Re: STP (shielded wires )
Hi You can get out your cable toner tool and see if it picks up the noise by just waving the wand around. Sometimes if a fan or something is putting off noise, it puts off noise across a lot of spectrum and it will be obvious what is causing the noise. The fact that you have multiple systems showing carrier errors means they have something in common. If it's not actual noise from inside the cage, I would immediately guess a patch pannel that can't handle GigE. Also possibly bad punches (untwisted). As for the source of the noise, look to mechanical devices first. Good luck On Fri, Oct 29, 2004 at 06:13:37PM +0200, Emmanuel Halbwachs wrote: > Hello, > > Theodore Knab a ??crit : > >I was just wondering if you all use STP in your server rooms. > > > >We have been using UTP, but recently I have been getting > >'carrier errors' on interfaces in one rack. > > Well... > > I use SFTP cords for patch panel, but from wall outlet to server, > I use UTP. > > Note : I use 100 Mb/s copper, not 1 Gb/s copper yet (fiber only). > > I never experienced that problem. > > Good luck in your investigation, > > -- > Emmanuel Halbwachs Labo. de Photonique et Nanostructures > tel : (+33)1 69 63 61 34 CNRS UPR 20 > fax : (+33)1 69 63 60 06 Route de Nozay F 91460 Marcoussis > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Promise Fasttrack 100
dmesg is probably the culprit that is spamming your console. Do a "dmesg -n 6", or just a "dmesg -n 1" to get rid of the console spam. You are going to need to add a line that does this command to your boot scripts. Syslog can also direct logging messages toward your console, so check your syslog configuration too. Did the RAID function of the controller actually work? Welcome to Debian! Alain Bidaud wrote: Hi, I'm planning on migrating my servers from Redhat to Debian. The servers are Gigabyte with Promise Fasttrack 100 card for IDE Raid Support. The installation of woody went ok using the bf2.4 boot floppies. But when I removed a disk to simulate a disk failure on my raid1 array, it began to complain on hde missing, and lots lots of input/output error. Even if I could still have a shell on the server, I couldn't do much apart from powering off and on the server to reboot it. Has anyone seen this problem and has a solution for it ? Regards -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Software for WLAN Hotspot -- pam_iptables
Hi! I just happened to be doing some work with PAM today and then glanced over here at the Debian ISP mailing list. There is actually a pam_iptables module. Maybe it will be useful for this subject. Check it out; http://www.itlab.musc.edu/~nathan/authentication_gateway/ http://www.itlab.musc.edu/~nathan/pam_iptables/ Leonardo Boselli wrote: I have a similar problem: ethernet socket in a public acxcessible area. This means that anyone can just plug his PC and get an address. We want to limit the possibility to exit from the network only to authorized people. The way we did was by assigning private address and then asking the user to log in a web page with username and password. on the gateway machine each internal address is masquareaded into a public address for a certain interval of time. This way is not necessary for the user to set any proxy [incidentally: setting one lock out the machine !] so anyone can plug in and then after logging use the net. I think this should be perfect for your use. Il 15 Aug 2003 alle 11:55, Alex Borges immise in rete: The new buzzword for solutions to the wifi solution provider is VBN or visitor based networking. Dumb boxes that force each user to authenticate, then take appropriate steps in the firewall/proxy...etc. There was a thread about that a couple of months before. Please dont go and buy a cisco box. I think we need a FLOSS VBN box in debian. Im interested in doin it too. -- Leonardo Boselli Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze tel +39 0554796431 cell +39 3488605348 fax +39 055495333 http://www.dicea.unifi.it/~leo -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Anyone willing to relay for me for a price?
If I remember right, you should never make an MX record direct to a CNAME, for reasons that I can't remember right now. All the same, you are right, I could just make my MX be the PTR and most MTAs would be happy. Unfortunately, the record does not exist, so no help there. Chris Wagner wrote: But does a PTR record exist? The double reverse lookup should succeed so long as there is a valid A <-> PTR pair. Regardless of whether it was launched into from another A or CNAME or IP. Unless I'm way off base here, it goes presented name -> IP lookup -> PTR lookup -> IP lookup. If the two IP lookups match, the test is passed. At 07:35 PM 7/08/03 -0400, Jesse Molina wrote: I have similar problems with mail servers that do reverse DNS SMTP session checking. Short of paying for a T1 at $800 USD a month, there is no way that I can get an IP allocation with reverse DNS delegation so that I can make my mail server's MX record match up with the PTR record. -- REMEMBER THE WORLD TRADE CENTER ---=< WTC 911 >=-- "...ne cede males" 0100 -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
Re: Anyone willing to relay for me for a price?
