confessions of a FreeBSD purist
Dear FreeBSD community, It has been wonderful being a full-fledged member of this community, an administrator running FreeBSD on bare hardware (in his basement) for years. This is the coolest, hippiest, historically pure, and most technically advanced UNIX community on the planet (I'm one of the more long in the tooth members.) I used Dummynet about four years ago to replay bad Internet weather and prove my hypothesis of what servers caused failure in a multi-tier, forex trading system failure. This week I reformatted the last two machines in my basement running FreeBSD. I feel really guilty. I installed Ubuntu (10.04) because its GUI is great, its very well supported, and I had a heck of a time keeping my FreeBSD jails configured and stable, and I'd stopped running a web site for a while now. I installed 10.04 instead of 12.04 because on another machine I had attempted to upgrade to 12.04 LTS while running the dual boot configuration, and it trashed my MBR (a known defect.) You have been warned, etc. It also has that radically different GUI, and really annoying, an entirely different directory tree on the disk. FreeBSD contributors would never tamper so much with something that worked so well. However, I do need to run a web site again, and I am more than convinced on the superior performance, and hardening possible with FreeBSD bind, and Apache running in jails. However, I'd like to run FreeBSD in a VMWare or VirtualBox VMs. This gives me the ability to take snapshots to recover easily when I break something. Computing resources are like candy these days. My fast box has 4 screaming fast processors with 8 GB of RAM, and that is a three year old machine. There is no reason FreeBSD cannot run with adequate performance in a VM and run bind, and perhaps on another physical box, have a FreeBSD VM running Apache, both in jails. I know others are doing it. Could anyone be kind enough to recommend a free, or share their own FreeBSD VM image that has bind pre-configured in a jail, and / or an Apache web server pre-configured in a jail, for a non-commercial site? With this configuration I can revert after breaking something as an over-eager, semi-qualified system administrator. Cheers, Matthew (in Toronto) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: confessions of a FreeBSD purist
On 12-11-17 09:07 AM, andrew clarke wrote: On Sat 2012-11-17 01:28:02 UTC-0500, Matthew Pope (mp...@teksavvy.com) wrote: Could anyone be kind enough to recommend a free, or share their own FreeBSD VM image that has bind pre-configured in a jail, and / or an Apache web server pre-configured in a jail, for a non-commercial site? I'd be very hesitant to use a VM image provided by an untrusted third party. Is there a reason you don't want to build your own? Andrew, avoiding effort is the only reason. Setting up Apache and bind in jails on FreeBSD was not that easy the last time I tried it a few years ago, perhaps the User Manual has been clarified. I am casting a line to see if there is a 'reasonably trusted' source of FreeBSD VMs, with jails configured, free for non-commercial use. As for personal VMs, I would not trust just anyone's VM I would do some due diligence. I appreciate the risks of running un-trusted code on processors. Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
problems after rebuild of 5.5 stable
Hello, I have a bit of grey hair, but I've been blessed with working with FreeBSD gurus so much that I am struggling to run my own domain and webserver. That is I have have been co-dependant upon FreeBSD gurus in the past, so I was lazy. I'm now on my own and finding that administering a UNIX system based domain and webserver is rewarding, but requires a lot of technical knowledge. The root of my problem was my 5.4 based system was running out of sockets due to a close early problem, and a problem description I read in the mailing lists did describe something very close, for which the discoverer of the problem provided a patch. Rather than patch, I thought it that since it's been a year, it was time to rebuild the kernel with the latest STABLE release. So I did the rebuild as instructed in the FreeBSD Handbook. Now I'm up to 5-5 STABLE using a default kernel Generic i386 version. The mergemaster step following the rebuild and reboot took me for a ride. Rather I rode free and easy not quite sure what I was doing. I was not sure exactly which file