Re: Gateway and link-local (IPv4) possible?
On Sun, 2011-05-22 at 13:02 +0200, W. Martin Borgert wrote: This embedded device is not a router, so it would make more sense, if it would get its network information from the PC. Souns like a use case for a shared to other computers connection type in NM. This fires up a DHCP server on that interface and does Route/NAPT for the DCHP Clients. This would solve the address assignmet, routing, and internet accessibility issues in one go.. regards Marc ___ networkmanager-list mailing list networkmanager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Gateway and link-local (IPv4) possible?
On Sun, 2011-05-22 at 17:04 +0200, W. Martin Borgert wrote: This sounds like the perfect setup for the PC side. (In many cases this would be an MS-Windows PC, though.) Well, they call it internet connection sharing over at Microsoft's place. At least that's what it used to be called in the Windows XP days. I wonder, what is the complementary NM setup for the embedded devices side? I should think that it is Automatic (DHCP) with Require IPv4 addressing for this connection to complete disabled. I'm not quite sure if some other features are needed such as zeroconf networking or similar, this might depend on your distribution. Is there a connection type in network manager, that first tries DHCP (dhclient) and after timing out tries local link as second option? I think that with some of the functionality from zeroconf networking (wich provides LL-addressing for IPv4, mDNS name resolution, and service discovery), this should be feasible. regards Marc ___ networkmanager-list mailing list networkmanager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple VPNs and resolvconf
On Mon, 2009-08-10 at 11:51 +0200, Dominik George wrote: I'm not quite sure whether this is a problem. If nameserver A cannot resolve a hostname, the system will try nameserver B automagically, then nameserver C until it gets a result. Not if the first nameserver returns NXDOMAIN; the local resolver will accept this as a valid response and won't query another nameserver. regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Multiple VPNs and resolvconf
On Mon, 2009-08-10 at 08:57 -0400, Mathieu Trudel-Lapierre wrote: For each special domain that you want dnsmasq to query a very specific nameserver for, add a server=/domain/nameserver_ip line. Anyone interested, please also look at the thread: Working with a local DNS cache, started by Adam Langley on Aug 5 2009 (just a few days ago). regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Default-Routing problems
On Sat, 2009-03-14 at 21:47 -0400, Daniel wrote: The problem is that when I have a wireless connection going, then plug in the ethernet - the route defaults to the wired connection. Hence, killing my ability to waste time surfing and reading mailing lists... ;) Does this happen as well if you create a special wired profile for that work site which has the setting DHCP (Addresses only)? it could imagine that like this, it will only get an addess and ignore any other info such as DNS servers, WINS servers and NetBIOS node types. Ah.. just tried it. Doesn't work; it still accepts the default gateway from DHCP and modifies the routing table This however works: create a wired configuration profile for that work site, which has has a static IP, but no default gateway configuration. Like that, the DHCP-learnt route from the WiFi will take precedence. regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: dns work arounds
On Wed, 2009-03-11 at 16:40 -0400, Eric S. Johansson wrote: since the latest netmanager won't compile on 8.04 (kernel too old), any ideas for workarounds? https://launchpad.net/~network-manager/+archive/ppa select hardy heron and find the right sources.list statements: deb http://ppa.launchpad.net/network-manager/ppa/ubuntu hardy main deb-src http://ppa.launchpad.net/network-manager/ppa/ubuntu hardy main That should word, I think regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: vpnc plugin: order of resolv.conf entries when using Mobile Broadband vs. (W)LAN
Hi all Sorry for the delay - there was practically no time to play around with my laptop these days. In the meantime, I had to upgrade to network-manager packages from Launchpad PPA, because the Huawei E220 UMTS device didn't work with the normal version shipped with Ubuntu 8.10 (see first post). network-manager: 0.7-0ubuntu1~nm1~intrepid1 network-manager-gnome: 0.7-0ubuntu1~nm1~intrepid1 network-manager-vpnc: 0.7-0ubuntu1~nm1~intrepid1 I guess these names don't mean much - they're available here: https://launchpad.net/~network-manager/+archive/ppa And if I understand correctly, are based on 0.7 final and were release on Dec 28 2008. Nonetheless, even with these versions of network-manager packages, I had the same issue with the sequence of the name-server entries in /etc/resolv.conf as described in the first post. On Tue, 2009-01-20 at 22:46 -0500, Dan Williams wrote: Ok, so your home netblock is still being routed over the VPN because the server is pushing down a route that explicitly directs the traffic from your home network over the VPN before the routing table even gets to the default route. I wouldn't know that I had configured the VPN Box to do that (in the sense of pushing a route or an explicit split tunnel configuration). I rather think that this comes from the fact that the tun0 gets assigned an IP address from my home network block with mask /24 - so 