If I remember right, you should never make an MX record direct to a CNAME, for reasons that I can't remember right now. All the same, you are right, I could just make my MX be the PTR and most MTAs would be happy. Unfortunately, the record does not exist, so no help there. Chris Wagner wrote: But does a PTR record exist? The double reverse lookup should succeed so long as there is a valid A <-> PTR pair. Regardless of whether it was launched into from another A or CNAME or IP. Unless I'm way off base here, it goes presented name -> IP lookup -> PTR lookup -> IP lookup. If the two IP lookups match, the test is passed. At 07:35 PM 7/08/03 -0400, Jesse Molina wrote: I have similar problems with mail servers that do reverse DNS SMTP session checking. Short of paying for a T1 at $800 USD a month, there is no way that I can get an IP allocation with reverse DNS delegation so that I can make my mail server's MX record match up with the PTR record. -- REMEMBER THE WORLD TRADE CENTER ---=< WTC 911 >=-- "...ne cede males" 0100 -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Anyone willing to relay for me for a price?
Here is some helpful info; http://postmaster.info.aol.com/index.html http://members.aol.com/adamkb/aol/mailfaq/ WARNING! Blatant flame ahead! Danger Danger! The real problem is that you are a second class Internet citizen because you don't have a "business class" service, which means a T1, E1, or greater. Angry? Good, you should be. I am. I have similar problems with mail servers that do reverse DNS SMTP session checking. Short of paying for a T1 at $800 USD a month, there is no way that I can get an IP allocation with reverse DNS delegation so that I can make my mail server's MX record match up with the PTR record. I live in a major metropolitan area with over 1.3 million inhabitants within the United States, and I can't get an ISP to give me an IP allocation unless I blow major money for "business class" service. As Jesse Jackson would say, "It's a grrave injustice!" =) I am fortunate enough that my ISP's DHCP lease is very stable, the netblock is not marked as a Dial-up/DSL/Cable net, and they do not perform any port filtering. Unfortunately, my ISP's staffers are brain dead and don't even know what reverse DNS delegation is. Hell, even their own MX record does not match up with their PTR (orlandotelco.net). They probably suffer from the same problem that I do. How funny and yet maddening. Reverse DNS checking for SMTP sessions is a good idea in theory, but in practice, it just makes you a Bastard Operator From Hell (BOFH) and gets you false positives for spam filtering. Anyway, pardon my rant. Chris Evans wrote: What a horrible question?! Situation: I have run a postfix/spamd-SA/RAV/ecartis based Email list service (confirmed opt in, never redistributed a spam in some years now). It runs off a box at home through British Telecom broadband and is low volume (the lists concern psychotherapy and psychotherapy research: my day job, and are run for some charities). Since 22.vi.03 AOL have started refusing my smtp traffic (with a 4.0.0 message so I didn't find out for some days). Netscape are doing same. Turns out when I finally get a British Telecom supervisor on the phone to complain that I get no response to my complaints to them by Email, that AOL are moderately well justified in doing this because it seems that BT ran open relay for some time (he says not since last November which sounds untrue but even that seems unbelievably stupid). Since mine is a BT IP address I'm blocked and I would be if I relayed through BT's server. (Though they'd like to charge me more for the priviledge of doing that now they've understood relaying and clamped it down -- rightly -- 'cos they do it by domain name as well as IP address and ... aargh you get the picture). So I'm looking for a Debian (since I like Debian!) ISP, ideally in the UK, who would be willing for me to relay for psyctc.org, atprn.org, atprn.org.uk (all on 217.34.100.194, coming out through 198). I've got a shorewall firewall, RAV scanning for virii (but probably ditching that something else now they've joined M$!) and spamd-SA-razor doing antispam and loads of other antispam from postfix. Total traffic is 682k messages out in just under a year according to mailgraph, it says max ever was 1012 mssgs/min and mean 1.6 msgs/min. Most are very small, basic Email list traffic. My own traffic contains occasional large (16Mb record I think) stats and presentation files. Not a lot of money for this as I do it as a gesture for the charities but I am willing to pay something if anyone is willing and will quote me. I can either relay everything or just aol & netscape for now. I will take relaying out if things settle down. Anyone willing to offer, please contact me off list: [EMAIL PROTECTED] TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
Re: Anyone willing to relay for me for a price?
