Re: [SLUG] DHCP -> DDNS not updating

2011-02-14 Thread John Clarke 
On Tue, Feb 15, 2011 at 05:13:05PM +1100, Kyle wrote:

> All my relevant hosts and my DNS server all sit on the 192.168 subnet  
> all behind the same firewall with no reason to go near the modem? The  
> DNS server does act as a firewall, but yes, the relevant ports on the  
> eth1 side for DNS are open (namely 53 & for whatever reason - can't  
> remember now - 953).

You need port 53 TCP and UDP, and port 953 TCP.  Port 953 is bind's
default control port, i.e. what rndc uses to talk to the server. 
nsupdate uses TCP port 53 IIRC.


John

-- 
Active ECM, coming soon to a WLAN near you!
-- Chris Suslowicz
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] DHCP -> DDNS not updating

2011-02-14 Thread John Clarke 
On Tue, Feb 15, 2011 at 05:35:10PM +1100, Kyle wrote:

> > domain domain1.com
> incorrect section name: domain

I suspect you mean "zone domain1.com".  "domain" is not a valid command.

> nsupdate -k /etc/rndc.key - The man page says that that format  
> requires a filename in the format 'K{name}.+157.+{random}.private'.  
> That's a new one on me. Where, why & how is that needed?

That's been the case for as long as I've been using nsupdate, at least
five years.  The filename format is what dnssec-keygen outputs when you
ask it to generate a key.

One other thing you need to make sure of is that the client and server
have their clocks synchronised (e.g. with ntp), otherwise the update
will fail.

There's an nsupdate HOWTO here:

http://caunter.ca/nsupdate.txt

and I have a page explaining how to get DHCP3 to do DDNS updates here:

http://kirriwa.net/john/doc/ddns.html



John

-- 
"Bloody kids. If it hasn't got a front panel and you don't have to toggle in
the bootstrap by hand you haven't experienced a real installation."
-- Peter da Silva
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] DHCP -> DDNS not updating

2011-02-14 Thread Kyle 

 Ok,   that get's more info.
-

[root@server1 ~]# nsupdate -k /etc/rndc.key
could not read key from /etc/rndc.key: unexpected token
> [root@server1 ~]# man nsupdate
[root@server1 ~]# nsupdate -y domain1_key:
> server 127.0.0.1
> domain domain1.com
incorrect section name: domain
> update add client1.domain1.com 864000 A 192.168.1.104
> show
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  0
;; flags: ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
client1.domain1.com.864000INA192.168.1.104

> send
could not find enclosing zone
[root@server1 ~]# host client1
Host client1 not found: 3(NXDOMAIN)
[root@server1 ~]# host client1.domain1.com
Host client1.domain1.com not found: 3(NXDOMAIN)
---

So questions arising from that are;

nsupdate -k /etc/rndc.key - The man page says that that format 
requires a filename in the format 'K{name}.+157.+{random}.private'. 
That's a new one on me. Where, why & how is that needed?


Just that error alone leads me to think the "not authorized" part of the 
'forward map' error I was getting has to do with not being able to find 
the key. But then, after issuing the send command, I get the error;


"could not find enclosing zone". I can imagine if the key were not being 
found, the zone would not be found but don't know how/where that might 
becoming from?


I'm going to assume the;

> domain domain1.com
incorrect section name: domain

is just a spurious section because the "domain " command 
doesn't exist.





Kind Regards

Kyle


On 15/02/11 1:55 PM, Peter Chubb wrote:

Hi Kyle,
I suggest looking in /var/log/messages  (I believe the default
confiuration for CENTOS logs everything into there )

You should see lines like:
  Feb 15 06:25:34 vampire dhcpd: DHCPREQUEST for A.B.C.D from
  some:mac:address:here  via eth0
then you might see something like
  Feb 15 06:25:35 vampire named[3921]: client 127.0.0.1#53: update
  'keg.ertos.in.nicta.com.au/IN' denied

or,

Feb 14 17:35:04 vampire named[4854]: client 127.0.0.1#42217: updating zone 
'keg.ertos.in.nicta.com.au/IN': update unsuccessful: 
bigmac.keg.ertos.in.nicta.com.au: 'name not in use' prerequisite not satisfied 
(YXDOMAIN)


You may also want to check that can update named manually, using
nsupdate.

As root, on the machine running dhcpd, do

nsupdate -k keyfile
server whateveryournameserveris
domain domain.com
update add fred.domain.com 864000 A 192.168.1.100
show
send

or similar.  Then try host fred.domain.com to see if you can see the
record you just added.

