Re: Bookworm Networking Issues
Greg Wooledge writes: > For example, on my current machine, the network interface is named "eno1". > To bring this interface up, if it's not already up, I would run: > > ifup eno1 Um, ifup takes -a to bring all interfaces marked auto up. So that's the obvious command to try and if it doesn't work then it's time to get down into the details with error messages and what's in the config and all that.
Re: Bookworm Networking Issues
> Can anybody suggest how to get the networking running? Have you searched the web for answered? I suspect searching for "get the networking running" or "fix my problems" will get you up and running in no time. Stefan
Re: Bookworm Networking Issues
On Sun, Mar 17, 2024 at 08:46:26PM +0100, Marco Moock wrote: > Am 17.03.2024 um 16:54:27 Uhr schrieb David: > > > Can anybody suggest how to get the networking running? > > You have to tell us what doesn't work in your network. > > Also show the output of > ip a > cat /etc/resolv.conf I have a feeling everyone's over-thinking this. I suspect what the OP wants is the *literal command* they should type. Unfortunately, without knowing the contents of /etc/network/interfaces we can't give the literal command. You'd have to know the name(s) of the network interfaces that are defined. Then, for each interface, you would run an "ifup" command. For example, on my current machine, the network interface is named "eno1". To bring this interface up, if it's not already up, I would run: ifup eno1 Of course, there's also a desire to ensure that the network interfaces are correctly brought up when you boot. Therefore, the ultimate test is to reboot the machine. If the interfaces come up when you boot, then things are probably configured correctly. If they don't, then you have a problem to solve.
Re: Bookworm Networking Issues
Am 17.03.2024 um 16:54:27 Uhr schrieb David: > Can anybody suggest how to get the networking running? You have to tell us what doesn't work in your network. Also show the output of ip a cat /etc/resolv.conf -- Gruß Marco Send spam to 1710690867mu...@cartoonies.org
Re: Bookworm Networking Issues
On Sun, Mar 17, 2024 at 04:54:27PM +, David wrote: > I am running Bookworm on a thin client and Network-Manger seems to be > the source of my problems. > > I have purged Network-Manager from this thin client, but I can't find > out how to get /etc/network/interface to run. I have added to 2 NIC's > that I need. > > Can anybody suggest how to get the networking running? Package ifupdown is installed? Cheers -- t signature.asc Description: PGP signature
Re: Bookworm Networking Issues
On Sun, 17 Mar 2024 16:54:27 + David wrote: > I am running Bookworm on a thin client and Network-Manger seems to be > the source of my problems. > > I have purged Network-Manager from this thin client, but I can't find > out how to get /etc/network/interface to run. I have added to 2 NIC's > that I need. > > Can anybody suggest how to get the networking running? > > Thank you, > > David. > "man interfaces" might help. The name of the file is "/etc/network/interfaces". Note the s on the end. Do you have other typos, say, in the file? Also, you could show us verbatim the contents of your /etc/network/interfaces. You might also look at systemd-networkd. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: Bookworm Networking Issues
On Sonntag, 17. März 2024 13:54:27 -03 David wrote: > I am running Bookworm on a thin client and Network-Manger seems to be > the source of my problems. > > I have purged Network-Manager from this thin client, but I can't find > out how to get /etc/network/interface to run. I have added to 2 NIC's > that I need. > > Can anybody suggest how to get the networking running? > > Thank you, > > David. David, with all respect, your post is bare of any information which would enable someone without a crystal ball to help with the issue. Maybe start here: 'man if' and or 'man ifconfig' All the best -- Eike Lantzsch KY4PZ / ZP5CGE
Bookworm Networking Issues
I am running Bookworm on a thin client and Network-Manger seems to be the source of my problems. I have purged Network-Manager from this thin client, but I can't find out how to get /etc/network/interface to run. I have added to 2 NIC's that I need. Can anybody suggest how to get the networking running? Thank you, David.
networking issue upon reboot, i need to restart networking for it to work properly.
hello, Have a funky issue with Debian 10, that is network related. Whenever I restart my computer, I cannot access the internet. I need to restart networking either via CLI, or from the networking panel turn off/on networking. Then, everything works. But, that is rather annoying. Trying to solve it, I get this from: netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 enp27s0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 enp27s0 my gateway is 192.168.1.1, I tried to set it manually, but somehow I have messed it up. Should be an easy solution for a networking guru. Thanks
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
The instructions on the webpage: https://github.com/winterheart/broadcom-bt-firmware/blob/master/README.md, the portion of the note: https://github.com/winterheart/broadcom-bt-firmware/blob/master/README.md#notes-about-combined-wifibluetooth-devices may please be perused The firmware was already in the directory: /lib/firmware/brcm, but still error messages were read on the terminal. Solved the issue. There was a simple trick involved: I had to make the file read-only for all. Then restart the computer. Now: # dmesg | grep -i bluetooth # Shows all Bluetooth driver info Output: [ 29.102165] Bluetooth: Core ver 2.22 [ 29.102210] Bluetooth: HCI device and connection manager initialized [ 29.102219] Bluetooth: HCI socket layer initialized [ 29.102224] Bluetooth: L2CAP socket layer initialized [ 29.102230] Bluetooth: SCO socket layer initialized [ 105.688413] Bluetooth: BNEP (Ethernet Emulation) ver 1.3 [ 105.688419] Bluetooth: BNEP filters: protocol multicast [ 105.688426] Bluetooth: BNEP socket layer initialized # dmesg | grep -i bluetooth | grep -i firmware # Shows Bluetooth firmware issues Output: None However, I am still receiving the same error messages for the other commands as listed on the post: https://lists.debian.org/debian-user/2023/10/msg00871.html I now would need your support to install specific packages and reconfigure the settings so that I no longer receive the error messages. Best wishes
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
Again, I post the following output for the command:
# sudo pkexec dmesg | grep -i "BCM"
Output:
[3.731659] usb 1-4: Product: BCM43142A0
[ 17.507884] wlan0: Broadcom BCM4365 802.11 Hybrid Wireless
Controller 6.30.223.271 (r587334)
[ 18.939316] Bluetooth: hci0: BCM: chip id 70
[ 18.940314] Bluetooth: hci0: BCM: features 0x06
[ 18.956242] Bluetooth: hci0: BCM43142A
[ 18.956249] Bluetooth: hci0: BCM43142A0 (001.001.011) build
[ 19.175963] bluetooth hci0: firmware: direct-loading firmware
brcm/BCM43142A0-0a5c-216d.hcd
[ 19.175977] Bluetooth: hci0: BCM43142A0 'brcm/BCM43142A0-0a5c-216d.hcd' Patch
[ 29.429513] Bluetooth: hci0: BCM: Patch command 227b failed (-110)
[ 29.431433] Bluetooth: hci0: BCM: Patch failed (-110)
[ 39.669304] Bluetooth: hci0: BCM: Reset failed (-110)
On the webpage:
https://github.com/winterheart/broadcom-bt-firmware/blob/master/README.md,
the portion of the note:
https://github.com/winterheart/broadcom-bt-firmware/blob/master/README.md#notes-about-combined-wifibluetooth-devices
may please be perused:
Some Bluetooth controller (for example, BCM4354 and BCM4356) are
integrated to WiFi chipset (this can be BCM43XX 802.11ac Wireless
Network Adapter or just simple generic Broadcom PCIE Wireless). These
devices requires two kinds of firmware - first for WiFi, and second
for Bluetooth. Without WiFi firmware Bluetooth will not initialize and
will not work properly. Firmware for WiFi already included to kernel,
but you may need to do additional work to place correct NVRAM.
Resolution needed for the above note.
I used the instructions on the Debian page to install the packages:
https://wiki.debian.org/BluetoothUser
I have installed the packages bluetooth, blueman and the rest.
Have the following installed:
blueman
bluetooth
bluez
bluez-obexd
libbluetooth3
connman
I typed on the terminal:
# blue
then used tab. The following applications are installed.
blueman-adapters blueman-assistant blueman-report
blueman-services bluemoon
blueman-applet blueman-managerblueman-sendto blueman-tray
bluetoothctl
>From the Start Menu/Preferences/Bluetooth Manager, but the tray icon
isn't visible.
Used:
# sudo blueman-services
blueman-services version 2.1.4 starting
root@debianHPRajib:/home/rajib# sudo service bluetooth status
● bluetooth.service - Bluetooth service
Loaded: loaded (/lib/systemd/system/bluetooth.service; enabled;
vendor preset: enabled)
Active: active (running) since Sun 2023-10-29 06:41:39 IST; 9h ago
Docs: man:bluetoothd(8)
Main PID: 815 (bluetoothd)
Status: "Running"
Tasks: 1 (limit: 4566)
Memory: 1.4M
CPU: 49ms
CGroup: /system.slice/bluetooth.service
└─815 /usr/libexec/bluetooth/bluetoothd
Oct 29 06:41:34 debianHPRajib systemd[1]: Starting Bluetooth service...
Oct 29 06:41:35 debianHPRajib bluetoothd[815]: Bluetooth daemon 5.55
Oct 29 06:41:39 debianHPRajib systemd[1]: Started Bluetooth service.
Oct 29 06:41:39 debianHPRajib bluetoothd[815]: Starting SDP server
Oct 29 06:41:40 debianHPRajib bluetoothd[815]: Bluetooth management
interface 1.18 initialized
This is consistently reported as Running.
Then tried: # sudo blueman-assistant
A pop-up says no assistant found
Then:
# sudo blueman-manager
blueman-manager version 2.1.4 starting
blueman-manager 16.17.02 ERRORManager:118 on_dbus_name_appeared:
Default adapter not found, trying first available.
blueman-manager 16.17.02 ERRORManager:122 on_dbus_name_appeared:
No adapter(s) found, exiting
Then tried:
# sudo blueman-adapters
blueman-adapters version 2.1.4 starting
blueman-adapters 16.18.13 ERRORAdapter:53 __init__ : No adapter(s) found
Then tried:
# sudo blueman-applet
blueman-applet version 2.1.4 starting
There is an instance already running
Then tried:
# sudo blueman-tray
blueman-tray version 2.1.4 starting
There is an instance already running
Then tried:
# sudo blueman-services
blueman-services version 2.1.4 starting
A window opens with title: local services and presents options.
Then tried:
# sudo blueman-report
Terminating blueman-applet
Describe your next action (keep empty if done):
Traceback (most recent call last):
File "/usr/bin/blueman-report", line 57, in
response = urllib2.urlopen('https://api.github.com/gists',
data.encode('UTF-8')).read()
File "/usr/lib/python3.9/urllib/request.py", line 214, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.9/urllib/request.py", line 523, in open
response = meth(req, response)
File "/usr/lib/python3.9/urllib/request.py", line 632, in http_response
response = self.parent.error(
File "/usr/lib/python3.9/urllib/request.py", line 561, in error
return self._call_chain(*args)
File "/usr/lib/python3.9/urllib/request.py", line 494, in _call_chain
result = func(*args)
File "/usr/lib/python3.9/urllib/request.py", line 641, in http_error_default
raise HTTPError(req.full_url, code, msg, hdrs, fp)
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
Dear Mr. ullrich, I am so concerned by the Biblical God-like Commandment of some of the senior members of this mailing list that I have to ask you a second time: have you meticulously perused all my posts relating to this problematic hardware?: "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card The relevant posts begin at: (1) https://lists.debian.org/debian-user/2019/10/msg00493.html (2) https://lists.debian.org/debian-user/2023/10/msg00452.html (3) https://lists.debian.org/debian-user/2023/10/msg00649.html (4) https://lists.debian.org/debian-user/2023/10/msg00650.html Also, I assume you have noted that I still continue to use the oldstable system: [Official Debian GNU/Linux Live 11.6.0 lxde 2022-12-17T11:46]/ bullseye Sometimes I feel that some posters are actually planted here on the Mailing List, and are heavily paid for their disruptions, by the Proprietary Universe, to make Free and Open Source users like me lose hope on the FSF ecosystem, feel frustrated and compel us to return to the Proprietary Universe, turning away from the FSF/OpenSource system and the Social Contract. Then again, there are some who express their goodness and then vanish. The latter, like Mr. Davidson, Mr. Curt, et al, are the ones who keep my hope on humanity and the social contract intact. I still believe that man could admire the best way forward: the positive non-zero sum cooperative games, if he chose wisely. You appear to be here since May 2011 in the debian-user ML. So you appear to be a fairly senior member. Also, it appears that you have been suggesting module-assistant since Jul 2011, thus experienced in using module-assistant. I have installed the m-a package, but not the rest, yet. I hope that I will hear from you a second time. If I don't, then still ... Best wishes, Rajib Etc.
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
Am Samstag, 28. Oktober 2023, 13:08:21 CEST schrieb Susmita/Rajib: > BCM43142A0 Try the following. Building kernel modue: 1. Install the packages module-assistant, broadcom-sta, broadcom-dkms and broadcom-sta- source 2. start module-assistant, command: m-a 3. In GUI enter UPDATE 4. In GUI enter PREPARE 5. In GUI enter SELECT 6. In SELECT menu choose broadcom-sta and click ok 7. In GUI enter GET 8. In GUI enter BUILD 9. In GUI enter INSTALL After finish enter BACK and EXIT. You will need the firmware. The firmware is distribution independent, so you can get it from other distributions, like here from AUR: https://aur.archlinux.org/packages/bcm43142a0-firmware[1] Get it and put it manually into /lib/firmware Now try again. Hope this helps. Best regards Hans [1] https://aur.archlinux.org/packages/bcm43142a0-firmware
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
On Wed, 25 Oct 2023 at 08:31, Susmita/Rajib wrote: [ ... ] > > Install the package firmware-b43-installer and follow the prompts. > > > > I'm fairly sure that's all it takes. You may need to uninstall wl > > and / or any other changes you've made. > [ ... ] > > Ok, I will gradually try to learn about this firmware, > "firmware-b43-installer". [ ... ] Dear Mr. Cater, I took time to go through the list/description of Wireless network cards in the package Description for which the driver is suitable. The list is as follows: ... Supported chipsets: * BCM4306/3 (chip revision 3 only); * BCM4311 (NOT PCI Id 14e4:4313); * BCM4312; * BCM43131; * BCM4318; * BCM4321 (only partial support, not all versions tested); * BCM43217; * BCM4322 (only partial support for some versions, not all versions tested); * BCM43222 (not all versions tested); * BCM43224 (not all versions tested); * BCM43225; * BCM43227; * BCM43228; * BCM4331; * BCM47xx (detection not reliable, may not support all versions). If observed carefully, the card which my laptop has is: BCM43142 802.11b/g/n (rev 01) None of the list-items has the said card mentioned. So I am doubtful if this driver would even work. Further, the webpage https://wireless.wiki.kernel.org/en/users/drivers/b43#contact for the "firmware-b43-installer" may please be perused: On the webpage the list with the following columns has the following entries for the said chipset: PCI-ID Supported? Chip ID Modes PHY version Alternative 14e4:4365 no BCM43142 b/g/n LCN40 (r3) wl So it can be seen that the driver isn't suitable for my laptop's said card. I again post my query to all Senior Members of the debian-user Mailing List: If senior members have gone through this ML subject thread, your experience is invited on the issue. Once again the detailed dmesg output for the "bluetooth" section for the said card is at the post: https://lists.debian.org/debian-user/2023/10/msg00649.html. Particularly: # dmesg | grep -i -e "bluetooth" [191884.268151] Bluetooth: hci0: BCM: chip id 70 [191884.269117] Bluetooth: hci0: BCM: features 0x06 [191884.285185] Bluetooth: hci0: BCM43142A [191884.285195] Bluetooth: hci0: BCM43142A0 (001.001.011) build [191884.286140] bluetooth hci0: firmware: failed to load brcm/BCM43142A0-0a5c-216d.hcd (-2) [191884.286161] bluetooth hci0: firmware: failed to load brcm/BCM-0a5c-216d.hcd (-2) [191884.286165] Bluetooth: hci0: BCM: firmware Patch file not found, tried: [191884.286168] Bluetooth: hci0: BCM: 'brcm/BCM43142A0-0a5c-216d.hcd' [191884.286171] Bluetooth: hci0: BCM: 'brcm/BCM-0a5c-216d.hcd' [191886.293688] Bluetooth: hci0: command 0x1003 tx timeout [191886.295091] Bluetooth: hci0: unexpected event for opcode 0x1003 The wifi section works perfectly well. Therefore, I would again return to my earlier post at: https://lists.debian.org/debian-user/2023/10/msg00650.html That is, the thread with the Subject: Which Network Controller Card handling Wi-Fi, Bluetooth, etc., connectivities, is GNU/Linux Approved/certified, and would be (1) compatible with my HP laptop's motherboard, and (2) could replace the "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" I desire a Debian approved list for perfectly compatible Wireless-Bluetooth Cards. Like the PCI list, with the heading: DeviceDatabase/PCI - Debian Wiki at https://wiki.debian.org/DeviceDatabase/PCI Best wishes, Rajib, Etc.
