Re: multiple nic/IP in firewall
On Tue, Jan 22, 2013 at 10:42 PM, Roberto Scattini < roberto.scatt...@gmail.com> wrote: > 1. the second interface, in on same subnet as the first interface? > no, they are completely different > > >> 2. the gateway for second interface is different as the first >> interface? >> > yeah, both are different too > > thanks > > > ps: i think we both live in argentina? > Sí, soy de Argentina tambien... Cuando ejecutás "route -n" sólo ves un gateway porque asi es como lo definiste con la linea "ip route add default via $P2" 0.0.0.0 XX.220.XX.177 0.0.0.0 UG0 00 eth3 Esto es así porque no estas cargando el balanceo con ip route default scope, como por ejemplo: :~# ip route add default scope global nexthop via XX.220.XX.177 dev eth3 weight 1 nexthop via YY.20.YY.Y dev eth4 weight 1 :~# ip route add '127.0.0.0/8' dev lo table T1 :~# ip route add '127.0.0.0/8' dev lo table T2 :~# ip route add '192.168.100.0/24' dev eth2 table T1 :~# ip route add '192.168.100.0/24' dev eth2 table T2 Normalmente yo agrego esas lineas en el archivo /etc/rc.local para que se ejecuten en el inicio, por supuesto tenés que haber agregado a /etc/iproute/rt_tables los nombres de las tablas que estas usando (T1 & T2) Yo particularmente prefiero agregar la configuración de cada subred en el mismo archivo /etc/network/interfaces, en el ejemplo a continuación es como lo tengo en uno de mis servers) auto eth3 iface eth3 inet manual pre-up ip link set eth3 up post-up ip addr add XX.220.XX.178/30 brd + dev eth3 post-up ip route add XX.220.XX.176 dev eth3 src XX.220.XX.178 table T1 post-up ip route add default via XX.220.XX.177 table T1 post-up ip rule add from XX.220.XX.178 table T1 auto eth4 iface eth4 inet manual pre-up ip link set eth4 up post-up ip addr add YY.20.YY.3/24 brd + dev eth4 post-up ip route add YY.20.YY.0 dev eth4 src YY.20.YY.3 table T2 post-up ip route add default via YY.20.YY.2 table T2 post-up ip rule add from YY.20.YY.3 table T2 Y listo! Con eso básicamente sale andando y vas a tener balanceo y ambas interfaces públicas van a escuchar y poder hacer NAT al webserver en tu red privada, aunque obviamente ya dependes de iptables para eso. Saludos -- "La Voluntad es el único motor de nuestros logros" http://ngen.com.ar/blog
Re: ifstated equivalent on Linux
On Mon, Jan 16, 2012 at 3:38 PM, Sebastian Steinhuber wrote: > Ifplugd or netplug could do the trick. Thanks... But ifplug and/or netplug check state of link interface.. If my ISP is down, link still is up without routing. i need (for example) send ICMP over WAN1 and WAN2 if ICMP over WAN1 get timeout, change ip route rules and send all traffic over WAN2 regards -- "La Voluntad es el único motor de nuestros logros" http://ngen.com.ar/blog -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cacjp8-otjt2he9s+ubxeh67rp42prkywxchcfhs2pk2bt_x...@mail.gmail.com
Re: ifstated equivalent on Linux
On Mon, Jan 16, 2012 at 1:16 PM, Jon Dowland wrote: > If you provide a description of what ifstated does, then someone might be > able to suggest an alternative program (without having to go and look up > ifstated themselves) Sorry... http://www.openbsd.org/cgi-bin/man.cgi?query=ifstated&sektion=8 The ifstated daemon runs commands in response to network state changes, which it determines by monitoring interface link state or running external tests. For example, it can be used with carp(4) to change running services or to ensure that carp(4) interfaces stay in sync, or with pf(4) to test server or link availability and modify translation or routing rules. The options are as follows: In my case i need manage a failover internet conection (actually with debian + iproute + firehol) in Linux Wan failover is very hard to configure and to see PF + ifstate is very very very very very very very very simple. Regards -- "La Voluntad es el único motor de nuestros logros" http://ngen.com.ar/blog -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cacjp8-rupqh+9xp9t8jsridlwmduynq4dubdh2eervmxe6c...@mail.gmail.com
ifstated equivalent on Linux
Hello all! Anyone knows tool similar to iftstated (BSD) for Linux? no matter if not exist Debian package (i can compile) thanks! -- "La Voluntad es el único motor de nuestros logros" http://ngen.com.ar/blog -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CACJp8-o5eGs=uq4cvyh+1w1107-74ppm-b1mcivdvalkwlo...@mail.gmail.com
Re: Your favorite bug tracking system
On Thu, Apr 7, 2011 at 4:20 PM, Jason Hsu wrote: > I need a bug tracking system for Swift Linux (www.swiftlinux.org). > > I have no prior experience with bug tracking systems, so I have NO idea what > to look for. What do you like and dislike about the various bug tracking > systems? I'd especially like to hear your opinions on Bugzilla (used by > GNOME, KDE, OpenOffice, Red Hat, Mandriva, and Gentoo) and Launchpad (used by > Ubuntu and others). > http://www.redmine.org/ Integrate issues, wiki, etc. -- "La Voluntad es el único motor de nuestros logros" http://ngen.com.ar/blog -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/banlktincckys+h+3mjnsifnt1jsx5xh...@mail.gmail.com
Re: fglrx driver in debian squeeze in limbo - any ideas?
On Mon, May 3, 2010 at 9:43 AM, tv.deb...@googlemail.com wrote: > Hi, what exactly is broken ? > As a workaround you could use Sid packages if Squeeze's are in bad shape. I > have two mostly Squeeze (amd64, kde with desktop "effects" enabled) machines > running Sid's fglrx at the moment and they seem fine, glxinfo and fglrxinfo > doesn't spit any error, xorg logs doesn't contain errors, and the few OpenGl > stuff I just tried are working fine (namely "Torcs" and "xmoto"). Hi everyone is wrong, fglrx in Debian Squeeze need non-free packages in /etc/apt/sources.list ll they need is module-assistant and fglrx r...@forest:~# aptitude install fglrx-driver fglrx-glx fglrx-control fglrx-source fglrx-kernel-2.6.32-3-amd64 module-assistant -y r...@forest:~# module-assistant (and follow assistant, select fglrx, make, build and install) r...@forest:~# modprobe fglrx r...@forest:~# aticonfig --initial (replaces /etc/X11/xorg.conf if exists) r...@forest:~# /etc/init.d/gdm restart (or kdm if you have QT vaccine) -- "La Voluntad es el único motor de nuestros logros" http://ngen.com.ar/blog http://ngen.com.ar/wiki -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/k2v82aadc8f1005031349j8274e6bdh5b40fb03b6907...@mail.gmail.com
Re: xen on etch amd64
On 2/21/08, edu gargiulo <[EMAIL PROTECTED]> wrote: > /usr/bin/ld: saltando el /usr/bin/../lib/libc.so incompatible mientras > se buscaba -lc > /usr/bin/ld: saltando el /usr/bin/../lib/libc.a incompatible mientras > se buscaba -lc > /usr/bin/ld: saltando el /usr/lib/libc.so incompatible mientras se buscaba > -lc > /usr/bin/ld: saltando el /usr/lib/libc.a incompatible mientras se buscaba -lc > /usr/bin/ld: no se puede encontrar -lc Tenes que instalarte las librerias # aptitude install libc6-xen Saludos -- "La Voluntad es el unico motor de nuestros logros" http://www.mstaaravin.com.ar/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