Peter C
--
Dr Peter Chubb  peter DOT chubb AT nicta.com.au
http://www.ertos.nicta.com.au   ERTOS within National ICT Australia
All things shall perish from under the sky/Music alone shall live, never to die


--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] DHCP -> DDNS not updating

2011-02-14 Thread Kyle 

 Ben,

Ok, maybe I'm misunderstanding you.

Why would I need to be port forwarding?

All my relevant hosts and my DNS server all sit on the 192.168 subnet 
all behind the same firewall with no reason to go near the modem? The 
DNS server does act as a firewall, but yes, the relevant ports on the 
eth1 side for DNS are open (namely 53 & for whatever reason - can't 
remember now - 953).


For clarification the setup is

modem (FW)
|
Server (FW, DNS, DHCP, etc)   eth0 = 10.X subneteth1 = 192.168 
subnet DHCP listens on 192.168.x.x

|
internal DHCP hosts on 192.168 subnet


Kind Regards

Kyle


On 15/02/11 1:47 PM, Ben Donohue wrote:

yes that's what I'm talking about.

are you port forwarding DNS to your internal dns server?

setup a test box on the inside of the modem and see if it works with 
just the modem in place.


Thanks,
Ben Donohue


On 15/02/2011 1:28 PM, Kyle wrote:

 Ben,

thanks for taking the time to look. Perhaps I wasn't clear. My issues 
are not external clients not updating; rather internal only. I.e. 
Everything behind my firewalls.



Kind Regards

Kyle


On 15/02/11 1:11 PM, Ben Donohue wrote:

Hi,

I'd check that you are port forwarding or "virtual server" from the 
modem port 53 tcp and udp to the internal dns server


reboot everything starting from the modem and working your way inwards

try to simplify the problem. Run up a new box if you can and stick 
it temporarily on the inside of the modem and see if it is getting 
dns correctly... go to websites etc if working then place it on 
the other side of the svr1 and test from there...



Thanks,
Ben Donohue


On 15/02/2011 11:59 AM, Kyle wrote:

 Hi SLUG,

I have an issue that is becoming more annoying the more I try to 
track it down.


Can I ask those of you interested to take a look at the following 
thread please: 
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30080&forum=40


I realise this might be a little  brave ... to ask you to go 
outside the list, but it is a fairly detailed thread (i.e. lengthy 
read) with all the necessary info on the box's config and all the 
testing I have done.


In short;
---
mixed clients XP, 7, OSX, Ubuntu 10 to a CentOS 5.5 svr all in an 
MS WORKGROUP type setup.

DHCP licences handed out, some reserved.
DNS zones supposedly set up to provide name-based network browsing 
within the WORKGROUP domain and for internal clients to find 
inbound mail servers for 5 other domains.

---

But try as I might, I can't seem to get the DNS updated anymore and 
I swear it USED TO WORK. The only thing I have since done is update 
the packages as they came out.


I am as far as the error:  "Unable to add forward map from 
client1.domain1.com to 192.168.1.104: not authorized"  and that's 
where it stops. No amount of googlage has so far shone a torch on 
the issue. The disheartening thing is the bloody redmond boxes CAN 
find other hosts by name, but not the linux or OSX boxes.


If you have the time and incl. to have a read and point out where 
the hell I'm going wrong pls, I'd be grateful.





--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] DHCP -> DDNS not updating

2011-02-14 Thread Peter Chubb 
Hi Kyle,
   I suggest looking in /var/log/messages  (I believe the default
   confiuration for CENTOS logs everything into there )

You should see lines like:
 Feb 15 06:25:34 vampire dhcpd: DHCPREQUEST for A.B.C.D from
 some:mac:address:here  via eth0
then you might see something like
 Feb 15 06:25:35 vampire named[3921]: client 127.0.0.1#53: update
 'keg.ertos.in.nicta.com.au/IN' denied 

or, 

Feb 14 17:35:04 vampire named[4854]: client 127.0.0.1#42217: updating zone 
'keg.ertos.in.nicta.com.au/IN': update unsuccessful: 
bigmac.keg.ertos.in.nicta.com.au: 'name not in use' prerequisite not satisfied 
(YXDOMAIN)


You may also want to check that can update named manually, using
nsupdate.

As root, on the machine running dhcpd, do

nsupdate -k keyfile
server whateveryournameserveris
domain domain.com
update add fred.domain.com 864000 A 192.168.1.100
show
send

or similar.  Then try host fred.domain.com to see if you can see the
record you just added.