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
From: "Andrew M.A. Cater" Date: Tue, 24 Oct 2023 17:12:41 + Message-id: <[] ztf7cq23nikqt...@einval.com> In-reply-to: <[] CAEG4cZW87bzq6SMO0HPJAfh+UcgJFEJ=jo6ahbrwecp22yb...@mail.gmail.com> References: <[] caeg4czxgp3wqszgsps5erwcvxyf1wdm-mjnbx+ehvybqrr-...@mail.gmail.com> <[] CAEG4cZW87bzq6SMO0HPJAfh+UcgJFEJ=jo6ahbrwecp22yb...@mail.gmail.com> Dear Mr. Cater, thank you for your kind reply. > On Tue, Oct 24, 2023 at 08:19:03PM +0530, Susmita/Rajib wrote: [ ... ] > Please ensure that your /etc/apt/sources.list includes entries > for main contrib and non-free > > See, for example, the version for Debian Bullseye (oldstable) in this > link: https://wiki.debian.org/SourcesList > > Then do an apt update ; apt upgrade to bring yourself up to date. [ ... ] It was already done, as recorded earlier and elsewhere. So otherwise, I am ready. [ ... ] > Install the package firmware-b43-installer and follow the prompts. > > I'm fairly sure that's all it takes. You may need to uninstall wl > and / or any other changes you've made. [ ... ] Ok, I will gradually try to learn about this firmware, "firmware-b43-installer". [ ... ] > As the author of the FAQ posting made here every month; > Please do not post political / nationalistic / controversial > points here - Debian is worldwide and Bharat nationalism may be > misplaced as not everyone will appreciate what you are writing. [ ... ] Sure. One note: the correct phrase would be "Inclusive Globalism", not "Bharatiya Nationalism". In the said post, as a reply to Mr. Dan Purgert -'s post dated: Tue, 24 Oct 2023 07:45:13 -0400, I couldn't help identify the global anglo-Saxon ploy to enslave the world embedded within his sentences. I immediately remembered the information on the "The Creature From Jekyll Island, G Edward Grifin", "The Tower Of Basel, Adam LaBor", "Committee Of 300", the "Corporation Of London", et al. I was just networking the extreme evil that ensues from a trans-generational scarcity of resources, and my thought flowed to the tropics, where ample sunlight and rainfall ensured a bewilderingly rich biome with plenty of diverse foods, merriment and festivals round the year. I remembered that the public is only 3 meals away from a revolution. >From there the Maslow-ian hierarchy of needs arrived ... and the rest Control, Covid19, planned eradication of global population, Control of Resources by Global Corporations, End of Freedoms, including Free air and water ... Readers interested to know the real story of Bharat could contact for a text download link. Best wishes, Rajib Etc.
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
On Tue, Oct 24, 2023 at 08:19:03PM +0530, Susmita/Rajib wrote: > From: "Andrew M.A. Cater" > Date: Tue, 24 Oct 2023 10:50:48 + > Message-id: <[] ztehic-dyzpii...@einval.com> > In-reply-to: <[] > caeg4czxgp3wqszgsps5erwcvxyf1wdm-mjnbx+ehvybqrr-...@mail.gmail.com> > > Dear Mr. Cater, > > Once again, thank you for your post. > > But Mr. Cater, I would have to request you to appreciate my > limitations to follow your advice, given the gap in our competence > levels. > Dear Rajib, I can't help you because I don't have such a card / chipset. Please ensure that your /etc/apt/sources.list includes entries for main contrib and non-free See, for example, the version for Debian Bullseye (oldstable) in this link: https://wiki.debian.org/SourcesList Then do an apt update ; apt upgrade to bring yourself up to date. Install the package firmware-b43-installer and follow the prompts. I'm fairly sure that's all it takes. You may need to uninstall wl and / or any other changes you've made. As the author of the FAQ posting made here every month; Please do not post political / nationalistic / controversial points here - Debian is worldwide and Bharat nationalism may be misplaced as not everyone will appreciate what you are writing. With every good wish, as ever, Andy Cater (amaca...@debian.org) > But I will try to learn more about b43-fwcutter. > > Fortunately for me, I had opened the casing to check that the said > wireless network card is inserted into a slot on the motherboard > internally and could be removed and reinserted. > > So, you could guide me a little further on b43-fwcutter and let us see > if I could carry the mission a little further. > > Best wishes, > Rajib > Etc. >
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
From: "Andrew M.A. Cater" Date: Tue, 24 Oct 2023 10:50:48 + Message-id: <[] ztehic-dyzpii...@einval.com> In-reply-to: <[] caeg4czxgp3wqszgsps5erwcvxyf1wdm-mjnbx+ehvybqrr-...@mail.gmail.com> Dear Mr. Cater, Once again, thank you for your post. But Mr. Cater, I would have to request you to appreciate my limitations to follow your advice, given the gap in our competence levels. But I will try to learn more about b43-fwcutter. Fortunately for me, I had opened the casing to check that the said wireless network card is inserted into a slot on the motherboard internally and could be removed and reinserted. So, you could guide me a little further on b43-fwcutter and let us see if I could carry the mission a little further. Best wishes, Rajib Etc.
Re: Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
On Tue, Oct 24, 2023 at 02:01:21PM +0530, Susmita/Rajib wrote: > My dear illustrious Team Leaders and Senior Members, Debian-User > group, debian-user@lists.debian.org > > I rephrase my earlier question posted at: > https://lists.debian.org/debian-user/2023/10/msg00452.html > which didn't receive an insightful reply or guidance. Yes, Mr. Cater > did advise on B43 series firmware along with his suggestion to update > and I thank him for that. But I have progressed a bit further than the > situation I faced then. In the end, if we fail, I will change the > Wireless Network Card. > Hi Rajib, I don't think you quite got the point I was making. wl is one way round the problem. b43-fwcutter is the other, and more usual way round this problematic Broadcom chipset. If you go the b43 way, then you need to remove wl, I think. The catch is that you need network access to download the Broadcom firmware to make use of b43-fwcutter. If you're unlucky, the wireless network card may actually be built into the laptop chipset and not easily able to be changed. You may also find that HP expect particular models and have deny-listed others. > Any advice with usual codes and inputs will be welcome. > > > The LAN interface is: > 02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL810xE > PCI Express Fast Ethernet controller (rev 07) > Subsystem: Hewlett-Packard Company RTL810xE PCI Express Fast Ethernet > controller > Flags: bus master, fast devsel, latency 0, IRQ 18 > I/O ports at 4000 [size=256] > Memory at c070 (64-bit, non-prefetchable) [size=4K] > Memory at c040 (64-bit, prefetchable) [size=16K] > Capabilities: [40] Power Management version 3 > Capabilities: [50] MSI: Enable- Count=1/1 Maskable- 64bit+ > Capabilities: [70] Express Endpoint, MSI 01 > Capabilities: [b0] MSI-X: Enable+ Count=4 Masked- > Capabilities: [d0] Vital Product Data > Capabilities: [100] Advanced Error Reporting > Capabilities: [140] Virtual Channel > Capabilities: [160] Device Serial Number 01-00-00-00-36-4c-e0-00 > Capabilities: [170] Latency Tolerance Reporting > Kernel driver in use: r8169 > Kernel modules: r8169 > This is stock Realtek and should work without a problem. > However, with the output of # dmesg | grep -i -e "bluetooth" > > [191884.268151] Bluetooth: hci0: BCM: chip id 70 > [191884.269117] Bluetooth: hci0: BCM: features 0x06 > [191884.285185] Bluetooth: hci0: BCM43142A > [191884.285195] Bluetooth: hci0: BCM43142A0 (001.001.011) build > [191884.286140] bluetooth hci0: firmware: failed to load > brcm/BCM43142A0-0a5c-216d.hcd (-2) > [191884.286161] bluetooth hci0: firmware: failed to load > brcm/BCM-0a5c-216d.hcd (-2) > [191884.286165] Bluetooth: hci0: BCM: firmware Patch file not found, tried: > [191884.286168] Bluetooth: hci0: BCM: 'brcm/BCM43142A0-0a5c-216d.hcd' > [191884.286171] Bluetooth: hci0: BCM: 'brcm/BCM-0a5c-216d.hcd' > [191886.293688] Bluetooth: hci0: command 0x1003 tx timeout > [191886.295091] Bluetooth: hci0: unexpected event for opcode 0x1003 > > > So, brcm/BCM-0a5c-216d.hcd firmware isn't working properly. > > I reached the ubuntu thread and the post: > https://ubuntuforums.org/showthread.php?t=2489817=14156420#post14156420 > talks about the Bluetooth driver brcm. > > I searched the internet with the firmware "BCM-0a5c-216d.hcd" and reached: > https://wiki.debian.org/BCMHybridBTFirmware#Missing_Firmware_Filename > > Used: > #pkexec dmidecode -t01 > > Outputs: > # dmidecode 3.3 > Getting SMBIOS data from sysfs. > SMBIOS 2.8 present. > > Handle 0x0001, DMI type 1, 27 bytes > System Information > Manufacturer: Hewlett-Packard > Product Name: HP Notebook > Version: Type1ProductConfigId > Serial Number: **edited** > UUID: **edited** > Wake-up Type: Power Switch > SKU Number: **edited** > Family: 103C_5335KV G=N L=CON B=HP > > Went to github. Read the page README.md at: > https://github.com/winterheart/broadcom-bt-firmware/blob/master/brcm/BCM43142A0-0a5c-216d.hcd > > Instruction raed and followed: "... Place required .hcd file to > /lib/firmware/brcm ..." > > But there appears to be a problem: > #sudo dmesg | grep -i -e "bluetooth" > > Outputs: > [ 16.740380] Bluetooth: Core ver 2.22 > [ 16.740410] Bluetooth: HCI device and connection manager initialized > [ 16.740414] Bluetooth: HCI socket layer initialized > [ 16.740418] Bluetooth: L2CAP socket layer initialized > [ 16.740423] Bluetooth: SCO socket layer initialized > [ 17.477920] Bluetooth: hci0: BCM: chip id 70 > [ 17.478903] Bluetooth: hci0: BCM: features 0x06 > [ 17.494925] Bluetooth: hci0: ***edited*** > [ 17.494929] Bluetooth: hci0: BCM43142A0 (001.001.011) build > [ 17.719998] bluetooth hci0: firmware: direct-loading firmware > brcm/BCM43142A0-0a5c-216d.hcd > [ 17.720007] Bluetooth: hci0: BCM43142A0
Please help configure to activate Bluetooth networking for "Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01)" card
My dear illustrious Team Leaders and Senior Members, Debian-User group, debian-user@lists.debian.org I rephrase my earlier question posted at: https://lists.debian.org/debian-user/2023/10/msg00452.html which didn't receive an insightful reply or guidance. Yes, Mr. Cater did advise on B43 series firmware along with his suggestion to update and I thank him for that. But I have progressed a bit further than the situation I faced then. In the end, if we fail, I will change the Wireless Network Card. Any advice with usual codes and inputs will be welcome. I have reached the post at https://wiki.debian.org/DeviceDatabase/PCI The lspci -v for the Wireless Network Interface card is: 04:00.0 Network controller: Broadcom Inc. and subsidiaries BCM43142 802.11b/g/n (rev 01) Subsystem: Hewlett-Packard Company BCM43142 802.11b/g/n Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at c050 (64-bit, non-prefetchable) [size=32K] Capabilities: [40] Power Management version 3 Capabilities: [58] Vendor Specific Information: Len=78 Capabilities: [48] MSI: Enable- Count=1/1 Maskable- 64bit+ Capabilities: [d0] Express Endpoint, MSI 00 Capabilities: [100] Advanced Error Reporting Capabilities: [13c] Virtual Channel Capabilities: [160] Device Serial Number 00-00-b8-ff-ff-dc-ac-d1 Capabilities: [16c] Power Budgeting Kernel driver in use: wl Kernel modules: bcma, wl The LAN interface is: 02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL810xE PCI Express Fast Ethernet controller (rev 07) Subsystem: Hewlett-Packard Company RTL810xE PCI Express Fast Ethernet controller Flags: bus master, fast devsel, latency 0, IRQ 18 I/O ports at 4000 [size=256] Memory at c070 (64-bit, non-prefetchable) [size=4K] Memory at c040 (64-bit, prefetchable) [size=16K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable- Count=1/1 Maskable- 64bit+ Capabilities: [70] Express Endpoint, MSI 01 Capabilities: [b0] MSI-X: Enable+ Count=4 Masked- Capabilities: [d0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [140] Virtual Channel Capabilities: [160] Device Serial Number 01-00-00-00-36-4c-e0-00 Capabilities: [170] Latency Tolerance Reporting Kernel driver in use: r8169 Kernel modules: r8169 However, with the output of # dmesg | grep -i -e "bluetooth" [191884.268151] Bluetooth: hci0: BCM: chip id 70 [191884.269117] Bluetooth: hci0: BCM: features 0x06 [191884.285185] Bluetooth: hci0: BCM43142A [191884.285195] Bluetooth: hci0: BCM43142A0 (001.001.011) build [191884.286140] bluetooth hci0: firmware: failed to load brcm/BCM43142A0-0a5c-216d.hcd (-2) [191884.286161] bluetooth hci0: firmware: failed to load brcm/BCM-0a5c-216d.hcd (-2) [191884.286165] Bluetooth: hci0: BCM: firmware Patch file not found, tried: [191884.286168] Bluetooth: hci0: BCM: 'brcm/BCM43142A0-0a5c-216d.hcd' [191884.286171] Bluetooth: hci0: BCM: 'brcm/BCM-0a5c-216d.hcd' [191886.293688] Bluetooth: hci0: command 0x1003 tx timeout [191886.295091] Bluetooth: hci0: unexpected event for opcode 0x1003 So, brcm/BCM-0a5c-216d.hcd firmware isn't working properly. I reached the ubuntu thread and the post: https://ubuntuforums.org/showthread.php?t=2489817=14156420#post14156420 talks about the Bluetooth driver brcm. I searched the internet with the firmware "BCM-0a5c-216d.hcd" and reached: https://wiki.debian.org/BCMHybridBTFirmware#Missing_Firmware_Filename Used: #pkexec dmidecode -t01 Outputs: # dmidecode 3.3 Getting SMBIOS data from sysfs. SMBIOS 2.8 present. Handle 0x0001, DMI type 1, 27 bytes System Information Manufacturer: Hewlett-Packard Product Name: HP Notebook Version: Type1ProductConfigId Serial Number: **edited** UUID: **edited** Wake-up Type: Power Switch SKU Number: **edited** Family: 103C_5335KV G=N L=CON B=HP Went to github. Read the page README.md at: https://github.com/winterheart/broadcom-bt-firmware/blob/master/brcm/BCM43142A0-0a5c-216d.hcd Instruction raed and followed: "... Place required .hcd file to /lib/firmware/brcm ..." But there appears to be a problem: #sudo dmesg | grep -i -e "bluetooth" Outputs: [ 16.740380] Bluetooth: Core ver 2.22 [ 16.740410] Bluetooth: HCI device and connection manager initialized [ 16.740414] Bluetooth: HCI socket layer initialized [ 16.740418] Bluetooth: L2CAP socket layer initialized [ 16.740423] Bluetooth: SCO socket layer initialized [ 17.477920] Bluetooth: hci0: BCM: chip id 70 [ 17.478903] Bluetooth: hci0: BCM: features 0x06 [ 17.494925] Bluetooth: hci0: ***edited*** [ 17.494929] Bluetooth: hci0: BCM43142A0 (001.001.011) build [ 17.719998] bluetooth hci0: firmware: direct-loading firmware brcm/BCM43142A0-0a5c-216d.hcd [
Re: Debian as daily driver; WiFi networking and firmware (was: General Questions)
On 25 Jul 2023 18:26 +0600, from rifesourcec...@gmail.com (Source Code): > Using Debian for PC OS is not good? Is it recommended only for servers? Debian is entirely usable as a daily driver workstation OS. I've been using it as such for around a decade, possibly longer; I have old notes and Debian packages dating back to wheezy on my current desktop system, and I'm quite sure that's not when I started using Debian specifically. Debian will, however, _also_ work very well for servers; and many of the choices one might make to reduce memory footprint (such as not running a GUI) lend themselves better toward a server installation than to a workstation setup. > It turns out you need free firmware to use wifi? But I can use wifi, but > only with some DE. I just can't use it just from the start without DE. "Non-free" firmware. Often readily distributable, but does not meet the Debian Free Software Guidelines (DFSG). One big change in Debian 12 was to split such firmware out of the non-free component (where it has been provided since, it appears, Debian 6/Squeeze) into its own component named non-free-firmware. Do you have Network Manager installed? Try running "nmcli connection show" and "iwconfig" when logged in. Do those work? -- Michael Kjörling https://michael.kjorling.se “Remember when, on the Internet, nobody cared that you were a dog?”
