] root 1843 0.0 0.0 0 0 ?S Oct31 0:09 [kjournald] root 2006 0.0 0.2 2176 612 ?Ss Oct31 0:00 udevd --daemon root 2835 0.0 0.0 0 0 ?S Oct31 0:00 [kpsmoused] root 2930 0.0 0.0 0 0 ?S Oct31 0:00 [kgameportd] root 3118 0.0 0.0 0 0 ?S Oct31 0:00 [kmirrord] root 3123 0.0 0.0 0 0 ?S Oct31 0:00 [ksnapd] root 3150 0.0 0.0 0 0 ?S Oct31 0:00 [kjournald] root 3543 0.0 0.1 1584 384 ?Ss Oct31 0:00 /sbin/klogd -x root 3738 0.0 0.2 2196 752 ?Ss Oct31 0:00 /usr/sbin/cron root 3904 0.5 5.7 28840 14636 ?Ss Oct31 376:11 /opt/vyatta/sbin/xorp_rtrmgr -b /opt/vyatta/etc/config/config.boot root 3909 0.0 2.3 19972 6032 ?SOct31 36:38 xorp_rl_firewall root 3923 0.0 0.0 0 0 ?S Oct31 0:00 [unionfs_siod/0] root 4083 0.0 4.2 24492 10752 ?SOct31 35:04 xorp_fea root 4213 0.0 3.2 21600 8324 ?SOct31 9:37 xorp_rib root 4216 0.0 2.3 19928 6080 ?SOct31 4:03 xorp_rl_protocols root 4229 0.0 2.7 18520 7008 ?SOct31 32:59 /usr/sbin/snmpd -p /var/run/snmpd.pid root 4230 0.0 2.3 20036 6104 ?SOct31 4:12 xorp_rl_service root 4886 0.0 0.6 2656 1620 ?Ss Oct31 0:02 /opt/vyatta/bin/dhcpd -f -pf /var/run/dhcpd-unused.pid -cf /opt/vyatta/etc/dhcpd.conf -lf /v ar/log/dhcpd.leases root 4901 0.0 0.4 4928 1096 ?Ss Oct31 0:00 /usr/sbin/sshd -o HostKey=/etc/ssh/ssh_host_key -o Protocol=2 -p 22 root 4909 0.0 5.7 29256 14608 ?Ss Oct31 6:32 /opt/vyatta/sbin/xgdaemon root 4916 0.0 1.1 4664 2984 ?Ss Oct31 0:05 /usr/sbin/lighttpd -D -f /opt/vyatta/etc/lighttpd.conf root 4930 0.0 2.8 20704 7180 ?SOct31 11:52 xorp_policy root 4933 0.0 2.8 21088 7388 ?SOct31 55:04 xorp_static_routes root 4948 0.0 0.1 1580 496 tty1 Ss+ Oct31 0:00 /sbin/getty 38400 tty1 root 4949 0.0 0.1 1576 496 tty2 Ss+ Oct31 0:00 /sbin/getty 38400 tty2 root 4950 0.0 0.1 1576 496 tty3 Ss+ Oct31 0:00 /sbin/getty 38400 tty3 root 4951 0.0 0.1 1580 496 tty4 Ss+ Oct31 0:00 /sbin/getty 38400 tty4 root 4952 0.0 0.1 1576 496 tty5 Ss+ Oct31 0:00 /sbin/getty 38400 tty5 root 4953 0.0 0.1 1576 496 tty6 Ss+ Oct31 0:00 /sbin/getty 38400 tty6 root 4954 0.0 0.1 1580 504 ttyS0Ss+ Oct31 0:00 /sbin/getty -L ttyS0 9600 vt100 root 4965 0.1 2.4 20072 6156 ?SOct31 89:46 xorp_rl_system root 5389 0.0 1.6 4152 4152 ?SLs Oct31 0:09 /opt/vyatta/bin/ntpd -c /etc/ntp/ntp.conf -n -g root 5408 0.0 0.2 1632 604 ?Ss Oct31 0:01 /sbin/syslogd root 5422 0.1 4.2 24836 10796 ?SOct31 120:59 xorp_ospfv2 root 5423 0.0 2.3 19936 6116 ?SOct31 15:19 xorp_rl_interfaces root 5441 0.0 2.3
Re: [Vyatta-users] Possible Memory Leak
Silly me, I am used to working with unix boxes, that part of the brain just really didn't kick in. What I would like to see is something similar to show proc mem on Cisco routers: Processor Pool Total: 928030928 Used: 289997496 Free: 638033432 I/O Pool Total: 67108864 Used: 11891792 Free: 55217072 The output of the memory command isn't nearly as useful: [EMAIL PROTECTED] show system memory total used free sharedbuffers cached Mem:255268 250600 4668 0 142652 32904 Swap:0 0 0 Total: 255268 250600 4668 The output should be modified to factor in the calculation to provide more accurate at a glance reading. Perhaps the following output of free -m could be used to accurately show memory usage. -/+ buffers/cache: 70178 Most importantly please note that the memory usage shown by show memory is outputed to the