to go with, and I tended to choose t for temp file for many of the prompts. Now my 5.5 kernel boots, but there are a number of messages of the form: source_rc_confs: not found $ipnat_enable is not set properly - see rc.conf(5) $ipfs_enable is not set properly - see rc.conf(5) etc My rc.conf includes: routed_enable="YES" router="/sbin/routed" defaultrouter="10.1.1.1" I later read in the mailing list that someone had a simliar problem and solved it by re-running the mergemaster step. I tried that too, and this time I selected answer to all the prompts about conflicts. I rebooted, but I still cannot even ping my gateway, as I'm getting "no route to host". I tried starting routed manually, but still no routes were discovered. I also tried inserting a subroutine into rc.subr that called source_rc_confs that did source the rc.confs, and it is called during boot I see from /var/messages. But alas this is a desperate measure, there must be something I can do to fix this problem without meddling in rc.subr. So my routing is down, which means my dns is down, and most definetely my httpd is down. Any help in debugging, resolving this poorly executed upgrade would be very welcome. Thanks, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: problems after rebuild of 5.5 stable
Added to my original problem description the full list of WARNING messages from boot: BTW, my FreeBSD 5.5 is running on a Pentium 4/2.4 GHz, 512 M RAM, Asus mother board, oodles of disk Matthew Pope wrote: Hello, I have a bit of grey hair, but I've been blessed with working with FreeBSD gurus so much that I am struggling to run my own domain and webserver. That is I have have been co-dependant upon FreeBSD gurus in the past, so I was lazy. I'm now on my own and finding that administering a UNIX system based domain and webserver is rewarding, but requires a lot of technical knowledge. The root of my problem was my 5.4 based system was running out of sockets due to a close early problem, and a problem description I read in the mailing lists did describe something very close, for which the discoverer of the problem provided a patch. Rather than patch, I thought it that since it's been a year, it was time to rebuild the kernel with the latest STABLE release. So I did the rebuild as instructed in the FreeBSD Handbook. Now I'm up to 5-5 STABLE using a default kernel Generic i386 version. The mergemaster step following the rebuild and reboot took me for a ride. Rather I rode free and easy not quite sure what I was doing. I was not sure exactly which file to go with, and I tended to choose t for temp file for many of the prompts. Now my 5.5 kernel boots, but there are a number of messages of the form: source_rc_confs: not found $ipnat_enable is not set properly - see rc.conf(5) $ipfs_enable is not set properly - see rc.conf(5) same message as above but with these additional var names: $harvest_ethernet $harvest_p_to_p $start_vinum $background_fsck $ip6addrctl_enable $atm_enable $ipv6_firewall_enable $ipv6_enable $svr4_enable $sysvipc_enable $mroutedbd_enable $ipv6_router_enable $mrouted_enable $router_enable $syslogd_enable $nfs_server_enable $rpc_statd_enable $rpc_lockd_enable $pflog_enable $pf_enable $pppoed_enable $virecover_enable $rpcbind_enable $nis_ypxfrd_enable $nis_server_enable $rpc_ypupdated_enable $nis_client_enable $nis_ypset_enable $nis_yppasswdd_enable $accounting_enable $pflog_enable $cron_enable $jail_enable $inetd_enable $cron_dst $kadmind5_server_enable $keyserv_enable $kpasswdd_server_enable $ldconfig_insecure $enable_quotas $mountd_enable $watchdogd_enable $ugidfw_enable $timed_enable $bootparamd_enable $hcsecd_enable $lpd_enable # etc My rc.conf includes: routed_enable="YES" router="/sbin/routed" defaultrouter="10.1.1.1" I later read in the mailing list that someone had a simliar problem and solved it by re-running the mergemaster step. I tried that too, and this time I selected answer to all the prompts about conflicts. I rebooted, but I still cannot even ping my gateway, as I'm getting "no route to host". I tried starting routed manually, but still no routes were discovered. I also tried inserting a subroutine into rc.subr that called source_rc_confs that did source the rc.confs, and it is called during boot I see from /var/messages. But alas this is a desperate measure, there must be something I can do to fix this problem without meddling in rc.subr. So my routing is down, which means my dns is down, and most definetely my httpd is down. Any help in debugging, resolving this poorly executed upgrade would be very welcome. Thanks, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: problems after rebuild of 5.5 stable