networking is getting weirder (Re: Intel X540-AT2 and Debian: intermittent connection)
On Fri, 2022-11-18 at 16:00 +0100, hw wrote: > On Fri, 2022-11-18 at 09:35 -0500, Jeffrey Walton wrote: > > On Mon, Nov 14, 2022 at 6:25 AM hw wrote: > > > > > > I have an X540-AT2 network card in my backup server and it worked when I > > > was > > > running Fedora on the server. > > > > > > I installed Debian on it and wanted to make backups with rsync, but the > > > connection via this network card is now intermittent where it used to be > > > stable > > > with Fedora. > > > > Fedora uses the latest version of a package that's available at the > > release date. Maybe Fedora was using a newer driver than Debian? > > Then it should have worked when I booted a Fedora live from an USB stick ... > > > It looks like there's several updated Linux drivers at > > https://www.intel.com/content/www/us/en/products/sku/60020/intel-ethernet-controller-x540at2/downloads.html > > . Maybe you can try one of the newer drivers on the Debian machine? > > Yep, thanks, I tried that and it didn't make a difference. > > I've never had a broken network card and I think it's strange that the > connection is intermittent. If it was broken, would it have a connection at > all? I guess my best chance is reseating the heatsink. So I pulled the Intel card today and I don't think I can reseat the heatsink because it's attached with pins that'll break if I try to take the heatsink off. It looks fine anyway. So I switched the server on without the Intel card installed and now the on- board network card doesn't work anymore :( Ethtool says no link detected, 'ip link' says DOWN, I can't bring the interface up. The light on the card is green, the switch port it's connected to is green. It was working fine yesterday. I'll plug the Intel card back in and see what happens ... Ok, the on-board card is working again. I can't tell if the connection is interittent now because no pings seem to go through at all. What's going on? I'm starting to think this mainboard has issues ... I've never seen anything like this before.
Re: Networking pb
On 2022-05-08 22:58, Hussein Yahia wrote: Hi, I'm new to Linux, sorry if my question is naive. I just installed debian 11 on my computer. It's wire-connected to internet. I have another computer, a mac, which is connected through wifi. I can connect from my mac to the Linux desktop. But I can't connect from the Linux to the mac: when I go in the "Network" directory, the mac does not appear. I installed smb on the Linux desktop. Can you help me on that ? It's likely tidier rather than having server and client on both machines to have another something or other running Debian as server whose job is file sharing. via eg. ssh, a web browser. mick
Re: Networking pb
On Sun, May 8, 2022 at 5:06 PM Hussein Yahia wrote: > > > I can connect from my mac to the Linux desktop. But I can't connect > from the Linux to the mac: when I go in the "Network" directory, the > mac does not appear. I installed smb on the Linux desktop. > > I'm suspecting that you need to go into the Mac's System Preferences / Sharing, and turn on File Sharing. -- Kent West<")))>< Westing Peacefully - http://kentwest.blogspot.com
Re: Networking pb
On Mon, 09 May 2022 04:10:01 +0200 Charles Curley wrote: > On Mon, 09 May 2022 01:31:35 +0200 > Hussein Yahia wrote: > >> What exactly do you mean by "connect"? SSH? ping? If you mean via >> SMB, that suggests you successfully set the Linux computer up as >> an SMB server. Did you? >> >> I don't remeber to have installed smb on my Linux. I just downloaded >> the packages. On the mac, I click on the Linux Desktop'name, (which >> appears in any window), a window appears, I can login in the Desktop >> Linux with my name and password, and I see my files, when I'm on the >> mac. > > I should probably clarify: SMB (Service Message Block) is the > protocol, originally from IBM, later Microsoft. Samba is a server > and client suite of programs for Linux and Unix that implement SMB. > Microsoft has its own suite. Apple has at least a client. SMB is > also known as CIFS (Common Internet File System, I think). Another alternative is NFS. When my wife wants to get at my music library, she runs a script I put on her Mac to do an NFS mount on my Linux box. -- cgi...@surfnaked.ca (Charlie Gibbs)
Re: Networking pb
On Mon, 09 May 2022 01:31:35 +0200 Hussein Yahia wrote: > > What exactly do you mean by "connect"? SSH? ping? If you mean via > > SMB, > > that suggests you successfully set the Linux computer up as an SMB > > server. Did you? > > I don't remeber to have installed smb on my Linux. I just downloaded > the packages. On the mac, I click on the Linux Desktop'name, (which > appears in any window), a window appears, I can login in the Desktop > Linux with my name and password, and I see my files, when I'm on the > mac. I should probably clarify: SMB (Service Message Block) is the protocol, originally from IBM, later Microsoft. Samba is a server and client suite of programs for Linux and Unix that implement SMB. Microsoft has its own suite. Apple has at least a client. SMB is also known as CIFS (Common Internet File System, I think). You downloaded the packages, but didn't install them. Gnome might include a Samba client, I don't know. I doubt it includes a server. The best way to tell if a Samba server is running is to check to see if there is one or more processes running. Run in a terminal: ps aux | grep -i smbd If it's running, you should get something like: root@hawk:~# ps aux | grep -i smb root1433 0.0 0.0 82592 14004 ?Ss May03 0:01 /usr/sbin/smbd --foreground --no-process-group root1490 0.0 0.0 80424 6164 ?SMay03 0:00 /usr/sbin/smbd --foreground --no-process-group root1492 0.0 0.0 80432 5244 ?SMay03 0:00 /usr/sbin/smbd --foreground --no-process-group root1520 0.0 0.0 82664 9332 ?SMay03 0:03 /usr/sbin/smbd --foreground --no-process-group root2875 0.0 0.0 0 0 ?I< May03 0:00 [smb3decryptd] root2883 0.0 0.0 100080 13004 ?SMay03 0:03 /usr/sbin/smbd --foreground --no-process-group root 25184 0.0 0.0 91804 13512 ?SMay04 0:03 /usr/sbin/smbd --foreground --no-process-group root 73157 0.0 0.0 83084 11740 ?SMay06 0:01 /usr/sbin/smbd --foreground --no-process-group root 73160 0.0 0.0 82960 11768 ?SMay06 0:01 /usr/sbin/smbd --foreground --no-process-group root 137417 0.0 0.0 83088 13844 ?S09:49 0:00 /usr/sbin/smbd --foreground --no-process-group root 141258 0.0 0.0 83088 14552 ?S12:08 0:00 /usr/sbin/smbd --foreground --no-process-group root 147939 0.0 0.0 6312 716 pts/8S+ 19:49 0:00 grep --colour=auto -i smb root@hawk:~# (And I have no idea what that will look like on your mail program because it consists of a lot of long lines which your mail program will probably mangle.) Otherwise you'll get only a few lines. If it isn't running, I have no idea why you are seeing on the Mac. > > > When you go to what "Network" directory? How do you go to it? Is > > this in the GUI or command line? What GUI are you using? XFCE? > > Gnome? KDE? > I have Gnome only only on the Linux desktop. You see, the is a > "Network" in the GUI, I expect the mac to appear here. Unfortunately I don't know either Gnome or Macs at all. I suspect that the reason you don't see the Mac from the Linux desktop is that it doesn't have a server running, or you haven't authorized it to share files. You might find the Debian wiki useful: https://wiki.debian.org/Samba -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: Networking pb
Hi Charles, Thank you for quick answering me. I'm going to guess that this is a simple network, such as a home, > with > just the two computers on it. Yes ! > What exactly do you mean by "connect"? SSH? ping? If you mean via > SMB, > that suggests you successfully set the Linux computer up as an SMB > server. Did you? I don't remeber to have installed smb on my Linux. I just downloaded the packages. On the mac, I click on the Linux Desktop'name, (which appears in any window), a window appears, I can login in the Desktop Linux with my name and password, and I see my files, when I'm on the mac. > When you go to what "Network" directory? How do you go to it? Is this > in the GUI or command line? What GUI are you using? XFCE? Gnome? KDE? I have Gnome only only on the Linux desktop. You see, the is a "Network" in the GUI, I expect the mac to appear here. Thank you for your time ! Cheers hussein Le dimanche 08 mai 2022 à 16:52 -0600, Charles Curley a écrit : > On Sun, 08 May 2022 23:58:28 +0200 > Hussein Yahia wrote: > > > I'm new to Linux, sorry if my question is naive. > > Your question isn't naive. But we need a lot more information from > you > in order to help you. > > Some of it may be obtained by executing command line commands we > provide. Open a terminal, copy and paste the command into the > terminal. > When you have the results, copy and paste from the terminal to your > reply email, and include the command line prompt and the one that > follows the command's output. > > Also, be aware that SMB is a complicate mess of a protocol, and has > lots op options. For that reason, SMB clients and servers such as > Samba > are not easy to configure. > > > I just installed debian 11 on my computer. It's wire-connected to > > internet. I have another computer, a mac, which is connected > > through > > wifi. > > I'm going to guess that this is a simple network, such as a home, > with > just the two computers on it. > > > > > I can connect from my mac to the Linux desktop. > > What exactly do you mean by "connect"? SSH? ping? If you mean via > SMB, > that suggests you successfully set the Linux computer up as an SMB > server. Did you? > > > But I can't connect > > from the Linux to the mac: when I go in the "Network" directory, > > the > > mac does not appear. I installed smb on the Linux desktop. > > When you go to what "Network" directory? How do you go to it? Is this > in the GUI or command line? What GUI are you using? XFCE? Gnome? KDE? > > I'm going to guess that you have a file manger open, and it has a > "Network" option, and that when you select it, you are suppose to get > a > list of local SMB servers. Unless you know that the Mac is also an > SMB > server you should not expect to see it. If my earlier guess is > correct, > and the Linux box is an SMB server, do you see the Linux box in that > window? > > > >
Re: Networking pb
On Sun, 08 May 2022 23:58:28 +0200 Hussein Yahia wrote: > I'm new to Linux, sorry if my question is naive. Your question isn't naive. But we need a lot more information from you in order to help you. Some of it may be obtained by executing command line commands we provide. Open a terminal, copy and paste the command into the terminal. When you have the results, copy and paste from the terminal to your reply email, and include the command line prompt and the one that follows the command's output. Also, be aware that SMB is a complicate mess of a protocol, and has lots op options. For that reason, SMB clients and servers such as Samba are not easy to configure. > I just installed debian 11 on my computer. It's wire-connected to > internet. I have another computer, a mac, which is connected through > wifi. I'm going to guess that this is a simple network, such as a home, with just the two computers on it. > > I can connect from my mac to the Linux desktop. What exactly do you mean by "connect"? SSH? ping? If you mean via SMB, that suggests you successfully set the Linux computer up as an SMB server. Did you? > But I can't connect > from the Linux to the mac: when I go in the "Network" directory, the > mac does not appear. I installed smb on the Linux desktop. When you go to what "Network" directory? How do you go to it? Is this in the GUI or command line? What GUI are you using? XFCE? Gnome? KDE? I'm going to guess that you have a file manger open, and it has a "Network" option, and that when you select it, you are suppose to get a list of local SMB servers. Unless you know that the Mac is also an SMB server you should not expect to see it. If my earlier guess is correct, and the Linux box is an SMB server, do you see the Linux box in that window? -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Networking pb
Hi, I'm new to Linux, sorry if my question is naive. I just installed debian 11 on my computer. It's wire-connected to internet. I have another computer, a mac, which is connected through wifi. I can connect from my mac to the Linux desktop. But I can't connect from the Linux to the mac: when I go in the "Network" directory, the mac does not appear. I installed smb on the Linux desktop. Can you help me on that ? Thanks ! hussein
Re: Networking book recommendation
You might want to take a look at "Computer Networks" by A.S. Tanenbaum and D.J. Wetherall. It's available for free online at https://docs.google.com/viewer?a=v=sites=ZGVmYXVsdGRvbWFpbnxza21pbmh8Z3g6NjQxMTI2MmYxMTAwZmNjZQ Or you can buy a copy from your local bookseller. Enjoy! Rick
Re: Networking book recommendation
On 5/6/2022 12:36 AM, Tom Browder wrote: On Thu, May 5, 2022 at 16:07 David Christensen wrote: On 5/5/22 12:31, john doe wrote: At the time I set up this, I googled this subject and came to the conclusion that SSH through VPN was a better fit (flexibility, two layers of security, VPN advantages when connecting on public wifi) for me. The only experience with VPN I've had was when I was working from home back in 2010 running Debian on a company laptop and a kludge Cisco VPN program that somehow "just worked." If I go the pfsense/Netgate route (it has a VPN capability) what client do I use on my Debian hosts both internal and external? According to (1), that could be OpenVPN. As I'm not using pfSense, I can only point you to the doc! :) 1) https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-ra.html -- John Doe
Re: Networking book recommendation
Tom Browder wrote: > On Thu, May 5, 2022 at 16:07 David Christensen > wrote: > > > On 5/5/22 12:31, john doe wrote: > > > > > At the time I set up this, I googled this subject and came to the > > > conclusion that SSH through VPN was a better fit (flexibility, two > > > layers of security, VPN advantages when connecting on public wifi) for > > me. > > > The only experience with VPN I've had was when I was working from home back > in 2010 running Debian on a company laptop and a kludge Cisco VPN program > that somehow "just worked." > > If I go the pfsense/Netgate route (it has a VPN capability) what client do > I use on my Debian hosts both internal and external? Wireguard is now built in to the kernel (dkms module prior to bullseye). It is the easiest to configure, being slightly easier than SSH, and by far the fastest/most CPU efficient. sudo apt install wireguard-tools will get you the userland parts. -dsr-
Re: Networking book recommendation
On Thu, 5 May 2022 17:36:14 -0500 Tom Browder wrote: > On Thu, May 5, 2022 at 16:07 David Christensen > wrote: > > > On 5/5/22 12:31, john doe wrote: > > > > > At the time I set up this, I googled this subject and came to the > > > conclusion that SSH through VPN was a better fit (flexibility, two > > > layers of security, VPN advantages when connecting on public wifi) for > > me. > > > The only experience with VPN I've had was when I was working from home back > in 2010 running Debian on a company laptop and a kludge Cisco VPN program > that somehow "just worked." > > If I go the pfsense/Netgate route (it has a VPN capability) what client do > I use on my Debian hosts both internal and external? Depends on what VPN technology you're using. If you have no technical debt, Wireguard is definitely the way to go. On both ends, just install the Debian wireguard package (and its dependencies), edit the appropriate configuration files, and you're good to go. -- Celejar
Re: Networking book recommendation
On Thu, May 5, 2022 at 16:07 David Christensen wrote: > On 5/5/22 12:31, john doe wrote: > > > At the time I set up this, I googled this subject and came to the > > conclusion that SSH through VPN was a better fit (flexibility, two > > layers of security, VPN advantages when connecting on public wifi) for > me. The only experience with VPN I've had was when I was working from home back in 2010 running Debian on a company laptop and a kludge Cisco VPN program that somehow "just worked." If I go the pfsense/Netgate route (it has a VPN capability) what client do I use on my Debian hosts both internal and external? -Tom
Re: Networking book recommendation
On 5/5/22 12:31, john doe wrote: At the time I set up this, I googled this subject and came to the conclusion that SSH through VPN was a better fit (flexibility, two layers of security, VPN advantages when connecting on public wifi) for me. I prefer to have SSH available both via old-school port forwarding and via VPN. That way, when one breaks the other may still work. It's always a challenge trying to balance the convenience of centralization during normal operations against fall-back capabilities during adverse conditions. The latter can be thought of as a form of risk management. David
Re: Networking book recommendation
On 5/4/22 09:07, john doe wrote:
> Here are some comments in addition to this thread:
> - Do not use the router capability provided by your ISP.