Here is some helpful info; http://postmaster.info.aol.com/index.html http://members.aol.com/adamkb/aol/mailfaq/ WARNING! Blatant flame ahead! Danger Danger! The real problem is that you are a second class Internet citizen because you don't have a "business class" service, which means a T1, E1, or greater. Angry? Good, you should be. I am. I have similar problems with mail servers that do reverse DNS SMTP session checking. Short of paying for a T1 at $800 USD a month, there is no way that I can get an IP allocation with reverse DNS delegation so that I can make my mail server's MX record match up with the PTR record. I live in a major metropolitan area with over 1.3 million inhabitants within the United States, and I can't get an ISP to give me an IP allocation unless I blow major money for "business class" service. As Jesse Jackson would say, "It's a grrave injustice!" =) I am fortunate enough that my ISP's DHCP lease is very stable, the netblock is not marked as a Dial-up/DSL/Cable net, and they do not perform any port filtering. Unfortunately, my ISP's staffers are brain dead and don't even know what reverse DNS delegation is. Hell, even their own MX record does not match up with their PTR (orlandotelco.net). They probably suffer from the same problem that I do. How funny and yet maddening. Reverse DNS checking for SMTP sessions is a good idea in theory, but in practice, it just makes you a Bastard Operator From Hell (BOFH) and gets you false positives for spam filtering. Anyway, pardon my rant. Chris Evans wrote: What a horrible question?! Situation: I have run a postfix/spamd-SA/RAV/ecartis based Email list service (confirmed opt in, never redistributed a spam in some years now). It runs off a box at home through British Telecom broadband and is low volume (the lists concern psychotherapy and psychotherapy research: my day job, and are run for some charities). Since 22.vi.03 AOL have started refusing my smtp traffic (with a 4.0.0 message so I didn't find out for some days). Netscape are doing same. Turns out when I finally get a British Telecom supervisor on the phone to complain that I get no response to my complaints to them by Email, that AOL are moderately well justified in doing this because it seems that BT ran open relay for some time (he says not since last November which sounds untrue but even that seems unbelievably stupid). Since mine is a BT IP address I'm blocked and I would be if I relayed through BT's server. (Though they'd like to charge me more for the priviledge of doing that now they've understood relaying and clamped it down -- rightly -- 'cos they do it by domain name as well as IP address and ... aargh you get the picture). So I'm looking for a Debian (since I like Debian!) ISP, ideally in the UK, who would be willing for me to relay for psyctc.org, atprn.org, atprn.org.uk (all on 217.34.100.194, coming out through 198). I've got a shorewall firewall, RAV scanning for virii (but probably ditching that something else now they've joined M$!) and spamd-SA-razor doing antispam and loads of other antispam from postfix. Total traffic is 682k messages out in just under a year according to mailgraph, it says max ever was 1012 mssgs/min and mean 1.6 msgs/min. Most are very small, basic Email list traffic. My own traffic contains occasional large (16Mb record I think) stats and presentation files. Not a lot of money for this as I do it as a gesture for the charities but I am willing to pay something if anyone is willing and will quote me. I can either relay everything or just aol & netscape for now. I will take relaying out if things settle down. Anyone willing to offer, please contact me off list: [EMAIL PROTECTED] TIA, Chris PSYCTC: Psychotherapy, Psychology, Psychiatry, Counselling and Therapeutic Communities; practice, research, teaching and consultancy. Chris Evans & Jo-anne Carlyle http://psyctc.org/ Email: [EMAIL PROTECTED] -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RWHOIS daemon options
This is definitely something for the NANOG mailing list; http://www.merit.edu/mail.archives/nanog/ Good fortune Jeff S Wheeler wrote: Dear debian-isp list, I've just been asked to setup an rwhois server in order to satisfy ARIN policy without SWIPing a large number of customer blocks via email. I have downloaded the daemon available at http://www.rwhois.net however it leaves much to be desired. The example configurations are lacking, the config file formats themselves aren't great, data is kept in text files in a rather obtuse directory structure (by default), and I am wholely unimpressed with the documentation. I'm a big IRC guy, and none of my IRC netops pals seem to have much love, or success, with rwhoisd. Does anyone else on the list run an RWHOIS server, and if so, which one? An apt-cache search revealed little, as did a freshmeat.net query. If other on the list are in the same boat I am, perhaps we could put our heads together and come up with a free-as-in-debian alternative. -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
Re: RWHOIS daemon options
This is definitely something for the NANOG mailing list; http://www.merit.edu/mail.archives/nanog/ Good fortune Jeff S Wheeler wrote: Dear debian-isp list, I've just been asked to setup an rwhois server in order to satisfy ARIN policy without SWIPing a large number of customer blocks via email. I have downloaded the daemon available at http://www.rwhois.net however it leaves much to be desired. The example configurations are lacking, the config file formats themselves aren't great, data is kept in text files in a rather obtuse directory structure (by default), and I am wholely unimpressed with the documentation. I'm a big IRC guy, and none of my IRC netops pals seem to have much love, or success, with rwhoisd. Does anyone else on the list run an RWHOIS server, and if so, which one? An apt-cache search revealed little, as did a freshmeat.net query. If other on the list are in the same boat I am, perhaps we could put our heads together and come up with a free-as-in-debian alternative. -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Open Relay Testing