172.20.125.0/24 implictely becomes what we call a connected subnet in cisco speak. But let's stay on topic... Yeah, so this doesn't look correct. Let's assume that perhaps resolvconf is screwing something up since it's obviously rewriting the file. Would you mind moving the resolvconf binary (usually /bin/resolvconf) out of the way so that NM can't find it? NM *should* then fall back to writing out /etc/resolv.conf directly, which should allow us to isolate whether NM is indeed getting the nameserver ordering wrong, or whether it's the extra indirection of resolvconf So I renamed /sbin/resolvconf to something else and now /etc/resolv.conf looks somewhat different (most noticeably it now says generated by NetworkManager). Mobile Broadband up, VPN Tunnel down: (DNS IP addresses are different from first post, different mobile broadband provider). ~$ more /etc/resolv.conf # Generated by NetworkManager nameserver 212.35.35.35 nameserver 212.35.35.5 Mobile Broadband up, VPN Tunnel up: ~$ more /etc/resolv.conf # Generated by NetworkManager domain my home domain search my home domain nameserver 172.20.125.30 nameserver 212.35.35.35 nameserver 212.35.35.5 Now that does look better indeed. Same goes when using the (home based) WLAN hotspot outside the VPN Gateway (Hotspot Subnet: 172.20.124.0/24) Hotspot WLAN up, VPN down: ~$ more /etc/resolv.conf # Generated by NetworkManager nameserver 172.20.124.1 Hotspon WLAN up, VPN up; ~$ more /etc/resolv.conf # Generated by NetworkManager domain my home domain search my home domain nameserver 172.20.125.30 nameserver 172.20.124.1 Does this leave us with a resolv.conf issue, then? Well, there seems to be somewhat of an issue: https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/183585 regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: vpnc plugin: order of resolv.conf entries when using Mobile Broadband vs. (W)LAN
On Mon, 2009-01-19 at 11:24 -0500, Dan Williams wrote: VPN (if VPN all traffic is routed over the VPN) Primary connection Others What if the default route does _not_ go trough the VPN (as it is in my case)? The question I guess is if your VPN is becoming your default route or not in both cases. It's not, in neither case. The VPN configuration has a 172.20.125.0/24 route for my home network (where the home DNS is) through the VPN. So let me bring some output: With WLAN (Hotspot LAN: 172.20.124.0/24, VPN Gateway 172.20.124.10) and VPN tunnel up (172.20.125.0/24 configured to go through the tunnel). ~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Iface 172.20.124.10 0.0.0.0 255.255.255.255 UH0 wlan0 172.20.124.00.0.0.0 255.255.255.0 U 2 wlan0 172.20.125.00.0.0.0 255.255.255.0 U 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000wlan0 0.0.0.0 172.20.124.10.0.0.0 UG0 wlan0 ~$ ~$ more /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 172.20.125.30 nameserver 172.20.124.1 search my.domain With Mobile Broadband and VPN tunnel down: ~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Iface 10.6.6.60.0.0.0 255.255.255.255 UH0 ppp0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000ppp0 0.0.0.0 10.6.6.60.0.0.0 UG0 ppp0 ~$ ~$ more /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 138.188.101.186 nameserver 138.188.101.189 With Mobile Broadband and VPN tunnel up (172.20.125.0/24 configured to go through the tunnel): (where 85.5.xxx.xxx is the current dynamic IP of my VDSL connection - IOW my VPN Gateway). ~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Iface 85.5.xxx.xxx10.6.6.6255.255.255.255 UGH 0 ppp0 10.6.6.60.0.0.0 255.255.255.255 UH0 ppp0 172.20.125.00.0.0.0 255.255.255.0 U 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000ppp0 0.0.0.0 10.6.6.60.0.0.0 UG0 ppp0 ~$ ~$ more /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 138.188.101.186 nameserver 138.188.101.189 nameserver 172.20.125.30 search my.domain For a test, I removed the 172.20.125.0/24 route from the VPN configuration, so that the default route now goes through interface tun0, as your comment suggested. With Mobile Broadband and VPN tunnel up (default route through the tunnel): ~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Iface 85.5.xxx.xxx10.6.6.6255.255.255.255 UGH 0 ppp0 10.6.6.60.0.0.0 255.255.255.255 UH0 ppp0 172.20.125.00.0.0.0 255.255.255.0 U 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000ppp0 0.0.0.0 0.0.0.0 0.0.0.0 U 0 tun0 ~$ ~$ more /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 138.188.101.186 nameserver 138.188.101.189 nameserver 172.20.125.30 search my.domain So the Mobile ISP's DNSs still take precedence over the VPN connection's DNSs in resolv.conf, with default route through the VPN or not. I can resolve internal names allright - after sending two queries towards the ISPs DNSs unnecessarily (with my Cisco PIX, they're unreachable anyway). If this (mis)behaviour is Ubuntu specific, I'll happily file a bug on launchpad, that's why I wanted to know if it was intentional to have it different when connecting with (W)LAN vs connecting with Mobile Broadband. regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Mobile broadband and carriers