SNMP process, so that is what's graphed. I'll mess about with the Stig's suggestion to get some meaningful output. Thanks all! Nick On Dec 17, 2007 1:16 PM, Shane McKinley [EMAIL PROTECTED] wrote: Shouldn't the command 'show system memory' be mapped to run through 'free -m' then? I would consider this as a feature enhancement. I am also in a state of confusion as to why this list insists on sending the reply address as the sender of the last message..I have to manually copy and paste the '[EMAIL PROTECTED]' email address into the To.. box everytime I reply to a message. Thanks, Shane McKinley Habersham EMC -Original Message- From: David Nalley [mailto:[EMAIL PROTECTED] Sent: Monday, December 17, 2007 1:08 PM To: Nick Davey; [EMAIL PROTECTED] Subject: Re: [Vyatta-users] Possible Memory Leak To people who aren't used to dealing with Unix-like systems this is a common complaint. What show system memory is really doing is running free. BTW Vyattans - to avoid this in the future, please consider this a enhancement request to alias 'show system memory' to 'free -m' In olden days, RAM was expensive, but it's also very fast; far faster than disk, so Linux would buffer and cache items to RAM that it 'thought' it would use, and keep it near full all of the time, because it was mere nanoseconds to dump and fill with something else. The thought was that you paid oodles for this expenseive RAM, might as well use it to speed the system up even if you don't have a lot of use for it as RAM, maybe we can use it as a tertiary level CPU cache, or a nice disk buffer. To really see what is 'freeable' it should look at free ram as the free column plus buffers and cache. If you use free -m from the comand line you will see something akin to: vyatta:~# free -m total used free sharedbuffers cached Mem: 1011995 16 0467 427 -/+ buffers/cache:100911 Swap:0 0 0 Which shows that the system is really consuming only 100 Megs of RAM but has almost 900 cached. Nick Davey wrote: Hi All, I've noticed some pretty intense memory usage out of my Vyatta router: [EMAIL PROTECTED] show system memory total used free sharedbuffers cached Mem:255268 250956 4312 0 142652 32900 Swap:0 0 0 Total: 255268 250956 4312 I know the spacing is a bit off, but free memory is only 4312 bytes. Examining the process memory usage under the shell shows that the xorp daemons are using the lions share of the memory: core:~# ps aux | more USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.2 1948 636 ?Ss Oct31 0:03 init [2] root 2 0.0 0.0 0 0 ?SOct31 0:00 [migration/0] root 3 0.0 0.0 0 0 ?SN Oct31 0:00 [ksoftirqd/0] root 4 0.0 0.0 0 0 ?SOct31 0:00 [watchdog/0] root 5 0.0 0.0 0 0 ?S Oct31 0:00 [events/0] root 6 0.0 0.0 0 0 ?S Oct31 0:00 [khelper] root 7 0.0 0.0 0 0 ?S Oct31 0:00 [kthread] root31 0.0 0.0 0 0 ?S Oct31 0:00 [kblockd/0] root52 0.0 0.0 0 0 ?S Oct31 0:00 [kseriod] root86 0.0 0.0 0 0 ?SOct31 0:00 [pdflush] root87 0.0 0.0 0 0 ?SOct31 0:00 [pdflush] root88 0.0 0.0 0 0 ?S Oct31 0:00 [kswapd0] root89 0.0 0.0 0 0 ?S Oct31 0:00 [aio/0] root 1494 0.0 0.0 0 0 ?S Oct31 0:00 [khubd] root 1580 0.0 0.0 0 0 ?S Oct31 0:00 [ata/0] root 1581 0.0 0.0 0 0
Re: [Vyatta-users] Want to use Vyatta for our main BGP router - butwhat about traffic tracking?
