[Vyatta-users] Installation Problem - booting hangs

2008-02-07 Thread Stefan Leippert

Hello List,
trying to install Vyatta community edition 3, installation suceeded ok, but 
booting hangs: 

GRUB Loading stage1.5
GRUB loading, please wait.

Then nothing more happens.

I tried following things:
loaded new image and installed from this.
tried different harddisks SATA and PATA.

before install-system, I tried dd /dev/zero /dev/hda count=1, but doesnt't 
help.

Hardware is a small Barebone-PC with SIS964, Intel Celeron 220, 512 MB RAM. 

Found some strange messages in /var/log/messages, when booting again from CD. 

vyatta kernel: copy_e820_map() start ... size 09fc00 end 9fc00 type: 1

Enabling APIC mode: Flat: Using 0 I/O APICs
BIOS bug, no explicit IRQ entries using default mptable

Cannot allocate resource for EISA slot 1
Cannot allocate resource for EISA slot 2
hdb: _NEC DV-5800, Atapi CD/DVD-ROM
ide0 at 0x1f0-0x1f7, 0x3f6 on irq 14
ATA: abnormal status 0x7F on port 0x2367
Registering unionfs 2.0
agpgart: Unuspported SiS chipset (device id: 0662)


Any tips or information ? 




-- 
GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users


Re: [Vyatta-users] WAN Load Balancing

2008-02-07 Thread abhilash s
Hi,

   This makes sense. We will try the multi WAN load balancing.

Thanks,

Abhilash S
Ascella Technologies, Inc.
www.ascellatech.com


On Feb 5, 2008 11:59 AM, Dave Roberts [EMAIL PROTECTED] wrote:

  Thanks for your quick reply. I am agreed that we can test the
  multiple WAN load balancing feature before it is released to
  help with your testing. But one thing I forgot to mention
  about the broadband connection, is that it has a maximum data
  transfer of 20GB per month.
  That is why we were using the below plan:
 
  * The leased line connection is all traffic till 11 AM  (it
  is set to the default gateway)
  * After 11:00AM, we switch the default gateway to the
  broadband connection for all internet traffic, and add a
  static route so that VPN traffic remains on the leased line.
  * After 5:00PM, we reset this back to the original configuration
 
  We don't want to exceed the maximum limit of 20GB on the
  broadband connection.
 
  Is it possible to limit the bandwidth usage of the broadband
  connection using the multiple WAN loadbalancing ?  That is
  why we were thinking of using OSPF, so that we could increase
  the cost of the 2Mb connection as we approach the maximum.
  With this new requirement, does OSPF still make sense for us?
   If not, could you explain why OSPF may not be the choice for us?

 OSPF would allow you to assign a cost to a given route, but it's a hard
 cost. Paths with the lowest cost will receive all the traffic until a
 lower-cost path becomes available. If that's exactly what you want, then
 that's one way to achieve it, but it feels like overkill because OSPF is a
 hugely complex protocol and you really aren't using it for doing what it
 was intended.

 One thing you could do is use the WAN load balancing feature and change
 the weight factors between the links as you approach the maximum. There is
 currently no way to do this automatically, though coupled with QoS you
 might be able to work something out. Personally, I would go this route
 with WAN LB weight adjustment rather than OSPF.

 -- Dave


___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users


[Vyatta-users] Vote Vyatta and Powered by Vyatta logos

2008-02-07 Thread Tom McCafferty

and now a note from Vyatta Marketing. 

Vote Vyatta in Linux Journal Readers Choice Survey 

Linux Journal is conducting its Readers Choice 2008 Survey 
and we need your votes. Vyatta has been nominated for 
Favorite Security Tool and Product of the Year.   

Please take a minute and cast your vote at 
http://www.linuxjournal.com/node/1006101 
- 

New - Powered by Vyatta logos 

Here is another chance to show us some love with the new 
Powered by Vyatta logos. We have created some small logos 
for users to display on your site(s) to show your pride in 
your network, your dedication to open source and show the 
world that Vyatta software is what runs your network. 

http://www.vyatta.com/community/powered.php 
-- 

we now return you to your regulary scheduled discussions 
thanks for your attention and support 
-Tom 

Tom McCafferty 
Director of Marketing 
Vyatta Inc. 
http://www.vyatta.com 
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users


Re: [Vyatta-users] Vyatta running on appliance...