> This is mainly to avoid letting your ISP remotely control the thing and
> disable the firewall for example.
>
> If you can, use your own router.
>
> If your ISP requires to work with their router put the ISP thing in
> 'bridge'/modem only mode, this will allow to get your public IPv4
> address to your own gateway.
As per the OP, I also have AT residential service. I use a
router-behind-router configuration -- an AT residential gateway
between the Internet and what is effectively a DMZ, and a UniFi Security
Gateway 3P between the DMZ and the LAN. Advantages of this
configuration include:
1. The AT DMZ is available (wired and Wi-Fi) when the UniFi LAN is
down for maintenance or modification. My wife and children need
Internet connectivity 24x7, regardless of my "experiments".
2, I can connect a laptop to the DMZ and configure/ test/ verify/
trouble-shoot UniFi from the outside (notably laptop VPN connectivity).
On 5/5/22 07:34, Tom Browder wrote:
> ... given a properly passwordless ssh connection, is there anything
> extraordinarily dangerous versus a VPN, or is it the redundancy you
favor?
> (I am the only superuser, and usually the only user of my network.)
AIUI SSH with passwords disabled and strong passphrase-protected keys is
secure.
AIUI VPN with strong pre-shared keys and strong passphrases is secure.
My primary use-case for SSH is CVS. This can be accomplished via port
forwarding on the gateway. (The router-behind-router topology means I
need to do this twice.) The challenge is when you want to access
multiple LAN hosts via SSH. Options include adding (and translating)
non-standard ports, and using an SSH jump host. (Lucas recommends the
latter.)
A VPN connection means that my laptop can see all hosts and services on
the LAN when I am remote. My primary use-case is accessing the file
server (Samba) using a GUI file manager application. I can also SSH
directly into any host. UniFi provides the network tools for the VPN,
and Windows and macOS provide the client tools for the VPN. I have
never succeeded configuring a VPN client on Debian.
> BTW, regarding pfsense, I forgot it runs on BSD, so I plan to get their
> small appliance to hang off the ISP router.
Prior to UniFi, I variously used PC's with general-purpose (Red Hat,
Debian) and purpose-built Linux (IPCop) and BSD (pfSense) distributions,
and commercial routers (Netgear) with stock and FOSS (OpenWRT) firmware
as Internet gateways/ routers. Raw Linux was configured via the
console. All the others had web control panels. Then I added a Wi-Fi
access point. Now I needed to keep two device settings in sync via two
web control panels. It was tedious. Then I added a remote site,
dynamic DNS, and connected the two sites with a VPN. Management became
a PITA.
I currently have one site with one UniFi security gateway (USG) and
three UniFi Wi-Fi access points. Management is via one UniFi web
control panel running on a purpose-built VPS. The UniFi controller
manages and synchronizes the settings on individual devices based upon
higher level abstractions ("Software Defined Networking"), such as
networks. I defined a network, followed the protocol to adopt hardware
devices, and it just works. Management is easy. UniFi provides many
additional features, including port-forwarding and VPN's.
Note that UniFi hardware products run embedded Linux. When I encounter
a difficult trouble-shooting problem, UniFi technical support guided me
to a console roll-up cable for the USG, and helped me configure system
logging to a network host.
David
Re: Networking book recommendation
On 5/5/2022 4:34 PM, Tom Browder wrote:
On Wed, May 4, 2022 at 11:07 john doe wrote:
On Tue, May 3, 2022 at 15:18 john doe wrote:
On 5/3/2022 9:42 PM, Tom Browder wrote:
- Use VPN to access your servers remotely.
I find it easier to use a VPN (responsible for public remote connection)
to connect to my own network then use SSH (responsible for private
remote connection) to connect to my intranet devices
This also give you two layers of authentication and you have separate
services.
But, given a properly passwordless ssh connection, is there anything
extraordinarily dangerous versus a VPN, or is it the redundancy you favor?
(I am the only superuser, and usually the only user of my network.)
Yes, redundancy avoid having one point of failure in case of compromized
keys for example.
Having outbound connection through the VPN allows me to separate the
services, so if I need to work on the VPN I do not need to touch the SSH
server and vice versa
It also give me better firewalling capability between the VPN subnet and
the rest of my network.
For context, I'm also the only administrator ('root' user ...) on my
network.
See (1) and (2) for more in-depth thoughts.
At the time I set up this, I googled this subject and came to the
conclusion that SSH through VPN was a better fit (flexibility, two
layers of security, VPN advantages when connecting on public wifi) for me.
1)
https://networkengineering.stackexchange.com/questions/23959/why-use-ssh-and-vpn-in-combination
2) https://homenetworkguy.com/tech/ssh-vs-vpn/
--
John Doe
Re: Networking book recommendation
On Wed, May 4, 2022 at 11:07 john doe wrote: > > On Tue, May 3, 2022 at 15:18 john doe wrote: > >> On 5/3/2022 9:42 PM, Tom Browder wrote: >>> I'm about to sign up for a fixed IPv4 address to my home. I know a bit > >>> about setting up simple internal networks, but want to make sure I'm >>> doing it all correctly and securely. Does anyone have a good book they > >>> recommend for such use? I found the book I once consulted and just bought the Kindle version: Networking for Systems Administrators, Michael W. Lucas, 2014 Mr. Lucas has also written books on *BSD, ssh, and DNS. Here are some comments in addition to this thread: > - Do not use the router capability provided by your ISP. > This is mainly to avoid letting your ISP remotely control the thing and > disable the firewall for example. Good advice. If you can, use your own router. Ditto. If your ISP requires to work with their router put the ISP thing in > 'bridge'/modem only mode, this will allow to get your public IPv4 > address to your own gateway. Check. - Use VPN to access your servers remotely. > I find it easier to use a VPN (responsible for public remote connection) > to connect to my own network then use SSH (responsible for private > remote connection) to connect to my intranet devices > > This also give you two layers of authentication and you have separate > services. But, given a properly passwordless ssh connection, is there anything extraordinarily dangerous versus a VPN, or is it the redundancy you favor? (I am the only superuser, and usually the only user of my network.) BTW, regarding pfsense, I forgot it runs on BSD, so I plan to get their small appliance to hang off the ISP router. Thanks, Mr. John Doe. -Tom
Re: Networking book recommendation
On 5/3/2022 10:35 PM, Tom Browder wrote: On Tue, May 3, 2022 at 15:18 john doe wrote: On 5/3/2022 9:42 PM, Tom Browder wrote: I'm about to sign up for a fixed IPv4 address to my home. I know a bit about setting up simple internal networks, but want to make sure I'm doing it all correctly and securely. Does anyone have a good book they recommend for such use? What do you mean by "correctly and securly", the networking is never secure. Thanks, I didn't know that. Depending on what you need, you might want firewall ... I'm considering HaProxy downsteam from the router. That also brings the question, why do you need a static IPv4 address? I'm moving my webservers inside. I've learned my networking knowlage by reading on line or asking questions when I'm stuck! :) So I can not recommend a book. Here are some comments in addition to this thread: - Do not use the router capability provided by your ISP. This is mainly to avoid letting your ISP remotely control the thing and disable the firewall for example. If you can, use your own router. If your ISP requires to work with their router put the ISP thing in 'bridge'/modem only mode, this will allow to get your public IPv4 address to your own gateway. - Use VPN to access your servers remotely. I find it easier to use a VPN (responsible for public remote connection) to connect to my own network then use SSH (responsible for private remote connection) to connect to my intranet devices This also give you two layers of authentication and you have separate services. -- John Doe
Re: Networking book recommendation
On 4/5/22 12:57 pm, to...@tuxteam.de wrote: On Wed, May 04, 2022 at 04:27:52AM +0800, Jeremy Ardley wrote: [...] [...] NAT in itself provides quite good security because internal hosts can't be scanned by attackers. Uh, oh. I think general opinion these days disagree with this statement strongly (see e.g. [1], but this has been rough consensus since at least the 2000s). Your consensus is 20 years old. Times move Natural evolution has developed standard features in routers that out of the box are 'good enough' for SOHO implementations. That is when you plug it in and connect to your home LAN you can reasonably expect your LAN won't be compromised in 5 minutes or even 5 years of persistent attacks. The only problem is when the enthusiastic owner starts opening ports to allow internal mail or web, or even just to run some games. This problem will also occur when you have the latest fancy dandy firewall. It is users who are insecure, not NAT or routers as such. More interesting is IPv6 which many ISPs now offer. Modern routers know about Prefix delegation and all your windows hosts will automatically pick up IPv6 Addresses. These are 'raw' on the internet, no NAT involved. It will depend on your router firewall on how well protected you are. In the IPv6 case, modern Windows machines all have inbuilt firewalls that work reasonably well. Linux systems are variable in firewall configuration and may not be as well protected. I run my own Armbian dual homed router that does the IPv6 stuff and I have a reasonable set of ip6tables rules to allow specific hosts to provide IPv6 services on well known addresses (ie in DNS) but at the same time protect most other hosts from any unsolicited IPv6 Traffic. If I was still in the 90s I'd set up a DMZ blah blah. Now I just expose services on the router using HA proxy for IPv4 Stuff and specific rules for IPv6. I also run a postfix instance on the router for IPv4 connectivity. Jeremy OpenPGP_signature Description: OpenPGP digital signature
Re: Networking book recommendation
On Wed, May 04, 2022 at 04:27:52AM +0800, Jeremy Ardley wrote: [...] > [...] NAT in itself > provides quite good security because internal hosts can't be scanned by > attackers. Uh, oh. I think general opinion these days disagree with this statement strongly (see e.g. [1], but this has been rough consensus since at least the 2000s). That said, even "normal" hands-off firewalls don't help against the most widespread threats of these days: malicious actors that are located inside your network: be it some random javascript running in your browser, a printer phoning home or your so-called smart TV. All of those will connect to outside things from the inside, and a no-trouble hands-off firewall is configured to allow just that. The known attacks against NAT dwindle given the above-mentioned cornucopia :-) Don't get me started on things like UPMP's NAT-PMP [2] which are explicitily designed for clients to punch holes into the firewall. Cheers [1] https://security.stackexchange.com/questions/8772/how-important-is-nat-as-a-security-layer [2] https://en.wikipedia.org/wiki/NAT_Port_Mapping_Protocol -- t signature.asc Description: PGP signature
Re: Networking book recommendation
On 5/3/22 12:42, Tom Browder wrote: I'm about to sign up for a fixed IPv4 address to my home. I know a bit about setting up simple internal networks, but want to make sure I'm doing it all correctly and securely. Does anyone have a good book they recommend for such use? On 5/3/22 13:35, Tom Browder wrote: > On Tue, May 3, 2022 at 15:18 john doe wrote: > >> On 5/3/2022 9:42 PM, Tom Browder wrote: >>> I'm about to sign up for a fixed IPv4 address to my home. I know a bit >>> about setting up simple internal networks, but want to make sure I'm >>> doing it all correctly and securely. Does anyone have a good book they >>> recommend for such use? >>> >> >> What do you mean by "correctly and securly", the networking is never >> secure. > > > Thanks, I didn't know that. > > Depending on what you need, you might want firewall ... > > > I'm considering HaProxy downsteam from the router. > > That also brings the question, why do you need a static IPv4 address? > > > I'm moving my webservers inside. On 5/3/22 14:14, Tom Browder wrote: > I appreciate all the responses, and I realize, once again, that I should > have given a little more background for the question: > > I have been running 10+ websites using SNI on Apache on two leased remote > servers for many years. I am now moving the whole operation, gradually, to > operate out of my home on my own Debian server. During those years I've had > several hardware failures that were hard to deal with remotely, hence the > decision to come home (especially since I now have a bit more space for the > additional equipment). > > I have been using a firewall and iptables to minimize inbound traffic, but > the details some have sent are very helpful for my current plan. > > In addition to the webserver being accessed externally, I will be sshing > into my home server while traveling. On 5/3/22 14:32, Tom Browder wrote: > The sites are historically low traffic, but I'll watch out for problems. > Our current ISP is AT and they are laying fiber quickly in my area. I have stumbled my way through networking over the years, reading whatever I could find. A recent book that I can recommend is "Networking for System Administrators" by Lucas: https://mwl.io/nonfiction/networking#n4sa Do not conflate running public services on the Internet and remote access to your LAN over the Internet. I strongly recommend a virtual private server (VPS) for the former and a virtual private network (VPN) for the latter. For SOHO networking, I now use UniFi hardware products: https://ui.com/ The UniFi Controller is running on a Debian VPS at Linode. Creating the node is automated via a Linode Stack Script. In addition to the UniFi Controller (which includes VPN capabilities), the node image includes fail2ban, LetsEncrypt key management, and other features: https://www.linode.com/ David
Re: Networking book recommendation
On Tue, May 3, 2022 at 17:27 Bob Weber wrote: ... > Have you thought of using a small VM in the cloud? > Yes, I have, Bob, and I have a Digital Ocean account and plan to use it for another use case soon. But I do love having my master source and webserver where I can touch them and fix hardware problems. One of my problems is my favorite websites are ones for my college class ( https://usafa-1965.org) and my brother's Marine TBS class ( https://novco1968tbs.com). In addition, I am starting an online directory for our church. All of them take a fair bit of storage because of heavy picture use and also require good response during my heavy development use periods. I have been spoiled by having real bare-iron servers. BTW, you mention email use. I used to use GNU Mailman 2 but am now considering Sympa [mainly because it is (1) Perl (i.e., non-Python) and (2) it is monolithic and hasn't been broken up into pieces like Mailman 3]. So what do you use? Thanks. -Tom
Re: Networking book recommendation
On 5/3/22 17:14, Tom Browder wrote: I appreciate all the responses, and I realize, once again, that I should have given a little more background for the question: I have been running 10+ websites using SNI on Apache on two leased remote servers for many years. I am now moving the whole operation, gradually, to operate out of my home on my own Debian server. During those years I've had several hardware failures that were hard to deal with remotely, hence the decision to come home (especially since I now have a bit more space for the additional equipment). I have been using a firewall and iptables to minimize inbound traffic, but the details some have sent are very helpful for my current plan. In addition to the webserver being accessed externally, I will be sshing into my home server while traveling. Thanks to all. -Tom Have you thought of using a small VM in the cloud? I have been running a droplet at Digital Ocean for several years. For $5 a month I get a fast 1 cpu VM, 25G of file space, 1 G of memory and a static ip address. I have several web sites there, email for my family, and at times a VPN. I run Debian ... its just like my other systems so its easier to maintain. I use the free letsencrypt service for the certificates for my web sites. The only other cost is for the DNS names for my sites (which you would need if you did this from home). I access it over ssh on a non standard port to keep the knockers out. I use ssh keys to login with passwords disabled. If you mess up you can access the site over a web based shell access. I use shorewall for my firewall (iptables based) and fail2ban to watch my logs there to block ip(s) that are up to mischief. I also block ip ranges of China and Russia. Depending on your needs you may need more memory or file space but for $5 a month this has been a great way to host my web sites, email and VPN. You could even set up a VPN to connect back to your system at home when you are on the road. So this keeps all the traffic off your home systems and network. -- *...Bob*
Re: Networking book recommendation
On Tue, May 3, 2022 at 16:21 Greg Wooledge wrote: ... You think your home Internet connection is going to be able to handle > this traffic? The sites are historically low traffic, but I'll watch out for problems. Our current ISP is AT and they are laying fiber quickly in my area. > In addition to the webserver being accessed externally, I will be sshing > > into my home server while traveling. > > OK. A minimum setup would entail: ... > 4) Forward...whatever you're going to use for ssh >(highly recommended not to use the default port), Good point! -Tom
Re: Networking book recommendation
On Tue, May 03, 2022 at 04:14:40PM -0500, Tom Browder wrote: > I have been running 10+ websites using SNI on Apache on two leased remote > servers for many years. You think your home Internet connection is going to be able to handle this traffic? > In addition to the webserver being accessed externally, I will be sshing > into my home server while traveling. OK. A minimum setup would entail: 1) Buy a consumer-grade router, and set it up to get the static IP address from your ISP. 2) Configure the Debian server to get a DHCP address from the router, so you can see what subnet range the router is using for the internal network. 3) Pick a static address on the router's internal subnet (outside of the pool of DHCP addresses) and configure the router to assign this address to your Debian system, based on MAC address. 4) Forward ports 80 and 443, and whatever you're going to use for ssh (highly recommended not to use the default port), from the router to the Debian machine's internal IP address.
