Re: serving DNS: the chicken and the egg

2006-07-29 Thread Rob Gault 
You first need to register your server as a DNS with your registrar
before you can set it as an authoritative server.  

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Jacob Yocom-Piatt
Sent: Saturday, July 29, 2006 10:34 AM
To: misc@openbsd.org
Subject: serving DNS: the chicken and the egg

i've decided to stop using zoneedit.com for DNS services since i can't
get the
DNS A record TTL set properly for one of my domains using their
services.
however, i am confused about how to make this work. the registrar that i
keep my
domains with allows me to list the nameservers for the domain, but it
does not
allow me to list IPs for the nameservers. if i'm serving DNS from the
same
domain/IP that i want to list DNS records for, how do i get the
registrar to
point to my DNS server?

i'm to understand this has to do with glue records, but i'm still
working on how
to do this. the domain in question is a .US domain. any advice is
appreciated.

cheers,
jake

Re: VLAN-Problems

2006-04-04 Thread Rob Gault 
The first thing I noticed is that SK0 is only at half duplex and you
have duplex full on the switch port.  This can cause similar problems
to what you are describing.  I've found it always best to set the speed
 duplex on both devices (switch and PC) when creating trunks.  HTH

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Heinrich Rebehn
Sent: Tuesday, April 04, 2006 12:13 PM
To: misc@openbsd.org
Subject: VLAN-Problems

Hi all,

i am currently setting up a new firewall for our department. I already 
set up an OpenBSD Firewall and i am very satisfied with it :-)

The new machine is set up to use dot1q vlans in order to save on 
interfaces and ports in our Cisco switch.

This is the first time i am using dot1q and i am experiencing strange 
problems, which are not easy to describe, but i will try:

Generally, operation is *very* slow, if i try to ping one of the 
machine's interfaces, one ping is echoed, then it pauses for a minute, 
then another ping comes though.

ssh'ing into the box is possible after some 20 seconds delay (no, it is 
not reserve dns lookup), i can type commands and see the outputs, 
interspersed with occasional delays. As soon as i do a tcpdump on the 
interface that i used to login, the connection is dead.

Logging in and working locally works w/o problems.

Routing is very sluggish, close to unusable.

Some questions (could not find answers with google or mailinglist):

- Do the physical interfaces need an ip address (i guess not)
- Can i filter on the physical interfaces in pf / do i have to 
explicitly pass them (does not seem to make a difference)

If i change the configuration to non-vlan operation everything runs fine

  :-)

I am attaching ifconfig and dmesg output. The physical interface, sk0 is

shown as having no carrier, this is because i had to pull the plug 
while taking the information because another machine (our old firewall) 
was running with the same address.

I have googled and looked in the mailing list, but did not find such 
problems mentioned. Does anybody have an idea? If i cannot get this to 
work, someone else will probably set up a linux firewall, which i would 
rather try to avoid..

I am not sure what type of switch is on the other end, here is some 
output that the admin mailed me:

vlan 86
name WLAN
!
vlan 182
name BackBone
!
interface FastEthernet6/19
description k307 n2340-19a
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 16,86,182,231,232
switchport mode trunk
duplex full

Thanks for any hints,

Heinrich Rebehn

University of Bremen
Physics / Electrical and Electronics Engineering
- Department of Telecommunications -

Phone : +49/421/218-4664
Fax   :-3341
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33224
groups: lo 
inet 127.0.0.1 netmask 0xff00 
sk0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:13:d4:de:cf:88
media: Ethernet autoselect (1000baseT half-duplex)
status: no carrier
xl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:0a:5e:61:7a:2d
media: Ethernet autoselect (none)
status: no carrier
xl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:0a:5e:61:7a:04
media: Ethernet autoselect (none)
status: no carrier
pflog0: flags=0 mtu 33224
pfsync0: flags=0 mtu 1348
enc0: flags=0 mtu 1536
vlan0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:13:d4:de:cf:88
vlan: 16 parent interface: sk0
groups: vlan 
inet 134.102.176.250 netmask 0xff00 broadcast
134.102.176.255
vlan1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:13:d4:de:cf:88
vlan: 231 parent interface: sk0
groups: vlan 
vlan4: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:13:d4:de:cf:88
vlan: 182 parent interface: sk0
groups: vlan egress 
inet 134.102.186.20 netmask 0xff00 broadcast 134.102.186.255
vlan5: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:13:d4:de:cf:88
vlan: 86 parent interface: sk0
groups: vlan 
inet 172.21.1.8 netmask 0x broadcast 172.21.255.255
OpenBSD 3.8-stable (ANT) #2: Thu Mar 30 16:59:00 CEST 2006
 
[EMAIL PROTECTED]:/root/flashboot-0.9beta1/obj/ANT
cpu0: AMD Athlon(tm) 64 Processor 3000+ (AuthenticAMD 686-class, 512KB
L2 cache) 1.81 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
CFLUSH,MMX,FXSR,SSE,SSE2,SSE3
cpu0: AMD Powernow: FID VID TTP TM STC
real mem  = 536125440 (523560K)
avail mem = 459415552 (448648K)
using 4278 buffers containing 26910720 bytes (26280K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 11/03/05, BIOS32 rev. 0 @
0xf0010
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at