2008-02-07 Thread Justin Fletcher
What's the last message before it hangs?

Justin

On Feb 7, 2008 2:12 PM, ken Felix [EMAIL PROTECTED] wrote:
 I'm doing the same but with a 2gb and 4gb fast Compact Flash. It runs
 great but I just notice a problem the last 2 days in my test lab and it
 ( host ) hangs at boot time. Could be y hardware or CF card or adpater.


 fwiw, Logic supply has shipped their servers to me but so far I've
 haven't received all of my new pieces for my project.

 ___
 Vyatta-users mailing list
 Vyatta-users@mailman.vyatta.com
 http://mailman.vyatta.com/mailman/listinfo/vyatta-users

___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users


Re: [Vyatta-users] Installation Problem - booting hangs

2008-02-07 Thread Robert Bays
One other thing to look into...  Make sure you're not using the RAID
functionality of the SIS964.

Robert Bays wrote:
 Stefan,
 
 Looks like grub isn't loading stage 1.5.  One thing to check...  In the
 BIOS there may be a setting that switches the disk mode from normal to
 LBA.  It should be set to LBA...
 
 Cheers,
 Robert.
 
 Stefan Leippert wrote:
 Hello List,
 trying to install Vyatta community edition 3, installation suceeded ok, but 
 booting hangs: 

 GRUB Loading stage1.5
 GRUB loading, please wait.

 Then nothing more happens.

 I tried following things:
 loaded new image and installed from this.
 tried different harddisks SATA and PATA.

 before install-system, I tried dd /dev/zero /dev/hda count=1, but 
 doesnt't help.

 Hardware is a small Barebone-PC with SIS964, Intel Celeron 220, 512 MB RAM. 

 Found some strange messages in /var/log/messages, when booting again from 
 CD. 

 vyatta kernel: copy_e820_map() start ... size 09fc00 end 9fc00 type: 
 1
 
 Enabling APIC mode: Flat: Using 0 I/O APICs
 BIOS bug, no explicit IRQ entries using default mptable
 
 Cannot allocate resource for EISA slot 1
 Cannot allocate resource for EISA slot 2
 hdb: _NEC DV-5800, Atapi CD/DVD-ROM
 ide0 at 0x1f0-0x1f7, 0x3f6 on irq 14
 ATA: abnormal status 0x7F on port 0x2367
 Registering unionfs 2.0
 agpgart: Unuspported SiS chipset (device id: 0662)


 Any tips or information ? 




 
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users


Re: [Vyatta-users] IPSec Termination

2008-02-07 Thread Dunmoodie, Carlos
Here's my config




conn peer-0.0.0.0-tunnel-1
 left=1.1.1.1
 right=%any
 leftsubnet=192.168.12.0/24
 rightsubnet=192.168.10.0/24
   rekey=no
 ike=3des-sha1,3des-sha1
   ike=3des-sha1,3des-sha1
 ikelifetime=3600s
 aggrmode=yes
 esp=3des-md5,3des-sha1
 keylife=1800s
 rekeymargin=540s
 type=tunnel
 pfs=yes
 compress=no
 authby=secret
 auto=add




From the initiator I get an error message INVALID_ID INFORMATION

How do you configure  the user id to match the userid from the
initiator, or does that matter?  

Also does the above config look accurate for an aggressive mode.  When I
configure auto=ignore I see no IPSEC information

When I change auto=add, I see the IPSEC negotiations, and it doesn't
initiate, which is good. But tunnel not established


Carlos Dunmoodie
Network Engineer
Engineering
Office: (301) 944-2896
Cell: (443) 864-9822
 
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of ken Felix
Sent: Monday, February 04, 2008 7:32 PM
To: vyatta-users@mailman.vyatta.com
Subject: [Vyatta-users] IPSec Termination

Couldn't you get the same thing with the VPN dead peer-detect set to 
HOLD?