Peter C
--
Dr Peter Chubb  peter DOT chubb AT nicta.com.au
http://www.ertos.nicta.com.au   ERTOS within National ICT Australia
All things shall perish from under the sky/Music alone shall live, never to die
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] DHCP -> DDNS not updating

2011-02-14 Thread Kyle 

 Ben,

thanks for taking the time to look. Perhaps I wasn't clear. My issues 
are not external clients not updating; rather internal only. I.e. 
Everything behind my firewalls.



Kind Regards

Kyle


On 15/02/11 1:11 PM, Ben Donohue wrote:

Hi,

I'd check that you are port forwarding or "virtual server" from the 
modem port 53 tcp and udp to the internal dns server


reboot everything starting from the modem and working your way inwards

try to simplify the problem. Run up a new box if you can and stick it 
temporarily on the inside of the modem and see if it is getting dns 
correctly... go to websites etc if working then place it on the 
other side of the svr1 and test from there...



Thanks,
Ben Donohue


On 15/02/2011 11:59 AM, Kyle wrote:

 Hi SLUG,

I have an issue that is becoming more annoying the more I try to 
track it down.


Can I ask those of you interested to take a look at the following 
thread please: 
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30080&forum=40


I realise this might be a little  brave ... to ask you to go 
outside the list, but it is a fairly detailed thread (i.e. lengthy 
read) with all the necessary info on the box's config and all the 
testing I have done.


In short;
---
mixed clients XP, 7, OSX, Ubuntu 10 to a CentOS 5.5 svr all in an MS 
WORKGROUP type setup.

DHCP licences handed out, some reserved.
DNS zones supposedly set up to provide name-based network browsing 
within the WORKGROUP domain and for internal clients to find inbound 
mail servers for 5 other domains.

---

But try as I might, I can't seem to get the DNS updated anymore and I 
swear it USED TO WORK. The only thing I have since done is update the 
packages as they came out.


I am as far as the error:  "Unable to add forward map from 
client1.domain1.com to 192.168.1.104: not authorized"  and that's 
where it stops. No amount of googlage has so far shone a torch on the 
issue. The disheartening thing is the bloody redmond boxes CAN find 
other hosts by name, but not the linux or OSX boxes.


If you have the time and incl. to have a read and point out where the 
hell I'm going wrong pls, I'd be grateful.



--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] DHCP -> DDNS not updating

2011-02-14 Thread Ben Donohue 

Hi,

I'd check that you are port forwarding or "virtual server" from the 
modem port 53 tcp and udp to the internal dns server


reboot everything starting from the modem and working your way inwards

try to simplify the problem. Run up a new box if you can and stick it 
temporarily on the inside of the modem and see if it is getting dns 
correctly... go to websites etc if working then place it on the 
other side of the svr1 and test from there...



Thanks,
Ben Donohue


On 15/02/2011 11:59 AM, Kyle wrote:

 Hi SLUG,

I have an issue that is becoming more annoying the more I try to track 
it down.


Can I ask those of you interested to take a look at the following 
thread please: 
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30080&forum=40


I realise this might be a little  brave ... to ask you to go 
outside the list, but it is a fairly detailed thread (i.e. lengthy 
read) with all the necessary info on the box's config and all the 
testing I have done.


In short;
---
mixed clients XP, 7, OSX, Ubuntu 10 to a CentOS 5.5 svr all in an MS 
WORKGROUP type setup.

DHCP licences handed out, some reserved.
DNS zones supposedly set up to provide name-based network browsing 
within the WORKGROUP domain and for internal clients to find inbound 
mail servers for 5 other domains.

---

But try as I might, I can't seem to get the DNS updated anymore and I 
swear it USED TO WORK. The only thing I have since done is update the 
packages as they came out.


I am as far as the error:  "Unable to add forward map from 
client1.domain1.com to 192.168.1.104: not authorized"  and that's 
where it stops. No amount of googlage has so far shone a torch on the 
issue. The disheartening thing is the bloody redmond boxes CAN find 
other hosts by name, but not the linux or OSX boxes.


If you have the time and incl. to have a read and point out where the 
hell I'm going wrong pls, I'd be grateful.



--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] Finding modules..

2011-02-14 Thread Rodolfo Martínez 
You can try to get the information from the sysfs.