Re: Networking book recommendation
On Tue, May 3, 2022 at 14:42 Tom Browder wrote: > I'm about to sign up for a fixed IPv4 address to my home. I know a bit > about setting up simple internal networks, but want to make sure I'm > doing it all correctly and securely. Does anyone have a good book they > recommend for such use? I appreciate all the responses, and I realize, once again, that I should have given a little more background for the question: I have been running 10+ websites using SNI on Apache on two leased remote servers for many years. I am now moving the whole operation, gradually, to operate out of my home on my own Debian server. During those years I've had several hardware failures that were hard to deal with remotely, hence the decision to come home (especially since I now have a bit more space for the additional equipment). I have been using a firewall and iptables to minimize inbound traffic, but the details some have sent are very helpful for my current plan. In addition to the webserver being accessed externally, I will be sshing into my home server while traveling. Thanks to all. -Tom
Re: Networking book recommendation
Tom Browder wrote: > I'm considering HaProxy downsteam from the router. > > That also brings the question, why do you need a static IPv4 address? If you want a service inside your network to be available to people outside your network (i.e. on the Internet), they need to be able to name it and get packets to it. The name is registered in the DNS (domain name service) and handled by DNS servers, either other people's for a fee or your own. If you have a static IPv4 address, you can assign many names to it via DNS CNAME records. If you have a static IPv6 address, you can assign many names to it via DNS, but only about half the people in the world will be able to get to it. If you don't have a static IPv4 address, but you can accept a few minutes of unreachability from time to time, you can use a dynamic DNS service and a daemon running on one of your machines that will contact it periodically to let the service know what's changed. -dsr-
Re: Networking book recommendation
Tom Browder wrote: > I'm about to sign up for a fixed IPv4 address to my home. I know a bit > about setting up simple internal networks, but want to make sure I'm > doing it all correctly and securely. Does anyone have a good book they > recommend for such use? Almost certainly what you want is Concepts (old but useful): https://www.nftables.org/documentation/HOWTO/packet-filtering-HOWTO.html What to do: https://wiki.nftables.org/wiki-nftables/index.php/Simple_ruleset_for_a_home_router How to do it in Debian: https://www.debian.org/doc/manuals/debian-handbook/sect.firewall-packet-filtering.en.html Reference: https://netfilter.org/ And the invaluable: https://stuffphilwrites.com/2014/09/iptables-processing-flowchart/ -dsr-
Re: Networking book recommendation
On Tue, 2022-05-03 at 14:30 -0600, Charles Curley wrote: > [...] > You will want to parcel out IP addresses and host names on your home > network, so DNS and DHCP. There are other programs to do those things, > but bind and dhcpd are classics, and talk to each other. Or dnsmasq which does both jobs, so just one program and one config file to deal with. -- Tixy
Re: Networking book recommendation
On Tue, May 3, 2022 at 15:18 john doe wrote: > On 5/3/2022 9:42 PM, Tom Browder wrote: > > I'm about to sign up for a fixed IPv4 address to my home. I know a bit > > about setting up simple internal networks, but want to make sure I'm > > doing it all correctly and securely. Does anyone have a good book they > > recommend for such use? > > > > What do you mean by "correctly and securly", the networking is never > secure. Thanks, I didn't know that. Depending on what you need, you might want firewall ... I'm considering HaProxy downsteam from the router. That also brings the question, why do you need a static IPv4 address? I'm moving my webservers inside. Thanks. -Tom
Re: Networking book recommendation
On Tue, 3 May 2022 14:42:16 -0500 Tom Browder wrote: > I'm about to sign up for a fixed IPv4 address to my home. I know a bit > about setting up simple internal networks, but want to make sure I'm > doing it all correctly and securely. Does anyone have a good book they > recommend for such use? You said, "a fixed IPv4 address", which suggests you'll be doing NATting (or whatever they call it this week) for your home network. I use Æleen Frisch, Essential System Administration, 2nd ed. https://www.oreilly.com/library/view/essential-system-administration/0596003439/ I see the current edition is 3rd, dated 2002. So possibly dated, but the basics will be the same. No systemd, though. You will want to get up to speed on firewalling, if you aren't already. Allow your systems to connect to any external server. Don't allow any external access to anything on your firewall or home network unless it's for a service you provide to the outside world. You will want to parcel out IP addresses and host names on your home network, so DNS and DHCP. There are other programs to do those things, but bind and dhcpd are classics, and talk to each other. Wireless is nice, but a security nightmare. And don't forget to do backups. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
Re: Networking book recommendation
On 4/5/22 4:18 am, john doe wrote: What do you mean by "correctly and securly", the networking is never secure. Depending on what you need, you might want firewall ... That also brings the question, why do you need a static IPv4 address? For almost all domestic installations a single static IPv4 address is managed by the router and used to NAT internal addresses. NAT in itself provides quite good security because internal hosts can't be scanned by attackers. If the router is a normal commercial router it will manage the internal network and will itself have very few vulnerabilities If the static IPv4 address is to be used to provide a public service then it's usual to forward inbound connections to an internal host to provide that service. That forwarding is usually router specific. -- Jeremy OpenPGP_signature Description: OpenPGP digital signature
Re: Networking book recommendation
On 5/3/2022 9:42 PM, Tom Browder wrote: I'm about to sign up for a fixed IPv4 address to my home. I know a bit about setting up simple internal networks, but want to make sure I'm doing it all correctly and securely. Does anyone have a good book they recommend for such use? What do you mean by "correctly and securly", the networking is never secure. Depending on what you need, you might want firewall ... That also brings the question, why do you need a static IPv4 address? -- John Doe
Networking book recommendation
I'm about to sign up for a fixed IPv4 address to my home. I know a bit about setting up simple internal networks, but want to make sure I'm doing it all correctly and securely. Does anyone have a good book they recommend for such use? Thanks. -Tom
Re: debug systemd restart networking problem
On 3/26/2022 2:15 PM, Jeremy Ardley wrote:
I have been doing various changes to my network but have now got to the
stage where I have errors running
systemd restart networking
systemctl status networking
● networking.service - Raise network interfaces
Loaded: loaded (/lib/systemd/system/networking.service; enabled;
vendor preset: enabled)
Drop-In: /etc/systemd/system/networking.service.d
└─override.conf
Active: failed (Result: exit-code) since Sat 2022-03-26 20:50:03
AWST; 13min ago
Docs: man:interfaces(5)
Main PID: 1935 (code=exited, status=1/FAILURE)
CPU: 326m
cat /etc/network/interfaces
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 dhcp
request_prefix 1
accept_ra 2
auto lan0
iface lan0 inet static
address 10.31.40.1/24
iface lan0 inet static
address 10.31.40.5/24
iface lan0 inet6 static
address ::1/64
iface lan0 inet6 static
address ::5/64
I check the interfaces using ip a I see all the ipv4 interfaces as
configured in /etc/network/interfaces but none of the ipv6 ones. I do
have ipv6 though as lan0 has has an fe80 address
I have tried a lot of things to debug this but no luck. e.g.
systemctl edit networking.service command
[Service]
# remove existing ExecStart rule
ExecStart=
# start ifup with verbose option
ExecStart=/sbin/ifup -av
Does it change anything if you reboot ('systemctl reboot')?
What are you seeing in the logs?
--
John Doe
debug systemd restart networking problem
I have been doing various changes to my network but have now got to the stage where I have errors running systemd restart networking systemctl status networking ● networking.service - Raise network interfaces Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/networking.service.d └─override.conf Active: failed (Result: exit-code) since Sat 2022-03-26 20:50:03 AWST; 13min ago Docs: man:interfaces(5) Main PID: 1935 (code=exited, status=1/FAILURE) CPU: 326m cat /etc/network/interfaces source /etc/network/interfaces.d/* auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp iface eth0 inet6 dhcp request_prefix 1 accept_ra 2 auto lan0 iface lan0 inet static address 10.31.40.1/24 iface lan0 inet static address 10.31.40.5/24 iface lan0 inet6 static address ::1/64 iface lan0 inet6 static address ::5/64 I check the interfaces using ip a I see all the ipv4 interfaces as configured in /etc/network/interfaces but none of the ipv6 ones. I do have ipv6 though as lan0 has has an fe80 address I have tried a lot of things to debug this but no luck. e.g. systemctl edit networking.service command [Service] # remove existing ExecStart rule ExecStart= # start ifup with verbose option ExecStart=/sbin/ifup -av Any assistance in resolving this problem appreciated. -- Jeremy OpenPGP_signature Description: OpenPGP digital signature
Re: IPv4 networking problem after dist-upgrade
Hi again! On Wed, Oct 06, 2021 at 06:02:40PM +0200, Oleg wrote: > > ip link show > > $ > ip l sh > ... > 2: eth0: mtu 1492 qdisc pfifo_fast master > direct0 state UP mode DEFAULT group default qlen 1000 > link/ether 54:04:a6:a0:77:de brd ff:ff:ff:ff:ff:ff > 3: direct0: mtu 1492 qdisc noqueue state UP > mode DEFAULT group default qlen 1000 > link/ether 32:95:e2:a2:8e:0e brd ff:ff:ff:ff:ff:ff > ... Apparently the error originated from the deviating MAC address of physical interface and bridge. After I configured direct0 to have the same MAC address as eth0 IPv4 started to work as expected again. I assume that some security/anti-spoofing mechanism on the network/gateway side rejected the "new" MAC address that has probably changed during the upgrade. Cheers Oleg
Re: IPv4 networking problem after dist-upgrade
Hey Dan, On Wed, Oct 06, 2021 at 10:23:40AM -0400, Dan Ritter wrote: > Can you tell us about networking on the host, please? sure, I can. > ip link show $ > ip l sh ... 2: eth0: mtu 1492 qdisc pfifo_fast master direct0 state UP mode DEFAULT group default qlen 1000 link/ether 54:04:a6:a0:77:de brd ff:ff:ff:ff:ff:ff 3: direct0: mtu 1492 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 32:95:e2:a2:8e:0e brd ff:ff:ff:ff:ff:ff ... I only pasted the relevant interfaces (physical interface and the corresponding bridge). There are two more bridges and tap interfaces but these are only for the VMs. > ip addr show $ > ip a s ... 2: eth0: mtu 1492 qdisc pfifo_fast master direct0 state UP group default qlen 1000 link/ether 54:04:a6:a0:77:de brd ff:ff:ff:ff:ff:ff 3: direct0: mtu 1492 qdisc noqueue state UP group default qlen 1000 link/ether 32:95:e2:a2:8e:0e brd ff:ff:ff:ff:ff:ff inet 176.9.70.119/27 brd 176.9.70.127 scope global direct0 valid_lft forever preferred_lft forever inet6 2a01:4f8:151:64::2/64 scope global valid_lft forever preferred_lft forever inet6 fe80::3095:e2ff:fea2:8e0e/64 scope link valid_lft forever preferred_lft forever ... > ip route show $ > ip r s default via 176.9.70.97 dev direct0 onlink 176.9.70.96/27 dev direct0 proto kernel scope link src 176.9.70.119 192.168.0.0/24 dev lsbg0 proto kernel scope link src 192.168.0.1 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 > cat /proc/sys/net/ipv4/ip_forward 1 > would be a good start. Also, are you running a firewall of any > kind on the server itself? I have a bunch of handwritten iptables, ip6tables, and ebtables rules, but the behavior is the same after I flush them and they look like this: $ > sudo iptables -nL Chain INPUT (policy ACCEPT) target prot opt source destination LIBVIRT_INP all -- 0.0.0.0/00.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination LIBVIRT_FWX all -- 0.0.0.0/00.0.0.0/0 LIBVIRT_FWI all -- 0.0.0.0/00.0.0.0/0 LIBVIRT_FWO all -- 0.0.0.0/00.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination LIBVIRT_OUT all -- 0.0.0.0/00.0.0.0/0 Chain LIBVIRT_FWI (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0192.168.122.0/24 ctstate RELATED,ESTABLISHED REJECT all -- 0.0.0.0/00.0.0.0/0reject-with icmp-port-unreachable Chain LIBVIRT_FWO (1 references) target prot opt source destination ACCEPT all -- 192.168.122.0/24 0.0.0.0/0 REJECT all -- 0.0.0.0/00.0.0.0/0reject-with icmp-port-unreachable Chain LIBVIRT_FWX (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/00.0.0.0/0 Chain LIBVIRT_INP (1 references) target prot opt source destination ACCEPT udp -- 0.0.0.0/00.0.0.0/0udp dpt:53 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:53 ACCEPT udp -- 0.0.0.0/00.0.0.0/0udp dpt:67 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:67 Chain LIBVIRT_OUT (1 references) target prot opt source destination ACCEPT udp -- 0.0.0.0/00.0.0.0/0udp dpt:53 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:53 ACCEPT udp -- 0.0.0.0/00.0.0.0/0udp dpt:68 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:68 $ > sudo ip6tables -nL Chain INPUT (policy ACCEPT) target prot opt source destination LIBVIRT_INP all ::/0 ::/0 Chain FORWARD (policy ACCEPT) target prot opt source destination LIBVIRT_FWX all ::/0 ::/0 LIBVIRT_FWI all ::/0 ::/0 LIBVIRT_FWO all ::/0 ::/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination LIBVIRT_OUT all ::/0 ::/0 Chain LIBVIRT_FWI (1 references) target prot opt source destination Chain LIBVIRT_FWO (1 references) target prot opt source destination Chain LIBVIRT_FWX (1 references) target prot opt source destination Chain LIBVIRT_INP (1 references) target prot opt source destination Chain LIBVIRT_OUT (1 references) target prot opt source destination $ > sudo ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 0, policy: ACCEPT In the meantime I've also figured that I'm able to arping the gateway successf
Re: IPv4 networking problem after dist-upgrade
Oleg wrote: > I've updated my server to bullseye a couple of days ago and since then I'm > unable to get IPv4 networking to work properly again. IPv6 still seems to work > like charm. I can also connect to the hosted VMs (KVM via libvirt) on the > server over IPv4 without problems. However, when I try to address the server > directly, all packets seem to be dropped on the outgoing interface. If, for > instance, I ping the server, I can see the ICMPv4 echo requests _and_ replies > in tcpdump, but the pinging peer won't never receive the replies. If I check > the ARP tables I can find the gateway's MAC address tagged as DELAY. > > The general setup has worked before the dist-upgrade for years and I'm a bit > clueless what might has been broken during the update. Can you tell us about networking on the host, please? ip link show ip addr show ip route show cat /proc/sys/net/ipv4/ip_forward would be a good start. Also, are you running a firewall of any kind on the server itself? -dsr-
IPv4 networking problem after dist-upgrade
Hi there, I've updated my server to bullseye a couple of days ago and since then I'm unable to get IPv4 networking to work properly again. IPv6 still seems to work like charm. I can also connect to the hosted VMs (KVM via libvirt) on the server over IPv4 without problems. However, when I try to address the server directly, all packets seem to be dropped on the outgoing interface. If, for instance, I ping the server, I can see the ICMPv4 echo requests _and_ replies in tcpdump, but the pinging peer won't never receive the replies. If I check the ARP tables I can find the gateway's MAC address tagged as DELAY. The general setup has worked before the dist-upgrade for years and I'm a bit clueless what might has been broken during the update. Cheers Oleg
Re: LoRa for private emergency networking
On Fri, May 7, 2021, 4:48 AM Nicolas George wrote: > Hi. > > I recently heard about LoRa (https://en.wikipedia.org/wiki/LoRa), a kind > of very long distance low data bandwidth wifi / bluetooth. Thanks Nicolas I had wondered if people were thinking along these lines. And it's already written :-) I still wonder if anyone uses the "lowfer" radio frequencies for the same, very low bandwidth :-) In the US some VLF frequency ranges are unregulated and available for experimental use. Another subgroup in the radio hobbyist spectrum. It is > designed for internet-of-things devices, but the bandwidth it offers is > enough to SSH and read the end of a log file and restart a daemon. Since > I have a few technically-minded friends and acquaintances living in the > same dense urban area, I am considering trying to use it to establish a > kind of private network for emergency access. > > I have found these articles, about a LoRa-based USB device and its use > to do just that kind of thing: > > https://unsigned.io/product/rnode/ > https://unsigned.io/15-kilometre-ssh-link-with-rnode/ > > (It seems to be out of stock, but the design is open.) > > I wonder if some people here have already had the same idea and explored > it further, especially with software readily available in Debian? > > Regards, > > -- > Nicolas George >
LoRa for private emergency networking
Hi. I recently heard about LoRa (https://en.wikipedia.org/wiki/LoRa), a kind of very long distance low data bandwidth wifi / bluetooth. It is designed for internet-of-things devices, but the bandwidth it offers is enough to SSH and read the end of a log file and restart a daemon. Since I have a few technically-minded friends and acquaintances living in the same dense urban area, I am considering trying to use it to establish a kind of private network for emergency access. I have found these articles, about a LoRa-based USB device and its use to do just that kind of thing: https://unsigned.io/product/rnode/ https://unsigned.io/15-kilometre-ssh-link-with-rnode/ (It seems to be out of stock, but the design is open.) I wonder if some people here have already had the same idea and explored it further, especially with software readily available in Debian? Regards, -- Nicolas George signature.asc Description: PGP signature
Re: No networking after resume from suspend
Richmond writes: > Dan Ritter writes: > >> Richmond wrote: >>> Looks like this bug: >>> >>> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1798921 >> >> Could be. >> >> In which case, this will be solved in the new Stable, most >> likely out in May or June. >> >> You could try a backports kernel before that. >> > > I tried kernels 5.9 and 5.10 but neither cured it. So perhaps I should report > it > as a bug in debian? Sure you can do that. I'd assume you find behavior problematic so you could also figure out a workaround. For example, if unloading and reloading the sky2 module after suspend works (like in that Ubuntu bug report), then why not just automate that?