Under strongswan for example, their's a setting that would allow you to 
auto=start  or auto=ignore, if you could add this, you should be okay.
Here's how my  vyatta ipsec.conf looks;




If the last line was set to auto=ignore, than I would think ipsec would 
be   started and the  host would wait for the far-end ( right ) to  
initiated the session.

___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users


Re: [Vyatta-users] IPSec Termination

2008-02-07 Thread Robyn Orosz
Hi Carlos,

I'm not sure I'm correctly understanding your reason for using 
aggressive mode but, are you sure that the other end of the connection 
is expecting an aggressive mode negotiation?  If your only special 
requirement is that the other end of the connection is being initiated 
from an unknown peer address, then simply setting the peer to 0.0.0.0, 
which it looks like you've done, should work for you.

Either way, I don't think your phase 1 negotiation will complete if only 
one end is set to aggressive mode.  This may be the reason for the 
INVALID_ID error.  Have you tried connecting with aggrmode=no? 
If none of the above apply to your situation, can you reply with the VPN 
configuration on the remote end?  Also, what type of device is it?

Thanks!

Robyn

Dunmoodie, Carlos wrote:
 Here's my config




 conn peer-0.0.0.0-tunnel-1
  left=1.1.1.1
  right=%any
  leftsubnet=192.168.12.0/24
  rightsubnet=192.168.10.0/24
  rekey=no
  ike=3des-sha1,3des-sha1
  ike=3des-sha1,3des-sha1
  ikelifetime=3600s
  aggrmode=yes
  esp=3des-md5,3des-sha1
  keylife=1800s
  rekeymargin=540s
  type=tunnel
  pfs=yes
  compress=no
  authby=secret
  auto=add




 From the initiator I get an error message INVALID_ID INFORMATION

 How do you configure  the user id to match the userid from the
 initiator, or does that matter?  

 Also does the above config look accurate for an aggressive mode.  When I
 configure auto=ignore I see no IPSEC information

 When I change auto=add, I see the IPSEC negotiations, and it doesn't
 initiate, which is good. But tunnel not established


 Carlos Dunmoodie
 Network Engineer
 Engineering
 Office: (301) 944-2896
 Cell: (443) 864-9822
  
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of ken Felix
 Sent: Monday, February 04, 2008 7:32 PM
 To: vyatta-users@mailman.vyatta.com
 Subject: [Vyatta-users] IPSec Termination

 Couldn't you get the same thing with the VPN dead peer-detect set to 
 HOLD?

 Under strongswan for example, their's a setting that would allow you to 
 auto=start  or auto=ignore, if you could add this, you should be okay.
 Here's how my  vyatta ipsec.conf looks;




 If the last line was set to auto=ignore, than I would think ipsec would 
 be   started and the  host would wait for the far-end ( right ) to  
 initiated the session.

 ___
 Vyatta-users mailing list
 Vyatta-users@mailman.vyatta.com
 http://mailman.vyatta.com/mailman/listinfo/vyatta-users
 ___
 Vyatta-users mailing list
 Vyatta-users@mailman.vyatta.com
 http://mailman.vyatta.com/mailman/listinfo/vyatta-users
   
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users


[Vyatta-users] Vyatta running on appliance...

2008-02-07 Thread Chad Hurley
Hi All;

 

I just wanted to let people know that I have a Vyatta VC3 cluster
running in production on the following hardware:

 

 http://www.yawarra.com.au/hw-eber.php

 

Options:

768 Mb RAM [max]

4 x 1 G ports

512 Mb. Flash card

 

Initial install was via a USB cdrom drive.  If I were to order again I
would get the 2G flash drives. L  But other than that, it has run
extremely well and has been very stable. It is doing static routing
between our administrative LANs and our mission critical Broadcast LANs.

 

Chad Hurley

Acting Deputy Director, Technical Operations

Radio Free Asia

T. 202-530-2024

E. [EMAIL PROTECTED]

___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users