[rmtzcx@armtzcx01 ~]$ ls -l /sys/class/net/{eth0,wlan0}/device/driver
lrwxrwxrwx 1 root root 0 Feb 14 19:54
/sys/class/net/eth0/device/driver -> ../../../bus/pci/drivers/e1000e
lrwxrwxrwx 1 root root 0 Feb 14 19:02
/sys/class/net/wlan0/device/driver ->
../../../../bus/pci/drivers/iwlagn


--
Rodolfo


On Mon, Feb 14, 2011 at 6:25 PM, DaZZa  wrote:
>
> On Mon, Feb 14, 2011 at 7:40 PM, Tony Sceats  wrote:
> > I know you found the answer already but ethtool -i  can also 
> > work and is very simple
> >
> > Just thought I'd throw that in :)
>
> [root@dev-app01 ~]# ethtool -i seth0
> Cannot get driver information: Operation not supported
> [root@dev-app01 ~]#
>
> :-)
>
> DaZZa (stupid bloody Microsoft!)
> --
> SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
> Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] Finding modules..

2011-02-14 Thread Glen Cunningham 
On Monday 14 February 2011 12:01:57 DaZZa wrote:

>
> So, what's an seth0 device, and how do I get one? :-)
>
> DaZZa

Perhaps ...

might give a clue.  It mentions "Driver support for synthetic devices:"
G.

-- 
    Q: Does anyone know of a book that is the functional equivalent of
'The Idiot's Guide to C' for the Ada language?
    A: Idiots don't use Ada. Idiots only use C or derivations." 
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

[SLUG] DHCP -> DDNS not updating

2011-02-14 Thread Kyle 

 Hi SLUG,

I have an issue that is becoming more annoying the more I try to track 
it down.


Can I ask those of you interested to take a look at the following thread 
please: 
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=30080&forum=40


I realise this might be a little  brave ... to ask you to go outside 
the list, but it is a fairly detailed thread (i.e. lengthy read) with 
all the necessary info on the box's config and all the testing I have done.


In short;
---
mixed clients XP, 7, OSX, Ubuntu 10 to a CentOS 5.5 svr all in an MS 
WORKGROUP type setup.

DHCP licences handed out, some reserved.
DNS zones supposedly set up to provide name-based network browsing 
within the WORKGROUP domain and for internal clients to find inbound 
mail servers for 5 other domains.

---

But try as I might, I can't seem to get the DNS updated anymore and I 
swear it USED TO WORK. The only thing I have since done is update the 
packages as they came out.


I am as far as the error:  "Unable to add forward map from 
client1.domain1.com to 192.168.1.104: not authorized"  and that's where 
it stops. No amount of googlage has so far shone a torch on the issue. 
The disheartening thing is the bloody redmond boxes CAN find other hosts 
by name, but not the linux or OSX boxes.


If you have the time and incl. to have a read and point out where the 
hell I'm going wrong pls, I'd be grateful.


--

Kind Regards

Kyle

--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] Finding modules..

2011-02-14 Thread DaZZa 
On Mon, Feb 14, 2011 at 7:40 PM, Tony Sceats  wrote:
> I know you found the answer already but ethtool -i  can also work 
> and is very simple
>
> Just thought I'd throw that in :)

[root@dev-app01 ~]# ethtool -i seth0
Cannot get driver information: Operation not supported
[root@dev-app01 ~]#

:-)

DaZZa (stupid bloody Microsoft!)
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] Finding modules..

2011-02-14 Thread Tony Sceats 
I know you found the answer already but ethtool -i  can also work 
and is very simple

Just thought I'd throw that in :)


On 14/02/2011, at 1:12 PM, DaZZa  wrote:

> On Mon, Feb 14, 2011 at 11:57 AM, Peter Hardy
>  wrote:
>> And in case this hasn't been answered enough, yet, the kernel module
>> itself should log the interfaces it's handling when it loads. That will
>> turn up in the kernel logs (RH places kernel logs from the last boot
>> in /var/log/dmesg , or it'll be in /var/log/messages , or just run
>> `dmesg`); just grep for eth0.
> 
> Bloody Microsoft can't do anything the easy way. :-)
> 
> I found a "Howto" for centOS ahd RHEL, but it was ugly - install
> integration utilities, install kernel modules, recompile kernel - gave
> it up as a bad joke.
> 
> I managed to work around it by telling HyperV to present a "legacy"
> network interface - which SuSE recognises as a Tulip card - good
> enough for the purpose.
> 
> Thanks to those who made suggestions.
> 
> DaZZa
> -- 
> SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
> Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html