Re: No networking after resume from suspend
On Fri 23 Apr 2021 at 23:11:58 (-0400), Greg Wooledge wrote:
> On Fri, Apr 23, 2021 at 09:59:09PM -0500, David Wright wrote:
> > OTOH my startup files set Mywiredifname for scripts to use, where:
> >
> > Mywiredifname=$(ip -o link show | sed -e '/^[0-9]\+: [^e]/d;s/[0-9]\+:
> > \([^:]\+\): .*/\1/;q')
> >
> > $ echo $Mywiredifname
> > enp3s0
>
> unicorn:~$ ip -o link show | awk -F': ' '{print $2}'
> lo
> lan0
Yes —— though one might wonder why someone would use this little
script to discover the interface name on a system where, I assume,
they chose the name themselves.
> You're relying on the "default" names which ensure that an ethernet
> interface begins with an 'e', so we could fold that in as well:
>
> ip -o link show | awk -F': ' '$2 ~ /^e/ {print $2}'
One certainly has to eliminate 'w', at the very least, to eliminate
any wireless card. And {print $2; exit} guarantees only one match,
to correspond with my 'q'.
> It's slightly prettier than yours, and doesn't rely on GNUisms (which are
> probably not a big issue since a system with "ip" probably has GNU sed).
>
> > (My days of running multiple ethernet cards are long gone,
> > so sed will quit after one match.)
>
> Sounds like a naive assumption. Some motherboards have dual NICs built in,
> don't they?
I look forward to the day. I've got this far in life without ever
buying a computer, so I may well never see one. It /is/ an assumption,
hence my mentioning it. I don't want to overpromise—the substance of
my post was contained in 5 keystrokes: ip a
for Cindy to type, instead of greping kern.log and dmesg.
My assumption that all modern PCs would have one ethernet interface
has already fallen by the wayside—some (most?) laptops now have zero.
But thanks for the awk suggestions. All the (trivial) awk code
in my startup files is just copied from elsewhere. I think the reason
I never got into awk is simply that I came from mainframes/spitbol
via MSDOS/perl/grep/sed to linux/python.
Cheers,
David.
Re: No networking after resume from suspend
Greg Wooledge wrote: > On Fri, Apr 23, 2021 at 09:59:09PM -0500, David Wright wrote: > > > (My days of running multiple ethernet cards are long gone, > > so sed will quit after one match.) > > Sounds like a naive assumption. Some motherboards have dual NICs built in, > don't they? A fair number of consumer motherboards, and then I have server motherboards with up to five NICs each, though 3 is more common. -dsr-
Re: No networking after resume from suspend
On Fri, Apr 23, 2021 at 09:59:09PM -0500, David Wright wrote:
> OTOH my startup files set Mywiredifname for scripts to use, where:
>
> Mywiredifname=$(ip -o link show | sed -e '/^[0-9]\+: [^e]/d;s/[0-9]\+:
> \([^:]\+\): .*/\1/;q')
>
> $ echo $Mywiredifname
> enp3s0
unicorn:~$ ip -o link show | awk -F': ' '{print $2}'
lo
lan0
You're relying on the "default" names which ensure that an ethernet
interface begins with an 'e', so we could fold that in as well:
ip -o link show | awk -F': ' '$2 ~ /^e/ {print $2}'
It's slightly prettier than yours, and doesn't rely on GNUisms (which are
probably not a big issue since a system with "ip" probably has GNU sed).
> (My days of running multiple ethernet cards are long gone,
> so sed will quit after one match.)
Sounds like a naive assumption. Some motherboards have dual NICs built in,
don't they?
Re: No networking after resume from suspend
On Fri 23 Apr 2021 at 13:23:31 (-0400), Cindy Sue Causey wrote: > > All of the adapters that come as a single item have worked great. You > just have to track down the new identifier, e.g. one of mine is > "enx00909e9dd1ee". That long value goes wherever one normally types in > eth0, enp1s0, eno1, etc. > > Dmesg often reports that value. I grep /var/log/kern* for the word > "renamed" because that's what I always remember first. Except that > then there's having to open kern.log in a text editor occasionally so > yeah, dmesg rocks if one can remember to go that route. > > Grep works with dmesg, too. I just tested it. Only one line to read as > output. Very cognitively friendly! :) That seems like a lot of typing. You should be able to read your interface name with 5 keystrokes: $ ip a and l(ink) will work in place of a(ddress). OTOH my startup files set Mywiredifname for scripts to use, where: Mywiredifname=$(ip -o link show | sed -e '/^[0-9]\+: [^e]/d;s/[0-9]\+: \([^:]\+\): .*/\1/;q') $ echo $Mywiredifname enp3s0 $ (My days of running multiple ethernet cards are long gone, so sed will quit after one match.) Cheers, David.
Re: No networking after resume from suspend
Richmond wrote: > Dan Ritter writes: > > > Richmond wrote: > >> Looks like this bug: > >> > >> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1798921 > > > > Could be. > > > > In which case, this will be solved in the new Stable, most > > likely out in May or June. > > > > You could try a backports kernel before that. > > > > I tried kernels 5.9 and 5.10 but neither cured it. So perhaps I should report > it > as a bug in debian? To the kernel packagers group, yup. -dsr-
Re: No networking after resume from suspend
Dan Ritter writes: > Richmond wrote: >> Looks like this bug: >> >> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1798921 > > Could be. > > In which case, this will be solved in the new Stable, most > likely out in May or June. > > You could try a backports kernel before that. > I tried kernels 5.9 and 5.10 but neither cured it. So perhaps I should report it as a bug in debian?
Re: No networking after resume from suspend
On 4/23/21, Dan Ritter wrote: > Richmond wrote: >> > Let's try from the bottom up? >> > >> > ip link show >> > will show you the interfaces recognized by the kernel. If this >> > works, it might show you an eth0, an en0, or something like a >> > enp22s0 device. Let's call it "SAM". >> >> Thanks for your reply. >> >> enp2s0: mtu 1500 qdisc pfifo_fast >> state DOWN mode DEFAULT group default qlen 1000 > > >> > and make sure the cable is plugged in. >> >> :) > > Ah, you laugh, but: the NO-CARRIER...UP... state DOWN means that > the kernel recognizes the device and there's a cable issue. > > Go trace the cable, replug in both ends, and if that doesn't > work, replace the cable. If the far end has a free port, try > swapping to a different port - this one might be toasted. Those ethernet to USB port adapter products have been irreplaceable for me. The only ones that have NEVER worked are the ones that come as a two-for-one package. They don't seem to work for most other Users, either. I tested the one I have just a few days ago AGAIN. Zero interaction. Maybe I'll try it yet AGAIN today. I'd like to solve that so that it's one more successful option for mainly poverty folks with computers. The package I bought was surely under $10. I think I've probably paid at most maybe $5 or $6 for the single ones. All of the adapters that come as a single item have worked great. You just have to track down the new identifier, e.g. one of mine is "enx00909e9dd1ee". That long value goes wherever one normally types in eth0, enp1s0, eno1, etc. Dmesg often reports that value. I grep /var/log/kern* for the word "renamed" because that's what I always remember first. Except that then there's having to open kern.log in a text editor occasionally so yeah, dmesg rocks if one can remember to go that route. Grep works with dmesg, too. I just tested it. Only one line to read as output. Very cognitively friendly! :) Cindy :) -- Cindy-Sue Causey Talking Rock, Pickens County, Georgia, USA * runs with birdseed *
Re: No networking after resume from suspend
On 4/23/21, David Wright wrote: > On Fri 23 Apr 2021 at 10:49:00 (+0100), Richmond wrote: >> Cindy Sue Causey writes: >> >> > Questions where answers might help come to mind. Primarily, has this >> > always occurred, or did it just start up in the last couple days? >> >> It has occured since installing debian (10). Prior to that I was using >> opensuse. >> >> > I'm on a new old secondhand laptop today. Just started using it >> > yesterday. It's doing similar, but I can trigger it back on via >> > "wicd-curses". A quick CTRL+R (refresh) for no particular reason and >> > then CTRL+C (connect), and I'm back up and running. >> >> I don't think I am using Wicked, if that is the equivalent of the >> opensuse Wicked. I think I am using network manager. > > JFTR there's no connection (pun, sorry) between Wicd¹ and Wicked.² > Confusion is compounded by their identical pronunciation. > > Wicked would claim to be a superset of NetworkManager. Wicd is a > simple connection manager, handling just one connection at a time. > > In any case, wicd's days are numbered unless and until it moves > forward from Python2. There's a Python3 version in experimental, > but the hiatus might not be good for sustaining its popularity. Experimental is the version I'm using. That was an empowering moment there. It helped me finally understand all the chatter about backports and the irreplaceable value to Users looking for missing programs that didn't make it in time to be included in any given release. > ¹ acronym, Wireless Interface Connection Daemon > > ² "No REST for the wicked", motivational joke after SUSE rejected > using REST, a REpresentational State Transfer interface. Thank you! I always wondered but never pursued what the wicd acronym was. I assumed it was an acronym, anyway, because of that "d" that appears in other packages, too. #1 I'm so sorry, I made a major mistake last night. To operate wicd-curses, the commands are SHIFT+R for refresh and SHIFT+C to connect. There's no CTRL used there. That was the first thought I had this morning after waking up. The tl;dr for the rest of this is that systemctl worked for me this morning, but I'm using wicd instead of e.g. network-manager. They're both still available on Debian because there are differences in how they function. They don't appear to be duplicate overkill by both being installable. My memory recall is that they don't play nice together. Ok, so I tried those various systemctl lines. When I actually read them, I realized this isn't an apples to apples comparison. That "network-manager" was the sign. In addition to that, I'm on a wired connection in case this was about wireless. For the moment, I can only assume wicd might handle wireless connections similarly. With respect to those terminal commands, I first tried wicd-curses instead of network-manager. That didn't work because it's an interface. So I tried "systemctl restart wicd" but couldn't tell that anything was happening beyond that it didn't throw any errors. I tried "systemctl stop wicd", and it understandably killed my open wicd-curses interface in the terminal. Next, "systemctl start wicd" was entered. I reopened wicd-curses... and it was already connected online without any further intervention. It was cool to see that interaction, am just waiting for my brain to have the ah-ha moment about exactly what happened. In the meantime, that's my "learn something new" today. One my earliest "thank you" posts about Debian was about the fact that there are frequently at least two ways to accomplish many tasks. That kept coming to mind over the last month of horrific hardware failures. Several of those alternates were used repeatedly the last few weeks. In particular, the right click on the desktop to access the Applications menu was invaluable. I was working on a badly damaged screen that blocked access to the usual method of clicking the word "Applications" on the top left in XFCE4. N.B. Apparently the dogs or I stepped on my Dell Duo when it was on the floor beside me here. The leaking damage on the screen looked just like a giant footprint, lol. AND I just now remembered that I could have moved the desktop panel that holds that Application menu. Hopefully there will never be a next time where that needs to occur. Cindy :) -- Cindy-Sue Causey Talking Rock, Pickens County, Georgia, USA * runs with birdseed *
Re: No networking after resume from suspend
On Fri 23 Apr 2021 at 10:49:00 (+0100), Richmond wrote: > Cindy Sue Causey writes: > > > Questions where answers might help come to mind. Primarily, has this > > always occurred, or did it just start up in the last couple days? > > It has occured since installing debian (10). Prior to that I was using > opensuse. > > > I'm on a new old secondhand laptop today. Just started using it > > yesterday. It's doing similar, but I can trigger it back on via > > "wicd-curses". A quick CTRL+R (refresh) for no particular reason and > > then CTRL+C (connect), and I'm back up and running. > > I don't think I am using Wicked, if that is the equivalent of the > opensuse Wicked. I think I am using network manager. JFTR there's no connection (pun, sorry) between Wicd¹ and Wicked.² Confusion is compounded by their identical pronunciation. Wicked would claim to be a superset of NetworkManager. Wicd is a simple connection manager, handling just one connection at a time. In any case, wicd's days are numbered unless and until it moves forward from Python2. There's a Python3 version in experimental, but the hiatus might not be good for sustaining its popularity. ¹ acronym, Wireless Interface Connection Daemon ² "No REST for the wicked", motivational joke after SUSE rejected using REST, a REpresentational State Transfer interface. Cheers, David.
Re: No networking after resume from suspend
Richmond wrote: > Looks like this bug: > > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1798921 Could be. In which case, this will be solved in the new Stable, most likely out in May or June. You could try a backports kernel before that. -dsr-
Re: No networking after resume from suspend
Looks like this bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1798921
Re: No networking after resume from suspend
Richmond wrote: > > Let's try from the bottom up? > > > > ip link show > > will show you the interfaces recognized by the kernel. If this > > works, it might show you an eth0, an en0, or something like a > > enp22s0 device. Let's call it "SAM". > > Thanks for your reply. > > enp2s0: mtu 1500 qdisc pfifo_fast state > DOWN mode DEFAULT group default qlen 1000 > > and make sure the cable is plugged in. > > :) Ah, you laugh, but: the NO-CARRIER...UP... state DOWN means that the kernel recognizes the device and there's a cable issue. Go trace the cable, replug in both ends, and if that doesn't work, replace the cable. If the far end has a free port, try swapping to a different port - this one might be toasted. -dsr-
Re: No networking after resume from suspend
On Vi, 23 apr 21, 10:46:21, Richmond wrote:
> Dan Ritter writes:
> >
> > If any part of SAM reads "down", do this:
> >
> > sudo ip link set up SAM
>
> ip link set up enp2s0
>
> No output here but the link is still down.