Matthew Pope wrote: Lowell Gilbert wrote: Matthew Pope <[EMAIL PROTECTED]> writes: [...] for temp file for many of the prompts. Now my 5.5 kernel boots, but there are a number of messages of the form: source_rc_confs: not found $ipnat_enable is not set properly - see rc.conf(5) $ipfs_enable is not set properly - see rc.conf(5) etc [...] I later read in the mailing list that someone had a simliar problem and solved it by re-running the mergemaster step. I tried that too, and this time I selected answer to all the prompts about conflicts. The default operation in mergemaster is to do nothing, so if you're going to choose the default the whole way, you might as well skip running mergemaster at all. Yes, well put. That clarified I was in fact consuming resources in a less than optimal way :-) Go back through mergemaster, and actually pay attention to the changes. On files you haven't modified, you will be able to (i)nstall the new versions of those files, but otherwise you will need to (m)erge them. Ok, I tried that but my system is too far gone. Close to 100 environment vars are missing and if I jam them all into rc.conf it will be a mess, especially since I would be guessing at the appropriate values for the vars. My next step is to start from scratch (as Albi suggested.) Unfortuntely, even with ipfw set to open, I am still getting no route to host when I try and ping my gateway. It was always pingable in the past, and I've checked the cable into my new-ish switch and all seems fine, with green lights. The result of a route -n is in another virtual terminal and I can't copy and paste, but it lists the headers and then nothing for the details, i.e. no routes are in the routing table at all. OK pen and paper come to the rescue, here is the result of netstat -n on my misconfigured, 5.5 stable, upgraded system that can not seem to ping the gateway let alone do a cvsup: Active UNIX domain sockets AddressType Recv-Q Send-Q Inode Conn Refs NextRef Addr c20761a4 Stream 0 0 c207a000 0 0 0 /var/run/devd.pipe I tried trying ifup sis0 but I discovered ifup is no longer around. Thanks, Matthew Further suggestions welcome, and thanks for your help so far. Sincerely, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: problems after rebuild of 5.5 stable
Lowell Gilbert wrote: Matthew Pope <[EMAIL PROTECTED]> writes: [...] for temp file for many of the prompts. Now my 5.5 kernel boots, but there are a number of messages of the form: source_rc_confs: not found $ipnat_enable is not set properly - see rc.conf(5) $ipfs_enable is not set properly - see rc.conf(5) etc [...] I later read in the mailing list that someone had a simliar problem and solved it by re-running the mergemaster step. I tried that too, and this time I selected answer to all the prompts about conflicts. The default operation in mergemaster is to do nothing, so if you're going to choose the default the whole way, you might as well skip running mergemaster at all. Yes, well put. That clarified I was in fact consuming resources in a less than optimal way :-) Go back through mergemaster, and actually pay attention to the changes. On files you haven't modified, you will be able to (i)nstall the new versions of those files, but otherwise you will need to (m)erge them. Ok, I tried that but my system is to far gone. Close to 100 environment vars are missing and if I jam them all into rc.conf it will be a mess, especially since I would be guessing at the appropriate values for the vars. My next step is to start from scratch (as Albi suggested.) Unfortuntely, even with ipfw set to open, I am still getting no route to host when I try and ping my gateway. It was always pingable in the past, and I've checked the cable into my new-ish switch and all seems fine, with green lights. The result of a route -n is in another virtual terminal and I can't copy and paste, but it lists the headers and then nothing for the details, i.e. no routes are in the routing table at all. Further suggestions welcome, and thanks for your help so far. Sincerely, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: problems after rebuild of 5.5 stable