As for where to get a check done, I recommend that you google for "mail relay check". There used to be some better relay checkers out there, but legal issues and other foolishness made them shut down. Securing a relay configuration is up to you and the MTA that you use. Different servers offer different options. I would tell you to refer to your MTA documentation. Securing the server itself is one thing, and securing the transport (if you care about that) is another. You might want to make sure that your ISP has their mail servers reverse DNS set up. Some BOFH admins (AOL) like to block mail that comes from servers without a reverse DNS entry that matches the forward entry. Doing reverse lookups is a good idea, but bad in practice because so many ISPs don't even offer reverse DNS delegation, not to mention virtual servers. My ISP is stupid and won't do reverse DNS delegation. That's Orlando Telephone Company of Orlando Florida, owned by CEO Herb Bornack, http://www.orlandotelco.com/. They run finger and http on many of their routers too. =) use dig or nslookup to find out the MX, A, and PTR DNS records of your mail servers. Gene Grimm wrote: What is the best method of testing mail servers to determine if they are susceptible to being exploited as an open relay? We have several mail servers that I want to verify are "secured". Also, I have been having problems with sending mail, specifically to AOL users, through my Zoom Internet account at home. I'm not entirely sure I believe Zoom when they say that their systems are not open relays. Plus I am considering configuring a "relay MTA" on my home Debian box to route all of my outgoing mail through our own office mail servers. Are there any HOWTO's describing ways of creating a secure relay channel between remote MTA's? -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
Re: Open Relay Testing
As for where to get a check done, I recommend that you google for "mail relay check". There used to be some better relay checkers out there, but legal issues and other foolishness made them shut down. Securing a relay configuration is up to you and the MTA that you use. Different servers offer different options. I would tell you to refer to your MTA documentation. Securing the server itself is one thing, and securing the transport (if you care about that) is another. You might want to make sure that your ISP has their mail servers reverse DNS set up. Some BOFH admins (AOL) like to block mail that comes from servers without a reverse DNS entry that matches the forward entry. Doing reverse lookups is a good idea, but bad in practice because so many ISPs don't even offer reverse DNS delegation, not to mention virtual servers. My ISP is stupid and won't do reverse DNS delegation. That's Orlando Telephone Company of Orlando Florida, owned by CEO Herb Bornack, http://www.orlandotelco.com/. They run finger and http on many of their routers too. =) use dig or nslookup to find out the MX, A, and PTR DNS records of your mail servers. Gene Grimm wrote: What is the best method of testing mail servers to determine if they are susceptible to being exploited as an open relay? We have several mail servers that I want to verify are "secured". Also, I have been having problems with sending mail, specifically to AOL users, through my Zoom Internet account at home. I'm not entirely sure I believe Zoom when they say that their systems are not open relays. Plus I am considering configuring a "relay MTA" on my home Debian box to route all of my outgoing mail through our own office mail servers. Are there any HOWTO's describing ways of creating a secure relay channel between remote MTA's? -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Large Hard Disks and Debian
I honestly regret to say the same, but it's true. Promise cards are great under an MS Windows OS, but not GNU/Linux. It's the driver issues. Thomas Kirk wrote: On Tue, Jun 24, 2003 at 07:02:21PM +1000, Brad Lay wrote: I'd stay well clear of promise if you want it to work under Debian. I would like to support that statement. Ive had nothing but trouble with promise under debian :( -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
Re: Large Hard Disks and Debian
I honestly regret to say the same, but it's true. Promise cards are great under an MS Windows OS, but not GNU/Linux. It's the driver issues. Thomas Kirk wrote: On Tue, Jun 24, 2003 at 07:02:21PM +1000, Brad Lay wrote: I'd stay well clear of promise if you want it to work under Debian. I would like to support that statement. Ive had nothing but trouble with promise under debian :( -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: udp broadcast forwarder