On Mon, 2009-01-19 at 19:47 +0200, Janne Boman wrote: Nothing gets written to that file when I plug in the phone. The applet goes trough the set up dialogs, an option to select my carrier appears on the list of available networks, but when I select the mobile carrier the connection returns to use the wireless network (or whatever I was using at that time...). It's kinda weird, the last log entry is dated about 7 hours ago, there's nothing on my current session (a power of in the middle). Try disabling Wireless globally in NM before starting the Mobile Broadband connection. I can't get Mobile Broadband to work either on my Ubuntu 8.10 while any WiFi or LAN connection remains enabled. It results in a very wierd setup, where the default route remains on the wlan0 interface (or eth0, for that matter...). ~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Iface 10.6.6.60.0.0.0 255.255.255.255 UH0 ppp0 172.20.124.00.0.0.0 255.255.255.0 U 2 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000ppp0 0.0.0.0 172.20.124.10.0.0.0 UG0 wlan0 Yet, the Mobile ISP's DNS servers take precedence over the WLAN ones: m...@torch:~$ more /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 138.188.101.186 nameserver 138.188.101.189 nameserver 172.20.124.1 This can't work, really - what if the Mobile ISP assigns DNS addresses that are not routeable via the WLAN network? regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Mobile broadband and carriers
On Tue, 2009-01-20 at 13:26 +0200, Janne Boman wrote: Jan 20 13:06:22 lauta NetworkManager: WARN check_pin_done(): PIN checking timed out Which mechanism are you using to give the PIN to the device? When editing the connection in NM's GUI (under Edit Connections in the Mobile Broadband tab), did you enter the PIN in the field? Using it with NM's functionality instead of the KPP scripts might make it work in the end. regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
vpnc plugin: order of resolv.conf entries when using Mobile Broadband vs. (W)LAN
Hi all I am running Ubuntu 8.10 with ... network-manager 0.7~~svn20081018t105859-0ubuntu1.8.10.1 network-manager-gnome 0.7~~svn20081020t000444-0ubuntu1.8.10.1 network-manager-vpnc0.7~~svn20081015t024626-0ubuntu1 ... to build a VPN tunnel to the Cisco PIX at my home. When using a public WLAN hotspot or some other form of (W)LAN connectivity, /etc/resolv.conf looks like this after the VPN Tunnel is up: nameserver my home DNS IP nameserver hotspot LAN DNS1 IP nameserver hotspot LAN DNS2 IP search my private home domain This is exactly I want it to be (VPN connection's DNS listed first), so I can resolve internal names of my home LAN. Using the very same VPN connection entry, with either of my two (swisscom) mobile phones to connect via Mobile Broadband, /etc/resolv.conf gets updated in a different way: nameserver 138.188.101.186 (dnsscm3.swisscom.com) nameserver 138.188.101.189 (dnsscm4.swisscom.com) nameserver my home DNS IP search my private home domain This is unlucky, because now the mobile broadband ISPs get queried first, and of course they wouldn't know anything about my private home domain - and I can't resolve names in there. Is this intentional, or can it be configured somewhere? regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: VPNC plugin on Ubuntu 8.04: disable DPD?
Hi all On Thu, 2008-06-05 at 12:19 +0200, Marc Luethi wrote: Assuming that network-manager-vpnc is using vpnc behind the scenes, is there a way (a config file, perhaps?) to make the VPNC plugin set/unset this parameter? (I am no programmer - just a user...) I have found a workaround solution which might help at least the Ubuntu users affected by this issue. In ubuntu Bug #206673 (https://bugs.launchpad.net/ubuntu/+source/vpnc/+bug/206673 , Chris has made .deb packages of VPNC available on launchpadlibrarian.net that have the DPD timeout set to 0 by default. Installation on Ubuntu was easy, just replacing vpnc from the repositories by this version. This is a rough approach since it might cause conflicts with some VPN configurations that need DPD and the user has to enable it explicitely for these configurations; whereas it was enabled by default before. Nonetheless it solves my problem for the time being. regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
VPNC plugin on Ubuntu 8.04: disable DPD?
Hi all! First: If this is the wrong place to ask about the VPNC plugin, please tell me to sod off and maybe leave a hint on where else to ask ;-) After upgrading to Ubuntu 8.04, I am now using NetworkManager 0.6.6 with nm-applet 0.6.6, and according to aptitude, I have network-manager-vpc 0.6.4svn2422-0ubuntu5 vpnc0.5.1r275-1 I am running a Cisco PIX501 at home which does not support DPD (and probably never will). Now I am affected by this problem: https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/206000 The currently installed vpnc supports disabling of the DPD feature: [EMAIL PROTECTED]:~$ vpnc --long-help [...] --dpd-idle 0,10-86400 Send DPD packet after not receiving anything for idle seconds. Use 0 to disable DPD completely (both ways). Default: 300 conf-variable: DPD idle timeout (our side) 0,10-86400 [...] Assuming that network-manager-vpnc is using vpnc behind the scenes, is there a way (a config file, perhaps?) to make the VPNC plugin set/unset this parameter? (I am no programmer - just a user...) I know that DPD configuration should be possible on a per-connection basis, as some VPN configurations will require DPD to be active - while others might not. There have been suggestions to use older versions of network-manager-vpnc or different versions of network-manager altogether, which is not what I'd like to do. For now, I'd be happy if I could enable/disable network-manager-vpnc's DPD globally. Can this be done? thanks best regards Marc ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list