Matthew Pope wrote: Matthew Pope wrote: Lowell Gilbert wrote: Matthew Pope <[EMAIL PROTECTED]> writes: [...] for temp file for many of the prompts. Now my 5.5 kernel boots, but there are a number of messages of the form: source_rc_confs: not found $ipnat_enable is not set properly - see rc.conf(5) $ipfs_enable is not set properly - see rc.conf(5) etc [...] I later read in the mailing list that someone had a simliar problem and solved it by re-running the mergemaster step. I tried that too, and this time I selected answer to all the prompts about conflicts. The default operation in mergemaster is to do nothing, so if you're going to choose the default the whole way, you might as well skip running mergemaster at all. Yes, well put. That clarified I was in fact consuming resources in a less than optimal way :-) Go back through mergemaster, and actually pay attention to the changes. On files you haven't modified, you will be able to (i)nstall the new versions of those files, but otherwise you will need to (m)erge them. Ok, I tried that but my system is too far gone. Close to 100 environment vars are missing and if I jam them all into rc.conf it will be a mess, especially since I would be guessing at the appropriate values for the vars. My next step is to start from scratch (as Albi suggested.) Unfortuntely, even with ipfw set to open, I am still getting no route to host when I try and ping my gateway. It was always pingable in the past, and I've checked the cable into my new-ish switch and all seems fine, with green lights. The result of a route -n is in another virtual terminal and I can't copy and paste, but it lists the headers and then nothing for the details, i.e. no routes are in the routing table at all. OK pen and paper come to the rescue, here is the result of netstat -n on my misconfigured, 5.5 stable, upgraded system that can not seem to ping the gateway let alone do a cvsup: Active UNIX domain sockets AddressType Recv-Q Send-Q Inode Conn Refs NextRef Addr c20761a4 Stream 0 0 c207a000 0 0 0 /var/run/devd.pipe I tried trying ifup sis0 but I discovered ifup is no longer around. Thanks, Matthew OK found the problem using ifconfig. As a result of the botched rebuild, (my bad), my netword card was given an IP_V6 address but no IP_V4 address. I used # ifconfig sis0 add 10.1.1.99 This put me back in touch with the world on this server. Now I can cvsup to a production 'Release' version of FreeBSD, and rebuild all. Will tag=RELENG_6_1 for cvsup be the latest 'Release' then of FreeBSD, not stable, nor current, but Release? Thanks in advance, Matthew Further suggestions welcome, and thanks for your help so far. Sincerely, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Unable to get fetch expat-2.0.0._1 from selected media
Environment: FreeBSD 6.1 (p10) Release Asus motherboard on Intel P4 IDE drives Realtek network adaptor chipset (no problems so far with that) ATAPI CDROM/writer Behind firewall. (no problems so far with that) Hello, I'd like to add the xorg distribution set to my existing FreeBSD system recently upgraded to release 6.1. A) When I boot from the Hard disk and attempt to load the distribution from the CD-ROM (Disk 0 as requested), I get: "unable to get packages/INDEX file from selected media" B) When I boot from either the hard disk, or the CD-ROM, and try to source xorg from a FreeBSD FTP server, I get: "unable to fetch expat-2.0.0_1 from selected media" C) I've noted through trial and error that when booting from the Hard disk, I need to remove the "-p10" from the release name in the options screen or it will reject all FTP servers as not being able to source for my distribution. This is ephemeral and not related to my question, more a bug report actually. Any ideas on what I'm doing wrong, or a debug path would be helpful. Thanks, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Unable to get fetch expat-2.0.0._1 from selected media