Be warned that the game that you are trying to play was designed to experience exceptionally low latency -- going over a WAN may cause it to choke. You might find that after doing all of this work, you can't even play the game that you wanted to. We don't know what kind of router you have, but I must assume something Debian based. And since this is broadcast traffic, any host on your LAN is going to pick up these packets -- not just the gateway. If you are not using something Debian related, then you are asking in the wrong place. =) You can capture the UDP broadcast packets with iptables, and then mangle and forward them over something like a GRE tunnel. "man iptables" will help you figure out the rule that you will need. The destination is of course going to be your network broadcast address, along with the fact that the packets are UDP and probably of a specific port range will let you create a unique rule. The target of your rule will be to forward to you're GRE tunnel with the destination to one of your other LANs, where another device is going to be the tunnel endpoint. I think that the big problem here is the destination field of the UDP/IP packets -- they are going to be for one LAN, and not the others. I guess you will have to mangle the packets too. iptables can do this. GRE tunneling capability is a Linux kernel issue, and you will have to include that during compile time, or make it a module (if a modularizing it is possible). Create your tunnel with ifconfig (I think???). Do a "man ifconfig" here. I didn't answer your question directly, but this can help you figure out how to do it on your own. This isn't going to be pretty, but it can be done with a little careful thought. You are going to need to work with Linux kernel compiling, iptables, ifconfig, and IP networking. Good luck! kgb wrote: how i can bridge udp broadcast traffic on my router between each interface something like ipxbridge but for udp broadcast traffic i want to make people can browse lan games on different network and from each of three networks people can see same LAN -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
Re: udp broadcast forwarder
Be warned that the game that you are trying to play was designed to experience exceptionally low latency -- going over a WAN may cause it to choke. You might find that after doing all of this work, you can't even play the game that you wanted to. We don't know what kind of router you have, but I must assume something Debian based. And since this is broadcast traffic, any host on your LAN is going to pick up these packets -- not just the gateway. If you are not using something Debian related, then you are asking in the wrong place. =) You can capture the UDP broadcast packets with iptables, and then mangle and forward them over something like a GRE tunnel. "man iptables" will help you figure out the rule that you will need. The destination is of course going to be your network broadcast address, along with the fact that the packets are UDP and probably of a specific port range will let you create a unique rule. The target of your rule will be to forward to you're GRE tunnel with the destination to one of your other LANs, where another device is going to be the tunnel endpoint. I think that the big problem here is the destination field of the UDP/IP packets -- they are going to be for one LAN, and not the others. I guess you will have to mangle the packets too. iptables can do this. GRE tunneling capability is a Linux kernel issue, and you will have to include that during compile time, or make it a module (if a modularizing it is possible). Create your tunnel with ifconfig (I think???). Do a "man ifconfig" here. I didn't answer your question directly, but this can help you figure out how to do it on your own. This isn't going to be pretty, but it can be done with a little careful thought. You are going to need to work with Linux kernel compiling, iptables, ifconfig, and IP networking. Good luck! kgb wrote: how i can bridge udp broadcast traffic on my router between each interface something like ipxbridge but for udp broadcast traffic i want to make people can browse lan games on different network and from each of three networks people can see same LAN -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: File Group Ownership in Samba
Hi! Here is an example from one of my Samba machines; [foo] comment = Foo Directories path = /var/foo browseable = yes writeable = yes write list = @samba @adm create mask = 0664 directory mask = 0474 directory security mask = 0777 inherit permissions = yes max connections = 10 hide dot files = no guest ok = no force user = foo force group = foo In this example, do you see the force user and force group entries above? Whenever someone creates a file under this share, it always is owned by user:group foo:foo. And, by including this group for each user, I can permit them access to perhaps read or write files, or have any access at all. I would recomend that you read the smb.conf man page again. There are a lot of options in there, but be patient. After you have read it all, try again. Kay-Michael Voit wrote: Hello, this isn't only Debian related, and perhaps it isn't even Samba relatet (but directory), but I#M quite new to this all. I'm running a Samba Server (from Debian stable). Now I want files that users create with Windows clients in the Samba directories to have another group than the primary group of the user. (For Debian creates a group for each user as primary group and there are multiple users who access the same data these file have to have a common group) How can I achieve this? Is there something like create group (like create mask)? I read the manpage, but I didn't find anything. -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: File Group Ownership in Samba