This suggests to me the problem is at a lower level, i.e. the kernel
module (driver).
Try unloading / re-loading it ('modprobe -r' and 'modprobe').
You should be able to find the module in use with 'lspci -k', possibly
with '-nn' as well to help identify the correct device[1], or by
examining the kernel log (dmesg).
[1] can't test this as the hardware in use here doesn't have PCI buses.
Kind regards,
Andrei
--
http://wiki.debian.org/FAQsFromDebianUser
signature.asc
Description: PGP signature
Re: No networking after resume from suspend
Dan Ritter writes: > Richmond wrote: >> When I resume from suspend there is no networking. I cannot find a way >> to restart it. I tried these various commands. >> >> systemctl restart network >> /etc/init.d/networking restart >> systemctl reset-failed >> systemctl restart networking.service >> systemctl restart network-online.target >> systemctl restart network-manager.service >> systemctl start network-manager.service >> systemctl stop network-manager.service >> >> lshw says: >> >> description: Ethernet interface >> product: 88E8071 PCI-E Gigabit Ethernet Controller >> vendor: Marvell Technology Group Ltd. > > Let's try from the bottom up? > > ip link show > will show you the interfaces recognized by the kernel. If this > works, it might show you an eth0, an en0, or something like a > enp22s0 device. Let's call it "SAM". Thanks for your reply. enp2s0: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000 I omited the second line which contained what looks like a mac address. > > If any part of SAM reads "down", do this: > > sudo ip link set up SAM ip link set up enp2s0 No output here but the link is still down. > > and make sure the cable is plugged in. :) > > Now let's set an address. > > ip addr show SAM > that might show you an IPv4 address. If not, or if you don't > think it looks right for your network, you can set one by > hand: No address here, it repeats that the link is down. > > sudo ip addr set 192.168.0.43/24 dev SAM > > or you can ask DHCP for one: > > sudo dhclient SAM > This paused for a long time but didn't set an address. So I will try to set one manually as above... It didn't like 'set', so I used 'add' The address it is supposed to be is 192.168.1.43, you came close to guessing it! ip addr add 192.168.1.43/24 dev enp2s0 This produced a message in the GUI saying a connection was established to enp2s0 but the link is still down. > Finally, try pinging your gateway router. > > Let us know how far you get with this, and exactly what the > error messages are. > ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. >From 192.168.1.43 icmp_seq=1 Destination Host Unreachable ... etc I tried this before the other commands too, and got this: ping 192.168.1.1 connect: Network is unreachable
Re: No networking after resume from suspend
Thanks for your reply. Cindy Sue Causey writes: > Questions where answers might help come to mind. Primarily, has this > always occurred, or did it just start up in the last couple days? It has occured since installing debian (10). Prior to that I was using opensuse. > > I'm on a new old secondhand laptop today. Just started using it > yesterday. It's doing similar, but I can trigger it back on via > "wicd-curses". A quick CTRL+R (refresh) for no particular reason and > then CTRL+C (connect), and I'm back up and running. I don't think I am using Wicked, if that is the equivalent of the opensuse Wicked. I think I am using network manager. There is nothing in /etc/network/interfaces.d/ I haven't messed around with things I just installed debian 10 with Mate and it mostly works.
Re: No networking after resume from suspend
On 4/22/21, Richmond wrote: > When I resume from suspend there is no networking. I cannot find a way > to restart it. I tried these various commands. > > systemctl restart network > /etc/init.d/networking restart > systemctl reset-failed > systemctl restart networking.service > systemctl restart network-online.target > systemctl restart network-manager.service > systemctl start network-manager.service > systemctl stop network-manager.service > > lshw says: > > description: Ethernet interface > product: 88E8071 PCI-E Gigabit Ethernet Controller > vendor: Marvell Technology Group Ltd. > > What can I do? Questions where answers might help come to mind. Primarily, has this always occurred, or did it just start up in the last couple days? I'm on a new old secondhand laptop today. Just started using it yesterday. It's doing similar, but I can trigger it back on via "wicd-curses". A quick CTRL+R (refresh) for no particular reason and then CTRL+C (connect), and I'm back up and running. WHEN it happens again, I'm going to try to remember to try your various commands to see if I receive similar results. I'm going to copy those right now so they're available offline when it's time. A PS to this is that a couple of us were having a reconnect problem a while back. Mine would just suddenly stop and then refuse to reconnect. Always took a reboot (and sometimes 2) before it would start working again. PPS What's your eth0 being called? Mine's a moving target depending on which (older) laptop I'm using. I've used 4 different names in the last two weeks. Two of those renames were the long version that Users also see for wireless dongles. That was appropriate because I was using two different ethernet to USB port adapters. Those long values are tied to the specific products we're using. The other two values now flip between "enp1s0" and "eno1". Those are both for internal (onboard) ports. So far, it appears to be that those stay specific to two different laptops. I like that eno1 one. I STILL can't confidently remember that other naming pattern every time it comes up. Those values are entered under Preferences in the wicd-curses interface. I had a problem earlier today where it wouldn't connect back up. I had just learned that /etc/wicd/manager-settings.conf is relevant so I peeked at it. That value was wrong. It didn't refresh after I used the terminal interface. I changed it, and mine connected back up by itself as fast as that changed file was saved. Which brings me to ANOTHER observation through all of this. Sometimes sitting here counting to 10 or 15 seconds helps after clicking once to reconnect. That was an accidental find, a "patience pays" kind of deal. I'm presuming that Users having similar experiences may be doing the same thing I did. My old method was to keep repeatedly clicking a reconnect button every couple of seconds then finally close the program in frustration. These last few days, just sitting here staring at the screen while counting seconds gives it time to churn out a successful connection. Cindy :) -- Cindy-Sue Causey Talking Rock, Pickens County, Georgia, USA * runs with birdseed *
Re: No networking after resume from suspend
Richmond wrote: > When I resume from suspend there is no networking. I cannot find a way > to restart it. I tried these various commands. > > systemctl restart network > /etc/init.d/networking restart > systemctl reset-failed > systemctl restart networking.service > systemctl restart network-online.target > systemctl restart network-manager.service > systemctl start network-manager.service > systemctl stop network-manager.service > > lshw says: > > description: Ethernet interface > product: 88E8071 PCI-E Gigabit Ethernet Controller > vendor: Marvell Technology Group Ltd. Let's try from the bottom up? ip link show will show you the interfaces recognized by the kernel. If this works, it might show you an eth0, an en0, or something like a enp22s0 device. Let's call it "SAM". If any part of SAM reads "down", do this: sudo ip link set up SAM and make sure the cable is plugged in. Now let's set an address. ip addr show SAM that might show you an IPv4 address. If not, or if you don't think it looks right for your network, you can set one by hand: sudo ip addr set 192.168.0.43/24 dev SAM or you can ask DHCP for one: sudo dhclient SAM Finally, try pinging your gateway router. Let us know how far you get with this, and exactly what the error messages are. -dsr-
No networking after resume from suspend
From: Richmond
Newsgroups: linux.debian.user
Subject: No networking after resume from suspend
Date: Thu, 22 Apr 2021 22:34:07 +0100
Organization: Frantic
Message-ID: <84r1j2knqo@example.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
X-Draft-From: ("linux.debian.user")
X-No-Archive: No
Cancel-Lock: sha1:f+poUKVPx2E0cnaVpAmVy2aJg84=
--text follows this line--
When I resume from suspend there is no networking. I cannot find a way
to restart it. I tried these various commands.
systemctl restart network
/etc/init.d/networking restart
systemctl reset-failed
systemctl restart networking.service
systemctl restart network-online.target
systemctl restart network-manager.service
systemctl start network-manager.service
systemctl stop network-manager.service
lshw says:
description: Ethernet interface
product: 88E8071 PCI-E Gigabit Ethernet Controller
vendor: Marvell Technology Group Ltd.
What can I do?
help with bug report for boot delay in networking
Hi, occasionally I experience a hang in booting during the network setup. The boot screen shows a timeout of 5min 7sec going to 6min 37sec after the former expired. Then the system starts normally and the networks work, including openvpn and barracudavpn (when in use). I didn't file a report with reportbug, since I believe it has to do with the interaction of packages and not a single package. As far as I remember, the behavior appeared when I installed openvpn. With it came the WiFi package and the first use of the Network-Manager-Applet. My normal network connection is cable based to a LAN and routed out via a DSL modem to the internet. It is configured manually via /etc/network/interfaces. Since my tower machine has no WiFi, I suspect that the WiFi package(s) look for one, for six and a half minutes and then gives up. Apart from this behavior I wonder, why WiFi packages would be in a dependency list of the openvpn package. I can't tell with certainty now, since I don't have detailed records, but the hang does not occur every boot, and may have some relation to hardware initialization, as it may be rarer or not happen, when I reboot into Debian from Windows 7. Sometimes the machine hangs in networking for about 2 minutes in shutdown too, again showing a timeout and counting seconds. My system runs Debian 10.5 now but the behavior is much older. If you tell me how, I can send you when I installed what. Kind Regards, Armin Faltl
Re: systemd-nspawn networking inside VirtualBox VM
On Wed, Jul 08, 2020 at 07:20:18AM +0200, Alexandre Rossi wrote: > Hi, > > > > since I am not well educated about macvlan, ipvlan, I could not get the > > > networking working at all. I would like to avoid using > > > "systemd-networkd/systemd-resolvd" especially on the Buster host - using > > > those > > > it seems should make everything work automagically. > > > > If you realy want to do the networking yourself, you will need to create > > the bridge based on the examples found in '/lib/systemd/network'. > > I've had success declaring a bridge in /etc/network/interfaces: > > iface br0 inet dhcp > bridge_ports eth0 # this is your VM Ethernet > > and launching my containers with: > > $ cat /etc/systemd/nspawn/container.nspawn > [Exec] > Boot=yes > > [Network] > Bridge=br0 > $ sudo machinectl start container I tried this as well. Looks like some specific problem for my setup. > > Alex > I have decided not to pursue this anymore, I need to get things done so will put this off till I have proper resources and time. Thanks for all the help to everyone. Kind regards, Didar -- Put your brain in gear before starting your mouth in motion.
Re: systemd-nspawn networking inside VirtualBox VM
On Tue, Jul 07, 2020 at 06:05:14PM +0200, john doe wrote: > On 7/7/2020 3:13 PM, Didar Hossain wrote: > > Hi, > > > > TL;DR > > How to get systemd-nspawn containers networking so that they can talk to > > each > > other, the host and the internet inside a Buster VM? VirtualBox on Windows > > 10 > > which has internet connectivity via a wireless interface. > > > > > > > > I am running a Buster VM with hand picked minimal packages, networking is > > configured simply using interfaces(5) file with DHCP. I have configured a > > "NatNetwork" on VirtualBox which allows the VMs to connect to each other > > and the > > internet. I was wondering if I can do similar thing with containers inside > > the > > buster VM. > > > > I used `debbootstrap' to have a template directory of buster under > > "/opt/templates/buster". I then simply copy the directory tree over to > > "/var/lib/machines". I tried a few networking options of `systemd-nspawn', > > but > > since I am not well educated about macvlan, ipvlan, I could not get the > > networking working at all. I would like to avoid using > > "systemd-networkd/systemd-resolvd" especially on the Buster host - using > > those > > it seems should make everything work automagically. > > > > If it works then I will be able to test my Dovecot/Exim setup easily in such > > throwaway containers. I currently do testing using VMs. > > > > Does anyone have experience in having this kind of scenario working? > > > > For testing purposes, I use in a Buster VM systemd-container. > That is if your VM has internet access the containers will also get > internet access . > > For sake of simplicity, I would strongly suggest you to use in the VM > systemd-networkd to get the networking working between the containers > and the VM. I finally gave in and tried things with systemd-networkd - it worked. It seems the trick is mostly the way routing is setup, "ip route" shows multiple line output which is difficult to understant unless you know how to work iproute2 advanced routing. > $ debootstrap --include=systemd-container > > You need the above debootstrap pkg for systemd-networkd to work in the > container. > > Then in the VM and in eatch container, simply enable systemd-networkd. > > > If you realy want to do the networking yourself, you will need to create > the bridge based on the examples found in '/lib/systemd/network'. > > -- > John Doe > -- Don't forget to support the ERA apersonment.
Re: systemd-nspawn networking inside VirtualBox VM
Hi, > > since I am not well educated about macvlan, ipvlan, I could not get the > > networking working at all. I would like to avoid using > > "systemd-networkd/systemd-resolvd" especially on the Buster host - using > > those > > it seems should make everything work automagically. > > If you realy want to do the networking yourself, you will need to create > the bridge based on the examples found in '/lib/systemd/network'. I've had success declaring a bridge in /etc/network/interfaces: iface br0 inet dhcp bridge_ports eth0 # this is your VM Ethernet and launching my containers with: $ cat /etc/systemd/nspawn/container.nspawn [Exec] Boot=yes [Network] Bridge=br0 $ sudo machinectl start container Alex
Re: systemd-nspawn networking inside VirtualBox VM
On 7/7/2020 3:13 PM, Didar Hossain wrote: Hi, TL;DR How to get systemd-nspawn containers networking so that they can talk to each other, the host and the internet inside a Buster VM? VirtualBox on Windows 10 which has internet connectivity via a wireless interface. I am running a Buster VM with hand picked minimal packages, networking is configured simply using interfaces(5) file with DHCP. I have configured a "NatNetwork" on VirtualBox which allows the VMs to connect to each other and the internet. I was wondering if I can do similar thing with containers inside the buster VM. I used `debbootstrap' to have a template directory of buster under "/opt/templates/buster". I then simply copy the directory tree over to "/var/lib/machines". I tried a few networking options of `systemd-nspawn', but since I am not well educated about macvlan, ipvlan, I could not get the networking working at all. I would like to avoid using "systemd-networkd/systemd-resolvd" especially on the Buster host - using those it seems should make everything work automagically. If it works then I will be able to test my Dovecot/Exim setup easily in such throwaway containers. I currently do testing using VMs. Does anyone have experience in having this kind of scenario working? For testing purposes, I use in a Buster VM systemd-container. That is if your VM has internet access the containers will also get internet access . For sake of simplicity, I would strongly suggest you to use in the VM systemd-networkd to get the networking working between the containers and the VM. $ debootstrap --include=systemd-container You need the above debootstrap pkg for systemd-networkd to work in the container. Then in the VM and in eatch container, simply enable systemd-networkd. If you realy want to do the networking yourself, you will need to create the bridge based on the examples found in '/lib/systemd/network'. -- John Doe
systemd-nspawn networking inside VirtualBox VM
Hi, TL;DR How to get systemd-nspawn containers networking so that they can talk to each other, the host and the internet inside a Buster VM? VirtualBox on Windows 10 which has internet connectivity via a wireless interface. I am running a Buster VM with hand picked minimal packages, networking is configured simply using interfaces(5) file with DHCP. I have configured a "NatNetwork" on VirtualBox which allows the VMs to connect to each other and the internet. I was wondering if I can do similar thing with containers inside the buster VM. I used `debbootstrap' to have a template directory of buster under "/opt/templates/buster". I then simply copy the directory tree over to "/var/lib/machines". I tried a few networking options of `systemd-nspawn', but since I am not well educated about macvlan, ipvlan, I could not get the networking working at all. I would like to avoid using "systemd-networkd/systemd-resolvd" especially on the Buster host - using those it seems should make everything work automagically. If it works then I will be able to test my Dovecot/Exim setup easily in such throwaway containers. I currently do testing using VMs. Does anyone have experience in having this kind of scenario working? Regards, Didar -- Baby On Board.