I know it's common to export Netflow graphs for billing purposes, however at my current company we use SNMP data gathered from our distribution switches for billing/monitoring purposes. If for some reason you encounter difficulty getting a NetFlow substitute working, or don't want to tack extra packages onto the OFR this might be a decent solution. Just my two cents, Nick On Nov 7, 2007 12:02 PM, Robert Bays [EMAIL PROTECTED] wrote: Dominic, You might want to take a look at the NetraMet package by CAIDA. It should be fairly easy to compile it and add it to an installed Vyatta router. http://www.caida.org/tools/measurement/netramet/dist.xml Another visualization tool that might help is flowscan. I don't know if it is compatible with fprobe or not but it's worth a look. See http://www.caida.org/tools/utilities/flowscan/ Cheers, Robert. Dominic Williams wrote: Many thanks for your response. What we need to generate is a traffic graph for each IP that we serve i.e. At 4.20.00pm some IP was using 7Mbps, at 4.20.15pm it was using 5.2Mbps, at 4.20.30 it was using 6.3Mbps and so on. We need this data is used to understand how sites (which run on IPs) behave and also to provision overall bandwidth and pass bandwidth costs to clients. Is this possible and for example, is anyone doing 95th percentile billing using a Vyatta router? Best, Dominic -Original Message- From: Holtz,Robert [EMAIL PROTECTED] To: Dominic Williams [EMAIL PROTECTED]; [EMAIL PROTECTED] [EMAIL PROTECTED] Sent: 07/11/07 16:27 Subject: RE: [Vyatta-users] Want to use Vyatta for our main BGP router - butwhat about traffic tracking? You can collect SNMP interface performance data anywhere along the path to the outside world, not just the router. There's quite a bit of flexibility. Examples: The Web Server itself Load Balancer, if you have a bunch of web servers Ethernet Switch(s) Router Etc. If you are not the intended recipient of this message (including attachments), or if you have received this message in error, immediately notify us and delete it and any attachments. If you no longer wish to receive e-mail from Edward Jones, please send this request to [EMAIL PROTECTED] You must include the e-mail address that you wish not to receive e-mail communications. For important additional information related to this e-mail, visit www.edwardjones.com/US_email_disclosure -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dominic Williams Sent: Wednesday, November 07, 2007 10:07 AM To: [EMAIL PROTECTED] Subject: [Vyatta-users] Want to use Vyatta for our main BGP router - butwhat about traffic tracking? Hello all, My company is very keen to try a Vyatta solution, as we are about to move our hosting rack to a BGP solution and a 7204VXR with 1GB seems inordinately expensive!! But... we need to be able to monitor and track bandwidth to each individual IP address that we serve. This is a crucial requirement, as it is for many people involved in Web hosting. At the moment we just use Netflow exports from our Cisco router in conjunction with some tracking software... I know that Vyatta doesn't support Neflow, but somebody indicated on this list that you can get at these stats using SNMP. Is this really the case? Can you get at traffic flows for individual IPs that are being served through the router? -- I was under the impression SNMP was just of use for monitoring the status of a particular device / interface etc?? Many thanks for any advice you can give. Best, Dominic Dominic Williams www.System7.com www.Wyki.com Better Digital Publishing Email [EMAIL PROTECTED] Direct +44 (0) 203 0519110 ext. 8010 Mobile +44 (0) 7710 469456 Fax +44 (0) 8700 607555 Terms: This e-mail contains proprietary information some or all of which may be legally privileged. It is intended for the recipient only. If an addressing error or transmission error has misdirected this e-mail, please notify the sender immediately or contact [EMAIL PROTECTED] If you are not the intended recipient you must not use, disclose, distribute, copy, print or rely on this e-mail. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com
Re: [Vyatta-users] VRRP Possible with Vyatta router? Or is there in-built rollover functions
Hello, The OFR supports VRRP which is the standard compliant way to deploy redundant routers on a network. I have this deployed on my network right now, and it's working great. A VRRP group is specified under an interface, and a virtual IP is configured. These values must match on each device. In my network the first two IP addresses are configured as the physical IPs on the routers. The last IP in the network (before the broadcast address) is configured as the virtual IP on both routers, and is shared. A priority value can be set to influence which router will be considered the master, or primary router. It should be noted that VRRP does not load balance or share traffic between the two routers, it is an active/passive failover. 192.168.20.62 _|_ | | 192.168.20.33 192.168.20.34 router a router b Here's a sample config: [edit interfaces/ethernet/eth2] [EMAIL PROTECTED] show description: LAN interface hw-id: 00:80:C8:C9:1D:F9 address 192.168.20.33 { prefix-length: 27 } vrrp { virtual-address: 192.168.20.62 priority: 101 } Thanks, Nick On 10/19/07, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, I am looking to implement a redundant router setup (based on vyatta). Is it possible to use applications like Heartbeat to do this? Or can I do it with VRRP? Thanks! Daren ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users