Hi! Here is an example from one of my Samba machines; [foo] comment = Foo Directories path = /var/foo browseable = yes writeable = yes write list = @samba @adm create mask = 0664 directory mask = 0474 directory security mask = 0777 inherit permissions = yes max connections = 10 hide dot files = no guest ok = no force user = foo force group = foo In this example, do you see the force user and force group entries above? Whenever someone creates a file under this share, it always is owned by user:group foo:foo. And, by including this group for each user, I can permit them access to perhaps read or write files, or have any access at all. I would recomend that you read the smb.conf man page again. There are a lot of options in there, but be patient. After you have read it all, try again. Kay-Michael Voit wrote: Hello, this isn't only Debian related, and perhaps it isn't even Samba relatet (but directory), but I#M quite new to this all. I'm running a Samba Server (from Debian stable). Now I want files that users create with Windows clients in the Samba directories to have another group than the primary group of the user. (For Debian creates a group for each user as primary group and there are multiple users who access the same data these file have to have a common group) How can I achieve this? Is there something like create group (like create mask)? I read the manpage, but I didn't find anything. -- # Jesse Molina # Mail = [EMAIL PROTECTED] # Page = [EMAIL PROTECTED] # Cell = 1.407.970.0280 # Web = http://www.opendreams.net/jesse/
RE: Tutorial DNS
This book 0wnz. It has a good DNS section. Then explore the rest. If you are starting on any unix type, this is where to start and what to use for reference. Even if you have done linux/BSD/whatever for awhile, this book is still great. http://www.thinkgeek.com/stuff/books/36e6.shtml Unix System Administrator's Handbook ISBN: 0130206016 Go to www.isbn.nu for a price out # Jesse Molina lanner, Snow # Network Engineer Maximum Charisma Studios Inc. # [EMAIL PROTECTED]1.303.432.0286 # end of sig > -Original Message- > From: Vasil Kolev [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 18, 2002 12:54 PM > To: Julio Cesar Torres > Cc: [EMAIL PROTECTED] > Subject: Re: Tutorial DNS > > > There is a great book - "DNS and BIND" , published by O'Reily > , you can > find it at amazon.com , or whatever site you prefer. > > On Sun, 17 Feb 2002, Julio Cesar Torres wrote: > > > I need a tutorial of DNS or Bind, can some one help me? > > > > Thanks > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: RAID & Hard disk performance
That is kind of funny, in my experience I have found that SCSI drives have a much higher death rate than IDE drives, by far. I just finished a project of installing 50+ servers, some with RAID configurations, some without, all using SCSI drives. Five were dead upon arrival and will need to be exchanged with the vendor. Two more died a short time after installation. I expect more deaths, which is why critical systems are using RAID. This mirrors my other experiences with SCSI as well. The drives just seem to die more often -- not in huge numbers, just a few at a time. A few months back on another project we bought about 30 IBM IDE drives for office members, taking them off of low capacity SCSI drives. All are okay, no deaths, no loss of data after about a year. This also mirrors my previous experiences with IDE drives. They seem to be more rugged. Western Digital, and older Maxtor make up the majority of my IDE death experiences. My only reasoning for this is the higher spindle speeds and the push for speed on SCSI drives and the lower quantities produced versus IDE. That might go against logic, but it is what I have experienced. # Jesse Molina lanner, Snow # Network Engineer Maximum Charisma Studios Inc. # [EMAIL PROTECTED] 1.303.432.0286 # end of sig > -Original Message- > From: Dave Watkins [mailto:[EMAIL PROTECTED] > Sent: Monday, November 05, 2001 11:27 PM > To: debian-isp@lists.debian.org > Subject: Re: RAID & Hard disk performance > > > Not to start a holy war, but there are real reasons to use SCSI. > > The big ones are > > Much larger MTBF, faster access times due to higher spindle > speeds, better > bus management (eg 2 drives can perform tasks at once unlike > IDE), Hot > Swapable (This is HUGE) and more cache on the drive. > > I'll stop now before I start that war :-) > > Dave > > At 11:20 AM 11/4/01 +1100, you wrote: > > > > > > > There's a number of guides that tell you about hdparm and > what DMA is, > > but if > > > you already know that stuff then there's little good > documentation. > > > >"Oh bum." :) > > > > > Then on the rare occasions that I do meet people who know > this stuff > > > reasonably well they seem to spend all their time trying > to convince me > > that > > > SCSI is better than IDE (regardless of benchmark results). :( > > > >Heh, there's a religious war waiting to happen. > > > > > > [1] http://people.redhat.com/alikins/system_tuning.html > > > >I've just found that iostat (in unstable's sysstat package) supports > >extended I/O properties in /proc if you have sct's I/O > monitoring patches. > >Unfortunately, the last one on his ftp site is for > 2.3.99-preBlah. I sent an > >email to lkml last night to see if there's a newer patch - > I'll follow up > >here if so. > > > >Thanks Russell, > > > >- Jeff > > > >-- > >Wars end, love lasts. > > > > > >-- > >To UNSUBSCRIBE, email to [EMAIL PROTECTED] > >with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] >
RE: "Transparent" IDE RAID controller
SWWWEET. I knew this was in my bookmarks somewhere Check this out; Linux IDE-RAID Notes http://www.research.att.com/~gjm/linux/ide-raid.html # Jesse Molina lanner, Snow # Network Engineer Maximum Charisma Studios Inc. # [EMAIL PROTECTED] 1.303.432.0286 # end of sig > -Original Message- > From: Jason Lim [mailto:[EMAIL PROTECTED] > Sent: Monday, November 05, 2001 4:28 PM > To: Debian-Isp > Subject: "Transparent" IDE RAID controller > > > Actually... come to think of it... I wonder if ANY RAID > controller does > the following... > > - appears to be just ONE hard disk (eg. hda) to the server > - actually has 2 or more hard disks connected to the RAID > controller (but > only shows up as one to the OS) > - if in RAID1 mode (mirroring), if one disk fails, the controller > AUTOMATICALLY uses the remaining hard disk(s), and perhaps a LED could > light up, indicating a problem with a disk. Once a new disk > is connected, > the RAID controller