Addendum (clarification) to my question: - When I boot from the Hard disk, and start /stand/sysinstall with FTP1 as the source (since CDROM as source doesn't work), when the Xorg packages are attempted to be added, the download from the FTP server completes but at the end a quick error messages flashes, and then in its place a message is emitted: "add of package expat-2.0.0_1 aborted, error code 1 - Please check the debug screen for more info." The same message is repeated for these libraries: perl-5.8.8 xorg-manpages-6.9.0 xorg-documents-6.9.0 xorg-fonts-encodings-6.9.0_1 Thanks, Matthew P.S. Where is the debug screen? Matthew Pope wrote: Environment: FreeBSD 6.1 (p10) Release Asus motherboard on Intel P4 IDE drives Realtek network adaptor chipset (no problems so far with that) ATAPI CDROM/writer Behind firewall. (no problems so far with that) Hello, I'd like to add the xorg distribution set to my existing FreeBSD system recently upgraded to release 6.1. A) When I boot from the Hard disk and attempt to load the distribution from the CD-ROM (Disk 0 as requested), I get: "unable to get packages/INDEX file from selected media" B) When I boot from either the hard disk, or the CD-ROM, and try to source xorg from a FreeBSD FTP server, I get: "unable to fetch expat-2.0.0_1 from selected media" C) I've noted through trial and error that when booting from the Hard disk, I need to remove the "-p10" from the release name in the options screen or it will reject all FTP servers as not being able to source for my distribution. This is ephemeral and not related to my question, more a bug report actually. Any ideas on what I'm doing wrong, or a debug path would be helpful. Thanks, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Unable to get fetch expat-2.0.0._1 from selected media
Lane wrote: On Saturday 28 October 2006 19:15, Matthew Pope wrote: Addendum (clarification) to my question: - When I boot from the Hard disk, and start /stand/sysinstall with FTP1 as the source (since CDROM as source doesn't work), when the Xorg packages are attempted to be added, the download from the FTP server completes but at the end a quick error messages flashes, and then in its place a message is emitted: "add of package expat-2.0.0_1 aborted, error code 1 - Please check the debug screen for more info." The same message is repeated for these libraries: perl-5.8.8 xorg-manpages-6.9.0 xorg-documents-6.9.0 xorg-fonts-encodings-6.9.0_1 Thanks, Matthew P.S. Where is the debug screen? Matthew Pope wrote: Environment: FreeBSD 6.1 (p10) Release Asus motherboard on Intel P4 IDE drives Realtek network adaptor chipset (no problems so far with that) ATAPI CDROM/writer Behind firewall. (no problems so far with that) Hello, I'd like to add the xorg distribution set to my existing FreeBSD system recently upgraded to release 6.1. A) When I boot from the Hard disk and attempt to load the distribution from the CD-ROM (Disk 0 as requested), I get: "unable to get packages/INDEX file from selected media" B) When I boot from either the hard disk, or the CD-ROM, and try to source xorg from a FreeBSD FTP server, I get: "unable to fetch expat-2.0.0_1 from selected media" C) I've noted through trial and error that when booting from the Hard disk, I need to remove the "-p10" from the release name in the options screen or it will reject all FTP servers as not being able to source for my distribution. This is ephemeral and not related to my question, more a bug report actually. Any ideas on what I'm doing wrong, or a debug path would be helpful. Thanks, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Matthew, I think you could probably shortcut some of this by doing: portinstall x11/xorg after logging in as root if you get: portinstall: Command not found then do this: cd /usr/ports/sysutils/portupgrade make all install rehash Then retry portinstall x11/xorg email me if that doesn't work for you lane ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Yes, that worked, thank you!! That's a heck of a lot easier thanks! Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
installing port etherape
Hello, The 'make install' on the etherape stopped, complaining about a missing function. The output is included below. My environment is FreeBSD 6.1 p10 on an Asus motherboard with a Pentium 4 processor. Given the warnings about a dependancy conflict, and my newbie lack of knowledge of using ports, I'm a bit perplexed on how to proceed. If anyone could suggest a strategy to get around this problem, I'd really appreciate it. Thanks, Matthew make install (from within etherape dir) .lots of output cc -O2 -fno-strict-aliasing -pipe -pthread -o .libs/bonobo-activation-server activation-server-corba-extensions.o activation-context-query.o activation-context-query-lexer.o activation-context-query-parser.o activation-context-corba.o object-directory-corba.o object-directory-load.o object-directory-activate.o object-directory-config-file.o activation-server-main.o -Wl,--export-dynamic -pthread -L/usr/local/lib ../bonobo/.libs/libbonobo-2.so /usr/ports/devel/libbonobo/work/libbonobo-2.16.0/bonobo-activation/.libs/libbonobo-activation.so ../bonobo-activation/.libs/libbonobo-activation.so /usr/local/lib/libgobject-2.0.so -lname-server-2 -lORBitCosNaming-2 -lORBit-2 /usr/local/lib/libgmodule-2.0.so /usr/local/lib/libgthread-2.0.so -pthread /usr/local/lib/libglib-2.0.so -lxml2 -lz -liconv -lm -lintl -Wl,--rpath -Wl,/usr/local/lib /usr/bin/ld: warning: libglib-2.0.so.400, needed by /usr/local/lib/libORBitCosNaming-2.so, may conflict with libglib-2.0.so.0 /usr/bin/ld: warning: libgmodule-2.0.so.400, needed by /usr/local/lib/libORBit-2.so, may conflict with libgmodule-2.0.so.0 /usr/bin/ld: warning: libgobject-2.0.so.400, needed by /usr/local/lib/libORBit-2.so, may conflict with libgobject-2.0.so.0 /usr/bin/ld: warning: libgthread-2.0.so.400, needed by /usr/local/lib/libORBit-2.so, may conflict with libgthread-2.0.so.0 /usr/bin/ld: warning: libm.so.3, needed by /usr/local/lib/libxml2.so, may conflict with libm.so.4 object-directory-corba.o(.text+0xa48): In function `client_cnx_broken': : undefined reference to `ORBit_sequence_remove' gmake[3]: *** [bonobo-activation-server] Error 1 gmake[3]: Leaving directory `/usr/ports/devel/libbonobo/work/libbonobo-2.16.0/activation-server' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/usr/ports/devel/libbonobo/work/libbonobo-2.16.0/activation-server' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/usr/ports/devel/libbonobo/work/libbonobo-2.16.0' gmake: *** [all] Error 2 *** Error code 2 Stop in /usr/ports/devel/libbonobo. *** Error code 1 Stop in /usr/ports/net-mgmt/etherape. bash-2.05b# ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Connection timed out
Hello, I am trying to resolve a connection timed out problem. The problem occurs when I attempt to ssh, or http to my freebsd host from my windows (2K) box. About 3/4 of the time I get a "Connection timed out" when I attempt to ssh into the freebsd host. Coincident with this behaviour, I can not ping my windows box from the freebsd host, and when I try I get no packets returned. Meanwhile, the freebsd box at no time has any problems pinging google, only the local network. I recall having a sockets timeout variable or something that needed tuning when I ran freebsd as a http / ssh server before . Can someone provide a hint as to how I can resolve this? Thanks, Matthew -bash-2.05b$ uname -a FreeBSD ns.mbpesecurity.com 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #0: Mon Oct 23 00:47:22 EDT 2006 [EMAIL PROTECTED] urity.com:/usr/obj/usr/src/sys/MPKERNEL i386 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Connection timed out
I find that during the blocking behaviour, when I try and ping the windows box, a tcpdump shows that each second ping attempt is followed by a response (it appears) from an IPv6 address (10.1.1.99 is the freebsd host): Virtual terminal 1: $ tcpdump > tcpdump.out Virtual terminal 2: $ ping 10.1.1.173 [my win2K box, named mpworkstation] Virtual terminal 1: $ CTRL-C Virtual terminal 1: $ cat tcpdump.out 13:30:51.066625 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 13:30:53.069431 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 13:30:53.778918 IP 10.1.1.99 > mpworkstation: ICMP echo request, id 25361, seq 0, length 64 13:30:54.712093 IP 10.1.1.99.domain > blackhole-1.iana.org.domain: 39723 [1au] PTR? 99.1.1.10.in-addr.arpa. (51) 13:30:54.779708 IP 10.1.1.99 > mpworkstation: ICMP echo request, id 25361, seq 1, length 64 13:30:54.803586 arp who-has 10.1.1.2 tell 10.1.1.119 13:30:54.840818 IP blackhole-1.iana.org.domain > 10.1.1.99.domain: 39723 NXDomain* 0/1/1 (128) 13:30:55.072256 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 13:30:55.780687 IP 10.1.1.99 > mpworkstation: ICMP echo request, id 25361, seq 2, length 64 13:30:55.841542 IP 10.1.1.99.domain > blackhole-2.iana.org.domain: 1862 [1au] PTR? 2.1.1.10.in-addr.arpa. (50) 13:30:55.970699 IP blackhole-2.iana.org.domain > 10.1.1.99.domain: 1862 NXDomain* 0/1/1 (127) 13:30:55.971365 IP 10.1.1.99.domain > blackhole-1.iana.org.domain: 16894 [1au] PTR? 119.1.1.10.in-addr.arpa. (52) 13:30:56.099288 IP blackhole-1.iana.org.domain > 10.1.1.99.domain: 16894 NXDomain* 0/1/1 (129) 13:30:56.781666 IP 10.1.1.99 > mpworkstation: ICMP echo request, id 25361, seq 3, length 64 13:30:57.075128 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 13:30:57.778934 IP 192.168.1.108.netbios-dgm > 