Re: How to make networking dependent on firewall configuration?
On Lu, 13 mai 19, 15:31:45, Martin T wrote: > Hi Reco! > > Thanks for reply! I changed from > /lib/systemd/system/networking.service.d/networking.service.conf to > /etc/systemd/system/networking.service.d/networking.service.conf. It might be easier to do systemctl edit . Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser signature.asc Description: PGP signature
Re: LXC, networking and firewalling
Hi. On Thu, May 16, 2019 at 01:28:41PM +1200, Richard Hector wrote: > Hi all, > What I think doesn't work so well is attempting to filter traffic either > between containers, "modproble br_netfilter", then it'll be the same netfilter rules. > or between a container and the host. Should work with the minimal hassle. A couple of rules in the FORWARD chain, and that MASQUERADE rule if you need it. > Also, ISTR people saying iptables shouldn't be used on a bridge at all. People also say that one should not use iptables at all, because nft. So what? > So before I set up my next VPS (and possibly reconfigure my older > one(s)), is there a better way I should be considering? It depends. If you need unconditional "container-container" and "host-container" traffic isolation, you'd probably better use macvlan in private mode. If you need something non-trivial - you'd probably better use openvswitch. > Do I need to use ebtables on the bridge? It'll work if you can stomach it. ebtables' is very limited compared to the iptables. > Will that work between containers? Yep. > Would I be better off using multiple bridges? Why? It'll complicate your setup for the marginal gain. > As an aside, if I get access to VLANs from my provider (I don't think > I've ever (successfully) configured VLANs on Linux before), I assume I > can include a VLAN in each bridge, and I guess leave the default one out? You can bridge a tagged network interface with a non-tagged one, it'll work. You can make a bridge on top of non-tagged interfaces, and VLANs on top of it. It all really depends on what you're trying to achieve with 802.1q. Reco
LXC, networking and firewalling
Hi all, I have a couple of VPSes (Xen and KVM based), in which I run LXC containers. Currently I have a bridge device set up on the host (not bridged to the external network), and iptables to do firewalling and NAT as required. Here's my bridge setup, if that helps: ---8< auto br0 iface br0 inet static bridge_ports none bridge_fd 0 bridge_maxwait 0 address 192.168.123.1 netmask 255.255.255.0 iface br0 inet6 static address fd49:5bcf:0bed:5d9c::1/64 ---8< What I think doesn't work so well is attempting to filter traffic either between containers, or between a container and the host. Also, ISTR people saying iptables shouldn't be used on a bridge at all. So before I set up my next VPS (and possibly reconfigure my older one(s)), is there a better way I should be considering? Do I need to use ebtables on the bridge? Will that work between containers? Would I be better off using multiple bridges? As an aside, if I get access to VLANs from my provider (I don't think I've ever (successfully) configured VLANs on Linux before), I assume I can include a VLAN in each bridge, and I guess leave the default one out? Thanks, Richard signature.asc Description: OpenPGP digital signature
Re: How to make networking dependent on firewall configuration?
Hi Reco! Thanks for reply! I changed from /lib/systemd/system/networking.service.d/networking.service.conf to /etc/systemd/system/networking.service.d/networking.service.conf. > One can specify hostnames in netfilter rules. Trying to load such rules > without a working resolver can lead to weird results. Yes, I thought about this. However, I use strictly IP addresses or prefixes in my firewall rules. Martin
Re: How to make networking dependent on firewall configuration?
Hi. On Mon, May 13, 2019 at 02:53:46PM +0300, Martin T wrote: > Hi, > > I have a /lib/systemd/system/networking.service.d/networking.service.conf > configuration file which specifies, that my custom iptables.service is > a requirement for networking.service: > > # systemctl show networking -p Requires > Requires=system.slice iptables.service > # > > Is there a better or more correct way to do this? Yes. Instead of creating this file: /lib/systemd/system/networking.service.d/networking.service.conf make this one: /etc/systemd/system/networking.service.d/networking.service.conf > Are there any general disadvantages of such approach? One can specify hostnames in netfilter rules. Trying to load such rules without a working resolver can lead to weird results. Any mistake in netfilter rules (iptables.service failing) can prevent network interfaces from configuring (networking.service). Reco
How to make networking dependent on firewall configuration?
Hi, I have a /lib/systemd/system/networking.service.d/networking.service.conf configuration file which specifies, that my custom iptables.service is a requirement for networking.service: # systemctl show networking -p Requires Requires=system.slice iptables.service # Is there a better or more correct way to do this? Are there any general disadvantages of such approach? thanks, Martin
Re: How to Restart Networking in stretch
On Thu, Feb 14, 2019 at 1:42 PM Pascal Hambourg wrote: > Le 13/02/2019 à 21:25, Greg Wooledge a écrit : > > > > There are, unfortunately, at least three competing ways to configure > > network interfaces in Debian: > > Why would it be unfortunate to have choice ? There is no "one size fits > all", so anyone can select the best method for their needs. > > I don't believe the "unfortunate" applies to having choice; it applies to the confusion engendered by having choice, particularly choice that is not documented all in one place in an easily-comprehensible format. This thread alone has probably gone a good way toward undoing that "unfortunate" part by placing all this information in one place. -- Kent West<")))>< Westing Peacefully - http://kentwest.blogspot.com
Re: How to Restart Networking in stretch
On Thu 14 Feb 2019 at 20:41:55 +0100, Pascal Hambourg wrote: > Le 13/02/2019 à 21:25, Greg Wooledge a écrit : > > > > There are, unfortunately, at least three competing ways to configure > > network interfaces in Debian: > > Why would it be unfortunate to have choice ? There is no "one size fits > all", so anyone can select the best method for their needs. > > > /etc/network/interfaces, NetworkManager, and systemd-networkd. > > At least two more : Wicd and dhcpcd (which is not just another DHCP client > daemon despite its name). Some desktop environment such as LXDE install Wicd > and IIRC Raspbian, a Debian derivative for the Raspberry Pi, uses dhcpcd. As an ifupdown person myself, I'll also mention connman. Nobody would be unhappy using it. -- Brian.
Re: How to Restart Networking in stretch
Le 13/02/2019 à 21:25, Greg Wooledge a écrit : There are, unfortunately, at least three competing ways to configure network interfaces in Debian: Why would it be unfortunate to have choice ? There is no "one size fits all", so anyone can select the best method for their needs. /etc/network/interfaces, NetworkManager, and systemd-networkd. At least two more : Wicd and dhcpcd (which is not just another DHCP client daemon despite its name). Some desktop environment such as LXDE install Wicd and IIRC Raspbian, a Debian derivative for the Raspberry Pi, uses dhcpcd.
Re: How to Restart Networking in stretch
On Wed, Feb 13, 2019 at 2:25 PM Greg Wooledge wrote: > On Wed, Feb 13, 2019 at 02:13:52PM -0600, Kent West wrote: > > But, that leaves my second question unanswered: > > > > 2) What is the canonical current method in 2019 to [semi-]manually > > configure networking in stretch? And is it documented anywhere? (My two > > days of searching leads me to think "no". Or my google-fu really sucks.) > > > > I *thought* "/etc/network/interfaces" was being phased out (perhaps as > part > > of systemd or Network-Manager?). Then the web provides this answer then > > that answer - "service...", "systemctl...", "ip...", "ifup...", "if > up...", > > and I'm confident some of these are deprecated or not preferred or apply > in > > Case X but not Case Y, etc. With "The Handbook" being out of date, is > there > > a definitive explanation/guide out there? > > It's not being phased out, at least to my knowledge. > > There are, unfortunately, at least three competing ways to configure > network interfaces in Debian: /etc/network/interfaces, NetworkManager, > and systemd-networkd. > > I know nothing about systemd-networkd, except that it is disabled by > default, so I won't discuss that. Someone else may feel free to talk > about it. > > The other two are able to work in tandem. Any interface definition > in the /etc/network/interfaces file is authoritative and exclusive. > NetworkManager will not touch that interface. > > If NetworkManager isn't installed, then other interfaces not mentioned > in /e/n/i will simply be left unconfigured. If NM is installed, then > it will take control of any interfaces not configured by /e/n/i. > > NM is not installed by default with just the "Standard" task, but it > *is* installed as a dependency of some, or perhaps all, of the desktop > environment tasks. > > As far as I know, this is not new behavior; Debian has worked this way > for at least a few releases. You may think the handbook is "out of date", > and perhaps it is for some things, but not for this one. > > Thank you! That's a pretty good explanation. Had your explanation been in the Handbook (unless I just missed it), I wouldn't have been so ready to call a version 8 handbook "out of date" for a version 9.7 product. -- Kent West<")))>< Westing Peacefully - http://kentwest.blogspot.com
Re: How to Restart Networking in stretch
On Wed, Feb 13, 2019 at 12:08 PM David Wright wrote: > On Tue 12 Feb 2019 at 22:49:13 (-0600), Kent West wrote: > > stretch, 9.7 > > > > I've duckduckgo'd for two days, but there seems to be no definitive > answer > > as to how networking is supposed to be configured in stretch. debian.org > 's > > link to "The Debian Administrator's Handbook" is for version 8, and talks > > about deprecated tools like ifup/down, which aren't even installed by > > default on stretch. > > Perhaps they spell deprecate differently, but I can only find one > occurrence of the word, on page 224, referring to SSL. > > I can only find three references to ifupdown (pp. 150, 383, 396), > none making any judgment on its use. > No, "The [out-of-date] Handbook" doesn't say that. But places like https://linuxconfig.org/how-to-install-missing-ifconfig-command-on-debian-linux say: > > The ifconfig command has been deprecated and thus missing by default on > Debian Linux, starting from Debian stretch > As Greg Wooledge points out, I had confused "ifconfig" with "ifupdown". > It's interesting that many people seem to think that networking > behaves like a daemon, where you can just change the configuration > file and then signal the daemon to reread the new file. > Probably because many people, including myself, don't know how networking works. > btw, NetworkManager (network-manager) is not installed. > > Same here. I think the installer gives you that when you install > a Desktop Environment. > > That's kind of my thinking also. It is my understanding that NetworkManager doesn't try to manage interfaces that are configured in /etc/network/interfaces. I think I kind of took that to mean that "interfaces" was deprecated, just as the init-script system is usable with systemd although deprecated. Following that [wrong?] thinking, I'd think that the "canonical" tools for network configuration would be NetworkManagerDE (NM) everywhere, but I think I'm learning that it's ifupdown if you're not running X/, NM otherwise. > So, two questions: > > > > 1) Why can't I restore my networking after I stop it? How do I restore > > networking? > > See above (when it works for you). > > Thanks! Greg helped me past this part. > 2) What is the canonical current method in 2019 to [semi-]manually > > configure networking in stretch? And is it documented anywhere? (My two > > days of searching leads me to think "no". Or my google-fu really sucks.) > > I don't think you can have a "canonical" method because it depends on > what sort of system you're installing. > > For a server, you probably want nothing more than the ifupdown that > the d-i installs by default. Most people running a DE will likely take > what's given to them; isn't that the point of a DE: why fight it. > In between are people like me who prefer the lightest tools where > possible, and so I use wicd (-curses) as a matter of course. It works > well on the road where it's essential, but it also can be useful at > home when I move machines around (altering whether they're wired > or wireless'd). > Which, as pointed out above, is kind of the conclusion I'm coming to. I was just hoping there was some documentation that explains this, instead of the learner having to piece a correct piece of info from a 7-year old post with an incorrect piece from a 11-year old post except if Condition A exists, but not on Thursdays. > Cheers, > David. > > Thanks! It's a complex thing, and every little bit helps. -- Kent West<")))>< Westing Peacefully - http://kentwest.blogspot.com
Re: How to Restart Networking in stretch
On Wed, Feb 13, 2019 at 02:13:52PM -0600, Kent West wrote: > But, that leaves my second question unanswered: > > 2) What is the canonical current method in 2019 to [semi-]manually > configure networking in stretch? And is it documented anywhere? (My two > days of searching leads me to think "no". Or my google-fu really sucks.) > > I *thought* "/etc/network/interfaces" was being phased out (perhaps as part > of systemd or Network-Manager?). Then the web provides this answer then > that answer - "service...", "systemctl...", "ip...", "ifup...", "if up...", > and I'm confident some of these are deprecated or not preferred or apply in > Case X but not Case Y, etc. With "The Handbook" being out of date, is there > a definitive explanation/guide out there? It's not being phased out, at least to my knowledge. There are, unfortunately, at least three competing ways to configure network interfaces in Debian: /etc/network/interfaces, NetworkManager, and systemd-networkd. I know nothing about systemd-networkd, except that it is disabled by default, so I won't discuss that. Someone else may feel free to talk about it. The other two are able to work in tandem. Any interface definition in the /etc/network/interfaces file is authoritative and exclusive. NetworkManager will not touch that interface. If NetworkManager isn't installed, then other interfaces not mentioned in /e/n/i will simply be left unconfigured. If NM is installed, then it will take control of any interfaces not configured by /e/n/i. NM is not installed by default with just the "Standard" task, but it *is* installed as a dependency of some, or perhaps all, of the desktop environment tasks. As far as I know, this is not new behavior; Debian has worked this way for at least a few releases. You may think the handbook is "out of date", and perhaps it is for some things, but not for this one.
Re: How to Restart Networking in stretch
On Wed, Feb 13, 2019 at 8:10 AM Greg Wooledge wrote:
> On Tue, Feb 12, 2019 at 10:49:13PM -0600, Kent West wrote:
> > "The Debian Administrator's Handbook" is for version 8, and talks
> > about deprecated tools like ifup/down, which aren't even installed by
> > default on stretch.
>
> The ifupdown package has priority "important" and, as far as I know, it
> is installed by default.
>
> You might be confusing it with "ifconfig", which is in the net-tools
> package, which is *not* installed by default in stretch (a departure from
> previous releases).
>
"ifupdown" is indeed installed:
root@server-1:~# apt list ifupdown
Listing... Done
ifupdown/stable,now 0.8.19 amd64 [installed]
So you're right; I must've been confusing that package with "ifconfig".
> > But in trying to convert to a static address (by editing
> > /etc/network/interfaces), and then try to restart the network ("ip link
> set
> > dev enp0s3 down", then "...up")
>
> OK, let's back up a second.
>
> What was in the /etc/network/interfaces file *before* you edited it? Was
> it configured for DHCP? If so, you should bring the interface down
> *before*
> you edit the file, so that ifdown knows there is a DHCP client daemon
> running associated with this interface, that it should kill.
>
If you're currently configured for DHCP, and you edit the file before
> bringing down the interface, the DHCP client daemon will continue running
> (ifdown doesn't know about it, because you changed the file that would
> have told it). Which means you would have to kill the DHCP client daemon
> yourself, either manually, or by rebooting.
>
I think this must've been my problem; I must've edited the interfaces file
before downing the interface, which confused the system. It works as
expected when I do it in the sequence you present below:
> So, the proper sequence is:
>
> 1) ifdown interfacename
> 2) edit /etc/network/interfaces
> 3) ifup interfacename
>
> What's in the /etc/network/interfaces file now?
>
roo@server-1:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug enp0s31f6
iface enp0s31f6 inet dhcp
But, as mentioned, if I "ifdown enp0s3", then make the above change, then
"ifup enpos3", I have working network. So this method you provide works;
thanks! (The other troubleshooting questions you asked, I'm bypassing, as
the basic problem has been solved.)
But, that leaves my second question unanswered:
2) What is the canonical current method in 2019 to [semi-]manually
configure networking in stretch? And is it documented anywhere? (My two
days of searching leads me to think "no". Or my google-fu really sucks.)
I *thought* "/etc/network/interfaces" was being phased out (perhaps as part
of systemd or Network-Manager?). Then the web provides this answer then
that answer - "service...", "systemctl...", "ip...", "ifup...", "if up...",
and I'm confident some of these are deprecated or not preferred or apply in
Case X but not Case Y, etc. With "The Handbook" being out of date, is there
a definitive explanation/guide out there?
Again, thanks for getting me beyond my snag!
--
Kent West<")))><
Westing Peacefully - http://kentwest.blogspot.com