automatically rebuilds > - if in other modes, does 99% of operations by itself with no > intervention > required by the OS (auto rebuilds, etc.) except manual things like > replacing a dead drive > > This would mean the RAID controller is, more or less, OS > independent, and > requires no OS level software to make it run, thus making it a > "transparent" RAID controller. > > I've pondered this for a while, and i'm certainly no hardware > raid expert > but it appears like a workable and doable solution. > > So, for example if i mounted hda, the controller would transparently > activate both the drives (if you are running raid1 with 2 > hds). A cp to > hda would tell the controller to do a normal cp to hda on the > OS level, > but the "transparent" hardware raid controller would know that it is > running in raid1 mode and automatically cp the file(s) to > both hard disks. > After cping the file to both hard disks, it would tell the OS, like a > regular hd controller, that it had finished the operation, > and thus the OS > would not need to know that the file(s) were actually copied to 2 > different hard disks. > > If there is such a solution on the market... I haven't seen it. But > perhaps you could tell me WHY there is no such product when > it seems like > it would solve many problems with software/hardware > incompatibilities, and > would solve many many admin's troubles? > > Failing that... is there ANY product on the market that does plain > hardware level mirroring (for IDE)? What we do now is > (essentially) cp hda > to hdb every 24 hours, so in the case of a major hd failure on hda, we > simply swap hdb over to hda and continue running (but with stuff that > could be up to 24 hours old). What would a solution be to > make it so hdb > is never so out of date with hda, or perhaps even a LIVE copy > (considering > the above proposed transparent hardware raid, and without > causing massive > load during the day)? > > I think this is something many admins have to consider... what is YOUR > solution to this? > > Sincerely, > Jason > > - Original Message - > From: "Jesse Molina" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; "Debian-Isp" > Sent: Tuesday, November 06, 2001 9:41 AM > Subject: RE: hardware raid > > > > > > If you are looking for Ultra 160 SCSI, the Mylex AcceleRAID > 170 may be > > something that you want. I recent purchased about 30 of > these cards for > a > > RAID 1 solution for some rack servers. They work pretty > good. RAID0, > > RAID1, Spanning (JBOD), RAID5. You can backup and restore the > controller > > configuration to a floppy disk, the BIOS interface is > fairly nice and > > simple. Rebuilding takes awhile, but no big deal. > > > > They also make an AcceleRAID 170LP, a low-profile PCI card. Pretty > neat. > > > > AMI recently sold all of their RAID card business to LSI Logic, this > making > > getting some of the AMI cards a bit difficult right now. > Otherwise, I > would > > also recommend the AMI Express 500. > > > > If you are looking for IDE, I have no comment there. > > > > > > > > # Jesse Molina lanner, Snow > > # Network Engineer Maximum Charisma Studios Inc. > > # [EMAIL PROTECTED] 1.303.432.0286 > > # end of sig > > > > > > > -Original Message- > > > From: Andrew Kaplan [mailto:[EMAIL PROTECTED] > > > Sent: Monday, November 05, 2001 3:20 PM > > > To: Debian-Isp > > > Subject: hardware raid >
RE: "Transparent" IDE RAID controller
These are all very standard features in hardware SCSI RAID controllers that I know of, but my knowledge of IDE RAID controllers is very limited. If all of the RAID controller functions are not transparent to the operating system, it is not a hardware RAID controller as far as I am concerned. If it requires software, then it is a software controller! I am very interested in the subject though, as I am going to need a RAID5 IDE controller in the near future. I was looking at the AMI i4, now the LSI Logic i4, http://www.lsilogic.com/products/storage_standard_prod/raid/ideraid.html. Check out the features on that PDF. It is i960 based. They do not list Debian under OS support -- the bastards ;) , It probably works though. Promise has something called the SuperTrakSX 6000. http://promise.com/Products/Default.htm. This is getting really non-Debian, but I would be very interested in the knowledge of IDE controllers in this area. It is going on a Debian box if that is any consolation. # Jesse Molina lanner, Snow # Network Engineer Maximum Charisma Studios Inc. # [EMAIL PROTECTED] 1.303.432.0286 # end of sig > -Original Message- > From: Jason Lim [mailto:[EMAIL PROTECTED] > Sent: Monday, November 05, 2001 4:28 PM > To: Debian-Isp > Subject: "Transparent" IDE RAID controller > > > Actually... come to think of it... I wonder if ANY RAID > controller does > the following... > > - appears to be just ONE hard disk (eg. hda) to the server > - actually has 2 or more hard disks connected to the RAID > controller (but > only shows up as one to the OS) > - if in RAID1 mode (mirroring), if one disk fails, the controller > AUTOMATICALLY uses the remaining hard disk(s), and perhaps a LED could > light up, indicating a problem with a disk. Once a new disk > is connected, > the RAID controller automatically rebuilds > - if in other modes, does 99% of operations by itself with no > intervention > required by the OS (auto rebuilds, etc.) except manual things like > replacing a dead drive > > This would mean the RAID controller is, more or less, OS > independent, and > requires no OS level software to make it run, thus making it a > "transparent" RAID controller. > > I've pondered this for a while, and i'm certainly no hardware > raid expert > but it appears like a workable and doable solution. > > So, for example if i mounted hda, the controller would transparently > activate both the drives (if you are running raid1 with 2 > hds). A cp to > hda would tell the controller to do a normal cp to hda on the > OS level, > but the "transparent" hardware raid controller would know that it is > running in raid1 mode and automatically cp the file(s) to > both hard disks. > After cping the file to both hard disks, it would tell the OS, like a > regular hd controller, that it had finished the operation, > and thus the OS > would not need to know that the file(s) were actually copied to 2 > different hard disks. > > If there is such a solution on the market... I haven't seen it. But > perhaps you could tell me WHY there is no such product when > it seems like > it would solve many problems with software/hardware > incompatibilities, and > would solve many many admin's troubles? > > Failing that... is there ANY product on the market that does plain > hardware level mirroring (for IDE)? What we do now is > (essentially) cp hda > to hdb every 24 hours, so in the case of a major hd failure on hda, we > simply swap hdb over to hda and continue running (but with stuff that > could be up to 24 hours old). What would a solution be to > make it so hdb > is never so out of date with hda, or perhaps even a LIVE copy > (considering > the above proposed transparent hardware raid, and without > causing massive > load during the day)? > > I think this is something many admins have to consider... what is YOUR > solution to this? > > Sincerely, > Jason > > - Original Message - > From: "Jesse Molina" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; "Debian-Isp" > Sent: Tuesday, November 06, 2001 9:41 AM > Subject: RE: hardware raid > > > > > > If you are looking for Ultra 160 SCSI, the Mylex AcceleRAID > 170 may be > > something that you want. I recent purchased about 30 of > these cards for > a > > RAID 1 solution for some rack servers. They work pretty > good. RAID0, > > RAID1, Spanning (JBOD), RAID5. You can backup and restore the > controller > > configuration to a floppy disk, the BIOS interface is > fairly nice and > > simple. Rebuilding takes awhile, but no big deal. > >
RE: hardware raid
If you are looking for Ultra 160 SCSI, the Mylex AcceleRAID 170 may be something that you want. I recent purchased about 30 of these cards for a RAID 1 solution for some rack servers. They work pretty good. RAID0, RAID1, Spanning (JBOD), RAID5. You can backup and restore the controller configuration to a floppy disk, the BIOS interface is fairly nice and simple. Rebuilding takes awhile, but no big deal. They also make an AcceleRAID 170LP, a low-profile PCI card. Pretty neat. AMI recently sold all of their RAID card business to LSI Logic, this making getting some of the AMI cards a bit difficult right now. Otherwise, I would also recommend the AMI Express 500. If you are looking for IDE, I have no comment there. # Jesse Molina lanner, Snow # Network Engineer Maximum Charisma Studios Inc. # [EMAIL PROTECTED] 1.303.432.0286 # end of sig > -Original Message- > From: Andrew Kaplan [mailto:[EMAIL PROTECTED] > Sent: Monday, November 05, 2001 3:20 PM > To: Debian-Isp > Subject: hardware raid > > > I'm looking for a good hardware raid 1 (mirroring) solution > for Debian. Will > the promise cards work with Debian or is there a better > solution thanks. > > Andrew P. Kaplan > Network Administrator > CyberShore, Inc. > http://www.cshore.com > > "I couldn't give him advice in business and he couldn't give me > advice in technology." --Linus Torvalds, about why he wouldn't > be interested in meeting Bill Gates. > > > > > > > > -Original Message- > > From: Craigsc [mailto:[EMAIL PROTECTED] > > Sent: Monday, November 05, 2001 4:17 AM > > To: Debian-Isp > > Subject: VIM > > > > > > H > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > > > > > --- > > Incoming mail is certified Virus Free. > > Checked by AVG anti-virus system (http://www.grisoft.com). > > Version: 6.0.286 / Virus Database: 152 - Release Date: 10/9/01 > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.286 / Virus Database: 152 - Release Date: 10/9/01 > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] >
RE: Rackmount cases manufacturers ?
Look at the Hewlett Packard LP 1000r and 2000r. They use cases from Elan Vita, the R-10 and R-20. http://www.elanvital.com.tw/ http://www.elanvital.com.tw/products/servercases/R-10.htm http://www.elanvital.com.tw/products/servercases/R-20.htm Here are some other useful links; http://www.rackmount.com/ http://www.gtweb.net/ VA Linux used to be a good place to get entire systems -- it is a shame that they had to get away from the business. Penguin Computing is still around. Their new Altus server looks way cool. There are other small time system assemblers around if you are looking for whole systems. I cannot assist you with the locale issue. Enjoy # Jesse Molina lanner, Snow # Network Engineer Maximum Charisma Studios Inc. # [EMAIL PROTECTED]1.303.432.0286 # end of sig > -Original Message- > From: Nicolas Bouthors [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, October 02, 2001 4:58 AM > To: [EMAIL PROTECTED] > Subject: Rackmount cases manufacturers ? > > > Hello > > I'm looking for 1 and 2U rackmount cases manufacturers. > > I already found about : > - CI Designs (http://www.cidesing.com/) > - Advance (http://www.suza-fr.com/english/pr_ipc.htm ) > (cheap design I > think) > - Lanner (http://www.lannerinc.com/p4.htm) > - Chembro (http://www.chembro.com.tw) > > Is there anything else that you know about ? I'm especialy > looking for one > with a known resseller in France. > > Thanks, > Nico > > > > -- > Administrateur Système/Réseau - GHS 38, rue du Texel 75014 Paris > Tél : 01 43 21 16 66 - [EMAIL PROTECTED] - [EMAIL PROTECTED] > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]