192.168.1.255.netbios-dgm: NBT UDP PACKET(138) 13:30:57.779300 IP 10.1.1.108.netbios-dgm > 10.1.1.255.netbios-dgm: NBT UDP PACKET(138) 13:30:57.782640 IP 10.1.1.99 > mpworkstation: ICMP echo request, id 25361, seq 4, length 64 13:30:58.099166 IP 10.1.1.99.domain > epazote.arin.net.domain: 41215 [1au] PTR? 255.1.168.192.in-addr.arpa. (55) 13:30:58.783615 IP 10.1.1.99 > mpworkstation: ICMP echo request, id 25361, seq 5, length 64 13:30:59.077884 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 13:30:59.784593 IP 10.1.1.99 > mpworkstation: ICMP echo request, id 25361, seq 6, length 64 13:31:00.099647 IP 10.1.1.99.domain > c3.NSTLD.COM.domain: 18950 [1au] PTR? 255.1.168.192.in-addr.arpa. (55) 13:31:00.174654 IP c3.NSTLD.COM.domain > 10.1.1.99.domain: 18950- 0/2/1 (115) 13:31:00.174865 IP 10.1.1.99.domain > blackhole-2.iana.org.domain: 21147 [1au] PTR? 255.1.168.192.in-addr.arpa. (55) 13:31:00.302542 IP blackhole-2.iana.org.domain > 10.1.1.99.domain: 21147 NXDomain* 0/1/1 (132) 13:31:00.303203 IP 10.1.1.99.domain > blackhole-1.iana.org.domain: 15742 [1au] PTR? 108.1.168.192.in-addr.arpa. (55) 13:31:00.424762 IP blackhole-1.iana.org.domain > 10.1.1.99.domain: 15742 NXDomain* 0/1/1 (132) 13:31:00.425485 IP 10.1.1.99.domain > blackhole-2.iana.org.domain: 36677 [1au] PTR? 255.1.1.10.in-addr.arpa. (52) 13:31:00.539310 IP blackhole-2.iana.org.domain > 10.1.1.99.domain: 36677 NXDomain* 0/1/1 (129) 13:31:00.539955 IP 10.1.1.99.domain > blackhole-1.iana.org.domain: 34458 [1au] PTR? 108.1.1.10.in-addr.arpa. (52) 13:31:00.653398 IP blackhole-1.iana.org.domain > 10.1.1.99.domain: 34458 NXDomain* 0/1/1 (129) 13:31:00.785569 IP 10.1.1.99 > mpworkstation: ICMP echo request, id 25361, seq 7, length 64 13:31:01.081370 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 Lowell Gilbert wrote: Matthew Pope <[EMAIL PROTECTED]> writes: I am trying to resolve a connection timed out problem. The problem occurs when I attempt to ssh, or http to my freebsd host from my windows (2K) box. About 3/4 of the time I get a "Connection timed out" when I attempt to ssh into the freebsd host. Coincident with this behaviour, I can not ping my windows box from the freebsd host, and when I try I get no packets returned. Meanwhile, the freebsd box at no time has any problems pinging google, only the local network. I recall having a sockets timeout variable or something that needed tuning when I ran freebsd as a http / ssh server before . Can someone provide a hint as to how I can resolve this? Thanks, Matthew -bash-2.05b$ uname -a FreeBSD ns.mbpesecurity.com 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #0: Mon Oct 23 00:47:22 EDT 2006 [EMAIL PROTECTED] urity.com:/usr/obj/usr/src/sy
RESOLVED: Connection timed out
Greg, Your email was very helpful. I isolated the freebsd box, and the win2K box on a LAN without connection to the upstream Cisco device, and all the connectivity problems went away. I'll be implementing the 'turn off STP' on those Cisco ports shortly. Many thanks, Matthew Greg Barniskis wrote: Matthew Pope wrote: I find that during the blocking behaviour, when I try and ping the windows box, a tcpdump shows that each second ping attempt is followed by a response (it appears) from an IPv6 address... 13:30:51.066625 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 13:30:53.069431 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 If you're referring to the above samples as "appears from IPV6", those are Spanning Tree Protocol packets originating from the Cisco switch, and are unrelated to your ping test. You will see them on the wire frequently even in the absence of any normal IP traffic. You probably want the following Cisco configuration directive added to those switch ports that do not connect the 2900 to other switches: spanning-tree portfast The presence of the STP packets may or may not be related to your performance issues. They shouldn't be, but some buggy NICs/drivers do seem to get freaked out by STP. When STP is enabled on a switch port, it definitely will delay your initial link establishment by 30 seconds or so, when the attached computer is first powered up. That alone can confuse things when the NIC is trying to negotiate a link speed and the switch is still thinking about STP. It's even possible that you're getting a link speed/duplex mismatch out of it, and of course that will play holy hell with your response time. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"